Fix forbidden file detection to check all commits#34
Open
markpolyak wants to merge 3 commits intomainfrom
Open
Fix forbidden file detection to check all commits#34markpolyak wants to merge 3 commits intomainfrom
markpolyak wants to merge 3 commits intomainfrom
Conversation
Previously, only the latest commit was checked for forbidden file modifications, allowing students to bypass detection by making changes in earlier commits. Changes: - Add get_all_modified_files() to check all commits in repo - Change forbidden-modifications to forbidden-files config key - Make forbidden file check a warning instead of blocking error - Add yellow cell highlighting and note for violations - Show warning on frontend with list of violated files - Update tests and documentation This allows teachers to see suspicious activity while still grading.
…tion-01T8tfQPGPrUE6jz59yneG4V
This implementation distinguishes between instructor and student commits using GitHub Organization Membership API to prevent false positives when checking forbidden file modifications. Key changes: - Added `is_org_admin()` to check if commit author is org admin - Added `get_commits_with_authors()` to fetch commits with author info - Updated `check_forbidden_files()` to filter by commit author - Instructor commits are excluded from forbidden file checks - Students cannot forge this check (GitHub API protected) This solves the issue where: - Initial template commits would trigger false positives - Instructor bug fixes would trigger false positives - Different fork points for different students - Students could bypass detection by modifying files in early commits Tests: - All 98 unit tests passing - Added tests for instructor commit filtering - Fixed conftest.py to avoid unnecessary main.py imports
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Previously, only the latest commit was checked for forbidden file modifications, allowing students to bypass detection by making changes in earlier commits.
Changes:
This allows teachers to see suspicious activity while still grading.