Skip to content

Signing fix #225

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
yanivmo merged 1 commit into from
Jan 27, 2026
Merged

Signing fix #225

yanivmo merged 1 commit into from
Jan 27, 2026

Conversation

@yanivmo
Copy link
Collaborator

@yanivmo yanivmo commented Jan 27, 2026

No description provided.

@yanivmo yanivmo requested review from OzBalasFB and Copilot January 27, 2026 05:55
Copilot AI reviewed Jan 27, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR refactors the signing and encoding modules to use Buffer objects instead of strings for binary data, improving type safety and correctness in cryptographic operations.

Changes:

  • Updated signature interfaces to accept and return Buffer objects instead of strings
  • Modified encoding functions to work with Buffer inputs and outputs
  • Replaced string-based signature comparison with timing-safe equality check

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
v2/api-validator/src/security/signing.ts Changed signature methods to use Buffer types and added timing-safe comparison for HMAC verification
v2/api-validator/src/security/encoding.ts Updated encoder interface and implementations to accept Buffer inputs and return Buffer outputs
v2/api-validator/src/security/index.ts Modified payload encoding to explicitly convert strings to UTF-8 buffers before encoding
v2/api-validator/tests/self-tests/encoding.test.ts Updated test data to use Buffer and changed assertions to use buffer equality checks
v2/api-validator/tests/self-tests/signing.test.ts Fixed test to pass Buffer instead of string for signature parameter

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@yanivmo yanivmo merged commit d31de74 into main Jan 27, 2026
3 checks passed
@yanivmo yanivmo deleted the signing-fix branch January 27, 2026 10:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@OzBalasFB OzBalasFB OzBalasFB approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@yanivmo @OzBalasFB