@appland/scanner 1.50.0 → 1.51.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/built/cli/ci/command.js +5 -5
- package/built/cli/ci/command.js.map +1 -1
- package/built/cli/resolveAppId.js +24 -2
- package/built/cli/resolveAppId.js.map +1 -1
- package/built/cli/scan/command.js +23 -15
- package/built/cli/scan/command.js.map +1 -1
- package/built/cli/scanArgs.js +1 -0
- package/built/cli/scanArgs.js.map +1 -1
- package/built/cli.js +20 -3
- package/built/cli.js.map +1 -1
- package/built/integration/appland/app/exists.js +98 -0
- package/built/integration/appland/app/exists.js.map +1 -0
- package/doc/rules/deserializationOfUntrustedData.md +3 -3
- package/doc/rules/execOfUntrustedCommand.md +23 -0
- package/package.json +1 -1
package/built/cli/ci/command.js
CHANGED
|
@@ -102,7 +102,7 @@ exports.default = {
|
|
|
102
102
|
},
|
|
103
103
|
handler: function (options) {
|
|
104
104
|
return __awaiter(this, void 0, void 0, function () {
|
|
105
|
-
var _a, appmapDir, config, isVerbose, failOption, appIdArg, reportFile, doUpload, updateCommitStatusOption, mergeKey, commit, branch, environment, glob, files,
|
|
105
|
+
var _a, appmapDir, config, isVerbose, failOption, appIdArg, reportFile, doUpload, updateCommitStatusOption, mergeKey, commit, branch, environment, appId, glob, files, configData, scanner, _b, rawScanResults, findingStatuses, scanResults, uploadResponse, err_1;
|
|
106
106
|
return __generator(this, function (_c) {
|
|
107
107
|
switch (_c.label) {
|
|
108
108
|
case 0:
|
|
@@ -119,13 +119,13 @@ exports.default = {
|
|
|
119
119
|
return [4 /*yield*/, (0, validateFile_1.default)('directory', appmapDir)];
|
|
120
120
|
case 2:
|
|
121
121
|
_c.sent();
|
|
122
|
+
return [4 /*yield*/, (0, resolveAppId_1.default)(appIdArg, appmapDir)];
|
|
123
|
+
case 3:
|
|
124
|
+
appId = _c.sent();
|
|
122
125
|
glob = (0, util_1.promisify)(glob_1.glob);
|
|
123
126
|
return [4 /*yield*/, glob(appmapDir + "/**/*.appmap.json")];
|
|
124
|
-
case 3:
|
|
125
|
-
files = _c.sent();
|
|
126
|
-
return [4 /*yield*/, (0, resolveAppId_1.default)(appIdArg, appmapDir)];
|
|
127
127
|
case 4:
|
|
128
|
-
|
|
128
|
+
files = _c.sent();
|
|
129
129
|
return [4 /*yield*/, (0, configurationProvider_1.parseConfigFile)(config)];
|
|
130
130
|
case 5:
|
|
131
131
|
configData = _c.sent();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"command.js","sourceRoot":"","sources":["../../../src/cli/ci/command.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6BAA4C;AAC5C,wCAAwC;AACxC,6BAAiC;AAKjC,mFAA4E;AAC5E,uCAA2D;AAE3D,6CAA+C;AAC/C,2CAA6C;AAC7C,+EAAyD;AACzD,6EAAuD;AAEvD,wCAAuC;AACvC,iEAA2C;AAC3C,iEAA2C;AAC3C,qDAA+B;AAC/B,4DAA0D;AAG1D,yDAAmC;AACnC,6EAAuD;AACvD,uEAAiD;AACjD,iDAA2B;AAC3B,uEAAiD;AAEjD,kBAAe;IACb,OAAO,EAAE,IAAI;IACb,QAAQ,EAAE,uEAAuE;IACjF,OAAO,EAAP,UAAQ,IAAU;QAChB,IAAA,kBAAQ,EAAC,IAAI,CAAC,CAAC;QACf,IAAA,yBAAe,EAAC,IAAI,CAAC,CAAC;QAEtB,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE;YAClB,QAAQ,EAAE,yDAAyD;YACnE,OAAO,EAAE,KAAK;YACd,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE;YAClC,QAAQ,EAAE,oCAAoC;YAC9C,OAAO,EAAE,KAAK;YACd,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE;YACpB,QAAQ,EAAE,kCAAkC;YAC5C,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE;YACvB,QAAQ,EAAE,8EAA8E;SACzF,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;IACvB,CAAC;IACK,OAAO,EAAb,UAAc,OAAkB;;;;;;wBACxB,KAaF,OAAoC,EAZtC,SAAS,eAAA,EACT,MAAM,YAAA,EACG,SAAS,aAAA,EACZ,UAAU,UAAA,EACX,QAAQ,SAAA,EACb,UAAU,gBAAA,EACF,QAAQ,YAAA,EACI,wBAAwB,wBAAA,EAC5C,QAAQ,cAAA,EACR,MAAM,YAAA,EACN,MAAM,YAAA,EACN,WAAW,iBAAA,CAC4B;wBAEzC,IAAI,SAAS,EAAE;4BACb,IAAA,cAAO,EAAC,IAAI,CAAC,CAAC;yBACf;;;;wBAGC,IAAI,CAAC,SAAS,EAAE;4BACd,MAAM,IAAI,wBAAe,CAAC,0BAA0B,CAAC,CAAC;yBACvD;wBAED,qBAAM,IAAA,sBAAY,EAAC,WAAW,EAAE,SAAU,CAAC,EAAA;;wBAA3C,SAA2C,CAAC;
|
|
1
|
+
{"version":3,"file":"command.js","sourceRoot":"","sources":["../../../src/cli/ci/command.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6BAA4C;AAC5C,wCAAwC;AACxC,6BAAiC;AAKjC,mFAA4E;AAC5E,uCAA2D;AAE3D,6CAA+C;AAC/C,2CAA6C;AAC7C,+EAAyD;AACzD,6EAAuD;AAEvD,wCAAuC;AACvC,iEAA2C;AAC3C,iEAA2C;AAC3C,qDAA+B;AAC/B,4DAA0D;AAG1D,yDAAmC;AACnC,6EAAuD;AACvD,uEAAiD;AACjD,iDAA2B;AAC3B,uEAAiD;AAEjD,kBAAe;IACb,OAAO,EAAE,IAAI;IACb,QAAQ,EAAE,uEAAuE;IACjF,OAAO,EAAP,UAAQ,IAAU;QAChB,IAAA,kBAAQ,EAAC,IAAI,CAAC,CAAC;QACf,IAAA,yBAAe,EAAC,IAAI,CAAC,CAAC;QAEtB,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE;YAClB,QAAQ,EAAE,yDAAyD;YACnE,OAAO,EAAE,KAAK;YACd,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE;YAClC,QAAQ,EAAE,oCAAoC;YAC9C,OAAO,EAAE,KAAK;YACd,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE;YACpB,QAAQ,EAAE,kCAAkC;YAC5C,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE;YACvB,QAAQ,EAAE,8EAA8E;SACzF,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;IACvB,CAAC;IACK,OAAO,EAAb,UAAc,OAAkB;;;;;;wBACxB,KAaF,OAAoC,EAZtC,SAAS,eAAA,EACT,MAAM,YAAA,EACG,SAAS,aAAA,EACZ,UAAU,UAAA,EACX,QAAQ,SAAA,EACb,UAAU,gBAAA,EACF,QAAQ,YAAA,EACI,wBAAwB,wBAAA,EAC5C,QAAQ,cAAA,EACR,MAAM,YAAA,EACN,MAAM,YAAA,EACN,WAAW,iBAAA,CAC4B;wBAEzC,IAAI,SAAS,EAAE;4BACb,IAAA,cAAO,EAAC,IAAI,CAAC,CAAC;yBACf;;;;wBAGC,IAAI,CAAC,SAAS,EAAE;4BACd,MAAM,IAAI,wBAAe,CAAC,0BAA0B,CAAC,CAAC;yBACvD;wBAED,qBAAM,IAAA,sBAAY,EAAC,WAAW,EAAE,SAAU,CAAC,EAAA;;wBAA3C,SAA2C,CAAC;wBAC9B,qBAAM,IAAA,sBAAY,EAAC,QAAQ,EAAE,SAAS,CAAC,EAAA;;wBAA/C,KAAK,GAAG,SAAuC;wBAE/C,IAAI,GAAG,IAAA,gBAAS,EAAC,WAAY,CAAC,CAAC;wBACvB,qBAAM,IAAI,CAAI,SAAS,sBAAmB,CAAC,EAAA;;wBAAnD,KAAK,GAAG,SAA2C;wBAEtC,qBAAM,IAAA,uCAAe,EAAC,MAAM,CAAC,EAAA;;wBAA1C,UAAU,GAAG,SAA6B;wBAEhC,qBAAM,IAAA,iBAAY,EAAC,KAAK,EAAE,UAAU,EAAE,KAAK,CAAC,EAAA;;wBAAtD,OAAO,GAAG,SAA4C;wBAG1D,qBAAM,OAAO,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,OAAO,CAAC,kBAAkB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,EAAA;;wBADhF,KAAA,sBACJ,SAAoF,KAAA,EAD/E,cAAc,QAAA,EAAE,eAAe,QAAA;wBAGtC,6BAA6B;wBAC7B,qBAAM,IAAA,oBAAS,EAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAA;;wBADpE,6BAA6B;wBAC7B,SAAoE,CAAC;wBAE/D,WAAW,GAAG,cAAc,CAAC,YAAY,CAC7C,IAAA,sBAAW,EAAC,cAAc,CAAC,QAAQ,EAAE,eAAe,CAAC,CACtD,CAAC;wBAEF,IAAA,wBAAc,EAAC,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,cAAc,CAAC,CAAC;wBACjE,IAAA,uBAAa,EAAC,WAAW,EAAE,IAAI,CAAC,CAAC;6BAE7B,QAAQ,EAAR,yBAAQ;wBACa,qBAAM,IAAA,gBAAM,EACjC,cAAc,EACd,KAAK,EACL,SAAS,EACT,QAAQ,EACR;gCACE,MAAM,QAAA;gCACN,MAAM,QAAA;gCACN,WAAW,aAAA;6BACZ,EACD;gCACE,UAAU,EAAE,CAAC;6BACd,CACF,EAAA;;wBAbK,cAAc,GAAG,SAatB;wBACD,IAAA,yBAAe,EAAC,cAAc,CAAC,OAAO,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,CAAC,CAAC;;;6BAGtE,wBAAwB,EAAxB,yBAAwB;wBAC1B,qBAAM,IAAA,4BAAkB,EAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,SAAS,CAAC,EAAA;;wBAApF,SAAoF,CAAC;;;wBAGvF,IAAI,UAAU,EAAE;4BACd,IAAA,cAAI,EAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;yBACnC;;;;wBAED,IAAI,KAAG,YAAY,wBAAe,EAAE;4BAClC,OAAO,CAAC,IAAI,CAAC,KAAG,CAAC,OAAO,CAAC,CAAC;4BAC1B,sBAAO,OAAO,CAAC,IAAI,CAAC,mBAAQ,CAAC,eAAe,CAAC,EAAC;yBAC/C;wBACD,IAAI,KAAG,YAAY,mBAAU,EAAE;4BAC7B,sBAAO,OAAO,CAAC,IAAI,CAAC,mBAAQ,CAAC,UAAU,CAAC,EAAC;yBAC1C;wBACD,IAAI,CAAC,cAAO,IAAI,KAAG,YAAY,KAAK,EAAE;4BACpC,OAAO,CAAC,KAAK,CAAC,KAAG,CAAC,OAAO,CAAC,CAAC;4BAC3B,sBAAO,OAAO,CAAC,IAAI,CAAC,mBAAQ,CAAC,YAAY,CAAC,EAAC;yBAC5C;wBAED,MAAM,KAAG,CAAC;;;;;KAEb;CACF,CAAC"}
|
|
@@ -40,8 +40,9 @@ var fs_1 = require("fs");
|
|
|
40
40
|
var promises_1 = require("fs/promises");
|
|
41
41
|
var js_yaml_1 = require("js-yaml");
|
|
42
42
|
var path_1 = require("path");
|
|
43
|
+
var exists_1 = require("../integration/appland/app/exists");
|
|
43
44
|
var errors_1 = require("../errors");
|
|
44
|
-
function
|
|
45
|
+
function resolveAppId(appIdArg, appMapDir) {
|
|
45
46
|
return __awaiter(this, void 0, void 0, function () {
|
|
46
47
|
var searchPath, configPath, _a, configContent, config;
|
|
47
48
|
return __generator(this, function (_b) {
|
|
@@ -74,7 +75,28 @@ function default_1(appIdArg, appMapDir) {
|
|
|
74
75
|
if (config.name)
|
|
75
76
|
return [2 /*return*/, config.name];
|
|
76
77
|
return [3 /*break*/, 1];
|
|
77
|
-
case 7:
|
|
78
|
+
case 7: return [2 /*return*/];
|
|
79
|
+
}
|
|
80
|
+
});
|
|
81
|
+
});
|
|
82
|
+
}
|
|
83
|
+
function default_1(appIdArg, appMapDir) {
|
|
84
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
85
|
+
var appId, appExists;
|
|
86
|
+
return __generator(this, function (_a) {
|
|
87
|
+
switch (_a.label) {
|
|
88
|
+
case 0: return [4 /*yield*/, resolveAppId(appIdArg, appMapDir)];
|
|
89
|
+
case 1:
|
|
90
|
+
appId = _a.sent();
|
|
91
|
+
if (!appId)
|
|
92
|
+
throw new errors_1.ValidationError('App was not provided and could not be resolved');
|
|
93
|
+
return [4 /*yield*/, (0, exists_1.exists)(appId)];
|
|
94
|
+
case 2:
|
|
95
|
+
appExists = _a.sent();
|
|
96
|
+
if (!appExists) {
|
|
97
|
+
throw new errors_1.ValidationError("App \"" + appId + "\" is not valid or does not exist.\nPlease fix the app name in the appmap.yml file, or override it with the --app option.");
|
|
98
|
+
}
|
|
99
|
+
return [2 /*return*/, appId];
|
|
78
100
|
}
|
|
79
101
|
});
|
|
80
102
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"resolveAppId.js","sourceRoot":"","sources":["../../src/cli/resolveAppId.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,yBAA8C;AAC9C,wCAA+C;AAC/C,mCAA+B;AAC/B,6BAA8C;AAC9C,oCAA4C;AAE5C,
|
|
1
|
+
{"version":3,"file":"resolveAppId.js","sourceRoot":"","sources":["../../src/cli/resolveAppId.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,yBAA8C;AAC9C,wCAA+C;AAC/C,mCAA+B;AAC/B,6BAA8C;AAC9C,4DAA2D;AAC3D,oCAA4C;AAE5C,SAAe,YAAY,CACzB,QAA4B,EAC5B,SAA6B;;;;;;oBAE7B,IAAI,QAAQ,EAAE;wBACZ,sBAAO,QAAQ,EAAC;qBACjB;yBAEG,SAAS,EAAT,wBAAS;oBACP,UAAU,GAAG,IAAA,cAAO,EAAC,SAAS,CAAC,CAAC;;;yBAC7B,CAAA,UAAU,KAAK,GAAG,IAAI,UAAU,KAAK,GAAG,CAAA;oBACvC,UAAU,GAAG,IAAA,WAAI,EAAC,UAAU,EAAE,YAAY,CAAC,CAAC;;;;oBAGhD,qBAAM,IAAA,iBAAM,EAAC,UAAU,EAAE,cAAW,CAAC,IAAI,CAAC,EAAA;;oBAA1C,SAA0C,CAAC;;;;oBAE3C,UAAU,GAAG,IAAA,cAAO,EAAC,UAAU,CAAC,CAAC;oBACjC,wBAAS;wBAGW,qBAAM,IAAA,mBAAQ,EAAC,UAAU,EAAE,OAAO,CAAC,EAAA;;oBAAnD,aAAa,GAAG,SAAmC;oBACnD,MAAM,GAAG,IAAA,cAAI,EAAC,aAAa,CAAsB,CAAC;oBACxD,IAAI,MAAM,CAAC,IAAI;wBAAE,sBAAO,MAAM,CAAC,IAAI,EAAC;;;;;;CAGzC;AAED,mBACE,QAA4B,EAC5B,SAA6B;;;;;wBAEf,qBAAM,YAAY,CAAC,QAAQ,EAAE,SAAS,CAAC,EAAA;;oBAA/C,KAAK,GAAG,SAAuC;oBACrD,IAAI,CAAC,KAAK;wBAAE,MAAM,IAAI,wBAAe,CAAC,gDAAgD,CAAC,CAAC;oBAEtE,qBAAM,IAAA,eAAM,EAAC,KAAK,CAAC,EAAA;;oBAA/B,SAAS,GAAG,SAAmB;oBACrC,IAAI,CAAC,SAAS,EAAE;wBACd,MAAM,IAAI,wBAAe,CACvB,WAAQ,KAAK,8HAA0H,CACxI,CAAC;qBACH;oBAED,sBAAO,KAAK,EAAC;;;;CACd;AAfD,4BAeC"}
|
|
@@ -98,6 +98,7 @@ var summaryReport_1 = __importDefault(require("../../report/summaryReport"));
|
|
|
98
98
|
var validateFile_1 = __importDefault(require("../validateFile"));
|
|
99
99
|
var scanner_1 = __importDefault(require("./scanner"));
|
|
100
100
|
var scanArgs_1 = __importDefault(require("../scanArgs"));
|
|
101
|
+
var resolveAppId_1 = __importDefault(require("../resolveAppId"));
|
|
101
102
|
exports.default = {
|
|
102
103
|
command: 'scan',
|
|
103
104
|
describe: 'Scan AppMaps for code behavior findings',
|
|
@@ -120,7 +121,7 @@ exports.default = {
|
|
|
120
121
|
},
|
|
121
122
|
handler: function (options) {
|
|
122
123
|
return __awaiter(this, void 0, void 0, function () {
|
|
123
|
-
var _a, appmapDir, appmapFile, config, isVerbose, reportAllFindings, appIdArg, apiKey, ide, reportFile, files, glob, configData, scanner, startTime, _b, rawScanResults, findingStatuses, scanResults, elapsed, numChecks;
|
|
124
|
+
var _a, appmapDir, appmapFile, config, isVerbose, reportAllFindings, appIdArg, apiKey, ide, reportFile, appId, files, glob, configData, scanner, startTime, _b, rawScanResults, findingStatuses, scanResults, elapsed, numChecks;
|
|
124
125
|
return __generator(this, function (_c) {
|
|
125
126
|
switch (_c.label) {
|
|
126
127
|
case 0:
|
|
@@ -137,38 +138,45 @@ exports.default = {
|
|
|
137
138
|
if (!appmapFile && !appmapDir) {
|
|
138
139
|
throw new errors_1.ValidationError('Either --appmap-dir or --appmap-file is required');
|
|
139
140
|
}
|
|
141
|
+
appId = appIdArg;
|
|
142
|
+
if (!!reportAllFindings) return [3 /*break*/, 2];
|
|
143
|
+
return [4 /*yield*/, (0, resolveAppId_1.default)(appIdArg, appmapDir)];
|
|
144
|
+
case 1:
|
|
145
|
+
appId = _c.sent();
|
|
146
|
+
_c.label = 2;
|
|
147
|
+
case 2:
|
|
140
148
|
files = [];
|
|
141
|
-
if (!appmapDir) return [3 /*break*/,
|
|
149
|
+
if (!appmapDir) return [3 /*break*/, 5];
|
|
142
150
|
return [4 /*yield*/, (0, validateFile_1.default)('directory', appmapDir)];
|
|
143
|
-
case
|
|
151
|
+
case 3:
|
|
144
152
|
_c.sent();
|
|
145
153
|
glob = (0, util_1.promisify)(glob_1.glob);
|
|
146
154
|
return [4 /*yield*/, glob(appmapDir + "/**/*.appmap.json")];
|
|
147
|
-
case
|
|
155
|
+
case 4:
|
|
148
156
|
files = _c.sent();
|
|
149
|
-
_c.label =
|
|
150
|
-
case
|
|
151
|
-
if (!appmapFile) return [3 /*break*/,
|
|
157
|
+
_c.label = 5;
|
|
158
|
+
case 5:
|
|
159
|
+
if (!appmapFile) return [3 /*break*/, 7];
|
|
152
160
|
return [4 /*yield*/, (0, validateFile_1.default)('file', appmapFile)];
|
|
153
|
-
case
|
|
161
|
+
case 6:
|
|
154
162
|
_c.sent();
|
|
155
163
|
files = [appmapFile];
|
|
156
|
-
_c.label =
|
|
157
|
-
case
|
|
158
|
-
case
|
|
164
|
+
_c.label = 7;
|
|
165
|
+
case 7: return [4 /*yield*/, (0, configurationProvider_1.parseConfigFile)(config)];
|
|
166
|
+
case 8:
|
|
159
167
|
configData = _c.sent();
|
|
160
168
|
return [4 /*yield*/, (0, scanner_1.default)(reportAllFindings, configData, files).catch(function (error) {
|
|
161
169
|
throw new errors_1.ValidationError(error.message + '\nUse --all to perform an offline scan.');
|
|
162
170
|
})];
|
|
163
|
-
case
|
|
171
|
+
case 9:
|
|
164
172
|
scanner = _c.sent();
|
|
165
173
|
startTime = Date.now();
|
|
166
|
-
return [4 /*yield*/, Promise.all([scanner.scan(), scanner.fetchFindingStatus(
|
|
167
|
-
case
|
|
174
|
+
return [4 /*yield*/, Promise.all([scanner.scan(), scanner.fetchFindingStatus(appId, appmapDir)])];
|
|
175
|
+
case 10:
|
|
168
176
|
_b = __read.apply(void 0, [_c.sent(), 2]), rawScanResults = _b[0], findingStatuses = _b[1];
|
|
169
177
|
// Always report the raw data
|
|
170
178
|
return [4 /*yield*/, (0, promises_1.writeFile)(reportFile, formatReport(rawScanResults))];
|
|
171
|
-
case
|
|
179
|
+
case 11:
|
|
172
180
|
// Always report the raw data
|
|
173
181
|
_c.sent();
|
|
174
182
|
if (reportAllFindings) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"command.js","sourceRoot":"","sources":["../../../src/cli/scan/command.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6BAA4C;AAC5C,wCAAwC;AACxC,6BAAiC;AAKjC,mFAA4E;AAC5E,uCAA+C;AAE/C,6CAA+C;AAC/C,2CAA6C;AAC7C,+EAAyD;AACzD,6EAAuD;AAEvD,iEAA2C;AAG3C,sDAAoD;AACpD,yDAAmC;
|
|
1
|
+
{"version":3,"file":"command.js","sourceRoot":"","sources":["../../../src/cli/scan/command.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6BAA4C;AAC5C,wCAAwC;AACxC,6BAAiC;AAKjC,mFAA4E;AAC5E,uCAA+C;AAE/C,6CAA+C;AAC/C,2CAA6C;AAC7C,+EAAyD;AACzD,6EAAuD;AAEvD,iEAA2C;AAG3C,sDAAoD;AACpD,yDAAmC;AAGnC,iEAA2C;AAE3C,kBAAe;IACb,OAAO,EAAE,MAAM;IACf,QAAQ,EAAE,yCAAyC;IACnD,OAAO,EAAP,UAAQ,IAAU;QAChB,IAAA,kBAAQ,EAAC,IAAI,CAAC,CAAC;QAEf,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;YACzB,QAAQ,EAAE,qBAAqB;YAC/B,KAAK,EAAE,GAAG;SACX,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE;YACjB,QAAQ,EAAE,gEAAgE;YAC1E,OAAO,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,CAAC;SACjD,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE;YACjB,QAAQ,EAAE,6DAA6D;YACvE,OAAO,EAAE,KAAK;YACd,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;IACvB,CAAC;IACK,OAAO,EAAb,UAAc,OAAkB;;;;;;wBACxB,KAUF,OAAoC,EATtC,SAAS,eAAA,EACT,UAAU,gBAAA,EACV,MAAM,YAAA,EACG,SAAS,aAAA,EACb,iBAAiB,SAAA,EACjB,QAAQ,SAAA,EACb,MAAM,YAAA,EACN,GAAG,SAAA,EACH,UAAU,gBAAA,CAC6B;wBAEzC,IAAI,SAAS,EAAE;4BACb,IAAA,cAAO,EAAC,IAAI,CAAC,CAAC;yBACf;wBAED,IAAI,MAAM,EAAE;4BACV,OAAO,CAAC,GAAG,CAAC,eAAe,GAAG,MAAM,CAAC;yBACtC;wBAED,IAAI,UAAU,IAAI,SAAS,EAAE;4BAC3B,MAAM,IAAI,wBAAe,CAAC,iDAAiD,CAAC,CAAC;yBAC9E;wBACD,IAAI,CAAC,UAAU,IAAI,CAAC,SAAS,EAAE;4BAC7B,MAAM,IAAI,wBAAe,CAAC,kDAAkD,CAAC,CAAC;yBAC/E;wBAEG,KAAK,GAAG,QAAQ,CAAC;6BACjB,CAAC,iBAAiB,EAAlB,wBAAkB;wBACZ,qBAAM,IAAA,sBAAY,EAAC,QAAQ,EAAE,SAAS,CAAC,EAAA;;wBAA/C,KAAK,GAAG,SAAuC,CAAC;;;wBAG9C,KAAK,GAAa,EAAE,CAAC;6BACrB,SAAS,EAAT,wBAAS;wBACX,qBAAM,IAAA,sBAAY,EAAC,WAAW,EAAE,SAAU,CAAC,EAAA;;wBAA3C,SAA2C,CAAC;wBACtC,IAAI,GAAG,IAAA,gBAAS,EAAC,WAAY,CAAC,CAAC;wBAC7B,qBAAM,IAAI,CAAI,SAAS,sBAAmB,CAAC,EAAA;;wBAAnD,KAAK,GAAG,SAA2C,CAAC;;;6BAElD,UAAU,EAAV,wBAAU;wBACZ,qBAAM,IAAA,sBAAY,EAAC,MAAM,EAAE,UAAU,CAAC,EAAA;;wBAAtC,SAAsC,CAAC;wBACvC,KAAK,GAAG,CAAC,UAAU,CAAC,CAAC;;4BAGJ,qBAAM,IAAA,uCAAe,EAAC,MAAM,CAAC,EAAA;;wBAA1C,UAAU,GAAG,SAA6B;wBAEhC,qBAAM,IAAA,iBAAY,EAAC,iBAAiB,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC,KAAK,CAC5E,UAAC,KAAY;gCACX,MAAM,IAAI,wBAAe,CAAC,KAAK,CAAC,OAAO,GAAG,yCAAyC,CAAC,CAAC;4BACvF,CAAC,CACF,EAAA;;wBAJK,OAAO,GAAG,SAIf;wBAEK,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;wBAEa,qBAAM,OAAO,CAAC,GAAG,CAGzD,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,OAAO,CAAC,kBAAkB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC,EAAA;;wBAH3D,KAAA,sBAAoC,SAGuB,KAAA,EAH1D,cAAc,QAAA,EAAE,eAAe,QAAA;wBAKtC,6BAA6B;wBAC7B,qBAAM,IAAA,oBAAS,EAAC,UAAU,EAAE,YAAY,CAAC,cAAc,CAAC,CAAC,EAAA;;wBADzD,6BAA6B;wBAC7B,SAAyD,CAAC;wBAG1D,IAAI,iBAAiB,EAAE;4BACrB,WAAW,GAAG,cAAc,CAAC;yBAC9B;6BAAM;4BACL,WAAW,GAAG,cAAc,CAAC,YAAY,CACvC,IAAA,sBAAW,EAAC,cAAc,CAAC,QAAQ,EAAE,eAAe,CAAC,CACtD,CAAC;yBACH;wBAED,IAAA,wBAAc,EAAC,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC;wBACtE,OAAO,CAAC,GAAG,EAAE,CAAC;wBACd,IAAA,uBAAa,EAAC,WAAW,EAAE,IAAI,CAAC,CAAC;wBACjC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;wBACZ,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;wBAEjC,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,GAAG,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC;wBAC7E,OAAO,CAAC,GAAG,CACT,eAAa,SAAS,mBAAc,OAAO,YAAO,IAAI,CAAC,KAAK,CAC1D,SAAS,GAAG,CAAC,OAAO,GAAG,MAAM,CAAC,CAC/B,iBAAc,CAChB,CAAC;;;;;KACH;CACF,CAAC;AAEF,SAAS,cAAc,CAAC,EAOP;QANC,IAAI,iBAAA,EACD,OAAO,oBAAA,EACJ,UAAU,uBAAA,EACjB,GAAG,gBAAA,EACG,SAAS,sBAAA,EACT,SAAS,sBAAA;IAE9B,IAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC;QAC9B,GAAG,EAAE,IAAI,GAAG,CAAC;QACb,MAAM,EAAE,OAAO,GAAG,CAAC;QACnB,GAAG,EAAE,GAAG,GAAG,CAAC;QACZ,QAAQ,EAAE,SAAS,GAAG,CAAC;QACvB,QAAQ,EAAE,SAAS,GAAG,CAAC;KACxB,CAAC;SACC,MAAM,CAAC,UAAC,EAAK;YAAL,KAAA,aAAK,EAAF,CAAC,QAAA;QAAM,OAAA,CAAC;IAAD,CAAC,CAAC;SACpB,GAAG,CAAC,UAAC,EAAG;YAAH,KAAA,aAAG,EAAF,CAAC,QAAA;QAAM,OAAA,CAAC;IAAD,CAAC,CAAC,CAAC;IAEnB,OAAO,UAAU,QAAkB;QACjC,OAAO,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,UAAC,EAAM;gBAAN,KAAA,aAAM,EAAL,CAAC,QAAA,EAAE,CAAC,QAAA;YACpC,IAAI,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAAE,OAAO,KAAK,CAAC;YACvC,IAAI,CAAC,KAAK,YAAY;gBAAE,OAAQ,CAAC,CAAC,IAAI,EAAE,CAAa,CAAC,MAAM,KAAK,UAAU,CAAC;YAC5E,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CACH,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC;AAED,SAAS,IAAI,CAAO,OAAoB,EAAE,GAAgB;;IACxD,IAAM,MAAM,GAAG,IAAI,GAAG,EAAQ,CAAC;;QAE/B,KAAoB,IAAA,YAAA,SAAA,OAAO,CAAA,gCAAA,qDAAE;YAAxB,IAAM,KAAK,oBAAA;YACd,IAAM,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;YACrB,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;gBAAE,SAAS;YAC5B,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;SACtB;;;;;;;;;IAED,OAAO,MAAM,CAAC,MAAM,EAAE,CAAC;AACzB,CAAC;AAED,0DAA0D;AAC1D,SAAS,YAAY,CAAC,cAA2B;IACzC,IAAA,kBAA6C,cAAc,CAAE,EAA3D,OAAO,aAAA,EAAE,cAAc,oBAAA,EAAE,QAAQ,cAA0B,CAAC;IAEpE,gDAAgD;IAChD,IAAM,MAAM,GAAG,cAAc,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;IACtD,IAAM,QAAQ,GAAG,MAAM,CAAC,WAAW,CACjC,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,UAAC,EAAc;YAAd,KAAA,aAAc,EAAb,EAAE,QAAA,EAAE,QAAQ,QAAA;QAAM,OAAA,CAAC,EAAE,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAAtB,CAAsB,CAAC,CAC/E,CAAC;IAEF,yCAAyC;IACzC,IAAM,cAAc,4BAAO,IAAI,CAAC,QAAQ,EAAE,UAAC,EAAQ;YAAN,IAAI,UAAA;QAAO,OAAA,IAAI;IAAJ,CAAI,CAAC,SAAC,CAAC;IAE/D,OAAO,IAAI,CAAC,SAAS,uBAEd,cAAc,KACjB,OAAO,wBAAO,OAAO,KAAE,WAAW,EAAE,cAAc,CAAC,MAAM,KACzD,cAAc,EAAE,QAAQ,EACxB,QAAQ,EAAE,cAAc,KAE1B,IAAI,EACJ,CAAC,CACF,CAAC;AACJ,CAAC"}
|
package/built/cli/scanArgs.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanArgs.js","sourceRoot":"","sources":["../../src/cli/scanArgs.ts"],"names":[],"mappings":";;AAAA,6BAA4B;AAG5B,mBAAyB,IAAU;IACjC,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE;QACxB,QAAQ,EAAE,8CAA8C;QACxD,KAAK,EAAE,GAAG;KACX,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE;QACpB,QAAQ,EACN,0FAA0F;QAC5F,OAAO,EAAE,IAAA,WAAI,EAAC,SAAS,EAAE,6BAA6B,CAAC;QACvD,KAAK,EAAE,GAAG;KACX,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;QACzB,QAAQ,EAAE,+BAA+B;QACzC,OAAO,EAAE,uBAAuB;KACjC,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE;QACrB,QAAQ,EACN,uFAAuF;KAC1F,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE;QACjB,QAAQ,EACN,sGAAsG;
|
|
1
|
+
{"version":3,"file":"scanArgs.js","sourceRoot":"","sources":["../../src/cli/scanArgs.ts"],"names":[],"mappings":";;AAAA,6BAA4B;AAG5B,mBAAyB,IAAU;IACjC,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE;QACxB,QAAQ,EAAE,8CAA8C;QACxD,KAAK,EAAE,GAAG;KACX,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE;QACpB,QAAQ,EACN,0FAA0F;QAC5F,OAAO,EAAE,IAAA,WAAI,EAAC,SAAS,EAAE,6BAA6B,CAAC;QACvD,KAAK,EAAE,GAAG;KACX,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;QACzB,QAAQ,EAAE,+BAA+B;QACzC,OAAO,EAAE,uBAAuB;KACjC,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE;QACrB,QAAQ,EACN,uFAAuF;KAC1F,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE;QACjB,QAAQ,EACN,sGAAsG;QACxG,KAAK,EAAE,GAAG;KACX,CAAC,CAAC;AACL,CAAC;AAxBD,4BAwBC"}
|
package/built/cli.js
CHANGED
|
@@ -9,6 +9,9 @@ var command_1 = __importDefault(require("./cli/scan/command"));
|
|
|
9
9
|
var command_2 = __importDefault(require("./cli/upload/command"));
|
|
10
10
|
var command_3 = __importDefault(require("./cli/ci/command"));
|
|
11
11
|
var command_4 = __importDefault(require("./cli/merge/command"));
|
|
12
|
+
var util_1 = require("./rules/lib/util");
|
|
13
|
+
var errors_1 = require("./errors");
|
|
14
|
+
var exitCode_1 = require("./cli/exitCode");
|
|
12
15
|
(0, yargs_1.default)(process.argv.slice(2))
|
|
13
16
|
.option('verbose', {
|
|
14
17
|
describe: 'Show verbose output',
|
|
@@ -20,11 +23,25 @@ var command_4 = __importDefault(require("./cli/merge/command"));
|
|
|
20
23
|
.command(command_4.default)
|
|
21
24
|
.fail(function (msg, err, yargs) {
|
|
22
25
|
if (msg) {
|
|
23
|
-
console.
|
|
24
|
-
console.
|
|
26
|
+
console.warn(yargs.help());
|
|
27
|
+
console.warn(msg);
|
|
25
28
|
}
|
|
26
29
|
else if (err) {
|
|
27
|
-
|
|
30
|
+
if ((0, util_1.verbose)()) {
|
|
31
|
+
console.error(err);
|
|
32
|
+
}
|
|
33
|
+
else {
|
|
34
|
+
console.error(err.message);
|
|
35
|
+
}
|
|
36
|
+
if (err instanceof errors_1.ValidationError) {
|
|
37
|
+
process.exit(exitCode_1.ExitCode.ValidationError);
|
|
38
|
+
}
|
|
39
|
+
if (err instanceof errors_1.AbortError) {
|
|
40
|
+
process.exit(exitCode_1.ExitCode.AbortError);
|
|
41
|
+
}
|
|
42
|
+
if (err instanceof Error) {
|
|
43
|
+
process.exit(exitCode_1.ExitCode.RuntimeError);
|
|
44
|
+
}
|
|
28
45
|
}
|
|
29
46
|
process.exit(1);
|
|
30
47
|
})
|
package/built/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";;;;;;AAEA,gDAA0B;AAC1B,+DAA6C;AAC7C,iEAAiD;AACjD,6DAAyC;AACzC,gEAA+C;
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";;;;;;AAEA,gDAA0B;AAC1B,+DAA6C;AAC7C,iEAAiD;AACjD,6DAAyC;AACzC,gEAA+C;AAC/C,yCAA2C;AAC3C,mCAAuD;AACvD,2CAA0C;AAE1C,IAAA,eAAK,EAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;KACzB,MAAM,CAAC,SAAS,EAAE;IACjB,QAAQ,EAAE,qBAAqB;IAC/B,KAAK,EAAE,GAAG;CACX,CAAC;KACD,OAAO,CAAC,iBAAW,CAAC;KACpB,OAAO,CAAC,iBAAa,CAAC;KACtB,OAAO,CAAC,iBAAS,CAAC;KAClB,OAAO,CAAC,iBAAY,CAAC;KACrB,IAAI,CAAC,UAAC,GAAG,EAAE,GAAG,EAAE,KAAK;IACpB,IAAI,GAAG,EAAE;QACP,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3B,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;KACnB;SAAM,IAAI,GAAG,EAAE;QACd,IAAI,IAAA,cAAO,GAAE,EAAE;YACb,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;SACpB;aAAM;YACL,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;SAC5B;QAED,IAAI,GAAG,YAAY,wBAAe,EAAE;YAClC,OAAO,CAAC,IAAI,CAAC,mBAAQ,CAAC,eAAe,CAAC,CAAC;SACxC;QACD,IAAI,GAAG,YAAY,mBAAU,EAAE;YAC7B,OAAO,CAAC,IAAI,CAAC,mBAAQ,CAAC,UAAU,CAAC,CAAC;SACnC;QACD,IAAI,GAAG,YAAY,KAAK,EAAE;YACxB,OAAO,CAAC,IAAI,CAAC,mBAAQ,CAAC,YAAY,CAAC,CAAC;SACrC;KACF;IACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC;KACD,MAAM,EAAE;KACR,aAAa,EAAE;KACf,IAAI,EAAE,CAAC,IAAI,CAAC"}
|
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
12
|
+
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
|
|
13
|
+
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
|
|
14
|
+
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
15
|
+
function step(op) {
|
|
16
|
+
if (f) throw new TypeError("Generator is already executing.");
|
|
17
|
+
while (_) try {
|
|
18
|
+
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
19
|
+
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
20
|
+
switch (op[0]) {
|
|
21
|
+
case 0: case 1: t = op; break;
|
|
22
|
+
case 4: _.label++; return { value: op[1], done: false };
|
|
23
|
+
case 5: _.label++; y = op[1]; op = [0]; continue;
|
|
24
|
+
case 7: op = _.ops.pop(); _.trys.pop(); continue;
|
|
25
|
+
default:
|
|
26
|
+
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
|
|
27
|
+
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
|
|
28
|
+
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
|
|
29
|
+
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
|
|
30
|
+
if (t[2]) _.ops.pop();
|
|
31
|
+
_.trys.pop(); continue;
|
|
32
|
+
}
|
|
33
|
+
op = body.call(thisArg, _);
|
|
34
|
+
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
|
|
35
|
+
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
36
|
+
}
|
|
37
|
+
};
|
|
38
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
39
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
40
|
+
};
|
|
41
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
42
|
+
exports.exists = void 0;
|
|
43
|
+
var src_1 = require("@appland/client/dist/src");
|
|
44
|
+
var util_1 = require("../../../rules/lib/util");
|
|
45
|
+
var retry_1 = __importDefault(require("../retry"));
|
|
46
|
+
function exists(appId, retryOptions) {
|
|
47
|
+
if (retryOptions === void 0) { retryOptions = {}; }
|
|
48
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
49
|
+
function makeRequest() {
|
|
50
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
51
|
+
var requestPath, request;
|
|
52
|
+
return __generator(this, function (_a) {
|
|
53
|
+
switch (_a.label) {
|
|
54
|
+
case 0:
|
|
55
|
+
requestPath = ['api', appId].join('/');
|
|
56
|
+
return [4 /*yield*/, (0, src_1.buildRequest)(requestPath)];
|
|
57
|
+
case 1:
|
|
58
|
+
request = _a.sent();
|
|
59
|
+
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
60
|
+
var req = request.requestFunction(request.url, {
|
|
61
|
+
method: 'HEAD',
|
|
62
|
+
headers: request.headers,
|
|
63
|
+
}, resolve);
|
|
64
|
+
req.on('error', (0, src_1.retryOnError)(retrier, resolve, reject));
|
|
65
|
+
req.end();
|
|
66
|
+
}).then((0, src_1.retryOn503)(retrier))];
|
|
67
|
+
}
|
|
68
|
+
});
|
|
69
|
+
});
|
|
70
|
+
}
|
|
71
|
+
var commandDescription, retrier;
|
|
72
|
+
var _this = this;
|
|
73
|
+
return __generator(this, function (_a) {
|
|
74
|
+
commandDescription = "Checking if app " + appId + " exists";
|
|
75
|
+
if ((0, util_1.verbose)())
|
|
76
|
+
console.log(commandDescription);
|
|
77
|
+
retrier = (0, retry_1.default)(commandDescription, retryOptions, makeRequest);
|
|
78
|
+
return [2 /*return*/, makeRequest().then(function (response) { return __awaiter(_this, void 0, void 0, function () {
|
|
79
|
+
return __generator(this, function (_a) {
|
|
80
|
+
if ((0, util_1.verbose)())
|
|
81
|
+
console.log(commandDescription + ": statusCode=" + response.statusCode);
|
|
82
|
+
if (!response.statusCode) {
|
|
83
|
+
throw new Error('No status code was provided by the server');
|
|
84
|
+
}
|
|
85
|
+
if (response.statusCode === 404) {
|
|
86
|
+
return [2 /*return*/, false];
|
|
87
|
+
}
|
|
88
|
+
else if (response.statusCode < 300) {
|
|
89
|
+
return [2 /*return*/, true];
|
|
90
|
+
}
|
|
91
|
+
throw new Error("Unexpected status code: " + response.statusCode);
|
|
92
|
+
});
|
|
93
|
+
}); })];
|
|
94
|
+
});
|
|
95
|
+
});
|
|
96
|
+
}
|
|
97
|
+
exports.exists = exists;
|
|
98
|
+
//# sourceMappingURL=exists.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"exists.js","sourceRoot":"","sources":["../../../../src/integration/appland/app/exists.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,gDAAkF;AAClF,gDAAkD;AAElD,mDAA6B;AAE7B,SAAsB,MAAM,CAAC,KAAa,EAAE,YAA+B;IAA/B,6BAAA,EAAA,iBAA+B;;QAMzE,SAAe,WAAW;;;;;;4BAClB,WAAW,GAAG,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;4BAC7B,qBAAM,IAAA,kBAAY,EAAC,WAAW,CAAC,EAAA;;4BAAzC,OAAO,GAAG,SAA+B;4BAC/C,sBAAO,IAAI,OAAO,CAAkB,UAAC,OAAO,EAAE,MAAM;oCAClD,IAAM,GAAG,GAAG,OAAO,CAAC,eAAe,CACjC,OAAO,CAAC,GAAG,EACX;wCACE,MAAM,EAAE,MAAM;wCACd,OAAO,EAAE,OAAO,CAAC,OAAO;qCACzB,EACD,OAAO,CACR,CAAC;oCACF,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,IAAA,kBAAY,EAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC;oCACxD,GAAG,CAAC,GAAG,EAAE,CAAC;gCACZ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAA,gBAAU,EAAC,OAAO,CAAC,CAAC,EAAC;;;;SAC9B;;;;YApBK,kBAAkB,GAAG,qBAAmB,KAAK,YAAS,CAAC;YAC7D,IAAI,IAAA,cAAO,GAAE;gBAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YAEzC,OAAO,GAAG,IAAA,eAAK,EAAC,kBAAkB,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;YAmBrE,sBAAO,WAAW,EAAE,CAAC,IAAI,CAAC,UAAO,QAAyB;;wBACxD,IAAI,IAAA,cAAO,GAAE;4BAAE,OAAO,CAAC,GAAG,CAAI,kBAAkB,qBAAgB,QAAQ,CAAC,UAAY,CAAC,CAAC;wBAEvF,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE;4BACxB,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;yBAC9D;wBACD,IAAI,QAAQ,CAAC,UAAU,KAAK,GAAG,EAAE;4BAC/B,sBAAO,KAAK,EAAC;yBACd;6BAAM,IAAI,QAAQ,CAAC,UAAW,GAAG,GAAG,EAAE;4BACrC,sBAAO,IAAI,EAAC;yBACb;wBACD,MAAM,IAAI,KAAK,CAAC,6BAA2B,QAAQ,CAAC,UAAY,CAAC,CAAC;;qBACnE,CAAC,EAAC;;;CACJ;AApCD,wBAoCC"}
|
|
@@ -21,7 +21,7 @@ Finds all events labeled `deserialize.unsafe`, that are not a descendant of an e
|
|
|
21
21
|
`deserialize.safe`. For each of these events, all event parameters are checked.
|
|
22
22
|
|
|
23
23
|
Each parameter whose type is `string` or `object` is verified to ensure that it's trusted. For data
|
|
24
|
-
to be trusted, it must be the return value of a function labeled `sanitize`.
|
|
24
|
+
to be trusted, it must be the return value of a function labeled `deserialize.sanitize`.
|
|
25
25
|
|
|
26
26
|
### Notes
|
|
27
27
|
|
|
@@ -31,8 +31,8 @@ that executes code shortly after deserialization.
|
|
|
31
31
|
### Resolution
|
|
32
32
|
|
|
33
33
|
If you can guarantee that you are using unsafe deserialization in a safe way, but it's not possible
|
|
34
|
-
to obtain the raw data from a function labeled `sanitize`, you can wrap the
|
|
35
|
-
function labeled `deserialize.safe`.
|
|
34
|
+
to obtain the raw data from a function labeled `deserialize.sanitize`, you can wrap the
|
|
35
|
+
deserialization in a function labeled `deserialize.safe`.
|
|
36
36
|
|
|
37
37
|
If you need to deserialize untrusted data, JSON is often a good choice as it is only capable of
|
|
38
38
|
returning ‘primitive’ types such as strings, arrays, hashes, numbers and nil. If you need to
|
|
@@ -14,3 +14,26 @@ labels:
|
|
|
14
14
|
Find occurrances of system command execution in which the command string is not guaranteed to be
|
|
15
15
|
safe.
|
|
16
16
|
|
|
17
|
+
### Rule logic
|
|
18
|
+
|
|
19
|
+
Find all events labeled `system.exec` that are not a descendant of an event labeled
|
|
20
|
+
`system.exec.safe`. For each of these events, all event parameters are checked.
|
|
21
|
+
|
|
22
|
+
Each parameter whose type is `string` or `object` is verified to ensure that it's trusted. For data
|
|
23
|
+
to be trusted, it must be the return value of a function labeled `system.exec.sanitize`.
|
|
24
|
+
|
|
25
|
+
### Resolution
|
|
26
|
+
|
|
27
|
+
If you can guarantee that you are using system command execution in a safe way, but it's not
|
|
28
|
+
possible to obtain the raw data from a function labeled `system.exec.sanitize`, you can wrap the
|
|
29
|
+
system command in a function labeled `system.exec.safe`.
|
|
30
|
+
|
|
31
|
+
### Options
|
|
32
|
+
|
|
33
|
+
None
|
|
34
|
+
|
|
35
|
+
### Examples
|
|
36
|
+
|
|
37
|
+
```yaml
|
|
38
|
+
- rule: execOfUntrustedCommand
|
|
39
|
+
```
|