Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix IAST evidence redaction #3160

Merged
merged 2 commits into from May 16, 2023
Merged

Fix IAST evidence redaction #3160

merged 2 commits into from May 16, 2023

Conversation

CarlesDD
Copy link
Contributor

What does this PR do?

Correctly redaction of sensitive data that contains a tainted value but not the start nor the end matches with the tainted value.

@github-actions
Copy link

Overall package size

Self size: 4.13 MB
Deduped: 58.26 MB
No deduping: 58.3 MB

Dependency sizes

name version self size total size
@datadog/pprof 2.2.1 14.24 MB 15.12 MB
@datadog/native-iast-taint-tracking 1.4.1 14.85 MB 14.86 MB
@datadog/native-appsec 3.1.0 13.31 MB 13.32 MB
protobufjs 7.1.2 2.76 MB 6.55 MB
@datadog/native-iast-rewriter 2.0.1 2.09 MB 2.1 MB
@datadog/native-metrics 2.0.0 898.77 kB 1.3 MB
opentracing 0.14.7 194.81 kB 194.81 kB
semver 7.3.8 88.2 kB 118.6 kB
@datadog/sketches-js 2.1.0 109.9 kB 109.9 kB
lodash.sortby 4.7.0 75.76 kB 75.76 kB
lru-cache 7.14.0 74.95 kB 74.95 kB
ipaddr.js 2.0.1 59.52 kB 59.52 kB
ignore 5.2.0 48.87 kB 48.87 kB
import-in-the-middle 1.3.5 34.34 kB 38.81 kB
istanbul-lib-coverage 3.2.0 29.34 kB 29.34 kB
retry 0.10.1 27.44 kB 27.44 kB
lodash.uniq 4.5.0 25.01 kB 25.01 kB
limiter 1.1.5 23.17 kB 23.17 kB
lodash.kebabcase 4.1.1 17.75 kB 17.75 kB
lodash.pick 4.4.0 16.33 kB 16.33 kB
node-abort-controller 3.0.1 14.33 kB 14.33 kB
crypto-randomuuid 1.0.0 11.18 kB 11.18 kB
diagnostics_channel 1.1.0 7.07 kB 7.07 kB
path-to-regexp 0.1.7 6.78 kB 6.78 kB
koalas 1.0.2 6.47 kB 6.47 kB
methods 1.1.2 5.29 kB 5.29 kB
module-details-from-path 1.0.3 4.47 kB 4.47 kB

🤖 This report was automatically generated by heaviest-objects-in-the-universe

@CarlesDD CarlesDD added semver-patch bug Something isn't working labels May 16, 2023
@pr-commenter
Copy link

pr-commenter bot commented May 16, 2023

Benchmarks

Comparing candidate commit 1645f04 in PR branch ccapell/fix-iast-sensitive-sql-redaction with baseline commit cad3d92 in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 442 metrics, 30 unstable metrics.

@codecov
Copy link

codecov bot commented May 16, 2023
edited

Codecov Report

Merging #3160 (1645f04) into master (cad3d92) will decrease coverage by 18.25%.
The diff coverage is 0.00%.

@@             Coverage Diff             @@
##           master    #3160       +/-   ##
===========================================
- Coverage   86.98%   68.74%   -18.25%     
===========================================
  Files         322      161      -161     
  Lines       11763     6498     -5265     
  Branches       33       33               
===========================================
- Hits        10232     4467     -5765     
- Misses       1531     2031      +500
Impacted Files Coverage Δ
...-formatter/evidence-redaction/sensitive-handler.js 18.66% <0.00%> (-81.34%) ⬇️

... and 211 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@CarlesDD CarlesDD marked this pull request as ready for review May 16, 2023 15:07
@CarlesDD CarlesDD requested a review from a team as a code owner May 16, 2023 15:07
@CarlesDD CarlesDD merged commit ad6f02a into master May 16, 2023
105 of 107 checks passed
thedavl pushed a commit that referenced this pull request May 30, 2023
@CarlesDD @thedavl
Fix IAST evidence redaction (#3160)
3bd05f2 
* Add test for vulnerability evidence scrubber

* Fix IAST SQL redaction with tainted contained in sensitive
uurien pushed a commit that referenced this pull request Jun 1, 2023
@CarlesDD @uurien
Fix IAST evidence redaction (#3160)
c2d7379 
* Add test for vulnerability evidence scrubber

* Fix IAST SQL redaction with tainted contained in sensitive
uurien pushed a commit that referenced this pull request Jun 1, 2023
@CarlesDD @uurien
Fix IAST evidence redaction (#3160)
75795f6 
* Add test for vulnerability evidence scrubber

* Fix IAST SQL redaction with tainted contained in sensitive
uurien pushed a commit that referenced this pull request Jun 1, 2023
@CarlesDD @uurien
Fix IAST evidence redaction (#3160)
8076e8c 
* Add test for vulnerability evidence scrubber

* Fix IAST SQL redaction with tainted contained in sensitive
This was referenced Jun 1, 2023
Merged
Merged
Merged
uurien pushed a commit that referenced this pull request Jun 2, 2023
@CarlesDD @uurien
Fix IAST evidence redaction (#3160)
516a24f 
* Add test for vulnerability evidence scrubber

* Fix IAST SQL redaction with tainted contained in sensitive
uurien pushed a commit that referenced this pull request Jun 2, 2023
@CarlesDD @uurien
Fix IAST evidence redaction (#3160)
ca73c2c 
* Add test for vulnerability evidence scrubber

* Fix IAST SQL redaction with tainted contained in sensitive
uurien pushed a commit that referenced this pull request Jun 2, 2023
@CarlesDD @uurien
Fix IAST evidence redaction (#3160)
3a4571c 
* Add test for vulnerability evidence scrubber

* Fix IAST SQL redaction with tainted contained in sensitive
@tlhunter tlhunter deleted the ccapell/fix-iast-sensitive-sql-redaction branch January 19, 2024 22:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@uurien uurien uurien approved these changes

Assignees
No one assigned
Labels
asm-iast bug Something isn't working semver-patch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@CarlesDD @uurien