Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(cdp): disallow hog code modification #28142

Merged
merged 13 commits into from
Jan 31, 2025
Merged

feat(cdp): disallow hog code modification #28142

merged 13 commits into from
Jan 31, 2025
+138 −38

Conversation

meikelmosby
Copy link
Contributor

Problem

We hide modification of hog code for transformations in the frontend but we also want to prohibit to make modifications to hog code in the backend.

Changes

  • added a validation to throw a validation error in case hog code is being modified for a transformation through the api

👉 Stay up-to-date with PostHog coding conventions for a smoother review.

Does this work well for both Cloud and self-hosted?

How did you test this code?

  • added tests

greptile-apps[bot]
greptile-apps bot reviewed Jan 31, 2025
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR Summary

This PR adds a security measure to prevent modification of transformation code through the API by introducing a new HOG_TRANSFORMATIONS_ENABLED setting.

  • Added validation in posthog/api/hog_function.py to block transformation code modifications when disabled
  • Added new setting HOG_TRANSFORMATIONS_ENABLED = False in ee/settings.py to disable transformations by default
  • Added test coverage in posthog/api/test/test_hog_function.py to verify transformation code cannot be modified while destination code changes remain allowed
  • Setting is hardcoded to False without environment variable configuration, which may need consideration

3 file(s) reviewed, 2 comment(s)
Edit PR Review Bot Settings | Greptile

ee/settings.py Outdated Show resolved Hide resolved
posthog/api/hog_function.py Outdated Show resolved Hide resolved
benjackwhite
benjackwhite requested changes Jan 31, 2025
View reviewed changes
ee/settings.py Outdated Show resolved Hide resolved
posthog/api/hog_function.py Outdated Show resolved Hide resolved
benjackwhite
benjackwhite requested changes Jan 31, 2025
View reviewed changes
posthog/api/hog_function.py Outdated Show resolved Hide resolved
benjackwhite
benjackwhite approved these changes Jan 31, 2025
View reviewed changes
posthog/settings/web.py Outdated Show resolved Hide resolved
@meikelmosby meikelmosby force-pushed the feat/cdp/disallow-hog-code-modification branch from 634e27e to 00b1597 Compare January 31, 2025 17:26
@meikelmosby meikelmosby merged commit 965add4 into master Jan 31, 2025
92 checks passed
@meikelmosby meikelmosby deleted the feat/cdp/disallow-hog-code-modification branch January 31, 2025 22:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

@benjackwhite benjackwhite benjackwhite approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@meikelmosby @benjackwhite