Skip to content

Test connection pool concurrency #2605

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: canary
Choose a base branch
from
Open

Test connection pool concurrency #2605

wants to merge 5 commits into from
+3,464 −12

Conversation

antoniosarosi
Copy link
Contributor

@vercel Vercel
Copy link

vercel bot commented Oct 12, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
promptfiddle Ready Ready Preview Comment Oct 13, 2025 6:01pm

@entelligence-ai-pr-reviews Entelligence AI PR Reviews
Copy link

🔒 Entelligence AI Vulnerability Scanner

No security vulnerabilities found!

Your code passed our comprehensive security analysis.

@entelligence-ai-pr-reviews Entelligence AI PR Reviews
Copy link

LGTM 👍

@github-actions GitHub Actions
Copy link

🌿 Preview your docs: https://boundary-preview-d8e8ff88-7b4c-4715-aa7c-cc64e505f31d.docs.buildwithfern.com

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 12, 2025
View reviewed changes
integ-tests/common/concurrent_server.js
}

const server = http.createServer(async (req, res) => {
console.log(`${req.method} ${req.url}`);

Check warning

Code scanning / CodeQL

Log injection Medium

Log entry depends on a
user-provided value
Loading
.

Copilot Autofix

AI 8 days ago

To prevent log injection, any user-controlled values included in the log string (such as req.url and potentially req.method) should have line breaks (\r, \n) stripped or replaced. The best and simplest mitigation is to process each such value with String.prototype.replace(/\r|\n/g, "") before logging.

  • In this file, on line 133, update the log entry to process both req.method and req.url through a sanitizing function that removes/replaces newlines and carriage returns.
  • If you want to make the fix most robust (and ensure code clarity/reuse), you can define a simple helper function (e.g., sanitizeForLog(str)) that takes a string and strips newlines, then use it for both req.method and req.url in your log statement.

Apply these changes only to this file/snippet.

Suggested changeset 1
integ-tests/common/concurrent_server.js

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/integ-tests/common/concurrent_server.js b/integ-tests/common/concurrent_server.js
--- a/integ-tests/common/concurrent_server.js
+++ b/integ-tests/common/concurrent_server.js
@@ -130,7 +130,11 @@
 }
 
 const server = http.createServer(async (req, res) => {
-    console.log(`${req.method} ${req.url}`);
+    // Remove newlines to prevent log injection from user-controlled values
+    function sanitizeForLog(str) {
+        return String(str).replace(/[\r\n]/g, "");
+    }
+    console.log(`${sanitizeForLog(req.method)} ${sanitizeForLog(req.url)}`);
 
     try {
         await handleRequest(req, res);
EOF
@@ -130,7 +130,11 @@
}

const server = http.createServer(async (req, res) => {
console.log(`${req.method} ${req.url}`);
// Remove newlines to prevent log injection from user-controlled values
function sanitizeForLog(str) {
return String(str).replace(/[\r\n]/g, "");
}
console.log(`${sanitizeForLog(req.method)} ${sanitizeForLog(req.url)}`);

try {
await handleRequest(req, res);
Copilot is powered by AI and may make mistakes. Always verify output.
@codecov Codecov
Copy link

codecov bot commented Oct 12, 2025

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@github-actions GitHub Actions
Copy link

https://sage-backend-hg6p8qifq-baml.vercel.app

@antoniosarosi antoniosarosi mentioned this pull request Oct 12, 2025
Open
@github-actions GitHub Actions
Copy link

🌿 Preview your docs: https://boundary-preview-b6f11f33-0ad7-45a6-8f29-1e5860bd6738.docs.buildwithfern.com

@github-actions GitHub Actions
Copy link

🌿 Preview your docs: https://boundary-preview-9a887667-f593-44a2-bad6-f4ce44c59e7a.docs.buildwithfern.com

@github-actions GitHub Actions
Copy link

🌿 Preview your docs: https://boundary-preview-7171769d-7ecc-4e03-8c15-c61ef5236405.docs.buildwithfern.com

@github-actions GitHub Actions
Copy link

https://sage-backend-8bb2c9rqx-baml.vercel.app

@github-actions GitHub Actions
Copy link

🌿 Preview your docs: https://boundary-preview-31614581-1491-415a-8e73-43ef80b56e0f.docs.buildwithfern.com

@github-actions GitHub Actions
Copy link

https://sage-backend-lcrmq0pi1-baml.vercel.app

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@antoniosarosi