6 Commits

Author SHA1 Message Date
sealesj
4220be6c72 Vulnerability Scanning on Third Party Deps (flutter/engine#36506)
* initial flatten deps scan

* move 3rd party scan to separate action

* allow fork to run

* install requests

* use packages

* pip install

* rename

* conditional vuln report

* trailing whitespace

* trailing whitespace

* detailed print

* add testing file

* add upload test sarif

* results sarif

* move sarif

* upload modified sarif

* test flow

* test with results.sarif

* formatting

* test naming convention

* description with text in artifactLocation

* don't use locations

* use template sarif

* just use template

* add one field mod

* add another field mod

* use actual osvReport

* add field

* add field

* test

* no information uri

* no information uri

* add name

* template NA data for results

* back to minimal template

* dynamic rules

* template update

* no results

* only use template

* test

* new test

* new test

* add back locations

* descriptive fields

* test

* use package name

* variable commit hash

* add chromium accessibility readme support

* use batch query test

* clean up

* use variables for sarif template

* initial automating ancestor commit

* allow for workflow on testing

* install gitpython in workflow

* wrap in try

* expand try

* check commit is not none

* quiet clone

* fix commit newline

* proper print for failed deps

* remove gitpython

* remove import

* fix origin source

* remove .dart from dep names

* update dep

* typo

* update

* clone into controlled name repo now

* fix github upstream clone url

* test CVE finding

* use templated rule and result

* typo

* remove test CVE

* add link straight to OSV DB

* comments

* use os mkdir

* check time of pinned commit

* quiet git

* print osv api query results if vulns found

* move upstream mapping into DEPS file

* add testing for DEPS file

* add khronos exception

* add basic ancestor commit test

* no vulns message

* do not produce empty sarif

* add yaml

* remove unused python dep

* no change?

* no more print, causing recipe issues

* string test

* string test

* no more fstrings

* convert to .format

* syntax

* remove unused dep

* test

* switch test script

* no encoding

* add back test

* typo

* remove scan flat deps tests again

* update

* fix tests

* typo

* newline

* use checkout dir

* prefix

* update to use prefix

* lint

* runhook attempt

* lint

* lint

* lint

* lint

* no license blurb

* cleanup

* enable for main

* do not raise error

* run on branch

* data indentation

* check file existence

* workflow updates

* add push for testing

* syntax

* workflow test

* test github action

* syntax

* allow empty report

* update cron

* pin hash

* newline

* sort by key with prefix omitted

* alphabetize, copyright header

* pylint tests

* lint

* lint

* trailing whitespace?

* lint

* update

* get error types

* allow test

* use output

* only main branch

* licenses check

* results.sarif

* revert

* license updates

* add upstream

* replace Requests library with urllib, remove pylint wrapper

* lint

* undo license

* clone test nit

* isinstance

* DEPS formatting

Co-authored-by: Zachary Anderson <zanderso@users.noreply.github.com>

* use subprocess.check_output

* lint

* lint

* review syntax from comments

* remove line

* more description in error

* lint

* fix checkout path

* remove duplicate eval

* lint

* lint

* lint

* clone-test mkdir and cleanup

* use shutil.rmtree for non-empty dir

* lint

* linting

* linting

* var name

* Update ci/deps_parser_tests.py

Co-authored-by: Zachary Anderson <zanderso@users.noreply.github.com>

* Update ci/deps_parser_tests.py

Co-authored-by: Zachary Anderson <zanderso@users.noreply.github.com>

* more description

* lint

* refactor deps file parsing

* early return

* lint

Co-authored-by: Zachary Anderson <zanderso@users.noreply.github.com>
2022-11-23 15:07:43 -05:00
sealesj
8c24c0eb88 Revert "OSV Vulnerabiltiy Scanning (#36355)" (flutter/engine#36477)
This reverts commit 67333ec64c77c195dd764682a3095c4c1744cbc2.
2022-09-28 13:12:25 -04:00
sealesj
67333ec64c OSV Vulnerabiltiy Scanning (flutter/engine#36355)
* initial flatten deps scan

* move 3rd party scan to separate action

* allow fork to run

* install requests

* use packages

* pip install

* rename

* conditional vuln report

* trailing whitespace

* trailing whitespace

* detailed print

* add testing file

* add upload test sarif

* results sarif

* move sarif

* upload modified sarif

* test flow

* test with results.sarif

* formatting

* test naming convention

* description with text in artifactLocation

* don't use locations

* use template sarif

* just use template

* add one field mod

* add another field mod

* use actual osvReport

* add field

* add field

* test

* no information uri

* no information uri

* add name

* template NA data for results

* back to minimal template

* dynamic rules

* template update

* no results

* only use template

* test

* new test

* new test

* add back locations

* descriptive fields

* test

* use package name

* variable commit hash

* add chromium accessibility readme support

* use batch query test

* clean up

* use variables for sarif template

* initial automating ancestor commit

* allow for workflow on testing

* install gitpython in workflow

* wrap in try

* expand try

* check commit is not none

* quiet clone

* fix commit newline

* proper print for failed deps

* remove gitpython

* remove import

* fix origin source

* remove .dart from dep names

* update dep

* typo

* update

* clone into controlled name repo now

* fix github upstream clone url

* test CVE finding

* use templated rule and result

* typo

* remove test CVE

* add link straight to OSV DB

* comments

* use os mkdir

* check time of pinned commit

* quiet git

* print osv api query results if vulns found

* move upstream mapping into DEPS file

* add testing for DEPS file

* add khronos exception

* add basic ancestor commit test

* no vulns message

* do not produce empty sarif

* add yaml

* remove unused python dep

* no change?

* no more print, causing recipe issues

* string test

* string test

* no more fstrings

* convert to .format

* syntax

* remove unused dep

* test

* switch test script

* no encoding

* add back test

* typo

* remove scan flat deps tests again

* update

* fix tests

* typo

* newline

* use checkout dir

* prefix

* update to use prefix

* lint

* runhook attempt

* lint

* lint

* lint

* lint

* no license blurb

* cleanup

* enable for main

* do not raise error

* run on branch

* data indentation

* check file existence
2022-09-28 12:56:31 -04:00
Zachary Anderson
7572a18ffe pylint a few python scripts and lint in lint.sh (flutter/engine#33675) 2022-06-04 15:21:18 -07:00
Zachary Anderson
1790d5a019 Adds a python formatter (flutter/engine#33797)
* Adds a python formatter

* Apply format
2022-06-03 13:00:14 -07:00
godofredoc
11a2c7e893 Add gclient parser. (flutter/engine#32135)
* Add gclient parser.

* pin python-installation version.

* Update documentation.

* Add license header.
2022-03-25 09:30:18 -07:00