From 57dfc124fe497a723fda48439e488992a9b4094f Mon Sep 17 00:00:00 2001 From: kienmai Date: Tue, 9 Apr 2024 20:31:43 -0500 Subject: [PATCH] =?UTF-8?q?Update=20load=20t=C3=A9ting=20reports?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...f9-dd39-4c45-a6ec-076d7847ee34-report.json | 1 - docs/load_test_report/nodejsscan-report.html | 131 --------- docs/load_test_report/nodejsscan-report.json | 172 ----------- docs/load_test_report/nodejsscan-report.sarif | 72 ----- .../report_1712711710.0159616.html | 277 ++++++++++++++++++ 5 files changed, 277 insertions(+), 376 deletions(-) delete mode 100644 docs/load_test_report/all-ad96f2f9-dd39-4c45-a6ec-076d7847ee34-report.json delete mode 100644 docs/load_test_report/nodejsscan-report.html delete mode 100644 docs/load_test_report/nodejsscan-report.json delete mode 100644 docs/load_test_report/nodejsscan-report.sarif create mode 100644 docs/load_test_report/report_1712711710.0159616.html diff --git a/docs/load_test_report/all-ad96f2f9-dd39-4c45-a6ec-076d7847ee34-report.json b/docs/load_test_report/all-ad96f2f9-dd39-4c45-a6ec-076d7847ee34-report.json deleted file mode 100644 index e393db9..0000000 --- a/docs/load_test_report/all-ad96f2f9-dd39-4c45-a6ec-076d7847ee34-report.json +++ /dev/null @@ -1 +0,0 @@ -{"tool": {"driver": {"name": "Static security code scan by NodeJsScan"}}, "conversion": {"tool": {"driver": {"name": "@AppThreat/sast-scan"}}, "invocation": {"arguments": ["--output", "/github/workspace/reports/nodejsscan-report.json", "-d", "/github/workspace"], "executionSuccessful": true, "commandLine": "--output /github/workspace/reports/nodejsscan-report.json -d /github/workspace", "endTimeUtc": "2024-04-09T02:49:45Z", "workingDirectory": {"uri": "https://github.com/maingockien01/comp4350-team8/blob/60a64908477d396a400fdfe0f0cc6c4cc783c915"}}}, "invocations": [{"executionSuccessful": true, "endTimeUtc": "2024-04-09T02:49:45Z", "workingDirectory": {"uri": "https://github.com/maingockien01/comp4350-team8/blob/60a64908477d396a400fdfe0f0cc6c4cc783c915"}}], "properties": {"metrics": {"total": 0, "critical": 0, "high": 0, "medium": 0, "low": 0}}, "results": [], "automationDetails": {"description": {"text": "Static Analysis Security Test results using @AppThreat/sast-scan"}, "guid": "3fa0a760-5d0a-4dbe-98bf-69220bff7c88"}, "versionControlProvenance": [{"branch": "main", "repositoryUri": "https://github.com/maingockien01/comp4350-team8", "revisionId": "60a64908477d396a400fdfe0f0cc6c4cc783c915"}]} diff --git a/docs/load_test_report/nodejsscan-report.html b/docs/load_test_report/nodejsscan-report.html deleted file mode 100644 index 78c9064..0000000 --- a/docs/load_test_report/nodejsscan-report.html +++ /dev/null @@ -1,131 +0,0 @@ - - - - - AppThreat SAST scan report - - - - - - - - - - - - - -
-
-
- - sast-scan - dep-scan -
-
-
-
-
-
-

SAST scan status

-

Report from the scan performed on   2024-04-09 at 02:49:45 for https://github.com/maingockien01/comp4350-team8

-
-
-
-
-
-
-
-
-
Repository Details
-
https://github.com/maingockien01/comp4350-team8
-
-
-
Branch main
-
Commit 60a64908477d396a400fdfe0f0cc6c4cc783c915
-
-
-
-
-
-
-
Invocation Details
-
Static security code scan by NodeJsScan
-
-
-
Run Id ad96f2f9-dd39-4c45-a6ec-076d7847ee34
-
Directory https://github.com/maingockien01/comp4350-team8/blob/60a64908477d396a400fdfe0f0cc6c4cc783c915
-
-
-
-
-
-
-
- - - Executive Summary - -
-
-

This report was generated by AppThreat from the SAST scan invocation on 2024-04-09 at 02:49:45. The scan used the open source tool Static security code scan by NodeJsScan to scan the source code repository https://github.com/maingockien01/comp435.... -

- - -

 

-

  Based on this report, the application is certified as ready for deployment to test and production environments. Please refer to the dependency and container scan reports (if available) for additional context.

- -
-
-
- -
-
-
-
-

All Issues (0)

-
-
-
- - - - - - -
- - - - - -
-
- - - - - - - - - - - - -
RuleSeveritySource locationMessage
-
-
-
-
-
-
-

Thank you for supporting AppThreat

-
- - \ No newline at end of file diff --git a/docs/load_test_report/nodejsscan-report.json b/docs/load_test_report/nodejsscan-report.json deleted file mode 100644 index 63913f6..0000000 --- a/docs/load_test_report/nodejsscan-report.json +++ /dev/null @@ -1,172 +0,0 @@ -{ - "files": [ - { - "/docker-compose.yml": "/github/workspace/docker-compose.yml" - }, - { - "/package-lock.json": "/github/workspace/package-lock.json" - }, - { - "/tsconfig.json": "/github/workspace/tsconfig.json" - }, - { - "/package.json": "/github/workspace/package.json" - }, - { - "/.github/dependabot.yml": "/github/workspace/.github/dependabot.yml" - }, - { - "/.github/workflows/ci.yml": "/github/workspace/.github/workflows/ci.yml" - }, - { - "/apps/backend/.eslintrc.js": "/github/workspace/apps/backend/.eslintrc.js" - }, - { - "/apps/backend/tsconfig.build.json": "/github/workspace/apps/backend/tsconfig.build.json" - }, - { - "/apps/backend/nest-cli.json": "/github/workspace/apps/backend/nest-cli.json" - }, - { - "/apps/backend/package.json": "/github/workspace/apps/backend/package.json" - }, - { - "/apps/backend/test/e2e/jest.json": "/github/workspace/apps/backend/test/e2e/jest.json" - }, - { - "/apps/backend/test/unit/jest.json": "/github/workspace/apps/backend/test/unit/jest.json" - }, - { - "/apps/frontend/vite.config.js": "/github/workspace/apps/frontend/vite.config.js" - }, - { - "/apps/frontend/babel.config.js": "/github/workspace/apps/frontend/babel.config.js" - }, - { - "/apps/frontend/index.html": "/github/workspace/apps/frontend/index.html" - }, - { - "/apps/frontend/tsconfig.json": "/github/workspace/apps/frontend/tsconfig.json" - }, - { - "/apps/frontend/.eslintrc.js": "/github/workspace/apps/frontend/.eslintrc.js" - }, - { - "/apps/frontend/package.json": "/github/workspace/apps/frontend/package.json" - }, - { - "/apps/frontend/public/manifest.json": "/github/workspace/apps/frontend/public/manifest.json" - }, - { - "/apps/frontend/test/unit/jest.json": "/github/workspace/apps/frontend/test/unit/jest.json" - }, - { - "/scripts/dev/install.sh": "/github/workspace/scripts/dev/install.sh" - }, - { - "/scripts/dev/dev.local.sh": "/github/workspace/scripts/dev/dev.local.sh" - }, - { - "/scripts/dev/lint.sh": "/github/workspace/scripts/dev/lint.sh" - }, - { - "/scripts/dev/watch.frontend.sh": "/github/workspace/scripts/dev/watch.frontend.sh" - }, - { - "/packages/constants/tsconfig.json": "/github/workspace/packages/constants/tsconfig.json" - }, - { - "/packages/constants/.eslintrc.js": "/github/workspace/packages/constants/.eslintrc.js" - }, - { - "/packages/constants/package.json": "/github/workspace/packages/constants/package.json" - }, - { - "/packages/utils/tsconfig.json": "/github/workspace/packages/utils/tsconfig.json" - }, - { - "/packages/utils/.eslintrc.js": "/github/workspace/packages/utils/.eslintrc.js" - }, - { - "/packages/utils/package.json": "/github/workspace/packages/utils/package.json" - }, - { - "/packages/eslint-config-team8/package.json": "/github/workspace/packages/eslint-config-team8/package.json" - }, - { - "/packages/eslint-config-team8/index.js": "/github/workspace/packages/eslint-config-team8/index.js" - }, - { - "/packages/types/tsconfig.json": "/github/workspace/packages/types/tsconfig.json" - }, - { - "/packages/types/.eslintrc.js": "/github/workspace/packages/types/.eslintrc.js" - }, - { - "/packages/types/package.json": "/github/workspace/packages/types/package.json" - }, - { - "/.vscode/settings.json": "/github/workspace/.vscode/settings.json" - }, - { - "/.devcontainer/devcontainer.json": "/github/workspace/.devcontainer/devcontainer.json" - } - ], - "good_finding": {}, - "missing_sec_header": { - "Web Security": [ - { - "description": "Content Security Policy (CSP), a mechanism web applications can use to mitigate a broad class of content injection vulnerabilities, such as cross-site scripting (XSS). CSP Header was not found.", - "tag": "web", - "title": "Missing Security Header - Content-Security-Policy (CSP)" - }, - { - "description": "X-Frame-Options (XFO) header provides protection against Clickjacking attacks.", - "tag": "web", - "title": "Missing Security Header - X-Frame-Options (XFO)" - }, - { - "description": "Strict-Transport-Security (HSTS) header enforces secure (HTTP over SSL/TLS) connections to the server.", - "tag": "web", - "title": "Missing Security Header - Strict-Transport-Security (HSTS)" - }, - { - "description": "Public-Key-Pins (HPKP) ensures that certificate is Pinned.", - "tag": "web", - "title": "Missing Security Header - Public-Key-Pins (HPKP)" - }, - { - "description": "X-XSS-Protection header set to 1 enables the Cross-site scripting (XSS) filter built into most recent web browsers.", - "tag": "web", - "title": "Missing Security Header - X-XSS-Protection:1" - }, - { - "description": "X-Content-Type-Options header prevents Internet Explorer and Google Chrome from MIME-sniffing a response away from the declared content-type.", - "tag": "web", - "title": "Missing Security Header - X-Content-Type-Options" - }, - { - "description": "X-Download-Options header set to noopen prevents IE users from directly opening and executing downloads in your site's context.", - "tag": "web", - "title": "Missing Security Header - X-Download-Options: noopen" - }, - { - "description": "JavaScript can access Cookies if they are not marked httpOnly.", - "tag": "web", - "title": "Missing 'httpOnly' in Cookie" - }, - { - "description": "Remove the X-Powered-By header to prevent information gathering.", - "tag": "web", - "title": "Information Disclosure - X-Powered-By" - } - ] - }, - "sec_issues": {}, - "total_count": { - "good": 0, - "mis": 9, - "sec": 0 - }, - "vuln_count": {} -} \ No newline at end of file diff --git a/docs/load_test_report/nodejsscan-report.sarif b/docs/load_test_report/nodejsscan-report.sarif deleted file mode 100644 index 6d4e128..0000000 --- a/docs/load_test_report/nodejsscan-report.sarif +++ /dev/null @@ -1,72 +0,0 @@ -{ - "runs": [ - { - "tool": { - "driver": { - "name": "Static security code scan by NodeJsScan" - } - }, - "conversion": { - "tool": { - "driver": { - "name": "@AppThreat/sast-scan" - } - }, - "invocation": { - "arguments": [ - "--output", - "/github/workspace/reports/nodejsscan-report.json", - "-d", - "/github/workspace" - ], - "executionSuccessful": true, - "commandLine": "--output /github/workspace/reports/nodejsscan-report.json -d /github/workspace", - "endTimeUtc": "2024-04-09T02:49:45Z", - "workingDirectory": { - "uri": "https://github.com/maingockien01/comp4350-team8/blob/60a64908477d396a400fdfe0f0cc6c4cc783c915" - } - } - }, - "invocations": [ - { - "executionSuccessful": true, - "endTimeUtc": "2024-04-09T02:49:45Z", - "workingDirectory": { - "uri": "https://github.com/maingockien01/comp4350-team8/blob/60a64908477d396a400fdfe0f0cc6c4cc783c915" - } - } - ], - "properties": { - "metrics": { - "total": 0, - "critical": 0, - "high": 0, - "medium": 0, - "low": 0 - } - }, - "results": [], - "automationDetails": { - "description": { - "text": "Static Analysis Security Test results using @AppThreat/sast-scan" - }, - "guid": "3fa0a760-5d0a-4dbe-98bf-69220bff7c88" - }, - "versionControlProvenance": [ - { - "branch": "main", - "repositoryUri": "https://github.com/maingockien01/comp4350-team8", - "revisionId": "60a64908477d396a400fdfe0f0cc6c4cc783c915" - } - ] - } - ], - "version": "2.1.0", - "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", - "inlineExternalProperties": [ - { - "guid": "3fa0a760-5d0a-4dbe-98bf-69220bff7c88", - "runGuid": "ad96f2f9-dd39-4c45-a6ec-076d7847ee34" - } - ] -} \ No newline at end of file diff --git a/docs/load_test_report/report_1712711710.0159616.html b/docs/load_test_report/report_1712711710.0159616.html new file mode 100644 index 0000000..4986662 --- /dev/null +++ b/docs/load_test_report/report_1712711710.0159616.html @@ -0,0 +1,277 @@ + + + + + + + + + Locust + + +
+ + + + + + \ No newline at end of file