mirror of
https://github.com/digital-asset/daml.git
synced 2024-11-10 10:46:11 +03:00
68f44325a6
* fine grained test evidence for authorization * fine grained test evidence for privacy * fine grained test evidence for input-validation (typing) * fix exit code of security/update.sh script (set -euo pipefail) * add security evidence test category: Input Validation * regenerate security-evidence.md CHANGELOG_BEGIN CHANGELOG_END * fix bug in securoty evidence generation (must sort before group, or else we loose lines) * evidence for input validation of commands * address comments * cleanup: remove backticks from evidence free text
30 lines
745 B
Bash
Executable File
30 lines
745 B
Bash
Executable File
#!/usr/bin/env bash
|
|
# Copyright (c) 2021 Digital Asset (Switzerland) GmbH and/or its affiliates. All rights reserved.
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
set -euo pipefail
|
|
|
|
is_test=
|
|
|
|
while [[ $# -gt 0 ]]; do
|
|
case "$1" in
|
|
--test)
|
|
shift
|
|
is_test=1
|
|
;;
|
|
*)
|
|
echo "$0: unknown argument $1" >&2
|
|
exit 1
|
|
;;
|
|
esac
|
|
done
|
|
|
|
# These commands should be run at the root of the repo.
|
|
# We write backslash-colon instead of colon ro the grep does not pick up itself.
|
|
|
|
if [[ $is_test = 1 ]]; then
|
|
git grep --line-number TEST_EVIDENCE\: | bazel run security:evidence-security | diff security-evidence.md -
|
|
else
|
|
git grep --line-number TEST_EVIDENCE\: | bazel run security:evidence-security > security-evidence.md
|
|
fi
|