Skip to content

[Java] Changed IAST test so it only generates one vulnerability#1439

Merged
smola merged 1 commit intomainfrom
jsantos/cryptoexamples_improvement
Aug 4, 2023
Merged

[Java] Changed IAST test so it only generates one vulnerability#1439
smola merged 1 commit intomainfrom
jsantos/cryptoexamples_improvement

Conversation

@DDJavierSantos
Copy link
Copy Markdown
Contributor

@DDJavierSantos DDJavierSantos commented Jul 26, 2023

Description

A simple change in Cryptoexamples so only one weak cipher vulnerability is reported. Before the change two of them were reported.

Motivation

We are adding instrumentation to KeyGenerator and this resulted in two vulnerabilities being reported in this example where we had one before. This confuses the vulnerability parser.

Workflow

  1. ⚠️⚠️ Create your PR as draft
  2. Follow the style guidelines of this project (See how to easily lint the code)
  3. Work on you PR until the CI passes (if something not related to your task is failing, you can ignore it)
  4. Mark it as ready for review

Once your PR is reviewed, you can merge it! ❤️

Reviewer checklist

  • Check what scenarios are modified. If needed, add the relevant label (run-parametric-scenario, run-profiling-scenario...). If this PR modifies any system-tests internal, then add the run-all-scenarios label (more info).
  • CI is green
    • If not, failing jobs are not related to this change (and you are 100% sure about this statement)
  • if any of build-some-image label is present
    1. is the image labl have been updated ?
    2. just before merging, locally build and push the image to hub.docker.com

@DDJavierSantos DDJavierSantos requested review from a team as code owners July 26, 2023 12:13
@DDJavierSantos DDJavierSantos force-pushed the jsantos/cryptoexamples_improvement branch from 9571312 to 92b3936 Compare August 1, 2023 06:26
@DDJavierSantos DDJavierSantos force-pushed the jsantos/cryptoexamples_improvement branch from 92b3936 to 271cb9f Compare August 1, 2023 16:43
@smola smola merged commit d3acb3a into main Aug 4, 2023
@smola smola deleted the jsantos/cryptoexamples_improvement branch August 4, 2023 07:28
@smola smola changed the title Changed example so it only generates one vulnerability [Java] Changed IAST test so it only generates one vulnerability Aug 4, 2023
@smola smola added the java Pull requests that update Java code label Aug 4, 2023
@smola smola mentioned this pull request Aug 9, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@smola smola smola approved these changes

@cataphract cataphract Awaiting requested review from cataphract cataphract is a code owner automatically assigned from DataDog/asm-java

Assignees

No one assigned

Labels

java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@DDJavierSantos @smola