-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Checking unknown host exception for PostgreSqlCredential #545
Checking unknown host exception for PostgreSqlCredential #545
Conversation
Adds an if statement that catches if the secret is not accessible from the public. The credentials may or may not be valid, but we can't test that.
Src/Plugins/Security/SEC101_038.PostgreSqlCredentialsValidator.cs
Outdated
Show resolved
Hide resolved
Src/ReleaseHistory.md
Outdated
[#541](https://github.com/microsoft/sarif-pattern-matcher/pull/541) | ||
- Tool Improvement: Add a check for PostgreSql instances that are not reachable from external networks. | ||
[#545](https://github.com/microsoft/sarif-pattern-matcher/pull/544) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Src/ReleaseHistory.md
Outdated
[#541](https://github.com/microsoft/sarif-pattern-matcher/pull/541) | ||
- Tool Improvement: Add a check for PostgreSql instances that are not reachable from external networks. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tool Improvement: Add a check for PostgreSql instances that are not reachable from external networks.
the question we should make: what would happen after this change?
would we improve get more results/more live secrets/etc?
I think, we should change to something like: "UER: Added a check for PostgreSql instances that are not reachable from external networks reducing unexpected exceptions."
UER = eliminate unhandled exceptions in rules
this is explaining very detailed what we are doing and what will happen.
Adds an if statement that catches if the database the secret points to is not accessible from the public. The credentials may or may not be valid, but we can't test that.
Changes
Please provide a brief description of the changes here.
For significant contributions please make sure you have completed the following items:
ReleaseHistory.md
updated for non-trivial changes