Skip to content

Auto updated assets for go models and clients eng #3028

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: eng
Choose a base branch
from
Open

Auto updated assets for go models and clients eng #3028

wants to merge 2 commits into from

Conversation

gurunath-avi
Copy link
Collaborator

No description provided.

github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 31, 2025
View reviewed changes
go/session/avisession.go
return nil, err
}
avisess.transport = &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},

Check failure

Code scanning / CodeQL

Disabled TLS certificate check High

InsecureSkipVerify should not be used in production code.

Copilot Autofix

AI 17 days ago

To fix the problem, we need to ensure that TLS certificate verification is enabled. This involves setting InsecureSkipVerify to false and properly configuring the certificates. If the certificates are not available or cannot be verified, the connection should fail rather than proceeding insecurely.

The best way to fix the problem without changing existing functionality is to remove the InsecureSkipVerify: true setting and ensure that the application uses valid certificates. This might involve loading the system's root CA certificates or specifying a custom CA certificate.

Suggested changeset 1
go/session/avisession.go

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/go/session/avisession.go b/go/session/avisession.go
--- a/go/session/avisession.go
+++ b/go/session/avisession.go
@@ -376,3 +376,3 @@
 				avisess.transport = &http.Transport{
-					TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+					TLSClientConfig: &tls.Config{},
 					Proxy:           http.ProxyURL(proxyURL),
@@ -381,3 +381,3 @@
 				avisess.transport = &http.Transport{
-					TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+					TLSClientConfig: &tls.Config{},
 				}
EOF
@@ -376,3 +376,3 @@
avisess.transport = &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
TLSClientConfig: &tls.Config{},
Proxy: http.ProxyURL(proxyURL),
@@ -381,3 +381,3 @@
avisess.transport = &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
TLSClientConfig: &tls.Config{},
}
Copilot is powered by AI and may make mistakes. Always verify output.
go/session/avisession.go
}
} else {
avisess.transport = &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},

Check failure

Code scanning / CodeQL

Disabled TLS certificate check High

InsecureSkipVerify should not be used in production code.

Copilot Autofix

AI 17 days ago

To fix the problem, we need to ensure that TLS certificate verification is enabled. This can be done by setting InsecureSkipVerify to false or by removing the TLSClientConfig entirely if it is not needed. Additionally, we should ensure that the application is configured with the correct certificates to allow for proper verification.

The best way to fix the problem without changing existing functionality is to set InsecureSkipVerify to false and ensure that the application is using valid certificates. This change should be made in the go/session/avisession.go file, specifically on lines 377 and 382.

Suggested changeset 1
go/session/avisession.go

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/go/session/avisession.go b/go/session/avisession.go
--- a/go/session/avisession.go
+++ b/go/session/avisession.go
@@ -376,3 +376,3 @@
 				avisess.transport = &http.Transport{
-					TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+					TLSClientConfig: &tls.Config{InsecureSkipVerify: false},
 					Proxy:           http.ProxyURL(proxyURL),
@@ -381,3 +381,3 @@
 				avisess.transport = &http.Transport{
-					TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+					TLSClientConfig: &tls.Config{InsecureSkipVerify: false},
 				}
EOF
@@ -376,3 +376,3 @@
avisess.transport = &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
TLSClientConfig: &tls.Config{InsecureSkipVerify: false},
Proxy: http.ProxyURL(proxyURL),
@@ -381,3 +381,3 @@
avisess.transport = &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
TLSClientConfig: &tls.Config{InsecureSkipVerify: false},
}
Copilot is powered by AI and may make mistakes. Always verify output.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@apalsule apalsule Awaiting requested review from apalsule apalsule is a code owner

@parimanur parimanur Awaiting requested review from parimanur parimanur is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@parimanur parimanur

Labels
AUTO PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gurunath-avi @parimanur