)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"e213ee1247b7a840b92600d7860edc3f1e3da2b3","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"dace5f0a_5a55740e","updated":"2023-01-24 18:58:29.000000000","message":"recheck cinder multistore failure","commit_id":"0d6282a01691cecc2798f7858b181c4bb30f850c"}],"glance/common/config.py":[{"author":{"_account_id":32553,"name":"Sven Kieske","email":"sven_oss@posteo.de","username":"skieske"},"change_message_id":"224b3c8cc29fc0fb72a9e5a228fa302defeac4cb","unresolved":true,"context_lines":[{"line_number":103,"context_line":"                default\u003d[\u0027streamOptimized\u0027, \u0027monolithicSparse\u0027],"},{"line_number":104,"context_line":"                help\u003d_(\"A list of strings describing allowed VMDK \""},{"line_number":105,"context_line":"                       \"\u0027create-type\u0027 subformats that will be allowed. \""},{"line_number":106,"context_line":"                       \"This is recommended to only include \""},{"line_number":107,"context_line":"                       \"single-file-with-sparse-header variants to avoid \""},{"line_number":108,"context_line":"                       \"potential host file exposure due to processing named \""},{"line_number":109,"context_line":"                       \"extents. If this list is empty, then no VDMK image \""},{"line_number":110,"context_line":"                       \"types allowed. Note that this is currently only \""},{"line_number":111,"context_line":"                       \"checked during image conversion (if enabled), and \""},{"line_number":112,"context_line":"                       \"limits the types of VMDK images we will convert \""}],"source_content_type":"text/x-python","patch_set":1,"id":"18eaca49_db7daf4a","line":109,"range":{"start_line":106,"start_character":24,"end_line":109,"end_character":32},"updated":"2023-01-24 17:14:02.000000000","message":"imho this wording is not strong enough to discourage users from introducing a security vulnerability by switching this to something insecure.\n\nmaybe write something like:\n\"to avoid leaking of security sensitive files from the hypervisor, like configuration files containing passwords\"\n\nthis is certainly also not perfect, I just invented it on the go, but maybe a little better.","commit_id":"0d6282a01691cecc2798f7858b181c4bb30f850c"}]}