Request 1116468: Submit python-msal - openSUSE Build Service

This request supersedes: request 1115567 (Show diff)

Overview

Request 1116468 accepted

- Update to version 1.24.1
+ Includes minor adjustments on handling acquire_token_interactive().
The scope of the issue being addressed was limited to a short-lived
sign-in attempt. The potential misuse vector complexity was high,
therefore it is unlikely to be reproduced in standard usage scenarios;
however, out of abundance of caution, this fix is shipped to align
ourselves with Microsoft's policy of secure-by-default.
- from version 1.24.0
+ Enhancement: There may be a new msal_telemetry key available in MSAL's
acquire token response, currently observed when broker is enabled. Its
content and format are opaque to caller. This telemetry blob allows
participating apps to collect them via telemetry, and it may help
future troubleshooting. (#575)
+ Enhancement: A new enable_pii_log parameter is added into ClientApplication
constructor. When enabled, the broker component may include PII (Personal
Identifiable Information) in logs. This may help troubleshooting. (#568, #590)
- Remove temporary version override (forwarded request 1116418 from glaubitz)

Created by rjschwei about 1 year ago
In state accepted
Supersedes 1115567

Submit python-msal

Comments for request 1116468 0

Login required, please login in order to comment

Request History

rjschwei created request about 1 year ago

- Update to version 1.24.1
+ Includes minor adjustments on handling acquire_token_interactive().
The scope of the issue being addressed was limited to a short-lived
sign-in attempt. The potential misuse vector complexity was high,
therefore it is unlikely to be reproduced in standard usage scenarios;
however, out of abundance of caution, this fix is shipped to align
ourselves with Microsoft's policy of secure-by-default.
- from version 1.24.0
+ Enhancement: There may be a new msal_telemetry key available in MSAL's
acquire token response, currently observed when broker is enabled. Its
content and format are opaque to caller. This telemetry blob allows
participating apps to collect them via telemetry, and it may help
future troubleshooting. (#575)
+ Enhancement: A new enable_pii_log parameter is added into ClientApplication
constructor. When enabled, the broker component may include PII (Personal
Identifiable Information) in logs. This may help troubleshooting. (#568, #590)
- Remove temporary version override (forwarded request 1116418 from glaubitz)

anag+factory added as a reviewer about 1 year ago

Being evaluated by staging project "openSUSE:Factory:Staging:adi:62"

anag+factory accepted review about 1 year ago

Picked "openSUSE:Factory:Staging:adi:62"

factory-auto added opensuse-review-team as a reviewer about 1 year ago

Please review sources

factory-auto accepted review about 1 year ago

Check script succeeded

licensedigger accepted review about 1 year ago

ok

darix accepted review about 1 year ago

Accepted review for by_group opensuse-review-team request 1116468 from user factory-auto

anag+factory accepted review about 1 year ago

Staging Project openSUSE:Factory:Staging:adi:62 got accepted.

anag+factory approved review about 1 year ago

Staging Project openSUSE:Factory:Staging:adi:62 got accepted.

anag+factory accepted request about 1 year ago

Staging Project openSUSE:Factory:Staging:adi:62 got accepted.

openSUSE Build Service is sponsored by