@appland/scanner 1.40.3 → 1.44.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +63 -39
- package/built/appMapIndex.js +40 -0
- package/built/appMapIndex.js.map +1 -0
- package/built/check.js +3 -3
- package/built/check.js.map +1 -1
- package/built/checkInstance.js +4 -4
- package/built/checkInstance.js.map +1 -1
- package/built/cli/ci/command.js +21 -26
- package/built/cli/ci/command.js.map +1 -1
- package/built/cli/fail.js +13 -0
- package/built/cli/fail.js.map +1 -0
- package/built/cli/merge/command.js +101 -0
- package/built/cli/merge/command.js.map +1 -0
- package/built/cli/merge/options.js +3 -0
- package/built/cli/merge/options.js.map +1 -0
- package/built/cli/reportUploadURL.js +11 -0
- package/built/cli/reportUploadURL.js.map +1 -0
- package/built/cli/scan/command.js +5 -1
- package/built/cli/scan/command.js.map +1 -1
- package/built/cli/scan/scanner.js +2 -2
- package/built/cli/scan/scanner.js.map +1 -1
- package/built/cli/scan.js +4 -2
- package/built/cli/scan.js.map +1 -1
- package/built/cli/updateCommitStatus.js +65 -0
- package/built/cli/updateCommitStatus.js.map +1 -0
- package/built/cli/upload/command.js +10 -5
- package/built/cli/upload/command.js.map +1 -1
- package/built/cli.js +2 -0
- package/built/cli.js.map +1 -1
- package/built/database/index.js +136 -161
- package/built/database/index.js.map +1 -1
- package/built/integration/appland/{fetchStatus.js → app/listFindingStatus.js} +1 -1
- package/built/integration/appland/app/listFindingStatus.js.map +1 -0
- package/built/integration/appland/{appMap.js → appMap/create.js} +43 -48
- package/built/integration/appland/appMap/create.js.map +1 -0
- package/built/integration/appland/location.js +3 -0
- package/built/integration/appland/location.js.map +1 -0
- package/built/integration/appland/{mapset.js → mapset/create.js} +41 -46
- package/built/integration/appland/mapset/create.js.map +1 -0
- package/built/integration/appland/{upload.js → scannerJob/create.js} +27 -19
- package/built/integration/appland/scannerJob/create.js.map +1 -0
- package/built/integration/appland/scannerJob/merge.js +92 -0
- package/built/integration/appland/scannerJob/merge.js.map +1 -0
- package/built/integration/appland/scannerJob.js +3 -0
- package/built/integration/appland/scannerJob.js.map +1 -0
- package/built/report/summaryReport.js +1 -1
- package/built/report/summaryReport.js.map +1 -1
- package/built/ruleChecker.js +12 -11
- package/built/ruleChecker.js.map +1 -1
- package/built/rules/authzBeforeAuthn.js +6 -0
- package/built/rules/authzBeforeAuthn.js.map +1 -1
- package/built/rules/circularDependency.js +4 -0
- package/built/rules/circularDependency.js.map +1 -1
- package/built/rules/deserializationOfUntrustedData.js +8 -0
- package/built/rules/deserializationOfUntrustedData.js.map +1 -1
- package/built/rules/http500.js +7 -0
- package/built/rules/http500.js.map +1 -1
- package/built/rules/illegalPackageDependency.js +7 -0
- package/built/rules/illegalPackageDependency.js.map +1 -1
- package/built/rules/incompatibleHttpClientRequest.js +7 -0
- package/built/rules/incompatibleHttpClientRequest.js.map +1 -1
- package/built/rules/insecureCompare.js +4 -0
- package/built/rules/insecureCompare.js.map +1 -1
- package/built/rules/jobNotCancelled.js +3 -0
- package/built/rules/jobNotCancelled.js.map +1 -1
- package/built/rules/lib/matchEvent.js +3 -4
- package/built/rules/lib/matchEvent.js.map +1 -1
- package/built/rules/lib/parseRuleDescription.js +18 -0
- package/built/rules/lib/parseRuleDescription.js.map +1 -0
- package/built/rules/logoutWithoutSessionReset.js +8 -0
- package/built/rules/logoutWithoutSessionReset.js.map +1 -1
- package/built/rules/missingAuthentication.js +6 -0
- package/built/rules/missingAuthentication.js.map +1 -1
- package/built/rules/missingContentType.js +6 -0
- package/built/rules/missingContentType.js.map +1 -1
- package/built/rules/nPlusOneQuery.js +8 -2
- package/built/rules/nPlusOneQuery.js.map +1 -1
- package/built/rules/queryFromInvalidPackage.js +6 -0
- package/built/rules/queryFromInvalidPackage.js.map +1 -1
- package/built/rules/queryFromView.js +6 -0
- package/built/rules/queryFromView.js.map +1 -1
- package/built/rules/rpcWithoutCircuitBreaker.js +6 -0
- package/built/rules/rpcWithoutCircuitBreaker.js.map +1 -1
- package/built/rules/saveWithoutValidation.js +6 -0
- package/built/rules/saveWithoutValidation.js.map +1 -1
- package/built/rules/secretInLog.js +3 -0
- package/built/rules/secretInLog.js.map +1 -1
- package/built/rules/slowFunctionCall.js +6 -0
- package/built/rules/slowFunctionCall.js.map +1 -1
- package/built/rules/slowHttpServerRequest.js +6 -0
- package/built/rules/slowHttpServerRequest.js.map +1 -1
- package/built/rules/slowQuery.js +6 -0
- package/built/rules/slowQuery.js.map +1 -1
- package/built/rules/tooManyJoins.js +9 -3
- package/built/rules/tooManyJoins.js.map +1 -1
- package/built/rules/tooManyUpdates.js +6 -0
- package/built/rules/tooManyUpdates.js.map +1 -1
- package/built/rules/unbatchedMaterializedQuery.js +9 -4
- package/built/rules/unbatchedMaterializedQuery.js.map +1 -1
- package/built/rules/updateInGetRequest.js +6 -0
- package/built/rules/updateInGetRequest.js.map +1 -1
- package/built/scope/sqlTransactionScope.js +3 -2
- package/built/scope/sqlTransactionScope.js.map +1 -1
- package/built/sqlWarning.js +56 -0
- package/built/sqlWarning.js.map +1 -0
- package/doc/architecture.md +48 -0
- package/doc/labels/audit.md +7 -0
- package/doc/labels/dao.materialize.md +12 -0
- package/doc/labels/deserialize.safe.md +9 -0
- package/doc/labels/deserialize.unsafe.md +12 -0
- package/doc/labels/http.session.clear.md +7 -0
- package/doc/labels/job.cancel.md +11 -0
- package/doc/labels/job.create.md +13 -0
- package/doc/labels/log.md +12 -0
- package/doc/labels/public.md +8 -0
- package/doc/labels/rpc.circuit_breaker.md +16 -0
- package/doc/labels/sanitize.md +29 -0
- package/doc/labels/secret.md +11 -0
- package/doc/labels/security.authentication.md +10 -0
- package/doc/labels/security.authorization.md +9 -0
- package/doc/labels/security.logout.md +9 -0
- package/doc/labels/string.equals.md +18 -0
- package/doc/rules/authzBeforeAuthn.md +47 -0
- package/doc/rules/circularDependency.md +57 -0
- package/doc/rules/deserializationOfUntrustedData.md +55 -0
- package/doc/rules/http500.md +36 -0
- package/doc/rules/illegalPackageDependency.md +50 -0
- package/doc/rules/incompatibleHttpClientRequest.md +35 -0
- package/doc/rules/insecureCompare.md +59 -0
- package/doc/rules/jobNotCancelled.md +49 -0
- package/doc/rules/logoutWithoutSessionReset.md +40 -0
- package/doc/rules/missingAuthentication.md +59 -0
- package/doc/rules/missingContentType.md +33 -0
- package/doc/rules/nPlusOneQuery.md +52 -0
- package/doc/rules/queryFromInvalidPackage.md +45 -0
- package/doc/rules/queryFromView.md +42 -0
- package/doc/rules/rpcWithoutCircuitBreaker.md +44 -0
- package/doc/rules/saveWithoutValidation.md +33 -0
- package/doc/rules/secretInLog.md +49 -0
- package/doc/rules/slowFunctionCall.md +39 -0
- package/doc/rules/slowHttpServerRequest.md +34 -0
- package/doc/rules/slowQuery.md +33 -0
- package/doc/rules/tooManyJoins.md +40 -0
- package/doc/rules/tooManyUpdates.md +46 -0
- package/doc/rules/unbatchedMaterializedQuery.md +54 -0
- package/doc/rules/updateInGetRequest.md +44 -0
- package/package.json +10 -6
- package/built/integration/appland/appMap.js.map +0 -1
- package/built/integration/appland/fetchStatus.js.map +0 -1
- package/built/integration/appland/mapset.js.map +0 -1
- package/built/integration/appland/upload.js.map +0 -1
|
@@ -36,6 +36,7 @@ var path_1 = require("path");
|
|
|
36
36
|
var util_1 = require("./lib/util");
|
|
37
37
|
var matchPattern_1 = require("./lib/matchPattern");
|
|
38
38
|
var url_1 = require("url");
|
|
39
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
39
40
|
var Cycle = /** @class */ (function () {
|
|
40
41
|
function Cycle(packages, events) {
|
|
41
42
|
this.packages = packages;
|
|
@@ -220,6 +221,7 @@ function build(options) {
|
|
|
220
221
|
exports.default = {
|
|
221
222
|
id: 'circular-dependency',
|
|
222
223
|
title: 'Circular package dependency',
|
|
224
|
+
// scope: //*[@command]
|
|
223
225
|
scope: 'command',
|
|
224
226
|
Options: Options,
|
|
225
227
|
impactDomain: 'Maintainability',
|
|
@@ -227,6 +229,8 @@ exports.default = {
|
|
|
227
229
|
'CWE-1047': new url_1.URL('https://cwe.mitre.org/data/definitions/1047.html'),
|
|
228
230
|
},
|
|
229
231
|
enumerateScope: false,
|
|
232
|
+
description: (0, parseRuleDescription_1.default)('circularDependency'),
|
|
233
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#circular-dependency',
|
|
230
234
|
build: build,
|
|
231
235
|
};
|
|
232
236
|
//# sourceMappingURL=circularDependency.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"circularDependency.js","sourceRoot":"","sources":["../../src/rules/circularDependency.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,2FAAqE;AACrE,+FAAyE;AACzE,mFAA6D;AAC7D,kFAAmE;AACnE,6BAAkC;AAElC,mCAAqC;AAErC,mDAAkD;AAClD,2BAA0B;
|
|
1
|
+
{"version":3,"file":"circularDependency.js","sourceRoot":"","sources":["../../src/rules/circularDependency.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,2FAAqE;AACrE,+FAAyE;AACzE,mFAA6D;AAC7D,kFAAmE;AACnE,6BAAkC;AAElC,mCAAqC;AAErC,mDAAkD;AAClD,2BAA0B;AAC1B,oFAA8D;AAI9D;IACE,eAAmB,QAAuB,EAAS,MAAiC;QAAjE,aAAQ,GAAR,QAAQ,CAAe;QAAS,WAAM,GAAN,MAAM,CAA2B;IAAG,CAAC;IAC1F,YAAC;AAAD,CAAC,AAFD,IAEC;AAED,SAAS,aAAa,CAAC,KAAY,EAAE,eAA+B;IAClE,IAAM,SAAS,GAAkB,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC;IAC5D,OAAO,CACL,SAAS,KAAK,EAAE;QAChB,eAAe,CAAC,IAAI,CAAC,UAAC,MAAM,IAAK,OAAA,MAAM,CAAC,SAAS,CAAC,EAAjB,CAAiB,CAAC;QACnD,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ;QAC1B,IAAA,iBAAU,EAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,CAAC,CACtC,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,IAAW,EAAE,eAA+B;IAChE,IAAM,KAAK,GAAG,IAAI,eAAK,CAAC,IAAI,CAAC,CAAC;IAC9B,IAAM,QAAQ,GAAG,IAAI,GAAG,EAA4B,CAAC;IACrD,IAAM,KAAK,GAAG,IAAI,GAAG,EAAU,CAAC;IAChC,IAAM,YAAY,GAAG,IAAI,GAAG,EAAwB,CAAC;IAErD,IAAM,UAAU,GAAG,UAAC,GAAgB,EAAE,KAAY;QAChD,IAAI,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC/B,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,GAAG,IAAI,qBAAW,CAAC,GAAG,CAAC,CAAC;YAC9B,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAC1B,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;SAChC;aAAM;YACL,YAAY,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;SACpC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;IAEF,IAAM,YAAY,GAAG,UACnB,KAAY,EACZ,WAAyB,EACzB,aAAiC;QAEjC,IAAI,SAAS,GAAuB,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC;QAC/D,IAAI,aAAa,CAAC,KAAK,EAAE,eAAe,CAAC,EAAE;YACzC,SAAS,GAAG,IAAI,CAAC;SAClB;QAED,IAAI,SAAS,EAAE;YACb,IAAM,MAAM,GAAG,UAAU,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;YAC5C,IAAI,aAAa,IAAI,aAAa,KAAK,SAAS,EAAE;gBAChD,IAAM,IAAI,GAAG,IAAI,mBAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,aAAa,CAAE,EAAE,MAAM,CAAC,CAAC;gBACjE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE;oBAC7B,IAAI,IAAA,cAAO,GAAE,EAAE;wBACb,OAAO,CAAC,IAAI,CAAC,eAAa,aAAa,SAAI,WAAW,YAAO,SAAS,SAAI,KAAO,CAAC,CAAC;qBACpF;oBACD,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;oBACzB,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;iBACrB;aACF;YACD,aAAa,GAAG,SAAS,CAAC;SAC3B;QACD,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAC,KAAK,IAAK,OAAA,YAAY,CAAC,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,EAAzC,CAAyC,CAAC,CAAC;IAC/E,CAAC,CAAC;IAEF,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,KAAK,EAAE,EAAE;QACpC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;KAC7C;IACD,YAAY,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAE/B,OAAO,IAAA,sBAAmB,EAAC,KAAK,CAAC,CAAC,GAAG,CAAC,UAAC,KAAK;QAC1C,OAAO,IAAI,KAAK,CACd,KAAK,CAAC,GAAG,CAAC,UAAC,MAAM,IAAK,OAAA,MAAM,CAAC,MAAM,EAAE,EAAf,CAAe,CAAC,EACtC,YAAY,CACb,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,IAAM,cAAc,GAAG,UAAC,KAAY,EAAE,eAA+B;IACnE,IAAM,aAAa,GAAG,UACpB,KAAY,EACZ,WAAoB,EACpB,SAAwB,EACxB,cAAkB,EAClB,IAAkB;QADlB,+BAAA,EAAA,kBAAkB;QAClB,qBAAA,EAAA,SAAkB;QAElB,IAAI,WAAW,EAAE;YACf,IAAI,IAAA,cAAO,GAAE,EAAE;gBACb,OAAO,CAAC,IAAI,CAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,cAAS,KAAO,CAAC,CAAC;aACzE;YACD,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;SAClB;aAAM;YACL,IAAI,IAAA,cAAO,GAAE,EAAE;gBACb,OAAO,CAAC,IAAI,CAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAa,KAAO,CAAC,CAAC;aAC7E;SACF;QAED,IAAI,cAAc,KAAK,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE;YAC3C,IAAI,IAAA,cAAO,GAAE,EAAE;gBACb,OAAO,CAAC,IAAI,CAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAW,IAAM,CAAC,CAAC;aAC1E;YACD,gCAAW,IAAI,UAAE;SAClB;QAED,IAAM,SAAS,GAAG,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC;QAE7C,IAAI,IAAA,cAAO,GAAE,EAAE;YACb,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAC,KAAK,IAAK,OAAA,KAAK,CAAC,UAAU,CAAC,IAAI,EAArB,CAAqB,CAAC,CAAC,CAAC;SACpE;QAED,+CAA+C;QAC/C,IAAI,MAAM,GAAG,KAAK,CAAC,QAAQ;aACxB,MAAM,CACL,UAAC,KAAK,IAAK,OAAA,KAAK,CAAC,UAAU,CAAC,SAAS,KAAK,SAAS,IAAI,aAAa,CAAC,KAAK,EAAE,eAAe,CAAC,EAAjF,CAAiF,CAC7F;aACA,GAAG,CAAC,UAAC,KAAK,IAAK,OAAA,aAAa,CAAC,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,cAAc,EAAE,IAAI,CAAC,EAA5D,CAA4D,CAAC;aAC5E,MAAM,CAAC,OAAO,CAAC,CAAC;QAEnB,qDAAqD;QACrD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE;YACvB,MAAM,GAAG,KAAK,CAAC,QAAQ;iBACpB,MAAM,CACL,UAAC,KAAK;gBACJ,OAAA,KAAK,CAAC,UAAU,CAAC,SAAS,KAAK,SAAS;oBACxC,CAAC,aAAa,CAAC,KAAK,EAAE,eAAe,CAAC;oBACtC,SAAS,CAAC,cAAc,GAAG,CAAC,CAAC,KAAK,KAAK,CAAC,UAAU,CAAC,SAAS;YAF5D,CAE4D,CAC/D;iBACA,GAAG,CAAC,UAAC,KAAK,IAAK,OAAA,aAAa,CAAC,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,cAAc,GAAG,CAAC,EAAE,IAAI,CAAC,EAA/D,CAA+D,CAAC;iBAC/E,MAAM,CAAC,UAAC,IAAI,IAAK,OAAA,IAAI,EAAJ,CAAI,CAAC,CAAC;SAC3B;QAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE;YACrB,OAAO,MAAM,CAAC,CAAC,CAAC,CAAC;SAClB;aAAM;YACL,IAAI,WAAW,EAAE;gBACf,IAAI,IAAA,cAAO,GAAE,EAAE;oBACb,OAAO,CAAC,IAAI,CACP,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;yBACtB,IAAI,CAAC,EAAE,CAAC;yBACR,IAAI,CAAC,IAAI,CAAC,QAAK,CACnB,CAAC;iBACH;gBACD,IAAI,CAAC,GAAG,EAAE,CAAC;aACZ;iBAAM;gBACL,IAAI,IAAA,cAAO,GAAE,EAAE;oBACb,OAAO,CAAC,IAAI,CACP,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;yBACtB,IAAI,CAAC,EAAE,CAAC;yBACR,IAAI,CAAC,IAAI,CAAC,eAAY,CAC1B,CAAC;iBACH;aACF;YACD,OAAO,IAAI,CAAC;SACb;IACH,CAAC,CAAC;IAEF,sFAAsF;IACtF,iCAAiC;IACjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QAC9C,IAAM,WAAW,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QACtC,IAAM,WAAW,GAAG,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAE,CAAC;QACnD,IAAM,SAAS,GAAG,EAAE,CAAC;QACrB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YAC9C,SAAS,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;SAChE;QACD,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC5B,IAAI,IAAA,cAAO,GAAE,EAAE;YACb,OAAO,CAAC,IAAI,CAAC,wCAAsC,SAAW,CAAC,CAAC;SACjE;QACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YAC3C,IAAM,UAAU,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;YAClC,IAAM,IAAI,GAAG,aAAa,CAAC,UAAU,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;YACxD,IAAI,IAAI,EAAE;gBACR,OAAO,IAAI,CAAC;aACb;SACF;KACF;IACD,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF;IAAA;QACS,oBAAe,GAAyB,EAAE,CAAC;QAC3C,UAAK,GAAG,CAAC,CAAC;IACnB,CAAC;IAAD,cAAC;AAAD,CAAC,AAHD,IAGC;AAED,SAAS,KAAK,CAAC,OAAgB;IAC7B,IAAM,eAAe,GAAG,IAAA,2BAAY,EAAC,OAAO,CAAC,eAAe,CAAC,CAAC;IAE9D,SAAS,OAAO,CAAC,KAAY;QAC3B,OAAO,YAAY,CAAC,KAAK,EAAE,eAAe,CAAC;aACxC,MAAM,CAAC,UAAC,KAAK,IAAK,OAAA,KAAK,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,CAAC,KAAK,EAA1C,CAA0C,CAAC;aAC7D,GAAG,CAAC,UAAC,KAAK,IAAK,OAAA,cAAc,CAAC,KAAK,EAAE,eAAe,CAAC,EAAtC,CAAsC,CAAC;aACtD,MAAM,CAAC,UAAC,IAAI,IAAK,OAAA,IAAI,EAAJ,CAAI,CAAC;aACtB,GAAG,CAAC,UAAC,IAAI;YACR,OAAO;gBACL,KAAK,EAAE,IAAK,CAAC,CAAC,CAAC;gBACf,OAAO,EAAE;oBACP,mCAAmC;oBACnC,IAAK,CAAC,GAAG,CAAC,UAAC,KAAK,IAAK,OAAA,KAAK,CAAC,UAAU,CAAC,SAAS,EAA1B,CAA0B,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC;iBAC9D,CAAC,IAAI,CAAC,IAAI,CAAC;gBACZ,aAAa,EAAE,IAAK;aACN,CAAC;QACnB,CAAC,CAAC,CAAC;IACP,CAAC;IAED,OAAO;QACL,OAAO,SAAA;KACR,CAAC;AACJ,CAAC;AAED,kBAAe;IACb,EAAE,EAAE,qBAAqB;IACzB,KAAK,EAAE,6BAA6B;IACpC,uBAAuB;IACvB,KAAK,EAAE,SAAS;IAChB,OAAO,SAAA;IACP,YAAY,EAAE,iBAAiB;IAC/B,UAAU,EAAE;QACV,UAAU,EAAE,IAAI,SAAG,CAAC,kDAAkD,CAAC;KACxE;IACD,cAAc,EAAE,KAAK;IACrB,WAAW,EAAE,IAAA,8BAAoB,EAAC,oBAAoB,CAAC;IACvD,GAAG,EAAE,4EAA4E;IACjF,KAAK,OAAA;CACE,CAAC"}
|
|
@@ -37,9 +37,13 @@ var __values = (this && this.__values) || function(o) {
|
|
|
37
37
|
};
|
|
38
38
|
throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
|
|
39
39
|
};
|
|
40
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
41
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
42
|
+
};
|
|
40
43
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
41
44
|
var models_1 = require("@appland/models");
|
|
42
45
|
var url_1 = require("url");
|
|
46
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
43
47
|
function sanitizesData(event, objectId, label) {
|
|
44
48
|
return (event.labels.has(label) &&
|
|
45
49
|
!!event.returnValue &&
|
|
@@ -112,6 +116,7 @@ function build() {
|
|
|
112
116
|
try {
|
|
113
117
|
for (var _b = __values(new models_1.EventNavigator(rootEvent).descendants()), _c = _b.next(); !_c.done; _c = _b.next()) {
|
|
114
118
|
var event = _c.value;
|
|
119
|
+
// events: //*[@authorization && truthy?(returnValue) && not(preceding::*[@authentication]) && not(descendant::*[@authentication])]
|
|
115
120
|
if (event.event.labels.has(DeserializeUnsafe) &&
|
|
116
121
|
!event.event.ancestors().find(function (ancestor) { return ancestor.labels.has(DeserializeSafe); })) {
|
|
117
122
|
if (allArgumentsSanitized(rootEvent, event.event)) {
|
|
@@ -150,10 +155,13 @@ exports.default = {
|
|
|
150
155
|
labels: [DeserializeUnsafe, DeserializeSafe, Sanitize],
|
|
151
156
|
impactDomain: 'Security',
|
|
152
157
|
enumerateScope: false,
|
|
158
|
+
// scope: //*[@command]
|
|
153
159
|
references: {
|
|
154
160
|
'CWE-502': new url_1.URL('https://cwe.mitre.org/data/definitions/502.html'),
|
|
155
161
|
'Ruby Security': new url_1.URL('https://docs.ruby-lang.org/en/3.0/doc/security_rdoc.html'),
|
|
156
162
|
},
|
|
163
|
+
description: (0, parseRuleDescription_1.default)('deserializationOfUntrustedData'),
|
|
164
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#deserialization-of-untrusted-data',
|
|
157
165
|
build: build,
|
|
158
166
|
};
|
|
159
167
|
//# sourceMappingURL=deserializationOfUntrustedData.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"deserializationOfUntrustedData.js","sourceRoot":"","sources":["../../src/rules/deserializationOfUntrustedData.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"deserializationOfUntrustedData.js","sourceRoot":"","sources":["../../src/rules/deserializationOfUntrustedData.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,0CAAwD;AAExD,2BAA0B;AAC1B,oFAA8D;AAE9D,SAAS,aAAa,CAAC,KAAY,EAAE,QAAgB,EAAE,KAAa;IAClE,OAAO,CACL,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC;QACvB,CAAC,CAAC,KAAK,CAAC,WAAW;QACnB,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,SAAS;QAC7B,KAAK,CAAC,WAAW,CAAC,SAAS,KAAK,QAAQ,CACzC,CAAC;AACJ,CAAC;AAED,SAAU,eAAe,CAAC,SAAgB,EAAE,MAAa;;;;;;;gBACnC,KAAA,SAAA,IAAI,uBAAc,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAA;;;;gBAApD,KAAK;gBACd,IAAI,KAAK,CAAC,KAAK,KAAK,MAAM,EAAE;oBAC1B,wBAAM;iBACP;gBACD,qBAAM,KAAK,EAAA;;gBAAX,SAAW,CAAC;;;;;;;;;;;;;;;;;;;CAEf;AAED,SAAS,qBAAqB,CAAC,SAAgB,EAAE,KAAY;IAC3D,OAAO,CAAC,KAAK,CAAC,UAAU,IAAI,EAAE,CAAC;SAC5B,MAAM,CAAC,UAAC,SAAS,IAAK,OAAA,SAAS,CAAC,SAAS,EAAnB,CAAmB,CAAC;SAC1C,KAAK,CAAC,UAAC,SAAS;;;YACf,KAAwB,IAAA,KAAA,SAAA,eAAe,CAAC,SAAS,EAAE,KAAK,CAAC,CAAA,gBAAA,4BAAE;gBAAtD,IAAM,SAAS,WAAA;gBAClB,IAAI,aAAa,CAAC,SAAS,CAAC,KAAK,EAAE,SAAS,CAAC,SAAU,EAAE,QAAQ,CAAC,EAAE;oBAClE,OAAO,IAAI,CAAC;iBACb;aACF;;;;;;;;;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC,CAAC;AACP,CAAC;AAED,SAAS,KAAK;IACZ,SAAS,OAAO,CAAC,SAAgB;;;YAC/B,KAAoB,IAAA,KAAA,SAAA,IAAI,uBAAc,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAA,gBAAA,4BAAE;gBAA5D,IAAM,KAAK,WAAA;gBACd,mIAAmI;gBACnI,IACE,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC;oBACzC,CAAC,KAAK,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,UAAC,QAAQ,IAAK,OAAA,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,EAApC,CAAoC,CAAC,EACjF;oBACA,IAAI,qBAAqB,CAAC,SAAS,EAAE,KAAK,CAAC,KAAK,CAAC,EAAE;wBACjD,OAAO;qBACR;yBAAM;wBACL,OAAO;4BACL;gCACE,KAAK,EAAE,OAAO;gCACd,KAAK,EAAE,KAAK,CAAC,KAAK;gCAClB,OAAO,EAAK,KAAK,CAAC,KAAK,iCAA8B;6BACtD;yBACF,CAAC;qBACH;iBACF;aACF;;;;;;;;;IACH,CAAC;IAED,OAAO;QACL,OAAO,SAAA;KACR,CAAC;AACJ,CAAC;AAED,IAAM,iBAAiB,GAAG,oBAAoB,CAAC;AAC/C,IAAM,eAAe,GAAG,kBAAkB,CAAC;AAC3C,IAAM,QAAQ,GAAG,UAAU,CAAC;AAE5B,kBAAe;IACb,EAAE,EAAE,mCAAmC;IACvC,KAAK,EAAE,mCAAmC;IAC1C,MAAM,EAAE,CAAC,iBAAiB,EAAE,eAAe,EAAE,QAAQ,CAAC;IACtD,YAAY,EAAE,UAAU;IACxB,cAAc,EAAE,KAAK;IACrB,uBAAuB;IACvB,UAAU,EAAE;QACV,SAAS,EAAE,IAAI,SAAG,CAAC,iDAAiD,CAAC;QACrE,eAAe,EAAE,IAAI,SAAG,CAAC,0DAA0D,CAAC;KACrF;IACD,WAAW,EAAE,IAAA,8BAAoB,EAAC,gCAAgC,CAAC;IACnE,GAAG,EAAE,0FAA0F;IAC/F,KAAK,OAAA;CACE,CAAC"}
|
package/built/rules/http500.js
CHANGED
|
@@ -1,6 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
2
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
6
|
var url_1 = require("url");
|
|
7
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
4
8
|
function build() {
|
|
5
9
|
return {
|
|
6
10
|
matcher: function (e) { return e.httpServerResponse.status === 500; },
|
|
@@ -13,9 +17,12 @@ exports.default = {
|
|
|
13
17
|
scope: 'http_server_request',
|
|
14
18
|
enumerateScope: false,
|
|
15
19
|
impactDomain: 'Stability',
|
|
20
|
+
// scope: //http_server_request
|
|
16
21
|
references: {
|
|
17
22
|
'CWE-392': new url_1.URL('https://cwe.mitre.org/data/definitions/392.html'),
|
|
18
23
|
},
|
|
24
|
+
description: (0, parseRuleDescription_1.default)('http500'),
|
|
25
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#http-500',
|
|
19
26
|
build: build,
|
|
20
27
|
};
|
|
21
28
|
//# sourceMappingURL=http500.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"http500.js","sourceRoot":"","sources":["../../src/rules/http500.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"http500.js","sourceRoot":"","sources":["../../src/rules/http500.ts"],"names":[],"mappings":";;;;;AACA,2BAA0B;AAE1B,oFAA8D;AAE9D,SAAS,KAAK;IACZ,OAAO;QACL,OAAO,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,kBAAmB,CAAC,MAAM,KAAK,GAAG,EAApC,CAAoC;QAC3D,KAAK,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,CAAC,CAAC,kBAAkB,EAAtB,CAAsB;KAC5C,CAAC;AACJ,CAAC;AAED,kBAAe;IACb,EAAE,EAAE,UAAU;IACd,KAAK,EAAE,sBAAsB;IAC7B,KAAK,EAAE,qBAAqB;IAC5B,cAAc,EAAE,KAAK;IACrB,YAAY,EAAE,WAAW;IACzB,+BAA+B;IAC/B,UAAU,EAAE;QACV,SAAS,EAAE,IAAI,SAAG,CAAC,iDAAiD,CAAC;KACtE;IACD,WAAW,EAAE,IAAA,8BAAoB,EAAC,SAAS,CAAC;IAC5C,GAAG,EAAE,iEAAiE;IACtE,KAAK,OAAA;CACE,CAAC"}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
2
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
6
|
var matchPattern_1 = require("./lib/matchPattern");
|
|
4
7
|
var url_1 = require("url");
|
|
8
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
5
9
|
var Options = /** @class */ (function () {
|
|
6
10
|
function Options() {
|
|
7
11
|
this.callerPackages = [];
|
|
@@ -31,6 +35,7 @@ function build(options) {
|
|
|
31
35
|
exports.default = {
|
|
32
36
|
id: 'illegal-package-dependency',
|
|
33
37
|
title: 'Illegal use of code by a non-whitelisted package',
|
|
38
|
+
// scope: //*[@command]
|
|
34
39
|
scope: 'command',
|
|
35
40
|
enumerateScope: true,
|
|
36
41
|
impactDomain: 'Maintainability',
|
|
@@ -38,6 +43,8 @@ exports.default = {
|
|
|
38
43
|
'CWE-1120': new url_1.URL('https://cwe.mitre.org/data/definitions/1120.html'),
|
|
39
44
|
'CWE-1154': new url_1.URL('https://cwe.mitre.org/data/definitions/1154.html'),
|
|
40
45
|
},
|
|
46
|
+
description: (0, parseRuleDescription_1.default)('illegalPackageDependency'),
|
|
47
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#illegal-package-dependency',
|
|
41
48
|
Options: Options,
|
|
42
49
|
build: build,
|
|
43
50
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"illegalPackageDependency.js","sourceRoot":"","sources":["../../src/rules/illegalPackageDependency.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"illegalPackageDependency.js","sourceRoot":"","sources":["../../src/rules/illegalPackageDependency.ts"],"names":[],"mappings":";;;;;AAIA,mDAA+D;AAC/D,2BAA0B;AAC1B,oFAA8D;AAE9D;IAAA;QACS,mBAAc,GAAyB,EAAE,CAAC;QAC1C,kBAAa,GAAuB,EAAwB,CAAC;IACtE,CAAC;IAAD,cAAC;AAAD,CAAC,AAHD,IAGC;AAED,SAAS,KAAK,CAAC,OAAgB;IAC7B,IAAM,cAAc,GAAG,IAAA,2BAAY,EAAC,OAAO,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC;IAClE,IAAM,aAAa,GAAG,IAAA,0BAAW,EAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IAEzD,SAAS,KAAK,CAAC,CAAQ;QACrB,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAO,CAAC,UAAU,CAAC,SAAS,IAAI,aAAa,CAAC,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IACjG,CAAC;IAED,SAAS,OAAO,CAAC,CAAQ;QACvB,IAAM,eAAe,GAAG,OAAO,CAAC,cAAc;aAC3C,GAAG,CAAC,UAAC,MAAM,IAAK,OAAA,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,KAAK,EAA9C,CAA8C,CAAC;aAC/D,GAAG,CAAC,MAAM,CAAC;aACX,IAAI,CAAC,MAAM,CAAC,CAAC;QAEhB,IAAM,aAAa,GAAG,CAAC,CAAC,MAAO,CAAC,UAAU,CAAC,SAAS,CAAC;QACrD,IACE,CAAC,CACC,CAAC,CAAC,UAAU,CAAC,SAAS,KAAK,aAAa;YACxC,cAAc,CAAC,IAAI,CAAC,UAAC,OAAO,IAAK,OAAA,OAAO,CAAC,aAAa,CAAC,EAAtB,CAAsB,CAAC,CACzD,EACD;YACA,OAAO,iBAAe,CAAC,CAAC,UAAU,CAAC,EAAE,0BAAqB,aAAa,mBAAc,eAAiB,CAAC;SACxG;IACH,CAAC;IAED,OAAO,EAAE,KAAK,OAAA,EAAE,OAAO,SAAA,EAAE,CAAC;AAC5B,CAAC;AAED,kBAAe;IACb,EAAE,EAAE,4BAA4B;IAChC,KAAK,EAAE,kDAAkD;IACzD,uBAAuB;IACvB,KAAK,EAAE,SAAS;IAChB,cAAc,EAAE,IAAI;IACpB,YAAY,EAAE,iBAAiB;IAC/B,UAAU,EAAE;QACV,UAAU,EAAE,IAAI,SAAG,CAAC,kDAAkD,CAAC;QACvE,UAAU,EAAE,IAAI,SAAG,CAAC,kDAAkD,CAAC;KACxE;IACD,WAAW,EAAE,IAAA,8BAAoB,EAAC,0BAA0B,CAAC;IAC7D,GAAG,EAAE,mFAAmF;IACxF,OAAO,SAAA;IACP,KAAK,OAAA;CACE,CAAC"}
|
|
@@ -35,8 +35,12 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
35
35
|
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
36
36
|
}
|
|
37
37
|
};
|
|
38
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
39
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
40
|
+
};
|
|
38
41
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
39
42
|
var openapi_1 = require("../openapi");
|
|
43
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
40
44
|
var Options = /** @class */ (function () {
|
|
41
45
|
function Options() {
|
|
42
46
|
this.schemata = {};
|
|
@@ -88,9 +92,12 @@ function build(options) {
|
|
|
88
92
|
exports.default = {
|
|
89
93
|
id: 'incompatible-http-client-request',
|
|
90
94
|
title: 'Incompatible HTTP client request',
|
|
95
|
+
// scope: //http_client_request
|
|
91
96
|
scope: 'http_client_request',
|
|
92
97
|
enumerateScope: false,
|
|
93
98
|
impactDomain: 'Stability',
|
|
99
|
+
description: (0, parseRuleDescription_1.default)('incompatibleHttpClientRequest'),
|
|
100
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#incompatible-http-client-request',
|
|
94
101
|
Options: Options,
|
|
95
102
|
build: build,
|
|
96
103
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"incompatibleHttpClientRequest.js","sourceRoot":"","sources":["../../src/rules/incompatibleHttpClientRequest.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"incompatibleHttpClientRequest.js","sourceRoot":"","sources":["../../src/rules/incompatibleHttpClientRequest.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,sCAAuE;AAKvE,oFAA8D;AAE9D;IAAA;QACS,aAAQ,GAA2B,EAAE,CAAC;IAC/C,CAAC;IAAD,cAAC;AAAD,CAAC,AAFD,IAEC;AAED,IAAM,aAAa,GAAG,UAAC,MAA0C;IAC/D,OAAO,8EACL,MAAM,CAAC,MAAM,SACX,MAAM,CAAC,uBAAuB;SAC/B,MAAM,CAAC,MAAM,CAAC,4BAA4B,CAAC;SAC3C,GAAG,CAAC,UAAC,MAAM,IAAK,OAAA,MAAM,CAAC,QAAQ,EAAf,CAAe,CAAC;SAChC,IAAI,CAAC,IAAI,CAAG,CAAC;AAClB,CAAC,CAAC;AAEF,SAAS,KAAK,CAAC,OAAgB;IAC7B,SAAe,OAAO,CAAC,KAAY;;;;;;wBAC3B,cAAc,GAAG,IAAA,0BAAgB,EAAC,KAAK,CAAC,CAAC;wBAC1B,qBAAM,IAAA,gBAAM,EAAC,KAAK,CAAC,iBAAkB,CAAC,GAAI,EAAE,OAAO,CAAC,QAAQ,CAAC,EAAA;;wBAA5E,YAAY,GAAG,SAA6D;wBAC5E,YAAY,GAAG;4BACnB,OAAO,EAAE,OAAO;4BAChB,IAAI,EAAE;gCACJ,KAAK,EAAE,oCAAoC;gCAC3C,OAAO,EAAE,YAAY,CAAC,IAAI,CAAC,OAAO,EAAE,2CAA2C;6BAChF;4BACD,KAAK,EAAE,cAAe,CAAC,KAAK;4BAC5B,UAAU,EAAE,EAAE,eAAe,EAAE,cAAe,CAAC,eAAe,EAAE;yBAC3C,CAAC;wBACR,qBAAM,IAAA,yBAAe,EAAC,YAAY,EAAE,YAAY,CAAC,EAAA;;wBAA3D,OAAO,GAAG,SAAiD;wBACjE,sBAAO,OAAO,CAAC,GAAG,CAAC,UAAC,MAA0C,IAAK,OAAA,CAAC;gCAClE,KAAK,EAAE,OAAO;gCACd,OAAO,EAAE,aAAa,CAAC,MAAM,CAAC;6BAC/B,CAAC,EAHiE,CAGjE,CAAC,EAAC;;;;KACL;IAED,OAAO;QACL,OAAO,SAAA;QACP,KAAK,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,CAAC,CAAC,iBAAiB,IAAI,CAAC,CAAC,CAAC,CAAC,iBAAkB,CAAC,GAAG,EAAnD,CAAmD;KACzE,CAAC;AACJ,CAAC;AAED,kBAAe;IACb,EAAE,EAAE,kCAAkC;IACtC,KAAK,EAAE,kCAAkC;IACzC,+BAA+B;IAC/B,KAAK,EAAE,qBAAqB;IAC5B,cAAc,EAAE,KAAK;IACrB,YAAY,EAAE,WAAW;IACzB,WAAW,EAAE,IAAA,8BAAoB,EAAC,+BAA+B,CAAC;IAClE,GAAG,EAAE,yFAAyF;IAC9F,OAAO,SAAA;IACP,KAAK,OAAA;CACE,CAAC"}
|
|
@@ -6,6 +6,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
6
6
|
var url_1 = require("url");
|
|
7
7
|
var recordSecrets_1 = __importDefault(require("../analyzer/recordSecrets"));
|
|
8
8
|
var secretsRegexes_1 = require("../analyzer/secretsRegexes");
|
|
9
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
9
10
|
var BCRYPT_REGEXP = /^[$]2[abxy]?[$](?:0[4-9]|[12][0-9]|3[01])[$][./0-9a-zA-Z]{53}$/;
|
|
10
11
|
var secrets = new Set();
|
|
11
12
|
function stringEquals(e) {
|
|
@@ -45,11 +46,14 @@ exports.default = {
|
|
|
45
46
|
id: 'insecure-compare',
|
|
46
47
|
title: 'Insecure comparison of secrets',
|
|
47
48
|
labels: [Secret, StringEquals],
|
|
49
|
+
// scope: //*[@command]
|
|
48
50
|
enumerateScope: true,
|
|
49
51
|
impactDomain: 'Security',
|
|
50
52
|
references: {
|
|
51
53
|
'CWE-208': new url_1.URL('https://cwe.mitre.org/data/definitions/208.html'),
|
|
52
54
|
},
|
|
55
|
+
description: (0, parseRuleDescription_1.default)('insecureCompare'),
|
|
56
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#insecure-compare',
|
|
53
57
|
build: build,
|
|
54
58
|
};
|
|
55
59
|
//# sourceMappingURL=insecureCompare.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"insecureCompare.js","sourceRoot":"","sources":["../../src/rules/insecureCompare.ts"],"names":[],"mappings":";;;;;AACA,2BAA0B;AAC1B,4EAAsD;AACtD,6DAAyD;
|
|
1
|
+
{"version":3,"file":"insecureCompare.js","sourceRoot":"","sources":["../../src/rules/insecureCompare.ts"],"names":[],"mappings":";;;;;AACA,2BAA0B;AAC1B,4EAAsD;AACtD,6DAAyD;AAEzD,oFAA8D;AAE9D,IAAM,aAAa,GAAG,gEAAgE,CAAC;AAEvF,IAAM,OAAO,GAAgB,IAAI,GAAG,EAAE,CAAC;AAEvC,SAAS,YAAY,CAAC,CAAQ;IAC5B,IAAI,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,UAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QAC9D,OAAO,KAAK,CAAC;KACd;IAED,IAAM,IAAI,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IAEvD,SAAS,QAAQ,CAAC,GAAW;QAC3B,OAAO,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACjC,CAAC;IAED,SAAS,QAAQ,CAAC,GAAW;QAC3B,OAAO,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,IAAA,4BAAW,EAAC,GAAG,CAAC,CAAC;IAC9C,CAAC;IAED,sDAAsD;IACtD,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,KAAK;IACZ,SAAS,OAAO,CAAC,CAAQ;QACvB,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE;YACnC,IAAA,uBAAa,EAAC,OAAO,EAAE,CAAC,CAAC,CAAC;SAC3B;QACD,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE;YACzC,OAAO,YAAY,CAAC,CAAC,CAAC,CAAC;SACxB;IACH,CAAC;IAED,SAAS,KAAK,CAAC,CAAQ;QACrB,OAAO,CACL,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAC3F,CAAC;IACJ,CAAC;IAED,OAAO;QACL,OAAO,SAAA;QACP,KAAK,OAAA;KACN,CAAC;AACJ,CAAC;AAED,IAAM,MAAM,GAAG,QAAQ,CAAC;AACxB,IAAM,YAAY,GAAG,eAAe,CAAC;AAErC,kBAAe;IACb,EAAE,EAAE,kBAAkB;IACtB,KAAK,EAAE,gCAAgC;IACvC,MAAM,EAAE,CAAC,MAAM,EAAE,YAAY,CAAC;IAC9B,uBAAuB;IACvB,cAAc,EAAE,IAAI;IACpB,YAAY,EAAE,UAAU;IACxB,UAAU,EAAE;QACV,SAAS,EAAE,IAAI,SAAG,CAAC,iDAAiD,CAAC;KACtE;IACD,WAAW,EAAE,IAAA,8BAAoB,EAAC,iBAAiB,CAAC;IACpD,GAAG,EAAE,yEAAyE;IAC9E,KAAK,OAAA;CACE,CAAC"}
|
|
@@ -31,6 +31,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
31
31
|
var wellKnownLabels_1 = __importDefault(require("../wellKnownLabels"));
|
|
32
32
|
var sqlTransactionScope_1 = require("../scope/sqlTransactionScope");
|
|
33
33
|
var url_1 = require("url");
|
|
34
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
34
35
|
function build() {
|
|
35
36
|
function matcher(event) {
|
|
36
37
|
if (!(0, sqlTransactionScope_1.hasTransactionDetails)(event))
|
|
@@ -72,6 +73,8 @@ exports.default = {
|
|
|
72
73
|
references: {
|
|
73
74
|
'CWE-672': new url_1.URL('https://cwe.mitre.org/data/definitions/672.html'),
|
|
74
75
|
},
|
|
76
|
+
description: (0, parseRuleDescription_1.default)('jobNotCancelled'),
|
|
77
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#job-not-cancelled',
|
|
75
78
|
build: build,
|
|
76
79
|
};
|
|
77
80
|
//# sourceMappingURL=jobNotCancelled.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jobNotCancelled.js","sourceRoot":"","sources":["../../src/rules/jobNotCancelled.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,uEAAwC;AACxC,oEAAqE;AACrE,2BAA0B;
|
|
1
|
+
{"version":3,"file":"jobNotCancelled.js","sourceRoot":"","sources":["../../src/rules/jobNotCancelled.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,uEAAwC;AACxC,oEAAqE;AACrE,2BAA0B;AAC1B,oFAA8D;AAE9D,SAAS,KAAK;IACZ,SAAS,OAAO,CAAC,KAAY;QAC3B,IAAI,CAAC,IAAA,2CAAqB,EAAC,KAAK,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,oBAAkB,KAAK,CAAC,EAAE,yBAAsB,CAAC,CAAC;QACpE,IAAI,KAAK,CAAC,WAAW,CAAC,MAAM,KAAK,QAAQ;YAAE,OAAO;QAElD,IAAM,cAAc,GAAG,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,UAAC,EAAU;gBAAR,MAAM,YAAA;YAC9D,OAAA,MAAM,CAAC,GAAG,CAAC,yBAAM,CAAC,SAAS,CAAC;QAA5B,CAA4B,CAC7B,CAAC;QACF,IAAM,kBAAkB,GAAG,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,UAAC,EAAU;gBAAR,MAAM,YAAA;YAClE,OAAA,MAAM,CAAC,GAAG,CAAC,yBAAM,CAAC,SAAS,CAAC;QAA5B,CAA4B,CAC7B,CAAC;QACF,IAAM,OAAO,GAAG,cAAc,CAAC,MAAM,GAAG,kBAAkB,CAAC,MAAM,CAAC;QAClE,IAAI,OAAO,KAAK,CAAC;YAAE,OAAO;QAE1B,IAAM,MAAM,GAAgB;YAC1B,KAAK,EAAE,OAAO;YACd,KAAK,EAAE,KAAK;YACZ,OAAO,EAAK,OAAO,oEAAiE;YACpF,kEAAkE;YAClE,4DAA4D;YAC5D,aAAa,yCAAM,cAAc,kBAAK,kBAAkB,SAAC;SAC1D,CAAC;QAEF,OAAO,CAAC,MAAM,CAAC,CAAC;IAClB,CAAC;IAED,OAAO;QACL,OAAO,SAAA;KACR,CAAC;AACJ,CAAC;AAED,kBAAe;IACb,EAAE,EAAE,mBAAmB;IACvB,KAAK,EAAE,4DAA4D;IACnE,KAAK,EAAE,aAAa;IACpB,cAAc,EAAE,KAAK;IACrB,MAAM,EAAE,CAAC,yBAAM,CAAC,SAAS,EAAE,yBAAM,CAAC,SAAS,CAAC;IAC5C,YAAY,EAAE,WAAW;IACzB,UAAU,EAAE;QACV,SAAS,EAAE,IAAI,SAAG,CAAC,iDAAiD,CAAC;KACtE;IACD,WAAW,EAAE,IAAA,8BAAoB,EAAC,iBAAiB,CAAC;IACpD,GAAG,EAAE,0EAA0E;IAC/E,KAAK,OAAA;CACE,CAAC"}
|
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.buildFilters = exports.buildFilter = void 0;
|
|
4
|
-
var database_1 = require("../../database");
|
|
5
4
|
var matchPattern_1 = require("./matchPattern");
|
|
6
5
|
function buildFilter(pattern) {
|
|
7
6
|
var testFn = (0, matchPattern_1.buildFilter)(pattern.test);
|
|
@@ -9,15 +8,15 @@ function buildFilter(pattern) {
|
|
|
9
8
|
id: function (e) { return e.codeObject.id; },
|
|
10
9
|
type: function (e) { return e.codeObject.type; },
|
|
11
10
|
fqid: function (e) { return e.codeObject.fqid; },
|
|
12
|
-
query: function (e) { return (e.sql ?
|
|
11
|
+
query: function (e, appMapIndex) { return (e.sql ? appMapIndex.sqlNormalized(e) : null); },
|
|
13
12
|
route: function (e) { return e.route; },
|
|
14
13
|
};
|
|
15
|
-
return function (event) {
|
|
14
|
+
return function (event, appMapIndex) {
|
|
16
15
|
var fn = propertyFn[pattern.property];
|
|
17
16
|
if (!fn) {
|
|
18
17
|
throw new Error("Unrecognized Event filter property: " + pattern.property);
|
|
19
18
|
}
|
|
20
|
-
var value = fn(event);
|
|
19
|
+
var value = fn(event, appMapIndex);
|
|
21
20
|
if (!value) {
|
|
22
21
|
return false;
|
|
23
22
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"matchEvent.js","sourceRoot":"","sources":["../../../src/rules/lib/matchEvent.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"matchEvent.js","sourceRoot":"","sources":["../../../src/rules/lib/matchEvent.ts"],"names":[],"mappings":";;;AAGA,+CAAkE;AAElE,SAAgB,WAAW,CAAC,OAAyB;IACnD,IAAM,MAAM,GAAG,IAAA,0BAAiB,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAE/C,IAAM,UAAU,GAAG;QACjB,EAAE,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,UAAU,CAAC,EAAE,EAAf,CAAe;QACjC,IAAI,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,UAAU,CAAC,IAAI,EAAjB,CAAiB;QACrC,IAAI,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,UAAU,CAAC,IAAI,EAAjB,CAAiB;QACrC,KAAK,EAAE,UAAC,CAAQ,EAAE,WAAwB,IAAK,OAAA,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,EAA7C,CAA6C;QAC5F,KAAK,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,KAAK,EAAP,CAAO;KAC7B,CAAC;IAEF,OAAO,UAAC,KAAY,EAAE,WAAwB;QAC5C,IAAM,EAAE,GAAG,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACxC,IAAI,CAAC,EAAE,EAAE;YACP,MAAM,IAAI,KAAK,CAAC,yCAAuC,OAAO,CAAC,QAAU,CAAC,CAAC;SAC5E;QACD,IAAM,KAAK,GAAG,EAAE,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;QACrC,IAAI,CAAC,KAAK,EAAE;YACV,OAAO,KAAK,CAAC;SACd;QAED,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC,CAAC;AACJ,CAAC;AAvBD,kCAuBC;AAED,SAAgB,YAAY,CAAC,QAA4B;IACvD,OAAO,QAAQ,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;AACnC,CAAC;AAFD,oCAEC"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
var fs_1 = __importDefault(require("fs"));
|
|
7
|
+
var errors_1 = require("../../errors");
|
|
8
|
+
var path_1 = require("path");
|
|
9
|
+
function parseRuleDescription(id) {
|
|
10
|
+
var content = fs_1.default.readFileSync((0, path_1.join)(__dirname, "../../../doc/rules/" + id + ".md"), 'utf-8');
|
|
11
|
+
var propertiesContent = content.match(/---\n((?:.*\n)+)---\n((?:.*\n)+?)###/);
|
|
12
|
+
if (!propertiesContent) {
|
|
13
|
+
throw new errors_1.ValidationError("Unable to read description for rule \"" + id + "\".");
|
|
14
|
+
}
|
|
15
|
+
return propertiesContent[2].replace(/\n/g, ' ').trim();
|
|
16
|
+
}
|
|
17
|
+
exports.default = parseRuleDescription;
|
|
18
|
+
//# sourceMappingURL=parseRuleDescription.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parseRuleDescription.js","sourceRoot":"","sources":["../../../src/rules/lib/parseRuleDescription.ts"],"names":[],"mappings":";;;;;AAAA,0CAAoB;AACpB,uCAA+C;AAC/C,6BAA4B;AAE5B,SAAwB,oBAAoB,CAAC,EAAU;IACrD,IAAM,OAAO,GAAG,YAAE,CAAC,YAAY,CAAC,IAAA,WAAI,EAAC,SAAS,EAAE,wBAAsB,EAAE,QAAK,CAAC,EAAE,OAAO,CAAC,CAAC;IACzF,IAAM,iBAAiB,GAAG,OAAO,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAEhF,IAAI,CAAC,iBAAiB,EAAE;QACtB,MAAM,IAAI,wBAAe,CAAC,2CAAwC,EAAE,QAAI,CAAC,CAAC;KAC3E;IAED,OAAO,iBAAiB,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;AACzD,CAAC;AATD,uCASC"}
|
|
@@ -10,9 +10,13 @@ var __values = (this && this.__values) || function(o) {
|
|
|
10
10
|
};
|
|
11
11
|
throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
|
|
12
12
|
};
|
|
13
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
14
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
15
|
+
};
|
|
13
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
14
17
|
var models_1 = require("@appland/models");
|
|
15
18
|
var url_1 = require("url");
|
|
19
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
16
20
|
function containsSessionClear(events) {
|
|
17
21
|
var e_1, _a;
|
|
18
22
|
try {
|
|
@@ -38,7 +42,9 @@ function build() {
|
|
|
38
42
|
try {
|
|
39
43
|
for (var _b = __values(new models_1.EventNavigator(rootEvent).descendants()), _c = _b.next(); !_c.done; _c = _b.next()) {
|
|
40
44
|
var event = _c.value;
|
|
45
|
+
// .//*[@security.logout]
|
|
41
46
|
if (event.event.labels.has(SecurityLogout)) {
|
|
47
|
+
// .//*[@http.session.clear]
|
|
42
48
|
if (containsSessionClear(event.descendants())) {
|
|
43
49
|
return;
|
|
44
50
|
}
|
|
@@ -80,6 +86,8 @@ exports.default = {
|
|
|
80
86
|
'OWASP - Session fixation': new url_1.URL('https://owasp.org/www-community/attacks/Session_fixation'),
|
|
81
87
|
'Ruby on Rails - Session fixation countermeasures': new url_1.URL('https://guides.rubyonrails.org/security.html#session-fixation-countermeasures'),
|
|
82
88
|
},
|
|
89
|
+
description: (0, parseRuleDescription_1.default)('logoutWithoutSessionReset'),
|
|
90
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#logout-without-session-reset',
|
|
83
91
|
build: build,
|
|
84
92
|
};
|
|
85
93
|
//# sourceMappingURL=logoutWithoutSessionReset.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logoutWithoutSessionReset.js","sourceRoot":"","sources":["../../src/rules/logoutWithoutSessionReset.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"logoutWithoutSessionReset.js","sourceRoot":"","sources":["../../src/rules/logoutWithoutSessionReset.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,0CAAwD;AAExD,2BAA0B;AAC1B,oFAA8D;AAE9D,SAAS,oBAAoB,CAAC,MAAiC;;;QAC7D,KAAmB,IAAA,WAAA,SAAA,MAAM,CAAA,8BAAA,kDAAE;YAAtB,IAAM,IAAI,mBAAA;YACb,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,EAAE;gBAC3C,OAAO,IAAI,CAAC;aACb;SACF;;;;;;;;;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,KAAK;IACZ,SAAS,OAAO,CAAC,SAAgB;;;YAC/B,KAAoB,IAAA,KAAA,SAAA,IAAI,uBAAc,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAA,gBAAA,4BAAE;gBAA5D,IAAM,KAAK,WAAA;gBACd,yBAAyB;gBACzB,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE;oBAC1C,4BAA4B;oBAC5B,IAAI,oBAAoB,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,EAAE;wBAC7C,OAAO;qBACR;yBAAM;wBACL,OAAO;4BACL;gCACE,KAAK,EAAE,OAAO;gCACd,KAAK,EAAE,KAAK,CAAC,KAAK;gCAClB,OAAO,EAAK,KAAK,CAAC,KAAK,4DAAyD;6BACjF;yBACF,CAAC;qBACH;iBACF;aACF;;;;;;;;;IACH,CAAC;IAED,OAAO;QACL,OAAO,SAAA;KACR,CAAC;AACJ,CAAC;AAED,IAAM,cAAc,GAAG,iBAAiB,CAAC;AACzC,IAAM,gBAAgB,GAAG,oBAAoB,CAAC;AAE9C,kBAAe;IACb,EAAE,EAAE,8BAA8B;IAClC,KAAK,EAAE,8BAA8B;IACrC,KAAK,EAAE,qBAAqB;IAC5B,MAAM,EAAE,CAAC,gBAAgB,EAAE,cAAc,CAAC;IAC1C,YAAY,EAAE,UAAU;IACxB,cAAc,EAAE,KAAK;IACrB,UAAU,EAAE;QACV,SAAS,EAAE,IAAI,SAAG,CAAC,iDAAiD,CAAC;QACrE,0BAA0B,EAAE,IAAI,SAAG,CAAC,0DAA0D,CAAC;QAC/F,kDAAkD,EAAE,IAAI,SAAG,CACzD,+EAA+E,CAChF;KACF;IACD,WAAW,EAAE,IAAA,8BAAoB,EAAC,2BAA2B,CAAC;IAC9D,GAAG,EAAE,qFAAqF;IAC1F,KAAK,OAAA;CACE,CAAC"}
|
|
@@ -1,10 +1,14 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
2
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
6
|
var models_1 = require("@appland/models");
|
|
4
7
|
var rpcRequest_1 = require("../openapi/rpcRequest");
|
|
5
8
|
var util_1 = require("./lib/util");
|
|
6
9
|
var matchPattern_1 = require("./lib/matchPattern");
|
|
7
10
|
var url_1 = require("url");
|
|
11
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
8
12
|
function isPublic(event) {
|
|
9
13
|
return event.labels.has(Public);
|
|
10
14
|
}
|
|
@@ -64,6 +68,8 @@ exports.default = {
|
|
|
64
68
|
references: {
|
|
65
69
|
'CWE-306': new url_1.URL('https://cwe.mitre.org/data/definitions/306.html'),
|
|
66
70
|
},
|
|
71
|
+
description: (0, parseRuleDescription_1.default)('missingAuthentication'),
|
|
72
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#missing-authentication',
|
|
67
73
|
Options: Options,
|
|
68
74
|
build: build,
|
|
69
75
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"missingAuthentication.js","sourceRoot":"","sources":["../../src/rules/missingAuthentication.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"missingAuthentication.js","sourceRoot":"","sources":["../../src/rules/missingAuthentication.ts"],"names":[],"mappings":";;;;;AAAA,0CAAwD;AACxD,oDAA2D;AAG3D,mCAAoD;AAEpD,mDAAkD;AAClD,2BAA0B;AAC1B,oFAA8D;AAE9D,SAAS,QAAQ,CAAC,KAAY;IAC5B,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AAClC,CAAC;AAED,IAAM,eAAe,GAAG,UAAC,QAAkC;IACzD,IAAI,CAAC,GAAmC,QAAQ,CAAC,IAAI,EAAE,CAAC;IACxD,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE;QACd,IAAI,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,IAAA,6BAAsB,EAAC,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,sBAAsB,CAAC,EAAE;YAC5F,OAAO,IAAI,CAAC;SACb;QACD,CAAC,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;KACrB;IAED,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAEF;IAAA;QACS,wBAAmB,GAAyB,EAAE,CAAC;QAC/C,wBAAmB,GAAyB,EAAE,CAAC;IACxD,CAAC;IAAD,cAAC;AAAD,CAAC,AAHD,IAGC;AAED,SAAS,KAAK,CAAC,OAAgC;IAAhC,wBAAA,EAAA,cAAuB,OAAO,EAAE;IAC7C,IAAM,mBAAmB,GAAG,IAAA,2BAAY,EAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;IACtE,IAAM,mBAAmB,GAAG,IAAA,2BAAY,EAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAEtE,SAAS,eAAe,CAAC,WAAmB;QAC1C,SAAS,IAAI,CAAC,MAAoB;YAChC,OAAO,MAAM,CAAC,WAAW,CAAC,CAAC;QAC7B,CAAC;QAED,OAAO,CACL,CAAC,mBAAmB,CAAC,MAAM,KAAK,CAAC,IAAI,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACpE,CAAC,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,CAChC,CAAC;IACJ,CAAC;IAED,SAAS,OAAO,CAAC,KAAY;QAC3B,OAAO,CAAC,eAAe,CAAC,IAAI,uBAAc,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;IACnE,CAAC;IAED,SAAS,KAAK,CAAC,CAAQ;QACrB,OAAO,CACL,CAAC,CAAC,KAAK,KAAK,SAAS;YACrB,CAAC,CAAC,kBAAkB,KAAK,SAAS;YAClC,CAAC,CAAC,kBAAkB,CAAC,MAAM,GAAG,GAAG;YACjC,CAAC,CAAC,IAAA,+BAAkB,EAAC,CAAC,CAAC;YACvB,CAAC,CAAC,IAAA,+BAAkB,EAAC,CAAC,CAAE,CAAC,WAAW;YACpC,eAAe,CAAC,IAAA,+BAAkB,EAAC,CAAC,CAAE,CAAC,WAAW,CAAC,CACpD,CAAC;IACJ,CAAC;IACD,OAAO;QACL,KAAK,OAAA;QACL,OAAO,SAAA;KACR,CAAC;AACJ,CAAC;AACD,IAAM,MAAM,GAAG,QAAQ,CAAC;AACxB,IAAM,sBAAsB,GAAG,yBAAyB,CAAC;AAEzD,kBAAe;IACb,EAAE,EAAE,wBAAwB;IAC5B,KAAK,EAAE,qCAAqC;IAC5C,KAAK,EAAE,qBAAqB;IAC5B,MAAM,EAAE,CAAC,MAAM,EAAE,sBAAsB,CAAC;IACxC,YAAY,EAAE,UAAU;IACxB,cAAc,EAAE,KAAK;IACrB,UAAU,EAAE;QACV,SAAS,EAAE,IAAI,SAAG,CAAC,iDAAiD,CAAC;KACtE;IACD,WAAW,EAAE,IAAA,8BAAoB,EAAC,uBAAuB,CAAC;IAC1D,GAAG,EAAE,+EAA+E;IACpF,OAAO,SAAA;IACP,KAAK,OAAA;CACE,CAAC"}
|
|
@@ -1,6 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
2
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
6
|
var rpcRequest_1 = require("../openapi/rpcRequest");
|
|
7
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
4
8
|
var isRedirect = function (status) { return [301, 302, 303, 307, 308].includes(status); };
|
|
5
9
|
var hasContent = function (status) { return status !== 204; };
|
|
6
10
|
function build() {
|
|
@@ -23,6 +27,8 @@ exports.default = {
|
|
|
23
27
|
scope: 'http_server_request',
|
|
24
28
|
impactDomain: 'Stability',
|
|
25
29
|
enumerateScope: false,
|
|
30
|
+
description: (0, parseRuleDescription_1.default)('missingContentType'),
|
|
31
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#missing-content-type',
|
|
26
32
|
build: build,
|
|
27
33
|
};
|
|
28
34
|
//# sourceMappingURL=missingContentType.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"missingContentType.js","sourceRoot":"","sources":["../../src/rules/missingContentType.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"missingContentType.js","sourceRoot":"","sources":["../../src/rules/missingContentType.ts"],"names":[],"mappings":";;;;;AAEA,oDAA2D;AAC3D,oFAA8D;AAE9D,IAAM,UAAU,GAAG,UAAC,MAAc,IAAK,OAAA,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAA1C,CAA0C,CAAC;AAClF,IAAM,UAAU,GAAG,UAAC,MAAc,IAAK,OAAA,MAAM,KAAK,GAAG,EAAd,CAAc,CAAC;AAEtD,SAAS,KAAK;IACZ,SAAS,OAAO,CAAC,CAAQ;QACvB,OAAO,IAAA,+BAAkB,EAAC,CAAC,CAAE,CAAC,WAAW,KAAK,SAAS,CAAC;IAC1D,CAAC;IACD,SAAS,KAAK,CAAC,CAAQ;QACrB,OAAO,CACL,CAAC,CAAC,CAAC,CAAC,kBAAkB;YACtB,CAAC,UAAU,CAAC,CAAC,CAAC,kBAAmB,CAAC,MAAM,CAAC;YACzC,UAAU,CAAC,CAAC,CAAC,kBAAmB,CAAC,MAAM,CAAC,CACzC,CAAC;IACJ,CAAC;IACD,OAAO;QACL,OAAO,SAAA;QACP,KAAK,OAAA;KACN,CAAC;AACJ,CAAC;AAED,kBAAe;IACb,EAAE,EAAE,sBAAsB;IAC1B,KAAK,EAAE,mDAAmD;IAC1D,KAAK,EAAE,qBAAqB;IAC5B,YAAY,EAAE,WAAW;IACzB,cAAc,EAAE,KAAK;IACrB,WAAW,EAAE,IAAA,8BAAoB,EAAC,oBAAoB,CAAC;IACvD,GAAG,EAAE,6EAA6E;IAClF,KAAK,OAAA;CACE,CAAC"}
|
|
@@ -10,9 +10,13 @@ var __values = (this && this.__values) || function(o) {
|
|
|
10
10
|
};
|
|
11
11
|
throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
|
|
12
12
|
};
|
|
13
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
14
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
15
|
+
};
|
|
13
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
14
17
|
var database_1 = require("../database");
|
|
15
18
|
var url_1 = require("url");
|
|
19
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
16
20
|
var Options = /** @class */ (function () {
|
|
17
21
|
function Options() {
|
|
18
22
|
this.warningLimit = 5;
|
|
@@ -23,10 +27,10 @@ var Options = /** @class */ (function () {
|
|
|
23
27
|
// TODO: clean up according to https://github.com/applandinc/scanner/issues/43
|
|
24
28
|
function build(options) {
|
|
25
29
|
var sqlCount = {};
|
|
26
|
-
function matcher(command,
|
|
30
|
+
function matcher(command, appMapIndex, eventFilter) {
|
|
27
31
|
var e_1, _a;
|
|
28
32
|
try {
|
|
29
|
-
for (var _b = __values((0, database_1.sqlStrings)(command, eventFilter)), _c = _b.next(); !_c.done; _c = _b.next()) {
|
|
33
|
+
for (var _b = __values((0, database_1.sqlStrings)(command, appMapIndex, eventFilter)), _c = _b.next(); !_c.done; _c = _b.next()) {
|
|
30
34
|
var sqlEvent = _c.value;
|
|
31
35
|
var occurrence = sqlCount[sqlEvent.sql];
|
|
32
36
|
if (!occurrence) {
|
|
@@ -84,6 +88,8 @@ exports.default = {
|
|
|
84
88
|
references: {
|
|
85
89
|
'CWE-1073': new url_1.URL('https://cwe.mitre.org/data/definitions/1073.html'),
|
|
86
90
|
},
|
|
91
|
+
description: (0, parseRuleDescription_1.default)('nPlusOneQuery'),
|
|
92
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#n-plus-one-query',
|
|
87
93
|
build: build,
|
|
88
94
|
};
|
|
89
95
|
//# sourceMappingURL=nPlusOneQuery.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"nPlusOneQuery.js","sourceRoot":"","sources":["../../src/rules/nPlusOneQuery.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"nPlusOneQuery.js","sourceRoot":"","sources":["../../src/rules/nPlusOneQuery.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAGA,wCAAmD;AACnD,2BAA0B;AAC1B,oFAA8D;AAE9D;IAAA;QACS,iBAAY,GAAG,CAAC,CAAC;QACjB,eAAU,GAAG,EAAE,CAAC;IACzB,CAAC;IAAD,cAAC;AAAD,CAAC,AAHD,IAGC;AAED,8EAA8E;AAC9E,SAAS,KAAK,CAAC,OAAgB;IAC7B,IAAM,QAAQ,GAA6B,EAAE,CAAC;IAE9C,SAAS,OAAO,CACd,OAAc,EACd,WAAwB,EACxB,WAAwB;;;YAExB,KAAuB,IAAA,KAAA,SAAA,IAAA,qBAAU,EAAC,OAAO,EAAE,WAAW,EAAE,WAAW,CAAC,CAAA,gBAAA,4BAAE;gBAAjE,IAAM,QAAQ,WAAA;gBACjB,IAAI,UAAU,GAAG,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;gBACxC,IAAI,CAAC,UAAU,EAAE;oBACf,UAAU,GAAG;wBACX,KAAK,EAAE,CAAC;wBACR,MAAM,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC;qBACzB,CAAC;oBACF,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC;iBACrC;qBAAM;oBACL,UAAU,CAAC,KAAK,IAAI,CAAC,CAAC;oBACtB,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;iBACxC;aACF;;;;;;;;;QAED,OAAO,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,UAAC,YAAY,EAAE,GAAG;YACpD,IAAM,UAAU,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC;YAEjC,IAAM,gBAAgB,GAAG,UAAC,KAAY;gBACpC,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;oBAC3B,OAAO,EAAK,UAAU,CAAC,KAAK,6BAAwB,GAAK;oBACzD,YAAY,EAAE,GAAG;oBACjB,eAAe,EAAE,UAAU,CAAC,KAAK;oBACjC,aAAa,EAAE,UAAU,CAAC,MAAM;iBACjC,CAAC;YACJ,CAAC,CAAC;YAEF,IAAI,UAAU,CAAC,KAAK,IAAI,OAAO,CAAC,UAAU,EAAE;gBAC1C,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;aAC9C;iBAAM,IAAI,UAAU,CAAC,KAAK,IAAI,OAAO,CAAC,YAAY,EAAE;gBACnD,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC,CAAC;aAChD;YACD,OAAO,YAAY,CAAC;QACtB,CAAC,EAAE,EAAmB,CAAC,CAAC;IAC1B,CAAC;IAED,OAAO;QACL,OAAO,SAAA;KACR,CAAC;AACJ,CAAC;AAED,kBAAe;IACb,EAAE,EAAE,kBAAkB;IACtB,KAAK,EAAE,oBAAoB;IAC3B,KAAK,EAAE,SAAS;IAChB,YAAY,EAAE,aAAa;IAC3B,cAAc,EAAE,KAAK;IACrB,OAAO,SAAA;IACP,UAAU,EAAE;QACV,UAAU,EAAE,IAAI,SAAG,CAAC,kDAAkD,CAAC;KACxE;IACD,WAAW,EAAE,IAAA,8BAAoB,EAAC,eAAe,CAAC;IAClD,GAAG,EAAE,yEAAyE;IAC9E,KAAK,OAAA;CACE,CAAC"}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
2
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
6
|
var matchPattern_1 = require("./lib/matchPattern");
|
|
4
7
|
var url_1 = require("url");
|
|
8
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
5
9
|
// TODO: Use the Query AST for this.
|
|
6
10
|
var WHITELIST = [/\bBEGIN\b/i, /\bCOMMIT\b/i, /\bROLLBACK\b/i, /\bRELEASE\b/i, /\bSAVEPOINT\b/i];
|
|
7
11
|
var Options = /** @class */ (function () {
|
|
@@ -37,6 +41,8 @@ exports.default = {
|
|
|
37
41
|
references: {
|
|
38
42
|
'CWE-1057': new url_1.URL('https://cwe.mitre.org/data/definitions/1057.html'),
|
|
39
43
|
},
|
|
44
|
+
description: (0, parseRuleDescription_1.default)('queryFromInvalidPackage'),
|
|
45
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#query-from-invalid-package',
|
|
40
46
|
build: build,
|
|
41
47
|
};
|
|
42
48
|
//# sourceMappingURL=queryFromInvalidPackage.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"queryFromInvalidPackage.js","sourceRoot":"","sources":["../../src/rules/queryFromInvalidPackage.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"queryFromInvalidPackage.js","sourceRoot":"","sources":["../../src/rules/queryFromInvalidPackage.ts"],"names":[],"mappings":";;;;;AAIA,mDAAkD;AAClD,2BAA0B;AAC1B,oFAA8D;AAE9D,oCAAoC;AACpC,IAAM,SAAS,GAAG,CAAC,YAAY,EAAE,aAAa,EAAE,eAAe,EAAE,cAAc,EAAE,gBAAgB,CAAC,CAAC;AAEnG;IAAA;QACS,oBAAe,GAAyB,EAAE,CAAC;QAC3C,mBAAc,GAAyB,SAAS,CAAC,GAAG,CACzD,UAAC,MAAM,IAAK,OAAA,CAAC,EAAE,KAAK,EAAE,MAAM,EAAyB,CAAA,EAAzC,CAAyC,CACtD,CAAC;IACJ,CAAC;IAAD,cAAC;AAAD,CAAC,AALD,IAKC;AAED,SAAS,KAAK,CAAC,OAAgB;IAC7B,IAAM,eAAe,GAAG,IAAA,2BAAY,EAAC,OAAO,CAAC,eAAe,CAAC,CAAC;IAC9D,IAAM,cAAc,GAAG,IAAA,2BAAY,EAAC,OAAO,CAAC,cAAc,CAAC,CAAC;IAE5D,SAAS,OAAO,CAAC,CAAQ;QACvB,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,UAAC,MAAM,IAAK,OAAA,MAAM,CAAC,CAAC,CAAC,MAAO,CAAC,UAAU,CAAC,SAAS,CAAC,EAAtC,CAAsC,CAAC,EAAE;YAC7E,OAAU,CAAC,CAAC,UAAU,CAAC,EAAE,yCAAoC,CAAC,CAAC,MAAO,CAAC,UAAU,CAAC,SAAW,CAAC;SAC/F;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,SAAS,KAAK,CAAC,CAAQ;QACrB,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,UAAC,OAAO,IAAK,OAAA,OAAO,CAAC,CAAC,CAAC,QAAS,CAAC,EAApB,CAAoB,CAAC,CAAC;IAC/F,CAAC;IAED,OAAO;QACL,OAAO,SAAA;QACP,KAAK,OAAA;KACN,CAAC;AACJ,CAAC;AAED,kBAAe;IACb,EAAE,EAAE,4BAA4B;IAChC,KAAK,EAAE,+BAA+B;IACtC,OAAO,SAAA;IACP,YAAY,EAAE,iBAAiB;IAC/B,cAAc,EAAE,IAAI;IACpB,UAAU,EAAE;QACV,UAAU,EAAE,IAAI,SAAG,CAAC,kDAAkD,CAAC;KACxE;IACD,WAAW,EAAE,IAAA,8BAAoB,EAAC,yBAAyB,CAAC;IAC5D,GAAG,EAAE,mFAAmF;IACxF,KAAK,OAAA;CACE,CAAC"}
|
|
@@ -1,6 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
2
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
6
|
var url_1 = require("url");
|
|
7
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
4
8
|
var Options = /** @class */ (function () {
|
|
5
9
|
function Options() {
|
|
6
10
|
this.forbiddenLabel = 'mvc.template';
|
|
@@ -29,6 +33,8 @@ exports.default = {
|
|
|
29
33
|
references: {
|
|
30
34
|
'CWE-1057': new url_1.URL('https://cwe.mitre.org/data/definitions/1057.html'),
|
|
31
35
|
},
|
|
36
|
+
description: (0, parseRuleDescription_1.default)('queryFromView'),
|
|
37
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#query-from-view',
|
|
32
38
|
build: build,
|
|
33
39
|
};
|
|
34
40
|
//# sourceMappingURL=queryFromView.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"queryFromView.js","sourceRoot":"","sources":["../../src/rules/queryFromView.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"queryFromView.js","sourceRoot":"","sources":["../../src/rules/queryFromView.ts"],"names":[],"mappings":";;;;;AAGA,2BAA0B;AAC1B,oFAA8D;AAE9D;IAAA;QACS,mBAAc,GAAU,cAAc,CAAC;IAChD,CAAC;IAAD,cAAC;AAAD,CAAC,AAFD,IAEC;AAED,SAAS,KAAK,CAAC,OAAgC;IAAhC,wBAAA,EAAA,cAAuB,OAAO,EAAE;IAC7C,SAAS,OAAO,CAAC,CAAQ;QACvB,OAAO,CAAC,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,EAA/C,CAA+C,CAAC,CAAC;IAC3F,CAAC;IACD,SAAS,KAAK,CAAC,CAAQ;QACrB,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;IACtB,CAAC;IAED,OAAO;QACL,OAAO,SAAA;QACP,KAAK,OAAA;KACN,CAAC;AACJ,CAAC;AAED,kBAAe;IACb,EAAE,EAAE,iBAAiB;IACrB,KAAK,EAAE,mBAAmB;IAC1B,OAAO,SAAA;IACP,YAAY,EAAE,iBAAiB;IAC/B,cAAc,EAAE,IAAI;IACpB,UAAU,EAAE;QACV,UAAU,EAAE,IAAI,SAAG,CAAC,kDAAkD,CAAC;KACxE;IACD,WAAW,EAAE,IAAA,8BAAoB,EAAC,eAAe,CAAC;IAClD,GAAG,EAAE,wEAAwE;IAC7E,KAAK,OAAA;CACE,CAAC"}
|
|
@@ -37,9 +37,13 @@ var __values = (this && this.__values) || function(o) {
|
|
|
37
37
|
};
|
|
38
38
|
throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
|
|
39
39
|
};
|
|
40
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
41
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
42
|
+
};
|
|
40
43
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
41
44
|
var models_1 = require("@appland/models");
|
|
42
45
|
var rpcWithoutProtection_1 = require("./lib/rpcWithoutProtection");
|
|
46
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
43
47
|
var Options = /** @class */ (function () {
|
|
44
48
|
function Options() {
|
|
45
49
|
this.expectedLabel = RPCCircuitBreaker;
|
|
@@ -93,6 +97,8 @@ exports.default = {
|
|
|
93
97
|
labels: [RPCCircuitBreaker],
|
|
94
98
|
impactDomain: 'Stability',
|
|
95
99
|
enumerateScope: true,
|
|
100
|
+
description: (0, parseRuleDescription_1.default)('rpcWithoutCircuitBreaker'),
|
|
101
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#rpc-without-circuit-breaker',
|
|
96
102
|
build: build,
|
|
97
103
|
};
|
|
98
104
|
//# sourceMappingURL=rpcWithoutCircuitBreaker.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rpcWithoutCircuitBreaker.js","sourceRoot":"","sources":["../../src/rules/rpcWithoutCircuitBreaker.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"rpcWithoutCircuitBreaker.js","sourceRoot":"","sources":["../../src/rules/rpcWithoutCircuitBreaker.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,0CAAwD;AAExD,mEAA+F;AAE/F,oFAA8D;AAE9D;IAAA;QACS,kBAAa,GAAW,iBAAiB,CAAC;IACnD,CAAC;IAAD,cAAC;AAAD,CAAC,AAFD,IAEC;AAED,8EAA8E;AAC9E,SAAU,WAAW,CAAC,iBAAwB;;;;;;;gBACpB,KAAA,SAAA,IAAI,uBAAc,CAAC,iBAAiB,CAAC,CAAC,WAAW,EAAE,CAAA;;;;gBAAhE,SAAS;gBAClB,qBAAM,SAAS,CAAC,KAAK,EAAA;;gBAArB,SAAqB,CAAC;;;;;;;;;;;;;;;;;;;CAEzB;AAED,SAAS,KAAK,CAAC,OAAgC;IAAhC,wBAAA,EAAA,cAAuB,OAAO,EAAE;IAC7C,OAAO,IAAA,2CAAoB,EAAC,WAAW,EAAE,OAAO,CAAC,CAAC;AACpD,CAAC;AAED,IAAM,iBAAiB,GAAG,qBAAqB,CAAC;AAEhD,kBAAe;IACb,EAAE,EAAE,6BAA6B;IACjC,KAAK,EAAE,6BAA6B;IACpC,OAAO,SAAA;IACP,MAAM,EAAE,CAAC,iBAAiB,CAAC;IAC3B,YAAY,EAAE,WAAW;IACzB,cAAc,EAAE,IAAI;IACpB,WAAW,EAAE,IAAA,8BAAoB,EAAC,0BAA0B,CAAC;IAC7D,GAAG,EAAE,oFAAoF;IACzF,KAAK,OAAA;CACE,CAAC"}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
2
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
6
|
var models_1 = require("@appland/models");
|
|
4
7
|
var url_1 = require("url");
|
|
8
|
+
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
5
9
|
var validatedBy = function (iterator) {
|
|
6
10
|
var i = iterator.next();
|
|
7
11
|
while (!i.done) {
|
|
@@ -28,6 +32,8 @@ exports.default = {
|
|
|
28
32
|
references: {
|
|
29
33
|
'CWE-20': new url_1.URL('https://cwe.mitre.org/data/definitions/20.html'),
|
|
30
34
|
},
|
|
35
|
+
description: (0, parseRuleDescription_1.default)('saveWithoutValidation'),
|
|
36
|
+
url: 'https://appland.com/docs/analysis/rules-reference.html#save-without-validation',
|
|
31
37
|
build: build,
|
|
32
38
|
};
|
|
33
39
|
//# sourceMappingURL=saveWithoutValidation.js.map
|