-
Notifications
You must be signed in to change notification settings - Fork 300
feat(express): migrate handleCreateSignerMacaroon to typed routes #6967
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: master
Are you sure you want to change the base?
feat(express): migrate handleCreateSignerMacaroon to typed routes #6967
Conversation
modules/express/test/unit/clientRoutes/lightning/lightningSignerRoutes.ts
Outdated
Show resolved
Hide resolved
modules/express/test/unit/clientRoutes/lightning/lightningSignerRoutes.ts
Outdated
Show resolved
Hide resolved
modules/express/test/unit/clientRoutes/lightning/lightningSignerRoutes.ts
Outdated
Show resolved
Hide resolved
5f9a6b1
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Changes to express.lightning.signerMacaroon
seem fine, but looks like a bad merge conflict resolution.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm, but merge conflicts
3ff273a
4d24100
to
3ff273a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
another merge conflict yet again unfortunately
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm, but conflicts
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
329cb8d
to
ee326a2
Compare
|
||
before(function () { | ||
// Create a temporary JSON file for lightning signer config | ||
fs.writeFileSync(tempFilePath, JSON.stringify({})); |
Check failure
Code scanning / CodeQL
Insecure temporary file High test
the os temp dir
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 2 days ago
To securely create a temporary file, we should use a well-tested library that prevents predictable file names and ensures atomic creation with correct permissions. In NodeJS, the tmp
package provides such functionality. In this case:
- Replace the hardcoded path with a securely generated temporary file using
tmp.fileSync
. - You must add the package import at the top of the file.
- Instantiate the temp file in
before
and clean it up inafter
using the cleanup function provided bytmp
. - Ensure all references to
tempFilePath
are updated to use the secure path. - Do not change unrelated test logic or usage.
-
Copy modified line R4 -
Copy modified lines R16-R17 -
Copy modified lines R20-R23 -
Copy modified lines R36-R37
@@ -1,6 +1,7 @@ | ||
import * as assert from 'assert'; | ||
import * as sinon from 'sinon'; | ||
import * as fs from 'fs'; | ||
import * as tmp from 'tmp'; | ||
import { agent as supertest } from 'supertest'; | ||
import 'should'; | ||
import 'should-http'; | ||
@@ -12,10 +13,14 @@ | ||
|
||
describe('Signer Macaroon Typed Routes Tests', function () { | ||
let agent: ReturnType<typeof supertest>; | ||
const tempFilePath = '/tmp/test-lightning-signer.json'; | ||
let tempFilePath: string; | ||
let tempFileCleanup: (() => void) | undefined; | ||
|
||
before(function () { | ||
// Create a temporary JSON file for lightning signer config | ||
// Create a securely random temporary JSON file for lightning signer config | ||
const tmpFile = tmp.fileSync({ postfix: '.json' }); | ||
tempFilePath = tmpFile.name; | ||
tempFileCleanup = tmpFile.removeCallback; | ||
fs.writeFileSync(tempFilePath, JSON.stringify({})); | ||
|
||
const { app } = require('../../../src/expressApp'); | ||
@@ -30,8 +33,8 @@ | ||
|
||
after(function () { | ||
// Clean up the temporary file | ||
if (fs.existsSync(tempFilePath)) { | ||
fs.unlinkSync(tempFilePath); | ||
if (tempFileCleanup) { | ||
tempFileCleanup(); | ||
} | ||
}); | ||
|
-
Copy modified lines R58-R59
@@ -55,7 +55,8 @@ | ||
"morgan": "^1.9.1", | ||
"proxy-agent": "6.4.0", | ||
"proxyquire": "^2.1.3", | ||
"superagent": "^9.0.1" | ||
"superagent": "^9.0.1", | ||
"tmp": "^0.2.5" | ||
}, | ||
"devDependencies": { | ||
"@bitgo/public-types": "5.31.0", |
Package | Version | Security advisories |
tmp (npm) | 0.2.5 | None |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CI failures + copilot suggestion (not sure if that's relevant)
Ticket: WP-5445