-
Notifications
You must be signed in to change notification settings - Fork 573
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
semgrep: updated IPv4 regex pattern #1382
Conversation
changelog detected ✅ |
let me have a think about this one as the regex is intentionally broad to catch anything that looks like it may be an IP, not just valid ones. this ensures that even if someone provides an invalid IP, it recommends the documented ranges we expect here. |
If that is the case we need to better keep existing regex as is. Closing the pull request. |
to be clear here, I'm not against refining the regex. I just want to have a look over the previous tests cases that this helped and make sure we would have still caught them. |
Oh, I had the impression that the current broader-matching regex was acceptable. My apologies for the misinterpretation. Kindly inform me once you've had the opportunity to look into previous test cases. Reopening🚀 |
@jacobbednarz Have you had a chance to review the previous test cases to ensure that this PR's changes would still catch them? Your input is valuable. |
Codecov Report
@@ Coverage Diff @@
## master #1382 +/- ##
==========================================
+ Coverage 48.33% 48.67% +0.33%
==========================================
Files 133 139 +6
Lines 13023 13873 +850
==========================================
+ Hits 6295 6752 +457
- Misses 5201 5464 +263
- Partials 1527 1657 +130
|
This functionality has been released in v0.78.0. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
Description
Current IPv4 validation accepting non-IPv4 addresses such as 000000.010101.256.101, 192.168.0.300, 256.0.0.0 and bunch of other cases I mentioned in regex101 link. Newly defined pattern will take care all of such cases.
You can play with newly defined regex pattern here: https://regex101.com/r/j4lkR3/1
Has your change been tested?
Changes has been tested on regex playground
Types of changes
What sort of change does your code introduce/modify?
Checklist:
and relies on stable APIs.