Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Push decision to use credentials or not down to where the creds are used #3440

Merged
merged 2 commits into from
Mar 6, 2024
Merged

Push decision to use credentials or not down to where the creds are used #3440

merged 2 commits into from
Mar 6, 2024

Conversation

robertbrignull
Copy link
Contributor

This fixes a potential bug I spotted where we might unexpectedly prompt a user for credentials to download a CodeQL database.

The code for downloading databases from GitHub is in promptImportGithubDatabase and downloadGitHubDatabase and both of those took an optional Credentials parameter. It is then up to the caller to decide whether to use credentials or not. In this PR we push the decision further down so we only decide in downloadGitHubDatabase and therefore use the same logic for all cases.

The current logic around using credentials is:

  • In handleChooseDatabaseGithub in local-databases-ui.ts (called when manually importing a database by command palette or UI), we were using credentials only when the canary flag was set.
  • In createSkeletonQuery in local-queries.ts, we were using credentials only when the canary flag was set.
  • In promptImportDatabase in model-editor-view.ts (called when modeling a dependency or generating modeled methods), we were always using credentials.

This seems like a bug to me as the rest of the model editor doesn't require canary mode, and in all other instances of downloading a database it doesn't prompt for credentials when not in canary mode.

Checklist

  • CHANGELOG.md has been updated to incorporate all user visible changes made by this pull request.
  • Issues have been created for any UI or other user-facing changes made by this pull request.
  • [Maintainers only] If this pull request makes user-facing changes that require documentation changes, open a corresponding docs pull request in the github/codeql repo and add the ready-for-doc-review label there.

@robertbrignull robertbrignull requested review from a team as code owners March 5, 2024 15:27
koesie10
koesie10 approved these changes Mar 6, 2024
View reviewed changes
Copy link
Member

@koesie10 koesie10 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. I agree that we shouldn't be using the credentials in the model editor in non-canary mode, especially since this would only result in a credentials prompt when using flow generation.

@robertbrignull
Copy link
Contributor Author

I realised that this is a user-visible change so it should probably have a changelog entry. I hope that's ok. If you disagree we can editor or remove it again.

@robertbrignull robertbrignull enabled auto-merge March 6, 2024 16:29
@robertbrignull robertbrignull merged commit 659da6c into main Mar 6, 2024
15 checks passed
@robertbrignull robertbrignull deleted the robertbrignull/database-download-creds branch March 6, 2024 16:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@koesie10 koesie10 koesie10 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@robertbrignull @koesie10