-
Notifications
You must be signed in to change notification settings - Fork 140
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add '#nohusky' tag to Brakeman scans #508
Labels
feature-request
New feature request
Comments
rafaveira3
added
the
hacktoberfest2022
https://opensource.globo.com/hacktoberfest
label
Sep 30, 2020
I go try work on it. |
Hey @rafaveira3 ! I'm analyzing this issue and I have a question:
Thank you in advance! |
Hey, @victormazevedo! Thanks for taking a look at this issue. What kinds of changes have you done so far? I will be very happy to review any PR related to this. What do you think of opening one with the WIP tag? We can discuss it better there! 😄 |
Krlier
added
feature-request
New feature request
and removed
hacktoberfest2022
https://opensource.globo.com/hacktoberfest
labels
Nov 9, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Motivation
Users nowadays can add the tag
#nohusky
in their code to avoid false positives in Python and in Go projects. However, this feature is not present yet for Ruby files that use Brakeman as a Security Test (and others).It would be great if
Any Ruby line of code that has vulnerabilities be skipped by huskyCI analysis if a comment
#nohusky
is found. If applicable, do the same logic to all security tests? :)What we expect
If huskyCI finds a code like this one, the following output must be ignored and be set as a
NoSecHusky
vuln:Tips
The text was updated successfully, but these errors were encountered: