search

testable-eu / sast-testability-patterns

Testability Pattern Catalogs for SAST
https://owasp.org/www-project-testability-patterns-for-web-applications/
Apache License 2.0
28 stars 2 forks source link

Simplify pattern file structure: redundancy in instance dir names and padding #15

Open vlkl-sap opened 1 year ago

vlkl-sap commented 1 year ago

Problem statement

Instances currently have the following layout:

102_collection_taint_propagation/2_instance_102_collection_taint_propagation

which creates long, redundant names.

Moreover, directories are currently sorted like this by default:

69_pass_variable_between_java_files
6_callable
70_raw_types

Proposed changes

Consider using one of the following for instances:

102_collection_taint_propagation/instance_002
102_collection_taint_propagation/002
102_collection_taint_propagation/002_further_instnace_detail

In addition consider using padding for filename. While it is possible to use ls -v, consider pading all numbers, i.e., 6 to 006, etc.

compaluca commented 1 year ago

It is a good point.

I would go for the second option: 102_collection_taint_propagation/002

Besides refactoring the testability patterns file structure overall (changing issue title in this respect), this needs to be implemented in the framework as well (see https://github.com/testable-eu/sast-tp-framework/issues/40).

compaluca commented 1 year ago

added padding part