feat: External PDP

[KevLehman]

Proposed changes (including videos or screenshots)

Issue(s)

Steps to test or reproduce

Further comments

https://rocketchat.atlassian.net/browse/CORE-2018

[dionisio-bot]

Looks like this PR is not ready to merge, because of the following issues:

• This PR is missing the 'stat: QA assured' label
• This PR is missing the required milestone or project

Please fix the issues and try again

If you have any trouble, please check the PR guidelines

[changeset-bot]

🦋 Changeset detected

Latest commit: 6c5a4ba

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 42 packages

Name	Type
@rocket.chat/meteor	Minor
@rocket.chat/core-services	Minor
@rocket.chat/core-typings	Minor
@rocket.chat/i18n	Minor
@rocket.chat/authorization-service	Minor
@rocket.chat/abac	Minor
@rocket.chat/account-service	Patch
@rocket.chat/ddp-streamer	Patch
@rocket.chat/omnichannel-transcript	Patch
@rocket.chat/presence-service	Patch
@rocket.chat/queue-worker	Patch
@rocket.chat/federation-matrix	Patch
@rocket.chat/network-broker	Patch
@rocket.chat/omni-core-ee	Patch
@rocket.chat/omnichannel-services	Patch
@rocket.chat/presence	Patch
rocketchat-services	Patch
@rocket.chat/uikit-playground	Patch
@rocket.chat/api-client	Patch
@rocket.chat/apps	Patch
@rocket.chat/cron	Patch
@rocket.chat/ddp-client	Patch
@rocket.chat/fuselage-ui-kit	Major
@rocket.chat/gazzodown	Major
@rocket.chat/http-router	Patch
@rocket.chat/livechat	Patch
@rocket.chat/model-typings	Patch
@rocket.chat/rest-typings	Minor
@rocket.chat/ui-avatar	Major
@rocket.chat/ui-client	Major
@rocket.chat/ui-contexts	Major
@rocket.chat/ui-voip	Major
@rocket.chat/web-ui-registration	Major
@rocket.chat/license	Patch
@rocket.chat/media-calls	Patch
@rocket.chat/pdf-worker	Patch
@rocket.chat/mock-providers	Patch
@rocket.chat/models	Patch
@rocket.chat/ui-video-conf	Major
@rocket.chat/instance-status	Patch
@rocket.chat/omni-core	Patch
@rocket.chat/server-fetch	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: ee69ab01-ca9a-49b9-8420-7f0588e67cdf

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

❌ Patch coverage is 27.74390% with 237 lines in your changes missing coverage. Please review.
✅ Project coverage is 70.82%. Comparing base (c544b80) to head (6c5a4ba).
⚠️ Report is 1 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop   #39845      +/-   ##
===========================================
+ Coverage    70.28%   70.82%   +0.54%     
===========================================
  Files         3280     1593    -1687     
  Lines       116814    85878   -30936     
  Branches     20704    12800    -7904     
===========================================
- Hits         82103    60825   -21278     
+ Misses       31440    24564    -6876     
+ Partials      3271      489    -2782     

Flag	Coverage Δ
e2e	?
e2e-api	?
unit	70.82% <27.74%> (-0.28%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[rc-layne]

🔴 Layne — 5 finding(s)

Found 5 issue(s): 5 high.

[julio-rocketchat]

🔴 Layne — 2 finding(s)

Found 2 issue(s): 2 high.

@KevLehman can you add a // SECURITY: <reason> comment on top of each ignoreSsrfValidation: true or on the same line? Then I can approve Layne's findings as exceptions so that the check passes.

[julio-rocketchat]

/layne exception-approve LAYNE-92cc1dd60a09a52c LAYNE-f3b98cfa0ce32ac8 reason: Kevin justified that the 2 instances of ignoreSsrfValidation are actually only configured by a workspace admin

[rc-layne]

✅ Exception recorded for LAYNE-92cc1dd60a09a52c, LAYNE-f3b98cfa0ce32ac8 by @julio-rocketchat: "Kevin justified that the 2 instances of ignoreSsrfValidation are actually only configured by a workspace admin". Re-running scan...

[julio-rocketchat]

/layne exception-approve LAYNE-fa31c7e349286e51 LAYNE-67d67ea80c17baca LAYNE-955f7ddec71ff37f reason: same as before, only configurable by admins

[rc-layne]

✅ Exception recorded for LAYNE-fa31c7e349286e51, LAYNE-67d67ea80c17baca, LAYNE-955f7ddec71ff37f by @julio-rocketchat: "same as before, only configurable by admins". Re-running scan...