Skip to content

Add safe SQL and redirect fixtures to the Echo pack #19

Description

@malik111110

Outcome

The Echo pack proves that parameterized SQL and a static redirect do not trigger its SQLi or redirect rules.

Maintainer guidance

The pack already has positive SQLi/redirect cases and a safe HTML case. Add negative cases beside them using the current test helper; avoid broad matcher changes.

Acceptance criteria

  • Add a parameterized SQL snippet and assert no PF-ECHO-SQLI-001 finding.
  • Add a static internal redirect snippet and assert no PF-ECHO-REDIRECT-001 finding.
  • Each test checks the exact unwanted rule ID.
  • Existing vulnerable fixtures continue to fire.
  • go test ./internal/sast/frameworks/echo -count=1 passes.
  • gofmt produces no diff.

Scope

Start with internal/sast/frameworks/echo/pack_test.go. Refs #7.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions