Skip to content

Updated the project to run with Android Studio Otter.#386

Merged
mrunalchawda merged 3 commits into
masterfrom
chore/update-for-latest-studio
Dec 31, 2025
Merged

Updated the project to run with Android Studio Otter.#386
mrunalchawda merged 3 commits into
masterfrom
chore/update-for-latest-studio

Conversation

@pawarprasad37
Copy link
Copy Markdown
Collaborator

@pawarprasad37 pawarprasad37 commented Nov 26, 2025

No description provided.

pawarprasad37
pawarprasad37 commented Nov 26, 2025
View reviewed changes
Comment thread app/src/main/java/com/razorpay/sampleapp/java/PaymentActivity.java Outdated
EditText etApiKey = findViewById(R.id.et_api_key);
EditText etCustomOptions = findViewById(R.id.et_custom_options);

etApiKey.setText("rzp_live_ILgsfZCZoFIKMb");
Copy link
Copy Markdown
Collaborator Author

@pawarprasad37 pawarprasad37 Nov 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@vivekshindhe need clarity on whether we share our merchant key publicly or not.

semgrep-code-razorpay[bot]
semgrep-code-razorpay Bot reviewed Nov 26, 2025
View reviewed changes
Comment thread app/src/main/java/com/razorpay/sampleapp/kotlin/PaymentActivity.kt Outdated
val etApiKey = findViewById<EditText>(R.id.et_api_key)
val etCustomOptions = findViewById<EditText>(R.id.et_custom_options)

etApiKey.setText("rzp_live_ILgsfZCZoFIKMb")
Copy link
Copy Markdown

@semgrep-code-razorpay semgrep-code-razorpay Bot Nov 26, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hardcoded sensitive data leaked

Semgrep has detected a leak of sensitive data in this code. This secret data could be used by internal or external malicious actors. We highly recommend you change, reset, or rotate the sensitive data.

A secret is hard-coded in the application. Secrets stored in source code, such as credentials, identifiers, and other types of sensitive data, can be leaked and used by internal or external malicious actors. It is recommended to rotate the secret and retrieve them from a secure secret vault or Hardware Security Module (HSM), alternatively environment variables can be used if allowed by your company policy.

Fixed in commit 7d5fe37

semgrep-code-razorpay[bot]
semgrep-code-razorpay Bot reviewed Nov 26, 2025
View reviewed changes
Comment thread app/src/main/java/com/razorpay/sampleapp/java/PaymentActivity.java Outdated
EditText etApiKey = findViewById(R.id.et_api_key);
EditText etCustomOptions = findViewById(R.id.et_custom_options);

etApiKey.setText("rzp_live_ILgsfZCZoFIKMb");
Copy link
Copy Markdown

@semgrep-code-razorpay semgrep-code-razorpay Bot Nov 26, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hardcoded sensitive data leaked

Semgrep has detected a leak of sensitive data in this code. This secret data could be used by internal or external malicious actors. We highly recommend you change, reset, or rotate the sensitive data.

A secret is hard-coded in the application. Secrets stored in source code, such as credentials, identifiers, and other types of sensitive data, can be leaked and used by internal or external malicious actors. It is recommended to rotate the secret and retrieve them from a secure secret vault or Hardware Security Module (HSM), alternatively environment variables can be used if allowed by your company policy.

🎉 Fixed in commit 7d5fe37 🎉

vivekshindhe
vivekshindhe previously approved these changes Dec 5, 2025
View reviewed changes
@mrunalchawda mrunalchawda merged commit a4c71ea into master Dec 31, 2025
1 of 3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vivekshindhe vivekshindhe vivekshindhe approved these changes

+1 more reviewer

@semgrep-code-razorpay semgrep-code-razorpay[bot] semgrep-code-razorpay[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@pawarprasad37 @vivekshindhe @mrunalchawda