Bookworm + Portal rework #1657
Bookworm + Portal rework #1657
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
alexAubin
force-pushed
the
bookworm
branch
2 times, most recently
from
cd1bb22
to
bed9ecc
Compare
alexAubin
force-pushed
the
bookworm
branch
4 times, most recently
from
945ecdb
to
8ac48ee
Compare
| allowed_cors_origins_file = "/etc/yunohost/.admin-api-allowed-cors-origins" | ||
|
|
||
| if os.path.exists(allowed_cors_origins_file): | ||
| allowed_cors_origins = open(allowed_cors_origins_file).read().strip().split(",") |
Check warning
Code scanning / CodeQL
File is not always closed Warning
| allowed_cors_origins_file = "/etc/yunohost/.portal-api-allowed-cors-origins" | ||
|
|
||
| if os.path.exists(allowed_cors_origins_file): | ||
| allowed_cors_origins = open(allowed_cors_origins_file).read().strip().split(",") |
Check warning
Code scanning / CodeQL
File is not always closed Warning
alexAubin
force-pushed
the
bookworm
branch
2 times, most recently
from
5322f83
to
fae3b67
Compare
There was a problem hiding this comment.
CodeQL found more than 10 potential problems in the proposed changes. Check the Files changed tab for more details.
| export experimental="$(yunohost settings get 'security.experimental.security_experimental_enabled' | int_to_bool)" | ||
| export redirect_to_https="$(jq -r '.nginx_redirect_to_https' <<< "$YNH_SETTINGS" | int_to_bool)" | ||
| export compatibility="$(jq -r '.nginx_compatibility' <<< "$YNH_SETTINGS" | int_to_bool)" | ||
| export experimental="$(jq -r '.security_experimental_enabled' <<< "$YNH_SETTINGS" | int_to_bool)" |
There was a problem hiding this comment.
Is moving security.experimental.security_experimental_enabled to security.nginx.security_experimental_enabled intentional?
There was a problem hiding this comment.
uuuh not sure what you mean ? The setting "long name" is still security.experimental.security_experimental_enabled but $YNH_SETTINGS contains only the short name for whatever reason
There was a problem hiding this comment.
oh yeah, I misread the python code associated with the commit
| if not option.is_visible(context): | ||
| if isinstance(option, BaseInputOption): | ||
| # FIXME There could be several use case if the question is not displayed: | ||
| # - we doesn't want to give a specific value | ||
| # - we want to keep the previous value | ||
| # - we want the default value | ||
| option.value = context[option.id] = None | ||
| context[option.id] = None |
Check failure
Code scanning / CodeQL
Modification of parameter with default Error
| option.choices if isinstance(option, BaseChoicesOption) else [] | ||
| ) | ||
| # only update the context with the value | ||
| context[option.id] = option.normalize(form[option.id]) |
Check failure
Code scanning / CodeQL
Modification of parameter with default Error
| option = next(opt for opt in options if option.id == option_id) | ||
| if option and isinstance(option, BaseInputOption): | ||
| form[option.id] = option.normalize(value, option) | ||
| context[option.id] = form[option.id] |
Check failure
Code scanning / CodeQL
Modification of parameter with default Error
| # ╰───────────────────────────────────────────────────────╯ | ||
|
|
||
| if TYPE_CHECKING: | ||
| FilterKey = Sequence[Union[str, None]] |
Check notice
Code scanning / CodeQL
Unused global variable Note
|
|
||
| if TYPE_CHECKING: | ||
| FilterKey = Sequence[Union[str, None]] | ||
| RawConfig = OrderedDict[str, Any] |
Check notice
Code scanning / CodeQL
Unused global variable Note
|
|
||
| def print_config_panel_docs(): | ||
| fname = "../src/utils/configpanel.py" | ||
| content = open(fname).read() |
Check warning
Code scanning / CodeQL
File is not always closed Warning documentation
|
|
||
| def print_form_doc(): | ||
| fname = "../src/utils/form.py" | ||
| content = open(fname).read() |
Check warning
Code scanning / CodeQL
File is not always closed Warning documentation
fix data returned by ldap being list, and rename user_fullname to fullname
#2445: Pass email, username and fullname as header for ssowat
…se it's already provided by /etc/nginx/fastcgi_params + make sure it is mapped to the YNH_USER from SSOwat rather than $remote_user
Enh portal tiling
cf YunoHost/issues#2050