Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(cloud-native): sync assets for OCI images #8778

Merged
merged 3 commits into from
Jun 25, 2024

Merge branch 'main' into cn-sync-assets

4477fc9
Select commit
Loading
Failed to load commit list.
Merged

chore(cloud-native): sync assets for OCI images #8778

Merge branch 'main' into cn-sync-assets
4477fc9
Select commit
Loading
Failed to load commit list.
DryRunSecurity / Authn/Authz Analyzer succeeded Jun 25, 2024 in 4s

DryRun Security

Details

Authn/Authz Analyzer Findings: 1 detected

⚠️ Potential Authn/Authz Function Used or Modified docker-jans-config-api/scripts/upgrade.py (click for details)
Type Potential Authn/Authz Function Used or Modified
Description The code contains a configuration parameter named 'acrValidationEnabled', which suggests the presence of some form of authorization or access control validation. This parameter likely controls whether the application performs validation of user access or roles before allowing certain actions or access to resources.
Filename docker-jans-config-api/scripts/upgrade.py
CodeLink

jans/docker-jans-config-api/scripts/upgrade.py

Lines 60 to 66 in 4477fc9

("disableAuditLogger", False),
("assetMgtConfiguration", {}),
("maxCount", 200),
("acrValidationEnabled", True),
]:
if missing_key not in conf:
conf[missing_key] = value
View more details on DryRunSecurity