Skip to content

fix: ssrf validation for oauth#39517

Merged
julio-rocketchat merged 1 commit intorelease-8.2.1from
backport-8.2.1-39505
Mar 11, 2026
Merged

fix: ssrf validation for oauth#39517
julio-rocketchat merged 1 commit intorelease-8.2.1from
backport-8.2.1-39505

Conversation

@dionisio-bot
Copy link
Copy Markdown
Contributor

@dionisio-bot dionisio-bot bot commented Mar 10, 2026

Backport of #39505

@changeset-bot
Copy link
Copy Markdown

changeset-bot bot commented Mar 10, 2026

🦋 Changeset detected

Latest commit: 5dede90

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 41 packages
Name Type
@rocket.chat/meteor Patch
@rocket.chat/core-typings Patch
@rocket.chat/rest-typings Patch
@rocket.chat/uikit-playground Patch
@rocket.chat/api-client Patch
@rocket.chat/apps Patch
@rocket.chat/core-services Patch
@rocket.chat/cron Patch
@rocket.chat/ddp-client Patch
@rocket.chat/fuselage-ui-kit Patch
@rocket.chat/gazzodown Patch
@rocket.chat/http-router Patch
@rocket.chat/livechat Patch
@rocket.chat/model-typings Patch
@rocket.chat/ui-avatar Patch
@rocket.chat/ui-client Patch
@rocket.chat/ui-contexts Patch
@rocket.chat/ui-voip Patch
@rocket.chat/web-ui-registration Patch
@rocket.chat/account-service Patch
@rocket.chat/authorization-service Patch
@rocket.chat/ddp-streamer Patch
@rocket.chat/omnichannel-transcript Patch
@rocket.chat/presence-service Patch
@rocket.chat/queue-worker Patch
@rocket.chat/abac Patch
@rocket.chat/federation-matrix Patch
@rocket.chat/license Patch
@rocket.chat/media-calls Patch
@rocket.chat/omnichannel-services Patch
@rocket.chat/pdf-worker Patch
@rocket.chat/presence Patch
rocketchat-services Patch
@rocket.chat/models Patch
@rocket.chat/network-broker Patch
@rocket.chat/omni-core-ee Patch
@rocket.chat/mock-providers Patch
@rocket.chat/ui-video-conf Patch
@rocket.chat/instance-status Patch
@rocket.chat/omni-core Patch
@rocket.chat/server-fetch Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@dionisio-bot dionisio-bot bot requested a review from KevLehman March 10, 2026 18:48
@dionisio-bot dionisio-bot bot added the backport Used to inform backported PR label Mar 10, 2026
@dionisio-bot dionisio-bot bot mentioned this pull request Mar 10, 2026
Merged
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Mar 10, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 2 files

@codecov
Copy link
Copy Markdown

codecov bot commented Mar 10, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 70.55%. Comparing base (553ca59) to head (5dede90).
⚠️ Report is 1 commits behind head on release-8.2.1.

Additional details and impacted files

Impacted file tree graph

@@                Coverage Diff                @@
##           release-8.2.1   #39517      +/-   ##
=================================================
- Coverage          70.59%   70.55%   -0.04%     
=================================================
  Files               3188     3188              
  Lines             112623   112625       +2     
  Branches           20402    20396       -6     
=================================================
- Hits               79503    79465      -38     
- Misses             31068    31100      +32     
- Partials            2052     2060       +8
Flag Coverage Δ
e2e 60.35% <ø> (-0.03%) ⬇️
e2e-api 48.85% <ø> (+0.96%) ⬆️
unit 71.52% <ø> (-0.08%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@julio-rocketchat julio-rocketchat merged commit 375476a into release-8.2.1 Mar 11, 2026
202 of 213 checks passed
@julio-rocketchat julio-rocketchat deleted the backport-8.2.1-39505 branch March 11, 2026 00:43
@rocketchat-github-ci rocketchat-github-ci mentioned this pull request Mar 11, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@KevLehman KevLehman KevLehman approved these changes

Assignees

@KevLehman KevLehman

Labels

backport Used to inform backported PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@KevLehman @julio-rocketchat