Conversation
Code coverage metrics are improved by disabling code coverage in situations where it is reasonable.
![aikido-pr-checks[bot]](https://avatars.githubusercontent.com/in/898896?s=60&v=4){kind=small}
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
timokoessler
reviewed
Apr 1, 2026
The idor_protection_enabled configuration option must still be set.
With table aliases.
By a complete example, in database drivers.
hansott
reviewed
Apr 1, 2026
In the context, if the idor_protection_enabled configuration option is set to true. Aikido::Zen.enable_idor_protection may be called as soon as there is a context and may safely be called multiple times.
timokoessler
reviewed
Apr 3, 2026
| when /^\?(\d+)$/ | ||
| match = Regexp.last_match | ||
|
|
||
| index = match[1].to_i - 1 |
Member
There was a problem hiding this comment.
If the query contains ?0, would this throw?
Collaborator
Author
There was a problem hiding this comment.
Its shouldn't raise an error but it could return the wrong element.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This change provides IDOR protection during development, for the supported database drivers (currently
mysql2,pg,sqlite3, andtrilogy).Some effort has been spent to add missing sink methods, however, the APIs are large and that effort was not exhaustive.
This change includes several cleanup commits at the start, collected during development, which were considered too small to justify a separate PR.
Summary by Aikido
🚀 New Features
⚡ Enhancements
🔧 Refactors
More info