You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on github.com and signed with GitHub’s verified signature.
The key has expired.
Security
All values that become file/directory names are sanitized to address path traversal vulnerabilities (CVE-2020-15141)
All values that get placed into python files (everything from enum names, to endpoint descriptions, to default values) are validated and/or saniziatied to address arbitrary code execution vulnerabilities (CVE-2020-15142)
Changes
Due to security concerns/implementation complexities, default values are temporarily unsupported for any RefProperty that doesn't refer to an enum.
Defaults for properties must now be valid values for their respective type (e.g. "example string" is an invalid default for an integer type property, and the function for an endpoint using it would fail to generate and be skipped).
