Skip to content

Fix spelling typos and SQL injection in tenant_table queries #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
Copilot wants to merge 3 commits into
base: master
Choose a base branch
from
Draft

Fix spelling typos and SQL injection in tenant_table queries #1

Copilot wants to merge 3 commits into from

Conversation

Copy link

Copilot AI commented Nov 14, 2025
edited
Loading

Description

This PR fixes spelling typos and SQL injection vulnerabilities found during code review.

Type of change (check all applicable)

  • πŸ• Feature
  • πŸ› Bug Fix
  • πŸ“ Documentation Update
  • πŸ§‘β€πŸ’» Code Refactor
  • πŸ”₯ Performance Improvements
  • βœ… Test

Related Tickets & Documents

N/A

Proof of completion, QA Instructions, Screenshots, Recordings

Changes Made

Spelling corrections in test/triplex/triplex_test.exs:

  • Line 115: tennant β†’ tenant (test name)
  • Line 124: test_tennant_prefix β†’ test_tenant_prefix (config value)
  • Line 131: restor β†’ restore (comment)

SQL injection fix in lib/triplex.ex:

  • Line 190: Added backticks around tenant_table in INSERT query
  • Line 205: Added backticks around tenant_table in DELETE query

Before:

sql = "INSERT INTO #{Triplex.config().tenant_table} (name) VALUES (?)"

After:

sql = "INSERT INTO `#{Triplex.config().tenant_table}` (name) VALUES (?)"

The tenant_table config was interpolated into SQL without quoting, inconsistent with other MySQL queries in the codebase (lines 296, 334).

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • Any dependent changes have been merged and published in downstream modules

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • esm.ubuntu.com
    • Triggering command: /usr/lib/apt/methods/https (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

Original prompt

review this fork in look for issues

πŸ’¬ We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Copilot AI changed the title [WIP] Review fork for potential issues Fix spelling typos and SQL injection in tenant_table queries Nov 14, 2025
Copilot AI requested a review from Fdipersia November 14, 2025 17:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Fdipersia Fdipersia Awaiting requested review from Fdipersia

At least 1 approving review is required to merge this pull request.

Assignees

@Fdipersia Fdipersia

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Fdipersia