Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(ui): check Op code for literal credentials #2812

Merged
merged 1 commit into from
Nov 7, 2024
Merged

chore(ui): check Op code for literal credentials #2812

merged 1 commit into from
Nov 7, 2024

Conversation

jamie-rasmussen
Copy link
Collaborator

Description

https://wandb.atlassian.net/browse/WB-21683

After:

Screenshot 2024-10-29 at 1 06 41 PM

Testing

How was this PR tested?

@jamie-rasmussen jamie-rasmussen requested review from a team as code owners October 29, 2024 18:07
@circle-job-mirror
Copy link

circle-job-mirror bot commented Oct 29, 2024
edited
Loading

Preview this PR with FeatureBee: https://beta.wandb.ai/?betaVersion=e5898750f93aae764db3710b5675faf4bec3164e

gtarpenning
gtarpenning approved these changes Nov 4, 2024
View reviewed changes
Copy link
Member

@gtarpenning gtarpenning left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if the message doesn't convey enough information for the user to act on it? Like if I see '<Redacted: string contains Authorization pattern>' I'm not sure I would instantly know that this is generated from {"authorization": ...}. Although i guess we should always be sanitizing and this is just for existing key stuff?

@jamie-rasmussen
Copy link
Collaborator Author

I wonder if the message doesn't convey enough information for the user to act on it? Like if I see '<Redacted: string contains Authorization pattern>' I'm not sure I would instantly know that this is generated from {"authorization": ...}. Although i guess we should always be sanitizing and this is just for existing key stuff?

Yes, this is a last line of defense in case of sanitization failures. I agree that it isn't a very actionable message but not clear what we would want user to do about it either.

@jamie-rasmussen jamie-rasmussen merged commit ae0f079 into master Nov 7, 2024
114 of 116 checks passed
@jamie-rasmussen jamie-rasmussen deleted the jamie/sanitize-ui branch November 7, 2024 16:54
@github-actions github-actions bot locked and limited conversation to collaborators Nov 7, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@gtarpenning gtarpenning gtarpenning approved these changes

@tssweeney tssweeney Awaiting requested review from tssweeney

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jamie-rasmussen @gtarpenning