Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: retire les données potentiellement sensibles de sentry #1845

Merged
merged 2 commits into from
Feb 8, 2024
Merged

fix: retire les données potentiellement sensibles de sentry #1845

merged 2 commits into from
Feb 8, 2024

Conversation

arnaudambro
Copy link
Contributor

@arnaudambro arnaudambro commented Feb 1, 2024
edited
Loading

Remarque: tous les capture que j'ai touché n'ont pas été remontés dans Sentry depuis au moins 90 jours, et certains ne l'ont jamais été
Remarque 2: là normalement, on a plus AUCUNE donnée potentiellement sensible dans sentry - qu'on s'était donné le droit de remonter pour mieux débugger, en période de rodage

@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

rap2hpoutre
rap2hpoutre approved these changes Feb 1, 2024
View reviewed changes
Copy link
Member

@rap2hpoutre rap2hpoutre left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok c'est bon pour moi, donc simplement : on vire extra presque partout (sauf pour y mettre des IDs)

Est-ce qu'il n'y a pas aussi le problème du contexte ? En effet, on envoie toute l'orga dont encryptedVerificationKey qui peut être flippant et toutes les teams, alors qu'on a ces infos en clair pour nous dans la DB. Donc pas besoin de les leaker. Qu'en penses-tu ?

@arnaudambro arnaudambro force-pushed the fix/remove-potentially=sensitive-content-from-sentry branch from 22cfdc5 to 512f072 Compare February 8, 2024 08:01
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Feb 8, 2024

Quality Gate Passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 8, 2024

🎉 Deployment for commit 512f072 :

Ingresses
Docker images
  • 📦 docker pull harbor.fabrique.social.gouv.fr/mano/mano/api:sha-512f072bc248e72430024e2f3349002bda3cac21
  • 📦 docker pull harbor.fabrique.social.gouv.fr/mano/mano/dashboard:sha-512f072bc248e72430024e2f3349002bda3cac21
  • 📦 docker pull harbor.fabrique.social.gouv.fr/mano/mano/www:sha-512f072bc248e72430024e2f3349002bda3cac21
Debug

@arnaudambro arnaudambro merged commit c9044e6 into main Feb 8, 2024
10 checks passed
@arnaudambro arnaudambro deleted the fix/remove-potentially=sensitive-content-from-sentry branch February 8, 2024 13:57
@SocialGroovyBot
Copy link
Member

🎉 This PR is included in version 1.304.5 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rap2hpoutre rap2hpoutre rap2hpoutre approved these changes

Assignees

@arnaudambro arnaudambro

Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@arnaudambro @SocialGroovyBot @rap2hpoutre