Skip to content

feat: add 'make test' to v2's workflow #3379

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
May 13, 2025
Merged

feat: add 'make test' to v2's workflow #3379

merged 2 commits into from
May 13, 2025

Conversation

airween
Copy link
Member

@airween airween commented May 11, 2025

what

This PR adds mod_security2 module's own test cases to the GH workflow.

The new job uses the same matrix as the existing one, but we can't use --enable-assertions configure option (which is important with the valid configuration, where we do not use invalid values), because then the test cases which check invalid values would throw an assert error.

why

The module's make tests command hasn't been working for some time, because the PCRE2 modifications weren't applied that code. With some recent PR's those part of code were aligned, so make test works again.

@airween airween requested review from theseion and fzipi May 11, 2025 08:19
theseion
theseion requested changes May 11, 2025
View reviewed changes
fzipi
fzipi reviewed May 11, 2025
View reviewed changes
Copy link
Contributor

@fzipi fzipi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll suggest you also to pin versions to well-known hashes and do not use master for versions unless necessary.

There is a nice tool to do this.

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@airween
Copy link
Member Author

airween commented May 11, 2025

I'll suggest you also to pin versions to well-known hashes and do not use master for versions unless necessary.

There is a nice tool to do this.

Sorry to ask, what is the advantage of using this form? Why isn't good to use the current master state?

@fzipi
Copy link
Contributor

fzipi commented May 11, 2025

I'll suggest you also to pin versions to well-known hashes and do not use master for versions unless necessary.
There is a nice tool to do this.

Sorry to ask, what is the advantage of using this form? Why isn't good to use the current master state?

Supply chain attacks? See:

@airween
Copy link
Member Author

airween commented May 11, 2025

Supply chain attacks? See:

Thanks.

If I'm right, if we use hash's then we should have to care with new releases.

I think this PR is outside of this, so can we skip this change now? Later I try to align these as you suggested with other necessary configuration.

@fzipi
Copy link
Contributor

fzipi commented May 11, 2025

Sounds good. Renovatebot can take care of that, let's do it in a different pr then.

@airween airween merged commit 377629b into owasp-modsecurity:v2/master May 13, 2025
82 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@theseion theseion theseion approved these changes

@fzipi fzipi fzipi approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@airween @fzipi @theseion