Harden by-name server resolution in Apply-Fix confirm (B3 LOW-2)#1034
Merged
Conversation
When a finding's source server is resolved by NAME (the alert carried the int-id fallback and a unique name matched), a server renamed/replaced since the alert could be a different target. PR-B mitigated this with a warning banner + exact-target display; this closes the click-through risk: on ResolvedByName the confirm dialog removes the Enter-key default and, when Apply would otherwise be enabled, requires an explicit "I confirm this is the correct target server" checkbox before enabling Apply. Strictly more restrictive — the audit-absent / not-actionable hard-blocks are unaffected (checkbox stays collapsed, button stays disabled). Dashboard 84/0, build clean. Fast-follow from the PR-B security review (LOW-2); user chose land-Phase-1-then-harden. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes the LOW-2 residual from the PR-B security review (#1033): a finding whose persisted
ServerIdis the analysis int-id fallback can resolve to a different server by unique-name match if that server was renamed/replaced between the alert and the apply.PR-B mitigated this with a "resolved by name — verify the server" banner + exact target display + reversible un-apply. This change closes the reflexive-click path:
ResolvedByName, the confirm dialog removes the Enter-key default (ConfirmButton.IsDefault = false).Dashboard.Tests 84/0, build clean (0 warnings, CS4014-as-error). UI-window click behavior isn't unit-tested (consistent with the codebase — no WPF window tests); the gating logic is additive friction and a human spot-click of the by-name case is worthwhile.
🤖 Generated with Claude Code