Skip to content

Add allow-list functionality to securitychecker_enlightn #1161

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
veewee merged 6 commits into from
Mar 21, 2025
Merged

Add allow-list functionality to securitychecker_enlightn #1161

veewee merged 6 commits into from
Mar 21, 2025
+33 −0

Conversation

@peterjaap
Copy link
Contributor

@peterjaap peterjaap commented Nov 19, 2024

Q A
Branch v2.x
Bug fix? no
New feature? yes
BC breaks? no
Deprecations? no
Documented? yes

veewee
veewee requested changes Nov 26, 2024
View reviewed changes
Copy link
Contributor

@veewee veewee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like a nice addition, thanks!
Can you make sure to add a test-case for this new allow_list argument? Otherwise we won't be able to merge this.

@peterjaap
Copy link
Contributor Author

peterjaap commented Dec 3, 2024

@veewee I've added a test case and used addArgumentArrayWithSeparatedValue().

veewee
veewee requested changes Dec 3, 2024
View reviewed changes
Copy link
Contributor

@veewee veewee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. It's curently not working as expected.
I've added some additional pointers in code.

src/Task/SecurityCheckerEnlightn.php
$resolver->setDefaults([
'lockfile' => './composer.lock',
'run_always' => false,
'allow_list' => []
Copy link
Contributor

@veewee veewee Dec 3, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The method provideConfigurableOptions in the test should be altered to cover this newly added default.

@leonhelmus
Copy link

leonhelmus commented Dec 9, 2024

@peterjaap nice addition. This is something i could use as well. Thanks for adding it. When will you have time to look at the changes needed?

@veewee veewee mentioned this pull request Dec 13, 2024
Closed
@peterjaap
Add --allow-list option to SecurityCheckerEnlightn task
eda6d36 
- Document new option in enlightn.md with example usage

- Fix argument formatting to use comma-separated values for --allow-list

- Update unit test to include the new option in default configuration

This change allows users to specify CVEs that should be ignored during security checks when they've been assessed and determined not to pose a risk.
@peterjaap
Copy link
Contributor Author

peterjaap commented Mar 18, 2025

@veewee I processed your remarks

@veewee veewee added this to the 2.12.0 milestone Mar 21, 2025
@veewee veewee merged commit f18e860 into phpro:v2.x Mar 21, 2025
26 checks passed
@veewee
Copy link
Contributor

veewee commented Mar 21, 2025

Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@veewee veewee veewee requested changes

Assignees

No one assigned

Labels

enhancement

Projects

None yet

Milestone

2.12.0

Development

Successfully merging this pull request may close these issues.

3 participants

@peterjaap @leonhelmus @veewee