From 7468d2214bcb2b5f83cd2701a6c135b2ea0380ad Mon Sep 17 00:00:00 2001 From: elipeter Date: Wed, 3 Jun 2026 11:36:52 -0500 Subject: [PATCH] tests, docs: simplify `OnceLock` usage in Linux sandbox tests, update Java patterns in rules documentation --- docs/rules.md | 5 ++--- tests/sandbox_hardening_linux.rs | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/docs/rules.md b/docs/rules.md index 866e7e36..0c962b96 100644 --- a/docs/rules.md +++ b/docs/rules.md @@ -121,7 +121,7 @@ The tables below are generated from `src/patterns/.rs` by [`tools/docgen`] | `go.crypto.md5` | Low | A | Medium | | `go.crypto.sha1` | Low | A | Medium | -### Java: 10 patterns +### Java: 9 patterns | Rule ID | Severity | Tier | Confidence | |---|---|---|---| @@ -129,12 +129,11 @@ The tables below are generated from `src/patterns/.rs` by [`tools/docgen`] | `java.code_exec.text4shell_interpolator` | High | A | High | | `java.deser.readobject` | High | A | High | | `java.deser.snakeyaml_unsafe_constructor` | High | A | High | +| `java.crypto.weak_algorithm` | Medium | A | Medium | | `java.reflection.class_forname` | Medium | A | High | | `java.reflection.method_invoke` | Medium | A | High | | `java.sqli.execute_concat` | Medium | B | Medium | -| `java.xss.getwriter_print` | Medium | A | High | | `java.crypto.insecure_random` | Low | A | Medium | -| `java.crypto.weak_digest` | Low | A | Medium | ### JavaScript: 22 patterns diff --git a/tests/sandbox_hardening_linux.rs b/tests/sandbox_hardening_linux.rs index f06f2d0a..a58af9a5 100644 --- a/tests/sandbox_hardening_linux.rs +++ b/tests/sandbox_hardening_linux.rs @@ -43,7 +43,7 @@ mod hardening_tests { static PROBE_BINARY: OnceLock> = OnceLock::new(); fn probe_path() -> Option<&'static Path> { - PROBE_BINARY.get_or_init(|| build_probe_once()).as_deref() + PROBE_BINARY.get_or_init(build_probe_once).as_deref() } fn build_probe_once() -> Option {