Comments (7)
AJIOB
commented on June 10, 2024
1
Although the URL is technically valid, incorporating the password directly within the endpoint is risky, as the endpoint is not excluded from Debug output. This oversight could potentially expose the password in logs or traces, leading to a security vulnerability.
Make sense. Let's provide additional variables for the username & password for the Redis. Will it be OK?
from sccache.
AJIOB
commented on June 10, 2024
P.S. Username & password may be passed as a part of the SCCACHE_WEBDAV_ENDPOINT too (optionally), because it is still a valid URL.
P.P.S. The Redis backend connection parameters are passed in the same manner that I suggest to WebDAV.
from sccache.
Xuanwo
commented on June 10, 2024
The prefix is based on input endpoint.
Some webdav services could expose webdav at /v1/webdav, so it might be confusing to extract them as path.
Username & password may be passed as a part of the SCCACHE_WEBDAV_ENDPOINT too (optionally), because it is still a valid URL.
Although the URL is technically valid, incorporating the password directly within the endpoint is risky, as the endpoint is not excluded from Debug output. This oversight could potentially expose the password in logs or traces, leading to a security vulnerability.
from sccache.
AJIOB
commented on June 10, 2024
Some webdav services could expose webdav at
/v1/webdav, so it might be confusing to extract them as path.
As I can see in Artifactory docs - just used as an example - I should use artifactory/repo-path as a part of the SCCACHE_WEBDAV_ENDPOINT or as a SCCACHE_WEBDAV_KEY_PREFIX value now?
from sccache.
Xuanwo
commented on June 10, 2024
As I can see in Artifactory docs - just used as an example - I should use
artifactory/repo-pathas a part of theSCCACHE_WEBDAV_ENDPOINTor as aSCCACHE_WEBDAV_KEY_PREFIXvalue now?
From my perspective, I believe the endpoint should be http://host:port/artifactory/repo-path, a valid WebDAV service that points to the top-level directory accessible by users. With this endpoint as a basis, we can determine the key prefix and more.
Let's provide additional variables for the username & password for the Redis. Will it be OK?
LGTM. We should encourage users to use the username and password provided by the config instead of directly in the URL.
from sccache.
AJIOB
commented on June 10, 2024
LGTM. We should encourage users to use the
usernameandpasswordprovided by the config instead of directly in the URL.
You prefer to drop the current format support for the new one or just support both or them?
from sccache.
Xuanwo
commented on June 10, 2024
You prefer to drop the current format support for the new one or just support both or them?
Dropping current format might lead to a breaking change which is not good. I prefer to support both by including username and password in the config. We can also add a note in our documentation, advising new users that using password is recommended.
from sccache.
Related Issues (20)
- sccache direct mode doesn't restore gcc dependency files HOT 2
- sccache does not detect changes when a library is linked with #[link] attribute HOT 2
- Race condition in [run_server_process] on `master` and sccache 0.7.4 HOT 3
- sccache doesn't recreate WebDAV `SCCACHE_WEBDAV_KEY_PREFIX` folder structure HOT 4
- `-Xarch` Clang compiler option not supported
- sccache: error: thread 'tokio-runtime-worker' panicked at src/lru_disk_cache/mod.rs:204:17: Error removing file from cache: HOT 5
- Wrong target architecture detected on arm64 macOS HOT 2
- Add support for C++20 modules
- FIx warnings when built with with `cargo build --no-default-features` HOT 1
- Add support for GCC's `-pipe` option
- Permission denied if S3 host contains `:80` HOT 2
- Sccache for S3 storage failed to start (timeout) on virtualized macOS machine (Tart) without any error output HOT 1
- `aarch64-unknown-linux-musl` build CI is broken
- Use stable `sccache` version (0.7.7 for now) with Github Actions for caching newer builds
- `sccache-dist`: cache can end up somehow corrupted HOT 15
- usage of document-features crate breaks sccache-dist HOT 2
- sccache version on pypi is out of date HOT 10
- Sccache unable to upload to GCS bucket HOT 2
- Hitting rate limiting issues due to .sccache_check write checks on GCS HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sccache.