@appland/scanner
Advanced tools
Comparing version 1.82.1 to 1.83.0
@@ -22,4 +22,2 @@ "use strict"; | ||
const formatReport_1 = require("./formatReport"); | ||
const telemetry_1 = __importDefault(require("../../telemetry")); | ||
const scanResults_1 = require("../../report/scanResults"); | ||
const util_1 = require("../../rules/lib/util"); | ||
@@ -30,8 +28,2 @@ const validateFile_1 = __importDefault(require("../validateFile")); | ||
const { appmapFile, appmapDir, configuration, reportAllFindings, appId, ide, reportFile } = options; | ||
telemetry_1.default.sendEvent({ | ||
name: 'scan:started', | ||
properties: { | ||
ide, | ||
}, | ||
}); | ||
const skipErrors = appmapDir !== undefined; | ||
@@ -64,11 +56,4 @@ const files = yield (0, util_1.collectAppMapFiles)(appmapFile, appmapDir); | ||
console.log(`Performed ${numChecks} checks in ${elapsed}ms (${Math.floor(numChecks / (elapsed / 1000.0))} checks/sec)`); | ||
(0, scanResults_1.sendScanResultsTelemetry)({ | ||
ruleIds: scanResults.summary.rules, | ||
numAppMaps: scanResults.summary.numAppMaps, | ||
numFindings: scanResults.summary.numFindings, | ||
elapsedMs: elapsed, | ||
appmapDir: options.appmapDir, | ||
}); | ||
}); | ||
} | ||
exports.default = singleScan; |
@@ -50,3 +50,2 @@ "use strict"; | ||
const events_1 = __importDefault(require("events")); | ||
const watchScanTelemetry_1 = require("./watchScanTelemetry"); | ||
const isAncestorPath_1 = __importDefault(require("../../util/isAncestorPath")); | ||
@@ -84,3 +83,2 @@ const util_1 = require("util"); | ||
this.processing = new Set(); | ||
watchScanTelemetry_1.WatchScanTelemetry.watch(this.scanEventEmitter, options.appmapDir); | ||
this.queue.error((error, task) => console.warn(`Problem processing ${task}:\n`, error)); | ||
@@ -91,5 +89,2 @@ } | ||
yield this.reloadConfig(); | ||
telemetry_1.default.sendEvent({ | ||
name: 'scan:started', | ||
}); | ||
this.configWatcher = chokidar.watch(this.options.configFile, { | ||
@@ -96,0 +91,0 @@ ignoreInitial: true, |
"use strict"; | ||
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { | ||
if (k2 === undefined) k2 = k; | ||
var desc = Object.getOwnPropertyDescriptor(m, k); | ||
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { | ||
desc = { enumerable: true, get: function() { return m[k]; } }; | ||
} | ||
Object.defineProperty(o, k2, desc); | ||
}) : (function(o, m, k, k2) { | ||
if (k2 === undefined) k2 = k; | ||
o[k2] = m[k]; | ||
})); | ||
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { | ||
Object.defineProperty(o, "default", { enumerable: true, value: v }); | ||
}) : function(o, v) { | ||
o["default"] = v; | ||
}); | ||
var __importStar = (this && this.__importStar) || function (mod) { | ||
if (mod && mod.__esModule) return mod; | ||
var result = {}; | ||
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); | ||
__setModuleDefault(result, mod); | ||
return result; | ||
}; | ||
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { | ||
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } | ||
return new (P || (P = Promise))(function (resolve, reject) { | ||
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } | ||
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } | ||
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } | ||
step((generator = generator.apply(thisArg, _arguments || [])).next()); | ||
}); | ||
}; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.sendScanResultsTelemetry = exports.ScanResults = void 0; | ||
const telemetry_1 = __importStar(require("../telemetry")); | ||
exports.ScanResults = void 0; | ||
class DistinctItems { | ||
@@ -121,22 +88,1 @@ constructor() { | ||
exports.ScanResults = ScanResults; | ||
function sendScanResultsTelemetry(telemetry) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const gitState = telemetry_1.GitState[yield telemetry_1.Git.state(telemetry.appmapDir)]; | ||
const contributors = (yield telemetry_1.Git.contributors(60, telemetry.appmapDir)).length; | ||
telemetry_1.default.sendEvent({ | ||
name: 'scan:completed', | ||
properties: { | ||
rules: telemetry.ruleIds.sort().join(', '), | ||
git_state: gitState, | ||
}, | ||
metrics: { | ||
duration: telemetry.elapsedMs / 1000, | ||
numRules: telemetry.ruleIds.length, | ||
numAppMaps: telemetry.numAppMaps, | ||
numFindings: telemetry.numFindings, | ||
contributors: contributors, | ||
}, | ||
}, { includeEnvironment: true }); | ||
}); | ||
} | ||
exports.sendScanResultsTelemetry = sendScanResultsTelemetry; |
@@ -38,3 +38,3 @@ "use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.Git = exports.GitState = void 0; | ||
exports.Git = exports.GitCommitEnvKeys = exports.GitBranchEnvKeys = exports.GitRepositoryEnvKeys = exports.GitState = void 0; | ||
const os_1 = require("os"); | ||
@@ -242,2 +242,22 @@ const crypto_1 = require("crypto"); | ||
})(GitState = exports.GitState || (exports.GitState = {})); | ||
exports.GitRepositoryEnvKeys = [ | ||
'GITHUB_REPOSITORY', | ||
'CIRCLE_REPOSITORY_URL', | ||
'GIT_URL', | ||
'CI_REPOSITORY_URL', // GitLab | ||
]; | ||
exports.GitBranchEnvKeys = [ | ||
'GITHUB_REF_NAME', | ||
'CIRCLE_BRANCH', | ||
'GIT_BRANCH', | ||
'TRAVIS_BRANCH', | ||
'CI_COMMIT_REF_NAME', // GitLab | ||
]; | ||
exports.GitCommitEnvKeys = [ | ||
'GITHUB_SHA', | ||
'CIRCLE_SHA1', | ||
'GIT_COMMIT', | ||
'TRAVIS_COMMIT', | ||
'CI_COMMIT_SHA', // GitLab | ||
]; | ||
class GitProperties { | ||
@@ -272,2 +292,50 @@ static contributors(sinceDaysAgo, cwd) { | ||
} | ||
// Returns the repository URL, first by checking the environment, then by | ||
// shelling out to git. | ||
static repository(cwd) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const envKey = exports.GitRepositoryEnvKeys.find((key) => process.env[key]); | ||
if (envKey) | ||
return process.env[envKey]; | ||
try { | ||
const { stdout } = yield exec(['git', cwd && `-C ${cwd.toString()}`, 'config', '--get', 'remote.origin.url'].join(' ')); | ||
return stdout.trim(); | ||
} | ||
catch (_a) { | ||
return undefined; | ||
} | ||
}); | ||
} | ||
// Returns the branch, first by checking the environment, then by | ||
// shelling out to git. | ||
static branch(cwd) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const envKey = exports.GitBranchEnvKeys.find((key) => process.env[key]); | ||
if (envKey) | ||
return process.env[envKey]; | ||
try { | ||
const { stdout } = yield exec(['git', cwd && `-C ${cwd.toString()}`, 'rev-parse', '--abbrev-ref', 'HEAD'].join(' ')); | ||
return stdout.trim(); | ||
} | ||
catch (_a) { | ||
return undefined; | ||
} | ||
}); | ||
} | ||
// Returns the commit SHA, first by checking the environment, then by | ||
// shelling out to git. | ||
static commit(cwd) { | ||
return __awaiter(this, void 0, void 0, function* () { | ||
const envKey = exports.GitCommitEnvKeys.find((key) => process.env[key]); | ||
if (envKey) | ||
return process.env[envKey]; | ||
try { | ||
const { stdout } = yield exec(['git', cwd && `-C ${cwd.toString()}`, 'rev-parse', 'HEAD'].join(' ')); | ||
return stdout.trim(); | ||
} | ||
catch (_a) { | ||
return undefined; | ||
} | ||
}); | ||
} | ||
static state(cwd) { | ||
@@ -301,2 +369,5 @@ return __awaiter(this, void 0, void 0, function* () { | ||
} | ||
static clearCache() { | ||
gitCache.clear(); | ||
} | ||
} | ||
@@ -303,0 +374,0 @@ const gitCache = new Map(); |
{ | ||
"name": "@appland/scanner", | ||
"version": "1.82.1", | ||
"version": "1.83.0", | ||
"description": "Analyze AppMaps for code flaws", | ||
@@ -5,0 +5,0 @@ "bin": "built/cli.js", |
Sorry, the diff of this file is too big to display
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
454147
213
7769
63