Jesse Hallam
Jesse Hallam
One thing to note: right now, `plugin_caller` is accurate, but because of our handler semantics, often just points to a helper method, e.g. `"plugin_caller":"github.com/mattermost/mattermost-plugin-playbooks/server/api/logger.go:67"`. I'd love to either find a...
Looking at my own example, we'll need to do something better for GraphQL in this case: ``` {"timestamp":"2022-06-27 13:28:33.369 -03:00","level":"error","msg":"Error executing request","caller":"app/plugin_api.go:940","plugin_id":"playbooks","request_id":"dt9hjizn1idjbkaszu1k58n6be","error":"graphql: Not authorized","operation":"Playbook","plugin_caller":"github.com/mattermost/mattermost-plugin-playbooks/server/api/graphql.go:135"} ```
Following up on the CodeQL issues at https://community.mattermost.com/core/pl/7zsxojoqpigif8odyuw5rdw41y.
@srkgupta, any idea what's going on with the code scanner above?
Thanks, @trilopin! I considered this, but thought it might be easier just to switch to the context model. For now, the underlying logger is still encoded within the `http.Request` context,...
(Note that I haven't switched us to `mlog` until that package can be used seamlessly across the RPC boundary like we can do for logrus.)
@crspeller / @trilopin, I've fixed the build issues -- my upgrade of the plugin-api brought in the "new" `EnsureBot` and triggered https://community.mattermost.com/core/pl/9c8txjwkytdczc6kw8ngggyour. Fixed by making the `OwnerId` explicit for now....
Thanks, @srkgupta! What's weird is that we've been logging all along without these warnings showing up in code reviews, and now that we're using logrus, CodeQL's automated checks seem to...
> Once these alerts are analyzed and dismissed, they will not be re-triggered again in the subsequent PRs unless there are additional similar code changes. Thanks, @srkgupta! So, just to...
Thanks, @srkgupta! To explore this further, I created https://github.com/mattermost/mattermost-plugin-playbooks/pull/1465 using the existing logging infrastructure and referencing a user-controlled input that triggered a warning in the same way as this PR:...