This is an automated email from the ASF dual-hosted git repository.
klesh pushed a change to branch copilot/fix-vulnerability
in repository https://gitbox.apache.org/repos/asf/incubator-devlake.git
omit e9e85297a fix: require secret for forwarded user auth
add ecb703c8e fix: Multiple credential-leak paths in gitextractor (#8872)
add c413ebc6c fix(asana): implement encryption for Asana connection token
(#8873)
add f03b83df5 fix: harden dbt pipeline inputs (#8878)
add c057341d1 feat(push-api): implement push API with authentication and
validation logic (#8879)
add 1cd3fb5b2 fix: require secret for forwarded user auth
This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version. This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:
* -- * -- B -- O -- O -- O (e9e85297a)
\
N -- N -- N refs/heads/copilot/fix-vulnerability (1cd3fb5b2)
You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.
Any revisions marked "omit" are not gone; other references still
refer to them. Any revisions marked "discard" are gone forever.
No new revisions were added by this update.
Summary of changes:
backend/helpers/oidchelper/config.go | 24 ++--
backend/helpers/oidchelper/config_test.go | 47 ++++++++
backend/plugins/asana/models/connection.go | 2 +-
.../20260509000001_encrypt_connection_token.go | 82 +++++++++++++
.../asana/models/migrationscripts/register.go | 1 +
backend/plugins/dbt/dbt.go | 1 -
backend/plugins/dbt/impl/impl.go | 18 ++-
backend/plugins/dbt/tasks/convertor.go | 1 +
backend/plugins/dbt/tasks/git.go | 24 ++--
backend/plugins/dbt/tasks/options.go | 132 +++++++++++++++++++++
backend/plugins/dbt/tasks/options_test.go | 110 +++++++++++++++++
backend/plugins/dbt/tasks/task_data.go | 3 +
backend/plugins/gitextractor/README.md | 8 +-
.../plugins/gitextractor/parser/clone_gitcli.go | 67 ++++++++---
backend/server/api/api.go | 5 +-
backend/server/api/auth/auth.go | 16 +--
backend/server/api/auth/middleware.go | 8 +-
backend/server/api/middlewares.go | 51 +++++++-
backend/server/api/middlewares_test.go | 74 ++++++++++++
backend/server/api/push/README.md | 8 +-
backend/server/services/pushapi.go | 21 +---
backend/server/services/pushapiaccess/access.go | 54 +++++++++
.../server/services/pushapiaccess/access_test.go | 70 +++++++++++
backend/test/helper/client.go | 4 +
.../components/advanced-editor/example/dbt.ts | 2 +-
env.example | 14 ++-
26 files changed, 771 insertions(+), 76 deletions(-)
create mode 100644
backend/plugins/asana/models/migrationscripts/20260509000001_encrypt_connection_token.go
create mode 100644 backend/plugins/dbt/tasks/options.go
create mode 100644 backend/plugins/dbt/tasks/options_test.go
create mode 100644 backend/server/api/middlewares_test.go
create mode 100644 backend/server/services/pushapiaccess/access.go
create mode 100644 backend/server/services/pushapiaccess/access_test.go