Skip to content

docs: clarify FileInstallationStore and FileStateStore are dev-only #2446

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mwbrooks merged 3 commits into from
Dec 2, 2025
Merged

docs: clarify FileInstallationStore and FileStateStore are dev-only #2446

mwbrooks merged 3 commits into from
Dec 2, 2025

Conversation

@mwbrooks
Copy link
Member

@mwbrooks mwbrooks commented Dec 1, 2025

Summary

This pull request addresses a reported security issue where a developer was using the FileStateStore for production and reported security vulnerabilities.

We already clarify that FileInstallationStore is for development only and this PR extends the paragraph to include FileStateStore.

Requirements (place an x in each [ ])

@mwbrooks mwbrooks added this to the [email protected] milestone Dec 1, 2025
@mwbrooks mwbrooks self-assigned this Dec 1, 2025
@mwbrooks mwbrooks requested a review from a team as a code owner December 1, 2025 19:14
@mwbrooks mwbrooks added docs M-T: Documentation work only semver:patch labels Dec 1, 2025
lukegalbraithrussell
lukegalbraithrussell approved these changes Dec 1, 2025
View reviewed changes
Copy link
Contributor

@lukegalbraithrussell lukegalbraithrussell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good but am also open to making this a big red callout card if needed

@codecov
Copy link

codecov bot commented Dec 1, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.09%. Comparing base (9a0c4c4) to head (4566ff3).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #2446   +/-   ##
=======================================
  Coverage   93.09%   93.09%           
=======================================
  Files          40       40           
  Lines       11240    11240           
  Branches      713      713           
=======================================
  Hits        10464    10464           
  Misses        764      764           
  Partials       12       12
Flag Coverage Δ
cli-hooks 95.23% <ø> (ø)
cli-test 94.79% <ø> (ø)
oauth 77.39% <ø> (ø)
socket-mode 61.87% <ø> (ø)
web-api 98.11% <ø> (ø)
webhook 96.66% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@mwbrooks
Copy link
Member Author

mwbrooks commented Dec 1, 2025

@lukegalbraithrussell Oh, interesting! It's your call, but that could be a good idea to do somewhere in the docs. Would you use the :::warning syntax?

lukegalbraithrussell
lukegalbraithrussell reviewed Dec 1, 2025
View reviewed changes
zimeg
zimeg approved these changes Dec 1, 2025
View reviewed changes
Copy link
Member

@zimeg zimeg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mwbrooks LGTM and thanks for making this more clear!

I left a few comments on separating sections and think in follow up PRs we can improve the jsdoc for these classes, but please let me know what you think!

@mwbrooks mwbrooks merged commit 38ad76b into main Dec 2, 2025
110 of 111 checks passed
@mwbrooks mwbrooks deleted the mwbrooks-docs-file-store-dev-only branch December 2, 2025 00:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lukegalbraithrussell lukegalbraithrussell lukegalbraithrussell approved these changes

@zimeg zimeg zimeg approved these changes

Assignees

@mwbrooks mwbrooks

Labels

docs M-T: Documentation work only semver:patch

Projects

None yet

Milestone

[email protected]

Development

Successfully merging this pull request may close these issues.

4 participants

@mwbrooks @zimeg @lukegalbraithrussell