Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(docs): docs remove spanner refs #10076

Merged
merged 3 commits into from
Nov 7, 2024
Merged

chore(docs): docs remove spanner refs #10076

merged 3 commits into from
Nov 7, 2024

Conversation

ossdhaval
Copy link
Contributor

@ossdhaval ossdhaval commented Nov 7, 2024
edited by mo-auto
Loading

Prepare

Description

Target issue

closes #10056

Implementation Details

Test and Document the changes

  • Static code analysis has been run locally and issues have been fixed
  • Relevant unit and integration tests have been added/updated
  • Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)

Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with docs: to indicate documentation changes or if the below checklist is not selected.

  • I confirm that there is no impact on the docs due to the code changes in this PR.

Closes #10077,

@ossdhaval ossdhaval self-assigned this Nov 7, 2024
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Nov 7, 2024
edited
Loading

DryRun Security Summary

The pull request focuses on removing support for the Google Spanner database, streamlining the setup and uninstallation processes, and emphasizing the use of more widely-adopted and well-supported database technologies (MySQL and PostgreSQL) with a security-conscious approach to maintain and improve the Janssen Server project.

Expand for full summary

Summary:

The code changes in this pull request are primarily focused on removing support for the Google Spanner database from the Janssen Server project and streamlining the setup and uninstallation processes. From an application security perspective, these changes are generally positive as they reduce the complexity of the system, remove support for a less common database option, and focus on more widely-adopted and well-supported database technologies (MySQL and PostgreSQL).

The key security-related aspects of these changes include:

  1. Removal of Spanner-related configuration and options, which simplifies the setup process and reduces the attack surface.
  2. Streamlining of the uninstallation process, ensuring the complete removal of Janssen Server components and dependencies.
  3. Emphasis on the use of SSHA-256 for password hashing, which provides stronger protection for user credentials.
  4. Secure database schema design, including the use of appropriate data types and JSON-based storage for multi-valued attributes.
  5. Efficient connection pool management, which helps mitigate potential connection-related vulnerabilities.

Overall, these changes demonstrate a security-conscious approach to maintaining and improving the Janssen Server project, focusing on simplicity, well-established technologies, and secure data management practices.

Files Changed:

  1. docs/janssen-server/reference/database/README.md: Removes support for the Spanner database, reducing the attack surface and complexity of the application.
  2. docs/janssen-server/install/setup.md: Removes Spanner-related setup options, streamlining the installation process.
  3. docs/janssen-server/install/vm-install/ubuntu.md: Describes the uninstallation process, ensuring the complete removal of Janssen Server components and dependencies.
  4. mkdocs.yml: Removes Spanner-related configuration files from the project documentation.
  5. docs/janssen-server/reference/database/mysql-config.md: Outlines the recommended MySQL configuration and schema design, including the use of SSHA-256 for password hashing and secure data storage practices.

Code Analysis

We ran 9 analyzers against 8 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@mo-auto
Copy link
Member

mo-auto commented Nov 7, 2024

Error: Hi @ossdhaval, You did not reference an open issue in your PR. I attempted to create an issue for you.
Please update that issues' title and body and make sure I correctly referenced it in the above PRs body.

@mo-auto mo-auto added area-documentation Documentation needs to change as part of issue or PR comp-docs Touching folder /docs kind-dependencies Pull requests that update a dependency file labels Nov 7, 2024
@mo-auto mo-auto mentioned this pull request Nov 7, 2024
Closed
@ossdhaval ossdhaval enabled auto-merge (squash) November 7, 2024 07:37
@ossdhaval ossdhaval merged commit c326b71 into main Nov 7, 2024
5 checks passed
@ossdhaval ossdhaval deleted the docs-remove-spanner-refs branch November 7, 2024 09:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@moabu moabu moabu approved these changes

@devrimyatar devrimyatar devrimyatar approved these changes

@manojs1978 manojs1978 Awaiting requested review from manojs1978

Assignees

@ossdhaval ossdhaval

Labels
area-documentation Documentation needs to change as part of issue or PR comp-docs Touching folder /docs kind-dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix: chore(docs): docs remove spanner refs -autocreated chore(docs): drop spanner related documentation
4 participants
@ossdhaval @mo-auto @devrimyatar @moabu