diff --git a/README.md b/README.md index fa87060..e95a587 100644 --- a/README.md +++ b/README.md @@ -136,10 +136,10 @@ This section describe all the possible warnings returned by JSXRay. Click on the | [encoded-literal](./docs/encoded-literal.md) | ❌ | An encoded literal has been detected (it can be an hexa value, unicode sequence or a base64 string) | | [short-identifiers](./docs/short-identifiers.md) | ❌ | This mean that all identifiers has an average length below 1.5. | | [suspicious-literal](./docs/suspicious-literal.md) | ❌ | A suspicious literal has been found in the source code. | -| [suspicious-file](./docs/suspicious-file.md) | ✔️ | A suspicious file with more than ten encoded-literal in it | +| [suspicious-file](./docs/suspicious-file.md) | ❌ | A suspicious file with more than ten encoded-literal in it | | [obfuscated-code](./docs/obfuscated-code.md) | ✔️ | There's a very high probability that the code is obfuscated. | -| [weak-crypto](./docs/weak-crypto.md) | ✔️ | The code probably contains a weak crypto algorithm (md5, sha1...) | -| [shady-link](./docs/shady-link.md) | ✔️ | The code contains shady/unsafe link | +| [weak-crypto](./docs/weak-crypto.md) | ❌ | The code probably contains a weak crypto algorithm (md5, sha1...) | +| [shady-link](./docs/shady-link.md) | ❌ | The code contains shady/unsafe link | ## Workspaces diff --git a/docs/shady-link.md b/docs/shady-link.md index a422604..8ce6262 100644 --- a/docs/shady-link.md +++ b/docs/shady-link.md @@ -1,7 +1,7 @@ # Shady link | Code | Severity | i18n | Experimental | | --- | --- | --- | :-: | -| shady-link | `Warning` | `sast_warnings.shady_link` | ✔️ | +| shady-link | `Warning` | `sast_warnings.shady_link` | ❌ | ## Introduction @@ -36,4 +36,4 @@ const IPv6URL = "http://2444:1130:80:2aa8:c313:150d:b8cf:c321/script"; > [!IMPORTANT]\ > Credit goes to the [guarddog](https://github.dev/DataDog/guarddog) team.\ -> Credit goes to the [ietf.org](https://www.ietf.org/rfc/rfc3986.txt). \ No newline at end of file +> Credit goes to the [ietf.org](https://www.ietf.org/rfc/rfc3986.txt). diff --git a/docs/suspicious-file.md b/docs/suspicious-file.md index dbbb1da..8046592 100644 --- a/docs/suspicious-file.md +++ b/docs/suspicious-file.md @@ -2,7 +2,7 @@ | Code | Severity | i18n | Experimental | | --- | --- | --- | :-: | -| suspicious-file | `Critical` | `sast_warnings.suspicious_file` | ✔️ | +| suspicious-file | `Critical` | `sast_warnings.suspicious_file` | ❌ | ## Introduction diff --git a/docs/weak-crypto.md b/docs/weak-crypto.md index 251273e..ec17254 100644 --- a/docs/weak-crypto.md +++ b/docs/weak-crypto.md @@ -2,7 +2,7 @@ | Code | Severity | i18n | Experimental | | --- | --- | --- | :-: | -| weak-crypto | `Information` | `sast_warnings.weak_crypto` | ✔️ | +| weak-crypto | `Information` | `sast_warnings.weak_crypto` | ❌ | ## Introduction diff --git a/src/warnings.js b/src/warnings.js index e80b110..e8deebe 100644 --- a/src/warnings.js +++ b/src/warnings.js @@ -34,7 +34,7 @@ export const warnings = Object.freeze({ "suspicious-file": { i18n: "sast_warnings.suspicious_file", severity: "Critical", - experimental: true + experimental: false }, "obfuscated-code": { i18n: "sast_warnings.obfuscated_code", @@ -44,12 +44,12 @@ export const warnings = Object.freeze({ "weak-crypto": { i18n: "sast_warnings.weak_crypto", severity: "Information", - experimental: true + experimental: false }, "shady-link": { i18n: "sast_warnings.shady_link", severity: "Warning", - experimental: true + experimental: false } }); diff --git a/test/probes/isWeakCrypto.spec.js b/test/probes/isWeakCrypto.spec.js index 2f162d8..3f7c655 100644 --- a/test/probes/isWeakCrypto.spec.js +++ b/test/probes/isWeakCrypto.spec.js @@ -21,7 +21,6 @@ test("it should report a warning in case of `createHash()` usage", as assert.strictEqual(outputWarnings.length, 1); assert.deepEqual(firstWarning.kind, "weak-crypto"); assert.strictEqual(firstWarning.value, fixtureFile.split(".").at(0)); - assert.ok(firstWarning.experimental); } }); @@ -37,7 +36,6 @@ test("it should report a warning in case of `[expression]createHash() assert.strictEqual(outputWarnings.length, 1); assert.deepEqual(firstWarning.kind, "weak-crypto"); assert.strictEqual(firstWarning.value, fixtureFile.split(".").at(0)); - assert.ok(firstWarning.experimental); } }); diff --git a/test/warnings.spec.js b/test/warnings.spec.js index c59db32..827ec38 100644 --- a/test/warnings.spec.js +++ b/test/warnings.spec.js @@ -40,6 +40,6 @@ test("Given a weak-crypto kind it should generate a warning with value, simple l ], i18n: "sast_warnings.weak_crypto", severity: "Information", - experimental: true + experimental: false }); });