facade / flare-client-php Goto Github PK
View Code? Open in Web Editor NEWSend PHP errors to Flare
Home Page: https://flareapp.io/docs
License: MIT License
Send PHP errors to Flare
Home Page: https://flareapp.io/docs
License: MIT License
Hello,
i have this error when pass 1.6.0 to 1.6.1
PHP 7.3.27-9+ubuntu16.04
In Flare.php line 235:
Argument 1 passed to Facade\FlareClient\Flare::censorRequestBodyFields() mu
st be of the type array, null given, called in /var/www/XXXXX/vendo
r/facade/ignition/src/IgnitionServiceProvider.php on line 134
This link is invalid
"You can find the documentation of this package at the docs of Flare."
Hello, there!
As part of the university research we are currently doing regarding the security of Github Actions, we noticed that one or many of the workflows that are part of this repository are referencing vulnerable versions of the third-party actions. As part of a disclosure process, we decided to open issues to notify GitHub Community.
Please note that there are could be some false positives in our methodology, thus not all of the open issues could be valid. If that is the case, please let us know, so that we can improve on our approach. You can contact me directly using an email: ikoishy [at] ncsu.edu
Thanks in advance
The vulnerability fix that is missing by actions' versions could be related to:
(1) CVE fix
(2) upgrade of vulnerable dependency
(3) fix to secret leak and others.
Please consider updating the reference to the action.
If you end up updating the reference, please let us know. We need the stats for the paper :-)
When I get an exception it crashes at the AddGitInformation
middleware, resulting in me seeing another exception in the symfony error page instead.
If I uncomment that middleware, it works and I can then see my original exception.
This happens on a completely new laravel repository installed via composer create-project
, I do not have any remotes for the repository yet as it hasn't been commited.
The workflow run-tests.yml is referencing action shivammathur/setup-php using references v1. However this reference is missing the commit 716331904ea2625d93a4f4f8f8c050d235845675 which may contain fix to the some vulnerability.
The vulnerability fix that is missing by actions version could be related to:
(1) CVE fix
(2) upgrade of vulnerable dependency
(3) fix to secret leak and others.
Please consider to update the reference to the action.
in method makeRequest
code
$queryString = http_build_query([
'key' => $this->apiToken,
'secret' => $this->apiSecret,
]);
$fullUrl = "{$this->baseUrl}/{$url}?{$queryString}";
$fullUrl already used ?
but in method makeCurlRequest
code
case 'get':
curl_setopt($curlHandle, CURLOPT_URL, $fullUrl.'?'.http_build_query($arguments));
break;
Also used ?
Symbol
The &
symbol should be used
like this
case 'get':
curl_setopt($curlHandle, CURLOPT_URL, $fullUrl.'&'.http_build_query($arguments));
break;
This bug will cause the parameter to be truncated
like this
127.0.0.1 - - [24/Apr/2021:21:17:10 +0800] "GET /?
key=fMMEfczZUzmTZLhe&secret=CJvpDkSKYbhtDYEv?
p1=p1v&p2=p2v HTTP/1.0" 200 72 "-" "Laravel/Flare API 1.0"
/*************************************************************************/
array:3 [
"key" => "fMMEfczZUzmTZLhe"
"secret" => "CJvpDkSKYbhtDYEv?
p1=p1v"
"p2" => "p2v"
]
Finally, thank you for your hard work and hope it will become better
Are there any plans to add support for other PHP projects, specifically WordPress? One of the agencies that I work with has a few WordPress sites, and they're currently using Sentry to handle their error logs for Laravel, October CMS, & WordPress projects.
I've been playing around with ignition (working on a plugin for October CMS right now, https://github.com/rainlab/ignition-plugin) and have liked what I've seen, so I'm wondering if there are any plans to expand and add support for WordPress. If there are, we would most likely move away from Sentry and switch to using Flare to manage our error logs.
On my development i "disabled" the flare error reporting by removing the flare key but still every exception is transmitted to flareapp.io. This is not something I would expect as it is transmitting many data (source code, database values) I did not consent to.
Currently, it's not compatible with Laravel 9 and above (and other frameworks depending on the latest http-foundation) due to dependency set to the max version of 5.x currently in the composer.json.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.