@eurekadevsecops/radar 1.0.0 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +24 -8
  2. package/package.json +4 -1
  3. package/scanners/gitleaks/run.sh +1 -1
  4. package/src/util/sarif/summarize.js +1 -1
package/README.md CHANGED
@@ -12,32 +12,48 @@ radarctl is a command-line interface for Radar, an open-source orchestrator of s
12
12
 
13
13
  ## Installation
14
14
 
15
- ## Using a Package Manager
16
-
17
- #### [NPM](https://npmjs.com) (macOS, Linux, WSL)
15
+ Install the Radar CLI on the command-line using [NPM](https://npmjs.com):
18
16
 
19
17
  ```bash
20
- npm install -g radar
18
+ npm i -g @eurekadevsecops/radar
21
19
  ```
22
20
 
23
- ## Downloading from GitHub
21
+ ## Getting Started
24
22
 
25
- Download the appropriate version from the [Releases](https://github.com/eurekadevsecops/radarctl/releases) page of the `radarctl` GitHub repository.
23
+ Run the Radar CLI:
26
24
 
27
- ## Getting Started
25
+ ```bash
26
+ radar
27
+ ```
28
28
 
29
- Get familiar with built-in radar help pages:
29
+ You will get a list of available commands:
30
+ ```bash
31
+ COMMANDS
32
+ help display help
33
+ scan scan for vulnerabilities
34
+ scanners display available scanners
35
+ ```
36
+
37
+ View help page for each command by using `help` on the command-line:
30
38
 
31
39
  ```bash
32
40
  radar help
33
41
  ```
34
42
 
43
+ ## Running a Scan
44
+
35
45
  Run a scan on the source code in the current working directory:
36
46
 
37
47
  ```bash
38
48
  radar scan
39
49
  ```
40
50
 
51
+ Refer to help for the `scan` command for more information.
52
+
53
+ ```bash
54
+ radar help scan
55
+ ```
56
+
41
57
  ## Contributing guide
42
58
 
43
59
  See [CONTRIBUTING.md](./CONTRIBUTING.md)
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@eurekadevsecops/radar",
3
- "version": "1.0.0",
3
+ "version": "1.0.2",
4
4
  "description": "Radar is an open-source orchestrator of security scanners.",
5
5
  "homepage": "https://www.eurekadevsecops.com/radar",
6
6
  "keywords": [
@@ -16,6 +16,9 @@
16
16
  "author": "Sasa Djolic <s.djolic@eurekadevsecops.com> (https://www.linkedin.com/in/sasadjolic/)",
17
17
  "type": "commonjs",
18
18
  "main": "cli.js",
19
+ "bin": {
20
+ "radar": "cli.js"
21
+ },
19
22
  "scripts": {
20
23
  "test": "standard"
21
24
  },
package/scanners/gitleaks/run.sh CHANGED
@@ -4,4 +4,4 @@
4
4
  # $3 - Path to the output folder where scan results should be stored
5
5
 
6
6
  set -e
7
- docker run --rm -v $1:/app -v $2:/input -v $3:/output zricethezav/gitleaks dir -f sarif -r /output/gitleaks.sarif /app 2>&1
7
+ docker run --rm -v $1:/app -v $2:/input -v $3:/output zricethezav/gitleaks dir --exit-code 0 -f sarif -r /output/gitleaks.sarif /app 2>&1
package/src/util/sarif/summarize.js CHANGED
@@ -26,7 +26,7 @@ module.exports = (sarif, dir) => {
26
26
 
27
27
  for (const rule of run.tool.driver.rules) {
28
28
  if (rule.id === result.ruleId) {
29
- const level = rule.defaultConfiguration.level
29
+ const level = rule?.defaultConfiguration?.level ?? 'error'
30
30
  if (level === 'error' || level === 'warning' || level === 'note') {
31
31
  finding.level = level
32
32
  summary[`${finding.level}s`].push(finding)