fastlane-plugin-firebase_test_lab_android icon indicating copy to clipboard operation
fastlane-plugin-firebase_test_lab_android copied to clipboard

Published 20 hours ago verified publisher icon cats-oss

Option to prevent exposing test result to the public

Open manicmaniac opened this issue 2 years ago • 1 comments

With download_dir option, the plugin set test result files public-read, which permits non-authorized users to access the files.

https://github.com/cats-oss/fastlane-plugin-firebase_test_lab_android/blob/9082337cc39f956852eb2b6fd598025e4211da0b/lib/fastlane/plugin/firebase_test_lab_android/actions/firebase_test_lab_android_action.rb#L56

Generally test result doesn't include sensitive information but it would be nice if the plugin has option that prevents files from setting public-read ACL.

manicmaniac avatar Apr 22 '22 06:04 manicmaniac

@wasabeef Is it possible to remove this and update to new version? I am also experiencing this security issue.

vsgopinath avatar Sep 20 '23 12:09 vsgopinath