Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: validate hmac unconditionally #28372

Merged
merged 1 commit into from
Nov 12, 2021
Merged

fix: validate hmac unconditionally #28372

merged 1 commit into from
Nov 12, 2021

Conversation

ankush
Copy link
Member

@ankush ankush commented Nov 12, 2021

  • always check signature in webhook requests.

@codecov
Copy link

codecov bot commented Nov 12, 2021

Codecov Report

Merging #28372 (5ad50fb) into develop (829f92f) will increase coverage by 0.04%.
The diff coverage is n/a.

@@             Coverage Diff             @@
##           develop   #28372      +/-   ##
===========================================
+ Coverage    55.21%   55.26%   +0.04%     
===========================================
  Files         1119     1119              
  Lines        66549    66549              
===========================================
+ Hits         36744    36775      +31     
+ Misses       29805    29774      -31
Impacted Files Coverage Δ
..._integrations/connectors/woocommerce_connection.py 76.92% <ø> (ø)
erpnext/erpnext_integrations/utils.py 42.22% <ø> (ø)
.../hr/doctype/upload_attendance/upload_attendance.py 44.69% <0.00%> (-1.52%) ⬇️
erpnext/portal/utils.py 28.98% <0.00%> (-1.45%) ⬇️
.../report/accounts_receivable/accounts_receivable.py 67.83% <0.00%> (-0.44%) ⬇️
erpnext/selling/doctype/sales_order/sales_order.py 76.67% <0.00%> (-0.38%) ⬇️
erpnext/projects/doctype/project/project.py 53.73% <0.00%> (-0.36%) ⬇️
...stock/doctype/purchase_receipt/purchase_receipt.py 90.29% <0.00%> (ø)
erpnext/stock/stock_ledger.py 86.90% <0.00%> (+0.54%) ⬆️
erpnext/stock/report/stock_ageing/stock_ageing.py 93.43% <0.00%> (+0.72%) ⬆️
... and 10 more

@ankush ankush merged commit c0f06bc into frappe:develop Nov 12, 2021
@ankush ankush deleted the validate_hmac_always branch November 12, 2021 09:15
mergify bot pushed a commit that referenced this pull request Nov 12, 2021
@ankush
fix: validate hmac unconditionally (#28372)
f8c1140 
(cherry picked from commit c0f06bc)
@mergify mergify bot mentioned this pull request Nov 12, 2021
Merged
mergify bot pushed a commit that referenced this pull request Nov 12, 2021
@ankush
fix: validate hmac unconditionally (#28372)
c05fb17 
(cherry picked from commit c0f06bc)
@mergify mergify bot mentioned this pull request Nov 12, 2021
Merged
sagarvora pushed a commit that referenced this pull request Nov 12, 2021
@mergify @ankush
fix: validate hmac unconditionally (#28372) (#28374)
d44cab3 
(cherry picked from commit c0f06bc)

Co-authored-by: Ankush Menat <ankush@frappe.io>
conncampbell pushed a commit to conncampbell/erpnext that referenced this pull request Jan 9, 2022
@ankush
fix: validate hmac unconditionally (frappe#28372)
e67b9a4
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sagarvora sagarvora sagarvora approved these changes

@nextchamp-saqib nextchamp-saqib Awaiting requested review from nextchamp-saqib

Assignees
No one assigned
Labels
backport version-13-hotfix old-backport version-12-hotfix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@ankush @sagarvora