Skip to content

remove malicious-scan command #645

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
attiasas merged 3 commits into from
Jan 21, 2026
Merged

remove malicious-scan command #645

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
294e8bc
remove malicious-scan command
attiasas Jan 20, 2026
74eec79
fix integration tests
attiasas Jan 20, 2026
072e46f
fix static
attiasas Jan 20, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion cli/docs/flags.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -215,7 +215,7 @@ var commandFlags = map[string][]string{
StaticSca, XrayLibPluginBinaryCustomPath, AnalyzerManagerCustomPath, AddSastRules,
},
CurationAudit: {
CurationOutput, WorkingDirs, Threads, RequirementsFile, InsecureTls, useWrapperAudit, UseIncludedBuilds, SolutionPath, DockerImageName,IncludeCachedPackages,
CurationOutput, WorkingDirs, Threads, RequirementsFile, InsecureTls, useWrapperAudit, UseIncludedBuilds, SolutionPath, DockerImageName, IncludeCachedPackages,
},
GitCountContributors: {
InputFile, ScmType, ScmApiUrl, Token, Owner, RepoName, Months, DetailedSummary, InsecureTls,
Expand Down
20 changes: 10 additions & 10 deletions cli/scancommands.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ import (
flags "github.com/jfrog/jfrog-cli-security/cli/docs"
auditSpecificDocs "github.com/jfrog/jfrog-cli-security/cli/docs/auditspecific"
enrichDocs "github.com/jfrog/jfrog-cli-security/cli/docs/enrich"
maliciousScanDocs "github.com/jfrog/jfrog-cli-security/cli/docs/maliciousscan"
// maliciousScanDocs "github.com/jfrog/jfrog-cli-security/cli/docs/maliciousscan"
mcpDocs "github.com/jfrog/jfrog-cli-security/cli/docs/mcp"
auditDocs "github.com/jfrog/jfrog-cli-security/cli/docs/scan/audit"
buildScanDocs "github.com/jfrog/jfrog-cli-security/cli/docs/scan/buildscan"
Expand Down Expand Up @@ -76,15 +76,15 @@ func getAuditAndScansCommands() []components.Command {
Category: securityCategory,
Action: EnrichCmd,
},
{
Name: "malicious-scan",
Aliases: []string{"ms"},
Flags: flags.GetCommandFlags(flags.MaliciousScan),
Description: maliciousScanDocs.GetDescription(),
Arguments: maliciousScanDocs.GetArguments(),
Category: securityCategory,
Action: MaliciousScanCmd,
},
// {
// Name: "malicious-scan",
// Aliases: []string{"ms"},
// Flags: flags.GetCommandFlags(flags.MaliciousScan),
// Description: maliciousScanDocs.GetDescription(),
// Arguments: maliciousScanDocs.GetArguments(),
// Category: securityCategory,
// Action: MaliciousScanCmd,
// },
{
Name: "build-scan",
Aliases: []string{"bs"},
Expand Down
193 changes: 97 additions & 96 deletions maliciousscan_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,111 +1,112 @@
package main

import (
"path/filepath"
"strconv"
"strings"
"testing"
// "strconv"
// "strings"
// "testing"

"github.com/stretchr/testify/assert"
// "path/filepath"

"github.com/jfrog/jfrog-cli-core/v2/common/format"
securityTests "github.com/jfrog/jfrog-cli-security/tests"
securityTestUtils "github.com/jfrog/jfrog-cli-security/tests/utils"
securityIntegrationTestUtils "github.com/jfrog/jfrog-cli-security/tests/utils/integration"
"github.com/jfrog/jfrog-cli-security/tests/validations"
// "github.com/stretchr/testify/assert"
// securityTestUtils "github.com/jfrog/jfrog-cli-security/tests/utils"
// "github.com/jfrog/jfrog-cli-security/tests/validations"

// "github.com/jfrog/jfrog-cli-core/v2/common/format"
// securityTests "github.com/jfrog/jfrog-cli-security/tests"
// securityIntegrationTestUtils "github.com/jfrog/jfrog-cli-security/tests/utils/integration"
)

type maliciousScanCommandTestParams struct {
WorkingDirsToScan []string
Format format.OutputFormat
Threads int
MinSeverity string
}
// type maliciousScanCommandTestParams struct {
// WorkingDirsToScan []string
// Format format.OutputFormat
// Threads int
// MinSeverity string
// }

func getMaliciousScanCmdArgs(params maliciousScanCommandTestParams) (args []string) {
args = []string{"malicious-scan"}
if len(params.WorkingDirsToScan) > 0 {
args = append(args, "--working-dirs="+strings.Join(params.WorkingDirsToScan, ","))
}
if params.Format != "" {
args = append(args, "--format="+string(params.Format))
}
if params.Threads > 0 {
args = append(args, "--threads="+strconv.Itoa(params.Threads))
}
if params.MinSeverity != "" {
args = append(args, "--min-severity="+params.MinSeverity)
}
return args
}
// func getMaliciousScanCmdArgs(params maliciousScanCommandTestParams) (args []string) {
// args = []string{"malicious-scan"}
// if len(params.WorkingDirsToScan) > 0 {
// args = append(args, "--working-dirs="+strings.Join(params.WorkingDirsToScan, ","))
// }
// if params.Format != "" {
// args = append(args, "--format="+string(params.Format))
// }
// if params.Threads > 0 {
// args = append(args, "--threads="+strconv.Itoa(params.Threads))
// }
// if params.MinSeverity != "" {
// args = append(args, "--min-severity="+params.MinSeverity)
// }
// return args
// }

func runMaliciousScan(t *testing.T, params maliciousScanCommandTestParams) (string, error) {
cleanUp := securityIntegrationTestUtils.UseTestHomeWithDefaultXrayConfig(t)
defer cleanUp()
return securityTests.PlatformCli.RunCliCmdWithOutputs(t, getMaliciousScanCmdArgs(params)...)
}
// func runMaliciousScan(t *testing.T, params maliciousScanCommandTestParams) (string, error) {
// cleanUp := securityIntegrationTestUtils.UseTestHomeWithDefaultXrayConfig(t)
// defer cleanUp()
// return securityTests.PlatformCli.RunCliCmdWithOutputs(t, getMaliciousScanCmdArgs(params)...)
// }

func TestMaliciousScan(t *testing.T) {
testCases := []struct {
name string
format format.OutputFormat
projectPath string
expectedIssues int
}{
{
name: "Malicious scan with findings (Simple JSON)",
format: format.SimpleJson,
projectPath: filepath.Join("projects", "jas", "jas", "malicious"),
expectedIssues: 1,
},
{
name: "Malicious scan without findings (Simple JSON)",
format: format.SimpleJson,
projectPath: filepath.Join("projects", "empty_project", "python_project_with_no_deps"),
expectedIssues: 0,
},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
fullProjectPath := filepath.Join(filepath.FromSlash(securityTests.GetTestResourcesPath()), tc.projectPath)
_, cleanUp := securityTestUtils.CreateTestProjectEnvAndChdir(t, fullProjectPath)
defer cleanUp()
// func TestMaliciousScan(t *testing.T) {
// testCases := []struct {
// name string
// format format.OutputFormat
// projectPath string
// expectedIssues int
// }{
// {
// name: "Malicious scan with findings (Simple JSON)",
// format: format.SimpleJson,
// projectPath: filepath.Join("projects", "jas", "jas", "malicious"),
// expectedIssues: 1,
// },
// {
// name: "Malicious scan without findings (Simple JSON)",
// format: format.SimpleJson,
// projectPath: filepath.Join("projects", "empty_project", "python_project_with_no_deps"),
// expectedIssues: 0,
// },
// }
// for _, tc := range testCases {
// t.Run(tc.name, func(t *testing.T) {
// fullProjectPath := filepath.Join(filepath.FromSlash(securityTests.GetTestResourcesPath()), tc.projectPath)
// _, cleanUp := securityTestUtils.CreateTestProjectEnvAndChdir(t, fullProjectPath)
// defer cleanUp()

params := maliciousScanCommandTestParams{
Format: tc.format,
}
output, err := runMaliciousScan(t, params)
assert.NoError(t, err)
// params := maliciousScanCommandTestParams{
// Format: tc.format,
// }
// output, err := runMaliciousScan(t, params)
// assert.NoError(t, err)

validationsParams := validations.ValidationParams{
Vulnerabilities: &validations.VulnerabilityCount{
ValidateScan: &validations.ScanCount{MaliciousCode: tc.expectedIssues},
},
}
if tc.expectedIssues == 0 {
validationsParams.ExactResultsMatch = true
}
validations.ValidateCommandOutput(t, output, tc.format, validationsParams)
})
}
}
// validationsParams := validations.ValidationParams{
// Vulnerabilities: &validations.VulnerabilityCount{
// ValidateScan: &validations.ScanCount{MaliciousCode: tc.expectedIssues},
// },
// }
// if tc.expectedIssues == 0 {
// validationsParams.ExactResultsMatch = true
// }
// validations.ValidateCommandOutput(t, output, tc.format, validationsParams)
// })
// }
// }

func TestMaliciousScanWithWorkingDirs(t *testing.T) {
maliciousProjectPath := filepath.Join(filepath.FromSlash(securityTests.GetTestResourcesPath()), "projects", "jas", "jas", "malicious")
_, cleanUp := securityTestUtils.CreateTestProjectEnvAndChdir(t, maliciousProjectPath)
defer cleanUp()
// func TestMaliciousScanWithWorkingDirs(t *testing.T) {
// maliciousProjectPath := filepath.Join(filepath.FromSlash(securityTests.GetTestResourcesPath()), "projects", "jas", "jas", "malicious")
// _, cleanUp := securityTestUtils.CreateTestProjectEnvAndChdir(t, maliciousProjectPath)
// defer cleanUp()

params := maliciousScanCommandTestParams{
WorkingDirsToScan: []string{"."},
Format: format.SimpleJson,
}
output, err := runMaliciousScan(t, params)
assert.NoError(t, err)
// params := maliciousScanCommandTestParams{
// WorkingDirsToScan: []string{"."},
// Format: format.SimpleJson,
// }
// output, err := runMaliciousScan(t, params)
// assert.NoError(t, err)

validationsParams := validations.ValidationParams{
Vulnerabilities: &validations.VulnerabilityCount{
ValidateScan: &validations.ScanCount{MaliciousCode: 1},
},
}
validations.ValidateCommandOutput(t, output, format.SimpleJson, validationsParams)
}
// validationsParams := validations.ValidationParams{
// Vulnerabilities: &validations.VulnerabilityCount{
// ValidateScan: &validations.ScanCount{MaliciousCode: 1},
// },
// }
// validations.ValidateCommandOutput(t, output, format.SimpleJson, validationsParams)
// }
Loading