Unable to update a filter field of a saved filter about sapp HOT 3 CLOSED

@0xedward Thank you! Running Pyre in the breakableflask repo did the trick, so I think there really weren't any issues the first time I did it, my mistake 😅 I've been able to reproduce the rest of the steps until the end so I'll take a look at the files you linked and see what I can do!

from sapp.

Hi Ed - super excited to be working with you and looking forward to helping out with SAPP any way that I can!

I tried out the steps to reproduce the error yesterday, and I'm having some trouble with Step 5, since the SAPP dashboard comes up empty so that I can't select filter options (see screenshot below)

I checked the Common Issues page and noted that the cat taint-output.json | grep "issue" command returned nothing, although the file itself isn't empty and I think some issues were reported when I ran the pyre analyze command. I don't think I had any other problems running the steps, so I'm just wondering if I'm missing something here? Is there perhaps a test repo where I can run the pyre analyze command to ensure issues are reported?

Also, feel free to jump in @m0mosenpai if you have any insight on this :)

from sapp.

Hey @gracewgao, thanks for providing a detailed description of what you've tried so far! 😄

The filter fields in SAPP's web UI fetch the data from the run you have selected to prepopulate a list of options per filter field. From the screenshot, it seems like Run 6 doesn't contain any issues, which is likely why there are no options to pick from for the Codes field.

I checked the Common Issues page and noted that the cat taint-output.json | grep "issue" command returned nothing, although the file itself isn't empty and I think some issues were reported when I ran the pyre analyze command

Ah, your guess at what might be going wrong is in the right direction here! If cat taint-output.json | grep "issue" is returning nothing, SAPP is likely not ingesting any issues, which would result in a Run being empty and no options fetched to prepopulate filter fields. Though this is strange, since you mentioned there were some issues outputted from pyre analyze. Would you be able to provide the taint-output.json file you are using so I can look into this?

Is there perhaps a test repo where I can run the pyre analyze command to ensure issues are reported?

In the meantime, here's some repos I've used for testing while working on SAPP:

• https://github.com/facebook/pyre-check/tree/master/documentation/deliberately_vulnerable_flask_app
  • For deliberately_vulnerable_flask_app, make sure you run setup.sh before running pyre init && pyre analyze
• https://github.com/stephenbradshaw/breakableflask/

Sorry about the setup process being a bit confusing!

from sapp.