New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: [util/dex|glob] Add security logging #10455
Conversation
Codecov ReportBase: 45.76% // Head: 45.68% // Decreases project coverage by
Additional details and impacted files@@ Coverage Diff @@
## master #10455 +/- ##
==========================================
- Coverage 45.76% 45.68% -0.08%
==========================================
Files 233 236 +3
Lines 28401 28670 +269
==========================================
+ Hits 12998 13099 +101
- Misses 13629 13779 +150
- Partials 1774 1792 +18
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
Thanks @my-git9 Can you please elaborate a little on the security impact of these errors, i.e. why should they emit a security log event? Thanks! |
|
Yes, thanks, I'm aware of this. I was just wondering how the parts of the code you are adding it to are relevant to emit security logging? Just trying to understand the reasoning behind this particular change. |
The dex error I can see being useful for security logging - dex is a wholly security-related service. However, logging any time a glob fails to compile anywhere in our codebase doesn't seem security-related. |
I see, I'll tweak the code a bit |
@notfromstatefarm @jannfis I'm sorry, I don't know enough about security logs. Can you think of this? |
Signed-off-by: xin.li <xin.li@daocloud.io>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @my-git9!
Signed-off-by: xin.li <xin.li@daocloud.io> Signed-off-by: xin.li <xin.li@daocloud.io>
[util/dex|glob] Add security logging
Checklist: