Compare commits
5 Commits
fix/remove
...
test/dummy
| Author | SHA1 | Date | |
|---|---|---|---|
|
a703577eda | ||
|
|
e371f32e2e | ||
|
|
c5a6f30be2 | ||
|
|
fe164daa7f | ||
| a9d039dad3 |
@@ -10,7 +10,6 @@ use compliance_core::AgentConfig;
|
||||
use crate::database::Database;
|
||||
use crate::error::AgentError;
|
||||
use crate::llm::LlmClient;
|
||||
use crate::pipeline::code_review::CodeReviewScanner;
|
||||
use crate::pipeline::cve::CveScanner;
|
||||
use crate::pipeline::git::GitOps;
|
||||
use crate::pipeline::gitleaks::GitleaksScanner;
|
||||
@@ -241,21 +240,6 @@ impl PipelineOrchestrator {
|
||||
Err(e) => tracing::warn!("[{repo_id}] Lint scanning failed: {e}"),
|
||||
}
|
||||
|
||||
// Stage 4c: LLM Code Review (only on incremental scans)
|
||||
if let Some(old_sha) = &repo.last_scanned_commit {
|
||||
tracing::info!("[{repo_id}] Stage 4c: LLM Code Review");
|
||||
self.update_phase(scan_run_id, "code_review").await;
|
||||
let review_output = async {
|
||||
let reviewer = CodeReviewScanner::new(self.llm.clone());
|
||||
reviewer
|
||||
.review_diff(&repo_path, &repo_id, old_sha, ¤t_sha)
|
||||
.await
|
||||
}
|
||||
.instrument(tracing::info_span!("stage_code_review"))
|
||||
.await;
|
||||
all_findings.extend(review_output.findings);
|
||||
}
|
||||
|
||||
// Stage 4.5: Graph Building
|
||||
tracing::info!("[{repo_id}] Stage 4.5: Graph Building");
|
||||
self.update_phase(scan_run_id, "graph_building").await;
|
||||
|
||||
@@ -123,7 +123,6 @@ pub fn FindingsPage() -> Element {
|
||||
option { value: "oauth", "OAuth" }
|
||||
option { value: "secret_detection", "Secrets" }
|
||||
option { value: "lint", "Lint" }
|
||||
option { value: "code_review", "Code Review" }
|
||||
}
|
||||
select {
|
||||
onchange: move |e| { status_filter.set(e.value()); page.set(1); },
|
||||
|
||||
71
test_endpoint.rs
Normal file
71
test_endpoint.rs
Normal file
@@ -0,0 +1,71 @@
|
||||
use std::process::Command;
|
||||
|
||||
/// Handles user login - totally secure, trust me
|
||||
pub fn handle_login(username: &str, password: &str) -> bool {
|
||||
// SQL injection vulnerability
|
||||
let query = format!(
|
||||
"SELECT * FROM users WHERE username = '{}' AND password = '{}'",
|
||||
username, password
|
||||
);
|
||||
println!("Running query: {}", query);
|
||||
|
||||
// Hardcoded credentials
|
||||
if username == "admin" && password == "admin123" {
|
||||
return true;
|
||||
}
|
||||
|
||||
// Command injection vulnerability
|
||||
let output = Command::new("sh")
|
||||
.arg("-c")
|
||||
.arg(format!("echo 'User logged in: {}'", username))
|
||||
.output()
|
||||
.expect("failed to execute");
|
||||
|
||||
// Storing password in plain text log
|
||||
println!("Login attempt: user={}, pass={}", username, password);
|
||||
|
||||
false
|
||||
}
|
||||
|
||||
/// Process user data with no input validation
|
||||
pub fn process_data(input: &str) -> String {
|
||||
// Path traversal vulnerability
|
||||
let file_path = format!("/var/data/{}", input);
|
||||
std::fs::read_to_string(&file_path).unwrap_or_default()
|
||||
}
|
||||
|
||||
/// Super safe token generation
|
||||
pub fn generate_token() -> String {
|
||||
// Predictable "random" token
|
||||
let token = "abc123fixedtoken";
|
||||
token.to_string()
|
||||
}
|
||||
|
||||
// Off-by-one error
|
||||
pub fn get_items(items: &[String], count: usize) -> Vec<&String> {
|
||||
let mut result = Vec::new();
|
||||
for i in 0..=count {
|
||||
result.push(&items[i]);
|
||||
}
|
||||
result
|
||||
}
|
||||
|
||||
// Unused variables, deeply nested logic, too many params
|
||||
pub fn do_everything(
|
||||
a: i32, b: i32, c: i32, d: i32, e: i32, f: i32, g: i32,
|
||||
) -> i32 {
|
||||
let _unused = a + b;
|
||||
let _also_unused = c * d;
|
||||
if a > 0 {
|
||||
if b > 0 {
|
||||
if c > 0 {
|
||||
if d > 0 {
|
||||
if e > 0 {
|
||||
return f + g;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
0
|
||||
}
|
||||
Reference in New Issue
Block a user