fix: put security message into the Generator's tooltip #553
Conversation
ira-gordin-sap
commented
Apr 11, 2021
•
ira-gordin-sap
commented
packages/backend/src/messages.ts
Outdated
| @@ -1,5 +1,5 @@ | |||
| const selectGeneratorQuestionHint = | |||
| "Select the generator that best fits the type of application you want to develop"; | |||
| "When you create a project using a template, you become the code owner and as such, you are responsible for any updates or fixes that must be performed for it. We recommend you follow the industry best practice to use automated vulnerability scanning in the CI/CD pipeline to avoid supply chain and other cyber-attacks."; | |||
There was a problem hiding this comment.
We recommend you to follow the software security industry best practice, to use automated vulnerability scanning in the CI/CD pipeline to avoid supply chain attack and other cyber-attacks.";
There was a problem hiding this comment.
To remove the first sentence or only to fix the second?
|
|
||
| By default, VS Code auto-updates extensions as new versions become available as explained in https://code.visualstudio.com/docs/supporting/faq#_how-do-i-opt-out-of-vs-code-autoupdates. | ||
| In case the auto-update is disabled in your VS Code, you should care to update the extension manually to the latest version in order to avoid supply chain and other cyber-attacks. | ||
|
|
There was a problem hiding this comment.
In case the auto-update is disabled in your VS Code, you should care to frequently update the extension manually to the latest version in order to avoid supply chain attack and other cyber-attacks.
There was a problem hiding this comment.
If auto-update is disabled in your VS Code, you should update the extension manually to the latest version frequently to avoid supply-chain attacks an other cyberattacks.
packages/backend/src/messages.ts
Outdated
| @@ -1,5 +1,5 @@ | |||
| const selectGeneratorQuestionHint = | |||
| "Select the generator that best fits the type of application you want to develop"; | |||
| "When you create a project using a template, you become the code owner and as such, you are responsible for any updates or fixes that must be performed for it. We recommend you follow the industry best practice to use automated vulnerability scanning in the CI/CD pipeline to avoid supply chain and other cyber-attacks."; | |||
There was a problem hiding this comment.
When you create a project using a template, you become the code owner and, as such, you are responsible for any required updates or fixes. We recommend following the industry best practice to use automated vulnerability scanning in the CI/CD pipeline to avoid supply-chain and other cyberattacks.
…mprovements * origin/master: fix: put security message into the Generator's tooltip (SAP#553) chore: bump copy-webpack-plugin from 6.4.1 to 8.1.1 in /packages/backend (SAP#555) refactor: require 'chalk' as const chore: bump @types/object-hash from 1.3.4 to 2.1.0 in /packages/backend (SAP#561) chore: bump webpack from 5.25.0 to 5.33.2 in /packages/backend (SAP#560) chore: bump string-replace-loader in /packages/backend (SAP#559)
