Skip to content

refactor(appsec): extract rel_path and get_caller_frame_info to _patch_utils#17331

Closed
avara1986 wants to merge 3 commits intomainfrom
avara1986/extract-caller-frame-info-to-patch-utils
Closed

refactor(appsec): extract rel_path and get_caller_frame_info to _patch_utils#17331
avara1986 wants to merge 3 commits intomainfrom
avara1986/extract-caller-frame-info-to-patch-utils

Conversation

@avara1986
Copy link
Copy Markdown
Member

@avara1986 avara1986 commented Apr 6, 2026
edited
Loading

Summary

  • Extract rel_path() and _compute_file_line() from VulnerabilityBase in _iast/taint_sinks/_base.py into shared functions (rel_path and get_caller_frame_info) in _patch_utils.py.
  • Remove os, sysconfig, CWD, PURELIB_PATH, STDLIB_PATH and the get_info_frame import from _base.py — all now encapsulated in the shared get_caller_frame_info().
  • Both IAST and SCA can now reuse these functions without depending on IAST internals.

Split out from #17156 to keep PRs incremental and reviewable. Depends on #17329.

Test plan

  • Existing IAST vulnerability tests pass (they call VulnerabilityBase.report() which now delegates to get_caller_frame_info())
  • IAST stacktrace tests pass (tests/appsec/iast/test_stacktrace.py)
  • IAST memcheck tests pass (tests/appsec/iast_memcheck/test_iast_mem_check.py)

🤖 Generated with Claude Code

avara1986 and others added 2 commits April 6, 2026 14:28
@avara1986 @claude
refactor(appsec): move _stacktrace from _iast to _shared package
76b1d8f 
Move the native _stacktrace C extension from ddtrace/appsec/_iast/ to
ddtrace/appsec/_shared/ so it can be reused by both IAST and SCA
without creating a dependency from SCA into IAST internals.

Split out from #17156 to keep PRs incremental and reviewable.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@avara1986 @claude
refactor(appsec): extract rel_path and get_caller_frame_info to _patc…
61116f2 
…h_utils

Move rel_path() and the frame-walking logic (_compute_file_line) from
VulnerabilityBase in _iast/taint_sinks/_base.py to shared functions in
_patch_utils.py so both IAST and SCA can reuse them without depending
on IAST internals.

Split out from #17156 to keep PRs incremental and reviewable.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@avara1986 avara1986 marked this pull request as draft April 6, 2026 13:34
@avara1986 avara1986 requested a review from a team as a code owner April 6, 2026 13:34
@avara1986 avara1986 added ASM Application Security Monitoring changelog/no-changelog A changelog entry is not required for this PR. labels Apr 6, 2026
@cit-pr-commenter-54b7da
Copy link
Copy Markdown

cit-pr-commenter-54b7da bot commented Apr 6, 2026
edited
Loading

Codeowners resolved as

ddtrace/appsec/_iast/taint_sinks/insecure_cookie.py                     @DataDog/asm-python
tests/appsec/iast/taint_sinks/test_weak_hash.py                         @DataDog/asm-python

@avara1986 @claude
refactor(appsec): migrate insecure_cookie and test_weak_hash to get_c…
1072ec1 
…aller_frame_info

Update CookiesVulnerability.report_cookies() to use the shared
get_caller_frame_info() instead of the removed _compute_file_line().
Update test mock target from get_info_frame to get_caller_frame_info.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@avara1986 avara1986 changed the base branch from avara1986/move-stacktrace-to-shared to main April 6, 2026 13:51
@avara1986 avara1986 closed this Apr 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

ASM Application Security Monitoring changelog/no-changelog A changelog entry is not required for this PR.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@avara1986