From 3ea86ced26439c2ec5beba31412b6c4cf2a00f17 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 17 Sep 2024 12:51:14 +0300 Subject: [PATCH 001/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods.go | 169 ++++++++++++++++++ .../audit/sca/cocoapods/cocoapods_test.go | 1 + commands/audit/scarunner.go | 3 + go.mod | 12 +- go.sum | 18 +- utils/resultstable.go | 11 +- utils/techutils/techutils.go | 91 +++++----- 7 files changed, 243 insertions(+), 62 deletions(-) create mode 100644 commands/audit/sca/cocoapods/cocoapods.go create mode 100644 commands/audit/sca/cocoapods/cocoapods_test.go diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go new file mode 100644 index 00000000..898161c3 --- /dev/null +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -0,0 +1,169 @@ +package cocoapods + +import ( + "errors" + "fmt" + "github.com/jfrog/gofrog/datastructures" + "github.com/jfrog/jfrog-cli-core/v2/artifactory/commands/cocoapods" + "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" + "github.com/jfrog/jfrog-cli-security/utils" + xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" + "github.com/owenrumney/go-sarif/v2/sarif" + "os" + "path" + "path/filepath" + "regexp" + "strings" +) + +const ( + VersionForMainModule = "0.0.0" +) + +var ( + mainDepRegex = regexp.MustCompile(`^- ([\w/+.\-]+) \(([\d.]+)\)`) + subDepRegex = regexp.MustCompile(`^\s{2}- ([\w/+.\-]+)`) + versionRegex = regexp.MustCompile(`\((\d+(\.\d+){0,2})\)`) +) + +func GetTechDependencyLocation(directDependencyName, directDependencyVersion, descriptorPath string) ([]*sarif.Location, error) { + return nil, nil +} + +func FixTechDependency(dependencyName, dependencyVersion, fixVersion, descriptorPath string) error { + path.Clean(descriptorPath) + _, err := os.ReadFile(descriptorPath) + if err != nil { + return fmt.Errorf("could not find file "+descriptorPath, err) + } + return nil +} + +func GetPackageName(longPkgName string) string { + if strings.Contains(longPkgName, "/") { + splitNameParts := strings.Split(longPkgName, "/") + longPkgName = splitNameParts[0] + } + return longPkgName +} + +func GetPodDependenciesGraph(data string) (map[string][]string, map[string]string) { + var currentMainDep string + lines := strings.Split(data, "\n") + dependencyMap := make(map[string][]string, len(lines)) + versionMap := make(map[string]string, len(lines)) + for _, line := range lines { + line = strings.Replace(line, "\"", "", -1) + mainDepMatch := mainDepRegex.FindStringSubmatch(line) + if len(mainDepMatch) == 3 { + versionMatch := versionRegex.FindStringSubmatch(line) + currentMainDep = GetPackageName(mainDepMatch[1]) + _, ok := dependencyMap[currentMainDep] + if !ok { + dependencyMap[currentMainDep] = []string{} + versionMap[currentMainDep] = versionMatch[1] + } + continue + } + subDepMatch := subDepRegex.FindStringSubmatch(line) + if len(subDepMatch) == 2 && currentMainDep != "" { + subDependency := subDepMatch[1] + if subDependency == GetPackageName(subDependency) { + dependencyMap[currentMainDep] = append(dependencyMap[currentMainDep], subDependency) + } + } + } + return dependencyMap, versionMap +} + +func GetDependenciesData(exePath, currentDir string) (string, error) { + result, _, err := cocoapods.RunPodCmd(exePath, currentDir, []string{"dependencies"}) + if err != nil { + return "", err + } + return string(result), nil +} + +func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) { + currentDir, err := coreutils.GetWorkingDirectory() + if err != nil { + return + } + + clearResolutionServerFunc, err := configPodResolutionServerIfNeeded(params) + if err != nil { + err = fmt.Errorf("failed while configuring a resolution server: %s", err.Error()) + return + } + defer func() { + if clearResolutionServerFunc != nil { + err = errors.Join(err, clearResolutionServerFunc()) + } + }() + + packageName := filepath.Base(currentDir) + packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule) + _, podExecutablePath, err := cocoapods.GetPodVersionAndExecPath() + if err != nil { + err = fmt.Errorf("failed while retrieving pod path: %s", err.Error()) + return + } + // Calculate pod dependencies + data, err := GetDependenciesData(podExecutablePath, currentDir) + if err != nil { + return + } + uniqueDepsSet := datastructures.MakeSet[string]() + dependenciesGraph, versionMap := GetPodDependenciesGraph(data) + for key, _ := range dependenciesGraph { + if key != packageName { + dependenciesGraph[packageName] = append(dependenciesGraph[packageName], key) + } + } + versionMap[packageName] = VersionForMainModule + rootNode := &xrayUtils.GraphNode{ + Id: utils.CocoapodsPackageTypeIdentifier + packageInfo, + Nodes: []*xrayUtils.GraphNode{}, + } + // Parse the dependencies into Xray dependency tree format + parsePodDependenciesList(rootNode, dependenciesGraph, versionMap, uniqueDepsSet) + dependencyTree = []*xrayUtils.GraphNode{rootNode} + uniqueDeps = uniqueDepsSet.ToSlice() + return +} + +// Generates a .netrc file to configure an Artifactory server as the resolver server. +func configPodResolutionServerIfNeeded(params utils.AuditParams) (clearResolutionServerFunc func() error, err error) { + // If we don't have an artifactory repo's name we don't need to configure any Artifactory server as resolution server + if params.DepsRepo() == "" { + return + } + + serverDetails, err := params.ServerDetails() + if err != nil { + return + } + + clearResolutionServerFunc, err = cocoapods.SetArtifactoryAsResolutionServer(serverDetails, params.DepsRepo()) + return +} + +// Parse the dependencies into an Xray dependency tree format +func parsePodDependenciesList(currNode *xrayUtils.GraphNode, dependenciesGraph map[string][]string, versionMap map[string]string, uniqueDepsSet *datastructures.Set[string]) { + if currNode.NodeHasLoop() { + return + } + uniqueDepsSet.Add(currNode.Id) + pkgName := strings.Split(strings.TrimPrefix(currNode.Id, utils.CocoapodsPackageTypeIdentifier), ":")[0] + currDepChildren := dependenciesGraph[pkgName] + for _, childName := range currDepChildren { + fullChildName := fmt.Sprintf("%s:%s", childName, versionMap[childName]) + childNode := &xrayUtils.GraphNode{ + Id: utils.CocoapodsPackageTypeIdentifier + fullChildName, + Nodes: []*xrayUtils.GraphNode{}, + Parent: currNode, + } + currNode.Nodes = append(currNode.Nodes, childNode) + parsePodDependenciesList(childNode, dependenciesGraph, versionMap, uniqueDepsSet) + } +} diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go new file mode 100644 index 00000000..85fc4225 --- /dev/null +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -0,0 +1 @@ +package cocoapods diff --git a/commands/audit/scarunner.go b/commands/audit/scarunner.go index 14d203d6..c1a57623 100644 --- a/commands/audit/scarunner.go +++ b/commands/audit/scarunner.go @@ -4,6 +4,7 @@ import ( "encoding/json" "errors" "fmt" + "github.com/jfrog/jfrog-cli-security/commands/audit/sca/cocoapods" "github.com/jfrog/build-info-go/utils/pythonutils" "github.com/jfrog/jfrog-client-go/utils/io/fileutils" @@ -263,6 +264,8 @@ func GetTechDependencyTree(params xrayutils.AuditParams, artifactoryServerDetail }) case techutils.Nuget: depTreeResult.FullDepTrees, uniqueDeps, err = nuget.BuildDependencyTree(params) + case techutils.Cocoapods: + depTreeResult.FullDepTrees, uniqueDeps, err = cocoapods.BuildDependencyTree(params) default: err = errorutils.CheckErrorf("%s is currently not supported", string(tech)) } diff --git a/go.mod b/go.mod index 968585d5..48c8d3b7 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/jfrog/jfrog-cli-security -go 1.22.3 +go 1.22.7 require ( github.com/beevik/etree v1.4.0 @@ -16,7 +16,7 @@ require ( github.com/owenrumney/go-sarif/v2 v2.3.0 github.com/stretchr/testify v1.9.0 github.com/urfave/cli v1.22.15 - golang.org/x/exp v0.0.0-20240904232852-e7e105dedf7e + golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 golang.org/x/sync v0.8.0 golang.org/x/text v0.18.0 gopkg.in/yaml.v3 v3.0.1 @@ -101,20 +101,20 @@ require ( go.uber.org/atomic v1.9.0 // indirect go.uber.org/multierr v1.9.0 // indirect golang.org/x/crypto v0.27.0 // indirect - golang.org/x/mod v0.20.0 // indirect - golang.org/x/net v0.28.0 // indirect + golang.org/x/mod v0.21.0 // indirect + golang.org/x/net v0.29.0 // indirect golang.org/x/oauth2 v0.18.0 // indirect golang.org/x/sys v0.25.0 // indirect golang.org/x/term v0.24.0 // indirect golang.org/x/time v0.5.0 // indirect - golang.org/x/tools v0.24.0 // indirect + golang.org/x/tools v0.25.0 // indirect google.golang.org/appengine v1.6.8 // indirect google.golang.org/protobuf v1.33.0 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect ) -// replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 dev +replace github.com/jfrog/jfrog-cli-core/v2 => ../jfrog-cli-core // replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go dev diff --git a/go.sum b/go.sum index f1ab8899..c3137568 100644 --- a/go.sum +++ b/go.sum @@ -898,8 +898,6 @@ github.com/jfrog/gofrog v1.7.6 h1:QmfAiRzVyaI7JYGsB7cxfAJePAZTzFz0gRWZSE27c6s= github.com/jfrog/gofrog v1.7.6/go.mod h1:ntr1txqNOZtHplmaNd7rS4f8jpA5Apx8em70oYEe7+4= github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY= github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w= -github.com/jfrog/jfrog-cli-core/v2 v2.55.7 h1:V4dO2FMNIH49lov3dMj3jYRg8KBTG7hyhHI8ftYByf8= -github.com/jfrog/jfrog-cli-core/v2 v2.55.7/go.mod h1:DPO5BfWAeOByahFMMy+PcjmbPlcyoRy7Bf2C5sGKVi0= github.com/jfrog/jfrog-client-go v1.46.2 h1:1rk7PliYGc7zVSFVE2/RO77JOR1KdEtr28os8GQiLyI= github.com/jfrog/jfrog-client-go v1.46.2/go.mod h1:qtQ9ML8xrRJmUwU/t6QRsov7C5mIZndTDY3qulgB5hA= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= @@ -1140,8 +1138,8 @@ golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= golang.org/x/exp v0.0.0-20220827204233-334a2380cb91/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE= -golang.org/x/exp v0.0.0-20240904232852-e7e105dedf7e h1:I88y4caeGeuDQxgdoFPUq097j7kNfw6uvuiNxUBfcBk= -golang.org/x/exp v0.0.0-20240904232852-e7e105dedf7e/go.mod h1:akd2r19cwCdwSwWeIdzYQGa/EZZyqcOdwWiwj5L5eKQ= +golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 h1:e66Fs6Z+fZTbFBAxKfP3PALWBtpfqks2bwGcexMxgtk= +golang.org/x/exp v0.0.0-20240909161429-701f63a606c0/go.mod h1:2TbTHSBQa924w8M6Xs1QcRcFwyucIwBGpK1p2f1YFFY= golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= @@ -1184,8 +1182,8 @@ golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91 golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.20.0 h1:utOm6MM3R3dnawAiJgn0y+xvuYRsm1RKM/4giyfDgV0= -golang.org/x/mod v0.20.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0= +golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1247,8 +1245,8 @@ golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= -golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= -golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= +golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo= +golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1495,8 +1493,8 @@ golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= -golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24= -golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ= +golang.org/x/tools v0.25.0 h1:oFU9pkj/iJgs+0DT+VMHrx+oBKs/LJMV+Uvg78sl+fE= +golang.org/x/tools v0.25.0/go.mod h1:/vtpO8WL1N9cQC3FN5zPqb//fRXskFHbLKk4OW1Q7rg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/utils/resultstable.go b/utils/resultstable.go index 08b2ef96..3b3e3704 100644 --- a/utils/resultstable.go +++ b/utils/resultstable.go @@ -25,11 +25,12 @@ import ( ) const ( - rootIndex = 0 - directDependencyIndex = 1 - directDependencyPathLength = 2 - nodeModules = "node_modules" - NpmPackageTypeIdentifier = "npm://" + rootIndex = 0 + directDependencyIndex = 1 + directDependencyPathLength = 2 + nodeModules = "node_modules" + NpmPackageTypeIdentifier = "npm://" + CocoapodsPackageTypeIdentifier = "cocoapods://" ) // PrintViolationsTable prints the violations in 4 tables: security violations, license compliance violations, operational risk violations and ignore rule URLs. diff --git a/utils/techutils/techutils.go b/utils/techutils/techutils.go index cb537e60..0fb922bc 100644 --- a/utils/techutils/techutils.go +++ b/utils/techutils/techutils.go @@ -24,47 +24,50 @@ import ( type Technology string const ( - Maven Technology = "maven" - Gradle Technology = "gradle" - Npm Technology = "npm" - Pnpm Technology = "pnpm" - Yarn Technology = "yarn" - Go Technology = "go" - Pip Technology = "pip" - Pipenv Technology = "pipenv" - Poetry Technology = "poetry" - Nuget Technology = "nuget" - Dotnet Technology = "dotnet" - Docker Technology = "docker" - Oci Technology = "oci" - Conan Technology = "conan" + Maven Technology = "maven" + Gradle Technology = "gradle" + Npm Technology = "npm" + Pnpm Technology = "pnpm" + Yarn Technology = "yarn" + Go Technology = "go" + Pip Technology = "pip" + Pipenv Technology = "pipenv" + Poetry Technology = "poetry" + Nuget Technology = "nuget" + Dotnet Technology = "dotnet" + Docker Technology = "docker" + Oci Technology = "oci" + Conan Technology = "conan" + Cocoapods Technology = "cocoapods" ) const Pypi = "pypi" type CodeLanguage string const ( - JavaScript CodeLanguage = "javascript" - Python CodeLanguage = "python" - GoLang CodeLanguage = "go" - Java CodeLanguage = "java" - CSharp CodeLanguage = "C#" - CPP CodeLanguage = "C++" + JavaScript CodeLanguage = "javascript" + Python CodeLanguage = "python" + GoLang CodeLanguage = "go" + Java CodeLanguage = "java" + CSharp CodeLanguage = "C#" + CPP CodeLanguage = "C++" + CocoapodsLang CodeLanguage = "any" ) // Associates a technology with project type (used in config commands for the package-managers). // Docker is not present, as there is no docker-config command and, consequently, no docker.yaml file we need to operate on. var TechToProjectType = map[Technology]project.ProjectType{ - Maven: project.Maven, - Gradle: project.Gradle, - Npm: project.Npm, - Yarn: project.Yarn, - Go: project.Go, - Pip: project.Pip, - Pipenv: project.Pipenv, - Poetry: project.Poetry, - Nuget: project.Nuget, - Dotnet: project.Dotnet, + Maven: project.Maven, + Gradle: project.Gradle, + Npm: project.Npm, + Yarn: project.Yarn, + Go: project.Go, + Pip: project.Pip, + Pipenv: project.Pipenv, + Poetry: project.Poetry, + Nuget: project.Nuget, + Dotnet: project.Dotnet, + Cocoapods: project.Cocoapods, } type TechData struct { @@ -174,6 +177,11 @@ var technologiesData = map[Technology]TechData{ packageDescriptors: []string{"conanfile.txt", "conanfile.py "}, formal: "Conan", }, + Cocoapods: { + indicators: []string{"Podfile"}, + packageDescriptors: []string{"Podfile"}, + formal: "Cocoapods", + }, } var ( @@ -203,17 +211,18 @@ func pyProjectTomlIndicatorContent(tech Technology) ContentValidator { func TechnologyToLanguage(technology Technology) CodeLanguage { languageMap := map[Technology]CodeLanguage{ - Npm: JavaScript, - Pip: Python, - Poetry: Python, - Pipenv: Python, - Go: GoLang, - Maven: Java, - Gradle: Java, - Nuget: CSharp, - Dotnet: CSharp, - Yarn: JavaScript, - Pnpm: JavaScript, + Npm: JavaScript, + Pip: Python, + Poetry: Python, + Pipenv: Python, + Go: GoLang, + Maven: Java, + Gradle: Java, + Nuget: CSharp, + Dotnet: CSharp, + Yarn: JavaScript, + Pnpm: JavaScript, + Cocoapods: CocoapodsLang, } return languageMap[technology] } From 606169ee965a0aed407cd1c4f0c7ebe601afc4ca Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 18 Sep 2024 14:36:19 +0300 Subject: [PATCH 002/111] fixes --- commands/audit/sca/cocoapods/cocoapods.go | 39 +++++++++++++++++------ utils/techutils/techutils.go | 4 +-- 2 files changed, 31 insertions(+), 12 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index 898161c3..df392393 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -10,7 +10,6 @@ import ( xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" "github.com/owenrumney/go-sarif/v2/sarif" "os" - "path" "path/filepath" "regexp" "strings" @@ -21,8 +20,8 @@ const ( ) var ( - mainDepRegex = regexp.MustCompile(`^- ([\w/+.\-]+) \(([\d.]+)\)`) - subDepRegex = regexp.MustCompile(`^\s{2}- ([\w/+.\-]+)`) + mainDepRegex = regexp.MustCompile(`- ([\w/+.\-]+) \(([\d.]+)\)`) + subDepRegex = regexp.MustCompile(`\s{2}- ([\w/+.\-]+)`) versionRegex = regexp.MustCompile(`\((\d+(\.\d+){0,2})\)`) ) @@ -31,11 +30,6 @@ func GetTechDependencyLocation(directDependencyName, directDependencyVersion, de } func FixTechDependency(dependencyName, dependencyVersion, fixVersion, descriptorPath string) error { - path.Clean(descriptorPath) - _, err := os.ReadFile(descriptorPath) - if err != nil { - return fmt.Errorf("could not find file "+descriptorPath, err) - } return nil } @@ -76,12 +70,37 @@ func GetPodDependenciesGraph(data string) (map[string][]string, map[string]strin return dependencyMap, versionMap } +func extractPodsSection(filePath string) (string, error) { + data, err := os.ReadFile(filePath) + if err != nil { + return "", err + } + content := string(data) + startIndex := strings.Index(content, "PODS:") + if startIndex == -1 { + return "", fmt.Errorf("PODS: section not found") + } + subContent := content[startIndex:] + endIndex := strings.Index(subContent, "DEPENDENCIES:") + if endIndex == -1 { + endIndex = strings.Index(subContent, "SPEC REPOS:") + } + if endIndex != -1 { + subContent = subContent[:endIndex] + } + return subContent, nil +} + func GetDependenciesData(exePath, currentDir string) (string, error) { - result, _, err := cocoapods.RunPodCmd(exePath, currentDir, []string{"dependencies"}) + _, _, err := cocoapods.RunPodCmd(exePath, currentDir, []string{"install"}) + if err != nil { + return "", err + } + result, err := extractPodsSection(filepath.Join(currentDir, "Podfile.lock")) if err != nil { return "", err } - return string(result), nil + return result, nil } func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) { diff --git a/utils/techutils/techutils.go b/utils/techutils/techutils.go index 0fb922bc..bbd884ad 100644 --- a/utils/techutils/techutils.go +++ b/utils/techutils/techutils.go @@ -178,8 +178,8 @@ var technologiesData = map[Technology]TechData{ formal: "Conan", }, Cocoapods: { - indicators: []string{"Podfile"}, - packageDescriptors: []string{"Podfile"}, + indicators: []string{"Podfile", "Podfile.lock"}, + packageDescriptors: []string{"Podfile", "Podfile.lock"}, formal: "Cocoapods", }, } From fc6df1794b26ae43e38b00b3e84c169b2ccc9fa6 Mon Sep 17 00:00:00 2001 From: barv Date: Sun, 29 Sep 2024 11:48:17 +0300 Subject: [PATCH 003/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods.go | 49 +- .../audit/sca/cocoapods/cocoapods_test.go | 63 +++ .../package-managers/cocoapods/Podfile | 7 + .../package-managers/cocoapods/Podfile.lock | 35 ++ .../cocoapods/Test.xcodeproj/project.pbxproj | 529 ++++++++++++++++++ 5 files changed, 680 insertions(+), 3 deletions(-) create mode 100644 tests/testdata/projects/package-managers/cocoapods/Podfile create mode 100644 tests/testdata/projects/package-managers/cocoapods/Podfile.lock create mode 100644 tests/testdata/projects/package-managers/cocoapods/Test.xcodeproj/project.pbxproj diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index df392393..16decb11 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -6,10 +6,12 @@ import ( "github.com/jfrog/gofrog/datastructures" "github.com/jfrog/jfrog-cli-core/v2/artifactory/commands/cocoapods" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" + "github.com/jfrog/jfrog-cli-security/formats/sarifutils" "github.com/jfrog/jfrog-cli-security/utils" xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" "github.com/owenrumney/go-sarif/v2/sarif" "os" + "path" "path/filepath" "regexp" "strings" @@ -25,11 +27,52 @@ var ( versionRegex = regexp.MustCompile(`\((\d+(\.\d+){0,2})\)`) ) -func GetTechDependencyLocation(directDependencyName, directDependencyVersion, descriptorPath string) ([]*sarif.Location, error) { - return nil, nil +func GetTechDependencyLocation(directDependencyName, directDependencyVersion string, descriptorPaths ...string) ([]*sarif.Location, error) { + var podPositions []*sarif.Location + for _, descriptorPath := range descriptorPaths { + path.Clean(descriptorPath) + if !strings.HasSuffix(descriptorPath, "Podfile") { + return nil, errors.ErrUnsupported + } + data, err := os.ReadFile(descriptorPath) + if err != nil { + return nil, err + } + lines := strings.Split(string(data), "\n") + var startLine, startCol, endLine, endCol int + foundDependency := false + for i, line := range lines { + if strings.Contains(line, directDependencyName) { + startLine = i + startCol = strings.Index(line, directDependencyName) + foundDependency = true + } + if foundDependency && strings.Contains(line, directDependencyVersion) { + endLine = i + endCol = len(line) + var snippet string + if endLine == startLine { + snippet = lines[startLine][startCol:endCol] + } else { + for snippetLine := range endLine - startLine + 1 { + if snippetLine == 0 { + snippet += "\n" + lines[snippetLine][startLine:] + } else if snippetLine == endLine-startLine { + snippet += "\n" + lines[snippetLine][:endCol] + } else { + snippet += "\n" + lines[snippetLine] + } + } + } + podPositions = append(podPositions, sarifutils.CreateLocation(descriptorPath, startLine, endLine, startCol, endCol, snippet)) + foundDependency = false + } + } + } + return podPositions, nil } -func FixTechDependency(dependencyName, dependencyVersion, fixVersion, descriptorPath string) error { +func FixTechDependency(dependencyName, dependencyVersion, fixVersion string, descriptorPath ...string) error { return nil } diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index 85fc4225..4fb54399 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -1 +1,64 @@ package cocoapods + +import ( + "fmt" + "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" + "github.com/jfrog/jfrog-cli-core/v2/utils/tests" + "path/filepath" + "testing" + + "github.com/jfrog/jfrog-cli-core/v2/utils/config" + "github.com/jfrog/jfrog-cli-security/commands/audit/sca" + xrayutils "github.com/jfrog/jfrog-cli-security/utils" + + "github.com/stretchr/testify/assert" +) + +func TestBuildGoDependencyList(t *testing.T) { + // Create and change directory to test workspace + _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "cocoapods")) + defer cleanUp() + + // Run getModulesDependencyTrees + server := &config.ServerDetails{ + Url: "https://api.cocoapods.here", + ArtifactoryUrl: "https://api.cocoapods.here/artifactory", + User: "user", + AccessToken: "sdsdccs2232", + } + currentDir, err := coreutils.GetWorkingDirectory() + packageName := filepath.Base(currentDir) + packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule) + expectedUniqueDeps := []string{ + xrayutils.CocoapodsPackageTypeIdentifier + "AppAuth:1.7.5", + xrayutils.CocoapodsPackageTypeIdentifier + "GoogleSignIn:6.2.4", + xrayutils.CocoapodsPackageTypeIdentifier + "GTMAppAuth:1.3.1", + xrayutils.CocoapodsPackageTypeIdentifier + "GTMSessionFetcher:2.3.0", + xrayutils.CocoapodsPackageTypeIdentifier + packageInfo, + } + + auditBasicParams := (&xrayutils.AuditBasicParams{}).SetServerDetails(server) + rootNode, uniqueDeps, err := BuildDependencyTree(auditBasicParams) + assert.NoError(t, err) + assert.ElementsMatch(t, uniqueDeps, expectedUniqueDeps, "First is actual, Second is Expected") + assert.NotEmpty(t, rootNode) + + assert.Equal(t, rootNode[0].Id, xrayutils.CocoapodsPackageTypeIdentifier+packageInfo) + assert.Len(t, rootNode[0].Nodes, 4) + + child1 := tests.GetAndAssertNode(t, rootNode[0].Nodes, "GTMSessionFetcher:2.3.0") + assert.Len(t, child1.Nodes, 0) + + child2 := tests.GetAndAssertNode(t, rootNode[0].Nodes, "GoogleSignIn:6.2.4") + assert.Len(t, child2.Nodes, 2) +} + +func TestGetTechDependencyLocation(t *testing.T) { + _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "cocoapods")) + defer cleanUp() + currentDir, err := coreutils.GetWorkingDirectory() + assert.NoError(t, err) + locations, err := GetTechDependencyLocation("AppAuth", "1.7.5", filepath.Join(currentDir, "Podfile.lock")) + assert.NoError(t, err) + fmt.Println(locations) +} diff --git a/tests/testdata/projects/package-managers/cocoapods/Podfile b/tests/testdata/projects/package-managers/cocoapods/Podfile new file mode 100644 index 00000000..4b874538 --- /dev/null +++ b/tests/testdata/projects/package-managers/cocoapods/Podfile @@ -0,0 +1,7 @@ +platform :ios, '9.0' + +target 'Test' do + use_frameworks! +pod 'GoogleSignIn' + +end \ No newline at end of file diff --git a/tests/testdata/projects/package-managers/cocoapods/Podfile.lock b/tests/testdata/projects/package-managers/cocoapods/Podfile.lock new file mode 100644 index 00000000..52f4bcbb --- /dev/null +++ b/tests/testdata/projects/package-managers/cocoapods/Podfile.lock @@ -0,0 +1,35 @@ +PODS: + - AppAuth (1.7.5): + - AppAuth/Core (= 1.7.5) + - AppAuth/ExternalUserAgent (= 1.7.5) + - AppAuth/Core (1.7.5) + - AppAuth/ExternalUserAgent (1.7.5): + - AppAuth/Core + - GoogleSignIn (6.2.4): + - AppAuth (~> 1.5) + - GTMAppAuth (~> 1.3) + - GTMSessionFetcher/Core (< 3.0, >= 1.1) + - GTMAppAuth (1.3.1): + - AppAuth/Core (~> 1.6) + - GTMSessionFetcher/Core (< 3.0, >= 1.5) + - GTMSessionFetcher/Core (2.3.0) + +DEPENDENCIES: + - GoogleSignIn + +SPEC REPOS: + trunk: + - AppAuth + - GoogleSignIn + - GTMAppAuth + - GTMSessionFetcher + +SPEC CHECKSUMS: + AppAuth: 501c04eda8a8d11f179dbe8637b7a91bb7e5d2fa + GoogleSignIn: 5651ce3a61e56ca864160e79b484cd9ed3f49b7a + GTMAppAuth: 0ff230db599948a9ad7470ca667337803b3fc4dd + GTMSessionFetcher: 3a63d75eecd6aa32c2fc79f578064e1214dfdec2 + +PODFILE CHECKSUM: 9a72df5964257b4fba6943aeff4eadc48f8ad808 + +COCOAPODS: 1.15.2 diff --git a/tests/testdata/projects/package-managers/cocoapods/Test.xcodeproj/project.pbxproj b/tests/testdata/projects/package-managers/cocoapods/Test.xcodeproj/project.pbxproj new file mode 100644 index 00000000..049d42ff --- /dev/null +++ b/tests/testdata/projects/package-managers/cocoapods/Test.xcodeproj/project.pbxproj @@ -0,0 +1,529 @@ +// !$*UTF8*$! +{ + archiveVersion = 1; + classes = { + }; + objectVersion = 50; + objects = { + +/* Begin PBXBuildFile section */ + 88AE4B8E01AFFF3A45DC9B88 /* Pods_Test.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 474904C1D18515D2338FE798 /* Pods_Test.framework */; }; + D50D70A420B9443D00F9D88B /* GoogleService-Info.plist in Resources */ = {isa = PBXBuildFile; fileRef = D50D70A320B9443D00F9D88B /* GoogleService-Info.plist */; }; + D5418B3220B9A02A001D620C /* google1.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2B20B9A027001D620C /* google1.png */; }; + D5418B3320B9A02A001D620C /* fb2.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2C20B9A027001D620C /* fb2.png */; }; + D5418B3420B9A02A001D620C /* signup.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2D20B9A028001D620C /* signup.png */; }; + D5418B3520B9A02A001D620C /* fb1.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2E20B9A028001D620C /* fb1.png */; }; + D5418B3620B9A02A001D620C /* fb3.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2F20B9A029001D620C /* fb3.png */; }; + D5418B3720B9A02A001D620C /* google2.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3020B9A029001D620C /* google2.png */; }; + D5418B3820B9A02A001D620C /* home.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3120B9A029001D620C /* home.png */; }; + D5418B3B20B9A512001D620C /* firebase1.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3920B9A512001D620C /* firebase1.png */; }; + D5418B3C20B9A512001D620C /* firebase2.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3A20B9A512001D620C /* firebase2.png */; }; + D5418B3E20B9A938001D620C /* swiftxcode.jpg in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3D20B9A938001D620C /* swiftxcode.jpg */; }; + D54BB52720B54ACF0085C370 /* FirebaseViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D54BB52620B54ACF0085C370 /* FirebaseViewController.swift */; }; + D5D3F10D20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D3F10C20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift */; }; + D5D4807920AEF552004F5ADF /* AppDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4807820AEF552004F5ADF /* AppDelegate.swift */; }; + D5D4807B20AEF552004F5ADF /* LoginViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4807A20AEF552004F5ADF /* LoginViewController.swift */; }; + D5D4807E20AEF552004F5ADF /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = D5D4807C20AEF552004F5ADF /* Main.storyboard */; }; + D5D4808020AEF555004F5ADF /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = D5D4807F20AEF555004F5ADF /* Assets.xcassets */; }; + D5D4808320AEF555004F5ADF /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = D5D4808120AEF555004F5ADF /* LaunchScreen.storyboard */; }; + D5D4809420B2A9B6004F5ADF /* SignupViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4809320B2A9B6004F5ADF /* SignupViewController.swift */; }; + D5D4809620B2CEB8004F5ADF /* BaseViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4809520B2CEB8004F5ADF /* BaseViewController.swift */; }; + D5D4809D20B3E95D004F5ADF /* LoginMain.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = D5D4809C20B3E95D004F5ADF /* LoginMain.storyboard */; }; + D5D4809F20B3FB67004F5ADF /* CustomCollectionViewCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4809E20B3FB67004F5ADF /* CustomCollectionViewCell.swift */; }; + D5D480A120B3FBBF004F5ADF /* MainCollectionViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D480A020B3FBBF004F5ADF /* MainCollectionViewController.swift */; }; + D5FDF0F720B7EE5E00D68D8D /* SocialAuthenticator.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5FDF0F620B7EE5E00D68D8D /* SocialAuthenticator.swift */; }; + D5FDF0FA20B8263500D68D8D /* ResponseDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5FDF0F920B8263500D68D8D /* ResponseDelegate.swift */; }; + D5FDF0FC20B8266100D68D8D /* SocialDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5FDF0FB20B8266100D68D8D /* SocialDelegate.swift */; }; +/* End PBXBuildFile section */ + +/* Begin PBXFileReference section */ + 474904C1D18515D2338FE798 /* Pods_Test.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Pods_Test.framework; sourceTree = BUILT_PRODUCTS_DIR; }; + 64BF18EB7EA0A352287C2039 /* Pods-Test.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Test.debug.xcconfig"; path = "Pods/Target Support Files/Pods-Test/Pods-Test.debug.xcconfig"; sourceTree = ""; }; + C84725ECA8AC99708758BF82 /* Pods-Test.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Test.release.xcconfig"; path = "Pods/Target Support Files/Pods-Test/Pods-Test.release.xcconfig"; sourceTree = ""; }; + D50D70A320B9443D00F9D88B /* GoogleService-Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = "GoogleService-Info.plist"; sourceTree = ""; }; + D5418B2B20B9A027001D620C /* google1.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = google1.png; sourceTree = ""; }; + D5418B2C20B9A027001D620C /* fb2.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = fb2.png; sourceTree = ""; }; + D5418B2D20B9A028001D620C /* signup.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = signup.png; sourceTree = ""; }; + D5418B2E20B9A028001D620C /* fb1.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = fb1.png; sourceTree = ""; }; + D5418B2F20B9A029001D620C /* fb3.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = fb3.png; sourceTree = ""; }; + D5418B3020B9A029001D620C /* google2.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = google2.png; sourceTree = ""; }; + D5418B3120B9A029001D620C /* home.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = home.png; sourceTree = ""; }; + D5418B3920B9A512001D620C /* firebase1.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = firebase1.png; sourceTree = ""; }; + D5418B3A20B9A512001D620C /* firebase2.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = firebase2.png; sourceTree = ""; }; + D5418B3D20B9A938001D620C /* swiftxcode.jpg */ = {isa = PBXFileReference; lastKnownFileType = image.jpeg; path = swiftxcode.jpg; sourceTree = ""; }; + D54BB52620B54ACF0085C370 /* FirebaseViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = FirebaseViewController.swift; sourceTree = ""; }; + D5D3F10C20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = FirebaseAuthenticator.swift; sourceTree = ""; }; + D5D4807520AEF552004F5ADF /* Test.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = Test.app; sourceTree = BUILT_PRODUCTS_DIR; }; + D5D4807820AEF552004F5ADF /* AppDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AppDelegate.swift; sourceTree = ""; }; + D5D4807A20AEF552004F5ADF /* LoginViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LoginViewController.swift; sourceTree = ""; }; + D5D4807D20AEF552004F5ADF /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/Main.storyboard; sourceTree = ""; }; + D5D4807F20AEF555004F5ADF /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = ""; }; + D5D4808220AEF555004F5ADF /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/LaunchScreen.storyboard; sourceTree = ""; }; + D5D4808420AEF555004F5ADF /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; + D5D4809320B2A9B6004F5ADF /* SignupViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SignupViewController.swift; sourceTree = ""; }; + D5D4809520B2CEB8004F5ADF /* BaseViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = BaseViewController.swift; sourceTree = ""; }; + D5D4809C20B3E95D004F5ADF /* LoginMain.storyboard */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; path = LoginMain.storyboard; sourceTree = ""; }; + D5D4809E20B3FB67004F5ADF /* CustomCollectionViewCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CustomCollectionViewCell.swift; sourceTree = ""; }; + D5D480A020B3FBBF004F5ADF /* MainCollectionViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MainCollectionViewController.swift; sourceTree = ""; }; + D5FDF0F620B7EE5E00D68D8D /* SocialAuthenticator.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SocialAuthenticator.swift; sourceTree = ""; }; + D5FDF0F920B8263500D68D8D /* ResponseDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ResponseDelegate.swift; sourceTree = ""; }; + D5FDF0FB20B8266100D68D8D /* SocialDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SocialDelegate.swift; sourceTree = ""; }; +/* End PBXFileReference section */ + +/* Begin PBXFrameworksBuildPhase section */ + D5D4807220AEF552004F5ADF /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 2147483647; + files = ( + 88AE4B8E01AFFF3A45DC9B88 /* Pods_Test.framework in Frameworks */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXFrameworksBuildPhase section */ + +/* Begin PBXGroup section */ + 6D4AE5F2DED4F2D75679768C /* Pods */ = { + isa = PBXGroup; + children = ( + 64BF18EB7EA0A352287C2039 /* Pods-Test.debug.xcconfig */, + C84725ECA8AC99708758BF82 /* Pods-Test.release.xcconfig */, + ); + name = Pods; + sourceTree = ""; + }; + 76A856C51E4B61E4FCC4DBDF /* Frameworks */ = { + isa = PBXGroup; + children = ( + 474904C1D18515D2338FE798 /* Pods_Test.framework */, + ); + name = Frameworks; + sourceTree = ""; + }; + D520BEC820B5467D009A5272 /* Network */ = { + isa = PBXGroup; + children = ( + D5D3F10C20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift */, + D5FDF0F620B7EE5E00D68D8D /* SocialAuthenticator.swift */, + ); + path = Network; + sourceTree = ""; + }; + D5418B2A20B99C84001D620C /* Screenshots */ = { + isa = PBXGroup; + children = ( + D5418B3D20B9A938001D620C /* swiftxcode.jpg */, + D5418B3920B9A512001D620C /* firebase1.png */, + D5418B3A20B9A512001D620C /* firebase2.png */, + D5418B2E20B9A028001D620C /* fb1.png */, + D5418B2C20B9A027001D620C /* fb2.png */, + D5418B2F20B9A029001D620C /* fb3.png */, + D5418B2B20B9A027001D620C /* google1.png */, + D5418B3020B9A029001D620C /* google2.png */, + D5418B3120B9A029001D620C /* home.png */, + D5418B2D20B9A028001D620C /* signup.png */, + ); + path = Screenshots; + sourceTree = ""; + }; + D5D4806C20AEF552004F5ADF = { + isa = PBXGroup; + children = ( + 76A856C51E4B61E4FCC4DBDF /* Frameworks */, + 6D4AE5F2DED4F2D75679768C /* Pods */, + D5D4807620AEF552004F5ADF /* Products */, + D5D4807720AEF552004F5ADF /* Test */, + ); + sourceTree = ""; + }; + D5D4807620AEF552004F5ADF /* Products */ = { + isa = PBXGroup; + children = ( + D5D4807520AEF552004F5ADF /* Test.app */, + ); + name = Products; + sourceTree = ""; + }; + D5D4807720AEF552004F5ADF /* Test */ = { + isa = PBXGroup; + children = ( + D5418B2A20B99C84001D620C /* Screenshots */, + D50D70A320B9443D00F9D88B /* GoogleService-Info.plist */, + D5FDF0F820B8225500D68D8D /* Delegate */, + D5D4807C20AEF552004F5ADF /* Main.storyboard */, + D5D4808420AEF555004F5ADF /* Info.plist */, + D5D4807820AEF552004F5ADF /* AppDelegate.swift */, + D5D4809520B2CEB8004F5ADF /* BaseViewController.swift */, + D5D4809320B2A9B6004F5ADF /* SignupViewController.swift */, + D5D4807A20AEF552004F5ADF /* LoginViewController.swift */, + D5D4807F20AEF555004F5ADF /* Assets.xcassets */, + D5D4808120AEF555004F5ADF /* LaunchScreen.storyboard */, + D520BEC820B5467D009A5272 /* Network */, + D5D4809920B3E8F8004F5ADF /* MainLogin */, + ); + path = Test; + sourceTree = ""; + }; + D5D4809920B3E8F8004F5ADF /* MainLogin */ = { + isa = PBXGroup; + children = ( + D54BB52620B54ACF0085C370 /* FirebaseViewController.swift */, + D5D4809C20B3E95D004F5ADF /* LoginMain.storyboard */, + D5D4809E20B3FB67004F5ADF /* CustomCollectionViewCell.swift */, + D5D480A020B3FBBF004F5ADF /* MainCollectionViewController.swift */, + ); + path = MainLogin; + sourceTree = ""; + }; + D5FDF0F820B8225500D68D8D /* Delegate */ = { + isa = PBXGroup; + children = ( + D5FDF0F920B8263500D68D8D /* ResponseDelegate.swift */, + D5FDF0FB20B8266100D68D8D /* SocialDelegate.swift */, + ); + name = Delegate; + sourceTree = ""; + }; +/* End PBXGroup section */ + +/* Begin PBXNativeTarget section */ + D5D4807420AEF552004F5ADF /* Test */ = { + isa = PBXNativeTarget; + buildConfigurationList = D5D4808720AEF555004F5ADF /* Build configuration list for PBXNativeTarget "Test" */; + buildPhases = ( + D905B27F086A3993E6CC203D /* [CP] Check Pods Manifest.lock */, + D5D4807120AEF552004F5ADF /* Sources */, + D5D4807220AEF552004F5ADF /* Frameworks */, + D5D4807320AEF552004F5ADF /* Resources */, + 84D5C8B19799EFD0F35C8BA9 /* [CP] Embed Pods Frameworks */, + ); + buildRules = ( + ); + dependencies = ( + ); + name = Test; + productName = swiftconcepts; + productReference = D5D4807520AEF552004F5ADF /* Test.app */; + productType = "com.apple.product-type.application"; + }; +/* End PBXNativeTarget section */ + +/* Begin PBXProject section */ + D5D4806D20AEF552004F5ADF /* Project object */ = { + isa = PBXProject; + attributes = { + LastSwiftUpdateCheck = 0930; + LastUpgradeCheck = 0930; + ORGANIZATIONNAME = yuvraj; + TargetAttributes = { + D5D4807420AEF552004F5ADF = { + CreatedOnToolsVersion = 9.3.1; + }; + }; + }; + buildConfigurationList = D5D4807020AEF552004F5ADF /* Build configuration list for PBXProject "Test" */; + compatibilityVersion = "Xcode 9.3"; + developmentRegion = en; + hasScannedForEncodings = 0; + knownRegions = ( + en, + Base, + ); + mainGroup = D5D4806C20AEF552004F5ADF; + productRefGroup = D5D4807620AEF552004F5ADF /* Products */; + projectDirPath = ""; + projectRoot = ""; + targets = ( + D5D4807420AEF552004F5ADF /* Test */, + ); + }; +/* End PBXProject section */ + +/* Begin PBXResourcesBuildPhase section */ + D5D4807320AEF552004F5ADF /* Resources */ = { + isa = PBXResourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + D5D4808320AEF555004F5ADF /* LaunchScreen.storyboard in Resources */, + D5418B3620B9A02A001D620C /* fb3.png in Resources */, + D5D4808020AEF555004F5ADF /* Assets.xcassets in Resources */, + D5D4807E20AEF552004F5ADF /* Main.storyboard in Resources */, + D5418B3520B9A02A001D620C /* fb1.png in Resources */, + D5418B3420B9A02A001D620C /* signup.png in Resources */, + D5D4809D20B3E95D004F5ADF /* LoginMain.storyboard in Resources */, + D5418B3220B9A02A001D620C /* google1.png in Resources */, + D5418B3820B9A02A001D620C /* home.png in Resources */, + D5418B3B20B9A512001D620C /* firebase1.png in Resources */, + D5418B3720B9A02A001D620C /* google2.png in Resources */, + D5418B3320B9A02A001D620C /* fb2.png in Resources */, + D5418B3E20B9A938001D620C /* swiftxcode.jpg in Resources */, + D50D70A420B9443D00F9D88B /* GoogleService-Info.plist in Resources */, + D5418B3C20B9A512001D620C /* firebase2.png in Resources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXResourcesBuildPhase section */ + +/* Begin PBXShellScriptBuildPhase section */ + 84D5C8B19799EFD0F35C8BA9 /* [CP] Embed Pods Frameworks */ = { + isa = PBXShellScriptBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + inputFileListPaths = ( + "${PODS_ROOT}/Target Support Files/Pods-Test/Pods-Test-frameworks-${CONFIGURATION}-input-files.xcfilelist", + ); + name = "[CP] Embed Pods Frameworks"; + outputFileListPaths = ( + "${PODS_ROOT}/Target Support Files/Pods-Test/Pods-Test-frameworks-${CONFIGURATION}-output-files.xcfilelist", + ); + runOnlyForDeploymentPostprocessing = 0; + shellPath = /bin/sh; + shellScript = "\"${PODS_ROOT}/Target Support Files/Pods-Test/Pods-Test-frameworks.sh\"\n"; + showEnvVarsInLog = 0; + }; + D905B27F086A3993E6CC203D /* [CP] Check Pods Manifest.lock */ = { + isa = PBXShellScriptBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + inputPaths = ( + "${PODS_PODFILE_DIR_PATH}/Podfile.lock", + "${PODS_ROOT}/Manifest.lock", + ); + name = "[CP] Check Pods Manifest.lock"; + outputPaths = ( + "$(DERIVED_FILE_DIR)/Pods-Test-checkManifestLockResult.txt", + ); + runOnlyForDeploymentPostprocessing = 0; + shellPath = /bin/sh; + shellScript = "diff \"${PODS_PODFILE_DIR_PATH}/Podfile.lock\" \"${PODS_ROOT}/Manifest.lock\" > /dev/null\nif [ $? != 0 ] ; then\n # print error to STDERR\n echo \"error: The sandbox is not in sync with the Podfile.lock. Run 'pod install' or update your CocoaPods installation.\" >&2\n exit 1\nfi\n# This output is used by Xcode 'outputs' to avoid re-running this script phase.\necho \"SUCCESS\" > \"${SCRIPT_OUTPUT_FILE_0}\"\n"; + showEnvVarsInLog = 0; + }; +/* End PBXShellScriptBuildPhase section */ + +/* Begin PBXSourcesBuildPhase section */ + D5D4807120AEF552004F5ADF /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + D5D4809420B2A9B6004F5ADF /* SignupViewController.swift in Sources */, + D54BB52720B54ACF0085C370 /* FirebaseViewController.swift in Sources */, + D5D4809F20B3FB67004F5ADF /* CustomCollectionViewCell.swift in Sources */, + D5D3F10D20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift in Sources */, + D5FDF0FC20B8266100D68D8D /* SocialDelegate.swift in Sources */, + D5D480A120B3FBBF004F5ADF /* MainCollectionViewController.swift in Sources */, + D5FDF0F720B7EE5E00D68D8D /* SocialAuthenticator.swift in Sources */, + D5D4807B20AEF552004F5ADF /* LoginViewController.swift in Sources */, + D5D4809620B2CEB8004F5ADF /* BaseViewController.swift in Sources */, + D5D4807920AEF552004F5ADF /* AppDelegate.swift in Sources */, + D5FDF0FA20B8263500D68D8D /* ResponseDelegate.swift in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXSourcesBuildPhase section */ + +/* Begin PBXVariantGroup section */ + D5D4807C20AEF552004F5ADF /* Main.storyboard */ = { + isa = PBXVariantGroup; + children = ( + D5D4807D20AEF552004F5ADF /* Base */, + ); + name = Main.storyboard; + sourceTree = ""; + }; + D5D4808120AEF555004F5ADF /* LaunchScreen.storyboard */ = { + isa = PBXVariantGroup; + children = ( + D5D4808220AEF555004F5ADF /* Base */, + ); + name = LaunchScreen.storyboard; + sourceTree = ""; + }; +/* End PBXVariantGroup section */ + +/* Begin XCBuildConfiguration section */ + D5D4808520AEF555004F5ADF /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + CLANG_ANALYZER_NONNULL = YES; + CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; + CLANG_CXX_LIBRARY = "libc++"; + CLANG_ENABLE_MODULES = YES; + CLANG_ENABLE_OBJC_ARC = YES; + CLANG_ENABLE_OBJC_WEAK = YES; + CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; + CLANG_WARN_BOOL_CONVERSION = YES; + CLANG_WARN_COMMA = YES; + CLANG_WARN_CONSTANT_CONVERSION = YES; + CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES; + CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; + CLANG_WARN_DOCUMENTATION_COMMENTS = YES; + CLANG_WARN_EMPTY_BODY = YES; + CLANG_WARN_ENUM_CONVERSION = YES; + CLANG_WARN_INFINITE_RECURSION = YES; + CLANG_WARN_INT_CONVERSION = YES; + CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; + CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES; + CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; + CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; + CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; + CLANG_WARN_STRICT_PROTOTYPES = YES; + CLANG_WARN_SUSPICIOUS_MOVE = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CLANG_WARN_UNREACHABLE_CODE = YES; + CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; + CODE_SIGN_IDENTITY = "iPhone Developer"; + COPY_PHASE_STRIP = NO; + DEBUG_INFORMATION_FORMAT = dwarf; + ENABLE_STRICT_OBJC_MSGSEND = YES; + ENABLE_TESTABILITY = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + GCC_DYNAMIC_NO_PIC = NO; + GCC_NO_COMMON_BLOCKS = YES; + GCC_OPTIMIZATION_LEVEL = 0; + GCC_PREPROCESSOR_DEFINITIONS = ( + "DEBUG=1", + "$(inherited)", + ); + GCC_WARN_64_TO_32_BIT_CONVERSION = YES; + GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; + GCC_WARN_UNDECLARED_SELECTOR = YES; + GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; + GCC_WARN_UNUSED_FUNCTION = YES; + GCC_WARN_UNUSED_VARIABLE = YES; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; + MTL_ENABLE_DEBUG_INFO = YES; + ONLY_ACTIVE_ARCH = YES; + SDKROOT = iphoneos; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG; + SWIFT_OPTIMIZATION_LEVEL = "-Onone"; + }; + name = Debug; + }; + D5D4808620AEF555004F5ADF /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + CLANG_ANALYZER_NONNULL = YES; + CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; + CLANG_CXX_LIBRARY = "libc++"; + CLANG_ENABLE_MODULES = YES; + CLANG_ENABLE_OBJC_ARC = YES; + CLANG_ENABLE_OBJC_WEAK = YES; + CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; + CLANG_WARN_BOOL_CONVERSION = YES; + CLANG_WARN_COMMA = YES; + CLANG_WARN_CONSTANT_CONVERSION = YES; + CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES; + CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; + CLANG_WARN_DOCUMENTATION_COMMENTS = YES; + CLANG_WARN_EMPTY_BODY = YES; + CLANG_WARN_ENUM_CONVERSION = YES; + CLANG_WARN_INFINITE_RECURSION = YES; + CLANG_WARN_INT_CONVERSION = YES; + CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; + CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES; + CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; + CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; + CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; + CLANG_WARN_STRICT_PROTOTYPES = YES; + CLANG_WARN_SUSPICIOUS_MOVE = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CLANG_WARN_UNREACHABLE_CODE = YES; + CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; + CODE_SIGN_IDENTITY = "iPhone Developer"; + COPY_PHASE_STRIP = NO; + DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; + ENABLE_NS_ASSERTIONS = NO; + ENABLE_STRICT_OBJC_MSGSEND = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + GCC_NO_COMMON_BLOCKS = YES; + GCC_WARN_64_TO_32_BIT_CONVERSION = YES; + GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; + GCC_WARN_UNDECLARED_SELECTOR = YES; + GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; + GCC_WARN_UNUSED_FUNCTION = YES; + GCC_WARN_UNUSED_VARIABLE = YES; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; + MTL_ENABLE_DEBUG_INFO = NO; + SDKROOT = iphoneos; + SWIFT_COMPILATION_MODE = wholemodule; + SWIFT_OPTIMIZATION_LEVEL = "-O"; + VALIDATE_PRODUCT = YES; + }; + name = Release; + }; + D5D4808820AEF555004F5ADF /* Debug */ = { + isa = XCBuildConfiguration; + baseConfigurationReference = 64BF18EB7EA0A352287C2039 /* Pods-Test.debug.xcconfig */; + buildSettings = { + ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; + CODE_SIGN_STYLE = Automatic; + FRAMEWORK_SEARCH_PATHS = ( + "$(inherited)", + "$(PROJECT_DIR)/swiftconcepts", + ); + INFOPLIST_FILE = Test/Info.plist; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/Frameworks", + ); + PRODUCT_BUNDLE_IDENTIFIER = com.yuvraj.Test; + PRODUCT_NAME = "$(TARGET_NAME)"; + SWIFT_VERSION = 4.0; + TARGETED_DEVICE_FAMILY = "1,2"; + }; + name = Debug; + }; + D5D4808920AEF555004F5ADF /* Release */ = { + isa = XCBuildConfiguration; + baseConfigurationReference = C84725ECA8AC99708758BF82 /* Pods-Test.release.xcconfig */; + buildSettings = { + ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; + CODE_SIGN_STYLE = Automatic; + FRAMEWORK_SEARCH_PATHS = ( + "$(inherited)", + "$(PROJECT_DIR)/swiftconcepts", + ); + INFOPLIST_FILE = Test/Info.plist; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/Frameworks", + ); + PRODUCT_BUNDLE_IDENTIFIER = com.yuvraj.Test; + PRODUCT_NAME = "$(TARGET_NAME)"; + SWIFT_VERSION = 4.0; + TARGETED_DEVICE_FAMILY = "1,2"; + }; + name = Release; + }; +/* End XCBuildConfiguration section */ + +/* Begin XCConfigurationList section */ + D5D4807020AEF552004F5ADF /* Build configuration list for PBXProject "Test" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + D5D4808520AEF555004F5ADF /* Debug */, + D5D4808620AEF555004F5ADF /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + D5D4808720AEF555004F5ADF /* Build configuration list for PBXNativeTarget "Test" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + D5D4808820AEF555004F5ADF /* Debug */, + D5D4808920AEF555004F5ADF /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; +/* End XCConfigurationList section */ + }; + rootObject = D5D4806D20AEF552004F5ADF /* Project object */; +} From a181880b77a959fcbc059e3f63f443911021349e Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 30 Sep 2024 13:35:47 +0300 Subject: [PATCH 004/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods.go | 39 +++++++++++++++++-- .../audit/sca/cocoapods/cocoapods_test.go | 19 ++++++++- go.mod | 4 +- go.sum | 2 + .../package-managers/cocoapods/Podfile | 2 +- 5 files changed, 58 insertions(+), 8 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index 16decb11..945d54ab 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -8,6 +8,7 @@ import ( "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" "github.com/jfrog/jfrog-cli-security/formats/sarifutils" "github.com/jfrog/jfrog-cli-security/utils" + "github.com/jfrog/jfrog-client-go/utils/log" xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" "github.com/owenrumney/go-sarif/v2/sarif" "os" @@ -32,11 +33,12 @@ func GetTechDependencyLocation(directDependencyName, directDependencyVersion str for _, descriptorPath := range descriptorPaths { path.Clean(descriptorPath) if !strings.HasSuffix(descriptorPath, "Podfile") { - return nil, errors.ErrUnsupported + log.Logger.Warn("Cannot support other files besides Podfile: %s", descriptorPath) + continue } data, err := os.ReadFile(descriptorPath) if err != nil { - return nil, err + continue } lines := strings.Split(string(data), "\n") var startLine, startCol, endLine, endCol int @@ -72,7 +74,38 @@ func GetTechDependencyLocation(directDependencyName, directDependencyVersion str return podPositions, nil } -func FixTechDependency(dependencyName, dependencyVersion, fixVersion string, descriptorPath ...string) error { +func FixTechDependency(dependencyName, dependencyVersion, fixVersion string, descriptorPaths ...string) error { + for _, descriptorPath := range descriptorPaths { + path.Clean(descriptorPath) + if !strings.HasSuffix(descriptorPath, "Podfile") { + log.Logger.Warn("Cannot support other files besides Podfile: %s", descriptorPath) + continue + } + data, err := os.ReadFile(descriptorPath) + var newLines []string + if err != nil { + continue + } + lines := strings.Split(string(data), "\n") + foundDependency := false + for _, line := range lines { + if strings.Contains(line, dependencyName) { + foundDependency = true + } + if foundDependency && strings.Contains(line, dependencyVersion) { + newLine := strings.Replace(line, dependencyVersion, fixVersion, 1) + newLines = append(newLines, newLine) + foundDependency = false + } else { + newLines = append(newLines, line) + } + } + output := strings.Join(newLines, "\n") + err = os.WriteFile(descriptorPath, []byte(output), 0644) + if err != nil { + return fmt.Errorf("failed to write file: %v", err) + } + } return nil } diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index 4fb54399..7b363bed 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -4,7 +4,9 @@ import ( "fmt" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" "github.com/jfrog/jfrog-cli-core/v2/utils/tests" + "os" "path/filepath" + "strings" "testing" "github.com/jfrog/jfrog-cli-core/v2/utils/config" @@ -58,7 +60,20 @@ func TestGetTechDependencyLocation(t *testing.T) { defer cleanUp() currentDir, err := coreutils.GetWorkingDirectory() assert.NoError(t, err) - locations, err := GetTechDependencyLocation("AppAuth", "1.7.5", filepath.Join(currentDir, "Podfile.lock")) + locations, err := GetTechDependencyLocation("GoogleSignIn", "6.2.4", filepath.Join(currentDir, "Podfile")) assert.NoError(t, err) - fmt.Println(locations) + assert.Len(t, locations, 1) + assert.Equal(t, *locations[0].PhysicalLocation.Region.Snippet.Text, "GoogleSignIn', '~> 6.2.4'") +} + +func TestFixTechDependency(t *testing.T) { + _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "cocoapods")) + defer cleanUp() + currentDir, err := coreutils.GetWorkingDirectory() + assert.NoError(t, err) + err = FixTechDependency("GoogleSignIn", "6.2.4", "6.2.5", filepath.Join(currentDir, "Podfile")) + file, err := os.ReadFile(filepath.Join(currentDir, "Podfile")) + assert.NoError(t, err) + lines := strings.Split(string(file), "\n") + assert.Contains(t, lines, "pod 'GoogleSignIn', '~> 6.2.5'") } diff --git a/go.mod b/go.mod index 8096afae..dac22c0a 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/jfrog/gofrog v1.7.6 github.com/jfrog/jfrog-apps-config v1.0.1 github.com/jfrog/jfrog-cli-core/v2 v2.56.0 - github.com/jfrog/jfrog-client-go v1.47.0 + github.com/jfrog/jfrog-client-go v1.47.1 github.com/magiconair/properties v1.8.7 github.com/owenrumney/go-sarif/v2 v2.3.0 github.com/stretchr/testify v1.9.0 @@ -114,7 +114,7 @@ require ( gopkg.in/warnings.v0 v0.1.2 // indirect ) -replace github.com/jfrog/jfrog-cli-core/v2 => ../jfrog-cli-core +replace github.com/jfrog/jfrog-cli-core/v2 => github.com/barv-jfrog/jfrog-cli-core/v2 v2.0.0-20240930095207-bde88fbefc70 // replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go dev diff --git a/go.sum b/go.sum index d858d1cc..ffd740d8 100644 --- a/go.sum +++ b/go.sum @@ -633,6 +633,8 @@ github.com/apache/thrift v0.16.0/go.mod h1:PHK3hniurgQaNMZYaCLEqXKsYK8upmhPbmdP2 github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/barv-jfrog/jfrog-cli-core/v2 v2.0.0-20240930095207-bde88fbefc70 h1:Vl4xvLvKXBnMfXttOVvCxsOUxe814Lw4PewfvS5RwA4= +github.com/barv-jfrog/jfrog-cli-core/v2 v2.0.0-20240930095207-bde88fbefc70/go.mod h1:+a9VRDizwc+SK2Io6e4Yp8j7hkTeQstQTmNVwrxdh6Q= github.com/beevik/etree v1.4.0 h1:oz1UedHRepuY3p4N5OjE0nK1WLCqtzHf25bxplKOHLs= github.com/beevik/etree v1.4.0/go.mod h1:cyWiXwGoasx60gHvtnEh5x8+uIjUVnjWqBvEnhnqKDA= github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= diff --git a/tests/testdata/projects/package-managers/cocoapods/Podfile b/tests/testdata/projects/package-managers/cocoapods/Podfile index 4b874538..1dba3c2d 100644 --- a/tests/testdata/projects/package-managers/cocoapods/Podfile +++ b/tests/testdata/projects/package-managers/cocoapods/Podfile @@ -2,6 +2,6 @@ platform :ios, '9.0' target 'Test' do use_frameworks! -pod 'GoogleSignIn' +pod 'GoogleSignIn', '~> 6.2.4' end \ No newline at end of file From 08e3bd55868ddceef492c682d883482f6e1a0df4 Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 30 Sep 2024 13:51:02 +0300 Subject: [PATCH 005/111] cocoapods-audit --- go.sum | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/go.sum b/go.sum index ffd740d8..36b24092 100644 --- a/go.sum +++ b/go.sum @@ -900,10 +900,8 @@ github.com/jfrog/gofrog v1.7.6 h1:QmfAiRzVyaI7JYGsB7cxfAJePAZTzFz0gRWZSE27c6s= github.com/jfrog/gofrog v1.7.6/go.mod h1:ntr1txqNOZtHplmaNd7rS4f8jpA5Apx8em70oYEe7+4= github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY= github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w= -github.com/jfrog/jfrog-cli-core/v2 v2.56.0 h1:rCNKhfESgsq0o6//gU1mNCvuCboE5BMfycj/RM/gq8k= -github.com/jfrog/jfrog-cli-core/v2 v2.56.0/go.mod h1:D8m0L8GCZiYCY9MjhnWY4egCqyVlU2iZsVA0yysBsVw= -github.com/jfrog/jfrog-client-go v1.47.0 h1:OBMB6TxqziBByjuk6hm0BM30pQwOb3XzjZKf/cmwCeM= -github.com/jfrog/jfrog-client-go v1.47.0/go.mod h1:UxzL9Q4pDoM+HQjSuQiGNakyoJNuxqPSs35/amBJvdY= +github.com/jfrog/jfrog-client-go v1.47.1 h1:VT2v28/usTSP56+i3MC3fgRvZoh6vjRgQgs8xTk+sYU= +github.com/jfrog/jfrog-client-go v1.47.1/go.mod h1:7M/vgei7VGcLjUxwQ/3r9pH3lvDHlt6Q+Gw+YMis/mc= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= From 895ccfa43178fc28625f35dd9ff468efb2f9893d Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 30 Sep 2024 15:05:04 +0300 Subject: [PATCH 006/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods.go | 15 ++++++++------- commands/audit/sca/cocoapods/cocoapods_test.go | 1 + 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index 945d54ab..a92fa56d 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -57,11 +57,12 @@ func GetTechDependencyLocation(directDependencyName, directDependencyVersion str snippet = lines[startLine][startCol:endCol] } else { for snippetLine := range endLine - startLine + 1 { - if snippetLine == 0 { + switch snippetLine { + case 0: snippet += "\n" + lines[snippetLine][startLine:] - } else if snippetLine == endLine-startLine { + case endLine - startLine: snippet += "\n" + lines[snippetLine][:endCol] - } else { + default: snippet += "\n" + lines[snippetLine] } } @@ -123,7 +124,7 @@ func GetPodDependenciesGraph(data string) (map[string][]string, map[string]strin dependencyMap := make(map[string][]string, len(lines)) versionMap := make(map[string]string, len(lines)) for _, line := range lines { - line = strings.Replace(line, "\"", "", -1) + line = strings.ReplaceAll(line, "\"", "") mainDepMatch := mainDepRegex.FindStringSubmatch(line) if len(mainDepMatch) == 3 { versionMatch := versionRegex.FindStringSubmatch(line) @@ -182,13 +183,13 @@ func GetDependenciesData(exePath, currentDir string) (string, error) { func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) { currentDir, err := coreutils.GetWorkingDirectory() if err != nil { - return + return nil, nil, err } clearResolutionServerFunc, err := configPodResolutionServerIfNeeded(params) if err != nil { err = fmt.Errorf("failed while configuring a resolution server: %s", err.Error()) - return + return nil, nil, err } defer func() { if clearResolutionServerFunc != nil { @@ -206,7 +207,7 @@ func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils. // Calculate pod dependencies data, err := GetDependenciesData(podExecutablePath, currentDir) if err != nil { - return + return nil, nil, err } uniqueDepsSet := datastructures.MakeSet[string]() dependenciesGraph, versionMap := GetPodDependenciesGraph(data) diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index 7b363bed..4ac6eaab 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -72,6 +72,7 @@ func TestFixTechDependency(t *testing.T) { currentDir, err := coreutils.GetWorkingDirectory() assert.NoError(t, err) err = FixTechDependency("GoogleSignIn", "6.2.4", "6.2.5", filepath.Join(currentDir, "Podfile")) + assert.NoError(t, err) file, err := os.ReadFile(filepath.Join(currentDir, "Podfile")) assert.NoError(t, err) lines := strings.Split(string(file), "\n") From 5f51f0a4b4c7c82a2c746056c48892b811650df6 Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 30 Sep 2024 15:26:35 +0300 Subject: [PATCH 007/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index 4ac6eaab..18928607 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -29,6 +29,7 @@ func TestBuildGoDependencyList(t *testing.T) { AccessToken: "sdsdccs2232", } currentDir, err := coreutils.GetWorkingDirectory() + assert.NoError(t, err) packageName := filepath.Base(currentDir) packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule) expectedUniqueDeps := []string{ From 4763b3510c0d427a2048a9d1857d2b3d44aa5bb7 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 1 Oct 2024 10:49:22 +0300 Subject: [PATCH 008/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index a92fa56d..e3bd171c 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -56,7 +56,7 @@ func GetTechDependencyLocation(directDependencyName, directDependencyVersion str if endLine == startLine { snippet = lines[startLine][startCol:endCol] } else { - for snippetLine := range endLine - startLine + 1 { + for snippetLine := 1; snippetLine < endLine-startLine+1; snippetLine++ { switch snippetLine { case 0: snippet += "\n" + lines[snippetLine][startLine:] From 17d8b803d64f95729080e8eb7396aa9920caa89e Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 1 Oct 2024 14:51:40 +0300 Subject: [PATCH 009/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods.go | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index e3bd171c..e7f47778 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -43,13 +43,18 @@ func GetTechDependencyLocation(directDependencyName, directDependencyVersion str lines := strings.Split(string(data), "\n") var startLine, startCol, endLine, endCol int foundDependency := false + var tempIndex int for i, line := range lines { if strings.Contains(line, directDependencyName) { startLine = i startCol = strings.Index(line, directDependencyName) foundDependency = true + tempIndex = i } - if foundDependency && strings.Contains(line, directDependencyVersion) { + // This means we are in a new dependency (we cannot find dependency name and version together) + if i > tempIndex && foundDependency && strings.Contains(line, "pod") { + foundDependency = false + } else if foundDependency && strings.Contains(line, directDependencyVersion) { endLine = i endCol = len(line) var snippet string @@ -89,11 +94,16 @@ func FixTechDependency(dependencyName, dependencyVersion, fixVersion string, des } lines := strings.Split(string(data), "\n") foundDependency := false - for _, line := range lines { + var tempIndex int + for index, line := range lines { if strings.Contains(line, dependencyName) { foundDependency = true + tempIndex = index } - if foundDependency && strings.Contains(line, dependencyVersion) { + // This means we are in a new dependency (we cannot find dependency name and version together) + if index > tempIndex && foundDependency && strings.Contains(line, "pod") { + foundDependency = false + } else if foundDependency && strings.Contains(line, dependencyVersion) { newLine := strings.Replace(line, dependencyVersion, fixVersion, 1) newLines = append(newLines, newLine) foundDependency = false From de4c5fdcefa46ff0864c010012be4fd88933f886 Mon Sep 17 00:00:00 2001 From: Shachar Menashe Date: Thu, 31 Oct 2024 18:07:43 +0200 Subject: [PATCH 010/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods.go | 300 ++++++++++ .../audit/sca/cocoapods/cocoapods_test.go | 82 +++ commands/audit/sca/cocoapods/podcommand.go | 177 ++++++ commands/audit/scarunner.go | 3 + .../package-managers/cocoapods/Podfile | 7 + .../package-managers/cocoapods/Podfile.lock | 35 ++ .../cocoapods/Test.xcodeproj/project.pbxproj | 529 ++++++++++++++++++ utils/techutils/techutils.go | 92 +-- 8 files changed, 1184 insertions(+), 41 deletions(-) create mode 100644 commands/audit/sca/cocoapods/cocoapods.go create mode 100644 commands/audit/sca/cocoapods/cocoapods_test.go create mode 100644 commands/audit/sca/cocoapods/podcommand.go create mode 100644 tests/testdata/projects/package-managers/cocoapods/Podfile create mode 100644 tests/testdata/projects/package-managers/cocoapods/Podfile.lock create mode 100644 tests/testdata/projects/package-managers/cocoapods/Test.xcodeproj/project.pbxproj diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go new file mode 100644 index 00000000..08164906 --- /dev/null +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -0,0 +1,300 @@ +package cocoapods + +import ( + "errors" + "fmt" + "github.com/jfrog/gofrog/datastructures" + "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" + "github.com/jfrog/jfrog-cli-security/utils" + "github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils" + "github.com/jfrog/jfrog-cli-security/utils/techutils" + "github.com/jfrog/jfrog-client-go/utils/log" + xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" + "github.com/owenrumney/go-sarif/v2/sarif" + "os" + "path" + "path/filepath" + "regexp" + "strings" +) + +const ( + VersionForMainModule = "0.0.0" +) + +var ( + mainDepRegex = regexp.MustCompile(`- ([\w/+.\-]+) \(([\d.]+)\)`) + subDepRegex = regexp.MustCompile(`\s{2}- ([\w/+.\-]+)`) + versionRegex = regexp.MustCompile(`\((\d+(\.\d+){0,2})\)`) +) + +func GetTechDependencyLocation(directDependencyName, directDependencyVersion string, descriptorPaths ...string) ([]*sarif.Location, error) { + var podPositions []*sarif.Location + for _, descriptorPath := range descriptorPaths { + path.Clean(descriptorPath) + if !strings.HasSuffix(descriptorPath, "Podfile") { + log.Logger.Warn("Cannot support other files besides Podfile: %s", descriptorPath) + continue + } + data, err := os.ReadFile(descriptorPath) + if err != nil { + continue + } + lines := strings.Split(string(data), "\n") + var startLine, startCol, endLine, endCol int + foundDependency := false + var tempIndex int + for i, line := range lines { + if strings.Contains(line, directDependencyName) { + startLine = i + startCol = strings.Index(line, directDependencyName) + foundDependency = true + tempIndex = i + } + // This means we are in a new dependency (we cannot find dependency name and version together) + if i > tempIndex && foundDependency && strings.Contains(line, "pod") { + foundDependency = false + } else if foundDependency && strings.Contains(line, directDependencyVersion) { + endLine = i + endCol = len(line) + var snippet string + if endLine == startLine { + snippet = lines[startLine][startCol:endCol] + } else { + for snippetLine := 1; snippetLine < endLine-startLine+1; snippetLine++ { + switch snippetLine { + case 0: + snippet += "\n" + lines[snippetLine][startLine:] + case endLine - startLine: + snippet += "\n" + lines[snippetLine][:endCol] + default: + snippet += "\n" + lines[snippetLine] + } + } + } + podPositions = append(podPositions, sarifutils.CreateLocation(descriptorPath, startLine, endLine, startCol, endCol, snippet)) + foundDependency = false + } + } + } + return podPositions, nil +} + +func FixTechDependency(dependencyName, dependencyVersion, fixVersion string, descriptorPaths ...string) error { + for _, descriptorPath := range descriptorPaths { + path.Clean(descriptorPath) + if !strings.HasSuffix(descriptorPath, "Podfile") { + log.Logger.Warn("Cannot support other files besides Podfile: %s", descriptorPath) + continue + } + data, err := os.ReadFile(descriptorPath) + var newLines []string + if err != nil { + continue + } + lines := strings.Split(string(data), "\n") + foundDependency := false + var tempIndex int + for index, line := range lines { + if strings.Contains(line, dependencyName) { + foundDependency = true + tempIndex = index + } + // This means we are in a new dependency (we cannot find dependency name and version together) + if index > tempIndex && foundDependency && strings.Contains(line, "pod") { + foundDependency = false + } else if foundDependency && strings.Contains(line, dependencyVersion) { + newLine := strings.Replace(line, dependencyVersion, fixVersion, 1) + newLines = append(newLines, newLine) + foundDependency = false + } else { + newLines = append(newLines, line) + } + } + output := strings.Join(newLines, "\n") + err = os.WriteFile(descriptorPath, []byte(output), 0644) + if err != nil { + return fmt.Errorf("failed to write file: %v", err) + } + } + return nil +} + +func GetPackageName(longPkgName string) string { + if strings.Contains(longPkgName, "/") { + splitNameParts := strings.Split(longPkgName, "/") + longPkgName = splitNameParts[0] + } + return longPkgName +} + +func GetPodDependenciesGraph(data string) (map[string][]string, map[string]string) { + var currentMainDep string + lines := strings.Split(data, "\n") + dependencyMap := make(map[string][]string, len(lines)) + versionMap := make(map[string]string, len(lines)) + for _, line := range lines { + line = strings.ReplaceAll(line, "\"", "") + mainDepMatch := mainDepRegex.FindStringSubmatch(line) + if len(mainDepMatch) == 3 { + versionMatch := versionRegex.FindStringSubmatch(line) + currentMainDep = GetPackageName(mainDepMatch[1]) + _, ok := dependencyMap[currentMainDep] + if !ok { + dependencyMap[currentMainDep] = []string{} + versionMap[currentMainDep] = versionMatch[1] + } + continue + } + subDepMatch := subDepRegex.FindStringSubmatch(line) + if len(subDepMatch) == 2 && currentMainDep != "" { + subDependency := subDepMatch[1] + if subDependency == GetPackageName(subDependency) { + dependencyMap[currentMainDep] = append(dependencyMap[currentMainDep], subDependency) + } + } + } + return dependencyMap, versionMap +} + +func extractPodsSection(filePath string) (string, error) { + data, err := os.ReadFile(filePath) + if err != nil { + return "", err + } + content := string(data) + startIndex := strings.Index(content, "PODS:") + if startIndex == -1 { + return "", fmt.Errorf("PODS: section not found") + } + subContent := content[startIndex:] + endIndex := strings.Index(subContent, "DEPENDENCIES:") + if endIndex == -1 { + endIndex = strings.Index(subContent, "SPEC REPOS:") + } + if endIndex != -1 { + subContent = subContent[:endIndex] + } + return subContent, nil +} + +func shouldRunPodInstall(currentDir string) (bool, error) { + podlockInfo, err := os.Stat(filepath.Join(currentDir, "Podfile.lock")) + if err != nil { + if errors.Is(err, os.ErrNotExist) { + // Lockfile doesn't exist, run install to generate it + return true, nil + } + return false, err + } + + podfileInfo, err := os.Stat(filepath.Join(currentDir, "Podfile")) + if err != nil { + return false, err + } + + // Run install if podfile newer than lockfile + return podfileInfo.ModTime().After(podlockInfo.ModTime()), nil +} + +func GetDependenciesData(exePath, currentDir string) (string, error) { + runPodInstall, err := shouldRunPodInstall(currentDir) + if err != nil { + return "", err + } + if runPodInstall { + _, _, err = runPodCmd(exePath, currentDir, []string{"install"}) + if err != nil { + return "", err + } + } + result, err := extractPodsSection(filepath.Join(currentDir, "Podfile.lock")) + if err != nil { + return "", err + } + return result, nil +} + +func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) { + currentDir, err := coreutils.GetWorkingDirectory() + if err != nil { + return nil, nil, err + } + + clearResolutionServerFunc, err := configPodResolutionServerIfNeeded(params) + if err != nil { + err = fmt.Errorf("failed while configuring a resolution server: %s", err.Error()) + return nil, nil, err + } + defer func() { + if clearResolutionServerFunc != nil { + err = errors.Join(err, clearResolutionServerFunc()) + } + }() + + packageName := filepath.Base(currentDir) + packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule) + _, podExecutablePath, err := getPodVersionAndExecPath() + if err != nil { + err = fmt.Errorf("failed while retrieving pod path: %s", err.Error()) + return + } + // Calculate pod dependencies + data, err := GetDependenciesData(podExecutablePath, currentDir) + if err != nil { + return nil, nil, err + } + uniqueDepsSet := datastructures.MakeSet[string]() + dependenciesGraph, versionMap := GetPodDependenciesGraph(data) + for key := range dependenciesGraph { + if key != packageName { + dependenciesGraph[packageName] = append(dependenciesGraph[packageName], key) + } + } + versionMap[packageName] = VersionForMainModule + rootNode := &xrayUtils.GraphNode{ + Id: techutils.Cocoapods.GetPackageTypeId() + packageInfo, + Nodes: []*xrayUtils.GraphNode{}, + } + // Parse the dependencies into Xray dependency tree format + parsePodDependenciesList(rootNode, dependenciesGraph, versionMap, uniqueDepsSet) + dependencyTree = []*xrayUtils.GraphNode{rootNode} + uniqueDeps = uniqueDepsSet.ToSlice() + return +} + +// Generates a .netrc file to configure an Artifactory server as the resolver server. +func configPodResolutionServerIfNeeded(params utils.AuditParams) (clearResolutionServerFunc func() error, err error) { + // If we don't have an artifactory repo's name we don't need to configure any Artifactory server as resolution server + if params.DepsRepo() == "" { + return + } + + serverDetails, err := params.ServerDetails() + if err != nil { + return + } + + clearResolutionServerFunc, err = setArtifactoryAsResolutionServer(serverDetails, params.DepsRepo()) + return +} + +// Parse the dependencies into a Xray dependency tree format +func parsePodDependenciesList(currNode *xrayUtils.GraphNode, dependenciesGraph map[string][]string, versionMap map[string]string, uniqueDepsSet *datastructures.Set[string]) { + if currNode.NodeHasLoop() { + return + } + uniqueDepsSet.Add(currNode.Id) + pkgName := strings.Split(strings.TrimPrefix(currNode.Id, techutils.Cocoapods.GetPackageTypeId()), ":")[0] + currDepChildren := dependenciesGraph[pkgName] + for _, childName := range currDepChildren { + fullChildName := fmt.Sprintf("%s:%s", childName, versionMap[childName]) + childNode := &xrayUtils.GraphNode{ + Id: techutils.Cocoapods.GetPackageTypeId() + fullChildName, + Nodes: []*xrayUtils.GraphNode{}, + Parent: currNode, + } + currNode.Nodes = append(currNode.Nodes, childNode) + parsePodDependenciesList(childNode, dependenciesGraph, versionMap, uniqueDepsSet) + } +} diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go new file mode 100644 index 00000000..e6e8cb1c --- /dev/null +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -0,0 +1,82 @@ +package cocoapods + +import ( + "fmt" + "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" + "github.com/jfrog/jfrog-cli-core/v2/utils/tests" + "github.com/jfrog/jfrog-cli-security/utils/techutils" + "os" + "path/filepath" + "strings" + "testing" + + "github.com/jfrog/jfrog-cli-core/v2/utils/config" + "github.com/jfrog/jfrog-cli-security/commands/audit/sca" + xrayutils "github.com/jfrog/jfrog-cli-security/utils" + + "github.com/stretchr/testify/assert" +) + +func TestBuildGoDependencyList(t *testing.T) { + // Create and change directory to test workspace + _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "cocoapods")) + defer cleanUp() + + // Run getModulesDependencyTrees + server := &config.ServerDetails{ + Url: "https://api.cocoapods.here", + ArtifactoryUrl: "https://api.cocoapods.here/artifactory", + User: "user", + AccessToken: "sdsdccs2232", + } + currentDir, err := coreutils.GetWorkingDirectory() + assert.NoError(t, err) + packageName := filepath.Base(currentDir) + packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule) + expectedUniqueDeps := []string{ + techutils.Cocoapods.GetPackageTypeId() + "AppAuth:1.7.5", + techutils.Cocoapods.GetPackageTypeId() + "GoogleSignIn:6.2.4", + techutils.Cocoapods.GetPackageTypeId() + "GTMAppAuth:1.3.1", + techutils.Cocoapods.GetPackageTypeId() + "GTMSessionFetcher:2.3.0", + techutils.Cocoapods.GetPackageTypeId() + packageInfo, + } + + auditBasicParams := (&xrayutils.AuditBasicParams{}).SetServerDetails(server) + rootNode, uniqueDeps, err := BuildDependencyTree(auditBasicParams) + assert.NoError(t, err) + assert.ElementsMatch(t, uniqueDeps, expectedUniqueDeps, "First is actual, Second is Expected") + assert.NotEmpty(t, rootNode) + + assert.Equal(t, rootNode[0].Id, techutils.Cocoapods.GetPackageTypeId()+packageInfo) + assert.Len(t, rootNode[0].Nodes, 4) + + child1 := tests.GetAndAssertNode(t, rootNode[0].Nodes, "GTMSessionFetcher:2.3.0") + assert.Len(t, child1.Nodes, 0) + + child2 := tests.GetAndAssertNode(t, rootNode[0].Nodes, "GoogleSignIn:6.2.4") + assert.Len(t, child2.Nodes, 2) +} + +func TestGetTechDependencyLocation(t *testing.T) { + _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "cocoapods")) + defer cleanUp() + currentDir, err := coreutils.GetWorkingDirectory() + assert.NoError(t, err) + locations, err := GetTechDependencyLocation("GoogleSignIn", "6.2.4", filepath.Join(currentDir, "Podfile")) + assert.NoError(t, err) + assert.Len(t, locations, 1) + assert.Equal(t, *locations[0].PhysicalLocation.Region.Snippet.Text, "GoogleSignIn', '~> 6.2.4'") +} + +func TestFixTechDependency(t *testing.T) { + _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "cocoapods")) + defer cleanUp() + currentDir, err := coreutils.GetWorkingDirectory() + assert.NoError(t, err) + err = FixTechDependency("GoogleSignIn", "6.2.4", "6.2.5", filepath.Join(currentDir, "Podfile")) + assert.NoError(t, err) + file, err := os.ReadFile(filepath.Join(currentDir, "Podfile")) + assert.NoError(t, err) + lines := strings.Split(string(file), "\n") + assert.Contains(t, lines, "pod 'GoogleSignIn', '~> 6.2.5'") +} diff --git a/commands/audit/sca/cocoapods/podcommand.go b/commands/audit/sca/cocoapods/podcommand.go new file mode 100644 index 00000000..3b6e5927 --- /dev/null +++ b/commands/audit/sca/cocoapods/podcommand.go @@ -0,0 +1,177 @@ +package cocoapods + +import ( + "bytes" + "fmt" + "github.com/jfrog/gofrog/version" + "github.com/jfrog/jfrog-cli-core/v2/utils/config" + "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" + "github.com/jfrog/jfrog-cli-core/v2/utils/ioutils" + "github.com/jfrog/jfrog-client-go/auth" + "github.com/jfrog/jfrog-client-go/utils/errorutils" + "github.com/jfrog/jfrog-client-go/utils/log" + "os" + "os/exec" + "path/filepath" + "strings" +) + +const ( + minSupportedPodVersion = "1.15.2" + podNetRcfileName = ".netrc" + podrcBackupFileName = ".jfrog.netrc.backup" +) + +type PodCommand struct { + cmdName string + serverDetails *config.ServerDetails + podVersion *version.Version + authArtDetails auth.ServiceDetails + restoreNetrcFunc func() error + workingDirectory string + executablePath string +} + +func getPodVersionAndExecPath() (*version.Version, string, error) { + podExecPath, err := exec.LookPath("pod") + if err != nil { + return nil, "", fmt.Errorf("could not find the 'pod' executable in the system PATH %w", err) + } + log.Debug("Using pod executable:", podExecPath) + versionData, _, err := runPodCmd(podExecPath, "", []string{"--version"}) + if err != nil { + return nil, "", err + } + return version.NewVersion(strings.TrimSpace(string(versionData))), podExecPath, nil +} + +func runPodCmd(executablePath, srcPath string, podArgs []string) (stdResult, errResult []byte, err error) { + args := make([]string, 0) + for i := 0; i < len(podArgs); i++ { + if strings.TrimSpace(podArgs[i]) != "" { + args = append(args, podArgs[i]) + } + } + log.Debug("Running 'pod " + strings.Join(podArgs, " ") + "' command.") + command := exec.Command(executablePath, args...) + command.Dir = srcPath + outBuffer := bytes.NewBuffer([]byte{}) + command.Stdout = outBuffer + errBuffer := bytes.NewBuffer([]byte{}) + command.Stderr = errBuffer + err = command.Run() + errResult = errBuffer.Bytes() + stdResult = outBuffer.Bytes() + if err != nil { + err = fmt.Errorf("error while running '%s %s': %s\n%s", executablePath, strings.Join(args, " "), err.Error(), strings.TrimSpace(string(errResult))) + return + } + log.Debug("npm '" + strings.Join(args, " ") + "' standard output is:\n" + strings.TrimSpace(string(stdResult))) + return +} + +func (pc *PodCommand) SetServerDetails(serverDetails *config.ServerDetails) *PodCommand { + pc.serverDetails = serverDetails + return pc +} + +func (pc *PodCommand) RestoreNetrcFunc() func() error { + return pc.restoreNetrcFunc +} + +func (pc *PodCommand) GetData() ([]byte, error) { + var filteredConf []string + filteredConf = append(filteredConf, "machine ", pc.serverDetails.Url, "\n") + filteredConf = append(filteredConf, "login ", pc.serverDetails.User, "\n") + filteredConf = append(filteredConf, "password ", pc.serverDetails.AccessToken, "\n") + + return []byte(strings.Join(filteredConf, "")), nil +} + +func (pc *PodCommand) CreateTempNetrc() error { + data, err := pc.GetData() + if err != nil { + return err + } + if err = removeNetrcIfExists(pc.workingDirectory); err != nil { + return err + } + log.Debug("Creating temporary .netrc file.") + return errorutils.CheckError(os.WriteFile(filepath.Join(pc.workingDirectory, podNetRcfileName), data, 0755)) +} + +func (pc *PodCommand) setRestoreNetrcFunc() error { + restoreNetrcFunc, err := ioutils.BackupFile(filepath.Join(pc.workingDirectory, podNetRcfileName), podrcBackupFileName) + if err != nil { + return err + } + pc.restoreNetrcFunc = func() error { + return restoreNetrcFunc() + } + return nil +} + +func (pc *PodCommand) setArtifactoryAuth() error { + authArtDetails, err := pc.serverDetails.CreateArtAuthConfig() + if err != nil { + return err + } + if authArtDetails.GetSshAuthHeaders() != nil { + return errorutils.CheckErrorf("SSH authentication is not supported in this command") + } + pc.authArtDetails = authArtDetails + return nil +} + +func newPodInstallCommand() *PodCommand { + return &PodCommand{cmdName: "install"} +} + +func (pc *PodCommand) PreparePrerequisites() error { + log.Debug("Preparing prerequisites...") + var err error + pc.podVersion, pc.executablePath, err = getPodVersionAndExecPath() + if err != nil { + return err + } + if pc.podVersion.Compare(minSupportedPodVersion) > 0 { + return errorutils.CheckErrorf( + "JFrog CLI cocoapods %s command requires cocoapods client version %s or higher. The Current version is: %s", pc.cmdName, minSupportedPodVersion, pc.podVersion.GetVersion()) + } + + pc.workingDirectory, err = coreutils.GetWorkingDirectory() + if err != nil { + return err + } + log.Debug("Working directory set to:", pc.workingDirectory) + if err = pc.setArtifactoryAuth(); err != nil { + return err + } + + return pc.setRestoreNetrcFunc() +} + +func removeNetrcIfExists(workingDirectory string) error { + if _, err := os.Stat(filepath.Join(workingDirectory, podNetRcfileName)); err != nil { + if os.IsNotExist(err) { + return nil + } + return errorutils.CheckError(err) + } + + log.Debug("Removing existing .npmrc file") + return errorutils.CheckError(os.Remove(filepath.Join(workingDirectory, podNetRcfileName))) +} + +func setArtifactoryAsResolutionServer(serverDetails *config.ServerDetails, depsRepo string) (clearResolutionServerFunc func() error, err error) { + podCmd := newPodInstallCommand().SetServerDetails(serverDetails) + if err = podCmd.PreparePrerequisites(); err != nil { + return + } + if err = podCmd.CreateTempNetrc(); err != nil { + return + } + clearResolutionServerFunc = podCmd.RestoreNetrcFunc() + log.Info(fmt.Sprintf("Resolving dependencies from '%s' from repo '%s'", serverDetails.Url, depsRepo)) + return +} diff --git a/commands/audit/scarunner.go b/commands/audit/scarunner.go index 5794e890..5a40bbe0 100644 --- a/commands/audit/scarunner.go +++ b/commands/audit/scarunner.go @@ -17,6 +17,7 @@ import ( "github.com/jfrog/gofrog/parallel" "github.com/jfrog/jfrog-cli-core/v2/utils/config" "github.com/jfrog/jfrog-cli-security/commands/audit/sca" + "github.com/jfrog/jfrog-cli-security/commands/audit/sca/cocoapods" _go "github.com/jfrog/jfrog-cli-security/commands/audit/sca/go" "github.com/jfrog/jfrog-cli-security/commands/audit/sca/java" "github.com/jfrog/jfrog-cli-security/commands/audit/sca/npm" @@ -249,6 +250,8 @@ func GetTechDependencyTree(params xrayutils.AuditParams, artifactoryServerDetail }) case techutils.Nuget: depTreeResult.FullDepTrees, uniqueDeps, err = nuget.BuildDependencyTree(params) + case techutils.Cocoapods: + depTreeResult.FullDepTrees, uniqueDeps, err = cocoapods.BuildDependencyTree(params) default: err = errorutils.CheckErrorf("%s is currently not supported", string(tech)) } diff --git a/tests/testdata/projects/package-managers/cocoapods/Podfile b/tests/testdata/projects/package-managers/cocoapods/Podfile new file mode 100644 index 00000000..1dba3c2d --- /dev/null +++ b/tests/testdata/projects/package-managers/cocoapods/Podfile @@ -0,0 +1,7 @@ +platform :ios, '9.0' + +target 'Test' do + use_frameworks! +pod 'GoogleSignIn', '~> 6.2.4' + +end \ No newline at end of file diff --git a/tests/testdata/projects/package-managers/cocoapods/Podfile.lock b/tests/testdata/projects/package-managers/cocoapods/Podfile.lock new file mode 100644 index 00000000..52f4bcbb --- /dev/null +++ b/tests/testdata/projects/package-managers/cocoapods/Podfile.lock @@ -0,0 +1,35 @@ +PODS: + - AppAuth (1.7.5): + - AppAuth/Core (= 1.7.5) + - AppAuth/ExternalUserAgent (= 1.7.5) + - AppAuth/Core (1.7.5) + - AppAuth/ExternalUserAgent (1.7.5): + - AppAuth/Core + - GoogleSignIn (6.2.4): + - AppAuth (~> 1.5) + - GTMAppAuth (~> 1.3) + - GTMSessionFetcher/Core (< 3.0, >= 1.1) + - GTMAppAuth (1.3.1): + - AppAuth/Core (~> 1.6) + - GTMSessionFetcher/Core (< 3.0, >= 1.5) + - GTMSessionFetcher/Core (2.3.0) + +DEPENDENCIES: + - GoogleSignIn + +SPEC REPOS: + trunk: + - AppAuth + - GoogleSignIn + - GTMAppAuth + - GTMSessionFetcher + +SPEC CHECKSUMS: + AppAuth: 501c04eda8a8d11f179dbe8637b7a91bb7e5d2fa + GoogleSignIn: 5651ce3a61e56ca864160e79b484cd9ed3f49b7a + GTMAppAuth: 0ff230db599948a9ad7470ca667337803b3fc4dd + GTMSessionFetcher: 3a63d75eecd6aa32c2fc79f578064e1214dfdec2 + +PODFILE CHECKSUM: 9a72df5964257b4fba6943aeff4eadc48f8ad808 + +COCOAPODS: 1.15.2 diff --git a/tests/testdata/projects/package-managers/cocoapods/Test.xcodeproj/project.pbxproj b/tests/testdata/projects/package-managers/cocoapods/Test.xcodeproj/project.pbxproj new file mode 100644 index 00000000..049d42ff --- /dev/null +++ b/tests/testdata/projects/package-managers/cocoapods/Test.xcodeproj/project.pbxproj @@ -0,0 +1,529 @@ +// !$*UTF8*$! +{ + archiveVersion = 1; + classes = { + }; + objectVersion = 50; + objects = { + +/* Begin PBXBuildFile section */ + 88AE4B8E01AFFF3A45DC9B88 /* Pods_Test.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 474904C1D18515D2338FE798 /* Pods_Test.framework */; }; + D50D70A420B9443D00F9D88B /* GoogleService-Info.plist in Resources */ = {isa = PBXBuildFile; fileRef = D50D70A320B9443D00F9D88B /* GoogleService-Info.plist */; }; + D5418B3220B9A02A001D620C /* google1.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2B20B9A027001D620C /* google1.png */; }; + D5418B3320B9A02A001D620C /* fb2.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2C20B9A027001D620C /* fb2.png */; }; + D5418B3420B9A02A001D620C /* signup.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2D20B9A028001D620C /* signup.png */; }; + D5418B3520B9A02A001D620C /* fb1.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2E20B9A028001D620C /* fb1.png */; }; + D5418B3620B9A02A001D620C /* fb3.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2F20B9A029001D620C /* fb3.png */; }; + D5418B3720B9A02A001D620C /* google2.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3020B9A029001D620C /* google2.png */; }; + D5418B3820B9A02A001D620C /* home.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3120B9A029001D620C /* home.png */; }; + D5418B3B20B9A512001D620C /* firebase1.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3920B9A512001D620C /* firebase1.png */; }; + D5418B3C20B9A512001D620C /* firebase2.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3A20B9A512001D620C /* firebase2.png */; }; + D5418B3E20B9A938001D620C /* swiftxcode.jpg in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3D20B9A938001D620C /* swiftxcode.jpg */; }; + D54BB52720B54ACF0085C370 /* FirebaseViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D54BB52620B54ACF0085C370 /* FirebaseViewController.swift */; }; + D5D3F10D20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D3F10C20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift */; }; + D5D4807920AEF552004F5ADF /* AppDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4807820AEF552004F5ADF /* AppDelegate.swift */; }; + D5D4807B20AEF552004F5ADF /* LoginViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4807A20AEF552004F5ADF /* LoginViewController.swift */; }; + D5D4807E20AEF552004F5ADF /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = D5D4807C20AEF552004F5ADF /* Main.storyboard */; }; + D5D4808020AEF555004F5ADF /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = D5D4807F20AEF555004F5ADF /* Assets.xcassets */; }; + D5D4808320AEF555004F5ADF /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = D5D4808120AEF555004F5ADF /* LaunchScreen.storyboard */; }; + D5D4809420B2A9B6004F5ADF /* SignupViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4809320B2A9B6004F5ADF /* SignupViewController.swift */; }; + D5D4809620B2CEB8004F5ADF /* BaseViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4809520B2CEB8004F5ADF /* BaseViewController.swift */; }; + D5D4809D20B3E95D004F5ADF /* LoginMain.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = D5D4809C20B3E95D004F5ADF /* LoginMain.storyboard */; }; + D5D4809F20B3FB67004F5ADF /* CustomCollectionViewCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4809E20B3FB67004F5ADF /* CustomCollectionViewCell.swift */; }; + D5D480A120B3FBBF004F5ADF /* MainCollectionViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D480A020B3FBBF004F5ADF /* MainCollectionViewController.swift */; }; + D5FDF0F720B7EE5E00D68D8D /* SocialAuthenticator.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5FDF0F620B7EE5E00D68D8D /* SocialAuthenticator.swift */; }; + D5FDF0FA20B8263500D68D8D /* ResponseDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5FDF0F920B8263500D68D8D /* ResponseDelegate.swift */; }; + D5FDF0FC20B8266100D68D8D /* SocialDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5FDF0FB20B8266100D68D8D /* SocialDelegate.swift */; }; +/* End PBXBuildFile section */ + +/* Begin PBXFileReference section */ + 474904C1D18515D2338FE798 /* Pods_Test.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Pods_Test.framework; sourceTree = BUILT_PRODUCTS_DIR; }; + 64BF18EB7EA0A352287C2039 /* Pods-Test.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Test.debug.xcconfig"; path = "Pods/Target Support Files/Pods-Test/Pods-Test.debug.xcconfig"; sourceTree = ""; }; + C84725ECA8AC99708758BF82 /* Pods-Test.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Test.release.xcconfig"; path = "Pods/Target Support Files/Pods-Test/Pods-Test.release.xcconfig"; sourceTree = ""; }; + D50D70A320B9443D00F9D88B /* GoogleService-Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = "GoogleService-Info.plist"; sourceTree = ""; }; + D5418B2B20B9A027001D620C /* google1.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = google1.png; sourceTree = ""; }; + D5418B2C20B9A027001D620C /* fb2.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = fb2.png; sourceTree = ""; }; + D5418B2D20B9A028001D620C /* signup.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = signup.png; sourceTree = ""; }; + D5418B2E20B9A028001D620C /* fb1.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = fb1.png; sourceTree = ""; }; + D5418B2F20B9A029001D620C /* fb3.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = fb3.png; sourceTree = ""; }; + D5418B3020B9A029001D620C /* google2.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = google2.png; sourceTree = ""; }; + D5418B3120B9A029001D620C /* home.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = home.png; sourceTree = ""; }; + D5418B3920B9A512001D620C /* firebase1.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = firebase1.png; sourceTree = ""; }; + D5418B3A20B9A512001D620C /* firebase2.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = firebase2.png; sourceTree = ""; }; + D5418B3D20B9A938001D620C /* swiftxcode.jpg */ = {isa = PBXFileReference; lastKnownFileType = image.jpeg; path = swiftxcode.jpg; sourceTree = ""; }; + D54BB52620B54ACF0085C370 /* FirebaseViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = FirebaseViewController.swift; sourceTree = ""; }; + D5D3F10C20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = FirebaseAuthenticator.swift; sourceTree = ""; }; + D5D4807520AEF552004F5ADF /* Test.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = Test.app; sourceTree = BUILT_PRODUCTS_DIR; }; + D5D4807820AEF552004F5ADF /* AppDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AppDelegate.swift; sourceTree = ""; }; + D5D4807A20AEF552004F5ADF /* LoginViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LoginViewController.swift; sourceTree = ""; }; + D5D4807D20AEF552004F5ADF /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/Main.storyboard; sourceTree = ""; }; + D5D4807F20AEF555004F5ADF /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = ""; }; + D5D4808220AEF555004F5ADF /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/LaunchScreen.storyboard; sourceTree = ""; }; + D5D4808420AEF555004F5ADF /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; + D5D4809320B2A9B6004F5ADF /* SignupViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SignupViewController.swift; sourceTree = ""; }; + D5D4809520B2CEB8004F5ADF /* BaseViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = BaseViewController.swift; sourceTree = ""; }; + D5D4809C20B3E95D004F5ADF /* LoginMain.storyboard */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; path = LoginMain.storyboard; sourceTree = ""; }; + D5D4809E20B3FB67004F5ADF /* CustomCollectionViewCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CustomCollectionViewCell.swift; sourceTree = ""; }; + D5D480A020B3FBBF004F5ADF /* MainCollectionViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MainCollectionViewController.swift; sourceTree = ""; }; + D5FDF0F620B7EE5E00D68D8D /* SocialAuthenticator.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SocialAuthenticator.swift; sourceTree = ""; }; + D5FDF0F920B8263500D68D8D /* ResponseDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ResponseDelegate.swift; sourceTree = ""; }; + D5FDF0FB20B8266100D68D8D /* SocialDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SocialDelegate.swift; sourceTree = ""; }; +/* End PBXFileReference section */ + +/* Begin PBXFrameworksBuildPhase section */ + D5D4807220AEF552004F5ADF /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 2147483647; + files = ( + 88AE4B8E01AFFF3A45DC9B88 /* Pods_Test.framework in Frameworks */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXFrameworksBuildPhase section */ + +/* Begin PBXGroup section */ + 6D4AE5F2DED4F2D75679768C /* Pods */ = { + isa = PBXGroup; + children = ( + 64BF18EB7EA0A352287C2039 /* Pods-Test.debug.xcconfig */, + C84725ECA8AC99708758BF82 /* Pods-Test.release.xcconfig */, + ); + name = Pods; + sourceTree = ""; + }; + 76A856C51E4B61E4FCC4DBDF /* Frameworks */ = { + isa = PBXGroup; + children = ( + 474904C1D18515D2338FE798 /* Pods_Test.framework */, + ); + name = Frameworks; + sourceTree = ""; + }; + D520BEC820B5467D009A5272 /* Network */ = { + isa = PBXGroup; + children = ( + D5D3F10C20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift */, + D5FDF0F620B7EE5E00D68D8D /* SocialAuthenticator.swift */, + ); + path = Network; + sourceTree = ""; + }; + D5418B2A20B99C84001D620C /* Screenshots */ = { + isa = PBXGroup; + children = ( + D5418B3D20B9A938001D620C /* swiftxcode.jpg */, + D5418B3920B9A512001D620C /* firebase1.png */, + D5418B3A20B9A512001D620C /* firebase2.png */, + D5418B2E20B9A028001D620C /* fb1.png */, + D5418B2C20B9A027001D620C /* fb2.png */, + D5418B2F20B9A029001D620C /* fb3.png */, + D5418B2B20B9A027001D620C /* google1.png */, + D5418B3020B9A029001D620C /* google2.png */, + D5418B3120B9A029001D620C /* home.png */, + D5418B2D20B9A028001D620C /* signup.png */, + ); + path = Screenshots; + sourceTree = ""; + }; + D5D4806C20AEF552004F5ADF = { + isa = PBXGroup; + children = ( + 76A856C51E4B61E4FCC4DBDF /* Frameworks */, + 6D4AE5F2DED4F2D75679768C /* Pods */, + D5D4807620AEF552004F5ADF /* Products */, + D5D4807720AEF552004F5ADF /* Test */, + ); + sourceTree = ""; + }; + D5D4807620AEF552004F5ADF /* Products */ = { + isa = PBXGroup; + children = ( + D5D4807520AEF552004F5ADF /* Test.app */, + ); + name = Products; + sourceTree = ""; + }; + D5D4807720AEF552004F5ADF /* Test */ = { + isa = PBXGroup; + children = ( + D5418B2A20B99C84001D620C /* Screenshots */, + D50D70A320B9443D00F9D88B /* GoogleService-Info.plist */, + D5FDF0F820B8225500D68D8D /* Delegate */, + D5D4807C20AEF552004F5ADF /* Main.storyboard */, + D5D4808420AEF555004F5ADF /* Info.plist */, + D5D4807820AEF552004F5ADF /* AppDelegate.swift */, + D5D4809520B2CEB8004F5ADF /* BaseViewController.swift */, + D5D4809320B2A9B6004F5ADF /* SignupViewController.swift */, + D5D4807A20AEF552004F5ADF /* LoginViewController.swift */, + D5D4807F20AEF555004F5ADF /* Assets.xcassets */, + D5D4808120AEF555004F5ADF /* LaunchScreen.storyboard */, + D520BEC820B5467D009A5272 /* Network */, + D5D4809920B3E8F8004F5ADF /* MainLogin */, + ); + path = Test; + sourceTree = ""; + }; + D5D4809920B3E8F8004F5ADF /* MainLogin */ = { + isa = PBXGroup; + children = ( + D54BB52620B54ACF0085C370 /* FirebaseViewController.swift */, + D5D4809C20B3E95D004F5ADF /* LoginMain.storyboard */, + D5D4809E20B3FB67004F5ADF /* CustomCollectionViewCell.swift */, + D5D480A020B3FBBF004F5ADF /* MainCollectionViewController.swift */, + ); + path = MainLogin; + sourceTree = ""; + }; + D5FDF0F820B8225500D68D8D /* Delegate */ = { + isa = PBXGroup; + children = ( + D5FDF0F920B8263500D68D8D /* ResponseDelegate.swift */, + D5FDF0FB20B8266100D68D8D /* SocialDelegate.swift */, + ); + name = Delegate; + sourceTree = ""; + }; +/* End PBXGroup section */ + +/* Begin PBXNativeTarget section */ + D5D4807420AEF552004F5ADF /* Test */ = { + isa = PBXNativeTarget; + buildConfigurationList = D5D4808720AEF555004F5ADF /* Build configuration list for PBXNativeTarget "Test" */; + buildPhases = ( + D905B27F086A3993E6CC203D /* [CP] Check Pods Manifest.lock */, + D5D4807120AEF552004F5ADF /* Sources */, + D5D4807220AEF552004F5ADF /* Frameworks */, + D5D4807320AEF552004F5ADF /* Resources */, + 84D5C8B19799EFD0F35C8BA9 /* [CP] Embed Pods Frameworks */, + ); + buildRules = ( + ); + dependencies = ( + ); + name = Test; + productName = swiftconcepts; + productReference = D5D4807520AEF552004F5ADF /* Test.app */; + productType = "com.apple.product-type.application"; + }; +/* End PBXNativeTarget section */ + +/* Begin PBXProject section */ + D5D4806D20AEF552004F5ADF /* Project object */ = { + isa = PBXProject; + attributes = { + LastSwiftUpdateCheck = 0930; + LastUpgradeCheck = 0930; + ORGANIZATIONNAME = yuvraj; + TargetAttributes = { + D5D4807420AEF552004F5ADF = { + CreatedOnToolsVersion = 9.3.1; + }; + }; + }; + buildConfigurationList = D5D4807020AEF552004F5ADF /* Build configuration list for PBXProject "Test" */; + compatibilityVersion = "Xcode 9.3"; + developmentRegion = en; + hasScannedForEncodings = 0; + knownRegions = ( + en, + Base, + ); + mainGroup = D5D4806C20AEF552004F5ADF; + productRefGroup = D5D4807620AEF552004F5ADF /* Products */; + projectDirPath = ""; + projectRoot = ""; + targets = ( + D5D4807420AEF552004F5ADF /* Test */, + ); + }; +/* End PBXProject section */ + +/* Begin PBXResourcesBuildPhase section */ + D5D4807320AEF552004F5ADF /* Resources */ = { + isa = PBXResourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + D5D4808320AEF555004F5ADF /* LaunchScreen.storyboard in Resources */, + D5418B3620B9A02A001D620C /* fb3.png in Resources */, + D5D4808020AEF555004F5ADF /* Assets.xcassets in Resources */, + D5D4807E20AEF552004F5ADF /* Main.storyboard in Resources */, + D5418B3520B9A02A001D620C /* fb1.png in Resources */, + D5418B3420B9A02A001D620C /* signup.png in Resources */, + D5D4809D20B3E95D004F5ADF /* LoginMain.storyboard in Resources */, + D5418B3220B9A02A001D620C /* google1.png in Resources */, + D5418B3820B9A02A001D620C /* home.png in Resources */, + D5418B3B20B9A512001D620C /* firebase1.png in Resources */, + D5418B3720B9A02A001D620C /* google2.png in Resources */, + D5418B3320B9A02A001D620C /* fb2.png in Resources */, + D5418B3E20B9A938001D620C /* swiftxcode.jpg in Resources */, + D50D70A420B9443D00F9D88B /* GoogleService-Info.plist in Resources */, + D5418B3C20B9A512001D620C /* firebase2.png in Resources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXResourcesBuildPhase section */ + +/* Begin PBXShellScriptBuildPhase section */ + 84D5C8B19799EFD0F35C8BA9 /* [CP] Embed Pods Frameworks */ = { + isa = PBXShellScriptBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + inputFileListPaths = ( + "${PODS_ROOT}/Target Support Files/Pods-Test/Pods-Test-frameworks-${CONFIGURATION}-input-files.xcfilelist", + ); + name = "[CP] Embed Pods Frameworks"; + outputFileListPaths = ( + "${PODS_ROOT}/Target Support Files/Pods-Test/Pods-Test-frameworks-${CONFIGURATION}-output-files.xcfilelist", + ); + runOnlyForDeploymentPostprocessing = 0; + shellPath = /bin/sh; + shellScript = "\"${PODS_ROOT}/Target Support Files/Pods-Test/Pods-Test-frameworks.sh\"\n"; + showEnvVarsInLog = 0; + }; + D905B27F086A3993E6CC203D /* [CP] Check Pods Manifest.lock */ = { + isa = PBXShellScriptBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + inputPaths = ( + "${PODS_PODFILE_DIR_PATH}/Podfile.lock", + "${PODS_ROOT}/Manifest.lock", + ); + name = "[CP] Check Pods Manifest.lock"; + outputPaths = ( + "$(DERIVED_FILE_DIR)/Pods-Test-checkManifestLockResult.txt", + ); + runOnlyForDeploymentPostprocessing = 0; + shellPath = /bin/sh; + shellScript = "diff \"${PODS_PODFILE_DIR_PATH}/Podfile.lock\" \"${PODS_ROOT}/Manifest.lock\" > /dev/null\nif [ $? != 0 ] ; then\n # print error to STDERR\n echo \"error: The sandbox is not in sync with the Podfile.lock. Run 'pod install' or update your CocoaPods installation.\" >&2\n exit 1\nfi\n# This output is used by Xcode 'outputs' to avoid re-running this script phase.\necho \"SUCCESS\" > \"${SCRIPT_OUTPUT_FILE_0}\"\n"; + showEnvVarsInLog = 0; + }; +/* End PBXShellScriptBuildPhase section */ + +/* Begin PBXSourcesBuildPhase section */ + D5D4807120AEF552004F5ADF /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + D5D4809420B2A9B6004F5ADF /* SignupViewController.swift in Sources */, + D54BB52720B54ACF0085C370 /* FirebaseViewController.swift in Sources */, + D5D4809F20B3FB67004F5ADF /* CustomCollectionViewCell.swift in Sources */, + D5D3F10D20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift in Sources */, + D5FDF0FC20B8266100D68D8D /* SocialDelegate.swift in Sources */, + D5D480A120B3FBBF004F5ADF /* MainCollectionViewController.swift in Sources */, + D5FDF0F720B7EE5E00D68D8D /* SocialAuthenticator.swift in Sources */, + D5D4807B20AEF552004F5ADF /* LoginViewController.swift in Sources */, + D5D4809620B2CEB8004F5ADF /* BaseViewController.swift in Sources */, + D5D4807920AEF552004F5ADF /* AppDelegate.swift in Sources */, + D5FDF0FA20B8263500D68D8D /* ResponseDelegate.swift in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXSourcesBuildPhase section */ + +/* Begin PBXVariantGroup section */ + D5D4807C20AEF552004F5ADF /* Main.storyboard */ = { + isa = PBXVariantGroup; + children = ( + D5D4807D20AEF552004F5ADF /* Base */, + ); + name = Main.storyboard; + sourceTree = ""; + }; + D5D4808120AEF555004F5ADF /* LaunchScreen.storyboard */ = { + isa = PBXVariantGroup; + children = ( + D5D4808220AEF555004F5ADF /* Base */, + ); + name = LaunchScreen.storyboard; + sourceTree = ""; + }; +/* End PBXVariantGroup section */ + +/* Begin XCBuildConfiguration section */ + D5D4808520AEF555004F5ADF /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + CLANG_ANALYZER_NONNULL = YES; + CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; + CLANG_CXX_LIBRARY = "libc++"; + CLANG_ENABLE_MODULES = YES; + CLANG_ENABLE_OBJC_ARC = YES; + CLANG_ENABLE_OBJC_WEAK = YES; + CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; + CLANG_WARN_BOOL_CONVERSION = YES; + CLANG_WARN_COMMA = YES; + CLANG_WARN_CONSTANT_CONVERSION = YES; + CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES; + CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; + CLANG_WARN_DOCUMENTATION_COMMENTS = YES; + CLANG_WARN_EMPTY_BODY = YES; + CLANG_WARN_ENUM_CONVERSION = YES; + CLANG_WARN_INFINITE_RECURSION = YES; + CLANG_WARN_INT_CONVERSION = YES; + CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; + CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES; + CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; + CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; + CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; + CLANG_WARN_STRICT_PROTOTYPES = YES; + CLANG_WARN_SUSPICIOUS_MOVE = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CLANG_WARN_UNREACHABLE_CODE = YES; + CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; + CODE_SIGN_IDENTITY = "iPhone Developer"; + COPY_PHASE_STRIP = NO; + DEBUG_INFORMATION_FORMAT = dwarf; + ENABLE_STRICT_OBJC_MSGSEND = YES; + ENABLE_TESTABILITY = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + GCC_DYNAMIC_NO_PIC = NO; + GCC_NO_COMMON_BLOCKS = YES; + GCC_OPTIMIZATION_LEVEL = 0; + GCC_PREPROCESSOR_DEFINITIONS = ( + "DEBUG=1", + "$(inherited)", + ); + GCC_WARN_64_TO_32_BIT_CONVERSION = YES; + GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; + GCC_WARN_UNDECLARED_SELECTOR = YES; + GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; + GCC_WARN_UNUSED_FUNCTION = YES; + GCC_WARN_UNUSED_VARIABLE = YES; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; + MTL_ENABLE_DEBUG_INFO = YES; + ONLY_ACTIVE_ARCH = YES; + SDKROOT = iphoneos; + SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG; + SWIFT_OPTIMIZATION_LEVEL = "-Onone"; + }; + name = Debug; + }; + D5D4808620AEF555004F5ADF /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + CLANG_ANALYZER_NONNULL = YES; + CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; + CLANG_CXX_LIBRARY = "libc++"; + CLANG_ENABLE_MODULES = YES; + CLANG_ENABLE_OBJC_ARC = YES; + CLANG_ENABLE_OBJC_WEAK = YES; + CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; + CLANG_WARN_BOOL_CONVERSION = YES; + CLANG_WARN_COMMA = YES; + CLANG_WARN_CONSTANT_CONVERSION = YES; + CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES; + CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; + CLANG_WARN_DOCUMENTATION_COMMENTS = YES; + CLANG_WARN_EMPTY_BODY = YES; + CLANG_WARN_ENUM_CONVERSION = YES; + CLANG_WARN_INFINITE_RECURSION = YES; + CLANG_WARN_INT_CONVERSION = YES; + CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; + CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES; + CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; + CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; + CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; + CLANG_WARN_STRICT_PROTOTYPES = YES; + CLANG_WARN_SUSPICIOUS_MOVE = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CLANG_WARN_UNREACHABLE_CODE = YES; + CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; + CODE_SIGN_IDENTITY = "iPhone Developer"; + COPY_PHASE_STRIP = NO; + DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; + ENABLE_NS_ASSERTIONS = NO; + ENABLE_STRICT_OBJC_MSGSEND = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + GCC_NO_COMMON_BLOCKS = YES; + GCC_WARN_64_TO_32_BIT_CONVERSION = YES; + GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; + GCC_WARN_UNDECLARED_SELECTOR = YES; + GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; + GCC_WARN_UNUSED_FUNCTION = YES; + GCC_WARN_UNUSED_VARIABLE = YES; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; + MTL_ENABLE_DEBUG_INFO = NO; + SDKROOT = iphoneos; + SWIFT_COMPILATION_MODE = wholemodule; + SWIFT_OPTIMIZATION_LEVEL = "-O"; + VALIDATE_PRODUCT = YES; + }; + name = Release; + }; + D5D4808820AEF555004F5ADF /* Debug */ = { + isa = XCBuildConfiguration; + baseConfigurationReference = 64BF18EB7EA0A352287C2039 /* Pods-Test.debug.xcconfig */; + buildSettings = { + ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; + CODE_SIGN_STYLE = Automatic; + FRAMEWORK_SEARCH_PATHS = ( + "$(inherited)", + "$(PROJECT_DIR)/swiftconcepts", + ); + INFOPLIST_FILE = Test/Info.plist; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/Frameworks", + ); + PRODUCT_BUNDLE_IDENTIFIER = com.yuvraj.Test; + PRODUCT_NAME = "$(TARGET_NAME)"; + SWIFT_VERSION = 4.0; + TARGETED_DEVICE_FAMILY = "1,2"; + }; + name = Debug; + }; + D5D4808920AEF555004F5ADF /* Release */ = { + isa = XCBuildConfiguration; + baseConfigurationReference = C84725ECA8AC99708758BF82 /* Pods-Test.release.xcconfig */; + buildSettings = { + ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; + CODE_SIGN_STYLE = Automatic; + FRAMEWORK_SEARCH_PATHS = ( + "$(inherited)", + "$(PROJECT_DIR)/swiftconcepts", + ); + INFOPLIST_FILE = Test/Info.plist; + IPHONEOS_DEPLOYMENT_TARGET = 9.0; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/Frameworks", + ); + PRODUCT_BUNDLE_IDENTIFIER = com.yuvraj.Test; + PRODUCT_NAME = "$(TARGET_NAME)"; + SWIFT_VERSION = 4.0; + TARGETED_DEVICE_FAMILY = "1,2"; + }; + name = Release; + }; +/* End XCBuildConfiguration section */ + +/* Begin XCConfigurationList section */ + D5D4807020AEF552004F5ADF /* Build configuration list for PBXProject "Test" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + D5D4808520AEF555004F5ADF /* Debug */, + D5D4808620AEF555004F5ADF /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + D5D4808720AEF555004F5ADF /* Build configuration list for PBXNativeTarget "Test" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + D5D4808820AEF555004F5ADF /* Debug */, + D5D4808920AEF555004F5ADF /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; +/* End XCConfigurationList section */ + }; + rootObject = D5D4806D20AEF552004F5ADF /* Project object */; +} diff --git a/utils/techutils/techutils.go b/utils/techutils/techutils.go index 8aa8a89b..1d70ff3e 100644 --- a/utils/techutils/techutils.go +++ b/utils/techutils/techutils.go @@ -24,20 +24,21 @@ import ( type Technology string const ( - Maven Technology = "maven" - Gradle Technology = "gradle" - Npm Technology = "npm" - Pnpm Technology = "pnpm" - Yarn Technology = "yarn" - Go Technology = "go" - Pip Technology = "pip" - Pipenv Technology = "pipenv" - Poetry Technology = "poetry" - Nuget Technology = "nuget" - Dotnet Technology = "dotnet" - Docker Technology = "docker" - Oci Technology = "oci" - Conan Technology = "conan" + Maven Technology = "maven" + Gradle Technology = "gradle" + Npm Technology = "npm" + Pnpm Technology = "pnpm" + Yarn Technology = "yarn" + Go Technology = "go" + Pip Technology = "pip" + Pipenv Technology = "pipenv" + Poetry Technology = "poetry" + Nuget Technology = "nuget" + Dotnet Technology = "dotnet" + Docker Technology = "docker" + Oci Technology = "oci" + Conan Technology = "conan" + Cocoapods Technology = "cocoapods" ) const Pypi = "pypi" @@ -46,27 +47,29 @@ var AllTechnologiesStrings = []string{Maven.String(), Gradle.String(), Npm.Strin type CodeLanguage string const ( - JavaScript CodeLanguage = "javascript" - Python CodeLanguage = "python" - GoLang CodeLanguage = "go" - Java CodeLanguage = "java" - CSharp CodeLanguage = "C#" - CPP CodeLanguage = "C++" + JavaScript CodeLanguage = "javascript" + Python CodeLanguage = "python" + GoLang CodeLanguage = "go" + Java CodeLanguage = "java" + CSharp CodeLanguage = "C#" + CPP CodeLanguage = "C++" + CocoapodsLang CodeLanguage = "any" ) // Associates a technology with project type (used in config commands for the package-managers). // Docker is not present, as there is no docker-config command and, consequently, no docker.yaml file we need to operate on. var TechToProjectType = map[Technology]project.ProjectType{ - Maven: project.Maven, - Gradle: project.Gradle, - Npm: project.Npm, - Yarn: project.Yarn, - Go: project.Go, - Pip: project.Pip, - Pipenv: project.Pipenv, - Poetry: project.Poetry, - Nuget: project.Nuget, - Dotnet: project.Dotnet, + Maven: project.Maven, + Gradle: project.Gradle, + Npm: project.Npm, + Yarn: project.Yarn, + Go: project.Go, + Pip: project.Pip, + Pipenv: project.Pipenv, + Poetry: project.Poetry, + Nuget: project.Nuget, + Dotnet: project.Dotnet, + Cocoapods: project.Cocoapods, } var packageTypes = map[string]string{ @@ -194,6 +197,12 @@ var technologiesData = map[Technology]TechData{ packageDescriptors: []string{"conanfile.txt", "conanfile.py "}, formal: "Conan", }, + Cocoapods: { + indicators: []string{"Podfile", "Podfile.lock"}, + packageDescriptors: []string{"Podfile", "Podfile.lock"}, + formal: "Cocoapods", + packageTypeId: "cocoapods://", + }, } var ( @@ -223,17 +232,18 @@ func pyProjectTomlIndicatorContent(tech Technology) ContentValidator { func TechnologyToLanguage(technology Technology) CodeLanguage { languageMap := map[Technology]CodeLanguage{ - Npm: JavaScript, - Pip: Python, - Poetry: Python, - Pipenv: Python, - Go: GoLang, - Maven: Java, - Gradle: Java, - Nuget: CSharp, - Dotnet: CSharp, - Yarn: JavaScript, - Pnpm: JavaScript, + Npm: JavaScript, + Pip: Python, + Poetry: Python, + Pipenv: Python, + Go: GoLang, + Maven: Java, + Gradle: Java, + Nuget: CSharp, + Dotnet: CSharp, + Yarn: JavaScript, + Pnpm: JavaScript, + Cocoapods: CocoapodsLang, } return languageMap[technology] } From 8c56a03239fdf4fe82ce8258577cf9fb7dc3c8bc Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 4 Nov 2024 17:00:39 +0200 Subject: [PATCH 011/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods.go | 67 +++++++++++-------- .../audit/sca/cocoapods/cocoapods_test.go | 32 ++++++++- .../package-managers/cocoapods/Podfile | 2 + 3 files changed, 71 insertions(+), 30 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index 08164906..64983b73 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -18,6 +18,8 @@ import ( "strings" ) +// VersionForMainModule - We don't have information in cocoapods on the current package, or main module, we only have information on its +// dependencies. const ( VersionForMainModule = "0.0.0" ) @@ -45,39 +47,46 @@ func GetTechDependencyLocation(directDependencyName, directDependencyVersion str foundDependency := false var tempIndex int for i, line := range lines { - if strings.Contains(line, directDependencyName) { - startLine = i - startCol = strings.Index(line, directDependencyName) - foundDependency = true - tempIndex = i - } - // This means we are in a new dependency (we cannot find dependency name and version together) - if i > tempIndex && foundDependency && strings.Contains(line, "pod") { - foundDependency = false - } else if foundDependency && strings.Contains(line, directDependencyVersion) { - endLine = i - endCol = len(line) - var snippet string - if endLine == startLine { - snippet = lines[startLine][startCol:endCol] - } else { - for snippetLine := 1; snippetLine < endLine-startLine+1; snippetLine++ { - switch snippetLine { - case 0: - snippet += "\n" + lines[snippetLine][startLine:] - case endLine - startLine: - snippet += "\n" + lines[snippetLine][:endCol] - default: - snippet += "\n" + lines[snippetLine] - } - } + foundDependency, tempIndex, startLine, startCol = parsePodLine(line, directDependencyName, directDependencyVersion, descriptorPath, i, tempIndex, startLine, startCol, endLine, endCol, lines, foundDependency, &podPositions) + } + } + return podPositions, nil +} + +func parsePodLine(line, directDependencyName, directDependencyVersion, descriptorPath string, i, tempIndex, startLine, startCol, endLine, endCol int, lines []string, foundDependency bool, podPositions *[]*sarif.Location) (bool, int, int, int) { + if strings.Contains(line, directDependencyName) { + startLine = i + startCol = strings.Index(line, directDependencyName) + foundDependency = true + tempIndex = i + } + // This means we are in a new dependency (we cannot find dependency name and version together) + if i > tempIndex && foundDependency && strings.Contains(line, "pod") { + foundDependency = false + } else if foundDependency && strings.Contains(line, directDependencyVersion) { + endLine = i + endCol = len(line) + var snippet string + // if the tech dependency is a one-liner + if endLine == startLine { + snippet = lines[startLine][startCol:endCol] + // else it is more than one line, so we need to parse all lines + } else { + for snippetLine := 0; snippetLine < endLine-startLine+1; snippetLine++ { + switch snippetLine { + case 0: + snippet += "\n" + lines[snippetLine][startLine:] + case endLine - startLine: + snippet += "\n" + lines[snippetLine][:endCol] + default: + snippet += "\n" + lines[snippetLine] } - podPositions = append(podPositions, sarifutils.CreateLocation(descriptorPath, startLine, endLine, startCol, endCol, snippet)) - foundDependency = false } } + *podPositions = append(*podPositions, sarifutils.CreateLocation(descriptorPath, startLine, endLine, startCol, endCol, snippet)) + foundDependency = false } - return podPositions, nil + return foundDependency, tempIndex, startLine, startCol } func FixTechDependency(dependencyName, dependencyVersion, fixVersion string, descriptorPaths ...string) error { diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index e6e8cb1c..42bf7f93 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -65,10 +65,14 @@ func TestGetTechDependencyLocation(t *testing.T) { locations, err := GetTechDependencyLocation("GoogleSignIn", "6.2.4", filepath.Join(currentDir, "Podfile")) assert.NoError(t, err) assert.Len(t, locations, 1) + assert.Equal(t, *locations[0].PhysicalLocation.Region.StartLine, 4) + assert.Equal(t, *locations[0].PhysicalLocation.Region.StartColumn, 4) + assert.Equal(t, *locations[0].PhysicalLocation.Region.EndLine, 5) + assert.Equal(t, *locations[0].PhysicalLocation.Region.EndColumn, 30) assert.Equal(t, *locations[0].PhysicalLocation.Region.Snippet.Text, "GoogleSignIn', '~> 6.2.4'") } -func TestFixTechDependency(t *testing.T) { +func TestFixTechDependencySingleLocation(t *testing.T) { _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "cocoapods")) defer cleanUp() currentDir, err := coreutils.GetWorkingDirectory() @@ -80,3 +84,29 @@ func TestFixTechDependency(t *testing.T) { lines := strings.Split(string(file), "\n") assert.Contains(t, lines, "pod 'GoogleSignIn', '~> 6.2.5'") } + +func TestFixTechDependencyMultipleLocations(t *testing.T) { + _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "cocoapods")) + defer cleanUp() + currentDir, err := coreutils.GetWorkingDirectory() + assert.NoError(t, err) + err = FixTechDependency("AppAuth", "1.7.5", "1.7.6", filepath.Join(currentDir, "Podfile")) + assert.NoError(t, err) + file, err := os.ReadFile(filepath.Join(currentDir, "Podfile")) + assert.NoError(t, err) + numAppearances := strings.Count(string(file), "pod 'AppAuth', '~> 1.7.6'") + assert.Equal(t, numAppearances, 2) +} + +func TestFixTechDependencyNoLocations(t *testing.T) { + _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "cocoapods")) + defer cleanUp() + currentDir, err := coreutils.GetWorkingDirectory() + assert.NoError(t, err) + err = FixTechDependency("GoogleSignIn", "1.8.2", "1.8.3", filepath.Join(currentDir, "Podfile")) + assert.NoError(t, err) + file, err := os.ReadFile(filepath.Join(currentDir, "Podfile")) + assert.NoError(t, err) + lines := strings.Split(string(file), "\n") + assert.Contains(t, lines, "pod 'GoogleSignIn', '~> 6.2.4'") +} diff --git a/tests/testdata/projects/package-managers/cocoapods/Podfile b/tests/testdata/projects/package-managers/cocoapods/Podfile index 1dba3c2d..3907d2d9 100644 --- a/tests/testdata/projects/package-managers/cocoapods/Podfile +++ b/tests/testdata/projects/package-managers/cocoapods/Podfile @@ -3,5 +3,7 @@ platform :ios, '9.0' target 'Test' do use_frameworks! pod 'GoogleSignIn', '~> 6.2.4' +pod 'AppAuth', '~> 1.7.5' +pod 'AppAuth', '~> 1.7.5' end \ No newline at end of file From a9aebdb31a4d2cb388303c21d85526ed8f5b1a5f Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 4 Nov 2024 17:23:59 +0200 Subject: [PATCH 012/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods_test.go | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index 42bf7f93..7348db4e 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -5,6 +5,7 @@ import ( "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" "github.com/jfrog/jfrog-cli-core/v2/utils/tests" "github.com/jfrog/jfrog-cli-security/utils/techutils" + "github.com/owenrumney/go-sarif/v2/sarif" "os" "path/filepath" "strings" @@ -72,6 +73,22 @@ func TestGetTechDependencyLocation(t *testing.T) { assert.Equal(t, *locations[0].PhysicalLocation.Region.Snippet.Text, "GoogleSignIn', '~> 6.2.4'") } +func TestPodLineParse(t *testing.T) { + var podPositions []*sarif.Location + foundDependency, _, startLine, startCol := parsePodLine("pod 'GoogleSignIn', '~> 6.2.4'", "GoogleSignIn", "6.2.4", "test", 0, 0, 0, 0, 0, 0, []string{"pod 'GoogleSignIn', '~> 6.2.4'"}, false, &podPositions) + assert.Equal(t, foundDependency, false) + assert.Equal(t, startLine, 0) + assert.Equal(t, startCol, 5) +} + +func TestPodLineParseFoundOnlyDependencyName(t *testing.T) { + var podPositions []*sarif.Location + foundDependency, _, startLine, startCol := parsePodLine("pod 'GoogleSignIn', '~> 6.2.3'", "GoogleSignIn", "6.2.4", "test", 0, 0, 0, 0, 0, 0, []string{"pod 'GoogleSignIn', '~> 6.2.3'"}, false, &podPositions) + assert.Equal(t, foundDependency, true) + assert.Equal(t, startLine, 0) + assert.Equal(t, startCol, 5) +} + func TestFixTechDependencySingleLocation(t *testing.T) { _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "cocoapods")) defer cleanUp() From 93fdf5c04ff508574821174169b0b9e5a1796128 Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 4 Nov 2024 17:32:06 +0200 Subject: [PATCH 013/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods.go | 10 +++++----- commands/audit/sca/cocoapods/cocoapods_test.go | 4 ++-- commands/audit/sca/cocoapods/podcommand.go | 4 ++-- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index 64983b73..87612916 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -43,17 +43,17 @@ func GetTechDependencyLocation(directDependencyName, directDependencyVersion str continue } lines := strings.Split(string(data), "\n") - var startLine, startCol, endLine, endCol int + var startLine, startCol int foundDependency := false var tempIndex int for i, line := range lines { - foundDependency, tempIndex, startLine, startCol = parsePodLine(line, directDependencyName, directDependencyVersion, descriptorPath, i, tempIndex, startLine, startCol, endLine, endCol, lines, foundDependency, &podPositions) + foundDependency, tempIndex, startLine, startCol = parsePodLine(line, directDependencyName, directDependencyVersion, descriptorPath, i, tempIndex, startLine, startCol, lines, foundDependency, &podPositions) } } return podPositions, nil } -func parsePodLine(line, directDependencyName, directDependencyVersion, descriptorPath string, i, tempIndex, startLine, startCol, endLine, endCol int, lines []string, foundDependency bool, podPositions *[]*sarif.Location) (bool, int, int, int) { +func parsePodLine(line, directDependencyName, directDependencyVersion, descriptorPath string, i, tempIndex, startLine, startCol int, lines []string, foundDependency bool, podPositions *[]*sarif.Location) (bool, int, int, int) { if strings.Contains(line, directDependencyName) { startLine = i startCol = strings.Index(line, directDependencyName) @@ -64,8 +64,8 @@ func parsePodLine(line, directDependencyName, directDependencyVersion, descripto if i > tempIndex && foundDependency && strings.Contains(line, "pod") { foundDependency = false } else if foundDependency && strings.Contains(line, directDependencyVersion) { - endLine = i - endCol = len(line) + endLine := i + endCol := len(line) var snippet string // if the tech dependency is a one-liner if endLine == startLine { diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index 7348db4e..3064ef68 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -75,7 +75,7 @@ func TestGetTechDependencyLocation(t *testing.T) { func TestPodLineParse(t *testing.T) { var podPositions []*sarif.Location - foundDependency, _, startLine, startCol := parsePodLine("pod 'GoogleSignIn', '~> 6.2.4'", "GoogleSignIn", "6.2.4", "test", 0, 0, 0, 0, 0, 0, []string{"pod 'GoogleSignIn', '~> 6.2.4'"}, false, &podPositions) + foundDependency, _, startLine, startCol := parsePodLine("pod 'GoogleSignIn', '~> 6.2.4'", "GoogleSignIn", "6.2.4", "test", 0, 0, 0, 0, []string{"pod 'GoogleSignIn', '~> 6.2.4'"}, false, &podPositions) assert.Equal(t, foundDependency, false) assert.Equal(t, startLine, 0) assert.Equal(t, startCol, 5) @@ -83,7 +83,7 @@ func TestPodLineParse(t *testing.T) { func TestPodLineParseFoundOnlyDependencyName(t *testing.T) { var podPositions []*sarif.Location - foundDependency, _, startLine, startCol := parsePodLine("pod 'GoogleSignIn', '~> 6.2.3'", "GoogleSignIn", "6.2.4", "test", 0, 0, 0, 0, 0, 0, []string{"pod 'GoogleSignIn', '~> 6.2.3'"}, false, &podPositions) + foundDependency, _, startLine, startCol := parsePodLine("pod 'GoogleSignIn', '~> 6.2.3'", "GoogleSignIn", "6.2.4", "test", 0, 0, 0, 0, []string{"pod 'GoogleSignIn', '~> 6.2.3'"}, false, &podPositions) assert.Equal(t, foundDependency, true) assert.Equal(t, startLine, 0) assert.Equal(t, startCol, 5) diff --git a/commands/audit/sca/cocoapods/podcommand.go b/commands/audit/sca/cocoapods/podcommand.go index 3b6e5927..a956b200 100644 --- a/commands/audit/sca/cocoapods/podcommand.go +++ b/commands/audit/sca/cocoapods/podcommand.go @@ -38,8 +38,8 @@ func getPodVersionAndExecPath() (*version.Version, string, error) { return nil, "", fmt.Errorf("could not find the 'pod' executable in the system PATH %w", err) } log.Debug("Using pod executable:", podExecPath) - versionData, _, err := runPodCmd(podExecPath, "", []string{"--version"}) - if err != nil { + versionData, stdErr, err := runPodCmd(podExecPath, "", []string{"--version"}) + if err != nil || stdErr != nil { return nil, "", err } return version.NewVersion(strings.TrimSpace(string(versionData))), podExecPath, nil From 4cf116cdac5ac5d1eb9988168490cfa00fd9477e Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 4 Nov 2024 17:37:56 +0200 Subject: [PATCH 014/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods.go | 1 + 1 file changed, 1 insertion(+) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index 87612916..254d140d 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -110,6 +110,7 @@ func FixTechDependency(dependencyName, dependencyVersion, fixVersion string, des tempIndex = index } // This means we are in a new dependency (we cannot find dependency name and version together) + //nolint:gocritic if index > tempIndex && foundDependency && strings.Contains(line, "pod") { foundDependency = false } else if foundDependency && strings.Contains(line, dependencyVersion) { From 56d08f91a87e2f2f01a6cfc934105e325c73a685 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 6 Nov 2024 15:30:07 +0200 Subject: [PATCH 015/111] cocoapods-audit --- audit_test.go | 16 ++++++++++++++++ tests/config.go | 5 ++++- .../projects/package-managers/cocoapods/Podfile | 2 ++ .../package-managers/cocoapods/Podfile.lock | 1 + tests/utils/integration/test_integrationutils.go | 7 +++++++ utils/techutils/techutils.go | 15 ++++++++------- 6 files changed, 38 insertions(+), 8 deletions(-) diff --git a/audit_test.go b/audit_test.go index 1372fa8e..b2380aa9 100644 --- a/audit_test.go +++ b/audit_test.go @@ -434,6 +434,13 @@ func TestXrayAuditPipJson(t *testing.T) { }) } +func TestXrayAuditCocoapods(t *testing.T) { + output := testXrayAuditCocoapods(t, string(format.Json)) + validations.VerifyJsonResults(t, output, validations.ValidationParams{ + Vulnerabilities: 1, + }) +} + func TestXrayAuditPipSimpleJson(t *testing.T) { output := testXrayAuditPip(t, string(format.SimpleJson), "") validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{ @@ -466,6 +473,15 @@ func testXrayAuditPip(t *testing.T, format, requirementsFile string) string { return securityTests.PlatformCli.RunCliCmdWithOutput(t, args...) } +func testXrayAuditCocoapods(t *testing.T, format string) string { + integration.InitAuditCocoapodsTest(t, scangraph.GraphScanMinXrayVersion) + _, cleanUp := securityTestUtils.CreateTestProjectEnvAndChdir(t, filepath.Join(filepath.FromSlash(securityTests.GetTestResourcesPath()), "projects", "package-managers", "cocoapods")) + defer cleanUp() + // Add dummy descriptor file to check that we run only specific audit + args := []string{"audit", "--format=" + format} + return securityTests.PlatformCli.RunCliCmdWithOutput(t, args...) +} + func TestXrayAuditPipenvJson(t *testing.T) { output := testXrayAuditPipenv(t, string(format.Json)) validations.VerifyJsonResults(t, output, validations.ValidationParams{ diff --git a/tests/config.go b/tests/config.go index 8461f9e5..e7534fe8 100644 --- a/tests/config.go +++ b/tests/config.go @@ -51,6 +51,7 @@ var ( TestAuditCTypes *bool TestAuditGo *bool TestAuditPython *bool + TestAuditCocoapods *bool JfrogUrl *string JfrogUser *string @@ -102,6 +103,7 @@ func init() { TestAuditCTypes = flag.Bool("test.audit.C", false, "Run C/C++/C# technologies (Nuget/DotNet, Conan) audit integration tests") TestAuditGo = flag.Bool("test.audit.Go", false, "Run Go technologies (GoLang) audit integration tests") TestAuditPython = flag.Bool("test.audit.Python", false, "Run Python technologies (Pip, PipEnv, Poetry) audit integration tests") + TestAuditCocoapods = flag.Bool("test.audit.Cocoapods", false, "Run Cocoapods technologies audit integration tests") JfrogUrl = flag.String("jfrog.url", getTestUrlDefaultValue(), "JFrog platform url") JfrogUser = flag.String("jfrog.user", getTestUserDefaultValue(), "JFrog platform username") @@ -117,7 +119,7 @@ func init() { func InitTestFlags() { flag.Parse() // If no test types flags were set, run all types - shouldRunAllTests := !isAtLeastOneFlagSet(TestUnit, TestArtifactory, TestXray, TestXsc, TestAuditGeneral, TestAuditJas, TestAuditJavaScript, TestAuditJava, TestAuditCTypes, TestAuditGo, TestAuditPython, TestScan, TestDockerScan, TestCuration, TestEnrich, TestGit) + shouldRunAllTests := !isAtLeastOneFlagSet(TestUnit, TestArtifactory, TestXray, TestXsc, TestAuditGeneral, TestAuditJas, TestAuditJavaScript, TestAuditJava, TestAuditCTypes, TestAuditGo, TestAuditPython, TestAuditCocoapods, TestScan, TestDockerScan, TestCuration, TestEnrich, TestGit) if shouldRunAllTests { log.Info("Running all tests. To run only specific tests, please specify the desired test flags.") *TestUnit = true @@ -131,6 +133,7 @@ func InitTestFlags() { *TestAuditCTypes = true *TestAuditGo = true *TestAuditPython = true + *TestAuditCocoapods = true *TestScan = true *TestDockerScan = true *TestCuration = true diff --git a/tests/testdata/projects/package-managers/cocoapods/Podfile b/tests/testdata/projects/package-managers/cocoapods/Podfile index 3907d2d9..94655fc9 100644 --- a/tests/testdata/projects/package-managers/cocoapods/Podfile +++ b/tests/testdata/projects/package-managers/cocoapods/Podfile @@ -5,5 +5,7 @@ target 'Test' do pod 'GoogleSignIn', '~> 6.2.4' pod 'AppAuth', '~> 1.7.5' pod 'AppAuth', '~> 1.7.5' +pod 'nanopb', '~> 0.4.1' + end \ No newline at end of file diff --git a/tests/testdata/projects/package-managers/cocoapods/Podfile.lock b/tests/testdata/projects/package-managers/cocoapods/Podfile.lock index 52f4bcbb..b752dfdc 100644 --- a/tests/testdata/projects/package-managers/cocoapods/Podfile.lock +++ b/tests/testdata/projects/package-managers/cocoapods/Podfile.lock @@ -13,6 +13,7 @@ PODS: - AppAuth/Core (~> 1.6) - GTMSessionFetcher/Core (< 3.0, >= 1.5) - GTMSessionFetcher/Core (2.3.0) + - nanopb (0.4.1) DEPENDENCIES: - GoogleSignIn diff --git a/tests/utils/integration/test_integrationutils.go b/tests/utils/integration/test_integrationutils.go index bea1acc1..ac20c728 100644 --- a/tests/utils/integration/test_integrationutils.go +++ b/tests/utils/integration/test_integrationutils.go @@ -124,6 +124,13 @@ func InitAuditGoTest(t *testing.T, minVersion string) { testUtils.ValidateXrayVersion(t, minVersion) } +func InitAuditCocoapodsTest(t *testing.T, minVersion string) { + if !*configTests.TestAuditCocoapods { + t.Skip(getSkipTestMsg("Audit command Cocoapods technologies integration", "--test.audit.Cocoapods")) + } + testUtils.ValidateXrayVersion(t, minVersion) +} + func InitAuditPythonTest(t *testing.T, minVersion string) { if !*configTests.TestAuditPython { t.Skip(getSkipTestMsg("Audit command Python technologies (Pip, PipEnv, Poetry) integration", "--test.audit.Python")) diff --git a/utils/techutils/techutils.go b/utils/techutils/techutils.go index 1d70ff3e..849e4f39 100644 --- a/utils/techutils/techutils.go +++ b/utils/techutils/techutils.go @@ -47,13 +47,14 @@ var AllTechnologiesStrings = []string{Maven.String(), Gradle.String(), Npm.Strin type CodeLanguage string const ( - JavaScript CodeLanguage = "javascript" - Python CodeLanguage = "python" - GoLang CodeLanguage = "go" - Java CodeLanguage = "java" - CSharp CodeLanguage = "C#" - CPP CodeLanguage = "C++" - CocoapodsLang CodeLanguage = "any" + JavaScript CodeLanguage = "javascript" + Python CodeLanguage = "python" + GoLang CodeLanguage = "go" + Java CodeLanguage = "java" + CSharp CodeLanguage = "C#" + CPP CodeLanguage = "C++" + // CocoapodsLang package can have multiple languages + CocoapodsLang CodeLanguage = "Any" ) // Associates a technology with project type (used in config commands for the package-managers). From 5ce859279c23577b8be693d7713f19cf2a935141 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 6 Nov 2024 16:29:02 +0200 Subject: [PATCH 016/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index 3064ef68..f029dc2a 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -39,6 +39,7 @@ func TestBuildGoDependencyList(t *testing.T) { techutils.Cocoapods.GetPackageTypeId() + "GoogleSignIn:6.2.4", techutils.Cocoapods.GetPackageTypeId() + "GTMAppAuth:1.3.1", techutils.Cocoapods.GetPackageTypeId() + "GTMSessionFetcher:2.3.0", + techutils.Cocoapods.GetPackageTypeId() + "nanopb:0.4.1", techutils.Cocoapods.GetPackageTypeId() + packageInfo, } From 34f274e3f4b222b003296925c7fef5b7488a7cd6 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 6 Nov 2024 16:52:38 +0200 Subject: [PATCH 017/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index a4700cae..13352e11 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -11,6 +11,10 @@ runs: go-version: 1.22.x # - name: Setup Go with cache # uses: jfrog/.github/actions/install-go-with-cache@main + - name: Install cocoapods + uses: maxim-lobanov/setup-cocoapods@v1 + with: + version: "1.5.2" - name: Install npm uses: actions/setup-node@v4 From 2cfe712badbd6f8b87c45320d04383dcb2823bd6 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 6 Nov 2024 17:02:32 +0200 Subject: [PATCH 018/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 13352e11..fa75f872 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -11,10 +11,13 @@ runs: go-version: 1.22.x # - name: Setup Go with cache # uses: jfrog/.github/actions/install-go-with-cache@main - - name: Install cocoapods - uses: maxim-lobanov/setup-cocoapods@v1 + - name: install ruby + uses: ruby/setup-ruby@v1 with: - version: "1.5.2" + ruby-version: 3.0.0 + - name: Install cocoapods + shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} + run: sudo gem install cocoapods sudo gem install -n /usr/local/bin cocoapods - name: Install npm uses: actions/setup-node@v4 From eab106d5cffd5bd36ac15a7e08a38ef5ec6c7597 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 6 Nov 2024 17:07:40 +0200 Subject: [PATCH 019/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index fa75f872..30cce513 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -17,7 +17,9 @@ runs: ruby-version: 3.0.0 - name: Install cocoapods shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} - run: sudo gem install cocoapods sudo gem install -n /usr/local/bin cocoapods + run: | + sudo gem install cocoapods + sudo gem install -n /usr/local/bin cocoapods - name: Install npm uses: actions/setup-node@v4 From cd9d4f51795c509015e0f9a5500e7abfe16f3815 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 6 Nov 2024 17:12:25 +0200 Subject: [PATCH 020/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 30cce513..4cc59ebc 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -18,8 +18,8 @@ runs: - name: Install cocoapods shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} run: | - sudo gem install cocoapods - sudo gem install -n /usr/local/bin cocoapods + gem install cocoapods + gem install -n /usr/local/bin cocoapods - name: Install npm uses: actions/setup-node@v4 From c13100d20d17d02a728e4ea8005a53b175c44d88 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 6 Nov 2024 17:14:01 +0200 Subject: [PATCH 021/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 4cc59ebc..0e1365e3 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -11,6 +11,7 @@ runs: go-version: 1.22.x # - name: Setup Go with cache # uses: jfrog/.github/actions/install-go-with-cache@main + - name: install ruby uses: ruby/setup-ruby@v1 with: From ebb37cd8badb66711fd0e6e4a00441a273955c12 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 6 Nov 2024 17:20:07 +0200 Subject: [PATCH 022/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 0e1365e3..8d32dee8 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -18,9 +18,7 @@ runs: ruby-version: 3.0.0 - name: Install cocoapods shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} - run: | - gem install cocoapods - gem install -n /usr/local/bin cocoapods + run: gem install cocoapods - name: Install npm uses: actions/setup-node@v4 From da10ea264d013cb0c2f345c6af2d8deef538931a Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 7 Nov 2024 09:31:47 +0200 Subject: [PATCH 023/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index f029dc2a..91810203 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -18,7 +18,7 @@ import ( "github.com/stretchr/testify/assert" ) -func TestBuildGoDependencyList(t *testing.T) { +func TestBuildCocoapodsDependencyList(t *testing.T) { // Create and change directory to test workspace _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "cocoapods")) defer cleanUp() @@ -50,7 +50,7 @@ func TestBuildGoDependencyList(t *testing.T) { assert.NotEmpty(t, rootNode) assert.Equal(t, rootNode[0].Id, techutils.Cocoapods.GetPackageTypeId()+packageInfo) - assert.Len(t, rootNode[0].Nodes, 4) + assert.Len(t, rootNode[0].Nodes, 5) child1 := tests.GetAndAssertNode(t, rootNode[0].Nodes, "GTMSessionFetcher:2.3.0") assert.Len(t, child1.Nodes, 0) From 27af044608ff89528c27fb674fa3dfc33118041c Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 7 Nov 2024 10:28:35 +0200 Subject: [PATCH 024/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods_test.go | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index 91810203..b752e695 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -99,8 +99,7 @@ func TestFixTechDependencySingleLocation(t *testing.T) { assert.NoError(t, err) file, err := os.ReadFile(filepath.Join(currentDir, "Podfile")) assert.NoError(t, err) - lines := strings.Split(string(file), "\n") - assert.Contains(t, lines, "pod 'GoogleSignIn', '~> 6.2.5'") + assert.Contains(t, string(file), "pod 'GoogleSignIn', '~> 6.2.5'") } func TestFixTechDependencyMultipleLocations(t *testing.T) { @@ -125,6 +124,5 @@ func TestFixTechDependencyNoLocations(t *testing.T) { assert.NoError(t, err) file, err := os.ReadFile(filepath.Join(currentDir, "Podfile")) assert.NoError(t, err) - lines := strings.Split(string(file), "\n") - assert.Contains(t, lines, "pod 'GoogleSignIn', '~> 6.2.4'") + assert.Contains(t, string(file), "pod 'GoogleSignIn', '~> 6.2.4'") } From 8e2eb9936722d5fd80504f26bf54752631ea3e87 Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 7 Nov 2024 10:57:36 +0200 Subject: [PATCH 025/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index b752e695..5a4a02f7 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -71,7 +71,7 @@ func TestGetTechDependencyLocation(t *testing.T) { assert.Equal(t, *locations[0].PhysicalLocation.Region.StartColumn, 4) assert.Equal(t, *locations[0].PhysicalLocation.Region.EndLine, 5) assert.Equal(t, *locations[0].PhysicalLocation.Region.EndColumn, 30) - assert.Equal(t, *locations[0].PhysicalLocation.Region.Snippet.Text, "GoogleSignIn', '~> 6.2.4'") + assert.Contains(t, *locations[0].PhysicalLocation.Region.Snippet.Text, "GoogleSignIn', '~> 6.2.4'") } func TestPodLineParse(t *testing.T) { From 88079c2854f2fb6073147a5b8e541e95b97f5c90 Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 7 Nov 2024 11:33:50 +0200 Subject: [PATCH 026/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index 254d140d..246b8280 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -65,7 +65,7 @@ func parsePodLine(line, directDependencyName, directDependencyVersion, descripto foundDependency = false } else if foundDependency && strings.Contains(line, directDependencyVersion) { endLine := i - endCol := len(line) + endCol := strings.Index(line, directDependencyVersion) + len(directDependencyVersion) + 1 var snippet string // if the tech dependency is a one-liner if endLine == startLine { @@ -244,13 +244,13 @@ func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils. packageName := filepath.Base(currentDir) packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule) - _, podExecutablePath, err := getPodVersionAndExecPath() + _, _, err = getPodVersionAndExecPath() if err != nil { err = fmt.Errorf("failed while retrieving pod path: %s", err.Error()) return } // Calculate pod dependencies - data, err := GetDependenciesData(podExecutablePath, currentDir) + data, err := GetDependenciesData("pod", currentDir) if err != nil { return nil, nil, err } From fe71f1605c9c656bb3daa2d36afa7ea2b99b2374 Mon Sep 17 00:00:00 2001 From: barv Date: Sun, 10 Nov 2024 11:20:08 +0200 Subject: [PATCH 027/111] swift-audit --- .github/actions/install-and-setup/action.yml | 5 + audit_test.go | 16 ++ commands/audit/sca/swift/swift.go | 249 ++++++++++++++++++ commands/audit/sca/swift/swift_test.go | 116 ++++++++ commands/audit/sca/swift/swiftcommand.go | 177 +++++++++++++ commands/audit/scarunner.go | 3 + go.mod | 2 +- go.sum | 4 +- tests/config.go | 5 +- .../package-managers/swift/Package.swift | 14 + .../integration/test_integrationutils.go | 7 + utils/techutils/techutils.go | 10 + 12 files changed, 604 insertions(+), 4 deletions(-) create mode 100644 commands/audit/sca/swift/swift.go create mode 100644 commands/audit/sca/swift/swift_test.go create mode 100644 commands/audit/sca/swift/swiftcommand.go create mode 100644 tests/testdata/projects/package-managers/swift/Package.swift diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 8d32dee8..63bfb14c 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -20,6 +20,11 @@ runs: shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} run: gem install cocoapods + - name: install swift + uses: swift-actions/setup-swift@v2 + with: + swift-version: "5.1.0" + - name: Install npm uses: actions/setup-node@v4 with: diff --git a/audit_test.go b/audit_test.go index b2380aa9..2a12fc87 100644 --- a/audit_test.go +++ b/audit_test.go @@ -441,6 +441,13 @@ func TestXrayAuditCocoapods(t *testing.T) { }) } +func TestXrayAuditSwift(t *testing.T) { + output := testXrayAuditSwift(t, string(format.Json)) + validations.VerifyJsonResults(t, output, validations.ValidationParams{ + Vulnerabilities: 1, + }) +} + func TestXrayAuditPipSimpleJson(t *testing.T) { output := testXrayAuditPip(t, string(format.SimpleJson), "") validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{ @@ -482,6 +489,15 @@ func testXrayAuditCocoapods(t *testing.T, format string) string { return securityTests.PlatformCli.RunCliCmdWithOutput(t, args...) } +func testXrayAuditSwift(t *testing.T, format string) string { + integration.InitAuditSwiftTest(t, scangraph.GraphScanMinXrayVersion) + _, cleanUp := securityTestUtils.CreateTestProjectEnvAndChdir(t, filepath.Join(filepath.FromSlash(securityTests.GetTestResourcesPath()), "projects", "package-managers", "swift")) + defer cleanUp() + // Add dummy descriptor file to check that we run only specific audit + args := []string{"audit", "--format=" + format} + return securityTests.PlatformCli.RunCliCmdWithOutput(t, args...) +} + func TestXrayAuditPipenvJson(t *testing.T) { output := testXrayAuditPipenv(t, string(format.Json)) validations.VerifyJsonResults(t, output, validations.ValidationParams{ diff --git a/commands/audit/sca/swift/swift.go b/commands/audit/sca/swift/swift.go new file mode 100644 index 00000000..1d48958e --- /dev/null +++ b/commands/audit/sca/swift/swift.go @@ -0,0 +1,249 @@ +package swift + +import ( + "encoding/json" + "errors" + "fmt" + "github.com/jfrog/gofrog/datastructures" + "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" + "github.com/jfrog/jfrog-cli-security/utils" + "github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils" + "github.com/jfrog/jfrog-cli-security/utils/techutils" + "github.com/jfrog/jfrog-client-go/utils/log" + xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" + "github.com/owenrumney/go-sarif/v2/sarif" + "os" + "path" + "path/filepath" + "strings" +) + +// VersionForMainModule - We don't have information in swift on the current package, or main module, we only have information on its +// dependencies. + +const ( + VersionForMainModule = "0.0.0" +) + +type Dependencies struct { + Name string `json:"url,omitempty"` + Version string `json:"version,omitempty"` + Dependencies []*Dependencies `json:"dependencies,omitempty"` +} + +func GetTechDependencyLocation(directDependencyName, directDependencyVersion string, descriptorPaths ...string) ([]*sarif.Location, error) { + var swiftPositions []*sarif.Location + for _, descriptorPath := range descriptorPaths { + path.Clean(descriptorPath) + if !strings.HasSuffix(descriptorPath, "Package.swift") { + log.Logger.Warn("Cannot support other files besides Package.swift: %s", descriptorPath) + continue + } + data, err := os.ReadFile(descriptorPath) + if err != nil { + continue + } + lines := strings.Split(string(data), "\n") + var startLine, startCol int + foundDependency := false + var tempIndex int + for i, line := range lines { + foundDependency, tempIndex, startLine, startCol = parsePodLine(line, directDependencyName, directDependencyVersion, descriptorPath, i, tempIndex, startLine, startCol, lines, foundDependency, &swiftPositions) + } + } + return swiftPositions, nil +} + +func parsePodLine(line, directDependencyName, directDependencyVersion, descriptorPath string, i, tempIndex, startLine, startCol int, lines []string, foundDependency bool, swiftPositions *[]*sarif.Location) (bool, int, int, int) { + if strings.Contains(line, directDependencyName) { + startLine = i + startCol = strings.Index(line, directDependencyName) + foundDependency = true + tempIndex = i + } + // This means we are in a new dependency (we cannot find dependency name and version together) + if i > tempIndex && foundDependency && strings.Contains(line, ".package") { + foundDependency = false + } else if foundDependency && strings.Contains(line, directDependencyVersion) { + endLine := i + endCol := strings.Index(line, directDependencyVersion) + len(directDependencyVersion) + 1 + var snippet string + // if the tech dependency is a one-liner + if endLine == startLine { + snippet = lines[startLine][startCol:endCol] + // else it is more than one line, so we need to parse all lines + } else { + for snippetLine := 0; snippetLine < endLine-startLine+1; snippetLine++ { + switch snippetLine { + case 0: + snippet += "\n" + lines[snippetLine][startLine:] + case endLine - startLine: + snippet += "\n" + lines[snippetLine][:endCol] + default: + snippet += "\n" + lines[snippetLine] + } + } + } + *swiftPositions = append(*swiftPositions, sarifutils.CreateLocation(descriptorPath, startLine, endLine, startCol, endCol, snippet)) + foundDependency = false + } + return foundDependency, tempIndex, startLine, startCol +} + +func FixTechDependency(dependencyName, dependencyVersion, fixVersion string, descriptorPaths ...string) error { + for _, descriptorPath := range descriptorPaths { + path.Clean(descriptorPath) + if !strings.HasSuffix(descriptorPath, "Package.swift") { + log.Logger.Warn("Cannot support other files besides Package.swift: %s", descriptorPath) + continue + } + data, err := os.ReadFile(descriptorPath) + var newLines []string + if err != nil { + continue + } + lines := strings.Split(string(data), "\n") + foundDependency := false + var tempIndex int + for index, line := range lines { + if strings.Contains(line, dependencyName) { + foundDependency = true + tempIndex = index + } + // This means we are in a new dependency (we cannot find dependency name and version together) + //nolint:gocritic + if index > tempIndex && foundDependency && strings.Contains(line, ".package") { + foundDependency = false + } else if foundDependency && strings.Contains(line, dependencyVersion) { + newLine := strings.Replace(line, dependencyVersion, fixVersion, 1) + newLines = append(newLines, newLine) + foundDependency = false + } else { + newLines = append(newLines, line) + } + } + output := strings.Join(newLines, "\n") + err = os.WriteFile(descriptorPath, []byte(output), 0644) + if err != nil { + return fmt.Errorf("failed to write file: %v", err) + } + } + return nil +} + +func GetSwiftDependenciesGraph(data *Dependencies, dependencyMap map[string][]string, versionMap map[string]string) { + data.Name = strings.TrimSuffix(data.Name, ".git") + data.Name = strings.TrimPrefix(data.Name, "https://") + _, ok := dependencyMap[data.Name] + if !ok { + dependencyMap[data.Name] = []string{} + versionMap[data.Name] = data.Version + } + for _, dependency := range data.Dependencies { + dependency.Name = strings.TrimSuffix(dependency.Name, ".git") + dependency.Name = strings.TrimPrefix(dependency.Name, "https://") + dependencyMap[data.Name] = append(dependencyMap[data.Name], dependency.Name) + GetSwiftDependenciesGraph(dependency, dependencyMap, versionMap) + } +} + +func GetDependenciesData(exePath, currentDir string) (*Dependencies, error) { + result, _, err := runSwiftCmd(exePath, currentDir, []string{"package", "show-dependencies", "--format", "json"}) + if err != nil { + return nil, err + } + var data *Dependencies + err = json.Unmarshal(result, &data) + if err != nil { + return nil, err + } + return data, nil +} + +func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) { + currentDir, err := coreutils.GetWorkingDirectory() + if err != nil { + return nil, nil, err + } + + clearResolutionServerFunc, err := configSwiftResolutionServerIfNeeded(params) + if err != nil { + err = fmt.Errorf("failed while configuring a resolution server: %s", err.Error()) + return nil, nil, err + } + defer func() { + if clearResolutionServerFunc != nil { + err = errors.Join(err, clearResolutionServerFunc()) + } + }() + + packageName := filepath.Base(currentDir) + packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule) + _, _, err = getSwiftVersionAndExecPath() + if err != nil { + err = fmt.Errorf("failed while retrieving swift path: %s", err.Error()) + return + } + // Calculate pod dependencies + data, err := GetDependenciesData("swift", currentDir) + if err != nil { + return nil, nil, err + } + uniqueDepsSet := datastructures.MakeSet[string]() + dependencyMap := make(map[string][]string) + versionMap := make(map[string]string) + data.Name = packageName + data.Version = VersionForMainModule + GetSwiftDependenciesGraph(data, dependencyMap, versionMap) + for key := range dependencyMap { + if key != packageName { + dependencyMap[packageName] = append(dependencyMap[packageName], key) + } + } + versionMap[packageName] = VersionForMainModule + rootNode := &xrayUtils.GraphNode{ + Id: techutils.Swift.GetPackageTypeId() + packageInfo, + Nodes: []*xrayUtils.GraphNode{}, + } + // Parse the dependencies into Xray dependency tree format + parseSwiftDependenciesList(rootNode, dependencyMap, versionMap, uniqueDepsSet) + dependencyTree = []*xrayUtils.GraphNode{rootNode} + uniqueDeps = uniqueDepsSet.ToSlice() + return +} + +// Generates a .netrc file to configure an Artifactory server as the resolver server. +func configSwiftResolutionServerIfNeeded(params utils.AuditParams) (clearResolutionServerFunc func() error, err error) { + // If we don't have an artifactory repo's name we don't need to configure any Artifactory server as resolution server + if params.DepsRepo() == "" { + return + } + + serverDetails, err := params.ServerDetails() + if err != nil { + return + } + + clearResolutionServerFunc, err = setArtifactoryAsResolutionServer(serverDetails, params.DepsRepo()) + return +} + +// Parse the dependencies into a Xray dependency tree format +func parseSwiftDependenciesList(currNode *xrayUtils.GraphNode, dependenciesGraph map[string][]string, versionMap map[string]string, uniqueDepsSet *datastructures.Set[string]) { + if currNode.NodeHasLoop() { + return + } + uniqueDepsSet.Add(currNode.Id) + pkgName := strings.Split(strings.TrimPrefix(currNode.Id, techutils.Swift.GetPackageTypeId()), ":")[0] + currDepChildren := dependenciesGraph[pkgName] + for _, childName := range currDepChildren { + fullChildName := fmt.Sprintf("%s:%s", childName, versionMap[childName]) + childNode := &xrayUtils.GraphNode{ + Id: techutils.Swift.GetPackageTypeId() + fullChildName, + Nodes: []*xrayUtils.GraphNode{}, + Parent: currNode, + } + currNode.Nodes = append(currNode.Nodes, childNode) + parseSwiftDependenciesList(childNode, dependenciesGraph, versionMap, uniqueDepsSet) + } +} diff --git a/commands/audit/sca/swift/swift_test.go b/commands/audit/sca/swift/swift_test.go new file mode 100644 index 00000000..8c84fa66 --- /dev/null +++ b/commands/audit/sca/swift/swift_test.go @@ -0,0 +1,116 @@ +package swift + +import ( + "fmt" + "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" + "github.com/jfrog/jfrog-cli-core/v2/utils/tests" + "github.com/jfrog/jfrog-cli-security/utils/techutils" + "github.com/owenrumney/go-sarif/v2/sarif" + "os" + "path/filepath" + "testing" + + "github.com/jfrog/jfrog-cli-core/v2/utils/config" + "github.com/jfrog/jfrog-cli-security/commands/audit/sca" + xrayutils "github.com/jfrog/jfrog-cli-security/utils" + + "github.com/stretchr/testify/assert" +) + +func TestBuildSwiftDependencyList(t *testing.T) { + // Create and change directory to test workspace + _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "swift")) + defer cleanUp() + + // Run getModulesDependencyTrees + server := &config.ServerDetails{ + Url: "https://api.swift.here", + ArtifactoryUrl: "https://api.swift.here/artifactory", + User: "user", + AccessToken: "sdsdccs2232", + } + currentDir, err := coreutils.GetWorkingDirectory() + assert.NoError(t, err) + packageName := filepath.Base(currentDir) + packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule) + expectedUniqueDeps := []string{ + techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-algorithms:1.2.0", + techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-numerics:1.0.2", + techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-nio-http2:1.19.0", + techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-atomics:1.2.0", + techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-collections:1.1.4", + techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-system:1.4.0", + techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-nio:2.76.1", + techutils.Swift.GetPackageTypeId() + packageInfo, + } + + auditBasicParams := (&xrayutils.AuditBasicParams{}).SetServerDetails(server) + rootNode, uniqueDeps, err := BuildDependencyTree(auditBasicParams) + assert.NoError(t, err) + assert.ElementsMatch(t, uniqueDeps, expectedUniqueDeps, "First is actual, Second is Expected") + assert.NotEmpty(t, rootNode) + + assert.Equal(t, rootNode[0].Id, techutils.Swift.GetPackageTypeId()+packageInfo) + assert.Len(t, rootNode[0].Nodes, 9) + + child1 := tests.GetAndAssertNode(t, rootNode[0].Nodes, "github.com/apple/swift-algorithms:1.2.0") + assert.Len(t, child1.Nodes, 1) + + child2 := tests.GetAndAssertNode(t, rootNode[0].Nodes, "github.com/apple/swift-numerics:1.0.2") + assert.Len(t, child2.Nodes, 0) +} + +func TestGetTechDependencyLocation(t *testing.T) { + _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "swift")) + defer cleanUp() + currentDir, err := coreutils.GetWorkingDirectory() + assert.NoError(t, err) + locations, err := GetTechDependencyLocation("github.com/apple/swift-algorithms", "1.2.0", filepath.Join(currentDir, "Package.swift")) + assert.NoError(t, err) + assert.Len(t, locations, 1) + assert.Equal(t, *locations[0].PhysicalLocation.Region.StartLine, 10) + assert.Equal(t, *locations[0].PhysicalLocation.Region.StartColumn, 10) + assert.Equal(t, *locations[0].PhysicalLocation.Region.EndLine, 31) + assert.Equal(t, *locations[0].PhysicalLocation.Region.EndColumn, 80) + assert.Contains(t, *locations[0].PhysicalLocation.Region.Snippet.Text, "github.com/apple/swift-algorithms\", from: \"1.2.0\"") +} + +func TestPodLineParse(t *testing.T) { + var swiftPositions []*sarif.Location + foundDependency, _, startLine, startCol := parsePodLine(".package(url: \"https://github.com/apple/swift-algorithms\", from: \"1.2.0\")", "github.com/apple/swift-algorithms", "1.2.0", "test", 0, 0, 0, 0, []string{".package(url: \"https://github.com/apple/swift-algorithms\", from: \"1.2.0\")"}, false, &swiftPositions) + assert.Equal(t, foundDependency, false) + assert.Equal(t, startLine, 0) + assert.Equal(t, startCol, 23) +} + +func TestPodLineParseFoundOnlyDependencyName(t *testing.T) { + var swiftPositions []*sarif.Location + foundDependency, _, startLine, startCol := parsePodLine(".package(url: \"https://github.com/apple/swift-algorithms\", from: \"1.2.0\")", "github.com/apple/swift-algorithms", "6.2.4", "test", 0, 0, 0, 0, []string{".package(url: \"https://github.com/apple/swift-algorithms\", from: \"1.2.0\")"}, false, &swiftPositions) + assert.Equal(t, foundDependency, true) + assert.Equal(t, startLine, 0) + assert.Equal(t, startCol, 23) +} + +func TestFixTechDependencySingleLocation(t *testing.T) { + _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "swift")) + defer cleanUp() + currentDir, err := coreutils.GetWorkingDirectory() + assert.NoError(t, err) + err = FixTechDependency("github.com/apple/swift-nio-http2", "1.0.0", "1.0.1", filepath.Join(currentDir, "Package.swift")) + assert.NoError(t, err) + file, err := os.ReadFile(filepath.Join(currentDir, "Package.swift")) + assert.NoError(t, err) + assert.Contains(t, string(file), ".package(url: \"https://github.com/apple/swift-nio-http2\", \"1.0.1\"..<\"1.19.1\")") +} + +func TestFixTechDependencyNoLocations(t *testing.T) { + _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "swift")) + defer cleanUp() + currentDir, err := coreutils.GetWorkingDirectory() + assert.NoError(t, err) + err = FixTechDependency("github.com/apple/swift-nio-http2", "1.8.2", "1.8.3", filepath.Join(currentDir, "Package.swift")) + assert.NoError(t, err) + file, err := os.ReadFile(filepath.Join(currentDir, "Package.swift")) + assert.NoError(t, err) + assert.Contains(t, string(file), ".package(url: \"https://github.com/apple/swift-nio-http2\", \"1.0.0\"..<\"1.19.1\")") +} diff --git a/commands/audit/sca/swift/swiftcommand.go b/commands/audit/sca/swift/swiftcommand.go new file mode 100644 index 00000000..cf5f37ac --- /dev/null +++ b/commands/audit/sca/swift/swiftcommand.go @@ -0,0 +1,177 @@ +package swift + +import ( + "bytes" + "fmt" + "github.com/jfrog/gofrog/version" + "github.com/jfrog/jfrog-cli-core/v2/utils/config" + "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" + "github.com/jfrog/jfrog-cli-core/v2/utils/ioutils" + "github.com/jfrog/jfrog-client-go/auth" + "github.com/jfrog/jfrog-client-go/utils/errorutils" + "github.com/jfrog/jfrog-client-go/utils/log" + "os" + "os/exec" + "path/filepath" + "strings" +) + +const ( + minSupportedSwiftVersion = "5.1.0" + swiftNetRcfileName = ".netrc" + swiftrcBackupFileName = ".jfrog.netrc.backup" +) + +type SwiftCommand struct { + cmdName string + serverDetails *config.ServerDetails + swiftVersion *version.Version + authArtDetails auth.ServiceDetails + restoreNetrcFunc func() error + workingDirectory string + executablePath string +} + +func getSwiftVersionAndExecPath() (*version.Version, string, error) { + swiftExecPath, err := exec.LookPath("swift") + if err != nil { + return nil, "", fmt.Errorf("could not find the 'swift' executable in the system PATH %w", err) + } + log.Debug("Using swift executable:", swiftExecPath) + versionData, stdErr, err := runSwiftCmd(swiftExecPath, "", []string{"--version"}) + if err != nil || stdErr != nil { + return nil, "", err + } + return version.NewVersion(strings.TrimSpace(string(versionData))), swiftExecPath, nil +} + +func runSwiftCmd(executablePath, srcPath string, swiftArgs []string) (stdResult, errResult []byte, err error) { + args := make([]string, 0) + for i := 0; i < len(swiftArgs); i++ { + if strings.TrimSpace(swiftArgs[i]) != "" { + args = append(args, swiftArgs[i]) + } + } + log.Debug("Running 'swift " + strings.Join(swiftArgs, " ") + "' command.") + command := exec.Command(executablePath, args...) + command.Dir = srcPath + outBuffer := bytes.NewBuffer([]byte{}) + command.Stdout = outBuffer + errBuffer := bytes.NewBuffer([]byte{}) + command.Stderr = errBuffer + err = command.Run() + errResult = errBuffer.Bytes() + stdResult = outBuffer.Bytes() + if err != nil { + err = fmt.Errorf("error while running '%s %s': %s\n%s", executablePath, strings.Join(args, " "), err.Error(), strings.TrimSpace(string(errResult))) + return + } + log.Debug("npm '" + strings.Join(args, " ") + "' standard output is:\n" + strings.TrimSpace(string(stdResult))) + return +} + +func (sc *SwiftCommand) SetServerDetails(serverDetails *config.ServerDetails) *SwiftCommand { + sc.serverDetails = serverDetails + return sc +} + +func (sc *SwiftCommand) RestoreNetrcFunc() func() error { + return sc.restoreNetrcFunc +} + +func (sc *SwiftCommand) GetData() ([]byte, error) { + var filteredConf []string + filteredConf = append(filteredConf, "machine ", sc.serverDetails.Url, "\n") + filteredConf = append(filteredConf, "login ", sc.serverDetails.User, "\n") + filteredConf = append(filteredConf, "password ", sc.serverDetails.AccessToken, "\n") + + return []byte(strings.Join(filteredConf, "")), nil +} + +func (sc *SwiftCommand) CreateTempNetrc() error { + data, err := sc.GetData() + if err != nil { + return err + } + if err = removeNetrcIfExists(sc.workingDirectory); err != nil { + return err + } + log.Debug("Creating temporary .netrc file.") + return errorutils.CheckError(os.WriteFile(filepath.Join(sc.workingDirectory, swiftNetRcfileName), data, 0755)) +} + +func (sc *SwiftCommand) setRestoreNetrcFunc() error { + restoreNetrcFunc, err := ioutils.BackupFile(filepath.Join(sc.workingDirectory, swiftNetRcfileName), swiftrcBackupFileName) + if err != nil { + return err + } + sc.restoreNetrcFunc = func() error { + return restoreNetrcFunc() + } + return nil +} + +func (sc *SwiftCommand) setArtifactoryAuth() error { + authArtDetails, err := sc.serverDetails.CreateArtAuthConfig() + if err != nil { + return err + } + if authArtDetails.GetSshAuthHeaders() != nil { + return errorutils.CheckErrorf("SSH authentication is not supported in this command") + } + sc.authArtDetails = authArtDetails + return nil +} + +func newSwiftInstallCommand() *SwiftCommand { + return &SwiftCommand{cmdName: "install"} +} + +func (sc *SwiftCommand) PreparePrerequisites() error { + log.Debug("Preparing prerequisites...") + var err error + sc.swiftVersion, sc.executablePath, err = getSwiftVersionAndExecPath() + if err != nil { + return err + } + if sc.swiftVersion.Compare(minSupportedSwiftVersion) > 0 { + return errorutils.CheckErrorf( + "JFrog CLI swift %s command requires cocoapods client version %s or higher. The Current version is: %s", sc.cmdName, minSupportedSwiftVersion, sc.swiftVersion.GetVersion()) + } + + sc.workingDirectory, err = coreutils.GetWorkingDirectory() + if err != nil { + return err + } + log.Debug("Working directory set to:", sc.workingDirectory) + if err = sc.setArtifactoryAuth(); err != nil { + return err + } + + return sc.setRestoreNetrcFunc() +} + +func removeNetrcIfExists(workingDirectory string) error { + if _, err := os.Stat(filepath.Join(workingDirectory, swiftNetRcfileName)); err != nil { + if os.IsNotExist(err) { + return nil + } + return errorutils.CheckError(err) + } + + log.Debug("Removing existing .netrc file") + return errorutils.CheckError(os.Remove(filepath.Join(workingDirectory, swiftNetRcfileName))) +} + +func setArtifactoryAsResolutionServer(serverDetails *config.ServerDetails, depsRepo string) (clearResolutionServerFunc func() error, err error) { + swiftCmd := newSwiftInstallCommand().SetServerDetails(serverDetails) + if err = swiftCmd.PreparePrerequisites(); err != nil { + return + } + if err = swiftCmd.CreateTempNetrc(); err != nil { + return + } + clearResolutionServerFunc = swiftCmd.RestoreNetrcFunc() + log.Info(fmt.Sprintf("Resolving dependencies from '%s' from repo '%s'", serverDetails.Url, depsRepo)) + return +} diff --git a/commands/audit/scarunner.go b/commands/audit/scarunner.go index ed74f24c..f8b990a2 100644 --- a/commands/audit/scarunner.go +++ b/commands/audit/scarunner.go @@ -4,6 +4,7 @@ import ( "encoding/json" "errors" "fmt" + "github.com/jfrog/jfrog-cli-security/commands/audit/sca/swift" biutils "github.com/jfrog/build-info-go/utils" "github.com/jfrog/build-info-go/utils/pythonutils" @@ -247,6 +248,8 @@ func GetTechDependencyTree(params xrayutils.AuditParams, artifactoryServerDetail depTreeResult.FullDepTrees, uniqueDeps, err = nuget.BuildDependencyTree(params) case techutils.Cocoapods: depTreeResult.FullDepTrees, uniqueDeps, err = cocoapods.BuildDependencyTree(params) + case techutils.Swift: + depTreeResult.FullDepTrees, uniqueDeps, err = swift.BuildDependencyTree(params) default: err = errorutils.CheckErrorf("%s is currently not supported", string(tech)) } diff --git a/go.mod b/go.mod index 457e4314..0c942af3 100644 --- a/go.mod +++ b/go.mod @@ -111,7 +111,7 @@ require ( gopkg.in/warnings.v0 v0.1.2 // indirect ) -// replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 dev +replace github.com/jfrog/jfrog-cli-core/v2 => github.com/barv-jfrog/jfrog-cli-core/v2 v2.0.0-20241107120828-8102dd2efed2 // replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go dev diff --git a/go.sum b/go.sum index 97c301c5..7af3395f 100644 --- a/go.sum +++ b/go.sum @@ -23,6 +23,8 @@ github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuW github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/barv-jfrog/jfrog-cli-core/v2 v2.0.0-20241107120828-8102dd2efed2 h1:oIPhhUvggGCUlMZxX/VtUIudfK10YDiAKLFbK7p5BJc= +github.com/barv-jfrog/jfrog-cli-core/v2 v2.0.0-20241107120828-8102dd2efed2/go.mod h1:XlN2hMNiNFeNM9aR8H29RZkenI39lDe+LE+BTm1dM6k= github.com/beevik/etree v1.4.0 h1:oz1UedHRepuY3p4N5OjE0nK1WLCqtzHf25bxplKOHLs= github.com/beevik/etree v1.4.0/go.mod h1:cyWiXwGoasx60gHvtnEh5x8+uIjUVnjWqBvEnhnqKDA= github.com/bradleyjkemp/cupaloy/v2 v2.8.0 h1:any4BmKE+jGIaMpnU8YgH/I2LPiLBufr6oMMlVBbn9M= @@ -130,8 +132,6 @@ github.com/jfrog/gofrog v1.7.6 h1:QmfAiRzVyaI7JYGsB7cxfAJePAZTzFz0gRWZSE27c6s= github.com/jfrog/gofrog v1.7.6/go.mod h1:ntr1txqNOZtHplmaNd7rS4f8jpA5Apx8em70oYEe7+4= github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY= github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w= -github.com/jfrog/jfrog-cli-core/v2 v2.56.5 h1:jigHavEpmfBV5tRHkVSW4B/GG5F54UOdNEt2jVyP0qc= -github.com/jfrog/jfrog-cli-core/v2 v2.56.5/go.mod h1:XlN2hMNiNFeNM9aR8H29RZkenI39lDe+LE+BTm1dM6k= github.com/jfrog/jfrog-client-go v1.47.4 h1:4FAuDDvoDRy9LEFe1WwUO5prBXkgyhaWGEZ0vXYL/Z4= github.com/jfrog/jfrog-client-go v1.47.4/go.mod h1:NepfaidmK/xiKsVC+0Ur9sANOqL6io8Y7pSaCau7J6o= github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k= diff --git a/tests/config.go b/tests/config.go index e7534fe8..f1cc6af3 100644 --- a/tests/config.go +++ b/tests/config.go @@ -52,6 +52,7 @@ var ( TestAuditGo *bool TestAuditPython *bool TestAuditCocoapods *bool + TestAuditSwift *bool JfrogUrl *string JfrogUser *string @@ -104,6 +105,7 @@ func init() { TestAuditGo = flag.Bool("test.audit.Go", false, "Run Go technologies (GoLang) audit integration tests") TestAuditPython = flag.Bool("test.audit.Python", false, "Run Python technologies (Pip, PipEnv, Poetry) audit integration tests") TestAuditCocoapods = flag.Bool("test.audit.Cocoapods", false, "Run Cocoapods technologies audit integration tests") + TestAuditSwift = flag.Bool("test.audit.Swift", false, "Run Swift technologies audit integration tests") JfrogUrl = flag.String("jfrog.url", getTestUrlDefaultValue(), "JFrog platform url") JfrogUser = flag.String("jfrog.user", getTestUserDefaultValue(), "JFrog platform username") @@ -119,7 +121,7 @@ func init() { func InitTestFlags() { flag.Parse() // If no test types flags were set, run all types - shouldRunAllTests := !isAtLeastOneFlagSet(TestUnit, TestArtifactory, TestXray, TestXsc, TestAuditGeneral, TestAuditJas, TestAuditJavaScript, TestAuditJava, TestAuditCTypes, TestAuditGo, TestAuditPython, TestAuditCocoapods, TestScan, TestDockerScan, TestCuration, TestEnrich, TestGit) + shouldRunAllTests := !isAtLeastOneFlagSet(TestUnit, TestArtifactory, TestXray, TestXsc, TestAuditGeneral, TestAuditJas, TestAuditJavaScript, TestAuditJava, TestAuditCTypes, TestAuditGo, TestAuditPython, TestAuditCocoapods, TestAuditSwift, TestScan, TestDockerScan, TestCuration, TestEnrich, TestGit) if shouldRunAllTests { log.Info("Running all tests. To run only specific tests, please specify the desired test flags.") *TestUnit = true @@ -134,6 +136,7 @@ func InitTestFlags() { *TestAuditGo = true *TestAuditPython = true *TestAuditCocoapods = true + *TestAuditSwift = true *TestScan = true *TestDockerScan = true *TestCuration = true diff --git a/tests/testdata/projects/package-managers/swift/Package.swift b/tests/testdata/projects/package-managers/swift/Package.swift new file mode 100644 index 00000000..76d87a90 --- /dev/null +++ b/tests/testdata/projects/package-managers/swift/Package.swift @@ -0,0 +1,14 @@ +// swift-tools-version:5.9 + +import PackageDescription + +let package = Package( + name: "test", + platforms: [ + .macOS(.v10_15), + ], + dependencies: [ + .package(url: "https://github.com/apple/swift-algorithms", from: "1.2.0"), + .package(url: "https://github.com/apple/swift-nio-http2", "1.0.0"..<"1.19.1"), + ] +) diff --git a/tests/utils/integration/test_integrationutils.go b/tests/utils/integration/test_integrationutils.go index ac20c728..57a01cd8 100644 --- a/tests/utils/integration/test_integrationutils.go +++ b/tests/utils/integration/test_integrationutils.go @@ -131,6 +131,13 @@ func InitAuditCocoapodsTest(t *testing.T, minVersion string) { testUtils.ValidateXrayVersion(t, minVersion) } +func InitAuditSwiftTest(t *testing.T, minVersion string) { + if !*configTests.TestAuditSwift { + t.Skip(getSkipTestMsg("Audit command Swift technologies integration", "--test.audit.Swift")) + } + testUtils.ValidateXrayVersion(t, minVersion) +} + func InitAuditPythonTest(t *testing.T, minVersion string) { if !*configTests.TestAuditPython { t.Skip(getSkipTestMsg("Audit command Python technologies (Pip, PipEnv, Poetry) integration", "--test.audit.Python")) diff --git a/utils/techutils/techutils.go b/utils/techutils/techutils.go index 849e4f39..24a680f6 100644 --- a/utils/techutils/techutils.go +++ b/utils/techutils/techutils.go @@ -39,6 +39,7 @@ const ( Oci Technology = "oci" Conan Technology = "conan" Cocoapods Technology = "cocoapods" + Swift Technology = "swift" ) const Pypi = "pypi" @@ -55,6 +56,7 @@ const ( CPP CodeLanguage = "C++" // CocoapodsLang package can have multiple languages CocoapodsLang CodeLanguage = "Any" + SwiftLang CodeLanguage = "Any" ) // Associates a technology with project type (used in config commands for the package-managers). @@ -71,6 +73,7 @@ var TechToProjectType = map[Technology]project.ProjectType{ Nuget: project.Nuget, Dotnet: project.Dotnet, Cocoapods: project.Cocoapods, + Swift: project.Swift, } var packageTypes = map[string]string{ @@ -204,6 +207,12 @@ var technologiesData = map[Technology]TechData{ formal: "Cocoapods", packageTypeId: "cocoapods://", }, + Swift: { + indicators: []string{"Package.swift", "Package.resolved"}, + packageDescriptors: []string{"Package.swift", "Package.resolved"}, + formal: "swift", + packageTypeId: "swift://", + }, } var ( @@ -245,6 +254,7 @@ func TechnologyToLanguage(technology Technology) CodeLanguage { Yarn: JavaScript, Pnpm: JavaScript, Cocoapods: CocoapodsLang, + Swift: SwiftLang, } return languageMap[technology] } From 63646881ca552fbbe5f51094e38704d5f915ad7c Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 11 Nov 2024 16:40:02 +0200 Subject: [PATCH 028/111] cocoapods-audit --- artifactory_test.go | 6 ++++++ tests/consts.go | 14 ++++++++++++-- .../cocoapods_remote_repository_config.json | 6 ++++++ .../cocoapods_virtual_repository_config.json | 6 ++++++ 4 files changed, 30 insertions(+), 2 deletions(-) create mode 100644 tests/testdata/artifactory-repo-configs/cocoapods_remote_repository_config.json create mode 100644 tests/testdata/artifactory-repo-configs/cocoapods_virtual_repository_config.json diff --git a/artifactory_test.go b/artifactory_test.go index 265ad74b..259d6811 100644 --- a/artifactory_test.go +++ b/artifactory_test.go @@ -103,6 +103,12 @@ func TestDependencyResolutionFromArtifactory(t *testing.T) { cacheRepoName: securityTests.PypiRemoteRepo, projectType: project.Poetry, }, + { + testProjectPath: []string{"cocoapods"}, + resolveRepoName: securityTests.CocoapodsVirtualRepo, + cacheRepoName: securityTests.CocoapodsRemoteRepo, + projectType: project.Cocoapods, + }, } securityIntegrationTestUtils.CreateJfrogHomeConfig(t, true) defer securityTestUtils.CleanTestsHomeEnv() diff --git a/tests/consts.go b/tests/consts.go index 4cfd9103..01b0d283 100644 --- a/tests/consts.go +++ b/tests/consts.go @@ -54,6 +54,8 @@ var ( GoRemoteRepo = "cli-go-remote" GoRepo = "cli-go" PypiRemoteRepo = "cli-pypi-remote" + CocoapodsRemoteRepo = "cli-cocoapods-remote" + CocoapodsVirtualRepo = "cli-cocoapods-virtual" ) // Integration tests - Artifactory repositories creation templates @@ -72,6 +74,8 @@ const ( GoRemoteRepositoryConfig = "go_remote_repository_config.json" GoLocalRepositoryConfig = "go_local_repository_config.json" PypiRemoteRepositoryConfig = "pypi_remote_repository_config.json" + CocoapodsRemoteRepoConfig = "cocoapods_remote_repository_config.json" + CocoapodsVirtualRepositoryConfig = "cocoapods_virtual_repository_config.json" Repo1RepositoryConfig = "repo1_repository_config.json" VirtualRepositoryConfig = "specs_virtual_repository_config.json" @@ -95,6 +99,8 @@ var reposConfigMap = map[*string]string{ &GoRemoteRepo: GoRemoteRepositoryConfig, &GoRepo: GoLocalRepositoryConfig, &PypiRemoteRepo: PypiRemoteRepositoryConfig, + &CocoapodsRemoteRepo: CocoapodsRemoteRepoConfig, + &CocoapodsVirtualRepo: CocoapodsVirtualRepositoryConfig, } func GetTestResourcesPath() string { @@ -114,7 +120,7 @@ func getTestResourcesPath(basePath string) string { func GetNonVirtualRepositories() map[*string]string { nonVirtualReposMap := map[*bool][]*string{ TestDockerScan: {&DockerLocalRepo, &DockerRemoteRepo}, - TestArtifactory: {&NpmRemoteRepo, &NugetRemoteRepo, &YarnRemoteRepo, &GradleRemoteRepo, &MvnRemoteRepo, &MvnRemoteSnapshotsRepo, &GoRepo, &GoRemoteRepo, &PypiRemoteRepo}, + TestArtifactory: {&NpmRemoteRepo, &NugetRemoteRepo, &YarnRemoteRepo, &GradleRemoteRepo, &MvnRemoteRepo, &MvnRemoteSnapshotsRepo, &GoRepo, &GoRemoteRepo, &PypiRemoteRepo, &CocoapodsRemoteRepo}, } return getNeededRepositories(nonVirtualReposMap) } @@ -123,7 +129,7 @@ func GetNonVirtualRepositories() map[*string]string { func GetVirtualRepositories() map[*string]string { virtualReposMap := map[*bool][]*string{ TestDockerScan: {&DockerVirtualRepo}, - TestArtifactory: {&GoVirtualRepo, &MvnVirtualRepo}, + TestArtifactory: {&GoVirtualRepo, &MvnVirtualRepo, &CocoapodsVirtualRepo}, } return getNeededRepositories(virtualReposMap) } @@ -183,6 +189,8 @@ func AddTimestampToGlobalVars() { NugetRemoteRepo += uniqueSuffix YarnRemoteRepo += uniqueSuffix PypiRemoteRepo += uniqueSuffix + CocoapodsRemoteRepo += uniqueSuffix + CocoapodsVirtualRepo += uniqueSuffix timestampAdded = true } @@ -209,5 +217,7 @@ func GetSubstitutionMap() map[string]string { "${NUGET_REMOTE_REPO}": NugetRemoteRepo, "${PYPI_REMOTE_REPO}": PypiRemoteRepo, "${YARN_REMOTE_REPO}": YarnRemoteRepo, + "${COCOAPODS_REMOTE_REPO}": CocoapodsRemoteRepo, + "${COCOAPODS_VIRTUAL_REPO}": CocoapodsVirtualRepo, } } diff --git a/tests/testdata/artifactory-repo-configs/cocoapods_remote_repository_config.json b/tests/testdata/artifactory-repo-configs/cocoapods_remote_repository_config.json new file mode 100644 index 00000000..169e88e4 --- /dev/null +++ b/tests/testdata/artifactory-repo-configs/cocoapods_remote_repository_config.json @@ -0,0 +1,6 @@ +{ + "key": "${COCOAPODS_REMOTE_REPO}", + "rclass": "remote", + "packageType": "cocoapods", + "url": "https://github.com/CocoaPods/cdn.cocoapods.org" +} \ No newline at end of file diff --git a/tests/testdata/artifactory-repo-configs/cocoapods_virtual_repository_config.json b/tests/testdata/artifactory-repo-configs/cocoapods_virtual_repository_config.json new file mode 100644 index 00000000..73a9b276 --- /dev/null +++ b/tests/testdata/artifactory-repo-configs/cocoapods_virtual_repository_config.json @@ -0,0 +1,6 @@ +{ + "key": "${COCOAPODS_VIRTUAL_REPO}", + "rclass": "virtual", + "packageType": "cocoapods", + "repositories": ["${COCOAPODS_REMOTE_REPO}"] +} \ No newline at end of file From 452920e924bb1084c236dc62cbe8b48fab20bf26 Mon Sep 17 00:00:00 2001 From: Michael Sverdlov Date: Thu, 7 Nov 2024 16:11:49 +0200 Subject: [PATCH 029/111] Align core changes (#228) --- commands/audit/sca/go/golang.go | 2 +- commands/audit/sca/python/python.go | 2 +- go.mod | 8 ++++---- go.sum | 17 ++++++++--------- 4 files changed, 14 insertions(+), 15 deletions(-) diff --git a/commands/audit/sca/go/golang.go b/commands/audit/sca/go/golang.go index faa2fe6f..8a9c9693 100644 --- a/commands/audit/sca/go/golang.go +++ b/commands/audit/sca/go/golang.go @@ -6,8 +6,8 @@ import ( biutils "github.com/jfrog/build-info-go/utils" "github.com/jfrog/gofrog/datastructures" goartifactoryutils "github.com/jfrog/jfrog-cli-core/v2/artifactory/commands/golang" + goutils "github.com/jfrog/jfrog-cli-core/v2/artifactory/commands/golang" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" - goutils "github.com/jfrog/jfrog-cli-core/v2/utils/golang" "github.com/jfrog/jfrog-cli-security/commands/audit/sca" "github.com/jfrog/jfrog-cli-security/utils" "github.com/jfrog/jfrog-cli-security/utils/techutils" diff --git a/commands/audit/sca/python/python.go b/commands/audit/sca/python/python.go index d940ae45..c8578fbd 100644 --- a/commands/audit/sca/python/python.go +++ b/commands/audit/sca/python/python.go @@ -9,9 +9,9 @@ import ( biutils "github.com/jfrog/build-info-go/utils" "github.com/jfrog/build-info-go/utils/pythonutils" "github.com/jfrog/gofrog/datastructures" + utils "github.com/jfrog/jfrog-cli-core/v2/artifactory/commands/python" "github.com/jfrog/jfrog-cli-core/v2/utils/config" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" - utils "github.com/jfrog/jfrog-cli-core/v2/utils/python" "github.com/jfrog/jfrog-cli-security/commands/audit/sca" xrayutils2 "github.com/jfrog/jfrog-cli-security/utils" "github.com/jfrog/jfrog-cli-security/utils/techutils" diff --git a/go.mod b/go.mod index 457e4314..3112bf11 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/magiconair/properties v1.8.7 github.com/owenrumney/go-sarif/v2 v2.3.0 github.com/stretchr/testify v1.9.0 - github.com/urfave/cli v1.22.15 + github.com/urfave/cli v1.22.16 golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c golang.org/x/sync v0.8.0 golang.org/x/text v0.19.0 @@ -35,7 +35,7 @@ require ( github.com/c-bata/go-prompt v0.2.5 // indirect github.com/chzyer/readline v1.5.1 // indirect github.com/cloudflare/circl v1.4.0 // indirect - github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect github.com/cyphar/filepath-securejoin v0.2.4 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect @@ -57,7 +57,7 @@ require ( github.com/hashicorp/go-retryablehttp v0.7.7 // indirect github.com/hashicorp/hcl v1.0.0 // indirect github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect - github.com/jedib0t/go-pretty/v6 v6.5.9 // indirect + github.com/jedib0t/go-pretty/v6 v6.6.1 // indirect github.com/jfrog/archiver/v3 v3.6.1 // indirect github.com/kevinburke/ssh_config v1.2.0 // indirect github.com/klauspost/compress v1.17.9 // indirect @@ -111,7 +111,7 @@ require ( gopkg.in/warnings.v0 v0.1.2 // indirect ) -// replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 dev +replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20241107130834-59ac9764f8b9 // replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go dev diff --git a/go.sum b/go.sum index 97c301c5..a1455ea3 100644 --- a/go.sum +++ b/go.sum @@ -2,7 +2,6 @@ cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT cloud.google.com/go/compute/metadata v0.3.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= -github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0= github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= github.com/CycloneDX/cyclonedx-go v0.9.0 h1:inaif7qD8bivyxp7XLgxUYtOXWtDez7+j72qKTMQTb8= @@ -44,8 +43,8 @@ github.com/chzyer/test v1.0.0/go.mod h1:2JlltgoNkt4TW/z9V/IzDdFaMTM2JPIi26O1pF38 github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= github.com/cloudflare/circl v1.4.0 h1:BV7h5MgrktNzytKmWjpOtdYrf0lkkbF8YMlBGPhJQrY= github.com/cloudflare/circl v1.4.0/go.mod h1:PDRU+oXvdD7KCtgKxW95M5Z8BpSCJXQORiZFnBQS5QU= -github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4= -github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.5 h1:ZtcqGrnekaHpVLArFSe4HK5DoKx1T0rq2DwVB0alcyc= +github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= @@ -118,8 +117,8 @@ github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= -github.com/jedib0t/go-pretty/v6 v6.5.9 h1:ACteMBRrrmm1gMsXe9PSTOClQ63IXDUt03H5U+UV8OU= -github.com/jedib0t/go-pretty/v6 v6.5.9/go.mod h1:zbn98qrYlh95FIhwwsbIip0LYpwSG8SUOScs+v9/t0E= +github.com/jedib0t/go-pretty/v6 v6.6.1 h1:iJ65Xjb680rHcikRj6DSIbzCex2huitmc7bDtxYVWyc= +github.com/jedib0t/go-pretty/v6 v6.6.1/go.mod h1:zbn98qrYlh95FIhwwsbIip0LYpwSG8SUOScs+v9/t0E= github.com/jfrog/archiver/v3 v3.6.1 h1:LOxnkw9pOn45DzCbZNFV6K0+6dCsQ0L8mR3ZcujO5eI= github.com/jfrog/archiver/v3 v3.6.1/go.mod h1:VgR+3WZS4N+i9FaDwLZbq+jeU4B4zctXL+gL4EMzfLw= github.com/jfrog/build-info-go v1.10.3 h1:9nqBdZD6xkuxiOvxg+idZ79QLFWQNuucvKkl8Xb42kw= @@ -130,8 +129,8 @@ github.com/jfrog/gofrog v1.7.6 h1:QmfAiRzVyaI7JYGsB7cxfAJePAZTzFz0gRWZSE27c6s= github.com/jfrog/gofrog v1.7.6/go.mod h1:ntr1txqNOZtHplmaNd7rS4f8jpA5Apx8em70oYEe7+4= github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY= github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w= -github.com/jfrog/jfrog-cli-core/v2 v2.56.5 h1:jigHavEpmfBV5tRHkVSW4B/GG5F54UOdNEt2jVyP0qc= -github.com/jfrog/jfrog-cli-core/v2 v2.56.5/go.mod h1:XlN2hMNiNFeNM9aR8H29RZkenI39lDe+LE+BTm1dM6k= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20241107130834-59ac9764f8b9 h1:zAlXZrJRbThdMtA5UDjC0RouJ/OVY/zv9+VI54NTbFo= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20241107130834-59ac9764f8b9/go.mod h1:2E9LLSLDYNwp2585LyMuDaNMuq+ohvgZYg7K5EY933o= github.com/jfrog/jfrog-client-go v1.47.4 h1:4FAuDDvoDRy9LEFe1WwUO5prBXkgyhaWGEZ0vXYL/Z4= github.com/jfrog/jfrog-client-go v1.47.4/go.mod h1:NepfaidmK/xiKsVC+0Ur9sANOqL6io8Y7pSaCau7J6o= github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k= @@ -256,8 +255,8 @@ github.com/terminalstatic/go-xsd-validate v0.1.5/go.mod h1:18lsvYFofBflqCrvo1ump github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc= github.com/ulikunitz/xz v0.5.12/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= -github.com/urfave/cli v1.22.15 h1:nuqt+pdC/KqswQKhETJjo7pvn/k4xMUxgW6liI7XpnM= -github.com/urfave/cli v1.22.15/go.mod h1:wSan1hmo5zeyLGBjRJbzRTNk8gwoYa2B9n4q9dmRIc0= +github.com/urfave/cli v1.22.16 h1:MH0k6uJxdwdeWQTwhSO42Pwr4YLrNLwBtg1MRgTqPdQ= +github.com/urfave/cli v1.22.16/go.mod h1:EeJR6BKodywf4zciqrdw6hpCPk68JO9z5LazXZMn5Po= github.com/vbauerster/mpb/v8 v8.8.3 h1:dTOByGoqwaTJYPubhVz3lO5O6MK553XVgUo33LdnNsQ= github.com/vbauerster/mpb/v8 v8.8.3/go.mod h1:JfCCrtcMsJwP6ZwMn9e5LMnNyp3TVNpUWWkN+nd4EWk= github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= From 63969c946280c1ff3ea88140d5f049db147fd8d5 Mon Sep 17 00:00:00 2001 From: Assaf Attias <49212512+attiasas@users.noreply.github.com> Date: Sun, 10 Nov 2024 12:18:10 +0200 Subject: [PATCH 030/111] Add NoTech Technology for directories with no tech (#230) --- audit_test.go | 1 - commands/audit/audit.go | 8 +- commands/audit/audit_test.go | 74 +++++++++----- commands/audit/scarunner.go | 2 +- utils/results/results.go | 6 +- utils/techutils/techutils.go | 160 +++++++++++++++++++++++++++++- utils/techutils/techutils_test.go | 46 +++++++++ 7 files changed, 261 insertions(+), 36 deletions(-) diff --git a/audit_test.go b/audit_test.go index b2380aa9..c922b801 100644 --- a/audit_test.go +++ b/audit_test.go @@ -468,7 +468,6 @@ func testXrayAuditPip(t *testing.T, format, requirementsFile string) string { args := []string{"audit", "--pip", "--licenses", "--format=" + format} if requirementsFile != "" { args = append(args, "--requirements-file="+requirementsFile) - } return securityTests.PlatformCli.RunCliCmdWithOutput(t, args...) } diff --git a/commands/audit/audit.go b/commands/audit/audit.go index 1c3fdb26..557e2854 100644 --- a/commands/audit/audit.go +++ b/commands/audit/audit.go @@ -352,13 +352,17 @@ func detectScanTargets(cmdResults *results.SecurityCommandResults, params *Audit // We don't need to scan for both and get duplicate results. continue } + // No technology was detected, add scan without descriptors. (so no sca scan will be preformed and set at target level) if len(workingDirs) == 0 { - // Requested technology (from params) descriptors/indicators were not found, scan only requested directory for this technology. + // Requested technology (from params) descriptors/indicators were not found or recursive scan with NoTech value, add scan without descriptors. cmdResults.NewScanResults(results.ScanTarget{Target: requestedDirectory, Technology: tech}) } for workingDir, descriptors := range workingDirs { // Add scan for each detected working directory. - cmdResults.NewScanResults(results.ScanTarget{Target: workingDir, Technology: tech}).SetDescriptors(descriptors...) + targetResults := cmdResults.NewScanResults(results.ScanTarget{Target: workingDir, Technology: tech}) + if tech != techutils.NoTech { + targetResults.SetDescriptors(descriptors...) + } } } } diff --git a/commands/audit/audit_test.go b/commands/audit/audit_test.go index 6032ae80..70074233 100644 --- a/commands/audit/audit_test.go +++ b/commands/audit/audit_test.go @@ -51,6 +51,23 @@ func TestDetectScansToPreform(t *testing.T) { return param }, expected: []*results.TargetResults{ + { + // We requested specific technologies, Nuget is not in the list but we want to run JAS on it + ScanTarget: results.ScanTarget{ + Target: filepath.Join(dir, "Nuget"), + }, + JasResults: &results.JasScansResults{}, + }, + { + ScanTarget: results.ScanTarget{ + Technology: techutils.Go, + Target: filepath.Join(dir, "dir", "go"), + }, + JasResults: &results.JasScansResults{}, + ScaResults: &results.ScaScanResults{ + Descriptors: []string{filepath.Join(dir, "dir", "go", "go.mod")}, + }, + }, { ScanTarget: results.ScanTarget{ Technology: techutils.Maven, @@ -59,9 +76,9 @@ func TestDetectScansToPreform(t *testing.T) { JasResults: &results.JasScansResults{}, ScaResults: &results.ScaScanResults{ Descriptors: []string{ - filepath.Join(dir, "dir", "maven", "pom.xml"), filepath.Join(dir, "dir", "maven", "maven-sub", "pom.xml"), filepath.Join(dir, "dir", "maven", "maven-sub2", "pom.xml"), + filepath.Join(dir, "dir", "maven", "pom.xml"), }, }, }, @@ -76,14 +93,11 @@ func TestDetectScansToPreform(t *testing.T) { }, }, { + // We requested specific technologies, yarn is not in the list but we want to run JAS on it ScanTarget: results.ScanTarget{ - Technology: techutils.Go, - Target: filepath.Join(dir, "dir", "go"), + Target: filepath.Join(dir, "yarn"), }, JasResults: &results.JasScansResults{}, - ScaResults: &results.ScaScanResults{ - Descriptors: []string{filepath.Join(dir, "dir", "go", "go.mod")}, - }, }, }, }, @@ -96,6 +110,26 @@ func TestDetectScansToPreform(t *testing.T) { return param }, expected: []*results.TargetResults{ + { + ScanTarget: results.ScanTarget{ + Technology: techutils.Nuget, + Target: filepath.Join(dir, "Nuget"), + }, + JasResults: &results.JasScansResults{}, + ScaResults: &results.ScaScanResults{ + Descriptors: []string{filepath.Join(dir, "Nuget", "Nuget-sub", "project.csproj"), filepath.Join(dir, "Nuget", "project.sln")}, + }, + }, + { + ScanTarget: results.ScanTarget{ + Technology: techutils.Go, + Target: filepath.Join(dir, "dir", "go"), + }, + JasResults: &results.JasScansResults{}, + ScaResults: &results.ScaScanResults{ + Descriptors: []string{filepath.Join(dir, "dir", "go", "go.mod")}, + }, + }, { ScanTarget: results.ScanTarget{ Technology: techutils.Maven, @@ -104,9 +138,9 @@ func TestDetectScansToPreform(t *testing.T) { JasResults: &results.JasScansResults{}, ScaResults: &results.ScaScanResults{ Descriptors: []string{ - filepath.Join(dir, "dir", "maven", "pom.xml"), filepath.Join(dir, "dir", "maven", "maven-sub", "pom.xml"), filepath.Join(dir, "dir", "maven", "maven-sub2", "pom.xml"), + filepath.Join(dir, "dir", "maven", "pom.xml"), }, }, }, @@ -120,16 +154,6 @@ func TestDetectScansToPreform(t *testing.T) { Descriptors: []string{filepath.Join(dir, "dir", "npm", "package.json")}, }, }, - { - ScanTarget: results.ScanTarget{ - Technology: techutils.Go, - Target: filepath.Join(dir, "dir", "go"), - }, - JasResults: &results.JasScansResults{}, - ScaResults: &results.ScaScanResults{ - Descriptors: []string{filepath.Join(dir, "dir", "go", "go.mod")}, - }, - }, { ScanTarget: results.ScanTarget{ Technology: techutils.Yarn, @@ -160,16 +184,6 @@ func TestDetectScansToPreform(t *testing.T) { Descriptors: []string{filepath.Join(dir, "yarn", "Pipenv", "Pipfile")}, }, }, - { - ScanTarget: results.ScanTarget{ - Technology: techutils.Nuget, - Target: filepath.Join(dir, "Nuget"), - }, - JasResults: &results.JasScansResults{}, - ScaResults: &results.ScaScanResults{ - Descriptors: []string{filepath.Join(dir, "Nuget", "project.sln"), filepath.Join(dir, "Nuget", "Nuget-sub", "project.csproj")}, - }, - }, }, }, } @@ -179,6 +193,12 @@ func TestDetectScansToPreform(t *testing.T) { results := results.NewCommandResults(utils.SourceCode).SetEntitledForJas(true).SetSecretValidation(true) detectScanTargets(results, test.params()) if assert.Len(t, results.Targets, len(test.expected)) { + sort.Slice(results.Targets, func(i, j int) bool { + return results.Targets[i].ScanTarget.Target < results.Targets[j].ScanTarget.Target + }) + sort.Slice(test.expected, func(i, j int) bool { + return test.expected[i].ScanTarget.Target < test.expected[j].ScanTarget.Target + }) for i := range results.Targets { if results.Targets[i].ScaResults != nil { sort.Strings(results.Targets[i].ScaResults.Descriptors) diff --git a/commands/audit/scarunner.go b/commands/audit/scarunner.go index ed74f24c..cd925ad0 100644 --- a/commands/audit/scarunner.go +++ b/commands/audit/scarunner.go @@ -46,7 +46,7 @@ func hasAtLeastOneTech(cmdResults *results.SecurityCommandResults) bool { return false } for _, scan := range cmdResults.Targets { - if scan.Technology != "" { + if scan.Technology != techutils.NoTech { return true } } diff --git a/utils/results/results.go b/utils/results/results.go index 51f93a4a..c01d1856 100644 --- a/utils/results/results.go +++ b/utils/results/results.go @@ -75,9 +75,11 @@ func (st ScanTarget) String() (str string) { if st.Name != "" { str = st.Name } - if st.Technology != "" { - str += fmt.Sprintf(" [%s]", st.Technology) + tech := st.Technology.String() + if tech == techutils.NoTech.String() { + tech = "unknown" } + str += fmt.Sprintf(" [%s]", tech) return } diff --git a/utils/techutils/techutils.go b/utils/techutils/techutils.go index 849e4f39..5ed8e76b 100644 --- a/utils/techutils/techutils.go +++ b/utils/techutils/techutils.go @@ -39,6 +39,7 @@ const ( Oci Technology = "oci" Conan Technology = "conan" Cocoapods Technology = "cocoapods" + NoTech Technology = "" ) const Pypi = "pypi" @@ -333,10 +334,11 @@ func detectedTechnologiesListInPath(path string, recursive bool) (technologies [ } // If recursive is true, the search will not be limited to files in the root path. +// If recursive is true the search may return Technology.NoTech value // If requestedTechs is empty, all technologies will be checked. // If excludePathPattern is not empty, files/directories that match the wildcard pattern will be excluded from the search. func DetectTechnologiesDescriptors(path string, recursive bool, requestedTechs []string, requestedDescriptors map[Technology][]string, excludePathPattern string) (technologiesDetected map[Technology]map[string][]string, err error) { - filesList, err := fspatterns.ListFiles(path, recursive, false, true, true, excludePathPattern) + filesList, dirsList, err := listFilesAndDirs(path, recursive, true, true, excludePathPattern) if err != nil { return } @@ -351,12 +353,161 @@ func DetectTechnologiesDescriptors(path string, recursive bool, requestedTechs [ log.Debug(fmt.Sprintf("mapped %d working directories with indicators/descriptors:\n%s", len(workingDirectoryToIndicators), strJson)) } technologiesDetected, err = mapWorkingDirectoriesToTechnologies(workingDirectoryToIndicators, excludedTechAtWorkingDir, ToTechnologies(requestedTechs), requestedDescriptors) - if len(technologiesDetected) > 0 { - log.Debug(fmt.Sprintf("Detected %d technologies at %s: %s.", len(technologiesDetected), path, maps.Keys(technologiesDetected))) + if err != nil { + return + } + if recursive { + // If recursive search, we need to also make sure to include directories that do not have any technology indicators. + technologiesDetected = addNoTechIfNeeded(technologiesDetected, path, dirsList) + } + techCount := len(technologiesDetected) + if _, exist := technologiesDetected[NoTech]; exist { + techCount-- + } + if techCount > 0 { + log.Debug(fmt.Sprintf("Detected %d technologies at %s: %s.", techCount, path, maps.Keys(technologiesDetected))) + } + return +} + +func listFilesAndDirs(rootPath string, isRecursive, excludeWithRelativePath, preserveSymlink bool, excludePathPattern string) (files, dirs []string, err error) { + filesOrDirsInPath, err := fspatterns.ListFiles(rootPath, isRecursive, true, excludeWithRelativePath, preserveSymlink, excludePathPattern) + if err != nil { + return + } + for _, path := range filesOrDirsInPath { + if isDir, e := fileutils.IsDirExists(path, preserveSymlink); e != nil { + err = errors.Join(err, fmt.Errorf("failed to check if %s is a directory: %w", path, e)) + continue + } else if isDir { + dirs = append(dirs, path) + } else { + files = append(files, path) + } + } + return +} + +func addNoTechIfNeeded(technologiesDetected map[Technology]map[string][]string, rootPath string, dirsList []string) (_ map[Technology]map[string][]string) { + noTechMap := map[string][]string{} + for _, dir := range getDirNoTechList(technologiesDetected, rootPath, dirsList) { + // Convert the directories + noTechMap[dir] = []string{} + } + if len(technologiesDetected) == 0 || len(noTechMap) > 0 { + // no technologies detected at all (add NoTech without any directories) or some directories were added to NoTech + technologiesDetected[NoTech] = noTechMap + } + return technologiesDetected +} + +func getDirNoTechList(technologiesDetected map[Technology]map[string][]string, dir string, dirsList []string) (noTechList []string) { + for _, techDirs := range technologiesDetected { + if _, exist := techDirs[dir]; exist { + // The directory is already mapped to a technology, no need to add the dir or its sub directories to NoTech + return + } + } + children := getDirChildren(dir, dirsList) + childNoTechCount := 0 + for _, child := range children { + childNoTechList := getDirNoTechList(technologiesDetected, child, dirsList) + if len(childNoTechList) > 0 { + childNoTechCount++ + } + noTechList = append(noTechList, childNoTechList...) + } + if childNoTechCount == len(children) { + // If all children exists in childNoTechList, add only the parent directory to NoTech + noTechList = []string{dir} + } + + // for _, techDirs := range technologiesDetected { + // if _, exist := techDirs[dir]; exist { + // // The directory is already mapped to a technology, no need to add the dir or its sub directories to NoTech + // break + // } + // for _, child := range children { + // childNoTechList := getDirNoTechList(technologiesDetected, child, dirsList) + // } + + // if len(children) == 0 { + // // No children directories, add the directory to NoTech + // childNoTechList = append(childNoTechList, dir) + // break + // } + // for _, child := range children { + // childNoTechList = append(childNoTechList, getDirNoTechList(technologiesDetected, child, dirsList)...) + // } + // // If all children exists in childNoTechList, add only the parent directory to NoTech + // if len(children) == len(childNoTechList) { + // childNoTechList = []string{dir} + // } + // } + return +} + +func getDirChildren(dir string, dirsList []string) (children []string) { + for _, dirPath := range dirsList { + if filepath.Dir(dirPath) == dir { + children = append(children, dirPath) + } } return } +// func addNoTechIfNeeded(technologiesDetected map[Technology]map[string][]string, path, excludePathPattern string) (finalMap map[Technology]map[string][]string, err error) { +// finalMap = technologiesDetected +// noTechMap := map[string][]string{} +// // TODO: not only direct, need to see if multiple levels of directories are missing technology indicators +// // if all directories in are found no need for anything else, +// // if one missing need to add it to NoTech +// // if not one detected add only parent directory no need for each directory +// directories, err := getDirectDirectories(path, excludePathPattern) +// if err != nil { +// return +// } +// for _, dir := range directories { +// // Check if the directory is already mapped to a technology +// isMapped := false +// for _, techDirs := range finalMap { +// if _, exist := techDirs[dir]; exist { +// isMapped = true +// break +// } +// } +// if !isMapped { +// // Add the directory to NoTech (no indicators/descriptors were found) +// noTechMap[dir] = []string{} +// } +// } +// if len(technologiesDetected) == 0 || len(noTechMap) > 0 { +// // no technologies detected at all (add NoTech without any directories) or some directories were added to NoTech +// finalMap[NoTech] = noTechMap +// } +// return +// } + +// func getDirectDirectories(path, excludePathPattern string) (directories []string, err error) { +// // Get all files and directories in the path, not recursive +// filesOrDirsInPath, err := fspatterns.ListFiles(path, false, true, true, true, excludePathPattern) +// if err != nil { +// return +// } +// // Filter to directories only +// for _, potentialDir := range filesOrDirsInPath { +// isDir, e := fileutils.IsDirExists(potentialDir, true) +// if e != nil { +// err = errors.Join(err, fmt.Errorf("failed to check if %s is a directory: %w", potentialDir, e)) +// continue +// } +// if isDir { +// directories = append(directories, potentialDir) +// } +// } +// return +// } + // Map files to relevant working directories according to the technologies' indicators/descriptors and requested descriptors. // files: The file paths to map. // requestedDescriptors: Special requested descriptors (for example in Pip requirement.txt can have different path) for each technology. @@ -556,6 +707,9 @@ func hasCompletePathPrefix(root, wd string) bool { func DetectedTechnologiesToSlice(detected map[Technology]map[string][]string) []string { keys := make([]string, 0, len(detected)) for tech := range detected { + if tech == NoTech { + continue + } keys = append(keys, string(tech)) } return keys diff --git a/utils/techutils/techutils_test.go b/utils/techutils/techutils_test.go index 796e4d57..63de84b5 100644 --- a/utils/techutils/techutils_test.go +++ b/utils/techutils/techutils_test.go @@ -7,6 +7,7 @@ import ( "testing" "github.com/jfrog/jfrog-client-go/utils/io/fileutils" + clientTests "github.com/jfrog/jfrog-client-go/utils/tests" "github.com/stretchr/testify/assert" "golang.org/x/exp/maps" ) @@ -244,6 +245,51 @@ func TestMapWorkingDirectoriesToTechnologies(t *testing.T) { } } +func TestAddNoTechIfNeeded(t *testing.T) { + tmpDir, err := fileutils.CreateTempDir() + assert.NoError(t, err, "Couldn't create temp dir") + assert.NoError(t, fileutils.CreateDirIfNotExist(filepath.Join(tmpDir, "folder"))) + assert.NoError(t, fileutils.CreateDirIfNotExist(filepath.Join(tmpDir, "tech-folder"))) + + prevWd, err := os.Getwd() + assert.NoError(t, err, "Couldn't get working directory") + assert.NoError(t, os.Chdir(tmpDir), "Couldn't change working directory") + defer func() { + clientTests.ChangeDirAndAssert(t, prevWd) + assert.NoError(t, fileutils.RemoveTempDir(tmpDir), "Couldn't remove temp dir") + }() + + tests := []struct { + name string + path string + dirList []string + technologiesDetected map[Technology]map[string][]string + expected map[Technology]map[string][]string + }{ + { + name: "No tech detected", + path: tmpDir, + dirList: []string{}, + technologiesDetected: map[Technology]map[string][]string{}, + expected: map[Technology]map[string][]string{NoTech: {tmpDir: {}}}, + }, + { + name: "No tech detected, sub dir", + path: tmpDir, + dirList: []string{filepath.Join(tmpDir, "folder"), filepath.Join(tmpDir, "tech-folder")}, + technologiesDetected: map[Technology]map[string][]string{Npm: {filepath.Join(tmpDir, "tech-folder"): {}}}, + expected: map[Technology]map[string][]string{Npm: {filepath.Join(tmpDir, "tech-folder"): {}}, NoTech: {filepath.Join(tmpDir, "folder"): {}}}, + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + actual := addNoTechIfNeeded(test.technologiesDetected, test.path, test.dirList) + assert.Equal(t, test.expected, actual) + }) + } +} + func TestGetExistingRootDir(t *testing.T) { tests := []struct { name string From 7604a33c5ca195995a3cbbb930960d88d861995c Mon Sep 17 00:00:00 2001 From: Eran Turgeman <81029514+eranturgeman@users.noreply.github.com> Date: Mon, 11 Nov 2024 09:25:00 +0200 Subject: [PATCH 031/111] Enable allow-partial-results to Yarn V1 dependencies map construction (#229) --- commands/audit/sca/yarn/yarn.go | 2 +- go.mod | 10 +++++----- go.sum | 16 ++++++++-------- jas/analyzermanager.go | 2 +- utils/auditbasicparams.go | 1 + 5 files changed, 16 insertions(+), 15 deletions(-) diff --git a/commands/audit/sca/yarn/yarn.go b/commands/audit/sca/yarn/yarn.go index a8cc9196..1334271f 100644 --- a/commands/audit/sca/yarn/yarn.go +++ b/commands/audit/sca/yarn/yarn.go @@ -72,7 +72,7 @@ func BuildDependencyTree(params utils.AuditParams) (dependencyTrees []*xrayUtils } // Calculate Yarn dependencies - dependenciesMap, root, err := bibuildutils.GetYarnDependencies(executablePath, currentDir, packageInfo, log.Logger) + dependenciesMap, root, err := bibuildutils.GetYarnDependencies(executablePath, currentDir, packageInfo, log.Logger, params.AllowPartialResults()) if err != nil { return } diff --git a/go.mod b/go.mod index 3112bf11..d1cb19f1 100644 --- a/go.mod +++ b/go.mod @@ -6,12 +6,12 @@ require ( github.com/beevik/etree v1.4.0 github.com/google/go-github/v56 v56.0.0 github.com/gookit/color v1.5.4 - github.com/jfrog/build-info-go v1.10.3 + github.com/jfrog/build-info-go v1.10.5 github.com/jfrog/froggit-go v1.16.2 github.com/jfrog/gofrog v1.7.6 github.com/jfrog/jfrog-apps-config v1.0.1 - github.com/jfrog/jfrog-cli-core/v2 v2.56.5 - github.com/jfrog/jfrog-client-go v1.47.4 + github.com/jfrog/jfrog-cli-core/v2 v2.56.7 + github.com/jfrog/jfrog-client-go v1.47.6 github.com/magiconair/properties v1.8.7 github.com/owenrumney/go-sarif/v2 v2.3.0 github.com/stretchr/testify v1.9.0 @@ -47,7 +47,7 @@ require ( github.com/go-git/go-billy/v5 v5.5.0 // indirect github.com/go-git/go-git/v5 v5.12.0 // indirect github.com/gocarina/gocsv v0.0.0-20240520201108-78e41c74b4b1 // indirect - github.com/golang-jwt/jwt/v4 v4.5.0 // indirect + github.com/golang-jwt/jwt/v4 v4.5.1 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/snappy v0.0.4 // indirect github.com/google/go-querystring v1.1.0 // indirect @@ -111,7 +111,7 @@ require ( gopkg.in/warnings.v0 v0.1.2 // indirect ) -replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20241107130834-59ac9764f8b9 +// replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 dev // replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go dev diff --git a/go.sum b/go.sum index a1455ea3..114c02cb 100644 --- a/go.sum +++ b/go.sum @@ -81,8 +81,8 @@ github.com/go-git/go-git/v5 v5.12.0 h1:7Md+ndsjrzZxbddRDZjF14qK+NN56sy6wkqaVrjZt github.com/go-git/go-git/v5 v5.12.0/go.mod h1:FTM9VKtnI2m65hNI/TenDDDnUf2Q9FHnXYjuz9i5OEY= github.com/gocarina/gocsv v0.0.0-20240520201108-78e41c74b4b1 h1:FWNFq4fM1wPfcK40yHE5UO3RUdSNPaBC+j3PokzA6OQ= github.com/gocarina/gocsv v0.0.0-20240520201108-78e41c74b4b1/go.mod h1:5YoVOkjYAQumqlV356Hj3xeYh4BdZuLE0/nRkf2NKkI= -github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= -github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= +github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -121,18 +121,18 @@ github.com/jedib0t/go-pretty/v6 v6.6.1 h1:iJ65Xjb680rHcikRj6DSIbzCex2huitmc7bDtx github.com/jedib0t/go-pretty/v6 v6.6.1/go.mod h1:zbn98qrYlh95FIhwwsbIip0LYpwSG8SUOScs+v9/t0E= github.com/jfrog/archiver/v3 v3.6.1 h1:LOxnkw9pOn45DzCbZNFV6K0+6dCsQ0L8mR3ZcujO5eI= github.com/jfrog/archiver/v3 v3.6.1/go.mod h1:VgR+3WZS4N+i9FaDwLZbq+jeU4B4zctXL+gL4EMzfLw= -github.com/jfrog/build-info-go v1.10.3 h1:9nqBdZD6xkuxiOvxg+idZ79QLFWQNuucvKkl8Xb42kw= -github.com/jfrog/build-info-go v1.10.3/go.mod h1:JcISnovFXKx3wWf3p1fcMmlPdt6adxScXvoJN4WXqIE= +github.com/jfrog/build-info-go v1.10.5 h1:cW03JlPlKv7RMUU896uLUxyLWXAmCgR5Y5QX0fwgz0Q= +github.com/jfrog/build-info-go v1.10.5/go.mod h1:JcISnovFXKx3wWf3p1fcMmlPdt6adxScXvoJN4WXqIE= github.com/jfrog/froggit-go v1.16.2 h1:F//S83iXH14qsCwYzv0zB2JtjS2pJVEsUoEmYA+37dQ= github.com/jfrog/froggit-go v1.16.2/go.mod h1:5VpdQfAcbuyFl9x/x8HGm7kVk719kEtW/8YJFvKcHPA= github.com/jfrog/gofrog v1.7.6 h1:QmfAiRzVyaI7JYGsB7cxfAJePAZTzFz0gRWZSE27c6s= github.com/jfrog/gofrog v1.7.6/go.mod h1:ntr1txqNOZtHplmaNd7rS4f8jpA5Apx8em70oYEe7+4= github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY= github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20241107130834-59ac9764f8b9 h1:zAlXZrJRbThdMtA5UDjC0RouJ/OVY/zv9+VI54NTbFo= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20241107130834-59ac9764f8b9/go.mod h1:2E9LLSLDYNwp2585LyMuDaNMuq+ohvgZYg7K5EY933o= -github.com/jfrog/jfrog-client-go v1.47.4 h1:4FAuDDvoDRy9LEFe1WwUO5prBXkgyhaWGEZ0vXYL/Z4= -github.com/jfrog/jfrog-client-go v1.47.4/go.mod h1:NepfaidmK/xiKsVC+0Ur9sANOqL6io8Y7pSaCau7J6o= +github.com/jfrog/jfrog-cli-core/v2 v2.56.7 h1:pB4ronzVk60k/lf9bUL9HxBZ8PbMW6LhbIFld9NXNNc= +github.com/jfrog/jfrog-cli-core/v2 v2.56.7/go.mod h1:puLwWcnXYCJqUOvhscXRJiKNzPdj0adP+zadKy6A/gU= +github.com/jfrog/jfrog-client-go v1.47.6 h1:nEMwJvjsuuY6LpOV3e33P4c4irPHkG8Qxw27bgeCl/Y= +github.com/jfrog/jfrog-client-go v1.47.6/go.mod h1:jCpvS83DZHAin2aSG7VroTsILJsyq7AOcFfx++P241E= github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k= github.com/k0kubun/pp v3.0.1+incompatible/go.mod h1:GWse8YhT0p8pT4ir3ZgBbfZild3tgzSScAn6HmfYukg= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= diff --git a/jas/analyzermanager.go b/jas/analyzermanager.go index 874c6234..af469aa6 100644 --- a/jas/analyzermanager.go +++ b/jas/analyzermanager.go @@ -24,7 +24,7 @@ import ( const ( ApplicabilityFeatureId = "contextual_analysis" AnalyzerManagerZipName = "analyzerManager.zip" - defaultAnalyzerManagerVersion = "1.11.1" + defaultAnalyzerManagerVersion = "1.11.2" analyzerManagerDownloadPath = "xsc-gen-exe-analyzer-manager-local/v1" analyzerManagerDirName = "analyzerManager" analyzerManagerExecutableName = "analyzerManager" diff --git a/utils/auditbasicparams.go b/utils/auditbasicparams.go index a30887e3..049cbcbe 100644 --- a/utils/auditbasicparams.go +++ b/utils/auditbasicparams.go @@ -41,6 +41,7 @@ type AuditParams interface { SetIsRecursiveScan(isRecursiveScan bool) *AuditBasicParams IsRecursiveScan() bool SkipAutoInstall() bool + AllowPartialResults() bool } type AuditBasicParams struct { From 10eb136f38b27905d26e7fe94051d446ff89f1ba Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 11 Nov 2024 17:32:16 +0200 Subject: [PATCH 032/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods.go | 4 ++-- commands/audit/sca/cocoapods/podcommand.go | 12 ++++++++++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index 246b8280..b5c12f27 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -244,13 +244,13 @@ func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils. packageName := filepath.Base(currentDir) packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule) - _, _, err = getPodVersionAndExecPath() + _, execPath, err := getPodVersionAndExecPath() if err != nil { err = fmt.Errorf("failed while retrieving pod path: %s", err.Error()) return } // Calculate pod dependencies - data, err := GetDependenciesData("pod", currentDir) + data, err := GetDependenciesData(execPath, currentDir) if err != nil { return nil, nil, err } diff --git a/commands/audit/sca/cocoapods/podcommand.go b/commands/audit/sca/cocoapods/podcommand.go index a956b200..12ba9a7c 100644 --- a/commands/audit/sca/cocoapods/podcommand.go +++ b/commands/audit/sca/cocoapods/podcommand.go @@ -38,8 +38,8 @@ func getPodVersionAndExecPath() (*version.Version, string, error) { return nil, "", fmt.Errorf("could not find the 'pod' executable in the system PATH %w", err) } log.Debug("Using pod executable:", podExecPath) - versionData, stdErr, err := runPodCmd(podExecPath, "", []string{"--version"}) - if err != nil || stdErr != nil { + versionData, _, err := runPodCmd(podExecPath, "", []string{"--version"}) + if err != nil { return nil, "", err } return version.NewVersion(strings.TrimSpace(string(versionData))), podExecPath, nil @@ -172,6 +172,14 @@ func setArtifactoryAsResolutionServer(serverDetails *config.ServerDetails, depsR return } clearResolutionServerFunc = podCmd.RestoreNetrcFunc() + _, execPath, err := getPodVersionAndExecPath() + if err != nil { + return nil, err + } + _, _, err = runPodCmd(execPath, podCmd.workingDirectory, []string{"repo", "add-cdn", depsRepo, fmt.Sprintf("%sapi/pods/%s", serverDetails.ArtifactoryUrl, depsRepo)}) + if err != nil { + return nil, err + } log.Info(fmt.Sprintf("Resolving dependencies from '%s' from repo '%s'", serverDetails.Url, depsRepo)) return } From d227dc079b0a5510966b566ea60457ef9153082e Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 11 Nov 2024 17:52:18 +0200 Subject: [PATCH 033/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 8d32dee8..97629bf6 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -15,7 +15,7 @@ runs: - name: install ruby uses: ruby/setup-ruby@v1 with: - ruby-version: 3.0.0 + ruby-version: 3.3.6 - name: Install cocoapods shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} run: gem install cocoapods From 76d5d9b7ed2e4af4c892f763e3ca4d16ac88ac1d Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 11 Nov 2024 18:22:58 +0200 Subject: [PATCH 034/111] cocoapods-audit --- commands/audit/sca/cocoapods/podcommand.go | 24 +++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/commands/audit/sca/cocoapods/podcommand.go b/commands/audit/sca/cocoapods/podcommand.go index 12ba9a7c..4208c537 100644 --- a/commands/audit/sca/cocoapods/podcommand.go +++ b/commands/audit/sca/cocoapods/podcommand.go @@ -10,6 +10,7 @@ import ( "github.com/jfrog/jfrog-client-go/auth" "github.com/jfrog/jfrog-client-go/utils/errorutils" "github.com/jfrog/jfrog-client-go/utils/log" + "net/url" "os" "os/exec" "path/filepath" @@ -81,7 +82,12 @@ func (pc *PodCommand) RestoreNetrcFunc() func() error { func (pc *PodCommand) GetData() ([]byte, error) { var filteredConf []string - filteredConf = append(filteredConf, "machine ", pc.serverDetails.Url, "\n") + u, err := url.Parse(pc.serverDetails.Url) + if err != nil { + return nil, err + } + hostname := u.Hostname() + filteredConf = append(filteredConf, "machine ", hostname, "\n") filteredConf = append(filteredConf, "login ", pc.serverDetails.User, "\n") filteredConf = append(filteredConf, "password ", pc.serverDetails.AccessToken, "\n") @@ -93,15 +99,23 @@ func (pc *PodCommand) CreateTempNetrc() error { if err != nil { return err } - if err = removeNetrcIfExists(pc.workingDirectory); err != nil { + dir, err := os.UserHomeDir() + if err != nil { + return err + } + if err = removeNetrcIfExists(dir); err != nil { return err } log.Debug("Creating temporary .netrc file.") - return errorutils.CheckError(os.WriteFile(filepath.Join(pc.workingDirectory, podNetRcfileName), data, 0755)) + return errorutils.CheckError(os.WriteFile(filepath.Join(dir, podNetRcfileName), data, 0755)) } func (pc *PodCommand) setRestoreNetrcFunc() error { - restoreNetrcFunc, err := ioutils.BackupFile(filepath.Join(pc.workingDirectory, podNetRcfileName), podrcBackupFileName) + dir, err := os.UserHomeDir() + if err != nil { + return err + } + restoreNetrcFunc, err := ioutils.BackupFile(filepath.Join(dir, podNetRcfileName), podrcBackupFileName) if err != nil { return err } @@ -159,7 +173,7 @@ func removeNetrcIfExists(workingDirectory string) error { return errorutils.CheckError(err) } - log.Debug("Removing existing .npmrc file") + log.Debug("Removing existing .netrc file") return errorutils.CheckError(os.Remove(filepath.Join(workingDirectory, podNetRcfileName))) } From ac581527bc13bca5c1c11da1a0a389174529ba1b Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 10:25:00 +0200 Subject: [PATCH 035/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 5 +++++ commands/audit/sca/cocoapods/podcommand.go | 8 ++++---- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 97629bf6..a19b85be 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -19,6 +19,11 @@ runs: - name: Install cocoapods shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} run: gem install cocoapods + - name: Install cURL Headers + run: curl https://curl.haxx.se/download/curl-$V.tar.gz | sudo tar xz -C /usr --strip-components=1 curl-$V/include + shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} + env: + V: 7.58.0 - name: Install npm uses: actions/setup-node@v4 diff --git a/commands/audit/sca/cocoapods/podcommand.go b/commands/audit/sca/cocoapods/podcommand.go index 4208c537..2053123e 100644 --- a/commands/audit/sca/cocoapods/podcommand.go +++ b/commands/audit/sca/cocoapods/podcommand.go @@ -39,14 +39,14 @@ func getPodVersionAndExecPath() (*version.Version, string, error) { return nil, "", fmt.Errorf("could not find the 'pod' executable in the system PATH %w", err) } log.Debug("Using pod executable:", podExecPath) - versionData, _, err := runPodCmd(podExecPath, "", []string{"--version"}) + versionData, err := runPodCmd(podExecPath, "", []string{"--version"}) if err != nil { return nil, "", err } return version.NewVersion(strings.TrimSpace(string(versionData))), podExecPath, nil } -func runPodCmd(executablePath, srcPath string, podArgs []string) (stdResult, errResult []byte, err error) { +func runPodCmd(executablePath, srcPath string, podArgs []string) (stdResult []byte, err error) { args := make([]string, 0) for i := 0; i < len(podArgs); i++ { if strings.TrimSpace(podArgs[i]) != "" { @@ -61,7 +61,7 @@ func runPodCmd(executablePath, srcPath string, podArgs []string) (stdResult, err errBuffer := bytes.NewBuffer([]byte{}) command.Stderr = errBuffer err = command.Run() - errResult = errBuffer.Bytes() + errResult := errBuffer.Bytes() stdResult = outBuffer.Bytes() if err != nil { err = fmt.Errorf("error while running '%s %s': %s\n%s", executablePath, strings.Join(args, " "), err.Error(), strings.TrimSpace(string(errResult))) @@ -190,7 +190,7 @@ func setArtifactoryAsResolutionServer(serverDetails *config.ServerDetails, depsR if err != nil { return nil, err } - _, _, err = runPodCmd(execPath, podCmd.workingDirectory, []string{"repo", "add-cdn", depsRepo, fmt.Sprintf("%sapi/pods/%s", serverDetails.ArtifactoryUrl, depsRepo)}) + _, err = runPodCmd(execPath, podCmd.workingDirectory, []string{"repo", "add-cdn", depsRepo, fmt.Sprintf("%sapi/pods/%s", serverDetails.ArtifactoryUrl, depsRepo)}) if err != nil { return nil, err } From 4f9d0cbc23c75934e58651c390fa39d6fa4b75eb Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 10:34:00 +0200 Subject: [PATCH 036/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index b5c12f27..4b094be3 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -213,7 +213,7 @@ func GetDependenciesData(exePath, currentDir string) (string, error) { return "", err } if runPodInstall { - _, _, err = runPodCmd(exePath, currentDir, []string{"install"}) + _, err = runPodCmd(exePath, currentDir, []string{"install"}) if err != nil { return "", err } From cc9adc7057c2b301cadbc38bd0a81f4d39f01f41 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 11:37:25 +0200 Subject: [PATCH 037/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index a19b85be..69c79262 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -20,7 +20,10 @@ runs: shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} run: gem install cocoapods - name: Install cURL Headers - run: curl https://curl.haxx.se/download/curl-$V.tar.gz | sudo tar xz -C /usr --strip-components=1 curl-$V/include + run: | + if [[ ${{ runner.os == 'Windows' }} ]]; then + curl https://curl.haxx.se/download/curl-$V.tar.gz | sudo tar xz -C /usr --strip-components=1 curl-$V/include + fi shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} env: V: 7.58.0 From 914366a1e5189b8f645b88aae2ba911a439fe622 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 11:46:51 +0200 Subject: [PATCH 038/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 69c79262..016c1517 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -21,7 +21,7 @@ runs: run: gem install cocoapods - name: Install cURL Headers run: | - if [[ ${{ runner.os == 'Windows' }} ]]; then + if [[ ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} ]]; then curl https://curl.haxx.se/download/curl-$V.tar.gz | sudo tar xz -C /usr --strip-components=1 curl-$V/include fi shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} From 0e21bffc8c7d8238047ab66e8d983b5b276b6c38 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 11:50:40 +0200 Subject: [PATCH 039/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 016c1517..69c79262 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -21,7 +21,7 @@ runs: run: gem install cocoapods - name: Install cURL Headers run: | - if [[ ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} ]]; then + if [[ ${{ runner.os == 'Windows' }} ]]; then curl https://curl.haxx.se/download/curl-$V.tar.gz | sudo tar xz -C /usr --strip-components=1 curl-$V/include fi shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} From d9a33551d8119ea943f53c3d50b64e675fb28d15 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 11:57:39 +0200 Subject: [PATCH 040/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 69c79262..b67ee208 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -22,7 +22,7 @@ runs: - name: Install cURL Headers run: | if [[ ${{ runner.os == 'Windows' }} ]]; then - curl https://curl.haxx.se/download/curl-$V.tar.gz | sudo tar xz -C /usr --strip-components=1 curl-$V/include + curl https://curl.se/download/curl-7.58.0.tar.gz | tar xz -C /usr --strip-components=1 curl-7.58.0/include fi shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} env: From 4bea9a1ab0c802ecc38eabdf5930df58c0420c13 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 12:10:10 +0200 Subject: [PATCH 041/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index b67ee208..b1660e55 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -21,12 +21,10 @@ runs: run: gem install cocoapods - name: Install cURL Headers run: | - if [[ ${{ runner.os == 'Windows' }} ]]; then - curl https://curl.se/download/curl-7.58.0.tar.gz | tar xz -C /usr --strip-components=1 curl-7.58.0/include + if [ "$RUNNER_OS" == "Windows" ]; then + curl https://curl.se/download/curl-7.58.0.tar.gz | tar xz -C /usr --strip-components=1 curl-7.58.0/include fi - shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} - env: - V: 7.58.0 + shell: bash - name: Install npm uses: actions/setup-node@v4 From 78445f4eb1d1545147859e95e947b9847c530621 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 13:45:31 +0200 Subject: [PATCH 042/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index b1660e55..474f0c5d 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -21,7 +21,7 @@ runs: run: gem install cocoapods - name: Install cURL Headers run: | - if [ "$RUNNER_OS" == "Windows" ]; then + if [ ${{ runner.os }} == "Windows" ]; then curl https://curl.se/download/curl-7.58.0.tar.gz | tar xz -C /usr --strip-components=1 curl-7.58.0/include fi shell: bash From 9f423afc102102ed136f3fb4316c05983b3c5606 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 15:24:54 +0200 Subject: [PATCH 043/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 474f0c5d..cefd11d2 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -22,7 +22,8 @@ runs: - name: Install cURL Headers run: | if [ ${{ runner.os }} == "Windows" ]; then - curl https://curl.se/download/curl-7.58.0.tar.gz | tar xz -C /usr --strip-components=1 curl-7.58.0/include + curl https://curl.se/windows/dl-8.11.0_1/curl-8.11.0_1-win64-mingw.zip | tar xz curl-8.11.0_1-win64-mingw.zip + mv curl-8.11.0_1-win64-mingw/bin/libcurl-x64.dll C:/hostedtoolcache/windows/Ruby/3.3.6/x64/bin/libcurl.dll fi shell: bash From 1d0632f5274fa0febc138f1aa2e1a1fe4a3abfb2 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 15:45:58 +0200 Subject: [PATCH 044/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index cefd11d2..4e86cb6a 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -22,8 +22,8 @@ runs: - name: Install cURL Headers run: | if [ ${{ runner.os }} == "Windows" ]; then - curl https://curl.se/windows/dl-8.11.0_1/curl-8.11.0_1-win64-mingw.zip | tar xz curl-8.11.0_1-win64-mingw.zip - mv curl-8.11.0_1-win64-mingw/bin/libcurl-x64.dll C:/hostedtoolcache/windows/Ruby/3.3.6/x64/bin/libcurl.dll + curl https://curl.se/windows/dl-8.11.0_1/curl-8.11.0_1-win64-mingw.zip | tar -xzf curl-8.11.0_1-win64-mingw.zip + mv curl-8.11.0_1-win64-mingw/bin/libcurl-x64.dll C:/hostedtoolcache/windows/Ruby/3.3.6/x64/bin fi shell: bash From 5bcd943201b1877f11501fac35a6e65c59782cbe Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 16:16:55 +0200 Subject: [PATCH 045/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 4e86cb6a..be7ea094 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -22,8 +22,8 @@ runs: - name: Install cURL Headers run: | if [ ${{ runner.os }} == "Windows" ]; then - curl https://curl.se/windows/dl-8.11.0_1/curl-8.11.0_1-win64-mingw.zip | tar -xzf curl-8.11.0_1-win64-mingw.zip - mv curl-8.11.0_1-win64-mingw/bin/libcurl-x64.dll C:/hostedtoolcache/windows/Ruby/3.3.6/x64/bin + curl https://curl.se/windows/dl-8.11.0_1/curl-8.11.0_1-win64-mingw.zip > curl-8.11.0_1-win64-mingw.zip | tar -xzf curl-8.11.0_1-win64-mingw.zip + mv curl-8.11.0_1-win64-mingw/bin/libcurl-x64.dll C:/hostedtoolcache/windows/Ruby/3.3.6/x64/bin/libcurl.dll fi shell: bash From 76b85aa18d3c199e0aa0213d4168466070e08098 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 16:23:25 +0200 Subject: [PATCH 046/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index be7ea094..3efce1b5 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -22,7 +22,8 @@ runs: - name: Install cURL Headers run: | if [ ${{ runner.os }} == "Windows" ]; then - curl https://curl.se/windows/dl-8.11.0_1/curl-8.11.0_1-win64-mingw.zip > curl-8.11.0_1-win64-mingw.zip | tar -xzf curl-8.11.0_1-win64-mingw.zip + curl https://curl.se/windows/dl-8.11.0_1/curl-8.11.0_1-win64-mingw.zip > curl-8.11.0_1-win64-mingw.zip + tar -xzf curl-8.11.0_1-win64-mingw.zip mv curl-8.11.0_1-win64-mingw/bin/libcurl-x64.dll C:/hostedtoolcache/windows/Ruby/3.3.6/x64/bin/libcurl.dll fi shell: bash From cf6b309be508f5e9001d787d61b2718edfa28eed Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 16:31:57 +0200 Subject: [PATCH 047/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 3efce1b5..b1a5e4df 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -23,7 +23,7 @@ runs: run: | if [ ${{ runner.os }} == "Windows" ]; then curl https://curl.se/windows/dl-8.11.0_1/curl-8.11.0_1-win64-mingw.zip > curl-8.11.0_1-win64-mingw.zip - tar -xzf curl-8.11.0_1-win64-mingw.zip + file curl-8.11.0_1-win64-mingw.zip mv curl-8.11.0_1-win64-mingw/bin/libcurl-x64.dll C:/hostedtoolcache/windows/Ruby/3.3.6/x64/bin/libcurl.dll fi shell: bash From a27b3de4a9f1fe75e176c4ebadd2498852feebe9 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 16:45:20 +0200 Subject: [PATCH 048/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index b1a5e4df..5bb1af51 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -23,7 +23,7 @@ runs: run: | if [ ${{ runner.os }} == "Windows" ]; then curl https://curl.se/windows/dl-8.11.0_1/curl-8.11.0_1-win64-mingw.zip > curl-8.11.0_1-win64-mingw.zip - file curl-8.11.0_1-win64-mingw.zip + tar -xf curl-8.11.0_1-win64-mingw.zip mv curl-8.11.0_1-win64-mingw/bin/libcurl-x64.dll C:/hostedtoolcache/windows/Ruby/3.3.6/x64/bin/libcurl.dll fi shell: bash From e0a6e8d2955270f256695ae615571877fd068421 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 16:53:33 +0200 Subject: [PATCH 049/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 5bb1af51..f4dc4b79 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -23,7 +23,7 @@ runs: run: | if [ ${{ runner.os }} == "Windows" ]; then curl https://curl.se/windows/dl-8.11.0_1/curl-8.11.0_1-win64-mingw.zip > curl-8.11.0_1-win64-mingw.zip - tar -xf curl-8.11.0_1-win64-mingw.zip + tar -xvzf curl-8.11.0_1-win64-mingw.zip mv curl-8.11.0_1-win64-mingw/bin/libcurl-x64.dll C:/hostedtoolcache/windows/Ruby/3.3.6/x64/bin/libcurl.dll fi shell: bash From 574efca96056825825086428a8693e693668c95b Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 17:00:54 +0200 Subject: [PATCH 050/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index f4dc4b79..825aa341 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -23,8 +23,8 @@ runs: run: | if [ ${{ runner.os }} == "Windows" ]; then curl https://curl.se/windows/dl-8.11.0_1/curl-8.11.0_1-win64-mingw.zip > curl-8.11.0_1-win64-mingw.zip - tar -xvzf curl-8.11.0_1-win64-mingw.zip - mv curl-8.11.0_1-win64-mingw/bin/libcurl-x64.dll C:/hostedtoolcache/windows/Ruby/3.3.6/x64/bin/libcurl.dll + 7z e -y curl-8.11.0_1-win64-mingw.zip + mv libcurl-x64.dll C:/hostedtoolcache/windows/Ruby/3.3.6/x64/bin/libcurl.dll fi shell: bash From c26837eafac38bcc1636d90aeea1ba72e18d8a2a Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 17:13:22 +0200 Subject: [PATCH 051/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 825aa341..4ddc36ba 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -24,7 +24,7 @@ runs: if [ ${{ runner.os }} == "Windows" ]; then curl https://curl.se/windows/dl-8.11.0_1/curl-8.11.0_1-win64-mingw.zip > curl-8.11.0_1-win64-mingw.zip 7z e -y curl-8.11.0_1-win64-mingw.zip - mv libcurl-x64.dll C:/hostedtoolcache/windows/Ruby/3.3.6/x64/bin/libcurl.dll + fi shell: bash From 067148ef303c50f88ddfd7c85c5d766ccc4f2a01 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 12 Nov 2024 17:20:07 +0200 Subject: [PATCH 052/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 4ddc36ba..d8b30947 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -23,8 +23,9 @@ runs: run: | if [ ${{ runner.os }} == "Windows" ]; then curl https://curl.se/windows/dl-8.11.0_1/curl-8.11.0_1-win64-mingw.zip > curl-8.11.0_1-win64-mingw.zip - 7z e -y curl-8.11.0_1-win64-mingw.zip - + 7z x -y curl-8.11.0_1-win64-mingw.zip + mv curl-8.11.0_1-win64-mingw/bin/libcurl-x64.dll C:/hostedtoolcache/windows/Ruby/3.3.6/x64/bin/libcurl.dll + rm -rf curl-8.11.0_1-win64-mingw fi shell: bash From a95c72e437fbe2600f3f69759a83c9535a44dee8 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 13 Nov 2024 11:15:25 +0200 Subject: [PATCH 053/111] cocoapods-audit --- commands/audit/sca/cocoapods/podcommand.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/commands/audit/sca/cocoapods/podcommand.go b/commands/audit/sca/cocoapods/podcommand.go index 2053123e..f7820343 100644 --- a/commands/audit/sca/cocoapods/podcommand.go +++ b/commands/audit/sca/cocoapods/podcommand.go @@ -190,7 +190,7 @@ func setArtifactoryAsResolutionServer(serverDetails *config.ServerDetails, depsR if err != nil { return nil, err } - _, err = runPodCmd(execPath, podCmd.workingDirectory, []string{"repo", "add-cdn", depsRepo, fmt.Sprintf("%sapi/pods/%s", serverDetails.ArtifactoryUrl, depsRepo)}) + _, err = runPodCmd(execPath, podCmd.workingDirectory, []string{"repo", "add-cdn", depsRepo, fmt.Sprintf("%sapi/pods/%s", serverDetails.ArtifactoryUrl, depsRepo), "--verbose"}) if err != nil { return nil, err } From fca6c56228284069083a2f7fdbe160c5003e836f Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 13 Nov 2024 12:49:12 +0200 Subject: [PATCH 054/111] swift-audit --- .github/actions/install-and-setup/action.yml | 2 +- commands/audit/sca/swift/swift.go | 28 ------ commands/audit/sca/swift/swiftcommand.go | 99 +------------------- 3 files changed, 4 insertions(+), 125 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 23e95508..23a85245 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -32,7 +32,7 @@ runs: - name: install swift uses: swift-actions/setup-swift@v2 with: - swift-version: "5.1.0" + swift-version: "6.0.2" - name: Install npm uses: actions/setup-node@v4 diff --git a/commands/audit/sca/swift/swift.go b/commands/audit/sca/swift/swift.go index 1d48958e..46022811 100644 --- a/commands/audit/sca/swift/swift.go +++ b/commands/audit/sca/swift/swift.go @@ -2,7 +2,6 @@ package swift import ( "encoding/json" - "errors" "fmt" "github.com/jfrog/gofrog/datastructures" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" @@ -166,17 +165,6 @@ func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils. return nil, nil, err } - clearResolutionServerFunc, err := configSwiftResolutionServerIfNeeded(params) - if err != nil { - err = fmt.Errorf("failed while configuring a resolution server: %s", err.Error()) - return nil, nil, err - } - defer func() { - if clearResolutionServerFunc != nil { - err = errors.Join(err, clearResolutionServerFunc()) - } - }() - packageName := filepath.Base(currentDir) packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule) _, _, err = getSwiftVersionAndExecPath() @@ -212,22 +200,6 @@ func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils. return } -// Generates a .netrc file to configure an Artifactory server as the resolver server. -func configSwiftResolutionServerIfNeeded(params utils.AuditParams) (clearResolutionServerFunc func() error, err error) { - // If we don't have an artifactory repo's name we don't need to configure any Artifactory server as resolution server - if params.DepsRepo() == "" { - return - } - - serverDetails, err := params.ServerDetails() - if err != nil { - return - } - - clearResolutionServerFunc, err = setArtifactoryAsResolutionServer(serverDetails, params.DepsRepo()) - return -} - // Parse the dependencies into a Xray dependency tree format func parseSwiftDependenciesList(currNode *xrayUtils.GraphNode, dependenciesGraph map[string][]string, versionMap map[string]string, uniqueDepsSet *datastructures.Set[string]) { if currNode.NodeHasLoop() { diff --git a/commands/audit/sca/swift/swiftcommand.go b/commands/audit/sca/swift/swiftcommand.go index cf5f37ac..842f6dfe 100644 --- a/commands/audit/sca/swift/swiftcommand.go +++ b/commands/audit/sca/swift/swiftcommand.go @@ -6,18 +6,14 @@ import ( "github.com/jfrog/gofrog/version" "github.com/jfrog/jfrog-cli-core/v2/utils/config" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" - "github.com/jfrog/jfrog-cli-core/v2/utils/ioutils" - "github.com/jfrog/jfrog-client-go/auth" "github.com/jfrog/jfrog-client-go/utils/errorutils" "github.com/jfrog/jfrog-client-go/utils/log" - "os" "os/exec" - "path/filepath" "strings" ) const ( - minSupportedSwiftVersion = "5.1.0" + minSupportedSwiftVersion = "5.7.0" swiftNetRcfileName = ".netrc" swiftrcBackupFileName = ".jfrog.netrc.backup" ) @@ -26,8 +22,6 @@ type SwiftCommand struct { cmdName string serverDetails *config.ServerDetails swiftVersion *version.Version - authArtDetails auth.ServiceDetails - restoreNetrcFunc func() error workingDirectory string executablePath string } @@ -70,63 +64,6 @@ func runSwiftCmd(executablePath, srcPath string, swiftArgs []string) (stdResult, return } -func (sc *SwiftCommand) SetServerDetails(serverDetails *config.ServerDetails) *SwiftCommand { - sc.serverDetails = serverDetails - return sc -} - -func (sc *SwiftCommand) RestoreNetrcFunc() func() error { - return sc.restoreNetrcFunc -} - -func (sc *SwiftCommand) GetData() ([]byte, error) { - var filteredConf []string - filteredConf = append(filteredConf, "machine ", sc.serverDetails.Url, "\n") - filteredConf = append(filteredConf, "login ", sc.serverDetails.User, "\n") - filteredConf = append(filteredConf, "password ", sc.serverDetails.AccessToken, "\n") - - return []byte(strings.Join(filteredConf, "")), nil -} - -func (sc *SwiftCommand) CreateTempNetrc() error { - data, err := sc.GetData() - if err != nil { - return err - } - if err = removeNetrcIfExists(sc.workingDirectory); err != nil { - return err - } - log.Debug("Creating temporary .netrc file.") - return errorutils.CheckError(os.WriteFile(filepath.Join(sc.workingDirectory, swiftNetRcfileName), data, 0755)) -} - -func (sc *SwiftCommand) setRestoreNetrcFunc() error { - restoreNetrcFunc, err := ioutils.BackupFile(filepath.Join(sc.workingDirectory, swiftNetRcfileName), swiftrcBackupFileName) - if err != nil { - return err - } - sc.restoreNetrcFunc = func() error { - return restoreNetrcFunc() - } - return nil -} - -func (sc *SwiftCommand) setArtifactoryAuth() error { - authArtDetails, err := sc.serverDetails.CreateArtAuthConfig() - if err != nil { - return err - } - if authArtDetails.GetSshAuthHeaders() != nil { - return errorutils.CheckErrorf("SSH authentication is not supported in this command") - } - sc.authArtDetails = authArtDetails - return nil -} - -func newSwiftInstallCommand() *SwiftCommand { - return &SwiftCommand{cmdName: "install"} -} - func (sc *SwiftCommand) PreparePrerequisites() error { log.Debug("Preparing prerequisites...") var err error @@ -136,42 +73,12 @@ func (sc *SwiftCommand) PreparePrerequisites() error { } if sc.swiftVersion.Compare(minSupportedSwiftVersion) > 0 { return errorutils.CheckErrorf( - "JFrog CLI swift %s command requires cocoapods client version %s or higher. The Current version is: %s", sc.cmdName, minSupportedSwiftVersion, sc.swiftVersion.GetVersion()) + "JFrog CLI swift %s command requires swift client version %s or higher. The Current version is: %s", sc.cmdName, minSupportedSwiftVersion, sc.swiftVersion.GetVersion()) } - sc.workingDirectory, err = coreutils.GetWorkingDirectory() if err != nil { return err } log.Debug("Working directory set to:", sc.workingDirectory) - if err = sc.setArtifactoryAuth(); err != nil { - return err - } - - return sc.setRestoreNetrcFunc() -} - -func removeNetrcIfExists(workingDirectory string) error { - if _, err := os.Stat(filepath.Join(workingDirectory, swiftNetRcfileName)); err != nil { - if os.IsNotExist(err) { - return nil - } - return errorutils.CheckError(err) - } - - log.Debug("Removing existing .netrc file") - return errorutils.CheckError(os.Remove(filepath.Join(workingDirectory, swiftNetRcfileName))) -} - -func setArtifactoryAsResolutionServer(serverDetails *config.ServerDetails, depsRepo string) (clearResolutionServerFunc func() error, err error) { - swiftCmd := newSwiftInstallCommand().SetServerDetails(serverDetails) - if err = swiftCmd.PreparePrerequisites(); err != nil { - return - } - if err = swiftCmd.CreateTempNetrc(); err != nil { - return - } - clearResolutionServerFunc = swiftCmd.RestoreNetrcFunc() - log.Info(fmt.Sprintf("Resolving dependencies from '%s' from repo '%s'", serverDetails.Url, depsRepo)) - return + return nil } From 391927e60073ba5bd0f4b3a03dd4e310882ecf4b Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 13 Nov 2024 16:04:31 +0200 Subject: [PATCH 055/111] cocoapods-audit --- commands/audit/sca/cocoapods/cocoapods_test.go | 1 - tests/testdata/projects/package-managers/cocoapods/Podfile | 1 - tests/testdata/projects/package-managers/cocoapods/Podfile.lock | 1 - 3 files changed, 3 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index 5a4a02f7..741e0aa8 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -39,7 +39,6 @@ func TestBuildCocoapodsDependencyList(t *testing.T) { techutils.Cocoapods.GetPackageTypeId() + "GoogleSignIn:6.2.4", techutils.Cocoapods.GetPackageTypeId() + "GTMAppAuth:1.3.1", techutils.Cocoapods.GetPackageTypeId() + "GTMSessionFetcher:2.3.0", - techutils.Cocoapods.GetPackageTypeId() + "nanopb:0.4.1", techutils.Cocoapods.GetPackageTypeId() + packageInfo, } diff --git a/tests/testdata/projects/package-managers/cocoapods/Podfile b/tests/testdata/projects/package-managers/cocoapods/Podfile index 94655fc9..40332d1b 100644 --- a/tests/testdata/projects/package-managers/cocoapods/Podfile +++ b/tests/testdata/projects/package-managers/cocoapods/Podfile @@ -5,7 +5,6 @@ target 'Test' do pod 'GoogleSignIn', '~> 6.2.4' pod 'AppAuth', '~> 1.7.5' pod 'AppAuth', '~> 1.7.5' -pod 'nanopb', '~> 0.4.1' end \ No newline at end of file diff --git a/tests/testdata/projects/package-managers/cocoapods/Podfile.lock b/tests/testdata/projects/package-managers/cocoapods/Podfile.lock index b752dfdc..52f4bcbb 100644 --- a/tests/testdata/projects/package-managers/cocoapods/Podfile.lock +++ b/tests/testdata/projects/package-managers/cocoapods/Podfile.lock @@ -13,7 +13,6 @@ PODS: - AppAuth/Core (~> 1.6) - GTMSessionFetcher/Core (< 3.0, >= 1.5) - GTMSessionFetcher/Core (2.3.0) - - nanopb (0.4.1) DEPENDENCIES: - GoogleSignIn From a4e0c5dd9375df9a24b360f7e4e2d3da3df4f016 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 13 Nov 2024 19:18:10 +0200 Subject: [PATCH 056/111] swift-audit --- artifactory_test.go | 6 ------ commands/audit/sca/swift/swiftcommand.go | 4 ---- 2 files changed, 10 deletions(-) diff --git a/artifactory_test.go b/artifactory_test.go index 259d6811..265ad74b 100644 --- a/artifactory_test.go +++ b/artifactory_test.go @@ -103,12 +103,6 @@ func TestDependencyResolutionFromArtifactory(t *testing.T) { cacheRepoName: securityTests.PypiRemoteRepo, projectType: project.Poetry, }, - { - testProjectPath: []string{"cocoapods"}, - resolveRepoName: securityTests.CocoapodsVirtualRepo, - cacheRepoName: securityTests.CocoapodsRemoteRepo, - projectType: project.Cocoapods, - }, } securityIntegrationTestUtils.CreateJfrogHomeConfig(t, true) defer securityTestUtils.CleanTestsHomeEnv() diff --git a/commands/audit/sca/swift/swiftcommand.go b/commands/audit/sca/swift/swiftcommand.go index 842f6dfe..90f13908 100644 --- a/commands/audit/sca/swift/swiftcommand.go +++ b/commands/audit/sca/swift/swiftcommand.go @@ -4,7 +4,6 @@ import ( "bytes" "fmt" "github.com/jfrog/gofrog/version" - "github.com/jfrog/jfrog-cli-core/v2/utils/config" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" "github.com/jfrog/jfrog-client-go/utils/errorutils" "github.com/jfrog/jfrog-client-go/utils/log" @@ -14,13 +13,10 @@ import ( const ( minSupportedSwiftVersion = "5.7.0" - swiftNetRcfileName = ".netrc" - swiftrcBackupFileName = ".jfrog.netrc.backup" ) type SwiftCommand struct { cmdName string - serverDetails *config.ServerDetails swiftVersion *version.Version workingDirectory string executablePath string From ced827e769bbb42850008b60da46a0bec10e7321 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 13 Nov 2024 19:26:56 +0200 Subject: [PATCH 057/111] cocoapods-audit --- artifactory_test.go | 6 - commands/audit/sca/cocoapods/cocoapods.go | 61 +-------- .../audit/sca/cocoapods/cocoapods_test.go | 2 +- commands/audit/sca/cocoapods/podcommand.go | 120 +----------------- 4 files changed, 6 insertions(+), 183 deletions(-) diff --git a/artifactory_test.go b/artifactory_test.go index 259d6811..265ad74b 100644 --- a/artifactory_test.go +++ b/artifactory_test.go @@ -103,12 +103,6 @@ func TestDependencyResolutionFromArtifactory(t *testing.T) { cacheRepoName: securityTests.PypiRemoteRepo, projectType: project.Poetry, }, - { - testProjectPath: []string{"cocoapods"}, - resolveRepoName: securityTests.CocoapodsVirtualRepo, - cacheRepoName: securityTests.CocoapodsRemoteRepo, - projectType: project.Cocoapods, - }, } securityIntegrationTestUtils.CreateJfrogHomeConfig(t, true) defer securityTestUtils.CleanTestsHomeEnv() diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index 4b094be3..97b9535a 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -1,7 +1,6 @@ package cocoapods import ( - "errors" "fmt" "github.com/jfrog/gofrog/datastructures" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" @@ -188,36 +187,11 @@ func extractPodsSection(filePath string) (string, error) { return subContent, nil } -func shouldRunPodInstall(currentDir string) (bool, error) { - podlockInfo, err := os.Stat(filepath.Join(currentDir, "Podfile.lock")) - if err != nil { - if errors.Is(err, os.ErrNotExist) { - // Lockfile doesn't exist, run install to generate it - return true, nil - } - return false, err - } - - podfileInfo, err := os.Stat(filepath.Join(currentDir, "Podfile")) - if err != nil { - return false, err - } - - // Run install if podfile newer than lockfile - return podfileInfo.ModTime().After(podlockInfo.ModTime()), nil -} - -func GetDependenciesData(exePath, currentDir string) (string, error) { - runPodInstall, err := shouldRunPodInstall(currentDir) +func GetDependenciesData(currentDir string) (string, error) { + _, err := os.Stat(filepath.Join(currentDir, "Podfile.lock")) if err != nil { return "", err } - if runPodInstall { - _, err = runPodCmd(exePath, currentDir, []string{"install"}) - if err != nil { - return "", err - } - } result, err := extractPodsSection(filepath.Join(currentDir, "Podfile.lock")) if err != nil { return "", err @@ -231,26 +205,15 @@ func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils. return nil, nil, err } - clearResolutionServerFunc, err := configPodResolutionServerIfNeeded(params) - if err != nil { - err = fmt.Errorf("failed while configuring a resolution server: %s", err.Error()) - return nil, nil, err - } - defer func() { - if clearResolutionServerFunc != nil { - err = errors.Join(err, clearResolutionServerFunc()) - } - }() - packageName := filepath.Base(currentDir) packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule) - _, execPath, err := getPodVersionAndExecPath() + _, _, err = getPodVersionAndExecPath() if err != nil { err = fmt.Errorf("failed while retrieving pod path: %s", err.Error()) return } // Calculate pod dependencies - data, err := GetDependenciesData(execPath, currentDir) + data, err := GetDependenciesData(currentDir) if err != nil { return nil, nil, err } @@ -273,22 +236,6 @@ func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils. return } -// Generates a .netrc file to configure an Artifactory server as the resolver server. -func configPodResolutionServerIfNeeded(params utils.AuditParams) (clearResolutionServerFunc func() error, err error) { - // If we don't have an artifactory repo's name we don't need to configure any Artifactory server as resolution server - if params.DepsRepo() == "" { - return - } - - serverDetails, err := params.ServerDetails() - if err != nil { - return - } - - clearResolutionServerFunc, err = setArtifactoryAsResolutionServer(serverDetails, params.DepsRepo()) - return -} - // Parse the dependencies into a Xray dependency tree format func parsePodDependenciesList(currNode *xrayUtils.GraphNode, dependenciesGraph map[string][]string, versionMap map[string]string, uniqueDepsSet *datastructures.Set[string]) { if currNode.NodeHasLoop() { diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index 741e0aa8..61d1ad3a 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -49,7 +49,7 @@ func TestBuildCocoapodsDependencyList(t *testing.T) { assert.NotEmpty(t, rootNode) assert.Equal(t, rootNode[0].Id, techutils.Cocoapods.GetPackageTypeId()+packageInfo) - assert.Len(t, rootNode[0].Nodes, 5) + assert.Len(t, rootNode[0].Nodes, 4) child1 := tests.GetAndAssertNode(t, rootNode[0].Nodes, "GTMSessionFetcher:2.3.0") assert.Len(t, child1.Nodes, 0) diff --git a/commands/audit/sca/cocoapods/podcommand.go b/commands/audit/sca/cocoapods/podcommand.go index f7820343..4a675d01 100644 --- a/commands/audit/sca/cocoapods/podcommand.go +++ b/commands/audit/sca/cocoapods/podcommand.go @@ -4,31 +4,20 @@ import ( "bytes" "fmt" "github.com/jfrog/gofrog/version" - "github.com/jfrog/jfrog-cli-core/v2/utils/config" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" - "github.com/jfrog/jfrog-cli-core/v2/utils/ioutils" - "github.com/jfrog/jfrog-client-go/auth" "github.com/jfrog/jfrog-client-go/utils/errorutils" "github.com/jfrog/jfrog-client-go/utils/log" - "net/url" - "os" "os/exec" - "path/filepath" "strings" ) const ( minSupportedPodVersion = "1.15.2" - podNetRcfileName = ".netrc" - podrcBackupFileName = ".jfrog.netrc.backup" ) type PodCommand struct { cmdName string - serverDetails *config.ServerDetails podVersion *version.Version - authArtDetails auth.ServiceDetails - restoreNetrcFunc func() error workingDirectory string executablePath string } @@ -71,76 +60,6 @@ func runPodCmd(executablePath, srcPath string, podArgs []string) (stdResult []by return } -func (pc *PodCommand) SetServerDetails(serverDetails *config.ServerDetails) *PodCommand { - pc.serverDetails = serverDetails - return pc -} - -func (pc *PodCommand) RestoreNetrcFunc() func() error { - return pc.restoreNetrcFunc -} - -func (pc *PodCommand) GetData() ([]byte, error) { - var filteredConf []string - u, err := url.Parse(pc.serverDetails.Url) - if err != nil { - return nil, err - } - hostname := u.Hostname() - filteredConf = append(filteredConf, "machine ", hostname, "\n") - filteredConf = append(filteredConf, "login ", pc.serverDetails.User, "\n") - filteredConf = append(filteredConf, "password ", pc.serverDetails.AccessToken, "\n") - - return []byte(strings.Join(filteredConf, "")), nil -} - -func (pc *PodCommand) CreateTempNetrc() error { - data, err := pc.GetData() - if err != nil { - return err - } - dir, err := os.UserHomeDir() - if err != nil { - return err - } - if err = removeNetrcIfExists(dir); err != nil { - return err - } - log.Debug("Creating temporary .netrc file.") - return errorutils.CheckError(os.WriteFile(filepath.Join(dir, podNetRcfileName), data, 0755)) -} - -func (pc *PodCommand) setRestoreNetrcFunc() error { - dir, err := os.UserHomeDir() - if err != nil { - return err - } - restoreNetrcFunc, err := ioutils.BackupFile(filepath.Join(dir, podNetRcfileName), podrcBackupFileName) - if err != nil { - return err - } - pc.restoreNetrcFunc = func() error { - return restoreNetrcFunc() - } - return nil -} - -func (pc *PodCommand) setArtifactoryAuth() error { - authArtDetails, err := pc.serverDetails.CreateArtAuthConfig() - if err != nil { - return err - } - if authArtDetails.GetSshAuthHeaders() != nil { - return errorutils.CheckErrorf("SSH authentication is not supported in this command") - } - pc.authArtDetails = authArtDetails - return nil -} - -func newPodInstallCommand() *PodCommand { - return &PodCommand{cmdName: "install"} -} - func (pc *PodCommand) PreparePrerequisites() error { log.Debug("Preparing prerequisites...") var err error @@ -158,42 +77,5 @@ func (pc *PodCommand) PreparePrerequisites() error { return err } log.Debug("Working directory set to:", pc.workingDirectory) - if err = pc.setArtifactoryAuth(); err != nil { - return err - } - - return pc.setRestoreNetrcFunc() -} - -func removeNetrcIfExists(workingDirectory string) error { - if _, err := os.Stat(filepath.Join(workingDirectory, podNetRcfileName)); err != nil { - if os.IsNotExist(err) { - return nil - } - return errorutils.CheckError(err) - } - - log.Debug("Removing existing .netrc file") - return errorutils.CheckError(os.Remove(filepath.Join(workingDirectory, podNetRcfileName))) -} - -func setArtifactoryAsResolutionServer(serverDetails *config.ServerDetails, depsRepo string) (clearResolutionServerFunc func() error, err error) { - podCmd := newPodInstallCommand().SetServerDetails(serverDetails) - if err = podCmd.PreparePrerequisites(); err != nil { - return - } - if err = podCmd.CreateTempNetrc(); err != nil { - return - } - clearResolutionServerFunc = podCmd.RestoreNetrcFunc() - _, execPath, err := getPodVersionAndExecPath() - if err != nil { - return nil, err - } - _, err = runPodCmd(execPath, podCmd.workingDirectory, []string{"repo", "add-cdn", depsRepo, fmt.Sprintf("%sapi/pods/%s", serverDetails.ArtifactoryUrl, depsRepo), "--verbose"}) - if err != nil { - return nil, err - } - log.Info(fmt.Sprintf("Resolving dependencies from '%s' from repo '%s'", serverDetails.Url, depsRepo)) - return + return nil } From 490aa8f51c0a41c81a23fe70c8fed893a470fe3d Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 13 Nov 2024 19:30:38 +0200 Subject: [PATCH 058/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index d8b30947..a4700cae 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -12,23 +12,6 @@ runs: # - name: Setup Go with cache # uses: jfrog/.github/actions/install-go-with-cache@main - - name: install ruby - uses: ruby/setup-ruby@v1 - with: - ruby-version: 3.3.6 - - name: Install cocoapods - shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} - run: gem install cocoapods - - name: Install cURL Headers - run: | - if [ ${{ runner.os }} == "Windows" ]; then - curl https://curl.se/windows/dl-8.11.0_1/curl-8.11.0_1-win64-mingw.zip > curl-8.11.0_1-win64-mingw.zip - 7z x -y curl-8.11.0_1-win64-mingw.zip - mv curl-8.11.0_1-win64-mingw/bin/libcurl-x64.dll C:/hostedtoolcache/windows/Ruby/3.3.6/x64/bin/libcurl.dll - rm -rf curl-8.11.0_1-win64-mingw - fi - shell: bash - - name: Install npm uses: actions/setup-node@v4 with: From 9a7abd3a073dfa9aba2e87208ade4e9be1eb4226 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 13 Nov 2024 19:35:24 +0200 Subject: [PATCH 059/111] swift-audit --- .../package-managers/swift/Package.resolved | 68 +++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 tests/testdata/projects/package-managers/swift/Package.resolved diff --git a/tests/testdata/projects/package-managers/swift/Package.resolved b/tests/testdata/projects/package-managers/swift/Package.resolved new file mode 100644 index 00000000..efa949ea --- /dev/null +++ b/tests/testdata/projects/package-managers/swift/Package.resolved @@ -0,0 +1,68 @@ +{ + "pins" : [ + { + "identity" : "swift-algorithms", + "kind" : "remoteSourceControl", + "location" : "https://github.com/apple/swift-algorithms", + "state" : { + "revision" : "f6919dfc309e7f1b56224378b11e28bab5bccc42", + "version" : "1.2.0" + } + }, + { + "identity" : "swift-atomics", + "kind" : "remoteSourceControl", + "location" : "https://github.com/apple/swift-atomics.git", + "state" : { + "revision" : "cd142fd2f64be2100422d658e7411e39489da985", + "version" : "1.2.0" + } + }, + { + "identity" : "swift-collections", + "kind" : "remoteSourceControl", + "location" : "https://github.com/apple/swift-collections.git", + "state" : { + "revision" : "671108c96644956dddcd89dd59c203dcdb36cec7", + "version" : "1.1.4" + } + }, + { + "identity" : "swift-nio", + "kind" : "remoteSourceControl", + "location" : "https://github.com/apple/swift-nio.git", + "state" : { + "revision" : "914081701062b11e3bb9e21accc379822621995e", + "version" : "2.76.1" + } + }, + { + "identity" : "swift-nio-http2", + "kind" : "remoteSourceControl", + "location" : "https://github.com/apple/swift-nio-http2", + "state" : { + "revision" : "39ed0e753596afadad920e302ae769b28f3a982b", + "version" : "1.19.0" + } + }, + { + "identity" : "swift-numerics", + "kind" : "remoteSourceControl", + "location" : "https://github.com/apple/swift-numerics.git", + "state" : { + "revision" : "0a5bc04095a675662cf24757cc0640aa2204253b", + "version" : "1.0.2" + } + }, + { + "identity" : "swift-system", + "kind" : "remoteSourceControl", + "location" : "https://github.com/apple/swift-system.git", + "state" : { + "revision" : "c8a44d836fe7913603e246acab7c528c2e780168", + "version" : "1.4.0" + } + } + ], + "version" : 2 +} From 17ec960e9fec13c7d6d4bd675c8caef1f1072498 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 13 Nov 2024 19:40:11 +0200 Subject: [PATCH 060/111] swift-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 7cf2b509..11d909f1 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -15,7 +15,7 @@ runs: - name: install swift uses: swift-actions/setup-swift@v2 with: - swift-version: "6.0.2" + swift-version: "latest" - name: Install npm uses: actions/setup-node@v4 From 3ed68cdd6ecb7634b57396ca073c8285e814176b Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 13 Nov 2024 19:42:07 +0200 Subject: [PATCH 061/111] swift-audit --- .github/actions/install-and-setup/action.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index a4700cae..97629bf6 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -12,6 +12,14 @@ runs: # - name: Setup Go with cache # uses: jfrog/.github/actions/install-go-with-cache@main + - name: install ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: 3.3.6 + - name: Install cocoapods + shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} + run: gem install cocoapods + - name: Install npm uses: actions/setup-node@v4 with: From 8878c7bd66bde813ee999615cec52355f8e483e6 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 13 Nov 2024 19:47:55 +0200 Subject: [PATCH 062/111] swift-audit --- .github/actions/install-and-setup/action.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index a4ec3d17..e94e7a5d 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -22,8 +22,6 @@ runs: - name: install swift uses: swift-actions/setup-swift@v2 - with: - swift-version: "latest" - name: Install npm uses: actions/setup-node@v4 From 24db4c1a73f0a3b27e93b9bdce93ef39d3d4b46a Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 13 Nov 2024 19:54:32 +0200 Subject: [PATCH 063/111] swift-audit --- .github/actions/install-and-setup/action.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index e94e7a5d..b726ae05 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -22,6 +22,8 @@ runs: - name: install swift uses: swift-actions/setup-swift@v2 + with: + swift-version: "5.1.0" - name: Install npm uses: actions/setup-node@v4 From 6165f5bb1c6fcdb4b51d437ada3c9a4a07fb1e39 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 13 Nov 2024 20:10:12 +0200 Subject: [PATCH 064/111] swift-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index b726ae05..e29b2856 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -23,7 +23,7 @@ runs: - name: install swift uses: swift-actions/setup-swift@v2 with: - swift-version: "5.1.0" + swift-version: "5.7.0" - name: Install npm uses: actions/setup-node@v4 From 7490eb0ad81225933165bbf5d81defb9c26f8d3b Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 14 Nov 2024 11:40:59 +0200 Subject: [PATCH 065/111] swift-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index e29b2856..24750862 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -23,7 +23,7 @@ runs: - name: install swift uses: swift-actions/setup-swift@v2 with: - swift-version: "5.7.0" + swift-version: "5.9.x" - name: Install npm uses: actions/setup-node@v4 From 17548a4afd7a210f260cf2c419e9cdb6c77dba97 Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 14 Nov 2024 11:46:54 +0200 Subject: [PATCH 066/111] swift-audit --- .github/actions/install-and-setup/action.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 24750862..a603c799 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -20,10 +20,6 @@ runs: shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} run: gem install cocoapods - - name: install swift - uses: swift-actions/setup-swift@v2 - with: - swift-version: "5.9.x" - name: Install npm uses: actions/setup-node@v4 From 97496f0d7e6075591ae9be6ff8eb24e0049490c4 Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 14 Nov 2024 11:53:22 +0200 Subject: [PATCH 067/111] swift-audit --- .github/actions/install-and-setup/action.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index a603c799..6b5f5ba3 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -20,6 +20,9 @@ runs: shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} run: gem install cocoapods + - name: install swift + uses: swift-actions/setup-swift@v2 + - name: Install npm uses: actions/setup-node@v4 From c068b152374f9bb6855f95e07b4d47b9411bd6c4 Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 14 Nov 2024 12:03:08 +0200 Subject: [PATCH 068/111] swift-audit --- .github/actions/install-and-setup/action.yml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 6b5f5ba3..a995f37f 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -20,9 +20,6 @@ runs: shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} run: gem install cocoapods - - name: install swift - uses: swift-actions/setup-swift@v2 - - name: Install npm uses: actions/setup-node@v4 @@ -67,3 +64,14 @@ runs: python -m pip install conan conan profile detect shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} + + - name: Swift ${{ matrix.swift }} on ${{ matrix.os }} + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ ubuntu-latest, macos-latest, windows-latest ] + swift: [ "5.9.2", "5.9.2", "5.6.3" ] + steps: + - uses: swift-actions/setup-swift@v2 + with: + swift-version: ${{ matrix.swift }} \ No newline at end of file From 95647b930fb770c1fb373d416b3ffcc115a7fa84 Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 14 Nov 2024 13:09:42 +0200 Subject: [PATCH 069/111] swift-audit --- .github/actions/install-and-setup/action.yml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index a995f37f..d83b251f 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -2,7 +2,11 @@ name: "Install and Setup Dependencies" description: "Install needed dependencies for this repository like Go, Node, Java, Python, etc." runs: - using: "composite" + using: composite + strategy: + matrix: + os: [ ubuntu-latest, macos-latest, windows-latest ] + swift: [ "5.9.2", "5.9.2", "5.6.3" ] steps: # Install dependencies - name: Setup Go @@ -67,11 +71,8 @@ runs: - name: Swift ${{ matrix.swift }} on ${{ matrix.os }} runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ ubuntu-latest, macos-latest, windows-latest ] - swift: [ "5.9.2", "5.9.2", "5.6.3" ] - steps: - - uses: swift-actions/setup-swift@v2 - with: - swift-version: ${{ matrix.swift }} \ No newline at end of file + + - name: + uses: swift-actions/setup-swift@v2 + with: + swift-version: ${{ matrix.swift }} \ No newline at end of file From a88da1ec22fadb818f757adc25e72c31e8998ed1 Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 14 Nov 2024 13:14:24 +0200 Subject: [PATCH 070/111] swift-audit --- .github/actions/install-and-setup/action.yml | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index d83b251f..e887e98f 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -3,10 +3,6 @@ description: "Install needed dependencies for this repository like Go, Node, Jav runs: using: composite - strategy: - matrix: - os: [ ubuntu-latest, macos-latest, windows-latest ] - swift: [ "5.9.2", "5.9.2", "5.6.3" ] steps: # Install dependencies - name: Setup Go @@ -69,10 +65,7 @@ runs: conan profile detect shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} - - name: Swift ${{ matrix.swift }} on ${{ matrix.os }} - runs-on: ${{ matrix.os }} - - - name: + - name: Install swift uses: swift-actions/setup-swift@v2 with: - swift-version: ${{ matrix.swift }} \ No newline at end of file + swift-version: 5.6.3 \ No newline at end of file From 6c35cd644841b8b0cc0049bbc9b0878a429c5c6a Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 14 Nov 2024 14:09:34 +0200 Subject: [PATCH 071/111] swift-audit --- tests/consts.go | 14 ++------------ .../cocoapods_remote_repository_config.json | 6 ------ .../cocoapods_virtual_repository_config.json | 6 ------ 3 files changed, 2 insertions(+), 24 deletions(-) delete mode 100644 tests/testdata/artifactory-repo-configs/cocoapods_remote_repository_config.json delete mode 100644 tests/testdata/artifactory-repo-configs/cocoapods_virtual_repository_config.json diff --git a/tests/consts.go b/tests/consts.go index 01b0d283..4cfd9103 100644 --- a/tests/consts.go +++ b/tests/consts.go @@ -54,8 +54,6 @@ var ( GoRemoteRepo = "cli-go-remote" GoRepo = "cli-go" PypiRemoteRepo = "cli-pypi-remote" - CocoapodsRemoteRepo = "cli-cocoapods-remote" - CocoapodsVirtualRepo = "cli-cocoapods-virtual" ) // Integration tests - Artifactory repositories creation templates @@ -74,8 +72,6 @@ const ( GoRemoteRepositoryConfig = "go_remote_repository_config.json" GoLocalRepositoryConfig = "go_local_repository_config.json" PypiRemoteRepositoryConfig = "pypi_remote_repository_config.json" - CocoapodsRemoteRepoConfig = "cocoapods_remote_repository_config.json" - CocoapodsVirtualRepositoryConfig = "cocoapods_virtual_repository_config.json" Repo1RepositoryConfig = "repo1_repository_config.json" VirtualRepositoryConfig = "specs_virtual_repository_config.json" @@ -99,8 +95,6 @@ var reposConfigMap = map[*string]string{ &GoRemoteRepo: GoRemoteRepositoryConfig, &GoRepo: GoLocalRepositoryConfig, &PypiRemoteRepo: PypiRemoteRepositoryConfig, - &CocoapodsRemoteRepo: CocoapodsRemoteRepoConfig, - &CocoapodsVirtualRepo: CocoapodsVirtualRepositoryConfig, } func GetTestResourcesPath() string { @@ -120,7 +114,7 @@ func getTestResourcesPath(basePath string) string { func GetNonVirtualRepositories() map[*string]string { nonVirtualReposMap := map[*bool][]*string{ TestDockerScan: {&DockerLocalRepo, &DockerRemoteRepo}, - TestArtifactory: {&NpmRemoteRepo, &NugetRemoteRepo, &YarnRemoteRepo, &GradleRemoteRepo, &MvnRemoteRepo, &MvnRemoteSnapshotsRepo, &GoRepo, &GoRemoteRepo, &PypiRemoteRepo, &CocoapodsRemoteRepo}, + TestArtifactory: {&NpmRemoteRepo, &NugetRemoteRepo, &YarnRemoteRepo, &GradleRemoteRepo, &MvnRemoteRepo, &MvnRemoteSnapshotsRepo, &GoRepo, &GoRemoteRepo, &PypiRemoteRepo}, } return getNeededRepositories(nonVirtualReposMap) } @@ -129,7 +123,7 @@ func GetNonVirtualRepositories() map[*string]string { func GetVirtualRepositories() map[*string]string { virtualReposMap := map[*bool][]*string{ TestDockerScan: {&DockerVirtualRepo}, - TestArtifactory: {&GoVirtualRepo, &MvnVirtualRepo, &CocoapodsVirtualRepo}, + TestArtifactory: {&GoVirtualRepo, &MvnVirtualRepo}, } return getNeededRepositories(virtualReposMap) } @@ -189,8 +183,6 @@ func AddTimestampToGlobalVars() { NugetRemoteRepo += uniqueSuffix YarnRemoteRepo += uniqueSuffix PypiRemoteRepo += uniqueSuffix - CocoapodsRemoteRepo += uniqueSuffix - CocoapodsVirtualRepo += uniqueSuffix timestampAdded = true } @@ -217,7 +209,5 @@ func GetSubstitutionMap() map[string]string { "${NUGET_REMOTE_REPO}": NugetRemoteRepo, "${PYPI_REMOTE_REPO}": PypiRemoteRepo, "${YARN_REMOTE_REPO}": YarnRemoteRepo, - "${COCOAPODS_REMOTE_REPO}": CocoapodsRemoteRepo, - "${COCOAPODS_VIRTUAL_REPO}": CocoapodsVirtualRepo, } } diff --git a/tests/testdata/artifactory-repo-configs/cocoapods_remote_repository_config.json b/tests/testdata/artifactory-repo-configs/cocoapods_remote_repository_config.json deleted file mode 100644 index 169e88e4..00000000 --- a/tests/testdata/artifactory-repo-configs/cocoapods_remote_repository_config.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "key": "${COCOAPODS_REMOTE_REPO}", - "rclass": "remote", - "packageType": "cocoapods", - "url": "https://github.com/CocoaPods/cdn.cocoapods.org" -} \ No newline at end of file diff --git a/tests/testdata/artifactory-repo-configs/cocoapods_virtual_repository_config.json b/tests/testdata/artifactory-repo-configs/cocoapods_virtual_repository_config.json deleted file mode 100644 index 73a9b276..00000000 --- a/tests/testdata/artifactory-repo-configs/cocoapods_virtual_repository_config.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "key": "${COCOAPODS_VIRTUAL_REPO}", - "rclass": "virtual", - "packageType": "cocoapods", - "repositories": ["${COCOAPODS_REMOTE_REPO}"] -} \ No newline at end of file From 4894da09943704f0f844aff93ba23cceb0e2c088 Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 14 Nov 2024 15:13:08 +0200 Subject: [PATCH 072/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index e887e98f..2e1c4207 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -68,4 +68,4 @@ runs: - name: Install swift uses: swift-actions/setup-swift@v2 with: - swift-version: 5.6.3 \ No newline at end of file + swift-version: 5.3 \ No newline at end of file From 481e57b65a2d2e9b15e02c2bc527ae05fdb51886 Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 14 Nov 2024 15:18:02 +0200 Subject: [PATCH 073/111] cocoapods-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 2e1c4207..d77bc7d8 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -68,4 +68,4 @@ runs: - name: Install swift uses: swift-actions/setup-swift@v2 with: - swift-version: 5.3 \ No newline at end of file + swift-version: 5.9.2 \ No newline at end of file From 318d469b6a67f2c01db0b23503d81cc764ce0051 Mon Sep 17 00:00:00 2001 From: barv Date: Sun, 17 Nov 2024 10:44:15 +0200 Subject: [PATCH 074/111] swift-audit --- .github/actions/install-and-setup/action.yml | 5 ----- .github/workflows/test.yml | 10 ++++++++++ 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index d77bc7d8..61c712ff 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -64,8 +64,3 @@ runs: python -m pip install conan conan profile detect shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} - - - name: Install swift - uses: swift-actions/setup-swift@v2 - with: - swift-version: 5.9.2 \ No newline at end of file diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 580c1b93..5982a0ef 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -97,6 +97,8 @@ jobs: testFlags: '--test.audit.Go' - name: 'C/C++/C# Suite (Conan, NuGet, Dotnet)' testFlags: '--test.audit.C' + - name: 'Swift Suite' + testFlags: '--test.audit.Swift' steps: # Prepare the environment @@ -108,6 +110,14 @@ jobs: - name: Install and Setup Dependencies uses: ./.github/actions/install-and-setup + - name: Install Swift on Ubuntu + run: apt-get install swift + if: ${{ matrix.os == 'ubuntu' }} && ${{ matrix.suite.testFlags == --test.audit.Swift }} + + - name: Install Swift on MacOS + run: brew install swift + if: ${{ matrix.os == 'macos' }} && ${{ matrix.suite.testFlags == --test.audit.Swift }} + # Test - name: Run tests run: go test ${{ env.GO_COMMON_TEST_ARGS }} ${{ matrix.suite.testFlags }} From d64a63200d89a6f832ea3eef5e2d9f3a65de1068 Mon Sep 17 00:00:00 2001 From: barv Date: Sun, 17 Nov 2024 10:59:26 +0200 Subject: [PATCH 075/111] swift-audit --- .github/workflows/test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 5982a0ef..0f2c5525 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -112,11 +112,11 @@ jobs: - name: Install Swift on Ubuntu run: apt-get install swift - if: ${{ matrix.os == 'ubuntu' }} && ${{ matrix.suite.testFlags == --test.audit.Swift }} + if: ${{ matrix.os == 'ubuntu' }} && ${{ matrix.suite.testFlags == '--test.audit.Swift' }} - name: Install Swift on MacOS run: brew install swift - if: ${{ matrix.os == 'macos' }} && ${{ matrix.suite.testFlags == --test.audit.Swift }} + if: ${{ matrix.os == 'macos' }} && ${{ matrix.suite.testFlags == '--test.audit.Swift' }} # Test - name: Run tests From 3aacf67dedc9452902f00ff51a3225fa1d91c104 Mon Sep 17 00:00:00 2001 From: barv Date: Sun, 17 Nov 2024 11:33:09 +0200 Subject: [PATCH 076/111] swift-audit --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 61c712ff..a603c799 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -2,7 +2,7 @@ name: "Install and Setup Dependencies" description: "Install needed dependencies for this repository like Go, Node, Java, Python, etc." runs: - using: composite + using: "composite" steps: # Install dependencies - name: Setup Go From c8a84bf49499244984489689197abb8d1beecc49 Mon Sep 17 00:00:00 2001 From: barv Date: Sun, 17 Nov 2024 12:26:56 +0200 Subject: [PATCH 077/111] swift-audit --- .github/actions/install-and-setup/action.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index a603c799..a948756f 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -15,12 +15,11 @@ runs: - name: install ruby uses: ruby/setup-ruby@v1 with: - ruby-version: 3.3.6 + ruby-version: 3.3.0 - name: Install cocoapods shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} run: gem install cocoapods - - name: Install npm uses: actions/setup-node@v4 with: From bc59b78a01559c83c60fa6b8d3230532136588fc Mon Sep 17 00:00:00 2001 From: barv Date: Sun, 17 Nov 2024 13:27:38 +0200 Subject: [PATCH 078/111] swift-audit --- .github/workflows/test.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0f2c5525..9a46a15e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -111,12 +111,12 @@ jobs: uses: ./.github/actions/install-and-setup - name: Install Swift on Ubuntu - run: apt-get install swift - if: ${{ matrix.os == 'ubuntu' }} && ${{ matrix.suite.testFlags == '--test.audit.Swift' }} + run: apt install swift + if: ${{ matrix.os == 'ubuntu' && matrix.suite.testFlags == '--test.audit.Swift' }} - name: Install Swift on MacOS run: brew install swift - if: ${{ matrix.os == 'macos' }} && ${{ matrix.suite.testFlags == '--test.audit.Swift' }} + if: ${{ matrix.os == 'macos' && matrix.suite.testFlags == '--test.audit.Swift' }} # Test - name: Run tests From a7a60633ef4bcf0bb1a7692555e0653736dcfb08 Mon Sep 17 00:00:00 2001 From: barv Date: Sun, 17 Nov 2024 14:56:32 +0200 Subject: [PATCH 079/111] swift-audit --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 9a46a15e..30aaabea 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -111,7 +111,7 @@ jobs: uses: ./.github/actions/install-and-setup - name: Install Swift on Ubuntu - run: apt install swift + uses: swift-actions/setup-swift@v2 if: ${{ matrix.os == 'ubuntu' && matrix.suite.testFlags == '--test.audit.Swift' }} - name: Install Swift on MacOS From 004a085a99d0c0fafaa08c58269ca9c577096f81 Mon Sep 17 00:00:00 2001 From: barv Date: Sun, 17 Nov 2024 16:16:04 +0200 Subject: [PATCH 080/111] cocoapods-fix --- .github/workflows/test.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 580c1b93..b7f4183b 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -97,6 +97,8 @@ jobs: testFlags: '--test.audit.Go' - name: 'C/C++/C# Suite (Conan, NuGet, Dotnet)' testFlags: '--test.audit.C' + - name: 'Cocoapods Suite' + testFlags: '--test.audit.Cocoapods' steps: # Prepare the environment From ea5b3118566b65612fcb771a2ae3363cf900a142 Mon Sep 17 00:00:00 2001 From: barv Date: Sun, 17 Nov 2024 17:00:40 +0200 Subject: [PATCH 081/111] cocoapods-test --- .../package-managers/cocoapods/Podfile | 2 +- .../package-managers/cocoapods/Podfile.lock | 2 +- .../cocoapods/Test.xcodeproj/project.pbxproj | 529 ------------------ 3 files changed, 2 insertions(+), 531 deletions(-) delete mode 100644 tests/testdata/projects/package-managers/cocoapods/Test.xcodeproj/project.pbxproj diff --git a/tests/testdata/projects/package-managers/cocoapods/Podfile b/tests/testdata/projects/package-managers/cocoapods/Podfile index 40332d1b..beb74374 100644 --- a/tests/testdata/projects/package-managers/cocoapods/Podfile +++ b/tests/testdata/projects/package-managers/cocoapods/Podfile @@ -5,6 +5,6 @@ target 'Test' do pod 'GoogleSignIn', '~> 6.2.4' pod 'AppAuth', '~> 1.7.5' pod 'AppAuth', '~> 1.7.5' - +pod 'nanopb', '~> 0.4.1' end \ No newline at end of file diff --git a/tests/testdata/projects/package-managers/cocoapods/Podfile.lock b/tests/testdata/projects/package-managers/cocoapods/Podfile.lock index 52f4bcbb..1d062af7 100644 --- a/tests/testdata/projects/package-managers/cocoapods/Podfile.lock +++ b/tests/testdata/projects/package-managers/cocoapods/Podfile.lock @@ -13,7 +13,7 @@ PODS: - AppAuth/Core (~> 1.6) - GTMSessionFetcher/Core (< 3.0, >= 1.5) - GTMSessionFetcher/Core (2.3.0) - + - nanopb (0.4.1) DEPENDENCIES: - GoogleSignIn diff --git a/tests/testdata/projects/package-managers/cocoapods/Test.xcodeproj/project.pbxproj b/tests/testdata/projects/package-managers/cocoapods/Test.xcodeproj/project.pbxproj deleted file mode 100644 index 049d42ff..00000000 --- a/tests/testdata/projects/package-managers/cocoapods/Test.xcodeproj/project.pbxproj +++ /dev/null @@ -1,529 +0,0 @@ -// !$*UTF8*$! -{ - archiveVersion = 1; - classes = { - }; - objectVersion = 50; - objects = { - -/* Begin PBXBuildFile section */ - 88AE4B8E01AFFF3A45DC9B88 /* Pods_Test.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 474904C1D18515D2338FE798 /* Pods_Test.framework */; }; - D50D70A420B9443D00F9D88B /* GoogleService-Info.plist in Resources */ = {isa = PBXBuildFile; fileRef = D50D70A320B9443D00F9D88B /* GoogleService-Info.plist */; }; - D5418B3220B9A02A001D620C /* google1.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2B20B9A027001D620C /* google1.png */; }; - D5418B3320B9A02A001D620C /* fb2.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2C20B9A027001D620C /* fb2.png */; }; - D5418B3420B9A02A001D620C /* signup.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2D20B9A028001D620C /* signup.png */; }; - D5418B3520B9A02A001D620C /* fb1.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2E20B9A028001D620C /* fb1.png */; }; - D5418B3620B9A02A001D620C /* fb3.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B2F20B9A029001D620C /* fb3.png */; }; - D5418B3720B9A02A001D620C /* google2.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3020B9A029001D620C /* google2.png */; }; - D5418B3820B9A02A001D620C /* home.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3120B9A029001D620C /* home.png */; }; - D5418B3B20B9A512001D620C /* firebase1.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3920B9A512001D620C /* firebase1.png */; }; - D5418B3C20B9A512001D620C /* firebase2.png in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3A20B9A512001D620C /* firebase2.png */; }; - D5418B3E20B9A938001D620C /* swiftxcode.jpg in Resources */ = {isa = PBXBuildFile; fileRef = D5418B3D20B9A938001D620C /* swiftxcode.jpg */; }; - D54BB52720B54ACF0085C370 /* FirebaseViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D54BB52620B54ACF0085C370 /* FirebaseViewController.swift */; }; - D5D3F10D20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D3F10C20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift */; }; - D5D4807920AEF552004F5ADF /* AppDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4807820AEF552004F5ADF /* AppDelegate.swift */; }; - D5D4807B20AEF552004F5ADF /* LoginViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4807A20AEF552004F5ADF /* LoginViewController.swift */; }; - D5D4807E20AEF552004F5ADF /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = D5D4807C20AEF552004F5ADF /* Main.storyboard */; }; - D5D4808020AEF555004F5ADF /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = D5D4807F20AEF555004F5ADF /* Assets.xcassets */; }; - D5D4808320AEF555004F5ADF /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = D5D4808120AEF555004F5ADF /* LaunchScreen.storyboard */; }; - D5D4809420B2A9B6004F5ADF /* SignupViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4809320B2A9B6004F5ADF /* SignupViewController.swift */; }; - D5D4809620B2CEB8004F5ADF /* BaseViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4809520B2CEB8004F5ADF /* BaseViewController.swift */; }; - D5D4809D20B3E95D004F5ADF /* LoginMain.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = D5D4809C20B3E95D004F5ADF /* LoginMain.storyboard */; }; - D5D4809F20B3FB67004F5ADF /* CustomCollectionViewCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D4809E20B3FB67004F5ADF /* CustomCollectionViewCell.swift */; }; - D5D480A120B3FBBF004F5ADF /* MainCollectionViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5D480A020B3FBBF004F5ADF /* MainCollectionViewController.swift */; }; - D5FDF0F720B7EE5E00D68D8D /* SocialAuthenticator.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5FDF0F620B7EE5E00D68D8D /* SocialAuthenticator.swift */; }; - D5FDF0FA20B8263500D68D8D /* ResponseDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5FDF0F920B8263500D68D8D /* ResponseDelegate.swift */; }; - D5FDF0FC20B8266100D68D8D /* SocialDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5FDF0FB20B8266100D68D8D /* SocialDelegate.swift */; }; -/* End PBXBuildFile section */ - -/* Begin PBXFileReference section */ - 474904C1D18515D2338FE798 /* Pods_Test.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = Pods_Test.framework; sourceTree = BUILT_PRODUCTS_DIR; }; - 64BF18EB7EA0A352287C2039 /* Pods-Test.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Test.debug.xcconfig"; path = "Pods/Target Support Files/Pods-Test/Pods-Test.debug.xcconfig"; sourceTree = ""; }; - C84725ECA8AC99708758BF82 /* Pods-Test.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-Test.release.xcconfig"; path = "Pods/Target Support Files/Pods-Test/Pods-Test.release.xcconfig"; sourceTree = ""; }; - D50D70A320B9443D00F9D88B /* GoogleService-Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = "GoogleService-Info.plist"; sourceTree = ""; }; - D5418B2B20B9A027001D620C /* google1.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = google1.png; sourceTree = ""; }; - D5418B2C20B9A027001D620C /* fb2.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = fb2.png; sourceTree = ""; }; - D5418B2D20B9A028001D620C /* signup.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = signup.png; sourceTree = ""; }; - D5418B2E20B9A028001D620C /* fb1.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = fb1.png; sourceTree = ""; }; - D5418B2F20B9A029001D620C /* fb3.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = fb3.png; sourceTree = ""; }; - D5418B3020B9A029001D620C /* google2.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = google2.png; sourceTree = ""; }; - D5418B3120B9A029001D620C /* home.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = home.png; sourceTree = ""; }; - D5418B3920B9A512001D620C /* firebase1.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = firebase1.png; sourceTree = ""; }; - D5418B3A20B9A512001D620C /* firebase2.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = firebase2.png; sourceTree = ""; }; - D5418B3D20B9A938001D620C /* swiftxcode.jpg */ = {isa = PBXFileReference; lastKnownFileType = image.jpeg; path = swiftxcode.jpg; sourceTree = ""; }; - D54BB52620B54ACF0085C370 /* FirebaseViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = FirebaseViewController.swift; sourceTree = ""; }; - D5D3F10C20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = FirebaseAuthenticator.swift; sourceTree = ""; }; - D5D4807520AEF552004F5ADF /* Test.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = Test.app; sourceTree = BUILT_PRODUCTS_DIR; }; - D5D4807820AEF552004F5ADF /* AppDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AppDelegate.swift; sourceTree = ""; }; - D5D4807A20AEF552004F5ADF /* LoginViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LoginViewController.swift; sourceTree = ""; }; - D5D4807D20AEF552004F5ADF /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/Main.storyboard; sourceTree = ""; }; - D5D4807F20AEF555004F5ADF /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = ""; }; - D5D4808220AEF555004F5ADF /* Base */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; name = Base; path = Base.lproj/LaunchScreen.storyboard; sourceTree = ""; }; - D5D4808420AEF555004F5ADF /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; - D5D4809320B2A9B6004F5ADF /* SignupViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SignupViewController.swift; sourceTree = ""; }; - D5D4809520B2CEB8004F5ADF /* BaseViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = BaseViewController.swift; sourceTree = ""; }; - D5D4809C20B3E95D004F5ADF /* LoginMain.storyboard */ = {isa = PBXFileReference; lastKnownFileType = file.storyboard; path = LoginMain.storyboard; sourceTree = ""; }; - D5D4809E20B3FB67004F5ADF /* CustomCollectionViewCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CustomCollectionViewCell.swift; sourceTree = ""; }; - D5D480A020B3FBBF004F5ADF /* MainCollectionViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MainCollectionViewController.swift; sourceTree = ""; }; - D5FDF0F620B7EE5E00D68D8D /* SocialAuthenticator.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SocialAuthenticator.swift; sourceTree = ""; }; - D5FDF0F920B8263500D68D8D /* ResponseDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ResponseDelegate.swift; sourceTree = ""; }; - D5FDF0FB20B8266100D68D8D /* SocialDelegate.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SocialDelegate.swift; sourceTree = ""; }; -/* End PBXFileReference section */ - -/* Begin PBXFrameworksBuildPhase section */ - D5D4807220AEF552004F5ADF /* Frameworks */ = { - isa = PBXFrameworksBuildPhase; - buildActionMask = 2147483647; - files = ( - 88AE4B8E01AFFF3A45DC9B88 /* Pods_Test.framework in Frameworks */, - ); - runOnlyForDeploymentPostprocessing = 0; - }; -/* End PBXFrameworksBuildPhase section */ - -/* Begin PBXGroup section */ - 6D4AE5F2DED4F2D75679768C /* Pods */ = { - isa = PBXGroup; - children = ( - 64BF18EB7EA0A352287C2039 /* Pods-Test.debug.xcconfig */, - C84725ECA8AC99708758BF82 /* Pods-Test.release.xcconfig */, - ); - name = Pods; - sourceTree = ""; - }; - 76A856C51E4B61E4FCC4DBDF /* Frameworks */ = { - isa = PBXGroup; - children = ( - 474904C1D18515D2338FE798 /* Pods_Test.framework */, - ); - name = Frameworks; - sourceTree = ""; - }; - D520BEC820B5467D009A5272 /* Network */ = { - isa = PBXGroup; - children = ( - D5D3F10C20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift */, - D5FDF0F620B7EE5E00D68D8D /* SocialAuthenticator.swift */, - ); - path = Network; - sourceTree = ""; - }; - D5418B2A20B99C84001D620C /* Screenshots */ = { - isa = PBXGroup; - children = ( - D5418B3D20B9A938001D620C /* swiftxcode.jpg */, - D5418B3920B9A512001D620C /* firebase1.png */, - D5418B3A20B9A512001D620C /* firebase2.png */, - D5418B2E20B9A028001D620C /* fb1.png */, - D5418B2C20B9A027001D620C /* fb2.png */, - D5418B2F20B9A029001D620C /* fb3.png */, - D5418B2B20B9A027001D620C /* google1.png */, - D5418B3020B9A029001D620C /* google2.png */, - D5418B3120B9A029001D620C /* home.png */, - D5418B2D20B9A028001D620C /* signup.png */, - ); - path = Screenshots; - sourceTree = ""; - }; - D5D4806C20AEF552004F5ADF = { - isa = PBXGroup; - children = ( - 76A856C51E4B61E4FCC4DBDF /* Frameworks */, - 6D4AE5F2DED4F2D75679768C /* Pods */, - D5D4807620AEF552004F5ADF /* Products */, - D5D4807720AEF552004F5ADF /* Test */, - ); - sourceTree = ""; - }; - D5D4807620AEF552004F5ADF /* Products */ = { - isa = PBXGroup; - children = ( - D5D4807520AEF552004F5ADF /* Test.app */, - ); - name = Products; - sourceTree = ""; - }; - D5D4807720AEF552004F5ADF /* Test */ = { - isa = PBXGroup; - children = ( - D5418B2A20B99C84001D620C /* Screenshots */, - D50D70A320B9443D00F9D88B /* GoogleService-Info.plist */, - D5FDF0F820B8225500D68D8D /* Delegate */, - D5D4807C20AEF552004F5ADF /* Main.storyboard */, - D5D4808420AEF555004F5ADF /* Info.plist */, - D5D4807820AEF552004F5ADF /* AppDelegate.swift */, - D5D4809520B2CEB8004F5ADF /* BaseViewController.swift */, - D5D4809320B2A9B6004F5ADF /* SignupViewController.swift */, - D5D4807A20AEF552004F5ADF /* LoginViewController.swift */, - D5D4807F20AEF555004F5ADF /* Assets.xcassets */, - D5D4808120AEF555004F5ADF /* LaunchScreen.storyboard */, - D520BEC820B5467D009A5272 /* Network */, - D5D4809920B3E8F8004F5ADF /* MainLogin */, - ); - path = Test; - sourceTree = ""; - }; - D5D4809920B3E8F8004F5ADF /* MainLogin */ = { - isa = PBXGroup; - children = ( - D54BB52620B54ACF0085C370 /* FirebaseViewController.swift */, - D5D4809C20B3E95D004F5ADF /* LoginMain.storyboard */, - D5D4809E20B3FB67004F5ADF /* CustomCollectionViewCell.swift */, - D5D480A020B3FBBF004F5ADF /* MainCollectionViewController.swift */, - ); - path = MainLogin; - sourceTree = ""; - }; - D5FDF0F820B8225500D68D8D /* Delegate */ = { - isa = PBXGroup; - children = ( - D5FDF0F920B8263500D68D8D /* ResponseDelegate.swift */, - D5FDF0FB20B8266100D68D8D /* SocialDelegate.swift */, - ); - name = Delegate; - sourceTree = ""; - }; -/* End PBXGroup section */ - -/* Begin PBXNativeTarget section */ - D5D4807420AEF552004F5ADF /* Test */ = { - isa = PBXNativeTarget; - buildConfigurationList = D5D4808720AEF555004F5ADF /* Build configuration list for PBXNativeTarget "Test" */; - buildPhases = ( - D905B27F086A3993E6CC203D /* [CP] Check Pods Manifest.lock */, - D5D4807120AEF552004F5ADF /* Sources */, - D5D4807220AEF552004F5ADF /* Frameworks */, - D5D4807320AEF552004F5ADF /* Resources */, - 84D5C8B19799EFD0F35C8BA9 /* [CP] Embed Pods Frameworks */, - ); - buildRules = ( - ); - dependencies = ( - ); - name = Test; - productName = swiftconcepts; - productReference = D5D4807520AEF552004F5ADF /* Test.app */; - productType = "com.apple.product-type.application"; - }; -/* End PBXNativeTarget section */ - -/* Begin PBXProject section */ - D5D4806D20AEF552004F5ADF /* Project object */ = { - isa = PBXProject; - attributes = { - LastSwiftUpdateCheck = 0930; - LastUpgradeCheck = 0930; - ORGANIZATIONNAME = yuvraj; - TargetAttributes = { - D5D4807420AEF552004F5ADF = { - CreatedOnToolsVersion = 9.3.1; - }; - }; - }; - buildConfigurationList = D5D4807020AEF552004F5ADF /* Build configuration list for PBXProject "Test" */; - compatibilityVersion = "Xcode 9.3"; - developmentRegion = en; - hasScannedForEncodings = 0; - knownRegions = ( - en, - Base, - ); - mainGroup = D5D4806C20AEF552004F5ADF; - productRefGroup = D5D4807620AEF552004F5ADF /* Products */; - projectDirPath = ""; - projectRoot = ""; - targets = ( - D5D4807420AEF552004F5ADF /* Test */, - ); - }; -/* End PBXProject section */ - -/* Begin PBXResourcesBuildPhase section */ - D5D4807320AEF552004F5ADF /* Resources */ = { - isa = PBXResourcesBuildPhase; - buildActionMask = 2147483647; - files = ( - D5D4808320AEF555004F5ADF /* LaunchScreen.storyboard in Resources */, - D5418B3620B9A02A001D620C /* fb3.png in Resources */, - D5D4808020AEF555004F5ADF /* Assets.xcassets in Resources */, - D5D4807E20AEF552004F5ADF /* Main.storyboard in Resources */, - D5418B3520B9A02A001D620C /* fb1.png in Resources */, - D5418B3420B9A02A001D620C /* signup.png in Resources */, - D5D4809D20B3E95D004F5ADF /* LoginMain.storyboard in Resources */, - D5418B3220B9A02A001D620C /* google1.png in Resources */, - D5418B3820B9A02A001D620C /* home.png in Resources */, - D5418B3B20B9A512001D620C /* firebase1.png in Resources */, - D5418B3720B9A02A001D620C /* google2.png in Resources */, - D5418B3320B9A02A001D620C /* fb2.png in Resources */, - D5418B3E20B9A938001D620C /* swiftxcode.jpg in Resources */, - D50D70A420B9443D00F9D88B /* GoogleService-Info.plist in Resources */, - D5418B3C20B9A512001D620C /* firebase2.png in Resources */, - ); - runOnlyForDeploymentPostprocessing = 0; - }; -/* End PBXResourcesBuildPhase section */ - -/* Begin PBXShellScriptBuildPhase section */ - 84D5C8B19799EFD0F35C8BA9 /* [CP] Embed Pods Frameworks */ = { - isa = PBXShellScriptBuildPhase; - buildActionMask = 2147483647; - files = ( - ); - inputFileListPaths = ( - "${PODS_ROOT}/Target Support Files/Pods-Test/Pods-Test-frameworks-${CONFIGURATION}-input-files.xcfilelist", - ); - name = "[CP] Embed Pods Frameworks"; - outputFileListPaths = ( - "${PODS_ROOT}/Target Support Files/Pods-Test/Pods-Test-frameworks-${CONFIGURATION}-output-files.xcfilelist", - ); - runOnlyForDeploymentPostprocessing = 0; - shellPath = /bin/sh; - shellScript = "\"${PODS_ROOT}/Target Support Files/Pods-Test/Pods-Test-frameworks.sh\"\n"; - showEnvVarsInLog = 0; - }; - D905B27F086A3993E6CC203D /* [CP] Check Pods Manifest.lock */ = { - isa = PBXShellScriptBuildPhase; - buildActionMask = 2147483647; - files = ( - ); - inputPaths = ( - "${PODS_PODFILE_DIR_PATH}/Podfile.lock", - "${PODS_ROOT}/Manifest.lock", - ); - name = "[CP] Check Pods Manifest.lock"; - outputPaths = ( - "$(DERIVED_FILE_DIR)/Pods-Test-checkManifestLockResult.txt", - ); - runOnlyForDeploymentPostprocessing = 0; - shellPath = /bin/sh; - shellScript = "diff \"${PODS_PODFILE_DIR_PATH}/Podfile.lock\" \"${PODS_ROOT}/Manifest.lock\" > /dev/null\nif [ $? != 0 ] ; then\n # print error to STDERR\n echo \"error: The sandbox is not in sync with the Podfile.lock. Run 'pod install' or update your CocoaPods installation.\" >&2\n exit 1\nfi\n# This output is used by Xcode 'outputs' to avoid re-running this script phase.\necho \"SUCCESS\" > \"${SCRIPT_OUTPUT_FILE_0}\"\n"; - showEnvVarsInLog = 0; - }; -/* End PBXShellScriptBuildPhase section */ - -/* Begin PBXSourcesBuildPhase section */ - D5D4807120AEF552004F5ADF /* Sources */ = { - isa = PBXSourcesBuildPhase; - buildActionMask = 2147483647; - files = ( - D5D4809420B2A9B6004F5ADF /* SignupViewController.swift in Sources */, - D54BB52720B54ACF0085C370 /* FirebaseViewController.swift in Sources */, - D5D4809F20B3FB67004F5ADF /* CustomCollectionViewCell.swift in Sources */, - D5D3F10D20B6AA0F00C5C2AA /* FirebaseAuthenticator.swift in Sources */, - D5FDF0FC20B8266100D68D8D /* SocialDelegate.swift in Sources */, - D5D480A120B3FBBF004F5ADF /* MainCollectionViewController.swift in Sources */, - D5FDF0F720B7EE5E00D68D8D /* SocialAuthenticator.swift in Sources */, - D5D4807B20AEF552004F5ADF /* LoginViewController.swift in Sources */, - D5D4809620B2CEB8004F5ADF /* BaseViewController.swift in Sources */, - D5D4807920AEF552004F5ADF /* AppDelegate.swift in Sources */, - D5FDF0FA20B8263500D68D8D /* ResponseDelegate.swift in Sources */, - ); - runOnlyForDeploymentPostprocessing = 0; - }; -/* End PBXSourcesBuildPhase section */ - -/* Begin PBXVariantGroup section */ - D5D4807C20AEF552004F5ADF /* Main.storyboard */ = { - isa = PBXVariantGroup; - children = ( - D5D4807D20AEF552004F5ADF /* Base */, - ); - name = Main.storyboard; - sourceTree = ""; - }; - D5D4808120AEF555004F5ADF /* LaunchScreen.storyboard */ = { - isa = PBXVariantGroup; - children = ( - D5D4808220AEF555004F5ADF /* Base */, - ); - name = LaunchScreen.storyboard; - sourceTree = ""; - }; -/* End PBXVariantGroup section */ - -/* Begin XCBuildConfiguration section */ - D5D4808520AEF555004F5ADF /* Debug */ = { - isa = XCBuildConfiguration; - buildSettings = { - ALWAYS_SEARCH_USER_PATHS = NO; - CLANG_ANALYZER_NONNULL = YES; - CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; - CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; - CLANG_CXX_LIBRARY = "libc++"; - CLANG_ENABLE_MODULES = YES; - CLANG_ENABLE_OBJC_ARC = YES; - CLANG_ENABLE_OBJC_WEAK = YES; - CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; - CLANG_WARN_BOOL_CONVERSION = YES; - CLANG_WARN_COMMA = YES; - CLANG_WARN_CONSTANT_CONVERSION = YES; - CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES; - CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; - CLANG_WARN_DOCUMENTATION_COMMENTS = YES; - CLANG_WARN_EMPTY_BODY = YES; - CLANG_WARN_ENUM_CONVERSION = YES; - CLANG_WARN_INFINITE_RECURSION = YES; - CLANG_WARN_INT_CONVERSION = YES; - CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; - CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES; - CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; - CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; - CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; - CLANG_WARN_STRICT_PROTOTYPES = YES; - CLANG_WARN_SUSPICIOUS_MOVE = YES; - CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; - CLANG_WARN_UNREACHABLE_CODE = YES; - CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; - CODE_SIGN_IDENTITY = "iPhone Developer"; - COPY_PHASE_STRIP = NO; - DEBUG_INFORMATION_FORMAT = dwarf; - ENABLE_STRICT_OBJC_MSGSEND = YES; - ENABLE_TESTABILITY = YES; - GCC_C_LANGUAGE_STANDARD = gnu11; - GCC_DYNAMIC_NO_PIC = NO; - GCC_NO_COMMON_BLOCKS = YES; - GCC_OPTIMIZATION_LEVEL = 0; - GCC_PREPROCESSOR_DEFINITIONS = ( - "DEBUG=1", - "$(inherited)", - ); - GCC_WARN_64_TO_32_BIT_CONVERSION = YES; - GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; - GCC_WARN_UNDECLARED_SELECTOR = YES; - GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; - GCC_WARN_UNUSED_FUNCTION = YES; - GCC_WARN_UNUSED_VARIABLE = YES; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; - MTL_ENABLE_DEBUG_INFO = YES; - ONLY_ACTIVE_ARCH = YES; - SDKROOT = iphoneos; - SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG; - SWIFT_OPTIMIZATION_LEVEL = "-Onone"; - }; - name = Debug; - }; - D5D4808620AEF555004F5ADF /* Release */ = { - isa = XCBuildConfiguration; - buildSettings = { - ALWAYS_SEARCH_USER_PATHS = NO; - CLANG_ANALYZER_NONNULL = YES; - CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE; - CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; - CLANG_CXX_LIBRARY = "libc++"; - CLANG_ENABLE_MODULES = YES; - CLANG_ENABLE_OBJC_ARC = YES; - CLANG_ENABLE_OBJC_WEAK = YES; - CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES; - CLANG_WARN_BOOL_CONVERSION = YES; - CLANG_WARN_COMMA = YES; - CLANG_WARN_CONSTANT_CONVERSION = YES; - CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES; - CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR; - CLANG_WARN_DOCUMENTATION_COMMENTS = YES; - CLANG_WARN_EMPTY_BODY = YES; - CLANG_WARN_ENUM_CONVERSION = YES; - CLANG_WARN_INFINITE_RECURSION = YES; - CLANG_WARN_INT_CONVERSION = YES; - CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES; - CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES; - CLANG_WARN_OBJC_LITERAL_CONVERSION = YES; - CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR; - CLANG_WARN_RANGE_LOOP_ANALYSIS = YES; - CLANG_WARN_STRICT_PROTOTYPES = YES; - CLANG_WARN_SUSPICIOUS_MOVE = YES; - CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; - CLANG_WARN_UNREACHABLE_CODE = YES; - CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; - CODE_SIGN_IDENTITY = "iPhone Developer"; - COPY_PHASE_STRIP = NO; - DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; - ENABLE_NS_ASSERTIONS = NO; - ENABLE_STRICT_OBJC_MSGSEND = YES; - GCC_C_LANGUAGE_STANDARD = gnu11; - GCC_NO_COMMON_BLOCKS = YES; - GCC_WARN_64_TO_32_BIT_CONVERSION = YES; - GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR; - GCC_WARN_UNDECLARED_SELECTOR = YES; - GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; - GCC_WARN_UNUSED_FUNCTION = YES; - GCC_WARN_UNUSED_VARIABLE = YES; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; - MTL_ENABLE_DEBUG_INFO = NO; - SDKROOT = iphoneos; - SWIFT_COMPILATION_MODE = wholemodule; - SWIFT_OPTIMIZATION_LEVEL = "-O"; - VALIDATE_PRODUCT = YES; - }; - name = Release; - }; - D5D4808820AEF555004F5ADF /* Debug */ = { - isa = XCBuildConfiguration; - baseConfigurationReference = 64BF18EB7EA0A352287C2039 /* Pods-Test.debug.xcconfig */; - buildSettings = { - ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; - CODE_SIGN_STYLE = Automatic; - FRAMEWORK_SEARCH_PATHS = ( - "$(inherited)", - "$(PROJECT_DIR)/swiftconcepts", - ); - INFOPLIST_FILE = Test/Info.plist; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; - LD_RUNPATH_SEARCH_PATHS = ( - "$(inherited)", - "@executable_path/Frameworks", - ); - PRODUCT_BUNDLE_IDENTIFIER = com.yuvraj.Test; - PRODUCT_NAME = "$(TARGET_NAME)"; - SWIFT_VERSION = 4.0; - TARGETED_DEVICE_FAMILY = "1,2"; - }; - name = Debug; - }; - D5D4808920AEF555004F5ADF /* Release */ = { - isa = XCBuildConfiguration; - baseConfigurationReference = C84725ECA8AC99708758BF82 /* Pods-Test.release.xcconfig */; - buildSettings = { - ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; - CODE_SIGN_STYLE = Automatic; - FRAMEWORK_SEARCH_PATHS = ( - "$(inherited)", - "$(PROJECT_DIR)/swiftconcepts", - ); - INFOPLIST_FILE = Test/Info.plist; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; - LD_RUNPATH_SEARCH_PATHS = ( - "$(inherited)", - "@executable_path/Frameworks", - ); - PRODUCT_BUNDLE_IDENTIFIER = com.yuvraj.Test; - PRODUCT_NAME = "$(TARGET_NAME)"; - SWIFT_VERSION = 4.0; - TARGETED_DEVICE_FAMILY = "1,2"; - }; - name = Release; - }; -/* End XCBuildConfiguration section */ - -/* Begin XCConfigurationList section */ - D5D4807020AEF552004F5ADF /* Build configuration list for PBXProject "Test" */ = { - isa = XCConfigurationList; - buildConfigurations = ( - D5D4808520AEF555004F5ADF /* Debug */, - D5D4808620AEF555004F5ADF /* Release */, - ); - defaultConfigurationIsVisible = 0; - defaultConfigurationName = Release; - }; - D5D4808720AEF555004F5ADF /* Build configuration list for PBXNativeTarget "Test" */ = { - isa = XCConfigurationList; - buildConfigurations = ( - D5D4808820AEF555004F5ADF /* Debug */, - D5D4808920AEF555004F5ADF /* Release */, - ); - defaultConfigurationIsVisible = 0; - defaultConfigurationName = Release; - }; -/* End XCConfigurationList section */ - }; - rootObject = D5D4806D20AEF552004F5ADF /* Project object */; -} From df8559bc7a6a06aea809ab4038a9bf39fd0cb473 Mon Sep 17 00:00:00 2001 From: barv Date: Sun, 17 Nov 2024 17:02:06 +0200 Subject: [PATCH 082/111] cocoapods-test --- commands/audit/sca/cocoapods/cocoapods_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index 61d1ad3a..5a4a02f7 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -39,6 +39,7 @@ func TestBuildCocoapodsDependencyList(t *testing.T) { techutils.Cocoapods.GetPackageTypeId() + "GoogleSignIn:6.2.4", techutils.Cocoapods.GetPackageTypeId() + "GTMAppAuth:1.3.1", techutils.Cocoapods.GetPackageTypeId() + "GTMSessionFetcher:2.3.0", + techutils.Cocoapods.GetPackageTypeId() + "nanopb:0.4.1", techutils.Cocoapods.GetPackageTypeId() + packageInfo, } @@ -49,7 +50,7 @@ func TestBuildCocoapodsDependencyList(t *testing.T) { assert.NotEmpty(t, rootNode) assert.Equal(t, rootNode[0].Id, techutils.Cocoapods.GetPackageTypeId()+packageInfo) - assert.Len(t, rootNode[0].Nodes, 4) + assert.Len(t, rootNode[0].Nodes, 5) child1 := tests.GetAndAssertNode(t, rootNode[0].Nodes, "GTMSessionFetcher:2.3.0") assert.Len(t, child1.Nodes, 0) From 9d7503c9ee0ccbcf1394d86ea1c35e26e4c76cfc Mon Sep 17 00:00:00 2001 From: barv Date: Sun, 8 Dec 2024 14:19:21 +0200 Subject: [PATCH 083/111] swift audit fixes + small fix to cocoapods version --- audit_test.go | 4 ++-- commands/audit/scarunner.go | 28 ++++++++++++++++++++++++++++ utils/xray/scangraph/scangraph.go | 6 ++++-- 3 files changed, 34 insertions(+), 4 deletions(-) diff --git a/audit_test.go b/audit_test.go index 7068787d..a06662ba 100644 --- a/audit_test.go +++ b/audit_test.go @@ -447,7 +447,7 @@ func TestXrayAuditPipJson(t *testing.T) { } func TestXrayAuditCocoapods(t *testing.T) { - integration.InitAuditCocoapodsTest(t, scangraph.GraphScanMinXrayVersion) + integration.InitAuditCocoapodsTest(t, scangraph.CocoapodsScanMinXrayVersion) output := testXrayAuditCocoapods(t, string(format.Json)) validations.VerifyJsonResults(t, output, validations.ValidationParams{ Vulnerabilities: 1, @@ -503,7 +503,7 @@ func testXrayAuditCocoapods(t *testing.T, format string) string { } func testXrayAuditSwift(t *testing.T, format string) string { - integration.InitAuditSwiftTest(t, scangraph.GraphScanMinXrayVersion) + integration.InitAuditSwiftTest(t, scangraph.SwiftScanMinXrayVersion) _, cleanUp := securityTestUtils.CreateTestProjectEnvAndChdir(t, filepath.Join(filepath.FromSlash(securityTests.GetTestResourcesPath()), "projects", "package-managers", "swift")) defer cleanUp() // Add dummy descriptor file to check that we run only specific audit diff --git a/commands/audit/scarunner.go b/commands/audit/scarunner.go index 168b7d2d..27588410 100644 --- a/commands/audit/scarunner.go +++ b/commands/audit/scarunner.go @@ -257,8 +257,36 @@ func GetTechDependencyTree(params xrayutils.AuditParams, artifactoryServerDetail case techutils.Nuget: depTreeResult.FullDepTrees, uniqueDeps, err = nuget.BuildDependencyTree(params) case techutils.Cocoapods: + xrayManager, err := xray.CreateXrayServiceManager(artifactoryServerDetails) + if err != nil { + return depTreeResult, err + } + xrayVersion, err := xrayManager.GetVersion() + if err != nil { + log.Error("Could not get xray version") + return depTreeResult, err + } + err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.CocoapodsScanMinXrayVersion) + if err != nil { + log.Warn(fmt.Sprintf("Your xray version %s does not support cocoapods which is supported on versions %s and above", xrayVersion, scangraph.CocoapodsScanMinXrayVersion)) + return depTreeResult, err + } depTreeResult.FullDepTrees, uniqueDeps, err = cocoapods.BuildDependencyTree(params) case techutils.Swift: + xrayManager, err := xray.CreateXrayServiceManager(artifactoryServerDetails) + if err != nil { + return depTreeResult, err + } + xrayVersion, err := xrayManager.GetVersion() + if err != nil { + log.Error("Could not get xray version") + return depTreeResult, err + } + err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.SwiftScanMinXrayVersion) + if err != nil { + log.Warn(fmt.Sprintf("Your xray version %s does not support swift which is supported on versions %s and above", xrayVersion, scangraph.SwiftScanMinXrayVersion)) + return depTreeResult, err + } depTreeResult.FullDepTrees, uniqueDeps, err = swift.BuildDependencyTree(params) default: err = errorutils.CheckErrorf("%s is currently not supported", string(tech)) diff --git a/utils/xray/scangraph/scangraph.go b/utils/xray/scangraph/scangraph.go index bc6944af..253c17dc 100644 --- a/utils/xray/scangraph/scangraph.go +++ b/utils/xray/scangraph/scangraph.go @@ -9,8 +9,10 @@ import ( ) const ( - GraphScanMinXrayVersion = "3.29.0" - ScanTypeMinXrayVersion = "3.37.2" + GraphScanMinXrayVersion = "3.29.0" + ScanTypeMinXrayVersion = "3.37.2" + SwiftScanMinXrayVersion = "3.109.4" + CocoapodsScanMinXrayVersion = "3.103.3" ) func RunScanGraphAndGetResults(params *ScanGraphParams, xrayManager *xray.XrayServicesManager) (*services.ScanResponse, error) { From dba18a6cbf2369a6c9a67aab16b311d9d784eb1f Mon Sep 17 00:00:00 2001 From: barv Date: Sun, 8 Dec 2024 14:40:15 +0200 Subject: [PATCH 084/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/cocoapods/cocoapods.go | 21 +++++++++++++++++ commands/audit/sca/swift/swift.go | 21 +++++++++++++++++ commands/audit/scarunner.go | 28 ----------------------- 3 files changed, 42 insertions(+), 28 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index 97b9535a..1d9bd343 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -7,6 +7,9 @@ import ( "github.com/jfrog/jfrog-cli-security/utils" "github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils" "github.com/jfrog/jfrog-cli-security/utils/techutils" + "github.com/jfrog/jfrog-cli-security/utils/xray" + "github.com/jfrog/jfrog-cli-security/utils/xray/scangraph" + clientutils "github.com/jfrog/jfrog-client-go/utils" "github.com/jfrog/jfrog-client-go/utils/log" xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" "github.com/owenrumney/go-sarif/v2/sarif" @@ -200,6 +203,24 @@ func GetDependenciesData(currentDir string) (string, error) { } func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) { + details, err := params.ServerDetails() + if err != nil { + return nil, nil, err + } + xrayManager, err := xray.CreateXrayServiceManager(details) + if err != nil { + return nil, nil, err + } + xrayVersion, err := xrayManager.GetVersion() + if err != nil { + log.Error("Could not get xray version") + return nil, nil, err + } + err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.CocoapodsScanMinXrayVersion) + if err != nil { + log.Warn(fmt.Sprintf("Your xray version %s does not support cocoapods which is supported on versions %s and above", xrayVersion, scangraph.CocoapodsScanMinXrayVersion)) + return nil, nil, err + } currentDir, err := coreutils.GetWorkingDirectory() if err != nil { return nil, nil, err diff --git a/commands/audit/sca/swift/swift.go b/commands/audit/sca/swift/swift.go index 46022811..214dfb59 100644 --- a/commands/audit/sca/swift/swift.go +++ b/commands/audit/sca/swift/swift.go @@ -8,6 +8,9 @@ import ( "github.com/jfrog/jfrog-cli-security/utils" "github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils" "github.com/jfrog/jfrog-cli-security/utils/techutils" + "github.com/jfrog/jfrog-cli-security/utils/xray" + "github.com/jfrog/jfrog-cli-security/utils/xray/scangraph" + clientutils "github.com/jfrog/jfrog-client-go/utils" "github.com/jfrog/jfrog-client-go/utils/log" xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" "github.com/owenrumney/go-sarif/v2/sarif" @@ -160,6 +163,24 @@ func GetDependenciesData(exePath, currentDir string) (*Dependencies, error) { } func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) { + details, err := params.ServerDetails() + if err != nil { + return nil, nil, err + } + xrayManager, err := xray.CreateXrayServiceManager(details) + if err != nil { + return nil, nil, err + } + xrayVersion, err := xrayManager.GetVersion() + if err != nil { + log.Error("Could not get xray version") + return nil, nil, err + } + err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.SwiftScanMinXrayVersion) + if err != nil { + log.Warn(fmt.Sprintf("Your xray version %s does not support cocoapods which is supported on versions %s and above", xrayVersion, scangraph.SwiftScanMinXrayVersion)) + return nil, nil, err + } currentDir, err := coreutils.GetWorkingDirectory() if err != nil { return nil, nil, err diff --git a/commands/audit/scarunner.go b/commands/audit/scarunner.go index 27588410..168b7d2d 100644 --- a/commands/audit/scarunner.go +++ b/commands/audit/scarunner.go @@ -257,36 +257,8 @@ func GetTechDependencyTree(params xrayutils.AuditParams, artifactoryServerDetail case techutils.Nuget: depTreeResult.FullDepTrees, uniqueDeps, err = nuget.BuildDependencyTree(params) case techutils.Cocoapods: - xrayManager, err := xray.CreateXrayServiceManager(artifactoryServerDetails) - if err != nil { - return depTreeResult, err - } - xrayVersion, err := xrayManager.GetVersion() - if err != nil { - log.Error("Could not get xray version") - return depTreeResult, err - } - err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.CocoapodsScanMinXrayVersion) - if err != nil { - log.Warn(fmt.Sprintf("Your xray version %s does not support cocoapods which is supported on versions %s and above", xrayVersion, scangraph.CocoapodsScanMinXrayVersion)) - return depTreeResult, err - } depTreeResult.FullDepTrees, uniqueDeps, err = cocoapods.BuildDependencyTree(params) case techutils.Swift: - xrayManager, err := xray.CreateXrayServiceManager(artifactoryServerDetails) - if err != nil { - return depTreeResult, err - } - xrayVersion, err := xrayManager.GetVersion() - if err != nil { - log.Error("Could not get xray version") - return depTreeResult, err - } - err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.SwiftScanMinXrayVersion) - if err != nil { - log.Warn(fmt.Sprintf("Your xray version %s does not support swift which is supported on versions %s and above", xrayVersion, scangraph.SwiftScanMinXrayVersion)) - return depTreeResult, err - } depTreeResult.FullDepTrees, uniqueDeps, err = swift.BuildDependencyTree(params) default: err = errorutils.CheckErrorf("%s is currently not supported", string(tech)) From 122768d423a15771a0766816d36cf1c9a95b55c4 Mon Sep 17 00:00:00 2001 From: barv Date: Sun, 15 Dec 2024 13:58:45 +0200 Subject: [PATCH 085/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/cocoapods/cocoapods_test.go | 5 ++++- commands/audit/sca/swift/swift_test.go | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index 5a4a02f7..f7b2aa54 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -5,6 +5,7 @@ import ( "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" "github.com/jfrog/jfrog-cli-core/v2/utils/tests" "github.com/jfrog/jfrog-cli-security/utils/techutils" + "github.com/jfrog/jfrog-cli-security/utils/xsc" "github.com/owenrumney/go-sarif/v2/sarif" "os" "path/filepath" @@ -42,8 +43,10 @@ func TestBuildCocoapodsDependencyList(t *testing.T) { techutils.Cocoapods.GetPackageTypeId() + "nanopb:0.4.1", techutils.Cocoapods.GetPackageTypeId() + packageInfo, } + xrayVersion, xscVersion, err := xsc.GetJfrogServicesVersion(server) + assert.NoError(t, err) - auditBasicParams := (&xrayutils.AuditBasicParams{}).SetServerDetails(server) + auditBasicParams := (&xrayutils.AuditBasicParams{}).SetServerDetails(server).SetXrayVersion(xrayVersion).SetXscVersion(xscVersion) rootNode, uniqueDeps, err := BuildDependencyTree(auditBasicParams) assert.NoError(t, err) assert.ElementsMatch(t, uniqueDeps, expectedUniqueDeps, "First is actual, Second is Expected") diff --git a/commands/audit/sca/swift/swift_test.go b/commands/audit/sca/swift/swift_test.go index 8c84fa66..3cd11191 100644 --- a/commands/audit/sca/swift/swift_test.go +++ b/commands/audit/sca/swift/swift_test.go @@ -5,6 +5,7 @@ import ( "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" "github.com/jfrog/jfrog-cli-core/v2/utils/tests" "github.com/jfrog/jfrog-cli-security/utils/techutils" + "github.com/jfrog/jfrog-cli-security/utils/xsc" "github.com/owenrumney/go-sarif/v2/sarif" "os" "path/filepath" @@ -43,8 +44,10 @@ func TestBuildSwiftDependencyList(t *testing.T) { techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-nio:2.76.1", techutils.Swift.GetPackageTypeId() + packageInfo, } + xrayVersion, xscVersion, err := xsc.GetJfrogServicesVersion(server) + assert.NoError(t, err) - auditBasicParams := (&xrayutils.AuditBasicParams{}).SetServerDetails(server) + auditBasicParams := (&xrayutils.AuditBasicParams{}).SetServerDetails(server).SetXrayVersion(xrayVersion).SetXscVersion(xscVersion) rootNode, uniqueDeps, err := BuildDependencyTree(auditBasicParams) assert.NoError(t, err) assert.ElementsMatch(t, uniqueDeps, expectedUniqueDeps, "First is actual, Second is Expected") From e599549a93b888a405d0e17a2ee204aaacaafe00 Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 16 Dec 2024 10:49:40 +0200 Subject: [PATCH 086/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/swift/swift.go | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/commands/audit/sca/swift/swift.go b/commands/audit/sca/swift/swift.go index 214dfb59..dd848d4e 100644 --- a/commands/audit/sca/swift/swift.go +++ b/commands/audit/sca/swift/swift.go @@ -8,8 +8,8 @@ import ( "github.com/jfrog/jfrog-cli-security/utils" "github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils" "github.com/jfrog/jfrog-cli-security/utils/techutils" - "github.com/jfrog/jfrog-cli-security/utils/xray" "github.com/jfrog/jfrog-cli-security/utils/xray/scangraph" + "github.com/jfrog/jfrog-cli-security/utils/xsc" clientutils "github.com/jfrog/jfrog-client-go/utils" "github.com/jfrog/jfrog-client-go/utils/log" xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" @@ -167,11 +167,7 @@ func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils. if err != nil { return nil, nil, err } - xrayManager, err := xray.CreateXrayServiceManager(details) - if err != nil { - return nil, nil, err - } - xrayVersion, err := xrayManager.GetVersion() + xrayVersion, _, err := xsc.GetJfrogServicesVersion(details) if err != nil { log.Error("Could not get xray version") return nil, nil, err From a85215d64795e95df35e8fdd3a3d000035d5ac5e Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 16 Dec 2024 10:49:56 +0200 Subject: [PATCH 087/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/cocoapods/cocoapods.go | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index 1d9bd343..6ad5a6f5 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -7,8 +7,8 @@ import ( "github.com/jfrog/jfrog-cli-security/utils" "github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils" "github.com/jfrog/jfrog-cli-security/utils/techutils" - "github.com/jfrog/jfrog-cli-security/utils/xray" "github.com/jfrog/jfrog-cli-security/utils/xray/scangraph" + "github.com/jfrog/jfrog-cli-security/utils/xsc" clientutils "github.com/jfrog/jfrog-client-go/utils" "github.com/jfrog/jfrog-client-go/utils/log" xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" @@ -207,11 +207,7 @@ func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils. if err != nil { return nil, nil, err } - xrayManager, err := xray.CreateXrayServiceManager(details) - if err != nil { - return nil, nil, err - } - xrayVersion, err := xrayManager.GetVersion() + xrayVersion, _, err := xsc.GetJfrogServicesVersion(details) if err != nil { log.Error("Could not get xray version") return nil, nil, err From dcf2d27a6320e1a1ec5d9c1e67603c4baab899d3 Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 16 Dec 2024 17:18:41 +0200 Subject: [PATCH 088/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/cocoapods/cocoapods_test.go | 10 ++++------ commands/audit/sca/swift/swift_test.go | 10 ++++------ 2 files changed, 8 insertions(+), 12 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index f7b2aa54..3262dc0a 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -4,8 +4,9 @@ import ( "fmt" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" "github.com/jfrog/jfrog-cli-core/v2/utils/tests" + testUtils "github.com/jfrog/jfrog-cli-security/tests/utils" "github.com/jfrog/jfrog-cli-security/utils/techutils" - "github.com/jfrog/jfrog-cli-security/utils/xsc" + "github.com/jfrog/jfrog-cli-security/utils/xray/scangraph" "github.com/owenrumney/go-sarif/v2/sarif" "os" "path/filepath" @@ -23,7 +24,7 @@ func TestBuildCocoapodsDependencyList(t *testing.T) { // Create and change directory to test workspace _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "cocoapods")) defer cleanUp() - + testUtils.ValidateXrayVersion(t, scangraph.CocoapodsScanMinXrayVersion) // Run getModulesDependencyTrees server := &config.ServerDetails{ Url: "https://api.cocoapods.here", @@ -43,10 +44,7 @@ func TestBuildCocoapodsDependencyList(t *testing.T) { techutils.Cocoapods.GetPackageTypeId() + "nanopb:0.4.1", techutils.Cocoapods.GetPackageTypeId() + packageInfo, } - xrayVersion, xscVersion, err := xsc.GetJfrogServicesVersion(server) - assert.NoError(t, err) - - auditBasicParams := (&xrayutils.AuditBasicParams{}).SetServerDetails(server).SetXrayVersion(xrayVersion).SetXscVersion(xscVersion) + auditBasicParams := (&xrayutils.AuditBasicParams{}).SetServerDetails(server) rootNode, uniqueDeps, err := BuildDependencyTree(auditBasicParams) assert.NoError(t, err) assert.ElementsMatch(t, uniqueDeps, expectedUniqueDeps, "First is actual, Second is Expected") diff --git a/commands/audit/sca/swift/swift_test.go b/commands/audit/sca/swift/swift_test.go index 3cd11191..4f7ec57a 100644 --- a/commands/audit/sca/swift/swift_test.go +++ b/commands/audit/sca/swift/swift_test.go @@ -4,8 +4,9 @@ import ( "fmt" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" "github.com/jfrog/jfrog-cli-core/v2/utils/tests" + testUtils "github.com/jfrog/jfrog-cli-security/tests/utils" "github.com/jfrog/jfrog-cli-security/utils/techutils" - "github.com/jfrog/jfrog-cli-security/utils/xsc" + "github.com/jfrog/jfrog-cli-security/utils/xray/scangraph" "github.com/owenrumney/go-sarif/v2/sarif" "os" "path/filepath" @@ -22,7 +23,7 @@ func TestBuildSwiftDependencyList(t *testing.T) { // Create and change directory to test workspace _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "swift")) defer cleanUp() - + testUtils.ValidateXrayVersion(t, scangraph.SwiftScanMinXrayVersion) // Run getModulesDependencyTrees server := &config.ServerDetails{ Url: "https://api.swift.here", @@ -44,10 +45,7 @@ func TestBuildSwiftDependencyList(t *testing.T) { techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-nio:2.76.1", techutils.Swift.GetPackageTypeId() + packageInfo, } - xrayVersion, xscVersion, err := xsc.GetJfrogServicesVersion(server) - assert.NoError(t, err) - - auditBasicParams := (&xrayutils.AuditBasicParams{}).SetServerDetails(server).SetXrayVersion(xrayVersion).SetXscVersion(xscVersion) + auditBasicParams := (&xrayutils.AuditBasicParams{}).SetServerDetails(server) rootNode, uniqueDeps, err := BuildDependencyTree(auditBasicParams) assert.NoError(t, err) assert.ElementsMatch(t, uniqueDeps, expectedUniqueDeps, "First is actual, Second is Expected") From 08faa0aa2b75e1abf216b9016209ffef92edfe7b Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 16 Dec 2024 17:55:21 +0200 Subject: [PATCH 089/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/cocoapods/cocoapods.go | 17 ----------------- commands/audit/sca/cocoapods/cocoapods_test.go | 3 --- commands/audit/sca/swift/swift.go | 17 ----------------- commands/audit/sca/swift/swift_test.go | 3 --- 4 files changed, 40 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index 6ad5a6f5..97b9535a 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -7,9 +7,6 @@ import ( "github.com/jfrog/jfrog-cli-security/utils" "github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils" "github.com/jfrog/jfrog-cli-security/utils/techutils" - "github.com/jfrog/jfrog-cli-security/utils/xray/scangraph" - "github.com/jfrog/jfrog-cli-security/utils/xsc" - clientutils "github.com/jfrog/jfrog-client-go/utils" "github.com/jfrog/jfrog-client-go/utils/log" xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" "github.com/owenrumney/go-sarif/v2/sarif" @@ -203,20 +200,6 @@ func GetDependenciesData(currentDir string) (string, error) { } func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) { - details, err := params.ServerDetails() - if err != nil { - return nil, nil, err - } - xrayVersion, _, err := xsc.GetJfrogServicesVersion(details) - if err != nil { - log.Error("Could not get xray version") - return nil, nil, err - } - err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.CocoapodsScanMinXrayVersion) - if err != nil { - log.Warn(fmt.Sprintf("Your xray version %s does not support cocoapods which is supported on versions %s and above", xrayVersion, scangraph.CocoapodsScanMinXrayVersion)) - return nil, nil, err - } currentDir, err := coreutils.GetWorkingDirectory() if err != nil { return nil, nil, err diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index 3262dc0a..f056aa72 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -4,9 +4,7 @@ import ( "fmt" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" "github.com/jfrog/jfrog-cli-core/v2/utils/tests" - testUtils "github.com/jfrog/jfrog-cli-security/tests/utils" "github.com/jfrog/jfrog-cli-security/utils/techutils" - "github.com/jfrog/jfrog-cli-security/utils/xray/scangraph" "github.com/owenrumney/go-sarif/v2/sarif" "os" "path/filepath" @@ -24,7 +22,6 @@ func TestBuildCocoapodsDependencyList(t *testing.T) { // Create and change directory to test workspace _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "cocoapods")) defer cleanUp() - testUtils.ValidateXrayVersion(t, scangraph.CocoapodsScanMinXrayVersion) // Run getModulesDependencyTrees server := &config.ServerDetails{ Url: "https://api.cocoapods.here", diff --git a/commands/audit/sca/swift/swift.go b/commands/audit/sca/swift/swift.go index dd848d4e..46022811 100644 --- a/commands/audit/sca/swift/swift.go +++ b/commands/audit/sca/swift/swift.go @@ -8,9 +8,6 @@ import ( "github.com/jfrog/jfrog-cli-security/utils" "github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils" "github.com/jfrog/jfrog-cli-security/utils/techutils" - "github.com/jfrog/jfrog-cli-security/utils/xray/scangraph" - "github.com/jfrog/jfrog-cli-security/utils/xsc" - clientutils "github.com/jfrog/jfrog-client-go/utils" "github.com/jfrog/jfrog-client-go/utils/log" xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" "github.com/owenrumney/go-sarif/v2/sarif" @@ -163,20 +160,6 @@ func GetDependenciesData(exePath, currentDir string) (*Dependencies, error) { } func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) { - details, err := params.ServerDetails() - if err != nil { - return nil, nil, err - } - xrayVersion, _, err := xsc.GetJfrogServicesVersion(details) - if err != nil { - log.Error("Could not get xray version") - return nil, nil, err - } - err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.SwiftScanMinXrayVersion) - if err != nil { - log.Warn(fmt.Sprintf("Your xray version %s does not support cocoapods which is supported on versions %s and above", xrayVersion, scangraph.SwiftScanMinXrayVersion)) - return nil, nil, err - } currentDir, err := coreutils.GetWorkingDirectory() if err != nil { return nil, nil, err diff --git a/commands/audit/sca/swift/swift_test.go b/commands/audit/sca/swift/swift_test.go index 4f7ec57a..3ca3a17a 100644 --- a/commands/audit/sca/swift/swift_test.go +++ b/commands/audit/sca/swift/swift_test.go @@ -4,9 +4,7 @@ import ( "fmt" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" "github.com/jfrog/jfrog-cli-core/v2/utils/tests" - testUtils "github.com/jfrog/jfrog-cli-security/tests/utils" "github.com/jfrog/jfrog-cli-security/utils/techutils" - "github.com/jfrog/jfrog-cli-security/utils/xray/scangraph" "github.com/owenrumney/go-sarif/v2/sarif" "os" "path/filepath" @@ -23,7 +21,6 @@ func TestBuildSwiftDependencyList(t *testing.T) { // Create and change directory to test workspace _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "swift")) defer cleanUp() - testUtils.ValidateXrayVersion(t, scangraph.SwiftScanMinXrayVersion) // Run getModulesDependencyTrees server := &config.ServerDetails{ Url: "https://api.swift.here", From feae3996758c7a2f4a62225251fa9c8570b54378 Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 16 Dec 2024 18:09:59 +0200 Subject: [PATCH 090/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/cocoapods/cocoapods.go | 15 +++++++++++++++ commands/audit/sca/cocoapods/cocoapods_test.go | 2 ++ commands/audit/sca/swift/swift.go | 16 ++++++++++++++++ 3 files changed, 33 insertions(+) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index 97b9535a..171d6b56 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -7,6 +7,9 @@ import ( "github.com/jfrog/jfrog-cli-security/utils" "github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils" "github.com/jfrog/jfrog-cli-security/utils/techutils" + "github.com/jfrog/jfrog-cli-security/utils/xray" + "github.com/jfrog/jfrog-cli-security/utils/xray/scangraph" + clientutils "github.com/jfrog/jfrog-client-go/utils" "github.com/jfrog/jfrog-client-go/utils/log" xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" "github.com/owenrumney/go-sarif/v2/sarif" @@ -200,6 +203,18 @@ func GetDependenciesData(currentDir string) (string, error) { } func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) { + details, err := params.ServerDetails() + if err != nil { + return nil, nil, err + } + _, xrayVersion, err := xray.CreateXrayServiceManagerAndGetVersion(details) + if err != nil { + return nil, nil, err + } + err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.CocoapodsScanMinXrayVersion) + if err != nil { + return nil, nil, err + } currentDir, err := coreutils.GetWorkingDirectory() if err != nil { return nil, nil, err diff --git a/commands/audit/sca/cocoapods/cocoapods_test.go b/commands/audit/sca/cocoapods/cocoapods_test.go index f056aa72..5a4a02f7 100644 --- a/commands/audit/sca/cocoapods/cocoapods_test.go +++ b/commands/audit/sca/cocoapods/cocoapods_test.go @@ -22,6 +22,7 @@ func TestBuildCocoapodsDependencyList(t *testing.T) { // Create and change directory to test workspace _, cleanUp := sca.CreateTestWorkspace(t, filepath.Join("projects", "package-managers", "cocoapods")) defer cleanUp() + // Run getModulesDependencyTrees server := &config.ServerDetails{ Url: "https://api.cocoapods.here", @@ -41,6 +42,7 @@ func TestBuildCocoapodsDependencyList(t *testing.T) { techutils.Cocoapods.GetPackageTypeId() + "nanopb:0.4.1", techutils.Cocoapods.GetPackageTypeId() + packageInfo, } + auditBasicParams := (&xrayutils.AuditBasicParams{}).SetServerDetails(server) rootNode, uniqueDeps, err := BuildDependencyTree(auditBasicParams) assert.NoError(t, err) diff --git a/commands/audit/sca/swift/swift.go b/commands/audit/sca/swift/swift.go index 46022811..026401f7 100644 --- a/commands/audit/sca/swift/swift.go +++ b/commands/audit/sca/swift/swift.go @@ -8,6 +8,9 @@ import ( "github.com/jfrog/jfrog-cli-security/utils" "github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils" "github.com/jfrog/jfrog-cli-security/utils/techutils" + "github.com/jfrog/jfrog-cli-security/utils/xray" + "github.com/jfrog/jfrog-cli-security/utils/xray/scangraph" + clientutils "github.com/jfrog/jfrog-client-go/utils" "github.com/jfrog/jfrog-client-go/utils/log" xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" "github.com/owenrumney/go-sarif/v2/sarif" @@ -160,6 +163,19 @@ func GetDependenciesData(exePath, currentDir string) (*Dependencies, error) { } func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) { + details, err := params.ServerDetails() + if err != nil { + return nil, nil, err + } + _, xrayVersion, err := xray.CreateXrayServiceManagerAndGetVersion(details) + if err != nil { + return nil, nil, err + } + err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.SwiftScanMinXrayVersion) + if err != nil { + return nil, nil, err + } + currentDir, err := coreutils.GetWorkingDirectory() if err != nil { return nil, nil, err From e3be3ab57b2bf9b73e9f78dc295fa7cfa50a80ac Mon Sep 17 00:00:00 2001 From: barv Date: Mon, 16 Dec 2024 18:25:20 +0200 Subject: [PATCH 091/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/cocoapods/cocoapods.go | 15 -------------- commands/audit/sca/swift/swift.go | 16 --------------- commands/audit/scarunner.go | 24 +++++++++++++++++++++++ 3 files changed, 24 insertions(+), 31 deletions(-) diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go index 171d6b56..97b9535a 100644 --- a/commands/audit/sca/cocoapods/cocoapods.go +++ b/commands/audit/sca/cocoapods/cocoapods.go @@ -7,9 +7,6 @@ import ( "github.com/jfrog/jfrog-cli-security/utils" "github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils" "github.com/jfrog/jfrog-cli-security/utils/techutils" - "github.com/jfrog/jfrog-cli-security/utils/xray" - "github.com/jfrog/jfrog-cli-security/utils/xray/scangraph" - clientutils "github.com/jfrog/jfrog-client-go/utils" "github.com/jfrog/jfrog-client-go/utils/log" xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" "github.com/owenrumney/go-sarif/v2/sarif" @@ -203,18 +200,6 @@ func GetDependenciesData(currentDir string) (string, error) { } func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) { - details, err := params.ServerDetails() - if err != nil { - return nil, nil, err - } - _, xrayVersion, err := xray.CreateXrayServiceManagerAndGetVersion(details) - if err != nil { - return nil, nil, err - } - err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.CocoapodsScanMinXrayVersion) - if err != nil { - return nil, nil, err - } currentDir, err := coreutils.GetWorkingDirectory() if err != nil { return nil, nil, err diff --git a/commands/audit/sca/swift/swift.go b/commands/audit/sca/swift/swift.go index 026401f7..46022811 100644 --- a/commands/audit/sca/swift/swift.go +++ b/commands/audit/sca/swift/swift.go @@ -8,9 +8,6 @@ import ( "github.com/jfrog/jfrog-cli-security/utils" "github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils" "github.com/jfrog/jfrog-cli-security/utils/techutils" - "github.com/jfrog/jfrog-cli-security/utils/xray" - "github.com/jfrog/jfrog-cli-security/utils/xray/scangraph" - clientutils "github.com/jfrog/jfrog-client-go/utils" "github.com/jfrog/jfrog-client-go/utils/log" xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils" "github.com/owenrumney/go-sarif/v2/sarif" @@ -163,19 +160,6 @@ func GetDependenciesData(exePath, currentDir string) (*Dependencies, error) { } func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) { - details, err := params.ServerDetails() - if err != nil { - return nil, nil, err - } - _, xrayVersion, err := xray.CreateXrayServiceManagerAndGetVersion(details) - if err != nil { - return nil, nil, err - } - err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.SwiftScanMinXrayVersion) - if err != nil { - return nil, nil, err - } - currentDir, err := coreutils.GetWorkingDirectory() if err != nil { return nil, nil, err diff --git a/commands/audit/scarunner.go b/commands/audit/scarunner.go index 168b7d2d..4e2eaf97 100644 --- a/commands/audit/scarunner.go +++ b/commands/audit/scarunner.go @@ -257,8 +257,32 @@ func GetTechDependencyTree(params xrayutils.AuditParams, artifactoryServerDetail case techutils.Nuget: depTreeResult.FullDepTrees, uniqueDeps, err = nuget.BuildDependencyTree(params) case techutils.Cocoapods: + details, err := params.ServerDetails() + if err != nil { + return depTreeResult, err + } + _, xrayVersion, err := xray.CreateXrayServiceManagerAndGetVersion(details) + if err != nil { + return depTreeResult, err + } + err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.CocoapodsScanMinXrayVersion) + if err != nil { + return depTreeResult, fmt.Errorf("your xray version %s does not allow cocoapods scanning", xrayVersion) + } depTreeResult.FullDepTrees, uniqueDeps, err = cocoapods.BuildDependencyTree(params) case techutils.Swift: + details, err := params.ServerDetails() + if err != nil { + return depTreeResult, err + } + _, xrayVersion, err := xray.CreateXrayServiceManagerAndGetVersion(details) + if err != nil { + return depTreeResult, err + } + err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.SwiftScanMinXrayVersion) + if err != nil { + return depTreeResult, fmt.Errorf("your xray version %s does not allow swift scanning", xrayVersion) + } depTreeResult.FullDepTrees, uniqueDeps, err = swift.BuildDependencyTree(params) default: err = errorutils.CheckErrorf("%s is currently not supported", string(tech)) From 30f93b205d9260222886b0f7ba671557bf8edc47 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 17 Dec 2024 11:42:49 +0200 Subject: [PATCH 092/111] swift audit fixes + small fix to cocoapods version --- .github/workflows/test.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 545a9d03..279932c4 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -120,6 +120,10 @@ jobs: run: brew install swift if: ${{ matrix.os == 'macos' && matrix.suite.testFlags == '--test.audit.Swift' }} + - name: Install Swift on Windows + uses: compnerd/gha-setup-swift@main + if: ${{ matrix.os == 'windows' && matrix.suite.testFlags == '--test.audit.Swift' }} + # Test - name: Run tests run: go test ${{ env.GO_COMMON_TEST_ARGS }} ${{ matrix.suite.testFlags }} From 4024ebca33221e0ed68f58e21465158d39bfe9e4 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 17 Dec 2024 11:50:30 +0200 Subject: [PATCH 093/111] swift audit fixes + small fix to cocoapods version --- commands/audit/scarunner.go | 24 +++++++++---------- .../package-managers/go/simple-project/go.mod | 1 + 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/commands/audit/scarunner.go b/commands/audit/scarunner.go index 4e2eaf97..2bee9b3e 100644 --- a/commands/audit/scarunner.go +++ b/commands/audit/scarunner.go @@ -257,13 +257,13 @@ func GetTechDependencyTree(params xrayutils.AuditParams, artifactoryServerDetail case techutils.Nuget: depTreeResult.FullDepTrees, uniqueDeps, err = nuget.BuildDependencyTree(params) case techutils.Cocoapods: - details, err := params.ServerDetails() - if err != nil { - return depTreeResult, err + details, errParams := params.ServerDetails() + if errParams != nil { + return depTreeResult, errParams } - _, xrayVersion, err := xray.CreateXrayServiceManagerAndGetVersion(details) - if err != nil { - return depTreeResult, err + _, xrayVersion, errVersion := xray.CreateXrayServiceManagerAndGetVersion(details) + if errVersion != nil { + return depTreeResult, errVersion } err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.CocoapodsScanMinXrayVersion) if err != nil { @@ -271,13 +271,13 @@ func GetTechDependencyTree(params xrayutils.AuditParams, artifactoryServerDetail } depTreeResult.FullDepTrees, uniqueDeps, err = cocoapods.BuildDependencyTree(params) case techutils.Swift: - details, err := params.ServerDetails() - if err != nil { - return depTreeResult, err + details, errParams := params.ServerDetails() + if errParams != nil { + return depTreeResult, errParams } - _, xrayVersion, err := xray.CreateXrayServiceManagerAndGetVersion(details) - if err != nil { - return depTreeResult, err + _, xrayVersion, errVersion := xray.CreateXrayServiceManagerAndGetVersion(details) + if errVersion != nil { + return depTreeResult, errVersion } err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.SwiftScanMinXrayVersion) if err != nil { diff --git a/tests/testdata/projects/package-managers/go/simple-project/go.mod b/tests/testdata/projects/package-managers/go/simple-project/go.mod index 309e9d79..36f447f8 100644 --- a/tests/testdata/projects/package-managers/go/simple-project/go.mod +++ b/tests/testdata/projects/package-managers/go/simple-project/go.mod @@ -5,5 +5,6 @@ go 1.20 require rsc.io/quote v1.5.2 require ( + golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c // indirect rsc.io/sampler v1.3.0 // indirect ) From dea60332327a40b2b70e1f9678de99dfd8550020 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 17 Dec 2024 13:15:16 +0200 Subject: [PATCH 094/111] swift audit fixes + small fix to cocoapods version --- .github/workflows/test.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 279932c4..cb43dadd 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -122,6 +122,9 @@ jobs: - name: Install Swift on Windows uses: compnerd/gha-setup-swift@main + with: + branch: swift-5.5-release + tag: 5.5-RELEASE if: ${{ matrix.os == 'windows' && matrix.suite.testFlags == '--test.audit.Swift' }} # Test From a8a45e5e2517a08bb8f86af4cec8bd4ca181ef65 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 17 Dec 2024 14:08:47 +0200 Subject: [PATCH 095/111] swift audit fixes + small fix to cocoapods version --- .github/workflows/test.yml | 14 +++++++------- commands/audit/sca/cocoapods/podcommand.go | 2 +- commands/audit/sca/swift/swiftcommand.go | 2 +- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index cb43dadd..885acd49 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -112,13 +112,13 @@ jobs: - name: Install and Setup Dependencies uses: ./.github/actions/install-and-setup - - name: Install Swift on Ubuntu - uses: swift-actions/setup-swift@v2 - if: ${{ matrix.os == 'ubuntu' && matrix.suite.testFlags == '--test.audit.Swift' }} - - - name: Install Swift on MacOS - run: brew install swift - if: ${{ matrix.os == 'macos' && matrix.suite.testFlags == '--test.audit.Swift' }} +# - name: Install Swift on Ubuntu +# uses: swift-actions/setup-swift@v2 +# if: ${{ matrix.os == 'ubuntu' && matrix.suite.testFlags == '--test.audit.Swift' }} +# +# - name: Install Swift on MacOS +# run: brew install swift +# if: ${{ matrix.os == 'macos' && matrix.suite.testFlags == '--test.audit.Swift' }} - name: Install Swift on Windows uses: compnerd/gha-setup-swift@main diff --git a/commands/audit/sca/cocoapods/podcommand.go b/commands/audit/sca/cocoapods/podcommand.go index 4a675d01..407df184 100644 --- a/commands/audit/sca/cocoapods/podcommand.go +++ b/commands/audit/sca/cocoapods/podcommand.go @@ -56,7 +56,7 @@ func runPodCmd(executablePath, srcPath string, podArgs []string) (stdResult []by err = fmt.Errorf("error while running '%s %s': %s\n%s", executablePath, strings.Join(args, " "), err.Error(), strings.TrimSpace(string(errResult))) return } - log.Debug("npm '" + strings.Join(args, " ") + "' standard output is:\n" + strings.TrimSpace(string(stdResult))) + log.Debug("cocoapods '" + strings.Join(args, " ") + "' standard output is:\n" + strings.TrimSpace(string(stdResult))) return } diff --git a/commands/audit/sca/swift/swiftcommand.go b/commands/audit/sca/swift/swiftcommand.go index 90f13908..e79f4a94 100644 --- a/commands/audit/sca/swift/swiftcommand.go +++ b/commands/audit/sca/swift/swiftcommand.go @@ -56,7 +56,7 @@ func runSwiftCmd(executablePath, srcPath string, swiftArgs []string) (stdResult, err = fmt.Errorf("error while running '%s %s': %s\n%s", executablePath, strings.Join(args, " "), err.Error(), strings.TrimSpace(string(errResult))) return } - log.Debug("npm '" + strings.Join(args, " ") + "' standard output is:\n" + strings.TrimSpace(string(stdResult))) + log.Debug("swift '" + strings.Join(args, " ") + "' standard output is:\n" + strings.TrimSpace(string(stdResult))) return } From f6619c5cf672e5a35bd41cb202cf6b7b3fedb931 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 17 Dec 2024 14:42:56 +0200 Subject: [PATCH 096/111] swift audit fixes + small fix to cocoapods version --- .github/workflows/test.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 885acd49..2ae8793f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -63,6 +63,13 @@ jobs: - name: Install and Setup Dependencies uses: ./.github/actions/install-and-setup + - name: Install Swift on Windows + uses: compnerd/gha-setup-swift@main + with: + branch: swift-5.5-release + tag: 5.5-RELEASE + if: ${{ matrix.os == 'windows'}} + # Test and generate code coverage - name: Run tests run: go test ${{ env.GO_COMMON_TEST_ARGS }} -cover -coverprofile=cover-unit-tests --test.unit From db5e0847e676363bf019b524db8f899d1fb369b9 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 17 Dec 2024 15:29:54 +0200 Subject: [PATCH 097/111] swift audit fixes + small fix to cocoapods version --- .github/workflows/test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2ae8793f..39e3a9b8 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -66,8 +66,8 @@ jobs: - name: Install Swift on Windows uses: compnerd/gha-setup-swift@main with: - branch: swift-5.5-release - tag: 5.5-RELEASE + branch: swift-5.9-release + tag: 5.9-RELEASE if: ${{ matrix.os == 'windows'}} # Test and generate code coverage From 6e0be7db06a4dcf407a9dc363f44d86c9b5f3012 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 17 Dec 2024 16:09:26 +0200 Subject: [PATCH 098/111] swift audit fixes + small fix to cocoapods version --- .github/workflows/test.yml | 30 +++++++++++++++++++----------- 1 file changed, 19 insertions(+), 11 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 39e3a9b8..a0c31fd8 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -63,11 +63,19 @@ jobs: - name: Install and Setup Dependencies uses: ./.github/actions/install-and-setup + - name: Install Swift on Ubuntu + uses: swift-actions/setup-swift@v2 + if: ${{ matrix.os == 'ubuntu'}} + + - name: Install Swift on MacOS + run: brew install swift + if: ${{ matrix.os == 'macos'}} + - name: Install Swift on Windows uses: compnerd/gha-setup-swift@main with: - branch: swift-5.9-release - tag: 5.9-RELEASE + branch: swift-6.1-release + tag: 6.1-RELEASE if: ${{ matrix.os == 'windows'}} # Test and generate code coverage @@ -119,19 +127,19 @@ jobs: - name: Install and Setup Dependencies uses: ./.github/actions/install-and-setup -# - name: Install Swift on Ubuntu -# uses: swift-actions/setup-swift@v2 -# if: ${{ matrix.os == 'ubuntu' && matrix.suite.testFlags == '--test.audit.Swift' }} -# -# - name: Install Swift on MacOS -# run: brew install swift -# if: ${{ matrix.os == 'macos' && matrix.suite.testFlags == '--test.audit.Swift' }} + - name: Install Swift on Ubuntu + uses: swift-actions/setup-swift@v2 + if: ${{ matrix.os == 'ubuntu' && matrix.suite.testFlags == '--test.audit.Swift' }} + + - name: Install Swift on MacOS + run: brew install swift + if: ${{ matrix.os == 'macos' && matrix.suite.testFlags == '--test.audit.Swift' }} - name: Install Swift on Windows uses: compnerd/gha-setup-swift@main with: - branch: swift-5.5-release - tag: 5.5-RELEASE + branch: swift-6.0-release + tag: 6.0-RELEASE if: ${{ matrix.os == 'windows' && matrix.suite.testFlags == '--test.audit.Swift' }} # Test From 765bd5dd102de2264b5b7f88b074bdb763b44659 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 17 Dec 2024 16:34:27 +0200 Subject: [PATCH 099/111] swift audit fixes + small fix to cocoapods version --- .github/workflows/test.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a0c31fd8..1f6a76ff 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -74,8 +74,8 @@ jobs: - name: Install Swift on Windows uses: compnerd/gha-setup-swift@main with: - branch: swift-6.1-release - tag: 6.1-RELEASE + branch: swift-6.0.2-release + tag: 6.0.2-RELEASE if: ${{ matrix.os == 'windows'}} # Test and generate code coverage @@ -138,8 +138,8 @@ jobs: - name: Install Swift on Windows uses: compnerd/gha-setup-swift@main with: - branch: swift-6.0-release - tag: 6.0-RELEASE + branch: swift-6.0.2-release + tag: 6.0.2-RELEASE if: ${{ matrix.os == 'windows' && matrix.suite.testFlags == '--test.audit.Swift' }} # Test From 985ff71bb3153ad07486f9620f3a3b9ddbb0ee10 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 17 Dec 2024 17:08:28 +0200 Subject: [PATCH 100/111] swift audit fixes + small fix to cocoapods version --- .github/actions/install-and-setup/action.yml | 16 +++++++++++ .github/workflows/test.yml | 30 -------------------- 2 files changed, 16 insertions(+), 30 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 31039dd9..00f974c2 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -12,6 +12,22 @@ runs: # - name: Setup Go with cache # uses: jfrog/.github/actions/install-go-with-cache@main + - name: Install Swift on Linux + uses: swift-actions/setup-swift@v2 + if: ${{ runner.os == 'Linux'}} + + - name: Install Swift on MacOS + run: brew install swift + shell: ${{ runner.os == 'macOS'}} + if: ${{ runner.os == 'macOS'}} + + - name: Install Swift on Windows + uses: compnerd/gha-setup-swift@main + with: + branch: swift-6.0.2-release + tag: 6.0.2-RELEASE + if: ${{ runner.os == 'Windows'}} + - name: install ruby uses: ruby/setup-ruby@v1 with: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 1f6a76ff..85db85e0 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -63,21 +63,6 @@ jobs: - name: Install and Setup Dependencies uses: ./.github/actions/install-and-setup - - name: Install Swift on Ubuntu - uses: swift-actions/setup-swift@v2 - if: ${{ matrix.os == 'ubuntu'}} - - - name: Install Swift on MacOS - run: brew install swift - if: ${{ matrix.os == 'macos'}} - - - name: Install Swift on Windows - uses: compnerd/gha-setup-swift@main - with: - branch: swift-6.0.2-release - tag: 6.0.2-RELEASE - if: ${{ matrix.os == 'windows'}} - # Test and generate code coverage - name: Run tests run: go test ${{ env.GO_COMMON_TEST_ARGS }} -cover -coverprofile=cover-unit-tests --test.unit @@ -127,21 +112,6 @@ jobs: - name: Install and Setup Dependencies uses: ./.github/actions/install-and-setup - - name: Install Swift on Ubuntu - uses: swift-actions/setup-swift@v2 - if: ${{ matrix.os == 'ubuntu' && matrix.suite.testFlags == '--test.audit.Swift' }} - - - name: Install Swift on MacOS - run: brew install swift - if: ${{ matrix.os == 'macos' && matrix.suite.testFlags == '--test.audit.Swift' }} - - - name: Install Swift on Windows - uses: compnerd/gha-setup-swift@main - with: - branch: swift-6.0.2-release - tag: 6.0.2-RELEASE - if: ${{ matrix.os == 'windows' && matrix.suite.testFlags == '--test.audit.Swift' }} - # Test - name: Run tests run: go test ${{ env.GO_COMMON_TEST_ARGS }} ${{ matrix.suite.testFlags }} From 177e178ca3e1190d4726cc45702c5b6fa8d49e39 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 17 Dec 2024 17:15:59 +0200 Subject: [PATCH 101/111] swift audit fixes + small fix to cocoapods version --- .github/actions/install-and-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 00f974c2..52b07cb0 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -18,7 +18,7 @@ runs: - name: Install Swift on MacOS run: brew install swift - shell: ${{ runner.os == 'macOS'}} + shell: ${{ runner.os == 'macOS' && 'sh' || 'bash' || 'pwsh' }} if: ${{ runner.os == 'macOS'}} - name: Install Swift on Windows From 4dd6e964c8f83510adeb466d1255cd77990bffa0 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 25 Dec 2024 16:22:05 +0200 Subject: [PATCH 102/111] swift audit fixes + small fix to cocoapods version --- .github/actions/install-and-setup/action.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 06e7b79b..02e2e720 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -21,12 +21,6 @@ runs: shell: ${{ runner.os == 'macOS' && 'sh' || 'bash' || 'pwsh' }} if: ${{ runner.os == 'macOS'}} - - name: Install Swift on Windows - uses: compnerd/gha-setup-swift@main - with: - branch: swift-6.0.2-release - tag: 6.0.2-RELEASE - if: ${{ runner.os == 'Windows'}} - name: install ruby uses: ruby/setup-ruby@v1 From 15af55d9ec93dcf6aefe586088bf786842ecb357 Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 25 Dec 2024 16:55:40 +0200 Subject: [PATCH 103/111] swift audit fixes + small fix to cocoapods version --- .github/actions/install-and-setup/action.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 02e2e720..06e7b79b 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -21,6 +21,12 @@ runs: shell: ${{ runner.os == 'macOS' && 'sh' || 'bash' || 'pwsh' }} if: ${{ runner.os == 'macOS'}} + - name: Install Swift on Windows + uses: compnerd/gha-setup-swift@main + with: + branch: swift-6.0.2-release + tag: 6.0.2-RELEASE + if: ${{ runner.os == 'Windows'}} - name: install ruby uses: ruby/setup-ruby@v1 From ef3e7e7e5213e49f0a8c79fdf79d9ec72470a02e Mon Sep 17 00:00:00 2001 From: barv Date: Wed, 25 Dec 2024 17:09:39 +0200 Subject: [PATCH 104/111] swift audit fixes + small fix to cocoapods version --- .github/actions/install-and-setup/action.yml | 32 ++++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/actions/install-and-setup/action.yml b/.github/actions/install-and-setup/action.yml index 06e7b79b..cb447fd9 100644 --- a/.github/actions/install-and-setup/action.yml +++ b/.github/actions/install-and-setup/action.yml @@ -12,22 +12,6 @@ runs: # - name: Setup Go with cache # uses: jfrog/.github/actions/install-go-with-cache@main - - name: Install Swift on Linux - uses: swift-actions/setup-swift@v2 - if: ${{ runner.os == 'Linux'}} - - - name: Install Swift on MacOS - run: brew install swift - shell: ${{ runner.os == 'macOS' && 'sh' || 'bash' || 'pwsh' }} - if: ${{ runner.os == 'macOS'}} - - - name: Install Swift on Windows - uses: compnerd/gha-setup-swift@main - with: - branch: swift-6.0.2-release - tag: 6.0.2-RELEASE - if: ${{ runner.os == 'Windows'}} - - name: install ruby uses: ruby/setup-ruby@v1 with: @@ -90,3 +74,19 @@ runs: python -m pip install conan conan profile detect shell: ${{ runner.os == 'Windows' && 'powershell' || 'bash' }} + + - name: Install Swift on Linux + uses: swift-actions/setup-swift@v2 + if: ${{ runner.os == 'Linux'}} + + - name: Install Swift on MacOS + run: brew install swift + shell: ${{ runner.os == 'macOS' && 'sh' || 'bash' || 'pwsh' }} + if: ${{ runner.os == 'macOS'}} + + - name: Install Swift on Windows + uses: compnerd/gha-setup-swift@main + with: + branch: swift-6.0.2-release + tag: 6.0.2-RELEASE + if: ${{ runner.os == 'Windows'}} From efb534bffd95e1d6e77ccc82eb9ca5f01566d9e1 Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 26 Dec 2024 13:40:28 +0200 Subject: [PATCH 105/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/cocoapods/podcommand.go | 2 +- commands/audit/sca/swift/swift.go | 57 +++++++++++++++---- commands/audit/sca/swift/swift_test.go | 8 +-- commands/audit/sca/swift/swiftcommand.go | 10 +--- commands/audit/scarunner.go | 18 +----- .../package-managers/go/simple-project/go.mod | 1 - utils/auditbasicparams.go | 1 + utils/techutils/techutils.go | 2 +- 8 files changed, 56 insertions(+), 43 deletions(-) diff --git a/commands/audit/sca/cocoapods/podcommand.go b/commands/audit/sca/cocoapods/podcommand.go index 407df184..cb7b0222 100644 --- a/commands/audit/sca/cocoapods/podcommand.go +++ b/commands/audit/sca/cocoapods/podcommand.go @@ -56,7 +56,7 @@ func runPodCmd(executablePath, srcPath string, podArgs []string) (stdResult []by err = fmt.Errorf("error while running '%s %s': %s\n%s", executablePath, strings.Join(args, " "), err.Error(), strings.TrimSpace(string(errResult))) return } - log.Debug("cocoapods '" + strings.Join(args, " ") + "' standard output is:\n" + strings.TrimSpace(string(stdResult))) + log.Debug(fmt.Sprintf("cocoapods '%s' standard output is:\n%s"), strings.Join(args, " "), strings.TrimSpace(string(stdResult))) return } diff --git a/commands/audit/sca/swift/swift.go b/commands/audit/sca/swift/swift.go index 46022811..d399c866 100644 --- a/commands/audit/sca/swift/swift.go +++ b/commands/audit/sca/swift/swift.go @@ -1,6 +1,7 @@ package swift import ( + "bufio" "encoding/json" "fmt" "github.com/jfrog/gofrog/datastructures" @@ -14,13 +15,13 @@ import ( "os" "path" "path/filepath" + "regexp" "strings" ) -// VersionForMainModule - We don't have information in swift on the current package, or main module, we only have information on its -// dependencies. - const ( + // VersionForMainModule - We don't have information in swift on the current package, or main module, we only have information on its + // dependencies. VersionForMainModule = "0.0.0" ) @@ -47,13 +48,13 @@ func GetTechDependencyLocation(directDependencyName, directDependencyVersion str foundDependency := false var tempIndex int for i, line := range lines { - foundDependency, tempIndex, startLine, startCol = parsePodLine(line, directDependencyName, directDependencyVersion, descriptorPath, i, tempIndex, startLine, startCol, lines, foundDependency, &swiftPositions) + foundDependency, tempIndex, startLine, startCol = parseSwiftLine(line, directDependencyName, directDependencyVersion, descriptorPath, i, tempIndex, startLine, startCol, lines, foundDependency, &swiftPositions) } } return swiftPositions, nil } -func parsePodLine(line, directDependencyName, directDependencyVersion, descriptorPath string, i, tempIndex, startLine, startCol int, lines []string, foundDependency bool, swiftPositions *[]*sarif.Location) (bool, int, int, int) { +func parseSwiftLine(line, directDependencyName, directDependencyVersion, descriptorPath string, i, tempIndex, startLine, startCol int, lines []string, foundDependency bool, swiftPositions *[]*sarif.Location) (bool, int, int, int) { if strings.Contains(line, directDependencyName) { startLine = i startCol = strings.Index(line, directDependencyName) @@ -130,17 +131,21 @@ func FixTechDependency(dependencyName, dependencyVersion, fixVersion string, des return nil } +func extractNameFromSwiftGitRepo(name string) string { + name = strings.TrimSuffix(name, ".git") + name = strings.TrimPrefix(name, "https://") + return name +} + func GetSwiftDependenciesGraph(data *Dependencies, dependencyMap map[string][]string, versionMap map[string]string) { - data.Name = strings.TrimSuffix(data.Name, ".git") - data.Name = strings.TrimPrefix(data.Name, "https://") + data.Name = extractNameFromSwiftGitRepo(data.Name) _, ok := dependencyMap[data.Name] if !ok { dependencyMap[data.Name] = []string{} versionMap[data.Name] = data.Version } for _, dependency := range data.Dependencies { - dependency.Name = strings.TrimSuffix(dependency.Name, ".git") - dependency.Name = strings.TrimPrefix(dependency.Name, "https://") + dependency.Name = extractNameFromSwiftGitRepo(dependency.Name) dependencyMap[data.Name] = append(dependencyMap[data.Name], dependency.Name) GetSwiftDependenciesGraph(dependency, dependencyMap, versionMap) } @@ -159,21 +164,49 @@ func GetDependenciesData(exePath, currentDir string) (*Dependencies, error) { return data, nil } +func getMainPackageName(currentDir string) (string, error) { + file, err := os.Open(path.Join(currentDir, "Package.swift")) + if err != nil { + fmt.Println("Error opening file:", err) + return "", err + } + defer file.Close() + + re := regexp.MustCompile(`name:\s*"([^"]+)"`) + scanner := bufio.NewScanner(file) + for scanner.Scan() { + line := scanner.Text() + matches := re.FindStringSubmatch(line) + if len(matches) > 1 { + return matches[1], nil + } + } + if err := scanner.Err(); err != nil { + return "", err + } + return "", nil +} + func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) { currentDir, err := coreutils.GetWorkingDirectory() if err != nil { return nil, nil, err } + packageName, err := getMainPackageName(currentDir) + if err != nil { + log.Warn("Failed to get package name from Package.swift file") + packageName = filepath.Base(currentDir) + } - packageName := filepath.Base(currentDir) packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule) - _, _, err = getSwiftVersionAndExecPath() + version, exePath, err := getSwiftVersionAndExecPath() if err != nil { err = fmt.Errorf("failed while retrieving swift path: %s", err.Error()) return } + log.Debug("Swift version: %s", version.GetVersion()) // Calculate pod dependencies - data, err := GetDependenciesData("swift", currentDir) + data, err := GetDependenciesData(exePath, currentDir) if err != nil { return nil, nil, err } diff --git a/commands/audit/sca/swift/swift_test.go b/commands/audit/sca/swift/swift_test.go index 3ca3a17a..0563d652 100644 --- a/commands/audit/sca/swift/swift_test.go +++ b/commands/audit/sca/swift/swift_test.go @@ -73,17 +73,17 @@ func TestGetTechDependencyLocation(t *testing.T) { assert.Contains(t, *locations[0].PhysicalLocation.Region.Snippet.Text, "github.com/apple/swift-algorithms\", from: \"1.2.0\"") } -func TestPodLineParse(t *testing.T) { +func TestSwiftLineParse(t *testing.T) { var swiftPositions []*sarif.Location - foundDependency, _, startLine, startCol := parsePodLine(".package(url: \"https://github.com/apple/swift-algorithms\", from: \"1.2.0\")", "github.com/apple/swift-algorithms", "1.2.0", "test", 0, 0, 0, 0, []string{".package(url: \"https://github.com/apple/swift-algorithms\", from: \"1.2.0\")"}, false, &swiftPositions) + foundDependency, _, startLine, startCol := parseSwiftLine(".package(url: \"https://github.com/apple/swift-algorithms\", from: \"1.2.0\")", "github.com/apple/swift-algorithms", "1.2.0", "test", 0, 0, 0, 0, []string{".package(url: \"https://github.com/apple/swift-algorithms\", from: \"1.2.0\")"}, false, &swiftPositions) assert.Equal(t, foundDependency, false) assert.Equal(t, startLine, 0) assert.Equal(t, startCol, 23) } -func TestPodLineParseFoundOnlyDependencyName(t *testing.T) { +func TestSwiftLineParseFoundOnlyDependencyName(t *testing.T) { var swiftPositions []*sarif.Location - foundDependency, _, startLine, startCol := parsePodLine(".package(url: \"https://github.com/apple/swift-algorithms\", from: \"1.2.0\")", "github.com/apple/swift-algorithms", "6.2.4", "test", 0, 0, 0, 0, []string{".package(url: \"https://github.com/apple/swift-algorithms\", from: \"1.2.0\")"}, false, &swiftPositions) + foundDependency, _, startLine, startCol := parseSwiftLine(".package(url: \"https://github.com/apple/swift-algorithms\", from: \"1.2.0\")", "github.com/apple/swift-algorithms", "6.2.4", "test", 0, 0, 0, 0, []string{".package(url: \"https://github.com/apple/swift-algorithms\", from: \"1.2.0\")"}, false, &swiftPositions) assert.Equal(t, foundDependency, true) assert.Equal(t, startLine, 0) assert.Equal(t, startCol, 23) diff --git a/commands/audit/sca/swift/swiftcommand.go b/commands/audit/sca/swift/swiftcommand.go index e79f4a94..ed32f019 100644 --- a/commands/audit/sca/swift/swiftcommand.go +++ b/commands/audit/sca/swift/swiftcommand.go @@ -4,7 +4,6 @@ import ( "bytes" "fmt" "github.com/jfrog/gofrog/version" - "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" "github.com/jfrog/jfrog-client-go/utils/errorutils" "github.com/jfrog/jfrog-client-go/utils/log" "os/exec" @@ -28,8 +27,8 @@ func getSwiftVersionAndExecPath() (*version.Version, string, error) { return nil, "", fmt.Errorf("could not find the 'swift' executable in the system PATH %w", err) } log.Debug("Using swift executable:", swiftExecPath) - versionData, stdErr, err := runSwiftCmd(swiftExecPath, "", []string{"--version"}) - if err != nil || stdErr != nil { + versionData, _, err := runSwiftCmd(swiftExecPath, "", []string{"--version"}) + if err != nil { return nil, "", err } return version.NewVersion(strings.TrimSpace(string(versionData))), swiftExecPath, nil @@ -71,10 +70,5 @@ func (sc *SwiftCommand) PreparePrerequisites() error { return errorutils.CheckErrorf( "JFrog CLI swift %s command requires swift client version %s or higher. The Current version is: %s", sc.cmdName, minSupportedSwiftVersion, sc.swiftVersion.GetVersion()) } - sc.workingDirectory, err = coreutils.GetWorkingDirectory() - if err != nil { - return err - } - log.Debug("Working directory set to:", sc.workingDirectory) return nil } diff --git a/commands/audit/scarunner.go b/commands/audit/scarunner.go index 45d6512e..b24e36a1 100644 --- a/commands/audit/scarunner.go +++ b/commands/audit/scarunner.go @@ -257,28 +257,14 @@ func GetTechDependencyTree(params xrayutils.AuditParams, artifactoryServerDetail case techutils.Nuget: depTreeResult.FullDepTrees, uniqueDeps, err = nuget.BuildDependencyTree(params) case techutils.Cocoapods: - details, errParams := params.ServerDetails() - if errParams != nil { - return depTreeResult, errParams - } - _, xrayVersion, errVersion := xray.CreateXrayServiceManagerAndGetVersion(details) - if errVersion != nil { - return depTreeResult, errVersion - } + xrayVersion := params.GetXrayVersion() err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.CocoapodsScanMinXrayVersion) if err != nil { return depTreeResult, fmt.Errorf("your xray version %s does not allow cocoapods scanning", xrayVersion) } depTreeResult.FullDepTrees, uniqueDeps, err = cocoapods.BuildDependencyTree(params) case techutils.Swift: - details, errParams := params.ServerDetails() - if errParams != nil { - return depTreeResult, errParams - } - _, xrayVersion, errVersion := xray.CreateXrayServiceManagerAndGetVersion(details) - if errVersion != nil { - return depTreeResult, errVersion - } + xrayVersion := params.GetXrayVersion() err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.SwiftScanMinXrayVersion) if err != nil { return depTreeResult, fmt.Errorf("your xray version %s does not allow swift scanning", xrayVersion) diff --git a/tests/testdata/projects/package-managers/go/simple-project/go.mod b/tests/testdata/projects/package-managers/go/simple-project/go.mod index 36f447f8..309e9d79 100644 --- a/tests/testdata/projects/package-managers/go/simple-project/go.mod +++ b/tests/testdata/projects/package-managers/go/simple-project/go.mod @@ -5,6 +5,5 @@ go 1.20 require rsc.io/quote v1.5.2 require ( - golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c // indirect rsc.io/sampler v1.3.0 // indirect ) diff --git a/utils/auditbasicparams.go b/utils/auditbasicparams.go index 57d11b78..ddc04d78 100644 --- a/utils/auditbasicparams.go +++ b/utils/auditbasicparams.go @@ -44,6 +44,7 @@ type AuditParams interface { IsRecursiveScan() bool SkipAutoInstall() bool AllowPartialResults() bool + GetXrayVersion() string } type AuditBasicParams struct { diff --git a/utils/techutils/techutils.go b/utils/techutils/techutils.go index e4d25b36..549df5c1 100644 --- a/utils/techutils/techutils.go +++ b/utils/techutils/techutils.go @@ -211,7 +211,7 @@ var technologiesData = map[Technology]TechData{ Swift: { indicators: []string{"Package.swift", "Package.resolved"}, packageDescriptors: []string{"Package.swift", "Package.resolved"}, - formal: "swift", + formal: "Swift", packageTypeId: "swift://", }, } From d32b4280a81674a82aecf946813fedf0b879d955 Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 26 Dec 2024 13:47:21 +0200 Subject: [PATCH 106/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/cocoapods/podcommand.go | 2 +- commands/audit/sca/swift/swiftcommand.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/commands/audit/sca/cocoapods/podcommand.go b/commands/audit/sca/cocoapods/podcommand.go index cb7b0222..a11ed68c 100644 --- a/commands/audit/sca/cocoapods/podcommand.go +++ b/commands/audit/sca/cocoapods/podcommand.go @@ -56,7 +56,7 @@ func runPodCmd(executablePath, srcPath string, podArgs []string) (stdResult []by err = fmt.Errorf("error while running '%s %s': %s\n%s", executablePath, strings.Join(args, " "), err.Error(), strings.TrimSpace(string(errResult))) return } - log.Debug(fmt.Sprintf("cocoapods '%s' standard output is:\n%s"), strings.Join(args, " "), strings.TrimSpace(string(stdResult))) + log.Debug(fmt.Sprintf("cocoapods '%s' standard output is:\n%s", strings.Join(args, " "), strings.TrimSpace(string(stdResult)))) return } diff --git a/commands/audit/sca/swift/swiftcommand.go b/commands/audit/sca/swift/swiftcommand.go index ed32f019..5ecc6cfe 100644 --- a/commands/audit/sca/swift/swiftcommand.go +++ b/commands/audit/sca/swift/swiftcommand.go @@ -55,7 +55,7 @@ func runSwiftCmd(executablePath, srcPath string, swiftArgs []string) (stdResult, err = fmt.Errorf("error while running '%s %s': %s\n%s", executablePath, strings.Join(args, " "), err.Error(), strings.TrimSpace(string(errResult))) return } - log.Debug("swift '" + strings.Join(args, " ") + "' standard output is:\n" + strings.TrimSpace(string(stdResult))) + log.Debug(fmt.Sprintf("swift '%s' standard output is:\n%s", strings.Join(args, " "), strings.TrimSpace(string(stdResult)))) return } From ebf9f43098ec8e05a7265a304d711560cdd657fe Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 26 Dec 2024 13:53:07 +0200 Subject: [PATCH 107/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/swift/swiftcommand.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/commands/audit/sca/swift/swiftcommand.go b/commands/audit/sca/swift/swiftcommand.go index 5ecc6cfe..13867f5d 100644 --- a/commands/audit/sca/swift/swiftcommand.go +++ b/commands/audit/sca/swift/swiftcommand.go @@ -27,14 +27,14 @@ func getSwiftVersionAndExecPath() (*version.Version, string, error) { return nil, "", fmt.Errorf("could not find the 'swift' executable in the system PATH %w", err) } log.Debug("Using swift executable:", swiftExecPath) - versionData, _, err := runSwiftCmd(swiftExecPath, "", []string{"--version"}) + versionData, err := runSwiftCmd(swiftExecPath, "", []string{"--version"}) if err != nil { return nil, "", err } return version.NewVersion(strings.TrimSpace(string(versionData))), swiftExecPath, nil } -func runSwiftCmd(executablePath, srcPath string, swiftArgs []string) (stdResult, errResult []byte, err error) { +func runSwiftCmd(executablePath, srcPath string, swiftArgs []string) (stdResult []byte, err error) { args := make([]string, 0) for i := 0; i < len(swiftArgs); i++ { if strings.TrimSpace(swiftArgs[i]) != "" { @@ -49,7 +49,7 @@ func runSwiftCmd(executablePath, srcPath string, swiftArgs []string) (stdResult, errBuffer := bytes.NewBuffer([]byte{}) command.Stderr = errBuffer err = command.Run() - errResult = errBuffer.Bytes() + errResult := errBuffer.Bytes() stdResult = outBuffer.Bytes() if err != nil { err = fmt.Errorf("error while running '%s %s': %s\n%s", executablePath, strings.Join(args, " "), err.Error(), strings.TrimSpace(string(errResult))) From 4c1a13722932dc0561f3127accc1d122d7bdb61c Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 26 Dec 2024 13:55:32 +0200 Subject: [PATCH 108/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/swift/swift.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/commands/audit/sca/swift/swift.go b/commands/audit/sca/swift/swift.go index d399c866..f419935b 100644 --- a/commands/audit/sca/swift/swift.go +++ b/commands/audit/sca/swift/swift.go @@ -152,7 +152,7 @@ func GetSwiftDependenciesGraph(data *Dependencies, dependencyMap map[string][]st } func GetDependenciesData(exePath, currentDir string) (*Dependencies, error) { - result, _, err := runSwiftCmd(exePath, currentDir, []string{"package", "show-dependencies", "--format", "json"}) + result, err := runSwiftCmd(exePath, currentDir, []string{"package", "show-dependencies", "--format", "json"}) if err != nil { return nil, err } From 493ca8e20149ca562c0f0a90c14a665f2ce75cf7 Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 26 Dec 2024 13:58:29 +0200 Subject: [PATCH 109/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/swift/swiftcommand.go | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/commands/audit/sca/swift/swiftcommand.go b/commands/audit/sca/swift/swiftcommand.go index 13867f5d..f9e0181b 100644 --- a/commands/audit/sca/swift/swiftcommand.go +++ b/commands/audit/sca/swift/swiftcommand.go @@ -15,10 +15,9 @@ const ( ) type SwiftCommand struct { - cmdName string - swiftVersion *version.Version - workingDirectory string - executablePath string + cmdName string + swiftVersion *version.Version + executablePath string } func getSwiftVersionAndExecPath() (*version.Version, string, error) { From 03768031aaff692348bf186b6cd8f6f8c6871590 Mon Sep 17 00:00:00 2001 From: barv Date: Thu, 26 Dec 2024 14:34:08 +0200 Subject: [PATCH 110/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/swift/swift.go | 4 ++-- commands/audit/sca/swift/swift_test.go | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/commands/audit/sca/swift/swift.go b/commands/audit/sca/swift/swift.go index f419935b..2b6e3f69 100644 --- a/commands/audit/sca/swift/swift.go +++ b/commands/audit/sca/swift/swift.go @@ -164,7 +164,7 @@ func GetDependenciesData(exePath, currentDir string) (*Dependencies, error) { return data, nil } -func getMainPackageName(currentDir string) (string, error) { +func GetMainPackageName(currentDir string) (string, error) { file, err := os.Open(path.Join(currentDir, "Package.swift")) if err != nil { fmt.Println("Error opening file:", err) @@ -192,7 +192,7 @@ func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils. if err != nil { return nil, nil, err } - packageName, err := getMainPackageName(currentDir) + packageName, err := GetMainPackageName(currentDir) if err != nil { log.Warn("Failed to get package name from Package.swift file") packageName = filepath.Base(currentDir) diff --git a/commands/audit/sca/swift/swift_test.go b/commands/audit/sca/swift/swift_test.go index 0563d652..2eebeddb 100644 --- a/commands/audit/sca/swift/swift_test.go +++ b/commands/audit/sca/swift/swift_test.go @@ -30,7 +30,8 @@ func TestBuildSwiftDependencyList(t *testing.T) { } currentDir, err := coreutils.GetWorkingDirectory() assert.NoError(t, err) - packageName := filepath.Base(currentDir) + packageName, err := GetMainPackageName(currentDir) + assert.NoError(t, err) packageInfo := fmt.Sprintf("%s:%s", packageName, VersionForMainModule) expectedUniqueDeps := []string{ techutils.Swift.GetPackageTypeId() + "github.com/apple/swift-algorithms:1.2.0", From d96b5564956a053bc7e62693bba925e4484b0552 Mon Sep 17 00:00:00 2001 From: barv Date: Tue, 31 Dec 2024 16:09:33 +0200 Subject: [PATCH 111/111] swift audit fixes + small fix to cocoapods version --- commands/audit/sca/swift/swift.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/commands/audit/sca/swift/swift.go b/commands/audit/sca/swift/swift.go index 2b6e3f69..08cf1ee1 100644 --- a/commands/audit/sca/swift/swift.go +++ b/commands/audit/sca/swift/swift.go @@ -131,21 +131,23 @@ func FixTechDependency(dependencyName, dependencyVersion, fixVersion string, des return nil } -func extractNameFromSwiftGitRepo(name string) string { +func extractNameFromSwiftRepo(name string) string { name = strings.TrimSuffix(name, ".git") name = strings.TrimPrefix(name, "https://") + name = strings.TrimPrefix(name, "http://") + name = strings.TrimPrefix(name, "sso://") return name } func GetSwiftDependenciesGraph(data *Dependencies, dependencyMap map[string][]string, versionMap map[string]string) { - data.Name = extractNameFromSwiftGitRepo(data.Name) + data.Name = extractNameFromSwiftRepo(data.Name) _, ok := dependencyMap[data.Name] if !ok { dependencyMap[data.Name] = []string{} versionMap[data.Name] = data.Version } for _, dependency := range data.Dependencies { - dependency.Name = extractNameFromSwiftGitRepo(dependency.Name) + dependency.Name = extractNameFromSwiftRepo(dependency.Name) dependencyMap[data.Name] = append(dependencyMap[data.Name], dependency.Name) GetSwiftDependenciesGraph(dependency, dependencyMap, versionMap) }