Merge pull request #562 from 23andMe/SEC-1819-remove-deps-checker

SEC-1819 Removed deps checker.

Dockerfile

@@ -439,11 +439,6 @@ ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk-master/arm-ttk/arm-ttk.psd1"
 #############################
 COPY lib /action/lib
 
-####################################
-# Copy custom linters to container #
-####################################
-COPY ttam-linters /action/ttam-linters
-
 ##################################
 # Copy linter rules to container #
 ##################################

Dockerfile-slim

@@ -374,11 +374,6 @@ ENV PATH="${PATH}:/node_modules/.bin"
 #############################
 COPY lib /action/lib
 
-####################################
-# Copy custom linters to container #
-####################################
-COPY ttam-linters /action/ttam-linters
-
 ##################################
 # Copy linter rules to container #
 ##################################

README.md

@@ -104,12 +104,12 @@ Developers on **GitHub** can call the **GitHub Action** to lint their codebase w
 | **YAML**                         | [YamlLint](https://github.com/adrienverge/yamllint)                                                                                                                           |
 
 ### 23andMe Custom Linters
-| _Language_                       | _Linter_                                                                                         |
-| -------------------------------- | ------------------------------------------------------------------------------------------------ |
-| _(All files)_                    | [semgrep](https://github.com/returntocorp/semgrep)                                               |
-| _(Dependency files)_             | [deps-checker](https://github.com/23andMe/super-linter/blob/master/ttam-linters/deps-checker.sh) |
-| **AWS CloudFormation templates** | [cfn-nag](https://github.com/stelligent/cfn_nag)                                                 |
-| **Python3**                      | [bandit](https://github.com/PyCQA/bandit)                                                        |
+| _Language_                       | _Linter_                                                                                                                                                                      |
+| -------------------------------- | ----------------------------------------------------|
+| _(All files)_                    | [semgrep](https://github.com/returntocorp/semgrep)  |
+| **AWS CloudFormation templates** | [cfn-nag](https://github.com/stelligent/cfn_nag)    |
+| **Python3**                      | [bandit](https://github.com/PyCQA/bandit)           |
+
 
 
 ## How to use
@@ -438,7 +438,7 @@ The following is a list of supported language packs.
 
 | **Language pack**            | **Included Tools**                                                                                                                                   |
 | -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ |
-| **RUN_SECURITY_TOOLS**     | `CLOUDFORMATION_CFN_NAG`<br />`DEPS_CHECKER`<br />`DOCKERFILE_HADOLINT`<br />`GITLEAKS`<br />`PYTHON_BANDIT`<br />`SEMGREP`<br />`TERRAFORM_TERRASCAN` |
+| **RUN_SECURITY_TOOLS**     | `CLOUDFORMATION_CFN_NAG`<br />`DOCKERFILE_HADOLINT`<br />`GITLEAKS`<br />`PYTHON_BANDIT`<br />`SEMGREP`<br />`TERRAFORM_TERRASCAN` |
 | **RUN_CODE_QUALITY_TOOLS** | _(All other tools that are currently not security tools)_                                                                                              |
 
 ### Template rules files

lib/functions/buildFileList.sh

@@ -318,8 +318,6 @@ function BuildFileList() {
     FILE_ARRAY_JSCPD+=("${FILE}")
     # GitLeaks also runs an all files
     FILE_ARRAY_GITLEAKS+=("${FILE}")
-    # deps-checker should also check all the files
-    FILE_ARRAY_DEPS_CHECKER+=("${FILE}") # Deps-checker will filter for appropriate files
 
     #######################
     # Get the shell files #

lib/functions/linterVersions.sh

@@ -68,7 +68,7 @@ BuildLinterVersions() {
       if [[ ${LINTER} == "arm-ttk" ]]; then
         # Need specific command for ARM
         GET_VERSION_CMD="$(grep -iE 'version' "/usr/bin/arm-ttk" | xargs 2>&1)"
-      elif [[ ${LINTER} == "bash-exec" ]] || [[ ${LINTER} == "deps-checker" ]] || [[ ${LINTER} == "gherkin-lint" ]] || [[ ${LINTER} == "gitleaks" ]]; then
+      elif [[ ${LINTER} == "bash-exec" ]] || [[ ${LINTER} == "gherkin-lint" ]] || [[ ${LINTER} == "gitleaks" ]]; then
         # Need specific command for Protolint and editorconfig-checker
         GET_VERSION_CMD="$(echo "--version not supported")"
       elif [[ ${LINTER} == "lintr" ]]; then

lib/functions/lintly.sh

@@ -22,7 +22,6 @@ LINTLY_SUPPORT_ARRAY['DOCKERFILE_HADOLINT']="hadolint"
 LINTLY_SUPPORT_ARRAY['CLOUDFORMATION']="cfn-lint"
 LINTLY_SUPPORT_ARRAY['CLOUDFORMATION_CFN_NAG']="cfn-nag"
 LINTLY_SUPPORT_ARRAY['GITLEAKS']="gitleaks"
-LINTLY_SUPPORT_ARRAY['DEPS_CHECKER']='deps-checker'
 LINTLY_SUPPORT_ARRAY['SEMGREP']='semgrep'
 export LINTLY_SUPPORT_ARRAY # Workaround SC2034
 

lib/linter.sh

@@ -235,7 +235,7 @@ RUN_CODE_QUALITY_TOOLS="${RUN_CODE_QUALITY_TOOLS:-false}"
 # Language array #
 ##################
 LANGUAGE_ARRAY=('ANSIBLE' 'ARM' 'BASH' 'BASH_EXEC' 'CLANG_FORMAT'
-  'CLOUDFORMATION' 'CLOUDFORMATION_CFN_NAG' 'CLOJURE' 'COFFEESCRIPT' 'CPP' 'CSHARP' 'CSS' 'DART' 'DEPS_CHECKER'
+  'CLOUDFORMATION' 'CLOUDFORMATION_CFN_NAG' 'CLOJURE' 'COFFEESCRIPT' 'CPP' 'CSHARP' 'CSS' 'DART'
   'DOCKERFILE' 'DOCKERFILE_HADOLINT' 'EDITORCONFIG' 'ENV' 'GITHUB_ACTIONS'
   'GITLEAKS' 'GHERKIN' 'GO' 'GOOGLE_JAVA_FORMAT' 'GROOVY' 'HTML' 'JAVA'
   'JAVASCRIPT_ES' "${JAVASCRIPT_STYLE_NAME}" 'JSCPD' 'JSON' 'JSONC' 'JSX'
@@ -264,7 +264,6 @@ LINTER_NAMES_ARRAY['CPP']="cpplint"
 LINTER_NAMES_ARRAY['CSHARP']="dotnet-format"
 LINTER_NAMES_ARRAY['CSS']="stylelint"
 LINTER_NAMES_ARRAY['DART']="dart"
-LINTER_NAMES_ARRAY['DEPS_CHECKER']="deps-checker"
 LINTER_NAMES_ARRAY['DOCKERFILE']="dockerfilelint"
 LINTER_NAMES_ARRAY['DOCKERFILE_HADOLINT']="hadolint"
 LINTER_NAMES_ARRAY['EDITORCONFIG']="editorconfig-checker"
@@ -336,7 +335,7 @@ LINTED_LANGUAGES_ARRAY=() # Will be filled at run time with all languages that w
 ##################
 LANGUAGE_PACKS=('SECURITY_TOOLS' 'CODE_QUALITY_TOOLS')
 # shellcheck disable=SC2034  # Variable is referenced indirectly
-SECURITY_TOOLS=('CLOUDFORMATION_CFN_NAG' 'DOCKERFILE_HADOLINT' 'GITLEAKS' 'PYTHON_BANDIT' 'TERRAFORM_TERRASCAN' 'DEPS_CHECKER' 'SEMGREP')
+SECURITY_TOOLS=('CLOUDFORMATION_CFN_NAG' 'DOCKERFILE_HADOLINT' 'GITLEAKS' 'PYTHON_BANDIT' 'TERRAFORM_TERRASCAN' 'SEMGREP')
 # CODE_QUALITY_TOOLS are all tools (i.e., items in LANGUAGE_ARRAY) that are not in SECURITY_TOOLS
 # shellcheck disable=SC2034  # Variable is referenced indirectly
 mapfile -t CODE_QUALITY_TOOLS < <(printf '%s\n' "${LANGUAGE_ARRAY[@]}" "${SECURITY_TOOLS[@]}" | sort | uniq -u)
@@ -740,7 +739,6 @@ LINTER_COMMANDS_ARRAY['CPP']="cpplint"
 LINTER_COMMANDS_ARRAY['CSHARP']="dotnet-format --folder --check --exclude / --include"
 LINTER_COMMANDS_ARRAY['CSS']="stylelint --config ${CSS_LINTER_RULES}"
 LINTER_COMMANDS_ARRAY['DART']="dartanalyzer --fatal-infos --fatal-warnings --options ${DART_LINTER_RULES}"
-LINTER_COMMANDS_ARRAY['DEPS_CHECKER']="/action/ttam-linters/deps-checker.sh"
 # NOTE: dockerfilelint's "-c" option expects the folder *containing* the DOCKER_LINTER_RULES file
 LINTER_COMMANDS_ARRAY['DOCKERFILE']="dockerfilelint -c $(dirname "${DOCKERFILE_LINTER_RULES}")"
 LINTER_COMMANDS_ARRAY['DOCKERFILE_HADOLINT']="hadolint -c ${DOCKERFILE_HADOLINT_LINTER_RULES} ${LINTER_OPTS[DOCKERFILE_HADOLINT]}"