8000 fix: use boundary to fix false positive with email `firstname.dockery@host.tld` by EsadCetiner · Pull Request #4045 · coreruleset/coreruleset · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

fix: use boundary to fix false positive with email firstname.dockery@host.tld #4045

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 10 commits into from
Mar 26, 2025
Merged

fix: use boundary to fix false positive with email firstname.dockery@host.tld #4045

merged 10 commits into from
Mar 26, 2025

Conversation

EsadCetiner
Copy link
Member
@EsadCetiner EsadCetiner commented Mar 23, 2025
edited by theseion
Loading

Fixes #4041

@github-actions GitHub Actions
Copy link
Contributor
github-actions bot commented Mar 23, 2025
edited
Loading

📊 Quantitative test results for language: eng, year: 2023, size: 10K, paranoia level: 1:
🚀 Quantitative testing did not detect new false positives

theseion
theseion reviewed Mar 23, 2025
View reviewed changes
Copy link
Contributor
@theseion theseion left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Can you also update the dependent files? Search for lfi-os-files and you should find them all, then run the scripts in the headers. Finally, regenerate the rules.

@EsadCetiner
Copy link
Member Author

@theseion I found a few issues running the grep command, I assume lfi-os-files.data is the source of truth for the dot files?

I had to add some missing entries to lfi-os-files.data that were only present in restricted-files.data, I'm not sure if the exclusions were intentional but I didn't find any tests testing for their removal.

The grep command was also a little broken, it wouldn't include any dot file beginning with s, I made some changes in the regex and it works now (I don't think grep works well with negated sets and non-capturing group).

theseion
theseion requested changes Mar 23, 2025
View reviewed changes
@theseion
Copy link
Contributor

The grep issues are probably due to differences in grep implementations. Thanks for fixing.

@theseion theseion mentioned this pull request Mar 23, 2025
Merged
@EsadCetiner
Copy link
Member Author

@theseion Looks like the PR merged a minute ago broke the tests?

fzipi
fzipi reviewed Mar 24, 2025
View reviewed changes
fzipi
fzipi reviewed Mar 24, 2025
View reviewed changes
@theseion
Copy link
Contributor

@theseion Looks like the PR merged a minute ago broke the tests?

Where? All tests pass, don't they?

@EsadCetiner
Copy link
Member Author

@theseion It works now, but the Nginx container was broken

@theseion
Copy link
Contributor

Thanks. I've added a fix for that to #4050

@EsadCetiner EsadCetiner added this pull request to the merge queue Mar 26, 2025
Merged via the queue into coreruleset:main with commit 2b8117f Mar 26, 2025
6 checks passed
@EsadCetiner EsadCetiner deleted the fix-docker-fp branch March 26, 2025 20:25
@fzipi fzipi mentioned this pull request Apr 7, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fzipi fzipi fzipi left review comments

@theseion theseion theseion approved these changes

Assignees
No one assigned
Labels
release:fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Should we move dot files out of lfi-os-files.data? (930120)
3 participants
@EsadCetiner @theseion @fzipi
0