Skip to content

Auto-activate python manifest tests #6225

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
dd-octo-sts wants to merge 1 commit into
base: main
Choose a base branch
from
+143 −13
Draft

Auto-activate python manifest tests #6225

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
156 changes: 143 additions & 13 deletions manifests/python.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,28 +103,46 @@ manifest:
- weblog_declaration:
tornado: v4.3.1 # Modified by easy win activation script
tests/appsec/iast/sink: # Created by easy win activation script
- weblog_declaration:
tornado: v4.4.0 # Modified by easy win activation script
tests/appsec/iast/sink/test_code_injection.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_code_injection.py::TestCodeInjection: v2.20.0
tests/appsec/iast/sink/test_code_injection.py::TestCodeInjection_ExtendedLocation: v3.1.0.dev
tests/appsec/iast/sink/test_code_injection.py::TestCodeInjection_StackTrace: v3.9.0.dev
tests/appsec/iast/sink/test_command_injection.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_command_injection.py::TestCommandInjection:
- weblog_declaration:
"*": v2.10.0
fastapi: v2.15.0
tests/appsec/iast/sink/test_command_injection.py::TestCommandInjection::test_secure: v3.0.0
tests/appsec/iast/sink/test_command_injection.py::TestCommandInjection_ExtendedLocation: v3.1.0.dev
tests/appsec/iast/sink/test_command_injection.py::TestCommandInjection_StackTrace: v3.9.0.dev
tests/appsec/iast/sink/test_email_html_injection.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_email_html_injection.py::TestEmailHtmlInjection: missing_feature
tests/appsec/iast/sink/test_email_html_injection.py::TestEmailHtmlInjection_ExtendedLocation: missing_feature
tests/appsec/iast/sink/test_email_html_injection.py::TestEmailHtmlInjection_StackTrace: missing_feature
tests/appsec/iast/sink/test_hardcoded_passwords.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_hardcoded_passwords.py::Test_HardcodedPasswords: missing_feature
tests/appsec/iast/sink/test_hardcoded_passwords.py::Test_HardcodedPasswords_ExtendedLocation: missing_feature
tests/appsec/iast/sink/test_hardcoded_passwords.py::Test_HardcodedPasswords_StackTrace: missing_feature
tests/appsec/iast/sink/test_hardcoded_secrets.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_hardcoded_secrets.py::Test_HardcodedSecrets: missing_feature
tests/appsec/iast/sink/test_hardcoded_secrets.py::Test_HardcodedSecretsExtended: missing_feature
tests/appsec/iast/sink/test_hardcoded_secrets.py::Test_HardcodedSecrets_ExtendedLocation: missing_feature
tests/appsec/iast/sink/test_hardcoded_secrets.py::Test_HardcodedSecrets_StackTrace: missing_feature
tests/appsec/iast/sink/test_header_injection.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_header_injection.py::TestHeaderInjection:
- weblog_declaration:
"*": irrelevant (was v2.10.0.dev but algorithm was updated will be updated)
Expand All @@ -141,70 +159,136 @@ manifest:
- weblog_declaration:
"*": irrelevant (was v3.9.0.dev but algorithm was updated will be updated)
*django: v3.10.0.dev
tests/appsec/iast/sink/test_hsts_missing_header.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_hsts_missing_header.py::Test_HstsMissingHeader: missing_feature
tests/appsec/iast/sink/test_hsts_missing_header.py::Test_HstsMissingHeader_ExtendedLocation: missing_feature
tests/appsec/iast/sink/test_hsts_missing_header.py::Test_HstsMissingHeader_StackTrace: missing_feature
tests/appsec/iast/sink/test_insecure_auth_protocol.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_insecure_auth_protocol.py::Test_InsecureAuthProtocol: missing_feature
tests/appsec/iast/sink/test_insecure_auth_protocol.py::Test_InsecureAuthProtocol_ExtendedLocation: missing_feature
tests/appsec/iast/sink/test_insecure_auth_protocol.py::Test_InsecureAuthProtocol_StackTrace: missing_feature
tests/appsec/iast/sink/test_insecure_cookie.py::TestInsecureCookie:
- weblog_declaration:
"*": v1.19.0
fastapi: v2.16.0
- # Added by easy win activation script
weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_insecure_cookie.py::TestInsecureCookie::test_telemetry_metric_instrumented_sink: v3.1.0
tests/appsec/iast/sink/test_insecure_cookie.py::TestInsecureCookieNameFilter: missing_feature
tests/appsec/iast/sink/test_insecure_cookie.py::TestInsecureCookie_ExtendedLocation: v3.1.0.dev
tests/appsec/iast/sink/test_insecure_cookie.py::TestInsecureCookieNameFilter:
- declaration: missing_feature
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_insecure_cookie.py::TestInsecureCookie_ExtendedLocation:
- declaration: missing_feature
- weblog_declaration:
Comment on lines +186 to +188
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot Feb 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Restore version gating instead of global missing_feature

This change replaces the previous version declaration with declaration: missing_feature, which disables the test for all weblogs and versions rather than only excluding tornado. Given the surrounding entries add tornado-specific exclusions elsewhere, this looks like an unintended regression that turns off the test entirely (same pattern also appears for other ExtendedLocation entries in this block). If the intent was to keep the existing version gate and only skip tornado, use a weblog_declaration with a "*": v3.1.0.dev default plus tornado: missing_feature.

Useful? React with 👍 / 👎.

tornado: missing_feature
tests/appsec/iast/sink/test_insecure_cookie.py::TestInsecureCookie_StackTrace: v3.9.0.dev
tests/appsec/iast/sink/test_ldap_injection.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_ldap_injection.py::TestLDAPInjection: missing_feature
tests/appsec/iast/sink/test_ldap_injection.py::TestLDAPInjection_ExtendedLocation: missing_feature
tests/appsec/iast/sink/test_ldap_injection.py::TestLDAPInjection_StackTrace: missing_feature
tests/appsec/iast/sink/test_no_httponly_cookie.py::TestNoHttponlyCookie:
- weblog_declaration:
"*": v1.19.0
fastapi: v2.16.0-dev
- # Added by easy win activation script
weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_no_httponly_cookie.py::TestNoHttponlyCookie::test_telemetry_metric_instrumented_sink: v3.1.0
tests/appsec/iast/sink/test_no_httponly_cookie.py::TestNoHttponlyCookieNameFilter: missing_feature
tests/appsec/iast/sink/test_no_httponly_cookie.py::TestNoHttponlyCookie_ExtendedLocation: v3.1.0.dev
tests/appsec/iast/sink/test_no_httponly_cookie.py::TestNoHttponlyCookieNameFilter:
- declaration: missing_feature
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_no_httponly_cookie.py::TestNoHttponlyCookie_ExtendedLocation:
- declaration: missing_feature
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_no_httponly_cookie.py::TestNoHttponlyCookie_StackTrace: v3.9.0.dev
tests/appsec/iast/sink/test_no_samesite_cookie.py::TestNoSamesiteCookie:
- weblog_declaration:
"*": v1.19.0
fastapi: v2.16.0-dev
- # Added by easy win activation script
weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_no_samesite_cookie.py::TestNoSamesiteCookie::test_telemetry_metric_instrumented_sink: v3.1.0
tests/appsec/iast/sink/test_no_samesite_cookie.py::TestNoSamesiteCookieNameFilter: missing_feature
tests/appsec/iast/sink/test_no_samesite_cookie.py::TestNoSamesiteCookie_ExtendedLocation: v3.1.0.dev
tests/appsec/iast/sink/test_no_samesite_cookie.py::TestNoSamesiteCookieNameFilter:
- declaration: missing_feature
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_no_samesite_cookie.py::TestNoSamesiteCookie_ExtendedLocation:
- declaration: missing_feature
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_no_samesite_cookie.py::TestNoSamesiteCookie_StackTrace: v3.9.0.dev
tests/appsec/iast/sink/test_nosql_mongodb_injection.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_nosql_mongodb_injection.py::TestNoSqlMongodbInjection: missing_feature
tests/appsec/iast/sink/test_nosql_mongodb_injection.py::TestNoSqlMongodbInjection_ExtendedLocation: missing_feature
tests/appsec/iast/sink/test_nosql_mongodb_injection.py::TestNoSqlMongodbInjection_StackTrace: missing_feature
tests/appsec/iast/sink/test_path_traversal.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_path_traversal.py::TestPathTraversal:
- weblog_declaration:
"*": v2.10.0
fastapi: v2.15.0
tests/appsec/iast/sink/test_path_traversal.py::TestPathTraversal_ExtendedLocation: v3.1.0.dev
tests/appsec/iast/sink/test_path_traversal.py::TestPathTraversal_StackTrace: v3.9.0.dev
tests/appsec/iast/sink/test_reflection_injection.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_reflection_injection.py::TestReflectionInjection: missing_feature
tests/appsec/iast/sink/test_reflection_injection.py::TestReflectionInjection_ExtendedLocation: missing_feature
tests/appsec/iast/sink/test_reflection_injection.py::TestReflectionInjection_StackTrace: missing_feature
tests/appsec/iast/sink/test_sql_injection.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_sql_injection.py::TestSqlInjection:
- weblog_declaration:
'*': v1.18.0
fastapi: v2.15.0
tests/appsec/iast/sink/test_sql_injection.py::TestSqlInjection_ExtendedLocation: v3.1.0.dev
tests/appsec/iast/sink/test_sql_injection.py::TestSqlInjection_StackTrace: v3.9.0.dev
tests/appsec/iast/sink/test_ssrf.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_ssrf.py::TestSSRF: v2.10.0
tests/appsec/iast/sink/test_ssrf.py::TestSSRF_ExtendedLocation: v3.1.0.dev
tests/appsec/iast/sink/test_ssrf.py::TestSSRF_StackTrace: v3.9.0.dev
tests/appsec/iast/sink/test_stacktrace_leak.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_stacktrace_leak.py::TestStackTraceLeak: v3.1.0.dev
tests/appsec/iast/sink/test_stacktrace_leak.py::TestStackTraceLeak::test_telemetry_metric_instrumented_sink: missing_feature
tests/appsec/iast/sink/test_template_injection.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_template_injection.py::TestTemplateInjection: missing_feature
tests/appsec/iast/sink/test_template_injection.py::TestTemplateInjection_ExtendedLocation: missing_feature
tests/appsec/iast/sink/test_trust_boundary_violation.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_trust_boundary_violation.py::Test_TrustBoundaryViolation: missing_feature
tests/appsec/iast/sink/test_trust_boundary_violation.py::Test_TrustBoundaryViolation_ExtendedLocation: missing_feature
tests/appsec/iast/sink/test_trust_boundary_violation.py::Test_TrustBoundaryViolation_StackTrace: missing_feature
tests/appsec/iast/sink/test_untrusted_deserialization.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_untrusted_deserialization.py::TestUntrustedDeserialization: missing_feature
tests/appsec/iast/sink/test_untrusted_deserialization.py::TestUntrustedDeserialization_ExtendedLocation: missing_feature
tests/appsec/iast/sink/test_untrusted_deserialization.py::TestUntrustedDeserialization_StackTrace: missing_feature
tests/appsec/iast/sink/test_unvalidated_redirect.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_unvalidated_redirect.py::TestUnvalidatedHeader:
- weblog_declaration:
"*": v3.12.0.dev (implemented in v3.9.0.dev, but there was the APPSEC-57817 bug)
Expand All @@ -226,6 +310,9 @@ manifest:
tests/appsec/iast/sink/test_unvalidated_redirect.py::TestUnvalidatedRedirect_StackTrace:
- weblog_declaration:
"*": v3.12.0.dev (implemented in v3.9.0.dev, but there was the APPSEC-57817 bug)
tests/appsec/iast/sink/test_unvalidated_redirect_forward.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_unvalidated_redirect_forward.py::TestUnvalidatedForward: missing_feature
tests/appsec/iast/sink/test_unvalidated_redirect_forward.py::TestUnvalidatedForward_ExtendedLocation: missing_feature
tests/appsec/iast/sink/test_unvalidated_redirect_forward.py::TestUnvalidatedForward_StackTrace: missing_feature
Expand All @@ -241,19 +328,37 @@ manifest:
tests/appsec/iast/sink/test_weak_hash.py::TestWeakHash:
- weblog_declaration:
"*": v1.18.0
tests/appsec/iast/sink/test_weak_hash.py::TestWeakHash_ExtendedLocation: v3.1.0.dev
tests/appsec/iast/sink/test_weak_hash.py::TestWeakHash::test_secure: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_weak_hash.py::TestWeakHash_ExtendedLocation:
- declaration: missing_feature
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_weak_hash.py::TestWeakHash_StackTrace: v3.9.0.dev
tests/appsec/iast/sink/test_weak_randomness.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_weak_randomness.py::TestWeakRandomness:
- weblog_declaration:
"*": v2.0.0
tests/appsec/iast/sink/test_weak_randomness.py::TestWeakRandomness_ExtendedLocation: v3.1.0.dev
tests/appsec/iast/sink/test_weak_randomness.py::TestWeakRandomness_StackTrace: v3.9.0.dev
tests/appsec/iast/sink/test_xcontent_sniffing.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_xcontent_sniffing.py::Test_XContentSniffing: missing_feature
tests/appsec/iast/sink/test_xcontent_sniffing.py::Test_XContentSniffing_ExtendedLocation: missing_feature
tests/appsec/iast/sink/test_xcontent_sniffing.py::Test_XContentSniffing_StackTrace: missing_feature
tests/appsec/iast/sink/test_xpath_injection.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_xpath_injection.py::TestXPathInjection: missing_feature
tests/appsec/iast/sink/test_xpath_injection.py::TestXPathInjection_ExtendedLocation: missing_feature
tests/appsec/iast/sink/test_xpath_injection.py::TestXPathInjection_StackTrace: missing_feature
tests/appsec/iast/sink/test_xss.py: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/iast/sink/test_xss.py::TestXSS:
- weblog_declaration:
"*": v3.0.0.dev
Expand Down Expand Up @@ -474,6 +579,22 @@ manifest:
"*": v3.2.0.dev
flask-poc: v3.12.0.dev (is v3.2.0.dev but weblog was flaky before fix)
uds-flask: v3.12.0.dev (is v3.2.0.dev but weblog was flaky before fix)
tornado: v4.4.0 # Modified by easy win activation script
? tests/appsec/test_asm_standalone.py::Test_IastStandalone_UpstreamPropagation_V2::test_no_appsec_upstream__no_asm_event__is_kept_with_priority_1__from_0
: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
? tests/appsec/test_asm_standalone.py::Test_IastStandalone_UpstreamPropagation_V2::test_no_appsec_upstream__no_asm_event__is_kept_with_priority_1__from_1
: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
? tests/appsec/test_asm_standalone.py::Test_IastStandalone_UpstreamPropagation_V2::test_no_appsec_upstream__no_asm_event__is_kept_with_priority_1__from_2
: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
? tests/appsec/test_asm_standalone.py::Test_IastStandalone_UpstreamPropagation_V2::test_no_appsec_upstream__no_asm_event__is_kept_with_priority_1__from_minus_1
: # Created by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/appsec/test_asm_standalone.py::Test_SCAStandalone_Telemetry_V2: v3.2.0.dev
tests/appsec/test_asm_standalone.py::Test_UserEventsStandalone_Automated: v3.2.0.dev
Expand Down Expand Up @@ -948,7 +1069,12 @@ manifest:
"*": missing_feature
*flask: v3.5.0
? tests/debugger/test_debugger_inproduct_enablement.py::Test_Debugger_InProduct_Enablement_Dynamic_Instrumentation::test_inproduct_enablement_di
: bug (DEBUG-5000)
: # Modified by easy win activation script
- declaration: bug (DEBUG-5000)
component_version: <4.4.0
weblog: [flask-poc]
- declaration: bug (DEBUG-5000)
excluded_weblog: [flask-poc]
tests/debugger/test_debugger_inproduct_enablement.py::Test_Debugger_InProduct_Enablement_Exception_Replay:
- weblog_declaration:
"*": missing_feature
Expand Down Expand Up @@ -1721,15 +1847,15 @@ manifest:
- weblog_declaration:
"*": v2.8.0
*django: bug (APMSP-1375)
- # Added by easy win activation script
weblog_declaration:
# Added by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/stats/test_stats.py::Test_Client_Stats::test_is_trace_root:
- weblog_declaration:
"*": v2.8.0
*django: bug (APMSP-1375)
- # Added by easy win activation script
weblog_declaration:
# Added by easy win activation script
- weblog_declaration:
tornado: missing_feature
tests/stats/test_stats.py::Test_Time_Bucketing::test_client_side_stats_bucket_alignment: # Modified by easy win activation script
- weblog_declaration:
Expand All @@ -1746,10 +1872,14 @@ manifest:
- weblog_declaration:
"*": incomplete_test_app (endpoint not implemented)
flask-poc: v2.16.0
uwsgi-poc: v4.4.0 # Modified by easy win activation script
uds-flask: v4.4.0 # Modified by easy win activation script
tests/test_baggage.py::Test_Baggage_Headers_Api_OTel:
- weblog_declaration:
"*": incomplete_test_app (endpoint not implemented)
flask-poc: missing_feature (OTel baggage not unified with Datadog baggage)
flask-poc: v4.4.0 # Modified by easy win activation script
uwsgi-poc: v4.4.0 # Modified by easy win activation script
uds-flask: v4.4.0 # Modified by easy win activation script
tests/test_baggage.py::Test_Baggage_Headers_Basic:
- weblog_declaration:
"*": irrelevant
Expand Down
Loading