No API key in new user creation & reset token for a user resets my token
AlastairPooley opened this issue · comments
I’m using the Redhat client to create a new user but didn’t get an API key in the response. I tried using reset-token for the user but it reset mine instead of the user key.
@erwanlr I pulled the updated file cvelib/cli.py down manually and updated that way and it did solve the issue.
Then a new version should be released as the current latest 4.0.0 does not have the patched code.
@mprpic could a new release be done please ?
Then a new version should be released as the current latest 4.0.0 does not have the patched code.
@mprpic could a new release be done please ?
@erwanlr I guess you meant 0.4.0. This issue only affects the testing instance (https://cveawg-dev.mitre.org/api/) as far as I can tell. Or did you also run into this issue while updating users in the currently-deployed CVE Services 1.1.1 in prod (https://cveawg.mitre.org/api/)?
Whoops yes 0.4.0, and yes this happened in prod
Whoops yes 0.4.0, and yes this happened in prod
Hmm, ok, I guess prod was silently updated beyond 1.1.1 then. I'll test it out and release an updated package if that's the case. Thanks!
Ha, indeed, commits CVEProject/cve-services@9b880e9 and CVEProject/cve-services@2605129 and were merged to the 1.1.1 branch:
https://github.com/CVEProject/cve-services/commits/release/v1.1.1
Package released: https://pypi.org/project/cvelib/0.5.0/