profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/vinayvenu/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.

vinayvenu/bahmni-openmrs 2

Repository that encapsulates all the client apps to be packaged as OpenMRS omods.

avniproject/avni-models 0

OpenCHS data model to be used by front end clients

avniproject/jnpct 0

OpenCHS implementation repository for Jashoda Narottam Public Charitable Trust

smartyrad/openmrs-module-tag 0

Provides a generic tagging mechanism for all domain objects

su-docker/config-migrate 0

Tool to make structural changes to your json config files

vinayvenu/15InARow 0

A Javascript version of the popular game 15 in a row

PR opened openmrs/openmrs-module-referenceapplication

RA-1875: EMPT110 Fixed XSS Vulnerability in AppId field on User App Page

Description of What I Changed

I encoded the AppId (entered by the user via AppId field) before it is referenced for further processing to prevent any XSS attacks.

Issue I Worked On

A script or an iframe could be injected in the AppId field while adding app definition. I encoded the AppId in the controller file before it was referenced for usage to prevent any XSS.

Steps to reproduce the vulnerability:

  1. Launch the OpenMRS application.
  2. Login with username "Admin" and password "Admin123" with location as Inpatient Ward.
  3. Click on the “System Administration” option.
  4. Click ‘Manage Apps’.
  5. Click ‘Add App Definition’.
  6. ln the App lD (required) field enter:</script><script>alert('XSS');</script>.
  7. Right click on the page and select ‘lnspect Element’.
  8. ln the ‘Search HTML’ panel of the lnspector tab, search for the HTML for the 'Save' button. Double-click on the ‘disabled=”disabled”’ text and delete hit, then press Enter to save the changes.
  9. Click on the Save button (which should now be clickable).

Output: A dialog box pops up with 'XSS' written on it.

Link to ticket

RA-1875

@isears

+7 -5

0 comment

1 changed file

pr created time in 21 minutes

Pull request review commentnetdata/netdata

Add sections for class, component and type.

 You're interested in what comes after the comma: `disk.io`. That's the name of t  If you create a template using the `disk.io` context, it will apply an alarm to every disk available on your system. +#### Alarm line `class`++Specify the classification of the alarm or template. ++Class can be used to indicate the broader area of the system that the alarm applies to. For example, under the general `Database` class, you can group together alarms that operate on various database systems, like `MySQL`, `CockroachDB`, `CouchDB` etc.++```yaml+class: Database

What about allowed characters? Are there any restrictions? Are spaces allowed?

I do not know exactly what the product team wants, but I made some tests on Friday and today, and I saw that we can use any character for these events, on the other hand I discovered a bug thanks these tests, but I will bring a complete different PR that will address it.

Please, talk with the cloud team to confirm they are expecting any ASCII character.

MrZammler

comment created time in 2 hours

issue commentnetdata/netdata

Release archive contains system/edit-config which has incorrect path

I suspect that make clean need to be run before creating the release archive.

candrews

comment created time in 3 hours

pull request commentopenmrs/openmrs-ocl-client

OCLOMRS-958:Errors from the backend should marked the field that caused the error

@jwnasambu the issue of pull rate limit?

jwnasambu

comment created time in 7 hours

pull request commentopenmrs/openmrs-ocl-client

OCLOMRS-958:Errors from the backend should marked the field that caused the error

@dkayiwa Am still fixing the issue but I will gladly communicate once I have pushed the changes. Thanks for asking.

jwnasambu

comment created time in 7 hours

pull request commentopenmrs/openmrs-ocl-client

OCLOMRS-958:Errors from the backend should marked the field that caused the error

@jwnasambu is the pull rate limit error still a problem?

jwnasambu

comment created time in 8 hours

pull request commentopenmrs/openmrs-ocl-client

OCLOMRS-958:Errors from the backend should marked the field that caused the error

@dkayiwa thanks for the help. @hadijahkyampeire the ticket is not complete that is why its in draft state

jwnasambu

comment created time in 9 hours

issue openednetdata/netdata

Netdata installation fails on Debian 10

<!--- This is a generic issue template. We usually prefer contributors to use one of 3 other specific issue templates (bug report, feature request, question) to allow our automation classify those so you can get response faster. However if your issue doesn't fall into either one of those 3 categories use this generic template. --->

Summary

Installation fails to complete con Debian 10, both using the git clone method and the kickstart script. It seems it has some issues creating systemd files. Manual run from executable is OK, but fails to start via systemctl

`[/root/netdata]# cp system/netdata.service /lib/systemd/system/netdata.service OK

[/root/netdata]# systemctl daemon-reload OK

[/root/netdata]# systemctl enable netdata OK

--- Restarting netdata instance ---

Stopping all netdata threads [/root/netdata]# stop_all_netdata OK

Starting netdata using command 'systemctl start netdata' [/root/netdata]# systemctl start netdata Job for netdata.service failed because the control process exited with error code. See "systemctl status netdata.service" and "journalctl -xe" for details. FAILED

Attempting another netdata start using command 'systemctl start netdata' [/root/netdata]# systemctl start netdata Job for netdata.service failed because the control process exited with error code. See "systemctl status netdata.service" and "journalctl -xe" for details. FAILED

Netdata service still not started, attempting another forced restart by running '/usr/sbin/netdata ' [/root/netdata]# stop_all_netdata OK

[/root/netdata]# /usr/sbin/netdata 2021-04-18 18:45:07: netdata INFO : MAIN : CONFIG: cannot load cloud config '/var/lib/netdata/cloud.d/cloud.conf'. Running with internal defaults. 2021-04-18 18:45:07: netdata INFO : MAIN : Found 0 legacy dbengines, setting multidb diskspace to 256MB 2021-04-18 18:45:07: netdata INFO : MAIN : Created file '/var/lib/netdata/dbengine_multihost_size' to store the computed value 2021-04-18 18:45:07: netdata INFO : MAIN : SIGNAL: Not enabling reaper OK

OK netdata started!

Downloading default configuration from netdata... [/root/netdata]# curl -sSL --connect-timeout 10 --retry 3 http://localhost:19999/netdata.conf OK

[/root/netdata]# mv /etc/netdata/netdata.conf.new /etc/netdata/netdata.conf OK

OK New configuration saved for you to edit at /etc/netdata/netdata.conf

[/root/netdata]# chmod 0644 /etc/netdata/netdata.conf OK

--- Check KSM (kernel memory deduper) ---

Memory de-duplication instructions

You have kernel memory de-duper (called Kernel Same-page Merging, or KSM) available, but it is not currently enabled.

To enable it run:

echo 1 >/sys/kernel/mm/ksm/run
echo 1000 >/sys/kernel/mm/ksm/sleep_millisecs

If you enable it, you will save 40-60% of netdata memory.

--- Check version.txt --- --- Check apps.plugin --- --- Copy uninstaller --- --- Basic netdata instructions ---

netdata by default listens on all IPs on port 19999, so you can access it with:

http://this.machine.ip:19999/

To stop netdata run:

systemctl stop netdata

To start netdata run:

systemctl start netdata

Uninstall script copied to: /usr/libexec/netdata/netdata-uninstaller.sh

--- Installing (but not enabling) the netdata updater tool --- Failed to disable unit: Unit file netdata-updater.timer does not exist. Update script is located at /usr/libexec/netdata/netdata-updater.sh

--- Check if we must enable/disable the netdata updater tool --- You chose NOT to enable auto-update, removing any links to the updater from cron (it may have happened if you are reinstalling)

--- Wrap up environment set up --- Preparing .environment file [/root/netdata]# chmod 0644 /etc/netdata/.environment OK

Setting netdata.tarball.checksum to 'new_installation'

--- We are done! ---

^ |.-. .-. .-. .-. .-. . netdata .-. .- | '-' '-' '-' '-' '-' is installed and running now! -' '-'
+----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+--->

enjoy real-time performance and health monitoring...`

Output from service status: `Failed to dump process list for 'netdata.service', ignoring: Input/output error ● netdata.service - Real time performance monitoring Loaded: loaded (/lib/systemd/system/netdata.service; enabled; vendor preset: enabled) Active: inactive (dead) (Result: exit-code) since Sun 2021-04-18 18:45:02 UTC; 6min ago Tasks: 0 (limit: 4915) Memory: 8.8M CGroup: /system.slice/netdata.service

Apr 18 18:45:02 forum-150 systemd[1]: netdata.service: Failed with result 'exit-code'. Apr 18 18:45:02 forum-150 systemd[1]: Failed to start Real time performance monitoring. Apr 18 18:45:02 forum-150 systemd[1]: Stopped Real time performance monitoring. Apr 18 18:45:12 forum-150 systemd[1]: /lib/systemd/system/netdata.service:10: PIDFile= references path below legacy directory /var/run/, updating /var/run/netdata/netdata.pid → /run/netdata`

I've tried this on some debian 10 machines, same outcome. Tried the same installation on Ubuntu 20.04 machines and works fine, it seems to be debian 10 related.

created time in 9 hours

pull request commentopenmrs/openmrs-ocl-client

OCLOMRS-958:Errors from the backend should marked the field that caused the error

@dkayiwa, @ibacher Kindly how do I solve this persistent error `ERROR: Service 'solr' failed to build: toomanyrequests: You have reached your pull rate limit. You may increase the limit by authenticating and upgrading: https://www.docker.com/increase-rate-limit

The command "bash ./start_local_instance.sh" exited with 1. ` causing the travis failure?

jwnasambu

comment created time in 10 hours

pull request commentopenmrs/openmrs-ocl-client

OCLOMRS-965:Set Source to whatever user want it to be (maybe “Your Recent Sources” instead of hardcoded)

@hadijahkyampeire thanks for the clarification. Kindly, it sounds good when the tickets have clear description of what is expected if possible with diagram(s).

jwnasambu

comment created time in 10 hours

pull request commentopenmrs/openmrs-ocl-client

OCLOMRS-978:Update SignUp links to new OCL links

Coverage Status

Coverage remained the same at 44.699% when pulling 9144dc11c3b6fe25b2cb25b64ae8631f5250cfc4 on suruchee:OCLOMRS-978 into da8870f23828963161d9f26a05d0acc5b27a73bd on openmrs:master.

suruchee

comment created time in 15 hours

pull request commentopenmrs/openmrs-ocl-client

OCLOMRS-978:Update SignUp links to new OCL links

@hadijahkyampeire thanks for your review, I actually updated it as it was before. please review the updated link.

suruchee

comment created time in 15 hours

issue commentnetdata/netdata

mysql.handlers has 3000 "read rnd next" and 1600 "write" on an *empty* MySQL instance

@fzyzcjy those are internal write statements (Handle_write), could be that gathering metrics results in creating some internal temporary table or something like that 🤷‍♂️

To test it:

  • stop monitoring tools
  • invoke SHOW GLOBAL STATUS LIKE 'Handler_%';
  • count number of rows in reply
  • check Handler_write value
fzyzcjy

comment created time in 15 hours

pull request commentopenmrs/openmrs-ocl-client

OCLOMRS-958:Errors from the backend should marked the field that caused the error

@jwnasambu why did you change this PR to a draft? what's up with it?

jwnasambu

comment created time in 15 hours

pull request commentopenmrs/openmrs-ocl-client

OCLOMRS-932:General Filter: Hide Retired Concepts & Add Filter option to Include Retired Concepts

@jwnasambu please rebase your branch with master to get the test fixes.

jwnasambu

comment created time in 15 hours

pull request commentopenmrs/openmrs-ocl-client

OCLOMRS-932:General Filter: Hide Retired Concepts & Add Filter option to Include Retired Concepts

@ibacher please review this, I think we need to maintain the 1 and 0, if anything we actually need to change the true and false since APIv2 is using 1 and 0, we need to spec this ticket well because it looks like it has been confusing over time.

jwnasambu

comment created time in 15 hours

pull request commentopenmrs/openmrs-ocl-client

OCLOMRS-978:Update SignUp links to new OCL links

Also, rebase with master to get the fix for those tests.

suruchee

comment created time in 15 hours

pull request commentopenmrs/openmrs-distro-referenceapplication

RATEST-115:Un Ignore SearchActiveVisitTest

could you please share those changes you thing are needed to we added, otherwise it works as expected on headless =true

sherrif10

comment created time in 16 hours

pull request commentopenmrs/openmrs-distro-referenceapplication

RATEST-115:Un Ignore SearchActiveVisitTest

There is no more work to be done here i guess

@sherrif10 you may be right. While testing your changes I realised there could be some little work to be done. If you do not mind test these changes once again with chromeheadless set to true. Some thing like headless=true

sherrif10

comment created time in 16 hours

pull request commentopenmrs/openmrs-distro-referenceapplication

RATEST-115:Un Ignore SearchActiveVisitTest

There is no more work to be done here i guess, i tested this work on both chrome driver and firefox driver and all was well unless am getting your point mistakenly thanks

sherrif10

comment created time in 16 hours

push eventopenmrs/openmrs-ocl-client

nk183

commit sha 6f2b6b694214877c6a763855a91412c7f33cbe02

OCLOMRS-979 : When creating a dictionary, the selected owner is now visible

view details

kyampeire Hadijah

commit sha da8870f23828963161d9f26a05d0acc5b27a73bd

Merge pull request #692 from nk183/OCLOMRS-979 OCLOMRS-979 : When creating a dictionary, the selected owner is now v…

view details

push time in 17 hours

PR merged openmrs/openmrs-ocl-client

OCLOMRS-979 : When creating a dictionary, the selected owner is now v…

…isible

JIRA TICKET NAME:

OCLOMRS-979

Summary:

When creating a dictionary, the selected owner was not visible after changes image

+0 -1

1 comment

1 changed file

nk183

pr closed time in 17 hours

pull request commentopenmrs/openmrs-distro-referenceapplication

RATEST-115:Un Ignore SearchActiveVisitTest

Have tested the changes locally but there could be some more work to do. Do you mind testing these changes with chromeheadless instance

sherrif10

comment created time in 17 hours

pull request commentopenmrs/openmrs-distro-referenceapplication

RATEST-115:Un Ignore SearchActiveVisitTest

Hello @kaweesi could we merge this please

sherrif10

comment created time in 17 hours

Pull request review commentopenmrs/openmrs-distro-referenceapplication

RATEST-74:Failing Test:Ignored AddFormTests

     private static String REST_PATH_2 = "'\"]";     private static By CALENDAR_EYE_FORM = By.id("w1-display");     private static By DATAPICKER_YEAR = By.className("ui-datepicker-year");-    private static By DATAPICKER_MONTH = By.className("ui-datepicker-moth");+    private static By DATAPICKER_MONTH = By.className("ui-datepicker-month");

Pr to fix the error logged in here https://github.com/openmrs/openmrs-distro-referenceapplication/pull/359

sherrif10

comment created time in 17 hours

Pull request review commentopenmrs/openmrs-distro-referenceapplication

RATEST-74:Failing Test:Ignored AddFormTests

     private static String REST_PATH_2 = "'\"]";     private static By CALENDAR_EYE_FORM = By.id("w1-display");     private static By DATAPICKER_YEAR = By.className("ui-datepicker-year");-    private static By DATAPICKER_MONTH = By.className("ui-datepicker-moth");+    private static By DATAPICKER_MONTH = By.className("ui-datepicker-month");

sure this is a typo error, Last meeting on TAC cal we discussed of resolving these bugs along uitest automatation Test

sherrif10

comment created time in 18 hours

Pull request review commentopenmrs/openmrs-distro-referenceapplication

RATEST-74:Failing Test:Ignored AddFormTests

     private static String REST_PATH_2 = "'\"]";     private static By CALENDAR_EYE_FORM = By.id("w1-display");     private static By DATAPICKER_YEAR = By.className("ui-datepicker-year");-    private static By DATAPICKER_MONTH = By.className("ui-datepicker-moth");+    private static By DATAPICKER_MONTH = By.className("ui-datepicker-month");

are you sure this class is renamed in the hosting module? if not you can have this refactoring/renaming change in a separate ticket such that it's all tracked at once

sherrif10

comment created time in 19 hours

Pull request review commentopenmrs/openmrs-distro-referenceapplication

RATEST-74:Failing Test:Ignored AddFormTests

+package org.openmrs.reference.page;++import org.openmrs.uitestframework.page.Page;+import org.openqa.selenium.By;++public class HtmlFormsPage extends Page {++    private static final By NEW_HTML_FORM = By.cssSelector("a[href='htmlForm.form']");+    private static final By NAME = By.name("form.name");+    private static  By DESCRIPTION = By.name("form.description");+    private static  By SAVE_FORM = By.cssSelector("input[type=\"submit\"]");+    private  static By VERSION = By.name("form.version");++    public HtmlFormsPage(ManageHtmlFormsPage page) {+        super(page);+    }++   public void setNAME(String name) throws InterruptedException {+        driver.findElement(NAME).clear();+        driver.findElement(NAME).sendKeys("newFormTest");+        driver.findElement(NAME).getAttribute("value");+    }+    public  void setDESCRIPTION(String description) {+       driver.findElement(DESCRIPTION).clear();+      driver.findElement(DESCRIPTION).sendKeys("description");+      driver.findElement(DESCRIPTION).getAttribute("value");+    }+   public void setVERSION(String integer){

these attribute setting methods can all be merged into one method such as createNewTestForm()

sherrif10

comment created time in 19 hours

Pull request review commentopenmrs/openmrs-distro-referenceapplication

RATEST-74:Failing Test:Ignored AddFormTests

  */ public class AddFormTest extends TestBase {     private HomePage homePage;+    private static final By NEW_HTML_FORM = By.cssSelector("a[href='htmlForm.form']");+    private static final By NAME = By.name("form.name");+    private static  By DESCRIPTION = By.name("form.description");+    private  static By VERSION = By.name("form.version");+    private static  By SAVE_FORM = By.cssSelector("input[type=\"submit\"]");+    private static  By HOME = By.id("homeNavLink");+     private HeaderPage headerPage;     private ManageFormsPage manageForm;     private ClinicianFacingPatientDashboardPage patientDashboardPage;+    private AdministrationPage administrationPage;+    private ManageHtmlFormsPage manageHtmlFormsPage;+    private HtmlFormsPage htmlFormsPage;      @Before     public void setUp() throws Exception {         homePage = new HomePage(page);-        assertPage(homePage);+        homePage.goToAdministration().clickOnManageHtmlForms().clickOnNewHtmlForm();+        driver.manage().timeouts().implicitlyWait(0,TimeUnit.SECONDS);++        driver.findElement(NAME).clear();

you can move all this page functionality into the respective page @sherrif10

sherrif10

comment created time in 19 hours