Update Rust crate casbin to v2.19.1 - abandoned #82
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…on (duplicates etc)
30 access policies
…don't push anything to agent
Problem: Status Panel agents authenticate with 'agent' role but get 403 when accessing /api/v1/agent/commands/report endpoint. Root Cause: - Agent authentication (f_agent.rs) creates pseudo-user with role 'agent' - Earlier migration (20251222160220) added agent permissions - However, permissions may be missing on remote server Solution: - Create idempotent migration ensuring agent role has necessary permissions - Grant 'agent' role access to: * POST /api/v1/agent/commands/report (command reporting) * GET /api/v1/agent/commands/wait/:deployment_hash (command polling) - Ensure agent role inherits from group_anonymous This allows Status Panel agents to report command results without requiring per-agent Casbin rules, leveraging Vault token management for authentication. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
… endpoin,part of meta
…of sensitive information Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
…/trydirect/stacker into feature-performance-improvements merge fix
…ayload and removing the unused import.
…> so requests are no longer serialized
Feature performance improvements
Removed redundant information about the banner's visibility.
renovate
bot
changed the title
Contributor
Author
Autoclosing SkippedThis PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error. |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| Ok(cipher_vec) | ||
| } | ||
|
|
||
| #[tracing::instrument(name = "decrypt.")] |
Check failure
Code scanning / CodeQL
Cleartext logging of sensitive information High
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
2.19.0→2.19.1Release Notes
casbin/casbin-rs (casbin)
v2.19.1Compare Source
Bug Fixes
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.