airbyte-faros-destination 0.9.66 → 0.9.68
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/converters/vanta/types.d.ts +39 -32
- package/lib/converters/vanta/types.js +1 -1
- package/lib/converters/vanta/types.js.map +1 -1
- package/lib/converters/vanta/utils.d.ts +1 -1
- package/lib/converters/vanta/utils.js +3 -3
- package/lib/converters/vanta/utils.js.map +1 -1
- package/lib/converters/vanta/vulnerabilities.d.ts +35 -30
- package/lib/converters/vanta/vulnerabilities.js +401 -288
- package/lib/converters/vanta/vulnerabilities.js.map +1 -1
- package/lib/tsconfig.tsbuildinfo +1 -1
- package/package.json +3 -3
- package/resources/cicdArtifactVulnerabilityQuery.gql +11 -0
- package/resources/source-specific-configs/vanta.json +7 -1
- package/resources/vcsRepositoryVulnerabilityQuery.gql +8 -0
|
@@ -1,52 +1,48 @@
|
|
|
1
1
|
type OptString = string | null | undefined;
|
|
2
2
|
type OptBool = boolean | null | undefined;
|
|
3
|
-
type OptNumber = number | null | undefined;
|
|
4
3
|
export interface BaseVulnerabilityType {
|
|
5
4
|
uid: string;
|
|
6
5
|
displayName: OptString;
|
|
7
6
|
createdAt: OptString;
|
|
8
7
|
externalURL: OptString;
|
|
9
|
-
severity: OptString
|
|
8
|
+
severity: OptString;
|
|
10
9
|
}
|
|
11
10
|
export type ExtendedVulnerabilityType = BaseVulnerabilityType & {
|
|
12
11
|
description?: OptString;
|
|
13
12
|
externalIds?: OptString[];
|
|
13
|
+
vulnURL?: OptString;
|
|
14
14
|
[key: string]: any;
|
|
15
15
|
};
|
|
16
|
-
export interface
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
16
|
+
export interface GitV2Ignored {
|
|
17
|
+
ignoredAt: OptString;
|
|
18
|
+
ignoredUntil: OptString;
|
|
19
|
+
ignoreReason: OptString;
|
|
20
|
+
reactivateWhenFixable: OptBool;
|
|
20
21
|
}
|
|
21
|
-
export interface
|
|
22
|
-
uid: string;
|
|
22
|
+
export interface GitV2Asset {
|
|
23
23
|
displayName: OptString;
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
severity: OptNumber;
|
|
27
|
-
repositoryName: OptString;
|
|
28
|
-
slaDeadline: OptString;
|
|
29
|
-
vantaDescription: OptString;
|
|
30
|
-
securityAdvisory: GithubSecurityAdvisory;
|
|
31
|
-
}
|
|
32
|
-
export interface AWSFindings {
|
|
33
|
-
description: OptString;
|
|
34
|
-
providerSeverity: OptString;
|
|
35
|
-
name: OptString;
|
|
24
|
+
assetType: OptString;
|
|
25
|
+
imageScanTag: OptString;
|
|
36
26
|
}
|
|
37
|
-
export interface
|
|
27
|
+
export interface GitV2VulnerabilityData {
|
|
38
28
|
uid: string;
|
|
39
29
|
displayName: OptString;
|
|
40
30
|
createdAt: OptString;
|
|
41
31
|
externalURL: OptString;
|
|
42
|
-
severity:
|
|
32
|
+
severity: OptString;
|
|
33
|
+
relatedUrls: string[];
|
|
43
34
|
packageName: OptString;
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
35
|
+
orgName: OptString;
|
|
36
|
+
name: OptString;
|
|
37
|
+
isFixable: OptBool;
|
|
38
|
+
duplicateVulnerabilityId: OptString;
|
|
39
|
+
description: OptString;
|
|
40
|
+
relatedCves: string[];
|
|
41
|
+
remediateBy: OptString;
|
|
42
|
+
packageIdentifier: OptString;
|
|
43
|
+
externalVulnerabilityId: OptString;
|
|
44
|
+
ignored: GitV2Ignored;
|
|
45
|
+
asset: GitV2Asset;
|
|
50
46
|
}
|
|
51
47
|
export interface AWSV2Ignored {
|
|
52
48
|
ignoreReason: OptString;
|
|
@@ -73,8 +69,8 @@ export interface AWSV2VulnerabilityData {
|
|
|
73
69
|
ignored: AWSV2Ignored;
|
|
74
70
|
imageTags: string[];
|
|
75
71
|
imageDigest: OptString;
|
|
72
|
+
relatedUrls: string[];
|
|
76
73
|
}
|
|
77
|
-
export type BaseAWSVuln = AWSVulnerabilityData | AWSV2VulnerabilityData;
|
|
78
74
|
export declare const vulnTypeOptions: string[];
|
|
79
75
|
export interface VcsOrgKey {
|
|
80
76
|
uid: string;
|
|
@@ -96,10 +92,21 @@ export interface CicdArtifactKey {
|
|
|
96
92
|
uid: string;
|
|
97
93
|
repository: CicdRepoKey;
|
|
98
94
|
}
|
|
99
|
-
export type
|
|
95
|
+
export type VulnerabilityKey = {
|
|
96
|
+
uid: string;
|
|
97
|
+
source: string;
|
|
98
|
+
};
|
|
99
|
+
export type VcsRepositoryVulnerabilityResponse = {
|
|
100
|
+
id: string;
|
|
101
|
+
resolvedAt: OptString;
|
|
102
|
+
vulnerability: VulnerabilityKey;
|
|
103
|
+
repository: VcsRepoKey;
|
|
104
|
+
};
|
|
105
|
+
export type CicdArtifactVulnerabilityResponse = {
|
|
100
106
|
id: string;
|
|
101
107
|
resolvedAt: OptString;
|
|
102
|
-
|
|
108
|
+
vulnerability: VulnerabilityKey;
|
|
109
|
+
artifact: CicdArtifactKey;
|
|
103
110
|
};
|
|
104
|
-
export type FarosObjectKey = VcsOrgKey | VcsRepoKey | CicdOrgKey | CicdRepoKey | CicdArtifactKey;
|
|
111
|
+
export type FarosObjectKey = VcsOrgKey | VcsRepoKey | CicdOrgKey | CicdRepoKey | CicdArtifactKey | VulnerabilityKey;
|
|
105
112
|
export {};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/converters/vanta/types.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/converters/vanta/types.ts"],"names":[],"mappings":";;;AAmFa,QAAA,eAAe,GAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC"}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
1
|
export declare function getQueryFromName(name: string): string;
|
|
2
|
-
export declare function
|
|
2
|
+
export declare function looksLikeGitCommitSha(sha: string): boolean;
|
|
@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.
|
|
6
|
+
exports.looksLikeGitCommitSha = exports.getQueryFromName = void 0;
|
|
7
7
|
const fs_extra_1 = __importDefault(require("fs-extra"));
|
|
8
8
|
const path_1 = __importDefault(require("path"));
|
|
9
9
|
// Function to find a specific parent directory
|
|
@@ -34,8 +34,8 @@ function getQueryFromName(name) {
|
|
|
34
34
|
return fs_extra_1.default.readFileSync(`${gql_dir}/${fn}`, 'utf8');
|
|
35
35
|
}
|
|
36
36
|
exports.getQueryFromName = getQueryFromName;
|
|
37
|
-
function
|
|
37
|
+
function looksLikeGitCommitSha(sha) {
|
|
38
38
|
return /^[a-f0-9]{40}$/i.test(sha);
|
|
39
39
|
}
|
|
40
|
-
exports.
|
|
40
|
+
exports.looksLikeGitCommitSha = looksLikeGitCommitSha;
|
|
41
41
|
//# sourceMappingURL=utils.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../src/converters/vanta/utils.ts"],"names":[],"mappings":";;;;;;AAAA,wDAA0B;AAC1B,gDAAwB;AAExB,+CAA+C;AAC/C,SAAS,mBAAmB,CAC1B,UAAkB,EAClB,aAAqB;IAErB,IAAI,WAAW,GAAG,UAAU,CAAC;IAC7B,OAAO,WAAW,KAAK,GAAG,EAAE,CAAC;QAC3B,IAAI,cAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,KAAK,aAAa,EAAE,CAAC;YACjD,OAAO,WAAW,CAAC;QACrB,CAAC;QACD,WAAW,GAAG,cAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAgB,gBAAgB,CAAC,IAAY;IAC3C,MAAM,OAAO,GAAG,SAAS,CAAC;IAC1B,sDAAsD;IACtD,MAAM,aAAa,GAAG,mBAAmB,CACvC,OAAO,EACP,2BAA2B,CAC5B,CAAC;IACF,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,OAAO,GAAG,cAAI,CAAC,IAAI,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;IAEtD,MAAM,EAAE,GAAG,GAAG,IAAI,MAAM,CAAC;IACzB,6BAA6B;IAC7B,IAAI,CAAC,kBAAE,CAAC,UAAU,CAAC,GAAG,OAAO,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,SAAS,EAAE,iBAAiB,OAAO,EAAE,CAAC,CAAC;IACzD,CAAC;IACD,iEAAiE;IACjE,OAAO,kBAAE,CAAC,YAAY,CAAC,GAAG,OAAO,IAAI,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;AACrD,CAAC;AApBD,4CAoBC;AAED,SAAgB,
|
|
1
|
+
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../src/converters/vanta/utils.ts"],"names":[],"mappings":";;;;;;AAAA,wDAA0B;AAC1B,gDAAwB;AAExB,+CAA+C;AAC/C,SAAS,mBAAmB,CAC1B,UAAkB,EAClB,aAAqB;IAErB,IAAI,WAAW,GAAG,UAAU,CAAC;IAC7B,OAAO,WAAW,KAAK,GAAG,EAAE,CAAC;QAC3B,IAAI,cAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,KAAK,aAAa,EAAE,CAAC;YACjD,OAAO,WAAW,CAAC;QACrB,CAAC;QACD,WAAW,GAAG,cAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAgB,gBAAgB,CAAC,IAAY;IAC3C,MAAM,OAAO,GAAG,SAAS,CAAC;IAC1B,sDAAsD;IACtD,MAAM,aAAa,GAAG,mBAAmB,CACvC,OAAO,EACP,2BAA2B,CAC5B,CAAC;IACF,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,OAAO,GAAG,cAAI,CAAC,IAAI,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;IAEtD,MAAM,EAAE,GAAG,GAAG,IAAI,MAAM,CAAC;IACzB,6BAA6B;IAC7B,IAAI,CAAC,kBAAE,CAAC,UAAU,CAAC,GAAG,OAAO,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,SAAS,EAAE,iBAAiB,OAAO,EAAE,CAAC,CAAC;IACzD,CAAC;IACD,iEAAiE;IACjE,OAAO,kBAAE,CAAC,YAAY,CAAC,GAAG,OAAO,IAAI,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;AACrD,CAAC;AApBD,4CAoBC;AAED,SAAgB,qBAAqB,CAAC,GAAW;IAC/C,OAAO,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACrC,CAAC;AAFD,sDAEC"}
|
|
@@ -1,22 +1,21 @@
|
|
|
1
1
|
import { AirbyteRecord } from 'faros-airbyte-cdk';
|
|
2
2
|
import { FarosClient } from 'faros-js-client';
|
|
3
3
|
import { Converter, DestinationModel, DestinationRecord, StreamContext } from '../converter';
|
|
4
|
-
import { AWSV2VulnerabilityData,
|
|
4
|
+
import { AWSV2VulnerabilityData, CicdArtifactKey, CicdArtifactVulnerabilityResponse, ExtendedVulnerabilityType, FarosObjectKey, GitV2VulnerabilityData, VcsRepoKey, VcsRepositoryVulnerabilityResponse } from './types';
|
|
5
5
|
export declare abstract class Vulnerabilities extends Converter {
|
|
6
6
|
source: string;
|
|
7
7
|
readonly destinationModels: ReadonlyArray<DestinationModel>;
|
|
8
|
-
git_vulns:
|
|
9
|
-
aws_vulns: AWSVulnerabilityData[];
|
|
8
|
+
git_vulns: GitV2VulnerabilityData[];
|
|
10
9
|
awsv2_vulns: AWSV2VulnerabilityData[];
|
|
11
10
|
vulnsMissingIds: ExtendedVulnerabilityType[];
|
|
12
11
|
severityMap: {
|
|
13
12
|
[key: string]: number;
|
|
14
13
|
};
|
|
15
|
-
|
|
14
|
+
vantaBasedGitRepositoryNamesToVantaUids: Record<string, string[]>;
|
|
16
15
|
awsV2ContainerNamesToUids: Record<string, string[]>;
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
16
|
+
vantaVulnsFromGitUidsToRecords: Record<string, GitV2VulnerabilityData>;
|
|
17
|
+
vantaVulnsFromAWSUidsToRecords: Record<string, AWSV2VulnerabilityData>;
|
|
18
|
+
duplicateAwsV2UidsAndTitles: Set<[string, string]>;
|
|
20
19
|
duplicateAwsUids: Set<string>;
|
|
21
20
|
vcsRepositoryQuery: string;
|
|
22
21
|
cicdArtifactQueryByCommitSha: string;
|
|
@@ -43,39 +42,45 @@ export declare abstract class Vulnerabilities extends Converter {
|
|
|
43
42
|
id(record: AirbyteRecord): any;
|
|
44
43
|
convert(record: AirbyteRecord): Promise<ReadonlyArray<DestinationRecord>>;
|
|
45
44
|
addUIDToMapping(name: string, uid: string, mapping: Record<string, string[]>): void;
|
|
46
|
-
|
|
47
|
-
|
|
45
|
+
convertDateFormat(inputDate: string): Date | null;
|
|
46
|
+
parseVantaVulnRecordsWithGitV2Origin(vantaVulnsFromGit: GitV2VulnerabilityData[]): DestinationRecord[];
|
|
48
47
|
runFunctionInBatches(names: string[], fc: FarosClient, ctx: StreamContext, batchSize: number, func: (names: string[], fc: FarosClient, ctx: StreamContext) => Promise<FarosObjectKey[]>): Promise<FarosObjectKey[]>;
|
|
49
48
|
getVCSRepositoriesFromNames(vcsRepoNames: string[], fc: FarosClient, ctx: StreamContext): Promise<VcsRepoKey[]>;
|
|
50
49
|
getCICDArtifactsFromCommitShas(commitShas: string[], fc: FarosClient, ctx: StreamContext): Promise<CicdArtifactKey[]>;
|
|
51
|
-
getVCSRepositoriesFromNamesBatches(vcsRepoNames: string[], fc: FarosClient, ctx: StreamContext, batchSize: number): Promise<VcsRepoKey[]>;
|
|
52
|
-
getCICDArtifactFromCommitShaBatches(allCommitShas: Set<string>, fc: FarosClient, ctx: StreamContext): Promise<CicdArtifactKey[]>;
|
|
53
|
-
getAWSCicdArtifactsFromRepoNamesByBatches(allRepoNames: string[], fc: FarosClient, ctx: StreamContext): Promise<CicdArtifactKey[]>;
|
|
54
50
|
getAWSCicdArtifactsFromNames(repoNames: string[], fc: FarosClient, ctx: StreamContext): Promise<CicdArtifactKey[]>;
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
getCommitShasFromAWSVulns(vulns: BaseAWSVuln[], ctx: StreamContext): [Set<string>, Record<string, BaseAWSVuln>];
|
|
61
|
-
getCommitShaDataFromAWSVulns(aws_vulns: BaseAWSVuln[], fc: FarosClient, ctx: StreamContext): Promise<[
|
|
51
|
+
createMissingRepositoryDestinationRecords(missedRepositoryNames: Set<string>): [VcsRepoKey[], DestinationRecord[]];
|
|
52
|
+
getVCSMappingsFromGitVulns(vantaBasedGitRepoNamesToUids: Record<string, string[]>, fc: FarosClient, ctx: StreamContext): Promise<DestinationRecord[]>;
|
|
53
|
+
getVulnStatusDetail(vuln: AWSV2VulnerabilityData | GitV2VulnerabilityData): string;
|
|
54
|
+
getVulnStatusCategory(vuln: AWSV2VulnerabilityData | GitV2VulnerabilityData): string;
|
|
55
|
+
getCommitShasFromAWSVulns(vulns: AWSV2VulnerabilityData[], ctx: StreamContext): [
|
|
62
56
|
Set<string>,
|
|
63
|
-
Record<string,
|
|
64
|
-
|
|
57
|
+
Record<string, AWSV2VulnerabilityData[]>,
|
|
58
|
+
AWSV2VulnerabilityData[]
|
|
59
|
+
];
|
|
60
|
+
getRepoNameAndArtifactUidFromAWSVuln(awsVuln: AWSV2VulnerabilityData, inpRepo: string, inpArtifactUid: string, vuln_type: string): [string, string];
|
|
61
|
+
createAssociatedCicdArtifacts(aws_vulns_with_no_associated_commit_shas: AWSV2VulnerabilityData[], vuln_type: string): [
|
|
62
|
+
CicdArtifactKey[],
|
|
63
|
+
DestinationRecord[],
|
|
64
|
+
Record<string, AWSV2VulnerabilityData[]>
|
|
65
|
+
];
|
|
66
|
+
getCommitShaDataFromFarosUsingAWSVulns(aws_vulns: AWSV2VulnerabilityData[], fc: FarosClient, ctx: StreamContext, vuln_type: string): Promise<[
|
|
67
|
+
Record<string, AWSV2VulnerabilityData[]>,
|
|
68
|
+
Record<string, CicdArtifactKey>,
|
|
69
|
+
DestinationRecord[]
|
|
65
70
|
]>;
|
|
66
|
-
encodeURL(url: string): string;
|
|
71
|
+
encodeURL(url: string | null): string;
|
|
67
72
|
getCICDMappingsFromAWSV2(aws_vulns: AWSV2VulnerabilityData[], fc: FarosClient, ctx: StreamContext): Promise<DestinationRecord[]>;
|
|
68
|
-
getUidFromAWSVuln(vuln:
|
|
69
|
-
|
|
73
|
+
getUidFromAWSVuln(vuln: AWSV2VulnerabilityData): string;
|
|
74
|
+
parseVantaVulnRecordsWithAwsV2Origin(data: AWSV2VulnerabilityData[]): DestinationRecord[];
|
|
70
75
|
combineAwsVulns(aws_v1_vulns: DestinationRecord[], aws_v2_vulns: DestinationRecord[], ctx: StreamContext): DestinationRecord[];
|
|
71
76
|
getSecVulnerabilityRecordFromData(data: ExtendedVulnerabilityType): DestinationRecord;
|
|
72
77
|
printReport(ctx: StreamContext): void;
|
|
73
78
|
getTotalNumberOfRecords(): number;
|
|
74
|
-
|
|
75
|
-
getAllUnresolvedObjectVulnerabilities(ctx: StreamContext, query: string, key: string): Promise<
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
79
|
+
getPaginatedQueryResponseFromFaros(ctx: any, query: string, key: string): Promise<any>;
|
|
80
|
+
getAllUnresolvedObjectVulnerabilities(ctx: StreamContext, query: string, key: string): Promise<VcsRepositoryVulnerabilityResponse[] | CicdArtifactVulnerabilityResponse[]>;
|
|
81
|
+
getUpdateVCSVulnsRecords(ctx: StreamContext): Promise<DestinationRecord[]>;
|
|
82
|
+
getUpdateCICDVulnsRecords(ctx: StreamContext): Promise<DestinationRecord[]>;
|
|
83
|
+
updateExistingVulnerabilities(ctx: StreamContext): Promise<DestinationRecord[]>;
|
|
84
|
+
removeDuplicateRecords(records: DestinationRecord[]): DestinationRecord[];
|
|
80
85
|
onProcessingComplete(ctx: StreamContext): Promise<ReadonlyArray<DestinationRecord>>;
|
|
81
86
|
}
|