FE-1093: Harden orchestrator agent harness testing diagnostics#269
FE-1093: Harden orchestrator agent harness testing diagnostics#269kostandinang wants to merge 1 commit into
Conversation
kostandinang
changed the title
PR SummaryMedium Risk Overview
Reviewed by Cursor Bugbot for commit be3c011. Bugbot is set up for automated code reviews on this repo. Configure here. |
![semgrep-code-hashintel[bot]](https://avatars.githubusercontent.com/u/22116112?s=60&v=4){kind=small}
| } | ||
|
|
||
| function isRunnerPackageDenied(output: string, diagnostics: RunnerDiagnostics): boolean { | ||
| if (!/\b(?:EACCES|EPERM)\b|operation not permitted|permission denied/i.test(output)) return false; |
There was a problem hiding this comment.
Semgrep identified an issue in your code:
Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service.
To resolve this comment:
🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by regex_dos.
You can view more details about this finding in the Semgrep AppSec Platform.
1 participant
What
Adds profile-owned runner diagnostics for cook test execution.
Why
Runner/toolchain load failures, like Vitest being denied under confinement, should route as infra instead of product test failures.
Verification
npx vitest run src/orchestrator/src/project-profile.test.ts src/orchestrator/src/test-runner.test.tsnpm run verifyreached the full test suite; unrelated graph type-contract tests timed out.