@appland/scanner 1.56.0 → 1.57.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +15 -0
- package/built/algorithms/dataStructures/graph/Graph.js +53 -62
- package/built/algorithms/dataStructures/graph/GraphEdge.js +13 -16
- package/built/algorithms/dataStructures/graph/GraphVertex.js +37 -42
- package/built/algorithms/dataStructures/linked-list/LinkedList.js +33 -38
- package/built/algorithms/dataStructures/linked-list/LinkedListNode.js +6 -10
- package/built/algorithms/graph/depth-first-search/index.js +7 -8
- package/built/algorithms/graph/detect-cycle/index.js +15 -16
- package/built/algorithms/utils/Comparator.js +19 -21
- package/built/analyzer/recordSecrets.js +7 -30
- package/built/analyzer/secretsRegexes.js +8 -9
- package/built/appMapIndex.js +18 -20
- package/built/check.js +16 -18
- package/built/checkInstance.js +26 -48
- package/built/cli/ci/command.js +61 -156
- package/built/cli/ci/options.js +0 -1
- package/built/cli/codeVersionArgs.js +0 -1
- package/built/cli/exitCode.js +0 -1
- package/built/cli/fail.js +2 -3
- package/built/cli/merge/command.js +21 -63
- package/built/cli/merge/options.js +0 -1
- package/built/cli/reportUploadURL.js +2 -3
- package/built/cli/resolveAppId.js +34 -85
- package/built/cli/scan/command.js +52 -94
- package/built/cli/scan/formatReport.js +16 -89
- package/built/cli/scan/options.js +0 -1
- package/built/cli/scan/scanner.js +38 -117
- package/built/cli/scan/singleScan.js +61 -109
- package/built/cli/scan/watchScan.js +32 -82
- package/built/cli/scan.js +39 -132
- package/built/cli/scanArgs.js +0 -1
- package/built/cli/scanOptions.js +0 -1
- package/built/cli/updateCommitStatus.js +10 -47
- package/built/cli/upload/command.js +20 -64
- package/built/cli/upload/options.js +0 -1
- package/built/cli/upload/pruneAppMap.js +16 -0
- package/built/cli/upload.js +91 -172
- package/built/cli/validateFile.js +13 -52
- package/built/cli.js +34 -21
- package/built/configuration/configurationProvider.js +148 -233
- package/built/configuration/schema/options.json +76 -76
- package/built/configuration/types/checkConfig.js +0 -1
- package/built/configuration/types/configuration.js +0 -1
- package/built/configuration/types/matchEventConfig.js +0 -1
- package/built/configuration/types/matchPatternConfig.js +0 -1
- package/built/database/index.js +33 -127
- package/built/database/visit.js +16 -66
- package/built/errors.js +4 -30
- package/built/eventUtil.js +10 -35
- package/built/findings.js +3 -4
- package/built/integration/appland/app/exists.js +33 -76
- package/built/integration/appland/app/listFindingStatus.js +3 -36
- package/built/integration/appland/appMap/create.js +38 -89
- package/built/integration/appland/location.js +0 -1
- package/built/integration/appland/mapset/create.js +34 -85
- package/built/integration/appland/retry.js +10 -11
- package/built/integration/appland/retryOptions.js +0 -1
- package/built/integration/appland/scannerJob/create.js +34 -84
- package/built/integration/appland/scannerJob/merge.js +28 -74
- package/built/integration/appland/scannerJob.js +0 -1
- package/built/integration/github/commitStatus.js +3 -4
- package/built/integration/vars.js +1 -2
- package/built/openapi/index.js +39 -83
- package/built/report/appMapMetadata.js +0 -1
- package/built/report/findingSummary.js +0 -1
- package/built/report/findingsReport.js +14 -16
- package/built/report/scanResults.js +18 -45
- package/built/report/scanSummary.js +0 -1
- package/built/report/summaryReport.js +12 -13
- package/built/ruleChecker.js +146 -297
- package/built/rules/authzBeforeAuthn.js +25 -59
- package/built/rules/circularDependency.js +69 -101
- package/built/rules/deserializationOfUntrustedData.js +29 -63
- package/built/rules/execOfUntrustedCommand.js +28 -62
- package/built/rules/http-500/metadata.js +0 -1
- package/built/rules/http-500/rule.js +2 -3
- package/built/rules/illegalPackageDependency.js +16 -18
- package/built/rules/incompatibleHttpClientRequest.js +30 -69
- package/built/rules/insecureCompare.js +12 -13
- package/built/rules/jobNotCancelled.js +13 -45
- package/built/rules/lib/hasParameterOrReceiver.js +4 -7
- package/built/rules/lib/matchEvent.js +12 -13
- package/built/rules/lib/matchPattern.js +6 -7
- package/built/rules/lib/metadata.js +0 -1
- package/built/rules/lib/parseRuleDescription.js +5 -6
- package/built/rules/lib/precedingEvents.js +7 -75
- package/built/rules/lib/rpcWithoutProtection.js +5 -28
- package/built/rules/lib/sanitizesData.js +0 -1
- package/built/rules/lib/util.js +33 -73
- package/built/rules/logoutWithoutSessionReset.js +24 -58
- package/built/rules/missingAuthentication.js +28 -28
- package/built/rules/missingContentType.js +8 -9
- package/built/rules/nPlusOneQuery.js +35 -87
- package/built/rules/queryFromInvalidPackage.js +17 -19
- package/built/rules/queryFromView.js +13 -16
- package/built/rules/rpcWithoutCircuitBreaker.js +14 -84
- package/built/rules/saveWithoutValidation.js +8 -9
- package/built/rules/secretInLog.js +29 -92
- package/built/rules/slowFunctionCall.js +16 -20
- package/built/rules/slowHttpServerRequest.js +9 -11
- package/built/rules/slowQuery.js +9 -12
- package/built/rules/tooManyJoins.js +26 -51
- package/built/rules/tooManyUpdates.js +25 -105
- package/built/rules/unbatchedMaterializedQuery.js +26 -30
- package/built/rules/updateInGetRequest.js +30 -45
- package/built/scope/commandScope.js +24 -144
- package/built/scope/httpClientRequestScope.js +11 -98
- package/built/scope/httpServerRequestScope.js +11 -98
- package/built/scope/rootScope.js +11 -98
- package/built/scope/scopeImpl.js +10 -82
- package/built/scope/scopeIterator.js +6 -10
- package/built/scope/sqlTransactionScope.js +24 -122
- package/built/sqlWarning.js +9 -35
- package/built/telemetry.js +215 -0
- package/built/wellKnownLabels.js +0 -1
- package/package.json +7 -3
- package/built/algorithms/dataStructures/graph/Graph.js.map +0 -1
- package/built/algorithms/dataStructures/graph/GraphEdge.js.map +0 -1
- package/built/algorithms/dataStructures/graph/GraphVertex.js.map +0 -1
- package/built/algorithms/dataStructures/linked-list/LinkedList.js.map +0 -1
- package/built/algorithms/dataStructures/linked-list/LinkedListNode.js.map +0 -1
- package/built/algorithms/graph/depth-first-search/index.js.map +0 -1
- package/built/algorithms/graph/detect-cycle/index.js.map +0 -1
- package/built/algorithms/utils/Comparator.js.map +0 -1
- package/built/analyzer/recordSecrets.js.map +0 -1
- package/built/analyzer/secretsRegexes.js.map +0 -1
- package/built/appMapIndex.js.map +0 -1
- package/built/check.js.map +0 -1
- package/built/checkInstance.js.map +0 -1
- package/built/cli/ci/command.js.map +0 -1
- package/built/cli/ci/options.js.map +0 -1
- package/built/cli/codeVersionArgs.js.map +0 -1
- package/built/cli/exitCode.js.map +0 -1
- package/built/cli/fail.js.map +0 -1
- package/built/cli/merge/command.js.map +0 -1
- package/built/cli/merge/options.js.map +0 -1
- package/built/cli/reportUploadURL.js.map +0 -1
- package/built/cli/resolveAppId.js.map +0 -1
- package/built/cli/scan/command.js.map +0 -1
- package/built/cli/scan/formatReport.js.map +0 -1
- package/built/cli/scan/options.js.map +0 -1
- package/built/cli/scan/scanner.js.map +0 -1
- package/built/cli/scan/singleScan.js.map +0 -1
- package/built/cli/scan/watchScan.js.map +0 -1
- package/built/cli/scan.js.map +0 -1
- package/built/cli/scanArgs.js.map +0 -1
- package/built/cli/scanOptions.js.map +0 -1
- package/built/cli/updateCommitStatus.js.map +0 -1
- package/built/cli/upload/command.js.map +0 -1
- package/built/cli/upload/options.js.map +0 -1
- package/built/cli/upload.js.map +0 -1
- package/built/cli/validateFile.js.map +0 -1
- package/built/cli.js.map +0 -1
- package/built/configuration/configurationProvider.js.map +0 -1
- package/built/configuration/types/checkConfig.js.map +0 -1
- package/built/configuration/types/configuration.js.map +0 -1
- package/built/configuration/types/matchEventConfig.js.map +0 -1
- package/built/configuration/types/matchPatternConfig.js.map +0 -1
- package/built/database/index.js.map +0 -1
- package/built/database/visit.js.map +0 -1
- package/built/errors.js.map +0 -1
- package/built/eventUtil.js.map +0 -1
- package/built/findings.js.map +0 -1
- package/built/integration/appland/app/exists.js.map +0 -1
- package/built/integration/appland/app/listFindingStatus.js.map +0 -1
- package/built/integration/appland/appMap/create.js.map +0 -1
- package/built/integration/appland/location.js.map +0 -1
- package/built/integration/appland/mapset/create.js.map +0 -1
- package/built/integration/appland/retry.js.map +0 -1
- package/built/integration/appland/retryOptions.js.map +0 -1
- package/built/integration/appland/scannerJob/create.js.map +0 -1
- package/built/integration/appland/scannerJob/merge.js.map +0 -1
- package/built/integration/appland/scannerJob.js.map +0 -1
- package/built/integration/github/commitStatus.js.map +0 -1
- package/built/integration/vars.js.map +0 -1
- package/built/openapi/index.js.map +0 -1
- package/built/openapi/method.js +0 -120
- package/built/openapi/method.js.map +0 -1
- package/built/openapi/model.js +0 -49
- package/built/openapi/model.js.map +0 -1
- package/built/openapi/path.js +0 -36
- package/built/openapi/path.js.map +0 -1
- package/built/openapi/provider.js +0 -133
- package/built/openapi/provider.js.map +0 -1
- package/built/openapi/response.js +0 -59
- package/built/openapi/response.js.map +0 -1
- package/built/openapi/rpcRequest.js +0 -130
- package/built/openapi/rpcRequest.js.map +0 -1
- package/built/openapi/schema.js +0 -42
- package/built/openapi/schema.js.map +0 -1
- package/built/openapi/securitySchemes.js +0 -32
- package/built/openapi/securitySchemes.js.map +0 -1
- package/built/openapi/statusCodes.js +0 -68
- package/built/openapi/statusCodes.js.map +0 -1
- package/built/openapi/util.js +0 -91
- package/built/openapi/util.js.map +0 -1
- package/built/report/appMapMetadata.js.map +0 -1
- package/built/report/findingSummary.js.map +0 -1
- package/built/report/findingsReport.js.map +0 -1
- package/built/report/scanResults.js.map +0 -1
- package/built/report/scanSummary.js.map +0 -1
- package/built/report/summaryReport.js.map +0 -1
- package/built/ruleChecker.js.map +0 -1
- package/built/rules/authzBeforeAuthn.js.map +0 -1
- package/built/rules/circularDependency.js.map +0 -1
- package/built/rules/deserializationOfUntrustedData.js.map +0 -1
- package/built/rules/execOfUntrustedCommand.js.map +0 -1
- package/built/rules/http-500/metadata.js.map +0 -1
- package/built/rules/http-500/rule.js.map +0 -1
- package/built/rules/illegalPackageDependency.js.map +0 -1
- package/built/rules/incompatibleHttpClientRequest.js.map +0 -1
- package/built/rules/insecureCompare.js.map +0 -1
- package/built/rules/jobNotCancelled.js.map +0 -1
- package/built/rules/lib/hasParameterOrReceiver.js.map +0 -1
- package/built/rules/lib/matchEvent.js.map +0 -1
- package/built/rules/lib/matchPattern.js.map +0 -1
- package/built/rules/lib/metadata.js.map +0 -1
- package/built/rules/lib/parseRuleDescription.js.map +0 -1
- package/built/rules/lib/precedingEvents.js.map +0 -1
- package/built/rules/lib/rpcWithoutProtection.js.map +0 -1
- package/built/rules/lib/sanitizesData.js.map +0 -1
- package/built/rules/lib/util.js.map +0 -1
- package/built/rules/logoutWithoutSessionReset.js.map +0 -1
- package/built/rules/missingAuthentication.js.map +0 -1
- package/built/rules/missingContentType.js.map +0 -1
- package/built/rules/nPlusOneQuery.js.map +0 -1
- package/built/rules/queryFromInvalidPackage.js.map +0 -1
- package/built/rules/queryFromView.js.map +0 -1
- package/built/rules/rpcWithoutCircuitBreaker.js.map +0 -1
- package/built/rules/saveWithoutValidation.js.map +0 -1
- package/built/rules/secretInLog.js.map +0 -1
- package/built/rules/slowFunctionCall.js.map +0 -1
- package/built/rules/slowHttpServerRequest.js.map +0 -1
- package/built/rules/slowQuery.js.map +0 -1
- package/built/rules/tooManyJoins.js.map +0 -1
- package/built/rules/tooManyUpdates.js.map +0 -1
- package/built/rules/unbatchedMaterializedQuery.js.map +0 -1
- package/built/rules/updateInGetRequest.js.map +0 -1
- package/built/scope/commandScope.js.map +0 -1
- package/built/scope/httpClientRequestScope.js.map +0 -1
- package/built/scope/httpServerRequestScope.js.map +0 -1
- package/built/scope/rootScope.js.map +0 -1
- package/built/scope/scopeImpl.js.map +0 -1
- package/built/scope/scopeIterator.js.map +0 -1
- package/built/scope/sqlTransactionScope.js.map +0 -1
- package/built/sqlWarning.js.map +0 -1
- package/built/wellKnownLabels.js.map +0 -1
package/built/cli/scan.js
CHANGED
|
@@ -8,153 +8,60 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
8
8
|
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
9
|
});
|
|
10
10
|
};
|
|
11
|
-
var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
12
|
-
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
|
|
13
|
-
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
|
|
14
|
-
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
15
|
-
function step(op) {
|
|
16
|
-
if (f) throw new TypeError("Generator is already executing.");
|
|
17
|
-
while (_) try {
|
|
18
|
-
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
19
|
-
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
20
|
-
switch (op[0]) {
|
|
21
|
-
case 0: case 1: t = op; break;
|
|
22
|
-
case 4: _.label++; return { value: op[1], done: false };
|
|
23
|
-
case 5: _.label++; y = op[1]; op = [0]; continue;
|
|
24
|
-
case 7: op = _.ops.pop(); _.trys.pop(); continue;
|
|
25
|
-
default:
|
|
26
|
-
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
|
|
27
|
-
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
|
|
28
|
-
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
|
|
29
|
-
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
|
|
30
|
-
if (t[2]) _.ops.pop();
|
|
31
|
-
_.trys.pop(); continue;
|
|
32
|
-
}
|
|
33
|
-
op = body.call(thisArg, _);
|
|
34
|
-
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
|
|
35
|
-
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
36
|
-
}
|
|
37
|
-
};
|
|
38
|
-
var __read = (this && this.__read) || function (o, n) {
|
|
39
|
-
var m = typeof Symbol === "function" && o[Symbol.iterator];
|
|
40
|
-
if (!m) return o;
|
|
41
|
-
var i = m.call(o), r, ar = [], e;
|
|
42
|
-
try {
|
|
43
|
-
while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value);
|
|
44
|
-
}
|
|
45
|
-
catch (error) { e = { error: error }; }
|
|
46
|
-
finally {
|
|
47
|
-
try {
|
|
48
|
-
if (r && !r.done && (m = i["return"])) m.call(i);
|
|
49
|
-
}
|
|
50
|
-
finally { if (e) throw e.error; }
|
|
51
|
-
}
|
|
52
|
-
return ar;
|
|
53
|
-
};
|
|
54
|
-
var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
|
|
55
|
-
if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {
|
|
56
|
-
if (ar || !(i in from)) {
|
|
57
|
-
if (!ar) ar = Array.prototype.slice.call(from, 0, i);
|
|
58
|
-
ar[i] = from[i];
|
|
59
|
-
}
|
|
60
|
-
}
|
|
61
|
-
return to.concat(ar || Array.prototype.slice.call(from));
|
|
62
|
-
};
|
|
63
11
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
64
12
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
65
13
|
};
|
|
66
14
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
67
15
|
/* eslint-disable @typescript-eslint/no-empty-function */
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
16
|
+
const cli_progress_1 = __importDefault(require("cli-progress"));
|
|
17
|
+
const promises_1 = require("fs/promises");
|
|
18
|
+
const models_1 = require("@appland/models");
|
|
19
|
+
const ruleChecker_1 = __importDefault(require("../ruleChecker"));
|
|
20
|
+
const appMapIndex_1 = __importDefault(require("../appMapIndex"));
|
|
73
21
|
function batch(items, size, process) {
|
|
74
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
case 0:
|
|
79
|
-
left = __spreadArray([], __read(items), false);
|
|
80
|
-
_a.label = 1;
|
|
81
|
-
case 1:
|
|
82
|
-
if (!left.length) return [3 /*break*/, 3];
|
|
83
|
-
return [4 /*yield*/, Promise.all(left.splice(0, size).map(process))];
|
|
84
|
-
case 2:
|
|
85
|
-
_a.sent();
|
|
86
|
-
return [3 /*break*/, 1];
|
|
87
|
-
case 3: return [2 /*return*/];
|
|
88
|
-
}
|
|
89
|
-
});
|
|
22
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
23
|
+
const left = [...items];
|
|
24
|
+
while (left.length)
|
|
25
|
+
yield Promise.all(left.splice(0, size).map(process));
|
|
90
26
|
});
|
|
91
27
|
}
|
|
92
28
|
function scan(files, checks) {
|
|
93
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
29
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
30
|
+
// TODO: Improve this by respecting .gitignore, or similar.
|
|
31
|
+
// For now, this addresses the main problem of encountering appmap-js and its appmap.json files
|
|
32
|
+
// in a bundled node_modules.
|
|
33
|
+
files = files.filter((file) => !file.split('/').includes('node_modules'));
|
|
34
|
+
const checker = new ruleChecker_1.default();
|
|
35
|
+
const appMapMetadata = {};
|
|
36
|
+
const findings = [];
|
|
94
37
|
function newProgress() {
|
|
95
38
|
if (process.stdout.isTTY) {
|
|
96
|
-
return new cli_progress_1.default.SingleBar({ format:
|
|
39
|
+
return new cli_progress_1.default.SingleBar({ format: `Scanning [{bar}] {percentage}% | {value}/{total}` }, cli_progress_1.default.Presets.shades_classic);
|
|
97
40
|
}
|
|
98
41
|
return {
|
|
99
|
-
increment:
|
|
100
|
-
start:
|
|
101
|
-
stop:
|
|
42
|
+
increment: () => { },
|
|
43
|
+
start: () => { },
|
|
44
|
+
stop: () => { },
|
|
102
45
|
};
|
|
103
46
|
}
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
switch (_a.label) {
|
|
123
|
-
case 0: return [4 /*yield*/, (0, promises_1.readFile)(file, 'utf8')];
|
|
124
|
-
case 1:
|
|
125
|
-
appMapData = _a.sent();
|
|
126
|
-
appMap = (0, models_1.buildAppMap)(appMapData).normalize().build();
|
|
127
|
-
appMapIndex = new appMapIndex_1.default(appMap);
|
|
128
|
-
appMapMetadata[file] = appMap.metadata;
|
|
129
|
-
return [4 /*yield*/, Promise.all(checks.map(function (check) { return __awaiter(_this, void 0, void 0, function () {
|
|
130
|
-
var matchCount, newMatches;
|
|
131
|
-
return __generator(this, function (_a) {
|
|
132
|
-
switch (_a.label) {
|
|
133
|
-
case 0:
|
|
134
|
-
matchCount = findings.length;
|
|
135
|
-
return [4 /*yield*/, checker.check(file, appMapIndex, check, findings)];
|
|
136
|
-
case 1:
|
|
137
|
-
_a.sent();
|
|
138
|
-
progress.increment();
|
|
139
|
-
newMatches = findings.slice(matchCount, findings.length);
|
|
140
|
-
newMatches.forEach(function (match) { return (match.appMapFile = file); });
|
|
141
|
-
return [2 /*return*/];
|
|
142
|
-
}
|
|
143
|
-
});
|
|
144
|
-
}); }))];
|
|
145
|
-
case 2:
|
|
146
|
-
_a.sent();
|
|
147
|
-
return [2 /*return*/, null];
|
|
148
|
-
}
|
|
149
|
-
});
|
|
150
|
-
}); })];
|
|
151
|
-
case 1:
|
|
152
|
-
_a.sent();
|
|
153
|
-
progress.stop();
|
|
154
|
-
return [2 /*return*/, { appMapMetadata: appMapMetadata, findings: findings }];
|
|
155
|
-
}
|
|
156
|
-
});
|
|
47
|
+
const progress = newProgress();
|
|
48
|
+
progress.start(files.length * checks.length, 0);
|
|
49
|
+
yield batch(files, 2, (file) => __awaiter(this, void 0, void 0, function* () {
|
|
50
|
+
const appMapData = yield (0, promises_1.readFile)(file, 'utf8');
|
|
51
|
+
const appMap = (0, models_1.buildAppMap)(appMapData).normalize().build();
|
|
52
|
+
const appMapIndex = new appMapIndex_1.default(appMap);
|
|
53
|
+
appMapMetadata[file] = appMap.metadata;
|
|
54
|
+
yield Promise.all(checks.map((check) => __awaiter(this, void 0, void 0, function* () {
|
|
55
|
+
const matchCount = findings.length;
|
|
56
|
+
yield checker.check(file, appMapIndex, check, findings);
|
|
57
|
+
progress.increment();
|
|
58
|
+
const newMatches = findings.slice(matchCount, findings.length);
|
|
59
|
+
newMatches.forEach((match) => (match.appMapFile = file));
|
|
60
|
+
})));
|
|
61
|
+
return null;
|
|
62
|
+
}));
|
|
63
|
+
progress.stop();
|
|
64
|
+
return { appMapMetadata, findings };
|
|
157
65
|
});
|
|
158
66
|
}
|
|
159
67
|
exports.default = scan;
|
|
160
|
-
//# sourceMappingURL=scan.js.map
|
package/built/cli/scanArgs.js
CHANGED
package/built/cli/scanOptions.js
CHANGED
|
@@ -8,58 +8,21 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
8
8
|
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
9
|
});
|
|
10
10
|
};
|
|
11
|
-
var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
12
|
-
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
|
|
13
|
-
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
|
|
14
|
-
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
15
|
-
function step(op) {
|
|
16
|
-
if (f) throw new TypeError("Generator is already executing.");
|
|
17
|
-
while (_) try {
|
|
18
|
-
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
19
|
-
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
20
|
-
switch (op[0]) {
|
|
21
|
-
case 0: case 1: t = op; break;
|
|
22
|
-
case 4: _.label++; return { value: op[1], done: false };
|
|
23
|
-
case 5: _.label++; y = op[1]; op = [0]; continue;
|
|
24
|
-
case 7: op = _.ops.pop(); _.trys.pop(); continue;
|
|
25
|
-
default:
|
|
26
|
-
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
|
|
27
|
-
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
|
|
28
|
-
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
|
|
29
|
-
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
|
|
30
|
-
if (t[2]) _.ops.pop();
|
|
31
|
-
_.trys.pop(); continue;
|
|
32
|
-
}
|
|
33
|
-
op = body.call(thisArg, _);
|
|
34
|
-
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
|
|
35
|
-
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
36
|
-
}
|
|
37
|
-
};
|
|
38
11
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
39
12
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
40
13
|
};
|
|
41
14
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
42
|
-
|
|
15
|
+
const commitStatus_1 = __importDefault(require("../integration/github/commitStatus"));
|
|
43
16
|
function updateCommitStatus(numFindings, numChecks) {
|
|
44
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
return [3 /*break*/, 4];
|
|
54
|
-
case 2: return [4 /*yield*/, (0, commitStatus_1.default)('success', "".concat(numChecks, " checks passed"))];
|
|
55
|
-
case 3:
|
|
56
|
-
_a.sent();
|
|
57
|
-
console.log("Commit status updated to: success.");
|
|
58
|
-
_a.label = 4;
|
|
59
|
-
case 4: return [2 /*return*/];
|
|
60
|
-
}
|
|
61
|
-
});
|
|
17
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
18
|
+
if (numFindings > 0) {
|
|
19
|
+
yield (0, commitStatus_1.default)('failure', `${numChecks} checks, ${numFindings} findings. See CI job log for details.`);
|
|
20
|
+
console.log(`Commit status updated to: failure (${numFindings} findings)`);
|
|
21
|
+
}
|
|
22
|
+
else {
|
|
23
|
+
yield (0, commitStatus_1.default)('success', `${numChecks} checks passed`);
|
|
24
|
+
console.log(`Commit status updated to: success.`);
|
|
25
|
+
}
|
|
62
26
|
});
|
|
63
27
|
}
|
|
64
28
|
exports.default = updateCommitStatus;
|
|
65
|
-
//# sourceMappingURL=updateCommitStatus.js.map
|
|
@@ -8,48 +8,21 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
8
8
|
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
9
|
});
|
|
10
10
|
};
|
|
11
|
-
var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
12
|
-
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
|
|
13
|
-
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
|
|
14
|
-
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
15
|
-
function step(op) {
|
|
16
|
-
if (f) throw new TypeError("Generator is already executing.");
|
|
17
|
-
while (_) try {
|
|
18
|
-
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
19
|
-
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
20
|
-
switch (op[0]) {
|
|
21
|
-
case 0: case 1: t = op; break;
|
|
22
|
-
case 4: _.label++; return { value: op[1], done: false };
|
|
23
|
-
case 5: _.label++; y = op[1]; op = [0]; continue;
|
|
24
|
-
case 7: op = _.ops.pop(); _.trys.pop(); continue;
|
|
25
|
-
default:
|
|
26
|
-
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
|
|
27
|
-
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
|
|
28
|
-
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
|
|
29
|
-
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
|
|
30
|
-
if (t[2]) _.ops.pop();
|
|
31
|
-
_.trys.pop(); continue;
|
|
32
|
-
}
|
|
33
|
-
op = body.call(thisArg, _);
|
|
34
|
-
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
|
|
35
|
-
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
36
|
-
}
|
|
37
|
-
};
|
|
38
11
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
39
12
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
40
13
|
};
|
|
41
14
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
15
|
+
const promises_1 = require("fs/promises");
|
|
16
|
+
const util_1 = require("../../rules/lib/util");
|
|
17
|
+
const validateFile_1 = __importDefault(require("../validateFile"));
|
|
18
|
+
const resolveAppId_1 = __importDefault(require("../resolveAppId"));
|
|
19
|
+
const reportUploadURL_1 = __importDefault(require("../reportUploadURL"));
|
|
20
|
+
const upload_1 = __importDefault(require("../upload"));
|
|
21
|
+
const codeVersionArgs_1 = __importDefault(require("../codeVersionArgs"));
|
|
49
22
|
exports.default = {
|
|
50
23
|
command: 'upload',
|
|
51
24
|
describe: 'Upload Findings to the AppMap Server',
|
|
52
|
-
builder
|
|
25
|
+
builder(args) {
|
|
53
26
|
(0, codeVersionArgs_1.default)(args);
|
|
54
27
|
args.option('appmap-dir', {
|
|
55
28
|
describe: 'base directory of AppMaps',
|
|
@@ -67,36 +40,19 @@ exports.default = {
|
|
|
67
40
|
});
|
|
68
41
|
return args.strict();
|
|
69
42
|
},
|
|
70
|
-
handler
|
|
71
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
case 1:
|
|
82
|
-
_d.sent();
|
|
83
|
-
return [4 /*yield*/, (0, resolveAppId_1.default)(appIdArg, appmapDir)];
|
|
84
|
-
case 2:
|
|
85
|
-
appId = _d.sent();
|
|
86
|
-
_c = (_b = JSON).parse;
|
|
87
|
-
return [4 /*yield*/, (0, promises_1.readFile)(reportFile)];
|
|
88
|
-
case 3:
|
|
89
|
-
scanResults = _c.apply(_b, [(_d.sent()).toString()]);
|
|
90
|
-
return [4 /*yield*/, (0, upload_1.default)(scanResults, appId, appmapDir, mergeKey, { branch: branch, commit: commit, environment: environment }, {
|
|
91
|
-
maxRetries: 3,
|
|
92
|
-
})];
|
|
93
|
-
case 4:
|
|
94
|
-
uploadResponse = _d.sent();
|
|
95
|
-
(0, reportUploadURL_1.default)(uploadResponse.summary.numFindings, uploadResponse.url);
|
|
96
|
-
return [2 /*return*/];
|
|
97
|
-
}
|
|
43
|
+
handler(options) {
|
|
44
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
45
|
+
const { verbose: isVerbose, reportFile, appmapDir, app: appIdArg, mergeKey, branch, commit, environment, } = options;
|
|
46
|
+
if (isVerbose) {
|
|
47
|
+
(0, util_1.verbose)(true);
|
|
48
|
+
}
|
|
49
|
+
yield (0, validateFile_1.default)('directory', appmapDir);
|
|
50
|
+
const appId = yield (0, resolveAppId_1.default)(appIdArg, appmapDir);
|
|
51
|
+
const scanResults = JSON.parse((yield (0, promises_1.readFile)(reportFile)).toString());
|
|
52
|
+
const uploadResponse = yield (0, upload_1.default)(scanResults, appId, appmapDir, mergeKey, { branch, commit, environment }, {
|
|
53
|
+
maxRetries: 3,
|
|
98
54
|
});
|
|
55
|
+
(0, reportUploadURL_1.default)(uploadResponse.summary.numFindings, uploadResponse.url);
|
|
99
56
|
});
|
|
100
57
|
},
|
|
101
58
|
};
|
|
102
|
-
//# sourceMappingURL=command.js.map
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.pruneAppMap = exports.maxAppMapSize = void 0;
|
|
4
|
+
const models_1 = require("@appland/models");
|
|
5
|
+
const APPMAP_UPLOAD_MAX_SIZE = parseInt(process.env.APPMAP_UPLOAD_MAX_SIZE || '40960') * 1024;
|
|
6
|
+
if (!APPMAP_UPLOAD_MAX_SIZE) {
|
|
7
|
+
throw Error(`Failed parsing APPMAP_UPLOAD_MAX_SIZE: "${process.env.APPMAP_UPLOAD_MAX_SIZE}"`);
|
|
8
|
+
}
|
|
9
|
+
function maxAppMapSize() {
|
|
10
|
+
return APPMAP_UPLOAD_MAX_SIZE;
|
|
11
|
+
}
|
|
12
|
+
exports.maxAppMapSize = maxAppMapSize;
|
|
13
|
+
function pruneAppMap(appMapJson, maxSize) {
|
|
14
|
+
return (0, models_1.buildAppMap)().source(appMapJson).prune(maxSize).normalize().build();
|
|
15
|
+
}
|
|
16
|
+
exports.pruneAppMap = pruneAppMap;
|