Open evetsleep opened 1 year ago
Thanks for bringing this to our attention.
ConfirmImpact
is set to medium by the code generator. I've opened an issue at https://github.com/Azure/autorest.powershell/issues/1107 for ConfirmImpact
to be changed to high
for Remove-*
cmdlets.
Remove-*
cmdlets should ask for a confirmation prompt by default once https://github.com/Azure/autorest.powershell/issues/1107 is added.
Various commands, such as Remove-MgUser, do not flag the impact of the change as HIGH and therefore do not invoke the confirmation dialog.
For example, running
Remove-MgUser -UserId <objectId>
does not request the user confirm the change. I haven't done an exhaustive look at all cmdlets but this seems to be quite prevalent throughout the Microsoft.Graph identity related cmdlets. The default$confirmPreference
in Powershell is HIGH (both 5.x and 7.x). Remove actions should be considered HIGH by default.Looking at all the modules I could see, it looks like Microsoft has set the confirm impact as medium for all
Remove
cmdlets. Given that the Remove verb is meant to delete objects, this could be extremely dangerous and lead to accidental deletions. You could see this (at least with all the modules I'm using) like this:Is this by design? It's been a long standing best practice that remove actions should be set to HIGH to prevent accidental deletions (or minimize them). All the modules above are v1.21.0.
Thanks!