x-fidelity 1.0.0

package/src/operators/currentDependencies.test.ts

@@ -0,0 +1,45 @@
+import { logger } from '../utils/logger';
+import { currentDependencies } from './currentDependencies';
+
+describe('currentDependencies', () => {
+    it('returns true when filePath is not package.json', () => {
+        const filePath = 'notPackage.json';
+        const dependencyData = {};
+        expect(currentDependencies.fn(filePath, JSON.stringify(dependencyData))).toBe(true);
+    });
+
+    it('returns true when all dependencies are up-to-date', () => {
+        const filePath = 'package.json';
+        const dependencyData = {
+            installedDependencyVersions: [
+                { dep: 'dep1', ver: '2.0.0', min: '1.0.0' },
+                { dep: 'dep2', ver: '3.0.0', min: '2.0.0' }
+            ]
+        };
+        expect(currentDependencies.fn(filePath, dependencyData)).toBe(true);
+    });
+
+    it('returns false when at least one dependency is outdated', () => {
+        const filePath = 'package.json';
+        const dependencyData = {
+            installedDependencyVersions: [
+                { dep: 'dep1', ver: '.0.0', min: '1.0.0' },
+                { dep: 'dep2', ver: '1.0.0', min: '2.0.0' }
+            ]
+        };
+        expect(currentDependencies.fn(filePath, dependencyData)).toBe(false);
+    });
+
+    it('logs an error when at least one dependency is outdated', () => {
+        const filePath = 'package.json';
+        const dependencyData = {
+            installedDependencyVersions: [
+                { dep: 'dep1', ver: '1.0.0', min: '1.0.0' },
+                { dep: 'dep2', ver: '1.0.0', min: '2.0.0' }
+            ]
+        };
+        const errorSpy = jest.spyOn(logger, 'error');
+        currentDependencies.fn(filePath, dependencyData);
+        expect(errorSpy).toHaveBeenCalled();
+    });
+});

package/src/operators/currentDependencies.ts

@@ -0,0 +1,40 @@
+import { logger } from '../utils/logger';
+import { RuleDefn, VersionData } from '../typeDefs';
+import * as semver from 'semver';
+
+const currentDependencies: RuleDefn = {
+    'name': 'currentDependencies', 
+    'fn': (filePath: any, dependencyData: any) => {
+        let result = false;
+
+        // this is a special rule we only run on the root package.json, however it checks the entire dependency tree.
+        if (filePath !== 'package.json') {
+            return true;
+        }
+        logger.debug(`currentDependencies: working..`);
+        
+        try {
+            logger.debug(`currentDependencies: processing ${dependencyData.installedDependencyVersions}`);
+            
+            dependencyData.installedDependencyVersions.map((versionData: VersionData) => { 
+                logger.debug(`currentDependencies: checking ${versionData.dep}`);
+
+                const requiredRange = new semver.Range(versionData.min);
+                if (!semver.gtr(versionData.ver, requiredRange)) {
+                    let msg = `dependency ${versionData.dep} is outdated. Current version: ${versionData.ver}, required: ${versionData.min}`;
+                    logger.error(`currentDependencies: ${msg}`);
+                    throw new Error(msg);
+                }
+            });
+            result = true;
+        } catch (e) {
+        
+            result = false;
+        }
+        logger.debug(`currentDependencies: ${result}`);
+        return result;
+        
+    }
+}
+
+export { currentDependencies };

package/src/operators/directoryStructureMatches.test.ts

@@ -0,0 +1,47 @@
+import * as path from 'path';
+import * as fs from 'fs';
+import { directoryStructureMatches } from './directoryStructureMatches';
+import { Stats } from 'fs';
+
+jest.mock('fs');
+jest.mock('path');
+
+describe('directoryStructureMatches', () => {
+    const mockedFs = fs as jest.Mocked<typeof fs>;
+    const mockedPath = path as jest.Mocked<typeof path>;
+
+    beforeEach(() => {
+        mockedFs.existsSync.mockReset();
+        mockedFs.lstatSync.mockReset();
+        mockedPath.dirname.mockReset();
+        mockedPath.join.mockReset();
+    });
+
+    it('should return true if filePath is not "yarn.lock" or hasChecked is true', () => {
+        const result = directoryStructureMatches.fn('notYarn.lock', {});
+        expect(result).toBe(true);
+    });
+    // ...
+
+    it('should return true if directory structure matches the standard structure', () => {
+        mockedPath.dirname.mockReturnValue('/repo');
+        mockedPath.join.mockImplementation((...args) => args.join('/'));
+        mockedFs.existsSync.mockReturnValue(true);
+        mockedFs.lstatSync.mockReturnValue({ isDirectory: () => true } as Stats);
+
+        const result = directoryStructureMatches.fn('yarn.lock', { dir1: null, dir2: { subdir1: null } });
+
+        expect(result).toBe(true);
+    });
+
+    // it('should return false if directory structure does not match the standard structure', () => {
+    //     mockedPath.dirname.mockReturnValue('/repo');
+    //     mockedPath.join.mockImplementation((...args) => args.join('/'));
+    //     mockedFs.existsSync.mockReturnValue(false);
+    //     mockedFs.lstatSync.mockReturnValue({ isDirectory: () => false } as Stats);
+
+    //     const result = directoryStructureMatches.fn('yarn.lock', { dir1: null, dir2: { subdir1: null } });
+
+    //     expect(result).toBe(false);
+    // });
+});

package/src/operators/directoryStructureMatches.ts

@@ -0,0 +1,43 @@
+import { RuleDefn } from '../typeDefs';
+import { logger } from '../utils/logger';
+import * as path from 'path';
+import * as fs from 'fs';
+
+let hasChecked = false;
+
+const directoryStructureMatches: RuleDefn = {
+    'name': 'directoryStructureMatches',
+    'fn': (filePath: any, standardStructure: any) => {
+        if (filePath !== 'yarn.lock' || hasChecked) {
+            return true;
+        }
+
+        const repoPath = path.dirname(filePath);
+        let result = true;
+
+        // check the directory structure of the repo against the standard structure
+        function checkStructure(currentPath: string, structure: any): boolean {
+            for (const key in structure) {
+                const newPath = path.join(currentPath, key);
+                logger.debug(`checking ${newPath}`);
+                if (!fs.existsSync(newPath) || !fs.lstatSync(newPath).isDirectory()) {
+                    logger.debug(`Missing or invalid directory: ${newPath}`);
+                    return false;
+                } else {
+                    result = checkStructure(newPath, structure[key]);
+                }
+            }
+            return result;
+        }
+
+        const checkResult = checkStructure(repoPath, standardStructure);
+        //console.log(checkResult)
+        if (!checkResult) {
+            result = false;
+        } 
+        hasChecked = true;
+        return result;
+    }
+};
+
+export { directoryStructureMatches };

package/src/operators/fileContains.test.ts

@@ -0,0 +1,27 @@
+import { fileContains } from './fileContains';
+
+describe('fileContains', () => {
+    it('returns true when the checkString is found in the fileContent', () => {
+        const fileContent = 'Hello, world!';
+        const checkString = 'world';
+        expect(fileContains.fn(fileContent, checkString)).toBe(true);
+    });
+
+    it('returns false when the checkString is not found in the fileContent', () => {
+        const fileContent = 'Hello, world!';
+        const checkString = 'universe';
+        expect(fileContains.fn(fileContent, checkString)).toBe(false);
+    });
+
+    it('returns true when the checkString is a regular expression that matches part of the fileContent', () => {
+        const fileContent = 'Hello, world!';
+        const checkString = '\\bworld\\b';
+        expect(fileContains.fn(fileContent, checkString)).toBe(true);
+    });
+
+    it('returns false when the checkString is a regular expression that does not match any part of the fileContent', () => {
+        const fileContent = 'Hello, world!';
+        const checkString = '\\buniverse\\b';
+        expect(fileContains.fn(fileContent, checkString)).toBe(false);
+    });
+});

package/src/operators/fileContains.ts

@@ -0,0 +1,19 @@
+import { logger } from '../utils/logger';
+import { RuleDefn } from '../typeDefs';
+
+const fileContains: RuleDefn = {
+    'name': 'fileContains', 
+    'fn': (fileContent: any, checkString: any) => {
+        let result = false;
+
+        const regex = new RegExp(checkString, 'g');
+        if (regex.test(fileContent)) {
+            result = true;
+        }
+        logger.debug(`fileContains '${checkString}': ${result}`);
+        return result;
+        
+    }
+}
+
+export { fileContains };

package/src/operators/index.ts

@@ -0,0 +1,12 @@
+import { RuleDefn } from '../typeDefs';
+import { currentDependencies } from './currentDependencies';
+import { fileContains } from './fileContains';
+import { directoryStructureMatches } from './directoryStructureMatches';
+
+let operators: RuleDefn[] = [];
+operators.push(currentDependencies);
+operators.push(fileContains);
+operators.push(directoryStructureMatches);
+//oracle
+
+export { operators };

package/src/rules/index.ts

@@ -0,0 +1,29 @@
+import { logger } from '../utils/logger';
+import { RuleProperties } from 'json-rules-engine';
+import * as fs from 'fs';
+import * as path from 'path';
+
+let rules: RuleProperties[] = [];
+
+// import each json file in local directory and add to rules array as a RuleProperties object
+async function loadRules() {
+    logger.debug(`loading json rules..`);
+    const ruleFiles = (await fs.promises.readdir(__dirname)).filter(file => file.endsWith('.json'));
+    
+    logger.debug(`found ${ruleFiles.length} rule files to load.`);
+    const rules = await Promise.all(ruleFiles.map(async file => {
+        try {
+            logger.debug(`loading ${file}...`);
+            const rule = await import(path.join(__dirname, file));
+            return rule;
+        } catch (e) {     
+            logger.error(`FATAL: Error loading rule file: ${file}`);
+            logger.error(e);
+            console.error(e);
+        }       
+    }));
+    return rules;
+}
+
+
+export { loadRules };

package/src/rules/noDatabases-rule.json

@@ -0,0 +1,21 @@
+{
+    "name": "noDatabases",
+    "conditions": {
+        "not": {
+            "any": [
+                {
+                    "fact": "fileData",
+                    "path": "$.fileContent",
+                    "operator": "fileContains",
+                    "value": "oracle"
+                }
+            ]
+        }
+    },
+    "event": {
+        "type": "violation",
+        "params": {
+            "message": "noDatabases: code must not directly call databases"
+        }
+    }
+}

package/src/rules/standardDirectoryStructure-rule.json

@@ -0,0 +1,25 @@
+{
+    "name": "standardDirectoryStructure",
+    "conditions": {
+        "all": [
+            {
+                "fact": "fileData",
+                "path": "$.filePath",
+                "operator": "directoryStructureMatches",
+                "value": {
+                    "fact": "standardStructure"
+                }
+            }
+        ]
+    },
+    "event": {
+        "type": "violation",
+        "params": {
+            "message": "The directory structure does not match the standard.",
+            "details": {
+                "fact": "fileData",
+                "path": "$.filePath"
+            }
+        }
+    }
+}

package/src/rules/supportedCoreDependencies-rule.json

@@ -0,0 +1,29 @@
+{
+    "name": "supportedCoreDependencies",
+    "conditions": {
+        "all": [
+            {
+                "fact": "fileData",
+                "path": "$.filePath",
+                "operator": "currentDependencies",
+                "value": {
+                    "fact": "dependencyData"
+                }
+            }    
+        ]
+    },
+    "event": {
+        "type": "violation",
+        "params": {
+            "message": "some important dependencies have expired!",
+            "filePath": {
+                "fact": "fileData",
+                "path": "$.filePath"
+            },
+            "minimumDependencyVersions": {
+                "fact": "dependencyData",
+                "path": "$.minimumDependencyVersions"
+            }
+        }
+    }
+}

package/src/typeDefs.ts

@@ -0,0 +1,40 @@
+import { OperatorEvaluator } from 'json-rules-engine';
+
+export type RuleDefn = {
+    name: string,
+    fn: OperatorEvaluator<string, any>
+}
+export interface ScanResult {
+    filePath: string;
+    errors: RuleFailure[];
+}
+/**
+ * Represents a rule failure.
+ */
+export interface RuleFailure {
+    ruleFailure: string;
+    details: Record<string, any> | undefined;
+}/**
+ * Represents the version data of a dependency.
+ */
+
+export interface VersionData {
+    dep: string;
+    ver: string;
+    min: string;
+}
+/**
+ * Represents the minimum dependency versions.
+ */
+
+export interface MinimumDepVersions {
+    [propertyName: string]: string;
+}
+/**
+ * Represents the local dependencies.
+ */
+
+export interface LocalDependencies {
+    [propertyName: string]: { version: string; };
+}
+

package/src/utils/logger.ts

@@ -0,0 +1,20 @@
+import { createLogger, format, transports } from 'winston';
+
+const logger = createLogger({
+    level: 'debug',
+    format: format.combine(
+        format.timestamp({
+            format: 'YYYY-MM-DD HH:mm:ss.SSS ZZ'
+        }),
+        format.errors({ stack: true }),
+        format.splat(),
+        format.json(),
+        format.prettyPrint()
+    ),
+    transports: [
+        new transports.File({ filename: 'x-fidelity.log'})
+    ]
+});
+
+
+export { logger };

package/tsconfig.json

@@ -0,0 +1,9 @@
+{
+    "compilerOptions": {
+      "target": "es6",
+      "module": "commonjs",
+      "outDir": "dist",
+      "strict": true,
+      "esModuleInterop": true
+    }
+}