-
Notifications
You must be signed in to change notification settings - Fork 154
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DiscouragedFunctionUnitTest.inc Security Flag #460
Comments
Hi @drinkingsouls. Thank you for your report. Join Magento Community Engineering Slack and ask your questions in #github channel. |
Yes, that's a false positive alert. I've opened #461 to avoid this going forward. |
@fredden thanks for confirming 👍 |
@drinkingsouls that sounds like a question for the provider of that scanning tool. |
@fredden good idea, I'll have a dig with Maldetect and see if they can pinpoint. Viewing the file, I can definitely see why it would flag base64 decode etc. As long as we're sure it's a false flag! |
I've noticed recently that the file DiscouragedFunctionUnitTest.inc file is being flagged by Maldetect scan on Linux.
malware hit {CAV}Php.Backdoor.Generic-10006641-0 found for /vendor/magento/magento-coding-standard/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.inc
maldet(7084): {hit} malware hit {CAV}Php.Backdoor.Generic-10006641-0 found for /.cache/composer/files/magento/magento-coding-standard/5cf0da126fda162c53eba8037babc7efd1dae3a9.zip
My file matches the original file here in code and size. I reinstalled the entire vendor folder and rescanned and it still flags in Maldetect. Looks like a false positive to me?
The text was updated successfully, but these errors were encountered: