Skip to content

feat(go): Add DSL rule loader and OWASP Top 10 examples #360

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
shivasurya merged 1 commit into from
Nov 10, 2025
Merged

feat(go): Add DSL rule loader and OWASP Top 10 examples #360

shivasurya merged 1 commit into from
Nov 10, 2025

Conversation

@shivasurya
Copy link
Owner

@shivasurya shivasurya commented Nov 9, 2025

Description:

Explain the purpose of the PR.

Checklist:

  • Tests passing (gradle testGo)?
  • Lint passing (golangci-lint run this requires golangci-lint)?

@shivasurya shivasurya added the enhancement New feature or request label Nov 9, 2025
@shivasurya shivasurya self-assigned this Nov 9, 2025
@shivasurya shivasurya added go Pull requests that update go code python labels Nov 9, 2025
This was referenced Nov 9, 2025
Merged
Merged
Merged
Merged
Merged
Merged
Merged
@shivasurya Graphite App
Copy link
Owner Author

shivasurya commented Nov 9, 2025
edited
Loading

This stack of pull requests is managed by Graphite. Learn more about stacking.

This was referenced Nov 9, 2025
Merged
Merged
@codecov
Copy link

codecov bot commented Nov 10, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 83.33333% with 14 lines in your changes missing coverage. Please review.
✅ Project coverage is 80.35%. Comparing base (0018797) to head (fc1b33d).
⚠️ Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
sourcecode-parser/dsl/loader.go 83.33% 7 Missing and 7 partials ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #360      +/-   ##
==========================================
+ Coverage   80.11%   80.35%   +0.24%     
==========================================
  Files          63       64       +1     
  Lines        6453     6537      +84     
==========================================
+ Hits         5170     5253      +83     
+ Misses       1068     1061       -7     
- Partials      215      223       +8

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@shivasurya shivasurya marked this pull request as ready for review November 10, 2025 03:36
@safedep
Copy link

safedep bot commented Nov 10, 2025
edited
Loading

SafeDep Report Summary

Green Malicious Packages Badge Green Vulnerable Packages Badge Green Risky License Badge

No dependency changes detected. Nothing to scan.

This report is generated by SafeDep Github App

@shivasurya Graphite App
Copy link
Owner Author

shivasurya commented Nov 10, 2025
edited
Loading

Merge activity

  • Nov 10, 4:23 AM UTC: A user started a stack merge that includes this pull request via Graphite.
  • Nov 10, 4:38 AM UTC: Graphite rebased this pull request as part of a merge.
  • Nov 10, 4:39 AM UTC: @shivasurya merged this pull request with Graphite.

@shivasurya shivasurya changed the base branch from pr-08-go-dataflow-integration to graphite-base/360 November 10, 2025 04:36
@shivasurya shivasurya changed the base branch from graphite-base/360 to main November 10, 2025 04:37
@shivasurya @claude
feat(go): Add DSL rule loader and OWASP Top 10 examples
fc1b33d 
Implements the integration layer between Python DSL and Go executor with comprehensive OWASP security rule examples demonstrating the end-to-end detection pipeline.

**Go Integration Layer:**
- dsl/loader.go: RuleLoader with context.WithTimeout (30s) for Python rule execution, ExecuteRule dispatcher routing to call_matcher/variable_matcher/dataflow/logic executors
- dsl/loader_test.go: 11 comprehensive tests covering valid rules, invalid syntax, invalid JSON, non-existent files, all matcher types, and error handling

**OWASP Examples:**
- python-dsl/examples/owasp_top10.py: 6 production-ready security rules (SQL injection CWE-89, command injection CWE-78, code injection CWE-94, SSRF CWE-918, path traversal CWE-22, insecure deserialization CWE-502) using flows() with PropagationPresets.standard()

**Testing:**
- All 167 Python tests pass (99% coverage)
- All Go tests pass (dsl package: 0.455s)
- All linters pass (golangci-lint, ruff, black, mypy)
- OWASP examples produce valid JSON IR

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>
@shivasurya shivasurya force-pushed the pr-09-integration-owasp branch from 5d24e54 to fc1b33d Compare November 10, 2025 04:38
@shivasurya shivasurya merged commit 3fa0b9c into main Nov 10, 2025
3 checks passed
@shivasurya shivasurya deleted the pr-09-integration-owasp branch November 10, 2025 04:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@shivasurya shivasurya

Labels

enhancement New feature or request go Pull requests that update go code python

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@shivasurya