Lokasi ngalangkungan proxy:   [ UP ]  
[Ngawartoskeun bug]   [Panyetelan cookie]                
Skip to content

feat: add 'make test' to v2's workflow#3379

Merged
airween merged 2 commits into
owasp-modsecurity:v2/masterfrom
airween:v2/extendci
May 13, 2025
Merged

feat: add 'make test' to v2's workflow#3379
airween merged 2 commits into
owasp-modsecurity:v2/masterfrom
airween:v2/extendci

Conversation

@airween

@airween airween commented May 11, 2025

Copy link
Copy Markdown
Member

what

This PR adds mod_security2 module's own test cases to the GH workflow.

The new job uses the same matrix as the existing one, but we can't use --enable-assertions configure option (which is important with the valid configuration, where we do not use invalid values), because then the test cases which check invalid values would throw an assert error.

why

The module's make tests command hasn't been working for some time, because the PCRE2 modifications weren't applied that code. With some recent PR's those part of code were aligned, so make test works again.

@airween airween requested review from fzipi and theseion May 11, 2025 08:19
Comment thread .github/workflows/ci.yml

@fzipi fzipi left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll suggest you also to pin versions to well-known hashes and do not use master for versions unless necessary.

There is a nice tool to do this.

Comment thread .github/workflows/ci.yml Outdated
Comment thread .github/workflows/ci.yml
Comment thread .github/workflows/ci.yml
…d packages

Co-authored-by: Felipe Zipitría <3012076+fzipi@users.noreply.github.com>
@sonarqubecloud

Copy link
Copy Markdown

@airween

airween commented May 11, 2025

Copy link
Copy Markdown
Member Author

I'll suggest you also to pin versions to well-known hashes and do not use master for versions unless necessary.

There is a nice tool to do this.

Sorry to ask, what is the advantage of using this form? Why isn't good to use the current master state?

@fzipi

fzipi commented May 11, 2025

Copy link
Copy Markdown
Collaborator

I'll suggest you also to pin versions to well-known hashes and do not use master for versions unless necessary.
There is a nice tool to do this.

Sorry to ask, what is the advantage of using this form? Why isn't good to use the current master state?

Supply chain attacks? See:

@airween

airween commented May 11, 2025

Copy link
Copy Markdown
Member Author

Supply chain attacks? See:

Thanks.

If I'm right, if we use hash's then we should have to care with new releases.

I think this PR is outside of this, so can we skip this change now? Later I try to align these as you suggested with other necessary configuration.

@fzipi

fzipi commented May 11, 2025

Copy link
Copy Markdown
Collaborator

Sounds good. Renovatebot can take care of that, let's do it in a different pr then.

@airween airween merged commit 377629b into owasp-modsecurity:v2/master May 13, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants