-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
15/05/24 update existing company jobs #162
Conversation
Can you fix the run errors Dan? Looks like VCR may have got turned off somehow |
options = { headers: { 'Accept' => 'application/json' } } | ||
|
||
begin | ||
response = HTTParty.get(api_url, options) |
Check failure
Code scanning / CodeQL
Server-side request forgery Critical
user-provided value
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added sanitize url to patch this
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No changes required but cannot merge until Ilya's PR goes through as there will likely be a merge conflict
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Need to consider how we're going to get the invalid IDs csv out of Heroku
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are we still having standard application_field hashes or is this just for testing?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Super nice we can get this from the API!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How come the change to phone_number? Does that need to be reflected elsewhere?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Need to approve Ilya's updates in his prior PR before this can go through - make sure we're not losing any functionality in the cross-over
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Apologies if this was where the job_description error was
options = { headers: { 'Accept' => 'application/json' } } | ||
|
||
begin | ||
response = HTTParty.get(api_url, options) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added sanitize url to patch this
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added sanitize_url to fix this, although appreciate the risk is minimal
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wrapped the API calls in cassettes - previously were building but not calling them
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How come the change in API endpoint?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All good, no conflicts, merging
Cleaned up UpdateExistingCompanyJobs so it now uses #create_all_relevant_jobs and updates both ats_identifiers.csv and invalid_ids.csv when finished. Some bugfixes along the way and a few tweaks to CheckUrlIsValid to make json queries more tolerant of redirects, timeouts and other weird server responses.