Open
Conversation
- Add 'flb register' command for creating Registry Developer Accounts - Interactive prompts for username, email, password, and name - Input validation for username format and password length - Calls /~registry/v1/developer-account/register API endpoint - Provides clear success/error messages - Guides users to login after successful registration
…nt-registration feat: Add Registry Developer Account Registration
This commit adds the install-fleetbase command functionality on top of the dev-v0.0.4 branch which includes the register command. Both commands now coexist: - register: Register a new Registry Developer Account - install-fleetbase: Install Fleetbase using Docker The install command includes: - Interactive prompts for host, environment, and directory - Automatic APP_KEY generation - Docker compose configuration - Console environment file updates - Deployment automation
…d-rebased Feature/install fleetbase command rebased
The install-fleetbase command now automatically clones the Fleetbase repository into the target directory if docker-compose.yml is not found. This improves the user experience by eliminating the need to manually clone the repository before running the install command. Changes: - Automatically detects if Fleetbase files are missing - Clones repository using 'git clone' if needed - Creates target directory if it doesn't exist - Provides clear feedback during the cloning process - Gracefully handles clone failures with helpful error messages
…d-rebased Feature/install fleetbase command rebased
The register command now accepts a --host parameter to allow users to register against self-hosted Fleetbase instances instead of only the default api.fleetbase.io. Usage: flb register --host myinstance.com flb register -h myinstance.com Changes: - Added --host/-h option to register command - Defaults to api.fleetbase.io if not specified - Dynamically builds registration API URL based on host - Updates login suggestion to include --host if used during registration
The --host parameter now accepts full URLs with protocol (http:// or https://) instead of hardcoding https. This allows users to register against local development instances using http://localhost:8000. Changes: - Accept full URL: https://api.fleetbase.io or http://localhost:8000 - Auto-add https:// if protocol is missing (backward compatible) - Updated option description to clarify full URL format Examples: flb register --host https://api.fleetbase.io flb register --host http://localhost:8000 flb register --host myinstance.com (defaults to https://)
Fixed TypeError when API returns error messages as strings instead of arrays. The error handling now properly handles both formats: - Array: ['error message 1', 'error message 2'] - String: 'error message' This prevents crashes when displaying validation errors from the API.
Added debug logging to help diagnose network request issues: - Log the constructed API endpoint URL - Log the request data being sent - Log detailed error information including error codes - Log when no response is received from server This will help identify if: - The URL is being constructed correctly - The request is actually being made - There are network connectivity issues - The server is responding
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
|
||
| console.log('\nRegistering account...'); | ||
| console.log(`API Endpoint: ${registrationApi}`); | ||
| console.log(`Request Data:`, JSON.stringify(registrationData, null, 2)); |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI about 7 hours ago
In general, to fix clear‑text logging of sensitive information, you should either (1) avoid logging the sensitive fields entirely, or (2) mask/redact them before logging. For passwords, the best practice is to never log them, even in masked form if avoidable.
Here, the minimal, behavior‑preserving fix is to keep the helpful logging of request parameters but omit or redact the password field when printing. We can do this by creating a shallow copy of registrationData specifically for logging, removing or masking the password property, and then passing that safe object to JSON.stringify. This keeps the registration logic and API call unchanged; only the logging statement is updated.
Concretely, in index.js around line 790–792, we will replace:
console.log('\nRegistering account...');
console.log(`API Endpoint: ${registrationApi}`);
console.log(`Request Data:`, JSON.stringify(registrationData, null, 2));with code that constructs a registrationDataForLog object (using object spread) and sets password to a placeholder (or deletes it) before logging. No new imports are needed; we can use plain JavaScript. The rest of the file remains as is.
Suggested changeset
1
index.js
| @@ -789,7 +789,8 @@ | ||
|
|
||
| console.log('\nRegistering account...'); | ||
| console.log(`API Endpoint: ${registrationApi}`); | ||
| console.log(`Request Data:`, JSON.stringify(registrationData, null, 2)); | ||
| const registrationDataForLog = { ...registrationData, password: '[REDACTED]' }; | ||
| console.log(`Request Data:`, JSON.stringify(registrationDataForLog, null, 2)); | ||
|
|
||
| // Make API call to register | ||
| const response = await axios.post(registrationApi, registrationData); |
Copilot is powered by AI and may make mistakes. Always verify output.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.