@regulaforensics/react-native-document-reader-core-bounds 7.5.893 → 7.6.82-rc

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/.gitlab/report.yaml +75 -0
  2. package/.gitlab-ci.yml +49 -0
  3. package/RNDocumentReaderCore.podspec +2 -2
  4. package/android/build.gradle +2 -2
  5. package/package.json +2 -6
package/.gitlab/report.yaml ADDED
@@ -0,0 +1,75 @@
1
+ spec:
2
+ inputs:
3
+ stage:
4
+ default: reports
5
+ image:
6
+ default: ubuntu:22.04
7
+ ignore_vulnerabilities:
8
+ default: "false"
9
+ sast_report_file:
10
+ default: gl-sast-report.json
11
+ secret_detection_report_file:
12
+ default: gl-secret-detection-report.json
13
+ dependency_scanning_report_file:
14
+ default: gl-dependency-scanning-report.json
15
+ ---
16
+
17
+ view reports:
18
+ image: $[[ inputs.image ]]
19
+ stage: $[[ inputs.stage ]]
20
+ variables:
21
+ IGNORE_VULNERABILITIES: $[[ inputs.ignore_vulnerabilities ]]
22
+ SAST_REPORT_FILE: $[[ inputs.sast_report_file ]]
23
+ SECRET_DETECTION_REPORT_FILE: $[[ inputs.secret_detection_report_file ]]
24
+ DEPENDENCY_SCANNING_REPORT_FILE: $[[ inputs.dependency_scanning_report_file ]]
25
+ RED: \033[0;31m
26
+ YELLOW: \033[1;33m
27
+ GREEN: \033[0;32m
28
+ NC: \033[0m
29
+ needs:
30
+ - job: semgrep-sast
31
+ artifacts: true
32
+ - job: secret_detection
33
+ artifacts: true
34
+ - job: gemnasium-dependency_scanning
35
+ artifacts: true
36
+ rules:
37
+ - if: $CI_PIPELINE_SOURCE == "merge_request_event"
38
+ script:
39
+ - ls -la
40
+ - apt update && apt install -y jq
41
+ - |
42
+ for f in SAST_REPORT_FILE SECRET_DETECTION_REPORT_FILE DEPENDENCY_SCANNING_REPORT_FILE
43
+ do
44
+ if [[ -f "${!f}" ]]
45
+ then
46
+ echo -e "${GREEN}File ${!f} exists, adding report${NC}"
47
+ r=${f/%_FILE}
48
+ declare $r="$(cat ${!f} | jq 'select(.vulnerabilities != []).vulnerabilities')"
49
+ if [[ ! -z "${!r}" ]]
50
+ then
51
+ VULNERABILITIES_FOUND=true
52
+ echo -e "${RED}Found $r vulnerabilities${NC}"
53
+ echo "${!r}"
54
+ echo
55
+ fi
56
+ else
57
+ echo -e "${YELLOW}File ${!f} doesn't exist, skipping${NC}"
58
+ fi
59
+ done
60
+
61
+ if [[ "$VULNERABILITIES_FOUND" == true ]]
62
+ then
63
+ if [[ "$IGNORE_VULNERABILITIES" == true ]]
64
+ then
65
+ echo -e "${GREEN}All found vulnerabilities were ignored due to IGNORE_VULNERABILITIES=true${NC}"
66
+ exit 0
67
+ else
68
+ echo -e "${RED}Vulnerabilities found, please see reports above${NC}"
69
+ exit 1
70
+ fi
71
+ fi
72
+
73
+ echo -e "${GREEN}No vulnerabilities found${NC}"
74
+
75
+ exit 0
package/.gitlab-ci.yml ADDED
@@ -0,0 +1,49 @@
1
+ stages:
2
+ - test
3
+ - reports
4
+
5
+ include:
6
+ - template: Jobs/SAST.gitlab-ci.yml
7
+ - template: Jobs/Secret-Detection.gitlab-ci.yml
8
+ - template: Jobs/Dependency-Scanning.gitlab-ci.yml
9
+ - local: .gitlab/report.yaml
10
+ rules:
11
+ - if: $CI_PIPELINE_SOURCE == "merge_request_event"
12
+ inputs:
13
+ stage: reports
14
+ image: ubuntu:22.04
15
+ ignore_vulnerabilities: "false"
16
+ sast_report_file: gl-sast-report.json
17
+ secret_detection_report_file: gl-secret-detection-report.json
18
+ dependency_scanning_report_file: gl-dependency-scanning-report.json
19
+
20
+ trivy scan:
21
+ stage: test
22
+ image: aquasec/trivy
23
+ rules:
24
+ - if: $CI_PIPELINE_SOURCE == "merge_request_event"
25
+ script:
26
+ - trivy fs --severity CRITICAL,HIGH,MEDIUM,LOW --ignore-unfixed --db-repository container-registry.regula.local:80/aquasecurity/trivy-db:2 --exit-code 1 .
27
+
28
+ semgrep-sast:
29
+ rules:
30
+ - if: $CI_PIPELINE_SOURCE == "merge_request_event"
31
+ artifacts:
32
+ paths:
33
+ - gl-sast-report.json
34
+
35
+ secret_detection:
36
+ rules:
37
+ - if: $CI_PIPELINE_SOURCE == "merge_request_event"
38
+ artifacts:
39
+ paths:
40
+ - gl-secret-detection-report.json
41
+
42
+ gemnasium-dependency_scanning:
43
+ variables:
44
+ DS_MAX_DEPTH: -1
45
+ rules:
46
+ - if: $CI_PIPELINE_SOURCE == "merge_request_event"
47
+ artifacts:
48
+ paths:
49
+ - gl-dependency-scanning-report.json
package/RNDocumentReaderCore.podspec CHANGED
@@ -13,8 +13,8 @@ Pod::Spec.new do |s|
13
13
 
14
14
  s.source = { :http => 'file:' + __dir__ }
15
15
 
16
- s.ios.deployment_target = '11.0'
17
- s.dependency 'DocumentReaderBounds', '7.5.11013'
16
+ s.ios.deployment_target = '13.0'
17
+ s.dependency 'DocumentReaderBoundsStage', '7.6.11869'
18
18
 
19
19
  s.dependency 'React'
20
20
  end
package/android/build.gradle CHANGED
@@ -19,7 +19,7 @@ android {
19
19
  rootProject.allprojects {
20
20
  repositories {
21
21
  maven {
22
- url "https://maven.regulaforensics.com/RegulaDocumentReader"
22
+ url "https://maven.regulaforensics.com/RegulaDocumentReader/Stage"
23
23
  }
24
24
  }
25
25
  }
@@ -28,6 +28,6 @@ dependencies {
28
28
  //noinspection GradleDynamicVersion
29
29
  implementation 'com.facebook.react:react-native:+'
30
30
  //noinspection GradleDependency
31
- implementation 'com.regula.documentreader.core:bounds:7.5.12253'
31
+ implementation 'com.regula.documentreader.core:bounds:7.6.13518'
32
32
  }
33
33
 
package/package.json CHANGED
@@ -1,17 +1,13 @@
1
1
  {
2
2
  "name": "@regulaforensics/react-native-document-reader-core-bounds",
3
- "version": "7.5.893",
3
+ "version": "7.6.82-rc",
4
4
  "description": "React Native module for reading and validation of identification documents (Core framework)",
5
5
  "main": "index.js",
6
6
  "scripts": {
7
7
  "test": "echo \"Error: no test specified\" && exit 1"
8
8
  },
9
9
  "keywords": [
10
- "react-native",
11
- "documentreader",
12
- "reader",
13
- "scanner",
14
- "regula"
10
+ "react-native", "documentreader", "reader", "scanner", "regula"
15
11
  ],
16
12
  "author": "Regulaforensics",
17
13
  "license": "commercial",