Develop (#393)

* Master (#321)

* Develop (#316)

* Frontend - MomentJS replacement with date-fns (#211)

* Added package of date-fns

* Removing moment of packagejson and replace all ocurrences in the code

* Feature/grpc health check (#213)

* Adding auth grpc health check

* Adding client grpc services health check and improving middleware logs

* Register grpc health check server

* Adding grpc health check and unity tests

* Update and refactor config of CLI (#214)

* Update and refactor config of CLI

* Update name

* Update hash horusec-config.json

* Adding config to configure tools (#217)

* Adding config to configure tools

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix

* Adding tests

* Adding tests

* Fix

* Add tests on parse viper data to struct

* Update horusec-cli/config/.example-horusec-cli-new.json

Co-authored-by: nathannascimentozup <[email protected]>

* Fix config tests

Co-authored-by: nathannascimentozup <[email protected]>

* Get viper file config path and setup on command start initialize (#219)

* Get viper file config path and setup on command start initialize

* Fix config name

* Fix tests and lint

* Master (#226)

* Develop (#224)

* Frontend - MomentJS replacement with date-fns (#211)

* Added package of date-fns

* Removing moment of packagejson and replace all ocurrences in the code

* Feature/grpc health check (#213)

* Adding auth grpc health check

* Adding client grpc services health check and improving middleware logs

* Register grpc health check server

* Adding grpc health check and unity tests

* Update and refactor config of CLI (#214)

* Update and refactor config of CLI

* Update name

* Update hash horusec-config.json

* Adding config to configure tools (#217)

* Adding config to configure tools

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix

* Adding tests

* Adding tests

* Fix

* Add tests on parse viper data to struct

* Update horusec-cli/config/.example-horusec-cli-new.json

Co-authored-by: nathannascimentozup <[email protected]>

* Fix config tests

Co-authored-by: nathannascimentozup <[email protected]>

* Get viper file config path and setup on command start initialize (#219)

* Get viper file config path and setup on command start initialize

* Fix config name

* Fix tests and lint

Co-authored-by: Lucas Bruno <[email protected]>
Co-authored-by: nathanmartinszup <[email protected]>
Co-authored-by: Wilian Gabriel <[email protected]>

* [skip ci] update versioning file (#225)

Co-authored-by: nathannascimentozup <[email protected]>
Co-authored-by: Lucas Bruno <[email protected]>
Co-authored-by: nathanmartinszup <[email protected]>

* Frontend workspaces flow (#218)

* Change the routes in home to internal, and remove organization flow

* Adjusting flow of login and add Workspace context

* Added select workspace in side menu

* Added list to all workspaces

* Rename organization to workspace

* Added modal to create new workspace

* Rename 'user' to 'member' and adjusting styles in modal of create workspace

* Added option to delete a workspace, and remove the Company Context

* Added edit option to workspaces

* Adjusting formatHumanDate and clear input when create new workspace

* Added option to manager tokens of workspace

* Added option to handler users of worspace

* Alter template of email to workspace

* Removing old screen of Users

* Fix bug when update company to description empty not update

Co-authored-by: Wilian Gabriel <[email protected]>

* Feature/dynamic vulnerabilities (#215)

* Removing docker from horusec clis

* Improving cli formatters

* Improving horusec rules code

* Adding engine analises calls in formatters

* Fixing unity tests

* Updating coverage

* Fixing pipeline errors

* Fixing error in hash generation

* Adding possibility to run horusec without docker

* Updating formatters service mock

* Adding custom rules option in horusec cli

* Adding cli custom rules unity tests

* Adding how to add custom rules

* Updating docs

* Fixing cli unity tests

* Updating coverage cli

* Updating flags cli

* Fixing pipeline

* Fixing config file

* Updating config hashes

* Updating docs and improving code

* Fixing lint

* Updating pipeline

* Adding repository name when repository name flag is empty (#228)

* Adding repository name when repository name flag is empty

* Improving code

* Fixing pipeline

* Improvements in workspace (#229)

* Change the routes in home to internal, and remove organization flow

* Adjusting flow of login and add Workspace context

* Added select workspace in side menu

* Added list to all workspaces

* Rename organization to workspace

* Added modal to create new workspace

* Rename 'user' to 'member' and adjusting styles in modal of create workspace

* Added option to delete a workspace, and remove the Company Context

* Added edit option to workspaces

* Adjusting formatHumanDate and clear input when create new workspace

* Added option to manager tokens of workspace

* Added option to handler users of worspace

* Alter template of email to workspace

* Removing old screen of Users

* Fix bug when update company to description empty not update

* Added warning flash message and fix when no have a repository

* Added empty message of counters

Co-authored-by: Wilian Gabriel <[email protected]>

* Alter localhost to 127.0.0.1 and add Linkify in vulnerabilities details (#231)

* Updating how to (#232)

* Update e2e tests and remove examples zips to root directory (#220)

* Adding e2e tests in windows, macos, linux images

* Adding e2e tests in windows, macos, linux images

* Fiz unzip to usage in others operational systems

* Fiz unzip to usage in others operational systems

* Change e2e to usage binary

* Test e2e

* Test e2e and move examples to root directory

* Test e2e

* Test e2e

* Test e2e

* test e2e

* Fix tests

* Fix tests

* Fix tests

* Fix pipeline

* Fix pipeline

* Fix tests

* Remove README

* Fix fmt lint

* Fix tets

* Update horusec-config

* Merge with master

* Feature/information severity (#240)

* Adding cli flag to enable and disable information vulnerabilities

* Adding I flag

* Removing info vulnerabilities when flag is not set

* Fixing some errors

* Updating readme

* [WIP]Feature/ldap-logs (#239)

* Adding ldap logs

* Updating horusec config

* Adding filter log ldap

* Update deploy-service.yml (#245)

* Revert "Update deploy-service.yml (#245)" (#247)

This reverts commit 92101578dae712760da27ca0b6ec203be19fdccb.

* Bugfix/fix generics bugs (#236)

* Merge branch 'master' of github.com:ZupIT/horusec into develop

* Fixing semgrep parsing error

* Update main

* Fixing when tool is to ignore set tool finished

* Fixing .git ignore and java commit authors

* Fixing unity tests

* Adding logic to split files into leaks analysis

* Fix formatter of leaks

* Fix gomod and gosum

Co-authored-by: nathan <[email protected]>

* Remove unnecessary logs

* Fix version and get config file

* Fixing disabled docker error (#249)

* Improvements (#254)

* Adding improvements on logs with level

* Remove CLI enum of devkit

* Move use cases from devkit to specific micro services

* Replace name of generate sha256 hash

* Remove unused utils from devkit and move enums to specific microservices

* Fix lint

* Fix security

* Fix coverage

* Fix coverage

* Fix security

* Added input to select a fixed period or custom range (#255)

Co-authored-by: Wilian Gabriel <[email protected]>

* [skip ci] update versioning file (#260)

* Feature/ldap (#252)

* Fixing disabled docker error

* Updating ldap to save user groups in jwt token

* Updating ldap version

* Adding possibility of custom fields in group search

* Fixing lint and tests

* Fix fmt lint

* Updating docs

* Fixing pipeline errors

Co-authored-by: Wilian Gabriel <[email protected]>

* [skip ci] update versioning file

* Feature/removing sensitive logs (#261)

* Fixing disabled docker error

* Removing sensitive log from http requests

* Bugfix/ldap (#262)

* Fixing disabled docker error

* Fixing some ldap errors

* Bugfix/ldap (#265)

* Fixing disabled docker error

* Fixing some ldap errors

* Updating composes and auth env variables

* Feature/microsoft ldap (#271)

* Fixing disabled docker error

* Improving ldap service

* Removing to lower

* Adding group search by member dn

* Updating composes and user filter env var

* Updating false positives

* Updating composes

* Fixing ldap errors

* Fixing lint and tests

* Hidden invite user of repositories and workspace when authType is Ldap (#274)

Co-authored-by: Lucas Bruno <[email protected]>

* Dart (#266)

* Start dart structure

* Start dart structure

* Fix pipeline

* Update cli to run horusec dart

* Update languages in horusec-cli to horusec-api

* Adding some rules in dart for logs, cripto and xss

* Fix fmt lint

* Fix fmt lint

* Adding more rules of dart

* Fix fmt lint test

* Update e2e

* Adding rules of shell, xxe, origins, week cripto

* Fix fmt litn

* Fix regex wrong

* Update docs

* Fix coverage

* Add dart language in the frontend charts colors

* Fix fmt lint and merge with develop

Co-authored-by: lucas.bruno <[email protected]>

* [WIP]Bugfix/ldap search by member (#277)

* Fixing disabled docker error

* Removing member of and replacing with search by member in group

* Improving variable names

* Feature/improvements cli (#279)

* Adding warn log when info is disabled and update engines to run max units by analysis

* Adding const values for engine usage

Co-authored-by: Nathan Tavares Nascimento <[email protected]>

* Feature/updating docs (#278)

* Fixing disabled docker error

* Removing ldap group log

* Updating ldap docs

* Feature/ldap list (#284)

* Fixing disabled docker error

* Removing ldap group log

* Improving account app config and removing config data from request context, improving company list to support ldap

* Updating repository list to get by ldap groups

* Fixing unity testes

* Fixing unity unit tests and lint errors

* Adding account depends on auth in composes

* Adding port on compose

* Adding validation to admin ldap group, now its needed to by a valid one

* Improving ldap error messsage

* Adding validation to update with ldap

* Add message in the manager for invalid ldap group

* Fixing some errors

* Fixing unity tests

* Added messa ldap group error in eng language

Co-authored-by: Wilian Gabriel <[email protected]>
Co-authored-by: lucas.bruno <[email protected]>

* Dashboard load data from the beginning (#285)

* Adjusting filters to load dashboard with the from the beginning data

* Fixing test in analytic

* [skip ci] update versioning file

* Feature/improving formatters (#287)

* Fixing disabled docker error

* Removing ldap group log

* Improving npm and yarn formatters

* Adding shell support (#288)

* Adding shell support

* Fix fmt and lint

* Fix tests

* Update shell script to prevent vulnerabilities and errors

* Update README.md (#291)

* Added elixir and shell colors in languages of dashboard (#294)

* Hotfix/backend urls (#293)

* Updating account routers

* Updating analytic routers

* Updating auth routers

* Updating messages routers

* Updating webhook routers

* Updating front end account service

* Updating front end analytic service

* Updating front end company service

* Updating front end repository service

* Updating front end webhook service

* Fixing front-end lint

* Fixing endpoint error

* Fixing tests

* Fixing tests

* Fixing tests

* Fixing e2e tests

* Fixing tokens url

* Fixing e2e tests

Co-authored-by: nathanmartinszup <[email protected]>

* [skip ci] update versioning file

* Feature/elixir (#289)

* Fixing disabled docker error

* Removing ldap group log

* Adding elixir mix audit tool

* Adding missing license

* Adding mixaudit unity tests

* Fixing docs

* Adding elixir sobelow formatter

* Fixing unity tests

* Adding validation to not phoenix application

* Fixing some errors

* Adding license

* Fixing some merge errors

* Fixing unity tests

* Fixing error when invalid output

* Updating develop with master (#310)

* Adding ldap health check (#303)

* Adding ldap health check

* Adding functions arguments

* Fixing tests

* Fixing mock

* Fixing typo

* Fixing lint

* Improving ldap Check fn

* Updating ldap check

* Improving ldap health check

* Adding auth ldap health check test

* Changing ldap check to follow the others health check patterns

* Fixing pipeline errors

Co-authored-by: nathanmartinszup <[email protected]>

* Adding repository authz groups from company (#309)

* Adding repository authz groups from company

* Improving code

* Fixing lint problem

Co-authored-by: nathannascimentozup <[email protected]>

* Feature/elixir example (#308)

* Fixing disabled docker error

* Removing ldap group log

* Adding elixir example and e2e

* Fixing e2e test

* Bugfix/ldap lists (#301)

* Fixing disabled docker error

* Removing ldap group log

* Changing ldap groups to array

* Updating swagger with the new routes

* Fixing lint and code errors

* Fixing error in workspace roles when ldap

* Updating repositories list when ldap

* Improving queries to list companies and repositories

* Sqlite3 dont suport text array type

* Adding missing account tests

* Fixing unity tests

* Fixing tests

* Fixing unity tests

* Fixing tests

* Updating coverage

* Fixing error in list repositories

* WIP: Updating workspace groups

* Fixing lint problems

* Fixing ldap groups in workspace

* Added ldap gorups for repository

* Adjusting margin in workspace input ldap group

* Fixing pipelines

* Fixing pipelines

* Fixing pipeline error

* Fixing pipeline error

* Fixing pipelines

* Fixing pipeline e2e errors

Co-authored-by: Nathan Tavares Nascimento <[email protected]>
Co-authored-by: lucas.bruno <[email protected]>

* Bugfix/develop bugs (#313)

* Fixing disabled docker error

* Removing ldap group log

* Fixing errors in migrations

* Bugfix/develop bugs (#314)

* Fixing disabled docker error

* Removing ldap group log

* Fixing errors in migrations

* Fixing error in elixir analisis validation when sent to the server

* Fix bind ports

* Update docs

* Update docs

Co-authored-by: Lucas Bruno <[email protected]>
Co-authored-by: nathanmartinszup <[email protected]>
Co-authored-by: nathannascimentozup <[email protected]>
Co-authored-by: nathan <[email protected]>
Co-authored-by: lucas.bruno <[email protected]>
Co-authored-by: Nathan Tavares Nascimento <[email protected]>

* Develop (#317)

* Frontend - MomentJS replacement with date-fns (#211)

* Added package of date-fns

* Removing moment of packagejson and replace all ocurrences in the code

* Feature/grpc health check (#213)

* Adding auth grpc health check

* Adding client grpc services health check and improving middleware logs

* Register grpc health check server

* Adding grpc health check and unity tests

* Update and refactor config of CLI (#214)

* Update and refactor config of CLI

* Update name

* Update hash horusec-config.json

* Adding config to configure tools (#217)

* Adding config to configure tools

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix

* Adding tests

* Adding tests

* Fix

* Add tests on parse viper data to struct

* Update horusec-cli/config/.example-horusec-cli-new.json

Co-authored-by: nathannascimentozup <[email protected]>

* Fix config tests

Co-authored-by: nathannascimentozup <[email protected]>

* Get viper file config path and setup on command start initialize (#219)

* Get viper file config path and setup on command start initialize

* Fix config name

* Fix tests and lint

* Master (#226)

* Develop (#224)

* Frontend - MomentJS replacement with date-fns (#211)

* Added package of date-fns

* Removing moment of packagejson and replace all ocurrences in the code

* Feature/grpc health check (#213)

* Adding auth grpc health check

* Adding client grpc services health check and improving middleware logs

* Register grpc health check server

* Adding grpc health check and unity tests

* Update and refactor config of CLI (#214)

* Update and refactor config of CLI

* Update name

* Update hash horusec-config.json

* Adding config to configure tools (#217)

* Adding config to configure tools

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix

* Adding tests

* Adding tests

* Fix

* Add tests on parse viper data to struct

* Update horusec-cli/config/.example-horusec-cli-new.json

Co-authored-by: nathannascimentozup <[email protected]>

* Fix config tests

Co-authored-by: nathannascimentozup <[email protected]>

* Get viper file config path and setup on command start initialize (#219)

* Get viper file config path and setup on command start initialize

* Fix config name

* Fix tests and lint

Co-authored-by: Lucas Bruno <[email protected]>
Co-authored-by: nathanmartinszup <[email protected]>
Co-authored-by: Wilian Gabriel <[email protected]>

* [skip ci] update versioning file (#225)

Co-authored-by: nathannascimentozup <[email protected]>
Co-authored-by: Lucas Bruno <[email protected]>
Co-authored-by: nathanmartinszup <[email protected]>

* Frontend workspaces flow (#218)

* Change the routes in home to internal, and remove organization flow

* Adjusting flow of login and add Workspace context

* Added select workspace in side menu

* Added list to all workspaces

* Rename organization to workspace

* Added modal to create new workspace

* Rename 'user' to 'member' and adjusting styles in modal of create workspace

* Added option to delete a workspace, and remove the Company Context

* Added edit option to workspaces

* Adjusting formatHumanDate and clear input when create new workspace

* Added option to manager tokens of workspace

* Added option to handler users of worspace

* Alter template of email to workspace

* Removing old screen of Users

* Fix bug when update company to description empty not update

Co-authored-by: Wilian Gabriel <[email protected]>

* Feature/dynamic vulnerabilities (#215)

* Removing docker from horusec clis

* Improving cli formatters

* Improving horusec rules code

* Adding engine analises calls in formatters

* Fixing unity tests

* Updating coverage

* Fixing pipeline errors

* Fixing error in hash generation

* Adding possibility to run horusec without docker

* Updating formatters service mock

* Adding custom rules option in horusec cli

* Adding cli custom rules unity tests

* Adding how to add custom rules

* Updating docs

* Fixing cli unity tests

* Updating coverage cli

* Updating flags cli

* Fixing pipeline

* Fixing config file

* Updating config hashes

* Updating docs and improving code

* Fixing lint

* Updating pipeline

* Adding repository name when repository name flag is empty (#228)

* Adding repository name when repository name flag is empty

* Improving code

* Fixing pipeline

* Improvements in workspace (#229)

* Change the routes in home to internal, and remove organization flow

* Adjusting flow of login and add Workspace context

* Added select workspace in side menu

* Added list to all workspaces

* Rename organization to workspace

* Added modal to create new workspace

* Rename 'user' to 'member' and adjusting styles in modal of create workspace

* Added option to delete a workspace, and remove the Company Context

* Added edit option to workspaces

* Adjusting formatHumanDate and clear input when create new workspace

* Added option to manager tokens of workspace

* Added option to handler users of worspace

* Alter template of email to workspace

* Removing old screen of Users

* Fix bug when update company to description empty not update

* Added warning flash message and fix when no have a repository

* Added empty message of counters

Co-authored-by: Wilian Gabriel <[email protected]>

* Alter localhost to 127.0.0.1 and add Linkify in vulnerabilities details (#231)

* Updating how to (#232)

* Update e2e tests and remove examples zips to root directory (#220)

* Adding e2e tests in windows, macos, linux images

* Adding e2e tests in windows, macos, linux images

* Fiz unzip to usage in others operational systems

* Fiz unzip to usage in others operational systems

* Change e2e to usage binary

* Test e2e

* Test e2e and move examples to root directory

* Test e2e

* Test e2e

* Test e2e

* test e2e

* Fix tests

* Fix tests

* Fix tests

* Fix pipeline

* Fix pipeline

* Fix tests

* Remove README

* Fix fmt lint

* Fix tets

* Update horusec-config

* Merge with master

* Feature/information severity (#240)

* Adding cli flag to enable and disable information vulnerabilities

* Adding I flag

* Removing info vulnerabilities when flag is not set

* Fixing some errors

* Updating readme

* [WIP]Feature/ldap-logs (#239)

* Adding ldap logs

* Updating horusec config

* Adding filter log ldap

* Update deploy-service.yml (#245)

* Revert "Update deploy-service.yml (#245)" (#247)

This reverts commit 92101578dae712760da27ca0b6ec203be19fdccb.

* Bugfix/fix generics bugs (#236)

* Merge branch 'master' of github.com:ZupIT/horusec into develop

* Fixing semgrep parsing error

* Update main

* Fixing when tool is to ignore set tool finished

* Fixing .git ignore and java commit authors

* Fixing unity tests

* Adding logic to split files into leaks analysis

* Fix formatter of leaks

* Fix gomod and gosum

Co-authored-by: nathan <[email protected]>

* Remove unnecessary logs

* Fix version and get config file

* Fixing disabled docker error (#249)

* Improvements (#254)

* Adding improvements on logs with level

* Remove CLI enum of devkit

* Move use cases from devkit to specific micro services

* Replace name of generate sha256 hash

* Remove unused utils from devkit and move enums to specific microservices

* Fix lint

* Fix security

* Fix coverage

* Fix coverage

* Fix security

* Added input to select a fixed period or custom range (#255)

Co-authored-by: Wilian Gabriel <[email protected]>

* [skip ci] update versioning file (#260)

* Feature/ldap (#252)

* Fixing disabled docker error

* Updating ldap to save user groups in jwt token

* Updating ldap version

* Adding possibility of custom fields in group search

* Fixing lint and tests

* Fix fmt lint

* Updating docs

* Fixing pipeline errors

Co-authored-by: Wilian Gabriel <[email protected]>

* [skip ci] update versioning file

* Feature/removing sensitive logs (#261)

* Fixing disabled docker error

* Removing sensitive log from http requests

* Bugfix/ldap (#262)

* Fixing disabled docker error

* Fixing some ldap errors

* Bugfix/ldap (#265)

* Fixing disabled docker error

* Fixing some ldap errors

* Updating composes and auth env variables

* Feature/microsoft ldap (#271)

* Fixing disabled docker error

* Improving ldap service

* Removing to lower

* Adding group search by member dn

* Updating composes and user filter env var

* Updating false positives

* Updating composes

* Fixing ldap errors

* Fixing lint and tests

* Hidden invite user of repositories and workspace when authType is Ldap (#274)

Co-authored-by: Lucas Bruno <[email protected]>

* Dart (#266)

* Start dart structure

* Start dart structure

* Fix pipeline

* Update cli to run horusec dart

* Update languages in horusec-cli to horusec-api

* Adding some rules in dart for logs, cripto and xss

* Fix fmt lint

* Fix fmt lint

* Adding more rules of dart

* Fix fmt lint test

* Update e2e

* Adding rules of shell, xxe, origins, week cripto

* Fix fmt litn

* Fix regex wrong

* Update docs

* Fix coverage

* Add dart language in the frontend charts colors

* Fix fmt lint and merge with develop

Co-authored-by: lucas.bruno <[email protected]>

* [WIP]Bugfix/ldap search by member (#277)

* Fixing disabled docker error

* Removing member of and replacing with search by member in group

* Improving variable names

* Feature/improvements cli (#279)

* Adding warn log when info is disabled and update engines to run max units by analysis

* Adding const values for engine usage

Co-authored-by: Nathan Tavares Nascimento <[email protected]>

* Feature/updating docs (#278)

* Fixing disabled docker error

* Removing ldap group log

* Updating ldap docs

* Feature/ldap list (#284)

* Fixing disabled docker error

* Removing ldap group log

* Improving account app config and removing config data from request context, improving company list to support ldap

* Updating repository list to get by ldap groups

* Fixing unity testes

* Fixing unity unit tests and lint errors

* Adding account depends on auth in composes

* Adding port on compose

* Adding validation to admin ldap group, now its needed to by a valid one

* Improving ldap error messsage

* Adding validation to update with ldap

* Add message in the manager for invalid ldap group

* Fixing some errors

* Fixing unity tests

* Added messa ldap group error in eng language

Co-authored-by: Wilian Gabriel <[email protected]>
Co-authored-by: lucas.bruno <[email protected]>

* Dashboard load data from the beginning (#285)

* Adjusting filters to load dashboard with the from the beginning data

* Fixing test in analytic

* [skip ci] update versioning file

* Feature/improving formatters (#287)

* Fixing disabled docker error

* Removing ldap group log

* Improving npm and yarn formatters

* Adding shell support (#288)

* Adding shell support

* Fix fmt and lint

* Fix tests

* Update shell script to prevent vulnerabilities and errors

* Update README.md (#291)

* Added elixir and shell colors in languages of dashboard (#294)

* Hotfix/backend urls (#293)

* Updating account routers

* Updating analytic routers

* Updating auth routers

* Updating messages routers

* Updating webhook routers

* Updating front end account service

* Updating front end analytic service

* Updating front end company service

* Updating front end repository service

* Updating front end webhook service

* Fixing front-end lint

* Fixing endpoint error

* Fixing tests

* Fixing tests

* Fixing tests

* Fixing e2e tests

* Fixing tokens url

* Fixing e2e tests

Co-authored-by: nathanmartinszup <[email protected]>

* [skip ci] update versioning file

* Feature/elixir (#289)

* Fixing disabled docker error

* Removing ldap group log

* Adding elixir mix audit tool

* Adding missing license

* Adding mixaudit unity tests

* Fixing docs

* Adding elixir sobelow formatter

* Fixing unity tests

* Adding validation to not phoenix application

* Fixing some errors

* Adding license

* Fixing some merge errors

* Fixing unity tests

* Fixing error when invalid output

* Updating develop with master (#310)

* Adding ldap health check (#303)

* Adding ldap health check

* Adding functions arguments

* Fixing tests

* Fixing mock

* Fixing typo

* Fixing lint

* Improving ldap Check fn

* Updating ldap check

* Improving ldap health check

* Adding auth ldap health check test

* Changing ldap check to follow the others health check patterns

* Fixing pipeline errors

Co-authored-by: nathanmartinszup <[email protected]>

* Adding repository authz groups from company (#309)

* Adding repository authz groups from company

* Improving code

* Fixing lint problem

Co-authored-by: nathannascimentozup <[email protected]>

* Feature/elixir example (#308)

* Fixing disabled docker error

* Removing ldap group log

* Adding elixir example and e2e

* Fixing e2e test

* Bugfix/ldap lists (#301)

* Fixing disabled docker error

* Removing ldap group log

* Changing ldap groups to array

* Updating swagger with the new routes

* Fixing lint and code errors

* Fixing error in workspace roles when ldap

* Updating repositories list when ldap

* Improving queries to list companies and repositories

* Sqlite3 dont suport text array type

* Adding missing account tests

* Fixing unity tests

* Fixing tests

* Fixing unity tests

* Fixing tests

* Updating coverage

* Fixing error in list repositories

* WIP: Updating workspace groups

* Fixing lint problems

* Fixing ldap groups in workspace

* Added ldap gorups for repository

* Adjusting margin in workspace input ldap group

* Fixing pipelines

* Fixing pipelines

* Fixing pipeline error

* Fixing pipeline error

* Fixing pipelines

* Fixing pipeline e2e errors

Co-authored-by: Nathan Tavares Nascimento <[email protected]>
Co-authored-by: lucas.bruno <[email protected]>

* Bugfix/develop bugs (#313)

* Fixing disabled docker error

* Removing ldap group log

* Fixing errors in migrations

* Bugfix/develop bugs (#314)

* Fixing disabled docker error

* Removing ldap group log

* Fixing errors in migrations

* Fixing error in elixir analisis validation when sent to the server

* Fix bind ports

* Update docs

* Update docs

* Fix develop

Co-authored-by: Lucas Bruno <[email protected]>
Co-authored-by: nathanmartinszup <[email protected]>
Co-authored-by: nathannascimentozup <[email protected]>
Co-authored-by: nathan <[email protected]>
Co-authored-by: lucas.bruno <[email protected]>
Co-authored-by: Nathan Tavares Nascimento <[email protected]>

* Develop (#318)

* Frontend - MomentJS replacement with date-fns (#211)

* Added package of date-fns

* Removing moment of packagejson and replace all ocurrences in the code

* Feature/grpc health check (#213)

* Adding auth grpc health check

* Adding client grpc services health check and improving middleware logs

* Register grpc health check server

* Adding grpc health check and unity tests

* Update and refactor config of CLI (#214)

* Update and refactor config of CLI

* Update name

* Update hash horusec-config.json

* Adding config to configure tools (#217)

* Adding config to configure tools

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix

* Adding tests

* Adding tests

* Fix

* Add tests on parse viper data to struct

* Update horusec-cli/config/.example-horusec-cli-new.json

Co-authored-by: nathannascimentozup <[email protected]>

* Fix config tests

Co-authored-by: nathannascimentozup <[email protected]>

* Get viper file config path and setup on command start initialize (#219)

* Get viper file config path and setup on command start initialize

* Fix config name

* Fix tests and lint

* Master (#226)

* Develop (#224)

* Frontend - MomentJS replacement with date-fns (#211)

* Added package of date-fns

* Removing moment of packagejson and replace all ocurrences in the code

* Feature/grpc health check (#213)

* Adding auth grpc health check

* Adding client grpc services health check and improving middleware logs

* Register grpc health check server

* Adding grpc health check and unity tests

* Update and refactor config of CLI (#214)

* Update and refactor config of CLI

* Update name

* Update hash horusec-config.json

* Adding config to configure tools (#217)

* Adding config to configure tools

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix

* Adding tests

* Adding tests

* Fix

* Add tests on parse viper data to struct

* Update horusec-cli/config/.example-horusec-cli-new.json

Co-authored-by: nathannascimentozup <[email protected]>

* Fix config tests

Co-authored-by: nathannascimentozup <[email protected]>

* Get viper file config path and setup on command start initialize (#219)

* Get viper file config path and setup on command start initialize

* Fix config name

* Fix tests and lint

Co-authored-by: Lucas Bruno <[email protected]>
Co-authored-by: nathanmartinszup <[email protected]>
Co-authored-by: Wilian Gabriel <[email protected]>

* [skip ci] update versioning file (#225)

Co-authored-by: nathannascimentozup <[email protected]>
Co-authored-by: Lucas Bruno <[email protected]>
Co-authored-by: nathanmartinszup <[email protected]>

* Frontend workspaces flow (#218)

* Change the routes in home to internal, and remove organization flow

* Adjusting flow of login and add Workspace context

* Added select workspace in side menu

* Added list to all workspaces

* Rename organization to workspace

* Added modal to create new workspace

* Rename 'user' to 'member' and adjusting styles in modal of create workspace

* Added option to delete a workspace, and remove the Company Context

* Added edit option to workspaces

* Adjusting formatHumanDate and clear input when create new workspace

* Added option to manager tokens of workspace

* Added option to handler users of worspace

* Alter template of email to workspace

* Removing old screen of Users

* Fix bug when update company to description empty not update

Co-authored-by: Wilian Gabriel <[email protected]>

* Feature/dynamic vulnerabilities (#215)

* Removing docker from horusec clis

* Improving cli formatters

* Improving horusec rules code

* Adding engine analises calls in formatters

* Fixing unity tests

* Updating coverage

* Fixing pipeline errors

* Fixing error in hash generation

* Adding possibility to run horusec without docker

* Updating formatters service mock

* Adding custom rules option in horusec cli

* Adding cli custom rules unity tests

* Adding how to add custom rules

* Updating docs

* Fixing cli unity tests

* Updating coverage cli

* Updating flags cli

* Fixing pipeline

* Fixing config file

* Updating config hashes

* Updating docs and improving code

* Fixing lint

* Updating pipeline

* Adding repository name when repository name flag is empty (#228)

* Adding repository name when repository name flag is empty

* Improving code

* Fixing pipeline

* Improvements in workspace (#229)

* Change the routes in home to internal, and remove organization flow

* Adjusting flow of login and add Workspace context

* Added select workspace in side menu

* Added list to all workspaces

* Rename organization to workspace

* Added modal to create new workspace

* Rename 'user' to 'member' and adjusting styles in modal of create workspace

* Added option to delete a workspace, and remove the Company Context

* Added edit option to workspaces

* Adjusting formatHumanDate and clear input when create new workspace

* Added option to manager tokens of workspace

* Added option to handler users of worspace

* Alter template of email to workspace

* Removing old screen of Users

* Fix bug when update company to description empty not update

* Added warning flash message and fix when no have a repository

* Added empty message of counters

Co-authored-by: Wilian Gabriel <[email protected]>

* Alter localhost to 127.0.0.1 and add Linkify in vulnerabilities details (#231)

* Updating how to (#232)

* Update e2e tests and remove examples zips to root directory (#220)

* Adding e2e tests in windows, macos, linux images

* Adding e2e tests in windows, macos, linux images

* Fiz unzip to usage in others operational systems

* Fiz unzip to usage in others operational systems

* Change e2e to usage binary

* Test e2e

* Test e2e and move examples to root directory

* Test e2e

* Test e2e

* Test e2e

* test e2e

* Fix tests

* Fix tests

* Fix tests

* Fix pipeline

* Fix pipeline

* Fix tests

* Remove README

* Fix fmt lint

* Fix tets

* Update horusec-config

* Merge with master

* Feature/information severity (#240)

* Adding cli flag to enable and disable information vulnerabilities

* Adding I flag

* Removing info vulnerabilities when flag is not set

* Fixing some errors

* Updating readme

* [WIP]Feature/ldap-logs (#239)

* Adding ldap logs

* Updating horusec config

* Adding filter log ldap

* Update deploy-service.yml (#245)

* Revert "Update deploy-service.yml (#245)" (#247)

This reverts commit 92101578dae712760da27ca0b6ec203be19fdccb.

* Bugfix/fix generics bugs (#236)

* Merge branch 'master' of github.com:ZupIT/horusec into develop

* Fixing semgrep parsing error

* Update main

* Fixing when tool is to ignore set tool finished

* Fixing .git ignore and java commit authors

* Fixing unity tests

* Adding logic to split files into leaks analysis

* Fix formatter of leaks

* Fix gomod and gosum

Co-authored-by: nathan <[email protected]>

* Remove unnecessary logs

* Fix version and get config file

* Fixing disabled docker error (#249)

* Improvements (#254)

* Adding improvements on logs with level

* Remove CLI enum of devkit

* Move use cases from devkit to specific micro services

* Replace name of generate sha256 hash

* Remove unused utils from devkit and move enums to specific microservices

* Fix lint

* Fix security

* Fix coverage

* Fix coverage

* Fix security

* Added input to select a fixed period or custom range (#255)

Co-authored-by: Wilian Gabriel <[email protected]>

* [skip ci] update versioning file (#260)

* Feature/ldap (#252)

* Fixing disabled docker error

* Updating ldap to save user groups in jwt token

* Updating ldap version

* Adding possibility of custom fields in group search

* Fixing lint and tests

* Fix fmt lint

* Updating docs

* Fixing pipeline errors

Co-authored-by: Wilian Gabriel <[email protected]>

* [skip ci] update versioning file

* Feature/removing sensitive logs (#261)

* Fixing disabled docker error

* Removing sensitive log from http requests

* Bugfix/ldap (#262)

* Fixing disabled docker error

* Fixing some ldap errors

* Bugfix/ldap (#265)

* Fixing disabled docker error

* Fixing some ldap errors

* Updating composes and auth env variables

* Feature/microsoft ldap (#271)

* Fixing disabled docker error

* Improving ldap service

* Removing to lower

* Adding group search by member dn

* Updating composes and user filter env var

* Updating false positives

* Updating composes

* Fixing ldap errors

* Fixing lint and tests

* Hidden invite user of repositories and workspace when authType is Ldap (#274)

Co-authored-by: Lucas Bruno <[email protected]>

* Dart (#266)

* Start dart structure

* Start dart structure

* Fix pipeline

* Update cli to run horusec dart

* Update languages in horusec-cli to horusec-api

* Adding some rules in dart for logs, cripto and xss

* Fix fmt lint

* Fix fmt lint

* Adding more rules of dart

* Fix fmt lint test

* Update e2e

* Adding rules of shell, xxe, origins, week cripto

* Fix fmt litn

* Fix regex wrong

* Update docs

* Fix coverage

* Add dart language in the frontend charts colors

* Fix fmt lint and merge with develop

Co-authored-by: lucas.bruno <[email protected]>

* [WIP]Bugfix/ldap search by member (#277)

* Fixing disabled docker error

* Removing member of and replacing with search by member in group

* Improving variable names

* Feature/improvements cli (#279)

* Adding warn log when info is disabled and update engines to run max units by analysis

* Adding const values for engine usage

Co-authored-by: Nathan Tavares Nascimento <[email protected]>

* Feature/updating docs (#278)

* Fixing disabled docker error

* Removing ldap group log

* Updating ldap docs

* Feature/ldap list (#284)

* Fixing disabled docker error

* Removing ldap group log

* Improving account app config and removing config data from request context, improving company list to support ldap

* Updating repository list to get by ldap groups

* Fixing unity testes

* Fixing unity unit tests and lint errors

* Adding account depends on auth in composes

* Adding port on compose

* Adding validation to admin ldap group, now its needed to by a valid one

* Improving ldap error messsage

* Adding validation to update with ldap

* Add message in the manager for invalid ldap group

* Fixing some errors

* Fixing unity tests

* Added messa ldap group error in eng language

Co-authored-by: Wilian Gabriel <[email protected]>
Co-authored-by: lucas.bruno <[email protected]>

* Dashboard load data from the beginning (#285)

* Adjusting filters to load dashboard with the from the beginning data

* Fixing test in analytic

* [skip ci] update versioning file

* Feature/improving formatters (#287)

* Fixing disabled docker error

* Removing ldap group log

* Improving npm and yarn formatters

* Adding shell support (#288)

* Adding shell support

* Fix fmt and lint

* Fix tests

* Update shell script to prevent vulnerabilities and errors

* Update README.md (#291)

* Added elixir and shell colors in languages of dashboard (#294)

* Hotfix/backend urls (#293)

* Updating account routers

* Updating analytic routers

* Updating auth routers

* Updating messages routers

* Updating webhook routers

* Updating front end account service

* Updating front end analytic service

* Updating front end company service

* Updating front end repository service

* Updating front end webhook service

* Fixing front-end lint

* Fixing endpoint error

* Fixing tests

* Fixing tests

* Fixing tests

* Fixing e2e tests

* Fixing tokens url

* Fixing e2e tests

Co-authored-by: nathanmartinszup <[email protected]>

* [skip ci] update versioning file

* Feature/elixir (#289)

* Fixing disabled docker error

* Removing ldap group log

* Adding elixir mix audit tool

* Adding missing license

* Adding mixaudit unity tests

* Fixing docs

* Adding elixir sobelow formatter

* Fixing unity tests

* Adding validation to not phoenix application

* Fixing some errors

* Adding license

* Fixing some merge errors

* Fixing unity tests

* Fixing error when invalid output

* Updating develop with master (#310)

* Adding ldap health check (#303)

* Adding ldap health check

* Adding functions arguments

* Fixing tests

* Fixing mock

* Fixing typo

* Fixing lint

* Improving ldap Check fn

* Updating ldap check

* Improving ldap health check

* Adding auth ldap health check test

* Changing ldap check to follow the others health check patterns

* Fixing pipeline errors

Co-authored-by: nathanmartinszup <[email protected]>

* Adding repository authz groups from company (#309)

* Adding repository authz groups from company

* Improving code

* Fixing lint problem

Co-authored-by: nathannascimentozup <[email protected]>

* Feature/elixir example (#308)

* Fixing disabled docker error

* Removing ldap group log

* Adding elixir example and e2e

* Fixing e2e test

* Bugfix/ldap lists (#301)

* Fixing disabled docker error

* Removing ldap group log

* Changing ldap groups to array

* Updating swagger with the new routes

* Fixing lint and code errors

* Fixing error in workspace roles when ldap

* Updating repositories list when ldap

* Improving queries to list companies and repositories

* Sqlite3 dont suport text array type

* Adding missing account tests

* Fixing unity tests

* Fixing tests

* Fixing unity tests

* Fixing tests

* Updating coverage

* Fixing error in list repositories

* WIP: Updating workspace groups

* Fixing lint problems

* Fixing ldap groups in workspace

* Added ldap gorups for repository

* Adjusting margin in workspace input ldap group

* Fixing pipelines

* Fixing pipelines

* Fixing pipeline error

* Fixing pipeline error

* Fixing pipelines

* Fixing pipeline e2e errors

Co-authored-by: Nathan Tavares Nascimento <[email protected]>
Co-authored-by: lucas.bruno <[email protected]>

* Bugfix/develop bugs (#313)

* Fixing disabled docker error

* Removing ldap group log

* Fixing errors in migrations

* Bugfix/develop bugs (#314)

* Fixing disabled docker error

* Removing ldap group log

* Fixing errors in migrations

* Fixing error in elixir analisis validation when sent to the server

* Fix bind ports

* Update docs

* Update docs

* Fix develop

Co-authored-by: Lucas Bruno <[email protected]>
Co-authored-by: nathanmartinszup <[email protected]>
Co-authored-by: nathannascimentozup <[email protected]>
Co-authored-by: nathan <[email protected]>
Co-authored-by: lucas.bruno <[email protected]>
Co-authored-by: Nathan Tavares Nascimento <[email protected]>

* Fixing error in lists (#320)

* Fixing error in lists

* [skip ci] update versioning file

Co-authored-by: Wilian Gabriel <[email protected]>

Co-authored-by: Lucas Bruno <[email protected]>
Co-authored-by: nathanmartinszup <[email protected]>
Co-authored-by: nathannascimentozup <[email protected]>
Co-authored-by: nathan <[email protected]>
Co-authored-by: lucas.bruno <[email protected]>
Co-authored-by: Nathan Tavares Nascimento <[email protected]>

* Master (#330)

* Develop (#316)

* Frontend - MomentJS replacement with date-fns (#211)

* Added package of date-fns

* Removing moment of packagejson and replace all ocurrences in the code

* Feature/grpc health check (#213)

* Adding auth grpc health check

* Adding client grpc services health check and improving middleware logs

* Register grpc health check server

* Adding grpc health check and unity tests

* Update and refactor config of CLI (#214)

* Update and refactor config of CLI

* Update name

* Update hash horusec-config.json

* Adding config to configure tools (#217)

* Adding config to configure tools

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix

* Adding tests

* Adding tests

* Fix

* Add tests on parse viper data to struct

* Update horusec-cli/config/.example-horusec-cli-new.json

Co-authored-by: nathannascimentozup <[email protected]>

* Fix config tests

Co-authored-by: nathannascimentozup <[email protected]>

* Get viper file config path and setup on command start initialize (#219)

* Get viper file config path and setup on command start initialize

* Fix config name

* Fix tests and lint

* Master (#226)

* Develop (#224)

* Frontend - MomentJS replacement with date-fns (#211)

* Added package of date-fns

* Removing moment of packagejson and replace all ocurrences in the code

* Feature/grpc health check (#213)

* Adding auth grpc health check

* Adding client grpc services health check and improving middleware logs

* Register grpc health check server

* Adding grpc health check and unity tests

* Update and refactor config of CLI (#214)

* Update and refactor config of CLI

* Update name

* Update hash horusec-config.json

* Adding config to configure tools (#217)

* Adding config to configure tools

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix

* Adding tests

* Adding tests

* Fix

* Add tests on parse viper data to struct

* Update horusec-cli/config/.example-horusec-cli-new.json

Co-authored-by: nathannascimentozup <[email protected]>

* Fix config tests

Co-authored-by: nathannascimentozup <[email protected]>

* Get viper file config path and setup on command start initialize (#219)

* Get viper file config path and setup on command start initialize

* Fix config name

* Fix tests and lint

Co-authored-by: Lucas Bruno <[email protected]>
Co-authored-by: nathanmartinszup <[email protected]>
Co-authored-by: Wilian Gabriel <[email protected]>

* [skip ci] update versioning file (#225)

Co-authored-by: nathannascimentozup <[email protected]>
Co-authored-by: Lucas Bruno <[email protected]>
Co-authored-by: nathanmartinszup <[email protected]>

* Frontend workspaces flow (#218)

* Change the routes in home to internal, and remove organization flow

* Adjusting flow of login and add Workspace context

* Added select workspace in side menu

* Added list to all workspaces

* Rename organization to workspace

* Added modal to create new workspace

* Rename 'user' to 'member' and adjusting styles in modal of create workspace

* Added option to delete a workspace, and remove the Company Context

* Added edit option to workspaces

* Adjusting formatHumanDate and clear input when create new workspace

* Added option to manager tokens of workspace

* Added option to handler users of worspace

* Alter template of email to workspace

* Removing old screen of Users

* Fix bug when update company to description empty not update

Co-authored-by: Wilian Gabriel <[email protected]>

* Feature/dynamic vulnerabilities (#215)

* Removing docker from horusec clis

* Improving cli formatters

* Improving horusec rules code

* Adding engine analises calls in formatters

* Fixing unity tests

* Updating coverage

* Fixing pipeline errors

* Fixing error in hash generation

* Adding possibility to run horusec without docker

* Updating formatters service mock

* Adding custom rules option in horusec cli

* Adding cli custom rules unity tests

* Adding how to add custom rules

* Updating docs

* Fixing cli unity tests

* Updating coverage cli

* Updating flags cli

* Fixing pipeline

* Fixing config file

* Updating config hashes

* Updating docs and improving code

* Fixing lint

* Updating pipeline

* Adding repository name when repository name flag is empty (#228)

* Adding repository name when repository name flag is empty

* Improving code

* Fixing pipeline

* Improvements in workspace (#229)

* Change the routes in home to internal, and remove organization flow

* Adjusting flow of login and add Workspace context

* Added select workspace in side menu

* Added list to all workspaces

* Rename organization to workspace

* Added modal to create new workspace

* Rename 'user' to 'member' and adjusting styles in modal of create workspace

* Added option to delete a workspace, and remove the Company Context

* Added edit option to workspaces

* Adjusting formatHumanDate and clear input when create new workspace

* Added option to manager tokens of workspace

* Added option to handler users of worspace

* Alter template of email to workspace

* Removing old screen of Users

* Fix bug when update company to description empty not update

* Added warning flash message and fix when no have a repository

* Added empty message of counters

Co-authored-by: Wilian Gabriel <[email protected]>

* Alter localhost to 127.0.0.1 and add Linkify in vulnerabilities details (#231)

* Updating how to (#232)

* Update e2e tests and remove examples zips to root directory (#220)

* Adding e2e tests in windows, macos, linux images

* Adding e2e tests in windows, macos, linux images

* Fiz unzip to usage in others operational systems

* Fiz unzip to usage in others operational systems

* Change e2e to usage binary

* Test e2e

* Test e2e and move examples to root directory

* Test e2e

* Test e2e

* Test e2e

* test e2e

* Fix tests

* Fix tests

* Fix tests

* Fix pipeline

* Fix pipeline

* Fix tests

* Remove README

* Fix fmt lint

* Fix tets

* Update horusec-config

* Merge with master

* Feature/information severity (#240)

* Adding cli flag to enable and disable information vulnerabilities

* Adding I flag

* Removing info vulnerabilities when flag is not set

* Fixing some errors

* Updating readme

* [WIP]Feature/ldap-logs (#239)

* Adding ldap logs

* Updating horusec config

* Adding filter log ldap

* Update deploy-service.yml (#245)

* Revert "Update deploy-service.yml (#245)" (#247)

This reverts commit 92101578dae712760da27ca0b6ec203be19fdccb.

* Bugfix/fix generics bugs (#236)

* Merge branch 'master' of github.com:ZupIT/horusec into develop

* Fixing semgrep parsing error

* Update main

* Fixing when tool is to ignore set tool finished

* Fixing .git ignore and java commit authors

* Fixing unity tests

* Adding logic to split files into leaks analysis

* Fix formatter of leaks

* Fix gomod and gosum

Co-authored-by: nathan <[email protected]>

* Remove unnecessary logs

* Fix version and get config file

* Fixing disabled docker error (#249)

* Improvements (#254)

* Adding improvements on logs with level

* Remove CLI enum of devkit

* Move use cases from devkit to specific micro services

* Replace name of generate sha256 hash

* Remove unused utils from devkit and move enums to specific microservices

* Fix lint

* Fix security

* Fix coverage

* Fix coverage

* Fix security

* Added input to select a fixed period or custom range (#255)

Co-authored-by: Wilian Gabriel <[email protected]>

* [skip ci] update versioning file (#260)

* Feature/ldap (#252)

* Fixing disabled docker error

* Updating ldap to save user groups in jwt token

* Updating ldap version

* Adding possibility of custom fields in group search

* Fixing lint and tests

* Fix fmt lint

* Updating docs

* Fixing pipeline errors

Co-authored-by: Wilian Gabriel <[email protected]>

* [skip ci] update versioning file

* Feature/removing sensitive logs (#261)

* Fixing disabled docker error

* Removing sensitive log from http requests

* Bugfix/ldap (#262)

* Fixing disabled docker error

* Fixing some ldap errors

* Bugfix/ldap (#265)

* Fixing disabled docker error

* Fixing some ldap errors

* Updating composes and auth env variables

* Feature/microsoft ldap (#271)

* Fixing disabled docker error

* Improving ldap service

* Removing to lower

* Adding group search by member dn

* Updating composes and user filter env var

* Updating false positives

* Updating composes

* Fixing ldap errors

* Fixing lint and tests

* Hidden invite user of repositories and workspace when authType is Ldap (#274)

Co-authored-by: Lucas Bruno <[email protected]>

* Dart (#266)

* Start dart structure

* Start dart structure

* Fix pipeline

* Update cli to run horusec dart

* Update languages in horusec-cli to horusec-api

* Adding some rules in dart for logs, cripto and xss

* Fix fmt lint

* Fix fmt lint

* Adding more rules of dart

* Fix fmt lint test

* Update e2e

* Adding rules of shell, xxe, origins, week cripto

* Fix fmt litn

* Fix regex wrong

* Update docs

* Fix coverage

* Add dart language in the frontend charts colors

* Fix fmt lint and merge with develop

Co-authored-by: lucas.bruno <[email protected]>

* [WIP]Bugfix/ldap search by member (#277)

* Fixing disabled docker error

* Removing member of and replacing with search by member in group

* Improving variable names

* Feature/improvements cli (#279)

* Adding warn log when info is disabled and update engines to run max units by analysis

* Adding const values for engine usage

Co-authored-by: Nathan Tavares Nascimento <[email protected]>

* Feature/updating docs (#278)

* Fixing disabled docker error

* Removing ldap group log

* Updating ldap docs

* Feature/ldap list (#284)

* Fixing disabled docker error

* Removing ldap group log

* Improving account app config and removing config data from request context, improving company list to support ldap

* Updating repository list to get by ldap groups

* Fixing unity testes

* Fixing unity unit tests and lint errors

* Adding account depends on auth in composes

* Adding port on compose

* Adding validation to admin ldap group, now its needed to by a valid one

* Improving ldap error messsage

* Adding validation to update with ldap

* Add message in the manager for invalid ldap group

* Fixing some errors

* Fixing unity tests

* Added messa ldap group error in eng language

Co-authored-by: Wilian Gabriel <[email protected]>
Co-authored-by: lucas.bruno <[email protected]>

* Dashboard load data from the beginning (#285)

* Adjusting filters to load dashboard with the from the beginning data

* Fixing test in analytic

* [skip ci] update versioning file

* Feature/improving formatters (#287)

* Fixing disabled docker error

* Removing ldap group log

* Improving npm and yarn formatters

* Adding shell support (#288)

* Adding shell support

* Fix fmt and lint

* Fix tests

* Update shell script to prevent vulnerabilities and errors

* Update README.md (#291)

* Added elixir and shell colors in languages of dashboard (#294)

* Hotfix/backend urls (#293)

* Updating account routers

* Updating analytic routers

* Updating auth routers

* Updating messages routers

* Updating webhook routers

* Updating front end account service

* Updating front end analytic service

* Updating front end company service

* Updating front end repository service

* Updating front end webhook service

* Fixing front-end lint

* Fixing endpoint error

* Fixing tests

* Fixing tests

* Fixing tests

* Fixing e2e tests

* Fixing tokens url

* Fixing e2e tests

Co-authored-by: nathanmartinszup <[email protected]>

* [skip ci] update versioning file

* Feature/elixir (#289)

* Fixing disabled docker error

* Removing ldap group log

* Adding elixir mix audit tool

* Adding missing license

* Adding mixaudit unity tests

* Fixing docs

* Adding elixir sobelow formatter

* Fixing unity tests

* Adding validation to not phoenix application

* Fixing some errors

* Adding license

* Fixing some merge errors

* Fixing unity tests

* Fixing error when invalid output

* Updating develop with master (#310)

* Adding ldap health check (#303)

* Adding ldap health check

* Adding functions arguments

* Fixing tests

* Fixing mock

* Fixing typo

* Fixing lint

* Improving ldap Check fn

* Updating ldap check

* Improving ldap health check

* Adding auth ldap health check test

* Changing ldap check to follow the others health check patterns

* Fixing pipeline errors

Co-authored-by: nathanmartinszup <[email protected]>

* Adding repository authz groups from company (#309)

* Adding repository authz groups from company

* Improving code

* Fixing lint problem

Co-authored-by: nathannascimentozup <[email protected]>

* Feature/elixir example (#308)

* Fixing disabled docker error

* Removing ldap group log

* Adding elixir example and e2e

* Fixing e2e test

* Bugfix/ldap lists (#301)

* Fixing disabled docker error

* Removing ldap group log

* Changing ldap groups to array

* Updating swagger with the new routes

* Fixing lint and code errors

* Fixing error in workspace roles when ldap

* Updating repositories list when ldap

* Improving queries to list companies and repositories

* Sqlite3 dont suport text array type

* Adding missing account tests

* Fixing unity tests

* Fixing tests

* Fixing unity tests

* Fixing tests

* Updating coverage

* Fixing error in list repositories

* WIP: Updating workspace groups

* Fixing lint problems

* Fixing ldap groups in workspace

* Added ldap gorups for repository

* Adjusting margin in workspace input ldap group

* Fixing pipelines

* Fixing pipelines

* Fixing pipeline error

* Fixing pipeline error

* Fixing pipelines

* Fixing pipeline e2e errors

Co-authored-by: Nathan Tavares Nascimento <[email protected]>
Co-authored-by: lucas.bruno <[email protected]>

* Bugfix/develop bugs (#313)

* Fixing disabled docker error

* Removing ldap group log

* Fixing errors in migrations

* Bugfix/develop bugs (#314)

* Fixing disabled docker error

* Removing ldap group log

* Fixing errors in migrations

* Fixing error in elixir analisis validation when sent to the server

* Fix bind ports

* Update docs

* Update docs

Co-authored-by: Lucas Bruno <[email protected]>
Co-authored-by: nathanmartinszup <[email protected]>
Co-authored-by: nathannascimentozup <[email protected]>
Co-authored-by: nathan <[email protected]>
Co-authored-by: lucas.bruno <[email protected]>
Co-authored-by: Nathan Tavares Nascimento <[email protected]>

* Develop (#317)

* Frontend - MomentJS replacement with date-fns (#211)

* Added package of date-fns

* Removing moment of packagejson and replace all ocurrences in the code

* Feature/grpc health check (#213)

* Adding auth grpc health check

* Adding client grpc services health check and improving middleware logs

* Register grpc health check server

* Adding grpc health check and unity tests

* Update and refactor config of CLI (#214)

* Update and refactor config of CLI

* Update name

* Update hash horusec-config.json

* Adding config to configure tools (#217)

* Adding config to configure tools

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix fmt lint and tests

* Fix

* Adding tests

* Adding tests

* Fix

* Add tests on parse viper data to struct

* Update horusec-cli/config/.example-horusec-cli-new.json

Co-authored-by: nathannascimentozup <[email protected]>

* Fix config tests

Co-authored-by: nathannasc…

.github/CODEOWNERS

@@ -1,3 +1,4 @@
 # GitHub code owners
 # See https://github.com/blog/2392-introducing-code-owners
-* @wiliansilvazup @nathannascimentozup @igorreiszup @lucasbrunozup @nathanmartinszup
+* @wiliansilvazup @nathannascimentozup @igorreiszup @lucasbrunozup @nathanmartinszup @tiagoangelozup @lucasgarciazup
+

HOWTO.md

@@ -382,7 +382,7 @@ Check the following table to get to know more about each field.
 | ID              | Random UUID that will be used to identify the vulnerability, your rules should not duplicate this id.                                                                                  |
 | Name            | String with the name of the vulnerability.                                                                                                                                             |
 | Description     | String with the description of the vulnerability.                                                                                                                                      |
-| Severity        | String with the severity of the vulnerability with the possible values: (INFO, AUDIT, LOW, MEDIUM, HIGH).                                                                              |
+| Severity        | String with the severity of the vulnerability with the possible values: (INFO, UNKNOWN, LOW, MEDIUM, HIGH, CRITICAL).																   |
 | Confidence      | String with the confidence of the vulnerability report with the possible values: (LOW, MEDIUM, HIGH).                                                                                  |
 | Type            | String with the regex type containing these possible values: (Regular, OrMatch, AndMatch).                                                                                             |
 | Tool            | String with the tool where the rules is going to run containing these possible values: (HorusecCsharp, HorusecJava, HorusecKotlin, HorusecKubernetes, HorusecLeaks, HorusecNodejs).    |

Makefile

@@ -16,7 +16,7 @@ coverage-development-kit:
 	deployments/scripts/coverage.sh 78 "./development-kit"
 coverage-horusec-api:
 	chmod +x deployments/scripts/coverage.sh
-	deployments/scripts/coverage.sh 99 "./horusec-api"
+	deployments/scripts/coverage.sh 97 "./horusec-api"
 coverage-horusec-cli:
 	chmod +x deployments/scripts/coverage.sh
 	deployments/scripts/coverage.sh 89 "./horusec-cli"
@@ -59,10 +59,10 @@ coverage-horusec-dart:
 # Check lint of project setup on file .golangci.yml
 lint:
     ifeq ($(wildcard $(GOCILINT)), $(GOCILINT))
-		$(GOCILINT) run -v --timeout=2m -c .golangci.yml ./...
+		$(GOCILINT) run -v --timeout=5m -c .golangci.yml ./...
     else
 		curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.25.0
-		$(GOCILINT) run -v --timeout=2m -c .golangci.yml ./...
+		$(GOCILINT) run -v --timeout=5m -c .golangci.yml ./...
     endif
 
 # Run all tests of project but stop the execution on the first test fail
@@ -73,15 +73,15 @@ test-e2e-cli:
 	$(GO) get -v ./e2e/...
 	$(GO) get -v ./horusec-cli/...
 	$(GO) clean -testcache
-	$(GO) test -v ./e2e/cli/scan_languages/scan_languages_test.go -timeout=5m -parallel=1 -failfast
+	$(GO) test -v ./e2e/cli/scan_languages/scan_languages_test.go -timeout=10m -parallel=1 -failfast
 test-e2e-server-horusec: compose-e2e-server-horusec
 	$(GO) get -v ./e2e/...
 	$(GO) clean -testcache
 	$(GO) test -v ./e2e/server/horusec/... -timeout=5m -parallel=1 -failfast
 test-e2e-application-admin-horusec: compose-e2e-application-admin-horusec
 	$(GO) get -v ./e2e/...
 	$(GO) clean -testcache
-	$(GO) test -v ./e2e/application_admin/horusec/... -timeout=5m -parallel=1 -failfast
+	$(GO) test -v ./e2e/application_admin/horusec/... -timeout=10m -parallel=1 -failfast
 test-e2e-messages: compose-e2e-messages
 	$(GO) get -v ./e2e/...
 	$(GO) clean -testcache

deployments/scripts/migration-run.sh

@@ -21,22 +21,10 @@ POSTGRES_HOST="localhost"
 POSTGRES_PORT="5432"
 POSTGRES_DB_NAME="horusec_db"
 POSTGRES_SSL_MODE="disable"
-MIGRATE_TYPE=$1
-MIGRATE_NUMBERS=$2
 
-runMigration() {
-    if [[ -z "$MIGRATE_TYPE" ]]
-    then
-        echo "Migration type param not found. Setup default \"up\""
-        MIGRATE_TYPE="up"
-    fi
-
-    docker run --name migrate \
-        --rm -v "$(pwd)/$MIGRATION_PATH:/migrations" \
-        --network=container:postgresql migrate/migrate:v4.13.0 \
-        -path=/migrations/ \
-        -database postgres://$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOST:$POSTGRES_PORT/$POSTGRES_DB_NAME?sslmode=$POSTGRES_SSL_MODE \
-        $MIGRATE_TYPE "$MIGRATE_NUMBERS"
-}
-
-runMigration
+docker run --name migrate \
+    --rm -v "$(pwd)/$MIGRATION_PATH:/migrations" \
+    --network=container:postgresql migrate/migrate:v4.13.0 \
+    -path=/migrations/ \
+    -database postgres://$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOST:$POSTGRES_PORT/$POSTGRES_DB_NAME?sslmode=$POSTGRES_SSL_MODE \
+    "$@"

deployments/scripts/update-image-tool.sh

@@ -276,6 +276,9 @@ resetAlphaRcToMaster () {
 trap rollbackVersionInCliVersionFile SIGINT
 trap rollbackVersionInConfigFile SIGINT
 
+echo "script blocked"
+exit 1
+
 getDirectoryAndImageNameByToolName
 
 validateUpdateType

deployments/scripts/update-swagger.sh

@@ -18,32 +18,28 @@ DIRECTORY=$1
 validateSwagger () {
     case "$DIRECTORY" in
         "horusec-account") # Used to update an bugfix or an new feature in develop branch
-            echo "Directory selected is horusec-account" ;;
+            echo "Directory selected is horusec-account";;
         "horusec-analytic") # Used when you finish development and start testing in the test environment and in develop branch
-            echo "Directory selected is horusec-analytic" ;;
+            echo "Directory selected is horusec-analytic";;
         "horusec-api") # Used when an correction was applied in master branch
-            echo "Directory selected is horusec-api" ;;
+            echo "Directory selected is horusec-api";;
         "horusec-messages") # Used when an new feature is enable in production environment and in master branch
-            echo "Directory selected is horusec-messages" ;;
+            echo "Directory selected is horusec-messages";;
+        "horusec-auth") # Used to update an bugfix or an new feature in develop branch
+            echo "Directory selected is horusec-auth";;
+        "horusec-webhook") # Used to update an bugfix or an new feature in develop branch
+            echo "Directory selected is horusec-webhook";;
         *)
             echo "Param Directory is invalid, please use the examples bellow allowed and try again!"
-            echo "Params Directory allowed: horusec-account, horusec-analytic, horusec-api, horusec-messages"
+            echo "Params Directory allowed: horusec-account, horusec-analytic, horusec-api, horusec-messages, horusec-auth, horusec-webhook"
             exit 1;;
     esac
 
     swag &> /dev/null
     RESPONSE=$?
     if [[ "$RESPONSE" != "0" ]]
     then
-        INSTALL_PATH="/usr/local/bin"
-        DOWNLOAD_PATH="./tmp/swag"
-        echo "The command swag is not installed!"
-        echo "Installing swag..."
-        mkdir -p $DOWNLOAD_PATH
-        curl -L https://github.com/swaggo/swag/releases/download/v1.6.7/swag_1.6.7_Linux_x86_64.tar.gz | tar xvzf - -C "$DOWNLOAD_PATH"
-        chmod +x "$DOWNLOAD_PATH/swag"
-        sudo mv "$DOWNLOAD_PATH/swag" "$INSTALL_PATH"
-        rm -rf "$DOWNLOAD_PATH"
+        go get -v github.com/swaggo/swag/cmd/[email protected]
     fi
 
     swag &> /dev/null
@@ -58,9 +54,7 @@ validateSwagger () {
 }
 
 updateDocs () {
-    cd $DIRECTORY || echo "Directory not exist!"
-    swag init -g ./cmd/app/main.go
-    cd ..
+    swag init -d "$DIRECTORY" -g ./cmd/app/main.go -o "$DIRECTORY/docs"
 }
 
 validateSwagger

development-kit/pkg/databases/relational/adapter/adapter.go

@@ -16,13 +16,16 @@ package adapter
 
 import (
 	"github.com/ZupIT/horusec/development-kit/pkg/databases/relational"
+	"github.com/ZupIT/horusec/development-kit/pkg/databases/relational/config"
 	"github.com/ZupIT/horusec/development-kit/pkg/databases/relational/database"
 )
 
 func NewRepositoryRead() relational.InterfaceRead {
-	return database.NewRelationalRead()
+	configs := config.NewConfig()
+	return database.NewRelationalRead(configs.Dialect, configs.URI, configs.LogMode)
 }
 
 func NewRepositoryWrite() relational.InterfaceWrite {
-	return database.NewRelationalWrite()
+	configs := config.NewConfig()
+	return database.NewRelationalWrite(configs.Dialect, configs.URI, configs.LogMode)
 }