Tags: Checkmarx/2ms
Tags
fix: updated GCP validation to always consider 403 response as valid … …result (#383) <!-- Thanks for contributing to 2ms by offering a pull request. --> Closes # **Proposed Changes** We had an issue where GCP API Keys were having inconsistent validation, varying from Valid to Unknown depending on the response body. After testing the API, we concluded that 403-Forbidden code is only received if the token is valid. It might, however, not be valid to the API we are testing (Youtube API). But it is still valid as a GCP API Key. Therefore we are treating all 403 codes as Valid, unless an error occurred on parsing the response body (this error behavior was already present) **Checklist** - [ ] I covered my changes with tests. - [ ] I Updated the documentation that is affected by my changes: - [ ] Change in the CLI arguments - [ ] Change in the configuration file I submit this contribution under the Apache-2.0 license.
fix: updated GCP validation to always consider 403 response as valid … …result (#383) <!-- Thanks for contributing to 2ms by offering a pull request. --> Closes # **Proposed Changes** We had an issue where GCP API Keys were having inconsistent validation, varying from Valid to Unknown depending on the response body. After testing the API, we concluded that 403-Forbidden code is only received if the token is valid. It might, however, not be valid to the API we are testing (Youtube API). But it is still valid as a GCP API Key. Therefore we are treating all 403 codes as Valid, unless an error occurred on parsing the response body (this error behavior was already present) **Checklist** - [ ] I covered my changes with tests. - [ ] I Updated the documentation that is affected by my changes: - [ ] Change in the CLI arguments - [ ] Change in the configuration file I submit this contribution under the Apache-2.0 license.
fix: reverting special character support for generic rule (#380) <!-- Thanks for contributing to 2ms by offering a pull request. --> Closes # **Proposed Changes** <!-- Please describe the big picture of your changes here. If it fixes a bug or resolves a feature request, be sure to link to that issue. --> **Checklist** - [ ] I covered my changes with tests. - [ ] I Updated the documentation that is affected by my changes: - [ ] Change in the CLI arguments - [ ] Change in the configuration file I submit this contribution under the Apache-2.0 license.
fix: add special characters support for generic credential rule (#377) **Proposed Changes** <!-- Add special characters support for generic credential rule --> **Checklist** - [X] I covered my changes with tests. - [ ] I Updated the documentation that is affected by my changes: - [ ] Change in the CLI arguments - [ ] Change in the configuration file I submit this contribution under the Apache-2.0 license.
fix: update go version and custom rules regexTarget documentation (#373) <!-- Thanks for contributing to 2ms by offering a pull request. --> Closes # **Proposed Changes** Update go version and custom rules regexTarget documentation <!-- Please describe the big picture of your changes here. If it fixes a bug or resolves a feature request, be sure to link to that issue. --> **Checklist** - [ ] I covered my changes with tests. - [ ] I Updated the documentation that is affected by my changes: - [ ] Change in the CLI arguments - [ ] Change in the configuration file I submit this contribution under the Apache-2.0 license.
chore: update ignore results with latest ids (#368) <!-- Thanks for contributing to 2ms by offering a pull request. --> Closes # **Proposed Changes** <!-- Please describe the big picture of your changes here. If it fixes a bug or resolves a feature request, be sure to link to that issue. --> **Checklist** - [ ] I covered my changes with tests. - [ ] I Updated the documentation that is affected by my changes: - [ ] Change in the CLI arguments - [ ] Change in the configuration file I submit this contribution under the Apache-2.0 license.
PreviousNext