Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

selftest: add checks to selftest-glob #75

Merged
merged 8 commits into from Aug 10, 2023
Merged

selftest: add checks to selftest-glob #75

merged 8 commits into from Aug 10, 2023

Conversation

woodruffw
Copy link
Member

@woodruffw woodruffw commented Aug 8, 2023
edited

This ratchets down our tests a bit more, and adds a "backstop" xfail test for the behavior noticed in #74: we intentionally no longer expand shell variables in the input parameter, since doing so is an inadvertent source of shell injection.

Closes #74.

@woodruffw
selftest: add checks to selftest-glob
c13bdef 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw woodruffw self-assigned this Aug 8, 2023
@woodruffw
selftest: multiple glob test
e0293e8 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
selftest: fix my misunderstanding of glob
1e2c7e6 
Signed-off-by: William Woodruff <william@trailofbits.com>
@esev
Copy link

esev commented Aug 8, 2023

Suggest:

env:
  TEST_DIR: test

with:
  inputs: ./${TEST_DIR}/*

@woodruffw woodruffw mentioned this pull request Aug 8, 2023
Closed
@woodruffw
expand multiple glob test some more
ab9c881 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
action: dedupe, stricter glob handling
3e254e3 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
selftest: fix xfail test
df29c1d 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw woodruffw requested review from tetsuo-cpp and di August 8, 2023 21:48
@woodruffw
README: add a NOTE on inputs
da4bef6 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
Copy link
Member Author

Rendered NOTE on the behavior change this tests:

Screenshot 2023-08-08 at 5 52 08 PM

@woodruffw
action: python3 -> python
4df1d53 
Our setup explicitly asserts that python is Python 3.

Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw woodruffw added the enhancement New feature or request label Aug 9, 2023
@woodruffw woodruffw merged commit d260c7b into main Aug 10, 2023
22 checks passed
@woodruffw woodruffw deleted the ww/fix-inputs branch August 10, 2023 15:57
@woodruffw woodruffw mentioned this pull request Aug 10, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@di di di approved these changes

@tetsuo-cpp tetsuo-cpp Awaiting requested review from tetsuo-cpp

Assignees

@woodruffw woodruffw

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Not all inputs are signed starting with 2.0.0
3 participants
@woodruffw @esev @di