airbyte-faros-destination 0.9.66 → 0.9.67

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,52 +1,48 @@
1
1
  type OptString = string | null | undefined;
2
2
  type OptBool = boolean | null | undefined;
3
- type OptNumber = number | null | undefined;
4
3
  export interface BaseVulnerabilityType {
5
4
  uid: string;
6
5
  displayName: OptString;
7
6
  createdAt: OptString;
8
7
  externalURL: OptString;
9
- severity: OptString | OptNumber;
8
+ severity: OptString;
10
9
  }
11
10
  export type ExtendedVulnerabilityType = BaseVulnerabilityType & {
12
11
  description?: OptString;
13
12
  externalIds?: OptString[];
13
+ vulnURL?: OptString;
14
14
  [key: string]: any;
15
15
  };
16
- export interface GithubSecurityAdvisory {
17
- cveId: OptString;
18
- description: OptString;
19
- ghsaId: OptString;
16
+ export interface GitV2Ignored {
17
+ ignoredAt: OptString;
18
+ ignoredUntil: OptString;
19
+ ignoreReason: OptString;
20
+ reactivateWhenFixable: OptBool;
20
21
  }
21
- export interface GithubVulnerabilityData {
22
- uid: string;
22
+ export interface GitV2Asset {
23
23
  displayName: OptString;
24
- createdAt: OptString;
25
- externalURL: OptString;
26
- severity: OptNumber;
27
- repositoryName: OptString;
28
- slaDeadline: OptString;
29
- vantaDescription: OptString;
30
- securityAdvisory: GithubSecurityAdvisory;
31
- }
32
- export interface AWSFindings {
33
- description: OptString;
34
- providerSeverity: OptString;
35
- name: OptString;
24
+ assetType: OptString;
25
+ imageScanTag: OptString;
36
26
  }
37
- export interface AWSVulnerabilityData {
27
+ export interface GitV2VulnerabilityData {
38
28
  uid: string;
39
29
  displayName: OptString;
40
30
  createdAt: OptString;
41
31
  externalURL: OptString;
42
- severity: OptNumber;
32
+ severity: OptString;
33
+ relatedUrls: string[];
43
34
  packageName: OptString;
44
- packageVersion: OptString;
45
- slaDeadline: OptString;
46
- repositoryName: OptString;
47
- repositoryArn: OptString;
48
- findings: AWSFindings[];
49
- imageTags: string[];
35
+ orgName: OptString;
36
+ name: OptString;
37
+ isFixable: OptBool;
38
+ duplicateVulnerabilityId: OptString;
39
+ description: OptString;
40
+ relatedCves: string[];
41
+ remediateBy: OptString;
42
+ packageIdentifier: OptString;
43
+ externalVulnerabilityId: OptString;
44
+ ignored: GitV2Ignored;
45
+ asset: GitV2Asset;
50
46
  }
51
47
  export interface AWSV2Ignored {
52
48
  ignoreReason: OptString;
@@ -73,8 +69,8 @@ export interface AWSV2VulnerabilityData {
73
69
  ignored: AWSV2Ignored;
74
70
  imageTags: string[];
75
71
  imageDigest: OptString;
72
+ relatedUrls: string[];
76
73
  }
77
- export type BaseAWSVuln = AWSVulnerabilityData | AWSV2VulnerabilityData;
78
74
  export declare const vulnTypeOptions: string[];
79
75
  export interface VcsOrgKey {
80
76
  uid: string;
@@ -96,10 +92,21 @@ export interface CicdArtifactKey {
96
92
  uid: string;
97
93
  repository: CicdRepoKey;
98
94
  }
99
- export type VulnerabilityInfo = {
95
+ export type VulnerabilityKey = {
96
+ uid: string;
97
+ source: string;
98
+ };
99
+ export type VcsRepositoryVulnerabilityResponse = {
100
+ id: string;
101
+ resolvedAt: OptString;
102
+ vulnerability: VulnerabilityKey;
103
+ repository: VcsRepoKey;
104
+ };
105
+ export type CicdArtifactVulnerabilityResponse = {
100
106
  id: string;
101
107
  resolvedAt: OptString;
102
- vulnerabilityUid: OptString;
108
+ vulnerability: VulnerabilityKey;
109
+ artifact: CicdArtifactKey;
103
110
  };
104
- export type FarosObjectKey = VcsOrgKey | VcsRepoKey | CicdOrgKey | CicdRepoKey | CicdArtifactKey;
111
+ export type FarosObjectKey = VcsOrgKey | VcsRepoKey | CicdOrgKey | CicdRepoKey | CicdArtifactKey | VulnerabilityKey;
105
112
  export {};
@@ -1,5 +1,5 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.vulnTypeOptions = void 0;
4
- exports.vulnTypeOptions = ['git', 'aws', 'awsv2'];
4
+ exports.vulnTypeOptions = ['gitv2', 'awsv2'];
5
5
  //# sourceMappingURL=types.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/converters/vanta/types.ts"],"names":[],"mappings":";;;AAwFa,QAAA,eAAe,GAAa,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC"}
1
+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/converters/vanta/types.ts"],"names":[],"mappings":";;;AAmFa,QAAA,eAAe,GAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC"}
@@ -1,2 +1,2 @@
1
1
  export declare function getQueryFromName(name: string): string;
2
- export declare function looksLikeGithubCommitSha(sha: string): boolean;
2
+ export declare function looksLikeGitCommitSha(sha: string): boolean;
@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
3
3
  return (mod && mod.__esModule) ? mod : { "default": mod };
4
4
  };
5
5
  Object.defineProperty(exports, "__esModule", { value: true });
6
- exports.looksLikeGithubCommitSha = exports.getQueryFromName = void 0;
6
+ exports.looksLikeGitCommitSha = exports.getQueryFromName = void 0;
7
7
  const fs_extra_1 = __importDefault(require("fs-extra"));
8
8
  const path_1 = __importDefault(require("path"));
9
9
  // Function to find a specific parent directory
@@ -34,8 +34,8 @@ function getQueryFromName(name) {
34
34
  return fs_extra_1.default.readFileSync(`${gql_dir}/${fn}`, 'utf8');
35
35
  }
36
36
  exports.getQueryFromName = getQueryFromName;
37
- function looksLikeGithubCommitSha(sha) {
37
+ function looksLikeGitCommitSha(sha) {
38
38
  return /^[a-f0-9]{40}$/i.test(sha);
39
39
  }
40
- exports.looksLikeGithubCommitSha = looksLikeGithubCommitSha;
40
+ exports.looksLikeGitCommitSha = looksLikeGitCommitSha;
41
41
  //# sourceMappingURL=utils.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../src/converters/vanta/utils.ts"],"names":[],"mappings":";;;;;;AAAA,wDAA0B;AAC1B,gDAAwB;AAExB,+CAA+C;AAC/C,SAAS,mBAAmB,CAC1B,UAAkB,EAClB,aAAqB;IAErB,IAAI,WAAW,GAAG,UAAU,CAAC;IAC7B,OAAO,WAAW,KAAK,GAAG,EAAE,CAAC;QAC3B,IAAI,cAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,KAAK,aAAa,EAAE,CAAC;YACjD,OAAO,WAAW,CAAC;QACrB,CAAC;QACD,WAAW,GAAG,cAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAgB,gBAAgB,CAAC,IAAY;IAC3C,MAAM,OAAO,GAAG,SAAS,CAAC;IAC1B,sDAAsD;IACtD,MAAM,aAAa,GAAG,mBAAmB,CACvC,OAAO,EACP,2BAA2B,CAC5B,CAAC;IACF,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,OAAO,GAAG,cAAI,CAAC,IAAI,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;IAEtD,MAAM,EAAE,GAAG,GAAG,IAAI,MAAM,CAAC;IACzB,6BAA6B;IAC7B,IAAI,CAAC,kBAAE,CAAC,UAAU,CAAC,GAAG,OAAO,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,SAAS,EAAE,iBAAiB,OAAO,EAAE,CAAC,CAAC;IACzD,CAAC;IACD,iEAAiE;IACjE,OAAO,kBAAE,CAAC,YAAY,CAAC,GAAG,OAAO,IAAI,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;AACrD,CAAC;AApBD,4CAoBC;AAED,SAAgB,wBAAwB,CAAC,GAAW;IAClD,OAAO,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACrC,CAAC;AAFD,4DAEC"}
1
+ {"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../src/converters/vanta/utils.ts"],"names":[],"mappings":";;;;;;AAAA,wDAA0B;AAC1B,gDAAwB;AAExB,+CAA+C;AAC/C,SAAS,mBAAmB,CAC1B,UAAkB,EAClB,aAAqB;IAErB,IAAI,WAAW,GAAG,UAAU,CAAC;IAC7B,OAAO,WAAW,KAAK,GAAG,EAAE,CAAC;QAC3B,IAAI,cAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,KAAK,aAAa,EAAE,CAAC;YACjD,OAAO,WAAW,CAAC;QACrB,CAAC;QACD,WAAW,GAAG,cAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAgB,gBAAgB,CAAC,IAAY;IAC3C,MAAM,OAAO,GAAG,SAAS,CAAC;IAC1B,sDAAsD;IACtD,MAAM,aAAa,GAAG,mBAAmB,CACvC,OAAO,EACP,2BAA2B,CAC5B,CAAC;IACF,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,OAAO,GAAG,cAAI,CAAC,IAAI,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;IAEtD,MAAM,EAAE,GAAG,GAAG,IAAI,MAAM,CAAC;IACzB,6BAA6B;IAC7B,IAAI,CAAC,kBAAE,CAAC,UAAU,CAAC,GAAG,OAAO,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,SAAS,EAAE,iBAAiB,OAAO,EAAE,CAAC,CAAC;IACzD,CAAC;IACD,iEAAiE;IACjE,OAAO,kBAAE,CAAC,YAAY,CAAC,GAAG,OAAO,IAAI,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;AACrD,CAAC;AApBD,4CAoBC;AAED,SAAgB,qBAAqB,CAAC,GAAW;IAC/C,OAAO,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACrC,CAAC;AAFD,sDAEC"}
@@ -1,22 +1,21 @@
1
1
  import { AirbyteRecord } from 'faros-airbyte-cdk';
2
2
  import { FarosClient } from 'faros-js-client';
3
3
  import { Converter, DestinationModel, DestinationRecord, StreamContext } from '../converter';
4
- import { AWSV2VulnerabilityData, AWSVulnerabilityData, BaseAWSVuln, CicdArtifactKey, ExtendedVulnerabilityType, FarosObjectKey, GithubVulnerabilityData, VcsRepoKey, VulnerabilityInfo } from './types';
4
+ import { AWSV2VulnerabilityData, CicdArtifactKey, CicdArtifactVulnerabilityResponse, ExtendedVulnerabilityType, FarosObjectKey, GitV2VulnerabilityData, VcsRepoKey, VcsRepositoryVulnerabilityResponse } from './types';
5
5
  export declare abstract class Vulnerabilities extends Converter {
6
6
  source: string;
7
7
  readonly destinationModels: ReadonlyArray<DestinationModel>;
8
- git_vulns: GithubVulnerabilityData[];
9
- aws_vulns: AWSVulnerabilityData[];
8
+ git_vulns: GitV2VulnerabilityData[];
10
9
  awsv2_vulns: AWSV2VulnerabilityData[];
11
10
  vulnsMissingIds: ExtendedVulnerabilityType[];
12
11
  severityMap: {
13
12
  [key: string]: number;
14
13
  };
15
- repositoryNamesToUids: Record<string, string[]>;
14
+ vantaBasedGitRepositoryNamesToVantaUids: Record<string, string[]>;
16
15
  awsV2ContainerNamesToUids: Record<string, string[]>;
17
- gitUidsToVulns: Record<string, GithubVulnerabilityData>;
18
- awsUidsToVulns: Record<string, AWSVulnerabilityData>;
19
- duplicateAwsV2Uids: Set<string>;
16
+ vantaVulnsFromGitUidsToRecords: Record<string, GitV2VulnerabilityData>;
17
+ vantaVulnsFromAWSUidsToRecords: Record<string, AWSV2VulnerabilityData>;
18
+ duplicateAwsV2UidsAndTitles: Set<[string, string]>;
20
19
  duplicateAwsUids: Set<string>;
21
20
  vcsRepositoryQuery: string;
22
21
  cicdArtifactQueryByCommitSha: string;
@@ -43,39 +42,45 @@ export declare abstract class Vulnerabilities extends Converter {
43
42
  id(record: AirbyteRecord): any;
44
43
  convert(record: AirbyteRecord): Promise<ReadonlyArray<DestinationRecord>>;
45
44
  addUIDToMapping(name: string, uid: string, mapping: Record<string, string[]>): void;
46
- getVulnRecordsFromGit(data: GithubVulnerabilityData[]): DestinationRecord[];
47
- getVulnRecordsFromAws(data: AWSVulnerabilityData[]): DestinationRecord[];
45
+ convertDateFormat(inputDate: string): Date | null;
46
+ parseVantaVulnRecordsWithGitV2Origin(vantaVulnsFromGit: GitV2VulnerabilityData[]): DestinationRecord[];
48
47
  runFunctionInBatches(names: string[], fc: FarosClient, ctx: StreamContext, batchSize: number, func: (names: string[], fc: FarosClient, ctx: StreamContext) => Promise<FarosObjectKey[]>): Promise<FarosObjectKey[]>;
49
48
  getVCSRepositoriesFromNames(vcsRepoNames: string[], fc: FarosClient, ctx: StreamContext): Promise<VcsRepoKey[]>;
50
49
  getCICDArtifactsFromCommitShas(commitShas: string[], fc: FarosClient, ctx: StreamContext): Promise<CicdArtifactKey[]>;
51
- getVCSRepositoriesFromNamesBatches(vcsRepoNames: string[], fc: FarosClient, ctx: StreamContext, batchSize: number): Promise<VcsRepoKey[]>;
52
- getCICDArtifactFromCommitShaBatches(allCommitShas: Set<string>, fc: FarosClient, ctx: StreamContext): Promise<CicdArtifactKey[]>;
53
- getAWSCicdArtifactsFromRepoNamesByBatches(allRepoNames: string[], fc: FarosClient, ctx: StreamContext): Promise<CicdArtifactKey[]>;
54
50
  getAWSCicdArtifactsFromNames(repoNames: string[], fc: FarosClient, ctx: StreamContext): Promise<CicdArtifactKey[]>;
55
- getVCSMappingsFromGit(gitRepoNamesToUIDs: Record<string, string[]>, fc: FarosClient, ctx: StreamContext): Promise<DestinationRecord[]>;
56
- getAWSV2VulnStatusDetail(vuln: AWSV2VulnerabilityData): string;
57
- getAWSV2VulnStatusCategory(vuln: AWSV2VulnerabilityData): string;
58
- getCICDMappingsFromAWSByCommitSha(fc: FarosClient, ctx: StreamContext): Promise<[DestinationRecord[], Set<string>]>;
59
- getCICDMappingsFromAWSByRepoName(fc: FarosClient, ctx: StreamContext, vulnUidsToCheck: Set<string>): Promise<DestinationRecord[]>;
60
- getCommitShasFromAWSVulns(vulns: BaseAWSVuln[], ctx: StreamContext): [Set<string>, Record<string, BaseAWSVuln>];
61
- getCommitShaDataFromAWSVulns(aws_vulns: BaseAWSVuln[], fc: FarosClient, ctx: StreamContext): Promise<[
51
+ createMissingRepositoryDestinationRecords(missedRepositoryNames: Set<string>): [VcsRepoKey[], DestinationRecord[]];
52
+ getVCSMappingsFromGitVulns(vantaBasedGitRepoNamesToUids: Record<string, string[]>, fc: FarosClient, ctx: StreamContext): Promise<DestinationRecord[]>;
53
+ getVulnStatusDetail(vuln: AWSV2VulnerabilityData | GitV2VulnerabilityData): string;
54
+ getVulnStatusCategory(vuln: AWSV2VulnerabilityData | GitV2VulnerabilityData): string;
55
+ getCommitShasFromAWSVulns(vulns: AWSV2VulnerabilityData[], ctx: StreamContext): [
62
56
  Set<string>,
63
- Record<string, BaseAWSVuln>,
64
- Record<string, CicdArtifactKey>
57
+ Record<string, AWSV2VulnerabilityData>,
58
+ AWSV2VulnerabilityData[]
59
+ ];
60
+ getRepoNameAndArtifactUidFromAWSVuln(awsVuln: AWSV2VulnerabilityData, inpRepo: string, inpArtifactUid: string, vuln_type: string): [string, string];
61
+ createAssociatedCicdArtifacts(aws_vulns_with_no_associated_commit_shas: AWSV2VulnerabilityData[], vuln_type: string): [
62
+ CicdArtifactKey[],
63
+ DestinationRecord[],
64
+ Record<string, AWSV2VulnerabilityData>
65
+ ];
66
+ getCommitShaDataFromFarosUsingAWSVulns(aws_vulns: AWSV2VulnerabilityData[], fc: FarosClient, ctx: StreamContext, vuln_type: string): Promise<[
67
+ Record<string, AWSV2VulnerabilityData>,
68
+ Record<string, CicdArtifactKey>,
69
+ DestinationRecord[]
65
70
  ]>;
66
- encodeURL(url: string): string;
71
+ encodeURL(url: string | null): string;
67
72
  getCICDMappingsFromAWSV2(aws_vulns: AWSV2VulnerabilityData[], fc: FarosClient, ctx: StreamContext): Promise<DestinationRecord[]>;
68
- getUidFromAWSVuln(vuln: BaseAWSVuln): string;
69
- getVulnRecordsFromAwsV2(data: AWSV2VulnerabilityData[]): DestinationRecord[];
73
+ getUidFromAWSVuln(vuln: AWSV2VulnerabilityData): string;
74
+ parseVantaVulnRecordsWithAwsV2Origin(data: AWSV2VulnerabilityData[]): DestinationRecord[];
70
75
  combineAwsVulns(aws_v1_vulns: DestinationRecord[], aws_v2_vulns: DestinationRecord[], ctx: StreamContext): DestinationRecord[];
71
76
  getSecVulnerabilityRecordFromData(data: ExtendedVulnerabilityType): DestinationRecord;
72
77
  printReport(ctx: StreamContext): void;
73
78
  getTotalNumberOfRecords(): number;
74
- getPaginatedQueryResults(ctx: any, query: string, key: string): Promise<any>;
75
- getAllUnresolvedObjectVulnerabilities(ctx: StreamContext, query: string, key: string): Promise<VulnerabilityInfo[]>;
76
- updateVulnsInBatches(ctx: StreamContext, ids: string[], resolvedAt: string, mutationName: string, updateName: string, updatesPerRequest: number): Promise<void>;
77
- updateVCSVulnsToResolved(ctx: StreamContext): Promise<number>;
78
- updateCICDVulnsToResolved(ctx: StreamContext): Promise<number>;
79
- updateExistingVulnerabilities(ctx: StreamContext): Promise<void>;
79
+ getPaginatedQueryResponseFromFaros(ctx: any, query: string, key: string): Promise<any>;
80
+ getAllUnresolvedObjectVulnerabilities(ctx: StreamContext, query: string, key: string): Promise<VcsRepositoryVulnerabilityResponse[] | CicdArtifactVulnerabilityResponse[]>;
81
+ getUpdateVCSVulnsRecords(ctx: StreamContext): Promise<DestinationRecord[]>;
82
+ getUpdateCICDVulnsRecords(ctx: StreamContext): Promise<DestinationRecord[]>;
83
+ updateExistingVulnerabilities(ctx: StreamContext): Promise<DestinationRecord[]>;
84
+ removeDuplicateRecords(records: DestinationRecord[]): DestinationRecord[];
80
85
  onProcessingComplete(ctx: StreamContext): Promise<ReadonlyArray<DestinationRecord>>;
81
86
  }