Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(iast): code injection #11842

Merged
merged 11 commits into from
Jan 13, 2025
Merged

feat(iast): code injection #11842

merged 11 commits into from
Jan 13, 2025

Conversation

avara1986
Copy link
Member

Code Injection vulnerability detection.

System tests (merge after this PR): DataDog/system-tests#3753

Checklist

  • PR author has checked that all the criteria below are met
  • The PR description includes an overview of the change
  • The PR description articulates the motivation for the change
  • The change includes tests OR the PR description describes a testing strategy
  • The PR description notes risks associated with the change, if any
  • Newly-added code is easy to change
  • The change follows the library release note guidelines
  • The change includes or references documentation updates if necessary
  • Backport labels are set (if applicable)

Reviewer Checklist

  • Reviewer has checked that all the criteria below are met
  • Title is accurate
  • All changes are related to the pull request's stated goal
  • Avoids breaking API changes
  • Testing strategy adequately addresses listed risks
  • Newly-added code is easy to change
  • Release note makes sense to a user of the library
  • If necessary, author has acknowledged and discussed the performance implications of this PR as reported in the benchmarks PR comment
  • Backport labels are set in a manner that is consistent with the release branch maintenance policy

@avara1986 avara1986 added the ASM Application Security Monitoring label Dec 30, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Dec 30, 2024
edited
Loading

CODEOWNERS have been resolved as:

ddtrace/appsec/_iast/taint_sinks/code_injection.py                      @DataDog/asm-python
releasenotes/notes/iast-feat-code-injection-0213a27bc3340505.yaml       @DataDog/apm-python
tests/appsec/iast/fixtures/taint_sinks/code_injection.py                @DataDog/asm-python
tests/appsec/iast/taint_sinks/test_code_injection.py                    @DataDog/asm-python
ddtrace/appsec/_iast/_patch_modules.py                                  @DataDog/asm-python
ddtrace/appsec/_iast/constants.py                                       @DataDog/asm-python
tests/appsec/iast/conftest.py                                           @DataDog/asm-python
tests/appsec/iast/test_telemetry.py                                     @DataDog/asm-python

@pr-commenter
Copy link

pr-commenter bot commented Dec 30, 2024
edited
Loading

Benchmarks

Benchmark execution time: 2025-01-13 11:33:26

Comparing candidate commit 6a5c806 in PR branch avara1986/APPSEC-53594-iast_code_injection with baseline commit 8d818e3 in branch main.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 394 metrics, 2 unstable metrics.

@avara1986 avara1986 marked this pull request as ready for review December 31, 2024 12:52
@avara1986 avara1986 requested review from a team as code owners December 31, 2024 12:52
@datadog-dd-trace-py-rkomorn
Copy link

Datadog Report

Branch report: avara1986/APPSEC-53594-iast_code_injection
Commit report: 1f7c2ab
Test service: dd-trace-py

✅ 0 Failed, 5 Passed, 1463 Skipped, 58.25s Total duration (32m 21.17s time saved)

@avara1986 avara1986 enabled auto-merge (squash) January 13, 2025 13:07
@avara1986 avara1986 merged commit 3470c88 into main Jan 13, 2025
313 checks passed
@avara1986 avara1986 deleted the avara1986/APPSEC-53594-iast_code_injection branch January 13, 2025 13:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gnufede gnufede gnufede approved these changes

@juanjux juanjux juanjux approved these changes

@sanchda sanchda Awaiting requested review from sanchda sanchda is a code owner automatically assigned from DataDog/apm-python

@quinna-h quinna-h Awaiting requested review from quinna-h quinna-h is a code owner automatically assigned from DataDog/apm-python

Assignees
No one assigned
Labels
ASM Application Security Monitoring
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@avara1986 @juanjux @gnufede