Skip to content

Handle array-valued audit guard results#4395

Draft
FlorianPfaff wants to merge 1 commit into
mainfrom
agent/handle-array-audit-results
Draft

Handle array-valued audit guard results#4395
FlorianPfaff wants to merge 1 commit into
mainfrom
agent/handle-array-audit-results

Conversation

@FlorianPfaff

Copy link
Copy Markdown
Owner

Summary

  • compare normalized selector outputs through an equality reducer that accepts scalar and array-like results
  • preserve existing scalar behavior while treating elementwise array equality as one invariant result
  • add a NumPy regression for an allowed-feature selector that returns an array

Bug

assert_selector_invariant_under_forbidden_key_changes() used chained equality directly:

baseline == stripped == poisoned == guarded

For NumPy outputs, the first equality returns a boolean array. Python then tries to coerce that array to one truth value and raises ValueError, even when every selector result is identical.

Fix

Reduce array-like equality results with their all() method before boolean coercion. Comparison failures are treated as non-equality so the helper continues to raise its documented AssertionError for changed results.

Validation

  • focused local test harness matching the current files: PYTHONPATH=. pytest -q tests/tracking/test_audit_guards.py
  • 6 passed

@github-actions

Copy link
Copy Markdown
Contributor

MegaLinter analysis: Success

Descriptor Linter Files Fixed Errors Warnings Elapsed time
✅ COPYPASTE jscpd yes no no 21.27s
✅ JSON prettier 7 0 0 0 1.2s
✅ JSON v8r 7 0 0 3.49s
✅ MARKDOWN markdownlint 68 0 0 0 1.85s
✅ MARKDOWN markdown-table-formatter 68 0 0 0 0.81s
✅ PYTHON black 1489 182 0 0 86.66s
✅ PYTHON isort 1489 327 0 0 2.48s
✅ REPOSITORY betterleaks yes no no 2.49s
✅ REPOSITORY checkov yes no no 53.16s
✅ REPOSITORY gitleaks yes no no 14.17s
✅ REPOSITORY git_diff yes no no 0.23s
✅ REPOSITORY secretlint yes no no 58.6s
✅ REPOSITORY syft yes no no 6.6s
✅ REPOSITORY trivy-sbom yes no no 7.11s
✅ REPOSITORY trufflehog yes no no 31.43s
✅ YAML prettier 11 0 0 0 0.85s
✅ YAML v8r 11 0 0 10.53s
✅ YAML yamllint 11 0 0 0.67s

Notices

📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

  • Documentation: Custom Flavors
  • Command: npx mega-linter-runner@9.6.0 --custom-flavor-setup --custom-flavor-linters PYTHON_BLACK,PYTHON_ISORT,COPYPASTE_JSCPD,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_BETTERLEAKS,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

MegaLinter is graciously provided by OX Security
Show us your support by starring ⭐ the repository

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant