azure-dev icon indicating copy to clipboard operation
azure-dev copied to clipboard

Published 20 hours ago verified publisher icon Azure

azd up should display warning message when downloading a non-Azure-Samples template

Open puicchan opened this issue 3 years ago • 2 comments

This helps to warn customers about potentially downloading malicious repo.

puicchan avatar Jul 05 '22 16:07 puicchan

Triage: Deciding this is not a shipblocker.

If we do this, we'll need a way to perm disable.

jongio avatar Jul 06 '22 16:07 jongio

After chatting with CELA, we will need to:

  • Add a page to our documentation on docs.microsoft.com outlining the risk of running code you didn’t author
  • In azd product, show a blurb with link to notice on docs.microsoft.com on azd init
  • On GitHub, add a notice to the bottom of our GitHub README

savannahostrowski avatar Oct 26 '22 16:10 savannahostrowski

I believe this can be closed now via #1348

savannahostrowski avatar Jan 11 '23 17:01 savannahostrowski