)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":31664,"name":"Omer Schwartz","email":"oschwart@redhat.com","username":"oschwart"},"change_message_id":"d1e7728e8e79592541d2da6288ac4e56129fa912","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"22299c7a_5b3ffaaf","updated":"2026-01-30 23:48:41.000000000","message":"Tempest tests were relying on the old behavior of accepting invalid project IDs in the x-auth-sudo-project-id header. We will have to skip them in a separate patch with depends-on label and then upload a patch that will re-enable them","commit_id":"93c1ea706eacfc55cdc379a4c639acff7af200cf"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"391304bb2af1d0721fcdc87c57f6f7fd98b2d575","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"b0682de1_ebc59e2c","updated":"2026-02-03 20:07:46.000000000","message":"You should not need to disable tests, just fix them in tempest and make this patch depend on that fix.\nComment about API functionality change","commit_id":"93c1ea706eacfc55cdc379a4c639acff7af200cf"},{"author":{"_account_id":31664,"name":"Omer Schwartz","email":"oschwart@redhat.com","username":"oschwart"},"change_message_id":"0ab2aa4a9e31cf93c8a8d2e5195af86cfa3b673b","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":1,"id":"c0f2f391_1c63d640","in_reply_to":"b0682de1_ebc59e2c","updated":"2026-02-04 16:54:22.000000000","message":"TODO(oschwart) reminder to myself","commit_id":"93c1ea706eacfc55cdc379a4c639acff7af200cf"},{"author":{"_account_id":31664,"name":"Omer Schwartz","email":"oschwart@redhat.com","username":"oschwart"},"change_message_id":"ae890188de55ffbc3e3ad22bdb54d6bedfe69059","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"e2e313e5_c24d617a","in_reply_to":"c0f2f391_1c63d640","updated":"2026-02-04 17:14:30.000000000","message":"Done","commit_id":"93c1ea706eacfc55cdc379a4c639acff7af200cf"},{"author":{"_account_id":31664,"name":"Omer Schwartz","email":"oschwart@redhat.com","username":"oschwart"},"change_message_id":"7b8a55e117149f33f080c6d2a4d4433965d9dda6","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"3d403ba9_1853e646","updated":"2026-02-05 09:48:14.000000000","message":"recheck depended-on patch has been updated","commit_id":"61cac3984ace3fa8f44958230eca70e324753629"},{"author":{"_account_id":31664,"name":"Omer Schwartz","email":"oschwart@redhat.com","username":"oschwart"},"change_message_id":"0f9b9d33e34089fe5f823782e5794a6d35e1e4ac","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"7d23a9f7_fe2639ad","updated":"2026-02-04 22:28:31.000000000","message":"recheck depended-on patch has been updated","commit_id":"61cac3984ace3fa8f44958230eca70e324753629"}],"designate/context.py":[{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"391304bb2af1d0721fcdc87c57f6f7fd98b2d575","unresolved":true,"context_lines":[{"line_number":131,"context_line":"    def sudo(self, project_id):"},{"line_number":132,"context_line":""},{"line_number":133,"context_line":"        policy.check(\u0027use_sudo\u0027, self)"},{"line_number":134,"context_line":"        keystone.verify_project_id(self, project_id)"},{"line_number":135,"context_line":""},{"line_number":136,"context_line":"        LOG.info(\u0027Accepted sudo from user %(user)s to project_id %(project)s\u0027,"},{"line_number":137,"context_line":"                 {\u0027user\u0027: self.user_id, \u0027project\u0027: project_id})"}],"source_content_type":"text/x-python","patch_set":1,"id":"e3fc1dbd_6a164003","line":134,"updated":"2026-02-03 20:07:46.000000000","message":"The tests found a valid issue here in that as this is written, it exposes the existence of project IDs as valid or not. This could be a security issue and why the previous test behavior checked for a \"NOT FOUND\" instead which could mean the zone or object they specified does not exist instead of exposing that the project ID does not exist.\n\nThis is also a change in API behavior that automation tools may be looking for (result is now 400 bad request where in some cases it was 404 not found.\n\nIn this case it\u0027s after the sudo policy check, so has some level of validation that the user has privilege in the cloud, but it still exposes the presence of the project ID that a user with the sudo policy role may not normally have.\n\nConsider wrapping this in a catch block and raising NOT FOUND instead of INVALID PROJECT.\n\nEither way, test_list_all_projects_zones will need to be fixed.","commit_id":"93c1ea706eacfc55cdc379a4c639acff7af200cf"},{"author":{"_account_id":31664,"name":"Omer Schwartz","email":"oschwart@redhat.com","username":"oschwart"},"change_message_id":"ae890188de55ffbc3e3ad22bdb54d6bedfe69059","unresolved":false,"context_lines":[{"line_number":131,"context_line":"    def sudo(self, project_id):"},{"line_number":132,"context_line":""},{"line_number":133,"context_line":"        policy.check(\u0027use_sudo\u0027, self)"},{"line_number":134,"context_line":"        keystone.verify_project_id(self, project_id)"},{"line_number":135,"context_line":""},{"line_number":136,"context_line":"        LOG.info(\u0027Accepted sudo from user %(user)s to project_id %(project)s\u0027,"},{"line_number":137,"context_line":"                 {\u0027user\u0027: self.user_id, \u0027project\u0027: project_id})"}],"source_content_type":"text/x-python","patch_set":1,"id":"a3f5ec7d_dbc2e752","line":134,"in_reply_to":"4b7c8587_9bbab0f8","updated":"2026-02-04 17:14:30.000000000","message":"Done","commit_id":"93c1ea706eacfc55cdc379a4c639acff7af200cf"},{"author":{"_account_id":31664,"name":"Omer Schwartz","email":"oschwart@redhat.com","username":"oschwart"},"change_message_id":"0ab2aa4a9e31cf93c8a8d2e5195af86cfa3b673b","unresolved":false,"context_lines":[{"line_number":131,"context_line":"    def sudo(self, project_id):"},{"line_number":132,"context_line":""},{"line_number":133,"context_line":"        policy.check(\u0027use_sudo\u0027, self)"},{"line_number":134,"context_line":"        keystone.verify_project_id(self, project_id)"},{"line_number":135,"context_line":""},{"line_number":136,"context_line":"        LOG.info(\u0027Accepted sudo from user %(user)s to project_id %(project)s\u0027,"},{"line_number":137,"context_line":"                 {\u0027user\u0027: self.user_id, \u0027project\u0027: project_id})"}],"source_content_type":"text/x-python","patch_set":1,"id":"4b7c8587_9bbab0f8","line":134,"in_reply_to":"e3fc1dbd_6a164003","updated":"2026-02-04 16:54:22.000000000","message":"Thank you for this comment, I totally agree and will fix it in the next PS","commit_id":"93c1ea706eacfc55cdc379a4c639acff7af200cf"}]}