Add ticket to bug declarations on java

manifests/java.yml

@@ -108,7 +108,7 @@ tests/:
             play: missing_feature
             ratpack: missing_feature
             spring-boot-3-native: missing_feature (GraalVM. Tracing support only)
-            spring-boot-openliberty: bug (not working as expected)
+            spring-boot-openliberty: bug (APPSEC-54981)
         test_insecure_cookie.py:
           TestInsecureCookie:
             '*': v1.18.0
@@ -253,7 +253,7 @@ tests/:
             ratpack: missing_feature
             resteasy-netty3: missing_feature
             spring-boot-3-native: missing_feature (GraalVM. Tracing support only)
-            spring-boot-openliberty: bug (not working as expected)
+            spring-boot-openliberty: bug (APPSEC-54981)
             vertx3: missing_feature
             vertx4: missing_feature
         test_xpath_injection.py:
@@ -299,7 +299,7 @@ tests/:
           TestCookieValue:
             '*': v1.10.0
             akka-http: v1.12.0
-            jersey-grizzly2: bug (name field of source not set)
+            jersey-grizzly2: bug (APPSEC-54982)
             play: missing_feature
             ratpack: missing_feature
             resteasy-netty3: v1.11.0
@@ -323,7 +323,7 @@ tests/:
           TestHeaderValue:
             '*': v1.3.0
             akka-http: v1.12.0
-            jersey-grizzly2: bug (name field of source not set)
+            jersey-grizzly2: bug (APPSEC-54982)
             play: missing_feature
             ratpack: missing_feature
             resteasy-netty3: v1.11.0
@@ -377,7 +377,7 @@ tests/:
           TestParameterValue:
             '*': v1.1.0
             akka-http: v1.12.0
-            jersey-grizzly2: bug (name field of source not set)
+            jersey-grizzly2: bug (APPSEC-54982)
             play: missing_feature
             ratpack: missing_feature
             resteasy-netty3: v1.11.0
@@ -544,8 +544,7 @@ tests/:
           ratpack: v0.99.0
           spring-boot-3-native: missing_feature (GraalVM. Tracing support only)
           vertx3: v0.99.0
-          vertx4: bug (Capability to read body content is incomplete after vert.x
-            4.0.0)
+          vertx4: bug (APPSEC-54983)
         Test_BodyRaw:
           '*': missing_feature
           akka-http: v1.22.0
@@ -566,8 +565,7 @@ tests/:
           ratpack: v0.99.0
           spring-boot-3-native: missing_feature (GraalVM. Tracing support only)
           vertx3: missing_feature
-          vertx4: bug (Capability to read body content is incomplete after vert.x
-            4.0.0)
+          vertx4: bug (APPSEC-54983)
         Test_Cookies:
           akka-http: v1.22.0
           play: v1.22.0
@@ -779,7 +777,7 @@ tests/:
         akka-http: v1.22.0
         play: v1.22.0
         spring-boot-3-native: missing_feature (GraalVM. Tracing support only)
-        spring-boot-payara: bug (blocking not working)
+        spring-boot-payara: bug (APPSEC-54985)
       Test_Blocking_request_body_multipart:
         '*': v1.15.0
         akka-http: v1.22.0
@@ -788,8 +786,8 @@ tests/:
         ratpack: missing_feature
         resteasy-netty3: missing_feature
         spring-boot-3-native: missing_feature (GraalVM. Tracing support only)
-        spring-boot-openliberty: bug
-        spring-boot-payara: bug (blocking not working)
+        spring-boot-openliberty: bug (APPSEC-54985)
+        spring-boot-payara: bug (APPSEC-54985)
       Test_Blocking_request_cookies:
         '*': missing_feature
         akka-http: v1.22.0
@@ -906,9 +904,9 @@ tests/:
         vertx4: v1.7.0
       Test_Suspicious_Request_Blocking:
         '*': v1.6.0
-        akka-http: bug
+        akka-http: bug (APPSEC-54985)
         spring-boot-3-native: missing_feature (GraalVM. Tracing support only)
-        spring-boot-payara: bug
+        spring-boot-payara: bug (APPSEC-54985)
     test_client_ip.py:
       Test_StandardTagsClientIp: v0.114.0
     test_conf.py:
@@ -1035,7 +1033,7 @@ tests/:
     test_suspicious_attacker_blocking.py:
       Test_Suspicious_Attacker_Blocking:
         '*': v1.39.0
-        play: bug (endpoint returns 404)
+        play: bug (APPSEC-54986)
         spring-boot-3-native: missing_feature (GraalVM. Tracing support only)
     test_traces.py:
       Test_AppSecEventSpanTags:
@@ -1164,7 +1162,7 @@ tests/:
           "*": irrelevant
           spring-boot: v0.1 # real version not known
     test_cassandra.py:
-      Test_Cassandra: bug (Endpoint is probably improperly implemented on weblog)
+      Test_Cassandra: bug (APMAPI-729)
     test_db_integrations_sql.py:
       Test_MsSql:
         '*': missing_feature
@@ -1215,9 +1213,9 @@ tests/:
         "*": irrelevant
         spring-boot: bug (AIDM-325)
     test_mongo.py:
-      Test_Mongo: bug (Endpoint is probably improperly implemented on weblog)
+      Test_Mongo: bug (APMAPI-729)
     test_sql.py:
-      Test_Sql: bug (Endpoint is probably improperly implemented on weblog)
+      Test_Sql: bug (APMAPI-729)
   k8s_lib_injection/:
     test_k8s_manual_inject.py:
       TestAdmisionControllerProfiling: v1.39.0

pyproject.toml

@@ -74,9 +74,7 @@ allow_no_jira_ticket_for_bugs = [
     "tests/appsec/test_traces.py::Test_AppSecEventSpanTags.test_header_collection",
     "tests/appsec/test_traces.py::Test_RetainTraces",
     "tests/appsec/test_user_blocking_full_denylist.py::Test_UserBlocking_FullDenylist.test_blocking_test",
-    "tests/appsec/waf/test_addresses.py::Test_BodyJson",
     "tests/appsec/waf/test_addresses.py::Test_BodyUrlEncoded",
-    "tests/appsec/waf/test_addresses.py::Test_BodyXml",
     "tests/appsec/waf/test_addresses.py::Test_BodyXml.test_xml_attr_value",
     "tests/appsec/waf/test_addresses.py::Test_BodyXml.test_xml_content",
     "tests/appsec/waf/test_miscs.py::Test_404",
@@ -85,18 +83,15 @@ allow_no_jira_ticket_for_bugs = [
     "tests/auto_inject/test_auto_inject_install.py::TestInstallerAutoInjectManual.test_install_uninstall",
     "tests/auto_inject/test_auto_inject_install.py::TestSimpleInstallerAutoInjectManual.test_install",
     "tests/debugger/test_debugger_pii.py::Test_Debugger_PII_Redaction.test_pii_redaction_dotnet_2_50",
-    "tests/integrations/test_cassandra.py::Test_Cassandra",
     "tests/integrations/test_db_integrations_sql.py::Test_MsSql.test_db_name",
     "tests/integrations/test_db_integrations_sql.py::Test_MsSql.test_db_system",
     "tests/integrations/test_db_integrations_sql.py::Test_MsSql.test_db_user",
     "tests/integrations/test_db_integrations_sql.py::Test_Postgres.test_db_type",
     "tests/integrations/test_dbm.py::Test_Dbm.test_trace_payload_service",
     "tests/integrations/test_dsm.py::Test_DsmRabbitmq.test_dsm_rabbitmq",
-    "tests/integrations/test_mongo.py::Test_Mongo",
     "tests/integrations/test_open_telemetry.py::_BaseOtelDbIntegrationTestClass.test_db_operation",
     "tests/integrations/test_open_telemetry.py::Test_MsSql.test_db_operation",
     "tests/integrations/test_open_telemetry.py::Test_MsSql.test_resource",
-    "tests/integrations/test_sql.py::Test_Sql",
     "tests/k8s_lib_injection/test_k8s_init_image_validator.py::TestK8sInitImageValidator.test_valid_weblog_instrumented",
     "tests/k8s_lib_injection/test_k8s_init_image_validator.py::TestK8sInitImageValidatorUnsupported.test_invalid_weblog_not_instrumented",
 
@@ -166,16 +161,7 @@ allow_no_jira_ticket_for_bugs = [
     "tests/parametric/test_dynamic_configuration.py::TestDynamicConfigTracingEnabled",
     "tests/parametric/test_dynamic_configuration.py::TestDynamicConfigV1",
     "tests/parametric/test_dynamic_configuration.py::TestDynamicConfigV2",
-    "tests/appsec/test_blocking_addresses.py::Test_Suspicious_Request_Blocking",
-    "tests/appsec/iast/source/test_cookie_value.py::TestCookieValue",
-    "tests/appsec/iast/source/test_header_value.py::TestHeaderValue",
-    "tests/appsec/iast/source/test_parameter_value.py::TestParameterValue",
-    "tests/appsec/test_suspicious_attacker_blocking.py::Test_Suspicious_Attacker_Blocking",
-    "tests/appsec/iast/sink/test_xcontent_sniffing.py::Test_XContentSniffing",
-    "tests/appsec/iast/sink/test_insecure_auth_protocol.py::Test_InsecureAuthProtocol",
-    "tests/appsec/test_blocking_addresses.py::Test_Blocking_request_body_multipart",
     "tests/parametric/test_config_consistency.py::Test_Config_TraceLogDirectory",
-    "tests/appsec/test_blocking_addresses.py::Test_Blocking_request_body",
 ]
 
 [tool.pylint]

tests/appsec/waf/test_addresses.py

@@ -270,7 +270,7 @@ def test_body_value(self):
         interfaces.library.assert_waf_attack(self.r_value, value='<vmlframe src="xss">', address="server.request.body")
 
 
-@bug(context.library == "[email protected]", reason="Capability to read body content is broken")
+@bug(context.library == "[email protected]", reason="APMRP-360")
 @features.appsec_request_blocking
 class Test_BodyJson:
     """Appsec supports <JSON encoded body>"""
@@ -305,7 +305,7 @@ def test_json_array(self):
         interfaces.library.assert_waf_attack(self.r_array, value='<vmlframe src="xss">', address="server.request.body")
 
 
-@bug(context.library == "[email protected]", reason="Capability to read body content is broken")
+@bug(context.library == "[email protected]", reason="APMRP-360")
 @features.appsec_request_blocking
 class Test_BodyXml:
     """Appsec supports <XML encoded body>"""