Skip to content

fix: E2E test data identified as malicious file by antivirus software #1255

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
JeyJeyGao merged 8 commits into from
Apr 15, 2025
Merged

fix: E2E test data identified as malicious file by antivirus software #1255

JeyJeyGao merged 8 commits into from
Apr 15, 2025

Conversation

@JeyJeyGao
Copy link
Contributor

@JeyJeyGao JeyJeyGao commented Apr 8, 2025
edited
Loading

Fix:

  • encode the original zip_bomb.zip file as zip_bomb.zip.base64, and decode the file on the fly to avoid it being identified as a malicious file.

JeyJeyGao added 3 commits April 8, 2025 17:03
@JeyJeyGao
fix: E2E test data identified as malicious file by antivirus software
7256668 
Signed-off-by: Junjie Gao <junjiegao@microsoft.com>
@JeyJeyGao
fix: update
a4a8ee6 
Signed-off-by: Junjie Gao <junjiegao@microsoft.com>
@JeyJeyGao
fix: update
de6182d 
Signed-off-by: Junjie Gao <junjiegao@microsoft.com>
@codecov
Copy link

codecov bot commented Apr 8, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 76.96%. Comparing base (d86b087) to head (61eaae5).
Report is 6 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1255   +/-   ##
=======================================
  Coverage   76.96%   76.96%           
=======================================
  Files          68       68           
  Lines        3847     3847           
=======================================
  Hits         2961     2961           
  Misses        682      682           
  Partials      204      204

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@JeyJeyGao JeyJeyGao marked this pull request as ready for review April 8, 2025 09:16
@JeyJeyGao JeyJeyGao requested a review from a user April 8, 2025 09:16
JeyJeyGao added 2 commits April 8, 2025 17:17
@JeyJeyGao
fix: update
6ac08b1 
Signed-off-by: Junjie Gao <junjiegao@microsoft.com>
@JeyJeyGao
fix: update
dd7ff9a 
Signed-off-by: Junjie Gao <junjiegao@microsoft.com>
ghost
ghost previously approved these changes Apr 9, 2025
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

shizhMSFT
shizhMSFT reviewed Apr 9, 2025
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think it can work as scanners can scan the items in a zip file.

@JeyJeyGao
fix: use encryption instead of zip wrapper
da65a5f 
Signed-off-by: Junjie Gao <junjiegao@microsoft.com>
@JeyJeyGao
fix: use base64 instead of encryption
bf4b902 
Signed-off-by: Junjie Gao <junjiegao@microsoft.com>
@JeyJeyGao JeyJeyGao requested review from a user and shizhMSFT April 14, 2025 04:59
@JeyJeyGao
fix: make base64 in 1 line
61eaae5 
Signed-off-by: Junjie Gao <junjiegao@microsoft.com>
shizhMSFT
shizhMSFT reviewed Apr 14, 2025
View reviewed changes
shizhMSFT
shizhMSFT approved these changes Apr 15, 2025
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

ghost
ghost approved these changes Apr 15, 2025
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@JeyJeyGao JeyJeyGao merged commit 12c60b7 into notaryproject:main Apr 15, 2025
7 checks passed
@JeyJeyGao JeyJeyGao deleted the fix/improve_e2e_testdata branch April 15, 2025 04:58
FeynmanZhou pushed a commit to FeynmanZhou/notation that referenced this pull request May 15, 2025
@JeyJeyGao @FeynmanZhou
fix: E2E test data identified as malicious file by antivirus software (
bcb78ae 
…notaryproject#1255)

Fix:
- encode the original `zip_bomb.zip` file as `zip_bomb.zip.base64`, and
decode the file on the fly to avoid it being identified as a malicious
file.

---------

Signed-off-by: Junjie Gao <junjiegao@microsoft.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shizhMSFT shizhMSFT shizhMSFT approved these changes

@gokarnm gokarnm Awaiting requested review from gokarnm gokarnm is a code owner

@NiazFK NiazFK Awaiting requested review from NiazFK NiazFK is a code owner

@priteshbandi priteshbandi Awaiting requested review from priteshbandi priteshbandi is a code owner

@rgnote rgnote Awaiting requested review from rgnote rgnote is a code owner

@toddysm toddysm Awaiting requested review from toddysm toddysm is a code owner

@vaninrao10 vaninrao10 Awaiting requested review from vaninrao10 vaninrao10 is a code owner

@yizha1 yizha1 Awaiting requested review from yizha1 yizha1 is a code owner

+1 more reviewer
Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@JeyJeyGao @shizhMSFT