Open jay0lee opened 1 year ago
jay0lee
commented
1 year ago Security issues detected in old gdata / atom code. These are almost certainly benign but we should still clean them up (ideally by killing GData usage)
https://github.com/GAM-team/GAM/security/code-scanning
Also Python 3.12 seems to be taking issue with a bunch of the old regex strings in GData. See #1655
taers232c
commented
1 year ago Contacts API - Domain Shared Contacts https://developers.google.com/admin-sdk/domain-shared-contacts/overview https://developers.google.com/people/contacts-api-migration
I have a fan of Email Audit API in Spain (big bank, 500,000 users) but I'm sure Diego would be willing to save an old version for that particular use,
Classic Sites - Saved version would probably do the trick
On Thu, Aug 17, 2023 at 6:39 AM Jay Lee @.***> wrote:
gdata is currently being used by 3 APIs:
- Contacts API https://developers.google.com/people/contacts-api-migration
- Email Audit API https://developers.google.com/admin-sdk/email-audit/overview
- Classic Sites API https://developers.google.com/sites/docs/1.0/developers_guide_protocol
each of these is in various states of deprecation and ideally we'd remove the gdata code from GAM because it's old, crufty and may have some security issues.
In the case of Contacts API, it's been replaced with the People API. @taers232c https://github.com/taers232c are you aware of any use cases where Contacts API is still needed?
In the case of Email Audit API, Google Vault is meant as the much more robust replacement but the Email Audit API is still used by some customers and was never turned down. For this I suggest we drop support from the current GAM release but customers wishing to use Email Audit API calls can continue to run old versions of GAM. Should something break we can always do a patch release to that old version.
In the case of Classic sites API, afaik Classic Sites is entirely turned down: https://workspaceupdates.googleblog.com/2022/11/migrate-classic-google-sites-by-january-30-2023.html @taers232c https://github.com/taers232c are you aware of any further usage / need for Classic Sites API?
Once we can replace / remove these 3 APIs we can cleanup the gdata folder(s) and eliminate a lot of crufty old code.
— Reply to this email directly, view it on GitHub https://github.com/GAM-team/GAM/issues/1656, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACCTYL4DKENONBMDLEQXLV3XVYNJTANCNFSM6AAAAAA3UDE5AQ . You are receiving this because you were mentioned.Message ID: @.***>
-- Ross Scroggs @.***
jay0lee
commented
1 year ago OK, I've commited:
https://github.com/GAM-team/GAM/commit/4454e55b1e6a171826166325989e56353dfcf416
which cleans up some 13,000 lines of GData cruft, mostly around tlslite and very old authentication code which GAM should never be using.
I've also added commands to our GitHub Actions testing to create/list/delete domain shared contacts so we can continue to confirm we haven't broken those commands.
@taers232c can you please test and confirm this doesn't break anything else?
taers232c
commented
1 year ago Jay,
Here at Redwood Day we have a nightly script that updates domain shared contacts and it is running with the changes
Ross
On Fri, Aug 18, 2023 at 7:15 AM Jay Lee @.***> wrote:
OK, I've commited:
4454e55 https://github.com/GAM-team/GAM/commit/4454e55b1e6a171826166325989e56353dfcf416
which cleans up some 13,000 lines of GData cruft, mostly around tlslite and very old authentication code which GAM should never be using.
I've also added commands to our GitHub Actions testing to create/list/delete domain shared contacts so we can continue to confirm we haven't broken those commands.
@taers232c https://github.com/taers232c can you please test and confirm this doesn't break anything else?
— Reply to this email directly, view it on GitHub https://github.com/GAM-team/GAM/issues/1656#issuecomment-1683986384, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACCTYL6IUNVSQ2QMYGII3RDXV52JPANCNFSM6AAAAAA3UDE5AQ . You are receiving this because you were mentioned.Message ID: @.***>
-- Ross Scroggs @.***
gdata is currently being used by 3 APIs:
each of these is in various states of deprecation and ideally we'd remove the gdata code from GAM because it's old, crufty and may have some security issues.
In the case of Contacts API, it's been replaced with the People API. @taers232c are you aware of any use cases where Contacts API is still needed?
In the case of Email Audit API, Google Vault is meant as the much more robust replacement but the Email Audit API is still used by some customers and was never turned down. For this I suggest we drop support from the current GAM release but customers wishing to use Email Audit API calls can continue to run old versions of GAM. Should something break we can always do a patch release to that old version.
In the case of Classic sites API, afaik Classic Sites is entirely turned down: https://workspaceupdates.googleblog.com/2022/11/migrate-classic-google-sites-by-january-30-2023.html @taers232c are you aware of any further usage / need for Classic Sites API?
Once we can replace / remove these 3 APIs we can cleanup the gdata folder(s) and eliminate a lot of crufty old code.