From ffe7484d2361a274b2b5373bcacc33031199d1be Mon Sep 17 00:00:00 2001 From: Sany Anton Cyrus Date: Thu, 3 Oct 2024 18:17:15 +0530 Subject: [PATCH 01/10] Separate CWE support for batchfix and single fix --- dist/index.js | 48 ++++++++++++++++++++++++++++++---------- src/check_cwe_support.ts | 44 ++++++++++++++++++++++++++++-------- src/run_batch.ts | 4 ++-- 3 files changed, 73 insertions(+), 23 deletions(-) diff --git a/dist/index.js b/dist/index.js index 5d9e57e..463865d 100644 --- a/dist/index.js +++ b/dist/index.js @@ -52399,11 +52399,35 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge }; Object.defineProperty(exports, "__esModule", ({ value: true })); exports.checkCWE = void 0; -function checkCWE(flawInfo, options) { - return __awaiter(this, void 0, void 0, function* () { +const CWESupportMatrix = { + "individual": { + "java": ["117", "80", "404", "159", "209", "597", "89", "611", "331", "327", "113", "601", "502"], + "cs": ["80", "117", "352", "73", "404", "89", "209", "316", "601", "327", "331", "611"], + "js": ["80", "117", "89", "73", "601", "352", "78", "209", "327", "312", "614", "311", "611", "113"], + "php": ["80", "73", "89", "117"], + "py": ["80", "73", "331", "327", "295", "601", "78", "89", "757"], + "kotlin": ["80", "89", "113", "117", "331", "404"], + "scala": ["611", "117", "80", "78"], + "go": ["73", "78", "117"], + "ruby": ["73", "80", "89", "117", "601"] + }, + "batch": { + "java": ["117", "80", "404", "159", "209", "597", "89", "611", "331", "113"], + "cs": ["80", "117", "352", "404", "89", "209", "316", "331", "611"], + "js": ["80", "117", "89", "352", "78", "209", "614", "611", "113"], + "php": ["80", "89", "117"], + "py": ["80", "331", "295", "78", "89", "757"], + "kotlin": ["80", "89", "113", "117", "331", "404"], + "scala": ["611", "117", "80", "78"], + "go": ["73", "78", "117"], + "ruby": ["73", "80", "89", "117", "601"] + } +}; +function checkCWE(flawInfo_1, options_1) { + return __awaiter(this, arguments, void 0, function* (flawInfo, options, batchFix = false) { if (flawInfo.language == 'java') { console.log('CWE check for Java'); - const supportedCWEs = [80, 89, 113, 117, 327, 331, 382, 470, 597, 601]; + const supportedCWEs = batchFix ? CWESupportMatrix.batch.java : CWESupportMatrix.individual.java; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52425,7 +52449,7 @@ function checkCWE(flawInfo, options) { } else if (flawInfo.language == 'csharp') { console.log('CWE check for C#'); - const supportedCWEs = [80, 89, 201, 209, 259, 352, 404, 601, 611, 798]; + const supportedCWEs = batchFix ? CWESupportMatrix.batch.cs : CWESupportMatrix.individual.cs; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52452,7 +52476,7 @@ function checkCWE(flawInfo, options) { console.log('CWE check for JavaScript'); console.log('#######- DEBUG MODE -#######'); } - const supportedCWEs = [73, 78, 80, 113, 117, 327, 611, 614]; + const supportedCWEs = batchFix ? CWESupportMatrix.batch.js : CWESupportMatrix.individual.js; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52474,7 +52498,7 @@ function checkCWE(flawInfo, options) { } else if (flawInfo.language == 'python') { console.log('CWE check for Python'); - const supportedCWEs = [73, 78, 80, 89, 295, 327, 331, 601, 757]; + const supportedCWEs = batchFix ? CWESupportMatrix.batch.py : CWESupportMatrix.individual.py; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52496,7 +52520,7 @@ function checkCWE(flawInfo, options) { } else if (flawInfo.language == 'php') { console.log('CWE check for PHP'); - const supportedCWEs = [73, 80, 89, 117]; + const supportedCWEs = batchFix ? CWESupportMatrix.batch.php : CWESupportMatrix.individual.php; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52518,7 +52542,7 @@ function checkCWE(flawInfo, options) { } else if (flawInfo.language == 'scala') { console.log('CWE check for Scala'); - const supportedCWEs = [78, 80, 89, 117, 611]; + const supportedCWEs = batchFix ? CWESupportMatrix.batch.scala : CWESupportMatrix.individual.scala; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52540,7 +52564,7 @@ function checkCWE(flawInfo, options) { } else if (flawInfo.language == 'kotlin') { console.log('CWE check for Kotlin'); - const supportedCWEs = [80, 89, 113, 117, 331]; + const supportedCWEs = batchFix ? CWESupportMatrix.batch.kotlin : CWESupportMatrix.individual.kotlin; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52562,7 +52586,7 @@ function checkCWE(flawInfo, options) { } else if (flawInfo.language == 'go') { console.log('CWE check for Go'); - const supportedCWEs = [73, 78, 117]; + const supportedCWEs = batchFix ? CWESupportMatrix.batch.go : CWESupportMatrix.individual.go; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -53987,7 +54011,7 @@ function runBatch(options, credentials) { } if (cweList.includes(flawArray[sourceFile][j].cwe_id)) { console.log('CWE ' + flawArray[sourceFile][j].cwe_id + ' is in the list of CWEs to fix, creating flaw info'); - if ((yield (0, check_cwe_support_1.checkCWE)(initialFlawInfo, options)) == true) { + if ((yield (0, check_cwe_support_1.checkCWE)(initialFlawInfo, options, true)) == true) { const flawInfo = yield (0, createFlawInfo_1.createFlawInfo)(initialFlawInfo, options); if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -54026,7 +54050,7 @@ function runBatch(options, credentials) { } else { console.log('Fix for all CWEs'); - if ((yield (0, check_cwe_support_1.checkCWE)(initialFlawInfo, options)) == true) { + if ((yield (0, check_cwe_support_1.checkCWE)(initialFlawInfo, options, true)) == true) { const flawInfo = yield (0, createFlawInfo_1.createFlawInfo)(initialFlawInfo, options); //write flaw info and source file const flawFoldername = 'cwe-' + flawInfo.CWEId + '-line-' + flawInfo.line + '-issue-' + flawInfo.issueId; diff --git a/src/check_cwe_support.ts b/src/check_cwe_support.ts index 6aee394..7d663a6 100644 --- a/src/check_cwe_support.ts +++ b/src/check_cwe_support.ts @@ -1,7 +1,33 @@ -export async function checkCWE(flawInfo:any, options:any) { + +const CWESupportMatrix = { + "individual": { + "java": ["117", "80", "404", "159", "209", "597", "89", "611", "331", "327", "113", "601", "502"], + "cs": ["80", "117", "352", "73", "404", "89", "209", "316", "601", "327", "331", "611"], + "js": ["80", "117", "89", "73", "601", "352", "78", "209", "327", "312", "614", "311", "611", "113"], + "php": ["80", "73", "89", "117"], + "py": ["80", "73", "331", "327", "295", "601", "78", "89", "757"], + "kotlin": ["80", "89", "113", "117", "331", "404"], + "scala": ["611", "117", "80", "78"], + "go": ["73", "78", "117"], + "ruby": ["73", "80", "89", "117", "601"] + }, + "batch": { + "java": ["117", "80", "404", "159", "209", "597", "89", "611", "331", "113"], + "cs": ["80", "117", "352", "404", "89", "209", "316", "331", "611"], + "js": ["80", "117", "89", "352", "78", "209", "614", "611", "113"], + "php": ["80", "89", "117"], + "py": ["80", "331", "295", "78", "89", "757"], + "kotlin": ["80", "89", "113", "117", "331", "404"], + "scala": ["611", "117", "80", "78"], + "go": ["73", "78", "117"], + "ruby": ["73", "80", "89", "117", "601"] + } + } + +export async function checkCWE(flawInfo:any, options:any,batchFix=false){ if (flawInfo.language == 'java'){ console.log('CWE check for Java') - const supportedCWEs = [80,89,113,117,327,331,382,470,597,601] + const supportedCWEs = batchFix ? CWESupportMatrix.batch.java : CWESupportMatrix.individual.java if (supportedCWEs.includes(flawInfo.cweID)){ if (options.DEBUG == 'true'){ @@ -24,7 +50,7 @@ export async function checkCWE(flawInfo:any, options:any) { } else if (flawInfo.language == 'csharp'){ console.log('CWE check for C#') - const supportedCWEs = [80,89,201,209,259,352,404,601,611,798] + const supportedCWEs = batchFix ? CWESupportMatrix.batch.cs : CWESupportMatrix.individual.cs if (supportedCWEs.includes(flawInfo.cweID)){ if (options.DEBUG == 'true'){ console.log('#######- DEBUG MODE -#######') @@ -51,7 +77,7 @@ export async function checkCWE(flawInfo:any, options:any) { console.log('CWE check for JavaScript') console.log('#######- DEBUG MODE -#######') } - const supportedCWEs = [73,78,80,113,117,327,611,614] + const supportedCWEs = batchFix ? CWESupportMatrix.batch.js : CWESupportMatrix.individual.js if (supportedCWEs.includes(flawInfo.cweID)){ if (options.DEBUG == 'true'){ console.log('#######- DEBUG MODE -#######') @@ -73,7 +99,7 @@ export async function checkCWE(flawInfo:any, options:any) { } else if (flawInfo.language == 'python'){ console.log('CWE check for Python') - const supportedCWEs = [73,78,80,89,295,327,331,601,757] + const supportedCWEs = batchFix ? CWESupportMatrix.batch.py : CWESupportMatrix.individual.py if (supportedCWEs.includes(flawInfo.cweID)){ if (options.DEBUG == 'true'){ console.log('#######- DEBUG MODE -#######') @@ -95,7 +121,7 @@ export async function checkCWE(flawInfo:any, options:any) { } else if (flawInfo.language == 'php'){ console.log('CWE check for PHP') - const supportedCWEs = [73,80,89,117] + const supportedCWEs = batchFix ? CWESupportMatrix.batch.php : CWESupportMatrix.individual.php if (supportedCWEs.includes(flawInfo.cweID)){ if (options.DEBUG == 'true'){ console.log('#######- DEBUG MODE -#######') @@ -117,7 +143,7 @@ export async function checkCWE(flawInfo:any, options:any) { } else if (flawInfo.language == 'scala'){ console.log('CWE check for Scala') - const supportedCWEs = [78,80,89,117,611] + const supportedCWEs = batchFix ? CWESupportMatrix.batch.scala : CWESupportMatrix.individual.scala if (supportedCWEs.includes(flawInfo.cweID)){ if (options.DEBUG == 'true'){ console.log('#######- DEBUG MODE -#######') @@ -139,7 +165,7 @@ export async function checkCWE(flawInfo:any, options:any) { } else if (flawInfo.language == 'kotlin'){ console.log('CWE check for Kotlin') - const supportedCWEs = [80,89,113,117,331] + const supportedCWEs = batchFix ? CWESupportMatrix.batch.kotlin : CWESupportMatrix.individual.kotlin if (supportedCWEs.includes(flawInfo.cweID)){ if (options.DEBUG == 'true'){ console.log('#######- DEBUG MODE -#######') @@ -161,7 +187,7 @@ export async function checkCWE(flawInfo:any, options:any) { } else if (flawInfo.language == 'go'){ console.log('CWE check for Go') - const supportedCWEs = [73,78,117] + const supportedCWEs = batchFix ? CWESupportMatrix.batch.go : CWESupportMatrix.individual.go if (supportedCWEs.includes(flawInfo.cweID)){ if (options.DEBUG == 'true'){ console.log('#######- DEBUG MODE -#######') diff --git a/src/run_batch.ts b/src/run_batch.ts index 6428a0b..385d007 100644 --- a/src/run_batch.ts +++ b/src/run_batch.ts @@ -114,7 +114,7 @@ export async function runBatch( options:any, credentials:any){ if (cweList.includes(flawArray[sourceFile][j].cwe_id)) { console.log('CWE '+flawArray[sourceFile][j].cwe_id+' is in the list of CWEs to fix, creating flaw info') - if (await checkCWE(initialFlawInfo, options) == true){ + if (await checkCWE(initialFlawInfo, options, true) == true){ const flawInfo = await createFlawInfo(initialFlawInfo,options) if (options.DEBUG == 'true'){ @@ -157,7 +157,7 @@ export async function runBatch( options:any, credentials:any){ else { console.log('Fix for all CWEs') - if (await checkCWE(initialFlawInfo, options) == true){ + if (await checkCWE(initialFlawInfo, options, true) == true){ const flawInfo = await createFlawInfo(initialFlawInfo,options) //write flaw info and source file From d854e1790fe03ba00edd046aaff8a3178d77cdf2 Mon Sep 17 00:00:00 2001 From: Sany Anton Cyrus Date: Thu, 10 Oct 2024 15:20:50 +0530 Subject: [PATCH 02/10] sourcecode zip folder logic refactor --- dist/index.js | 50 +++++++++++++++++++++++++++++++++++------------- src/index.ts | 5 +++++ src/run_batch.ts | 29 +++++++++++++++------------- 3 files changed, 58 insertions(+), 26 deletions(-) diff --git a/dist/index.js b/dist/index.js index 463865d..3327f77 100644 --- a/dist/index.js +++ b/dist/index.js @@ -52611,6 +52611,20 @@ function checkCWE(flawInfo_1, options_1) { exports.checkCWE = checkCWE; +/***/ }), + +/***/ 3691: +/***/ ((__unused_webpack_module, exports) => { + +"use strict"; + +Object.defineProperty(exports, "__esModule", ({ value: true })); +exports.tempFolder = exports.sourcecodeFolderName = void 0; +exports.sourcecodeFolderName = 'app/'; +//export temp folder value from github action +exports.tempFolder = process.env.RUNNER_TEMP || ''; + + /***/ }), /***/ 9102: @@ -53419,6 +53433,8 @@ const core = __importStar(__nccwpck_require__(5763)); const run_single_1 = __nccwpck_require__(1733); const run_batch_1 = __nccwpck_require__(9924); const fs_1 = __importDefault(__nccwpck_require__(7147)); +const constants_1 = __nccwpck_require__(3691); +const constants_2 = __nccwpck_require__(3691); let credentials = {}; let options = {}; function getInputOrEnv(name, required) { @@ -53449,6 +53465,9 @@ options['token'] = getInputOrEnv('token', false); const resultsFile = fs_1.default.readFileSync(options.file, 'utf8'); if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); + console.log('process.env.RUNNER_TEMP= ' + process.env.RUNNER_TEMP); + console.log('source folder = ' + constants_1.sourcecodeFolderName); + console.log('temp folder = ' + constants_2.tempFolder); console.log('results.json: ' + resultsFile); console.log('checking if items are present to fix: '); console.log('#######- DEBUG MODE -#######'); @@ -53566,6 +53585,7 @@ function upload(platform, tar, options) { }); } exports.upload = upload; +//app function uploadBatch(credentials, tar, options) { return __awaiter(this, void 0, void 0, function* () { const platform = yield (0, select_platform_1.selectPlatfrom)(credentials); @@ -53926,6 +53946,9 @@ const child_process_1 = __nccwpck_require__(2081); const checkRun_1 = __nccwpck_require__(9881); const rewritePath_1 = __nccwpck_require__(7415); const create_pr_1 = __nccwpck_require__(8931); +//app +const constants_1 = __nccwpck_require__(3691); +const constants_2 = __nccwpck_require__(3691); function runBatch(options, credentials) { return __awaiter(this, void 0, void 0, function* () { //read json file @@ -54023,9 +54046,9 @@ function runBatch(options, credentials) { const flawFoldername = 'cwe-' + flawInfo.CWEId + '-line-' + flawInfo.line + '-issue-' + flawInfo.issueId; const flawFilenane = 'flaw_' + flawInfo.issueId + '.json'; console.log('Writing flaw to: app/' + flawFoldername + '/' + flawFilenane); - fs_1.default.mkdirSync('app/flaws/' + flawFoldername, { recursive: true }); - fs_1.default.writeFileSync('app/flaws/' + flawFoldername + '/' + flawFilenane, JSON.stringify(flawInfo, null, 2)); - if (fs_1.default.existsSync('app/' + flawInfo.sourceFile)) { + fs_1.default.mkdirSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + 'flaws/' + flawFoldername, { recursive: true }); + fs_1.default.writeFileSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + '/flaws/' + flawFoldername + '/' + flawFilenane, JSON.stringify(flawInfo, null, 2)); + if (fs_1.default.existsSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + flawInfo.sourceFile)) { console.log('File exists nothing to do'); } else { @@ -54033,11 +54056,11 @@ function runBatch(options, credentials) { let str = flawInfo.sourceFile; let lastSlashIndex = str.lastIndexOf('/'); let strBeforeLastSlash = str.substring(0, lastSlashIndex); - if (!fs_1.default.existsSync('app/' + strBeforeLastSlash)) { + if (!fs_1.default.existsSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + strBeforeLastSlash)) { console.log('Destination directory does not exist lest create it'); - fs_1.default.mkdirSync('app/' + strBeforeLastSlash, { recursive: true }); + fs_1.default.mkdirSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + strBeforeLastSlash, { recursive: true }); } - fs_1.default.copyFileSync(flawInfo.sourceFile, 'app/' + flawInfo.sourceFile); + fs_1.default.copyFileSync(flawInfo.sourceFile, constants_2.tempFolder + constants_1.sourcecodeFolderName + flawInfo.sourceFile); } } else { @@ -54056,9 +54079,9 @@ function runBatch(options, credentials) { const flawFoldername = 'cwe-' + flawInfo.CWEId + '-line-' + flawInfo.line + '-issue-' + flawInfo.issueId; const flawFilenane = 'flaw_' + flawInfo.issueId + '.json'; console.log('Writing flaw to: app/flaws/' + flawFoldername + '/' + flawFilenane); - fs_1.default.mkdirSync('app/flaws/' + flawFoldername, { recursive: true }); - fs_1.default.writeFileSync('app/flaws/' + flawFoldername + '/' + flawFilenane, JSON.stringify(flawInfo, null, 2)); - if (fs_1.default.existsSync('app/' + flawInfo.sourceFile)) { + fs_1.default.mkdirSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + 'flaws/' + flawFoldername, { recursive: true }); + fs_1.default.writeFileSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + 'flaws/' + flawFoldername + '/' + flawFilenane, JSON.stringify(flawInfo, null, 2)); + if (fs_1.default.existsSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + flawInfo.sourceFile)) { console.log('File exists nothing to do'); } else { @@ -54066,11 +54089,11 @@ function runBatch(options, credentials) { let str = flawInfo.sourceFile; let lastSlashIndex = str.lastIndexOf('/'); let strBeforeLastSlash = str.substring(0, lastSlashIndex); - if (!fs_1.default.existsSync('app/' + strBeforeLastSlash)) { + if (!fs_1.default.existsSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + strBeforeLastSlash)) { console.log('Destination directory does not exist lest create it'); - fs_1.default.mkdirSync('app/' + strBeforeLastSlash, { recursive: true }); + fs_1.default.mkdirSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + strBeforeLastSlash, { recursive: true }); } - fs_1.default.copyFileSync(flawInfo.sourceFile, 'app/' + flawInfo.sourceFile); + fs_1.default.copyFileSync(flawInfo.sourceFile, constants_2.tempFolder + constants_1.sourcecodeFolderName + flawInfo.sourceFile); } } else { @@ -54081,7 +54104,7 @@ function runBatch(options, credentials) { } } ; - if (!fs_1.default.existsSync('app')) { // nothing to fix as no files with conditions met + if (!fs_1.default.existsSync(constants_2.tempFolder + constants_1.sourcecodeFolderName)) { // nothing to fix as no files with conditions met console.log("nothing to fix as no files with conditions met"); process.exit(0); } @@ -54375,6 +54398,7 @@ function createTar(initialFlawInfo, options) { catch (err) { // File does not exist console.error('Tar cannot be created'); + process.exit(1); //exit with error since we cannot proceed } }); } diff --git a/src/index.ts b/src/index.ts index 6658686..90f1640 100644 --- a/src/index.ts +++ b/src/index.ts @@ -3,6 +3,8 @@ import { runSingle } from './run_single'; import { runBatch } from './run_batch'; import fs from 'fs'; import { json } from 'stream/consumers'; +import { sourcecodeFolderName } from './constants'; +import { tempFolder } from './constants'; let credentials:any = {} @@ -40,6 +42,9 @@ const resultsFile = fs.readFileSync(options.file, 'utf8') if (options.DEBUG == 'true'){ console.log('#######- DEBUG MODE -#######') + console.log('process.env.RUNNER_TEMP= ' +process.env.RUNNER_TEMP) + console.log('source folder = ' + sourcecodeFolderName) + console.log('temp folder = ' + tempFolder) console.log('results.json: '+resultsFile) console.log('checking if items are present to fix: ') console.log('#######- DEBUG MODE -#######') diff --git a/src/run_batch.ts b/src/run_batch.ts index 385d007..9bcbe38 100644 --- a/src/run_batch.ts +++ b/src/run_batch.ts @@ -8,7 +8,10 @@ import { execSync } from 'child_process'; import { createCheckRun, updateCheckRunClose, updateCheckRunUpdateBatch } from './checkRun'; import { rewritePath } from './rewritePath' import { createPR } from './create_pr' +//app +import { sourcecodeFolderName } from './constants'; +import {tempFolder} from './constants' export async function runBatch( options:any, credentials:any){ //read json file @@ -128,22 +131,22 @@ export async function runBatch( options:any, credentials:any){ const flawFoldername = 'cwe-'+flawInfo.CWEId+'-line-'+flawInfo.line+'-issue-'+flawInfo.issueId const flawFilenane = 'flaw_'+flawInfo.issueId+'.json' console.log('Writing flaw to: app/'+flawFoldername+'/'+flawFilenane) - fs.mkdirSync('app/flaws/'+flawFoldername, { recursive: true }); - fs.writeFileSync('app/flaws/'+flawFoldername+'/'+flawFilenane, JSON.stringify(flawInfo, null, 2)) + fs.mkdirSync(tempFolder + sourcecodeFolderName + 'flaws/'+flawFoldername, { recursive: true }); + fs.writeFileSync(tempFolder + sourcecodeFolderName + '/flaws/'+flawFoldername+'/'+flawFilenane, JSON.stringify(flawInfo, null, 2)) - if (fs.existsSync('app/'+flawInfo.sourceFile)) { + if (fs.existsSync(tempFolder + sourcecodeFolderName + flawInfo.sourceFile)) { console.log('File exists nothing to do'); } else { console.log('File does not exist, copying file'); let str = flawInfo.sourceFile; let lastSlashIndex = str.lastIndexOf('/'); let strBeforeLastSlash = str.substring(0, lastSlashIndex); - if (!fs.existsSync('app/'+strBeforeLastSlash)) { + if (!fs.existsSync(tempFolder + sourcecodeFolderName + strBeforeLastSlash)) { console.log('Destination directory does not exist lest create it'); - fs.mkdirSync('app/'+strBeforeLastSlash, { recursive: true }); + fs.mkdirSync(tempFolder + sourcecodeFolderName + strBeforeLastSlash, { recursive: true }); } - fs.copyFileSync(flawInfo.sourceFile, 'app/'+flawInfo.sourceFile) + fs.copyFileSync(flawInfo.sourceFile, tempFolder + sourcecodeFolderName + flawInfo.sourceFile); } } else { @@ -164,22 +167,22 @@ export async function runBatch( options:any, credentials:any){ const flawFoldername = 'cwe-'+flawInfo.CWEId+'-line-'+flawInfo.line+'-issue-'+flawInfo.issueId const flawFilenane = 'flaw_'+flawInfo.issueId+'.json' console.log('Writing flaw to: app/flaws/'+flawFoldername+'/'+flawFilenane) - fs.mkdirSync('app/flaws/'+flawFoldername, { recursive: true }); - fs.writeFileSync('app/flaws/'+flawFoldername+'/'+flawFilenane, JSON.stringify(flawInfo, null, 2)) + fs.mkdirSync(tempFolder + sourcecodeFolderName+'flaws/'+flawFoldername, { recursive: true }); + fs.writeFileSync(tempFolder + sourcecodeFolderName+'flaws/'+flawFoldername+'/'+flawFilenane, JSON.stringify(flawInfo, null, 2)) - if (fs.existsSync('app/'+flawInfo.sourceFile)) { + if (fs.existsSync(tempFolder + sourcecodeFolderName+flawInfo.sourceFile)) { console.log('File exists nothing to do'); } else { console.log('File does not exist, copying file'); let str = flawInfo.sourceFile; let lastSlashIndex = str.lastIndexOf('/'); let strBeforeLastSlash = str.substring(0, lastSlashIndex); - if (!fs.existsSync('app/'+strBeforeLastSlash)) { + if (!fs.existsSync(tempFolder + sourcecodeFolderName+strBeforeLastSlash)) { console.log('Destination directory does not exist lest create it'); - fs.mkdirSync('app/'+strBeforeLastSlash, { recursive: true }); + fs.mkdirSync(tempFolder + sourcecodeFolderName+strBeforeLastSlash, { recursive: true }); } - fs.copyFileSync(flawInfo.sourceFile, 'app/'+flawInfo.sourceFile) + fs.copyFileSync(flawInfo.sourceFile, tempFolder + sourcecodeFolderName+flawInfo.sourceFile) } } @@ -191,7 +194,7 @@ export async function runBatch( options:any, credentials:any){ } }; - if (!fs.existsSync('app')) { // nothing to fix as no files with conditions met + if (!fs.existsSync(tempFolder + sourcecodeFolderName)) { // nothing to fix as no files with conditions met console.log("nothing to fix as no files with conditions met"); process.exit(0); } From dbff4fddc25a72ae333763624608baa88fac8b5f Mon Sep 17 00:00:00 2001 From: Sany Anton Cyrus Date: Thu, 10 Oct 2024 18:08:50 +0530 Subject: [PATCH 03/10] sourcecode zip folder logic refactor --- dist/index.js | 6 +++--- src/constants.ts | 3 +++ src/run_batch.ts | 4 ++-- 3 files changed, 8 insertions(+), 5 deletions(-) create mode 100644 src/constants.ts diff --git a/dist/index.js b/dist/index.js index 3327f77..268efa1 100644 --- a/dist/index.js +++ b/dist/index.js @@ -52622,7 +52622,7 @@ Object.defineProperty(exports, "__esModule", ({ value: true })); exports.tempFolder = exports.sourcecodeFolderName = void 0; exports.sourcecodeFolderName = 'app/'; //export temp folder value from github action -exports.tempFolder = process.env.RUNNER_TEMP || ''; +exports.tempFolder = process.env.RUNNER_TEMP ? (process.env.RUNNER_TEMP + '/') : ''; /***/ }), @@ -54110,9 +54110,9 @@ function runBatch(options, credentials) { } //create the tar after all files are created and copied // the tr for the batch run has to be crearted with the local tar. The node moldule is not working - const tarball = (0, child_process_1.execSync)('tar -czf app.tar.gz -C app .'); + const tarball = (0, child_process_1.execSync)(`tar -czf app.tar.gz -C ${constants_2.tempFolder + constants_1.sourcecodeFolderName} .`); console.log('Tar is created'); - const projectID = yield (0, requests_1.uploadBatch)(credentials, 'app.tar.gz', options); + const projectID = yield (0, requests_1.uploadBatch)(credentials, (constants_2.tempFolder + 'app.tar.gz'), options); console.log('Project ID is: ' + projectID); const checkBatchFixStatus = yield (0, requests_1.checkFixBatch)(credentials, projectID, options); if (checkBatchFixStatus == 1) { diff --git a/src/constants.ts b/src/constants.ts new file mode 100644 index 0000000..2fa41a6 --- /dev/null +++ b/src/constants.ts @@ -0,0 +1,3 @@ +export const sourcecodeFolderName = 'app/'; +//export temp folder value from github action +export const tempFolder = process.env.RUNNER_TEMP ? (process.env.RUNNER_TEMP + '/') : ''; \ No newline at end of file diff --git a/src/run_batch.ts b/src/run_batch.ts index 9bcbe38..3d80353 100644 --- a/src/run_batch.ts +++ b/src/run_batch.ts @@ -201,10 +201,10 @@ export async function runBatch( options:any, credentials:any){ //create the tar after all files are created and copied // the tr for the batch run has to be crearted with the local tar. The node moldule is not working - const tarball = execSync('tar -czf app.tar.gz -C app .'); + const tarball = execSync(`tar -czf app.tar.gz -C ${tempFolder + sourcecodeFolderName} .`); console.log('Tar is created'); - const projectID = await uploadBatch(credentials, 'app.tar.gz', options) + const projectID = await uploadBatch(credentials, (tempFolder+'app.tar.gz'), options) console.log('Project ID is: '+projectID) const checkBatchFixStatus = await checkFixBatch(credentials, projectID, options) From 8e688a3e4641cc627daf3d3dd1d6ef9baf40c411 Mon Sep 17 00:00:00 2001 From: Sany Anton Cyrus Date: Fri, 11 Oct 2024 14:11:03 +0530 Subject: [PATCH 04/10] sourcecode zip folder logic refactor --- dist/index.js | 5 +++++ src/run_batch.ts | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/dist/index.js b/dist/index.js index 268efa1..5c089ed 100644 --- a/dist/index.js +++ b/dist/index.js @@ -53998,6 +53998,11 @@ function runBatch(options, credentials) { language: options.language, sourceFile: sourceFile, }; + if (options.DEBUG == 'true') { + console.log('#######- DEBUG MODE -#######'); + console.log('initialFlawInfo', initialFlawInfo); + console.log('#######- DEBUG MODE -#######'); + } let include = 0; if (options.files == 'changed') { console.log('Checking if file is part of PR'); diff --git a/src/run_batch.ts b/src/run_batch.ts index 3d80353..35316ca 100644 --- a/src/run_batch.ts +++ b/src/run_batch.ts @@ -73,6 +73,11 @@ export async function runBatch( options:any, credentials:any){ language: options.language, sourceFile: sourceFile, } + if (options.DEBUG == 'true'){ + console.log('#######- DEBUG MODE -#######') + console.log('initialFlawInfo',initialFlawInfo) + console.log('#######- DEBUG MODE -#######') + } let include = 0 if ( options.files == 'changed' ){ From d043cf74de9ada118298e960d3d83a568380fe21 Mon Sep 17 00:00:00 2001 From: Sany Anton Cyrus Date: Fri, 11 Oct 2024 14:29:36 +0530 Subject: [PATCH 05/10] sourcecode zip folder logic refactor --- dist/index.js | 72 +++++++++++++++++++++------------------- src/check_cwe_support.ts | 28 ++-------------- src/constants.ts | 27 ++++++++++++++- 3 files changed, 66 insertions(+), 61 deletions(-) diff --git a/dist/index.js b/dist/index.js index 5c089ed..08693a1 100644 --- a/dist/index.js +++ b/dist/index.js @@ -52384,10 +52384,11 @@ exports.updateCheckRunClose = updateCheckRunClose; /***/ }), /***/ 3449: -/***/ (function(__unused_webpack_module, exports) { +/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) { "use strict"; +//move CWESupportmatrix to constants file and import here var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { @@ -52399,35 +52400,12 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge }; Object.defineProperty(exports, "__esModule", ({ value: true })); exports.checkCWE = void 0; -const CWESupportMatrix = { - "individual": { - "java": ["117", "80", "404", "159", "209", "597", "89", "611", "331", "327", "113", "601", "502"], - "cs": ["80", "117", "352", "73", "404", "89", "209", "316", "601", "327", "331", "611"], - "js": ["80", "117", "89", "73", "601", "352", "78", "209", "327", "312", "614", "311", "611", "113"], - "php": ["80", "73", "89", "117"], - "py": ["80", "73", "331", "327", "295", "601", "78", "89", "757"], - "kotlin": ["80", "89", "113", "117", "331", "404"], - "scala": ["611", "117", "80", "78"], - "go": ["73", "78", "117"], - "ruby": ["73", "80", "89", "117", "601"] - }, - "batch": { - "java": ["117", "80", "404", "159", "209", "597", "89", "611", "331", "113"], - "cs": ["80", "117", "352", "404", "89", "209", "316", "331", "611"], - "js": ["80", "117", "89", "352", "78", "209", "614", "611", "113"], - "php": ["80", "89", "117"], - "py": ["80", "331", "295", "78", "89", "757"], - "kotlin": ["80", "89", "113", "117", "331", "404"], - "scala": ["611", "117", "80", "78"], - "go": ["73", "78", "117"], - "ruby": ["73", "80", "89", "117", "601"] - } -}; +const constants_1 = __nccwpck_require__(3691); function checkCWE(flawInfo_1, options_1) { return __awaiter(this, arguments, void 0, function* (flawInfo, options, batchFix = false) { if (flawInfo.language == 'java') { console.log('CWE check for Java'); - const supportedCWEs = batchFix ? CWESupportMatrix.batch.java : CWESupportMatrix.individual.java; + const supportedCWEs = batchFix ? constants_1.CWESupportMatrix.batch.java : constants_1.CWESupportMatrix.individual.java; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52441,7 +52419,7 @@ function checkCWE(flawInfo_1, options_1) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); console.log('check_cwe_support.ts'); - console.log('Checks - CWE ' + flawInfo.CWE + ' is not supported Java'); + console.log('Checks - CWE ' + flawInfo.cweID + ' is not supported Java'); console.log('#######- DEBUG MODE -#######'); } return false; @@ -52449,7 +52427,7 @@ function checkCWE(flawInfo_1, options_1) { } else if (flawInfo.language == 'csharp') { console.log('CWE check for C#'); - const supportedCWEs = batchFix ? CWESupportMatrix.batch.cs : CWESupportMatrix.individual.cs; + const supportedCWEs = batchFix ? constants_1.CWESupportMatrix.batch.cs : constants_1.CWESupportMatrix.individual.cs; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52476,7 +52454,7 @@ function checkCWE(flawInfo_1, options_1) { console.log('CWE check for JavaScript'); console.log('#######- DEBUG MODE -#######'); } - const supportedCWEs = batchFix ? CWESupportMatrix.batch.js : CWESupportMatrix.individual.js; + const supportedCWEs = batchFix ? constants_1.CWESupportMatrix.batch.js : constants_1.CWESupportMatrix.individual.js; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52498,7 +52476,7 @@ function checkCWE(flawInfo_1, options_1) { } else if (flawInfo.language == 'python') { console.log('CWE check for Python'); - const supportedCWEs = batchFix ? CWESupportMatrix.batch.py : CWESupportMatrix.individual.py; + const supportedCWEs = batchFix ? constants_1.CWESupportMatrix.batch.py : constants_1.CWESupportMatrix.individual.py; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52520,7 +52498,7 @@ function checkCWE(flawInfo_1, options_1) { } else if (flawInfo.language == 'php') { console.log('CWE check for PHP'); - const supportedCWEs = batchFix ? CWESupportMatrix.batch.php : CWESupportMatrix.individual.php; + const supportedCWEs = batchFix ? constants_1.CWESupportMatrix.batch.php : constants_1.CWESupportMatrix.individual.php; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52542,7 +52520,7 @@ function checkCWE(flawInfo_1, options_1) { } else if (flawInfo.language == 'scala') { console.log('CWE check for Scala'); - const supportedCWEs = batchFix ? CWESupportMatrix.batch.scala : CWESupportMatrix.individual.scala; + const supportedCWEs = batchFix ? constants_1.CWESupportMatrix.batch.scala : constants_1.CWESupportMatrix.individual.scala; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52564,7 +52542,7 @@ function checkCWE(flawInfo_1, options_1) { } else if (flawInfo.language == 'kotlin') { console.log('CWE check for Kotlin'); - const supportedCWEs = batchFix ? CWESupportMatrix.batch.kotlin : CWESupportMatrix.individual.kotlin; + const supportedCWEs = batchFix ? constants_1.CWESupportMatrix.batch.kotlin : constants_1.CWESupportMatrix.individual.kotlin; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52586,7 +52564,7 @@ function checkCWE(flawInfo_1, options_1) { } else if (flawInfo.language == 'go') { console.log('CWE check for Go'); - const supportedCWEs = batchFix ? CWESupportMatrix.batch.go : CWESupportMatrix.individual.go; + const supportedCWEs = batchFix ? constants_1.CWESupportMatrix.batch.go : constants_1.CWESupportMatrix.individual.go; if (supportedCWEs.includes(flawInfo.cweID)) { if (options.DEBUG == 'true') { console.log('#######- DEBUG MODE -#######'); @@ -52619,10 +52597,34 @@ exports.checkCWE = checkCWE; "use strict"; Object.defineProperty(exports, "__esModule", ({ value: true })); -exports.tempFolder = exports.sourcecodeFolderName = void 0; +exports.CWESupportMatrix = exports.tempFolder = exports.sourcecodeFolderName = void 0; exports.sourcecodeFolderName = 'app/'; //export temp folder value from github action exports.tempFolder = process.env.RUNNER_TEMP ? (process.env.RUNNER_TEMP + '/') : ''; +exports.CWESupportMatrix = { + "individual": { + "java": [117, 80, 404, 159, 209, 597, 89, 611, 331, 327, 113, 601, 502], + "cs": [80, 117, 352, 73, 404, 89, 209, 316, 601, 327, 331, 611], + "js": [80, 117, 89, 73, 601, 352, 78, 209, 327, 312, 614, 311, 611, 113], + "php": [80, 73, 89, 117], + "py": [80, 73, 331, 327, 295, 601, 78, 89, 757], + "kotlin": [80, 89, 113, 117, 331, 404], + "scala": [611, 117, 80, 78], + "go": [73, 78, 117], + "ruby": [73, 80, 89, 117, 601] + }, + "batch": { + "java": [117, 80, 404, 159, 209, 597, 89, 611, 331, 113], + "cs": [80, 117, 352, 404, 89, 209, 316, 331, 611], + "js": [80, 117, 89, 352, 78, 209, 614, 611, 113], + "php": [80, 89, 117], + "py": [80, 331, 295, 78, 89, 757], + "kotlin": [80, 89, 113, 117, 331, 404], + "scala": [611, 117, 80, 78], + "go": [73, 78, 117], + "ruby": [73, 80, 89, 117, 601] + } +}; /***/ }), diff --git a/src/check_cwe_support.ts b/src/check_cwe_support.ts index 7d663a6..d0e9571 100644 --- a/src/check_cwe_support.ts +++ b/src/check_cwe_support.ts @@ -1,28 +1,6 @@ +//move CWESupportmatrix to constants file and import here -const CWESupportMatrix = { - "individual": { - "java": ["117", "80", "404", "159", "209", "597", "89", "611", "331", "327", "113", "601", "502"], - "cs": ["80", "117", "352", "73", "404", "89", "209", "316", "601", "327", "331", "611"], - "js": ["80", "117", "89", "73", "601", "352", "78", "209", "327", "312", "614", "311", "611", "113"], - "php": ["80", "73", "89", "117"], - "py": ["80", "73", "331", "327", "295", "601", "78", "89", "757"], - "kotlin": ["80", "89", "113", "117", "331", "404"], - "scala": ["611", "117", "80", "78"], - "go": ["73", "78", "117"], - "ruby": ["73", "80", "89", "117", "601"] - }, - "batch": { - "java": ["117", "80", "404", "159", "209", "597", "89", "611", "331", "113"], - "cs": ["80", "117", "352", "404", "89", "209", "316", "331", "611"], - "js": ["80", "117", "89", "352", "78", "209", "614", "611", "113"], - "php": ["80", "89", "117"], - "py": ["80", "331", "295", "78", "89", "757"], - "kotlin": ["80", "89", "113", "117", "331", "404"], - "scala": ["611", "117", "80", "78"], - "go": ["73", "78", "117"], - "ruby": ["73", "80", "89", "117", "601"] - } - } +import { CWESupportMatrix } from './constants' export async function checkCWE(flawInfo:any, options:any,batchFix=false){ if (flawInfo.language == 'java'){ @@ -42,7 +20,7 @@ export async function checkCWE(flawInfo:any, options:any,batchFix=false){ if (options.DEBUG == 'true'){ console.log('#######- DEBUG MODE -#######') console.log('check_cwe_support.ts') - console.log('Checks - CWE '+flawInfo.CWE+' is not supported Java') + console.log('Checks - CWE '+flawInfo.cweID+' is not supported Java') console.log('#######- DEBUG MODE -#######') } return false diff --git a/src/constants.ts b/src/constants.ts index 2fa41a6..b081e14 100644 --- a/src/constants.ts +++ b/src/constants.ts @@ -1,3 +1,28 @@ export const sourcecodeFolderName = 'app/'; //export temp folder value from github action -export const tempFolder = process.env.RUNNER_TEMP ? (process.env.RUNNER_TEMP + '/') : ''; \ No newline at end of file +export const tempFolder = process.env.RUNNER_TEMP ? (process.env.RUNNER_TEMP + '/') : ''; + +export const CWESupportMatrix = { + "individual": { + "java": [117, 80, 404, 159, 209, 597, 89, 611, 331, 327, 113, 601, 502], + "cs": [80, 117, 352, 73, 404, 89, 209, 316, 601, 327, 331, 611], + "js": [80, 117, 89, 73, 601, 352, 78, 209, 327, 312, 614, 311, 611, 113], + "php": [80, 73, 89, 117], + "py": [80, 73, 331, 327, 295, 601, 78, 89, 757], + "kotlin": [80, 89, 113, 117, 331, 404], + "scala": [611, 117, 80, 78], + "go": [73, 78, 117], + "ruby": [73, 80, 89, 117, 601] + }, + "batch": { + "java": [117, 80, 404, 159, 209, 597, 89, 611, 331, 113], + "cs": [80, 117, 352, 404, 89, 209, 316, 331, 611], + "js": [80, 117, 89, 352, 78, 209, 614, 611, 113], + "php": [80, 89, 117], + "py": [80, 331, 295, 78, 89, 757], + "kotlin": [80, 89, 113, 117, 331, 404], + "scala": [611, 117, 80, 78], + "go": [73, 78, 117], + "ruby": [73, 80, 89, 117, 601] + } + } \ No newline at end of file From d8784611370bb988d4a67ee9ed9ce5965261f725 Mon Sep 17 00:00:00 2001 From: Sany Anton Cyrus Date: Fri, 11 Oct 2024 15:55:09 +0530 Subject: [PATCH 06/10] Moved source code zip location to temp folder --- dist/index.js | 10 +++++----- src/run_batch.ts | 6 +++--- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/dist/index.js b/dist/index.js index 08693a1..3c4437e 100644 --- a/dist/index.js +++ b/dist/index.js @@ -53588,10 +53588,10 @@ function upload(platform, tar, options) { } exports.upload = upload; //app -function uploadBatch(credentials, tar, options) { +function uploadBatch(credentials, tarPath, options) { return __awaiter(this, void 0, void 0, function* () { const platform = yield (0, select_platform_1.selectPlatfrom)(credentials); - const fileBuffer = fs_1.default.readFileSync('app.tar.gz'); + const fileBuffer = fs_1.default.readFileSync(tarPath); const formData = new form_data_1.default(); formData.append('data', fileBuffer, 'app.tar.gz'); formData.append('name', 'data'); @@ -54052,7 +54052,7 @@ function runBatch(options, credentials) { //write flaw info and source file const flawFoldername = 'cwe-' + flawInfo.CWEId + '-line-' + flawInfo.line + '-issue-' + flawInfo.issueId; const flawFilenane = 'flaw_' + flawInfo.issueId + '.json'; - console.log('Writing flaw to: app/' + flawFoldername + '/' + flawFilenane); + console.log(`Writing flaw to: ${constants_2.tempFolder + constants_1.sourcecodeFolderName}` + flawFoldername + '/' + flawFilenane); fs_1.default.mkdirSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + 'flaws/' + flawFoldername, { recursive: true }); fs_1.default.writeFileSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + '/flaws/' + flawFoldername + '/' + flawFilenane, JSON.stringify(flawInfo, null, 2)); if (fs_1.default.existsSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + flawInfo.sourceFile)) { @@ -54085,7 +54085,7 @@ function runBatch(options, credentials) { //write flaw info and source file const flawFoldername = 'cwe-' + flawInfo.CWEId + '-line-' + flawInfo.line + '-issue-' + flawInfo.issueId; const flawFilenane = 'flaw_' + flawInfo.issueId + '.json'; - console.log('Writing flaw to: app/flaws/' + flawFoldername + '/' + flawFilenane); + console.log(`Writing flaw to: ${constants_2.tempFolder + constants_1.sourcecodeFolderName}` + flawFoldername + '/' + flawFilenane); fs_1.default.mkdirSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + 'flaws/' + flawFoldername, { recursive: true }); fs_1.default.writeFileSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + 'flaws/' + flawFoldername + '/' + flawFilenane, JSON.stringify(flawInfo, null, 2)); if (fs_1.default.existsSync(constants_2.tempFolder + constants_1.sourcecodeFolderName + flawInfo.sourceFile)) { @@ -54117,7 +54117,7 @@ function runBatch(options, credentials) { } //create the tar after all files are created and copied // the tr for the batch run has to be crearted with the local tar. The node moldule is not working - const tarball = (0, child_process_1.execSync)(`tar -czf app.tar.gz -C ${constants_2.tempFolder + constants_1.sourcecodeFolderName} .`); + const tarball = (0, child_process_1.execSync)(`tar -czf ${constants_2.tempFolder}app.tar.gz -C ${constants_2.tempFolder + constants_1.sourcecodeFolderName} .`); console.log('Tar is created'); const projectID = yield (0, requests_1.uploadBatch)(credentials, (constants_2.tempFolder + 'app.tar.gz'), options); console.log('Project ID is: ' + projectID); diff --git a/src/run_batch.ts b/src/run_batch.ts index 35316ca..55c8f17 100644 --- a/src/run_batch.ts +++ b/src/run_batch.ts @@ -135,7 +135,7 @@ export async function runBatch( options:any, credentials:any){ //write flaw info and source file const flawFoldername = 'cwe-'+flawInfo.CWEId+'-line-'+flawInfo.line+'-issue-'+flawInfo.issueId const flawFilenane = 'flaw_'+flawInfo.issueId+'.json' - console.log('Writing flaw to: app/'+flawFoldername+'/'+flawFilenane) + console.log(`Writing flaw to: ${tempFolder + sourcecodeFolderName}`+flawFoldername+'/'+flawFilenane) fs.mkdirSync(tempFolder + sourcecodeFolderName + 'flaws/'+flawFoldername, { recursive: true }); fs.writeFileSync(tempFolder + sourcecodeFolderName + '/flaws/'+flawFoldername+'/'+flawFilenane, JSON.stringify(flawInfo, null, 2)) @@ -171,7 +171,7 @@ export async function runBatch( options:any, credentials:any){ //write flaw info and source file const flawFoldername = 'cwe-'+flawInfo.CWEId+'-line-'+flawInfo.line+'-issue-'+flawInfo.issueId const flawFilenane = 'flaw_'+flawInfo.issueId+'.json' - console.log('Writing flaw to: app/flaws/'+flawFoldername+'/'+flawFilenane) + console.log(`Writing flaw to: ${tempFolder + sourcecodeFolderName}`+flawFoldername+'/'+flawFilenane) fs.mkdirSync(tempFolder + sourcecodeFolderName+'flaws/'+flawFoldername, { recursive: true }); fs.writeFileSync(tempFolder + sourcecodeFolderName+'flaws/'+flawFoldername+'/'+flawFilenane, JSON.stringify(flawInfo, null, 2)) @@ -206,7 +206,7 @@ export async function runBatch( options:any, credentials:any){ //create the tar after all files are created and copied // the tr for the batch run has to be crearted with the local tar. The node moldule is not working - const tarball = execSync(`tar -czf app.tar.gz -C ${tempFolder + sourcecodeFolderName} .`); + const tarball = execSync(`tar -czf ${tempFolder}app.tar.gz -C ${tempFolder + sourcecodeFolderName} .`); console.log('Tar is created'); const projectID = await uploadBatch(credentials, (tempFolder+'app.tar.gz'), options) From 007837eb418980310633108c684861614e4bb094 Mon Sep 17 00:00:00 2001 From: Sany Anton Cyrus Date: Mon, 14 Oct 2024 13:52:01 +0530 Subject: [PATCH 07/10] clean up: removed unwanted comments --- src/run_batch.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/src/run_batch.ts b/src/run_batch.ts index 55c8f17..87c6dca 100644 --- a/src/run_batch.ts +++ b/src/run_batch.ts @@ -8,7 +8,6 @@ import { execSync } from 'child_process'; import { createCheckRun, updateCheckRunClose, updateCheckRunUpdateBatch } from './checkRun'; import { rewritePath } from './rewritePath' import { createPR } from './create_pr' -//app import { sourcecodeFolderName } from './constants'; import {tempFolder} from './constants' From 66058b0cf8354a67e147a7877d5b09a8a699f52b Mon Sep 17 00:00:00 2001 From: Sany Anton Cyrus Date: Mon, 14 Oct 2024 13:53:53 +0530 Subject: [PATCH 08/10] clean up: removed unwanted comments --- dist/index.js | 2 -- 1 file changed, 2 deletions(-) diff --git a/dist/index.js b/dist/index.js index 3c4437e..b614d84 100644 --- a/dist/index.js +++ b/dist/index.js @@ -53948,7 +53948,6 @@ const child_process_1 = __nccwpck_require__(2081); const checkRun_1 = __nccwpck_require__(9881); const rewritePath_1 = __nccwpck_require__(7415); const create_pr_1 = __nccwpck_require__(8931); -//app const constants_1 = __nccwpck_require__(3691); const constants_2 = __nccwpck_require__(3691); function runBatch(options, credentials) { @@ -54405,7 +54404,6 @@ function createTar(initialFlawInfo, options) { catch (err) { // File does not exist console.error('Tar cannot be created'); - process.exit(1); //exit with error since we cannot proceed } }); } From 15f9df9a5933dc3cbc05137923fc830c0a3593c2 Mon Sep 17 00:00:00 2001 From: Sany Anton Cyrus Date: Wed, 16 Oct 2024 12:42:29 +0530 Subject: [PATCH 09/10] sourcecode zip folder logic refactor --- src/requests.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/requests.ts b/src/requests.ts index 920d8a3..88bd813 100644 --- a/src/requests.ts +++ b/src/requests.ts @@ -60,12 +60,12 @@ export async function upload(platform:any, tar:any, options:any) { } } - -export async function uploadBatch(credentials:any, tar:any, options:any) { +//app +export async function uploadBatch(credentials:any, tarPath:any, options:any) { const platform:any = await selectPlatfrom(credentials) - const fileBuffer: Buffer = fs.readFileSync('app.tar.gz'); + const fileBuffer: Buffer = fs.readFileSync(tarPath); const formData = new FormData(); formData.append('data', fileBuffer, 'app.tar.gz'); formData.append('name', 'data'); From 94c519f9ce843c25e8648df3dc8dc5ce152dacc7 Mon Sep 17 00:00:00 2001 From: Sany Anton Cyrus Date: Wed, 16 Oct 2024 12:44:58 +0530 Subject: [PATCH 10/10] clean up: removed unwanted comments --- dist/index.js | 2 +- src/requests.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/dist/index.js b/dist/index.js index b614d84..7e198c1 100644 --- a/dist/index.js +++ b/dist/index.js @@ -53587,7 +53587,6 @@ function upload(platform, tar, options) { }); } exports.upload = upload; -//app function uploadBatch(credentials, tarPath, options) { return __awaiter(this, void 0, void 0, function* () { const platform = yield (0, select_platform_1.selectPlatfrom)(credentials); @@ -54404,6 +54403,7 @@ function createTar(initialFlawInfo, options) { catch (err) { // File does not exist console.error('Tar cannot be created'); + process.exit(1); //exit with error since we cannot proceed } }); } diff --git a/src/requests.ts b/src/requests.ts index 88bd813..cc2b537 100644 --- a/src/requests.ts +++ b/src/requests.ts @@ -60,7 +60,7 @@ export async function upload(platform:any, tar:any, options:any) { } } -//app + export async function uploadBatch(credentials:any, tarPath:any, options:any) { const platform:any = await selectPlatfrom(credentials)