Skip to content

Cursor vibe coding #49

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
trebidav wants to merge 12 commits into
base: main
Choose a base branch
from
Open

Cursor vibe coding #49

trebidav wants to merge 12 commits into from

Conversation

@trebidav
Copy link
Owner

@trebidav trebidav commented May 20, 2025

Added functionality:

  • google login / registration
  • user markers on map with user details
  • friends functionality
  • location sharing between users
  • location sharing permissions (public, friends, none)
  • task markers on map with "start task" and "reset task" buttons

github-advanced-security[bot]
github-advanced-security bot found potential problems May 20, 2025
View reviewed changes
comrade/comrade_core/views.py

except Exception as e:
return Response(
{"error": str(e)},

Check warning

Code scanning / CodeQL

Information exposure through an exception Medium

Stack trace information
Loading
flows to this location and may be exposed to an external user.

Copilot Autofix

AI 8 months ago

To fix the issue, we will replace the current behavior of exposing the exception message (str(e)) in the response with a generic error message. The exception details will be logged on the server for debugging purposes. This ensures that sensitive information is not exposed to external users while still allowing developers to diagnose issues.

  • Modify the google_login_view function to log the exception details using a logging library (e.g., Python's built-in logging module).
  • Replace the exposed exception message in the response with a generic error message, such as "An internal error occurred."
  • Add the necessary import for the logging module if it is not already present.
Suggested changeset 1
comrade/comrade_core/views.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/comrade/comrade_core/views.py b/comrade/comrade_core/views.py
--- a/comrade/comrade_core/views.py
+++ b/comrade/comrade_core/views.py
@@ -206,4 +206,7 @@
     except Exception as e:
+        import logging
+        logger = logging.getLogger(__name__)
+        logger.error("An error occurred during Google login", exc_info=True)
         return Response(
-            {"error": str(e)}, 
+            {"error": "An internal error occurred."}, 
             status=status.HTTP_401_UNAUTHORIZED
EOF
@@ -206,4 +206,7 @@
except Exception as e:
import logging
logger = logging.getLogger(__name__)
logger.error("An error occurred during Google login", exc_info=True)
return Response(
{"error": str(e)},
{"error": "An internal error occurred."},
status=status.HTTP_401_UNAUTHORIZED
Copilot is powered by AI and may make mistakes. Always verify output.
comrade/comrade_core/views.py
try:
task.pause(request.user)
except ValidationError as e:
return Response({"error": str(e)}, status=status.HTTP_412_PRECONDITION_FAILED)

Check warning

Code scanning / CodeQL

Information exposure through an exception Medium

Stack trace information
Loading
flows to this location and may be exposed to an external user.

Copilot Autofix

AI 8 months ago

To fix the issue, we will replace the detailed error message in the response with a generic error message. The stack trace or detailed error information will be logged on the server for debugging purposes. This ensures that sensitive information is not exposed to the user while still allowing developers to diagnose issues.

Specifically:

  1. Replace {"error": str(e)} with a generic error message like {"error": "A validation error occurred"} in the response.
  2. Log the exception details (e.g., stack trace) on the server using Django's logging framework.
Suggested changeset 1
comrade/comrade_core/views.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/comrade/comrade_core/views.py b/comrade/comrade_core/views.py
--- a/comrade/comrade_core/views.py
+++ b/comrade/comrade_core/views.py
@@ -267,3 +267,6 @@
         except ValidationError as e:
-            return Response({"error": str(e)}, status=status.HTTP_412_PRECONDITION_FAILED)
+            import logging
+            logger = logging.getLogger(__name__)
+            logger.error("Validation error occurred", exc_info=e)
+            return Response({"error": "A validation error occurred"}, status=status.HTTP_412_PRECONDITION_FAILED)
 
EOF
@@ -267,3 +267,6 @@
except ValidationError as e:
return Response({"error": str(e)}, status=status.HTTP_412_PRECONDITION_FAILED)
import logging
logger = logging.getLogger(__name__)
logger.error("Validation error occurred", exc_info=e)
return Response({"error": "A validation error occurred"}, status=status.HTTP_412_PRECONDITION_FAILED)

Copilot is powered by AI and may make mistakes. Always verify output.
comrade/comrade_core/views.py
try:
task.resume(request.user)
except ValidationError as e:
return Response({"error": str(e)}, status=status.HTTP_412_PRECONDITION_FAILED)

Check warning

Code scanning / CodeQL

Information exposure through an exception Medium

Stack trace information
Loading
flows to this location and may be exposed to an external user.

Copilot Autofix

AI 8 months ago

To fix the issue, we will replace the detailed error message (str(e)) with a generic error message that does not reveal sensitive information. Additionally, we will log the original exception on the server for debugging purposes. This ensures that developers can still access the details of the error while preventing sensitive information from being exposed to external users.

Suggested changeset 1
comrade/comrade_core/views.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/comrade/comrade_core/views.py b/comrade/comrade_core/views.py
--- a/comrade/comrade_core/views.py
+++ b/comrade/comrade_core/views.py
@@ -247,3 +247,5 @@
         except ValidationError as e:
-            return Response({"error": str(e)}, status=status.HTTP_412_PRECONDITION_FAILED)
+            # Log the exception for debugging purposes
+            print(f"Validation error occurred: {e}")
+            return Response({"error": "A validation error occurred. Please check your input and try again."}, status=status.HTTP_412_PRECONDITION_FAILED)
 
@@ -267,3 +269,5 @@
         except ValidationError as e:
-            return Response({"error": str(e)}, status=status.HTTP_412_PRECONDITION_FAILED)
+            # Log the exception for debugging purposes
+            print(f"Validation error occurred: {e}")
+            return Response({"error": "A validation error occurred. Please check your input and try again."}, status=status.HTTP_412_PRECONDITION_FAILED)
 
@@ -287,3 +291,7 @@
         except ValidationError as e:
-            return Response({"error": str(e)}, status=status.HTTP_412_PRECONDITION_FAILED)
+            # Log the exception for debugging purposes
+            print(f"Validation error occurred: {e}")
+            return Response({"error": "A validation error occurred. Please check your input and try again."}, status=status.HTTP_412_PRECONDITION_FAILED)
+            print(f"Validation error occurred: {e}")
+            return Response({"error": "A validation error occurred. Please check your input and try again."}, status=status.HTTP_412_PRECONDITION_FAILED)
 
EOF
@@ -247,3 +247,5 @@
except ValidationError as e:
return Response({"error": str(e)}, status=status.HTTP_412_PRECONDITION_FAILED)
# Log the exception for debugging purposes
print(f"Validation error occurred: {e}")
return Response({"error": "A validation error occurred. Please check your input and try again."}, status=status.HTTP_412_PRECONDITION_FAILED)

@@ -267,3 +269,5 @@
except ValidationError as e:
return Response({"error": str(e)}, status=status.HTTP_412_PRECONDITION_FAILED)
# Log the exception for debugging purposes
print(f"Validation error occurred: {e}")
return Response({"error": "A validation error occurred. Please check your input and try again."}, status=status.HTTP_412_PRECONDITION_FAILED)

@@ -287,3 +291,7 @@
except ValidationError as e:
return Response({"error": str(e)}, status=status.HTTP_412_PRECONDITION_FAILED)
# Log the exception for debugging purposes
print(f"Validation error occurred: {e}")
return Response({"error": "A validation error occurred. Please check your input and try again."}, status=status.HTTP_412_PRECONDITION_FAILED)
print(f"Validation error occurred: {e}")
return Response({"error": "A validation error occurred. Please check your input and try again."}, status=status.HTTP_412_PRECONDITION_FAILED)

Copilot is powered by AI and may make mistakes. Always verify output.
comrade/comrade_core/views.py
return Response({'status': 'Friend request sent'}, status=status.HTTP_200_OK)
except User.DoesNotExist:
return Response({'error': 'User not found'}, status=status.HTTP_404_NOT_FOUND)
except ValidationError as e:

Check warning

Code scanning / CodeQL

Information exposure through an exception Medium

Stack trace information
Loading
flows to this location and may be exposed to an external user.

Copilot Autofix

AI 8 months ago

To fix the issue, we will replace the detailed error message (str(e)) with a generic error message when returning a response to the user. The detailed exception information will instead be logged on the server for debugging purposes. This ensures that sensitive information is not exposed to external users while still allowing developers to diagnose issues.

Changes will be made to the send_friend_request function to log the exception details and return a generic error message to the user. We will use Python's logging module to log the exception.

Suggested changeset 1
comrade/comrade_core/views.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/comrade/comrade_core/views.py b/comrade/comrade_core/views.py
--- a/comrade/comrade_core/views.py
+++ b/comrade/comrade_core/views.py
@@ -351,3 +351,6 @@
     except ValidationError as e:
-        return Response({'error': str(e)}, status=status.HTTP_400_BAD_REQUEST)
+        import logging
+        logger = logging.getLogger(__name__)
+        logger.error("Validation error in send_friend_request: %s", str(e))
+        return Response({'error': 'Invalid request data'}, status=status.HTTP_400_BAD_REQUEST)
 
EOF
@@ -351,3 +351,6 @@
except ValidationError as e:
return Response({'error': str(e)}, status=status.HTTP_400_BAD_REQUEST)
import logging
logger = logging.getLogger(__name__)
logger.error("Validation error in send_friend_request: %s", str(e))
return Response({'error': 'Invalid request data'}, status=status.HTTP_400_BAD_REQUEST)

Copilot is powered by AI and may make mistakes. Always verify output.
comrade/comrade_core/views.py
return Response({'status': 'Friend request accepted'}, status=status.HTTP_200_OK)
except User.DoesNotExist:
return Response({'error': 'User not found'}, status=status.HTTP_404_NOT_FOUND)
except ValidationError as e:

Check warning

Code scanning / CodeQL

Information exposure through an exception Medium

Stack trace information
Loading
flows to this location and may be exposed to an external user.

Copilot Autofix

AI 8 months ago

Copilot could not generate an autofix suggestion

Copilot could not generate an autofix suggestion for this alert. Try pushing a new commit or if the problem persists contact support.

comrade/comrade_core/views.py
return Response({'status': 'Friend request rejected'}, status=status.HTTP_200_OK)
except User.DoesNotExist:
return Response({'error': 'User not found'}, status=status.HTTP_404_NOT_FOUND)
except ValidationError as e:

Check warning

Code scanning / CodeQL

Information exposure through an exception Medium

Stack trace information
Loading
flows to this location and may be exposed to an external user.

Copilot Autofix

AI 8 months ago

To fix the issue, we will replace the detailed error message (str(e)) with a generic error message in the HTTP response. The original error message will be logged on the server for debugging purposes. This ensures that sensitive information is not exposed to the end user while still allowing developers to diagnose issues.

The changes will be applied to all instances where ValidationError is caught and its message is returned in the response. Specifically, we will modify the accept_friend_request, reject_friend_request, and remove_friend functions to log the exception and return a generic error message.

Suggested changeset 1
comrade/comrade_core/views.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/comrade/comrade_core/views.py b/comrade/comrade_core/views.py
--- a/comrade/comrade_core/views.py
+++ b/comrade/comrade_core/views.py
@@ -398,3 +398,5 @@
     except ValidationError as e:
-        return Response({'error': str(e)}, status=status.HTTP_400_BAD_REQUEST)
+        # Log the original exception for debugging purposes
+        print(f"Validation error in accept_friend_request: {e}")
+        return Response({'error': 'Invalid input provided'}, status=status.HTTP_400_BAD_REQUEST)
 
@@ -410,3 +412,5 @@
     except ValidationError as e:
-        return Response({'error': str(e)}, status=status.HTTP_400_BAD_REQUEST)
+        # Log the original exception for debugging purposes
+        print(f"Validation error in reject_friend_request: {e}")
+        return Response({'error': 'Invalid input provided'}, status=status.HTTP_400_BAD_REQUEST)
 
@@ -422,3 +426,5 @@
     except ValidationError as e:
-        return Response({'error': str(e)}, status=status.HTTP_400_BAD_REQUEST)
+        # Log the original exception for debugging purposes
+        print(f"Validation error in remove_friend: {e}")
+        return Response({'error': 'Invalid input provided'}, status=status.HTTP_400_BAD_REQUEST)
 
EOF
@@ -398,3 +398,5 @@
except ValidationError as e:
return Response({'error': str(e)}, status=status.HTTP_400_BAD_REQUEST)
# Log the original exception for debugging purposes
print(f"Validation error in accept_friend_request: {e}")
return Response({'error': 'Invalid input provided'}, status=status.HTTP_400_BAD_REQUEST)

@@ -410,3 +412,5 @@
except ValidationError as e:
return Response({'error': str(e)}, status=status.HTTP_400_BAD_REQUEST)
# Log the original exception for debugging purposes
print(f"Validation error in reject_friend_request: {e}")
return Response({'error': 'Invalid input provided'}, status=status.HTTP_400_BAD_REQUEST)

@@ -422,3 +426,5 @@
except ValidationError as e:
return Response({'error': str(e)}, status=status.HTTP_400_BAD_REQUEST)
# Log the original exception for debugging purposes
print(f"Validation error in remove_friend: {e}")
return Response({'error': 'Invalid input provided'}, status=status.HTTP_400_BAD_REQUEST)

Copilot is powered by AI and may make mistakes. Always verify output.
comrade/comrade_core/views.py
return Response({'status': 'Friend removed'}, status=status.HTTP_200_OK)
except User.DoesNotExist:
return Response({'error': 'User not found'}, status=status.HTTP_404_NOT_FOUND)
except ValidationError as e:

Check warning

Code scanning / CodeQL

Information exposure through an exception Medium

Stack trace information
Loading
flows to this location and may be exposed to an external user.

Copilot Autofix

AI 8 months ago

To fix the issue, we will replace the direct inclusion of the exception message (str(e)) in the response with a generic error message. The detailed exception information will be logged on the server for debugging purposes. This ensures that sensitive information is not exposed to the client while still allowing developers to diagnose issues.

Steps to implement the fix:

  1. Replace the {'error': str(e)} response with a generic error message, such as {'error': 'Invalid input'}.
  2. Log the exception details (str(e)) on the server using a logging mechanism like Python's logging module.
Suggested changeset 1
comrade/comrade_core/views.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/comrade/comrade_core/views.py b/comrade/comrade_core/views.py
--- a/comrade/comrade_core/views.py
+++ b/comrade/comrade_core/views.py
@@ -422,3 +422,6 @@
     except ValidationError as e:
-        return Response({'error': str(e)}, status=status.HTTP_400_BAD_REQUEST)
+        import logging
+        logger = logging.getLogger(__name__)
+        logger.error(f"Validation error occurred: {str(e)}")
+        return Response({'error': 'Invalid input'}, status=status.HTTP_400_BAD_REQUEST)
 
EOF
@@ -422,3 +422,6 @@
except ValidationError as e:
return Response({'error': str(e)}, status=status.HTTP_400_BAD_REQUEST)
import logging
logger = logging.getLogger(__name__)
logger.error(f"Validation error occurred: {str(e)}")
return Response({'error': 'Invalid input'}, status=status.HTTP_400_BAD_REQUEST)

Copilot is powered by AI and may make mistakes. Always verify output.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@trebidav