guarddog icon indicating copy to clipboard operation
guarddog copied to clipboard

Published 20 hours ago verified publisher icon DataDog

GuardDog Only Scans "setup.py" For Code Execution

Open cedricvanrompay-datadog opened this issue 11 months ago • 0 comments

https://github.com/DataDog/guarddog/blob/e49bf3298e4601ba3e4dc00140bd54d02d14371f/guarddog/analyzer/sourcecode/code-execution.yml#L1

https://github.com/DataDog/guarddog/blob/e49bf3298e4601ba3e4dc00140bd54d02d14371f/guarddog/analyzer/sourcecode/code-execution.yml#L113-L116

This causes a lot of malicious packages not to be detected because they perform code execution in other files.

It's true that reporting every single code execution would result in a lot of noise though.

We should at least make this limitation clear, because a lot of people are surprised that GuardDog does not report some malicious packages. See:

  • https://github.com/DataDog/guarddog/issues/306
  • https://github.com/DataDog/guarddog/issues/311

cedricvanrompay-datadog avatar Mar 05 '24 12:03 cedricvanrompay-datadog