Skip to content

Commit

Permalink
Merge pull request #922 from didebughu/main
Browse files Browse the repository at this point in the history 
🎨 add tool.json
  • Loading branch information
@cyw3
cyw3 authored Sep 20, 2023
2 parents 852ddb2 + 67f7215 commit ecb8382
Show file tree
Hide file tree
Showing 4 changed files with 1,097 additions and 0 deletions.
82 changes: 82 additions & 0 deletions server/projects/main/apps/scan_conf/management/commands/open_source/audit.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
[
{
"name": "audit",
"display_name": "Audit",
"description": "前端项目依赖分析工具,包含npm audit(v9.8.1)和yarn audit(v1.22.19)",
"license": "Artistic-2.0,BSD 2-Clause",
"libscheme_set": [],
"image_url": null,
"task_processes": [
"analyze",
"datahandle"
],
"scan_app": "codelint",
"scm_url": "Audit",
"run_cmd": "python3 main.py",
"envs": "python_version = 3",
"build_flag": false,
"checkrule_set": [
{
"real_name": "VUL_ERROR",
"display_name": "高危漏洞",
"severity": "error",
"category": "security",
"rule_title": "依赖组件存在高危漏洞",
"rule_params": null,
"custom": false,
"languages": [
"css",
"js",
"ts"
],
"solution": "依赖组件存在高危漏洞",
"owner": null,
"labels": [],
"description": "依赖组件存在高危漏洞",
"disable": false
},
{
"real_name": "VUL_INFO",
"display_name": "低危漏洞",
"severity": "info",
"category": "security",
"rule_title": "依赖组件存在低危漏洞",
"rule_params": null,
"custom": false,
"languages": [
"css",
"js",
"ts"
],
"solution": "依赖组件存在低危漏洞",
"owner": null,
"labels": [],
"description": "依赖组件存在低危漏洞",
"disable": false
},
{
"real_name": "VUL_WARN",
"display_name": "中危漏洞",
"severity": "warning",
"category": "security",
"rule_title": "依赖组件存在中危漏洞",
"rule_params": null,
"custom": false,
"languages": [
"css",
"js",
"ts"
],
"solution": "依赖组件存在中危漏洞",
"owner": null,
"labels": [],
"description": "依赖组件存在中危漏洞",
"disable": false
}
],
"open_user": true,
"open_saas": false,
"virtual_name": "238",
"show_display_name": true
}
]
42 changes: 42 additions & 0 deletions server/projects/main/apps/scan_conf/management/commands/open_source/govulncheck.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
[
{
"name": "govulncheck",
"display_name": "Govulncheck",
"description": "Govulncheck reports known vulnerabilities that affect Go code. It uses static analysis of source code or a binary's symbol table to narrow down reports to only those that could affect the application.",
"license": "BSD-3-Clause license",
"libscheme_set": [],
"image_url": null,
"task_processes": [
"analyze",
"datahandle"
],
"scan_app": "codelint",
"scm_url": "tca-govulncheck",
"run_cmd": "python src/main.py",
"envs": "python_version=3",
"build_flag": false,
"checkrule_set": [
{
"real_name": "GO-Vulnerability",
"display_name": "GO-Vulnerability",
"severity": "error",
"category": "security",
"rule_title": "参考链接https://pkg.go.dev/vuln/list",
"rule_params": null,
"custom": false,
"languages": [
"Go"
],
"solution": "Option 1: Upgrade to a fixed version. If there is a fix available, we can remove a vulnerable dependency by upgrading to a fixed version of the module.\nOption 2: Stop using the vulnerable symbol(s). We could choose to remove all calls to the vulnerable function in our code. We would need to find an alternative or implement it ourselves.",
"owner": null,
"labels": [],
"description": "参考链接https://pkg.go.dev/vuln/list",
"disable": false
}
],
"open_user": true,
"open_saas": false,
"virtual_name": "237",
"show_display_name": true
}
]
115 changes: 115 additions & 0 deletions server/projects/main/apps/scan_conf/management/commands/open_source/trivy.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,115 @@
[
{
"name": "trivy",
"display_name": "Trivy",
"description": "Trivy is a comprehensive and versatile security scanner. Trivy has scanners that look for security issues, and targets where it can find those issues.",
"license": "Apache-2.0 license",
"libscheme_set": [],
"image_url": null,
"task_processes": [
"analyze",
"datahandle"
],
"scan_app": "codelint",
"scm_url": "trivy",
"run_cmd": "python3 main.py",
"envs": "python_version = 3",
"build_flag": false,
"checkrule_set": [
{
"real_name": "SEC_ERROR",
"display_name": "高危敏感信息",
"severity": "error",
"category": "security",
"rule_title": "存在高危敏感信息",
"rule_params": null,
"custom": false,
"languages": [],
"solution": "存在高危敏感信息,请排查是否存在泄露",
"owner": "kylinye",
"labels": [],
"description": "存在高危敏感信息",
"disable": false
},
{
"real_name": "SEC_INFO",
"display_name": "低危敏感信息",
"severity": "info",
"category": "security",
"rule_title": "存在低危敏感信息",
"rule_params": null,
"custom": false,
"languages": [],
"solution": "存在低危敏感信息,请排查是否存在泄露",
"owner": "kylinye",
"labels": [],
"description": "存在低危敏感信息",
"disable": false
},
{
"real_name": "SEC_WARN",
"display_name": "中危敏感信息",
"severity": "warning",
"category": "security",
"rule_title": "存在中危敏感信息",
"rule_params": null,
"custom": false,
"languages": [],
"solution": "存在中危敏感信息,请排查是否存在泄露",
"owner": "kylinye",
"labels": [],
"description": "存在中危敏感信息",
"disable": false
},
{
"real_name": "VUL_ERROR",
"display_name": "高危漏洞",
"severity": "error",
"category": "security",
"rule_title": "依赖组件存在高危漏洞",
"rule_params": null,
"custom": false,
"languages": [],
"solution": "依赖组件存在高危漏洞",
"owner": "kylinye",
"labels": [],
"description": "依赖组件存在高危漏洞",
"disable": false
},
{
"real_name": "VUL_INFO",
"display_name": "低危漏洞",
"severity": "info",
"category": "security",
"rule_title": "依赖组件存在低危漏洞",
"rule_params": null,
"custom": false,
"languages": [],
"solution": "依赖组件存在低危漏洞",
"owner": "kylinye",
"labels": [],
"description": "依赖组件存在低危漏洞",
"disable": false
},
{
"real_name": "VUL_WARN",
"display_name": "中危漏洞",
"severity": "warning",
"category": "security",
"rule_title": "依赖组件存在中危漏洞",
"rule_params": null,
"custom": false,
"languages": [],
"solution": "依赖组件存在中危漏洞",
"owner": "kylinye",
"labels": [],
"description": "依赖组件存在中危漏洞",
"disable": false
}
],
"open_user": true,
"open_saas": false,
"virtual_name": "241",
"show_display_name": true
}
]
Loading

0 comments on commit ecb8382

Please sign in to comment.