fix: updated GCP validation to always consider 403 response as valid result by cx-diogo-rocha · Pull Request #383 · Checkmarx/2ms

cx-diogo-rocha · 2026-04-16T13:32:24Z

Closes #

Proposed Changes

We had an issue where GCP API Keys were having inconsistent validation, varying from Valid to Unknown depending on the response body.

After testing the API, we concluded that 403-Forbidden code is only received if the token is valid. It might, however, not be valid to the API we are testing (Youtube API). But it is still valid as a GCP API Key.

Therefore we are treating all 403 codes as Valid, unless an error occurred on parsing the response body (this error behavior was already present)

Checklist

I covered my changes with tests.
I Updated the documentation that is affected by my changes:
- Change in the CLI arguments
- Change in the configuration file

I submit this contribution under the Apache-2.0 license.

…01 is invalid)

github-actions · 2026-04-16T13:32:56Z

KICS version: v1.7.13

	Category	Results
	HIGH	0
	MEDIUM	0
	LOW	0
	INFO	0
	TRACE	0
	TOTAL	0

Metric	Values
Files scanned	16
Files parsed	16
Files failed to scan	0
Total executed queries	53
Queries failed to execute	0
Execution time	1

github-actions · 2026-04-16T13:35:08Z

Checkmarx One – Scan Summary & Details – 4bc088a8-2c5d-4713-a696-195ba7edf0f3

Great job! No new security vulnerabilities introduced in this pull request

…7054-fix-inconsistent-validity-gcp-api-key

Updated gcp validation to always consider 403 as valid result (only 4…

5a6596e

…01 is invalid)

cx-diogo-rocha requested a review from a team as a code owner April 16, 2026 13:32

cx-diogo-rocha added 3 commits April 16, 2026 14:38

Updated images in docker and go version

ea04532

Fix linter issue

d3df370

Merge branch 'master' of https://github.com/Checkmarx/2ms into AST-14…

72529d6

…7054-fix-inconsistent-validity-gcp-api-key

cx-julio-silva approved these changes Apr 17, 2026

View reviewed changes

cx-diogo-rocha merged commit 3e59cdb into master Apr 17, 2026
12 checks passed

cx-diogo-rocha deleted the AST-147054-fix-inconsistent-validity-gcp-api-key branch April 17, 2026 14:48

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix: updated GCP validation to always consider 403 response as valid result#383

fix: updated GCP validation to always consider 403 response as valid result#383
cx-diogo-rocha merged 4 commits intomasterfrom
AST-147054-fix-inconsistent-validity-gcp-api-key

cx-diogo-rocha commented Apr 16, 2026

Uh oh!

github-actions Bot commented Apr 16, 2026

Uh oh!

github-actions Bot commented Apr 16, 2026 •

edited

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

cx-diogo-rocha commented Apr 16, 2026

Uh oh!

github-actions Bot commented Apr 16, 2026

Uh oh!

github-actions Bot commented Apr 16, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Great job! No new security vulnerabilities introduced in this pull request

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

github-actions Bot commented Apr 16, 2026 •

edited

Loading