You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Users nowadays can add the tag #nohusky in their code to avoid false positives in Python and in Go projects. However, this feature is not present yet for Ruby files that use Brakeman as a Security Test (and others).
It would be great if
Any Ruby line of code that has vulnerabilities be skipped by huskyCI analysis if a comment #nohusky is found. If applicable, do the same logic to all security tests? :)
What we expect
If huskyCI finds a code like this one, the following output must be ignored and be set as a NoSecHusky vuln:
Hey @rafaveira3 ! I'm analyzing this issue and I have a question:
I've made some changes in brakeman.go to understand and verify if I'm on the right way to solve this issue but I want to understand more how to test it. I tried to run make run-client with poc-ruby-brakeman but it seems that my changes doesn't reflect in it. Am I right or I need to do something else?
Hey, @victormazevedo! Thanks for taking a look at this issue. What kinds of changes have you done so far? I will be very happy to review any PR related to this. What do you think of opening one with the WIP tag? We can discuss it better there! 😄
Motivation
Users nowadays can add the tag
#nohusky
in their code to avoid false positives in Python and in Go projects. However, this feature is not present yet for Ruby files that use Brakeman as a Security Test (and others).It would be great if
Any Ruby line of code that has vulnerabilities be skipped by huskyCI analysis if a comment
#nohusky
is found. If applicable, do the same logic to all security tests? :)What we expect
If huskyCI finds a code like this one, the following output must be ignored and be set as a
NoSecHusky
vuln:Tips
The text was updated successfully, but these errors were encountered: