@appland/scanner 1.52.4 → 1.54.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (140) hide show
  1. package/CHANGELOG.md +984 -0
  2. package/built/algorithms/dataStructures/graph/GraphEdge.js +1 -1
  3. package/built/algorithms/dataStructures/graph/GraphEdge.js.map +1 -1
  4. package/built/algorithms/dataStructures/graph/GraphVertex.js +1 -1
  5. package/built/algorithms/dataStructures/graph/GraphVertex.js.map +1 -1
  6. package/built/algorithms/dataStructures/linked-list/LinkedListNode.js +1 -1
  7. package/built/algorithms/dataStructures/linked-list/LinkedListNode.js.map +1 -1
  8. package/built/analyzer/recordSecrets.js +1 -1
  9. package/built/analyzer/recordSecrets.js.map +1 -1
  10. package/built/appMapIndex.js +2 -2
  11. package/built/appMapIndex.js.map +1 -1
  12. package/built/check.js +2 -2
  13. package/built/check.js.map +1 -1
  14. package/built/cli/ci/command.js +1 -1
  15. package/built/cli/ci/command.js.map +1 -1
  16. package/built/cli/fail.js +1 -1
  17. package/built/cli/fail.js.map +1 -1
  18. package/built/cli/merge/command.js +1 -1
  19. package/built/cli/merge/command.js.map +1 -1
  20. package/built/cli/reportUploadURL.js +2 -2
  21. package/built/cli/reportUploadURL.js.map +1 -1
  22. package/built/cli/resolveAppId.js +1 -1
  23. package/built/cli/resolveAppId.js.map +1 -1
  24. package/built/cli/scan/command.js +6 -3
  25. package/built/cli/scan/command.js.map +1 -1
  26. package/built/cli/scan.js +15 -3
  27. package/built/cli/scan.js.map +1 -1
  28. package/built/cli/updateCommitStatus.js +3 -3
  29. package/built/cli/updateCommitStatus.js.map +1 -1
  30. package/built/cli/upload.js +5 -5
  31. package/built/cli/upload.js.map +1 -1
  32. package/built/cli/validateFile.js +1 -1
  33. package/built/cli/validateFile.js.map +1 -1
  34. package/built/cli.js +0 -0
  35. package/built/configuration/configurationProvider.js +19 -15
  36. package/built/configuration/configurationProvider.js.map +1 -1
  37. package/built/database/index.js +1 -1
  38. package/built/database/index.js.map +1 -1
  39. package/built/database/visit.js +1 -1
  40. package/built/database/visit.js.map +1 -1
  41. package/built/integration/appland/app/exists.js +3 -3
  42. package/built/integration/appland/app/exists.js.map +1 -1
  43. package/built/integration/appland/mapset/create.js +1 -1
  44. package/built/integration/appland/mapset/create.js.map +1 -1
  45. package/built/integration/appland/retry.js +2 -2
  46. package/built/integration/appland/retry.js.map +1 -1
  47. package/built/integration/appland/scannerJob/merge.js +1 -1
  48. package/built/integration/appland/scannerJob/merge.js.map +1 -1
  49. package/built/openapi/method.js +1 -1
  50. package/built/openapi/method.js.map +1 -1
  51. package/built/openapi/model.js +1 -1
  52. package/built/openapi/model.js.map +1 -1
  53. package/built/openapi/provider.js +3 -3
  54. package/built/openapi/provider.js.map +1 -1
  55. package/built/report/findingsReport.js +7 -7
  56. package/built/report/findingsReport.js.map +1 -1
  57. package/built/report/summaryReport.js +3 -3
  58. package/built/report/summaryReport.js.map +1 -1
  59. package/built/ruleChecker.js +5 -5
  60. package/built/ruleChecker.js.map +1 -1
  61. package/built/rules/authzBeforeAuthn.js +1 -1
  62. package/built/rules/authzBeforeAuthn.js.map +1 -1
  63. package/built/rules/circularDependency.js +9 -9
  64. package/built/rules/circularDependency.js.map +1 -1
  65. package/built/rules/deserializationOfUntrustedData.js +1 -1
  66. package/built/rules/deserializationOfUntrustedData.js.map +1 -1
  67. package/built/rules/execOfUntrustedCommand.js +1 -1
  68. package/built/rules/execOfUntrustedCommand.js.map +1 -1
  69. package/built/rules/{http500 → http-500}/metadata.js +0 -0
  70. package/built/rules/http-500/metadata.js.map +1 -0
  71. package/built/rules/{http500 → http-500}/rule.js +0 -0
  72. package/built/rules/http-500/rule.js.map +1 -0
  73. package/built/rules/illegalPackageDependency.js +1 -1
  74. package/built/rules/illegalPackageDependency.js.map +1 -1
  75. package/built/rules/incompatibleHttpClientRequest.js +2 -2
  76. package/built/rules/incompatibleHttpClientRequest.js.map +1 -1
  77. package/built/rules/jobNotCancelled.js +2 -2
  78. package/built/rules/jobNotCancelled.js.map +1 -1
  79. package/built/rules/lib/matchEvent.js +1 -1
  80. package/built/rules/lib/matchEvent.js.map +1 -1
  81. package/built/rules/lib/parseRuleDescription.js +2 -1
  82. package/built/rules/lib/parseRuleDescription.js.map +1 -1
  83. package/built/rules/lib/util.js +8 -6
  84. package/built/rules/lib/util.js.map +1 -1
  85. package/built/rules/logoutWithoutSessionReset.js +1 -1
  86. package/built/rules/logoutWithoutSessionReset.js.map +1 -1
  87. package/built/rules/missingAuthentication.js +1 -1
  88. package/built/rules/missingAuthentication.js.map +1 -1
  89. package/built/rules/nPlusOneQuery.js +83 -37
  90. package/built/rules/nPlusOneQuery.js.map +1 -1
  91. package/built/rules/queryFromInvalidPackage.js +1 -1
  92. package/built/rules/queryFromInvalidPackage.js.map +1 -1
  93. package/built/rules/queryFromView.js +1 -1
  94. package/built/rules/queryFromView.js.map +1 -1
  95. package/built/rules/secretInLog.js +6 -2
  96. package/built/rules/secretInLog.js.map +1 -1
  97. package/built/rules/slowFunctionCall.js +1 -1
  98. package/built/rules/slowFunctionCall.js.map +1 -1
  99. package/built/rules/slowHttpServerRequest.js +1 -1
  100. package/built/rules/slowHttpServerRequest.js.map +1 -1
  101. package/built/rules/tooManyJoins.js +1 -1
  102. package/built/rules/tooManyJoins.js.map +1 -1
  103. package/built/rules/tooManyUpdates.js +1 -1
  104. package/built/rules/tooManyUpdates.js.map +1 -1
  105. package/built/rules/unbatchedMaterializedQuery.js +2 -2
  106. package/built/rules/unbatchedMaterializedQuery.js.map +1 -1
  107. package/built/rules/updateInGetRequest.js +1 -1
  108. package/built/rules/updateInGetRequest.js.map +1 -1
  109. package/built/scope/sqlTransactionScope.js +1 -1
  110. package/built/scope/sqlTransactionScope.js.map +1 -1
  111. package/doc/rules/{authzBeforeAuthn.md → authz-before-authn.md} +0 -0
  112. package/doc/rules/{circularDependency.md → circular-dependency.md} +0 -0
  113. package/doc/rules/{deserializationOfUntrustedData.md → deserialization-of-untrusted-data.md} +0 -0
  114. package/doc/rules/{execOfUntrustedCommand.md → exec-of-untrusted-command.md} +0 -0
  115. package/doc/rules/{http500.md → http-500.md} +0 -0
  116. package/doc/rules/{illegalPackageDependency.md → illegal-package-dependency.md} +0 -0
  117. package/doc/rules/{incompatibleHttpClientRequest.md → incompatible-http-client-request.md} +0 -0
  118. package/doc/rules/{insecureCompare.md → insecure-compare.md} +0 -0
  119. package/doc/rules/{jobNotCancelled.md → job-not-cancelled.md} +0 -0
  120. package/doc/rules/{logoutWithoutSessionReset.md → logout-without-session-reset.md} +0 -0
  121. package/doc/rules/{missingAuthentication.md → missing-authentication.md} +5 -4
  122. package/doc/rules/{missingContentType.md → missing-content-type.md} +0 -0
  123. package/doc/rules/{nPlusOneQuery.md → n-plus-one-query.md} +0 -0
  124. package/doc/rules/{queryFromInvalidPackage.md → query-from-invalid-package.md} +0 -0
  125. package/doc/rules/{queryFromView.md → query-from-view.md} +0 -0
  126. package/doc/rules/{rpcWithoutCircuitBreaker.md → rpc-without-circuit-breaker.md} +0 -0
  127. package/doc/rules/{saveWithoutValidation.md → save-without-validation.md} +0 -0
  128. package/doc/rules/{secretInLog.md → secret-in-log.md} +0 -0
  129. package/doc/rules/{slowFunctionCall.md → slow-function-call.md} +0 -0
  130. package/doc/rules/{slowHttpServerRequest.md → slow-http-server-request.md} +0 -0
  131. package/doc/rules/{slowQuery.md → slow-query.md} +0 -0
  132. package/doc/rules/{tooManyJoins.md → too-many-joins.md} +0 -0
  133. package/doc/rules/{tooManyUpdates.md → too-many-updates.md} +0 -0
  134. package/doc/rules/{unbatchedMaterializedQuery.md → unbatched-materialized-query.md} +0 -0
  135. package/doc/rules/{updateInGetRequest.md → update-in-get-request.md} +0 -0
  136. package/package.json +6 -8
  137. package/built/cli/progressReporter.js +0 -16
  138. package/built/cli/progressReporter.js.map +0 -1
  139. package/built/rules/http500/metadata.js.map +0 -1
  140. package/built/rules/http500/rule.js.map +0 -1
package/built/rules/unbatchedMaterializedQuery.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"unbatchedMaterializedQuery.js","sourceRoot":"","sources":["../../src/rules/unbatchedMaterializedQuery.ts"],"names":[],"mappings":";;;;;AAEA,2CAA0C;AAC1C,2BAA0B;AAC1B,oFAA8D;AAE9D,SAAS,cAAc,CAAC,CAAQ;IAC9B,OAAO,CAAC,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,UAAC,EAAU;YAAR,MAAM,YAAA;QAAO,OAAA,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC;IAA1B,CAA0B,CAAC,CAAC;AACxE,CAAC;AAED,SAAS,YAAY,CAAC,CAAQ,EAAE,WAAwB;IACtD,IAAI;QACF,IAAM,GAAG,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAClC,IAAI,UAAQ,GAAG,KAAK,CAAC;QACrB,IAAI,SAAO,GAAG,KAAK,CAAC;QACpB,IAAI,gBAAc,GAAG,KAAK,CAAC;QAC3B,IAAI,iBAAe,GAAG,KAAK,CAAC;QAE5B,IAAI,GAAG,EAAE;YACP,IAAM,oBAAkB,GAAG,CAAC,eAAe,CAAC,CAAC;YAE7C,IAAA,aAAK,EAAC,GAAG,EAAE;gBACT,kBAAkB,EAAE,UAAC,SAAc;oBACjC,UAAQ,GAAG,IAAI,CAAC;oBAEhB,IACE,SAAS,CAAC,MAAM;wBAChB,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC;wBAC/B,SAAS,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC;wBAC7B,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,UAAU;wBACvC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,OAAO,EACzC;wBACA,SAAO,GAAG,IAAI,CAAC;qBAChB;gBACH,CAAC;gBACD,kBAAkB,EAAE;oBAClB,gBAAc,GAAG,IAAI,CAAC;gBACxB,CAAC;gBACD,kBAAkB,EAAE,UAAC,UAAe;oBAClC,IAAI,oBAAkB,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;wBAChD,iBAAe,GAAG,IAAI,CAAC;qBACxB;gBACH,CAAC;aACF,CAAC,CAAC;SACJ;QAED,IAAM,SAAS,GAAG,gBAAc,IAAI,SAAO,IAAI,iBAAe,CAAC;QAE/D,OAAO,UAAQ,IAAI,CAAC,SAAS,IAAI,cAAc,CAAC,CAAC,CAAC,CAAC;KACpD;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,CAAC,IAAI,CAAC,+BAA4B,CAAC,CAAC,QAAS,OAAG,CAAC,CAAC;QACzD,OAAO,KAAK,CAAC;KACd;AACH,CAAC;AAED,SAAS,OAAO,CAAC,KAAY,EAAE,WAAwB;IACrD,IAAI,YAAY,CAAC,KAAK,EAAE,WAAW,CAAC,EAAE;QACpC,OAAO;YACL;gBACE,KAAK,EAAE,KAAK;gBACZ,OAAO,EAAE,uCAAqC,KAAK,CAAC,QAAU;aAC/D;SACF,CAAC;KACH;AACH,CAAC;AAED,SAAS,KAAK;IACZ,OAAO;QACL,OAAO,SAAA;QACP,KAAK,EAAE,UAAC,CAAC,IAAK,OAAA,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAZ,CAAY;KAC3B,CAAC;AACJ,CAAC;AAED,0CAA0C;AAC1C,IAAM,cAAc,GAAG,iBAAiB,CAAC;AAEzC,kBAAe;IACb,EAAE,EAAE,8BAA8B;IAClC,KAAK,EAAE,kCAAkC;IACzC,MAAM,EAAE,CAAC,cAAc,CAAC;IACxB,cAAc,EAAE,IAAI;IACpB,YAAY,EAAE,aAAa;IAC3B,UAAU,EAAE;QACV,UAAU,EAAE,IAAI,SAAG,CAAC,kDAAkD,CAAC;KACxE;IACD,WAAW,EAAE,IAAA,8BAAoB,EAAC,4BAA4B,CAAC;IAC/D,GAAG,EAAE,qFAAqF;IAC1F,KAAK,OAAA;CACE,CAAC"}
1
+ {"version":3,"file":"unbatchedMaterializedQuery.js","sourceRoot":"","sources":["../../src/rules/unbatchedMaterializedQuery.ts"],"names":[],"mappings":";;;;;AAEA,2CAA0C;AAC1C,2BAA0B;AAC1B,oFAA8D;AAE9D,SAAS,cAAc,CAAC,CAAQ;IAC9B,OAAO,CAAC,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,UAAC,EAAU;YAAR,MAAM,YAAA;QAAO,OAAA,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC;IAA1B,CAA0B,CAAC,CAAC;AACxE,CAAC;AAED,SAAS,YAAY,CAAC,CAAQ,EAAE,WAAwB;IACtD,IAAI;QACF,IAAM,GAAG,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAClC,IAAI,UAAQ,GAAG,KAAK,CAAC;QACrB,IAAI,SAAO,GAAG,KAAK,CAAC;QACpB,IAAI,gBAAc,GAAG,KAAK,CAAC;QAC3B,IAAI,iBAAe,GAAG,KAAK,CAAC;QAE5B,IAAI,GAAG,EAAE;YACP,IAAM,oBAAkB,GAAG,CAAC,eAAe,CAAC,CAAC;YAE7C,IAAA,aAAK,EAAC,GAAG,EAAE;gBACT,kBAAkB,EAAE,UAAC,SAAc;oBACjC,UAAQ,GAAG,IAAI,CAAC;oBAEhB,IACE,SAAS,CAAC,MAAM;wBAChB,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC;wBAC/B,SAAS,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC;wBAC7B,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,UAAU;wBACvC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,OAAO,EACzC;wBACA,SAAO,GAAG,IAAI,CAAC;qBAChB;gBACH,CAAC;gBACD,kBAAkB,EAAE;oBAClB,gBAAc,GAAG,IAAI,CAAC;gBACxB,CAAC;gBACD,kBAAkB,EAAE,UAAC,UAAe;oBAClC,IAAI,oBAAkB,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;wBAChD,iBAAe,GAAG,IAAI,CAAC;qBACxB;gBACH,CAAC;aACF,CAAC,CAAC;SACJ;QAED,IAAM,SAAS,GAAG,gBAAc,IAAI,SAAO,IAAI,iBAAe,CAAC;QAE/D,OAAO,UAAQ,IAAI,CAAC,SAAS,IAAI,cAAc,CAAC,CAAC,CAAC,CAAC;KACpD;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,CAAC,IAAI,CAAC,oCAA4B,CAAC,CAAC,QAAS,OAAG,CAAC,CAAC;QACzD,OAAO,KAAK,CAAC;KACd;AACH,CAAC;AAED,SAAS,OAAO,CAAC,KAAY,EAAE,WAAwB;IACrD,IAAI,YAAY,CAAC,KAAK,EAAE,WAAW,CAAC,EAAE;QACpC,OAAO;YACL;gBACE,KAAK,EAAE,KAAK;gBACZ,OAAO,EAAE,4CAAqC,KAAK,CAAC,QAAQ,CAAE;aAC/D;SACF,CAAC;KACH;AACH,CAAC;AAED,SAAS,KAAK;IACZ,OAAO;QACL,OAAO,SAAA;QACP,KAAK,EAAE,UAAC,CAAC,IAAK,OAAA,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAZ,CAAY;KAC3B,CAAC;AACJ,CAAC;AAED,0CAA0C;AAC1C,IAAM,cAAc,GAAG,iBAAiB,CAAC;AAEzC,kBAAe;IACb,EAAE,EAAE,8BAA8B;IAClC,KAAK,EAAE,kCAAkC;IACzC,MAAM,EAAE,CAAC,cAAc,CAAC;IACxB,cAAc,EAAE,IAAI;IACpB,YAAY,EAAE,aAAa;IAC3B,UAAU,EAAE;QACV,UAAU,EAAE,IAAI,SAAG,CAAC,kDAAkD,CAAC;KACxE;IACD,WAAW,EAAE,IAAA,8BAAoB,EAAC,4BAA4B,CAAC;IAC/D,GAAG,EAAE,qFAAqF;IAC1F,KAAK,OAAA;CACE,CAAC"}
package/built/rules/updateInGetRequest.js CHANGED
@@ -52,7 +52,7 @@ function build(options) {
52
52
  !options.queryExclude.some(function (pattern) { return e.sqlQuery.match(pattern); }) &&
53
53
  !e.ancestors().some(function (ancestor) { return ancestor.codeObject.labels.has(Audit); }) &&
54
54
  hasHttpServerRequest()) {
55
- return "Data update performed in " + httpServerRequest.route + ": " + e.sqlQuery;
55
+ return "Data update performed in ".concat(httpServerRequest.route, ": ").concat(e.sqlQuery);
56
56
  }
57
57
  },
58
58
  where: function (e) { return !!e.sqlQuery; },
package/built/rules/updateInGetRequest.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"updateInGetRequest.js","sourceRoot":"","sources":["../../src/rules/updateInGetRequest.ts"],"names":[],"mappings":";;;;;AAEA,mCAA2C;AAC3C,oFAA8D;AAE9D;IAIE,iBACE,YAAuD,EACvD,YAA2B;QAD3B,6BAAA,EAAA,gBAA0B,aAAa,EAAE,aAAa,CAAC;QACvD,6BAAA,EAAA,iBAA2B;QAE3B,IAAI,CAAC,aAAa,GAAG,YAAY,CAAC;QAClC,IAAI,CAAC,aAAa,GAAG,YAAY,CAAC;IACpC,CAAC;IAED,sBAAI,iCAAY;aAAhB;YACE,OAAO,IAAI,CAAC,aAAa,CAAC;QAC5B,CAAC;aAED,UAAiB,KAA0B;YACzC,IAAI,CAAC,aAAa,GAAG,IAAA,oBAAa,EAAC,KAAK,CAAC,CAAC;QAC5C,CAAC;;;OAJA;IAMD,sBAAI,iCAAY;aAAhB;YACE,OAAO,IAAI,CAAC,aAAa,CAAC;QAC5B,CAAC;aAED,UAAiB,KAA0B;YACzC,IAAI,CAAC,aAAa,GAAG,IAAA,oBAAa,EAAC,KAAK,CAAC,CAAC;QAC5C,CAAC;;;OAJA;IAKH,cAAC;AAAD,CAAC,AA3BD,IA2BC;AAED,SAAS,KAAK,CAAC,OAAgC;IAAhC,wBAAA,EAAA,cAAuB,OAAO,EAAE;IAC7C,OAAO;QACL,OAAO,EAAE,UAAC,CAAC;YACT,IAAI,iBAAoC,CAAC;YACzC,SAAS,oBAAoB;gBAC3B,iBAAiB,GAAG,CAAC;qBAClB,SAAS,EAAE;qBACX,IAAI,CACH,UAAC,QAAQ;oBACP,OAAA,QAAQ,CAAC,iBAAiB;wBAC1B,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,iBAAiB,CAAC,cAAc,CAAC,WAAW,EAAE,CAAC;gBADjF,CACiF,CACpF,CAAC;gBACJ,OAAO,iBAAiB,KAAK,SAAS,CAAC;YACzC,CAAC;YAED,IACE,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC,UAAC,OAAO,IAAK,OAAA,CAAC,CAAC,QAAS,CAAC,KAAK,CAAC,OAAO,CAAC,EAA1B,CAA0B,CAAC;gBAClE,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC,UAAC,OAAO,IAAK,OAAA,CAAC,CAAC,QAAS,CAAC,KAAK,CAAC,OAAO,CAAC,EAA1B,CAA0B,CAAC;gBACnE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,UAAC,QAAQ,IAAK,OAAA,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAArC,CAAqC,CAAC;gBACxE,oBAAoB,EAAE,EACtB;gBACA,OAAO,8BAA4B,iBAAkB,CAAC,KAAK,UAAK,CAAC,CAAC,QAAU,CAAC;aAC9E;QACH,CAAC;QACD,KAAK,EAAE,UAAC,CAAC,IAAK,OAAA,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAZ,CAAY;KAC3B,CAAC;AACJ,CAAC;AAED,IAAM,KAAK,GAAG,OAAO,CAAC;AAEtB,kBAAe;IACb,EAAE,EAAE,uBAAuB;IAC3B,KAAK,EAAE,8CAA8C;IACrD,KAAK,EAAE,qBAAqB;IAC5B,MAAM,EAAE,CAAC,KAAK,CAAC;IACf,YAAY,EAAE,iBAAiB;IAC/B,WAAW,EAAE,IAAA,8BAAoB,EAAC,oBAAoB,CAAC;IACvD,GAAG,EAAE,8EAA8E;IACnF,OAAO,SAAA;IACP,KAAK,OAAA;CACE,CAAC"}
1
+ {"version":3,"file":"updateInGetRequest.js","sourceRoot":"","sources":["../../src/rules/updateInGetRequest.ts"],"names":[],"mappings":";;;;;AAEA,mCAA2C;AAC3C,oFAA8D;AAE9D;IAIE,iBACE,YAAuD,EACvD,YAA2B;QAD3B,6BAAA,EAAA,gBAA0B,aAAa,EAAE,aAAa,CAAC;QACvD,6BAAA,EAAA,iBAA2B;QAE3B,IAAI,CAAC,aAAa,GAAG,YAAY,CAAC;QAClC,IAAI,CAAC,aAAa,GAAG,YAAY,CAAC;IACpC,CAAC;IAED,sBAAI,iCAAY;aAAhB;YACE,OAAO,IAAI,CAAC,aAAa,CAAC;QAC5B,CAAC;aAED,UAAiB,KAA0B;YACzC,IAAI,CAAC,aAAa,GAAG,IAAA,oBAAa,EAAC,KAAK,CAAC,CAAC;QAC5C,CAAC;;;OAJA;IAMD,sBAAI,iCAAY;aAAhB;YACE,OAAO,IAAI,CAAC,aAAa,CAAC;QAC5B,CAAC;aAED,UAAiB,KAA0B;YACzC,IAAI,CAAC,aAAa,GAAG,IAAA,oBAAa,EAAC,KAAK,CAAC,CAAC;QAC5C,CAAC;;;OAJA;IAKH,cAAC;AAAD,CAAC,AA3BD,IA2BC;AAED,SAAS,KAAK,CAAC,OAAgC;IAAhC,wBAAA,EAAA,cAAuB,OAAO,EAAE;IAC7C,OAAO;QACL,OAAO,EAAE,UAAC,CAAC;YACT,IAAI,iBAAoC,CAAC;YACzC,SAAS,oBAAoB;gBAC3B,iBAAiB,GAAG,CAAC;qBAClB,SAAS,EAAE;qBACX,IAAI,CACH,UAAC,QAAQ;oBACP,OAAA,QAAQ,CAAC,iBAAiB;wBAC1B,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,iBAAiB,CAAC,cAAc,CAAC,WAAW,EAAE,CAAC;gBADjF,CACiF,CACpF,CAAC;gBACJ,OAAO,iBAAiB,KAAK,SAAS,CAAC;YACzC,CAAC;YAED,IACE,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC,UAAC,OAAO,IAAK,OAAA,CAAC,CAAC,QAAS,CAAC,KAAK,CAAC,OAAO,CAAC,EAA1B,CAA0B,CAAC;gBAClE,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC,UAAC,OAAO,IAAK,OAAA,CAAC,CAAC,QAAS,CAAC,KAAK,CAAC,OAAO,CAAC,EAA1B,CAA0B,CAAC;gBACnE,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,UAAC,QAAQ,IAAK,OAAA,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAArC,CAAqC,CAAC;gBACxE,oBAAoB,EAAE,EACtB;gBACA,OAAO,mCAA4B,iBAAkB,CAAC,KAAK,eAAK,CAAC,CAAC,QAAQ,CAAE,CAAC;aAC9E;QACH,CAAC;QACD,KAAK,EAAE,UAAC,CAAC,IAAK,OAAA,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAZ,CAAY;KAC3B,CAAC;AACJ,CAAC;AAED,IAAM,KAAK,GAAG,OAAO,CAAC;AAEtB,kBAAe;IACb,EAAE,EAAE,uBAAuB;IAC3B,KAAK,EAAE,8CAA8C;IACrD,KAAK,EAAE,qBAAqB;IAC5B,MAAM,EAAE,CAAC,KAAK,CAAC;IACf,YAAY,EAAE,iBAAiB;IAC/B,WAAW,EAAE,IAAA,8BAAoB,EAAC,oBAAoB,CAAC;IACvD,GAAG,EAAE,8EAA8E;IACnF,OAAO,SAAA;IACP,KAAK,OAAA;CACE,CAAC"}
package/built/scope/sqlTransactionScope.js CHANGED
@@ -120,7 +120,7 @@ function iterateTransaction(begin, tail) {
120
120
  // We currently don't track the separate connections, so we have to
121
121
  // assume this is the same one and issue a warning.
122
122
  if (isBegin(sql))
123
- console.warn("SQL transaction started within a transaction in event " + event.id);
123
+ console.warn("SQL transaction started within a transaction in event ".concat(event.id));
124
124
  var end = isEnd(sql);
125
125
  if (end) {
126
126
  begin.transaction = { status: end.action, events: transaction };
package/built/scope/sqlTransactionScope.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"sqlTransactionScope.js","sourceRoot":"","sources":["../../src/scope/sqlTransactionScope.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,0CAA2C;AAI3C,kEAA4C;AAG5C,SAAS,OAAO,CAAC,GAA2B;IAC1C,QAAQ,GAAG,CAAC,OAAO,EAAE;QACnB,KAAK,MAAM;YACT,OAAO,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,UAAC,CAAC,IAAK,OAAA,OAAO,CAAC,CAAC,CAAC,EAAV,CAAU,CAAC,CAAC;QAC/C,KAAK,aAAa;YAChB,OAAO,GAAG,CAAC,MAAM,KAAK,OAAO,CAAC;QAChC;YACE,OAAO,KAAK,CAAC;KAChB;AACH,CAAC;AAMD,SAAS,KAAK,CAAC,GAA2B;;IACxC,QAAQ,GAAG,CAAC,OAAO,EAAE;QACnB,KAAK,MAAM;;gBACT,KAAwB,IAAA,KAAA,SAAA,GAAG,CAAC,SAAS,CAAA,gBAAA,4BAAE;oBAAlC,IAAM,SAAS,WAAA;oBAClB,IAAM,MAAM,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC;oBAChC,IAAI,MAAM;wBAAE,OAAO,MAAM,CAAC;iBAC3B;;;;;;;;;YACD,OAAO,SAAS,CAAC;QACnB,KAAK,aAAa;YAChB,OAAO,GAAG,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAE,GAA+B,CAAC;QAC/E;YACE,OAAO,SAAS,CAAC;KACpB;AACH,CAAC;AASD,SAAgB,qBAAqB,CACnC,KAA0C;IAE1C,OAAO,KAAK,CAAC,WAAW,KAAK,SAAS,CAAC;AACzC,CAAC;AAJD,sDAIC;AAED,SAAS,kBAAkB,CACzB,KAA0C,EAC1C,IAAqB;IAErB,8CAA8C;IAC9C,wDAAwD;IACxD,IAAM,WAAW,GAAG,CAAC,KAAK,CAAC,CAAC;IAC5B,KAAK,IAAI,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,EAAE;QAC3D,IAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACzB,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE;YAAE,SAAS;QAC9B,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACxB,IAAI,CAAC,KAAK,CAAC,GAAG;YAAE,SAAS;QACzB,kEAAkE;QAClE,IAAM,GAAG,GAAG,IAAA,iBAAQ,EAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,CAAC,GAAG;YAAE,SAAS;QAEnB,yDAAyD;QACzD,kEAAkE;QAClE,kEAAkE;QAClE,mEAAmE;QACnE,mDAAmD;QACnD,IAAI,OAAO,CAAC,GAAG,CAAC;YACd,OAAO,CAAC,IAAI,CAAC,2DAAyD,KAAK,CAAC,EAAI,CAAC,CAAC;QAEpF,IAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC;QACvB,IAAI,GAAG,EAAE;YACP,KAAK,CAAC,WAAW,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;YAChE,MAAM;SACP;KACF;IAED,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE;QACtB,qDAAqD;QACrD,yBAAyB;QACzB,KAAK,CAAC,WAAW,GAAG,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;KACjE;IAED,OAAO;QACL,KAAK,EAAE,KAAK;QACZ,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,WAAW,CAA2B;KACjF,CAAC;AACJ,CAAC;AAED;IAAiD,uCAAa;IAA9D;;IAUA,CAAC;IATE,oCAAM,GAAP,UAAQ,MAA+B;;;;;;;oBACjB,WAAA,SAAA,MAAM,CAAA;;;;oBAAf,KAAK;oBACd,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG;wBAAE,wBAAS;oBACtC,GAAG,GAAG,IAAA,iBAAQ,EAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;yBAChC,CAAA,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA,EAAlC,wBAAkC;oBACpC,qBAAM,kBAAkB,CAAC,KAAK,EAAE,MAAM,CAAC,EAAA;;oBAAvC,SAAuC,CAAC;;;;;;;;;;;;;;;;;;;KAG7C;IACH,0BAAC;AAAD,CAAC,AAVD,CAAiD,uBAAa,GAU7D"}
1
+ {"version":3,"file":"sqlTransactionScope.js","sourceRoot":"","sources":["../../src/scope/sqlTransactionScope.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,0CAA2C;AAI3C,kEAA4C;AAG5C,SAAS,OAAO,CAAC,GAA2B;IAC1C,QAAQ,GAAG,CAAC,OAAO,EAAE;QACnB,KAAK,MAAM;YACT,OAAO,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,UAAC,CAAC,IAAK,OAAA,OAAO,CAAC,CAAC,CAAC,EAAV,CAAU,CAAC,CAAC;QAC/C,KAAK,aAAa;YAChB,OAAO,GAAG,CAAC,MAAM,KAAK,OAAO,CAAC;QAChC;YACE,OAAO,KAAK,CAAC;KAChB;AACH,CAAC;AAMD,SAAS,KAAK,CAAC,GAA2B;;IACxC,QAAQ,GAAG,CAAC,OAAO,EAAE;QACnB,KAAK,MAAM;;gBACT,KAAwB,IAAA,KAAA,SAAA,GAAG,CAAC,SAAS,CAAA,gBAAA,4BAAE;oBAAlC,IAAM,SAAS,WAAA;oBAClB,IAAM,MAAM,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC;oBAChC,IAAI,MAAM;wBAAE,OAAO,MAAM,CAAC;iBAC3B;;;;;;;;;YACD,OAAO,SAAS,CAAC;QACnB,KAAK,aAAa;YAChB,OAAO,GAAG,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAE,GAA+B,CAAC;QAC/E;YACE,OAAO,SAAS,CAAC;KACpB;AACH,CAAC;AASD,SAAgB,qBAAqB,CACnC,KAA0C;IAE1C,OAAO,KAAK,CAAC,WAAW,KAAK,SAAS,CAAC;AACzC,CAAC;AAJD,sDAIC;AAED,SAAS,kBAAkB,CACzB,KAA0C,EAC1C,IAAqB;IAErB,8CAA8C;IAC9C,wDAAwD;IACxD,IAAM,WAAW,GAAG,CAAC,KAAK,CAAC,CAAC;IAC5B,KAAK,IAAI,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,EAAE;QAC3D,IAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACzB,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE;YAAE,SAAS;QAC9B,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACxB,IAAI,CAAC,KAAK,CAAC,GAAG;YAAE,SAAS;QACzB,kEAAkE;QAClE,IAAM,GAAG,GAAG,IAAA,iBAAQ,EAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,CAAC,GAAG;YAAE,SAAS;QAEnB,yDAAyD;QACzD,kEAAkE;QAClE,kEAAkE;QAClE,mEAAmE;QACnE,mDAAmD;QACnD,IAAI,OAAO,CAAC,GAAG,CAAC;YACd,OAAO,CAAC,IAAI,CAAC,gEAAyD,KAAK,CAAC,EAAE,CAAE,CAAC,CAAC;QAEpF,IAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC;QACvB,IAAI,GAAG,EAAE;YACP,KAAK,CAAC,WAAW,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;YAChE,MAAM;SACP;KACF;IAED,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE;QACtB,qDAAqD;QACrD,yBAAyB;QACzB,KAAK,CAAC,WAAW,GAAG,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;KACjE;IAED,OAAO;QACL,KAAK,EAAE,KAAK;QACZ,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,WAAW,CAA2B;KACjF,CAAC;AACJ,CAAC;AAED;IAAiD,uCAAa;IAA9D;;IAUA,CAAC;IATE,oCAAM,GAAP,UAAQ,MAA+B;;;;;;;oBACjB,WAAA,SAAA,MAAM,CAAA;;;;oBAAf,KAAK;oBACd,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG;wBAAE,wBAAS;oBACtC,GAAG,GAAG,IAAA,iBAAQ,EAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;yBAChC,CAAA,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA,EAAlC,wBAAkC;oBACpC,qBAAM,kBAAkB,CAAC,KAAK,EAAE,MAAM,CAAC,EAAA;;oBAAvC,SAAuC,CAAC;;;;;;;;;;;;;;;;;;;KAG7C;IACH,0BAAC;AAAD,CAAC,AAVD,CAAiD,uBAAa,GAU7D"}
package/doc/rules/{http500.md → http-500.md} RENAMED
File without changes
package/doc/rules/{missingAuthentication.md → missing-authentication.md} RENAMED
@@ -21,15 +21,16 @@ This rule checks all HTTP server requests that satisfy the following conditions:
21
21
  - HTTP status code is `< 300`
22
22
  - Matches include and exclude lists of content type (by default, these are empty).
23
23
 
24
- For each matching request, any event that satisfies either of these conditions will satisfy the rule:
24
+ For each matching request, any event that satisfies either of these conditions will satisfy the
25
+ rule:
25
26
 
26
- 1. Has label `public`.
27
+ 1. Has label `access.public`.
27
28
  2. Has label `security.authentication`, and returns a truthy value.
28
29
 
29
30
  ### Notes
30
31
 
31
32
  If a request does not require an authenticated user (e.g. because it contains completely public
32
- information), then this rule can be satisfied by calling any function labeled `public`.
33
+ information), then this rule can be satisfied by calling any function labeled `access.public`.
33
34
 
34
35
  If the `security.authentication` event returns a falsey value (`false`, `null`, etc), then
35
36
  authentication is assumed to be denied, and the rule is not satisfied.
@@ -37,7 +38,7 @@ authentication is assumed to be denied, and the rule is not satisfied.
37
38
  ### Resolution
38
39
 
39
40
  If the request is designed to be public, and the omission of authentication is intentionaly, modify
40
- the code so that it calls a function labeled `public`.
41
+ the code so that it calls a function labeled `access.public`.
41
42
 
42
43
  Otherwise, modify the code so that it calls a function labeled `security.authentication` which
43
44
  returns a truthy result (for example, a User object).
package/doc/rules/{secretInLog.md → secret-in-log.md} RENAMED
File without changes
package/doc/rules/{slowQuery.md → slow-query.md} RENAMED
File without changes
package/doc/rules/{tooManyJoins.md → too-many-joins.md} RENAMED
File without changes
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@appland/scanner",
3
- "version": "1.52.4",
3
+ "version": "1.54.0",
4
4
  "description": "",
5
5
  "bin": "built/cli.js",
6
6
  "files": [
@@ -27,7 +27,7 @@
27
27
  "@semantic-release/git": "^10.0.1",
28
28
  "@types/async": "^3.2.12",
29
29
  "@types/glob": "^7.2.0",
30
- "@types/jest": "^27.0.1",
30
+ "@types/jest": "^27.4.1",
31
31
  "@types/js-yaml": "^4.0.3",
32
32
  "@types/lru-cache": "^5.1.1",
33
33
  "@types/node": "^16.7.10",
@@ -47,7 +47,7 @@
47
47
  "prettier": "^2.3.2",
48
48
  "semantic-release": "^19.0.2",
49
49
  "sinon": "^13.0.1",
50
- "ts-jest": "^27.1.3",
50
+ "ts-jest": "^27.1.4",
51
51
  "ts-json-schema-generator": "^0.97.0",
52
52
  "ts-node": "^10.2.1",
53
53
  "typescript": "^4.4.2"
@@ -56,10 +56,12 @@
56
56
  "@appland/client": "^1.3.0",
57
57
  "@appland/models": "^1.14.5",
58
58
  "@appland/sql-parser": "^1.5.0",
59
+ "@types/cli-progress": "^3.9.2",
59
60
  "ajv": "^8.8.2",
60
61
  "ansi-escapes": "^5.0.0",
61
62
  "async": "^3.2.3",
62
63
  "chalk": "^4.1.2",
64
+ "cli-progress": "^3.11.0",
63
65
  "form-data": "^4.0.0",
64
66
  "glob": "^7.2.0",
65
67
  "js-yaml": "^4.1.0",
@@ -72,10 +74,6 @@
72
74
  "tar-stream": "^2.2.0",
73
75
  "yargs": "^17.1.1"
74
76
  },
75
- "repository": {
76
- "type": "git",
77
- "url": "https://github.com/applandinc/scanner.git"
78
- },
79
77
  "publishConfig": {
80
78
  "access": "public"
81
79
  },
@@ -95,4 +93,4 @@
95
93
  ],
96
94
  "outputPath": "dist"
97
95
  }
98
- }
96
+ }
package/built/cli/progressReporter.js DELETED
@@ -1,16 +0,0 @@
1
- "use strict";
2
- var __importDefault = (this && this.__importDefault) || function (mod) {
3
- return (mod && mod.__esModule) ? mod : { "default": mod };
4
- };
5
- Object.defineProperty(exports, "__esModule", { value: true });
6
- var chalk_1 = __importDefault(require("chalk"));
7
- function default_1(matches) {
8
- if (matches.length === 0) {
9
- return chalk_1.default.stderr.green('.');
10
- }
11
- else {
12
- return chalk_1.default.stderr.magenta('!');
13
- }
14
- }
15
- exports.default = default_1;
16
- //# sourceMappingURL=progressReporter.js.map
package/built/cli/progressReporter.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"progressReporter.js","sourceRoot":"","sources":["../../src/cli/progressReporter.ts"],"names":[],"mappings":";;;;;AAAA,gDAA0B;AAG1B,mBAAyB,OAAkB;IACzC,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;QACxB,OAAO,eAAK,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;KAChC;SAAM;QACL,OAAO,eAAK,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;KAClC;AACH,CAAC;AAND,4BAMC"}
package/built/rules/http500/metadata.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"metadata.js","sourceRoot":"","sources":["../../../src/rules/http500/metadata.ts"],"names":[],"mappings":";;AAEA,kBAAe;IACb,KAAK,EAAE,sBAAsB;IAC7B,KAAK,EAAE,qBAAqB;IAC5B,cAAc,EAAE,KAAK;IACrB,YAAY,EAAE,WAAW;IACzB,UAAU,EAAE;QACV,SAAS,EAAE,iDAAiD;KAC7D;CACU,CAAC"}
package/built/rules/http500/rule.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"rule.js","sourceRoot":"","sources":["../../../src/rules/http500/rule.ts"],"names":[],"mappings":";;AAGA,SAAwB,IAAI;IAC1B,OAAO;QACL,OAAO,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,kBAAmB,CAAC,MAAM,KAAK,GAAG,EAApC,CAAoC;QAC3D,KAAK,EAAE,UAAC,CAAQ,IAAK,OAAA,CAAC,CAAC,CAAC,CAAC,kBAAkB,EAAtB,CAAsB;KAC5C,CAAC;AACJ,CAAC;AALD,uBAKC"}