Rohitesh Gupta

Added myself as a reviewer to this PR, since it contains multiple CodeQL alerts.

> @srkgupta, are the the security messages here just false positives again? What we can do to fix this from happening? I'm worried about all the future logging messages... Hi...

@lieut-data these alerts are triggered because of the new related changes done in the PR and the alerts are only triggered once. Once these alerts are analyzed and dismissed, they...

> will new log messages trigger alerts in new PRs? As long as they are some how directly logging a user controlled input as is, yes they will trigger new...

> Thanks, @srkgupta! To explore this further, I created #1465 using the existing logging infrastructure and referencing a user-controlled input that triggered a warning in the same way as this...

Hi @tboulis I have analyzed and dismissed the CodeQL alerts in this PR. Please feel free to add me or someone from security team to this PR to re-review once...

Additional changes requested. Please check the channel for more details.

/update-branch

Yes, a regression testing around this functionality should be sufficient @furqanmlk. I have already validated the actual issue and it's fixed and is working fine.

Hi, I was able to fix this locally and apply a local patch through the following steps. TLDR: It replaces the conflicting Kotlin keywords in package name with \` characters....