From 8276d6dd76ba3ea7843e76ee2aa1a178082d399e Mon Sep 17 00:00:00 2001
From: Daniel Leskosky <dleskosky@salesforce.com>
Date: Fri, 30 Sep 2022 17:12:47 -0700
Subject: [PATCH 1/6] updating security doc so users use at least 5.1.1 of
 Tornado

---
 docs/security.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/security.md b/docs/security.md
index a9bd5b3e..7e80435e 100755
--- a/docs/security.md
+++ b/docs/security.md
@@ -17,3 +17,5 @@ you may want to consider the following as you use TabPy:
 - Execution of ad-hoc Python scripts can be disabled by turning off the
   /evaluate endpoint. To disable /evaluate endpoint, set "TABPY_EVALUATE_ENABLE"
   to false in config file.
+- The Python module for Tornado needs to be at least version 5.1.1. Using an earlier 
+  version than this can leave scripts vulnerable to malicious attacks.
\ No newline at end of file

From 116253964130e0be8309eff67a1ae7a937bc1ee8 Mon Sep 17 00:00:00 2001
From: Daniel Leskosky <dleskosky@salesforce.com>
Date: Mon, 3 Oct 2022 09:23:50 -0700
Subject: [PATCH 2/6] changed tornado to python in sec doc

---
 docs/security.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/docs/security.md b/docs/security.md
index 7e80435e..84d8669f 100755
--- a/docs/security.md
+++ b/docs/security.md
@@ -17,5 +17,4 @@ you may want to consider the following as you use TabPy:
 - Execution of ad-hoc Python scripts can be disabled by turning off the
   /evaluate endpoint. To disable /evaluate endpoint, set "TABPY_EVALUATE_ENABLE"
   to false in config file.
-- The Python module for Tornado needs to be at least version 5.1.1. Using an earlier 
-  version than this can leave scripts vulnerable to malicious attacks.
\ No newline at end of file
+- Always use the most up-to-date version of Python. Using earlier versions can leave scripts vulnerable to malicious attacks.
\ No newline at end of file

From 7b998ae100b494e85ed457ccb3d466dc393c9dc2 Mon Sep 17 00:00:00 2001
From: Daniel Leskosky <dleskosky@salesforce.com>
Date: Mon, 3 Oct 2022 09:32:56 -0700
Subject: [PATCH 3/6] linter was complaining

---
 docs/security.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/docs/security.md b/docs/security.md
index 84d8669f..93461d65 100755
--- a/docs/security.md
+++ b/docs/security.md
@@ -17,4 +17,6 @@ you may want to consider the following as you use TabPy:
 - Execution of ad-hoc Python scripts can be disabled by turning off the
   /evaluate endpoint. To disable /evaluate endpoint, set "TABPY_EVALUATE_ENABLE"
   to false in config file.
-- Always use the most up-to-date version of Python. Using earlier versions can leave scripts vulnerable to malicious attacks.
\ No newline at end of file
+- Always use the most up-to-date version of Python. 
+  Using earlier versions can leave scripts vulnerable to malicious attacks.
+  
\ No newline at end of file

From 7f3b4c4da33960dcc3eb1065b79cef5a3a6f841a Mon Sep 17 00:00:00 2001
From: Daniel Leskosky <dleskosky@salesforce.com>
Date: Mon, 3 Oct 2022 09:35:48 -0700
Subject: [PATCH 4/6] linter was complaining

---
 docs/security.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/docs/security.md b/docs/security.md
index 93461d65..f0dd3a0d 100755
--- a/docs/security.md
+++ b/docs/security.md
@@ -17,6 +17,5 @@ you may want to consider the following as you use TabPy:
 - Execution of ad-hoc Python scripts can be disabled by turning off the
   /evaluate endpoint. To disable /evaluate endpoint, set "TABPY_EVALUATE_ENABLE"
   to false in config file.
-- Always use the most up-to-date version of Python. 
+- Always use the most up-to-date version of Python.
   Using earlier versions can leave scripts vulnerable to malicious attacks.
-  
\ No newline at end of file

From b43d8cfc8c7a5b3e36060ec5e5cae2d36507028b Mon Sep 17 00:00:00 2001
From: Daniel Leskosky <dleskosky@salesforce.com>
Date: Mon, 3 Oct 2022 11:46:26 -0700
Subject: [PATCH 5/6] more detail added

---
 docs/security.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/docs/security.md b/docs/security.md
index f0dd3a0d..681f91d2 100755
--- a/docs/security.md
+++ b/docs/security.md
@@ -18,4 +18,6 @@ you may want to consider the following as you use TabPy:
   /evaluate endpoint. To disable /evaluate endpoint, set "TABPY_EVALUATE_ENABLE"
   to false in config file.
 - Always use the most up-to-date version of Python.
-  Using earlier versions can leave scripts vulnerable to malicious attacks.
+  TabPy relies on Tornado and if older verions of Python are used with Tornado
+  then malicious users can potentially poison python server web caches
+  with parameter cloaking.

From 0b753fb4891e103d9693c016bbfe228f03de3663 Mon Sep 17 00:00:00 2001
From: Daniel Leskosky <dleskosky@salesforce.com>
Date: Mon, 3 Oct 2022 12:59:23 -0700
Subject: [PATCH 6/6] fixed typo

---
 docs/security.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/security.md b/docs/security.md
index 681f91d2..9afcfd4e 100755
--- a/docs/security.md
+++ b/docs/security.md
@@ -19,5 +19,5 @@ you may want to consider the following as you use TabPy:
   to false in config file.
 - Always use the most up-to-date version of Python.
   TabPy relies on Tornado and if older verions of Python are used with Tornado
-  then malicious users can potentially poison python server web caches
+  then malicious users can potentially poison Python server web caches
   with parameter cloaking.