feat: report known malware for all ecosystems #922
+181
−9
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
oracle-contributor-agreement
bot
added
the
OCA Verified
behnazh-w
force-pushed
the
behnazh/check-known-mal
branch
from
5fd7cb4
to
688af68
Compare
behnazh-w
force-pushed
the
behnazh/check-known-mal
branch
2 times, most recently
from
615048d
to
426767b
Compare
Signed-off-by: behnazh-w <behnaz.hassanshahi@oracle.com>
behnazh-w
force-pushed
the
behnazh/check-known-mal
branch
from
426767b
to
b76afe2
Compare
art1f1c3R
approved these changes
Nov 20, 2024
nicallen
reviewed
Nov 20, 2024
| DBJsonDict, nullable=False, info={"justification": JustificationType.TEXT} | ||
| ) | ||
| #: The result of analysis, which can be an empty dictionary. | ||
| result: Mapped[dict] = mapped_column(DBJsonDict, nullable=False, info={"justification": JustificationType.TEXT}) |
There was a problem hiding this comment.
Why change dict[Heuristics, HeuristicResult]] to dict? In the new case it is empty, but that is still consistent with the old type.
There was a problem hiding this comment.
That's right. I don't need to change dict[Heuristics, HeuristicResult]].
nicallen
reviewed
Nov 20, 2024
| @@ -125,6 +125,80 @@ def send_get_http_raw( | |||
| return response | |||
|
|
|||
|
|
|||
| def send_post_http_raw( | |||
There was a problem hiding this comment.
There is quite a bit of duplication between send_post_http_raw, send_get_http_raw and send_get_http (each has an implementation of error handling and retry logic), it would be good to refactor that at some point (but it doesn't have to be done as part of this change).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
If a package is already known to be malicious, this PR reports it as part of the
mcn_detect_malicious_metadata_1check. Additionally, two new integration tests for known Python and npm malware have been added.