Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

security: removed snyk issues involving OIDC #167

Merged
merged 6 commits into from
Aug 8, 2024
Merged

security: removed snyk issues involving OIDC #167

merged 6 commits into from
Aug 8, 2024

Conversation

pacificcode
Copy link
Contributor

removed writing empty req.body to httpWriter in OIDC authentication.
modified ras.GenerateKey to use 2048 bit encryption in cicd-integration/generate_pki.go

@pacificcode pacificcode requested a review from a team as a code owner August 7, 2024 18:59
sheldonhull
sheldonhull requested changes Aug 7, 2024
View reviewed changes
Copy link
Contributor

@sheldonhull sheldonhull left a comment
edited by pacificcode
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Please add a changie entry of type security that communicates the value of this for those reading release notes on github.
  • Change title to security type, not fix.

Mark this done and then I'll get that approved. Cheers!

@pacificcode pacificcode changed the title fix: removed snyk issues involving OIDC security: removed snyk issues involving OIDC Aug 7, 2024
@codecov Codecov
Copy link

codecov bot commented Aug 7, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 0% with 1 line in your changes missing coverage. Please review.

Project coverage is 25.29%. Comparing base (a2521eb) to head (680cf63).
Report is 114 commits behind head on main.

Files Patch % Lines
auth/method_oidc.go 0.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #167      +/-   ##
==========================================
- Coverage   32.61%   25.29%   -7.32%     
==========================================
  Files          80       79       -1     
  Lines       10855    11088     +233     
==========================================
- Hits         3540     2805     -735     
- Misses       7027     8012     +985     
+ Partials      288      271      -17

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

sheldonhull
sheldonhull approved these changes Aug 7, 2024
View reviewed changes
Copy link
Contributor

@sheldonhull sheldonhull left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good. minor improvement to wording as this is merged into a final doc and meant for consumers primarily, so I simplified and fixed casing. Thanks @pacificcode!

.changes/unreleased/security-20240807-120631.yaml Show resolved Hide resolved
@sheldonhull
Copy link
Contributor

Snyk check failure is due to vendored code, so upon reimport this will go away, so leaving alone. Request reimport of the repository by the security team to have this go away. Thanks!

@pacificcode
Copy link
Contributor Author

@sheldonhull Security team? can you be a little more specific or maybe a person to point this re-import to?

@pacificcode pacificcode merged commit 13fb517 into main Aug 8, 2024
11 checks passed
@pacificcode pacificcode deleted the bh.snyk branch August 8, 2024 17:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sheldonhull sheldonhull sheldonhull approved these changes

Assignees

@pacificcode pacificcode

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pacificcode @sheldonhull