Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix 7200 #7272

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

fix 7200 #7272

wants to merge 1 commit into from

Conversation

timini
Copy link

@timini timini commented Oct 23, 2024

Status

Ready for review / Work in progress

Description of Changes

Fixes #7200

Changes proposed in this pull request:

Testing

How should the reviewer test this PR?
Write out any special testing steps here.

Deployment

Any special considerations for deployment? Consider both:

  1. Upgrading existing production instances.
  2. New installs.

Checklist

If you made changes to the server application code:

  • Linting (make lint) and tests (make test) pass in the development container

If you made changes to securedrop-admin:

  • Linting and tests (make -C admin test) pass in the admin development container

If you made changes to the system configuration:

If you added or removed a file deployed with the application:

  • I have updated AppArmor rules to include the change

If you made non-trivial code changes:

  • I have written a test plan and validated it for this PR

Choose one of the following:

  • I have opened a PR in the docs repo for these changes, or will do so later
  • I would appreciate help with the documentation
  • These changes do not require documentation

If you added or updated a reference to a production code dependency:

Production code dependencies are defined in:

  • admin/requirements.in
  • admin/requirements-ansible.in
  • securedrop/requirements/python3/requirements.in
  • securedrop/requirements/python3/translation.in (used in the build
    container)

If you changed another requirements.in file that applies only to development
or testing environments, then no diff review is required, and you can skip
(remove) this section.

Choose one of the following:

  • I have performed a diff review and pasted the contents to the packaging wiki
  • I would like someone else to do the diff review
  • I am silencing an alert related to a production dependency, because (please explain below):

@timini timini requested a review from a team as a code owner October 23, 2024 13:38
legoktm
legoktm reviewed Oct 29, 2024
View reviewed changes
Copy link
Member

@legoktm legoktm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @timini, sorry about the delay in reviewing, thanks for the PR! I left one inline question about the first comment you removed, the rest looks good.

admin/securedrop_admin/__init__.py
@@ -1057,40 +1057,29 @@ def update(args: argparse.Namespace) -> int:
# Check if any strings in good_sig_text match against gpg_lines[]
good_sig_matches = [s for s in gpg_lines if any(xs in s for xs in good_sig_text)]

# To ensure that an adversary cannot name a malicious key good_sig_text
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a reason you removed this comment?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@legoktm legoktm legoktm left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
SecureDrop dev cycle
Status: Under Review
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

securedrop-admin update returns indistinguishable error messages for distinct error conditions
2 participants
@timini @legoktm