Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve Golang audit logs #948

Merged
merged 40 commits into from
Sep 12, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
40 commits
Select commit Hold shift + click to select a range
f84d011
copy dir
sverdlov93 Sep 3, 2023
e88a637
Merge branch 'dev' of https://github.com/jfrog/jfrog-cli-core into si…
sverdlov93 Sep 3, 2023
66491de
copy dir
sverdlov93 Sep 3, 2023
9e57843
copy dir
sverdlov93 Sep 3, 2023
596141c
copy dir
sverdlov93 Sep 3, 2023
3c4cee3
copy dir
sverdlov93 Sep 3, 2023
24b8006
copy dir
sverdlov93 Sep 3, 2023
ff33179
copy dir
sverdlov93 Sep 3, 2023
4e2103d
copy dir
sverdlov93 Sep 3, 2023
f2666c4
copy dir
sverdlov93 Sep 3, 2023
4d864d5
merge dev
sverdlov93 Sep 3, 2023
bfd144e
copy dir
sverdlov93 Sep 3, 2023
a4cfbd1
copy dir
sverdlov93 Sep 3, 2023
9d28d5f
copy dir
sverdlov93 Sep 3, 2023
5393f10
copy dir
sverdlov93 Sep 3, 2023
ce51639
copy dir
sverdlov93 Sep 3, 2023
d47bb8e
copy dir
sverdlov93 Sep 3, 2023
83043dd
copy dir
sverdlov93 Sep 3, 2023
4db8c93
copy dir
sverdlov93 Sep 3, 2023
64926ad
copy dir
sverdlov93 Sep 4, 2023
39e4606
copy dir
sverdlov93 Sep 4, 2023
fb8a2ad
copy dir
sverdlov93 Sep 4, 2023
b5f22e7
Merge branch 'dev' of https://github.com/jfrog/jfrog-cli-core into si…
sverdlov93 Sep 4, 2023
65199d0
copy dir
sverdlov93 Sep 4, 2023
e682abd
copy dir
sverdlov93 Sep 4, 2023
6920571
copy dir
sverdlov93 Sep 4, 2023
e7f45e6
copy dir
sverdlov93 Sep 4, 2023
484888e
copy dir
sverdlov93 Sep 5, 2023
bede994
copy dir
sverdlov93 Sep 5, 2023
5250604
copy dir
sverdlov93 Sep 5, 2023
f70d9b9
copy dir
sverdlov93 Sep 5, 2023
beb6620
copy dir
sverdlov93 Sep 5, 2023
0751551
copy dir
sverdlov93 Sep 5, 2023
43b3c93
copy dir
sverdlov93 Sep 5, 2023
74aabbb
copy dir
sverdlov93 Sep 5, 2023
061eb0b
Merge branch 'dev' of https://github.com/jfrog/jfrog-cli-core into si…
sverdlov93 Sep 5, 2023
deb60e3
Merge branch 'dev' of https://github.com/jfrog/jfrog-cli-core into si…
sverdlov93 Sep 12, 2023
3fd5363
fix build script
sverdlov93 Sep 12, 2023
d474553
fix build script
sverdlov93 Sep 12, 2023
6d4d064
fix build script
sverdlov93 Sep 12, 2023
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion xray/commands/audit/sca/go/golang.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ func BuildDependencyTree(server *config.ServerDetails, remoteGoRepo string) (dep
}
// Calculate go dependencies graph
dependenciesGraph, err := goutils.GetDependenciesGraph(currentDir)
if err != nil {
if err != nil || len(dependenciesGraph) == 0 {
return
}
// Calculate go dependencies list
Expand Down
4 changes: 2 additions & 2 deletions xray/commands/audit/scarunner.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ func runScaScanOnWorkingDir(params *AuditParams, results *Results, workingDir, r
err = errors.Join(err, fmt.Errorf("failed while building '%s' dependency tree:\n%s\n", tech, techErr.Error()))
continue
}
if len(flattenTree.Nodes) == 0 {
if flattenTree == nil || len(flattenTree.Nodes) == 0 {
err = errors.Join(err, errors.New("no dependencies were found. Please try to build your project and re-run the audit command"))
continue
}
Expand Down Expand Up @@ -158,7 +158,7 @@ func GetTechDependencyTree(params *xrayutils.AuditBasicParams, tech coreutils.Te
default:
err = errorutils.CheckErrorf("%s is currently not supported", string(tech))
}
if err != nil {
if err != nil || len(uniqueDeps) == 0 {
return
}
log.Debug(fmt.Sprintf("Created '%s' dependency tree with %d nodes. Elapsed time: %.1f seconds.", tech.ToFormal(), len(uniqueDeps), time.Since(startTime).Seconds()))
Expand Down
6 changes: 4 additions & 2 deletions xray/utils/analyzermanager_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,13 +79,15 @@ func TestExtractRelativePath(t *testing.T) {
expectedResult string
}{
{secretPath: "file:///Users/user/Desktop/secrets_scanner/tests/req.nodejs/file.js",
projectPath: "Users/user/Desktop/secrets_scanner/", expectedResult: "/tests/req.nodejs/file.js"},
projectPath: "Users/user/Desktop/secrets_scanner/", expectedResult: "tests/req.nodejs/file.js"},
{secretPath: "invalidSecretPath",
projectPath: "Users/user/Desktop/secrets_scanner/", expectedResult: "invalidSecretPath"},
{secretPath: "",
projectPath: "Users/user/Desktop/secrets_scanner/", expectedResult: ""},
{secretPath: "file:///Users/user/Desktop/secrets_scanner/tests/req.nodejs/file.js",
projectPath: "invalidProjectPath", expectedResult: "/Users/user/Desktop/secrets_scanner/tests/req.nodejs/file.js"},
projectPath: "invalidProjectPath", expectedResult: "Users/user/Desktop/secrets_scanner/tests/req.nodejs/file.js"},
{secretPath: "file:///private/Users/user/Desktop/secrets_scanner/tests/req.nodejs/file.js",
projectPath: "invalidProjectPath", expectedResult: "Users/user/Desktop/secrets_scanner/tests/req.nodejs/file.js"},
}

for _, test := range tests {
Expand Down
59 changes: 2 additions & 57 deletions xray/utils/sarifutils.go
Original file line number Diff line number Diff line change
Expand Up @@ -81,62 +81,6 @@ func AggregateMultipleRunsIntoSingle(runs []*sarif.Run, destination *sarif.Run)
}
}

func getRunInformationUri(run *sarif.Run) string {
if run != nil && run.Tool.Driver != nil && run.Tool.Driver.InformationURI != nil {
return *run.Tool.Driver.InformationURI
}
return ""
}

// Calculate new information that exists at the run and not at the source
func GetDiffFromRun(sources []*sarif.Run, targets []*sarif.Run) (runWithNewOnly *sarif.Run) {
// Combine
combinedSource := sarif.NewRunWithInformationURI(sources[0].Tool.Driver.Name, getRunInformationUri(sources[0])).WithInvocations([]*sarif.Invocation{})
AggregateMultipleRunsIntoSingle(sources, combinedSource)
if combinedSource == nil {
return
}
if len(targets) == 0 {
return combinedSource
}
combinedTarget := sarif.NewRunWithInformationURI(targets[0].Tool.Driver.Name, getRunInformationUri(targets[0])).WithInvocations([]*sarif.Invocation{})
AggregateMultipleRunsIntoSingle(targets, combinedTarget)
if combinedTarget == nil {
return combinedSource
}
// Get diff
runWithNewOnly = sarif.NewRun(combinedSource.Tool).WithInvocations(combinedSource.Invocations)
for _, sourceResult := range combinedSource.Results {
targetMatchingResults := GetResultsByRuleId(combinedTarget, *sourceResult.RuleID)
if len(targetMatchingResults) == 0 {
runWithNewOnly.AddResult(sourceResult)
if rule, _ := combinedSource.GetRuleById(*sourceResult.RuleID); rule != nil {
runWithNewOnly.Tool.Driver.AddRule(rule)
}
continue
}
for _, targetMatchingResult := range targetMatchingResults {
if len(sourceResult.Locations) > len(targetMatchingResult.Locations) ||
len(sourceResult.CodeFlows) > len(targetMatchingResult.CodeFlows) {
runWithNewOnly.AddResult(sourceResult)
if rule, _ := combinedSource.GetRuleById(*sourceResult.RuleID); rule != nil {
runWithNewOnly.Tool.Driver.AddRule(rule)
}
}
}
}
return
}

func FilterResultsByRuleIdAndMsgText(source []*sarif.Result, ruleId, msgText string) (results []*sarif.Result) {
for _, result := range source {
if ruleId == *result.RuleID && msgText == GetResultMsgText(result) {
results = append(results, result)
}
}
return
}

func GetLocationRelatedCodeFlowsFromResult(location *sarif.Location, result *sarif.Result) (codeFlows []*sarif.CodeFlow) {
for _, codeFlow := range result.CodeFlows {
for _, stackTrace := range codeFlow.ThreadFlows {
Expand Down Expand Up @@ -300,7 +244,8 @@ func ExtractRelativePath(resultPath string, projectRoot string) string {

// Get relative path
relativePath := strings.ReplaceAll(resultPath, projectRoot, "")
return strings.TrimPrefix(relativePath, string(filepath.Separator))
trimSlash := strings.TrimPrefix(relativePath, string(filepath.Separator))
return strings.TrimPrefix(trimSlash, "/")
}

func GetResultSeverity(result *sarif.Result) string {
Expand Down