mirror of
https://github.com/elicpeter/nyx.git
synced 2026-07-12 21:02:11 +02:00
Critical bug fixes and recall improvements (#68)
This commit is contained in:
parent
7d0e7320e2
commit
55247b7fcd
352 changed files with 60069 additions and 900 deletions
144
tests/recall_gaps_baseline.json
Normal file
144
tests/recall_gaps_baseline.json
Normal file
|
|
@ -0,0 +1,144 @@
|
|||
{
|
||||
"_doc": "Frozen recall-gap baseline. Phases 02-11 prove non-regression by re-running the corpus scan and verifying corpus_findings_total does not drop and rule_id_full counts do not regress per-rule. Hard rule: pitboss agents may not write under .pitboss/, so the baseline lives here in tests/ next to the harness it documents.",
|
||||
"captured_on": "2026-05-08",
|
||||
"captured_against": "master @ ea82ea98 (post phase 03/05/06/07 land)",
|
||||
"recall_gaps_tests": {
|
||||
"binary": "recall_gaps",
|
||||
"ignored_count": 3,
|
||||
"ignored": [
|
||||
"cross_package_ipa",
|
||||
"nextjs_entrypoints",
|
||||
"ssrf_url_builders"
|
||||
],
|
||||
"non_ignored": [
|
||||
"async_await",
|
||||
"baseline_loads",
|
||||
"for_await_of_stream",
|
||||
"fs_promises_alias_form",
|
||||
"fs_promises_alias_require_form",
|
||||
"fs_promises_namespace_import",
|
||||
"fs_promises_node_import",
|
||||
"fs_promises_open",
|
||||
"fs_promises_readfile",
|
||||
"fs_promises_require_form",
|
||||
"fs_promises_safe_userfn",
|
||||
"jsx_dangerous_html",
|
||||
"orm_builders",
|
||||
"promise_all_taint",
|
||||
"promise_then_callback",
|
||||
"promise_then_chain_reentrant"
|
||||
]
|
||||
},
|
||||
"corpus_finding_lines": {
|
||||
"scan_root": "tests/fixtures",
|
||||
"command": "nyx scan tests/fixtures --index off --format console",
|
||||
"output_lines": 6466,
|
||||
"json_command": "nyx scan tests/fixtures --index off --format json",
|
||||
"findings_total": 1121,
|
||||
"findings_by_severity": {
|
||||
"Low": 20,
|
||||
"Medium": 1101
|
||||
},
|
||||
"rule_id_distinct": 81,
|
||||
"rule_id_top": {
|
||||
"taint-unsanitised-flow": 542,
|
||||
"state-unauthed-access": 41,
|
||||
"py.cmdi.subprocess_shell": 35,
|
||||
"js.code_exec.eval": 30,
|
||||
"taint-data-exfiltration": 29,
|
||||
"js.auth.missing_ownership_check": 26,
|
||||
"go.cmdi.exec_command": 20,
|
||||
"taint-open-redirect": 19,
|
||||
"cfg-unguarded-sink": 18,
|
||||
"state-use-after-close": 17,
|
||||
"java.cmdi.runtime_exec": 17,
|
||||
"taint-prototype-pollution": 16,
|
||||
"taint-template-injection": 15,
|
||||
"py.auth.missing_ownership_check": 15,
|
||||
"rb.cmdi.system_interp": 14
|
||||
},
|
||||
"rule_id_full": {
|
||||
"c.cmdi.system": 10,
|
||||
"c.memory.gets": 3,
|
||||
"c.memory.printf_no_fmt": 2,
|
||||
"c.memory.scanf_percent_s": 3,
|
||||
"c.memory.sprintf": 12,
|
||||
"c.memory.strcat": 3,
|
||||
"c.memory.strcpy": 6,
|
||||
"cfg-auth-gap": 2,
|
||||
"cfg-unguarded-sink": 18,
|
||||
"cpp.cmdi.popen": 1,
|
||||
"cpp.cmdi.system": 8,
|
||||
"cpp.memory.gets": 2,
|
||||
"cpp.memory.printf_no_fmt": 3,
|
||||
"cpp.memory.sprintf": 2,
|
||||
"cpp.memory.strcat": 1,
|
||||
"cpp.memory.strcpy": 2,
|
||||
"go.auth.admin_route_missing_admin_check": 3,
|
||||
"go.auth.missing_ownership_check": 8,
|
||||
"go.auth.partial_batch_authorization": 2,
|
||||
"go.auth.token_override_without_validation": 1,
|
||||
"go.cmdi.exec_command": 20,
|
||||
"go.transport.insecure_skip_verify": 1,
|
||||
"java.auth.admin_route_missing_admin_check": 2,
|
||||
"java.auth.missing_ownership_check": 3,
|
||||
"java.cmdi.runtime_exec": 17,
|
||||
"java.code_exec.text4shell_interpolator": 1,
|
||||
"java.deser.readobject": 5,
|
||||
"java.deser.snakeyaml_unsafe_constructor": 1,
|
||||
"js.auth.admin_route_missing_admin_check": 9,
|
||||
"js.auth.missing_ownership_check": 26,
|
||||
"js.auth.partial_batch_authorization": 3,
|
||||
"js.auth.token_override_without_validation": 6,
|
||||
"js.code_exec.eval": 30,
|
||||
"js.code_exec.new_function": 1,
|
||||
"js.config.cors_dynamic_origin": 1,
|
||||
"js.xss.ejs_unescaped": 2,
|
||||
"php.cmdi.system": 10,
|
||||
"php.code_exec.eval": 6,
|
||||
"php.code_exec.preg_replace_e": 1,
|
||||
"php.deser.unserialize": 2,
|
||||
"py.auth.admin_route_missing_admin_check": 4,
|
||||
"py.auth.missing_ownership_check": 15,
|
||||
"py.auth.partial_batch_authorization": 2,
|
||||
"py.auth.token_override_without_validation": 6,
|
||||
"py.cmdi.os_popen": 2,
|
||||
"py.cmdi.os_system": 13,
|
||||
"py.cmdi.subprocess_shell": 35,
|
||||
"py.code_exec.eval": 6,
|
||||
"py.code_exec.exec": 3,
|
||||
"py.deser.pickle_loads": 3,
|
||||
"py.deser.yaml_load": 3,
|
||||
"rb.auth.admin_route_missing_admin_check": 5,
|
||||
"rb.auth.missing_ownership_check": 14,
|
||||
"rb.auth.partial_batch_authorization": 2,
|
||||
"rb.auth.token_override_without_validation": 3,
|
||||
"rb.cmdi.backtick": 2,
|
||||
"rb.cmdi.system_interp": 14,
|
||||
"rb.code_exec.class_eval": 1,
|
||||
"rb.code_exec.eval": 3,
|
||||
"rb.code_exec.instance_eval": 1,
|
||||
"rb.deser.marshal_load": 2,
|
||||
"rb.deser.yaml_load": 2,
|
||||
"rs.auth.admin_route_missing_admin_check": 3,
|
||||
"rs.auth.missing_ownership_check": 9,
|
||||
"rs.auth.partial_batch_authorization": 2,
|
||||
"rs.auth.token_override_without_validation": 2,
|
||||
"rs.memory.copy_nonoverlapping": 1,
|
||||
"rs.memory.mem_zeroed": 1,
|
||||
"rs.memory.ptr_read": 1,
|
||||
"rs.memory.transmute": 2,
|
||||
"state-unauthed-access": 41,
|
||||
"state-use-after-close": 17,
|
||||
"taint-data-exfiltration": 29,
|
||||
"taint-header-injection": 13,
|
||||
"taint-ldap-injection": 9,
|
||||
"taint-open-redirect": 19,
|
||||
"taint-prototype-pollution": 16,
|
||||
"taint-template-injection": 15,
|
||||
"taint-unsanitised-flow": 542,
|
||||
"taint-xpath-injection": 8,
|
||||
"taint-xxe": 11
|
||||
}
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue