@appland/scanner 1.55.0 → 1.58.0

package/built/rules/queryFromInvalidPackage.js

@@ -3,44 +3,43 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-var matchPattern_1 = require("./lib/matchPattern");
-var url_1 = require("url");
-var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
+const matchPattern_1 = require("./lib/matchPattern");
+const url_1 = require("url");
+const parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
 // TODO: Use the Query AST for this.
-var WHITELIST = [/\bBEGIN\b/i, /\bCOMMIT\b/i, /\bROLLBACK\b/i, /\bRELEASE\b/i, /\bSAVEPOINT\b/i];
-var Options = /** @class */ (function () {
-    function Options() {
+const WHITELIST = [/\bBEGIN\b/i, /\bCOMMIT\b/i, /\bROLLBACK\b/i, /\bRELEASE\b/i, /\bSAVEPOINT\b/i];
+class Options {
+    constructor() {
         this.allowedPackages = [];
-        this.allowedQueries = WHITELIST.map(function (regexp) { return ({ match: regexp }); });
+        this.allowedQueries = WHITELIST.map((regexp) => ({ match: regexp }));
     }
-    return Options;
-}());
+}
 function build(options) {
-    var allowedPackages = (0, matchPattern_1.buildFilters)(options.allowedPackages);
-    var allowedQueries = (0, matchPattern_1.buildFilters)(options.allowedQueries);
+    const allowedPackages = (0, matchPattern_1.buildFilters)(options.allowedPackages);
+    const allowedQueries = (0, matchPattern_1.buildFilters)(options.allowedQueries);
     function matcher(e) {
-        if (!allowedPackages.some(function (filter) { return filter(e.parent.codeObject.packageOf); })) {
+        if (!allowedPackages.some((filter) => filter(e.parent.codeObject.packageOf))) {
             return [
                 {
                     event: e,
-                    message: "".concat(e.codeObject.id, " is invoked from illegal package ").concat(e.parent.codeObject.packageOf),
+                    message: `${e.codeObject.id} is invoked from illegal package ${e.parent.codeObject.packageOf}`,
                     relatedEvents: [e.parent],
                 },
             ];
         }
     }
     function where(e) {
-        return !!e.sqlQuery && !!e.parent && !allowedQueries.some(function (pattern) { return pattern(e.sqlQuery); });
+        return !!e.sqlQuery && !!e.parent && !allowedQueries.some((pattern) => pattern(e.sqlQuery));
     }
     return {
-        matcher: matcher,
-        where: where,
+        matcher,
+        where,
     };
 }
 exports.default = {
     id: 'query-from-invalid-package',
     title: 'Queries from invalid packages',
-    Options: Options,
+    Options,
     impactDomain: 'Maintainability',
     enumerateScope: true,
     references: {
@@ -48,6 +47,5 @@ exports.default = {
     },
     description: (0, parseRuleDescription_1.default)('queryFromInvalidPackage'),
     url: 'https://appland.com/docs/analysis/rules-reference.html#query-from-invalid-package',
-    build: build,
+    build,
 };
-//# sourceMappingURL=queryFromInvalidPackage.js.map

package/built/rules/queryFromView.js

@@ -3,25 +3,23 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-var url_1 = require("url");
-var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
-var Options = /** @class */ (function () {
-    function Options() {
+const url_1 = require("url");
+const parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
+class Options {
+    constructor() {
         this.forbiddenLabel = 'mvc.template';
     }
-    return Options;
-}());
-function build(options) {
-    if (options === void 0) { options = new Options(); }
+}
+function build(options = new Options()) {
     function matcher(e) {
-        var forbiddenAncestor = e
+        const forbiddenAncestor = e
             .ancestors()
-            .find(function (e) { return e.codeObject.labels.has(options.forbiddenLabel); });
+            .find((e) => e.codeObject.labels.has(options.forbiddenLabel));
         if (forbiddenAncestor) {
             return [
                 {
                     event: e,
-                    message: "SQL query is invoked from invalid event ".concat(forbiddenAncestor, ", labeled ").concat(options.forbiddenLabel),
+                    message: `SQL query is invoked from invalid event ${forbiddenAncestor}, labeled ${options.forbiddenLabel}`,
                     relatedEvents: [forbiddenAncestor],
                 },
             ];
@@ -31,14 +29,14 @@ function build(options) {
         return !!e.sqlQuery;
     }
     return {
-        matcher: matcher,
-        where: where,
+        matcher,
+        where,
     };
 }
 exports.default = {
     id: 'query-from-view',
     title: 'Queries from view',
-    Options: Options,
+    Options,
     impactDomain: 'Maintainability',
     enumerateScope: true,
     references: {
@@ -46,6 +44,5 @@ exports.default = {
     },
     description: (0, parseRuleDescription_1.default)('queryFromView'),
     url: 'https://appland.com/docs/analysis/rules-reference.html#query-from-view',
-    build: build,
+    build,
 };
-//# sourceMappingURL=queryFromView.js.map

package/built/rules/rpcWithoutCircuitBreaker.js

@@ -1,104 +1,34 @@
 "use strict";
-var __generator = (this && this.__generator) || function (thisArg, body) {
-    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
-    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
-    function verb(n) { return function (v) { return step([n, v]); }; }
-    function step(op) {
-        if (f) throw new TypeError("Generator is already executing.");
-        while (_) try {
-            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
-            if (y = 0, t) op = [op[0] & 2, t.value];
-            switch (op[0]) {
-                case 0: case 1: t = op; break;
-                case 4: _.label++; return { value: op[1], done: false };
-                case 5: _.label++; y = op[1]; op = [0]; continue;
-                case 7: op = _.ops.pop(); _.trys.pop(); continue;
-                default:
-                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
-                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
-                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
-                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
-                    if (t[2]) _.ops.pop();
-                    _.trys.pop(); continue;
-            }
-            op = body.call(thisArg, _);
-        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
-        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
-    }
-};
-var __values = (this && this.__values) || function(o) {
-    var s = typeof Symbol === "function" && Symbol.iterator, m = s && o[s], i = 0;
-    if (m) return m.call(o);
-    if (o && typeof o.length === "number") return {
-        next: function () {
-            if (o && i >= o.length) o = void 0;
-            return { value: o && o[i++], done: !o };
-        }
-    };
-    throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
-};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-var models_1 = require("@appland/models");
-var rpcWithoutProtection_1 = require("./lib/rpcWithoutProtection");
-var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
-var Options = /** @class */ (function () {
-    function Options() {
+const models_1 = require("@appland/models");
+const rpcWithoutProtection_1 = require("./lib/rpcWithoutProtection");
+const parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
+class Options {
+    constructor() {
         this.expectedLabel = RPCCircuitBreaker;
     }
-    return Options;
-}());
+}
 // The circuit breaker will be found in a descendant of the httpClientRequest.
-function descendants(httpClientRequest) {
-    var _a, _b, candidate, e_1_1;
-    var e_1, _c;
-    return __generator(this, function (_d) {
-        switch (_d.label) {
-            case 0:
-                _d.trys.push([0, 5, 6, 7]);
-                _a = __values(new models_1.EventNavigator(httpClientRequest).descendants()), _b = _a.next();
-                _d.label = 1;
-            case 1:
-                if (!!_b.done) return [3 /*break*/, 4];
-                candidate = _b.value;
-                return [4 /*yield*/, candidate.event];
-            case 2:
-                _d.sent();
-                _d.label = 3;
-            case 3:
-                _b = _a.next();
-                return [3 /*break*/, 1];
-            case 4: return [3 /*break*/, 7];
-            case 5:
-                e_1_1 = _d.sent();
-                e_1 = { error: e_1_1 };
-                return [3 /*break*/, 7];
-            case 6:
-                try {
-                    if (_b && !_b.done && (_c = _a.return)) _c.call(_a);
-                }
-                finally { if (e_1) throw e_1.error; }
-                return [7 /*endfinally*/];
-            case 7: return [2 /*return*/];
-        }
-    });
+function* descendants(httpClientRequest) {
+    for (const candidate of new models_1.EventNavigator(httpClientRequest).descendants()) {
+        yield candidate.event;
+    }
 }
-function build(options) {
-    if (options === void 0) { options = new Options(); }
+function build(options = new Options()) {
     return (0, rpcWithoutProtection_1.rpcWithoutProtection)(descendants, options);
 }
-var RPCCircuitBreaker = 'rpc.circuit_breaker';
+const RPCCircuitBreaker = 'rpc.circuit_breaker';
 exports.default = {
     id: 'rpc-without-circuit-breaker',
     title: 'RPC without circuit breaker',
-    Options: Options,
+    Options,
     labels: [RPCCircuitBreaker],
     impactDomain: 'Stability',
     enumerateScope: true,
     description: (0, parseRuleDescription_1.default)('rpcWithoutCircuitBreaker'),
     url: 'https://appland.com/docs/analysis/rules-reference.html#rpc-without-circuit-breaker',
-    build: build,
+    build,
 };
-//# sourceMappingURL=rpcWithoutCircuitBreaker.js.map

package/built/rules/saveWithoutValidation.js

@@ -3,11 +3,11 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-var models_1 = require("@appland/models");
-var url_1 = require("url");
-var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
-var validatedBy = function (iterator) {
-    var i = iterator.next();
+const models_1 = require("@appland/models");
+const url_1 = require("url");
+const parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
+const validatedBy = (iterator) => {
+    let i = iterator.next();
     while (!i.done) {
         if (i.value.event.methodId !== undefined &&
             ['valid?', 'validate'].includes(i.value.event.methodId) // TODO: change this to use labels
@@ -20,8 +20,8 @@ var validatedBy = function (iterator) {
 };
 function build() {
     return {
-        matcher: function (event) { return !validatedBy(new models_1.EventNavigator(event).descendants()); },
-        where: function (e) { return e.isFunction && ['save', 'save!'].includes(e.methodId); },
+        matcher: (event) => !validatedBy(new models_1.EventNavigator(event).descendants()),
+        where: (e) => e.isFunction && ['save', 'save!'].includes(e.methodId),
     };
 }
 exports.default = {
@@ -34,6 +34,5 @@ exports.default = {
     },
     description: (0, parseRuleDescription_1.default)('saveWithoutValidation'),
     url: 'https://appland.com/docs/analysis/rules-reference.html#save-without-validation',
-    build: build,
+    build,
 };
-//# sourceMappingURL=saveWithoutValidation.js.map

package/built/rules/secretInLog.js

@@ -22,114 +22,52 @@ var __importStar = (this && this.__importStar) || function (mod) {
     __setModuleDefault(result, mod);
     return result;
 };
-var __read = (this && this.__read) || function (o, n) {
-    var m = typeof Symbol === "function" && o[Symbol.iterator];
-    if (!m) return o;
-    var i = m.call(o), r, ar = [], e;
-    try {
-        while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value);
-    }
-    catch (error) { e = { error: error }; }
-    finally {
-        try {
-            if (r && !r.done && (m = i["return"])) m.call(i);
-        }
-        finally { if (e) throw e.error; }
-    }
-    return ar;
-};
-var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
-    if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {
-        if (ar || !(i in from)) {
-            if (!ar) ar = Array.prototype.slice.call(from, 0, i);
-            ar[i] = from[i];
-        }
-    }
-    return to.concat(ar || Array.prototype.slice.call(from));
-};
-var __values = (this && this.__values) || function(o) {
-    var s = typeof Symbol === "function" && Symbol.iterator, m = s && o[s], i = 0;
-    if (m) return m.call(o);
-    if (o && typeof o.length === "number") return {
-        next: function () {
-            if (o && i >= o.length) o = void 0;
-            return { value: o && o[i++], done: !o };
-        }
-    };
-    throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
-};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-var secretsRegexes_1 = __importStar(require("../analyzer/secretsRegexes"));
-var util_1 = require("./lib/util");
-var recordSecrets_1 = __importDefault(require("../analyzer/recordSecrets"));
-var url_1 = require("url");
-var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
-var Match = /** @class */ (function () {
-    function Match(regexp, value) {
-        this.regexp = regexp;
+const secretsRegexes_1 = __importStar(require("../analyzer/secretsRegexes"));
+const util_1 = require("./lib/util");
+const recordSecrets_1 = __importDefault(require("../analyzer/recordSecrets"));
+const url_1 = require("url");
+const parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
+class Match {
+    constructor(pattern, value) {
+        this.pattern = pattern;
         this.value = value;
     }
-    return Match;
-}());
-var secrets = new Set();
-var findInLog = function (event) {
-    var e_1, _a;
+}
+const secrets = new Set();
+const findInLog = (event) => {
     if (!event.parameters)
         return;
-    var matches = [];
-    var _loop_1 = function (value) {
-        var e_2, _d;
+    const matches = [];
+    for (const { value } of event.parameters) {
         if ((0, util_1.emptyValue)(value))
-            return "continue";
-        var patterns = [];
+            continue;
+        const patterns = [];
         if ((0, secretsRegexes_1.looksSecret)(value)) {
             // Only look for the exact matching regexes if it matches the catchall regex
-            patterns.push.apply(patterns, __spreadArray([], __read(Object.values(secretsRegexes_1.default)
+            patterns.push(...Object.values(secretsRegexes_1.default)
                 .flat()
-                .filter(function (re) { return re.test(value); })), false));
+                .filter((re) => re.test(value)));
         }
-        try {
-            for (var secrets_1 = (e_2 = void 0, __values(secrets)), secrets_1_1 = secrets_1.next(); !secrets_1_1.done; secrets_1_1 = secrets_1.next()) {
-                var secret = secrets_1_1.value;
-                if (value.includes(secret))
-                    patterns.push(secret);
-            }
-        }
-        catch (e_2_1) { e_2 = { error: e_2_1 }; }
-        finally {
-            try {
-                if (secrets_1_1 && !secrets_1_1.done && (_d = secrets_1.return)) _d.call(secrets_1);
-            }
-            finally { if (e_2) throw e_2.error; }
-        }
-        matches.push.apply(matches, __spreadArray([], __read(patterns.map(function (pattern) { return new Match(pattern, value); })), false));
-    };
-    try {
-        for (var _b = __values(event.parameters), _c = _b.next(); !_c.done; _c = _b.next()) {
-            var value = _c.value.value;
-            _loop_1(value);
-        }
-    }
-    catch (e_1_1) { e_1 = { error: e_1_1 }; }
-    finally {
-        try {
-            if (_c && !_c.done && (_a = _b.return)) _a.call(_b);
+        for (const secret of secrets) {
+            if (value.includes(secret))
+                patterns.push(secret);
         }
-        finally { if (e_1) throw e_1.error; }
+        matches.push(...patterns.map((pattern) => new Match(pattern, value)));
     }
     if (matches.length > 0) {
-        return matches.map(function (match) { return ({
-            event: event,
-            message: "".concat(match.value, " contains secret ").concat(match.regexp),
-        }); });
+        return matches.map((match) => ({
+            event,
+            message: `Log event contains secret data: ${match.value}`,
+        }));
     }
 };
 function build() {
     return {
-        matcher: function (e) {
+        matcher: (e) => {
             if (e.codeObject.labels.has(Secret)) {
                 (0, recordSecrets_1.default)(secrets, e);
             }
@@ -137,13 +75,13 @@ function build() {
                 return findInLog(e);
             }
         },
-        where: function (e) {
+        where: (e) => {
             return e.codeObject.labels.has(Log) || e.codeObject.labels.has(Secret);
         },
     };
 }
-var Secret = 'secret';
-var Log = 'log';
+const Secret = 'secret';
+const Log = 'log';
 exports.default = {
     id: 'secret-in-log',
     title: 'Secret in log',
@@ -155,6 +93,5 @@ exports.default = {
     },
     description: (0, parseRuleDescription_1.default)('secretInLog'),
     url: 'https://appland.com/docs/analysis/rules-reference.html#secret-in-log',
-    build: build,
+    build,
 };
-//# sourceMappingURL=secretInLog.js.map

package/built/rules/slowFunctionCall.js

@@ -3,31 +3,28 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-var matchPattern_1 = require("./lib/matchPattern");
-var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
-var Options = /** @class */ (function () {
-    function Options() {
+const matchPattern_1 = require("./lib/matchPattern");
+const parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
+class Options {
+    constructor() {
         this.functions = [];
         this.timeAllowed = 0.1;
     }
-    return Options;
-}());
+}
 function build(options) {
-    var functionPatterns = (0, matchPattern_1.buildFilters)(options.functions || []);
+    const functionPatterns = (0, matchPattern_1.buildFilters)(options.functions || []);
     return {
-        matcher: function (e) {
+        matcher: (e) => {
             if (e.returnEvent.elapsedTime > options.timeAllowed) {
-                return "Slow ".concat(e.codeObject.id, " call (").concat(e.returnEvent.elapsedTime, "ms)");
+                return `Slow ${e.codeObject.id} call (${e.returnEvent.elapsedTime}ms)`;
             }
         },
-        where: function (e) {
-            return e.isFunction &&
-                !!e.returnEvent &&
-                !!e.returnEvent.elapsedTime &&
-                !!e.codeObject.id &&
-                (functionPatterns.length === 0 ||
-                    functionPatterns.some(function (pattern) { return pattern(e.codeObject.id); }));
-        },
+        where: (e) => e.isFunction &&
+            !!e.returnEvent &&
+            !!e.returnEvent.elapsedTime &&
+            !!e.codeObject.id &&
+            (functionPatterns.length === 0 ||
+                functionPatterns.some((pattern) => pattern(e.codeObject.id))),
     };
 }
 exports.default = {
@@ -38,7 +35,6 @@ exports.default = {
     enumerateScope: true,
     description: (0, parseRuleDescription_1.default)('slowFunctionCall'),
     url: 'https://appland.com/docs/analysis/rules-reference.html#slow-function-call',
-    Options: Options,
-    build: build,
+    Options,
+    build,
 };
-//# sourceMappingURL=slowFunctionCall.js.map

package/built/rules/slowHttpServerRequest.js

@@ -3,18 +3,17 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
-var Options = /** @class */ (function () {
-    function Options() {
+const parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
+class Options {
+    constructor() {
         this.timeAllowed = 1;
     }
-    return Options;
-}());
+}
 function build(options) {
     return {
-        matcher: function (e) { return e.elapsedTime > options.timeAllowed; },
-        message: function () { return "Slow HTTP server request (> ".concat(options.timeAllowed * 1000, "ms)"); },
-        where: function (e) { return !!e.httpServerRequest && e.elapsedTime !== undefined; },
+        matcher: (e) => e.elapsedTime > options.timeAllowed,
+        message: () => `Slow HTTP server request (> ${options.timeAllowed * 1000}ms)`,
+        where: (e) => !!e.httpServerRequest && e.elapsedTime !== undefined,
     };
 }
 exports.default = {
@@ -25,7 +24,6 @@ exports.default = {
     impactDomain: 'Performance',
     description: (0, parseRuleDescription_1.default)('slowHttpServerRequest'),
     url: 'https://appland.com/docs/analysis/rules-reference.html#slow-http-server-request',
-    Options: Options,
-    build: build,
+    Options,
+    build,
 };
-//# sourceMappingURL=slowHttpServerRequest.js.map

package/built/rules/slowQuery.js

@@ -3,28 +3,25 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
-var Options = /** @class */ (function () {
-    function Options() {
+const parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
+class Options {
+    constructor() {
         this.timeAllowed = 1;
     }
-    return Options;
-}());
-function build(options) {
-    if (options === void 0) { options = new Options(); }
+}
+function build(options = new Options()) {
     return {
-        matcher: function (e) { return e.elapsedTime > options.timeAllowed; },
-        where: function (e) { return !!e.sqlQuery && !!e.elapsedTime; },
+        matcher: (e) => e.elapsedTime > options.timeAllowed,
+        where: (e) => !!e.sqlQuery && !!e.elapsedTime,
     };
 }
 exports.default = {
     id: 'slow-query',
     title: 'Slow SQL query',
-    Options: Options,
+    Options,
     impactDomain: 'Performance',
     enumerateScope: true,
     description: (0, parseRuleDescription_1.default)('slowQuery'),
     url: 'https://appland.com/docs/analysis/rules-reference.html#slow-query',
-    build: build,
+    build,
 };
-//# sourceMappingURL=slowQuery.js.map