fix: more permissive type assertions #3692
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Pull Request Test Coverage Report for Build 854251439
💛 - Coveralls |
mdrichardson
approved these changes
May 17, 2021
stevengum
reviewed
May 18, 2021
stevengum
reviewed
May 18, 2021
| [activity.channelId, activity.conversation.id, `${formatTicks(activity.timestamp)}-${activity.id}.json`].join( | ||
| '/' | ||
| ) | ||
| [activity.channelId, activity.conversation.id, `${formatTicks(timestamp)}-${activity.id}.json`].join('/') |
There was a problem hiding this comment.
Not something for this PR, but in v5 the behavior around generating keys needs to be locked down and inputs need to be validated.
Are null, undefined, empty strings or whitespace-only strings valid for conversation IDs?
See microsoft/BotFramework-Composer#7854 for more details.
These can end up in serialized JSON transcripts as well, so to limit the chance of including connection strings or other secrets we should restrict their serialized forms.
joshgummersall
force-pushed
the
jpg/blobs-permissive-assertions
branch
from
62b1b5f to
d406699
Compare
|
In lieu of Github Actions (current status is degraded perf), I've manually run the same CI suite via Dev Ops. |
|
Merging as ADO CI passed. |
joshgummersall
added a commit
that referenced
this pull request
May 18, 2021
* fix: more permissive type assertions Fixes #3684 * fix: json serialization cycles (#3693) See microsoft/BotFramework-Composer#7854 for more details. * fix: limit serialized form of storage types These can end up in serialized JSON transcripts as well, so to limit the chance of including connection strings or other secrets we should restrict their serialized forms. Co-authored-by: Steven Gum <[email protected]>
joshgummersall
added a commit
that referenced
this pull request
May 18, 2021
* fix: more permissive type assertions Fixes #3684 * fix: json serialization cycles (#3693) See microsoft/BotFramework-Composer#7854 for more details. * fix: limit serialized form of storage types These can end up in serialized JSON transcripts as well, so to limit the chance of including connection strings or other secrets we should restrict their serialized forms. Co-authored-by: Steven Gum <[email protected]>
joshgummersall
added a commit
that referenced
this pull request
May 18, 2021
* fix: more permissive type assertions (#3692) * fix: more permissive type assertions Fixes #3684 * fix: json serialization cycles (#3693) See microsoft/BotFramework-Composer#7854 for more details. * fix: limit serialized form of storage types These can end up in serialized JSON transcripts as well, so to limit the chance of including connection strings or other secrets we should restrict their serialized forms. Co-authored-by: Steven Gum <[email protected]> * fix: two typos (#3696) Co-authored-by: Steven Gum <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #3684