-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pre aug2024 release tweaks #59
Conversation
|
GitGuardian id | GitGuardian status | Secret | Commit | Filename | |
---|---|---|---|---|---|
9212979 | Triggered | Generic High Entropy Secret | b5c3820 | tests/test_client.py | View secret |
9479244 | Triggered | Generic High Entropy Secret | b5c3820 | tests/test_client.py | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secrets safely. Learn here the best practices.
- Revoke and rotate these secrets.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
@@ -39,7 +55,7 @@ def _create_message(self, message_type: str, product_ids: list, channel: str) -> | |||
"timestamp": int(time.time()) | |||
} | |||
|
|||
def _handle_message(self, ws, message: str): | |||
def _handle_message(self, ws: websocket.WebSocket, message: str) -> None: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems this function is expected to return None
no matter what. So, I slightly updated the code to reflect that.
@@ -49,21 +65,21 @@ def _handle_message(self, ws, message: str): | |||
""" | |||
data = json.loads(message) | |||
|
|||
if 'type' in data and data['type'] == 'error': | |||
if data.get('type') == 'error': |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
using data.get(...)
instead of 'something' in collection and collection['something] == x
pattern.
if 'channel' in data and data['channel'] == 'subscriptions': | ||
return data | ||
if data.get('channel') == 'subscriptions': | ||
return |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
returning None
as expected in the function contract.
@gunjack-el I made some minor tweaks before releasing it. Let me know if you are ok with that. |
"limit_price": ".19", | ||
"post_only": False | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@gunjack-el not a release blocker at this time BUT will be great to create a set of unit tests for this client as we have for the REST API client.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just created an issue for this here: #60
Doing some minor tweaks to the Websocket integration @gunjack-el implemented.