Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Restrict the setting of sensitive options by the CLI flag #6376

Merged
merged 1 commit into from
Apr 14, 2023

Conversation

sfc-gh-kbregula
Copy link
Contributor

@sfc-gh-kbregula sfc-gh-kbregula commented Mar 27, 2023

📚 Context

Setting passwords or other secrets via CLI options is not considered secure. To promote setting sensitive configuration values using environment variables or files, we disable setting particular sensitive configuration values using CLI parameters.

Please describe the project or issue background here

  • What kind of change does this PR introduce?

    • Bugfix
    • Feature
    • Refactoring
    • Other, please describe:

🧠 Description of Changes

  • Add bullet points summarizing your changes here

    • This is a breaking API change
    • This is a visible (user-facing) change

Revised:

Insert screenshot of your updated UI/code here

Current:

Insert screenshot of existing UI/code here

🧪 Testing Done

  • Screenshots included
  • Added/Updated unit tests
  • Added/Updated e2e tests

🌐 References

Does this depend on other work, documents, or tickets?

  • Issue: Closes #XXXX

Contribution License Agreement

By submitting this pull request you agree that all contributions to this project are made under the Apache 2.0 license.

@sfc-gh-kbregula sfc-gh-kbregula marked this pull request as ready for review March 27, 2023 16:21
lib/streamlit/config.py Outdated Show resolved Hide resolved
lib/streamlit/web/cli.py Outdated Show resolved Hide resolved
lib/streamlit/web/cli.py Outdated Show resolved Hide resolved
@sfc-gh-kbregula sfc-gh-kbregula added the QA-Needed QA is Required label Mar 27, 2023
@stale
Copy link

stale bot commented Apr 11, 2023

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the stale label Apr 11, 2023
@sfc-gh-kbregula sfc-gh-kbregula force-pushed the sensitive-options-in-cli branch from 41cc699 to a7ee60a Compare April 14, 2023 06:53
@stale stale bot removed the stale label Apr 14, 2023
@sfc-gh-mnowotka sfc-gh-mnowotka merged commit 6131caa into develop Apr 14, 2023
@kasim-inan kasim-inan added QA-Done QA is Complete and removed QA-Needed QA is Required labels Apr 14, 2023
tconkling added a commit to tconkling/streamlit that referenced this pull request Apr 14, 2023
# By Kamil Breguła
# Via GitHub
* develop:
  Add config option to control the hamburger menu (streamlit#6174)
  Restrict the setting of sensitive options by the CLI flag (streamlit#6376)

# Conflicts:
#	frontend/src/app/App.test.tsx
#	frontend/src/app/App.tsx
#	frontend/src/app/components/MainMenu/MainMenu.test.tsx
#	frontend/src/app/components/MainMenu/MainMenu.tsx
@sfc-gh-kmcgrady sfc-gh-kmcgrady deleted the sensitive-options-in-cli branch October 5, 2023 19:30
eric-skydio pushed a commit to eric-skydio/streamlit that referenced this pull request Dec 20, 2023
zyxue pushed a commit to zyxue/streamlit that referenced this pull request Mar 22, 2024
zyxue pushed a commit to zyxue/streamlit that referenced this pull request Apr 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants