Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement "greylisting" #62

Closed
wants to merge 9 commits into from
Closed

Implement "greylisting" #62

wants to merge 9 commits into from

Conversation

jahrules
Copy link

@jahrules jahrules commented Jun 17, 2023
edited by Robin5605
Loading

Closes #61

@jahrules jahrules requested a review from Robin5605 June 17, 2023 02:19
AbooMinister25
AbooMinister25 reviewed Jun 19, 2023
View reviewed changes
Copy link
Contributor

@AbooMinister25 AbooMinister25 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just a few nitpicks.

src/mainframe/endpoints/report.py Outdated Show resolved Hide resolved
src/mainframe/endpoints/report.py Outdated Show resolved Hide resolved
@import-pandas-as-numpy
Copy link
Member

To explain this behavior to ensure we're accomplishing the objective properly:
If something flags on a new rule regardless we want to know about it. It should use whatever the most recent scan is to reference whether or not it has new behaviors.
e.g.:

numpyv1: rules matched [code marshaling]
numpyv2: rules matched [code marshaling] # doesn't flag
numpyv3: rules matched [code marshaling, malware] # does flag, new rule
numpyv4: rules matched [code marshaling, malware] # doesn't flag

Package flags should always reference the last seen version of the package to determine whether or not it will flag again.
New rule commits should generate new flags. If a rule is renamed and subsequently flags on a package, I consider this a potential benefit due to the ability to rename a rule with, say, a version number and have it be treated as an entirely unique rule.

@Robin5605
Copy link
Contributor

The feature @import-pandas-as-numpy needs to be implemented in the GET /package endpoint - we should be able to add a UNIQUE constraint to the returned rules so we don't return multiple versions that flagged on the same rule

@shenanigansd shenanigansd changed the title added the greylist feature Implement "greylisting" Jul 14, 2023
@jonathan-d-zhang
Change references of Package to Scan
909e990
@jonathan-d-zhang
fix: Handle the "first scan" case
6ab192c 
Previously did not take into account that the query might return `None`,
which would happen when the package is the first version.
@jonathan-d-zhang
Use the association proxy for the names directly
122b789
@jonathan-d-zhang
style: Address Aboo nits
2010db2 
Removed `is True` check.

Changed fstring to normal string.
@jonathan-d-zhang
style!: Rename greylist_scan to in_greylist
0294f01
@Robin5605
Copy link
Contributor

Closing this for now as it seems there was a misunderstanding on what the specification for #61 was. This may yet be a feature we want, and we will re-open it in the future after it's been discussed. Thanks all!

@Robin5605 Robin5605 closed this Jul 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AbooMinister25 AbooMinister25 AbooMinister25 left review comments

@Robin5605 Robin5605 Awaiting requested review from Robin5605

Assignees

@jahrules jahrules

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Greylist check
6 participants
@jahrules @import-pandas-as-numpy @Robin5605 @AbooMinister25 @jonathan-d-zhang @shenanigansd