UNPKG

@atomist/sdm-pack-aspect

Version:

an Atomist SDM Extension Pack for visualizing drift across an organization

github.com/atomist/sdm-pack-aspect

atomist/sdm-pack-aspect

60 lines (55 loc) 1.95 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
/* * Copyright © 2019 Atomist, Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ import { Aspect, sha256 } from "@atomist/sdm-pack-fingerprint"; import { ExposedSecret, sniffProject, } from "./secretSniffing"; import { loadSnifferOptions } from "./snifferOptionsLoader"; const ExposedSecretsType = "exposed-secret"; export type ExposedSecretsData = Pick<ExposedSecret, "secret" | "path" | "description">; /** * Fingerprints the presence of exposed secrets, detected by * searching code for regular expressions. */ export const ExposedSecrets: Aspect<ExposedSecretsData> = { name: ExposedSecretsType, displayName: "Exposed secrets", baseOnly: true, extract: async p => { const exposedSecretsResult = await sniffProject(p, await loadSnifferOptions()); return exposedSecretsResult.exposedSecrets.map(es => { const data = { secret: es.secret, path: es.path, description: es.description, }; return { type: ExposedSecretsType, name: ExposedSecretsType, data, sha: sha256(JSON.stringify(data)), }; }); }, toDisplayableFingerprintName: name => name, toDisplayableFingerprint: fp => `${fp.data.path}:${fp.data.description}`, stats: { defaultStatStatus: { entropy: false, }, }, };