This week I had to put the XSS vulnerability on hold due to an error that wouldn’t let me update the code with Maven. I have since fixed this error and have submitted my first pull request, which I will talk about in this week’s blog.
When I attempted to change a header on the Manage Appointments page (so I could test how to make changes to the code), I hit an error when running mvn clean package in command line. The error was to do with the RubyGems link in the code, as the one provided did not support HTTPS and therefore my version of Maven could not use it, and would not run.
To fix this issue, I had to do some research (with the help of my mentor) to find a link for RubyGems that supported HTTPS rather than just HTTP. Once I found a link, I would test it using mvn clean package, and I eventually found a link that worked! After checking with my mentor, I was ready to submit my first ever PR (pull request).
To submit my PR, I first had to make sure I had cloned the right forked repository on GitHub and made the correct changes to the code. I then ran git add, git commit, and git push in order to get my code onto the forked repository. After this I used GitHub to create a pull request with my changes, let my mentor know, and soon after my code was approved.
Next week I am fully ready to start patching the security vulnerabilities.