Hotfix/ldap conn #325
Merged
Hotfix/ldap conn #325
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nathanmartinszup
requested review from
igorreiszup,
lucasbrunozup,
nathannascimentozup and
wiliansilvazup
as code owners
wiliansilvazup
approved these changes
Feb 9, 2021
wiliansilvazup
added a commit
that referenced
this pull request
Feb 9, 2021
* Develop (#316) * Frontend - MomentJS replacement with date-fns (#211) * Added package of date-fns * Removing moment of packagejson and replace all ocurrences in the code * Feature/grpc health check (#213) * Adding auth grpc health check * Adding client grpc services health check and improving middleware logs * Register grpc health check server * Adding grpc health check and unity tests * Update and refactor config of CLI (#214) * Update and refactor config of CLI * Update name * Update hash horusec-config.json * Adding config to configure tools (#217) * Adding config to configure tools * Fix fmt lint and tests * Fix fmt lint and tests * Fix fmt lint and tests * Fix * Adding tests * Adding tests * Fix * Add tests on parse viper data to struct * Update horusec-cli/config/.example-horusec-cli-new.json Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Fix config tests Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Get viper file config path and setup on command start initialize (#219) * Get viper file config path and setup on command start initialize * Fix config name * Fix tests and lint * Master (#226) * Develop (#224) * Frontend - MomentJS replacement with date-fns (#211) * Added package of date-fns * Removing moment of packagejson and replace all ocurrences in the code * Feature/grpc health check (#213) * Adding auth grpc health check * Adding client grpc services health check and improving middleware logs * Register grpc health check server * Adding grpc health check and unity tests * Update and refactor config of CLI (#214) * Update and refactor config of CLI * Update name * Update hash horusec-config.json * Adding config to configure tools (#217) * Adding config to configure tools * Fix fmt lint and tests * Fix fmt lint and tests * Fix fmt lint and tests * Fix * Adding tests * Adding tests * Fix * Add tests on parse viper data to struct * Update horusec-cli/config/.example-horusec-cli-new.json Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Fix config tests Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Get viper file config path and setup on command start initialize (#219) * Get viper file config path and setup on command start initialize * Fix config name * Fix tests and lint Co-authored-by: Lucas Bruno <69604366+lucasbrunozup@users.noreply.github.com> Co-authored-by: nathanmartinszup <63246935+nathanmartinszup@users.noreply.github.com> Co-authored-by: Wilian Gabriel <63816070+wiliansilvazup@users.noreply.github.com> * [skip ci] update versioning file (#225) Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> Co-authored-by: Lucas Bruno <69604366+lucasbrunozup@users.noreply.github.com> Co-authored-by: nathanmartinszup <63246935+nathanmartinszup@users.noreply.github.com> * Frontend workspaces flow (#218) * Change the routes in home to internal, and remove organization flow * Adjusting flow of login and add Workspace context * Added select workspace in side menu * Added list to all workspaces * Rename organization to workspace * Added modal to create new workspace * Rename 'user' to 'member' and adjusting styles in modal of create workspace * Added option to delete a workspace, and remove the Company Context * Added edit option to workspaces * Adjusting formatHumanDate and clear input when create new workspace * Added option to manager tokens of workspace * Added option to handler users of worspace * Alter template of email to workspace * Removing old screen of Users * Fix bug when update company to description empty not update Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> * Feature/dynamic vulnerabilities (#215) * Removing docker from horusec clis * Improving cli formatters * Improving horusec rules code * Adding engine analises calls in formatters * Fixing unity tests * Updating coverage * Fixing pipeline errors * Fixing error in hash generation * Adding possibility to run horusec without docker * Updating formatters service mock * Adding custom rules option in horusec cli * Adding cli custom rules unity tests * Adding how to add custom rules * Updating docs * Fixing cli unity tests * Updating coverage cli * Updating flags cli * Fixing pipeline * Fixing config file * Updating config hashes * Updating docs and improving code * Fixing lint * Updating pipeline * Adding repository name when repository name flag is empty (#228) * Adding repository name when repository name flag is empty * Improving code * Fixing pipeline * Improvements in workspace (#229) * Change the routes in home to internal, and remove organization flow * Adjusting flow of login and add Workspace context * Added select workspace in side menu * Added list to all workspaces * Rename organization to workspace * Added modal to create new workspace * Rename 'user' to 'member' and adjusting styles in modal of create workspace * Added option to delete a workspace, and remove the Company Context * Added edit option to workspaces * Adjusting formatHumanDate and clear input when create new workspace * Added option to manager tokens of workspace * Added option to handler users of worspace * Alter template of email to workspace * Removing old screen of Users * Fix bug when update company to description empty not update * Added warning flash message and fix when no have a repository * Added empty message of counters Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> * Alter localhost to 127.0.0.1 and add Linkify in vulnerabilities details (#231) * Updating how to (#232) * Update e2e tests and remove examples zips to root directory (#220) * Adding e2e tests in windows, macos, linux images * Adding e2e tests in windows, macos, linux images * Fiz unzip to usage in others operational systems * Fiz unzip to usage in others operational systems * Change e2e to usage binary * Test e2e * Test e2e and move examples to root directory * Test e2e * Test e2e * Test e2e * test e2e * Fix tests * Fix tests * Fix tests * Fix pipeline * Fix pipeline * Fix tests * Remove README * Fix fmt lint * Fix tets * Update horusec-config * Merge with master * Feature/information severity (#240) * Adding cli flag to enable and disable information vulnerabilities * Adding I flag * Removing info vulnerabilities when flag is not set * Fixing some errors * Updating readme * [WIP]Feature/ldap-logs (#239) * Adding ldap logs * Updating horusec config * Adding filter log ldap * Update deploy-service.yml (#245) * Revert "Update deploy-service.yml (#245)" (#247) This reverts commit 9210157. * Bugfix/fix generics bugs (#236) * Merge branch 'master' of github.com:ZupIT/horusec into develop * Fixing semgrep parsing error * Update main * Fixing when tool is to ignore set tool finished * Fixing .git ignore and java commit authors * Fixing unity tests * Adding logic to split files into leaks analysis * Fix formatter of leaks * Fix gomod and gosum Co-authored-by: nathan <nathan.martins@zup.com.br> * Remove unnecessary logs * Fix version and get config file * Fixing disabled docker error (#249) * Improvements (#254) * Adding improvements on logs with level * Remove CLI enum of devkit * Move use cases from devkit to specific micro services * Replace name of generate sha256 hash * Remove unused utils from devkit and move enums to specific microservices * Fix lint * Fix security * Fix coverage * Fix coverage * Fix security * Added input to select a fixed period or custom range (#255) Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> * [skip ci] update versioning file (#260) * Feature/ldap (#252) * Fixing disabled docker error * Updating ldap to save user groups in jwt token * Updating ldap version * Adding possibility of custom fields in group search * Fixing lint and tests * Fix fmt lint * Updating docs * Fixing pipeline errors Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> * [skip ci] update versioning file * Feature/removing sensitive logs (#261) * Fixing disabled docker error * Removing sensitive log from http requests * Bugfix/ldap (#262) * Fixing disabled docker error * Fixing some ldap errors * Bugfix/ldap (#265) * Fixing disabled docker error * Fixing some ldap errors * Updating composes and auth env variables * Feature/microsoft ldap (#271) * Fixing disabled docker error * Improving ldap service * Removing to lower * Adding group search by member dn * Updating composes and user filter env var * Updating false positives * Updating composes * Fixing ldap errors * Fixing lint and tests * Hidden invite user of repositories and workspace when authType is Ldap (#274) Co-authored-by: Lucas Bruno <69604366+lucasbrunozup@users.noreply.github.com> * Dart (#266) * Start dart structure * Start dart structure * Fix pipeline * Update cli to run horusec dart * Update languages in horusec-cli to horusec-api * Adding some rules in dart for logs, cripto and xss * Fix fmt lint * Fix fmt lint * Adding more rules of dart * Fix fmt lint test * Update e2e * Adding rules of shell, xxe, origins, week cripto * Fix fmt litn * Fix regex wrong * Update docs * Fix coverage * Add dart language in the frontend charts colors * Fix fmt lint and merge with develop Co-authored-by: lucas.bruno <lucas.bruno@zup.com.br> * [WIP]Bugfix/ldap search by member (#277) * Fixing disabled docker error * Removing member of and replacing with search by member in group * Improving variable names * Feature/improvements cli (#279) * Adding warn log when info is disabled and update engines to run max units by analysis * Adding const values for engine usage Co-authored-by: Nathan Tavares Nascimento <nathan.nascimento@zup.com.br> * Feature/updating docs (#278) * Fixing disabled docker error * Removing ldap group log * Updating ldap docs * Feature/ldap list (#284) * Fixing disabled docker error * Removing ldap group log * Improving account app config and removing config data from request context, improving company list to support ldap * Updating repository list to get by ldap groups * Fixing unity testes * Fixing unity unit tests and lint errors * Adding account depends on auth in composes * Adding port on compose * Adding validation to admin ldap group, now its needed to by a valid one * Improving ldap error messsage * Adding validation to update with ldap * Add message in the manager for invalid ldap group * Fixing some errors * Fixing unity tests * Added messa ldap group error in eng language Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> Co-authored-by: lucas.bruno <lucas.bruno@zup.com.br> * Dashboard load data from the beginning (#285) * Adjusting filters to load dashboard with the from the beginning data * Fixing test in analytic * [skip ci] update versioning file * Feature/improving formatters (#287) * Fixing disabled docker error * Removing ldap group log * Improving npm and yarn formatters * Adding shell support (#288) * Adding shell support * Fix fmt and lint * Fix tests * Update shell script to prevent vulnerabilities and errors * Update README.md (#291) * Added elixir and shell colors in languages of dashboard (#294) * Hotfix/backend urls (#293) * Updating account routers * Updating analytic routers * Updating auth routers * Updating messages routers * Updating webhook routers * Updating front end account service * Updating front end analytic service * Updating front end company service * Updating front end repository service * Updating front end webhook service * Fixing front-end lint * Fixing endpoint error * Fixing tests * Fixing tests * Fixing tests * Fixing e2e tests * Fixing tokens url * Fixing e2e tests Co-authored-by: nathanmartinszup <nathan.martins@zup.com.br> * [skip ci] update versioning file * Feature/elixir (#289) * Fixing disabled docker error * Removing ldap group log * Adding elixir mix audit tool * Adding missing license * Adding mixaudit unity tests * Fixing docs * Adding elixir sobelow formatter * Fixing unity tests * Adding validation to not phoenix application * Fixing some errors * Adding license * Fixing some merge errors * Fixing unity tests * Fixing error when invalid output * Updating develop with master (#310) * Adding ldap health check (#303) * Adding ldap health check * Adding functions arguments * Fixing tests * Fixing mock * Fixing typo * Fixing lint * Improving ldap Check fn * Updating ldap check * Improving ldap health check * Adding auth ldap health check test * Changing ldap check to follow the others health check patterns * Fixing pipeline errors Co-authored-by: nathanmartinszup <nathan.martins@zup.com.br> * Adding repository authz groups from company (#309) * Adding repository authz groups from company * Improving code * Fixing lint problem Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Feature/elixir example (#308) * Fixing disabled docker error * Removing ldap group log * Adding elixir example and e2e * Fixing e2e test * Bugfix/ldap lists (#301) * Fixing disabled docker error * Removing ldap group log * Changing ldap groups to array * Updating swagger with the new routes * Fixing lint and code errors * Fixing error in workspace roles when ldap * Updating repositories list when ldap * Improving queries to list companies and repositories * Sqlite3 dont suport text array type * Adding missing account tests * Fixing unity tests * Fixing tests * Fixing unity tests * Fixing tests * Updating coverage * Fixing error in list repositories * WIP: Updating workspace groups * Fixing lint problems * Fixing ldap groups in workspace * Added ldap gorups for repository * Adjusting margin in workspace input ldap group * Fixing pipelines * Fixing pipelines * Fixing pipeline error * Fixing pipeline error * Fixing pipelines * Fixing pipeline e2e errors Co-authored-by: Nathan Tavares Nascimento <nathan.nascimento@zup.com.br> Co-authored-by: lucas.bruno <lucas.bruno@zup.com.br> * Bugfix/develop bugs (#313) * Fixing disabled docker error * Removing ldap group log * Fixing errors in migrations * Bugfix/develop bugs (#314) * Fixing disabled docker error * Removing ldap group log * Fixing errors in migrations * Fixing error in elixir analisis validation when sent to the server * Fix bind ports * Update docs * Update docs Co-authored-by: Lucas Bruno <69604366+lucasbrunozup@users.noreply.github.com> Co-authored-by: nathanmartinszup <63246935+nathanmartinszup@users.noreply.github.com> Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> Co-authored-by: nathan <nathan.martins@zup.com.br> Co-authored-by: lucas.bruno <lucas.bruno@zup.com.br> Co-authored-by: Nathan Tavares Nascimento <nathan.nascimento@zup.com.br> * Develop (#317) * Frontend - MomentJS replacement with date-fns (#211) * Added package of date-fns * Removing moment of packagejson and replace all ocurrences in the code * Feature/grpc health check (#213) * Adding auth grpc health check * Adding client grpc services health check and improving middleware logs * Register grpc health check server * Adding grpc health check and unity tests * Update and refactor config of CLI (#214) * Update and refactor config of CLI * Update name * Update hash horusec-config.json * Adding config to configure tools (#217) * Adding config to configure tools * Fix fmt lint and tests * Fix fmt lint and tests * Fix fmt lint and tests * Fix * Adding tests * Adding tests * Fix * Add tests on parse viper data to struct * Update horusec-cli/config/.example-horusec-cli-new.json Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Fix config tests Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Get viper file config path and setup on command start initialize (#219) * Get viper file config path and setup on command start initialize * Fix config name * Fix tests and lint * Master (#226) * Develop (#224) * Frontend - MomentJS replacement with date-fns (#211) * Added package of date-fns * Removing moment of packagejson and replace all ocurrences in the code * Feature/grpc health check (#213) * Adding auth grpc health check * Adding client grpc services health check and improving middleware logs * Register grpc health check server * Adding grpc health check and unity tests * Update and refactor config of CLI (#214) * Update and refactor config of CLI * Update name * Update hash horusec-config.json * Adding config to configure tools (#217) * Adding config to configure tools * Fix fmt lint and tests * Fix fmt lint and tests * Fix fmt lint and tests * Fix * Adding tests * Adding tests * Fix * Add tests on parse viper data to struct * Update horusec-cli/config/.example-horusec-cli-new.json Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Fix config tests Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Get viper file config path and setup on command start initialize (#219) * Get viper file config path and setup on command start initialize * Fix config name * Fix tests and lint Co-authored-by: Lucas Bruno <69604366+lucasbrunozup@users.noreply.github.com> Co-authored-by: nathanmartinszup <63246935+nathanmartinszup@users.noreply.github.com> Co-authored-by: Wilian Gabriel <63816070+wiliansilvazup@users.noreply.github.com> * [skip ci] update versioning file (#225) Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> Co-authored-by: Lucas Bruno <69604366+lucasbrunozup@users.noreply.github.com> Co-authored-by: nathanmartinszup <63246935+nathanmartinszup@users.noreply.github.com> * Frontend workspaces flow (#218) * Change the routes in home to internal, and remove organization flow * Adjusting flow of login and add Workspace context * Added select workspace in side menu * Added list to all workspaces * Rename organization to workspace * Added modal to create new workspace * Rename 'user' to 'member' and adjusting styles in modal of create workspace * Added option to delete a workspace, and remove the Company Context * Added edit option to workspaces * Adjusting formatHumanDate and clear input when create new workspace * Added option to manager tokens of workspace * Added option to handler users of worspace * Alter template of email to workspace * Removing old screen of Users * Fix bug when update company to description empty not update Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> * Feature/dynamic vulnerabilities (#215) * Removing docker from horusec clis * Improving cli formatters * Improving horusec rules code * Adding engine analises calls in formatters * Fixing unity tests * Updating coverage * Fixing pipeline errors * Fixing error in hash generation * Adding possibility to run horusec without docker * Updating formatters service mock * Adding custom rules option in horusec cli * Adding cli custom rules unity tests * Adding how to add custom rules * Updating docs * Fixing cli unity tests * Updating coverage cli * Updating flags cli * Fixing pipeline * Fixing config file * Updating config hashes * Updating docs and improving code * Fixing lint * Updating pipeline * Adding repository name when repository name flag is empty (#228) * Adding repository name when repository name flag is empty * Improving code * Fixing pipeline * Improvements in workspace (#229) * Change the routes in home to internal, and remove organization flow * Adjusting flow of login and add Workspace context * Added select workspace in side menu * Added list to all workspaces * Rename organization to workspace * Added modal to create new workspace * Rename 'user' to 'member' and adjusting styles in modal of create workspace * Added option to delete a workspace, and remove the Company Context * Added edit option to workspaces * Adjusting formatHumanDate and clear input when create new workspace * Added option to manager tokens of workspace * Added option to handler users of worspace * Alter template of email to workspace * Removing old screen of Users * Fix bug when update company to description empty not update * Added warning flash message and fix when no have a repository * Added empty message of counters Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> * Alter localhost to 127.0.0.1 and add Linkify in vulnerabilities details (#231) * Updating how to (#232) * Update e2e tests and remove examples zips to root directory (#220) * Adding e2e tests in windows, macos, linux images * Adding e2e tests in windows, macos, linux images * Fiz unzip to usage in others operational systems * Fiz unzip to usage in others operational systems * Change e2e to usage binary * Test e2e * Test e2e and move examples to root directory * Test e2e * Test e2e * Test e2e * test e2e * Fix tests * Fix tests * Fix tests * Fix pipeline * Fix pipeline * Fix tests * Remove README * Fix fmt lint * Fix tets * Update horusec-config * Merge with master * Feature/information severity (#240) * Adding cli flag to enable and disable information vulnerabilities * Adding I flag * Removing info vulnerabilities when flag is not set * Fixing some errors * Updating readme * [WIP]Feature/ldap-logs (#239) * Adding ldap logs * Updating horusec config * Adding filter log ldap * Update deploy-service.yml (#245) * Revert "Update deploy-service.yml (#245)" (#247) This reverts commit 9210157. * Bugfix/fix generics bugs (#236) * Merge branch 'master' of github.com:ZupIT/horusec into develop * Fixing semgrep parsing error * Update main * Fixing when tool is to ignore set tool finished * Fixing .git ignore and java commit authors * Fixing unity tests * Adding logic to split files into leaks analysis * Fix formatter of leaks * Fix gomod and gosum Co-authored-by: nathan <nathan.martins@zup.com.br> * Remove unnecessary logs * Fix version and get config file * Fixing disabled docker error (#249) * Improvements (#254) * Adding improvements on logs with level * Remove CLI enum of devkit * Move use cases from devkit to specific micro services * Replace name of generate sha256 hash * Remove unused utils from devkit and move enums to specific microservices * Fix lint * Fix security * Fix coverage * Fix coverage * Fix security * Added input to select a fixed period or custom range (#255) Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> * [skip ci] update versioning file (#260) * Feature/ldap (#252) * Fixing disabled docker error * Updating ldap to save user groups in jwt token * Updating ldap version * Adding possibility of custom fields in group search * Fixing lint and tests * Fix fmt lint * Updating docs * Fixing pipeline errors Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> * [skip ci] update versioning file * Feature/removing sensitive logs (#261) * Fixing disabled docker error * Removing sensitive log from http requests * Bugfix/ldap (#262) * Fixing disabled docker error * Fixing some ldap errors * Bugfix/ldap (#265) * Fixing disabled docker error * Fixing some ldap errors * Updating composes and auth env variables * Feature/microsoft ldap (#271) * Fixing disabled docker error * Improving ldap service * Removing to lower * Adding group search by member dn * Updating composes and user filter env var * Updating false positives * Updating composes * Fixing ldap errors * Fixing lint and tests * Hidden invite user of repositories and workspace when authType is Ldap (#274) Co-authored-by: Lucas Bruno <69604366+lucasbrunozup@users.noreply.github.com> * Dart (#266) * Start dart structure * Start dart structure * Fix pipeline * Update cli to run horusec dart * Update languages in horusec-cli to horusec-api * Adding some rules in dart for logs, cripto and xss * Fix fmt lint * Fix fmt lint * Adding more rules of dart * Fix fmt lint test * Update e2e * Adding rules of shell, xxe, origins, week cripto * Fix fmt litn * Fix regex wrong * Update docs * Fix coverage * Add dart language in the frontend charts colors * Fix fmt lint and merge with develop Co-authored-by: lucas.bruno <lucas.bruno@zup.com.br> * [WIP]Bugfix/ldap search by member (#277) * Fixing disabled docker error * Removing member of and replacing with search by member in group * Improving variable names * Feature/improvements cli (#279) * Adding warn log when info is disabled and update engines to run max units by analysis * Adding const values for engine usage Co-authored-by: Nathan Tavares Nascimento <nathan.nascimento@zup.com.br> * Feature/updating docs (#278) * Fixing disabled docker error * Removing ldap group log * Updating ldap docs * Feature/ldap list (#284) * Fixing disabled docker error * Removing ldap group log * Improving account app config and removing config data from request context, improving company list to support ldap * Updating repository list to get by ldap groups * Fixing unity testes * Fixing unity unit tests and lint errors * Adding account depends on auth in composes * Adding port on compose * Adding validation to admin ldap group, now its needed to by a valid one * Improving ldap error messsage * Adding validation to update with ldap * Add message in the manager for invalid ldap group * Fixing some errors * Fixing unity tests * Added messa ldap group error in eng language Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> Co-authored-by: lucas.bruno <lucas.bruno@zup.com.br> * Dashboard load data from the beginning (#285) * Adjusting filters to load dashboard with the from the beginning data * Fixing test in analytic * [skip ci] update versioning file * Feature/improving formatters (#287) * Fixing disabled docker error * Removing ldap group log * Improving npm and yarn formatters * Adding shell support (#288) * Adding shell support * Fix fmt and lint * Fix tests * Update shell script to prevent vulnerabilities and errors * Update README.md (#291) * Added elixir and shell colors in languages of dashboard (#294) * Hotfix/backend urls (#293) * Updating account routers * Updating analytic routers * Updating auth routers * Updating messages routers * Updating webhook routers * Updating front end account service * Updating front end analytic service * Updating front end company service * Updating front end repository service * Updating front end webhook service * Fixing front-end lint * Fixing endpoint error * Fixing tests * Fixing tests * Fixing tests * Fixing e2e tests * Fixing tokens url * Fixing e2e tests Co-authored-by: nathanmartinszup <nathan.martins@zup.com.br> * [skip ci] update versioning file * Feature/elixir (#289) * Fixing disabled docker error * Removing ldap group log * Adding elixir mix audit tool * Adding missing license * Adding mixaudit unity tests * Fixing docs * Adding elixir sobelow formatter * Fixing unity tests * Adding validation to not phoenix application * Fixing some errors * Adding license * Fixing some merge errors * Fixing unity tests * Fixing error when invalid output * Updating develop with master (#310) * Adding ldap health check (#303) * Adding ldap health check * Adding functions arguments * Fixing tests * Fixing mock * Fixing typo * Fixing lint * Improving ldap Check fn * Updating ldap check * Improving ldap health check * Adding auth ldap health check test * Changing ldap check to follow the others health check patterns * Fixing pipeline errors Co-authored-by: nathanmartinszup <nathan.martins@zup.com.br> * Adding repository authz groups from company (#309) * Adding repository authz groups from company * Improving code * Fixing lint problem Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Feature/elixir example (#308) * Fixing disabled docker error * Removing ldap group log * Adding elixir example and e2e * Fixing e2e test * Bugfix/ldap lists (#301) * Fixing disabled docker error * Removing ldap group log * Changing ldap groups to array * Updating swagger with the new routes * Fixing lint and code errors * Fixing error in workspace roles when ldap * Updating repositories list when ldap * Improving queries to list companies and repositories * Sqlite3 dont suport text array type * Adding missing account tests * Fixing unity tests * Fixing tests * Fixing unity tests * Fixing tests * Updating coverage * Fixing error in list repositories * WIP: Updating workspace groups * Fixing lint problems * Fixing ldap groups in workspace * Added ldap gorups for repository * Adjusting margin in workspace input ldap group * Fixing pipelines * Fixing pipelines * Fixing pipeline error * Fixing pipeline error * Fixing pipelines * Fixing pipeline e2e errors Co-authored-by: Nathan Tavares Nascimento <nathan.nascimento@zup.com.br> Co-authored-by: lucas.bruno <lucas.bruno@zup.com.br> * Bugfix/develop bugs (#313) * Fixing disabled docker error * Removing ldap group log * Fixing errors in migrations * Bugfix/develop bugs (#314) * Fixing disabled docker error * Removing ldap group log * Fixing errors in migrations * Fixing error in elixir analisis validation when sent to the server * Fix bind ports * Update docs * Update docs * Fix develop Co-authored-by: Lucas Bruno <69604366+lucasbrunozup@users.noreply.github.com> Co-authored-by: nathanmartinszup <63246935+nathanmartinszup@users.noreply.github.com> Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> Co-authored-by: nathan <nathan.martins@zup.com.br> Co-authored-by: lucas.bruno <lucas.bruno@zup.com.br> Co-authored-by: Nathan Tavares Nascimento <nathan.nascimento@zup.com.br> * Develop (#318) * Frontend - MomentJS replacement with date-fns (#211) * Added package of date-fns * Removing moment of packagejson and replace all ocurrences in the code * Feature/grpc health check (#213) * Adding auth grpc health check * Adding client grpc services health check and improving middleware logs * Register grpc health check server * Adding grpc health check and unity tests * Update and refactor config of CLI (#214) * Update and refactor config of CLI * Update name * Update hash horusec-config.json * Adding config to configure tools (#217) * Adding config to configure tools * Fix fmt lint and tests * Fix fmt lint and tests * Fix fmt lint and tests * Fix * Adding tests * Adding tests * Fix * Add tests on parse viper data to struct * Update horusec-cli/config/.example-horusec-cli-new.json Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Fix config tests Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Get viper file config path and setup on command start initialize (#219) * Get viper file config path and setup on command start initialize * Fix config name * Fix tests and lint * Master (#226) * Develop (#224) * Frontend - MomentJS replacement with date-fns (#211) * Added package of date-fns * Removing moment of packagejson and replace all ocurrences in the code * Feature/grpc health check (#213) * Adding auth grpc health check * Adding client grpc services health check and improving middleware logs * Register grpc health check server * Adding grpc health check and unity tests * Update and refactor config of CLI (#214) * Update and refactor config of CLI * Update name * Update hash horusec-config.json * Adding config to configure tools (#217) * Adding config to configure tools * Fix fmt lint and tests * Fix fmt lint and tests * Fix fmt lint and tests * Fix * Adding tests * Adding tests * Fix * Add tests on parse viper data to struct * Update horusec-cli/config/.example-horusec-cli-new.json Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Fix config tests Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Get viper file config path and setup on command start initialize (#219) * Get viper file config path and setup on command start initialize * Fix config name * Fix tests and lint Co-authored-by: Lucas Bruno <69604366+lucasbrunozup@users.noreply.github.com> Co-authored-by: nathanmartinszup <63246935+nathanmartinszup@users.noreply.github.com> Co-authored-by: Wilian Gabriel <63816070+wiliansilvazup@users.noreply.github.com> * [skip ci] update versioning file (#225) Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> Co-authored-by: Lucas Bruno <69604366+lucasbrunozup@users.noreply.github.com> Co-authored-by: nathanmartinszup <63246935+nathanmartinszup@users.noreply.github.com> * Frontend workspaces flow (#218) * Change the routes in home to internal, and remove organization flow * Adjusting flow of login and add Workspace context * Added select workspace in side menu * Added list to all workspaces * Rename organization to workspace * Added modal to create new workspace * Rename 'user' to 'member' and adjusting styles in modal of create workspace * Added option to delete a workspace, and remove the Company Context * Added edit option to workspaces * Adjusting formatHumanDate and clear input when create new workspace * Added option to manager tokens of workspace * Added option to handler users of worspace * Alter template of email to workspace * Removing old screen of Users * Fix bug when update company to description empty not update Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> * Feature/dynamic vulnerabilities (#215) * Removing docker from horusec clis * Improving cli formatters * Improving horusec rules code * Adding engine analises calls in formatters * Fixing unity tests * Updating coverage * Fixing pipeline errors * Fixing error in hash generation * Adding possibility to run horusec without docker * Updating formatters service mock * Adding custom rules option in horusec cli * Adding cli custom rules unity tests * Adding how to add custom rules * Updating docs * Fixing cli unity tests * Updating coverage cli * Updating flags cli * Fixing pipeline * Fixing config file * Updating config hashes * Updating docs and improving code * Fixing lint * Updating pipeline * Adding repository name when repository name flag is empty (#228) * Adding repository name when repository name flag is empty * Improving code * Fixing pipeline * Improvements in workspace (#229) * Change the routes in home to internal, and remove organization flow * Adjusting flow of login and add Workspace context * Added select workspace in side menu * Added list to all workspaces * Rename organization to workspace * Added modal to create new workspace * Rename 'user' to 'member' and adjusting styles in modal of create workspace * Added option to delete a workspace, and remove the Company Context * Added edit option to workspaces * Adjusting formatHumanDate and clear input when create new workspace * Added option to manager tokens of workspace * Added option to handler users of worspace * Alter template of email to workspace * Removing old screen of Users * Fix bug when update company to description empty not update * Added warning flash message and fix when no have a repository * Added empty message of counters Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> * Alter localhost to 127.0.0.1 and add Linkify in vulnerabilities details (#231) * Updating how to (#232) * Update e2e tests and remove examples zips to root directory (#220) * Adding e2e tests in windows, macos, linux images * Adding e2e tests in windows, macos, linux images * Fiz unzip to usage in others operational systems * Fiz unzip to usage in others operational systems * Change e2e to usage binary * Test e2e * Test e2e and move examples to root directory * Test e2e * Test e2e * Test e2e * test e2e * Fix tests * Fix tests * Fix tests * Fix pipeline * Fix pipeline * Fix tests * Remove README * Fix fmt lint * Fix tets * Update horusec-config * Merge with master * Feature/information severity (#240) * Adding cli flag to enable and disable information vulnerabilities * Adding I flag * Removing info vulnerabilities when flag is not set * Fixing some errors * Updating readme * [WIP]Feature/ldap-logs (#239) * Adding ldap logs * Updating horusec config * Adding filter log ldap * Update deploy-service.yml (#245) * Revert "Update deploy-service.yml (#245)" (#247) This reverts commit 9210157. * Bugfix/fix generics bugs (#236) * Merge branch 'master' of github.com:ZupIT/horusec into develop * Fixing semgrep parsing error * Update main * Fixing when tool is to ignore set tool finished * Fixing .git ignore and java commit authors * Fixing unity tests * Adding logic to split files into leaks analysis * Fix formatter of leaks * Fix gomod and gosum Co-authored-by: nathan <nathan.martins@zup.com.br> * Remove unnecessary logs * Fix version and get config file * Fixing disabled docker error (#249) * Improvements (#254) * Adding improvements on logs with level * Remove CLI enum of devkit * Move use cases from devkit to specific micro services * Replace name of generate sha256 hash * Remove unused utils from devkit and move enums to specific microservices * Fix lint * Fix security * Fix coverage * Fix coverage * Fix security * Added input to select a fixed period or custom range (#255) Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> * [skip ci] update versioning file (#260) * Feature/ldap (#252) * Fixing disabled docker error * Updating ldap to save user groups in jwt token * Updating ldap version * Adding possibility of custom fields in group search * Fixing lint and tests * Fix fmt lint * Updating docs * Fixing pipeline errors Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> * [skip ci] update versioning file * Feature/removing sensitive logs (#261) * Fixing disabled docker error * Removing sensitive log from http requests * Bugfix/ldap (#262) * Fixing disabled docker error * Fixing some ldap errors * Bugfix/ldap (#265) * Fixing disabled docker error * Fixing some ldap errors * Updating composes and auth env variables * Feature/microsoft ldap (#271) * Fixing disabled docker error * Improving ldap service * Removing to lower * Adding group search by member dn * Updating composes and user filter env var * Updating false positives * Updating composes * Fixing ldap errors * Fixing lint and tests * Hidden invite user of repositories and workspace when authType is Ldap (#274) Co-authored-by: Lucas Bruno <69604366+lucasbrunozup@users.noreply.github.com> * Dart (#266) * Start dart structure * Start dart structure * Fix pipeline * Update cli to run horusec dart * Update languages in horusec-cli to horusec-api * Adding some rules in dart for logs, cripto and xss * Fix fmt lint * Fix fmt lint * Adding more rules of dart * Fix fmt lint test * Update e2e * Adding rules of shell, xxe, origins, week cripto * Fix fmt litn * Fix regex wrong * Update docs * Fix coverage * Add dart language in the frontend charts colors * Fix fmt lint and merge with develop Co-authored-by: lucas.bruno <lucas.bruno@zup.com.br> * [WIP]Bugfix/ldap search by member (#277) * Fixing disabled docker error * Removing member of and replacing with search by member in group * Improving variable names * Feature/improvements cli (#279) * Adding warn log when info is disabled and update engines to run max units by analysis * Adding const values for engine usage Co-authored-by: Nathan Tavares Nascimento <nathan.nascimento@zup.com.br> * Feature/updating docs (#278) * Fixing disabled docker error * Removing ldap group log * Updating ldap docs * Feature/ldap list (#284) * Fixing disabled docker error * Removing ldap group log * Improving account app config and removing config data from request context, improving company list to support ldap * Updating repository list to get by ldap groups * Fixing unity testes * Fixing unity unit tests and lint errors * Adding account depends on auth in composes * Adding port on compose * Adding validation to admin ldap group, now its needed to by a valid one * Improving ldap error messsage * Adding validation to update with ldap * Add message in the manager for invalid ldap group * Fixing some errors * Fixing unity tests * Added messa ldap group error in eng language Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> Co-authored-by: lucas.bruno <lucas.bruno@zup.com.br> * Dashboard load data from the beginning (#285) * Adjusting filters to load dashboard with the from the beginning data * Fixing test in analytic * [skip ci] update versioning file * Feature/improving formatters (#287) * Fixing disabled docker error * Removing ldap group log * Improving npm and yarn formatters * Adding shell support (#288) * Adding shell support * Fix fmt and lint * Fix tests * Update shell script to prevent vulnerabilities and errors * Update README.md (#291) * Added elixir and shell colors in languages of dashboard (#294) * Hotfix/backend urls (#293) * Updating account routers * Updating analytic routers * Updating auth routers * Updating messages routers * Updating webhook routers * Updating front end account service * Updating front end analytic service * Updating front end company service * Updating front end repository service * Updating front end webhook service * Fixing front-end lint * Fixing endpoint error * Fixing tests * Fixing tests * Fixing tests * Fixing e2e tests * Fixing tokens url * Fixing e2e tests Co-authored-by: nathanmartinszup <nathan.martins@zup.com.br> * [skip ci] update versioning file * Feature/elixir (#289) * Fixing disabled docker error * Removing ldap group log * Adding elixir mix audit tool * Adding missing license * Adding mixaudit unity tests * Fixing docs * Adding elixir sobelow formatter * Fixing unity tests * Adding validation to not phoenix application * Fixing some errors * Adding license * Fixing some merge errors * Fixing unity tests * Fixing error when invalid output * Updating develop with master (#310) * Adding ldap health check (#303) * Adding ldap health check * Adding functions arguments * Fixing tests * Fixing mock * Fixing typo * Fixing lint * Improving ldap Check fn * Updating ldap check * Improving ldap health check * Adding auth ldap health check test * Changing ldap check to follow the others health check patterns * Fixing pipeline errors Co-authored-by: nathanmartinszup <nathan.martins@zup.com.br> * Adding repository authz groups from company (#309) * Adding repository authz groups from company * Improving code * Fixing lint problem Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> * Feature/elixir example (#308) * Fixing disabled docker error * Removing ldap group log * Adding elixir example and e2e * Fixing e2e test * Bugfix/ldap lists (#301) * Fixing disabled docker error * Removing ldap group log * Changing ldap groups to array * Updating swagger with the new routes * Fixing lint and code errors * Fixing error in workspace roles when ldap * Updating repositories list when ldap * Improving queries to list companies and repositories * Sqlite3 dont suport text array type * Adding missing account tests * Fixing unity tests * Fixing tests * Fixing unity tests * Fixing tests * Updating coverage * Fixing error in list repositories * WIP: Updating workspace groups * Fixing lint problems * Fixing ldap groups in workspace * Added ldap gorups for repository * Adjusting margin in workspace input ldap group * Fixing pipelines * Fixing pipelines * Fixing pipeline error * Fixing pipeline error * Fixing pipelines * Fixing pipeline e2e errors Co-authored-by: Nathan Tavares Nascimento <nathan.nascimento@zup.com.br> Co-authored-by: lucas.bruno <lucas.bruno@zup.com.br> * Bugfix/develop bugs (#313) * Fixing disabled docker error * Removing ldap group log * Fixing errors in migrations * Bugfix/develop bugs (#314) * Fixing disabled docker error * Removing ldap group log * Fixing errors in migrations * Fixing error in elixir analisis validation when sent to the server * Fix bind ports * Update docs * Update docs * Fix develop Co-authored-by: Lucas Bruno <69604366+lucasbrunozup@users.noreply.github.com> Co-authored-by: nathanmartinszup <63246935+nathanmartinszup@users.noreply.github.com> Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> Co-authored-by: nathan <nathan.martins@zup.com.br> Co-authored-by: lucas.bruno <lucas.bruno@zup.com.br> Co-authored-by: Nathan Tavares Nascimento <nathan.nascimento@zup.com.br> * Fixing error in lists (#320) * Fixing error in lists * [skip ci] update versioning file Co-authored-by: Wilian Gabriel <wilian.silva@zup.com.br> * Closing ldap connection after using it (#323) * Hotfix/list images (#326) * Fixing error that docker was aways downloading images * Fixing unit tests * Fixing pipeline * Hotfix/ldap conn (#325) * Closing ldap connection after using it * Updating semver version Co-authored-by: Lucas Bruno <69604366+lucasbrunozup@users.noreply.github.com> Co-authored-by: nathanmartinszup <63246935+nathanmartinszup@users.noreply.github.com> Co-authored-by: nathannascimentozup <65020170+nathannascimentozup@users.noreply.github.com> Co-authored-by: nathan <nathan.martins@zup.com.br> Co-authored-by: lucas.bruno <lucas.bruno@zup.com.br> Co-authored-by: Nathan Tavares Nascimento <nathan.nascimento@zup.com.br>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
- What I did
- How to verify it
- Description for the changelog