SDK regeneration#2
Conversation
Generated by Fern CLI Version: unknown Generators: - fernapi/fern-java-sdk: 4.8.11
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
|
|
||
| if (logger.isDebug()) { | ||
| StringBuilder sb = new StringBuilder(); | ||
| sb.append("HTTP Request: ").append(request.method()).append(" ").append(request.url()); |
There was a problem hiding this comment.
🔒 Agentic Security Review
Severity: MEDIUM
request.url() is logged verbatim, which includes query-string values. Because request options can add arbitrary query parameters, secrets/tokens passed in query params can be written to logs without redaction.
Impact: Sensitive credentials or signed query parameters may be exposed to log readers and downstream log systems.
Reviewed by Cursor Security Reviewer for commit 00ebc78. Configure here.
| resetEventState(); | ||
| return true; | ||
| } catch (Exception parseEx) { | ||
| System.err.println("Failed to parse SSE event: " + parseEx.getMessage()); |
There was a problem hiding this comment.
🔒 Agentic Security Review
Severity: MEDIUM
SSE parse failures are printed directly to stderr with exception messages, bypassing the SDK logger’s level/silent controls. Parser error messages can include fragments of event payload content.
Impact: Stream payload data can leak into application stderr/log aggregation unexpectedly, increasing accidental exposure risk for sensitive event content.
Reviewed by Cursor Security Reviewer for commit 00ebc78. Configure here.
1 participant
Automated SDK generation by Fern
Note
Medium Risk
Breaking consumer changes include paginated list return types, renamed exception and update types, and new required nullable builder fields; import jobs can prune missing entities when enabled.
Overview
Regenerates the IcePanel Java SDK (0.1.4 → 0.1.5) with Fern CLI 5.44.7 and Java generator 4.8.11, plus Fern Replay metadata (
.fern/replay.lock,.fernignore,CONTRIBUTING.md).API surface: List calls for versions, model objects, and model connections now return
SyncPagingIterablewith optionalcursor/limitinstead of single-shot list response types. Addslandscapes().import_()(create/get import jobs) andmodel().objects().dependenciesList(). Version updates useVersionUpdate(replacingVersionPartial). Several create/upsert builders require explicit nullable fields (e.g.parentId,modelHandleId).Client/runtime: Sync/async builders accept optional
logging(LogConfig). Raw HTTP clients map more status codes to typed errors (BadRequestError,ForbiddenError,ServiceUnavailableError); generic failures useIcePanelClientApiException. Jackson bumps to 2.18.6; README documents pagination and retry semantics.Docs:
reference.mdadds export/import descriptions and notes legacy model CSV export routes in favor of landscape export with typed formats.Reviewed by Cursor Bugbot for commit 00ebc78. Bugbot is set up for automated code reviews on this repo. Configure here.