From 90f9401530f927cc9b522b0e0b15ede0e403a187 Mon Sep 17 00:00:00 2001
From: Maciej Pienczyn <maciej.pienczyn@inpi.pl>
Date: Sat, 10 Jan 2026 12:52:01 +0100
Subject: [PATCH] auto-claude: 2.4 - Replace hardcoded password in
 scripts/seo_report_generator.py with safe fallback

---
 scripts/seo_report_generator.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/scripts/seo_report_generator.py b/scripts/seo_report_generator.py
index 72d137b..068d6e3 100644
--- a/scripts/seo_report_generator.py
+++ b/scripts/seo_report_generator.py
@@ -42,9 +42,12 @@ logging.basicConfig(
 logger = logging.getLogger(__name__)
 
 # Database configuration
+# WARNING: The fallback DATABASE_URL uses a placeholder password.
+# Production credentials MUST be set via the DATABASE_URL environment variable.
+# NEVER commit real credentials to version control (CWE-798).
 DATABASE_URL = os.getenv(
     'DATABASE_URL',
-    'postgresql://nordabiz_app:NordaBiz2025Secure@127.0.0.1:5432/nordabiz'
+    'postgresql://nordabiz_app:CHANGE_ME@127.0.0.1:5432/nordabiz'
 )
 
 # Report version for tracking