Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(jans-cli): --schema option renamed to --schema-sample #8739

Merged
merged 2 commits into from
Jun 19, 2024
Merged

fix(jans-cli): --schema option renamed to --schema-sample #8739

merged 2 commits into from
Jun 19, 2024

Conversation

devrimyatar
Copy link
Contributor

closes #8711

@devrimyatar
fix(jans-cli): --schema option renamed to --schema-sample
343fb42 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar devrimyatar added kind-bug Issue or PR is a bug in existing functionality comp-jans-cli-tui Component affected by issue or PR labels Jun 19, 2024
@devrimyatar devrimyatar requested review from ossdhaval and yuriyz June 19, 2024 13:33
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Jun 19, 2024
edited
Loading

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security Status Findings
Authn/Authz Analyzer 0 findings
Server-Side Request Forgery Analyzer 0 findings
Configured Codepaths Analyzer 0 findings
SQL Injection Analyzer 0 findings
Sensitive Files Analyzer 0 findings
IDOR Analyzer 0 findings
Secrets Analyzer 0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective.

Summary:

The code change in the provided patch appears to be a minor update to the cli_tui/cli/config_cli.py file, which is part of the jans-cli-tui application. The main change is the renaming of the --schema argument to --schema-sample, suggesting that the purpose of this argument is to retrieve a sample JSON schema template rather than the full schema.

From an application security perspective, this change does not introduce any obvious security concerns. The --schema-sample argument is used to provide a sample schema template, which can be useful for developers to understand the expected input format for the API endpoints. However, it is important to ensure that the sample schema does not contain any sensitive information or vulnerabilities that could be exploited. Additionally, the code includes several functions related to authentication, authorization, and making API requests, which should be reviewed to ensure that they are properly handling sensitive information and validating responses.

Files Changed:

  • jans-cli-tui/cli_tui/cli/config_cli.py: The main change in this file is the renaming of the --schema argument to --schema-sample in the read_swagger function. This change suggests that the purpose of this argument is to retrieve a sample JSON schema template, rather than the full schema. While this change does not introduce any obvious security concerns, the functions related to authentication, authorization, and making API requests should be reviewed to ensure they are properly handling sensitive information and validating responses.

Powered by DryRun Security

@yuriyz yuriyz enabled auto-merge (squash) June 19, 2024 13:37
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-cli'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@yuriyz yuriyz merged commit f602fd1 into main Jun 19, 2024
10 checks passed
@yuriyz yuriyz deleted the jans-cli-8711 branch June 19, 2024 14:40
yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@devrimyatar
fix(jans-cli): --schema option renamed to --schema-sample (#8739)
daec732 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
Former-commit-id: f602fd1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yuriyz yuriyz yuriyz approved these changes

@ossdhaval ossdhaval ossdhaval approved these changes

Assignees
No one assigned
Labels
comp-jans-cli-tui Component affected by issue or PR kind-bug Issue or PR is a bug in existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix(jans-cli): --schema option should be renamed to --schema-sample
3 participants
@devrimyatar @ossdhaval @yuriyz