Skip to content

[nodejs@ccapell/check-discarded-payloads] Fix Hardcoded passwords and secrets flaky tests#6143

Draft
CarlesDD wants to merge 5 commits intomainfrom
ccapell/fix-iast-hardcoded-flaky
Draft

[nodejs@ccapell/check-discarded-payloads] Fix Hardcoded passwords and secrets flaky tests#6143
CarlesDD wants to merge 5 commits intomainfrom
ccapell/fix-iast-hardcoded-flaky

Conversation

@CarlesDD
Copy link
Contributor

@CarlesDD CarlesDD commented Jan 29, 2026

Motivation

Changes

Workflow

  1. ⚠️ Create your PR as draft ⚠️
  2. Work on you PR until the CI passes
  3. Mark it as ready for review
    • Test logic is modified? -> Get a review from RFC owner.
    • Framework is modified, or non obvious usage of it -> get a review from R&P team

🚀 Once your PR is reviewed and the CI green, you can merge it!

🛟 #apm-shared-testing 🛟

Reviewer checklist

  • Anything but tests/ or manifests/ is modified ? I have the approval from R&P team
  • A docker base image is modified?
    • the relevant build-XXX-image label is present
  • A scenario is added, removed or renamed?

@github-actions
Copy link
Contributor

github-actions bot commented Jan 29, 2026
edited
Loading

CODEOWNERS have been resolved as:

manifests/nodejs.yml                                                    @DataDog/dd-trace-js

@datadog-official
Copy link

datadog-official bot commented Feb 2, 2026
edited by datadog-datadog-prod-us1 bot
Loading

⚠️ Tests

Fix all issues with Cursor

⚠️ Warnings

❄️ 5 New flaky tests detected

tests.appsec.iast.sink.test_hardcoded_passwords.Test_HardcodedPasswords_ExtendedLocation.test_extended_location_data[uds-express4] from system_tests_suite (Datadog) (Fix with Cursor) 
AssertionError: No hardcoded vulnerabilities found
assert []

self = <tests.appsec.iast.sink.test_hardcoded_passwords.Test_HardcodedPasswords_ExtendedLocation object at 0x7f4b33be2180>

    def test_extended_location_data(self):
>       hardcoded_passwords = get_hardcoded_vulnerabilities("HARDCODED_PASSWORD")

tests/appsec/iast/sink/test_hardcoded_passwords.py:68: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
...
tests.appsec.iast.sink.test_hardcoded_passwords.Test_HardcodedPasswords.test_hardcoded_passwords_exec[uds-express4] from system_tests_suite (Datadog) (Fix with Cursor) 
AssertionError: No hardcoded vulnerabilities found
assert []

self = <tests.appsec.iast.sink.test_hardcoded_passwords.Test_HardcodedPasswords object at 0x7f4b33be1dc0>

    def test_hardcoded_passwords_exec(self):
        assert self.r_hardcoded_passwords_exec.status_code == 200
>       hardcoded_passwords = get_hardcoded_vulnerabilities("HARDCODED_PASSWORD")

tests/appsec/iast/sink/test_hardcoded_passwords.py:30: 
...
tests.appsec.iast.sink.test_hardcoded_secrets.Test_HardcodedSecrets_ExtendedLocation.test_extended_location_data[uds-express4] from system_tests_suite (Datadog) (Fix with Cursor) 
AssertionError: No hardcoded vulnerabilities found
assert []

self = <tests.appsec.iast.sink.test_hardcoded_secrets.Test_HardcodedSecrets_ExtendedLocation object at 0x7f4b33be2c30>

    def test_extended_location_data(self):
>       hardcode_secrets = get_hardcoded_vulnerabilities("HARDCODED_SECRET")

tests/appsec/iast/sink/test_hardcoded_secrets.py:92: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
...
View all

ℹ️ Info

🧪 All tests passed

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: f3c8918 | Docs | Datadog PR Page | Was this helpful? Give us feedback!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@CarlesDD @cbeauchesne