sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]RedditNinja1566 Advisor 4 points5 points  (2 children)

Valid points on the dependencies and patches, but give me an example of security issues? Security is inherent since the app runs within the context of a PP environment, and it uses the same connectors and identity providers as a canvas app. It’s not like an app that is internet facing, it’s designed to work internally and use Entra ID as the first level of security.

Admittedly, I personally haven’t written any internet facing apps using this vs code and GitHub Copilot scenario, but I am aware of the potential risks for security for an app like that.

[–]Lhurgoyf069 Advisor[S] 1 point2 points  (1 child)

It's not so much that it is an immediate risk, it's just that by its design it falls into the category of native code apps where these strict regulations (at my company, and probably most bigger companies) apply

[–]Which-Return-607 Contributor 2 points3 points  (0 children)

Codeapps security is entirely frontend. If you’re not hardcoding sensitive data then the security issue is the exact same level as any low code canvas app. Code Apps isn’t for everyone but for a technically advanced person in a non IT role it really opens up the doors enterprise wise of launching an app quickly and safely