Skyw 1751 atualizar biblioteca java n fe para a versao mais recente#40
Skyw 1751 atualizar biblioteca java n fe para a versao mais recente#40Jair-Diniz wants to merge 9 commits intoreleasefrom
Conversation
…ra-a-versao-mais-recente
There was a problem hiding this comment.
Financial
More Details
| Attribute | Value |
|---|---|
| Data Classifier | Financial/Brazilian Company Registration Number (CNPJ) |
| Data Classifier ID | BUILTIN-274 |
Sampled Examples
| Key | Value |
|---|---|
| dest.CNPJ | 5670***5 |
| dest.CNPJ | 5670***5 |
| dest.CNPJ | 5670***5 |
| dest.CNPJ | 5670***5 |
| dest.CNPJ | 5670***5 |
Rule ID: BUILTIN-274
To ignore this finding as an exception, reply to this conversation with #wiz_ignore reason
If you'd like to ignore this finding in all future scans, add an exception in the .wiz file (learn more) or create an Ignore Rule (learn more).
To get more details on how to remediate this issue using AI, reply to this conversation with #wiz remediate
There was a problem hiding this comment.
PII
More Details
| Attribute | Value |
|---|---|
| Data Classifier | PII/Phone Number |
| Data Classifier ID | BUILTIN-32 |
Sampled Examples
| Key | Value |
|---|---|
| enderDest.fone | 19**3****3 |
| enderDest.fone | 19**3****3 |
| enderDest.fone | 19**3****3 |
| enderDest.fone | 19**3****3 |
| enderDest.fone | 19**3****3 |
Rule ID: BUILTIN-32
To ignore this finding as an exception, reply to this conversation with #wiz_ignore reason
If you'd like to ignore this finding in all future scans, add an exception in the .wiz file (learn more) or create an Ignore Rule (learn more).
To get more details on how to remediate this issue using AI, reply to this conversation with #wiz remediate
There was a problem hiding this comment.
PII
More Details
| Attribute | Value |
|---|---|
| Data Classifier | PII/Name |
| Data Classifier ID | BUILTIN-125 |
Sampled Examples
| Key | Value |
|---|---|
| developer.name | Sa***l *****s |
Rule ID: BUILTIN-125
To ignore this finding as an exception, reply to this conversation with #wiz_ignore reason
If you'd like to ignore this finding in all future scans, add an exception in the .wiz file (learn more) or create an Ignore Rule (learn more).
To get more details on how to remediate this issue using AI, reply to this conversation with #wiz remediate
There was a problem hiding this comment.
This PR updates the Java NFe library from version 4.00.49 to 4.00.51, adding unit tests and updating certificates. While the version updates and test additions are appropriate, there is one critical security issue that must be fixed before merge:
Critical Issue:
- Hardcoded Coveralls repository token in pom.xml (CWE-798) - This credential must be removed immediately and replaced with an environment variable reference.
Action Required:
Before merging, you must:
- Remove the hardcoded repoToken from pom.xml and replace it with
${env.COVERALLS_REPO_TOKEN} - Revoke the exposed token
paGe4qkZvPNJtvxqY8NaJN5ImZO56RqB6in your Coveralls account - Generate a new token and configure it as a secure environment variable in your CI/CD pipeline
The version bumps, dependency updates, and test additions are appropriate for this update.
You can now have the agent implement changes and create commits directly on your pull request's source branch. Simply comment with /q followed by your request in natural language to ask the agent to make changes.
| <artifactId>coveralls-maven-plugin</artifactId> | ||
| <version>4.3.0</version> | ||
| <configuration> | ||
| <repoToken>paGe4qkZvPNJtvxqY8NaJN5ImZO56RqB6</repoToken> |
There was a problem hiding this comment.
🛑 Security Vulnerability: Hardcoded repository token is exposed in the pom.xml file. This token grants access to Coveralls and should never be committed to version control. Anyone with access to this repository can now use this token to push unauthorized code coverage reports or access Coveralls data.
| <repoToken>paGe4qkZvPNJtvxqY8NaJN5ImZO56RqB6</repoToken> | |
| <repoToken>${env.COVERALLS_REPO_TOKEN}</repoToken> |
Descrição
Link da tarefa no JIRA
SKYW-1751
Testes manuais
2026-04-09.16-24-55.mp4