Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release v2.2.50 #2430

Merged
merged 44 commits into from
Oct 21, 2024
Merged

Release v2.2.50 #2430

merged 44 commits into from
Oct 21, 2024

Conversation

grossmj
Copy link
Member

@grossmj grossmj commented Oct 21, 2024

No description provided.

grossmj and others added 30 commits August 6, 2024 20:33
…-export fashion, can make copying projects many times faster
Support for custom MAC addresses in Docker containers
Run Docker containers with user namespaces enabled
Backport auxiliary console support for Qemu, Docker and Dynamips nodes
…upport

Revert "Backport auxiliary console support for Qemu, Docker and Dynamips nodes"
…-export fashion, can make copying projects many times faster
* `busybox --install` does not exist
* `sleep` does not take float values (e.g. 0.5).
Fix issues with recent busybox versions
os.remove(symlink_path)
os.symlink(symlink_target, symlink_path)
except OSError as e:
raise aiohttp.web.HTTPConflict(text=f"Cannot create symbolic link: {e}")

Check warning

Code scanning / CodeQL

Information exposure through an exception Medium

Stack trace information
flows to this location and may be exposed to an external user.

Copilot Autofix AI 3 months ago

To fix the problem, we should avoid including the raw exception message in the HTTP response. Instead, we can log the detailed error message on the server for debugging purposes and return a generic error message to the user. This approach ensures that sensitive information is not exposed while still allowing developers to diagnose issues.

  • Modify the exception handling in the _create_symbolic_links function to log the detailed error message.
  • Return a generic error message in the HTTP response to avoid exposing sensitive information.
Suggested changeset 1
gns3server/controller/import_project.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/gns3server/controller/import_project.py b/gns3server/controller/import_project.py
--- a/gns3server/controller/import_project.py
+++ b/gns3server/controller/import_project.py
@@ -195,3 +195,4 @@
             except OSError as e:
-                raise aiohttp.web.HTTPConflict(text=f"Cannot create symbolic link: {e}")
+                log.error(f"Cannot create symbolic link: {e}")
+                raise aiohttp.web.HTTPConflict(text="Cannot create symbolic link due to an internal error.")
 
EOF
@@ -195,3 +195,4 @@
except OSError as e:
raise aiohttp.web.HTTPConflict(text=f"Cannot create symbolic link: {e}")
log.error(f"Cannot create symbolic link: {e}")
raise aiohttp.web.HTTPConflict(text="Cannot create symbolic link due to an internal error.")

Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
else:
log.info("Fast duplication failed, fallback to normal duplication")
except Exception as e:
raise aiohttp.web.HTTPConflict(text="Cannot duplicate project: {}".format(str(e)))

Check warning

Code scanning / CodeQL

Information exposure through an exception Medium

Stack trace information
flows to this location and may be exposed to an external user.

Copilot Autofix AI 3 months ago

To fix the problem, we need to ensure that the exception message is not exposed to the user. Instead, we should log the detailed error message on the server and return a generic error message to the user. This can be achieved by modifying the exception handling code to log the exception and return a generic error message.

  • Modify the exception handling block to log the exception using the log object.
  • Return a generic error message to the user instead of the detailed exception message.
Suggested changeset 1
gns3server/controller/project.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/gns3server/controller/project.py b/gns3server/controller/project.py
--- a/gns3server/controller/project.py
+++ b/gns3server/controller/project.py
@@ -1069,3 +1069,4 @@
         except Exception as e:
-            raise aiohttp.web.HTTPConflict(text="Cannot duplicate project: {}".format(str(e)))
+            log.error("Error duplicating project: %s", str(e))
+            raise aiohttp.web.HTTPConflict(text="Cannot duplicate project due to an internal error.")
 
EOF
@@ -1069,3 +1069,4 @@
except Exception as e:
raise aiohttp.web.HTTPConflict(text="Cannot duplicate project: {}".format(str(e)))
log.error("Error duplicating project: %s", str(e))
raise aiohttp.web.HTTPConflict(text="Cannot duplicate project due to an internal error.")

Copilot is powered by AI and may make mistakes. Always verify output.
Unable to commit as this autofix suggestion is now outdated
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
@grossmj grossmj merged commit 97e5a5e into master Oct 21, 2024
13 of 14 checks passed
@grossmj grossmj deleted the 2.2 branch October 21, 2024 03:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants