feat: Add Linear action item syncing for incidents #139
1 issue
find-bugs: Found 1 issue (1 medium)
Medium
Missing validation for SALT_KEY when Linear integration is enabled - `src/firetower/settings.py:80`
SALT_KEY is used to encrypt OAuth tokens via django-fernet-encrypted-fields, but there's no validation ensuring it's set to a strong value when Linear is configured. The config.example.toml shows an empty default. Following the existing pattern (IAP_AUDIENCE validation at lines 297-301), the code should validate that SALT_KEY is non-empty when config.linear is configured, especially in non-dev environments. Without this, encrypted tokens may use a weaker key derivation.
Duration: 391.6s · Tokens: 3.8M in / 34.3k out · Cost: $6.90 (+extraction: $0.00)
Annotations
Check warning on line 80 in src/firetower/settings.py
github-actions / warden: find-bugs
Missing validation for SALT_KEY when Linear integration is enabled
SALT_KEY is used to encrypt OAuth tokens via django-fernet-encrypted-fields, but there's no validation ensuring it's set to a strong value when Linear is configured. The config.example.toml shows an empty default. Following the existing pattern (IAP_AUDIENCE validation at lines 297-301), the code should validate that SALT_KEY is non-empty when config.linear is configured, especially in non-dev environments. Without this, encrypted tokens may use a weaker key derivation.