chore: Fixed Security Vulnerablities #671
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* model deployment when reusing existing foundry * change model deployment name * removed system managed identity code * seggregated the files * fix: Updated file names * chore: down merging main into dev (microsoft#638) * fixed opent telemetry issue CustomDomainInUse, FlagMustBeSetForRestore (microsoft#618) (microsoft#619) Co-authored-by: VishalS-Microsoft <v-vishshinde@microsoft.com> * directory update in dependabot template (microsoft#634) --------- Co-authored-by: NirajC-Microsoft <v-nirajcha@microsoft.com> Co-authored-by: VishalS-Microsoft <v-vishshinde@microsoft.com> Co-authored-by: Prajwal-Microsoft <v-dcprajwal@microsoft.com> * added for cross-subscription existing AI project resource ID * update * fix: agent cleanup (microsoft#639) * Agent deletion handled successfully * use get azure credentials * remove unused import --------- Co-authored-by: Shreyas-Microsoft <v-swaikar@microsft.com> * TS( 21657) Bicep Standard code changes * Added required env variables for local debugging in .env generated by azd up * Added "Required/Optional" and changed aiProjectName suffix. * removed location tag * foundry project documentation * corrected name * updated CAdeploy.yml * update CAdeploy.yml * changed pipeline variable * updated main.json file * updated yml file * test * test * update * update * test * update CAdeploy.yml * CustomizingAzdparamMd * deploymentMdUpdate * Updated * Update infra/main.bicep Fixed typo error. Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update src/App/backend/plugins/chat_with_data_plugin.py Updated the finally block for function "get_SQL_Response" Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update infra/main.bicep Removed Commented-out code Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Revert Copilot suggestion: `and project_client` is unnecessary. `project_client` is always initialized before thread creation, so `if thread:` is sufficient. * docs: Added Troubleshoot.md files for BYOC-Client Advisor (microsoft#650) * Added Troubleshoot.md files for BYOC-Client Advisor * fixed Check Markdown Broken Links * updated troubleshotingsteps file * Changed MACAE Github issues link with BYOC issue link --------- Co-authored-by: NirajC-Microsoft <v-nirajcha@microsoft.com> * added colon Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Replace 'u' with 'you' for proper grammarUpdate docs/TroubleShootingSteps.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * extra space removed Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * The command block is not properly closed Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * The command should be wrapped in a proper code block with language identifier for better formatting and readability. Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * The total asset value and current asset value are responding correctly, and the total value matches the asset value displayed in the left panel. (microsoft#651) * Bicep file changes to add CreatedBy tag (microsoft#655) * Update docs/TroubleShootingSteps.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * fix: Adding a hardcoded createdBy parameter to the CAdeploy.yml file to prevent validation pipeline failures caused by the deployer function in the Bicep file. (microsoft#659) * Adding a hardcoded createdBy parameter to the CAdeploy.yml file to prevent validation pipeline failures caused by the deployer function in the Bicep file. * Consolidate parameters in CAdeploy.yml --------- Co-authored-by: Priyanka-Microsoft <v-prisinghal@microsoft.com> Co-authored-by: Prajwal D C <v-dcprajwal@microsoft.com> Co-authored-by: Rafi-Microsoft <v-rafmd@microsoft.com> Co-authored-by: VishalS-Microsoft <v-vishshinde@microsoft.com> Co-authored-by: Kanchan Nagshetti (Persistent Systems Inc) <v-knagshetti@microsoft.com> Co-authored-by: Shreyas-Microsoft <v-swaikar@microsoft.com> Co-authored-by: Shreyas-Microsoft <v-swaikar@microsft.com> Co-authored-by: Bangarraju-Microsoft <v-golib@microsoft.com> Co-authored-by: Prasanjeet-Microsoft <v-singhprasa@microsoft.com> Co-authored-by: UtkarshMishra-Microsoft <v-utkamishra@microsoft.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Roopan P M <v-roopanpm@microsoft.com> Co-authored-by: Prekshith-Microsoft <v-pdj@microsoft.com> Co-authored-by: Roopan-Microsoft <168007406+Roopan-Microsoft@users.noreply.github.com>
* model deployment when reusing existing foundry * change model deployment name * removed system managed identity code * seggregated the files * fix: Updated file names * chore: down merging main into dev (microsoft#638) * fixed opent telemetry issue CustomDomainInUse, FlagMustBeSetForRestore (microsoft#618) (microsoft#619) Co-authored-by: VishalS-Microsoft <v-vishshinde@microsoft.com> * directory update in dependabot template (microsoft#634) --------- Co-authored-by: NirajC-Microsoft <v-nirajcha@microsoft.com> Co-authored-by: VishalS-Microsoft <v-vishshinde@microsoft.com> Co-authored-by: Prajwal-Microsoft <v-dcprajwal@microsoft.com> * added for cross-subscription existing AI project resource ID * update * fix: agent cleanup (microsoft#639) * Agent deletion handled successfully * use get azure credentials * remove unused import --------- Co-authored-by: Shreyas-Microsoft <v-swaikar@microsft.com> * TS( 21657) Bicep Standard code changes * Added required env variables for local debugging in .env generated by azd up * Added "Required/Optional" and changed aiProjectName suffix. * removed location tag * foundry project documentation * corrected name * updated CAdeploy.yml * update CAdeploy.yml * changed pipeline variable * updated main.json file * updated yml file * test * test * update * update * test * update CAdeploy.yml * CustomizingAzdparamMd * deploymentMdUpdate * Updated * Update infra/main.bicep Fixed typo error. Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update src/App/backend/plugins/chat_with_data_plugin.py Updated the finally block for function "get_SQL_Response" Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update infra/main.bicep Removed Commented-out code Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Revert Copilot suggestion: `and project_client` is unnecessary. `project_client` is always initialized before thread creation, so `if thread:` is sufficient. * docs: Added Troubleshoot.md files for BYOC-Client Advisor (microsoft#650) * Added Troubleshoot.md files for BYOC-Client Advisor * fixed Check Markdown Broken Links * updated troubleshotingsteps file * Changed MACAE Github issues link with BYOC issue link --------- Co-authored-by: NirajC-Microsoft <v-nirajcha@microsoft.com> * added colon Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Replace 'u' with 'you' for proper grammarUpdate docs/TroubleShootingSteps.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * extra space removed Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * The command block is not properly closed Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * The command should be wrapped in a proper code block with language identifier for better formatting and readability. Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * The total asset value and current asset value are responding correctly, and the total value matches the asset value displayed in the left panel. (microsoft#651) * Bicep file changes to add CreatedBy tag (microsoft#655) * Update docs/TroubleShootingSteps.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * fix: Adding a hardcoded createdBy parameter to the CAdeploy.yml file to prevent validation pipeline failures caused by the deployer function in the Bicep file. (microsoft#659) * Adding a hardcoded createdBy parameter to the CAdeploy.yml file to prevent validation pipeline failures caused by the deployer function in the Bicep file. * Consolidate parameters in CAdeploy.yml --------- Co-authored-by: Priyanka-Microsoft <v-prisinghal@microsoft.com> Co-authored-by: Prajwal D C <v-dcprajwal@microsoft.com> Co-authored-by: Rafi-Microsoft <v-rafmd@microsoft.com> Co-authored-by: NirajC-Microsoft <v-nirajcha@microsoft.com> Co-authored-by: VishalS-Microsoft <v-vishshinde@microsoft.com> Co-authored-by: Kanchan Nagshetti (Persistent Systems Inc) <v-knagshetti@microsoft.com> Co-authored-by: Shreyas-Microsoft <v-swaikar@microsoft.com> Co-authored-by: Shreyas-Microsoft <v-swaikar@microsft.com> Co-authored-by: Bangarraju-Microsoft <v-golib@microsoft.com> Co-authored-by: Prasanjeet-Microsoft <v-singhprasa@microsoft.com> Co-authored-by: UtkarshMishra-Microsoft <v-utkamishra@microsoft.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Prekshith-Microsoft <v-pdj@microsoft.com>
Kanchan-Microsoft
requested review from
Avijit-Microsoft,
Prajwal-Microsoft,
Roopan-Microsoft,
Vinay-Microsoft and
aniaroramsft
as code owners
Roopan-Microsoft
approved these changes
Sep 17, 2025
|
🎉 This PR is included in version 1.9.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Purpose
This pull request introduces several improvements across infrastructure, deployment workflows, documentation, and frontend dependencies. The main changes add better tracking of deployment authorship, update documentation for clarity, and upgrade a frontend dependency.
Infrastructure and Deployment:
createdByparameter to theinfra/main.biceptemplate, which records the deploying user's name (or leaves it blank if not available), and propagates this value to theCreatedBytag in resource group tags. This enhances traceability of deployments..github/workflows/CAdeploy.ymlto pass a staticcreatedBy="Pipeline"parameter to the Bicep deployment, ensuring deployments triggered by the pipeline are properly tagged.Documentation:
ParentResourceNotfoundtoParentResourceNotFound, and added a line break for improved readability.Frontend Dependency:
react-router-domdependency from version7.1.5to7.5.2insrc/App/frontend/package.jsonto incorporate the latest features and fixes.Does this introduce a breaking change?
Golden Path Validation
Deployment Validation
What to Check
Verify that the following are valid
Other Information