Skip to content

create_plan api #354

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 14 commits into from
Aug 4, 2025
Merged

create_plan api #354

merged 14 commits into from
Aug 4, 2025

Conversation

blessing-sanusi
Copy link
Collaborator

Purpose

  • ...

Does this introduce a breaking change?

  • Yes
  • No

How to Test

  • Get the code
git clone [repo-address]
cd [repo-name]
git checkout [branch-name]
npm install
  • Test the code

What to Check

Verify that the following are valid

  • ...

Other Information

Thanusree-Microsoft and others added 10 commits July 15, 2025 17:21
@Thanusree-Microsoft
Update CustomizingAzdParameters.md
e5e69ce 
Added link
@Roopan-Microsoft
Merge pull request #333 from microsoft/psl-azdlink-update
529970f 
docs: Update CustomizingAzdParameters.md
@Roopan-Microsoft
Merge pull request #330 from microsoft/dev
51c84be 
fix: Merge the telemetry issue changes from dev to main
@Priyanka-Microsoft
migrate model type to global standard
5831ae8
@Abdul-Microsoft
fix: add principalType as 'ServicePrincipal' for role assignments in …
00268ba 
…Bicep files
@Roopan-Microsoft
Merge pull request #337 from microsoft/dev
e51be80 
fix: added current step action and function with history to execute correct task when approving parallelly
@Roopan-Microsoft
Merge pull request #336 from microsoft/migrate-modeltype-to-globalsta…
601907b 
…ndard

chore: migrate model type to global standard
@Prajwal-Microsoft
Merge pull request #338 from microsoft/psl-fixPrincipalTypeIssue
22b01a3 
fix: add principalType as 'ServicePrincipal' for role assignments
@Roopan-Microsoft
Merge pull request #344 from microsoft/dev
cd1cf07 
fix: Prefix/Suffix fixes - dev to main
@blessing-sanusi
create_plan api
c980594
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 30, 2025
View reviewed changes
src/frontend/src/services/TaskService.tsx
static async createPlan(
description: string
): Promise<{ plan_id: string; status: string; session_id: string }> {
const sessionId = this.generateSessionId();

Check failure

Code scanning / CodeQL

Insecure randomness High

This uses a cryptographically insecure random number generated at
Math.random()
Loading
in a security context.

Copilot Autofix

AI 3 months ago

To fix the problem, replace the use of Math.random() in the generateSessionId method with a cryptographically secure random number generator. In the browser, the recommended approach is to use window.crypto.getRandomValues. This can be used to generate a random 32-bit integer, which can then be used in place of the insecure random value. The fix should only affect the generateSessionId method in src/frontend/src/services/TaskService.tsx. No changes to the method's interface or usage are required. No new dependencies are needed, as window.crypto is available in all modern browsers.

Suggested changeset 1
src/frontend/src/services/TaskService.tsx

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/frontend/src/services/TaskService.tsx b/src/frontend/src/services/TaskService.tsx
--- a/src/frontend/src/services/TaskService.tsx
+++ b/src/frontend/src/services/TaskService.tsx
@@ -103,3 +103,6 @@
     const timestamp = new Date().getTime();
-    const random = Math.floor(Math.random() * 10000);
+    // Use cryptographically secure random number
+    const array = new Uint32Array(1);
+    window.crypto.getRandomValues(array);
+    const random = array[0] % 10000;
     return `sid_${timestamp}_${random}`;
EOF
@@ -103,3 +103,6 @@
const timestamp = new Date().getTime();
const random = Math.floor(Math.random() * 10000);
// Use cryptographically secure random number
const array = new Uint32Array(1);
window.crypto.getRandomValues(array);
const random = array[0] % 10000;
return `sid_${timestamp}_${random}`;
Copilot is powered by AI and may make mistakes. Always verify output.
Unable to commit as this autofix suggestion is now outdated
@Fr4nc3 Fr4nc3 changed the base branch from main to macae-v3-dev July 31, 2025 13:54
@Fr4nc3 Fr4nc3 merged commit 58fc2e0 into macae-v3-dev Aug 4, 2025
1 of 4 checks passed
@Fr4nc3 Fr4nc3 deleted the macae-plan-api branch August 14, 2025 15:32
@github-actions
Copy link

🎉 This PR is included in version 2.2.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Fr4nc3 Fr4nc3 Fr4nc3 approved these changes

@Avijit-Microsoft Avijit-Microsoft Awaiting requested review from Avijit-Microsoft

@Roopan-Microsoft Roopan-Microsoft Awaiting requested review from Roopan-Microsoft

@Prajwal-Microsoft Prajwal-Microsoft Awaiting requested review from Prajwal-Microsoft

@marktayl1 marktayl1 Awaiting requested review from marktayl1

@Vinay-Microsoft Vinay-Microsoft Awaiting requested review from Vinay-Microsoft

@aniaroramsft aniaroramsft Awaiting requested review from aniaroramsft

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@blessing-sanusi @Fr4nc3 @Thanusree-Microsoft @Roopan-Microsoft @Priyanka-Microsoft @Abdul-Microsoft @Prajwal-Microsoft