Clarify the expected value of jwtRole
#591
Conversation
|
Weird CI issue :( |
|
@benjie CI doesn't run automatically when a PR is opened, does it? If so, that's very dangerous. If not, good for you! :) |
|
Yes it does, but CI doesn't have access to anything dangerous (e.g. it doesn't publish to npm/etc, so doesn't have any secrets in its envvars or similar). I'm not aware of any security issues with doing so, but if we were to auto-publish to npm or similar then I'd certainly lock it down! If you have evidence of it being dangerous configured how it is currently please let me know so I can disable it. |
|
So I think the CI issue is that something's updated and UglifyJs can't handle |
|
w.r.t. security, a compromised CI server (if it builds anything) could backdoor the builds. That said, if the CI server is read-only and only runs the tests, the wors that could happen is that the CI server is zombified and used to perform malicious acts against others. |
* chore(tsdoc): enable TSDoc linting (#577) * chore: add tests for GRAPHILE_TURBO (#582) * chore(types): export GraphileResolverContext * chore(release): use yarn commands * feat(watch): manual schema reload notification (#583) * chore(git): ignore .env file (#590) * chore(tests): use Jest GraphQL schema serializer (#589) * feat(omit) take "many" on constraints into account (#565) * feat(omit) take "many" on constraints into account Closes #505. * move `@omit many` constraint condition to "many" relations only and simplify the conditions a bit, outdenting `makeField` by one level Co-authored-by: Benjie Gillam <[email protected]> * feat(pg): support non-scalar range values (#591) Co-authored-by: Benjie Gillam <[email protected]> * Fix issues after rebase * More reliable? Co-authored-by: David Baumgold <[email protected]> Co-authored-by: Andreas Bergmaier <[email protected]>
Co-authored-by: Benjie Gillam <[email protected]>
No description provided.