admin/aiagent
1
0
Fork 0
Code Issues 14 Pull Requests Actions Packages Projects Releases Wiki Activity

[危急] 数据库密码硬编码在源码中 #69

New Issue
Closed
opened 2026-05-10 18:39:05 +08:00 by admin · 0 comments
admin commented 2026-05-10 18:39:05 +08:00
Owner
Copy Link

问题描述

backend/app/core/config.py 第24行 DATABASE_URL 包含真实生产数据库密码,直接硬编码在源码中。

涉及文件

  • backend/app/core/config.py:24

修复建议

  1. 立即轮换数据库密码
  2. 改用环境变量 DATABASE_URL 读取,不留默认值
  3. 将现有密码从 git 历史中清除

严重程度

危急 - 安全凭证泄露

## 问题描述 backend/app/core/config.py 第24行 DATABASE_URL 包含真实生产数据库密码,直接硬编码在源码中。 ## 涉及文件 - backend/app/core/config.py:24 ## 修复建议 1. 立即轮换数据库密码 2. 改用环境变量 DATABASE_URL 读取,不留默认值 3. 将现有密码从 git 历史中清除 ## 严重程度 危急 - 安全凭证泄露
admin closed this issue 2026-05-10 18:46:30 +08:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
admin
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: admin/aiagent#69
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?