[nodejs] Fix easy wins (#3669)

DataDog · Dec 13, 2024 · c1ba4ad · c1ba4ad
1 parent 76ef778
commit c1ba4ad
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 3 deletions.
diff --git a/manifests/nodejs.yml b/manifests/nodejs.yml
@@ -173,7 +173,6 @@ tests/:
         test_nosql_mongodb_injection.py:
           TestNoSqlMongodbInjection:
             '*': *ref_4_17_0
-            express5: missing_feature # express-mongo-sanitize is not yet compatible with express5
             nextjs: missing_feature
           TestNoSqlMongodbInjection_StackTrace: missing_feature
         test_path_traversal.py:
@@ -294,7 +293,19 @@ tests/:
         test_uri.py:
           TestURI: missing_feature
     rasp/:
-      test_cmdi.py: missing_feature
+      test_cmdi.py:
+        Test_Cmdi_BodyJson: missing_feature
+        Test_Cmdi_BodyUrlEncoded: missing_feature
+        Test_Cmdi_BodyXml: missing_feature
+        Test_Cmdi_Capability: missing_feature
+        Test_Cmdi_Mandatory_SpanTags: missing_feature
+        Test_Cmdi_Optional_SpanTags: missing_feature
+        Test_Cmdi_Rules_Version: *ref_5_26_0
+        Test_Cmdi_StackTrace: missing_feature
+        Test_Cmdi_Telemetry: missing_feature
+        Test_Cmdi_Telemetry_Variant_Tag: missing_feature
+        Test_Cmdi_UrlQuery: missing_feature
+        Test_Cmdi_Waf_Version: *ref_5_26_0
       test_lfi.py:
         Test_Lfi_BodyJson:
           '*': *ref_5_24_0
@@ -550,7 +561,11 @@ tests/:
     test_logs.py:
       Test_Standardization: missing_feature
       Test_StandardizationBlockMode: missing_feature
-    test_metastruct.py: missing_feature
+    test_metastruct.py:
+      Test_SecurityEvents_Appsec_Metastruct_Disabled: v2.2.0
+      Test_SecurityEvents_Appsec_Metastruct_Enabled: missing_feature
+      Test_SecurityEvents_Iast_Metastruct_Disabled: missing_feature
+      Test_SecurityEvents_Iast_Metastruct_Enabled: missing_feature
     test_rate_limiter.py:
       Test_Main: v2.0.0
     test_remote_config_rule_changes.py:

diff --git a/tests/appsec/iast/sink/test_nosql_mongodb_injection.py b/tests/appsec/iast/sink/test_nosql_mongodb_injection.py
@@ -20,6 +20,12 @@ class TestNoSqlMongodbInjection(BaseSinkTest):
         "nodejs": {"express4": "iast/index.js", "express4-typescript": "iast.ts", "express5": "iast/index.js"}
     }
 
+    @missing_feature(
+        context.weblog_variant == "express5", reason="express-mongo-sanitize is not yet compatible with express5"
+    )
+    def test_secure(self):
+        super().test_secure()
+
     @missing_feature(context.library < "[email protected]", reason="Not implemented yet")
     @missing_feature(library="python", reason="Not implemented yet")
     @missing_feature(library="dotnet", reason="Not implemented yet")