Skip to content

[BRE-1670] replace PAT tokens with app token#7434

Open
AmyLGalles wants to merge 5 commits intomainfrom
agalles/BRE-1670
Open

[BRE-1670] replace PAT tokens with app token#7434
AmyLGalles wants to merge 5 commits intomainfrom
agalles/BRE-1670

Conversation

@AmyLGalles
Copy link
Copy Markdown
Contributor

@AmyLGalles AmyLGalles commented Apr 10, 2026
edited by atlassian bot
Loading

🎟️ Tracking

BRE-1670

📔 Objective

Updating github workflows that use PAT to use bot token or GITHUB_TOKEN instead.

In some cases, the PAT token was being used for simple repo actions that didn't require further authentication, such as reading from or cloning a public repository.

For signing commits to other repos, actions/checkout native signing is available

📸 Screenshots

@AmyLGalles AmyLGalles requested a review from a team as a code owner April 10, 2026 04:34
@AmyLGalles AmyLGalles requested a review from dani-garcia April 10, 2026 04:34
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Apr 10, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 10, 2026

Logo
Checkmarx One – Scan Summary & Detailse0f43be8-3c99-438a-875d-221de57892fd

New Issues (6) Checkmarx found the following issues in this Pull Request
# Severity Issue Source File / Package Checkmarx Insight
1 MEDIUM CSRF /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 307
detailsMethod at line 307 of /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs gets a parameter from a user request from organizationUser...
Attack Vector
2 MEDIUM CSRF /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 307
detailsMethod at line 307 of /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs gets a parameter from a user request from model. This par...
Attack Vector
3 MEDIUM CSRF /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 531
detailsMethod at line 531 of /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs gets a parameter from a user request from model. This par...
Attack Vector
4 MEDIUM CSRF /src/Api/KeyManagement/Controllers/AccountsKeyManagementController.cs: 105
detailsMethod at line 105 of /src/Api/KeyManagement/Controllers/AccountsKeyManagementController.cs gets a parameter from a user request from model. Thi...
Attack Vector
5 MEDIUM CSRF /src/Api/KeyManagement/Controllers/AccountsKeyManagementController.cs: 105
detailsMethod at line 105 of /src/Api/KeyManagement/Controllers/AccountsKeyManagementController.cs gets a parameter from a user request from model. Thi...
Attack Vector
6 MEDIUM SSL_Verification_Bypass /src/Core/Platform/Mail/Delivery/MailKitSmtpMailDeliveryService.cs: 84
details/src/Core/Platform/Mail/Delivery/MailKitSmtpMailDeliveryService.cs relies HTTPS requests, in . The ServerCertificateValidationCallback parameter,...
Attack Vector
Fixed Issues (7) Great job! The following issues were fixed in this Pull Request
Severity Issue Source File / Package
MEDIUM CSRF /src/Api/Billing/Controllers/VNext/AccountBillingVNextController.cs: 55
MEDIUM CSRF /src/Api/KeyManagement/Controllers/AccountsKeyManagementController.cs: 145
MEDIUM CSRF /src/Api/KeyManagement/Controllers/AccountsKeyManagementController.cs: 145
MEDIUM CSRF /src/Api/KeyManagement/Controllers/AccountsKeyManagementController.cs: 97
MEDIUM CSRF /src/Api/KeyManagement/Controllers/AccountsKeyManagementController.cs: 97
MEDIUM CSRF /src/Api/AdminConsole/Controllers/OrganizationUsersController.cs: 512
MEDIUM SSL_Verification_Bypass /src/Core/Platform/Mail/Delivery/MailKitSmtpMailDeliveryService.cs: 81

@codecov
Copy link
Copy Markdown

codecov bot commented Apr 10, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 58.45%. Comparing base (1bc5f4e) to head (0b012c3).
⚠️ Report is 148 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #7434      +/-   ##
==========================================
- Coverage   61.81%   58.45%   -3.36%     
==========================================
  Files        2035     2067      +32     
  Lines       89647    90997    +1350     
  Branches     7994     8083      +89     
==========================================
- Hits        55413    53196    -2217     
- Misses      32288    35900    +3612     
+ Partials     1946     1901      -45

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dani-garcia dani-garcia dani-garcia approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@AmyLGalles @dani-garcia