marcel/argo-cd
1
0
Fork 0
mirror of https://github.com/argoproj/argo-cd.git synced 2026-02-20 01:28:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(cmp): discover plugins relative to app path (#13940) (#13946)

Browse Source 
* fix(cmp): discover plugins relative to app path (#13940)

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>

* securejoin

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>

* intuitive constant names

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>

* comments

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>

* add missing import

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>

---------

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
This commit is contained in:
Michael Crenshaw
2023-06-15 17:17:04 -04:00
committed by GitHub
parent bbc51fba03
commit cec07ee1ce
12 changed files with 54 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
common/common.go
View File

@@ -321,13 +321,16 @@ const (
// Security severity logging
const (
SecurityField = "security"
SecurityCWEField = "CWE"
SecurityEmergency = 5 // Indicates unmistakably malicious events that should NEVER occur accidentally and indicates an active attack (i.e. brute forcing, DoS)
SecurityCritical = 4 // Indicates any malicious or exploitable event that had a side effect (i.e. secrets being left behind on the filesystem)
SecurityHigh = 3 // Indicates likely malicious events but one that had no side effects or was blocked (i.e. out of bounds symlinks in repos)
SecurityMedium = 2 // Could indicate malicious events, but has a high likelihood of being user/system error (i.e. access denied)
SecurityLow = 1 // Unexceptional entries (i.e. successful access logs)
SecurityField = "security"
// SecurityCWEField is the logs field for the CWE associated with a log line. CWE stands for Common Weakness Enumeration. See https://cwe.mitre.org/
SecurityCWEField = "CWE"
SecurityCWEIncompleteCleanup = 459
SecurityCWEMissingReleaseOfFileDescriptor = 775
SecurityEmergency = 5 // Indicates unmistakably malicious events that should NEVER occur accidentally and indicates an active attack (i.e. brute forcing, DoS)
SecurityCritical = 4 // Indicates any malicious or exploitable event that had a side effect (i.e. secrets being left behind on the filesystem)
SecurityHigh = 3 // Indicates likely malicious events but one that had no side effects or was blocked (i.e. out of bounds symlinks in repos)
SecurityMedium = 2 // Could indicate malicious events, but has a high likelihood of being user/system error (i.e. access denied)
SecurityLow = 1 // Unexceptional entries (i.e. successful access logs)
)
// TokenVerificationError is a generic error message for a failure to verify a JWT