Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: publish postmortem for the fiddle-proxy ssrf #774

Merged
merged 2 commits into from
Jul 11, 2024

Conversation

sxlijin
Copy link
Collaborator

@sxlijin sxlijin commented Jul 11, 2024

No description provided.

Copy link

vercel bot commented Jul 11, 2024

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
baml ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jul 11, 2024 5:23pm

Copy link

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR Summary

  • Added postmortem document for SSRF vulnerability in fiddle-proxy service (docs/docs/incidents/2024-07-10-ssrf-issue-in-fiddle-proxy.mdx)
  • Updated docs/mint.json to include new 'Incidents' group under 'Reference' section
  • Included page for SSRF issue in the new 'Incidents' group

2 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings

Copy link

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR Summary

(updates since last review)

  • Clarified no customer impact in the impact section (docs/docs/incidents/2024-07-10-ssrf-issue-in-fiddle-proxy.mdx)
  • Explained purpose-specific, spend-capped API keys in the severity section (docs/docs/incidents/2024-07-10-ssrf-issue-in-fiddle-proxy.mdx)

1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings

@sxlijin sxlijin merged commit 36b1dd1 into canary Jul 11, 2024
8 checks passed
@sxlijin sxlijin deleted the sam/fiddle-proxy-postmortem branch July 11, 2024 17:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant