Skip to content

#1399: Use specific rule in semgrep integration-test instead of ruleset#1400

Merged
Weltraumschaf merged 1 commit intomainfrom
fix/fix-semgrep-integration-test
Oct 11, 2022
Merged

#1399: Use specific rule in semgrep integration-test instead of ruleset#1400
Weltraumschaf merged 1 commit intomainfrom
fix/fix-semgrep-integration-test

Conversation

@RamiSouai
Copy link
Member

@RamiSouai RamiSouai commented Oct 11, 2022

Signed-off-by: Rami Souai [email protected]
Fixes #1399

This PR solves the issue by scanning for the specific rule (command-injection-os-system) found in the vulnerable python test file in the Semgrep integraiton-test scan, instead of an entire ruleset.

Rulesets are subject to change and can have rules removed or added, leading to more or less vulnerabilties found during the test process and making assertions in those tests difficult to maintain.

Description

Checklist

  • Test your changes as thoroughly as possible before you commit them. Preferably, automate your test by unit/integration tests.
  • Make sure that all your commits are signed-off and that you are added to the Contributors file.
  • Make sure that all CI finish successfully.
  • Optional (but appreciated): Make sure that all commits are Verified.

@RamiSouai RamiSouai requested a review from malexmave October 11, 2022 14:17
@RamiSouai RamiSouai self-assigned this Oct 11, 2022
@github-actions
Copy link

github-actions bot commented Oct 11, 2022

MegaLinter status: ⚠️ WARNING

Descriptor Linter Files Fixed Errors Elapsed time
⚠️ JAVASCRIPT eslint 1 1 0.86s
✅ SPELL misspell 1 0 0.05s

See errors details in artifact MegaLinter reports on CI Job page
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

@Weltraumschaf Weltraumschaf requested review from Weltraumschaf and removed request for malexmave October 11, 2022 14:33
Weltraumschaf
Weltraumschaf reviewed Oct 11, 2022
View reviewed changes
Copy link
Member

@Weltraumschaf Weltraumschaf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Weltraumschaf
Weltraumschaf reviewed Oct 11, 2022
View reviewed changes
Copy link
Member

@Weltraumschaf Weltraumschaf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Weltraumschaf
Weltraumschaf approved these changes Oct 11, 2022
View reviewed changes
Copy link
Member

@Weltraumschaf Weltraumschaf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Weltraumschaf Weltraumschaf merged commit 26d6e76 into main Oct 11, 2022
@Weltraumschaf Weltraumschaf deleted the fix/fix-semgrep-integration-test branch October 11, 2022 14:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Weltraumschaf Weltraumschaf Weltraumschaf approved these changes

Assignees

@RamiSouai RamiSouai

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Semgrep integrations-tests fail

2 participants

@RamiSouai @Weltraumschaf

Comments