@j-schreiber/sf-cli-security-audit 0.22.0 → 0.24.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (86) hide show
  1. package/README.md +3 -3
  2. package/lib/libs/audit-engine/auditRun.js +6 -7
  3. package/lib/libs/audit-engine/auditRun.js.map +1 -1
  4. package/lib/libs/audit-engine/index.d.ts +21 -0
  5. package/lib/libs/audit-engine/registry/definitions.d.ts +23 -0
  6. package/lib/libs/audit-engine/registry/definitions.js +8 -0
  7. package/lib/libs/audit-engine/registry/definitions.js.map +1 -1
  8. package/lib/libs/audit-engine/registry/policies/connectedApps.js +1 -1
  9. package/lib/libs/audit-engine/registry/policies/connectedApps.js.map +1 -1
  10. package/lib/libs/audit-engine/registry/policies/objects.d.ts +12 -0
  11. package/lib/libs/audit-engine/registry/policies/objects.js +18 -0
  12. package/lib/libs/audit-engine/registry/policies/objects.js.map +1 -0
  13. package/lib/libs/audit-engine/registry/policies/permissionSets.js +4 -4
  14. package/lib/libs/audit-engine/registry/policies/permissionSets.js.map +1 -1
  15. package/lib/libs/audit-engine/registry/policies/profiles.d.ts +0 -2
  16. package/lib/libs/audit-engine/registry/policies/profiles.js +0 -5
  17. package/lib/libs/audit-engine/registry/policies/profiles.js.map +1 -1
  18. package/lib/libs/audit-engine/registry/policies/settings.js +4 -2
  19. package/lib/libs/audit-engine/registry/policies/settings.js.map +1 -1
  20. package/lib/libs/audit-engine/registry/policies/users.js +3 -3
  21. package/lib/libs/audit-engine/registry/policies/users.js.map +1 -1
  22. package/lib/libs/audit-engine/registry/policy.d.ts +9 -1
  23. package/lib/libs/audit-engine/registry/policy.js +5 -0
  24. package/lib/libs/audit-engine/registry/policy.js.map +1 -1
  25. package/lib/libs/audit-engine/registry/roles/roleManager.d.ts +7 -1
  26. package/lib/libs/audit-engine/registry/roles/roleManager.js +12 -0
  27. package/lib/libs/audit-engine/registry/roles/roleManager.js.map +1 -1
  28. package/lib/libs/audit-engine/registry/roles/userRole.d.ts +24 -1
  29. package/lib/libs/audit-engine/registry/roles/userRole.js +53 -5
  30. package/lib/libs/audit-engine/registry/roles/userRole.js.map +1 -1
  31. package/lib/libs/audit-engine/registry/ruleRegistry.js +7 -1
  32. package/lib/libs/audit-engine/registry/ruleRegistry.js.map +1 -1
  33. package/lib/libs/audit-engine/registry/rules/enforceObjectAccessOnUser.d.ts +0 -1
  34. package/lib/libs/audit-engine/registry/rules/enforceObjectAccessOnUser.js +1 -7
  35. package/lib/libs/audit-engine/registry/rules/enforceObjectAccessOnUser.js.map +1 -1
  36. package/lib/libs/audit-engine/registry/rules/enforcePermissionPresets.d.ts +0 -1
  37. package/lib/libs/audit-engine/registry/rules/enforcePermissionPresets.js +3 -9
  38. package/lib/libs/audit-engine/registry/rules/enforcePermissionPresets.js.map +1 -1
  39. package/lib/libs/audit-engine/registry/rules/enforcePermissionsOnProfileLike.d.ts +0 -1
  40. package/lib/libs/audit-engine/registry/rules/enforcePermissionsOnProfileLike.js +1 -7
  41. package/lib/libs/audit-engine/registry/rules/enforcePermissionsOnProfileLike.js.map +1 -1
  42. package/lib/libs/audit-engine/registry/rules/enforcePermissionsOnUser.d.ts +0 -1
  43. package/lib/libs/audit-engine/registry/rules/enforcePermissionsOnUser.js +1 -7
  44. package/lib/libs/audit-engine/registry/rules/enforcePermissionsOnUser.js.map +1 -1
  45. package/lib/libs/audit-engine/registry/rules/policyRule.d.ts +2 -0
  46. package/lib/libs/audit-engine/registry/rules/policyRule.js.map +1 -1
  47. package/lib/libs/audit-engine/registry/rules/privateExternalAccessForAllObjects.d.ts +7 -0
  48. package/lib/libs/audit-engine/registry/rules/privateExternalAccessForAllObjects.js +34 -0
  49. package/lib/libs/audit-engine/registry/rules/privateExternalAccessForAllObjects.js.map +1 -0
  50. package/lib/libs/audit-engine/registry/shape/auditConfigShape.d.ts +21 -0
  51. package/lib/libs/audit-engine/registry/shape/auditConfigShape.js +7 -1
  52. package/lib/libs/audit-engine/registry/shape/auditConfigShape.js.map +1 -1
  53. package/lib/libs/audit-engine/registry/shape/shapeValidation.d.ts +2 -2
  54. package/lib/libs/audit-engine/registry/shape/shapeValidation.js +36 -21
  55. package/lib/libs/audit-engine/registry/shape/shapeValidation.js.map +1 -1
  56. package/lib/salesforce/connection.d.ts +13 -0
  57. package/lib/salesforce/connection.js +35 -1
  58. package/lib/salesforce/connection.js.map +1 -1
  59. package/lib/salesforce/describes/orgDescribe.d.ts +10 -1
  60. package/lib/salesforce/describes/orgDescribe.js +38 -2
  61. package/lib/salesforce/describes/orgDescribe.js.map +1 -1
  62. package/lib/salesforce/describes/orgDescribe.types.d.ts +21 -2
  63. package/lib/salesforce/index.d.ts +2 -0
  64. package/lib/salesforce/index.js +1 -0
  65. package/lib/salesforce/index.js.map +1 -1
  66. package/lib/salesforce/mdapi/constants.d.ts +1 -0
  67. package/lib/salesforce/mdapi/constants.js +2 -1
  68. package/lib/salesforce/mdapi/constants.js.map +1 -1
  69. package/lib/salesforce/repositories/connected-apps/connected-apps.d.ts +6 -1
  70. package/lib/salesforce/repositories/connected-apps/connected-apps.js.map +1 -1
  71. package/lib/salesforce/repositories/object-definitions/object-definitions.d.ts +17 -0
  72. package/lib/salesforce/repositories/object-definitions/object-definitions.js +94 -0
  73. package/lib/salesforce/repositories/object-definitions/object-definitions.js.map +1 -0
  74. package/lib/salesforce/repositories/object-definitions/object-definitions.types.d.ts +60 -0
  75. package/lib/salesforce/repositories/object-definitions/object-definitions.types.js +9 -0
  76. package/lib/salesforce/repositories/object-definitions/object-definitions.types.js.map +1 -0
  77. package/lib/salesforce/repositories/perm-sets/permission-sets.d.ts +6 -1
  78. package/lib/salesforce/repositories/perm-sets/permission-sets.js.map +1 -1
  79. package/lib/salesforce/resolve-entity-lifecycle-bus.d.ts +3 -1
  80. package/lib/salesforce/resolve-entity-lifecycle-bus.js.map +1 -1
  81. package/messages/auditShapeValidation.md +4 -0
  82. package/messages/rules.enforceClassificationPresets.md +1 -1
  83. package/messages/rules.objects.md +3 -0
  84. package/oclif.lock +1056 -1703
  85. package/oclif.manifest.json +1 -1
  86. package/package.json +22 -22
@@ -0,0 +1,60 @@
1
+ export declare function formatEntityDefinitionQuery(objectNames: string[]): string;
2
+ export declare const CUSTOM_OBJECT_BASE_QUERY = "SELECT Id,DeveloperName,SharingModel FROM CustomObject";
3
+ export type ObjectDefinition = {
4
+ /**
5
+ * Qualified API name of the object, with type suffix (__c, __e, etc)
6
+ */
7
+ developerName: string;
8
+ /**
9
+ * Indicates if the object has a sharing rules table.
10
+ */
11
+ isSharingControllable: boolean;
12
+ /**
13
+ * If its a custom object, the Id in CustomObject table
14
+ */
15
+ customObjectId?: string;
16
+ label: string | undefined;
17
+ externalSharing: GlobalSharingModelEnum;
18
+ internalSharing: GlobalSharingModelEnum;
19
+ /**
20
+ * Set by query on CustomObject (SfCustomObject.SharingModel). The value
21
+ * indicates if the object can have individual sharing, or if it inherits
22
+ * the visibility from its parent.
23
+ */
24
+ sharingModel: CustomObjSharingModelEnum;
25
+ /**
26
+ * Derived type of the object.
27
+ */
28
+ type: 'SObject' | 'CustomSetting' | 'CustomMetadata' | 'PlatformEvent' | 'KnowledgeArticle' | 'Unknown';
29
+ /**
30
+ * Indicates if this is a custom object (i.e. entry in CustomObjects table)
31
+ */
32
+ isCustom: boolean;
33
+ /**
34
+ * Indicates, if the object exists in the EntityDefinition table
35
+ */
36
+ hasEntityDefinition: boolean;
37
+ /**
38
+ * Indicates, if the object exists as a CustomObject metadata (this
39
+ * type has all regular sobjects, not only custom objects).
40
+ */
41
+ hasCustomObjectMetadata: boolean;
42
+ };
43
+ export type SfEntityDefinition = {
44
+ DurableId: string;
45
+ QualifiedApiName: string;
46
+ MasterLabel: string;
47
+ ExternalSharingModel: GlobalSharingModelEnum;
48
+ InternalSharingModel: GlobalSharingModelEnum;
49
+ IsRetrieveable: boolean;
50
+ IsCustomizeable: boolean;
51
+ IsCustomSetting: boolean;
52
+ KeyPrefix: string;
53
+ };
54
+ export type SfCustomObject = {
55
+ Id: string;
56
+ DeveloperName: string;
57
+ SharingModel: CustomObjSharingModelEnum;
58
+ };
59
+ export type GlobalSharingModelEnum = 'Private' | 'ControlledByParent' | 'ReadWrite' | 'Read' | 'ReadWriteTransfer' | 'ControlledByCampaign' | 'ReadSelect' | 'FullAccess' | 'Unknown';
60
+ export type CustomObjSharingModelEnum = 'Unknown' | 'Edit' | 'Read' | 'ControlledByParent' | 'None';
@@ -0,0 +1,9 @@
1
+ const ENTITY_DEFINITION_BASE_QUERY = 'SELECT DurableId,MasterLabel,QualifiedApiName,ExternalSharingModel,InternalSharingModel,KeyPrefix,IsRetrieveable,IsCustomizable,IsCustomSetting FROM EntityDefinition';
2
+ export function formatEntityDefinitionQuery(objectNames) {
3
+ return `${ENTITY_DEFINITION_BASE_QUERY} WHERE QualifiedApiName IN (${formatObjectNames(objectNames)})`;
4
+ }
5
+ export const CUSTOM_OBJECT_BASE_QUERY = 'SELECT Id,DeveloperName,SharingModel FROM CustomObject';
6
+ function formatObjectNames(objectNames) {
7
+ return `${objectNames.map((objName) => `'${objName}'`).join(',')}`;
8
+ }
9
+ //# sourceMappingURL=object-definitions.types.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"object-definitions.types.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/object-definitions/object-definitions.types.ts"],"names":[],"mappings":"AAAA,MAAM,4BAA4B,GAChC,uKAAuK,CAAC;AAE1K,MAAM,UAAU,2BAA2B,CAAC,WAAqB;IAC/D,OAAO,GAAG,4BAA4B,+BAA+B,iBAAiB,CAAC,WAAW,CAAC,GAAG,CAAC;AACzG,CAAC;AAED,MAAM,CAAC,MAAM,wBAAwB,GAAG,wDAAwD,CAAC;AA0EjG,SAAS,iBAAiB,CAAC,WAAqB;IAC9C,OAAO,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,IAAI,OAAO,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;AACrE,CAAC"}
@@ -2,7 +2,12 @@ import EventEmitter from 'node:events';
2
2
  import { PermissionSet } from '../perm-sets/perm-sets.types.js';
3
3
  import SfConnection from '../../connection.js';
4
4
  import { ResolvePermSetOptions } from './perm-sets.types.js';
5
- export default class PermissionSets extends EventEmitter {
5
+ export default class PermissionSets extends EventEmitter<{
6
+ entityresolve: [{
7
+ total: number;
8
+ resolved: number;
9
+ }];
10
+ }> {
6
11
  private readonly con;
7
12
  private readonly mdapi;
8
13
  constructor(con: SfConnection);
@@ -1 +1 @@
1
- {"version":3,"file":"permission-sets.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/perm-sets/permission-sets.ts"],"names":[],"mappings":"AAAA,OAAO,YAAY,MAAM,aAAa,CAAC;AACvC,OAAO,KAAK,MAAM,sBAAsB,CAAC;AAGzC,OAAO,EAAyB,2BAA2B,EAAE,MAAM,sBAAsB,CAAC;AAC1F,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAErD,MAAM,CAAC,OAAO,OAAO,cAAe,SAAQ,YAAY;IAGlB;IAFnB,KAAK,CAAQ;IAE9B,YAAoC,GAAiB;QACnD,KAAK,EAAE,CAAC;QAD0B,QAAG,GAAH,GAAG,CAAc;QAEnD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACtC,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,IAAqC;QACxD,MAAM,OAAO,GAAG,2BAA2B,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QAC9D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,uBAAuB,EAAE,CAAC;QACzD,MAAM,kBAAkB,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC;QACtG,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE,KAAK,EAAE,kBAAkB,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC,CAAC;QAC9E,MAAM,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACnH,MAAM,OAAO,GAAG,IAAI,GAAG,EAAyB,CAAC;QACjD,KAAK,MAAM,WAAW,IAAI,kBAAkB,EAAE,CAAC;YAC7C,MAAM,aAAa,GAAG,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YACnD,MAAM,YAAY,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC;YACnD,IAAI,CAAC,CAAC,aAAa,IAAI,CAAC,CAAC,OAAO,CAAC,YAAY,IAAI,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC;gBAC1F,SAAS;YACX,CAAC;YACD,IAAI,OAAO,CAAC,YAAY,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC;gBACpD,SAAS;YACX,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE;gBACvB,QAAQ,EAAE,YAAY;gBACtB,QAAQ,EAAE,aAAa,CAAC,QAAQ,IAAI,IAAI;gBACxC,IAAI,EAAE,WAAW;aAClB,CAAC,CAAC;QACL,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE,KAAK,EAAE,kBAAkB,CAAC,MAAM,EAAE,QAAQ,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QACzF,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,KAAK,CAAC,uBAAuB;QACnC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,CAAkB,qBAAqB,CAAC,CAAC;QAC9E,OAAO,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC;IAC7E,CAAC;CACF"}
1
+ {"version":3,"file":"permission-sets.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/perm-sets/permission-sets.ts"],"names":[],"mappings":"AAAA,OAAO,YAAY,MAAM,aAAa,CAAC;AACvC,OAAO,KAAK,MAAM,sBAAsB,CAAC;AAGzC,OAAO,EAAyB,2BAA2B,EAAE,MAAM,sBAAsB,CAAC;AAC1F,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAErD,MAAM,CAAC,OAAO,OAAO,cAAe,SAAQ,YAAsE;IAG5E;IAFnB,KAAK,CAAQ;IAE9B,YAAoC,GAAiB;QACnD,KAAK,EAAE,CAAC;QAD0B,QAAG,GAAH,GAAG,CAAc;QAEnD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACtC,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,IAAqC;QACxD,MAAM,OAAO,GAAG,2BAA2B,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QAC9D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,uBAAuB,EAAE,CAAC;QACzD,MAAM,kBAAkB,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC;QACtG,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE,KAAK,EAAE,kBAAkB,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC,CAAC;QAC9E,MAAM,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACnH,MAAM,OAAO,GAAG,IAAI,GAAG,EAAyB,CAAC;QACjD,KAAK,MAAM,WAAW,IAAI,kBAAkB,EAAE,CAAC;YAC7C,MAAM,aAAa,GAAG,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YACnD,MAAM,YAAY,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC;YACnD,IAAI,CAAC,CAAC,aAAa,IAAI,CAAC,CAAC,OAAO,CAAC,YAAY,IAAI,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC;gBAC1F,SAAS;YACX,CAAC;YACD,IAAI,OAAO,CAAC,YAAY,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC;gBACpD,SAAS;YACX,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE;gBACvB,QAAQ,EAAE,YAAY;gBACtB,QAAQ,EAAE,aAAa,CAAC,QAAQ,IAAI,IAAI;gBACxC,IAAI,EAAE,WAAW;aAClB,CAAC,CAAC;QACL,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE,KAAK,EAAE,kBAAkB,CAAC,MAAM,EAAE,QAAQ,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QACzF,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,KAAK,CAAC,uBAAuB;QACnC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,CAAkB,qBAAqB,CAAC,CAAC;QAC9E,OAAO,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC;IAC7E,CAAC;CACF"}
@@ -2,7 +2,9 @@ import { EventEmitter } from 'node:events';
2
2
  export type MessageEvent = {
3
3
  message: string;
4
4
  };
5
- export default class ResolveEntityLifecycle extends EventEmitter {
5
+ export default class ResolveEntityLifecycle extends EventEmitter<{
6
+ resolvewarning: [MessageEvent];
7
+ }> {
6
8
  constructor();
7
9
  emitWarn(message: string): void;
8
10
  }
@@ -1 +1 @@
1
- {"version":3,"file":"resolve-entity-lifecycle-bus.js","sourceRoot":"","sources":["../../src/salesforce/resolve-entity-lifecycle-bus.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAM3C,MAAM,CAAC,OAAO,OAAO,sBAAuB,SAAQ,YAAY;IAC9D;QACE,KAAK,EAAE,CAAC;IACV,CAAC;IAEM,QAAQ,CAAC,OAAe;QAC7B,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE;YAC1B,OAAO;SACQ,CAAC,CAAC;IACrB,CAAC;CACF;AAED,MAAM,CAAC,MAAM,gBAAgB,GAAG,IAAI,sBAAsB,EAAE,CAAC"}
1
+ {"version":3,"file":"resolve-entity-lifecycle-bus.js","sourceRoot":"","sources":["../../src/salesforce/resolve-entity-lifecycle-bus.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAM3C,MAAM,CAAC,OAAO,OAAO,sBAAuB,SAAQ,YAAgD;IAClG;QACE,KAAK,EAAE,CAAC;IACV,CAAC;IAEM,QAAQ,CAAC,OAAe;QAC7B,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE;YAC1B,OAAO;SACQ,CAAC,CAAC;IACrB,CAAC;CACF;AAED,MAAM,CAAC,MAAM,gBAAgB,GAAG,IAAI,sBAAsB,EAAE,CAAC"}
@@ -10,6 +10,10 @@ User policy option defaultRoleForMissingUsers is invalid: "%s" does not exist.
10
10
 
11
11
  Permission does not exist on Org.
12
12
 
13
+ # ObjectDoesNotExistOnOrg
14
+
15
+ Object was not found on Org.
16
+
13
17
  # FailedToParseAuditConfig
14
18
 
15
19
  Failed to parse audit config at location %s: %s (%s).
@@ -8,7 +8,7 @@ Tried to access a role that does not exist: %s.
8
8
 
9
9
  # RoleReferencesControlThatDoesNotExist
10
10
 
11
- Role "%s" references a %s control that does not exist: %s
11
+ Role "%s" references %s control that does not exist: %s
12
12
 
13
13
  # violations.classification-preset-mismatch
14
14
 
@@ -0,0 +1,3 @@
1
+ # violation.external-sharing-model-not-private
2
+
3
+ External access for "%s" is '%s'.