Don't surface insecure operations errors in VSCode.#8215
Merged
Conversation
rosalyntan
changed the title
hlshen
approved these changes
Feb 18, 2025
Contributor
|
The insecure linter error is helpful when it is correct. Q: any reasons that VS Code linter couldn't poll latest FDC sources to do the diff? As a more general approach, maybe the emulator should skip returning diff warnings when it couldn't fetch latest backend sources as opposed to report incorrect warnings. |
Member
Author
Polling the latest FDC sources will be done in b/396453481 -- this turns off the warnings until they're done as the existing INSECURE warnings are too noisy.
Yeah, though we'd need to differentiate between "couldn't fetch" due to NOT_FOUND, vs. other errors. |
tammam-g
pushed a commit
that referenced
this pull request
Mar 10, 2025
* Don't surface connector evolution or insecure operation issues in VSCode.' * Fix * Filter by "INSECURE" substring rather than warningLevel.
tammam-g
added a commit
that referenced
this pull request
Mar 11, 2025
* Helper functions and basic setup for dataconnect:sql:setup * Refactor setupIamUsers for better composability * FDC MVP brownfield and greenfield to brownfield schema setup * Add required logic inside schemaMigration for handling brownfield * Cleanup and fix bugs in brownfield setup * Use firebasesuperuser instead of cloudsqlsuper user for brownfield migration success * Add default permissions for brownfield * Fix lint/format * Refactor to allow setup reruns * Fix small things and address comments * Fix bug in role grants * Add logging that database setup completed * Make grant command not go through setup if roles can be granted in brownfield * bug fix from changing the getting schema owner command * Simplify getSchemaMetaData in permissions.ts * Fix log statement * Split permissions.ts into front facing permissions_setup.ts and keep backend permissions there * No need to ask user if they want to rerun greenfield setup * Make setupSQLPermissions return a setup status instead of a boolean * Change an if statment to switch statement * Keep upserting new user in grant command * Bump FDC local toolkit to v1.8.0. (#8210) * Bump FDC local toolkit to v1.8.0. * Update changelog. * First pass at auto generating sdk configs (#7833) * First pass at auto generating sdk configs * Fixed formatting issues * Removed extra command * Deleted unnecessary files * Fixed more linting' * Removed test assertion * Fixed formatting * Updated erros * Misc * Updated platforms list * Undid last changes * Addressed comments * Fixed client test * Driveby type fixing * missed a spot * Fixed test * Fix issue where if a user passes in an empty 'out' parameter, the CLI crashes * Added intelligent sensing where app should be * Fixed formatting * Fixed lint * Fixed app dir * Misc * Wrote tests * Reverted apps sdkconfig changes * Fixed formatting * Small changes * Revert shrinkwrap changes * Updated test:management script * Fixed apps-sdkconfig boolean check * Fixed more boolean * Fixed formatting * Added changelog * Added new options * Removed unused var * Added experimental flag * Moved apps:init behind a flag * Added apps:init command * Removed unnecessary experiments * Addressed comments --------- Co-authored-by: Joe Hanley <joehanley@google.com> * 13.31.0 * [firebase-release] Removed change log and reset repo after 13.31.0 release * FDC Emulator Update v1.8.1(#8216) * 13.31.1 * [firebase-release] Removed change log and reset repo after 13.31.1 release * Update formatting of connector evolution and insecure operation issues. (#8204) * Format INTERACTIVE_ACK issues as table as well and add extra "type" column to table. * Update warning and prompt wording to reflect insecure operations as well as connector evolution issues. * Wording. * Sort issues in table by category and some formatting fixes. * Use correct import path for data connect emulator (#8220) * Use correct import path for data connect emulator * Actually fix it this time * fix the thing i broke and format * Update src/emulator/dataconnect/pgliteServer.ts Co-authored-by: Maneesh Tewani <maneesht@users.noreply.github.com> --------- Co-authored-by: Maneesh Tewani <maneesht@users.noreply.github.com> * Don't surface insecure operations errors in VSCode. (#8215) * Don't surface connector evolution or insecure operation issues in VSCode.' * Fix * Filter by "INSECURE" substring rather than warningLevel. * Add path information to formatted GraphqlError. (#8228) * App Hosting Emulator bug - apphosting emulator info is not complete when env vars for emulators are set (#8231) * fix bug where apphosting emulator info is not complete when env vars for other emulators are set * add proper fix and test * fix * remove async from non-async test func * address comments * Bump FDC local toolkit to v1.8.2. (#8232) * Bump FDC local toolkit to v1.8.2. * Update changelog. * 13.31.2 * [firebase-release] Removed change log and reset repo after 13.31.2 release * fix: #8168 - enforce webframeworks only when needed (#8169) * fix: #8168 - enforce webframeworks only when needed In deployments where `--only hosting:boo` is used, enforce webframeworks enablement only when the target actually uses webframeworks. * remove console * add changelog, add tests * Add matchesHostingTarget to improve readability --------- Co-authored-by: Chalo Salvador <chalo@monogram.io> * Added env var to magically import data connect service from console (#8237) * Added env var to magically import data connect service from console * actually check location too * formats * Formats * Add initial delay when loading python functions (#8239) * Improve robustness of function discovery for python Anecdotally, python function discovery is flakey. We propose 2 change in this PR: 1. For python discovery, add a small initial delay for python's admin server to boot. 2. Add a request timeout to retry call to retrieve trigger information. Previously, the default timeout would've been set to OS-level TCP timeout, which in my laptop was between 20~30s. * Add changelog. * Remove per-req timeout to accomodate loading large/slow main.py. * Update changelog. * Revert timeout bump. * Update vscode to 0.13.1 (#8236) * update vscode to 0.13.1 * remove changelog line * Propagate overrides (#8253) * Apply ajv and ajv-formats overrides to shrinkwrap * Apply whatwg-url override to shrinkwrap * npm i to stabilize shrinkwrap --------- Co-authored-by: Joe Hanley <joehanley@google.com> * Print warning about --location removal from apphosting commands. (#8229) `--location` will be removed from apphosting commands in the next major CLI release. Before then, the CLI will print a warning about this removal whenever `--location` is used. * Fix issue where apps:init breaks on app creation (#8258) * Rename MetaData to Metadata * Change setup to set up in firebase error * Improve logger message * Fix bugs in brownfield setup status checks * fix lint issues --------- Co-authored-by: Rosalyn Tan <rosalyntan@google.com> Co-authored-by: Maneesh Tewani <maneesht@users.noreply.github.com> Co-authored-by: Joe Hanley <joehanley@google.com> Co-authored-by: Google Open Source Bot <firebase-oss-bot@google.com> Co-authored-by: Mathusan Selvarajah <mathusans52@gmail.com> Co-authored-by: Philip Su <39933441+fivecar@users.noreply.github.com> Co-authored-by: Chalo Salvador <chalo@monogram.io> Co-authored-by: Daniel Lee <danielylee@google.com> Co-authored-by: Harold Shen <hlshen@google.com> Co-authored-by: Sarah Clark <seclark@nextquestion.net> Co-authored-by: annajowang <31288696+annajowang@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Currently, VSCode is flagging insecure operation errors in the editor. However, these errors are not currently accurate since the connector source isn't being compared against a deployed source, and can't differentiate between existing insecure operations and new insecure operations. This PR suppresses insecure operation issues in VSCode for now.
Scenarios Tested
Sample Commands