@appland/scanner 1.33.1

package/built/database/index.js

@@ -0,0 +1,259 @@
+"use strict";
+// License: https://github.com/newrelic/newrelic-ruby-agent/blob/main/LICENSE
+// Apache License 2.0
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (_) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+var __values = (this && this.__values) || function(o) {
+    var s = typeof Symbol === "function" && Symbol.iterator, m = s && o[s], i = 0;
+    if (m) return m.call(o);
+    if (o && typeof o.length === "number") return {
+        next: function () {
+            if (o && i >= o.length) o = void 0;
+            return { value: o && o[i++], done: !o };
+        }
+    };
+    throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.countJoins = exports.sqlStrings = exports.isSelect = exports.sqlNormalized = exports.obfuscate = void 0;
+// TODO: Copied and TypeScript-ified from @appland/models
+var visit_1 = require("./visit");
+var models_1 = require("@appland/models");
+var COMPONENTS_REGEXP_MAP = {
+    single_quotes: /'(?:[^']|'')*?(?:\\'.*|'(?!'))/g,
+    double_quotes: /"(?:[^"]|"")*?(?:\\".*|"(?!"))/g,
+    dollar_quotes: /(\$(?!\d)[^$]*?\$).*?(?:\1|$)/g,
+    uuids: /\{?(?:[0-9a-fA-F]-*){32}\}?/g,
+    numeric_literals: /-?\b(?:[0-9]+\.)?[0-9]+([eE][+-]?[0-9]+)?\b/g,
+    boolean_literals: /\b(?:true|false|null)\b/gi,
+    hexadecimal_literals: /0x[0-9a-fA-F]+/g,
+    comments: /(?:#|--).*?(?=\r|\n|$)/gi,
+    multi_line_comments: /\/\*(?:[^/]|\/[^*])*?(?:\*\/|\/\*.*)/g,
+    oracle_quoted_strings: /q'\[.*?(?:\]'|$)|q'\{.*?(?:\}'|$)|q'<.*?(?:>'|$)|q'\(.*?(?:\)'|$)/g,
+};
+// We use these to check whether the query contains any quote characters
+// after obfuscation. If so, that's a good indication that the original
+// query was malformed, and so our obfuscation can't reliably find
+// literals. In such a case, we'll replace the entire query with a
+// placeholder.
+var CLEANUP_REGEXP = {
+    mysql: /'|"|\/\*|\*\//,
+    mysql2: /'|"|\/\*|\*\//,
+    postgres: /'|\/\*|\*\/|\$(?!\?)/,
+    sqlite: /'|\/\*|\*\//,
+    cassandra: /'|\/\*|\*\//,
+    oracle: /'|\/\*|\*\//,
+    oracle_enhanced: /'|\/\*|\*\//,
+};
+/**
+ * @type {{string: string[]}}
+ */
+var DIALECT_COMPONENTS = {
+    fallback: Object.keys(COMPONENTS_REGEXP_MAP),
+    mysql: [
+        'single_quotes',
+        'double_quotes',
+        'numeric_literals',
+        'boolean_literals',
+        'hexadecimal_literals',
+        'comments',
+        'multi_line_comments',
+    ],
+    postgres: [
+        'single_quotes',
+        'dollar_quotes',
+        'uuids',
+        'numeric_literals',
+        'boolean_literals',
+        'comments',
+        'multi_line_comments',
+    ],
+    sqlite: [
+        'single_quotes',
+        'numeric_literals',
+        'boolean_literals',
+        'hexadecimal_literals',
+        'comments',
+        'multi_line_comments',
+    ],
+    oracle: [
+        'single_quotes',
+        'oracle_quoted_strings',
+        'numeric_literals',
+        'comments',
+        'multi_line_comments',
+    ],
+    cassandra: [
+        'single_quotes',
+        'uuids',
+        'numeric_literals',
+        'boolean_literals',
+        'hexadecimal_literals',
+        'comments',
+        'multi_line_comments',
+    ],
+};
+var PLACEHOLDER = '?';
+/**
+ * @param {string} dialect
+ * @returns {RegExp[]}
+ */
+function generateRegexp(dialect) {
+    var components = DIALECT_COMPONENTS[dialect];
+    // No Regexp.union in JS
+    return components.map(function (component) { return COMPONENTS_REGEXP_MAP[component]; });
+}
+var MYSQL_COMPONENTS_REGEXP = generateRegexp('mysql');
+var POSTGRES_COMPONENTS_REGEXP = generateRegexp('postgres');
+var SQLITE_COMPONENTS_REGEXP = generateRegexp('sqlite');
+var ORACLE_COMPONENTS_REGEXP = generateRegexp('oracle');
+var CASSANDRA_COMPONENTS_REGEXP = generateRegexp('cassandra');
+var FALLBACK_REGEXP = generateRegexp('fallback');
+function detectUnmatchedPairs(obfuscated, adapter) {
+    if (CLEANUP_REGEXP[adapter]) {
+        return CLEANUP_REGEXP[adapter].test(obfuscated);
+    }
+    return CLEANUP_REGEXP.mysql.test(obfuscated);
+}
+var FAILED_TO_OBFUSCATE_MESSAGE = 'Failed to obfuscate SQL query - quote characters remained after obfuscation';
+/**
+ * Replaces literal query parameters with parameter symbols (e.g. '?');
+ *
+ * @param {string} sql
+ * @param {string} adapter
+ * @returns {string}
+ */
+function obfuscate(sql, adapter) {
+    /** @type {RegExp[]} */ var regexp;
+    switch (adapter) {
+        case 'mysql':
+        case 'mysql2':
+            regexp = MYSQL_COMPONENTS_REGEXP;
+            break;
+        case 'postgres':
+            regexp = POSTGRES_COMPONENTS_REGEXP;
+            break;
+        case 'sqlite':
+            regexp = SQLITE_COMPONENTS_REGEXP;
+            break;
+        case 'oracle':
+        case 'oracle_enhanced':
+            regexp = ORACLE_COMPONENTS_REGEXP;
+            break;
+        case 'cassandra':
+            regexp = CASSANDRA_COMPONENTS_REGEXP;
+            break;
+        default:
+            regexp = FALLBACK_REGEXP;
+    }
+    var obfuscated = sql;
+    // eslint-disable-next-line no-return-assign
+    regexp.forEach(function (re) { return (obfuscated = obfuscated.replace(re, PLACEHOLDER)); });
+    if (detectUnmatchedPairs(obfuscated, adapter)) {
+        obfuscated = FAILED_TO_OBFUSCATE_MESSAGE;
+    }
+    return obfuscated;
+}
+exports.obfuscate = obfuscate;
+function sqlNormalized(query) {
+    return obfuscate(query.sql, query.database_type);
+}
+exports.sqlNormalized = sqlNormalized;
+function isSelect(sql) {
+    return (0, models_1.getSqlLabelFromString)(sql) === 'SQL Select';
+}
+exports.isSelect = isSelect;
+function sqlStrings(event, filter) {
+    var _a, _b, e, sql, e_1_1;
+    var e_1, _c;
+    if (filter === void 0) { filter = function () { return true; }; }
+    return __generator(this, function (_d) {
+        switch (_d.label) {
+            case 0:
+                _d.trys.push([0, 5, 6, 7]);
+                _a = __values(new models_1.EventNavigator(event).descendants()), _b = _a.next();
+                _d.label = 1;
+            case 1:
+                if (!!_b.done) return [3 /*break*/, 4];
+                e = _b.value;
+                if (!e.event.sqlQuery) {
+                    return [3 /*break*/, 3];
+                }
+                if (!filter(e.event)) {
+                    return [3 /*break*/, 3];
+                }
+                if (!isSelect(e.event.sqlQuery)) {
+                    return [3 /*break*/, 3];
+                }
+                if (!filter(event)) {
+                    return [3 /*break*/, 3];
+                }
+                sql = sqlNormalized(e.event.sql);
+                return [4 /*yield*/, { event: e.event, sql: sql }];
+            case 2:
+                _d.sent();
+                _d.label = 3;
+            case 3:
+                _b = _a.next();
+                return [3 /*break*/, 1];
+            case 4: return [3 /*break*/, 7];
+            case 5:
+                e_1_1 = _d.sent();
+                e_1 = { error: e_1_1 };
+                return [3 /*break*/, 7];
+            case 6:
+                try {
+                    if (_b && !_b.done && (_c = _a.return)) _c.call(_a);
+                }
+                finally { if (e_1) throw e_1.error; }
+                return [7 /*endfinally*/];
+            case 7: return [2 /*return*/];
+        }
+    });
+}
+exports.sqlStrings = sqlStrings;
+function countJoins(normalizedSql) {
+    try {
+        var ast = (0, models_1.buildQueryAST)(normalizedSql);
+        var joins_1 = 0;
+        if (ast) {
+            (0, visit_1.visit)(ast, {
+                'map.join': function (node) {
+                    joins_1 += node.map.length;
+                },
+            });
+        }
+        return joins_1;
+    }
+    catch (_) {
+        console.warn("Unable to analyze query \"" + normalizedSql + "\"");
+        return 0;
+    }
+}
+exports.countJoins = countJoins;
+//# sourceMappingURL=index.js.map

package/built/database/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/database/index.ts"],"names":[],"mappings":";AAAA,6EAA6E;AAC7E,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAErB,yDAAyD;AAEzD,iCAAgC;AAChC,0CAMyB;AAGzB,IAAM,qBAAqB,GAA2B;IACpD,aAAa,EAAE,iCAAiC;IAChD,aAAa,EAAE,iCAAiC;IAChD,aAAa,EAAE,gCAAgC;IAC/C,KAAK,EAAE,8BAA8B;IACrC,gBAAgB,EAAE,8CAA8C;IAChE,gBAAgB,EAAE,2BAA2B;IAC7C,oBAAoB,EAAE,iBAAiB;IACvC,QAAQ,EAAE,0BAA0B;IACpC,mBAAmB,EAAE,uCAAuC;IAC5D,qBAAqB,EAAE,oEAAoE;CAC5F,CAAC;AAEF,wEAAwE;AACxE,uEAAuE;AACvE,kEAAkE;AAClE,kEAAkE;AAClE,eAAe;AACf,IAAM,cAAc,GAA2B;IAC7C,KAAK,EAAE,eAAe;IACtB,MAAM,EAAE,eAAe;IACvB,QAAQ,EAAE,sBAAsB;IAChC,MAAM,EAAE,aAAa;IACrB,SAAS,EAAE,aAAa;IACxB,MAAM,EAAE,aAAa;IACrB,eAAe,EAAE,aAAa;CAC/B,CAAC;AAEF;;GAEG;AACH,IAAM,kBAAkB,GAA6B;IACnD,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC;IAC5C,KAAK,EAAE;QACL,eAAe;QACf,eAAe;QACf,kBAAkB;QAClB,kBAAkB;QAClB,sBAAsB;QACtB,UAAU;QACV,qBAAqB;KACtB;IACD,QAAQ,EAAE;QACR,eAAe;QACf,eAAe;QACf,OAAO;QACP,kBAAkB;QAClB,kBAAkB;QAClB,UAAU;QACV,qBAAqB;KACtB;IACD,MAAM,EAAE;QACN,eAAe;QACf,kBAAkB;QAClB,kBAAkB;QAClB,sBAAsB;QACtB,UAAU;QACV,qBAAqB;KACtB;IACD,MAAM,EAAE;QACN,eAAe;QACf,uBAAuB;QACvB,kBAAkB;QAClB,UAAU;QACV,qBAAqB;KACtB;IACD,SAAS,EAAE;QACT,eAAe;QACf,OAAO;QACP,kBAAkB;QAClB,kBAAkB;QAClB,sBAAsB;QACtB,UAAU;QACV,qBAAqB;KACtB;CACF,CAAC;AAEF,IAAM,WAAW,GAAG,GAAG,CAAC;AAExB;;;GAGG;AACH,SAAS,cAAc,CAAC,OAAe;IACrC,IAAM,UAAU,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAC/C,wBAAwB;IACxB,OAAO,UAAU,CAAC,GAAG,CAAC,UAAC,SAAS,IAAK,OAAA,qBAAqB,CAAC,SAAS,CAAC,EAAhC,CAAgC,CAAC,CAAC;AACzE,CAAC;AAED,IAAM,uBAAuB,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;AACxD,IAAM,0BAA0B,GAAG,cAAc,CAAC,UAAU,CAAC,CAAC;AAC9D,IAAM,wBAAwB,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;AAC1D,IAAM,wBAAwB,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;AAC1D,IAAM,2BAA2B,GAAG,cAAc,CAAC,WAAW,CAAC,CAAC;AAChE,IAAM,eAAe,GAAG,cAAc,CAAC,UAAU,CAAC,CAAC;AAEnD,SAAS,oBAAoB,CAAC,UAAkB,EAAE,OAAe;IAC/D,IAAI,cAAc,CAAC,OAAO,CAAC,EAAE;QAC3B,OAAO,cAAc,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;KACjD;IACD,OAAO,cAAc,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;AAC/C,CAAC;AAED,IAAM,2BAA2B,GAC/B,6EAA6E,CAAC;AAYhF;;;;;;GAMG;AACH,SAAgB,SAAS,CAAC,GAAW,EAAE,OAAe;IACpD,uBAAuB,CAAC,IAAI,MAAM,CAAC;IACnC,QAAQ,OAAO,EAAE;QACf,KAAK,OAAO,CAAC;QACb,KAAK,QAAQ;YACX,MAAM,GAAG,uBAAuB,CAAC;YACjC,MAAM;QACR,KAAK,UAAU;YACb,MAAM,GAAG,0BAA0B,CAAC;YACpC,MAAM;QACR,KAAK,QAAQ;YACX,MAAM,GAAG,wBAAwB,CAAC;YAClC,MAAM;QACR,KAAK,QAAQ,CAAC;QACd,KAAK,iBAAiB;YACpB,MAAM,GAAG,wBAAwB,CAAC;YAClC,MAAM;QACR,KAAK,WAAW;YACd,MAAM,GAAG,2BAA2B,CAAC;YACrC,MAAM;QACR;YACE,MAAM,GAAG,eAAe,CAAC;KAC5B;IAED,IAAI,UAAU,GAAG,GAAG,CAAC;IACrB,4CAA4C;IAC5C,MAAM,CAAC,OAAO,CAAC,UAAC,EAAE,IAAK,OAAA,CAAC,UAAU,GAAG,UAAU,CAAC,OAAO,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC,EAAlD,CAAkD,CAAC,CAAC;IAC3E,IAAI,oBAAoB,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE;QAC7C,UAAU,GAAG,2BAA2B,CAAC;KAC1C;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AA/BD,8BA+BC;AAED,SAAgB,aAAa,CAAC,KAAe;IAC3C,OAAO,SAAS,CAAC,KAAK,CAAC,GAAG,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC;AACnD,CAAC;AAFD,sCAEC;AAED,SAAgB,QAAQ,CAAC,GAAW;IAClC,OAAO,IAAA,8BAAqB,EAAC,GAAG,CAAC,KAAK,YAAY,CAAC;AACrD,CAAC;AAFD,4BAEC;AAED,SAAiB,UAAU,CAAC,KAAY,EAAE,MAAgC;;;IAAhC,uBAAA,EAAA,uBAA4B,OAAA,IAAI,EAAJ,CAAI;;;;;gBACxD,KAAA,SAAA,IAAI,uBAAc,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,CAAA;;;;gBAA5C,CAAC;gBACV,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE;oBACrB,wBAAS;iBACV;gBACD,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE;oBACpB,wBAAS;iBACV;gBAED,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,QAAS,CAAC,EAAE;oBAChC,wBAAS;iBACV;gBAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE;oBAClB,wBAAS;iBACV;gBAEK,GAAG,GAAG,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,GAAI,CAAC,CAAC;gBAExC,qBAAM,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,GAAG,KAAA,EAAE,EAAA;;gBAA7B,SAA6B,CAAC;;;;;;;;;;;;;;;;;;;CAEjC;AArBD,gCAqBC;AAED,SAAgB,UAAU,CAAC,aAAqB;IAC9C,IAAI;QACF,IAAM,GAAG,GAAG,IAAA,sBAAa,EAAC,aAAa,CAAC,CAAC;QACzC,IAAI,OAAK,GAAG,CAAC,CAAC;QAEd,IAAI,GAAG,EAAE;YACP,IAAA,aAAK,EAAC,GAAG,EAAE;gBACT,UAAU,EAAE,UAAC,IAAI;oBACf,OAAK,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC;gBAC3B,CAAC;aACF,CAAC,CAAC;SACJ;QAED,OAAO,OAAK,CAAC;KACd;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,CAAC,IAAI,CAAC,+BAA4B,aAAa,OAAG,CAAC,CAAC;QAC3D,OAAO,CAAC,CAAC;KACV;AACH,CAAC;AAlBD,gCAkBC"}

package/built/database/visit.js

@@ -0,0 +1,80 @@
+"use strict";
+var __values = (this && this.__values) || function(o) {
+    var s = typeof Symbol === "function" && Symbol.iterator, m = s && o[s], i = 0;
+    if (m) return m.call(o);
+    if (o && typeof o.length === "number") return {
+        next: function () {
+            if (o && i >= o.length) o = void 0;
+            return { value: o && o[i++], done: !o };
+        }
+    };
+    throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
+};
+var __read = (this && this.__read) || function (o, n) {
+    var m = typeof Symbol === "function" && o[Symbol.iterator];
+    if (!m) return o;
+    var i = m.call(o), r, ar = [], e;
+    try {
+        while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value);
+    }
+    catch (error) { e = { error: error }; }
+    finally {
+        try {
+            if (r && !r.done && (m = i["return"])) m.call(i);
+        }
+        finally { if (e) throw e.error; }
+    }
+    return ar;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.visit = void 0;
+function visit(node, callbacks) {
+    var type = node.type, variant = node.variant;
+    var key = [type, variant].filter(Boolean).join('.');
+    if (callbacks !== undefined && key in callbacks)
+        callbacks[key](node, callbacks);
+    visitNode(node, callbacks);
+}
+exports.visit = visit;
+function visitNode(node, callbacks) {
+    var e_1, _a, e_2, _b;
+    try {
+        for (var _c = __values(Object.entries(node)), _d = _c.next(); !_d.done; _d = _c.next()) {
+            var _e = __read(_d.value, 2), key = _e[0], property = _e[1];
+            if (['type', 'variant', 'name', 'value'].includes(key))
+                continue;
+            if (Array.isArray(property)) {
+                try {
+                    for (var property_1 = (e_2 = void 0, __values(property)), property_1_1 = property_1.next(); !property_1_1.done; property_1_1 = property_1.next()) {
+                        var subNode = property_1_1.value;
+                        visit(subNode, callbacks);
+                    }
+                }
+                catch (e_2_1) { e_2 = { error: e_2_1 }; }
+                finally {
+                    try {
+                        if (property_1_1 && !property_1_1.done && (_b = property_1.return)) _b.call(property_1);
+                    }
+                    finally { if (e_2) throw e_2.error; }
+                }
+            }
+            else if (typeof property === 'object') {
+                visit(property, callbacks);
+            }
+            else if (typeof property === 'string' || typeof property === 'boolean') {
+                // pass
+            }
+            else {
+                console.warn("Unrecognized subexpression: " + typeof property + " " + property);
+            }
+        }
+    }
+    catch (e_1_1) { e_1 = { error: e_1_1 }; }
+    finally {
+        try {
+            if (_d && !_d.done && (_a = _c.return)) _a.call(_c);
+        }
+        finally { if (e_1) throw e_1.error; }
+    }
+}
+//# sourceMappingURL=visit.js.map

package/built/database/visit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"visit.js","sourceRoot":"","sources":["../../src/database/visit.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,SAAgB,KAAK,CAAC,IAAS,EAAE,SAAoC;IAC3D,IAAA,IAAI,GAAc,IAAI,KAAlB,EAAE,OAAO,GAAK,IAAI,QAAT,CAAU;IAC/B,IAAM,GAAG,GAAG,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAEtD,IAAI,SAAS,KAAK,SAAS,IAAI,GAAG,IAAI,SAAS;QAAE,SAAS,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;IACjF,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;AAC7B,CAAC;AAND,sBAMC;AAED,SAAS,SAAS,CAAC,IAAS,EAAE,SAAoC;;;QAChE,KAA8B,IAAA,KAAA,SAAA,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA,gBAAA,4BAAE;YAAzC,IAAA,KAAA,mBAAe,EAAd,GAAG,QAAA,EAAE,QAAQ,QAAA;YACvB,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAAE,SAAS;YACjE,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;;oBAC3B,KAAsB,IAAA,4BAAA,SAAA,QAAQ,CAAA,CAAA,kCAAA;wBAAzB,IAAM,OAAO,qBAAA;wBAAc,KAAK,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;qBAAA;;;;;;;;;aAC3D;iBAAM,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE;gBACvC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;aAC5B;iBAAM,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,OAAO,QAAQ,KAAK,SAAS,EAAE;gBACxE,OAAO;aACR;iBAAM;gBACL,OAAO,CAAC,IAAI,CAAC,iCAA+B,OAAO,QAAQ,SAAI,QAAU,CAAC,CAAC;aAC5E;SACF;;;;;;;;;AACH,CAAC"}

package/built/errors.js

@@ -0,0 +1,35 @@
+"use strict";
+var __extends = (this && this.__extends) || (function () {
+    var extendStatics = function (d, b) {
+        extendStatics = Object.setPrototypeOf ||
+            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+            function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };
+        return extendStatics(d, b);
+    };
+    return function (d, b) {
+        if (typeof b !== "function" && b !== null)
+            throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
+        extendStatics(d, b);
+        function __() { this.constructor = d; }
+        d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AbortError = exports.ValidationError = void 0;
+var ValidationError = /** @class */ (function (_super) {
+    __extends(ValidationError, _super);
+    function ValidationError() {
+        return _super !== null && _super.apply(this, arguments) || this;
+    }
+    return ValidationError;
+}(Error));
+exports.ValidationError = ValidationError;
+var AbortError = /** @class */ (function (_super) {
+    __extends(AbortError, _super);
+    function AbortError() {
+        return _super !== null && _super.apply(this, arguments) || this;
+    }
+    return AbortError;
+}(Error));
+exports.AbortError = AbortError;
+//# sourceMappingURL=errors.js.map

package/built/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAAA;IAAqC,mCAAK;IAA1C;;IAA4C,CAAC;IAAD,sBAAC;AAAD,CAAC,AAA7C,CAAqC,KAAK,GAAG;AAAhC,0CAAe;AAC5B;IAAgC,8BAAK;IAArC;;IAAuC,CAAC;IAAD,iBAAC;AAAD,CAAC,AAAxC,CAAgC,KAAK,GAAG;AAA3B,gCAAU"}

package/built/findings.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.newFindings = void 0;
+function newFindings(findings, findingStatuses) {
+    var statusByFindingDigest = findingStatuses.reduce(function (memo, findingStatus) {
+        memo.set(findingStatus.identity_hash, findingStatus.status);
+        return memo;
+    }, new Map());
+    return findings.filter(function (finding) {
+        var status = statusByFindingDigest.get(finding.hash);
+        return !status || status === 'new';
+    });
+}
+exports.newFindings = newFindings;
+//# sourceMappingURL=findings.js.map

package/built/findings.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"findings.js","sourceRoot":"","sources":["../src/findings.ts"],"names":[],"mappings":";;;AAGA,SAAgB,WAAW,CACzB,QAAmB,EACnB,eAAwC;IAExC,IAAM,qBAAqB,GAAG,eAAe,CAAC,MAAM,CAAC,UAAC,IAAI,EAAE,aAAa;QACvE,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,aAAa,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;QAC5D,OAAO,IAAI,CAAC;IACd,CAAC,EAAE,IAAI,GAAG,EAAkB,CAAC,CAAC;IAE9B,OAAO,QAAQ,CAAC,MAAM,CAAC,UAAC,OAAO;QAC7B,IAAM,MAAM,GAAG,qBAAqB,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACvD,OAAO,CAAC,MAAM,IAAI,MAAM,KAAK,KAAK,CAAC;IACrC,CAAC,CAAC,CAAC;AACL,CAAC;AAbD,kCAaC"}

package/built/integration/appland/fetchStatus.js

@@ -0,0 +1,51 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (_) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+var src_1 = require("@appland/client/dist/src");
+function default_1(appId) {
+    return __awaiter(this, void 0, void 0, function () {
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0: return [4 /*yield*/, new src_1.App(appId).listFindingStatus()];
+                case 1: return [2 /*return*/, _a.sent()];
+            }
+        });
+    });
+}
+exports.default = default_1;
+//# sourceMappingURL=fetchStatus.js.map

package/built/integration/appland/fetchStatus.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"fetchStatus.js","sourceRoot":"","sources":["../../../src/integration/appland/fetchStatus.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,gDAAsE;AAEtE,mBAA+B,KAAa;;;;wBACnC,qBAAM,IAAI,SAAG,CAAC,KAAK,CAAC,CAAC,iBAAiB,EAAE,EAAA;wBAA/C,sBAAO,SAAwC,EAAC;;;;CACjD;AAFD,4BAEC"}

package/built/integration/appland/upload.js

@@ -0,0 +1,193 @@
+"use strict";
+var __assign = (this && this.__assign) || function () {
+    __assign = Object.assign || function(t) {
+        for (var s, i = 1, n = arguments.length; i < n; i++) {
+            s = arguments[i];
+            for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
+                t[p] = s[p];
+        }
+        return t;
+    };
+    return __assign.apply(this, arguments);
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (_) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+var __values = (this && this.__values) || function(o) {
+    var s = typeof Symbol === "function" && Symbol.iterator, m = s && o[s], i = 0;
+    if (m) return m.call(o);
+    if (o && typeof o.length === "number") return {
+        next: function () {
+            if (o && i >= o.length) o = void 0;
+            return { value: o && o[i++], done: !o };
+        }
+    };
+    throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
+};
+var __read = (this && this.__read) || function (o, n) {
+    var m = typeof Symbol === "function" && o[Symbol.iterator];
+    if (!m) return o;
+    var i = m.call(o), r, ar = [], e;
+    try {
+        while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value);
+    }
+    catch (error) { e = { error: error }; }
+    finally {
+        try {
+            if (r && !r.done && (m = i["return"])) m.call(i);
+        }
+        finally { if (e) throw e.error; }
+    }
+    return ar;
+};
+var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
+    if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {
+        if (ar || !(i in from)) {
+            if (!ar) ar = Array.prototype.slice.call(from, 0, i);
+            ar[i] = from[i];
+        }
+    }
+    return to.concat(ar || Array.prototype.slice.call(from));
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+var tar_stream_1 = require("tar-stream");
+var fs_1 = require("fs");
+var crypto_1 = require("crypto");
+var form_data_1 = __importDefault(require("form-data"));
+var zlib_1 = require("zlib");
+var models_1 = require("@appland/models");
+var src_1 = require("@appland/client/dist/src");
+var url_1 = require("url");
+function default_1(scanResults, appId) {
+    return __awaiter(this, void 0, void 0, function () {
+        var normalizedFilePaths, findings, findings_1, findings_1_1, finding, hash, clonedFindings, relevantFilePaths, tarStream, relevantFilePaths_1, relevantFilePaths_1_1, filePath, buffer, e_1_1, gzip, form, request;
+        var e_2, _a, e_1, _b;
+        return __generator(this, function (_c) {
+            switch (_c.label) {
+                case 0:
+                    normalizedFilePaths = {};
+                    findings = scanResults.findings;
+                    try {
+                        for (findings_1 = __values(findings), findings_1_1 = findings_1.next(); !findings_1_1.done; findings_1_1 = findings_1.next()) {
+                            finding = findings_1_1.value;
+                            if (!finding.appMapFile) {
+                                continue;
+                            }
+                            hash = (0, crypto_1.createHash)('sha256').update(finding.appMapFile).digest('hex');
+                            normalizedFilePaths[finding.appMapFile] = hash + ".appmap.json";
+                        }
+                    }
+                    catch (e_2_1) { e_2 = { error: e_2_1 }; }
+                    finally {
+                        try {
+                            if (findings_1_1 && !findings_1_1.done && (_a = findings_1.return)) _a.call(findings_1);
+                        }
+                        finally { if (e_2) throw e_2.error; }
+                    }
+                    clonedFindings = findings.map(function (finding) {
+                        var clone = __assign({}, finding);
+                        if (clone.appMapFile) {
+                            clone.appMapFile = normalizedFilePaths[clone.appMapFile];
+                        }
+                        return clone;
+                    });
+                    relevantFilePaths = __spreadArray([], __read(new Set(findings.filter(function (f) { return f.appMapFile; }).map(function (f) { return f.appMapFile; }))), false);
+                    tarStream = (0, tar_stream_1.pack)();
+                    _c.label = 1;
+                case 1:
+                    _c.trys.push([1, 6, 7, 8]);
+                    relevantFilePaths_1 = __values(relevantFilePaths), relevantFilePaths_1_1 = relevantFilePaths_1.next();
+                    _c.label = 2;
+                case 2:
+                    if (!!relevantFilePaths_1_1.done) return [3 /*break*/, 5];
+                    filePath = relevantFilePaths_1_1.value;
+                    return [4 /*yield*/, fs_1.promises.readFile(filePath)];
+                case 3:
+                    buffer = _c.sent();
+                    tarStream.entry({ name: normalizedFilePaths[filePath] }, JSON.stringify((0, models_1.buildAppMap)(buffer.toString()).normalize().build().toJSON()));
+                    _c.label = 4;
+                case 4:
+                    relevantFilePaths_1_1 = relevantFilePaths_1.next();
+                    return [3 /*break*/, 2];
+                case 5: return [3 /*break*/, 8];
+                case 6:
+                    e_1_1 = _c.sent();
+                    e_1 = { error: e_1_1 };
+                    return [3 /*break*/, 8];
+                case 7:
+                    try {
+                        if (relevantFilePaths_1_1 && !relevantFilePaths_1_1.done && (_b = relevantFilePaths_1.return)) _b.call(relevantFilePaths_1);
+                    }
+                    finally { if (e_1) throw e_1.error; }
+                    return [7 /*endfinally*/];
+                case 8:
+                    tarStream.entry({ name: 'app.scanner.json' }, JSON.stringify({ findings: clonedFindings }));
+                    tarStream.finalize();
+                    gzip = (0, zlib_1.createGzip)();
+                    tarStream.pipe(gzip);
+                    form = new form_data_1.default();
+                    form.append('findings_data', gzip, 'findings.tgz');
+                    form.append('app_id', appId);
+                    process.stderr.write("Uploading findings to application '" + appId + "'\n");
+                    return [4 /*yield*/, (0, src_1.buildRequest)('api/scanner_jobs')];
+                case 9:
+                    request = _c.sent();
+                    return [2 /*return*/, new Promise(function (resolve, reject) {
+                            var req = request.requestFunction(request.url, {
+                                method: 'POST',
+                                headers: __assign(__assign({}, request.headers), form.getHeaders()),
+                            }, resolve);
+                            req.on('error', reject);
+                            form.pipe(req);
+                        })
+                            .then(src_1.handleError)
+                            .then(function (response) {
+                            var message = "Uploaded " + scanResults.findings.length + " findings";
+                            if (response.headers.location) {
+                                var uploadURL = new url_1.URL(response.headers.location, request.url.href);
+                                message += " to " + uploadURL;
+                            }
+                            console.log(message);
+                        })];
+            }
+        });
+    });
+}
+exports.default = default_1;
+//# sourceMappingURL=upload.js.map