Skip to content

Resolves issue-#35#1990

Open
Rakshak05 wants to merge 3 commits into
utksh1:mainfrom
Rakshak05:issue-#35
Open

Resolves issue-#35#1990
Rakshak05 wants to merge 3 commits into
utksh1:mainfrom
Rakshak05:issue-#35

Conversation

@Rakshak05

Copy link
Copy Markdown
Contributor

Description

This PR implements a sanitized command-preview panel in the scan configuration flow (issue #35).

Key Changes:

  • Redaction Utility Extension: Added vault_ref pattern-matching in backend/secuscan/redaction.py to detect and redact vault references (e.g. vault:secret_name and vault://secret_name) to vault:[REDACTED].
  • Backend API Route: Implemented POST /api/v1/plugin/{plugin_id}/preview in backend/secuscan/routes.py to compile command arguments from plugin schemas and form inputs, validate them, and redact sensitive variables.
  • Frontend Command Preview Component: Integrated the previewCommand wrapper in frontend/src/api.ts and created a premium Command_Preview panel in frontend/src/pages/ToolConfig.tsx that updates dynamically, warns users about validation errors, and displays a local/sanitized execution disclaimer.
  • Automated Tests: Added backend tests for vault reference redaction and the preview endpoint, as well as React Testing Library cases to verify UI rendering and validation.

Related Issues

Resolves #35

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update

How Has This Been Tested?

We verified our changes using the following automated test suites:

  1. Backend Tests: Checked secret redactions and API endpoint validations.
    python -m pytest testing/backend/unit/test_redaction.py testing/backend/unit/test_routes_preview.py -v
    
  2. Frontend Tests: Verified UI state changes, component rendering, and input handlers.
    npx vitest run testing/unit/pages/ToolConfigDynamic.test.tsx
    
  3. Type Checking: Verified typescript compiler output.
    npm run typecheck
    

Checklist

  • My code follows the code style of this project.
  • I have performed a self-review of my own code.
  • I have commented my code, particularly in hard-to-understand areas.
  • I have made corresponding changes to the documentation.
  • My changes generate no new warnings.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[SECURITY] Add sanitized command preview before scan execution

1 participant