Duplicating a feed does not change the passkey on the new feed created

[jamesmacwhite]

Description

When duplicating a feed the passkey is copied from the existing feed. Depending on how you view the use/purpose of the passkey, it is technically there to provide an extra layer of security in addition to just being able to pass a feed ID from a web request to a trigger a feed import. Having it not changed from an existing feed could be seen as potentially a security issue if you have a passkey for another feed and just increment the ID to try and guess or enumerate.

Not a bug technically but perhaps something that can be reviewed?

Steps to reproduce

1. Duplicate an existing Feed Me feed
2. The passkey value provided will be the same from the original feed

Additional info

• Craft version: 5.4.6
• PHP version: 8.3.8
• Database driver & version: MySQL
• Plugins & versions: Feed Me 6.4.0

[jamesmacwhite]

As the field helper references it as a unique string, the duplication action contradicts that.

[i-just]

Hi, thanks for reporting! I raised a PR for this.

[i-just]

Feed Me 5.8.2 and 6.5.0 are out with this change.

[jamesmacwhite]

@i-just Thank you!