apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-21 20:18:06 +02:00
Code Issues Projects Releases Packages Wiki Activity

Python fp and docs updtes (#58)

Browse source 
* refactor: Update comments for clarity and add expectations.json files for performance metrics

* feat: Implement FP guard for JS/TS local-collection receivers to suppress missing ownership checks

* feat: Enhance Rust parameter handling to classify local collections and prevent false ownership checks

* refactor: Simplify code formatting for better readability in multiple files

* refactor: Improve UTF-8 sequence length handling and enhance clarity in loop iteration

* feat: Update Java and Python patterns to include new security rules

* refactor: Improve comment clarity and consistency across multiple Rust files

* refactor: Simplify code formatting for improved readability in integration tests and module files

* refactor: Improve comment formatting and enhance clarity in assertions across multiple files
This commit is contained in:
Eli Peter 2026-04-29 19:53:34 -04:00 committed by GitHub
parent 4db0805de6
commit a438886217
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
291 changed files with 9485 additions and 3851 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tests/inline_cache_origin_tests.rs
View file

@ -9,7 +9,7 @@
//! mis-attribute its source.
//!
//! A failure of this test implies a `taint-unsanitised-flow` finding is
//! naming the wrong source file/line a credibility-killer for users
//! naming the wrong source file/line, a credibility-killer for users
//! who then dismiss the tool as producing false positives.
mod common;
@ -89,7 +89,7 @@ fn two_call_sites_get_distinct_source_attributions() {
// 16: const sourceA = process.env.USER_INPUT; (call site 1 source)
// 21: const sourceB = process.env.OTHER_INPUT; (call site 2 source)
//
// The critical assertion is inequality a naive cache would report
// The critical assertion is inequality, a naive cache would report
// the FIRST-cached caller's source line on both findings (baking in
// `VarTaint.origins` from whichever call fired first during
// traversal). We also pin the exact expected lines so a silent
@ -117,7 +117,7 @@ fn two_call_sites_get_distinct_source_attributions() {
fn inline_cache_reused_note_fires_on_second_call() {
// Observability: the `InlineCacheReused` engine note is recorded
// on cache-hit apply. At least one of the two call sites must
// carry it whichever call loses the miss/hit race.
// carry it, whichever call loses the miss/hit race.
//
// The note is informational only: `EngineNote::InlineCacheReused`
// returns `false` from `lowers_confidence()`, so its presence never