-
Notifications
You must be signed in to change notification settings - Fork 7.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(core): Add credential runtime checks and prevent tampering in manual run #4481
feat(core): Add credential runtime checks and prevent tampering in manual run #4481
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work. I think the only necessary change was the one I've mentioned in Linear, where we need to make sure the current user did not tamper the request by changing existing nodes with credentials they don't have access to, neither adding credentials they shouldn't access.
}); | ||
} | ||
|
||
private static mapCredIdsToNodes(workflow: Workflow) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I loved the creation of this function, this is very useful in so many places.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Got released with |
No description provided.