Rebase fixes and windows fix

debricked · Mar 27, 2024 · 07f48a3 · 07f48a3
1 parent 6996f61
commit 07f48a3
Show file tree

Hide file tree

Showing 14 changed files with 86 additions and 43 deletions.
diff --git a/internal/cmd/callgraph/callgraph.go b/internal/cmd/callgraph/callgraph.go
@@ -43,8 +43,8 @@ $ debricked callgraph
 		},
 		RunE: RunE(generator),
 	}
-	fileExclusionExample := filepath.Join("*", "**.lock")
-	dirExclusionExample := filepath.Join("**", "node_modules", "**")
+	fileExclusionExample := filepath.Join("'*", "**.lock'")
+	dirExclusionExample := filepath.Join("'**", "node_modules", "**'")
 	exampleFlags := fmt.Sprintf("-e \"%s\" -e \"%s\"", fileExclusionExample, dirExclusionExample)
 
 	cmd.Flags().StringArrayVarP(&exclusions, ExclusionFlag, "e", exclusions, `The following terms are supported to exclude paths:
@@ -66,7 +66,7 @@ $ debricked callgraph . `+exampleFlags)
 		[]string{},
 		`Forces inclusion of specified terms, see exclusion flag for more information on supported terms.
 Examples: 
-$ debricked scan . --include /node_modules/`)
+$ debricked scan . --include '**/node_modules/**'`)
 	cmd.Flags().BoolVar(&buildDisabled, NoBuildFlag, false, `Do not automatically build all source code in the project to enable call graph generation.
 This option requires a pre-built project. For more detailed documentation on the callgraph generation, visit our portal:
 https://portal.debricked.com/debricked-cli-63/debricked-cli-documentation-298?tid=298&fid=63#callgraph`)

diff --git a/internal/cmd/files/find/find.go b/internal/cmd/files/find/find.go
@@ -36,8 +36,8 @@ For example ` + "`package.json`" + ` with ` + "`package-lock.json`.",
 		},
 		RunE: RunE(finder),
 	}
-	fileExclusionExample := filepath.Join("*", "**.lock")
-	dirExclusionExample := filepath.Join("**", "node_modules", "**")
+	fileExclusionExample := filepath.Join("'*", "**.lock'")
+	dirExclusionExample := filepath.Join("'**", "node_modules", "**'")
 	exampleFlags := fmt.Sprintf("-e \"%s\" -e \"%s\"", fileExclusionExample, dirExclusionExample)
 	cmd.Flags().StringArrayVarP(&exclusions, ExclusionFlag, "e", exclusions, `The following terms are supported to exclude paths:
 Special Terms | Meaning
@@ -58,7 +58,7 @@ $ debricked files find . `+exampleFlags)
 		[]string{},
 		`Forces inclusion of specified terms, see exclusion flag for more information on supported terms.
 Examples: 
-$ debricked scan . --include /node_modules/`)
+$ debricked scan . --include '**/node_modules/**'`)
 	cmd.Flags().BoolVarP(&jsonPrint, JsonFlag, "j", false, `Print files in JSON format
 Format:
 [

diff --git a/internal/cmd/fingerprint/fingerprint.go b/internal/cmd/fingerprint/fingerprint.go
@@ -36,10 +36,10 @@ func NewFingerprintCmd(fingerprinter fingerprint.IFingerprint) *cobra.Command {
 		},
 		RunE: RunE(fingerprinter),
 	}
-	fileExclusionExample := filepath.Join("*", "**.pyc")
-	dirExclusionExample := filepath.Join("**", "node_modules", "**")
+	fileExclusionExample := filepath.Join("'*", "**.pyc'")
+	dirExclusionExample := filepath.Join("'**", "node_modules", "**'")
 	exampleFlags := fmt.Sprintf("-%s \"%s\" -%s \"%s\"", ExclusionFlag, fileExclusionExample, ExclusionFlag, dirExclusionExample)
-	cmd.Flags().StringArrayVarP(&exclusions, ExclusionFlag, "", exclusions, `The following terms are supported to exclude paths:
+	cmd.Flags().StringArrayVarP(&exclusions, ExclusionFlag, "e", exclusions, `The following terms are supported to exclude paths:
 Special Terms | Meaning
 ------------- | -------
 "*"           | matches any sequence of non-Separator characters 
@@ -56,7 +56,7 @@ $ debricked files fingerprint . `+exampleFlags)
 		[]string{},
 		`Forces inclusion of specified terms, see exclusion flag for more information on supported terms.
 Examples: 
-$ debricked scan . --include /node_modules/`)
+$ debricked scan . --include '**/node_modules/**'`)
 	cmd.Flags().BoolVar(&shouldFingerprintCompressedContent, FingerprintCompressedContent, false, `Fingerprint the contents of compressed files by unpacking them in memory, Supported files: `+fmt.Sprintf("%v", fingerprint.ZIP_FILE_ENDINGS))
 	cmd.Flags().StringVar(&outputDir, OutputDirFlag, ".", "The directory to write the output file to")
 	cmd.Flags().IntVar(&minFingerprintContentLength, MinFingerprintContentLengthFlag, 45, "Set minimum content length (in bytes) for files to fingerprint. Defaults to 45 bytes.")

diff --git a/internal/cmd/resolve/resolve.go b/internal/cmd/resolve/resolve.go
@@ -42,8 +42,8 @@ $ debricked resolve go.mod pkg/
 		},
 		RunE: RunE(resolver),
 	}
-	fileExclusionExample := filepath.Join("*", "**.lock")
-	dirExclusionExample := filepath.Join("**", "node_modules", "**")
+	fileExclusionExample := filepath.Join("'*", "**.lock'")
+	dirExclusionExample := filepath.Join("'**", "node_modules", "**'")
 	exampleFlags := fmt.Sprintf("-e \"%s\" -e \"%s\"", fileExclusionExample, dirExclusionExample)
 	cmd.Flags().StringArrayVarP(&exclusions, ExclusionFlag, "e", exclusions, `The following terms are supported to exclude paths:
 Special Terms | Meaning
@@ -64,7 +64,7 @@ $ debricked resolve . `+exampleFlags)
 		[]string{},
 		`Forces inclusion of specified terms, see exclusion flag for more information on supported terms.
 Examples: 
-$ debricked scan . --include /node_modules/`)
+$ debricked scan . --include '**/node_modules/**'`)
 	regenerateDoc := strings.Join(
 		[]string{
 			"Toggles regeneration of already existing lock files between 3 modes:\n",

diff --git a/internal/cmd/scan/scan.go b/internal/cmd/scan/scan.go
@@ -83,8 +83,8 @@ If the given path contains a git repository all flags but "integration" will be
 		`name of integration used to trigger scan. For example "GitHub Actions"`,
 	)
 	cmd.Flags().StringVarP(&jsonFilePath, JsonFilePathFlag, "j", "", "write upload result as json to provided path")
-	fileExclusionExample := filepath.Join("*", "**.lock")
-	dirExclusionExample := filepath.Join("**", "node_modules", "**")
+	fileExclusionExample := filepath.Join("'*", "**.lock'")
+	dirExclusionExample := filepath.Join("'**", "node_modules", "**'")
 	exampleFlags := fmt.Sprintf("-e \"%s\" -e \"%s\"", fileExclusionExample, dirExclusionExample)
 	cmd.Flags().StringArrayVarP(
 		&exclusions,
@@ -110,7 +110,7 @@ $ debricked scan . `+exampleFlags)
 		inclusions,
 		`Forces inclusion of specified terms, see exclusion flag for more information on supported terms.
 Examples: 
-$ debricked scan . --include /node_modules/`)
+$ debricked scan . --include '**/node_modules/**'`)
 	regenerateDoc := strings.Join(
 		[]string{
 			"Toggles regeneration of already existing lock files between 3 modes:\n",

diff --git a/internal/file/exclusion.go b/internal/file/exclusion.go
@@ -27,7 +27,7 @@ var defaultExclusions = DefaultExclusionList{
 func DefaultExclusions() []string {
 	var exclusions []string
 	for _, excluded_dir := range defaultExclusions.Directories {
-		exclusions = append(exclusions, filepath.Join("**", excluded_dir, "**"))
+		exclusions = append(exclusions, "**/"+excluded_dir+"/**")
 	}
 
 	return exclusions
@@ -45,16 +45,17 @@ func Exclusions() []string {
 }
 
 func Excluded(exclusions []string, inclusions []string, path string) bool {
+	path = filepath.ToSlash(path)
 	for _, inclusion := range inclusions {
-		ex := filepath.Clean(inclusion)
-		matched, _ := doublestar.PathMatch(ex, path)
+		inclusion = filepath.ToSlash(inclusion)
+		matched, _ := doublestar.Match(inclusion, path)
 		if matched {
 			return false
 		}
 	}
 	for _, exclusion := range exclusions {
-		ex := filepath.Clean(exclusion)
-		matched, _ := doublestar.PathMatch(ex, path)
+		exclusion = filepath.ToSlash(exclusion)
+		matched, _ := doublestar.Match(exclusion, path)
 		if matched {
 			return true
 		}

diff --git a/internal/file/exclusion_test.go b/internal/file/exclusion_test.go
@@ -54,11 +54,11 @@ func TestExclusionsWithEmptyTokenEnvVariable(t *testing.T) {
 	}(debrickedExclusionEnvVar, oldEnvValue)
 
 	gt := []string{
-		filepath.Join("**", "node_modules", "**"),
-		filepath.Join("**", "vendor", "**"),
-		filepath.Join("**", ".git", "**"),
-		filepath.Join("**", "obj", "**"),
-		filepath.Join("**", "bower_components", "**"),
+		"**/node_modules/**",
+		"**/vendor/**",
+		"**/.git/**",
+		"**/obj/**",
+		"**/bower_components/**",
 	}
 	defaultExclusions := Exclusions()
 	assert.Equal(t, gt, defaultExclusions)
@@ -145,3 +145,35 @@ func TestExclude(t *testing.T) {
 		})
 	}
 }
+
+func TestExcluded(t *testing.T) {
+	cases := []struct {
+		name       string
+		exclusions []string
+		inclusions []string
+		path       string
+		expected   bool
+	}{
+		{
+			name:       "NodeModules",
+			exclusions: []string{"**/node_modules/**"},
+			inclusions: []string{},
+			path:       "node_modules/package.json",
+			expected:   true,
+		},
+		{
+			name:       "Inclusions",
+			exclusions: []string{"**/node_modules/**"},
+			inclusions: []string{"**/package.json"},
+			path:       "node_modules/package.json",
+			expected:   false,
+		},
+	}
+
+	for _, c := range cases {
+		t.Run(c.name, func(t *testing.T) {
+			assert.Equal(t, c.expected, Excluded(c.exclusions, c.inclusions, c.path))
+		})
+	}
+
+}
diff --git a/internal/file/finder.go b/internal/file/finder.go
@@ -33,7 +33,7 @@ type DebrickedOptions struct {
 type IFinder interface {
 	GetGroups(options DebrickedOptions) (Groups, error)
 	GetSupportedFormats() ([]*CompiledFormat, error)
-	GetConfigPath(rootPath string, exclusions []string) string
+	GetConfigPath(rootPath string, exclusions []string, inclusions []string) string
 }
 
 type Finder struct {
@@ -49,15 +49,15 @@ func NewFinder(c client.IDebClient, fs ioFs.IFileSystem) (*Finder, error) {
 	return &Finder{c, fs}, nil
 }
 
-func (finder *Finder) GetConfigPath(rootPath string, exclusions []string) string {
+func (finder *Finder) GetConfigPath(rootPath string, exclusions []string, inclusions []string) string {
 	var configPath string
 	err := filepath.Walk(
 		rootPath,
 		func(path string, fileInfo os.FileInfo, err error) error {
 			if err != nil {
 				return err
 			}
-			if !fileInfo.IsDir() && !Excluded(exclusions, path) {
+			if !fileInfo.IsDir() && !Excluded(exclusions, inclusions, path) {
 				if filepath.Base(path) == "debricked-config.yaml" {
 					configPath = path
 				}

diff --git a/internal/file/finder_test.go b/internal/file/finder_test.go
@@ -104,7 +104,7 @@ func TestGetGroups(t *testing.T) {
 	path := ""
 
 	excludedFiles := []string{"testdata/go/go.mod", "testdata/misc/requirements.txt", "testdata/misc/Cargo.lock"}
-	const nbrOfGroups = 6
+	const nbrOfGroups = 7
 
 	fileGroups, err := finder.GetGroups(
 		DebrickedOptions{
@@ -245,7 +245,7 @@ func TestGetGroupsWithTwoFileMatchesInSameDir(t *testing.T) {
 
 func TestGetDebrickedConfig(t *testing.T) {
 	path := "testdata"
-	configPath := finder.GetConfigPath(path, nil)
+	configPath := finder.GetConfigPath(path, nil, nil)
 	assert.Equal(t, filepath.Join("testdata", "misc", "debricked-config.yaml"), configPath)
 }
 
@@ -295,7 +295,7 @@ func TestGetGroupsWithStrictFlag(t *testing.T) {
 			fileGroups, err := finder.GetGroups(
 				DebrickedOptions{
 					RootPath:     filePath,
-					Exclusions:   []string{},
+					Exclusions:   []string{"**/node_modules/**"},
 					Inclusions:   []string{},
 					LockFileOnly: false,
 					Strictness:   c.strictness,

diff --git a/internal/file/testdata/finder_mock.go b/internal/file/testdata/finder_mock.go
@@ -23,7 +23,7 @@ func (f *FinderMock) GetGroups(_ file.DebrickedOptions) (file.Groups, error) {
 	return f.groups, f.error
 }
 
-func (f *FinderMock) GetConfigPath(_ string, _ []string) string {
+func (f *FinderMock) GetConfigPath(_ string, _ []string, _ []string) string {
 	return ""
 }
 

diff --git a/internal/fingerprint/exclusion.go b/internal/fingerprint/exclusion.go
@@ -1,7 +1,5 @@
 package fingerprint
 
-import "path/filepath"
-
 type DefaultFingerprintExclusionList struct {
 	Directories []string
 	Files       []string
@@ -25,6 +23,11 @@ var defaultFingerprintExclusions = DefaultFingerprintExclusionList{
 		"*.egg-info",
 		"*venv",
 		"*venv3",
+		"node_modules",
+		"vendor",
+		".git",
+		"obj",
+		"bower_components",
 	},
 	Files: []string{
 		"gradlew", "gradlew.bat", "mvnw", "mvnw.cmd", "gradle-wrapper.jar", "maven-wrapper.jar",
@@ -59,16 +62,16 @@ var defaultFingerprintExclusions = DefaultFingerprintExclusionList{
 func DefaultExclusionsFingerprint() []string {
 	var default_exclusions []string
 	for _, excluded_dir := range defaultFingerprintExclusions.Directories {
-		default_exclusions = append(default_exclusions, filepath.Join("**", excluded_dir, "**"))
+		default_exclusions = append(default_exclusions, "**/"+excluded_dir+"/**")
 	}
 	for _, excluded_file := range defaultFingerprintExclusions.Files {
-		default_exclusions = append(default_exclusions, filepath.Join("**", excluded_file))
+		default_exclusions = append(default_exclusions, "**/"+excluded_file)
 	}
 	for _, excluded_extension := range defaultFingerprintExclusions.Extensions {
-		default_exclusions = append(default_exclusions, filepath.Join("**", "*"+excluded_extension))
+		default_exclusions = append(default_exclusions, "**/*"+excluded_extension)
 	}
 	for _, excluded_ending := range defaultFingerprintExclusions.Extensions {
-		default_exclusions = append(default_exclusions, filepath.Join("**", "*"+excluded_ending))
+		default_exclusions = append(default_exclusions, "**/*"+excluded_ending)
 	}
 
 	return default_exclusions

diff --git a/internal/fingerprint/fingerprint_test.go b/internal/fingerprint/fingerprint_test.go
@@ -441,7 +441,7 @@ func TestInMemFingerprintingCompressedContent(t *testing.T) {
 		},
 		{
 			name:        "Nupkg",
-			path:        "testdata/archive/nupkg",
+			path:        filepath.Join("testdata", "archive", "nupkg"),
 			expected:    21,
 			suffix:      "newtonsoft.json.13.0.3.nupkg",
 			shouldUnzip: true,

diff --git a/internal/scan/scanner.go b/internal/scan/scanner.go
@@ -235,7 +235,7 @@ func (dScanner *DebrickedScanner) scan(options DebrickedOptions, gitMetaObject g
 		IntegrationsName:       options.IntegrationName,
 		CallGraphUploadTimeout: options.CallGraphUploadTimeout,
 		VersionHint:            options.VersionHint,
-		DebrickedConfig:        dScanner.getDebrickedConfig(options.Path, options.Exclusions),
+		DebrickedConfig:        dScanner.getDebrickedConfig(options.Path, options.Exclusions, options.Inclusions),
 	}
 	result, err := (*dScanner.uploader).Upload(uploaderOptions)
 	if err != nil {
@@ -245,8 +245,8 @@ func (dScanner *DebrickedScanner) scan(options DebrickedOptions, gitMetaObject g
 	return result, nil
 }
 
-func (dScanner *DebrickedScanner) getDebrickedConfig(path string, exclusions []string) upload.DebrickedConfig {
-	configPath := dScanner.finder.GetConfigPath(path, exclusions)
+func (dScanner *DebrickedScanner) getDebrickedConfig(path string, exclusions []string, inclusions []string) upload.DebrickedConfig {
+	configPath := dScanner.finder.GetConfigPath(path, exclusions, inclusions)
 	if configPath == "" {
 		return upload.DebrickedConfig{}
 	}

diff --git a/internal/scan/testdata/npm/result.json b/internal/scan/testdata/npm/result.json
@@ -0,0 +1,7 @@
+{
+ "vulnerabilitiesFound": 0,
+ "unaffectedVulnerabilitiesFound": 0,
+ "automationsAction": "",
+ "automationRules": null,
+ "detailsUrl": ""
+}