New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add public key support #225
Conversation
Resolves #206 |
Codecov Report
@@ Coverage Diff @@
## master #225 +/- ##
==========================================
+ Coverage 80.54% 80.68% +0.14%
==========================================
Files 11 11
Lines 812 813 +1
Branches 247 249 +2
==========================================
+ Hits 654 656 +2
+ Misses 68 67 -1
Partials 90 90
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
Thank you for this, but all these code scanning alerts will have to be addressed. If you need help figuring out how to make the regex less catastrophic, please post here and we'll see what help we can provide. It looks like the new code you added isn't 100% covered by tests. Please have a look and see what can be done about that. I look forward to seeing your README updates; our README definitely needs a little TLC. Also, if it is easy to add a test to add coverage to another part of the code that is currently untested, perhaps a branch, please consider that; sometimes I find that when I'm writing a test trying to get complete coverage for my new code, I see that I can make one tweak to a new test and cover a previously untested branch in some other code. |
|
One of the best ways is to just look at the manual: https://codeql.github.com/codeql-query-help/javascript/js-polynomial-redos/. As suggested, anchoring the string or using some lookbehind helps a lot. |
@cjbarth I have now;
|
Thanks for all your hard work and the clarity of your code. I see that this patch is almost at 100%, good job! Keep at it! |
@cjbarth is there something that should be done to get this PR into master?
|
Yes, please address the code review comments. I don't even see a reply on some of them. |
@cjbarth Hi, is there something that you are expecting me to work with this PR? Or do you have time allocation issues with this PR? I would like to work to get this PR finished. |
It seems that my previous PR comments are unresolved. Why not start there? I'm also interested in addressing those regex warnings, but I need more time to review what can be done there. |
…other than 'CERTIFICATE' PEM's.
… and changed 'certs' to 'pemFiles'.
…is used inside SAML class protected function 'getKeyInfosAsPem()'
…natures. Cleanup 'stripPemHeaderAndFooter()' implementation.
…g and organized it better, also added information of public key support.
…s callback function.
…eyInfosToPem' not to contain nested arrays.
a5e7a81
to
d0a4f01
Compare
…ut had to add also prettier ignore because new rules work with "(typeof PemLabel)..." and old rules work with "typeof PemLabel..." so it cannot be made to work with both. Added eslint ignore for 'any' inside types.ts
d0a4f01
to
cef00a6
Compare
DeepScan stuff fixed, I'll check if I can get coverage a bit better. Edit It only reads data from |
@cjbarth Hi, I resolved most of the conversations on couple of weeks ago, but there are still those two open conversations. For now I need more feedback from you in order to get things moving. If there are some issues which needs to be addressed in specific way other than those two open conversations, I wish you point out those explicitly where the issue is and how you want it to be fixed so that I can make those fixes. |
I'm sorry for the delay; I was unavailable for a while. I'm back to giving this project more attention. I've read over the changes you've made and they look good. I'll take time to take a second look at my comments that are still open and see if they are still valid or if I need to add more details. |
Conflicts: README.md test/tests.spec.ts
@RopoMen , I've pushed up a lot of changes to improve this code. We don't want to export code just for testing, so many tests were changed, or even removed, for that reason. Many tests were redundant. I see the point about the |
Hi @cjbarth Thank you to be active again 😁 |
Description
These changes are not making any changes into used interface, only internal re-factoring.
I will make changes to README.md before merge, because it is not currently talking about public key support. Public key support comes through
cert
property, if PEM file is well formatted then it is accepted.