Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update known flaws files #4443

Merged
merged 1 commit into from
Sep 5, 2023
Merged

Update known flaws files #4443

merged 1 commit into from
Sep 5, 2023

Conversation

nico-stefani
Copy link
Member

@nico-stefani nico-stefani commented Aug 23, 2023
edited
Loading

Related issue
#4448

Description

This PR updates the framework file of known flaws with the recent scan results.

Updated

  • Known flaws in the framework file

Tests

(wqa310) ➜  wazuh-qa git:(4282-update-framework-known-flaws-4-8-0) pytest tests/scans/code_analysis/test_python_flaws.py --disable-warnings --exclude_directories tests,test --reference master; git status
================================================================================================ test session starts ================================================================================================
platform linux -- Python 3.10.12, pytest-7.1.2, pluggy-1.2.0
rootdir: /home/nstefani/git/wazuh-qa/tests, configfile: pytest.ini
plugins: html-3.1.1, metadata-3.0.0, testinfra-5.0.0
collected 1 item

tests/scans/code_analysis/test_python_flaws.py .                                                                                                                                                              [100%]

========================================================================================== 1 passed, 3 warnings in 44.90s ===========================================================================================
On branch 4282-update-framework-known-flaws-4-8-0
nothing to commit, working tree clean

@nico-stefani nico-stefani force-pushed the 4282-update-framework-known-flaws-4-8-0 branch from 21e5b07 to cd849fe Compare August 23, 2023 18:45
@nico-stefani nico-stefani changed the title refactor(#4282): Update known flaws files for 4.8.0 Update known flaws files Aug 23, 2023
@nico-stefani nico-stefani self-assigned this Aug 23, 2023
@nico-stefani nico-stefani linked an issue Aug 23, 2023 that may be closed by this pull request
Update framework known flaws from code analysis #4282
Closed
4 tasks
@nico-stefani nico-stefani removed a link to an issue Aug 23, 2023
Update framework known flaws from code analysis #4282
Closed
4 tasks
@nico-stefani nico-stefani linked an issue Aug 23, 2023 that may be closed by this pull request
Update known flaws files for 4.8.0 #4448
Closed
Selutario
Selutario suggested changes Aug 29, 2023
View reviewed changes
Copy link
Contributor

@Selutario Selutario left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm getting an error:

$ pip3 freeze | grep wazuh-testing
wazuh-testing @ file:///home/selu/Git/qa-integration-framework
$ 
$ pytest tests/scans/code_analysis/test_python_flaws.py --disable-warnings --exclude_directories tests,test --reference master
============================================================================================ test session starts =============================================================================================
platform linux -- Python 3.10.12, pytest-7.1.2, pluggy-0.13.1
rootdir: /home/selu/Git/wazuh-qa/tests, configfile: pytest.ini
plugins: html-3.1.1, testinfra-5.0.0, tavern-2.0.2, metadata-2.0.4
collected 0 items / 1 error                                                                                                                                                                                  

=================================================================================================== ERRORS ===================================================================================================
_________________________________________________________________________ ERROR collecting scans/code_analysis/test_python_flaws.py __________________________________________________________________________
ImportError while importing test module '/home/selu/Git/wazuh-qa/tests/scans/code_analysis/test_python_flaws.py'.
Hint: make sure your test modules/packages have valid Python names.
Traceback:
/usr/lib/python3.10/importlib/__init__.py:126: in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
tests/scans/code_analysis/test_python_flaws.py:4: in <module>
    from wazuh_testing.tools.scans.code_analysis import \
E   ModuleNotFoundError: No module named 'wazuh_testing.tools.scans'
========================================================================================== short test summary info ===========================================================================================
ERROR tests/scans/code_analysis/test_python_flaws.py
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Interrupted: 1 error during collection !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
============================================================================================== 1 error in 0.12s ==============================================================================================

I think you mentioned that it is necessary to update the test to use the new qa-framework. If there is no other issue for it, I think this PR would be a good place to do it.

Also, remember to include 3 execution outputs as I mentioned here before moving the issue to pending final review.

@nico-stefani
Copy link
Member Author

nico-stefani commented Aug 29, 2023
edited
Loading

@Selutario the wazuh-testing utils that the test uses are present in this repository, not in the qa-integration-framework.

wazuh-qa/deps/wazuh_testing/wazuh_testing/tools/scans/code_analysis.py

Line 157 in 39f1354

def get_new_flaws(bandit_results, known_flaws, directory, flaws_already_found, new_flaws_output_dir):

Let me know if I'm missing something here because I can't reproduce the error.

Test run evidence

Run 1 

(wqa310) ➜  wazuh-qa git:(4282-update-framework-known-flaws-4-8-0) date; pytest tests/scans/code_analysis/test_python_flaws.py --disable-warnings --exclude_directories tests,test --reference master; git status
Tue Aug 29 10:31:04 AM -03 2023
================================================================================================ test session starts ================================================================================================
platform linux -- Python 3.10.12, pytest-7.1.2, pluggy-1.2.0
rootdir: /home/nstefani/git/wazuh-qa/tests, configfile: pytest.ini
plugins: html-3.1.1, metadata-3.0.0, testinfra-5.0.0
collected 1 item

tests/scans/code_analysis/test_python_flaws.py .                                                                                                                                                              [100%]

========================================================================================== 1 passed, 3 warnings in 36.58s ===========================================================================================
On branch 4282-update-framework-known-flaws-4-8-0
nothing to commit, working tree clean

Run 2 

(wqa310) ➜  wazuh-qa git:(4282-update-framework-known-flaws-4-8-0) date; pytest tests/scans/code_analysis/test_python_flaws.py --disable-warnings --exclude_directories tests,test --reference master; git status
Tue Aug 29 10:34:05 AM -03 2023
================================================================================================ test session starts ================================================================================================
platform linux -- Python 3.10.12, pytest-7.1.2, pluggy-1.2.0
rootdir: /home/nstefani/git/wazuh-qa/tests, configfile: pytest.ini
plugins: html-3.1.1, metadata-3.0.0, testinfra-5.0.0
collected 1 item

tests/scans/code_analysis/test_python_flaws.py .                                                                                                                                                              [100%]

========================================================================================== 1 passed, 3 warnings in 36.76s ===========================================================================================
On branch 4282-update-framework-known-flaws-4-8-0
nothing to commit, working tree clean

Run 3 

(wqa310) ➜  wazuh-qa git:(4282-update-framework-known-flaws-4-8-0) date; pytest tests/scans/code_analysis/test_python_flaws.py --disable-warnings --exclude_directories tests,test --reference master; git status
Tue Aug 29 10:38:48 AM -03 2023
================================================================================================ test session starts ================================================================================================
platform linux -- Python 3.10.12, pytest-7.1.2, pluggy-1.2.0
rootdir: /home/nstefani/git/wazuh-qa/tests, configfile: pytest.ini
plugins: html-3.1.1, metadata-3.0.0, testinfra-5.0.0
collected 1 item

tests/scans/code_analysis/test_python_flaws.py .                                                                                                                                                              [100%]

========================================================================================== 1 passed, 3 warnings in 51.05s ===========================================================================================
On branch 4282-update-framework-known-flaws-4-8-0
nothing to commit, working tree clean

@nico-stefani nico-stefani force-pushed the 4282-update-framework-known-flaws-4-8-0 branch from cd849fe to 09c4a99 Compare August 29, 2023 15:33
Selutario
Selutario approved these changes Aug 30, 2023
View reviewed changes
Copy link
Contributor

@Selutario Selutario left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You are right, I forgot to reinstall wazuh_testing using the master branch. LGTM.

@davidjiglesias davidjiglesias merged commit e3109af into master Sep 5, 2023
@davidjiglesias davidjiglesias deleted the 4282-update-framework-known-flaws-4-8-0 branch September 5, 2023 15:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Selutario Selutario Selutario approved these changes

@damarisg damarisg damarisg approved these changes

Assignees

@nico-stefani nico-stefani

Labels
feature/framework
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update known flaws files for 4.8.0
4 participants
@nico-stefani @damarisg @Selutario @davidjiglesias