-
Notifications
You must be signed in to change notification settings - Fork 407
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Toggle option to Disable Fetching of Nightscout Carbs in Trio #198
Labels
enhancement
New feature or request
Comments
Comment from Daniel: |
I will make a PR based on the commit posted |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Currently, even if remote commands are disabled in Trio, carbs saved to Nightscout by anyone with Careportal access are still pulled into Trio and used in dosing decisions. This creates a security vulnerability, as it is not possible to fully disable remote control over carb data input. This issue was highlighted by Dylan Sutton, who noted that simply disabling remote commands does not prevent carb data from being fetched and used, making the system potentially unsafe.
Describe the solution you'd like
Introduce a toggle option in Trio settings to enable or disable the fetching of carb data from Nightscout. This setting should default to not allow fetching treatments to ensure better security. This would involve adding a basic toggle and the necessary logic to respect this setting, ensuring that when disabled, Trio does not fetch carb data from Nightscout.
Describe alternatives you've considered
Additional context
This issue was discussed in detail, and it was noted that the most dangerous remote command is the announcement for bolusing, which can be disabled with the remote control toggle. However, to completely block unwanted entries and ensure higher security, a specific setting to disable fetching treatments from Nightscout is necessary. Daniel provided a temporary solution by commenting out the fetch code, and Sjoerd offered to implement the toggle feature, seeking guidance from Daniel's commit.
Note: This request aligns with the need to enhance the security of Trio by giving users more control over the data inputs used in dosing decisions, ultimately making the system safer and more reliable.
The text was updated successfully, but these errors were encountered: