Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fixes #14337: remove security gap in approval workflow #14338

Merged
merged 3 commits into from
Dec 12, 2023
Merged

fixes #14337: remove security gap in approval workflow #14338

merged 3 commits into from
Dec 12, 2023

Conversation

mgorsk1
Copy link
Contributor

@mgorsk1 mgorsk1 commented Dec 11, 2023
edited
Loading

Describe your changes:

Fixes #14337

I worked on improving conditions for displaying approval controls because their current definitions allowed for self-approving workflows.

Type of change:

  • Bug fix
  • Improvement
  • New feature
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation

Checklist:

  • I have read the CONTRIBUTING document.
  • My PR title is Fixes <issue-number>: <short explanation>
  • I have commented on my code, particularly in hard-to-understand areas.
  • For JSON Schema changes: I updated the migration scripts or explained why it is not needed.

@github-actions github-actions bot added the UI UI specific issues label Dec 11, 2023
@github-actions GitHub Actions
Copy link
Contributor

Hi there 👋 Thanks for your contribution!

The OpenMetadata team will review the PR shortly! Once it has been labeled as safe to test, the CI workflows
will start executing and we'll be able to make sure everything is working as expected.

Let us know if you need any help!

@mgorsk1 mgorsk1 changed the title fix: remove security gap in approval workflow fixes #14337: remove security gap in approval workflow Dec 11, 2023
@mgorsk1 mgorsk1 marked this pull request as ready for review December 11, 2023 15:15
@github-actions GitHub Actions
Copy link
Contributor

Hi there 👋 Thanks for your contribution!

The OpenMetadata team will review the PR shortly! Once it has been labeled as safe to test, the CI workflows
will start executing and we'll be able to make sure everything is working as expected.

Let us know if you need any help!

@pmbrull pmbrull added the safe to test Add this label to run secure Github workflows on PRs label Dec 12, 2023
@chirag-madlani chirag-madlani enabled auto-merge (squash) December 12, 2023 10:25
@chirag-madlani chirag-madlani merged commit b3ac8de into open-metadata:main Dec 12, 2023
@github-actions GitHub Actions
Copy link
Contributor

Jest test Coverage

UI tests summary

Lines Statements Branches Functions
Coverage: 49%
 49.34% (24575/49811) 31.99% (9589/29975) 30.55% (2777/9089)

@sonarqubecloud SonarQubeCloud
Copy link

[open-metadata-ui] Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

0.0% 0.0% Coverage
0.0% 0.0% Duplication

MrVinegar pushed a commit to MrVinegar/OpenMetadata that referenced this pull request Dec 15, 2023
@mgorsk1
fixes open-metadata#14337: remove security gap in approval workflow (o…
702388c 
…pen-metadata#14338)

* 🎉 Init

* 🐛 Fix variable responsible for creator

* 🐛 Fix variable responsible for creator

---------

Co-authored-by: at91mm <mariusz.gorski@ing.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chirag-madlani chirag-madlani chirag-madlani approved these changes

@harshach harshach Awaiting requested review from harshach

@karanh37 karanh37 Awaiting requested review from karanh37

Assignees
No one assigned
Labels
safe to test Add this label to run secure Github workflows on PRs UI UI specific issues
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

bug: Security gap in approval workflow allows creator of the task to self-approve
3 participants
@mgorsk1 @chirag-madlani @pmbrull