Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#13619 secure parameter linter fix #13717

Merged
merged 3 commits into from Apr 3, 2024
Merged

#13619 secure parameter linter fix #13717

merged 3 commits into from Apr 3, 2024

Conversation

davidlloyduk
Copy link
Contributor

@davidlloyduk davidlloyduk commented Mar 25, 2024
edited

Fixes #13619

What was happening was that the linter rule was falling into the default behaviour and using the default error string as it wasn't checking it was a variable assignment. Added 1 unit test to cover the basic premise of the lint rule failure.

One thing which did occur to me was that assignment of the secure parameter to a variable which is a hardcoded string isnt caught - but seemed like it should be a lint rule in of itself? Thoughts?

eg.

var blah string = 'something'

@secure()
param myparam string = blah

Should we overcomplicate the lint rule to find a reassignment of a secure parameter? Seems an illogical but valid thing to do though

@davidlloyduk
Copy link
Contributor Author

@microsoft-github-policy-service agree

@davidlloyduk davidlloyduk changed the title #13619 SecureParameter linter fix #13619 secure parameter linter fix Mar 25, 2024
@davidlloyduk davidlloyduk force-pushed the 13619_secureparam_linter_warning branch from b7e0578 to 3ee6379 Compare March 28, 2024 14:15
@codecov-commenter
Copy link

codecov-commenter commented Mar 28, 2024
edited

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 7.71%. Comparing base (108d816) to head (312a7db).
Report is 315 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@             Coverage Diff             @@
##             main   #13717       +/-   ##
===========================================
- Coverage   94.28%    7.71%   -86.57%     
===========================================
  Files        1113        7     -1106     
  Lines      100791      350   -100441     
  Branches     8734      127     -8607     
===========================================
- Hits        95028       27    -95001     
+ Misses       4595      323     -4272     
+ Partials     1168        0     -1168
Flag Coverage Δ
dotnet ?
typescript 7.71% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

see 1106 files with indirect coverage changes

@anthony-c-martin
Copy link
Member

Thank you for fixing this!

@anthony-c-martin anthony-c-martin enabled auto-merge (squash) April 3, 2024 19:46
@anthony-c-martin anthony-c-martin merged commit 2094f3b into Azure:main Apr 3, 2024
37 checks passed
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Apr 3, 2024

Test this change out locally with the following install scripts (Action run 8544728506)

VSCode
  • Mac/Linux 
    bash <(curl -Ls https://aka.ms/bicep/nightly-vsix.sh) --run-id 8544728506
  • Windows 
    iex "& { $(irm https://aka.ms/bicep/nightly-vsix.ps1) } -RunId 8544728506"
Azure CLI
  • Mac/Linux 
    bash <(curl -Ls https://aka.ms/bicep/nightly-cli.sh) --run-id 8544728506
  • Windows 
    iex "& { $(irm https://aka.ms/bicep/nightly-cli.ps1) } -RunId 8544728506"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeskew jeskew jeskew left review comments

@anthony-c-martin anthony-c-martin anthony-c-martin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Warning about hardcoded secure parameter when that parameter is parsed from another secure parameter
4 participants
@davidlloyduk @codecov-commenter @anthony-c-martin @jeskew