search

newrelic / nr1-github

NR1 Github allows you to create more context to your entities by having access to the GitHub repository, contributors and README.
https://github.com/newrelic/nr1-github/discussions
Apache License 2.0
19 stars 27 forks source link

fix: changed ability to see other users GitHub PAT #72

Closed rudouglas closed 3 years ago

rudouglas commented 3 years ago

If a users PAT has been saved to NerdStorage for a specific entity on public GitHub, and another user changes the URL to a GitHub Enterprise one, they were able to see the other users PAT which is a security issue. Now if any user changes the URL to a GitHub Enterprise one, it will delete the saved PAT and won't perform an authentication check until they input a new PAT.

I also added a Tooltip to warn users that this deletion will occur

CLAassistant commented 3 years ago

CLA assistant check
All committers have signed the CLA.

douglasday commented 3 years ago

LGTM at a quick glance. Will be testing it out in production once it's live.

nr-opensource-bot commented 3 years ago

:tada: This PR is included in version 0.6.10 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket: