PHP.Generic.BadPattern.5

  • Resolved mbateam

    (@mbateam)


    6 years, 10 months ago

    We are using Jetpack including security vault and a scan resulted in a security issue with code in this page.
    /wp-content/plugins/google-pagespeed-insights/lib/google-api-php-client/vendor/react/promise/src/React/Promise.php

    45 try {
    .
    46 $progress($onProgress($update));
    .
    47 } catch (\Exception $e) {

    let me know if this will be fixed or if it is a false positive

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Matt Keys

    (@mattkeys)

    Hi mbateam,

    Thanks for reporting. I have had false positives in the google API library before, this is almost certainly one of them.

    I will check it out, and hopefully the file in question isn’t required for the API functions I am using and I can just remove it to avoid worrying anyone.

    Thanks,

    Matt Keys

    Plugin Author Matt Keys

    (@mattkeys)

    Just an FYI that I’ve taken a look at the file in question and I believe this to be a false positive. The code in question is harmless, and is as it was provided in the 2.2.0 release of this PHP API library from Google.

    I’ve contacted the Jetpack team to see if there is anything that can be done to prevent users from needlessly being warned about this file.

    Thanks again for reporting.

    Matt Keys

    Plugin Author Matt Keys

    (@mattkeys)

    I heard back from Jetpack support today:

    “This is definitely a false positive. We’ll see about dismissing that notice for all VaultPress users that use your plugin”

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘PHP.Generic.BadPattern.5’ is closed to new replies.