Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ftdev preprod verification logs #1820

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

priyadharshinivk
Copy link

No description provided.

Copy link

gitguardian bot commented Dec 2, 2024

⚠️ GitGuardian has uncovered 4 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

Since your pull request originates from a forked repository, GitGuardian is not able to associate the secrets uncovered with secret incidents on your GitGuardian dashboard.
Skipping this check run and merging your pull request will create secret incidents on your GitGuardian dashboard.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
7620759 Triggered Generic High Entropy Secret 9094afb TRV11/ftdev/Flow1/on_status.json View secret
7620759 Triggered Generic High Entropy Secret 9094afb TRV11/ftdev/Flow1/on_confirm.json View secret
7620759 Triggered Generic High Entropy Secret 9094afb TRV11/ftdev/Flow1/on_status.json View secret
7620759 Triggered Generic High Entropy Secret 9094afb TRV11/ftdev/Flow1/on_confirm.json View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider


🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@sourabhsaini11
Copy link

@priyadharshinivk, you have multiple PR's raised for same logs. Kindly maintain just a single PR active for log-verification & get the other PR's closed

@sourabhsaini11
Copy link

@priyadharshinivk, please fix below issues
common_issues

  • for on_search_1 sequelstring is being used as BPP, for search_2 nlincs is being used as BPP, for on_search_2 pramaan is being used as BPP, please re-upload logs where transaaction is being made over the network with a single NP only.
  • billing.phone should be present in a valid format
  • for tag SETTLEMENT_WINDOW, correct format is P1D instead of PT1D

on_search2

  • bpp_id & bpp_uri mismatch in /search_2 and /on_search_1
  • transaction_id & message_id for /search_2 and /on_search_2 api should be same.
  • Timestamp for /search_2 api cannot be greater than or equal to /on_search_2 api

confirm

  • bpp_uri is invalid
  • Timestamp for /on_search api cannot be greater than or equal to /confirm api

on_confirm

  • bpp_uri is invalid

status

  • Timestamp for /on_init api cannot be greater than or equal to /status api

@sourabhsaini11
Copy link

sourabhsaini11 commented Dec 4, 2024

@priyadharshinivk, it's a gentle reminder to close other PR's raised from your end.

@sourabhsaini11
Copy link

@priyadharshinivk, update here once all the issues are resolved from your end

Copy link
Author

@priyadharshinivk priyadharshinivk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sourabhsaini11

  1. I have closed the other PR's that I raised.
    2.All common issues have been resolved and updated. Please kindly check and update as needed.

@sourabhsaini11
Copy link

@priyadharshinivk, resolve below issues
common_issues

  • incorrect format for tag SETTLEMENT_WINDOW, should be P1D instead
  • billing.email & billing.phone must be valid
  • missing INTERMEDIATE_STOP stops for /on_action call
  • seconds are missing & milliseconds should be precise upto 3 places at provider.time.range for attr start & end

on_select

  • Message Id for /select and /on_select api should be same.

confirm

  • invalid bpp_uri

on_confirm

  • payments.id value should be 7428634 as sent in confirm

status

  • Timestamp for /status api should be greater than /on_confirm's Timestamp

cancel(confirm)

  • timestamp can't be same as cancel(soft)'s timestamp

on_cancel

  • please provide correct payload without error obj

@priyadharshinivk
Copy link
Author

missing INTERMEDIATE_STOP stops for /on_action call

@sourabhsaini11 Can you name the API that is missing the INTERMEDIATE_STOP stops for the /on_action call?

@sourabhsaini11
Copy link

@priyadharshinivk, if the START & END stops are having other stops in b/w both of them then INTERMEDIATE_STOP should be present in all the on_action calls.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants