@xliic/cicd-core-node - npm Package Compare versions

Comparing version 5.5.0 to 5.6.0

lib/api.d.ts

 /// <reference types="node" />
-import { ApiStatus, AuditOptions, ApiCollectionResponse, TaskOptions, ScanOptions, ApiErrors, Api, ApiReport, AuditCompliance, SecurityGates } from "./types";
+import { ApiStatus, AuditOptions, ApiCollectionResponse, TaskOptions, ScanOptions, ApiErrors, Api, ApiReport, AuditCompliance, SecurityGates, NamingConvention, PlatformConfig } from "./types";
 export declare function listApis(collectionId: string, options: TaskOptions): Promise<ApiCollectionResponse>;
@@ -15,3 +15,3 @@ export declare function deleteApi(apiId: string, options: TaskOptions): Promise<unknown>;
 export declare function readCompliance(taskId: string, options: AuditOptions): Promise<AuditCompliance>;
-export declare function readGates(options: AuditOptions): Promise<SecurityGates | null>;
+export declare function readGates(options: TaskOptions): Promise<SecurityGates | null>;
 export declare function readScanReport(apiId: string, options: ScanOptions): Promise<[Date, any]>;
@@ -21,1 +21,4 @@ export declare function readScan(apiId: string, lastOnPremScan: Date, options: ScanOptions): Promise<any>;
 export declare function readScanConfiguration(apiId: string, options: TaskOptions): Promise<any>;
+export declare function getApiNamingConvention(options: TaskOptions): Promise<NamingConvention>;
+export declare function getCollectionNamingConvention(options: TaskOptions): Promise<NamingConvention>;
+export declare function getPlatformConfig(options: TaskOptions): Promise<PlatformConfig>;

lib/api.js

@@ -16,3 +16,3 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.readScanConfiguration = exports.startScan = exports.readScan = exports.readScanReport = exports.readGates = exports.readCompliance = exports.readAssessment = exports.createTechnicalCollection = exports.deleteCollection = exports.readTechnicalCollection = exports.readCollection = exports.updateApi = exports.readApiStatus = exports.createTechnicalApi = exports.createApi = exports.deleteApi = exports.listApis = void 0;
+exports.getPlatformConfig = exports.getCollectionNamingConvention = exports.getApiNamingConvention = exports.readScanConfiguration = exports.startScan = exports.readScan = exports.readScanReport = exports.readGates = exports.readCompliance = exports.readAssessment = exports.createTechnicalCollection = exports.deleteCollection = exports.readTechnicalCollection = exports.readCollection = exports.updateApi = exports.readApiStatus = exports.createTechnicalApi = exports.createApi = exports.deleteApi = exports.listApis = void 0;
 const got_1 = require("got");
@@ -366,1 +366,24 @@ const FormData = require("form-data");
 exports.readScanConfiguration = readScanConfiguration;
+function getApiNamingConvention(options) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const { body } = yield (0, got_1.default)(`api/v1/organizations/me/settings/apiNamingConvention`, gotOptions("GET", options));
+        return body;
+    });
+}
+exports.getApiNamingConvention = getApiNamingConvention;
+function getCollectionNamingConvention(options) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const { body } = yield (0, got_1.default)(`api/v1/organizations/me/settings/collectionNamingConvention`, gotOptions("GET", options));
+        return body;
+    });
+}
+exports.getCollectionNamingConvention = getCollectionNamingConvention;
+function getPlatformConfig(options) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const gates = yield readGates(options);
+        const apiNamingConvention = yield getApiNamingConvention(options);
+        const collectionNamingConvention = yield getCollectionNamingConvention(options);
+        return { gates, apiNamingConvention, collectionNamingConvention };
+    });
+}
+exports.getPlatformConfig = getPlatformConfig;

lib/audit.js

@@ -27,3 +27,4 @@ "use strict";
         try {
-            const files = yield runAudit(options);
+            const platformConfig = yield (0, api_1.getPlatformConfig)(options);
+            const files = yield runAudit(options, platformConfig);
             const failures = getFailures(files);
@@ -77,9 +78,8 @@ displayReport(files, options);
 }
-function runAudit(options) {
+function runAudit(options, platformConfig) {
     return __awaiter(this, void 0, void 0, function* () {
-        const gates = yield (0, api_1.readGates)(options);
         const [openapiFilenames, errors] = yield (0, discovery_1.discoverOpenApiFiles)(options);
-        const discovered = yield (0, discovery_1.auditDiscoveredFiles)(openapiFilenames, gates, options);
+        const discovered = yield (0, discovery_1.auditDiscoveredFiles)(openapiFilenames, options, platformConfig);
         if (options.config.mappedFiles) {
-            const mapped = yield (0, mapping_1.auditMappedFiles)(gates, options);
+            const mapped = yield (0, mapping_1.auditMappedFiles)(options, platformConfig);
             return new Map([...errors, ...discovered, ...mapped]);
@@ -86,0 +86,0 @@ }

lib/discovery.d.ts

@@ -1,6 +0,6 @@
-import { AuditOptions, ScanOptions, FileAuditMap, TaskOptions, FileScanMap, ApiErrors, Api, SecurityGates } from "./types";
-export declare function auditDiscoveredFiles(openapiFilenames: string[], gates: SecurityGates | null, options: AuditOptions): Promise<FileAuditMap>;
-export declare function scanDiscoveredFiles(openapiFilenames: string[], options: ScanOptions): Promise<FileScanMap>;
+import { AuditOptions, ScanOptions, FileAuditMap, TaskOptions, FileScanMap, ApiErrors, Api, PlatformConfig } from "./types";
+export declare function auditDiscoveredFiles(openapiFilenames: string[], options: AuditOptions, platformConfig: PlatformConfig): Promise<FileAuditMap>;
+export declare function scanDiscoveredFiles(openapiFilenames: string[], options: ScanOptions, platformConfig: PlatformConfig): Promise<FileScanMap>;
 export declare function discoverOpenApiFiles(options: TaskOptions): Promise<[string[], Map<string, ApiErrors>]>;
-export declare function createDiscoveredApi(collectionId: string, filename: string, options: TaskOptions): Promise<Api | ApiErrors>;
-export declare function createOrFindCollectionId(technicalName: string, name: string, options: TaskOptions): Promise<string>;
+export declare function createDiscoveredApi(collectionId: string, filename: string, options: TaskOptions, platformConfig: PlatformConfig): Promise<Api | ApiErrors>;
+export declare function createOrFindCollectionId(technicalName: string, name: string, options: TaskOptions, platformConfig: PlatformConfig): Promise<string>;

lib/discovery.js

@@ -20,3 +20,3 @@ "use strict";
 const preserving_json_yaml_parser_1 = require("@xliic/preserving-json-yaml-parser");
-function auditDiscoveredFiles(openapiFilenames, gates, options) {
+function auditDiscoveredFiles(openapiFilenames, options, platformConfig) {
     var _a, _b;
@@ -27,9 +27,11 @@ return __awaiter(this, void 0, void 0, function* () {
         }
-        const collectionId = yield createOrFindCollectionId((0, util_1.makeTechnicalCollectionName)(options.repoName, options.reference), (0, util_1.makeCollectionName)(options.repoName, options.reference, ((_b = (_a = options.config) === null || _a === void 0 ? void 0 : _a.discovery) === null || _b === void 0 ? void 0 : _b.name) || options.defaultCollectionName, options.logger), options);
-        const fileMap = yield uploadFilesToCollection(openapiFilenames, collectionId, options);
-        return (0, audit_results_1.readAuditResults)(fileMap, options.config.failureConditions, gates, options);
+        const technicalCollectionName = (0, util_1.makeTechnicalCollectionName)(options.repoName, options.reference);
+        const collectionName = (0, util_1.makeCollectionName)(options.repoName, options.reference, ((_b = (_a = options.config) === null || _a === void 0 ? void 0 : _a.discovery) === null || _b === void 0 ? void 0 : _b.name) || options.defaultCollectionName, options.logger);
+        const collectionId = yield createOrFindCollectionId(technicalCollectionName, collectionName, options, platformConfig);
+        const fileMap = yield uploadFilesToCollection(openapiFilenames, collectionId, options, platformConfig);
+        return (0, audit_results_1.readAuditResults)(fileMap, options.config.failureConditions, platformConfig.gates, options);
     });
 }
 exports.auditDiscoveredFiles = auditDiscoveredFiles;
-function scanDiscoveredFiles(openapiFilenames, options) {
+function scanDiscoveredFiles(openapiFilenames, options, platformConfig) {
     var _a, _b;
@@ -40,4 +42,6 @@ return __awaiter(this, void 0, void 0, function* () {
         }
-        const collectionId = yield createOrFindCollectionId((0, util_1.makeTechnicalCollectionName)(options.repoName, options.reference), (0, util_1.makeCollectionName)(options.repoName, options.reference, ((_b = (_a = options.config) === null || _a === void 0 ? void 0 : _a.discovery) === null || _b === void 0 ? void 0 : _b.name) || options.defaultCollectionName, options.logger), options);
-        const files = yield uploadFilesToCollection(openapiFilenames, collectionId, options);
+        const technicalCollectionName = (0, util_1.makeTechnicalCollectionName)(options.repoName, options.reference);
+        const collectionName = (0, util_1.makeCollectionName)(options.repoName, options.reference, ((_b = (_a = options.config) === null || _a === void 0 ? void 0 : _a.discovery) === null || _b === void 0 ? void 0 : _b.name) || options.defaultCollectionName, options.logger);
+        const collectionId = yield createOrFindCollectionId(technicalCollectionName, collectionName, options, platformConfig);
+        const files = yield uploadFilesToCollection(openapiFilenames, collectionId, options, platformConfig);
         const scanned = yield (0, scan_results_1.startScan)(files, options);
@@ -94,3 +98,3 @@ const results = yield (0, scan_results_1.readScanResults)(scanned, options);
 }
-function uploadFilesToCollection(filenames, collectionId, options) {
+function uploadFilesToCollection(filenames, collectionId, options, platformConfig) {
     return __awaiter(this, void 0, void 0, function* () {
@@ -109,3 +113,3 @@ const result = new Map();
                 // create file
-                result.set(action.filename, yield createDiscoveredApi(collectionId, action.filename, options));
+                result.set(action.filename, yield createDiscoveredApi(collectionId, action.filename, options, platformConfig));
             }
@@ -174,3 +178,3 @@ else if (action.action === "update") {
 }
-function createDiscoveredApi(collectionId, filename, options) {
+function createDiscoveredApi(collectionId, filename, options, platformConfig) {
     var _a;
@@ -185,2 +189,10 @@ return __awaiter(this, void 0, void 0, function* () {
         const apiData = Buffer.from((0, preserving_json_yaml_parser_1.stringify)(parsed), "utf8");
+        const error = (0, util_1.checkApiName)(name, platformConfig, options.logger);
+        if (error !== undefined) {
+            return {
+                errors: {
+                    convention: error,
+                },
+            };
+        }
         const api = yield (0, api_1.createTechnicalApi)(collectionId, filename, name, apiData, options);
@@ -196,8 +208,12 @@ if ("errors" in api) {
 exports.createDiscoveredApi = createDiscoveredApi;
-function createOrFindCollectionId(technicalName, name, options) {
+function createOrFindCollectionId(technicalName, name, options, platformConfig) {
     return __awaiter(this, void 0, void 0, function* () {
         const log = options.logger;
-        log.debug(`Checking for the technical collection name: ${technicalName}`);
+        log.debug(`Looking for the technical collection name: ${technicalName}`);
         const existingId = yield (0, api_1.readTechnicalCollection)(technicalName, options);
         if (!existingId) {
+            const error = (0, util_1.checkCollectionName)(name, platformConfig, options.logger);
+            if (error !== undefined) {
+                throw new Error(error);
+            }
             const newId = yield (0, api_1.createTechnicalCollection)(technicalName, name, options);
@@ -204,0 +220,0 @@ log.debug(`Created a new collection name "${name}" ID: ${newId}`);

lib/error.js

@@ -25,2 +25,5 @@ "use strict";
     }
+    else if (errors.errors.convention) {
+        return `Naming convention error: ${errors.errors.convention}`;
+    }
     else if (errors.errors.remote) {
@@ -27,0 +30,0 @@ return errors.errors.remote.description

lib/mapping.d.ts

@@ -1,3 +0,3 @@
-import { AuditOptions, FileAuditMap, FileScanMap, ScanOptions, SecurityGates } from "./types";
-export declare function auditMappedFiles(gates: SecurityGates | null, options: AuditOptions): Promise<FileAuditMap>;
+import { AuditOptions, FileAuditMap, FileScanMap, PlatformConfig, ScanOptions } from "./types";
+export declare function auditMappedFiles(options: AuditOptions, platformConfig: PlatformConfig): Promise<FileAuditMap>;
 export declare function scanMappedFiles(options: ScanOptions): Promise<FileScanMap>;

lib/mapping.js

@@ -18,6 +18,6 @@ "use strict";
 const scan_results_1 = require("./scan-results");
-function auditMappedFiles(gates, options) {
+function auditMappedFiles(options, platformConfig) {
     return __awaiter(this, void 0, void 0, function* () {
         const updatedMappedFiles = yield uploadMappedFiles(options);
-        return (0, audit_results_1.readAuditResults)(updatedMappedFiles, options.config.failureConditions, gates, options);
+        return (0, audit_results_1.readAuditResults)(updatedMappedFiles, options.config.failureConditions, platformConfig.gates, options);
     });
@@ -24,0 +24,0 @@ }

lib/scan.js

@@ -22,2 +22,3 @@ "use strict";
 const mapping_1 = require("./mapping");
+const api_1 = require("./api");
 function scan(inputs) {
@@ -27,3 +28,4 @@ return __awaiter(this, void 0, void 0, function* () {
         try {
-            const files = yield runScan(options);
+            const platformConfig = yield (0, api_1.getPlatformConfig)(options);
+            const files = yield runScan(options, platformConfig);
             const failures = getFailures(files);
@@ -68,6 +70,6 @@ displayReport(files, options);
 }
-function runScan(options) {
+function runScan(options, platformConfig) {
     return __awaiter(this, void 0, void 0, function* () {
         const [openapiFilenames, errors] = yield (0, discovery_1.discoverOpenApiFiles)(options);
-        const discovered = yield (0, discovery_1.scanDiscoveredFiles)(openapiFilenames, options);
+        const discovered = yield (0, discovery_1.scanDiscoveredFiles)(openapiFilenames, options, platformConfig);
         if (options.config.mappedFiles) {
@@ -74,0 +76,0 @@ const mapped = yield (0, mapping_1.scanMappedFiles)(options);

lib/types.d.ts

@@ -34,2 +34,3 @@ export declare type Result<R, E> = [R, undefined] | [undefined, E];
     errors: {
+        convention?: string;
         parsing?: string;
@@ -214,2 +215,7 @@ bundling?: string;
 }
+export interface PlatformConfig {
+    gates: SecurityGates | null;
+    apiNamingConvention: NamingConvention;
+    collectionNamingConvention: NamingConvention;
+}
 export interface ScanOptions extends TaskOptions {
@@ -227,2 +233,7 @@ config: ScanConfig;
 }
+export interface NamingConvention {
+    pattern: string;
+    description: string;
+    example: string;
+}
 export {};

lib/util.d.ts

@@ -1,4 +0,6 @@
-import { Logger, Reference } from "./types";
+import { Logger, PlatformConfig, Reference } from "./types";
 export declare function makeSafeName(name: string): string;
 export declare function makeCollectionName(repo: string, reference: Reference, nameTemplate: string, log: Logger): string;
 export declare function makeTechnicalCollectionName(repo: string, reference: Reference): string;
+export declare function checkApiName(name: string, platformConfig: PlatformConfig, logger: Logger): string | undefined;
+export declare function checkCollectionName(name: string, platformConfig: PlatformConfig, logger: Logger): string | undefined;

lib/util.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.makeTechnicalCollectionName = exports.makeCollectionName = exports.makeSafeName = void 0;
+exports.checkCollectionName = exports.checkApiName = exports.makeTechnicalCollectionName = exports.makeCollectionName = exports.makeSafeName = void 0;
 const url_1 = require("url");
@@ -80,1 +80,22 @@ const constants_1 = require("./constants");
 }
+function checkName(name, convention, defaultPattern, logger) {
+    const { pattern, description, example } = convention;
+    logger.debug(`Checking name "${name}" against the organization defined pattern "${pattern}"`);
+    if (pattern !== "" && !name.match(pattern)) {
+        return `The name does not match the expected pattern "${description}" defined in your organization. Example of the expected value: "${example}"`;
+    }
+    logger.debug(`Checking name "${name}" against the default pattern "${defaultPattern}"`);
+    if (!name.match(defaultPattern)) {
+        return `The input does not match the expected pattern "${defaultPattern}"`;
+    }
+}
+function checkApiName(name, platformConfig, logger) {
+    logger.debug(`Checking API name "${name}"`);
+    return checkName(name, platformConfig.apiNamingConvention, "^[\\w _.-]{1,64}$", logger);
+}
+exports.checkApiName = checkApiName;
+function checkCollectionName(name, platformConfig, logger) {
+    logger.debug(`Checking collection name "${name}"`);
+    return checkName(name, platformConfig.collectionNamingConvention, "^[\\w _.\\/:-]{1,2048}$", logger);
+}
+exports.checkCollectionName = checkCollectionName;

package.json

 {
   "name": "@xliic/cicd-core-node",
-  "version": "5.5.0",
+  "version": "5.6.0",
   "description": "Performs API contract security audit to get a detailed analysis of the possible vulnerabilities and other issues in the API contract.",
@@ -5,0 +5,0 @@ "main": "lib/index.js",

No alert changes

Improved metrics

Total package byte prevSize

109357

increased by4.42%

Lines of code

2500

increased by3.26%

No dependency changes