-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
auditbeat/module/file_integrity: remove garbled PE executable test file #35724
Conversation
This file is detected by some malware detection systems as malicious likely due to the source obfuscation that garble does to it. The testing of the underlying library already tests the infrastucture, so removing the test here does not harm coverage. The executable itself is a garble built compilation of the file at https://github.com/elastic/toutoumomoma/blob/dev/testdata/main.go. In that repository the executable is built on the fly during testing rather than being retained as an asset.
This pull request does not have a backport label.
To fixup this pull request, you need to add the backport labels for the needed
|
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
…le (#35724) This file is detected by some malware detection systems as malicious likely due to the source obfuscation that garble does to it. The testing of the underlying library already tests the infrastucture, so removing the test here does not harm coverage. The executable itself is a garble built compilation of the file at https://github.com/elastic/toutoumomoma/blob/dev/testdata/main.go. In that repository the executable is built on the fly during testing rather than being retained as an asset. (cherry picked from commit 7ad2548)
…le (#35724) (#35753) This file is detected by some malware detection systems as malicious likely due to the source obfuscation that garble does to it. The testing of the underlying library already tests the infrastucture, so removing the test here does not harm coverage. The executable itself is a garble built compilation of the file at https://github.com/elastic/toutoumomoma/blob/dev/testdata/main.go. In that repository the executable is built on the fly during testing rather than being retained as an asset. (cherry picked from commit 7ad2548) Co-authored-by: Dan Kortschak <90160302+efd6@users.noreply.github.com>
What does this PR do?
This file is detected by some malware detection systems as malicious likely due to the source obfuscation that garble does to it. The testing of the underlying library already tests the infrastucture, so removing the test here does not harm coverage.
The executable itself is a garble built compilation of the file at https://github.com/elastic/toutoumomoma/blob/dev/testdata/main.go. In that repository the executable is built on the fly during testing rather than being retained as an asset.
Why is it important?
Impacts on UX.
Checklist
CHANGELOG.next.asciidoc
orCHANGELOG-developer.next.asciidoc
.Author's Checklist
How to test this PR locally
Related issues
Use cases
Screenshots
Logs