Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set typescrit+sqlinjection bug as fixed #2062

Merged
merged 2 commits into from
Jan 30, 2024
Merged

Set typescrit+sqlinjection bug as fixed #2062

merged 2 commits into from
Jan 30, 2024

Conversation

uurien
Copy link
Contributor

@uurien uurien commented Jan 26, 2024
edited
Loading

Motivation

Bug fixed and merged in master, remove XPASS from tests

Changes

Set bug fix version

Workflow

  1. ⚠️ Create your PR as draft ⚠️
  2. Work on you PR until the CI passes (if something not related to your task is failing, you can ignore it)
  3. Mark it as ready for review
    • Test logic is modified? -> Get a review from RFC owner. We're working on refining the codeowners file quickly.
    • Framework is modified, or non obvious usage of it -> get a review from R&P team

🚀 Once your PR is reviewed, you can merge it!

🛟 #apm-shared-testing 🛟

Reviewer checklist

  • Relevant label (run-parametric-scenario, run-profiling-scenario...) are presents
  • No system-tests internal is modified. Otherwise, I have the approval from R&P team
  • CI is green, or failing jobs are not related to this change (and you are 100% sure about this statement)
  • A docker base image is modified?
    • the relevant build-XXX-image label is present
    • To R&P team: locally build and push the image to hub.docker.com
  • A scenario is added (or removed)?
    • Get a review from R&P team
    • Once merged, add (or remove) it in system-test-dasboard nightly

Failing tests are cpp and java tests, are not related with this PR

simon-id
simon-id reviewed Jan 29, 2024
View reviewed changes
tests/appsec/iast/sink/test_sql_injection.py Outdated
@@ -22,7 +22,7 @@ class TestSqlInjection(BaseSinkTest):
"python": {"flask-poc": "app.py", "django-poc": "app/urls.py"},
}

@bug(weblog_variant="express4-typescript", reason="Incorrect vulnerability location")
@bug(context.library < "nodejs@5.2.1", weblog_variant="express4-typescript", reason="Incorrect vulnerability location")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we very rarely release patch versions, it's probably going to be 5.3.0

@uurien uurien mentioned this pull request Jan 29, 2024
Merged
3 tasks
@uurien uurien force-pushed the ugaitz/nodejs-sqli-location-fixed branch from 0121bb8 to 2efbdb0 Compare January 29, 2024 17:06
@uurien uurien force-pushed the ugaitz/nodejs-sqli-location-fixed branch 3 times, most recently from edccbb2 to f23bf65 Compare January 30, 2024 10:02
@uurien uurien force-pushed the ugaitz/nodejs-sqli-location-fixed branch from f23bf65 to 0ac0aa4 Compare January 30, 2024 13:30
@uurien uurien marked this pull request as ready for review January 30, 2024 14:14
@uurien uurien requested review from a team as code owners January 30, 2024 14:14
@uurien uurien merged commit a44d33c into main Jan 30, 2024
154 of 157 checks passed
@uurien uurien deleted the ugaitz/nodejs-sqli-location-fixed branch January 30, 2024 15:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cbeauchesne cbeauchesne cbeauchesne approved these changes

@simon-id simon-id simon-id approved these changes

Assignees
No one assigned
Labels
run-appsec-scenarios
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@uurien @cbeauchesne @simon-id