search

Azure-Samples / langfuse-on-azure

An easy way to deploy the Langfuse observability platform to Azure Container Apps with Entra authentication.
MIT License
39 stars 3 forks source link

Add secure() decorator and Bicep validation #4

Closed pamelafox closed 8 months ago

pamelafox commented 8 months ago

Purpose

This PR remedies a security issue with the @secure decorator missing on authClientSecret and also sets up a workflow to check for Bicep lint and security issues.

Does this introduce a breaking change?

[ ] Yes
[X] No

Pull Request Type

What kind of change does this Pull Request introduce?

[X] Bugfix
[ ] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no api changes)
[ ] Documentation content changes
[ ] Other... Please describe:

How to Test

github-advanced-security[bot] commented 8 months ago

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.