Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: policy for sending data in HTTP GET requests #188

Merged
merged 7 commits into from
Dec 1, 2022
Merged

feat: policy for sending data in HTTP GET requests #188

merged 7 commits into from
Dec 1, 2022

Conversation

didroe
Copy link
Contributor

@didroe didroe commented Dec 1, 2022

Description

Adds custom detectors for Ruby HTTP GET/POST requests, along with a policy to find GET requests being sent personal/sensitive data.

Checklist

  • I've added test coverage that shows my fix or feature works as expected.
  • I've updated or added documentation if required.
  • I've included usage information in the description if CLI behavior was updated or added.
  • PR title follows Conventional Commits format

@swarmia
Copy link

swarmia bot commented Dec 1, 2022

✅  Linked to AMA-3072 · Support multiple options indentifiers
➡️  Part of AMA-3067 · Build custom detectors for ruby policies
➡️  Part of AMA-2947 · OSS - Curio CLI

@elsapet elsapet mentioned this pull request Dec 1, 2022
Merged
4 tasks
@didroe didroe force-pushed the AMA-3072/add-multiple-identifiers branch from 5f611b0 to c91ee69 Compare December 1, 2022 15:26
@didroe didroe force-pushed the AMA-3072/add-multiple-identifiers branch from c039693 to 2b47b0d Compare December 1, 2022 16:21
@didroe didroe force-pushed the AMA-3072/add-multiple-identifiers branch from 2b47b0d to d0804b8 Compare December 1, 2022 16:23
@didroe didroe marked this pull request as ready for review December 1, 2022 16:25
cfabianski
cfabianski reviewed Dec 1, 2022
View reviewed changes
integration/custom_detectors/custom_detectors_test.go
newScanTest("ruby", "detect_ruby_logger", "detect_ruby_logger.rb"),
newScanTest("ruby", "ruby_file_detection", "ruby_file_detection.rb"),
newScanTest("ruby", "detect_rails_session", "detect_rails_session.rb"),
newScanTest("ruby", "detect_rails_jwt", "detect_rails_jwt.rb"),
// newScanTest("ruby", "ruby_http_detection", "ruby_http_detection.rb"),
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@vjerci apparently there is an issue with the CI. This is definitely passing locally. Could you have a look at this test (why it triggers the worker more than once and stuff please?)

@didroe didroe merged commit eca04f7 into main Dec 1, 2022
@didroe didroe deleted the AMA-3072/add-multiple-identifiers branch December 1, 2022 16:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cfabianski cfabianski cfabianski approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@didroe @cfabianski