From 636cb54c295c9dd2f6622898e4c8d1d68108bd80 Mon Sep 17 00:00:00 2001 From: soupette Date: Wed, 5 Dec 2018 15:42:58 +0100 Subject: [PATCH 1/8] Add snyk --- .snyk | 9 +++++++++ .travis.yml | 7 ++++--- package.json | 7 ++++--- packages/strapi-admin/.snyk | 9 +++++++++ packages/strapi-generate-admin/.snyk | 9 +++++++++ packages/strapi-generate-api/.snyk | 9 +++++++++ packages/strapi-generate-controller/.snyk | 9 +++++++++ packages/strapi-generate-model/.snyk | 9 +++++++++ packages/strapi-generate-new/.snyk | 9 +++++++++ packages/strapi-generate-plugin/.snyk | 9 +++++++++ packages/strapi-generate-policy/.snyk | 9 +++++++++ packages/strapi-generate-service/.snyk | 9 +++++++++ packages/strapi-generate/.snyk | 9 +++++++++ packages/strapi-helper-plugin/.snyk | 9 +++++++++ packages/strapi-hook-bookshelf/.snyk | 9 +++++++++ packages/strapi-hook-ejs/.snyk | 9 +++++++++ packages/strapi-hook-knex/.snyk | 9 +++++++++ packages/strapi-hook-mongoose/.snyk | 9 +++++++++ packages/strapi-hook-redis/.snyk | 9 +++++++++ packages/strapi-lint/.snyk | 9 +++++++++ packages/strapi-middleware-views/.snyk | 9 +++++++++ packages/strapi-plugin-content-manager/.snyk | 9 +++++++++ packages/strapi-plugin-content-type-builder/.snyk | 9 +++++++++ packages/strapi-plugin-email/.snyk | 9 +++++++++ packages/strapi-plugin-graphql/.snyk | 9 +++++++++ packages/strapi-plugin-settings-manager/.snyk | 9 +++++++++ packages/strapi-plugin-upload/.snyk | 9 +++++++++ packages/strapi-plugin-users-permissions/.snyk | 9 +++++++++ packages/strapi-provider-email-amazon-ses/.snyk | 9 +++++++++ packages/strapi-provider-email-mailgun/.snyk | 9 +++++++++ packages/strapi-provider-email-sendgrid/.snyk | 9 +++++++++ packages/strapi-provider-email-sendmail/.snyk | 9 +++++++++ packages/strapi-provider-upload-aws-s3/.snyk | 9 +++++++++ packages/strapi-provider-upload-cloudinary/.snyk | 9 +++++++++ packages/strapi-provider-upload-local/.snyk | 9 +++++++++ packages/strapi-provider-upload-rackspace/.snyk | 9 +++++++++ packages/strapi-utils/.snyk | 9 +++++++++ packages/strapi/.snyk | 9 +++++++++ 38 files changed, 332 insertions(+), 6 deletions(-) create mode 100644 .snyk create mode 100644 packages/strapi-admin/.snyk create mode 100644 packages/strapi-generate-admin/.snyk create mode 100644 packages/strapi-generate-api/.snyk create mode 100644 packages/strapi-generate-controller/.snyk create mode 100644 packages/strapi-generate-model/.snyk create mode 100644 packages/strapi-generate-new/.snyk create mode 100644 packages/strapi-generate-plugin/.snyk create mode 100644 packages/strapi-generate-policy/.snyk create mode 100644 packages/strapi-generate-service/.snyk create mode 100644 packages/strapi-generate/.snyk create mode 100644 packages/strapi-helper-plugin/.snyk create mode 100644 packages/strapi-hook-bookshelf/.snyk create mode 100644 packages/strapi-hook-ejs/.snyk create mode 100644 packages/strapi-hook-knex/.snyk create mode 100644 packages/strapi-hook-mongoose/.snyk create mode 100644 packages/strapi-hook-redis/.snyk create mode 100644 packages/strapi-lint/.snyk create mode 100644 packages/strapi-middleware-views/.snyk create mode 100644 packages/strapi-plugin-content-manager/.snyk create mode 100644 packages/strapi-plugin-content-type-builder/.snyk create mode 100644 packages/strapi-plugin-email/.snyk create mode 100644 packages/strapi-plugin-graphql/.snyk create mode 100644 packages/strapi-plugin-settings-manager/.snyk create mode 100644 packages/strapi-plugin-upload/.snyk create mode 100644 packages/strapi-plugin-users-permissions/.snyk create mode 100644 packages/strapi-provider-email-amazon-ses/.snyk create mode 100644 packages/strapi-provider-email-mailgun/.snyk create mode 100644 packages/strapi-provider-email-sendgrid/.snyk create mode 100644 packages/strapi-provider-email-sendmail/.snyk create mode 100644 packages/strapi-provider-upload-aws-s3/.snyk create mode 100644 packages/strapi-provider-upload-cloudinary/.snyk create mode 100644 packages/strapi-provider-upload-local/.snyk create mode 100644 packages/strapi-provider-upload-rackspace/.snyk create mode 100644 packages/strapi-utils/.snyk create mode 100644 packages/strapi/.snyk diff --git a/.snyk b/.snyk new file mode 100644 index 0000000000..53dce9cd02 --- /dev/null +++ b/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:31:33.160Z +patch: {} diff --git a/.travis.yml b/.travis.yml index b07a232a92..25c154a348 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,8 +6,8 @@ git: language: node_js node_js: - - "10" - - "11" + - '10' + - '11' before_install: - export CHROME_BIN=chromium-browser @@ -24,7 +24,8 @@ install: script: - npm run lint - npm run doc + - snyk monitor --org=strapi cache: directories: - - "node_modules" + - 'node_modules' diff --git a/package.json b/package.json index a028eece9c..f9c3bbfca8 100644 --- a/package.json +++ b/package.json @@ -20,7 +20,8 @@ "redux-saga": "^0.14.3", "request": "^2.87.0", "shelljs": "^0.7.7", - "strapi-lint": "file:packages/strapi-lint" + "strapi-lint": "file:packages/strapi-lint", + "snyk": "^1.99.0" }, "scripts": { "clean": "npm run removesymlinkdependencies && npx rimraf package-lock.json && npx rimraf packages/*/package-lock.json", @@ -32,7 +33,7 @@ "setup:build": "npm run setup --build", "setup": "npm run clean:all && npm install ./packages/strapi-lint --save-dev && npm install && node ./scripts/setup.js && npm run clean", "lint": "node ./scripts/lint.js", - "test": "node ./test/start.js", + "test": "snyk test && node ./test/start.js", "prettier": "node ./packages/strapi-lint/lib/internals/prettier/index.js" }, "author": { @@ -63,4 +64,4 @@ "npm": ">= 6.0.0" }, "license": "MIT" -} +} \ No newline at end of file diff --git a/packages/strapi-admin/.snyk b/packages/strapi-admin/.snyk new file mode 100644 index 0000000000..d99912cc72 --- /dev/null +++ b/packages/strapi-admin/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:35:17.133Z +patch: {} diff --git a/packages/strapi-generate-admin/.snyk b/packages/strapi-generate-admin/.snyk new file mode 100644 index 0000000000..ee7046f779 --- /dev/null +++ b/packages/strapi-generate-admin/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:35:52.618Z +patch: {} diff --git a/packages/strapi-generate-api/.snyk b/packages/strapi-generate-api/.snyk new file mode 100644 index 0000000000..dad193f2df --- /dev/null +++ b/packages/strapi-generate-api/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:35:54.864Z +patch: {} diff --git a/packages/strapi-generate-controller/.snyk b/packages/strapi-generate-controller/.snyk new file mode 100644 index 0000000000..21c1b06e09 --- /dev/null +++ b/packages/strapi-generate-controller/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:35:57.351Z +patch: {} diff --git a/packages/strapi-generate-model/.snyk b/packages/strapi-generate-model/.snyk new file mode 100644 index 0000000000..c9ec6ce334 --- /dev/null +++ b/packages/strapi-generate-model/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:35:59.679Z +patch: {} diff --git a/packages/strapi-generate-new/.snyk b/packages/strapi-generate-new/.snyk new file mode 100644 index 0000000000..0e901f8c30 --- /dev/null +++ b/packages/strapi-generate-new/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:36:04.222Z +patch: {} diff --git a/packages/strapi-generate-plugin/.snyk b/packages/strapi-generate-plugin/.snyk new file mode 100644 index 0000000000..49d166c9c1 --- /dev/null +++ b/packages/strapi-generate-plugin/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:36:06.569Z +patch: {} diff --git a/packages/strapi-generate-policy/.snyk b/packages/strapi-generate-policy/.snyk new file mode 100644 index 0000000000..2d38b73373 --- /dev/null +++ b/packages/strapi-generate-policy/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:36:09.263Z +patch: {} diff --git a/packages/strapi-generate-service/.snyk b/packages/strapi-generate-service/.snyk new file mode 100644 index 0000000000..7aca8c3f35 --- /dev/null +++ b/packages/strapi-generate-service/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:36:25.992Z +patch: {} diff --git a/packages/strapi-generate/.snyk b/packages/strapi-generate/.snyk new file mode 100644 index 0000000000..537461afdd --- /dev/null +++ b/packages/strapi-generate/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:35:22.585Z +patch: {} diff --git a/packages/strapi-helper-plugin/.snyk b/packages/strapi-helper-plugin/.snyk new file mode 100644 index 0000000000..15b8e3c858 --- /dev/null +++ b/packages/strapi-helper-plugin/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:36:48.647Z +patch: {} diff --git a/packages/strapi-hook-bookshelf/.snyk b/packages/strapi-hook-bookshelf/.snyk new file mode 100644 index 0000000000..53f9b4f914 --- /dev/null +++ b/packages/strapi-hook-bookshelf/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:36:51.201Z +patch: {} diff --git a/packages/strapi-hook-ejs/.snyk b/packages/strapi-hook-ejs/.snyk new file mode 100644 index 0000000000..9533cec6d0 --- /dev/null +++ b/packages/strapi-hook-ejs/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:36:53.294Z +patch: {} diff --git a/packages/strapi-hook-knex/.snyk b/packages/strapi-hook-knex/.snyk new file mode 100644 index 0000000000..d526029e9f --- /dev/null +++ b/packages/strapi-hook-knex/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:36:55.758Z +patch: {} diff --git a/packages/strapi-hook-mongoose/.snyk b/packages/strapi-hook-mongoose/.snyk new file mode 100644 index 0000000000..47e55e291f --- /dev/null +++ b/packages/strapi-hook-mongoose/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:36:58.340Z +patch: {} diff --git a/packages/strapi-hook-redis/.snyk b/packages/strapi-hook-redis/.snyk new file mode 100644 index 0000000000..880819208e --- /dev/null +++ b/packages/strapi-hook-redis/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:37:00.449Z +patch: {} diff --git a/packages/strapi-lint/.snyk b/packages/strapi-lint/.snyk new file mode 100644 index 0000000000..741d97951c --- /dev/null +++ b/packages/strapi-lint/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:37:04.113Z +patch: {} diff --git a/packages/strapi-middleware-views/.snyk b/packages/strapi-middleware-views/.snyk new file mode 100644 index 0000000000..a268d0835a --- /dev/null +++ b/packages/strapi-middleware-views/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:37:06.512Z +patch: {} diff --git a/packages/strapi-plugin-content-manager/.snyk b/packages/strapi-plugin-content-manager/.snyk new file mode 100644 index 0000000000..e7e33db6fa --- /dev/null +++ b/packages/strapi-plugin-content-manager/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:37:14.459Z +patch: {} diff --git a/packages/strapi-plugin-content-type-builder/.snyk b/packages/strapi-plugin-content-type-builder/.snyk new file mode 100644 index 0000000000..f641f8acac --- /dev/null +++ b/packages/strapi-plugin-content-type-builder/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:37:23.290Z +patch: {} diff --git a/packages/strapi-plugin-email/.snyk b/packages/strapi-plugin-email/.snyk new file mode 100644 index 0000000000..6fb568a3b5 --- /dev/null +++ b/packages/strapi-plugin-email/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:37:31.383Z +patch: {} diff --git a/packages/strapi-plugin-graphql/.snyk b/packages/strapi-plugin-graphql/.snyk new file mode 100644 index 0000000000..4137324225 --- /dev/null +++ b/packages/strapi-plugin-graphql/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:37:34.495Z +patch: {} diff --git a/packages/strapi-plugin-settings-manager/.snyk b/packages/strapi-plugin-settings-manager/.snyk new file mode 100644 index 0000000000..95befbce52 --- /dev/null +++ b/packages/strapi-plugin-settings-manager/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:37:42.177Z +patch: {} diff --git a/packages/strapi-plugin-upload/.snyk b/packages/strapi-plugin-upload/.snyk new file mode 100644 index 0000000000..f6953bae79 --- /dev/null +++ b/packages/strapi-plugin-upload/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:37:50.220Z +patch: {} diff --git a/packages/strapi-plugin-users-permissions/.snyk b/packages/strapi-plugin-users-permissions/.snyk new file mode 100644 index 0000000000..5cc28626db --- /dev/null +++ b/packages/strapi-plugin-users-permissions/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:37:58.353Z +patch: {} diff --git a/packages/strapi-provider-email-amazon-ses/.snyk b/packages/strapi-provider-email-amazon-ses/.snyk new file mode 100644 index 0000000000..bab8358b27 --- /dev/null +++ b/packages/strapi-provider-email-amazon-ses/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:38:00.833Z +patch: {} diff --git a/packages/strapi-provider-email-mailgun/.snyk b/packages/strapi-provider-email-mailgun/.snyk new file mode 100644 index 0000000000..b657cfcad7 --- /dev/null +++ b/packages/strapi-provider-email-mailgun/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:38:03.075Z +patch: {} diff --git a/packages/strapi-provider-email-sendgrid/.snyk b/packages/strapi-provider-email-sendgrid/.snyk new file mode 100644 index 0000000000..bcff2a0bfc --- /dev/null +++ b/packages/strapi-provider-email-sendgrid/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:38:05.425Z +patch: {} diff --git a/packages/strapi-provider-email-sendmail/.snyk b/packages/strapi-provider-email-sendmail/.snyk new file mode 100644 index 0000000000..184fc5d1b5 --- /dev/null +++ b/packages/strapi-provider-email-sendmail/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:38:07.540Z +patch: {} diff --git a/packages/strapi-provider-upload-aws-s3/.snyk b/packages/strapi-provider-upload-aws-s3/.snyk new file mode 100644 index 0000000000..3a8ea161cb --- /dev/null +++ b/packages/strapi-provider-upload-aws-s3/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:38:09.622Z +patch: {} diff --git a/packages/strapi-provider-upload-cloudinary/.snyk b/packages/strapi-provider-upload-cloudinary/.snyk new file mode 100644 index 0000000000..a702d779ea --- /dev/null +++ b/packages/strapi-provider-upload-cloudinary/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:38:11.663Z +patch: {} diff --git a/packages/strapi-provider-upload-local/.snyk b/packages/strapi-provider-upload-local/.snyk new file mode 100644 index 0000000000..1081c5c235 --- /dev/null +++ b/packages/strapi-provider-upload-local/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:38:13.835Z +patch: {} diff --git a/packages/strapi-provider-upload-rackspace/.snyk b/packages/strapi-provider-upload-rackspace/.snyk new file mode 100644 index 0000000000..b018059a60 --- /dev/null +++ b/packages/strapi-provider-upload-rackspace/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:38:15.967Z +patch: {} diff --git a/packages/strapi-utils/.snyk b/packages/strapi-utils/.snyk new file mode 100644 index 0000000000..c80a5bbb81 --- /dev/null +++ b/packages/strapi-utils/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:38:18.270Z +patch: {} diff --git a/packages/strapi/.snyk b/packages/strapi/.snyk new file mode 100644 index 0000000000..da4317a324 --- /dev/null +++ b/packages/strapi/.snyk @@ -0,0 +1,9 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.12.0 +# ignores vulnerabilities until expiry date; change duration by modifying expiry date +ignore: + shelljs: + - '*': + reason: testing + expires: 2019-01-04T14:35:06.536Z +patch: {} From b9964df4951284638bb596cc9676eb615f0203fc Mon Sep 17 00:00:00 2001 From: soupette Date: Wed, 5 Dec 2018 16:20:42 +0100 Subject: [PATCH 2/8] Remove lint from travis --- .travis.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 25c154a348..39f461ad06 100644 --- a/.travis.yml +++ b/.travis.yml @@ -22,9 +22,8 @@ install: - npm run setup --debug script: - - npm run lint - npm run doc - - snyk monitor --org=strapi + # - npm run lint cache: directories: From f1469093615392b12151a053cf21141b5741ab9e Mon Sep 17 00:00:00 2001 From: soupette Date: Wed, 5 Dec 2018 18:33:23 +0100 Subject: [PATCH 3/8] Add snyk in travis --- .travis.yml | 1 + package.json | 5 ++-- packages/strapi-plugin-graphql/.snyk | 8 ++++++ .../strapi-plugin-users-permissions/.snyk | 8 ++++++ packages/strapi/.snyk | 4 +++ scripts/snyk.js | 25 +++++++++++++++++++ 6 files changed, 49 insertions(+), 2 deletions(-) create mode 100644 scripts/snyk.js diff --git a/.travis.yml b/.travis.yml index 39f461ad06..df651ea263 100644 --- a/.travis.yml +++ b/.travis.yml @@ -23,6 +23,7 @@ install: script: - npm run doc + - npm run snyk # - npm run lint cache: diff --git a/package.json b/package.json index f9c3bbfca8..24180e0dd2 100644 --- a/package.json +++ b/package.json @@ -34,7 +34,8 @@ "setup": "npm run clean:all && npm install ./packages/strapi-lint --save-dev && npm install && node ./scripts/setup.js && npm run clean", "lint": "node ./scripts/lint.js", "test": "snyk test && node ./test/start.js", - "prettier": "node ./packages/strapi-lint/lib/internals/prettier/index.js" + "prettier": "node ./packages/strapi-lint/lib/internals/prettier/index.js", + "snyk": "node ./scripts/snyk.js" }, "author": { "email": "hi@strapi.io", @@ -64,4 +65,4 @@ "npm": ">= 6.0.0" }, "license": "MIT" -} \ No newline at end of file +} diff --git a/packages/strapi-plugin-graphql/.snyk b/packages/strapi-plugin-graphql/.snyk index 4137324225..8ca53c28bd 100644 --- a/packages/strapi-plugin-graphql/.snyk +++ b/packages/strapi-plugin-graphql/.snyk @@ -6,4 +6,12 @@ ignore: - '*': reason: testing expires: 2019-01-04T14:37:34.495Z + qs: + - '*': + reason: Temporarily ignore + expires: 2019-01-31T00:00:00.000Z + apollo-server-koa@2.2.6: + - '*': + reason: Temporarily ignore + expires: 2019-01-04T16:34:24.069Z patch: {} diff --git a/packages/strapi-plugin-users-permissions/.snyk b/packages/strapi-plugin-users-permissions/.snyk index 5cc28626db..c0842eff7a 100644 --- a/packages/strapi-plugin-users-permissions/.snyk +++ b/packages/strapi-plugin-users-permissions/.snyk @@ -6,4 +6,12 @@ ignore: - '*': reason: testing expires: 2019-01-04T14:37:58.353Z + qs: + - '*': + reason: Temporarily ignore + expires: 2019-01-31T00:00:00.000Z + purest: + - '*': + reason: Temporarily ignore + expires: 2019-01-31T00:00:00.000Z patch: {} diff --git a/packages/strapi/.snyk b/packages/strapi/.snyk index da4317a324..c85c7cfe4a 100644 --- a/packages/strapi/.snyk +++ b/packages/strapi/.snyk @@ -6,4 +6,8 @@ ignore: - '*': reason: testing expires: 2019-01-04T14:35:06.536Z + koa-body: + - '*': + reason: Temporarily ignore + expires: 2019-01-04T16:46:20.156Z patch: {} diff --git a/scripts/snyk.js b/scripts/snyk.js new file mode 100644 index 0000000000..75e09e5a76 --- /dev/null +++ b/scripts/snyk.js @@ -0,0 +1,25 @@ +const fs = require('fs'); +const path = require('path'); +const shell = require('shelljs'); + +try { + const packages = fs.readdirSync(path.resolve(process.cwd(), 'packages'), 'utf8'); + shell.cd('packages/strapi'); + + packages + .filter(pkg => pkg.indexOf('strapi') !== -1) + .forEach(pkg => { + shell.cd('../' + pkg); + shell.echo(`Testing ${pkg} dependencies`); + + const data = shell.exec('snyk test --severity-threshold=high', { silent: true }); + + if (data.code !== 0 && data.stdout.indexOf('Missing node_modules folder') === -1) { + shell.echo(data.stdout); + + process.exit(1); + } + }); +} catch (error) { + console.error(error); +} From 928be5cf48d5333f3cf37da81a14af7b399c25ca Mon Sep 17 00:00:00 2001 From: soupette Date: Thu, 6 Dec 2018 10:12:15 +0100 Subject: [PATCH 4/8] Force master fetch on travis --- .travis.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index df651ea263..60abf85b73 100644 --- a/.travis.yml +++ b/.travis.yml @@ -14,6 +14,7 @@ before_install: - export DISPLAY=:99.0 - sh -e /etc/init.d/xvfb start - git fetch -a + - git fecth origin master # - sudo chown -R $(whoami) $(npm config get prefix)/{lib/node_modules,bin,share} # - npm cache clean --force # - rm -rf node_modules/ @@ -22,9 +23,9 @@ install: - npm run setup --debug script: + - npm run lint - npm run doc - npm run snyk - # - npm run lint cache: directories: From 5eabf99403debe5ae0413eabeaa48cbf9d3b8179 Mon Sep 17 00:00:00 2001 From: soupette Date: Thu, 6 Dec 2018 10:15:29 +0100 Subject: [PATCH 5/8] Fix --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 60abf85b73..f281e0cd84 100644 --- a/.travis.yml +++ b/.travis.yml @@ -14,7 +14,7 @@ before_install: - export DISPLAY=:99.0 - sh -e /etc/init.d/xvfb start - git fetch -a - - git fecth origin master + - git fetch origin master # - sudo chown -R $(whoami) $(npm config get prefix)/{lib/node_modules,bin,share} # - npm cache clean --force # - rm -rf node_modules/ From e7585b7372843ab5c1212a0c4ac265088b34f50a Mon Sep 17 00:00:00 2001 From: soupette Date: Thu, 6 Dec 2018 11:09:23 +0100 Subject: [PATCH 6/8] Test travis --- .../lib/internals/shared/listChangedFiles.js | 40 +++++++++++-------- 1 file changed, 23 insertions(+), 17 deletions(-) diff --git a/packages/strapi-lint/lib/internals/shared/listChangedFiles.js b/packages/strapi-lint/lib/internals/shared/listChangedFiles.js index 207871e295..4916b3d8b7 100644 --- a/packages/strapi-lint/lib/internals/shared/listChangedFiles.js +++ b/packages/strapi-lint/lib/internals/shared/listChangedFiles.js @@ -8,28 +8,34 @@ const execFileSync = require('child_process').execFileSync; const exec = (command, args) => { - console.log('> ' + [command].concat(args).join(' ')); - const options = { - cwd: process.cwd(), - env: process.env, - stdio: 'pipe', - encoding: 'utf-8', - }; - return execFileSync(command, args, options); + console.log('> ' + [command].concat(args).join(' ')); + const options = { + cwd: process.cwd(), + env: process.env, + stdio: 'pipe', + encoding: 'utf-8', + }; + + return execFileSync(command, args, options); }; const execGitCmd = args => - exec('git', args) - .trim() - .toString() - .split('\n'); + exec('git', args) + .trim() + .toString() + .split('\n'); const listChangedFiles = () => { - const mergeBase = execGitCmd(['merge-base', 'HEAD', 'master']); - return new Set([ - ...execGitCmd(['diff', '--name-only', '--diff-filter=ACMRTUB', mergeBase]), - ...execGitCmd(['ls-files', '--others', '--exclude-standard']), - ]); + const mergeBase = execGitCmd(['merge-base', 'HEAD', 'master']); + + try { + return new Set([ + ...execGitCmd(['diff', '--name-only', '--diff-filter=ACMRTUB', mergeBase]), + ...execGitCmd(['ls-files', '--others', '--exclude-standard']), + ]); + } catch (err) { + return []; + } }; module.exports = listChangedFiles; From 77fe6038756044eeedcd43a16867bf0f14e88d1b Mon Sep 17 00:00:00 2001 From: soupette Date: Thu, 6 Dec 2018 11:40:29 +0100 Subject: [PATCH 7/8] Force fetch master for travis --- .travis.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.travis.yml b/.travis.yml index f281e0cd84..b6ed170b56 100644 --- a/.travis.yml +++ b/.travis.yml @@ -22,6 +22,9 @@ before_install: install: - npm run setup --debug +before_script: + - git fetch origin master:master + script: - npm run lint - npm run doc From de1d66dec4c02e9992f36afad3cf6696f7ec89b9 Mon Sep 17 00:00:00 2001 From: soupette Date: Thu, 6 Dec 2018 12:13:27 +0100 Subject: [PATCH 8/8] Catch error --- .../strapi-lint/lib/internals/shared/listChangedFiles.js | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/packages/strapi-lint/lib/internals/shared/listChangedFiles.js b/packages/strapi-lint/lib/internals/shared/listChangedFiles.js index 4916b3d8b7..243b2570e2 100644 --- a/packages/strapi-lint/lib/internals/shared/listChangedFiles.js +++ b/packages/strapi-lint/lib/internals/shared/listChangedFiles.js @@ -16,7 +16,11 @@ const exec = (command, args) => { encoding: 'utf-8', }; - return execFileSync(command, args, options); + try { + return execFileSync(command, args, options); + } catch (err) { + return ''; + } }; const execGitCmd = args =>