From 2ea9c3d92ed2ada5e12e5c226c62a08181bf16ca Mon Sep 17 00:00:00 2001 From: Phileco <132178579+krishnprakash@users.noreply.github.com> Date: Mon, 17 Mar 2025 10:27:10 +0530 Subject: [PATCH 1/4] Potential fix for code scanning alert no. 3: Clear-text logging of sensitive information Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- public/cloudflare-one/static/authenticated-doh.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/public/cloudflare-one/static/authenticated-doh.py b/public/cloudflare-one/static/authenticated-doh.py index 746e4c70016f8b..33c4e6548bd080 100644 --- a/public/cloudflare-one/static/authenticated-doh.py +++ b/public/cloudflare-one/static/authenticated-doh.py @@ -146,7 +146,7 @@ def request(method, url, body): service_token_name = input('Please input name for service token > ') client_id, client_secret = request_create_service_token(service_token_name) print( - f"Created service token with client_id {client_id} and client_secret {client_secret}. You may want to save these secrets.") + f"Created service token with client_id {client_id}. Please save the client_secret securely.") if len(client_secret) == 0: From 789bb766e2594f5ba72bbecc1a6eb06acccf3011 Mon Sep 17 00:00:00 2001 From: Phileco <132178579+krishnprakash@users.noreply.github.com> Date: Mon, 17 Mar 2025 10:28:34 +0530 Subject: [PATCH 2/4] Potential fix for code scanning alert no. 1: Clear-text logging of sensitive information Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- public/cloudflare-one/static/authenticated-doh.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/public/cloudflare-one/static/authenticated-doh.py b/public/cloudflare-one/static/authenticated-doh.py index 746e4c70016f8b..4e3347c4995260 100644 --- a/public/cloudflare-one/static/authenticated-doh.py +++ b/public/cloudflare-one/static/authenticated-doh.py @@ -69,7 +69,8 @@ def request_doh_token(account_tag, user_id, client_id, client_secret): '-H', f"Cf-Access-Client-Id: {client_id}", '-H', f"Cf-Access-Client-Secret: {client_secret}"] if verbose: - print(f"Issuing request {' '.join(command)}") + sanitized_command = [part if "Cf-Access-Client-Secret" not in part else "Cf-Access-Client-Secret: [REDACTED]" for part in command] + print(f"Issuing request {' '.join(sanitized_command)}") response = json.loads(subprocess.check_output(command)) if verbose: print("Got response:") From c4007b260b2def62dd263aa36aa977894ef4eb56 Mon Sep 17 00:00:00 2001 From: Phileco <132178579+krishnprakash@users.noreply.github.com> Date: Mon, 17 Mar 2025 10:46:23 +0530 Subject: [PATCH 3/4] Potential fix for code scanning alert no. 26: Clear-text logging of sensitive information Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- public/cloudflare-one/static/authenticated-doh.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/public/cloudflare-one/static/authenticated-doh.py b/public/cloudflare-one/static/authenticated-doh.py index 8b851f976b1ef9..2315aaeef17ce4 100644 --- a/public/cloudflare-one/static/authenticated-doh.py +++ b/public/cloudflare-one/static/authenticated-doh.py @@ -146,8 +146,7 @@ def request(method, url, body): if client_id == "new": service_token_name = input('Please input name for service token > ') client_id, client_secret = request_create_service_token(service_token_name) - print( - f"Created service token with client_id {client_id}. Please save the client_secret securely.") + print("Created service token. Please save the client_secret securely.") if len(client_secret) == 0: From 36fcd16f7e7b52e88506b2f1187a731236b2c567 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Mar 2025 20:21:08 +0000 Subject: [PATCH 4/4] [Docs Site] Bump fast-xml-parser from 5.0.8 to 5.0.9 Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.0.8 to 5.0.9. - [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases) - [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md) - [Commits](https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.0.8...v5.0.9) --- updated-dependencies: - dependency-name: fast-xml-parser dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package-lock.json | 8 ++++---- package.json | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 78bcf020d71320..745cda3faa9dfa 100644 --- a/package-lock.json +++ b/package-lock.json @@ -49,7 +49,7 @@ "eslint-plugin-jsx-a11y": "6.10.2", "eslint-plugin-react": "7.37.4", "fast-glob": "3.3.3", - "fast-xml-parser": "5.0.8", + "fast-xml-parser": "5.0.9", "github-slugger": "2.0.0", "globals": "16.0.0", "hastscript": "9.0.1", @@ -9987,9 +9987,9 @@ "license": "BSD-3-Clause" }, "node_modules/fast-xml-parser": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-5.0.8.tgz", - "integrity": "sha512-qY8NiI5L8ff00F2giyICiJxSSKHO52tC36LJqx2JtvGyAd5ZfehC/l4iUVVHpmpIa6sM9N5mneSLHQG2INGoHA==", + "version": "5.0.9", + "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-5.0.9.tgz", + "integrity": "sha512-2mBwCiuW3ycKQQ6SOesSB8WeF+fIGb6I/GG5vU5/XEptwFFhp9PE8b9O7fbs2dpq9fXn4ULR3UsfydNUCntf5A==", "dev": true, "funding": [ { diff --git a/package.json b/package.json index 3cbb5e413e4bd5..ace7e111c1f864 100644 --- a/package.json +++ b/package.json @@ -67,7 +67,7 @@ "eslint-plugin-jsx-a11y": "6.10.2", "eslint-plugin-react": "7.37.4", "fast-glob": "3.3.3", - "fast-xml-parser": "5.0.8", + "fast-xml-parser": "5.0.9", "github-slugger": "2.0.0", "globals": "16.0.0", "hastscript": "9.0.1",