From 54e85a240867525126ef4ae76ca91a66b2cde0b2 Mon Sep 17 00:00:00 2001 From: Pete Freitag Date: Thu, 31 Oct 2024 10:43:10 -0400 Subject: [PATCH] Fixinator v5 Add support for goals to fixinator client --- README.md | 9 ++++ box.json | 4 +- commands/fixinator.cfc | 66 ++++++++++++++++------------ models/fixinator/FixinatorClient.cfc | 2 +- 4 files changed, 51 insertions(+), 30 deletions(-) diff --git a/README.md b/README.md index 1100af2..390e5eb 100644 --- a/README.md +++ b/README.md @@ -84,6 +84,15 @@ Added in Fixinator version 4. The path to a `.fixinator.json` configuration file to use. See below for details on the file contents. The command line argument overrides the default search path (looking in the base directory). +### goals + +Default: `security` - a comma separated list of goals for the scan. Possible values are `security` and `compatibility` + +When the `compatibility` goal is passed it will return compatibility issues found in the code for the `engines` specified. Typically when you use the `compatibility` mode you will specify the `engines` argument as well. Example + + fixinator path=c:\mycode\ goals=security,compatibility engines=adobe@2023 + +Added in Fixinator Version 5. ## Environment Variables diff --git a/box.json b/box.json index 8780dc4..3a2033c 100644 --- a/box.json +++ b/box.json @@ -1,8 +1,8 @@ { "name":"fixinator", - "version":"4.1.0", + "version":"5.0.0", "author":"Foundeo Inc.", - "location":"foundeo/fixinator#v4.1.0", + "location":"foundeo/fixinator#v5.0.0", "homepage":"https://fixinator.app/", "documentation":"https://github.com/foundeo/fixinator/wiki", "repository":{ diff --git a/commands/fixinator.cfc b/commands/fixinator.cfc index 83bdd3b..8c1e1da 100644 --- a/commands/fixinator.cfc +++ b/commands/fixinator.cfc @@ -38,6 +38,7 @@ component extends="commandbox.system.BaseCommand" excludeFromHelp=false { * @engines.hint A list of engines your code runs on, eg: lucee@5,adobe@2023 default any * @includeScanners.hint A comma seperated list of scanner ids to scan, all others ignored * @configFile.hint A path to a .fixinator.json file to use + * @goals.hint A list of goals for scanning [compatibility,security], default: security **/ function run( string path=".", @@ -58,7 +59,8 @@ component extends="commandbox.system.BaseCommand" excludeFromHelp=false { boolean gitChanged=false, string engines="", string includeScanners="", - string configFile="" + string configFile="", + string goals="security" ) { var fileInfo = ""; var severityLevel = 1; @@ -321,6 +323,9 @@ component extends="commandbox.system.BaseCommand" excludeFromHelp=false { if (len(arguments.includeScanners)) { config.includeScanners = listToArray(replace(arguments.includeScanners, " ", "", "ALL")); } + if (len(arguments.goals)) { + config["goals"] = listToArray(replace(arguments.goals, " ", "", "ALL")); + } if (len(arguments.configFile)) { arguments.configFile = fileSystemUtil.resolvePath( arguments.configFile ); @@ -606,23 +611,7 @@ component extends="commandbox.system.BaseCommand" excludeFromHelp=false { } } - if (arguments.listScanners && local.results.keyExists("categories")) { - print.line(); - print.line("Results by Scanner (confidence=#local.results.config.minConfidence#, severity=#local.results.config.minSeverity#):"); - for (local.cat in local.results.categories) { - local.issues = 0; - for (local.i in local.results.results) { - if (local.i.id == local.cat) { - local.issues++; - } - } - if (local.issues == 0) { - print.greenLine(" ✓ " & local.results.categories[cat].name & " [" & cat & "]" ); - } else { - print.redLine(" ! " & local.results.categories[cat].name & " [" & cat & "] (" & local.issues & ")" ); - } - } - } + /* for (local.i in local.results.results) { @@ -663,20 +652,38 @@ component extends="commandbox.system.BaseCommand" excludeFromHelp=false { } - if (arguments.debug) { - local.debugLogFile = expandPath("{lucee-web}/logs/fixinator-client-debug.log"); - print.line(); - if (fileExists(local.debugLogFile)) { - print.boldGreenLine("Debug information logged to: #local.debugLogFile#"); + + + + + } + + if (arguments.listScanners && local.results.keyExists("categories")) { + print.line(); + print.line("Results by Scanner (confidence=#local.results.config.minConfidence#, severity=#local.results.config.minSeverity#):"); + for (local.cat in local.results.categories) { + local.issues = 0; + for (local.i in local.results.results) { + if (local.i.id == local.cat) { + local.issues++; + } + } + if (local.issues == 0) { + print.greenLine(" ✓ " & local.results.categories[cat].name & " [" & cat & "]" ); } else { - print.boldRedLine("Expected debug information to be logged to: #local.debugLogFile# but the file does not exist."); + print.redLine(" ! " & local.results.categories[cat].name & " [" & cat & "] (" & local.issues & ")" ); } } + } - if (arguments.failOnIssues) { - setExitCode( 1 ); + if (arguments.debug) { + local.debugLogFile = expandPath("{lucee-web}/logs/fixinator-client-debug.log"); + print.line(); + if (fileExists(local.debugLogFile)) { + print.boldGreenLine("Debug information logged to: #local.debugLogFile#"); + } else { + print.boldRedLine("Expected debug information to be logged to: #local.debugLogFile# but the file does not exist."); } - } if (fixinatorClient.hasClientUpdate()) { @@ -686,6 +693,11 @@ component extends="commandbox.system.BaseCommand" excludeFromHelp=false { } + if (arrayLen(local.results.results) > 0 ) { + if (arguments.failOnIssues) { + setExitCode( 1 ); + } + } } diff --git a/models/fixinator/FixinatorClient.cfc b/models/fixinator/FixinatorClient.cfc index 537700b..95cd0db 100644 --- a/models/fixinator/FixinatorClient.cfc +++ b/models/fixinator/FixinatorClient.cfc @@ -421,7 +421,7 @@ component singleton="true" { } else if (httpResult.statusCode contains "429") { //TOO MANY REQUESTS if (arguments.isRetry == 1) { - throw(message="Fixinator API Returned 429 Status Code (Too Many Requests). This is usually due to an exceded monthly quote limit. You can either purchase a bigger plan or request a one time limit increase.", type="FixinatorClient"); + throw(message="Fixinator API Returned 429 Status Code (Too Many Requests). This is usually due to an exceeded monthly quota limit. You can either purchase a bigger plan or request a one time limit increase.", type="FixinatorClient"); } else { //retry it once sleep(1500);