npm - @sectester/reporter - Versions diffs - 0.16.1 - Mend

@sectester/reporter 0.16.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (42) hide show

package/LICENSE +21 -0
package/README.md +85 -0
package/package.json +57 -0
package/src/__fixtures__/issues.d.ts +71 -0
package/src/__fixtures__/issues.js +64 -0
package/src/__fixtures__/issues.js.map +1 -0
package/src/formatters/PlainTextFormatter.d.ts +13 -0
package/src/formatters/PlainTextFormatter.js +51 -0
package/src/formatters/PlainTextFormatter.js.map +1 -0
package/src/formatters/index.d.ts +1 -0
package/src/formatters/index.js +5 -0
package/src/formatters/index.js.map +1 -0
package/src/index.d.ts +3 -0
package/src/index.js +11 -0
package/src/index.js.map +1 -0
package/src/lib/Formatter.d.ts +5 -0
package/src/lib/Formatter.js +5 -0
package/src/lib/Formatter.js.map +1 -0
package/src/lib/Reporter.d.ts +5 -0
package/src/lib/Reporter.js +5 -0
package/src/lib/Reporter.js.map +1 -0
package/src/lib/index.d.ts +2 -0
package/src/lib/index.js +6 -0
package/src/lib/index.js.map +1 -0
package/src/models/IssuesGroup.d.ts +6 -0
package/src/models/IssuesGroup.js +3 -0
package/src/models/IssuesGroup.js.map +1 -0
package/src/models/index.d.ts +1 -0
package/src/models/index.js +3 -0
package/src/models/index.js.map +1 -0
package/src/std/StdReporter.d.ts +13 -0
package/src/std/StdReporter.js +91 -0
package/src/std/StdReporter.js.map +1 -0
package/src/std/index.d.ts +1 -0
package/src/std/index.js +6 -0
package/src/std/index.js.map +1 -0
package/src/utils/index.d.ts +1 -0
package/src/utils/index.js +6 -0
package/src/utils/index.js.map +1 -0
package/src/utils/issues-grouper.d.ts +6 -0
package/src/utils/issues-grouper.js +30 -0
package/src/utils/issues-grouper.js.map +1 -0

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2022 Bright Security
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,85 @@
+# @sectester/reporter
+[![Maintainability](https://api.codeclimate.com/v1/badges/a5f72ececc9b0f402802/maintainability)](https://codeclimate.com/github/NeuraLegion/sectester-js/maintainability)
+[![Test Coverage](https://api.codeclimate.com/v1/badges/a5f72ececc9b0f402802/test_coverage)](https://codeclimate.com/github/NeuraLegion/sectester-js/test_coverage)
+![Build Status](https://github.com/NeuraLegion/sectester-js/actions/workflows/coverage.yml/badge.svg?branch=master&event=push)
+![NPM Downloads](https://img.shields.io/npm/dw/@sectester/core)
+Provide an abstraction for generating test results as part of the particular test frameworks.
+## Setup
+```bash
+npm i -s @sectester/reporter
+```
+## Usage
+The package provides an implementation of the `Reporter` that lets to get results to stdout, i.e. `StdReporter`:
+```ts
+import { Reporter, StdReporter } from '@sectester/reporter';
+const reporter: Reporter = new StdReporter();
+```
+You just need to call the `report` method to send findings to stdout:
+```ts
+await reporter.report(scan);
+```
+<details>
+<summary>Sample console output</summary>
+![reporter-sample](reporter-sample.png)
+</details>
+In addition, the package exposes a `PlainTextFormatter` that implements a `Formatter` interface:
+```ts
+import { Formatter, PlainTextFormatter } from '@sectester/reporter';
+const formatter: Formatter = new PlainTextFormatter();
+```
+To convert an issue into text, you just need to call the `format` method:
+```ts
+formatter.format(issue);
+```
+<details>
+<summary>Sample output</summary>
+```
+Issue in Bright UI:   https://app.neuralegion.com/scans/djoqtSDRJYaR6sH8pfYpDX/issues/8iacauN1FH9vFvDCLoo42v
+Name:                 Missing Strict-Transport-Security Header
+Severity:             Low
+Remediation:
+Make sure to proprely set and configure headers on your application - missing strict-transport-security header
+Details:
+The engine detected a missing strict-transport-security header. Headers are used to outline communication and
+improve security of application.
+Extra Details:
+● Missing Strict-Transport-Security Header
+    The engine detected a missing Strict-Transport-Security header, which might cause data to be sent insecurely from the client to the server.
+    Remedy:
+     - Make sure to set this header to one of the following options:
+        1. Strict-Transport-Security: max-age=<expire-time>
+        2. Strict-Transport-Security: max-age=<expire-time>; includeSubDomains
+        3. Strict-Transport-Security: max-age=<expire-time>; preload
+    Resources:
+     - https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#hsts
+    Issues found on the following URLs:
+     - [GET] https://qa.brokencrystals.com/
+```
+</details>
+## License
+Copyright © 2022 [Bright Security](https://brightsec.com/).
+This project is licensed under the MIT License - see the [LICENSE file](LICENSE) for details.

package/package.json ADDED Viewed

@@ -0,0 +1,57 @@
+{
+  "name": "@sectester/reporter",
+  "version": "0.16.1",
+  "description": "Provide an abstraction for generating test results as part of the particular test frameworks.",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/NeuraLegion/sectester-js.git"
+  },
+  "engines": {
+    "node": ">=16",
+    "npm": "^8.1.0"
+  },
+  "author": {
+    "name": "Artem Derevnjuk",
+    "email": "artem.derevnjuk@brightsec.com"
+  },
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/NeuraLegion/sectester-js/issues"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "keywords": [
+    "security",
+    "testing",
+    "e2e",
+    "test",
+    "typescript",
+    "appsec",
+    "pentesting",
+    "qa",
+    "brightsec",
+    "reporter"
+  ],
+  "peerDependencies": {
+    "@sectester/scan": ">=0.16.0 <1.0.0"
+  },
+  "main": "./src/index.js",
+  "typings": "./src/index.d.ts",
+  "dependencies": {
+    "@sectester/bus": "0.16.1",
+    "@sectester/core": "0.16.1",
+    "reflect-metadata": "^0.1.13",
+    "uuid": "^8.3.2",
+    "tsyringe": "^4.6.0",
+    "chalk": "^4.1.2",
+    "form-data": "^4.0.0",
+    "axios": "^0.26.1",
+    "axios-rate-limit": "^1.3.0",
+    "amqp-connection-manager": "^4.1.1",
+    "amqplib": "^0.8.0",
+    "@har-sdk/core": "^1.4.3",
+    "ci-info": "^3.3.0",
+    "tty-table": "^4.1.5"
+  }
+}

package/src/__fixtures__/issues.d.ts ADDED Viewed

@@ -0,0 +1,71 @@
+import { HttpMethod, Severity } from '@sectester/scan';
+export declare const issueWithoutResourcesText = "Issue in Bright UI:   http://app.neuralegion.com/scans/pDzxcEXQC8df1fcz1QwPf9/issues/pDzxcEXQC8df1fcz1QwPf9\nName:                 Database connection crashed\nSeverity:             Medium\nRemediation:\nThe best way to protect against those kind of issues is making sure the Database resources are sufficient\nDetails:\nCross-site request forgery is a type of malicious website exploit.";
+export declare const issueWithoutResources: {
+    id: string;
+    order: number;
+    details: string;
+    name: string;
+    severity: Severity;
+    protocol: string;
+    remedy: string;
+    cvss: string;
+    time: Date;
+    originalRequest: {
+        method: HttpMethod;
+        url: string;
+    };
+    request: {
+        method: HttpMethod;
+        url: string;
+    };
+    link: string;
+};
+export declare const fullyDescribedIssueText: string;
+export declare const fullyDescribedIssue: {
+    comments: {
+        headline: string;
+        text: string;
+        links: string[];
+    }[];
+    resources: string[];
+    id: string;
+    order: number;
+    details: string;
+    name: string;
+    severity: Severity;
+    protocol: string;
+    remedy: string;
+    cvss: string;
+    time: Date;
+    originalRequest: {
+        method: HttpMethod;
+        url: string;
+    };
+    request: {
+        method: HttpMethod;
+        url: string;
+    };
+    link: string;
+};
+export declare const issueWithoutExtraInfoText: string;
+export declare const issueWithoutExtraInfo: {
+    resources: string[];
+    id: string;
+    order: number;
+    details: string;
+    name: string;
+    severity: Severity;
+    protocol: string;
+    remedy: string;
+    cvss: string;
+    time: Date;
+    originalRequest: {
+        method: HttpMethod;
+        url: string;
+    };
+    request: {
+        method: HttpMethod;
+        url: string;
+    };
+    link: string;
+};

package/src/__fixtures__/issues.js ADDED Viewed

@@ -0,0 +1,64 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.issueWithoutExtraInfo = exports.issueWithoutExtraInfoText = exports.fullyDescribedIssue = exports.fullyDescribedIssueText = exports.issueWithoutResources = exports.issueWithoutResourcesText = void 0;
+const scan_1 = require("@sectester/scan");
+exports.issueWithoutResourcesText = `Issue in Bright UI:   http://app.neuralegion.com/scans/pDzxcEXQC8df1fcz1QwPf9/issues/pDzxcEXQC8df1fcz1QwPf9
+Name:                 Database connection crashed
+Severity:             Medium
+Remediation:
+The best way to protect against those kind of issues is making sure the Database resources are sufficient
+Details:
+Cross-site request forgery is a type of malicious website exploit.`;
+exports.issueWithoutResources = {
+    id: 'pDzxcEXQC8df1fcz1QwPf9',
+    order: 1,
+    details: 'Cross-site request forgery is a type of malicious website exploit.',
+    name: 'Database connection crashed',
+    severity: scan_1.Severity.MEDIUM,
+    protocol: 'http',
+    remedy: 'The best way to protect against those kind of issues is making sure the Database resources are sufficient',
+    cvss: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L',
+    time: new Date(),
+    originalRequest: {
+        method: scan_1.HttpMethod.GET,
+        url: 'https://brokencrystals.com/'
+    },
+    request: {
+        method: scan_1.HttpMethod.GET,
+        url: 'https://brokencrystals.com/'
+    },
+    link: 'http://app.neuralegion.com/scans/pDzxcEXQC8df1fcz1QwPf9/issues/pDzxcEXQC8df1fcz1QwPf9'
+};
+exports.fullyDescribedIssueText = `${exports.issueWithoutResourcesText}
+Extra Details:
+● Missing Strict-Transport-Security Header
+\tThe engine detected a missing Strict-Transport-Security header, which might cause data to be sent insecurely from the client to the server.
+\tLinks:
+\t● https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#hsts
+References:
+● https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#hsts`;
+exports.fullyDescribedIssue = {
+    ...exports.issueWithoutResources,
+    comments: [
+        {
+            headline: 'Missing Strict-Transport-Security Header',
+            text: 'The engine detected a missing Strict-Transport-Security header, which might cause data to be sent insecurely from the client to the server.',
+            links: [
+                'https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#hsts'
+            ]
+        }
+    ],
+    resources: [
+        'https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#hsts'
+    ]
+};
+exports.issueWithoutExtraInfoText = `${exports.issueWithoutResourcesText}
+References:
+ ● https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#hsts`;
+exports.issueWithoutExtraInfo = {
+    ...exports.issueWithoutResources,
+    resources: [
+        'https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#hsts'
+    ]
+};
+//# sourceMappingURL=issues.js.map

package/src/__fixtures__/issues.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"issues.js","sourceRoot":"","sources":["../../../../../packages/reporter/src/__fixtures__/issues.ts"],"names":[],"mappings":";;;AAAA,0CAAuD;AAE1C,QAAA,yBAAyB,GAAG;;;;;;mEAM0B,CAAC;AACvD,QAAA,qBAAqB,GAAG;IACnC,EAAE,EAAE,wBAAwB;IAC5B,KAAK,EAAE,CAAC;IACR,OAAO,EAAE,oEAAoE;IAC7E,IAAI,EAAE,6BAA6B;IACnC,QAAQ,EAAE,eAAQ,CAAC,MAAM;IACzB,QAAQ,EAAE,MAAM;IAChB,MAAM,EACJ,2GAA2G;IAC7G,IAAI,EAAE,8CAA8C;IACpD,IAAI,EAAE,IAAI,IAAI,EAAE;IAChB,eAAe,EAAE;QACf,MAAM,EAAE,iBAAU,CAAC,GAAG;QACtB,GAAG,EAAE,6BAA6B;KACnC;IACD,OAAO,EAAE;QACP,MAAM,EAAE,iBAAU,CAAC,GAAG;QACtB,GAAG,EAAE,6BAA6B;KACnC;IACD,IAAI,EAAE,uFAAuF;CAC9F,CAAC;AAEW,QAAA,uBAAuB,GAAG,GAAG,iCAAyB;;;;;;;oEAOC,CAAC;AACxD,QAAA,mBAAmB,GAAG;IACjC,GAAG,6BAAqB;IACxB,QAAQ,EAAE;QACR;YACE,QAAQ,EAAE,0CAA0C;YACpD,IAAI,EAAE,6IAA6I;YACnJ,KAAK,EAAE;gBACL,mEAAmE;aACpE;SACF;KACF;IACD,SAAS,EAAE;QACT,mEAAmE;KACpE;CACF,CAAC;AACW,QAAA,yBAAyB,GAAG,GAAG,iCAAyB;;qEAEA,CAAC;AACzD,QAAA,qBAAqB,GAAG;IACnC,GAAG,6BAAqB;IACxB,SAAS,EAAE;QACT,mEAAmE;KACpE;CACF,CAAC"}

package/src/formatters/PlainTextFormatter.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+import { Formatter } from '../lib';
+import { Issue } from '@sectester/scan';
+export declare class PlainTextFormatter implements Formatter {
+    private readonly BULLET_POINT;
+    private readonly NEW_LINE;
+    private readonly TABULATION;
+    format(issue: Issue): string;
+    private generateTemplate;
+    private formatExtraInfo;
+    private indent;
+    private formatList;
+    private combineList;
+}

package/src/formatters/PlainTextFormatter.js ADDED Viewed

@@ -0,0 +1,51 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PlainTextFormatter = void 0;
+const util_1 = require("util");
+class PlainTextFormatter {
+    constructor() {
+        this.BULLET_POINT = '●';
+        this.NEW_LINE = '\n';
+        this.TABULATION = '\t';
+    }
+    format(issue) {
+        const { link, name, severity, remedy, details, comments = [], resources = [] } = issue;
+        const template = this.generateTemplate({
+            extraInfo: comments.length > 0,
+            references: resources.length > 0
+        });
+        const message = (0, util_1.format)(template, link, name, severity, remedy, details, this.formatList(comments, comment => this.formatExtraInfo(comment)), this.formatList(resources));
+        return message.trim();
+    }
+    generateTemplate(options) {
+        return `
+Issue in Bright UI:   %s
+Name:                 %s
+Severity:             %s
+Remediation:
+%s
+Details:
+%s${options.extraInfo ? `\nExtra Details:\n%s` : ''}${options.references ? `\nReferences:\n%s` : ''}`.trim();
+    }
+    formatExtraInfo({ headline, text = '', links = [] }) {
+        const footer = links.length
+            ? this.combineList(['Links:', this.formatList(links)])
+            : '';
+        const blocks = [text, footer].map(x => this.indent(x));
+        const document = this.combineList(blocks);
+        return this.combineList([headline, document]);
+    }
+    indent(x, length = 1) {
+        const lines = x.split(this.NEW_LINE);
+        return this.combineList(lines.map(line => `${this.TABULATION.repeat(length)}${line}`));
+    }
+    formatList(list, map) {
+        const items = list.map(x => `${this.BULLET_POINT} ${typeof map == 'function' ? map(x) : x}`);
+        return this.combineList(items);
+    }
+    combineList(list, sep) {
+        return list.join(sep !== null && sep !== void 0 ? sep : this.NEW_LINE);
+    }
+}
+exports.PlainTextFormatter = PlainTextFormatter;
+//# sourceMappingURL=PlainTextFormatter.js.map

package/src/formatters/PlainTextFormatter.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"PlainTextFormatter.js","sourceRoot":"","sources":["../../../../../packages/reporter/src/formatters/PlainTextFormatter.ts"],"names":[],"mappings":";;;AAEA,+BAA8B;AAE9B,MAAa,kBAAkB;IAA/B;QACmB,iBAAY,GAAG,GAAG,CAAC;QACnB,aAAQ,GAAG,IAAI,CAAC;QAChB,eAAU,GAAG,IAAI,CAAC;IA4ErC,CAAC;IA1EQ,MAAM,CAAC,KAAY;QACxB,MAAM,EACJ,IAAI,EACJ,IAAI,EACJ,QAAQ,EACR,MAAM,EACN,OAAO,EACP,QAAQ,GAAG,EAAE,EACb,SAAS,GAAG,EAAE,EACf,GAAG,KAAK,CAAC;QACV,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC;YACrC,SAAS,EAAE,QAAQ,CAAC,MAAM,GAAG,CAAC;YAC9B,UAAU,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC;SACjC,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,IAAA,aAAM,EACpB,QAAQ,EACR,IAAI,EACJ,IAAI,EACJ,QAAQ,EACR,MAAM,EACN,OAAO,EACP,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,EACnE,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAC3B,CAAC;QAEF,OAAO,OAAO,CAAC,IAAI,EAAE,CAAC;IACxB,CAAC;IAEO,gBAAgB,CAAC,OAGxB;QACC,OAAO;;;;;;;IAOP,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,EAAE,GAC7C,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,EAC7C,EAAE,CAAC,IAAI,EAAE,CAAC;IACZ,CAAC;IAEO,eAAe,CAAC,EAAE,QAAQ,EAAE,IAAI,GAAG,EAAE,EAAE,KAAK,GAAG,EAAE,EAAW;QAClE,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM;YACzB,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,EAAE,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;YACtD,CAAC,CAAC,EAAE,CAAC;QACP,MAAM,MAAM,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACvD,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAE1C,OAAO,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC;IAChD,CAAC;IAEO,MAAM,CAAC,CAAS,EAAE,SAAiB,CAAC;QAC1C,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAErC,OAAO,IAAI,CAAC,WAAW,CACrB,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAC9D,CAAC;IACJ,CAAC;IAEO,UAAU,CAAI,IAAS,EAAE,GAAsB;QACrD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CACpB,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,YAAY,IAAI,OAAO,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CACrE,CAAC;QAEF,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC;IAEO,WAAW,CAAC,IAAc,EAAE,GAAY;QAC9C,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,aAAH,GAAG,cAAH,GAAG,GAAI,IAAI,CAAC,QAAQ,CAAC,CAAC;IACzC,CAAC;CACF;AA/ED,gDA+EC"}

package/src/formatters/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export * from './PlainTextFormatter';

package/src/formatters/index.js ADDED Viewed

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("tslib");
+(0, tslib_1.__exportStar)(require("./PlainTextFormatter"), exports);
+//# sourceMappingURL=index.js.map

package/src/formatters/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/reporter/src/formatters/index.ts"],"names":[],"mappings":";;;AAAA,oEAAqC"}

package/src/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export { PlainTextFormatter } from './formatters';
+export { Reporter, Formatter } from './lib';
+export { StdReporter } from './std';

package/src/index.js ADDED Viewed

@@ -0,0 +1,11 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.StdReporter = exports.Formatter = exports.Reporter = exports.PlainTextFormatter = void 0;
+var formatters_1 = require("./formatters");
+Object.defineProperty(exports, "PlainTextFormatter", { enumerable: true, get: function () { return formatters_1.PlainTextFormatter; } });
+var lib_1 = require("./lib");
+Object.defineProperty(exports, "Reporter", { enumerable: true, get: function () { return lib_1.Reporter; } });
+Object.defineProperty(exports, "Formatter", { enumerable: true, get: function () { return lib_1.Formatter; } });
+var std_1 = require("./std");
+Object.defineProperty(exports, "StdReporter", { enumerable: true, get: function () { return std_1.StdReporter; } });
+//# sourceMappingURL=index.js.map

package/src/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../packages/reporter/src/index.ts"],"names":[],"mappings":";;;AAAA,2CAAkD;AAAzC,gHAAA,kBAAkB,OAAA;AAC3B,6BAA4C;AAAnC,+FAAA,QAAQ,OAAA;AAAE,gGAAA,SAAS,OAAA;AAC5B,6BAAoC;AAA3B,kGAAA,WAAW,OAAA"}

package/src/lib/Formatter.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import { Issue } from '@sectester/scan';
+export interface Formatter {
+    format(issue: Issue): string;
+}
+export declare const Formatter: unique symbol;

package/src/lib/Formatter.js ADDED Viewed

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Formatter = void 0;
+exports.Formatter = Symbol('Formatter');
+//# sourceMappingURL=Formatter.js.map

package/src/lib/Formatter.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"Formatter.js","sourceRoot":"","sources":["../../../../../packages/reporter/src/lib/Formatter.ts"],"names":[],"mappings":";;;AAMa,QAAA,SAAS,GAAkB,MAAM,CAAC,WAAW,CAAC,CAAC"}

package/src/lib/Reporter.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import { Scan } from '@sectester/scan';
+export interface Reporter {
+    report(scan: Scan): Promise<void>;
+}
+export declare const Reporter: unique symbol;

package/src/lib/Reporter.js ADDED Viewed

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Reporter = void 0;
+exports.Reporter = Symbol('Reporter');
+//# sourceMappingURL=Reporter.js.map

package/src/lib/Reporter.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"Reporter.js","sourceRoot":"","sources":["../../../../../packages/reporter/src/lib/Reporter.ts"],"names":[],"mappings":";;;AAMa,QAAA,QAAQ,GAAkB,MAAM,CAAC,UAAU,CAAC,CAAC"}

package/src/lib/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './Reporter';
2	+ export * from './Formatter';

package/src/lib/index.js ADDED Viewed

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("tslib");
+(0, tslib_1.__exportStar)(require("./Reporter"), exports);
+(0, tslib_1.__exportStar)(require("./Formatter"), exports);
+//# sourceMappingURL=index.js.map

package/src/lib/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/reporter/src/lib/index.ts"],"names":[],"mappings":";;;AAAA,0DAA2B;AAC3B,2DAA4B"}

package/src/models/IssuesGroup.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import { Issue, Severity } from '@sectester/scan';
+export interface IssuesGroup {
+    severity: Severity;
+    name: string;
+    issues: Issue[];
+}

package/src/models/IssuesGroup.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=IssuesGroup.js.map

package/src/models/IssuesGroup.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"IssuesGroup.js","sourceRoot":"","sources":["../../../../../packages/reporter/src/models/IssuesGroup.ts"],"names":[],"mappings":""}

package/src/models/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { IssuesGroup } from './IssuesGroup';

package/src/models/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=index.js.map

package/src/models/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/reporter/src/models/index.ts"],"names":[],"mappings":""}

package/src/std/StdReporter.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+import { Reporter } from '../lib';
+import { Scan } from '@sectester/scan';
+export declare class StdReporter implements Reporter {
+    private readonly severityColorFn;
+    private readonly severityPrintFn;
+    report(scan: Scan): Promise<void>;
+    private formatFindingsMessage;
+    private renderDetailsTable;
+    private getHeaderConfig;
+    private pluralize;
+    private colorize;
+    private print;
+}

package/src/std/StdReporter.js ADDED Viewed

@@ -0,0 +1,91 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.StdReporter = void 0;
+const tslib_1 = require("tslib");
+const utils_1 = require("../utils");
+const scan_1 = require("@sectester/scan");
+const tty_table_1 = (0, tslib_1.__importDefault)(require("tty-table"));
+const chalk_1 = (0, tslib_1.__importDefault)(require("chalk"));
+class StdReporter {
+    constructor() {
+        this.severityColorFn = {
+            [scan_1.Severity.HIGH]: chalk_1.default.red,
+            [scan_1.Severity.MEDIUM]: chalk_1.default.yellow,
+            [scan_1.Severity.LOW]: chalk_1.default.blue
+        };
+        this.severityPrintFn = {
+            /* eslint-disable no-console */
+            [scan_1.Severity.HIGH]: console.error,
+            [scan_1.Severity.MEDIUM]: console.warn,
+            [scan_1.Severity.LOW]: console.log
+            /* eslint-enable no-console */
+        };
+    }
+    async report(scan) {
+        const issues = await scan.issues();
+        if (!issues.length) {
+            return;
+        }
+        [scan_1.Severity.HIGH, scan_1.Severity.MEDIUM, scan_1.Severity.LOW].forEach((severity) => {
+            const message = this.formatFindingsMessage(issues, severity);
+            if (message) {
+                this.print(message, severity);
+            }
+        });
+        // eslint-disable-next-line no-console
+        console.log(this.renderDetailsTable(issues));
+    }
+    formatFindingsMessage(issues, severity) {
+        const filtered = issues.filter(issue => issue.severity === severity);
+        if (filtered.length) {
+            return this.colorize(`Found ${filtered.length} ${severity} severity ${this.pluralize('issue', filtered.length)}.`, severity);
+        }
+    }
+    renderDetailsTable(issues) {
+        const issueGroups = utils_1.IssuesGrouper.group(issues);
+        return (0, tty_table_1.default)([
+            this.getHeaderConfig('severity', {
+                formatter: x => this.colorize(x, x),
+                width: 12
+            }),
+            this.getHeaderConfig('name'),
+            this.getHeaderConfig('issues', {
+                alias: 'Quantity',
+                formatter: items => items.length,
+                align: 'center',
+                width: 12
+            }),
+            this.getHeaderConfig('issues', {
+                alias: 'Targets',
+                formatter: (items) => items
+                    .map((item, idx) => `${idx + 1}.\u00A0${item.request.url}`)
+                    .join('\n')
+            })
+        ], issueGroups).render();
+    }
+    getHeaderConfig(fieldName, options = {}) {
+        const defaultHeaderConfig = {
+            width: '',
+            headerColor: '',
+            align: 'left',
+            headerAlign: 'left',
+            value: fieldName,
+            alias: `${fieldName.charAt(0).toUpperCase()}${fieldName.substring(1)}`
+        };
+        return {
+            ...defaultHeaderConfig,
+            ...options
+        };
+    }
+    pluralize(word, quantity) {
+        return quantity > 1 ? `${word}s` : word;
+    }
+    colorize(message, severity) {
+        return this.severityColorFn[severity](message);
+    }
+    print(message, severity) {
+        return this.severityPrintFn[severity](message);
+    }
+}
+exports.StdReporter = StdReporter;
+//# sourceMappingURL=StdReporter.js.map

package/src/std/StdReporter.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"StdReporter.js","sourceRoot":"","sources":["../../../../../packages/reporter/src/std/StdReporter.ts"],"names":[],"mappings":";;;;AACA,oCAAyC;AACzC,0CAAwD;AACxD,uEAA0C;AAC1C,+DAA0B;AAE1B,MAAa,WAAW;IAAxB;QACmB,oBAAe,GAG5B;YACF,CAAC,eAAQ,CAAC,IAAI,CAAC,EAAE,eAAK,CAAC,GAAG;YAC1B,CAAC,eAAQ,CAAC,MAAM,CAAC,EAAE,eAAK,CAAC,MAAM;YAC/B,CAAC,eAAQ,CAAC,GAAG,CAAC,EAAE,eAAK,CAAC,IAAI;SAC3B,CAAC;QAEe,oBAAe,GAG5B;YACF,+BAA+B;YAC/B,CAAC,eAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC,KAAK;YAC9B,CAAC,eAAQ,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,IAAI;YAC/B,CAAC,eAAQ,CAAC,GAAG,CAAC,EAAE,OAAO,CAAC,GAAG;YAC3B,8BAA8B;SAC/B,CAAC;IA+FJ,CAAC;IA7FQ,KAAK,CAAC,MAAM,CAAC,IAAU;QAC5B,MAAM,MAAM,GAAY,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QAC5C,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE;YAClB,OAAO;SACR;QAED,CAAC,eAAQ,CAAC,IAAI,EAAE,eAAQ,CAAC,MAAM,EAAE,eAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,CACpD,CAAC,QAAkB,EAAE,EAAE;YACrB,MAAM,OAAO,GAAG,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAC7D,IAAI,OAAO,EAAE;gBACX,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;aAC/B;QACH,CAAC,CACF,CAAC;QAEF,sCAAsC;QACtC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC;IAC/C,CAAC;IAEO,qBAAqB,CAC3B,MAAe,EACf,QAAkB;QAElB,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;QACrE,IAAI,QAAQ,CAAC,MAAM,EAAE;YACnB,OAAO,IAAI,CAAC,QAAQ,CAClB,SAAS,QAAQ,CAAC,MAAM,IAAI,QAAQ,aAAa,IAAI,CAAC,SAAS,CAC7D,OAAO,EACP,QAAQ,CAAC,MAAM,CAChB,GAAG,EACJ,QAAQ,CACT,CAAC;SACH;IACH,CAAC;IAEO,kBAAkB,CAAC,MAAe;QACxC,MAAM,WAAW,GAAG,qBAAa,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAEhD,OAAO,IAAA,mBAAK,EACV;YACE,IAAI,CAAC,eAAe,CAAC,UAAU,EAAE;gBAC/B,SAAS,EAAE,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC;gBACnC,KAAK,EAAE,EAAE;aACV,CAAC;YACF,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC;YAC5B,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE;gBAC7B,KAAK,EAAE,UAAU;gBACjB,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,MAAM;gBAChC,KAAK,EAAE,QAAQ;gBACf,KAAK,EAAE,EAAE;aACV,CAAC;YACF,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE;gBAC7B,KAAK,EAAE,SAAS;gBAChB,SAAS,EAAE,CAAC,KAAc,EAAE,EAAE,CAC5B,KAAK;qBACF,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG,CAAC,UAAU,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;qBAC1D,IAAI,CAAC,IAAI,CAAC;aAChB,CAAC;SACS,EACb,WAAW,CACZ,CAAC,MAAM,EAAE,CAAC;IACb,CAAC;IAEO,eAAe,CACrB,SAAiB,EACjB,UAA2B,EAAE;QAE7B,MAAM,mBAAmB,GAAoB;YAC3C,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,MAAM;YACb,WAAW,EAAE,MAAM;YACnB,KAAK,EAAE,SAAS;YAChB,KAAK,EAAE,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE;SACvE,CAAC;QAEF,OAAO;YACL,GAAG,mBAAmB;YACtB,GAAG,OAAO;SACD,CAAC;IACd,CAAC;IAEO,SAAS,CAAC,IAAY,EAAE,QAAgB;QAC9C,OAAO,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;IAC1C,CAAC;IAEO,QAAQ,CAAC,OAAe,EAAE,QAAkB;QAClD,OAAO,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC;IACjD,CAAC;IAEO,KAAK,CAAC,OAAe,EAAE,QAAkB;QAC/C,OAAO,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC;IACjD,CAAC;CACF;AAlHD,kCAkHC"}

package/src/std/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { StdReporter } from './StdReporter';

package/src/std/index.js ADDED Viewed

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.StdReporter = void 0;
+var StdReporter_1 = require("./StdReporter");
+Object.defineProperty(exports, "StdReporter", { enumerable: true, get: function () { return StdReporter_1.StdReporter; } });
+//# sourceMappingURL=index.js.map

package/src/std/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/reporter/src/std/index.ts"],"names":[],"mappings":";;;AAAA,6CAA4C;AAAnC,0GAAA,WAAW,OAAA"}

package/src/utils/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { IssuesGrouper } from './issues-grouper';

package/src/utils/index.js ADDED Viewed

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.IssuesGrouper = void 0;
+var issues_grouper_1 = require("./issues-grouper");
+Object.defineProperty(exports, "IssuesGrouper", { enumerable: true, get: function () { return issues_grouper_1.IssuesGrouper; } });
+//# sourceMappingURL=index.js.map

package/src/utils/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/reporter/src/utils/index.ts"],"names":[],"mappings":";;;AAAA,mDAAiD;AAAxC,+GAAA,aAAa,OAAA"}

package/src/utils/issues-grouper.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import { IssuesGroup } from '../models';
+import { Issue } from '@sectester/scan';
+export declare class IssuesGrouper {
+    static group(issues: Issue[]): IssuesGroup[];
+    static groupComparator(a: IssuesGroup, b: IssuesGroup): number;
+}

package/src/utils/issues-grouper.js ADDED Viewed

@@ -0,0 +1,30 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.IssuesGrouper = void 0;
+const scan_1 = require("@sectester/scan");
+class IssuesGrouper {
+    static group(issues) {
+        const grouped = issues.reduce((res, issue) => {
+            const issuesGroup = res.find((group) => group.severity === issue.severity && group.name === issue.name);
+            if (issuesGroup) {
+                issuesGroup.issues.push(issue);
+            }
+            else {
+                res.push({
+                    severity: issue.severity,
+                    name: issue.name,
+                    issues: [issue]
+                });
+            }
+            return res;
+        }, []);
+        grouped.sort(this.groupComparator);
+        return grouped;
+    }
+    static groupComparator(a, b) {
+        const res = (0, scan_1.severityComparator)(a.severity, b.severity);
+        return res ? res : b.issues.length - a.issues.length;
+    }
+}
+exports.IssuesGrouper = IssuesGrouper;
+//# sourceMappingURL=issues-grouper.js.map

package/src/utils/issues-grouper.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"issues-grouper.js","sourceRoot":"","sources":["../../../../../packages/reporter/src/utils/issues-grouper.ts"],"names":[],"mappings":";;;AACA,0CAA4D;AAE5D,MAAa,aAAa;IACjB,MAAM,CAAC,KAAK,CAAC,MAAe;QACjC,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAC3B,CAAC,GAAkB,EAAE,KAAY,EAAiB,EAAE;YAClD,MAAM,WAAW,GAA4B,GAAG,CAAC,IAAI,CACnD,CAAC,KAAkB,EAAE,EAAE,CACrB,KAAK,CAAC,QAAQ,KAAK,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,IAAI,CACjE,CAAC;YACF,IAAI,WAAW,EAAE;gBACf,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;aAChC;iBAAM;gBACL,GAAG,CAAC,IAAI,CAAC;oBACP,QAAQ,EAAE,KAAK,CAAC,QAAQ;oBACxB,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,MAAM,EAAE,CAAC,KAAK,CAAC;iBAChB,CAAC,CAAC;aACJ;YAED,OAAO,GAAG,CAAC;QACb,CAAC,EACD,EAAE,CACH,CAAC;QAEF,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAEnC,OAAO,OAAO,CAAC;IACjB,CAAC;IAEM,MAAM,CAAC,eAAe,CAAC,CAAc,EAAE,CAAc;QAC1D,MAAM,GAAG,GAAG,IAAA,yBAAkB,EAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;QAEvD,OAAO,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC;IACvD,CAAC;CACF;AAjCD,sCAiCC"}