[skip actions] [uuid] 2024-07-20T14:31:49+03:00

Samsung · Jul 20, 2024 · c8423f4 · c8423f4
1 parent 51a96a8
commit c8423f4
Show file tree

Hide file tree

Showing 10 changed files with 3,166 additions and 11 deletions.
diff --git a/cicd/benchmark.txt b/cicd/benchmark.txt
diff --git a/credsweeper/rules/config.yaml b/credsweeper/rules/config.yaml
@@ -154,6 +154,22 @@
   target:
     - code
 
+- name: UUID
+  severity: info
+  confidence: strong
+  type: pattern
+  values:
+    - (?<![0-9A-Za-z_+-])(?P<value>[0-9A-Fa-f]{8}(-[0-9A-Fa-f]{4}){3}-[0-9A-Fa-f]{12})(?![=0-9A-Za-z_+-])
+  min_line_len: 36
+  required_substrings:
+    - "-"
+  required_regex: "[0-9A-Za-z_/+-]{15}"
+  filter_type:
+    - ValuePatternCheck
+  target:
+    - code
+    - doc
+
 - name: AWS Client ID
   severity: high
   confidence: moderate

diff --git a/tests/__init__.py b/tests/__init__.py
@@ -1,20 +1,20 @@
 from pathlib import Path
 
 # total number of files in test samples
-SAMPLES_FILES_COUNT: int = 130
+SAMPLES_FILES_COUNT: int = 131
 
 # the lowest value of ML threshold is used to display possible lowest values
 NEGLIGIBLE_ML_THRESHOLD = 0.0001
 
 # credentials count after scan
-SAMPLES_CRED_COUNT: int = 429
-SAMPLES_CRED_LINE_COUNT: int = 446
+SAMPLES_CRED_COUNT: int = 430
+SAMPLES_CRED_LINE_COUNT: int = 447
 
 # credentials count after post-processing
-SAMPLES_POST_CRED_COUNT: int = 387
+SAMPLES_POST_CRED_COUNT: int = 388
 
 # with option --doc
-SAMPLES_IN_DOC = 410
+SAMPLES_IN_DOC = 411
 
 # archived credentials that are not found without --depth
 SAMPLES_IN_DEEP_1 = SAMPLES_POST_CRED_COUNT + 25

diff --git a/tests/data/__init__.py b/tests/data/__init__.py
@@ -11,14 +11,14 @@
     "sort_output": True,
     "json_filename": "ml_threshold.json",
     "ml_threshold": NEGLIGIBLE_ML_THRESHOLD
-}, {
-    "__cred_count": SAMPLES_IN_DOC,
-    "sort_output": True,
-    "json_filename": "doc.json",
-    "doc": True
 }, {
     "__cred_count": SAMPLES_IN_DEEP_3,
     "sort_output": True,
     "json_filename": "depth_3.json",
     "depth": 3
+}, {
+    "__cred_count": SAMPLES_IN_DOC,
+    "sort_output": True,
+    "json_filename": "doc.json",
+    "doc": True
 }]
diff --git a/tests/data/depth_3.json b/tests/data/depth_3.json
@@ -12755,6 +12755,33 @@
             }
         ]
     },
+    {
+        "api_validation": "NOT_AVAILABLE",
+        "ml_validation": "NOT_AVAILABLE",
+        "ml_probability": null,
+        "rule": "UUID",
+        "severity": "info",
+        "confidence": "strong",
+        "line_data_list": [
+            {
+                "line": "bace4d19-fa7e-beef-cafe-9129474bcd81 # tp",
+                "line_num": 1,
+                "path": "tests/samples/uuid",
+                "info": "tests/samples/uuid|RAW",
+                "value": "bace4d19-fa7e-beef-cafe-9129474bcd81",
+                "value_start": 0,
+                "value_end": 36,
+                "variable": null,
+                "variable_start": -2,
+                "variable_end": -2,
+                "entropy_validation": {
+                    "iterator": "BASE36_CHARS",
+                    "entropy": 3.2373263071270246,
+                    "valid": true
+                }
+            }
+        ]
+    },
     {
         "api_validation": "NOT_AVAILABLE",
         "ml_validation": "NOT_AVAILABLE",

diff --git a/tests/data/doc.json b/tests/data/doc.json
@@ -12929,6 +12929,33 @@
             }
         ]
     },
+    {
+        "api_validation": "NOT_AVAILABLE",
+        "ml_validation": "NOT_AVAILABLE",
+        "ml_probability": null,
+        "rule": "UUID",
+        "severity": "info",
+        "confidence": "strong",
+        "line_data_list": [
+            {
+                "line": "bace4d19-fa7e-beef-cafe-9129474bcd81 # tp",
+                "line_num": 1,
+                "path": "tests/samples/uuid",
+                "info": "tests/samples/uuid|RAW",
+                "value": "bace4d19-fa7e-beef-cafe-9129474bcd81",
+                "value_start": 0,
+                "value_end": 36,
+                "variable": null,
+                "variable_start": -2,
+                "variable_end": -2,
+                "entropy_validation": {
+                    "iterator": "BASE36_CHARS",
+                    "entropy": 3.2373263071270246,
+                    "valid": true
+                }
+            }
+        ]
+    },
     {
         "api_validation": "NOT_AVAILABLE",
         "ml_validation": "NOT_AVAILABLE",

diff --git a/tests/data/ml_threshold.json b/tests/data/ml_threshold.json
@@ -11790,6 +11790,33 @@
             }
         ]
     },
+    {
+        "api_validation": "NOT_AVAILABLE",
+        "ml_validation": "NOT_AVAILABLE",
+        "ml_probability": null,
+        "rule": "UUID",
+        "severity": "info",
+        "confidence": "strong",
+        "line_data_list": [
+            {
+                "line": "bace4d19-fa7e-beef-cafe-9129474bcd81 # tp",
+                "line_num": 1,
+                "path": "tests/samples/uuid",
+                "info": "",
+                "value": "bace4d19-fa7e-beef-cafe-9129474bcd81",
+                "value_start": 0,
+                "value_end": 36,
+                "variable": null,
+                "variable_start": -2,
+                "variable_end": -2,
+                "entropy_validation": {
+                    "iterator": "BASE36_CHARS",
+                    "entropy": 3.2373263071270246,
+                    "valid": true
+                }
+            }
+        ]
+    },
     {
         "api_validation": "NOT_AVAILABLE",
         "ml_validation": "NOT_AVAILABLE",

diff --git a/tests/data/output.json b/tests/data/output.json
@@ -10683,6 +10683,33 @@
             }
         ]
     },
+    {
+        "api_validation": "NOT_AVAILABLE",
+        "ml_validation": "NOT_AVAILABLE",
+        "ml_probability": null,
+        "rule": "UUID",
+        "severity": "info",
+        "confidence": "strong",
+        "line_data_list": [
+            {
+                "line": "bace4d19-fa7e-beef-cafe-9129474bcd81 # tp",
+                "line_num": 1,
+                "path": "tests/samples/uuid",
+                "info": "",
+                "value": "bace4d19-fa7e-beef-cafe-9129474bcd81",
+                "value_start": 0,
+                "value_end": 36,
+                "variable": null,
+                "variable_start": -2,
+                "variable_end": -2,
+                "entropy_validation": {
+                    "iterator": "BASE36_CHARS",
+                    "entropy": 3.2373263071270246,
+                    "valid": true
+                }
+            }
+        ]
+    },
     {
         "api_validation": "NOT_AVAILABLE",
         "ml_validation": "NOT_AVAILABLE",

diff --git a/tests/samples/uuid b/tests/samples/uuid
@@ -0,0 +1,2 @@
+bace4d19-fa7e-beef-cafe-9129474bcd81 # tp
+12345678-1234-1234-1234-1234567890ab # fp
diff --git a/tests/test_main.py b/tests/test_main.py
@@ -738,6 +738,7 @@ def prepare(report: List[Dict[str, Any]]):
                 k["ml_probability"],
             ))
 
+        # do not use parametrised tests with unittests
         # instead the config file is used
         with tempfile.TemporaryDirectory() as tmp_dir:
             for cfg in DATA_TEST_CFG:
@@ -749,7 +750,7 @@ def prepare(report: List[Dict[str, Any]]):
                 tmp_file = Path(tmp_dir) / cfg["json_filename"]
                 # apply the current path to keep equivalence in path
                 os.chdir(TESTS_PATH.parent)
-                content_provider: AbstractProvider = FilesProvider(["tests/samples"])
+                content_provider: AbstractProvider = FilesProvider([Path("tests") / "samples"])
                 # replace output report file to place in tmp_dir
                 cfg["json_filename"] = str(tmp_file)
                 cred_sweeper = CredSweeper(**cfg)