Project Details
psp-backend
solutionbowl/psp-backend · Bitbucket · Default branch main
Security Findings
Low security scores and security-related AI review notes.
| Commit | Security Score | Finding | Date |
|---|---|---|---|
| a6d7bc69 | 65 | The commit introduces significant API changes to the payment and withdrawal process, including status handling, cancellation functionality, and callback processing. The code adds meaningful features that improve the payment lifecycle and error handling. However, the commit message is vague and uninformative. There are some code quality concerns such as duplicated status normalization logic and minimal error handling on external API callback failures. Security could be improved by ensuring sensitive data like secretKey is protected and by adding better validation on inputs. The risk of bugs is moderate because of the complex status transitions and multiple external dependencies without robust handling. | 03 Jul 2026 |
| 93778ace | 60 | The commit removes a crucial condition check that prevents reprocessing of payments that are not in 'PENDING' status. While the change might be intended as a fix, commenting out this condition potentially introduces risks, including processing a payment multiple times, which can lead to bugs and financial errors. The commit message is vague, and the commented-out code suggests incomplete or unclear work. | 03 Jul 2026 |
| 7ef0134b | 50 | A very minimal code change was made with a vague commit message. The conditional checks whether a payment gateway type is CRYPTO and the gateway name is MATCH2PAY and the status is not FAILED. However, there is no further context or code implementation shown. The commit message does not describe what the change does or why it was made. The logic may introduce bugs if status is not properly handled or if other cases are possible. It is unclear how this affects business processes or security. | 03 Jul 2026 |
| ea88d950 | 60 | The commit introduces handling for cancelling payments by setting the payment status to 'FAILED' along with a failure reason. The changes touch the payment model enum and the withdrawal controller to reflect the failed status and reasons. However, the commit message is vague and does not provide sufficient context or detailed explanation. The hardcoded status and failure reason strings could be abstracted to constants for maintainability. There is some risk of bugs if all relevant payment failure scenarios are not exhaustively handled, and security implications depend on further validation around cancellation reasons and their propagation. | 03 Jul 2026 |
| fa9d10b0 | 40 | The commit introduces an API to get payment status and adds secretKey handling for security purposes. It includes validation for required fields and merchant authentication. Some redundant or repeated code suggests opportunities for refactoring. Security is improved but could be stronger by better secret key management and more detailed error handling. The bug risk is moderate due to opportunities for input validation improvements. | 30 Apr 2026 |
| 0f999507 | 30 | The commit introduces webhook handling and logging for different payment gateways with clear status mappings and payment updates. However, it lacks proper signature verification implementation and error handling robustness which affects security and bug risk scores. The commit message is vague and uninformative. | 13 Apr 2026 |
| 74cdbac0 | 10 | This commit only adds a single import statement with no additional context or code changes, making it low value and high risk for fake work. No functionality is altered or added, and the commit message is uninformative. | 13 Apr 2026 |
| f327c92c | 50 | The commit includes multiple comment additions indicating logging, duplicate checks, and status handling in webhook controller code. However, the commit message is uninformative and vague, reducing clarity and traceability. The code changes seem to focus on improving logging and duplicate checks which can enhance maintainability and bug tracking, but the lack of detailed functional changes or explanations limits business value and security improvements. The presence of numerous comments without corresponding code modifications raises concerns about the actual impact of the commit. | 13 Apr 2026 |
| 8e201f54 | 20 | The commit adds webhook handling for multiple payment gateways with logging and basic status mapping. It ensures payments are found before updating status and logs errors. However, it lacks proper signature verification and security checks (commented only), and the commit message is non-descriptive. There is some repeated code that could benefit from refactoring, and error handling could be improved with more context. | 13 Apr 2026 |
| f6c9871f | 30 | The commit adds logging, payment lookup, and status mapping for webhook payment processing with some redundant code and console logs. However, it contains commented-out code and console.log statements that reduce code cleanliness and security concerns due to sensitive data handling and lack of error handling best practices. It lacks proper input validation and error propagation and has some duplicate code sections. | 14 Apr 2026 |
| 06250c57 | 85 | The commit adds validation for required parameters including user_id, order_id, amount, and callback_url. It includes proper URL validation and amount checks. The changes enhance input validation and enforce callbackUrl as a required field in the model, reducing potential bugs and increasing security. However, the commit message is generic and the lack of paymentType validation and error handling in some sections reduce overall quality and business value. | 14 Apr 2026 |
| aa1d8ce1 | 40 | This commit adds repeated webhook callback logic at multiple locations without abstraction. While the functionality to send post-payment callbacks is valuable, the code duplication impacts maintainability and increases the risk of inconsistencies or errors. There is little error handling beyond console logging which may be insufficient for production. There are also no security considerations for the webhooks such as signature validation or retry mechanisms. | 14 Apr 2026 |
| d03a1c3a | 30 | The commit adds callback notification code after payment and withdrawal processes. It uses axios to post callbacks if a URL is present, which improves business communication. However, the implementation has repeated code blocks and minimal error handling, which negatively affects quality and bug risk. Additionally, there is no verification or security applied to the callback URL or response, which introduces security concerns. | 14 Apr 2026 |
| 2e98c305 | 40 | The commit introduces webhook integration with basic validation and routing. While it adds business value by enabling new functionality, the implementation lacks thorough security measures such as signature verification for webhooks. Bug risk is present due to minimal error handling beyond basic validation. The addition of test routes and simple logging is positive but immature for production. The overall code quality is moderate, but there is room to improve security and robustness. | 15 Apr 2026 |
| 33d086da | 30 | The commit adds webhook handling logic for Ragpay payment status with environment variable checks and status mapping. However, the commit includes console.log debugging statements in production code and lacks error handling and input validation, which reduces quality and increases bug and security risks. The hashing approach may require review to ensure alignment with Ragpay's security requirements. The commit message is minimal and not descriptive. | 16 Apr 2026 |
| e3b3f297 | 30 | The commit adds API changes mostly related to payment controllers, models, services, and webhook logging. While the functional additions provide business value in terms of supporting payment processing workflows, the overall quality is reduced by the presence of multiple console.log statements left in production code, inconsistent validation, and a lack of error handling improvements. Security risks are elevated due to exposure of potentially sensitive credentials via environment variables without apparent safeguards and basic authorization headers constructed as plain strings. Several assignments use default or placeholder values which might lead to inaccurate data usage. | 28 Apr 2026 |
| 63e2fee7 | 50 | The commit introduces a withdrawal webhook feature including secure merchant verification, payment status management, and callback notifications. The code covers key validations and leverages async handling and external services. However, the security score is moderate due to direct use of secret keys in callbacks and lack of validation on callback URLs. The bug risk is above average caused by potential unhandled failures in asynchronous calls and minimal error handling for critical operations. The business value is good considering the addition of withdrawal payout logic with redis caching and payment tracking. | 19 May 2026 |
| 62f20076 | 40 | The commit adds multiple payment model fields to support wallet and currency selections and updates webhook and payment processing logic accordingly. However, excessive console logging of sensitive information like secret keys and payment details reduces security and cleanliness of the code. There also appears to be inconsistent error handling and lack of input validation which increases bug risk. | 03 Jun 2026 |
| 338e9811 | 40 | The changes uniformly replace or add 'selectedWalletCurrency' assignments from payment.currency or payload.currency across several lines, but lack context or validation. The commit message is terse and not descriptive. The addition of a console.log may be useful for debugging but should be removed or improved for production. There is a risk if currency values are not validated or standardized, which could introduce bugs or inconsistencies. | 03 Jun 2026 |
| 95c6b705 | 20 | This commit only updates the package-lock.json with new dependencies related to socket.io and websockets without any actual code changes or explanatory commit message. The lack of context and absence of functional changes limit its business value and quality. The security score is low because dependency updates can carry security risk without accompanying verification or rationale. | 05 Jun 2026 |
| 6c44f96f | 10 | This commit updates the package-lock.json to include new versions of various dependencies, notably socket.io and related packages, but the change lacks a meaningful commit message and does not show any direct code changes or fixes. The commit message is vague and non-descriptive, reducing confidence in the actual impact or purpose of the update. The lack of detailed explanation makes it difficult to assess if the dependency updates address a real issue or improve the system meaningfully. | 05 Jun 2026 |
| 0d7fa1c6 | 40 | The commit adds a Solwio payment webhook handler that processes payment status updates and emits socket events. The integration improves payment status tracking and callback handling, providing value to the business. Logging is comprehensive for debugging. However, the commit message is poor. Security risks exist because external data is used in the callback without validation or sanitization, and secret keys are included in outbound callback payloads, which may expose sensitive information. The error handling lacks detail in some areas, and the webhook accepts any requests with minimal authentication or validation. | 05 Jun 2026 |
| b037adbf | 50 | The commit adds comprehensive webhook and payment status handling including normalization, logging, status updates, and socket emission. It improves business value by enhancing payment status tracking and notifications. However, there are minor concerns about logging sensitive information, lack of strict validation of webhook payloads, and error handling in HTTP callback requests. The commit message is a generic merge commit and does not describe changes, reducing clarity. | 05 Jun 2026 |
| dd94553f | 20 | This commit only updates package-lock.json with new or updated dependencies, primarily socket.io and related packages. There is no functional code change or explanation in the commit message, which lacks context and detail. The lack of testing or changelog information lowers business value and quality confidence. Dependency updates impact bug risk and potentially security but no details on version changes or vulnerabilities are given. High risk of fake work as it only adds package lock content without code or message describing purpose. | 18 Jun 2026 |
| 0f821f00 | 50 | The commit introduces payment gateway support for PayBitra and a new webhook handler for NexttPay. The webhook handling performs detailed processing of payment status updates and executes callbacks. The code covers many cases properly and has some logging. However, there are security and robustness concerns with direct use of callback URLs and lack of validation, and the commit message lacks detail. | 24 Jun 2026 |
| afbde65f | 10 | The commit adds multiple console.log statements throughout the payment controller to log different states and data structures. While logging can help during debugging, indiscriminately leaving extensive logs in production code can clutter output, reduce performance, expose sensitive data such as user IDs and payment details, and add noise. The commit message is vague and uninformative. | 24 Jun 2026 |
| f10e82b7 | 70 | The commit adds integration with 'ecommpay' and 'gtxpoint' payment libraries including new route handlers and payment creation logic. There is an implementation of filtering allowed parameters in gateway routes and creation of payment URLs with signatures. It includes some tests for Monetix payments. Overall, the changes improve business value by enabling payment functionality and have reasonably good code quality with exception handling. However, the filtering logic could be made more robust and security checks could be enhanced. The commit message is vague and should be more descriptive about the changes made. | 30 Jun 2026 |
| 4d462f60 | 60 | The commit adds handling of webhook payload data and updates payment status accordingly, including useful debugging logs. However, excessive console logging reduces code quality and may expose sensitive information. There is some risk of bugs due to minimal error handling and lack of input validation. The commit message is vague and not descriptive enough, lowering business value clarity. | 30 Jun 2026 |
| 4cf4e845 | 40 | The commit adds multiple console.log statements related to webhook hash verification, API status calls, and response handling. While this improves debuggability and might help during development or troubleshooting, retaining verbose logs with potentially sensitive details in production code could pose security and noise issues. There is no direct addition or fix in webhook logic visible, so business value is moderate. Bug risk remains moderate due to absence of core logic changes but could be improved with structured error handling and removal of debug logs. | 30 Jun 2026 |
| 0a3cd547 | 30 | The commit improves configuration error handling by checking for missing environment variables and constructs a URL dynamically, which aligns with fixing a URL issue. It also adds status verification after saving payment data. However, the presence of console logging statements reduces professionalism and could leak sensitive information. The commit message is vague and uninformative. | 01 Jul 2026 |
| b1f6ace4 | 50 | This commit adds logging statements to the webhook processing flow and sets webhook URLs via environment variables. While improving observability, it increases the risk of sensitive data exposure by logging potentially sensitive information. There are no new security mechanisms or validations introduced, and the use of Date.now() for order IDs could cause collisions under high load. | 01 Jul 2026 |
| 3a54c169 | 30 | The commit introduces two changes related to the NexttPay payment service: adding a fallback order ID and defining a payment URL. However, the commit message is vague and misspelled. The code changes lack context and validation, which could lead to issues such as non-unique order IDs and potential misconfiguration. The security implications of the payment URL usage are unclear. Overall, the commit shows limited work with room for improvement in code clarity, validation, and documentation. | 01 Jul 2026 |
| 62276c6a | 10 | The commit adds environment variables, instructions, and package lock file for a Node.js PSP backend. However, it exposes sensitive secrets such as MongoDB URI with username/password and JWT secret directly in the .env file, which is a serious security flaw. The instructions added are detailed and cover usage well, boosting business value and quality. The commit message is uninformative. The .gitignore improvement is minimal but useful. There is a moderate bug risk due to potential misconfigurations. Security risk is high due to exposed secrets. | 15 Mar 2026 |
| 15ad6ee8 | 5 | The commit adds sensitive payment gateway API keys and URLs directly into the .env file that was committed to the repository, posing a critical security risk. There is also a partial implementation of a payment controller with basic request validations. The commit message is unclear and contains a typo, reducing professionalism and traceability. Package updates are included but not well described. Overall, the work shows an initial integration attempt but lacks secure handling of credentials and complete implementation details. | 05 Apr 2026 |
| 9ff8f9ba | 45 | This commit integrates multiple payment gateway methods including electronic funds, crypto, wire transfers, and bank payments via 777Pay. New services for interactions with PayRetailer, Ragapay, Match2Pay, and 777Pay are added and used in payment controller flows. While the new functionality increases business value, there are several concerns about potential bugs, security risks, and some code quality issues. Hardcoded sensitive information, inconsistent error handling, lack of input validation, and noisy console logging reduce the security and quality scores. | 05 Apr 2026 |
| e2818a97 | 40 | The commit attempts to fix gateway API handling by ensuring 'gateway.type' is treated uniformly as an array. However, the commit message is unclear and unprofessional, reducing confidence. The code changes lack error handling and do not validate inputs, leaving potential for runtime errors and security concerns. Adding .env to .gitignore is standard but its connection to the code fix is unclear. | 05 Apr 2026 |
| 5e8863d9 | 60 | This commit adds JWT-based merchant authentication and admin payment retrieval features, along with dependencies updates. The authentication middleware validates tokens and merchant status robustly. The admin payments controller supports filtering and pagination but lacks input validation and error handling. The commit message is vague and contains typos. | 07 Apr 2026 |
| 473e20fa | 60 | This commit adds withdrawal APIs enhancing payment functionality with payout creation, gateway retrieval, and payout submission, along with a new Match2Pay payout service integration. It includes validation, database operations, and grouping withdrawal gateways. The code generally follows good async handling and error response patterns but could improve validation and logging for robustness and security. | 07 Apr 2026 |
| a8b8ddb6 | 60 | The commit implements payment flow token management using Redis for temporary token storage. It checks for duplicate payment orders, verifies tokens in multiple endpoints, and groups payment gateways by type. However, error handling is mostly via apiResponse without detailed logging. Security around token validation could be improved, e.g., better token expiration handling, rate limiting, or revocation. Some code is duplicated (grouping gateways logic). More comments would aid maintainability. | 09 Apr 2026 |