search

testable-eu / sast-testability-patterns

Testability Pattern Catalogs for SAST
https://owasp.org/www-project-testability-patterns-for-web-applications/
Apache License 2.0
28 stars 2 forks source link

Update TP: some JS patterns - negative_test_case vs expectation field #44

Closed compaluca closed 1 year ago

compaluca commented 1 year ago

This comes from some automated checks...

@SoheilKhodayari : does it make sense?

Testability pattern

The pattern instances concerned are:

pattern_id instance_id pattern_name language expectation negative_test_case
105 1 This Statement JS FALSE NO
32 2 Array Shift JS TRUE YES
33 2 Array Length JS FALSE NO
37 2 Generators JS FALSE NO
37 4 Generators JS TRUE YES

Problem statement

All these seem to have an inconsistency between expectation and negative_test_case fields, see table above. (These two fields are clearly redundant and we could decide to keep only the expectation one, but for the time being we have both.)

Proposed changes

Check the different patterns and reset properly the values for expectation vs negative_test_case

SoheilKhodayari commented 1 year ago

@compaluca yes, sure, I can confirm the inconsistency, the two fields should be the negation of one another. I can submit a PR to fix this soon.