@enterprise-cmcs/macpro-security-hub-sync - npm Package Compare versions

Comparing version 1.11.3 to 1.12.0

dist/libs/security-hub-lib.d.ts

@@ -19,2 +19,3 @@ import { Remediation, AwsSecurityFinding } from "@aws-sdk/client-securityhub";
     Resources?: Resource[];
+    [key: string]: string | unknown;
 }
@@ -21,0 +22,0 @@ export declare class SecurityHub {

dist/macpro-security-hub-sync.d.ts

@@ -16,2 +16,7 @@ import { Resource, SecurityHubFinding } from "./libs";
 }
+interface LabelConfig {
+    labelField: string;
+    labelPrefix?: string;
+    labelDelimiter?: string;
+}
 export declare class SecurityHubJiraSync {
@@ -33,2 +38,3 @@ private readonly jira;
     getPriorityNumber: (severity: string, isEnterprise?: boolean) => string;
+    createLabels(finding: SecurityHubFinding, identifyingLabels: string[], config: LabelConfig[]): string[];
     createJiraIssueFromFinding(finding: SecurityHubFinding, identifyingLabels: string[]): Promise<{
@@ -35,0 +41,0 @@ action: string;

dist/macpro-security-hub-sync.js

@@ -208,2 +208,27 @@ "use strict";
     };
+    createLabels(finding, identifyingLabels, config) {
+        const labels = [];
+        const fields = ["accountId", "region", "identify"];
+        const values = [...identifyingLabels, "security-hub"];
+        config.forEach(({ labelField: field, labelDelimiter: delim, labelPrefix: prefix }) => {
+            const delimiter = delim ?? "";
+            const labelPrefix = prefix ?? "";
+            if (fields.includes(field)) {
+                const index = fields.indexOf(field);
+                if (index >= 0) {
+                    labels.push(`${labelPrefix}${delimiter}${values[index]
+                        ?.trim()
+                        .replace(/ /g, "")}`);
+                }
+            }
+            else {
+                const value = (finding[field] ?? "")
+                    .toString()
+                    .trim()
+                    .replace(/ /g, "");
+                labels.push(`${labelPrefix}${delimiter}${value}`);
+            }
+        });
+        return labels;
+    }
     async createJiraIssueFromFinding(finding, identifyingLabels) {
@@ -232,2 +257,11 @@ const priorities = await this.jira.getPriorityIdsInDescendingOrder();
         };
+        if (process.env.LABELS_CONFIG) {
+            try {
+                const config = JSON.parse(process.env.LABELS_CONFIG);
+                newIssueData.fields.labels = this.createLabels(finding, identifyingLabels, config);
+            }
+            catch (e) {
+                console.log("Invalid labels config - going with default labels");
+            }
+        }
         if (finding.severity && process.env.JIRA_HOST?.includes("jiraent")) {
@@ -234,0 +268,0 @@ newIssueData.fields.priority = {

package.json

@@ -7,3 +7,3 @@ {
   },
-  "version": "1.11.3",
+  "version": "1.12.0",
   "description": "NPM module to create Jira issues for all findings in Security Hub for the current AWS account..",
@@ -10,0 +10,0 @@ "main": "./dist/index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

49775

increased by3.37%

Lines of code

879

increased by4.89%

Worsened metrics

Number of low supply chain risk alerts

32

increased by6.67%

No dependency changes