@appland/scanner 1.50.0 → 1.52.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/built/cli/ci/command.js +5 -5
- package/built/cli/ci/command.js.map +1 -1
- package/built/cli/resolveAppId.js +24 -2
- package/built/cli/resolveAppId.js.map +1 -1
- package/built/cli/scan/command.js +23 -15
- package/built/cli/scan/command.js.map +1 -1
- package/built/cli/scanArgs.js +1 -0
- package/built/cli/scanArgs.js.map +1 -1
- package/built/cli.js +20 -3
- package/built/cli.js.map +1 -1
- package/built/configuration/configurationProvider.js +130 -7
- package/built/configuration/configurationProvider.js.map +1 -1
- package/built/integration/appland/app/exists.js +98 -0
- package/built/integration/appland/app/exists.js.map +1 -0
- package/built/ruleChecker.js +4 -0
- package/built/ruleChecker.js.map +1 -1
- package/built/rules/http500/metadata.js +12 -0
- package/built/rules/http500/metadata.js.map +1 -0
- package/built/rules/http500/rule.js +10 -0
- package/built/rules/http500/rule.js.map +1 -0
- package/built/rules/lib/metadata.js +3 -0
- package/built/rules/lib/metadata.js.map +1 -0
- package/built/rules/lib/util.js +15 -1
- package/built/rules/lib/util.js.map +1 -1
- package/doc/rules/deserializationOfUntrustedData.md +3 -3
- package/doc/rules/execOfUntrustedCommand.md +23 -0
- package/package.json +2 -2
- package/built/rules/http500.js +0 -27
- package/built/rules/http500.js.map +0 -1
package/built/cli/ci/command.js
CHANGED
|
@@ -102,7 +102,7 @@ exports.default = {
|
|
|
102
102
|
},
|
|
103
103
|
handler: function (options) {
|
|
104
104
|
return __awaiter(this, void 0, void 0, function () {
|
|
105
|
-
var _a, appmapDir, config, isVerbose, failOption, appIdArg, reportFile, doUpload, updateCommitStatusOption, mergeKey, commit, branch, environment, glob, files,
|
|
105
|
+
var _a, appmapDir, config, isVerbose, failOption, appIdArg, reportFile, doUpload, updateCommitStatusOption, mergeKey, commit, branch, environment, appId, glob, files, configData, scanner, _b, rawScanResults, findingStatuses, scanResults, uploadResponse, err_1;
|
|
106
106
|
return __generator(this, function (_c) {
|
|
107
107
|
switch (_c.label) {
|
|
108
108
|
case 0:
|
|
@@ -119,13 +119,13 @@ exports.default = {
|
|
|
119
119
|
return [4 /*yield*/, (0, validateFile_1.default)('directory', appmapDir)];
|
|
120
120
|
case 2:
|
|
121
121
|
_c.sent();
|
|
122
|
+
return [4 /*yield*/, (0, resolveAppId_1.default)(appIdArg, appmapDir)];
|
|
123
|
+
case 3:
|
|
124
|
+
appId = _c.sent();
|
|
122
125
|
glob = (0, util_1.promisify)(glob_1.glob);
|
|
123
126
|
return [4 /*yield*/, glob(appmapDir + "/**/*.appmap.json")];
|
|
124
|
-
case 3:
|
|
125
|
-
files = _c.sent();
|
|
126
|
-
return [4 /*yield*/, (0, resolveAppId_1.default)(appIdArg, appmapDir)];
|
|
127
127
|
case 4:
|
|
128
|
-
|
|
128
|
+
files = _c.sent();
|
|
129
129
|
return [4 /*yield*/, (0, configurationProvider_1.parseConfigFile)(config)];
|
|
130
130
|
case 5:
|
|
131
131
|
configData = _c.sent();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"command.js","sourceRoot":"","sources":["../../../src/cli/ci/command.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6BAA4C;AAC5C,wCAAwC;AACxC,6BAAiC;AAKjC,mFAA4E;AAC5E,uCAA2D;AAE3D,6CAA+C;AAC/C,2CAA6C;AAC7C,+EAAyD;AACzD,6EAAuD;AAEvD,wCAAuC;AACvC,iEAA2C;AAC3C,iEAA2C;AAC3C,qDAA+B;AAC/B,4DAA0D;AAG1D,yDAAmC;AACnC,6EAAuD;AACvD,uEAAiD;AACjD,iDAA2B;AAC3B,uEAAiD;AAEjD,kBAAe;IACb,OAAO,EAAE,IAAI;IACb,QAAQ,EAAE,uEAAuE;IACjF,OAAO,EAAP,UAAQ,IAAU;QAChB,IAAA,kBAAQ,EAAC,IAAI,CAAC,CAAC;QACf,IAAA,yBAAe,EAAC,IAAI,CAAC,CAAC;QAEtB,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE;YAClB,QAAQ,EAAE,yDAAyD;YACnE,OAAO,EAAE,KAAK;YACd,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE;YAClC,QAAQ,EAAE,oCAAoC;YAC9C,OAAO,EAAE,KAAK;YACd,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE;YACpB,QAAQ,EAAE,kCAAkC;YAC5C,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE;YACvB,QAAQ,EAAE,8EAA8E;SACzF,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;IACvB,CAAC;IACK,OAAO,EAAb,UAAc,OAAkB;;;;;;wBACxB,KAaF,OAAoC,EAZtC,SAAS,eAAA,EACT,MAAM,YAAA,EACG,SAAS,aAAA,EACZ,UAAU,UAAA,EACX,QAAQ,SAAA,EACb,UAAU,gBAAA,EACF,QAAQ,YAAA,EACI,wBAAwB,wBAAA,EAC5C,QAAQ,cAAA,EACR,MAAM,YAAA,EACN,MAAM,YAAA,EACN,WAAW,iBAAA,CAC4B;wBAEzC,IAAI,SAAS,EAAE;4BACb,IAAA,cAAO,EAAC,IAAI,CAAC,CAAC;yBACf;;;;wBAGC,IAAI,CAAC,SAAS,EAAE;4BACd,MAAM,IAAI,wBAAe,CAAC,0BAA0B,CAAC,CAAC;yBACvD;wBAED,qBAAM,IAAA,sBAAY,EAAC,WAAW,EAAE,SAAU,CAAC,EAAA;;wBAA3C,SAA2C,CAAC;
|
|
1
|
+
{"version":3,"file":"command.js","sourceRoot":"","sources":["../../../src/cli/ci/command.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6BAA4C;AAC5C,wCAAwC;AACxC,6BAAiC;AAKjC,mFAA4E;AAC5E,uCAA2D;AAE3D,6CAA+C;AAC/C,2CAA6C;AAC7C,+EAAyD;AACzD,6EAAuD;AAEvD,wCAAuC;AACvC,iEAA2C;AAC3C,iEAA2C;AAC3C,qDAA+B;AAC/B,4DAA0D;AAG1D,yDAAmC;AACnC,6EAAuD;AACvD,uEAAiD;AACjD,iDAA2B;AAC3B,uEAAiD;AAEjD,kBAAe;IACb,OAAO,EAAE,IAAI;IACb,QAAQ,EAAE,uEAAuE;IACjF,OAAO,EAAP,UAAQ,IAAU;QAChB,IAAA,kBAAQ,EAAC,IAAI,CAAC,CAAC;QACf,IAAA,yBAAe,EAAC,IAAI,CAAC,CAAC;QAEtB,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE;YAClB,QAAQ,EAAE,yDAAyD;YACnE,OAAO,EAAE,KAAK;YACd,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE;YAClC,QAAQ,EAAE,oCAAoC;YAC9C,OAAO,EAAE,KAAK;YACd,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE;YACpB,QAAQ,EAAE,kCAAkC;YAC5C,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE;YACvB,QAAQ,EAAE,8EAA8E;SACzF,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;IACvB,CAAC;IACK,OAAO,EAAb,UAAc,OAAkB;;;;;;wBACxB,KAaF,OAAoC,EAZtC,SAAS,eAAA,EACT,MAAM,YAAA,EACG,SAAS,aAAA,EACZ,UAAU,UAAA,EACX,QAAQ,SAAA,EACb,UAAU,gBAAA,EACF,QAAQ,YAAA,EACI,wBAAwB,wBAAA,EAC5C,QAAQ,cAAA,EACR,MAAM,YAAA,EACN,MAAM,YAAA,EACN,WAAW,iBAAA,CAC4B;wBAEzC,IAAI,SAAS,EAAE;4BACb,IAAA,cAAO,EAAC,IAAI,CAAC,CAAC;yBACf;;;;wBAGC,IAAI,CAAC,SAAS,EAAE;4BACd,MAAM,IAAI,wBAAe,CAAC,0BAA0B,CAAC,CAAC;yBACvD;wBAED,qBAAM,IAAA,sBAAY,EAAC,WAAW,EAAE,SAAU,CAAC,EAAA;;wBAA3C,SAA2C,CAAC;wBAC9B,qBAAM,IAAA,sBAAY,EAAC,QAAQ,EAAE,SAAS,CAAC,EAAA;;wBAA/C,KAAK,GAAG,SAAuC;wBAE/C,IAAI,GAAG,IAAA,gBAAS,EAAC,WAAY,CAAC,CAAC;wBACvB,qBAAM,IAAI,CAAI,SAAS,sBAAmB,CAAC,EAAA;;wBAAnD,KAAK,GAAG,SAA2C;wBAEtC,qBAAM,IAAA,uCAAe,EAAC,MAAM,CAAC,EAAA;;wBAA1C,UAAU,GAAG,SAA6B;wBAEhC,qBAAM,IAAA,iBAAY,EAAC,KAAK,EAAE,UAAU,EAAE,KAAK,CAAC,EAAA;;wBAAtD,OAAO,GAAG,SAA4C;wBAG1D,qBAAM,OAAO,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,OAAO,CAAC,kBAAkB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,EAAA;;wBADhF,KAAA,sBACJ,SAAoF,KAAA,EAD/E,cAAc,QAAA,EAAE,eAAe,QAAA;wBAGtC,6BAA6B;wBAC7B,qBAAM,IAAA,oBAAS,EAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAA;;wBADpE,6BAA6B;wBAC7B,SAAoE,CAAC;wBAE/D,WAAW,GAAG,cAAc,CAAC,YAAY,CAC7C,IAAA,sBAAW,EAAC,cAAc,CAAC,QAAQ,EAAE,eAAe,CAAC,CACtD,CAAC;wBAEF,IAAA,wBAAc,EAAC,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,cAAc,CAAC,CAAC;wBACjE,IAAA,uBAAa,EAAC,WAAW,EAAE,IAAI,CAAC,CAAC;6BAE7B,QAAQ,EAAR,yBAAQ;wBACa,qBAAM,IAAA,gBAAM,EACjC,cAAc,EACd,KAAK,EACL,SAAS,EACT,QAAQ,EACR;gCACE,MAAM,QAAA;gCACN,MAAM,QAAA;gCACN,WAAW,aAAA;6BACZ,EACD;gCACE,UAAU,EAAE,CAAC;6BACd,CACF,EAAA;;wBAbK,cAAc,GAAG,SAatB;wBACD,IAAA,yBAAe,EAAC,cAAc,CAAC,OAAO,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,CAAC,CAAC;;;6BAGtE,wBAAwB,EAAxB,yBAAwB;wBAC1B,qBAAM,IAAA,4BAAkB,EAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,SAAS,CAAC,EAAA;;wBAApF,SAAoF,CAAC;;;wBAGvF,IAAI,UAAU,EAAE;4BACd,IAAA,cAAI,EAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;yBACnC;;;;wBAED,IAAI,KAAG,YAAY,wBAAe,EAAE;4BAClC,OAAO,CAAC,IAAI,CAAC,KAAG,CAAC,OAAO,CAAC,CAAC;4BAC1B,sBAAO,OAAO,CAAC,IAAI,CAAC,mBAAQ,CAAC,eAAe,CAAC,EAAC;yBAC/C;wBACD,IAAI,KAAG,YAAY,mBAAU,EAAE;4BAC7B,sBAAO,OAAO,CAAC,IAAI,CAAC,mBAAQ,CAAC,UAAU,CAAC,EAAC;yBAC1C;wBACD,IAAI,CAAC,cAAO,IAAI,KAAG,YAAY,KAAK,EAAE;4BACpC,OAAO,CAAC,KAAK,CAAC,KAAG,CAAC,OAAO,CAAC,CAAC;4BAC3B,sBAAO,OAAO,CAAC,IAAI,CAAC,mBAAQ,CAAC,YAAY,CAAC,EAAC;yBAC5C;wBAED,MAAM,KAAG,CAAC;;;;;KAEb;CACF,CAAC"}
|
|
@@ -40,8 +40,9 @@ var fs_1 = require("fs");
|
|
|
40
40
|
var promises_1 = require("fs/promises");
|
|
41
41
|
var js_yaml_1 = require("js-yaml");
|
|
42
42
|
var path_1 = require("path");
|
|
43
|
+
var exists_1 = require("../integration/appland/app/exists");
|
|
43
44
|
var errors_1 = require("../errors");
|
|
44
|
-
function
|
|
45
|
+
function resolveAppId(appIdArg, appMapDir) {
|
|
45
46
|
return __awaiter(this, void 0, void 0, function () {
|
|
46
47
|
var searchPath, configPath, _a, configContent, config;
|
|
47
48
|
return __generator(this, function (_b) {
|
|
@@ -74,7 +75,28 @@ function default_1(appIdArg, appMapDir) {
|
|
|
74
75
|
if (config.name)
|
|
75
76
|
return [2 /*return*/, config.name];
|
|
76
77
|
return [3 /*break*/, 1];
|
|
77
|
-
case 7:
|
|
78
|
+
case 7: return [2 /*return*/];
|
|
79
|
+
}
|
|
80
|
+
});
|
|
81
|
+
});
|
|
82
|
+
}
|
|
83
|
+
function default_1(appIdArg, appMapDir) {
|
|
84
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
85
|
+
var appId, appExists;
|
|
86
|
+
return __generator(this, function (_a) {
|
|
87
|
+
switch (_a.label) {
|
|
88
|
+
case 0: return [4 /*yield*/, resolveAppId(appIdArg, appMapDir)];
|
|
89
|
+
case 1:
|
|
90
|
+
appId = _a.sent();
|
|
91
|
+
if (!appId)
|
|
92
|
+
throw new errors_1.ValidationError('App was not provided and could not be resolved');
|
|
93
|
+
return [4 /*yield*/, (0, exists_1.exists)(appId)];
|
|
94
|
+
case 2:
|
|
95
|
+
appExists = _a.sent();
|
|
96
|
+
if (!appExists) {
|
|
97
|
+
throw new errors_1.ValidationError("App \"" + appId + "\" is not valid or does not exist.\nPlease fix the app name in the appmap.yml file, or override it with the --app option.");
|
|
98
|
+
}
|
|
99
|
+
return [2 /*return*/, appId];
|
|
78
100
|
}
|
|
79
101
|
});
|
|
80
102
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"resolveAppId.js","sourceRoot":"","sources":["../../src/cli/resolveAppId.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,yBAA8C;AAC9C,wCAA+C;AAC/C,mCAA+B;AAC/B,6BAA8C;AAC9C,oCAA4C;AAE5C,
|
|
1
|
+
{"version":3,"file":"resolveAppId.js","sourceRoot":"","sources":["../../src/cli/resolveAppId.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,yBAA8C;AAC9C,wCAA+C;AAC/C,mCAA+B;AAC/B,6BAA8C;AAC9C,4DAA2D;AAC3D,oCAA4C;AAE5C,SAAe,YAAY,CACzB,QAA4B,EAC5B,SAA6B;;;;;;oBAE7B,IAAI,QAAQ,EAAE;wBACZ,sBAAO,QAAQ,EAAC;qBACjB;yBAEG,SAAS,EAAT,wBAAS;oBACP,UAAU,GAAG,IAAA,cAAO,EAAC,SAAS,CAAC,CAAC;;;yBAC7B,CAAA,UAAU,KAAK,GAAG,IAAI,UAAU,KAAK,GAAG,CAAA;oBACvC,UAAU,GAAG,IAAA,WAAI,EAAC,UAAU,EAAE,YAAY,CAAC,CAAC;;;;oBAGhD,qBAAM,IAAA,iBAAM,EAAC,UAAU,EAAE,cAAW,CAAC,IAAI,CAAC,EAAA;;oBAA1C,SAA0C,CAAC;;;;oBAE3C,UAAU,GAAG,IAAA,cAAO,EAAC,UAAU,CAAC,CAAC;oBACjC,wBAAS;wBAGW,qBAAM,IAAA,mBAAQ,EAAC,UAAU,EAAE,OAAO,CAAC,EAAA;;oBAAnD,aAAa,GAAG,SAAmC;oBACnD,MAAM,GAAG,IAAA,cAAI,EAAC,aAAa,CAAsB,CAAC;oBACxD,IAAI,MAAM,CAAC,IAAI;wBAAE,sBAAO,MAAM,CAAC,IAAI,EAAC;;;;;;CAGzC;AAED,mBACE,QAA4B,EAC5B,SAA6B;;;;;wBAEf,qBAAM,YAAY,CAAC,QAAQ,EAAE,SAAS,CAAC,EAAA;;oBAA/C,KAAK,GAAG,SAAuC;oBACrD,IAAI,CAAC,KAAK;wBAAE,MAAM,IAAI,wBAAe,CAAC,gDAAgD,CAAC,CAAC;oBAEtE,qBAAM,IAAA,eAAM,EAAC,KAAK,CAAC,EAAA;;oBAA/B,SAAS,GAAG,SAAmB;oBACrC,IAAI,CAAC,SAAS,EAAE;wBACd,MAAM,IAAI,wBAAe,CACvB,WAAQ,KAAK,8HAA0H,CACxI,CAAC;qBACH;oBAED,sBAAO,KAAK,EAAC;;;;CACd;AAfD,4BAeC"}
|
|
@@ -98,6 +98,7 @@ var summaryReport_1 = __importDefault(require("../../report/summaryReport"));
|
|
|
98
98
|
var validateFile_1 = __importDefault(require("../validateFile"));
|
|
99
99
|
var scanner_1 = __importDefault(require("./scanner"));
|
|
100
100
|
var scanArgs_1 = __importDefault(require("../scanArgs"));
|
|
101
|
+
var resolveAppId_1 = __importDefault(require("../resolveAppId"));
|
|
101
102
|
exports.default = {
|
|
102
103
|
command: 'scan',
|
|
103
104
|
describe: 'Scan AppMaps for code behavior findings',
|
|
@@ -120,7 +121,7 @@ exports.default = {
|
|
|
120
121
|
},
|
|
121
122
|
handler: function (options) {
|
|
122
123
|
return __awaiter(this, void 0, void 0, function () {
|
|
123
|
-
var _a, appmapDir, appmapFile, config, isVerbose, reportAllFindings, appIdArg, apiKey, ide, reportFile, files, glob, configData, scanner, startTime, _b, rawScanResults, findingStatuses, scanResults, elapsed, numChecks;
|
|
124
|
+
var _a, appmapDir, appmapFile, config, isVerbose, reportAllFindings, appIdArg, apiKey, ide, reportFile, appId, files, glob, configData, scanner, startTime, _b, rawScanResults, findingStatuses, scanResults, elapsed, numChecks;
|
|
124
125
|
return __generator(this, function (_c) {
|
|
125
126
|
switch (_c.label) {
|
|
126
127
|
case 0:
|
|
@@ -137,38 +138,45 @@ exports.default = {
|
|
|
137
138
|
if (!appmapFile && !appmapDir) {
|
|
138
139
|
throw new errors_1.ValidationError('Either --appmap-dir or --appmap-file is required');
|
|
139
140
|
}
|
|
141
|
+
appId = appIdArg;
|
|
142
|
+
if (!!reportAllFindings) return [3 /*break*/, 2];
|
|
143
|
+
return [4 /*yield*/, (0, resolveAppId_1.default)(appIdArg, appmapDir)];
|
|
144
|
+
case 1:
|
|
145
|
+
appId = _c.sent();
|
|
146
|
+
_c.label = 2;
|
|
147
|
+
case 2:
|
|
140
148
|
files = [];
|
|
141
|
-
if (!appmapDir) return [3 /*break*/,
|
|
149
|
+
if (!appmapDir) return [3 /*break*/, 5];
|
|
142
150
|
return [4 /*yield*/, (0, validateFile_1.default)('directory', appmapDir)];
|
|
143
|
-
case
|
|
151
|
+
case 3:
|
|
144
152
|
_c.sent();
|
|
145
153
|
glob = (0, util_1.promisify)(glob_1.glob);
|
|
146
154
|
return [4 /*yield*/, glob(appmapDir + "/**/*.appmap.json")];
|
|
147
|
-
case
|
|
155
|
+
case 4:
|
|
148
156
|
files = _c.sent();
|
|
149
|
-
_c.label =
|
|
150
|
-
case
|
|
151
|
-
if (!appmapFile) return [3 /*break*/,
|
|
157
|
+
_c.label = 5;
|
|
158
|
+
case 5:
|
|
159
|
+
if (!appmapFile) return [3 /*break*/, 7];
|
|
152
160
|
return [4 /*yield*/, (0, validateFile_1.default)('file', appmapFile)];
|
|
153
|
-
case
|
|
161
|
+
case 6:
|
|
154
162
|
_c.sent();
|
|
155
163
|
files = [appmapFile];
|
|
156
|
-
_c.label =
|
|
157
|
-
case
|
|
158
|
-
case
|
|
164
|
+
_c.label = 7;
|
|
165
|
+
case 7: return [4 /*yield*/, (0, configurationProvider_1.parseConfigFile)(config)];
|
|
166
|
+
case 8:
|
|
159
167
|
configData = _c.sent();
|
|
160
168
|
return [4 /*yield*/, (0, scanner_1.default)(reportAllFindings, configData, files).catch(function (error) {
|
|
161
169
|
throw new errors_1.ValidationError(error.message + '\nUse --all to perform an offline scan.');
|
|
162
170
|
})];
|
|
163
|
-
case
|
|
171
|
+
case 9:
|
|
164
172
|
scanner = _c.sent();
|
|
165
173
|
startTime = Date.now();
|
|
166
|
-
return [4 /*yield*/, Promise.all([scanner.scan(), scanner.fetchFindingStatus(
|
|
167
|
-
case
|
|
174
|
+
return [4 /*yield*/, Promise.all([scanner.scan(), scanner.fetchFindingStatus(appId, appmapDir)])];
|
|
175
|
+
case 10:
|
|
168
176
|
_b = __read.apply(void 0, [_c.sent(), 2]), rawScanResults = _b[0], findingStatuses = _b[1];
|
|
169
177
|
// Always report the raw data
|
|
170
178
|
return [4 /*yield*/, (0, promises_1.writeFile)(reportFile, formatReport(rawScanResults))];
|
|
171
|
-
case
|
|
179
|
+
case 11:
|
|
172
180
|
// Always report the raw data
|
|
173
181
|
_c.sent();
|
|
174
182
|
if (reportAllFindings) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"command.js","sourceRoot":"","sources":["../../../src/cli/scan/command.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6BAA4C;AAC5C,wCAAwC;AACxC,6BAAiC;AAKjC,mFAA4E;AAC5E,uCAA+C;AAE/C,6CAA+C;AAC/C,2CAA6C;AAC7C,+EAAyD;AACzD,6EAAuD;AAEvD,iEAA2C;AAG3C,sDAAoD;AACpD,yDAAmC;
|
|
1
|
+
{"version":3,"file":"command.js","sourceRoot":"","sources":["../../../src/cli/scan/command.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6BAA4C;AAC5C,wCAAwC;AACxC,6BAAiC;AAKjC,mFAA4E;AAC5E,uCAA+C;AAE/C,6CAA+C;AAC/C,2CAA6C;AAC7C,+EAAyD;AACzD,6EAAuD;AAEvD,iEAA2C;AAG3C,sDAAoD;AACpD,yDAAmC;AAGnC,iEAA2C;AAE3C,kBAAe;IACb,OAAO,EAAE,MAAM;IACf,QAAQ,EAAE,yCAAyC;IACnD,OAAO,EAAP,UAAQ,IAAU;QAChB,IAAA,kBAAQ,EAAC,IAAI,CAAC,CAAC;QAEf,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;YACzB,QAAQ,EAAE,qBAAqB;YAC/B,KAAK,EAAE,GAAG;SACX,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE;YACjB,QAAQ,EAAE,gEAAgE;YAC1E,OAAO,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,CAAC;SACjD,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE;YACjB,QAAQ,EAAE,6DAA6D;YACvE,OAAO,EAAE,KAAK;YACd,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;IACvB,CAAC;IACK,OAAO,EAAb,UAAc,OAAkB;;;;;;wBACxB,KAUF,OAAoC,EATtC,SAAS,eAAA,EACT,UAAU,gBAAA,EACV,MAAM,YAAA,EACG,SAAS,aAAA,EACb,iBAAiB,SAAA,EACjB,QAAQ,SAAA,EACb,MAAM,YAAA,EACN,GAAG,SAAA,EACH,UAAU,gBAAA,CAC6B;wBAEzC,IAAI,SAAS,EAAE;4BACb,IAAA,cAAO,EAAC,IAAI,CAAC,CAAC;yBACf;wBAED,IAAI,MAAM,EAAE;4BACV,OAAO,CAAC,GAAG,CAAC,eAAe,GAAG,MAAM,CAAC;yBACtC;wBAED,IAAI,UAAU,IAAI,SAAS,EAAE;4BAC3B,MAAM,IAAI,wBAAe,CAAC,iDAAiD,CAAC,CAAC;yBAC9E;wBACD,IAAI,CAAC,UAAU,IAAI,CAAC,SAAS,EAAE;4BAC7B,MAAM,IAAI,wBAAe,CAAC,kDAAkD,CAAC,CAAC;yBAC/E;wBAEG,KAAK,GAAG,QAAQ,CAAC;6BACjB,CAAC,iBAAiB,EAAlB,wBAAkB;wBACZ,qBAAM,IAAA,sBAAY,EAAC,QAAQ,EAAE,SAAS,CAAC,EAAA;;wBAA/C,KAAK,GAAG,SAAuC,CAAC;;;wBAG9C,KAAK,GAAa,EAAE,CAAC;6BACrB,SAAS,EAAT,wBAAS;wBACX,qBAAM,IAAA,sBAAY,EAAC,WAAW,EAAE,SAAU,CAAC,EAAA;;wBAA3C,SAA2C,CAAC;wBACtC,IAAI,GAAG,IAAA,gBAAS,EAAC,WAAY,CAAC,CAAC;wBAC7B,qBAAM,IAAI,CAAI,SAAS,sBAAmB,CAAC,EAAA;;wBAAnD,KAAK,GAAG,SAA2C,CAAC;;;6BAElD,UAAU,EAAV,wBAAU;wBACZ,qBAAM,IAAA,sBAAY,EAAC,MAAM,EAAE,UAAU,CAAC,EAAA;;wBAAtC,SAAsC,CAAC;wBACvC,KAAK,GAAG,CAAC,UAAU,CAAC,CAAC;;4BAGJ,qBAAM,IAAA,uCAAe,EAAC,MAAM,CAAC,EAAA;;wBAA1C,UAAU,GAAG,SAA6B;wBAEhC,qBAAM,IAAA,iBAAY,EAAC,iBAAiB,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC,KAAK,CAC5E,UAAC,KAAY;gCACX,MAAM,IAAI,wBAAe,CAAC,KAAK,CAAC,OAAO,GAAG,yCAAyC,CAAC,CAAC;4BACvF,CAAC,CACF,EAAA;;wBAJK,OAAO,GAAG,SAIf;wBAEK,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;wBAEa,qBAAM,OAAO,CAAC,GAAG,CAGzD,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,OAAO,CAAC,kBAAkB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC,EAAA;;wBAH3D,KAAA,sBAAoC,SAGuB,KAAA,EAH1D,cAAc,QAAA,EAAE,eAAe,QAAA;wBAKtC,6BAA6B;wBAC7B,qBAAM,IAAA,oBAAS,EAAC,UAAU,EAAE,YAAY,CAAC,cAAc,CAAC,CAAC,EAAA;;wBADzD,6BAA6B;wBAC7B,SAAyD,CAAC;wBAG1D,IAAI,iBAAiB,EAAE;4BACrB,WAAW,GAAG,cAAc,CAAC;yBAC9B;6BAAM;4BACL,WAAW,GAAG,cAAc,CAAC,YAAY,CACvC,IAAA,sBAAW,EAAC,cAAc,CAAC,QAAQ,EAAE,eAAe,CAAC,CACtD,CAAC;yBACH;wBAED,IAAA,wBAAc,EAAC,WAAW,CAAC,QAAQ,EAAE,WAAW,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC;wBACtE,OAAO,CAAC,GAAG,EAAE,CAAC;wBACd,IAAA,uBAAa,EAAC,WAAW,EAAE,IAAI,CAAC,CAAC;wBACjC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;wBACZ,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;wBAEjC,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,GAAG,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC;wBAC7E,OAAO,CAAC,GAAG,CACT,eAAa,SAAS,mBAAc,OAAO,YAAO,IAAI,CAAC,KAAK,CAC1D,SAAS,GAAG,CAAC,OAAO,GAAG,MAAM,CAAC,CAC/B,iBAAc,CAChB,CAAC;;;;;KACH;CACF,CAAC;AAEF,SAAS,cAAc,CAAC,EAOP;QANC,IAAI,iBAAA,EACD,OAAO,oBAAA,EACJ,UAAU,uBAAA,EACjB,GAAG,gBAAA,EACG,SAAS,sBAAA,EACT,SAAS,sBAAA;IAE9B,IAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC;QAC9B,GAAG,EAAE,IAAI,GAAG,CAAC;QACb,MAAM,EAAE,OAAO,GAAG,CAAC;QACnB,GAAG,EAAE,GAAG,GAAG,CAAC;QACZ,QAAQ,EAAE,SAAS,GAAG,CAAC;QACvB,QAAQ,EAAE,SAAS,GAAG,CAAC;KACxB,CAAC;SACC,MAAM,CAAC,UAAC,EAAK;YAAL,KAAA,aAAK,EAAF,CAAC,QAAA;QAAM,OAAA,CAAC;IAAD,CAAC,CAAC;SACpB,GAAG,CAAC,UAAC,EAAG;YAAH,KAAA,aAAG,EAAF,CAAC,QAAA;QAAM,OAAA,CAAC;IAAD,CAAC,CAAC,CAAC;IAEnB,OAAO,UAAU,QAAkB;QACjC,OAAO,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,UAAC,EAAM;gBAAN,KAAA,aAAM,EAAL,CAAC,QAAA,EAAE,CAAC,QAAA;YACpC,IAAI,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAAE,OAAO,KAAK,CAAC;YACvC,IAAI,CAAC,KAAK,YAAY;gBAAE,OAAQ,CAAC,CAAC,IAAI,EAAE,CAAa,CAAC,MAAM,KAAK,UAAU,CAAC;YAC5E,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CACH,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC;AAED,SAAS,IAAI,CAAO,OAAoB,EAAE,GAAgB;;IACxD,IAAM,MAAM,GAAG,IAAI,GAAG,EAAQ,CAAC;;QAE/B,KAAoB,IAAA,YAAA,SAAA,OAAO,CAAA,gCAAA,qDAAE;YAAxB,IAAM,KAAK,oBAAA;YACd,IAAM,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;YACrB,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;gBAAE,SAAS;YAC5B,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;SACtB;;;;;;;;;IAED,OAAO,MAAM,CAAC,MAAM,EAAE,CAAC;AACzB,CAAC;AAED,0DAA0D;AAC1D,SAAS,YAAY,CAAC,cAA2B;IACzC,IAAA,kBAA6C,cAAc,CAAE,EAA3D,OAAO,aAAA,EAAE,cAAc,oBAAA,EAAE,QAAQ,cAA0B,CAAC;IAEpE,gDAAgD;IAChD,IAAM,MAAM,GAAG,cAAc,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;IACtD,IAAM,QAAQ,GAAG,MAAM,CAAC,WAAW,CACjC,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,UAAC,EAAc;YAAd,KAAA,aAAc,EAAb,EAAE,QAAA,EAAE,QAAQ,QAAA;QAAM,OAAA,CAAC,EAAE,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAAtB,CAAsB,CAAC,CAC/E,CAAC;IAEF,yCAAyC;IACzC,IAAM,cAAc,4BAAO,IAAI,CAAC,QAAQ,EAAE,UAAC,EAAQ;YAAN,IAAI,UAAA;QAAO,OAAA,IAAI;IAAJ,CAAI,CAAC,SAAC,CAAC;IAE/D,OAAO,IAAI,CAAC,SAAS,uBAEd,cAAc,KACjB,OAAO,wBAAO,OAAO,KAAE,WAAW,EAAE,cAAc,CAAC,MAAM,KACzD,cAAc,EAAE,QAAQ,EACxB,QAAQ,EAAE,cAAc,KAE1B,IAAI,EACJ,CAAC,CACF,CAAC;AACJ,CAAC"}
|
package/built/cli/scanArgs.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanArgs.js","sourceRoot":"","sources":["../../src/cli/scanArgs.ts"],"names":[],"mappings":";;AAAA,6BAA4B;AAG5B,mBAAyB,IAAU;IACjC,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE;QACxB,QAAQ,EAAE,8CAA8C;QACxD,KAAK,EAAE,GAAG;KACX,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE;QACpB,QAAQ,EACN,0FAA0F;QAC5F,OAAO,EAAE,IAAA,WAAI,EAAC,SAAS,EAAE,6BAA6B,CAAC;QACvD,KAAK,EAAE,GAAG;KACX,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;QACzB,QAAQ,EAAE,+BAA+B;QACzC,OAAO,EAAE,uBAAuB;KACjC,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE;QACrB,QAAQ,EACN,uFAAuF;KAC1F,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE;QACjB,QAAQ,EACN,sGAAsG;
|
|
1
|
+
{"version":3,"file":"scanArgs.js","sourceRoot":"","sources":["../../src/cli/scanArgs.ts"],"names":[],"mappings":";;AAAA,6BAA4B;AAG5B,mBAAyB,IAAU;IACjC,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE;QACxB,QAAQ,EAAE,8CAA8C;QACxD,KAAK,EAAE,GAAG;KACX,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE;QACpB,QAAQ,EACN,0FAA0F;QAC5F,OAAO,EAAE,IAAA,WAAI,EAAC,SAAS,EAAE,6BAA6B,CAAC;QACvD,KAAK,EAAE,GAAG;KACX,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;QACzB,QAAQ,EAAE,+BAA+B;QACzC,OAAO,EAAE,uBAAuB;KACjC,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE;QACrB,QAAQ,EACN,uFAAuF;KAC1F,CAAC,CAAC;IACH,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE;QACjB,QAAQ,EACN,sGAAsG;QACxG,KAAK,EAAE,GAAG;KACX,CAAC,CAAC;AACL,CAAC;AAxBD,4BAwBC"}
|
package/built/cli.js
CHANGED
|
@@ -9,6 +9,9 @@ var command_1 = __importDefault(require("./cli/scan/command"));
|
|
|
9
9
|
var command_2 = __importDefault(require("./cli/upload/command"));
|
|
10
10
|
var command_3 = __importDefault(require("./cli/ci/command"));
|
|
11
11
|
var command_4 = __importDefault(require("./cli/merge/command"));
|
|
12
|
+
var util_1 = require("./rules/lib/util");
|
|
13
|
+
var errors_1 = require("./errors");
|
|
14
|
+
var exitCode_1 = require("./cli/exitCode");
|
|
12
15
|
(0, yargs_1.default)(process.argv.slice(2))
|
|
13
16
|
.option('verbose', {
|
|
14
17
|
describe: 'Show verbose output',
|
|
@@ -20,11 +23,25 @@ var command_4 = __importDefault(require("./cli/merge/command"));
|
|
|
20
23
|
.command(command_4.default)
|
|
21
24
|
.fail(function (msg, err, yargs) {
|
|
22
25
|
if (msg) {
|
|
23
|
-
console.
|
|
24
|
-
console.
|
|
26
|
+
console.warn(yargs.help());
|
|
27
|
+
console.warn(msg);
|
|
25
28
|
}
|
|
26
29
|
else if (err) {
|
|
27
|
-
|
|
30
|
+
if ((0, util_1.verbose)()) {
|
|
31
|
+
console.error(err);
|
|
32
|
+
}
|
|
33
|
+
else {
|
|
34
|
+
console.error(err.message);
|
|
35
|
+
}
|
|
36
|
+
if (err instanceof errors_1.ValidationError) {
|
|
37
|
+
process.exit(exitCode_1.ExitCode.ValidationError);
|
|
38
|
+
}
|
|
39
|
+
if (err instanceof errors_1.AbortError) {
|
|
40
|
+
process.exit(exitCode_1.ExitCode.AbortError);
|
|
41
|
+
}
|
|
42
|
+
if (err instanceof Error) {
|
|
43
|
+
process.exit(exitCode_1.ExitCode.RuntimeError);
|
|
44
|
+
}
|
|
28
45
|
}
|
|
29
46
|
process.exit(1);
|
|
30
47
|
})
|
package/built/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";;;;;;AAEA,gDAA0B;AAC1B,+DAA6C;AAC7C,iEAAiD;AACjD,6DAAyC;AACzC,gEAA+C;
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";;;;;;AAEA,gDAA0B;AAC1B,+DAA6C;AAC7C,iEAAiD;AACjD,6DAAyC;AACzC,gEAA+C;AAC/C,yCAA2C;AAC3C,mCAAuD;AACvD,2CAA0C;AAE1C,IAAA,eAAK,EAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;KACzB,MAAM,CAAC,SAAS,EAAE;IACjB,QAAQ,EAAE,qBAAqB;IAC/B,KAAK,EAAE,GAAG;CACX,CAAC;KACD,OAAO,CAAC,iBAAW,CAAC;KACpB,OAAO,CAAC,iBAAa,CAAC;KACtB,OAAO,CAAC,iBAAS,CAAC;KAClB,OAAO,CAAC,iBAAY,CAAC;KACrB,IAAI,CAAC,UAAC,GAAG,EAAE,GAAG,EAAE,KAAK;IACpB,IAAI,GAAG,EAAE;QACP,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3B,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;KACnB;SAAM,IAAI,GAAG,EAAE;QACd,IAAI,IAAA,cAAO,GAAE,EAAE;YACb,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;SACpB;aAAM;YACL,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;SAC5B;QAED,IAAI,GAAG,YAAY,wBAAe,EAAE;YAClC,OAAO,CAAC,IAAI,CAAC,mBAAQ,CAAC,eAAe,CAAC,CAAC;SACxC;QACD,IAAI,GAAG,YAAY,mBAAU,EAAE;YAC7B,OAAO,CAAC,IAAI,CAAC,mBAAQ,CAAC,UAAU,CAAC,CAAC;SACnC;QACD,IAAI,GAAG,YAAY,KAAK,EAAE;YACxB,OAAO,CAAC,IAAI,CAAC,mBAAQ,CAAC,YAAY,CAAC,CAAC;SACrC;KACF;IACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC;KACD,MAAM,EAAE;KACR,aAAa,EAAE;KACf,IAAI,EAAE,CAAC,IAAI,CAAC"}
|
|
@@ -58,25 +58,113 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
58
58
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
59
59
|
};
|
|
60
60
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
61
|
-
exports.parseConfigFile = exports.loadConfig = void 0;
|
|
61
|
+
exports.parseConfigFile = exports.loadConfig = exports.loadRule = void 0;
|
|
62
62
|
var ajv_1 = __importDefault(require("ajv"));
|
|
63
63
|
var js_yaml_1 = __importDefault(require("js-yaml"));
|
|
64
64
|
var fs_1 = require("fs");
|
|
65
|
-
var
|
|
66
|
-
var match_pattern_config_json_1 = __importDefault(require("./schema/match-pattern-config.json"));
|
|
65
|
+
var check_1 = __importDefault(require("../check"));
|
|
67
66
|
var util_1 = require("../rules/lib/util");
|
|
68
67
|
var matchEvent_1 = require("../rules/lib/matchEvent");
|
|
69
|
-
var
|
|
68
|
+
var parseRuleDescription_1 = __importDefault(require("../rules/lib/parseRuleDescription"));
|
|
69
|
+
var options_json_1 = __importDefault(require("./schema/options.json"));
|
|
70
|
+
var match_pattern_config_json_1 = __importDefault(require("./schema/match-pattern-config.json"));
|
|
71
|
+
var url_1 = require("url");
|
|
70
72
|
var ajv = new ajv_1.default();
|
|
71
73
|
ajv.addSchema(match_pattern_config_json_1.default);
|
|
74
|
+
function loadFromFile(ruleName) {
|
|
75
|
+
var _this = this;
|
|
76
|
+
return function () { return __awaiter(_this, void 0, void 0, function () {
|
|
77
|
+
var ruleSpec, e_1;
|
|
78
|
+
return __generator(this, function (_a) {
|
|
79
|
+
switch (_a.label) {
|
|
80
|
+
case 0:
|
|
81
|
+
_a.trys.push([0, 2, , 3]);
|
|
82
|
+
return [4 /*yield*/, Promise.resolve().then(function () { return __importStar(require("../rules/" + ruleName)); })];
|
|
83
|
+
case 1:
|
|
84
|
+
ruleSpec = _a.sent();
|
|
85
|
+
return [3 /*break*/, 3];
|
|
86
|
+
case 2:
|
|
87
|
+
e_1 = _a.sent();
|
|
88
|
+
return [2 /*return*/];
|
|
89
|
+
case 3: return [2 /*return*/, ruleSpec.default];
|
|
90
|
+
}
|
|
91
|
+
});
|
|
92
|
+
}); };
|
|
93
|
+
}
|
|
94
|
+
function loadFromDir(ruleName) {
|
|
95
|
+
var _this = this;
|
|
96
|
+
return function () { return __awaiter(_this, void 0, void 0, function () {
|
|
97
|
+
var metadata, rule, options, e_2, _a, _b, description, references;
|
|
98
|
+
return __generator(this, function (_c) {
|
|
99
|
+
switch (_c.label) {
|
|
100
|
+
case 0:
|
|
101
|
+
_c.trys.push([0, 2, , 3]);
|
|
102
|
+
return [4 /*yield*/, Promise.resolve().then(function () { return __importStar(require("../rules/" + ruleName + "/metadata")); })];
|
|
103
|
+
case 1:
|
|
104
|
+
metadata = _c.sent();
|
|
105
|
+
return [3 /*break*/, 3];
|
|
106
|
+
case 2:
|
|
107
|
+
e_2 = _c.sent();
|
|
108
|
+
return [2 /*return*/];
|
|
109
|
+
case 3:
|
|
110
|
+
_c.trys.push([3, 5, , 6]);
|
|
111
|
+
return [4 /*yield*/, Promise.resolve().then(function () { return __importStar(require("../rules/" + ruleName + "/rule")); })];
|
|
112
|
+
case 4:
|
|
113
|
+
rule = (_c.sent()).default;
|
|
114
|
+
return [3 /*break*/, 6];
|
|
115
|
+
case 5:
|
|
116
|
+
_a = _c.sent();
|
|
117
|
+
console.warn("Rule " + ruleName + " has no rule.js or rule.ts file, or the file doesn't have a default export");
|
|
118
|
+
return [2 /*return*/];
|
|
119
|
+
case 6:
|
|
120
|
+
if ((0, util_1.verbose)())
|
|
121
|
+
console.log("Loaded rule " + ruleName + ": " + rule);
|
|
122
|
+
_c.label = 7;
|
|
123
|
+
case 7:
|
|
124
|
+
_c.trys.push([7, 9, , 10]);
|
|
125
|
+
return [4 /*yield*/, Promise.resolve().then(function () { return __importStar(require("../rules/" + ruleName + "/options")); })];
|
|
126
|
+
case 8:
|
|
127
|
+
options = _c.sent();
|
|
128
|
+
if ((0, util_1.verbose)())
|
|
129
|
+
console.log("Loaded rule " + ruleName + " options: " + options);
|
|
130
|
+
return [3 /*break*/, 10];
|
|
131
|
+
case 9:
|
|
132
|
+
_b = _c.sent();
|
|
133
|
+
return [3 /*break*/, 10];
|
|
134
|
+
case 10:
|
|
135
|
+
description = (0, parseRuleDescription_1.default)(ruleName);
|
|
136
|
+
references = Object.keys(metadata.references || {}).reduce(function (memo, key) {
|
|
137
|
+
memo[key] = new url_1.URL(metadata.references[key]);
|
|
138
|
+
return memo;
|
|
139
|
+
}, {});
|
|
140
|
+
return [2 /*return*/, {
|
|
141
|
+
id: (0, util_1.dasherize)(ruleName),
|
|
142
|
+
title: metadata.title,
|
|
143
|
+
description: description,
|
|
144
|
+
url: "https://appland.com/docs/analysis/rules-reference.html#" + (0, util_1.dasherize)(ruleName),
|
|
145
|
+
labels: metadata.labels || [],
|
|
146
|
+
scope: metadata.scope,
|
|
147
|
+
enumerateScope: metadata.enumerateScope,
|
|
148
|
+
impactDomain: metadata.impactDomain,
|
|
149
|
+
references: references,
|
|
150
|
+
Options: options,
|
|
151
|
+
build: rule,
|
|
152
|
+
}];
|
|
153
|
+
}
|
|
154
|
+
});
|
|
155
|
+
}); };
|
|
156
|
+
}
|
|
72
157
|
function buildBuiltinCheck(config) {
|
|
73
158
|
return __awaiter(this, void 0, void 0, function () {
|
|
74
159
|
var rule, options, check;
|
|
75
160
|
return __generator(this, function (_a) {
|
|
76
161
|
switch (_a.label) {
|
|
77
|
-
case 0: return [4 /*yield*/,
|
|
162
|
+
case 0: return [4 /*yield*/, loadRule(config.rule)];
|
|
78
163
|
case 1:
|
|
79
|
-
rule =
|
|
164
|
+
rule = _a.sent();
|
|
165
|
+
if ((0, util_1.verbose)()) {
|
|
166
|
+
console.log("Loaded rule: " + rule);
|
|
167
|
+
}
|
|
80
168
|
if (rule.Options) {
|
|
81
169
|
options = new rule.Options();
|
|
82
170
|
}
|
|
@@ -94,12 +182,15 @@ function buildBuiltinCheck(config) {
|
|
|
94
182
|
check.scope = config.scope;
|
|
95
183
|
}
|
|
96
184
|
if (config.id) {
|
|
97
|
-
check.id = config.id;
|
|
185
|
+
check.id = (0, util_1.dasherize)(config.id);
|
|
98
186
|
}
|
|
99
187
|
check.includeScope = (0, matchEvent_1.buildFilters)((config.include || []).filter(function (item) { return item.scope; }).map(function (item) { return item.scope; }));
|
|
100
188
|
check.excludeScope = (0, matchEvent_1.buildFilters)((config.exclude || []).filter(function (item) { return item.scope; }).map(function (item) { return item.scope; }));
|
|
101
189
|
check.includeEvent = (0, matchEvent_1.buildFilters)((config.include || []).filter(function (item) { return item.event; }).map(function (item) { return item.event; }));
|
|
102
190
|
check.excludeEvent = (0, matchEvent_1.buildFilters)((config.exclude || []).filter(function (item) { return item.event; }).map(function (item) { return item.event; }));
|
|
191
|
+
if ((0, util_1.verbose)()) {
|
|
192
|
+
console.log("Loaded check: " + check);
|
|
193
|
+
}
|
|
103
194
|
return [2 /*return*/, check];
|
|
104
195
|
}
|
|
105
196
|
});
|
|
@@ -119,6 +210,38 @@ var validate = function (validator, data, context) {
|
|
|
119
210
|
.join(', '));
|
|
120
211
|
}
|
|
121
212
|
};
|
|
213
|
+
function loadRule(ruleName) {
|
|
214
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
215
|
+
var ruleId, rules, rule;
|
|
216
|
+
var _this = this;
|
|
217
|
+
return __generator(this, function (_a) {
|
|
218
|
+
switch (_a.label) {
|
|
219
|
+
case 0:
|
|
220
|
+
ruleId = (0, util_1.dasherize)(ruleName);
|
|
221
|
+
return [4 /*yield*/, Promise.all([
|
|
222
|
+
loadFromDir(ruleId),
|
|
223
|
+
loadFromFile(ruleId),
|
|
224
|
+
loadFromDir((0, util_1.camelize)(ruleId)),
|
|
225
|
+
loadFromFile((0, util_1.camelize)(ruleId)),
|
|
226
|
+
].map(function (loader) { return __awaiter(_this, void 0, void 0, function () {
|
|
227
|
+
return __generator(this, function (_a) {
|
|
228
|
+
switch (_a.label) {
|
|
229
|
+
case 0: return [4 /*yield*/, loader()];
|
|
230
|
+
case 1: return [2 /*return*/, _a.sent()];
|
|
231
|
+
}
|
|
232
|
+
});
|
|
233
|
+
}); }))];
|
|
234
|
+
case 1:
|
|
235
|
+
rules = _a.sent();
|
|
236
|
+
rule = rules.find(function (rule) { return rule; });
|
|
237
|
+
if (!rule)
|
|
238
|
+
throw new Error("Rule " + ruleName + " not found");
|
|
239
|
+
return [2 /*return*/, rule];
|
|
240
|
+
}
|
|
241
|
+
});
|
|
242
|
+
});
|
|
243
|
+
}
|
|
244
|
+
exports.loadRule = loadRule;
|
|
122
245
|
function loadConfig(config) {
|
|
123
246
|
return __awaiter(this, void 0, void 0, function () {
|
|
124
247
|
var _this = this;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"configurationProvider.js","sourceRoot":"","sources":["../../src/configuration/configurationProvider.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,4CAAsB;AACtB,oDAA2B;AAC3B,yBAAoC;
|
|
1
|
+
{"version":3,"file":"configurationProvider.js","sourceRoot":"","sources":["../../src/configuration/configurationProvider.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,4CAAsB;AACtB,oDAA2B;AAC3B,yBAAoC;AAGpC,mDAA6B;AAE7B,0CAA6E;AAC7E,sDAAgF;AAEhF,2FAAqE;AAErE,uEAAmD;AACnD,iGAA6E;AAG7E,2BAA0B;AAE1B,IAAM,GAAG,GAAG,IAAI,aAAG,EAAE,CAAC;AACtB,GAAG,CAAC,SAAS,CAAC,mCAA2B,CAAC,CAAC;AAE3C,SAAS,YAAY,CAAC,QAAgB;IAAtC,iBAUC;IATC,OAAO;;;;;;oBAGQ,sFAAa,cAAY,QAAU,QAAC;;oBAA/C,QAAQ,GAAG,SAAoC,CAAC;;;;oBAEhD,sBAAO;wBAET,sBAAO,QAAQ,CAAC,OAAO,EAAC;;;SACzB,CAAC;AACJ,CAAC;AAED,SAAS,WAAW,CAAC,QAAgB;IAArC,iBAiDC;IAhDC,OAAO;;;;;;oBAKQ,sFAAa,cAAY,QAAQ,cAAW,QAAC;;oBAAxD,QAAQ,GAAG,SAA6C,CAAC;;;;oBAEzD,sBAAO;;;oBAIC,sFAAa,cAAY,QAAQ,UAAO,QAAC;;oBAAjD,IAAI,GAAG,CAAC,SAAyC,CAAC,CAAC,OAAO,CAAC;;;;oBAE3D,OAAO,CAAC,IAAI,CACV,UAAQ,QAAQ,+EAA4E,CAC7F,CAAC;oBACF,sBAAO;;oBAGT,IAAI,IAAA,cAAO,GAAE;wBAAE,OAAO,CAAC,GAAG,CAAC,iBAAe,QAAQ,UAAK,IAAM,CAAC,CAAC;;;;oBAGnD,sFAAa,cAAY,QAAQ,aAAU,QAAC;;oBAAtD,OAAO,GAAG,SAA4C,CAAC;oBACvD,IAAI,IAAA,cAAO,GAAE;wBAAE,OAAO,CAAC,GAAG,CAAC,iBAAe,QAAQ,kBAAa,OAAS,CAAC,CAAC;;;;;;oBAKtE,WAAW,GAAG,IAAA,8BAAoB,EAAC,QAAQ,CAAC,CAAC;oBAC7C,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,UAAC,IAAI,EAAE,GAAG;wBACzE,IAAI,CAAC,GAAG,CAAC,GAAG,IAAI,SAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;wBAC9C,OAAO,IAAI,CAAC;oBACd,CAAC,EAAE,EAAyB,CAAC,CAAC;oBAE9B,sBAAO;4BACL,EAAE,EAAE,IAAA,gBAAS,EAAC,QAAQ,CAAC;4BACvB,KAAK,EAAE,QAAQ,CAAC,KAAK;4BACrB,WAAW,aAAA;4BACX,GAAG,EAAE,4DAA0D,IAAA,gBAAS,EAAC,QAAQ,CAAG;4BACpF,MAAM,EAAE,QAAQ,CAAC,MAAM,IAAI,EAAE;4BAC7B,KAAK,EAAE,QAAQ,CAAC,KAAK;4BACrB,cAAc,EAAE,QAAQ,CAAC,cAAc;4BACvC,YAAY,EAAE,QAAQ,CAAC,YAAY;4BACnC,UAAU,YAAA;4BACV,OAAO,EAAE,OAAO;4BAChB,KAAK,EAAE,IAAI;yBACJ,EAAC;;;SACX,CAAC;AACJ,CAAC;AAED,SAAe,iBAAiB,CAAC,MAAmB;;;;;wBACrC,qBAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,EAAA;;oBAAlC,IAAI,GAAG,SAA2B;oBAExC,IAAI,IAAA,cAAO,GAAE,EAAE;wBACb,OAAO,CAAC,GAAG,CAAC,kBAAgB,IAAM,CAAC,CAAC;qBACrC;oBAGD,IAAI,IAAI,CAAC,OAAO,EAAE;wBAChB,OAAO,GAAG,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;qBAC9B;yBAAM;wBACL,OAAO,GAAG,EAAE,CAAC;qBACd;oBACD,IAAI,MAAM,CAAC,UAAU,EAAE;wBACrB,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,OAAO,CAAC,UAAC,IAAI;4BAC1C,IAAM,KAAK,GAAG,MAAM,CAAC,UAAW,CAAC,IAAI,CAAC,CAAC;4BACvC,OAAO,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC;wBACxB,CAAC,CAAC,CAAC;qBACJ;oBAEK,KAAK,GAAG,IAAI,eAAK,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;oBAEvC,IAAI,MAAM,CAAC,KAAK,EAAE;wBAChB,KAAK,CAAC,KAAK,GAAG,MAAM,CAAC,KAAkB,CAAC;qBACzC;oBAED,IAAI,MAAM,CAAC,EAAE,EAAE;wBACb,KAAK,CAAC,EAAE,GAAG,IAAA,gBAAS,EAAC,MAAM,CAAC,EAAE,CAAC,CAAC;qBACjC;oBAED,KAAK,CAAC,YAAY,GAAG,IAAA,yBAAqB,EACxC,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,UAAC,IAAI,IAAK,OAAA,IAAI,CAAC,KAAK,EAAV,CAAU,CAAC,CAAC,GAAG,CAAC,UAAC,IAAI,IAAK,OAAA,IAAI,CAAC,KAAM,EAAX,CAAW,CAAC,CAC/E,CAAC;oBACF,KAAK,CAAC,YAAY,GAAG,IAAA,yBAAqB,EACxC,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,UAAC,IAAI,IAAK,OAAA,IAAI,CAAC,KAAK,EAAV,CAAU,CAAC,CAAC,GAAG,CAAC,UAAC,IAAI,IAAK,OAAA,IAAI,CAAC,KAAM,EAAX,CAAW,CAAC,CAC/E,CAAC;oBACF,KAAK,CAAC,YAAY,GAAG,IAAA,yBAAqB,EACxC,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,UAAC,IAAI,IAAK,OAAA,IAAI,CAAC,KAAK,EAAV,CAAU,CAAC,CAAC,GAAG,CAAC,UAAC,IAAI,IAAK,OAAA,IAAI,CAAC,KAAM,EAAX,CAAW,CAAC,CAC/E,CAAC;oBACF,KAAK,CAAC,YAAY,GAAG,IAAA,yBAAqB,EACxC,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,UAAC,IAAI,IAAK,OAAA,IAAI,CAAC,KAAK,EAAV,CAAU,CAAC,CAAC,GAAG,CAAC,UAAC,IAAI,IAAK,OAAA,IAAI,CAAC,KAAM,EAAX,CAAW,CAAC,CAC/E,CAAC;oBAEF,IAAI,IAAA,cAAO,GAAE,EAAE;wBACb,OAAO,CAAC,GAAG,CAAC,mBAAiB,KAAO,CAAC,CAAC;qBACvC;oBAED,sBAAO,KAAK,EAAC;;;;CACd;AAED,IAAM,QAAQ,GAAG,UAAC,SAA2B,EAAE,IAAS,EAAE,OAAe;IACvE,IAAM,KAAK,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAC9B,IAAI,CAAC,KAAK,EAAE;QACV,MAAM,IAAI,KAAK,CACb,SAAS;aACN,MAAO,CAAC,GAAG,CAAC,UAAC,GAAG;YACf,IAAI,QAAQ,GAAG,GAAG,CAAC,YAAY,CAAC;YAChC,IAAI,CAAC,QAAQ,IAAI,QAAQ,KAAK,EAAE,EAAE;gBAChC,QAAQ,GAAG,OAAO,CAAC;aACpB;YACD,OAAU,QAAQ,SAAI,GAAG,CAAC,OAAO,UAAK,GAAG,CAAC,UAAU,MAAG,CAAC;QAC1D,CAAC,CAAC;aACD,IAAI,CAAC,IAAI,CAAC,CACd,CAAC;KACH;AACH,CAAC,CAAC;AAEF,SAAsB,QAAQ,CAAC,QAAgB;;;;;;;oBACvC,MAAM,GAAG,IAAA,gBAAS,EAAC,QAAQ,CAAC,CAAC;oBACC,qBAAM,OAAO,CAAC,GAAG,CACnD;4BACE,WAAW,CAAC,MAAM,CAAC;4BACnB,YAAY,CAAC,MAAM,CAAC;4BACpB,WAAW,CAAC,IAAA,eAAQ,EAAC,MAAM,CAAC,CAAC;4BAC7B,YAAY,CAAC,IAAA,eAAQ,EAAC,MAAM,CAAC,CAAC;yBAC/B,CAAC,GAAG,CAAC,UAAO,MAAM;;;4CACV,qBAAM,MAAM,EAAE,EAAA;4CAArB,sBAAO,SAAc,EAAC;;;6BACvB,CAAC,CACH,EAAA;;oBATK,KAAK,GAAyB,SASnC;oBACK,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,UAAC,IAAI,IAAK,OAAA,IAAI,EAAJ,CAAI,CAAC,CAAC;oBACxC,IAAI,CAAC,IAAI;wBAAE,MAAM,IAAI,KAAK,CAAC,UAAQ,QAAQ,eAAY,CAAC,CAAC;oBAEzD,sBAAO,IAAI,EAAC;;;;CACb;AAhBD,4BAgBC;AAED,SAAsB,UAAU,CAAC,MAAqB;;;;YACpD,MAAM,CAAC,MAAM;iBACV,MAAM,CAAC,UAAC,KAAK,IAAK,OAAA,KAAK,CAAC,UAAU,EAAhB,CAAgB,CAAC;iBACnC,OAAO,CAAC,UAAC,KAAK;gBACb,IAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC;gBAC1B,IAAM,SAAS,GAAG,CAAC,IAAA,iBAAU,EAAC,MAAM,CAAC,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBAC5D,IAAI,IAAA,cAAO,GAAE,EAAE;oBACb,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;iBACzB;gBACD,IAAM,gBAAgB,GAAI,sBAAc,CAAC,WAAmC,CAAC,SAAS,CAAC,CAAC;gBACxF,IAAI,CAAC,gBAAgB,EAAE;oBACrB,OAAO;iBACR;gBACD,IAAI,IAAA,cAAO,GAAE,EAAE;oBACb,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;oBAC/B,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;iBAChC;gBACD,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE,KAAK,CAAC,UAAU,IAAI,EAAE,EAAK,MAAM,gBAAa,CAAC,CAAC;YAC1F,CAAC,CAAC,CAAC;YAEL,sBAAO,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,UAAO,CAAc;oBAAK,sBAAA,iBAAiB,CAAC,CAAC,CAAC,EAAA;yBAAA,CAAC,CAAC,EAAC;;;CACvF;AArBD,gCAqBC;AAED,SAAsB,eAAe,CAAC,UAAkB;;;;;;oBACtD,OAAO,CAAC,GAAG,CAAC,sCAAoC,UAAY,CAAC,CAAC;oBAC3C,qBAAM,aAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,EAAA;;oBAAnD,UAAU,GAAG,SAAsC;oBACzD,sBAAO,iBAAI,CAAC,IAAI,CAAC,UAAU,EAAE;4BAC3B,QAAQ,EAAE,UAAU;yBACrB,CAAkB,EAAC;;;;CACrB;AAND,0CAMC"}
|
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
12
|
+
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
|
|
13
|
+
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
|
|
14
|
+
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
15
|
+
function step(op) {
|
|
16
|
+
if (f) throw new TypeError("Generator is already executing.");
|
|
17
|
+
while (_) try {
|
|
18
|
+
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
19
|
+
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
20
|
+
switch (op[0]) {
|
|
21
|
+
case 0: case 1: t = op; break;
|
|
22
|
+
case 4: _.label++; return { value: op[1], done: false };
|
|
23
|
+
case 5: _.label++; y = op[1]; op = [0]; continue;
|
|
24
|
+
case 7: op = _.ops.pop(); _.trys.pop(); continue;
|
|
25
|
+
default:
|
|
26
|
+
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
|
|
27
|
+
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
|
|
28
|
+
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
|
|
29
|
+
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
|
|
30
|
+
if (t[2]) _.ops.pop();
|
|
31
|
+
_.trys.pop(); continue;
|
|
32
|
+
}
|
|
33
|
+
op = body.call(thisArg, _);
|
|
34
|
+
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
|
|
35
|
+
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
36
|
+
}
|
|
37
|
+
};
|
|
38
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
39
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
40
|
+
};
|
|
41
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
42
|
+
exports.exists = void 0;
|
|
43
|
+
var src_1 = require("@appland/client/dist/src");
|
|
44
|
+
var util_1 = require("../../../rules/lib/util");
|
|
45
|
+
var retry_1 = __importDefault(require("../retry"));
|
|
46
|
+
function exists(appId, retryOptions) {
|
|
47
|
+
if (retryOptions === void 0) { retryOptions = {}; }
|
|
48
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
49
|
+
function makeRequest() {
|
|
50
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
51
|
+
var requestPath, request;
|
|
52
|
+
return __generator(this, function (_a) {
|
|
53
|
+
switch (_a.label) {
|
|
54
|
+
case 0:
|
|
55
|
+
requestPath = ['api', appId].join('/');
|
|
56
|
+
return [4 /*yield*/, (0, src_1.buildRequest)(requestPath)];
|
|
57
|
+
case 1:
|
|
58
|
+
request = _a.sent();
|
|
59
|
+
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
60
|
+
var req = request.requestFunction(request.url, {
|
|
61
|
+
method: 'HEAD',
|
|
62
|
+
headers: request.headers,
|
|
63
|
+
}, resolve);
|
|
64
|
+
req.on('error', (0, src_1.retryOnError)(retrier, resolve, reject));
|
|
65
|
+
req.end();
|
|
66
|
+
}).then((0, src_1.retryOn503)(retrier))];
|
|
67
|
+
}
|
|
68
|
+
});
|
|
69
|
+
});
|
|
70
|
+
}
|
|
71
|
+
var commandDescription, retrier;
|
|
72
|
+
var _this = this;
|
|
73
|
+
return __generator(this, function (_a) {
|
|
74
|
+
commandDescription = "Checking if app " + appId + " exists";
|
|
75
|
+
if ((0, util_1.verbose)())
|
|
76
|
+
console.log(commandDescription);
|
|
77
|
+
retrier = (0, retry_1.default)(commandDescription, retryOptions, makeRequest);
|
|
78
|
+
return [2 /*return*/, makeRequest().then(function (response) { return __awaiter(_this, void 0, void 0, function () {
|
|
79
|
+
return __generator(this, function (_a) {
|
|
80
|
+
if ((0, util_1.verbose)())
|
|
81
|
+
console.log(commandDescription + ": statusCode=" + response.statusCode);
|
|
82
|
+
if (!response.statusCode) {
|
|
83
|
+
throw new Error('No status code was provided by the server');
|
|
84
|
+
}
|
|
85
|
+
if (response.statusCode === 404) {
|
|
86
|
+
return [2 /*return*/, false];
|
|
87
|
+
}
|
|
88
|
+
else if (response.statusCode < 300) {
|
|
89
|
+
return [2 /*return*/, true];
|
|
90
|
+
}
|
|
91
|
+
throw new Error("Unexpected status code: " + response.statusCode);
|
|
92
|
+
});
|
|
93
|
+
}); })];
|
|
94
|
+
});
|
|
95
|
+
});
|
|
96
|
+
}
|
|
97
|
+
exports.exists = exists;
|
|
98
|
+
//# sourceMappingURL=exists.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"exists.js","sourceRoot":"","sources":["../../../../src/integration/appland/app/exists.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,gDAAkF;AAClF,gDAAkD;AAElD,mDAA6B;AAE7B,SAAsB,MAAM,CAAC,KAAa,EAAE,YAA+B;IAA/B,6BAAA,EAAA,iBAA+B;;QAMzE,SAAe,WAAW;;;;;;4BAClB,WAAW,GAAG,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;4BAC7B,qBAAM,IAAA,kBAAY,EAAC,WAAW,CAAC,EAAA;;4BAAzC,OAAO,GAAG,SAA+B;4BAC/C,sBAAO,IAAI,OAAO,CAAkB,UAAC,OAAO,EAAE,MAAM;oCAClD,IAAM,GAAG,GAAG,OAAO,CAAC,eAAe,CACjC,OAAO,CAAC,GAAG,EACX;wCACE,MAAM,EAAE,MAAM;wCACd,OAAO,EAAE,OAAO,CAAC,OAAO;qCACzB,EACD,OAAO,CACR,CAAC;oCACF,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,IAAA,kBAAY,EAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC;oCACxD,GAAG,CAAC,GAAG,EAAE,CAAC;gCACZ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAA,gBAAU,EAAC,OAAO,CAAC,CAAC,EAAC;;;;SAC9B;;;;YApBK,kBAAkB,GAAG,qBAAmB,KAAK,YAAS,CAAC;YAC7D,IAAI,IAAA,cAAO,GAAE;gBAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YAEzC,OAAO,GAAG,IAAA,eAAK,EAAC,kBAAkB,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;YAmBrE,sBAAO,WAAW,EAAE,CAAC,IAAI,CAAC,UAAO,QAAyB;;wBACxD,IAAI,IAAA,cAAO,GAAE;4BAAE,OAAO,CAAC,GAAG,CAAI,kBAAkB,qBAAgB,QAAQ,CAAC,UAAY,CAAC,CAAC;wBAEvF,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE;4BACxB,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;yBAC9D;wBACD,IAAI,QAAQ,CAAC,UAAU,KAAK,GAAG,EAAE;4BAC/B,sBAAO,KAAK,EAAC;yBACd;6BAAM,IAAI,QAAQ,CAAC,UAAW,GAAG,GAAG,EAAE;4BACrC,sBAAO,IAAI,EAAC;yBACb;wBACD,MAAM,IAAI,KAAK,CAAC,6BAA2B,QAAQ,CAAC,UAAY,CAAC,CAAC;;qBACnE,CAAC,EAAC;;;CACJ;AApCD,wBAoCC"}
|
package/built/ruleChecker.js
CHANGED
|
@@ -262,6 +262,10 @@ var RuleChecker = /** @class */ (function () {
|
|
|
262
262
|
uniqueEvents.add(event.id);
|
|
263
263
|
relatedEvents.push(event);
|
|
264
264
|
});
|
|
265
|
+
// Update event hash with unique hashes of related events
|
|
266
|
+
new Set(relatedEvents.map(function (e) { return e.hash; })).forEach(function (eventHash) {
|
|
267
|
+
hash.update(eventHash);
|
|
268
|
+
});
|
|
265
269
|
return {
|
|
266
270
|
appMapFile: appMapFile,
|
|
267
271
|
checkId: checkInstance.checkId,
|
package/built/ruleChecker.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ruleChecker.js","sourceRoot":"","sources":["../src/ruleChecker.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,mCAAsC;AAEtC,yCAA2C;AAE3C,gEAA0C;AAC1C,0FAAoE;AACpE,0FAAoE;AACpE,sEAAgD;AAChD,oFAA8D;AAC9D,kEAA4C;AAC5C,iCAAoC;AACpC,yCAAyC;AAEzC;IAAA;QACU,WAAM,GAAkC;YAC9C,IAAI,EAAE,IAAI,mBAAS,EAAE;YACrB,OAAO,EAAE,IAAI,sBAAY,EAAE;YAC3B,mBAAmB,EAAE,IAAI,gCAAsB,EAAE;YACjD,mBAAmB,EAAE,IAAI,gCAAsB,EAAE;YACjD,WAAW,EAAE,IAAI,6BAAmB,EAAE;SACvC,CAAC;
|
|
1
|
+
{"version":3,"file":"ruleChecker.js","sourceRoot":"","sources":["../src/ruleChecker.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,mCAAsC;AAEtC,yCAA2C;AAE3C,gEAA0C;AAC1C,0FAAoE;AACpE,0FAAoE;AACpE,sEAAgD;AAChD,oFAA8D;AAC9D,kEAA4C;AAC5C,iCAAoC;AACpC,yCAAyC;AAEzC;IAAA;QACU,WAAM,GAAkC;YAC9C,IAAI,EAAE,IAAI,mBAAS,EAAE;YACrB,OAAO,EAAE,IAAI,sBAAY,EAAE;YAC3B,mBAAmB,EAAE,IAAI,gCAAsB,EAAE;YACjD,mBAAmB,EAAE,IAAI,gCAAsB,EAAE;YACjD,WAAW,EAAE,IAAI,6BAAmB,EAAE;SACvC,CAAC;IAuMJ,CAAC;IArMO,2BAAK,GAAX,UACE,UAAkB,EAClB,WAAwB,EACxB,KAAY,EACZ,QAAmB;;;;;4BAEM,qBAAM,IAAI,CAAC,UAAU,CAC5C,UAAU,EACV,WAAW,EACX,KAAK,EACL,KAAK,CAAC,KAAK,EACX,QAAQ,CACT,EAAA;;wBANK,gBAAgB,GAAG,SAMxB;6BACG,CAAA,gBAAgB,KAAK,CAAC,IAAI,KAAK,CAAC,KAAK,KAAK,SAAS,CAAA,EAAnD,wBAAmD;wBACrD,qBAAM,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAA;;wBAAvE,SAAuE,CAAC;;;;;;KAE3E;IAEK,gCAAU,GAAhB,UACE,UAAkB,EAClB,WAAwB,EACxB,KAAY,EACZ,KAAgB,EAChB,QAAmB;;;;;;;wBAEnB,IAAI,IAAA,cAAO,GAAE,EAAE;4BACb,OAAO,CAAC,IAAI,CAAC,qBAAmB,WAAW,CAAC,MAAM,CAAC,IAAI,oBAAe,KAAO,CAAC,CAAC;yBAChF;wBACK,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;wBACzC,IAAI,CAAC,aAAa,EAAE;4BAClB,MAAM,IAAI,mBAAU,CAAC,0BAAuB,KAAK,OAAG,CAAC,CAAC;yBACvD;wBAEK,UAAU,GAAG;;;;;wCACX,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC;wCAChC,CAAC,GAAG,CAAC;;;6CAAE,CAAA,CAAC,GAAG,MAAM,CAAC,MAAM,CAAA;wCAC/B,qBAAM,MAAM,CAAC,CAAC,CAAC,EAAA;;wCAAf,SAAe,CAAC;;;wCADiB,CAAC,EAAE,CAAA;;;;;yBAGvC,CAAC;wBAEE,SAAS,GAAG,CAAC,CAAC;;;;wBACE,KAAA,SAAA,aAAa,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC,CAAA;;;;wBAAjD;wBACH,SAAS,IAAI,CAAC,CAAC;wBACf,IAAI,IAAA,cAAO,GAAE,EAAE;4BACb,OAAO,CAAC,IAAI,CAAC,WAAS,OAAK,CAAC,KAAO,CAAC,CAAC;yBACtC;wBACK,aAAa,GAAG,IAAI,uBAAa,CAAC,KAAK,CAAC,CAAC;wBAC/C,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,OAAK,CAAC,KAAK,EAAE,WAAW,CAAC,EAAE;4BAChD,yBAAS;yBACV;6BACG,aAAa,CAAC,cAAc,EAA5B,yBAA4B;;;;wBACV,oBAAA,SAAA,OAAK,CAAC,MAAM,EAAE,CAAA,CAAA;;;;wBAAvB,KAAK;wBACd,qBAAM,IAAI,CAAC,UAAU,CACnB,KAAK,EACL,OAAK,CAAC,KAAK,EACX,UAAU,EACV,WAAW,EACX,aAAa,EACb,QAAQ,CACT,EAAA;;wBAPD,SAOC,CAAC;;;;;;;;;;;;;;;;;6BAGJ,qBAAM,IAAI,CAAC,UAAU,CACnB,OAAK,CAAC,KAAK,EACX,OAAK,CAAC,KAAK,EACX,UAAU,EACV,WAAW,EACX,aAAa,EACb,QAAQ,CACT,EAAA;;wBAPD,SAOC,CAAC;;;;;;;;;;;;;;;;6BAGN,sBAAO,SAAS,EAAC;;;;KAClB;IAEK,gCAAU,GAAhB,UACE,KAAY,EACZ,KAAY,EACZ,UAAkB,EAClB,WAAwB,EACxB,aAA4B,EAC5B,QAAmB;;;;;;wBAEnB,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE;4BACnB,sBAAO;yBACR;wBACD,IAAI,IAAA,cAAO,GAAE,EAAE;4BACb,OAAO,CAAC,IAAI,CACV,eAAa,aAAa,CAAC,MAAM,YAAO,KAAK,CAAC,UAAU,CAAC,IAAI,eAAU,KAAK,CAAC,QAAQ,EAAI,CAC1F,CAAC;yBACH;wBAED,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE;4BACtB,IAAI,IAAA,cAAO,GAAE,EAAE;gCACb,OAAO,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;6BACvD;4BACD,sBAAO;yBACR;wBAED,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,KAAK,EAAE,WAAW,CAAC,EAAE;4BAClD,sBAAO;yBACR;wBAEK,YAAY,GAAG,UACnB,UAAkB,EAClB,OAAgB,EAChB,YAAqB,EACrB,eAAwB;wBACxB,iFAAiF;wBACjF,gBAA0B;4BAE1B,IAAM,YAAY,GAAG,UAAU,IAAI,KAAK,CAAC;4BACzC,SAAS;4BACT,yDAAyD;4BACzD,4GAA4G;4BAC5G,6GAA6G;4BAC7G,4HAA4H;4BAC5H,YAAY,CAAC,OAAO,KAApB,YAAY,CAAC,OAAO,GAAK,EAAE,EAAC;4BAC5B,IAAM,KAAK,GAAa;gCACtB,YAAY,CAAC,UAAU,CAAC,QAAQ;sCAC7B,YAAY,CAAC,SAAS,EAAE,CAAC,GAAG,CAAC,UAAC,QAAQ,IAAK,OAAA,QAAQ,CAAC,UAAU,CAAC,QAAQ,EAA5B,CAA4B,CAAC,UAC3E,MAAM,CAAC,OAAO,CAAC,CAAC;4BAElB,IAAM,IAAI,GAAG,IAAA,mBAAU,EAAC,QAAQ,CAAC,CAAC;4BAClC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;4BAC/B,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;4BAElC,IAAM,YAAY,GAAG,IAAI,GAAG,EAAU,CAAC;4BACvC,IAAM,aAAa,GAAiB,EAAE,CAAC;4BACvC,CAAC,YAAY,CAAC,CAAC,MAAM,CAAC,CAAC,gBAAgB,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,sBAAU,CAAC,CAAC,CAAC,OAAO,CAAC,UAAC,KAAK;gCAC5E,IAAI,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE;oCAC9B,OAAO;iCACR;gCACD,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;gCAC3B,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;4BAC5B,CAAC,CAAC,CAAC;4BAEH,yDAAyD;4BACzD,IAAI,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,UAAC,CAAC,IAAK,OAAA,CAAC,CAAC,IAAI,EAAN,CAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAC,SAAS;gCAC1D,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;4BACzB,CAAC,CAAC,CAAC;4BAEH,OAAO;gCACL,UAAU,YAAA;gCACV,OAAO,EAAE,aAAa,CAAC,OAAO;gCAC9B,MAAM,EAAE,aAAa,CAAC,MAAM;gCAC5B,SAAS,EAAE,aAAa,CAAC,KAAK;gCAC9B,KAAK,EAAE,IAAA,sBAAU,EAAC,YAAY,CAAC;gCAC/B,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;gCACxB,KAAK,OAAA;gCACL,KAAK,EAAE,IAAA,sBAAU,EAAC,KAAK,CAAC;gCACxB,OAAO,EAAE,OAAO,IAAI,aAAa,CAAC,KAAK;gCACvC,YAAY,cAAA;gCACZ,eAAe,iBAAA;gCACf,aAAa,EAAE,aAAa,CAAC,IAAI,CAAC,UAAC,KAAK,IAAK,OAAA,KAAK,CAAC,EAAE,EAAR,CAAQ,CAAC;6BAC5C,CAAC;wBACf,CAAC,CAAC;wBAEkB,qBAAM,aAAa,CAAC,SAAS,CAAC,OAAO,CACvD,KAAK,EACL,WAAW,EACX,aAAa,CAAC,WAAW,CAAC,IAAI,CAAC,aAAa,CAAC,CAC9C,EAAA;;wBAJK,WAAW,GAAG,SAInB;wBACK,WAAW,GAAG,QAAQ,CAAC,MAAM,CAAC;wBACpC,IAAI,WAAW,KAAK,IAAI,EAAE;4BACpB,OAAO,SAAA,CAAC;4BACZ,IAAI,aAAa,CAAC,SAAS,CAAC,OAAO,EAAE;gCAC7B,OAAO,GAAG,aAAa,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;gCAC9D,OAAO,GAAG,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;6BACxC;iCAAM;gCACL,OAAO,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;6BAC/B;4BACD,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;yBACxB;6BAAM,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE;4BACpC,OAAO,GAAG,YAAY,CAAC,KAAK,EAAE,WAAqB,CAAC,CAAC;4BAC3D,OAAO,CAAC,OAAO,GAAG,WAAqB,CAAC;4BACxC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;yBACxB;6BAAM,IAAI,WAAW,EAAE;4BACtB,WAAW,CAAC,OAAO,CAAC,UAAC,EAAE;gCACrB,IAAM,OAAO,GAAG,YAAY,CAC1B,EAAE,CAAC,KAAK,EACR,EAAE,CAAC,OAAO,EACV,EAAE,CAAC,YAAY,EACf,EAAE,CAAC,eAAe,EAClB,EAAE,CAAC,aAAa,CACjB,CAAC;gCACF,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;4BACzB,CAAC,CAAC,CAAC;yBACJ;wBACD,IAAI,IAAA,cAAO,GAAE,EAAE;4BACb,IAAI,QAAQ,CAAC,MAAM,GAAG,WAAW,EAAE;gCACjC,QAAQ,CAAC,OAAO,CAAC,UAAC,OAAO;oCACvB,OAAA,OAAO,CAAC,GAAG,CAAC,gBAAc,OAAO,CAAC,MAAM,WAAM,OAAO,CAAC,OAAS,CAAC;gCAAhE,CAAgE,CACjE,CAAC;6BACH;yBACF;;;;;KACF;IACH,kBAAC;AAAD,CAAC,AA9MD,IA8MC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.default = {
|
|
4
|
+
title: 'HTTP 500 status code',
|
|
5
|
+
scope: 'http_server_request',
|
|
6
|
+
enumerateScope: false,
|
|
7
|
+
impactDomain: 'Stability',
|
|
8
|
+
references: {
|
|
9
|
+
'CWE-392': 'https://cwe.mitre.org/data/definitions/392.html',
|
|
10
|
+
},
|
|
11
|
+
};
|
|
12
|
+
//# sourceMappingURL=metadata.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"metadata.js","sourceRoot":"","sources":["../../../src/rules/http500/metadata.ts"],"names":[],"mappings":";;AAEA,kBAAe;IACb,KAAK,EAAE,sBAAsB;IAC7B,KAAK,EAAE,qBAAqB;IAC5B,cAAc,EAAE,KAAK;IACrB,YAAY,EAAE,WAAW;IACzB,UAAU,EAAE;QACV,SAAS,EAAE,iDAAiD;KAC7D;CACU,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
function rule() {
|
|
4
|
+
return {
|
|
5
|
+
matcher: function (e) { return e.httpServerResponse.status === 500; },
|
|
6
|
+
where: function (e) { return !!e.httpServerResponse; },
|
|
7
|
+
};
|
|
8
|
+
}
|
|
9
|
+
exports.default = rule;
|
|
10
|
+
//# sourceMappingURL=rule.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"rule.js","sourceRoot":"","sources":["../../../src/rules/http500/rule.ts"],"names":[],"mappings":";;AAGA,SAAwB,IAAI;IAC1B,OAAO;QACL,OAAO,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,kBAAmB,CAAC,MAAM,KAAK,GAAG,EAApC,CAAoC;QAC3D,KAAK,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,CAAC,CAAC,kBAAkB,EAAtB,CAAsB;KAC5C,CAAC;AACJ,CAAC;AALD,uBAKC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"metadata.js","sourceRoot":"","sources":["../../../src/rules/lib/metadata.ts"],"names":[],"mappings":""}
|
package/built/rules/lib/util.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.verbose = exports.toRegExpArray = exports.responseContentType = exports.toRegExp = exports.providesAuthentication = exports.pluralize = exports.parseValue = exports.isRoot = exports.ideLink = exports.isTruthy = exports.isFalsey = exports.emptyValue = exports.capitalize = exports.appMapDir = void 0;
|
|
3
|
+
exports.verbose = exports.toRegExpArray = exports.responseContentType = exports.toRegExp = exports.providesAuthentication = exports.pluralize = exports.dasherize = exports.camelize = exports.parseValue = exports.isRoot = exports.ideLink = exports.isTruthy = exports.isFalsey = exports.emptyValue = exports.capitalize = exports.appMapDir = void 0;
|
|
4
4
|
var path_1 = require("path");
|
|
5
5
|
var isVerbose = false;
|
|
6
6
|
function verbose(v) {
|
|
@@ -115,6 +115,20 @@ var isRoot = function (event) {
|
|
|
115
115
|
return (!!event.httpServerRequest || RootLabels.some(function (label) { return event.codeObject.labels.has(label); }));
|
|
116
116
|
};
|
|
117
117
|
exports.isRoot = isRoot;
|
|
118
|
+
// Attribution: https://github.com/shahata/dasherize
|
|
119
|
+
// MIT License
|
|
120
|
+
function dasherize(str) {
|
|
121
|
+
return str.replace(/[A-Z0-9](?:(?=[^A-Z0-9])|[A-Z0-9]*(?=[A-Z0-9][^A-Z0-9]|$))/g, function (s, i) {
|
|
122
|
+
return (i > 0 ? '-' : '') + s.toLowerCase();
|
|
123
|
+
});
|
|
124
|
+
}
|
|
125
|
+
exports.dasherize = dasherize;
|
|
126
|
+
// Literally StackOverflow
|
|
127
|
+
function camelize(text) {
|
|
128
|
+
text = text.replace(/[-_\s.]+(.)?/g, function (_, c) { return (c ? c.toUpperCase() : ''); });
|
|
129
|
+
return text.slice(0, 1).toLowerCase() + text.slice(1);
|
|
130
|
+
}
|
|
131
|
+
exports.camelize = camelize;
|
|
118
132
|
function pluralize(word, count) {
|
|
119
133
|
return count === 1 ? word : [word, 's'].join('');
|
|
120
134
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../src/rules/lib/util.ts"],"names":[],"mappings":";;;AACA,6BAAkC;AAElC,IAAI,SAAS,GAAG,KAAK,CAAC;AACtB,SAAS,OAAO,CAAC,CAAwB;IAAxB,kBAAA,EAAA,QAAwB;IACvC,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,KAAK,EAAE;QAC7B,SAAS,GAAG,CAAC,CAAC;KACf;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;
|
|
1
|
+
{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../src/rules/lib/util.ts"],"names":[],"mappings":";;;AACA,6BAAkC;AAElC,IAAI,SAAS,GAAG,KAAK,CAAC;AACtB,SAAS,OAAO,CAAC,CAAwB;IAAxB,kBAAA,EAAA,QAAwB;IACvC,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,KAAK,EAAE;QAC7B,SAAS,GAAG,CAAC,CAAC;KACf;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAuJC,0BAAO;AArJT,SAAS,UAAU,CAAC,GAAW;IAC7B,IAAI,CAAC,GAAG,IAAI,GAAG,KAAK,EAAE,EAAE;QACtB,OAAO,GAAG,CAAC;KACZ;IACD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC9D,CAAC;AAkIC,gCAAU;AAhIZ,SAAS,UAAU,CAAC,KAAa;IAC/B,OAAO,CAAC,IAAI,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAC/C,CAAC;AA+HC,gCAAU;AA7HZ,SAAS,mBAAmB,CAAC,KAAY;;IACvC,IAAI,MAAA,KAAK,CAAC,kBAAkB,0CAAE,OAAO,EAAE;QACrC,OAAO,KAAK,CAAC,kBAAmB,CAAC,OAAQ,CAAC,cAAc,CAAC,CAAC;KAC3D;SAAM,IAAI,MAAA,KAAK,CAAC,kBAAkB,0CAAE,OAAO,EAAE;QAC5C,OAAO,KAAK,CAAC,kBAAmB,CAAC,OAAQ,CAAC,cAAc,CAAC,CAAC;KAC3D;AACH,CAAC;AAkIC,kDAAmB;AAhIrB,SAAS,SAAS,CAAC,cAAsB;IACvC,OAAO,cAAc,CAAC,SAAS,CAAC,CAAC,EAAE,cAAc,CAAC,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;AACpF,CAAC;AAiHC,8BAAS;AA/GX,2BAA2B;AAC3B,SAAS,QAAQ,CAAC,QAA2B;IAC3C,IAAI,CAAC,QAAQ,EAAE;QACb,OAAO,IAAI,CAAC;KACb;IACD,IAAI,QAAQ,CAAC,KAAK,KAAK,YAAY,EAAE;QACnC,OAAO,IAAI,CAAC;KACb;IACD,IAAI,QAAQ,CAAC,KAAK,KAAK,OAAO,IAAI,QAAQ,CAAC,KAAK,KAAK,IAAI,EAAE;QACzD,OAAO,IAAI,CAAC;KACb;IACD,IAAI,QAAQ,CAAC,KAAK,KAAK,QAAQ,IAAI,QAAQ,CAAC,KAAK,KAAK,UAAU,EAAE;QAChE,OAAO,IAAI,CAAC;KACb;IACD,IAAI,QAAQ,CAAC,KAAK,KAAK,EAAE,EAAE;QACzB,OAAO,IAAI,CAAC;KACb;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AA+FC,4BAAQ;AA7FV,SAAS,OAAO,CAAC,QAA2B;IAC1C,OAAO,QAAQ,CAAC,KAAK,KAAK,OAAO,CAAC;AACpC,CAAC;AAED,SAAS,UAAU,CAAC,QAA2B;IAC7C,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;QAClD,OAAO,QAAQ,CAAC,KAAK;aAClB,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;aACnC,KAAK,CAAC,GAAG,CAAC;aACV,GAAG,CAAC,UAAC,CAAC,IAAK,OAAA,CAAC,CAAC,IAAI,EAAE,EAAR,CAAQ,CAAC,CAAC;KACzB;IAED,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAC1B,CAAC;AAoFC,gCAAU;AAlFZ,IAAM,QAAQ,GAAG,UAAC,QAA2B,IAAc,OAAA,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAnB,CAAmB,CAAC;AA+E7E,4BAAQ;AA7EV,SAAS,sBAAsB,CAAC,KAAY,EAAE,KAAa;IACzD,OAAO,KAAK,CAAC,WAAW,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;AACrF,CAAC;AAkFC,wDAAsB;AAhFxB,SAAS,OAAO,CAAC,QAAgB,EAAE,GAAW,EAAE,OAAe;IAC7D,IAAM,GAAG,GAAG,SAAS,CAAC;IACtB,IAAM,GAAG,GAAG,QAAQ,CAAC;IACrB,IAAM,GAAG,GAAG,GAAG,CAAC;IAEhB,8DAA8D;IAC9D,IAAM,kBAAkB,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAE1D,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE;QAC9B,OAAO,QAAQ,CAAC;KACjB;IAED,IAAI,IAAY,CAAC;IACjB,IAAI,CAAC,IAAA,iBAAU,EAAC,QAAQ,CAAC,EAAE;QACzB,IAAI,GAAM,SAAS,wBAAmB,QAAU,CAAC;KAClD;SAAM;QACL,IAAI,GAAG,QAAQ,CAAC;KACjB;IACD,IAAM,KAAK,GAAG,EAAE,WAAW,EAAE,UAAU,EAAE,cAAc,EAAE,WAAS,OAAS,EAAE,CAAC;IAC9E,IAAM,YAAY,GAAG,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;IAC/D,IAAM,IAAI,GACR,GAAG,IAAI,QAAQ;QACb,CAAC,CAAC,sCAAoC,IAAI,eAAU,YAAc;QAClE,CAAC,CAAI,GAAG,qBAAgB,IAAM,CAAC;IAEnC,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACrF,CAAC;AAgDC,0BAAO;AA9CT,IAAM,QAAQ,GAAG,UAAC,KAAsB;IACtC,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,KAAe,CAAC,CAAC,CAAC,CAAE,KAAgB,CAAC;AACrF,CAAC,CAAC;AAmDA,4BAAQ;AAjDV,IAAM,aAAa,GAAG,UAAC,KAA0B;IAC/C,OAAO,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;AAC7B,CAAC,CAAC;AAiDA,sCAAa;AA/Cf,IAAM,UAAU,GAAG,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;AAEtC,IAAM,MAAM,GAAG,UAAC,KAAwB;IACtC,IAAI,CAAC,KAAK,EAAE;QACV,OAAO,IAAI,CAAC;KACb;IACD,OAAO,CACL,CAAC,CAAC,KAAK,CAAC,iBAAiB,IAAI,UAAU,CAAC,IAAI,CAAC,UAAC,KAAK,IAAK,OAAA,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAlC,CAAkC,CAAC,CAC5F,CAAC;AACJ,CAAC,CAAC;AA8BA,wBAAM;AA5BR,oDAAoD;AACpD,cAAc;AACd,SAAS,SAAS,CAAC,GAAW;IAC5B,OAAO,GAAG,CAAC,OAAO,CAChB,6DAA6D,EAC7D,UAAU,CAAC,EAAE,CAAC;QACZ,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;IAC9C,CAAC,CACF,CAAC;AACJ,CAAC;AAsBC,8BAAS;AApBX,0BAA0B;AAC1B,SAAS,QAAQ,CAAC,IAAY;IAC5B,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,UAAC,CAAC,EAAE,CAAC,IAAK,OAAA,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAA1B,CAA0B,CAAC,CAAC;IAC3E,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACxD,CAAC;AAeC,4BAAQ;AAbV,SAAS,SAAS,CAAC,IAAY,EAAE,KAAa;IAC5C,OAAO,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACnD,CAAC;AAaC,8BAAS"}
|
|
@@ -21,7 +21,7 @@ Finds all events labeled `deserialize.unsafe`, that are not a descendant of an e
|
|
|
21
21
|
`deserialize.safe`. For each of these events, all event parameters are checked.
|
|
22
22
|
|
|
23
23
|
Each parameter whose type is `string` or `object` is verified to ensure that it's trusted. For data
|
|
24
|
-
to be trusted, it must be the return value of a function labeled `sanitize`.
|
|
24
|
+
to be trusted, it must be the return value of a function labeled `deserialize.sanitize`.
|
|
25
25
|
|
|
26
26
|
### Notes
|
|
27
27
|
|
|
@@ -31,8 +31,8 @@ that executes code shortly after deserialization.
|
|
|
31
31
|
### Resolution
|
|
32
32
|
|
|
33
33
|
If you can guarantee that you are using unsafe deserialization in a safe way, but it's not possible
|
|
34
|
-
to obtain the raw data from a function labeled `sanitize`, you can wrap the
|
|
35
|
-
function labeled `deserialize.safe`.
|
|
34
|
+
to obtain the raw data from a function labeled `deserialize.sanitize`, you can wrap the
|
|
35
|
+
deserialization in a function labeled `deserialize.safe`.
|
|
36
36
|
|
|
37
37
|
If you need to deserialize untrusted data, JSON is often a good choice as it is only capable of
|
|
38
38
|
returning ‘primitive’ types such as strings, arrays, hashes, numbers and nil. If you need to
|
|
@@ -14,3 +14,26 @@ labels:
|
|
|
14
14
|
Find occurrances of system command execution in which the command string is not guaranteed to be
|
|
15
15
|
safe.
|
|
16
16
|
|
|
17
|
+
### Rule logic
|
|
18
|
+
|
|
19
|
+
Find all events labeled `system.exec` that are not a descendant of an event labeled
|
|
20
|
+
`system.exec.safe`. For each of these events, all event parameters are checked.
|
|
21
|
+
|
|
22
|
+
Each parameter whose type is `string` or `object` is verified to ensure that it's trusted. For data
|
|
23
|
+
to be trusted, it must be the return value of a function labeled `system.exec.sanitize`.
|
|
24
|
+
|
|
25
|
+
### Resolution
|
|
26
|
+
|
|
27
|
+
If you can guarantee that you are using system command execution in a safe way, but it's not
|
|
28
|
+
possible to obtain the raw data from a function labeled `system.exec.sanitize`, you can wrap the
|
|
29
|
+
system command in a function labeled `system.exec.safe`.
|
|
30
|
+
|
|
31
|
+
### Options
|
|
32
|
+
|
|
33
|
+
None
|
|
34
|
+
|
|
35
|
+
### Examples
|
|
36
|
+
|
|
37
|
+
```yaml
|
|
38
|
+
- rule: execOfUntrustedCommand
|
|
39
|
+
```
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@appland/scanner",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.52.0",
|
|
4
4
|
"description": "",
|
|
5
5
|
"bin": "built/cli.js",
|
|
6
6
|
"files": [
|
|
@@ -54,7 +54,7 @@
|
|
|
54
54
|
},
|
|
55
55
|
"dependencies": {
|
|
56
56
|
"@appland/client": "^1.3.0",
|
|
57
|
-
"@appland/models": "^1.14.
|
|
57
|
+
"@appland/models": "^1.14.5",
|
|
58
58
|
"@appland/sql-parser": "^1.5.0",
|
|
59
59
|
"ajv": "^8.8.2",
|
|
60
60
|
"ansi-escapes": "^5.0.0",
|
package/built/rules/http500.js
DELETED
|
@@ -1,27 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
-
};
|
|
5
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
var url_1 = require("url");
|
|
7
|
-
var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
|
|
8
|
-
function build() {
|
|
9
|
-
return {
|
|
10
|
-
matcher: function (e) { return e.httpServerResponse.status === 500; },
|
|
11
|
-
where: function (e) { return !!e.httpServerResponse; },
|
|
12
|
-
};
|
|
13
|
-
}
|
|
14
|
-
exports.default = {
|
|
15
|
-
id: 'http-500',
|
|
16
|
-
title: 'HTTP 500 status code',
|
|
17
|
-
scope: 'http_server_request',
|
|
18
|
-
enumerateScope: false,
|
|
19
|
-
impactDomain: 'Stability',
|
|
20
|
-
references: {
|
|
21
|
-
'CWE-392': new url_1.URL('https://cwe.mitre.org/data/definitions/392.html'),
|
|
22
|
-
},
|
|
23
|
-
description: (0, parseRuleDescription_1.default)('http500'),
|
|
24
|
-
url: 'https://appland.com/docs/analysis/rules-reference.html#http-500',
|
|
25
|
-
build: build,
|
|
26
|
-
};
|
|
27
|
-
//# sourceMappingURL=http500.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"http500.js","sourceRoot":"","sources":["../../src/rules/http500.ts"],"names":[],"mappings":";;;;;AACA,2BAA0B;AAE1B,oFAA8D;AAE9D,SAAS,KAAK;IACZ,OAAO;QACL,OAAO,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,kBAAmB,CAAC,MAAM,KAAK,GAAG,EAApC,CAAoC;QAC3D,KAAK,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,CAAC,CAAC,kBAAkB,EAAtB,CAAsB;KAC5C,CAAC;AACJ,CAAC;AAED,kBAAe;IACb,EAAE,EAAE,UAAU;IACd,KAAK,EAAE,sBAAsB;IAC7B,KAAK,EAAE,qBAAqB;IAC5B,cAAc,EAAE,KAAK;IACrB,YAAY,EAAE,WAAW;IACzB,UAAU,EAAE;QACV,SAAS,EAAE,IAAI,SAAG,CAAC,iDAAiD,CAAC;KACtE;IACD,WAAW,EAAE,IAAA,8BAAoB,EAAC,SAAS,CAAC;IAC5C,GAAG,EAAE,iEAAiE;IACtE,KAAK,OAAA;CACE,CAAC"}
|