[Task]: Suspicious commands needs its own pipeline #1039

lukehinds · 2025-02-13T15:38:02Z

Suspicious commands is not implemented into the pipeline, its instead hooking into the main pipeline output:

It should instead be a pipeline object in the same way as PII, secrets etc.

No response

therealnb · 2025-02-13T17:05:32Z

The code was generally in the right place and generally working. Secrets and PII were being found, but this was real.

In copilot edits, the deltas were being passed as snippets. We have alleviated that here https://github.com/stacklok/codegate/pull/1043/files#diff-0658dbd5db53af1b59ad53ac8ce9dc0ba40042abea62cce7f6b04eebf3fa4cffR63
So that suspicious commands will not be applied to the main programming languages.

Both of these will have corner cases, but these fixes offer a low impact set of changes.

therealnb · 2025-02-13T17:14:11Z

Also reported this #1044
CC @jhrozek

therealnb · 2025-02-17T10:15:32Z

Note that we had to disable this code #1073

It is now unclear where this code should go.

github-actions bot added the needs-triage label Feb 13, 2025

therealnb mentioned this issue Feb 13, 2025

Handle shell languages slightly better #1043

Merged

therealnb mentioned this issue Feb 13, 2025

Review unnecessarily limiting languages #1044

Open

therealnb closed this as completed in #1043 Feb 13, 2025

therealnb reopened this Feb 17, 2025

lukehinds removed the needs-triage label Feb 20, 2025

Provide feedback