npm - @appland/scanner - Versions diffs - 1.38.0 → 1.39.0 - Mend

@appland/scanner 1.38.0 → 1.39.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md +256 -2
package/built/report/findingsReport.js +4 -0
package/built/report/findingsReport.js.map +1 -1
package/built/ruleChecker.js +29 -0
package/built/ruleChecker.js.map +1 -1
package/built/rules/http500.js +1 -3
package/built/rules/http500.js.map +1 -1
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -4,8 +4,6 @@ Code scanning, linting, assertions and alerts.
 Provides consistent ways to filter (include and exclude) the AppMap events and property values.
-# Rule configuration
 ## Event filters
 Two standard event filters are provided that can be used with every rule: `include` and `exclude`.
@@ -63,6 +61,262 @@ The configuration YAML is validated against the rule schema before the scan is r
 the configuration are reported, and must be fixed before the scan can continue. Consult the
 documentation for each rule to see it's pattern filters and other configurable properties.
+## Finding hash
+To enable de-duplication of findings, a hash is calculated for each finding. The hash is the
+`sha256` digest of a canonical content string for the finding. The canonical content string combines
+stable data from the finding, such as the rule id, normalized event, etc. See
+[appmap-js/packages/models/src/event/hash.js](https://github.com/applandinc/appmap-js/blob/959a8c93c9be37d40a8f4a0e7d44ee211730641e/packages/models/src/event/hash.js)
+for details.
+## Findings output file
+### `summary`
+Summarizes key information about the scan, including: number of AppMaps scanned, number of checks
+performed, list of rules utilized, list of labels utilized, number of findings, and an enumeration
+of all the distinct values in AppMap metadata.
+_Example_
+```json
+"summary": {
+  "numAppMaps": 507,
+  "numChecks": 8112,
+  "rules": [
+    "authz-before-authn",
+    ...
+    "update-in-get-request"
+  ],
+  "ruleLabels": [
+    "audit",
+    ...
+    "security.logout"
+  ],
+  "numFindings": 91,
+  "appMapMetadata": {
+    "labels": [],
+    "apps": [
+      "appland/appmap-server"
+    ],
+    "clients": [
+      {
+        "name": "appmap",
+        "url": "https://github.com/applandinc/appmap-ruby",
+        "version": "0.70.2"
+      }
+    ],
+    "frameworks": [
+      {
+        "name": "rails",
+        "version": "6.1.4.1"
+      },
+      {
+        "name": "rspec",
+        "version": "3.10.1"
+      }
+    ],
+    "git": [
+      {
+        "repository": "git@github.com:applandinc/appmap-server.git",
+        "branch": "master",
+        "commit": "3b028018ec1f84e2c351d01d1dac45aeeae887b6"
+      },
+      {
+        "repository": "git@github.com:applandinc/appmap-server.git",
+        "branch": "master",
+        "commit": "3b028018ec1f84e2c351d01d1dac45aeeae887b6",
+        "status": [
+          "D .npmrc",
+          "M appmap.yml",
+          "M package-lock.json",
+          "M package.json"
+        ]
+      }
+    ],
+    "languages": [
+      {
+        "name": "ruby",
+        "engine": "ruby",
+        "version": "3.0.1"
+      }
+    ],
+    "recorders": [
+      {
+        "name": "rspec"
+      }
+    ],
+    "testStatuses": [],
+    "exceptions": []
+  }
+}
+```
+### `configuration`
+Provides the configuration file, as JSON, that was used to configure the scanner.
+_Example_
+```json
+"configuration": {
+  "checks": [
+    {
+      "rule": "authzBeforeAuthn"
+    },
+    {
+      "rule": "circularDependency",
+      "properties": {
+        "ignoredPackages": [
+          {
+            "equal": "app/models/concerns"
+          },
+          {
+            "equal": "app/controllers/concerns"
+          }
+        ]
+      }
+    },
+    {
+      "rule": "http500"
+    }
+  ]
+}
+```
+### `appMapMetadata`
+Contains the metadata for each AppMap that was scanned. `appMapMetadata` is a JSON object, whose
+keys are AppMap file names, and values are AppMap metadata objects. Each metadata object contains
+all the metadata values, _except_ for those values which are the same across all AppMaps. Those
+values can be found in `summary.appMapMetadata`. For example, using the `summary` example given
+above, the `app`, `labels`, `languages`, `recorders`, `testStatuses` and `exceptions` will all be
+omitted from `appMapMetadata`.
+_Example_
+```json
+"appMapMetadata": {
+  "tmp/appmap/rspec/API_APIKeysController_create_a_new_api_key.appmap.json": {
+    "client": {
+      "name": "appmap",
+      "url": "https://github.com/applandinc/appmap-ruby",
+      "version": "0.70.1"
+    },
+    "git": {
+      "repository": "git@github.com:applandinc/appmap-server.git",
+      "branch": "master",
+      "commit": "3b028018ec1f84e2c351d01d1dac45aeeae887b6"
+    },
+    "name": "API::APIKeysController create a new api key",
+    "source_location": "spec/requests/api_api_keys_spec.rb",
+    "test_status": "succeeded",
+    ...
+  }
+}
+```
+### `checks`
+Lists the configured checks that were performed on each AppMap. Each entry is a Check object that
+includes the properties of the check as configured by the `configuration`.
+_Example_
+```json
+"checks": [
+  {
+    "rule": {
+      "id": "authz-before-authn",
+      "title": "Authorization performed before authentication",
+      "labels": [
+        "security.authorization",
+        "security.authentication"
+      ],
+      "scope": "http_server_request",
+      "impactDomain": "Security",
+      "enumerateScope": false,
+      "references": {
+        "CWE-863": "https://cwe.mitre.org/data/definitions/863.html"
+      }
+    },
+    "id": "authz-before-authn",
+    "options": {},
+    "scope": "http_server_request",
+    "includeScope": [],
+    "excludeScope": [],
+    "includeEvent": [],
+    "excludeEvent": []
+  },
+  {
+    "rule": {
+      "id": "circular-dependency",
+      "title": "Circular package dependency",
+      "scope": "command",
+      "impactDomain": "Maintainability",
+      "references": {
+        "CWE-1047": "https://cwe.mitre.org/data/definitions/1047.html"
+      },
+      "enumerateScope": false
+    }
+  }
+]
+```
+### `findings`
+Lists the findings that are reported by this scan. Findings are de-duplicated by comparing their
+`hash` values. Therefore, each unique finding hash is only reported once.
+Note that the `appMapFile` of each finding will be available in the `appMapMetadata` section of the
+findings JSON document. Similarly, details of the `checkId` can be obtained from the `checks`
+section.
+_Example_
+```json
+"findings": [
+  {
+    "appMapFile": "tmp/appmap/rspec/API_ScannerJobsController_create_logged_in_uploads_a_scanner_job_from_a_tarball.appmap.json",
+    "checkId": "slow-function-call",
+    "ruleId": "slow-function-call",
+    "ruleTitle": "Slow function call",
+    "event": {
+      "id": 125,
+      "event": "call",
+      "thread_id": 76340,
+      "defined_class": "Scanner",
+      "method_id": "publish_from_upload",
+      "path": "app/models/scanner.rb",
+      "lineno": 397,
+      "static": true,
+      "receiver": {
+        "class": "Module",
+        "object_id": 1380300,
+        "value": "Scanner"
+      }
+    },
+    "hash": "a2bfc16512fadf8536355610fcaa63b391596dc0f60d7ef7f885a4eb6ec8f7c1",
+    "scope": {
+      "id": 29,
+      "event": "call",
+      "thread_id": 76340,
+      "http_server_request": {
+        "request_method": "POST",
+        "path_info": "/api/scanner_jobs",
+        "normalized_path_info": "/api/scanner_jobs",
+        "headers": {
+          "Host": "www.example.com",
+          "Accept": "text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5",
+          "Authorization": "Bearer YWRtaW46NzM4NzVmOWYtMmQ4Ni00YWIwLTk5OWEtMWUwNjc2NGE5NTUw"
+        }
+      }
+    },
+    "message": "Slow app/models/Scanner.publish_from_upload call (0.538877ms)"
+  }
+]
+```
 ## Development
 We use `yarn` for package management. Run `yarn` to install dependencies and `yarn build` to emit

package/built/report/findingsReport.js CHANGED Viewed

@@ -30,6 +30,10 @@ function default_1(findings, appMapMetadata, ide) {
         writeln("\tAppMap name:\t" + appMapMetadata[finding.appMapFile].name);
         writeln(eventMsg);
         writeln("\tScope:\t" + finding.scope.id + " - " + finding.scope.toString());
+        if (finding.stack.length > 0) {
+            writeln("\tStack trace:");
+            finding.stack.forEach(function (frame) { return console.log("\t\t" + frame); });
+        }
         writeln();
     });
 }

package/built/report/findingsReport.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"findingsReport.js","sourceRoot":"","sources":["../../src/report/findingsReport.ts"],"names":[],"mappings":";;;;;AACA,gDAA0B;AAC1B,0CAA4C;AAG5C,SAAS,OAAO,CAAC,IAAS;IAAT,qBAAA,EAAA,SAAS;IACxB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC3B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;AAC7B,CAAC;AAED,mBACE,QAAmB,EACnB,cAAwC,EACxC,GAAY;IAEZ,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QACzB,OAAO;KACR;IACD,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,QAAQ,CAAC,OAAO,CAAC,UAAC,OAAO;QACvB,IAAM,QAAQ,GACZ,GAAG,IAAI,OAAO,CAAC,UAAU;YACvB,CAAC,CAAC,IAAA,cAAO,EAAC,OAAO,CAAC,UAAU,EAAE,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACpD,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC;QACzB,IAAI,QAAQ,GAAG,eAAa,OAAO,CAAC,KAAK,CAAC,EAAE,WAAM,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAI,CAAC;QAC7E,IAAI,OAAO,CAAC,KAAK,CAAC,WAAW,KAAK,SAAS,EAAE;YAC3C,QAAQ,IAAI,OAAK,OAAO,CAAC,KAAK,CAAC,WAAW,OAAI,CAAC;SAChD;QAED,IAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;QAChC,OAAO,CAAC,eAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;QAChC,OAAO,CAAC,cAAY,eAAK,CAAC,IAAI,CAAC,QAAQ,CAAG,CAAC,CAAC;QAC5C,OAAO,CAAC,cAAY,OAAO,CAAC,MAAQ,CAAC,CAAC;QACtC,OAAO,CAAC,qBAAmB,cAAc,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,IAAM,CAAC,CAAC;QACtE,OAAO,CAAC,QAAQ,CAAC,CAAC;QAClB,OAAO,CAAC,eAAa,OAAO,CAAC,KAAK,CAAC,EAAE,WAAM,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAI,CAAC,CAAC;QACvE,OAAO,EAAE,CAAC;IACZ,CAAC,CAAC,CAAC;AACL,CAAC;~~AA5BD~~,~~4BA4BC~~"}
1	+ {"version":3,"file":"findingsReport.js","sourceRoot":"","sources":["../../src/report/findingsReport.ts"],"names":[],"mappings":";;;;;AACA,gDAA0B;AAC1B,0CAA4C;AAG5C,SAAS,OAAO,CAAC,IAAS;IAAT,qBAAA,EAAA,SAAS;IACxB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC3B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;AAC7B,CAAC;AAED,mBACE,QAAmB,EACnB,cAAwC,EACxC,GAAY;IAEZ,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QACzB,OAAO;KACR;IACD,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,QAAQ,CAAC,OAAO,CAAC,UAAC,OAAO;QACvB,IAAM,QAAQ,GACZ,GAAG,IAAI,OAAO,CAAC,UAAU;YACvB,CAAC,CAAC,IAAA,cAAO,EAAC,OAAO,CAAC,UAAU,EAAE,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACpD,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC;QACzB,IAAI,QAAQ,GAAG,eAAa,OAAO,CAAC,KAAK,CAAC,EAAE,WAAM,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAI,CAAC;QAC7E,IAAI,OAAO,CAAC,KAAK,CAAC,WAAW,KAAK,SAAS,EAAE;YAC3C,QAAQ,IAAI,OAAK,OAAO,CAAC,KAAK,CAAC,WAAW,OAAI,CAAC;SAChD;QAED,IAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;QAChC,OAAO,CAAC,eAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;QAChC,OAAO,CAAC,cAAY,eAAK,CAAC,IAAI,CAAC,QAAQ,CAAG,CAAC,CAAC;QAC5C,OAAO,CAAC,cAAY,OAAO,CAAC,MAAQ,CAAC,CAAC;QACtC,OAAO,CAAC,qBAAmB,cAAc,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,IAAM,CAAC,CAAC;QACtE,OAAO,CAAC,QAAQ,CAAC,CAAC;QAClB,OAAO,CAAC,eAAa,OAAO,CAAC,KAAK,CAAC,EAAE,WAAM,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAI,CAAC,CAAC;QACvE,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;YAC5B,OAAO,CAAC,gBAAgB,CAAC,CAAC;YAC1B,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,UAAC,KAAK,IAAK,OAAA,OAAO,CAAC,GAAG,CAAC,SAAO,KAAO,CAAC,EAA3B,CAA2B,CAAC,CAAC;SAC/D;QACD,OAAO,EAAE,CAAC;IACZ,CAAC,CAAC,CAAC;AACL,CAAC;AAhCD,4BAgCC"}

package/built/ruleChecker.js CHANGED Viewed

@@ -46,6 +46,31 @@ var __values = (this && this.__values) || function(o) {
     };
     throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
 };
+var __read = (this && this.__read) || function (o, n) {
+    var m = typeof Symbol === "function" && o[Symbol.iterator];
+    if (!m) return o;
+    var i = m.call(o), r, ar = [], e;
+    try {
+        while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value);
+    }
+    catch (error) { e = { error: error }; }
+    finally {
+        try {
+            if (r && !r.done && (m = i["return"])) m.call(i);
+        }
+        finally { if (e) throw e.error; }
+    }
+    return ar;
+};
+var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
+    if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {
+        if (ar || !(i in from)) {
+            if (!ar) ar = Array.prototype.slice.call(from, 0, i);
+            ar[i] = from[i];
+        }
+    }
+    return to.concat(ar || Array.prototype.slice.call(from));
+};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -202,6 +227,9 @@ var RuleChecker = /** @class */ (function () {
                             //   at hashEvent (/Users/kgilpin/source/appland/scanner/node_modules/@appland/models/dist/index.cjs:1714:14)
                             //   at Event.get hash [as hash] (/Users/kgilpin/source/appland/scanner/node_modules/@appland/models/dist/index.cjs:3325:27)
                             findingEvent.message || (findingEvent.message = []);
+                            var stack = __spreadArray([
+                                findingEvent.codeObject.location
+                            ], __read(findingEvent.ancestors().map(function (ancestor) { return ancestor.codeObject.location; })), false).filter(Boolean);
                             return {
                                 appMapFile: appMapFile,
                                 checkId: checkInstance.checkId,
@@ -209,6 +237,7 @@ var RuleChecker = /** @class */ (function () {
                                 ruleTitle: checkInstance.title,
                                 event: findingEvent,
                                 hash: findingEvent.hash,
+                                stack: stack,
                                 scope: scope,
                                 message: message || checkInstance.title,
                                 groupMessage: groupMessage,

package/built/ruleChecker.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ruleChecker.js","sourceRoot":"","sources":["../src/ruleChecker.ts"],"names":[],"mappings":"~~;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;~~AAEA,mCAAsC;AAEtC,yCAA2C;AAE3C,gEAA0C;AAC1C,0FAAoE;AACpE,0FAAoE;AACpE,sEAAgD;AAChD,oFAA8D;AAC9D,kEAA4C;AAE5C;IAAA;QACU,WAAM,GAAkC;YAC9C,IAAI,EAAE,IAAI,mBAAS,EAAE;YACrB,OAAO,EAAE,IAAI,sBAAY,EAAE;YAC3B,mBAAmB,EAAE,IAAI,gCAAsB,EAAE;YACjD,mBAAmB,EAAE,IAAI,gCAAsB,EAAE;YACjD,WAAW,EAAE,IAAI,6BAAmB,EAAE;SACvC,CAAC;~~IA+IJ~~,CAAC;~~IA7IO~~,2BAAK,GAAX,UACE,UAAkB,EAClB,MAAc,EACd,KAAY,EACZ,QAAmB;;;;;;;wBAEnB,IAAI,IAAA,cAAO,GAAE,EAAE;4BACb,OAAO,CAAC,IAAI,CAAC,qBAAmB,MAAM,CAAC,IAAI,oBAAe,KAAK,CAAC,KAAO,CAAC,CAAC;yBAC1E;wBACK,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;wBAC/C,IAAI,CAAC,aAAa,EAAE;4BAClB,MAAM,IAAI,mBAAU,CAAC,0BAAuB,KAAK,CAAC,KAAK,OAAG,CAAC,CAAC;yBAC7D;wBAEK,UAAU,GAAG;;;;;wCACR,CAAC,GAAG,CAAC;;;6CAAE,CAAA,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAA;wCACtC,qBAAM,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAA;;wCAAtB,SAAsB,CAAC;;;wCADiB,CAAC,EAAE,CAAA;;;;;yBAG9C,CAAC;;;;wBAEkB,KAAA,SAAA,aAAa,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC,CAAA;;;;wBAA3C,KAAK;wBACd,IAAI,IAAA,cAAO,GAAE,EAAE;4BACb,OAAO,CAAC,IAAI,CAAC,WAAS,KAAK,CAAC,KAAO,CAAC,CAAC;yBACtC;wBACK,aAAa,GAAG,IAAI,uBAAa,CAAC,KAAK,CAAC,CAAC;wBAC/C,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE;4BAC3C,yBAAS;yBACV;6BACG,aAAa,CAAC,cAAc,EAA5B,yBAA4B;;;;wBACV,oBAAA,SAAA,KAAK,CAAC,MAAM,EAAE,CAAA,CAAA;;;;wBAAvB,KAAK;wBACd,qBAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,aAAa,EAAE,QAAQ,CAAC,EAAA;;wBAAtF,SAAsF,CAAC;;;;;;;;;;;;;;;;;6BAGzF,qBAAM,IAAI,CAAC,UAAU,CACnB,KAAK,CAAC,KAAK,EACX,KAAK,CAAC,KAAK,EACX,UAAU,EACV,MAAM,EACN,aAAa,EACb,QAAQ,CACT,EAAA;;wBAPD,SAOC,CAAC;;;;;;;;;;;;;;;;;;;;KAGP;IAEK,gCAAU,GAAhB,UACE,KAAY,EACZ,KAAY,EACZ,UAAkB,EAClB,MAAc,EACd,aAA4B,EAC5B,QAAmB;;;;;;wBAEnB,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE;4BACnB,sBAAO;yBACR;wBACD,IAAI,IAAA,cAAO,GAAE,EAAE;4BACb,OAAO,CAAC,IAAI,CACV,eAAa,aAAa,CAAC,MAAM,YAAO,KAAK,CAAC,UAAU,CAAC,IAAI,eAAU,KAAK,CAAC,QAAQ,EAAI,CAC1F,CAAC;yBACH;wBAED,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE;4BACtB,IAAI,IAAA,cAAO,GAAE,EAAE;gCACb,OAAO,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;6BACvD;4BACD,sBAAO;yBACR;wBAED,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE;4BAC7C,sBAAO;yBACR;wBAEK,YAAY,GAAG,UACnB,UAAyC,EACzC,OAAuC,EACvC,YAA4C,EAC5C,eAA+C,EAC/C,aAA8C;4BAJ9C,2BAAA,EAAA,sBAAyC;4BACzC,wBAAA,EAAA,mBAAuC;4BACvC,6BAAA,EAAA,wBAA4C;4BAC5C,gCAAA,EAAA,2BAA+C;4BAC/C,8BAAA,EAAA,yBAA8C;4BAE9C,IAAM,YAAY,GAAG,UAAU,IAAI,KAAK,CAAC;4BACzC,SAAS;4BACT,yDAAyD;4BACzD,4GAA4G;4BAC5G,6GAA6G;4BAC7G,4HAA4H;4BAC5H,YAAY,CAAC,OAAO,KAApB,YAAY,CAAC,OAAO,GAAK,EAAE,EAAC;4BAC5B,OAAO;gCACL,UAAU,YAAA;gCACV,OAAO,EAAE,aAAa,CAAC,OAAO;gCAC9B,MAAM,EAAE,aAAa,CAAC,MAAM;gCAC5B,SAAS,EAAE,aAAa,CAAC,KAAK;gCAC9B,KAAK,EAAE,YAAY;gCACnB,IAAI,EAAE,YAAY,CAAC,IAAI;gCACvB,KAAK,OAAA;gCACL,OAAO,EAAE,OAAO,IAAI,aAAa,CAAC,KAAK;gCACvC,YAAY,cAAA;gCACZ,eAAe,iBAAA;gCACf,aAAa,eAAA;~~6BACd~~,CAAC;~~wBACJ~~,CAAC,CAAC;wBAEkB,qBAAM,aAAa,CAAC,SAAS,CAAC,OAAO,CACvD,KAAK,EACL,MAAM,EACN,aAAa,CAAC,WAAW,CAAC,IAAI,CAAC,aAAa,CAAC,CAC9C,EAAA;;wBAJK,WAAW,GAAG,SAInB;wBACK,WAAW,GAAG,QAAQ,CAAC,MAAM,CAAC;wBACpC,IAAI,WAAW,KAAK,IAAI,EAAE;4BACpB,OAAO,SAAA,CAAC;4BACZ,IAAI,aAAa,CAAC,SAAS,CAAC,OAAO,EAAE;gCAC7B,OAAO,GAAG,aAAa,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;gCAC9D,OAAO,GAAG,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;6BACxC;iCAAM;gCACL,OAAO,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;6BAC/B;4BACD,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;yBACxB;6BAAM,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE;4BACpC,OAAO,GAAG,YAAY,CAAC,KAAK,EAAE,WAAqB,CAAC,CAAC;4BAC3D,OAAO,CAAC,OAAO,GAAG,WAAqB,CAAC;4BACxC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;yBACxB;6BAAM,IAAI,WAAW,EAAE;4BACtB,WAAW,CAAC,OAAO,CAAC,UAAC,EAAE;gCACrB,IAAM,OAAO,GAAG,YAAY,CAC1B,EAAE,CAAC,KAAK,EACR,EAAE,CAAC,OAAO,EACV,EAAE,CAAC,YAAY,EACf,EAAE,CAAC,eAAe,EAClB,EAAE,CAAC,aAAa,CACjB,CAAC;gCACF,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;4BACzB,CAAC,CAAC,CAAC;yBACJ;wBACD,IAAI,IAAA,cAAO,GAAE,EAAE;4BACb,IAAI,QAAQ,CAAC,MAAM,GAAG,WAAW,EAAE;gCACjC,QAAQ,CAAC,OAAO,CAAC,UAAC,OAAO;oCACvB,OAAA,OAAO,CAAC,GAAG,CAAC,gBAAc,OAAO,CAAC,MAAM,WAAM,OAAO,CAAC,OAAS,CAAC;gCAAhE,CAAgE,CACjE,CAAC;6BACH;yBACF;;;;;KACF;IACH,kBAAC;AAAD,CAAC,~~AAtJD~~,~~IAsJC~~"}
1	+ {"version":3,"file":"ruleChecker.js","sourceRoot":"","sources":["../src/ruleChecker.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,mCAAsC;AAEtC,yCAA2C;AAE3C,gEAA0C;AAC1C,0FAAoE;AACpE,0FAAoE;AACpE,sEAAgD;AAChD,oFAA8D;AAC9D,kEAA4C;AAE5C;IAAA;QACU,WAAM,GAAkC;YAC9C,IAAI,EAAE,IAAI,mBAAS,EAAE;YACrB,OAAO,EAAE,IAAI,sBAAY,EAAE;YAC3B,mBAAmB,EAAE,IAAI,gCAAsB,EAAE;YACjD,mBAAmB,EAAE,IAAI,gCAAsB,EAAE;YACjD,WAAW,EAAE,IAAI,6BAAmB,EAAE;SACvC,CAAC;IAoJJ,CAAC;IAlJO,2BAAK,GAAX,UACE,UAAkB,EAClB,MAAc,EACd,KAAY,EACZ,QAAmB;;;;;;;wBAEnB,IAAI,IAAA,cAAO,GAAE,EAAE;4BACb,OAAO,CAAC,IAAI,CAAC,qBAAmB,MAAM,CAAC,IAAI,oBAAe,KAAK,CAAC,KAAO,CAAC,CAAC;yBAC1E;wBACK,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;wBAC/C,IAAI,CAAC,aAAa,EAAE;4BAClB,MAAM,IAAI,mBAAU,CAAC,0BAAuB,KAAK,CAAC,KAAK,OAAG,CAAC,CAAC;yBAC7D;wBAEK,UAAU,GAAG;;;;;wCACR,CAAC,GAAG,CAAC;;;6CAAE,CAAA,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAA;wCACtC,qBAAM,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAA;;wCAAtB,SAAsB,CAAC;;;wCADiB,CAAC,EAAE,CAAA;;;;;yBAG9C,CAAC;;;;wBAEkB,KAAA,SAAA,aAAa,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC,CAAA;;;;wBAA3C,KAAK;wBACd,IAAI,IAAA,cAAO,GAAE,EAAE;4BACb,OAAO,CAAC,IAAI,CAAC,WAAS,KAAK,CAAC,KAAO,CAAC,CAAC;yBACtC;wBACK,aAAa,GAAG,IAAI,uBAAa,CAAC,KAAK,CAAC,CAAC;wBAC/C,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE;4BAC3C,yBAAS;yBACV;6BACG,aAAa,CAAC,cAAc,EAA5B,yBAA4B;;;;wBACV,oBAAA,SAAA,KAAK,CAAC,MAAM,EAAE,CAAA,CAAA;;;;wBAAvB,KAAK;wBACd,qBAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,aAAa,EAAE,QAAQ,CAAC,EAAA;;wBAAtF,SAAsF,CAAC;;;;;;;;;;;;;;;;;6BAGzF,qBAAM,IAAI,CAAC,UAAU,CACnB,KAAK,CAAC,KAAK,EACX,KAAK,CAAC,KAAK,EACX,UAAU,EACV,MAAM,EACN,aAAa,EACb,QAAQ,CACT,EAAA;;wBAPD,SAOC,CAAC;;;;;;;;;;;;;;;;;;;;KAGP;IAEK,gCAAU,GAAhB,UACE,KAAY,EACZ,KAAY,EACZ,UAAkB,EAClB,MAAc,EACd,aAA4B,EAC5B,QAAmB;;;;;;wBAEnB,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE;4BACnB,sBAAO;yBACR;wBACD,IAAI,IAAA,cAAO,GAAE,EAAE;4BACb,OAAO,CAAC,IAAI,CACV,eAAa,aAAa,CAAC,MAAM,YAAO,KAAK,CAAC,UAAU,CAAC,IAAI,eAAU,KAAK,CAAC,QAAQ,EAAI,CAC1F,CAAC;yBACH;wBAED,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE;4BACtB,IAAI,IAAA,cAAO,GAAE,EAAE;gCACb,OAAO,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;6BACvD;4BACD,sBAAO;yBACR;wBAED,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE;4BAC7C,sBAAO;yBACR;wBAEK,YAAY,GAAG,UACnB,UAAyC,EACzC,OAAuC,EACvC,YAA4C,EAC5C,eAA+C,EAC/C,aAA8C;4BAJ9C,2BAAA,EAAA,sBAAyC;4BACzC,wBAAA,EAAA,mBAAuC;4BACvC,6BAAA,EAAA,wBAA4C;4BAC5C,gCAAA,EAAA,2BAA+C;4BAC/C,8BAAA,EAAA,yBAA8C;4BAE9C,IAAM,YAAY,GAAG,UAAU,IAAI,KAAK,CAAC;4BACzC,SAAS;4BACT,yDAAyD;4BACzD,4GAA4G;4BAC5G,6GAA6G;4BAC7G,4HAA4H;4BAC5H,YAAY,CAAC,OAAO,KAApB,YAAY,CAAC,OAAO,GAAK,EAAE,EAAC;4BAC5B,IAAM,KAAK,GAAa;gCACtB,YAAY,CAAC,UAAU,CAAC,QAAQ;sCAC7B,YAAY,CAAC,SAAS,EAAE,CAAC,GAAG,CAAC,UAAC,QAAQ,IAAK,OAAA,QAAQ,CAAC,UAAU,CAAC,QAAQ,EAA5B,CAA4B,CAAC,UAC3E,MAAM,CAAC,OAAO,CAAC,CAAC;4BAClB,OAAO;gCACL,UAAU,YAAA;gCACV,OAAO,EAAE,aAAa,CAAC,OAAO;gCAC9B,MAAM,EAAE,aAAa,CAAC,MAAM;gCAC5B,SAAS,EAAE,aAAa,CAAC,KAAK;gCAC9B,KAAK,EAAE,YAAY;gCACnB,IAAI,EAAE,YAAY,CAAC,IAAI;gCACvB,KAAK,OAAA;gCACL,KAAK,OAAA;gCACL,OAAO,EAAE,OAAO,IAAI,aAAa,CAAC,KAAK;gCACvC,YAAY,cAAA;gCACZ,eAAe,iBAAA;gCACf,aAAa,eAAA;6BACH,CAAC;wBACf,CAAC,CAAC;wBAEkB,qBAAM,aAAa,CAAC,SAAS,CAAC,OAAO,CACvD,KAAK,EACL,MAAM,EACN,aAAa,CAAC,WAAW,CAAC,IAAI,CAAC,aAAa,CAAC,CAC9C,EAAA;;wBAJK,WAAW,GAAG,SAInB;wBACK,WAAW,GAAG,QAAQ,CAAC,MAAM,CAAC;wBACpC,IAAI,WAAW,KAAK,IAAI,EAAE;4BACpB,OAAO,SAAA,CAAC;4BACZ,IAAI,aAAa,CAAC,SAAS,CAAC,OAAO,EAAE;gCAC7B,OAAO,GAAG,aAAa,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;gCAC9D,OAAO,GAAG,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;6BACxC;iCAAM;gCACL,OAAO,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;6BAC/B;4BACD,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;yBACxB;6BAAM,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE;4BACpC,OAAO,GAAG,YAAY,CAAC,KAAK,EAAE,WAAqB,CAAC,CAAC;4BAC3D,OAAO,CAAC,OAAO,GAAG,WAAqB,CAAC;4BACxC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;yBACxB;6BAAM,IAAI,WAAW,EAAE;4BACtB,WAAW,CAAC,OAAO,CAAC,UAAC,EAAE;gCACrB,IAAM,OAAO,GAAG,YAAY,CAC1B,EAAE,CAAC,KAAK,EACR,EAAE,CAAC,OAAO,EACV,EAAE,CAAC,YAAY,EACf,EAAE,CAAC,eAAe,EAClB,EAAE,CAAC,aAAa,CACjB,CAAC;gCACF,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;4BACzB,CAAC,CAAC,CAAC;yBACJ;wBACD,IAAI,IAAA,cAAO,GAAE,EAAE;4BACb,IAAI,QAAQ,CAAC,MAAM,GAAG,WAAW,EAAE;gCACjC,QAAQ,CAAC,OAAO,CAAC,UAAC,OAAO;oCACvB,OAAA,OAAO,CAAC,GAAG,CAAC,gBAAc,OAAO,CAAC,MAAM,WAAM,OAAO,CAAC,OAAS,CAAC;gCAAhE,CAAgE,CACjE,CAAC;6BACH;yBACF;;;;;KACF;IACH,kBAAC;AAAD,CAAC,AA3JD,IA2JC"}

package/built/rules/http500.js CHANGED Viewed

@@ -3,9 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 var url_1 = require("url");
 function build() {
     return {
-        matcher: function (e) {
-            return e.httpServerResponse.status >= 500 && e.httpServerResponse.status < 600;
-        },
+        matcher: function (e) { return e.httpServerResponse.status === 500; },
         where: function (e) { return !!e.httpServerResponse; },
     };
 }

package/built/rules/http500.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"http500.js","sourceRoot":"","sources":["../../src/rules/http500.ts"],"names":[],"mappings":";;AACA,2BAA0B;AAG1B,SAAS,KAAK;IACZ,OAAO;QACL,OAAO,EAAE,UAAC,CAAQ~~;YAChB~~,OAAA,CAAC,CAAC,kBAAmB,CAAC,MAAM,~~IAAI~~,GAAG,~~IAAI~~,~~CAAC,CAAC,kBAAmB,CAAC,MAAM,GAAG,GAAG~~;~~QAAzE~~,~~CAAyE;QAC3E,~~KAAK,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,CAAC,CAAC,kBAAkB,EAAtB,CAAsB;KAC5C,CAAC;AACJ,CAAC;AAED,kBAAe;IACb,EAAE,EAAE,UAAU;IACd,KAAK,EAAE,sBAAsB;IAC7B,KAAK,EAAE,qBAAqB;IAC5B,cAAc,EAAE,KAAK;IACrB,YAAY,EAAE,WAAW;IACzB,UAAU,EAAE;QACV,SAAS,EAAE,IAAI,SAAG,CAAC,iDAAiD,CAAC;KACtE;IACD,KAAK,OAAA;CACE,CAAC"}
1	+ {"version":3,"file":"http500.js","sourceRoot":"","sources":["../../src/rules/http500.ts"],"names":[],"mappings":";;AACA,2BAA0B;AAG1B,SAAS,KAAK;IACZ,OAAO;QACL,OAAO,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,kBAAmB,CAAC,MAAM,KAAK,GAAG,EAApC,CAAoC;QAC3D,KAAK,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,CAAC,CAAC,kBAAkB,EAAtB,CAAsB;KAC5C,CAAC;AACJ,CAAC;AAED,kBAAe;IACb,EAAE,EAAE,UAAU;IACd,KAAK,EAAE,sBAAsB;IAC7B,KAAK,EAAE,qBAAqB;IAC5B,cAAc,EAAE,KAAK;IACrB,YAAY,EAAE,WAAW;IACzB,UAAU,EAAE;QACV,SAAS,EAAE,IAAI,SAAG,CAAC,iDAAiD,CAAC;KACtE;IACD,KAAK,OAAA;CACE,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@appland/scanner",
-  "version": "1.38.0",
+  "version": "1.39.0",
   "description": "",
   "bin": "built/cli.js",
   "files": [