fix(agent,agent-installer): avoid leaking tunnel enrollment JWT via process cmdline by Copilot · Pull Request #1798 · Devolutions/devolutions-gateway

Copilot · 2026-05-26T03:03:44Z

Rust: accept --enrollment-string - sentinel to read JWT from stdin (first line only)
C#: pass JWT via stdin instead of argv in EnrollAgentTunnel
C#: add EscapeArg helper for safe Windows argv quoting of --name
WiX: add AGENT_TUNNEL_ENROLLMENT_STRING to MsiHiddenProperties
E2E tests in testsuite cli module with real Gateway enrollment
Hardcode test provisioner key and JTI UUID
Simplify real-Gateway test: use disable_token_validation + sample_jwt, remove picky/time deps and provisioner_public_key_base64
Inline provisioner key value, clean up Cargo.toml
cargo fmt, clippy, and all tests pass

…nd MSI logs - Rust: accept `--enrollment-string -` sentinel to read JWT from stdin - Rust: factor parsing into `parse_up_command_args_with_reader` for testability - Rust: add unit tests for stdin path and empty stdin error - C#: pass JWT via stdin instead of argv in EnrollAgentTunnel - C#: add EscapeArg helper for safe Windows argv quoting of --name - WiX: add AGENT_TUNNEL_ENROLLMENT_STRING to MsiHiddenProperties Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Agent-Logs-Url: https://github.com/Devolutions/devolutions-gateway/sessions/80ac4af5-a42b-40aa-8cca-b3f8837f0a4b Co-authored-by: CBenoit <3809077+CBenoit@users.noreply.github.com>

Benoît Cortier (CBenoit)

Copilot Extend the testsuite crate’s cli module, and perform proper E2E tests instead.

Remove unit tests for stdin path from devolutions-agent/src/main.rs and add proper E2E tests in testsuite/tests/cli/agent/up.rs that exercise the actual binary. Add agent_assert_cmd() to the testsuite cli module. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Agent-Logs-Url: https://github.com/Devolutions/devolutions-gateway/sessions/89161343-5614-437e-8fb3-d06809bd7323 Co-authored-by: CBenoit <3809077+CBenoit@users.noreply.github.com>

Copilot · 2026-05-26T07:35:16Z

Copilot Extend the testsuite crate’s cli module, and perform proper E2E tests instead.

Done in 0f73bc2. Removed the unit tests from main.rs and added proper E2E tests in testsuite/tests/cli/agent/up.rs that build and invoke the actual devolutions-agent binary via assert_cmd. Also added agent_assert_cmd() to testsuite/src/cli.rs. The four E2E tests cover: inline enrollment string, stdin enrollment string, empty stdin error, and JWT non-leakage in stderr.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

gateway.example.com
- Triggering command: /home/REDACTED/work/devolutions-gateway/devolutions-gateway/target/x86_64-REDACTED-linux-gnu/debug/devolutions-agent /home/REDACTED/work/devolutions-gateway/devolutions-gateway/target/x86_64-REDACTED-linux-gnu/debug/devolutions-agent up --enrollment-string - /home/REDACTED/work/devolutions-gateway/devolutions-gateway/target/x86_64-REDACTED-linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/ebcd52e9457b6221-v3_ia5.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/libaws_lc_0_40_0_crypto.a linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-sha256-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-sha512-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-vpaes-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-x86_64-mont.o�� linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-x86_64-mont5.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/b129d77c83f8bbf0-trampoline-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_madd_n25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_madd_n25519_alt.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_mod_n25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_neg_p25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519base.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519base_alt.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519_alt.o (dns block)
- Triggering command: /home/REDACTED/work/devolutions-gateway/devolutions-gateway/target/x86_64-REDACTED-linux-gnu/debug/devolutions-agent /home/REDACTED/work/devolutions-gateway/devolutions-gateway/target/x86_64-REDACTED-linux-gnu/debug/devolutions-agent up --enrollment-string ****** /home/REDACTED/work/devolutions-gateway/devolutions-gateway/target/x86_64-REDACTED-linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/ebcd52e9457b6221-v3_ia5.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/libaws_lc_0_40_0_crypto.a linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-sha256-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-sha512-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-vpaes-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-x86_64-mont.o�� linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-x86_64-mont5.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/b129d77c83f8bbf0-trampoline-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_madd_n25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_madd_n25519_alt.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_mod_n25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_neg_p25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519base.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519base_alt.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519_alt.o (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

Configure Actions setup steps to set up my environment, which run before the firewall is enabled
Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

…test with real Gateway - Read only the first line from stdin for --enrollment-string - - Remove low-value JWT-leak-in-stderr test - Add E2E test that spins up a real Gateway with agent tunnel enabled, signs a proper JWT with a generated provisioner key, and enrolls the agent via stdin - Extend DgwConfig with provisioner_public_key_base64 and agent_tunnel fields for test configuration Agent-Logs-Url: https://github.com/Devolutions/devolutions-gateway/sessions/4dace32b-140a-4a30-a73b-671a0bc27cf4 Co-authored-by: CBenoit <3809077+CBenoit@users.noreply.github.com>

Copilot · 2026-05-26T08:48:46Z

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

gateway.example.com
- Triggering command: /home/REDACTED/work/devolutions-gateway/devolutions-gateway/target/x86_64-REDACTED-linux-gnu/debug/devolutions-agent /home/REDACTED/work/devolutions-gateway/devolutions-gateway/target/x86_64-REDACTED-linux-gnu/debug/devolutions-agent up --enrollment-string ****** /home/REDACTED/work/devolutions-gateway/devolutions-gateway/target/x86_64-REDACTED-linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/ebcd52e9457b6221-v3_ia5.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/libaws_lc_0_40_0_crypto.a linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-sha256-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-sha512-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-vpaes-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-x86_64-mont.o�� linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-x86_64-mont5.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/b129d77c83f8bbf0-trampoline-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_madd_n25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_madd_n25519_alt.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_mod_n25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_neg_p25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519base.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519base_alt.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519_alt.o (dns block)
- Triggering command: /home/REDACTED/work/devolutions-gateway/devolutions-gateway/target/x86_64-REDACTED-linux-gnu/debug/devolutions-agent /home/REDACTED/work/devolutions-gateway/devolutions-gateway/target/x86_64-REDACTED-linux-gnu/debug/devolutions-agent up --enrollment-string - /home/REDACTED/work/devolutions-gateway/devolutions-gateway/target/x86_64-REDACTED-linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/ebcd52e9457b6221-v3_ia5.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/libaws_lc_0_40_0_crypto.a linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-sha256-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-sha512-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-vpaes-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-x86_64-mont.o�� linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/81d9a39ddc6b1c4e-x86_64-mont5.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/b129d77c83f8bbf0-trampoline-x86_64.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_madd_n25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_madd_n25519_alt.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_mod_n25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-bignum_neg_p25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519base.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519base_alt.o linux-gnu/debug/build/aws-lc-sys-14a06eddb9e6ae5a/out/020bc241f4dae036-curve25519_x25519_alt.o (dns block)
- Triggering command: /home/REDACTED/work/devolutions-gateway/devolutions-gateway/target/x86_64-REDACTED-linux-gnu/debug/devolutions-agent /home/REDACTED/work/devolutions-gateway/devolutions-gateway/target/x86_64-REDACTED-linux-gnu/debug/devolutions-agent up --enrollment-string - -C debuginfo=2 --cfg feature="alloc" --cfg feature="arithmetic" --cfg feature="default" k.0b�� u.0bqkji5.rcgu.o--log-target n.0bqkji5.rcgu.ojournal-or-kmsg d.0bqkji5.rcgu.o g.0bqkji5.rcgu.o/home/REDACTED/.rustup/toolchains/1.90.0-x86_64-REDACTED-linux-gnu/bin/rustc 2.0bqkji5.rcgu.o--crate-name 7b6221-v3_bcons.primefield 7b6221-v3_bitst.--edition=2024 (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

Configure Actions setup steps to set up my environment, which run before the firewall is enabled
Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

…untime Agent-Logs-Url: https://github.com/Devolutions/devolutions-gateway/sessions/3fd36380-b176-4ab2-b0cb-a90ca4028743 Co-authored-by: CBenoit <3809077+CBenoit@users.noreply.github.com>

Agent-Logs-Url: https://github.com/Devolutions/devolutions-gateway/sessions/f2d44853-04c2-421f-b7a4-9eafeea3f534 Co-authored-by: CBenoit <3809077+CBenoit@users.noreply.github.com>

…on, remove picky/time deps Agent-Logs-Url: https://github.com/Devolutions/devolutions-gateway/sessions/dc1b1526-3e01-4852-b247-6e2a86932742 Co-authored-by: CBenoit <3809077+CBenoit@users.noreply.github.com>

…e in Cargo.toml Agent-Logs-Url: https://github.com/Devolutions/devolutions-gateway/sessions/50788e81-abe4-47f8-b841-a9392c3bbe56 Co-authored-by: CBenoit <3809077+CBenoit@users.noreply.github.com>

irvingouj@Devolutions (irvingoujAtDevolution)

LGTM

Richard Markiewicz (thenextman) · 2026-05-26T16:02:16Z

+        // Prevent the enrollment JWT from being logged in verbose MSI logs (/L*v).
+        // `Hidden = true` only suppresses the property table dump; MsiHiddenProperties
+        // controls masking of CustomActionData expansion in verbose logs.
+        projectProperties.Add(new Property("MsiHiddenProperties", AgentProperties.AgentTunnelEnrollmentString));


This seems like a hallucination. The property attribute "hidden" in WiX (which has a managed equivalent in WixSharp) automatically does this for us, we shouldn't specify it directly

Oh… I should have double checked this more careful. I reverted this change

Copilot AI assigned Copilot and Benoît Cortier (CBenoit) May 26, 2026

Copilot created this pull request from a session on behalf of Benoît Cortier (CBenoit) May 26, 2026 03:04 View session

Copilot AI requested a review from Benoît Cortier (CBenoit) May 26, 2026 03:04

Copilot finished work on behalf of Benoît Cortier (CBenoit) May 26, 2026 03:04

Benoît Cortier (CBenoit) reviewed May 26, 2026

View reviewed changes

Copilot started work on behalf of Benoît Cortier (CBenoit) May 26, 2026 07:23 View session

Copilot AI requested a review from Benoît Cortier (CBenoit) May 26, 2026 07:36

Copilot finished work on behalf of Benoît Cortier (CBenoit) May 26, 2026 07:36

Benoît Cortier (CBenoit) reviewed May 26, 2026

View reviewed changes

Comment thread devolutions-agent/src/main.rs Outdated

Apply suggestion from @CBenoit

07a54dd

Benoît Cortier (CBenoit) reviewed May 26, 2026

View reviewed changes

Comment thread devolutions-agent/src/main.rs Outdated

Comment thread testsuite/tests/cli/agent/up.rs Outdated

Comment thread testsuite/tests/cli/agent/up.rs Outdated

Copilot started work on behalf of Benoît Cortier (CBenoit) May 26, 2026 08:27 View session

Copilot AI requested a review from Benoît Cortier (CBenoit) May 26, 2026 08:48

Copilot finished work on behalf of Benoît Cortier (CBenoit) May 26, 2026 08:49

Benoît Cortier (CBenoit) reviewed May 26, 2026

View reviewed changes

Comment thread testsuite/tests/cli/agent/up.rs Outdated

Copilot started work on behalf of Benoît Cortier (CBenoit) May 26, 2026 13:15 View session

Benoît Cortier (CBenoit) reviewed May 26, 2026

View reviewed changes

Comment thread testsuite/tests/cli/agent/up.rs Outdated

Benoît Cortier (CBenoit) reviewed May 26, 2026

View reviewed changes

Comment thread testsuite/tests/cli/agent/up.rs

Benoît Cortier (CBenoit) changed the title ~~fix(agent): avoid leaking tunnel enrollment JWT via process cmdline and MSI logs~~ fix(agent,agent-installer): avoid leaking tunnel enrollment JWT via process cmdline and MSI logs May 26, 2026

test(agent): hardcode provisioner test key instead of generating at r…

18280c2

…untime Agent-Logs-Url: https://github.com/Devolutions/devolutions-gateway/sessions/3fd36380-b176-4ab2-b0cb-a90ca4028743 Co-authored-by: CBenoit <3809077+CBenoit@users.noreply.github.com>

Copilot AI requested a review from Benoît Cortier (CBenoit) May 26, 2026 13:27

Copilot finished work on behalf of Benoît Cortier (CBenoit) May 26, 2026 13:28

Copilot started work on behalf of Benoît Cortier (CBenoit) May 26, 2026 13:28 View session

test(agent): hardcode JTI UUID and remove uuid dependency from testsuite

ba30346

Agent-Logs-Url: https://github.com/Devolutions/devolutions-gateway/sessions/f2d44853-04c2-421f-b7a4-9eafeea3f534 Co-authored-by: CBenoit <3809077+CBenoit@users.noreply.github.com>

Benoît Cortier (CBenoit) reviewed May 26, 2026

View reviewed changes

Comment thread testsuite/tests/cli/agent/up.rs

Copilot AI requested a review from Benoît Cortier (CBenoit) May 26, 2026 13:35

Copilot finished work on behalf of Benoît Cortier (CBenoit) May 26, 2026 13:36

Copilot started work on behalf of Benoît Cortier (CBenoit) May 26, 2026 13:36 View session

refactor(agent): simplify enrollment test with disable_token_validati…

b281b22

…on, remove picky/time deps Agent-Logs-Url: https://github.com/Devolutions/devolutions-gateway/sessions/dc1b1526-3e01-4852-b247-6e2a86932742 Co-authored-by: CBenoit <3809077+CBenoit@users.noreply.github.com>

Copilot finished work on behalf of Benoît Cortier (CBenoit) May 26, 2026 13:42

Benoît Cortier (CBenoit) reviewed May 26, 2026

View reviewed changes

Comment thread testsuite/src/dgw_config.rs Outdated

Comment thread testsuite/Cargo.toml Outdated

Copilot started work on behalf of Benoît Cortier (CBenoit) May 26, 2026 13:48 View session

refactor(agent): inline provisioner key value, remove extra blank lin…

e1c00e4

…e in Cargo.toml Agent-Logs-Url: https://github.com/Devolutions/devolutions-gateway/sessions/50788e81-abe4-47f8-b841-a9392c3bbe56 Co-authored-by: CBenoit <3809077+CBenoit@users.noreply.github.com>

Copilot finished work on behalf of Benoît Cortier (CBenoit) May 26, 2026 13:58

Copilot AI requested a review from Benoît Cortier (CBenoit) May 26, 2026 13:58

Benoît Cortier (CBenoit) marked this pull request as ready for review May 26, 2026 14:27

irvingouj@Devolutions (irvingoujAtDevolution) approved these changes May 26, 2026

View reviewed changes

Benoît Cortier (CBenoit) enabled auto-merge (squash) May 26, 2026 14:30

.

b50a18c

Benoît Cortier (CBenoit) disabled auto-merge May 26, 2026 15:00

Benoît Cortier (CBenoit) enabled auto-merge (squash) May 26, 2026 15:00

.

b0dfe81

Benoît Cortier (CBenoit) disabled auto-merge May 26, 2026 15:49

Benoît Cortier (CBenoit) enabled auto-merge (squash) May 26, 2026 15:49

Richard Markiewicz (thenextman) reviewed May 26, 2026

View reviewed changes

Benoît Cortier (CBenoit) reviewed May 27, 2026

View reviewed changes

Comment thread package/AgentWindowsManaged/Program.cs Outdated

Apply suggestion from @CBenoit

d87faec

Benoît Cortier (CBenoit) changed the title ~~fix(agent,agent-installer): avoid leaking tunnel enrollment JWT via process cmdline and MSI logs~~ fix(agent,agent-installer): avoid leaking tunnel enrollment JWT via process cmdline May 27, 2026

Benoît Cortier (CBenoit) disabled auto-merge May 27, 2026 14:00

Benoît Cortier (CBenoit) enabled auto-merge (squash) May 27, 2026 14:01

Benoît Cortier (CBenoit) merged commit 5abe183 into master May 27, 2026
42 checks passed

Benoît Cortier (CBenoit) deleted the copilot/stop-jwt-leak-and-remove-argv-risk branch May 27, 2026 14:15

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(agent,agent-installer): avoid leaking tunnel enrollment JWT via process cmdline#1798

fix(agent,agent-installer): avoid leaking tunnel enrollment JWT via process cmdline#1798
Benoît Cortier (CBenoit) merged 11 commits into
masterfrom
copilot/stop-jwt-leak-and-remove-argv-risk

Copilot AI commented May 26, 2026 •

edited

Loading

Uh oh!

Benoît Cortier (CBenoit) left a comment

Uh oh!

Copilot AI commented May 26, 2026 •

edited

Loading

I tried to connect to the following addresses, but was blocked by firewall rules:

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Copilot AI commented May 26, 2026

I tried to connect to the following addresses, but was blocked by firewall rules:

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

irvingouj@Devolutions (irvingoujAtDevolution) left a comment

Uh oh!

Richard Markiewicz (thenextman) May 26, 2026

Uh oh!

Benoît Cortier (CBenoit) May 27, 2026 •

edited

Loading

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

4 participants

Conversation

Copilot AI commented May 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Benoît Cortier (CBenoit) left a comment

Choose a reason for hiding this comment

Uh oh!

Copilot AI commented May 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

I tried to connect to the following addresses, but was blocked by firewall rules:

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Copilot AI commented May 26, 2026

I tried to connect to the following addresses, but was blocked by firewall rules:

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

irvingouj@Devolutions (irvingoujAtDevolution) left a comment

Choose a reason for hiding this comment

Uh oh!

Richard Markiewicz (thenextman) May 26, 2026

Choose a reason for hiding this comment

Uh oh!

Benoît Cortier (CBenoit) May 27, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

4 participants

Copilot AI commented May 26, 2026 •

edited

Loading

Copilot AI commented May 26, 2026 •

edited

Loading

Benoît Cortier (CBenoit) May 27, 2026 •

edited

Loading