Closed FStefanni closed 1 year ago
I don't think we need to be tracking the dependabot PRs, those will be made for us automatically, plus reduce the clutter
Hi,
I agree. This was just to have a complete log of currently open pr's. Basically, this is just a one time stuff, just to be sure to not miss anything. But if you prefer, I can just delete the lines.
Regards.
Hi,
there are some pr referring to the v5-dev
branch (typescript).
I believe they are no more useful, since probably the new Typescript implementation will start from the current master
branch, which is more up-to-date (the old v5-dev
could be just of inspiration on how to translate).
If you agree, I mark them as "fixed".
involved points so far:
Regards.
Thanks a lot for the list @FStefanni :+1:
Please note to read our contributions guidelines before opening a PR and use the PR Template, so we all have an easier reviewing and PR process.
By the way is there a way to write tests to validate the rst
definitions?
@FStefanni do you mind adding your review to #93 and #94 ?
Hi,
I commented directly in the two pr.
Regards.
I checked of number 7 since that pull request makes no sense and even makes it worse. We already have our own issue that addresses the old issue. #104
Can we update this list to see what exactly is still missing? Also we should discuss, whether these should be part of v5 or if they should already be published sooner, for example in a 4.3.0 release or something,
Hi,
this is a list of original project pr still open, to be analyzed and possibly integrated in this code base.
scope
does not contains non-validated scopes, and this missing check could lead to potential security risks. So I suggest to implement a check to ensure the passed request scope object is a "subset" of validated scopes (or, as alternative, a method which removes invalid scopes).model.revokeToken()
method implementation optional. So the pr could be accepted, even if it is not strictly useful (it is possible to implement the method with an empty body, or maybe with a default implementation inside a "model" base class). Therefore I am not proposing a pr for this.v5-dev
(typescript). Probably no more useful.v5-dev
, and claims it is already fixed in other branches. So it is useless.v5-dev
branch, the client object seems to have aid
member, and not aclientId
member. Written into the original pr to have feedback.dev
branch. Even if the pr seems not strictly useful right now, it shows that the originaldev
branch could contain some interesting improvements, worth to merge in this code base. To be further analyzed.v5-dev
(typescript). Probably no more useful.getRedirectUri()
method implementation. Probably, just removing|| client.redirectUris[0]
will fix all the issues. But I am not completely sure about this: I do not know the standard and the code so well...The list will be upgraded to track the ongoing process of integrating the pr's.
Regards.