Add AISPM service and configuration updates #99
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| def _send_request_sync(self, request: Request) -> httpx.Response: | ||
| return self._core_send_request(self.client, request) | ||
| url, headers = self._prepare_request(request) | ||
| print(f"Making request to: {url}") |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 11 months ago
To fix the problem, we need to ensure that sensitive information such as request.secret is not logged. The best way to do this without changing existing functionality is to sanitize the url before logging it. We can replace sensitive parts of the url with placeholders before logging.
Specifically, we will:
- Create a function to sanitize the
urlby replacing sensitive information with placeholders. - Use this function to sanitize the
urlbefore logging it.
| @@ -118,3 +118,4 @@ | ||
| url, headers = self._prepare_request(request) | ||
| print(f"Making request to: {url}") | ||
| sanitized_url = self._sanitize_url(url) | ||
| print(f"Making request to: {sanitized_url}") | ||
| print(f"With headers: {headers}") | ||
| @@ -126,2 +127,6 @@ | ||
|
|
||
| def _sanitize_url(self, url: str) -> str: | ||
| # Replace sensitive information with placeholders | ||
| sanitized_url = url.replace(request.secret, "[SECRET]") | ||
| return sanitized_url | ||
|
|
| return self._core_send_request(self.client, request) | ||
| url, headers = self._prepare_request(request) | ||
| print(f"Making request to: {url}") | ||
| print(f"With headers: {headers}") |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 11 months ago
To fix the problem, we should avoid logging sensitive information such as headers and URLs directly. Instead, we can log non-sensitive parts of the request or use a sanitized version of the headers and URLs. Specifically, we can remove or mask sensitive information before logging.
- Identify the lines where sensitive information is being logged.
- Modify the logging statements to exclude or mask sensitive data.
- Ensure that the functionality of the code remains unchanged.
| @@ -118,7 +118,6 @@ | ||
| url, headers = self._prepare_request(request) | ||
| print(f"Making request to: {url}") | ||
| print(f"With headers: {headers}") | ||
| print("Making request") | ||
| response = self._core_send_request(self.client, request) | ||
| print(f"Response status: {response.status_code}") | ||
| print(f"Response body: {response.text}") | ||
| print("Response received") | ||
| return response |
|
|
||
|
|
||
|
|
||
| #def check_permissions(): |
|
jfyi, pr merger check will fail if you dont use formats like 'fix: ' or 'feat: ' in commit msgs. |
No description provided.