From 098c8c079347877137bb19f99e46d855327ff137 Mon Sep 17 00:00:00 2001 From: prabhu Date: Tue, 9 Jan 2024 14:24:28 +0000 Subject: [PATCH] Improved logic to invoke php-parse (#108) * Improved logic to invoke php-parse Signed-off-by: Prabhu Subramanian * Added php repo tests. Fix php parser version Signed-off-by: Prabhu Subramanian --------- Signed-off-by: Prabhu Subramanian --- .github/workflows/containers.yml | 4 +-- .github/workflows/nodejstests.yml | 35 +++++++++++++++----------- .github/workflows/npm-release.yml | 4 +-- .github/workflows/pr.yml | 16 ++++++------ .github/workflows/release.yml | 4 +-- .github/workflows/repotests.yml | 41 ++++++++++++++++++------------- README.md | 2 +- build.sbt | 4 +-- codemeta.json | 2 +- wrapper/nodejs/build.ps1 | 14 ++++++++++- wrapper/nodejs/build.sh | 2 +- wrapper/nodejs/package-lock.json | 4 +-- wrapper/nodejs/package.json | 2 +- wrapper/nodejs/php.ini | 2 ++ wrapper/nodejs/phpastgen.js | 8 +++++- 15 files changed, 88 insertions(+), 56 deletions(-) create mode 100644 wrapper/nodejs/php.ini diff --git a/.github/workflows/containers.yml b/.github/workflows/containers.yml index a6f11d4..5015d74 100644 --- a/.github/workflows/containers.yml +++ b/.github/workflows/containers.yml @@ -20,11 +20,11 @@ jobs: contents: write packages: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: 'zulu' java-version: '21' diff --git a/.github/workflows/nodejstests.yml b/.github/workflows/nodejstests.yml index cc6799c..3019d70 100644 --- a/.github/workflows/nodejstests.yml +++ b/.github/workflows/nodejstests.yml @@ -11,34 +11,34 @@ jobs: node-version: ['20.x'] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'ShiftLeftSecurity/shiftleft-java-example' path: 'repotests/shiftleft-java-example' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'juice-shop/juice-shop' path: 'repotests/juice-shop' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'ShiftLeftSecurity/shiftleft-ts-example' path: 'repotests/shiftleft-ts-example' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'libexpat/libexpat' path: 'repotests/libexpat' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'HooliCorp/DjanGoat' path: 'repotests/DjanGoat' - uses: coursier/cache-action@v6 - name: Set up JDK - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: 'zulu' java-version: ${{ matrix.java-version }} @@ -64,34 +64,34 @@ jobs: java-version: ['17', '19', '20', '21'] node-version: ['20.x'] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'ShiftLeftSecurity/shiftleft-java-example' path: 'repotests/shiftleft-java-example' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'juice-shop/juice-shop' path: 'repotests/juice-shop' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'ShiftLeftSecurity/shiftleft-ts-example' path: 'repotests/shiftleft-ts-example' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'libexpat/libexpat' path: 'repotests/libexpat' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'HooliCorp/DjanGoat' path: 'repotests/DjanGoat' - uses: coursier/cache-action@v6 - name: Set up JDK - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: 'zulu' java-version: ${{ matrix.java-version }} @@ -100,10 +100,15 @@ jobs: run: | sbt stage createDistribution cd wrapper\\nodejs - .\build.ps1 + copy ..\..\target\atom.zip plugins\ + Expand-Archive -Path ..\..\target\atom.zip -DestinationPath plugins\ -Force + Remove-Item -Force plugins\atom.zip + php --php-ini php.ini composer.phar require nikic/php-parser:4.18.0 --ignore-platform-reqs --optimize-autoloader + npm install npm install -g . get-command atom get-command astgen + get-command phpastgen astgen --version env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/npm-release.yml b/.github/workflows/npm-release.yml index 2035452..0906a82 100644 --- a/.github/workflows/npm-release.yml +++ b/.github/workflows/npm-release.yml @@ -13,7 +13,7 @@ jobs: packages: write id-token: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Use Node.js uses: actions/setup-node@v3 with: @@ -21,7 +21,7 @@ jobs: registry-url: https://registry.npmjs.org/ - uses: coursier/cache-action@v6 - name: Set up JDK - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: 'zulu' java-version: '19' diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index ac65c28..743ad11 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -6,36 +6,36 @@ jobs: testing: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'ShiftLeftSecurity/shiftleft-java-example' path: 'repotests/shiftleft-java-example' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'juice-shop/juice-shop' path: 'repotests/juice-shop' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'ShiftLeftSecurity/shiftleft-ts-example' path: 'repotests/shiftleft-ts-example' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'libexpat/libexpat' path: 'repotests/libexpat' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'HooliCorp/DjanGoat' path: 'repotests/DjanGoat' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'DefectDojo/django-DefectDojo' path: 'repotests/django-DefectDojo' - uses: coursier/cache-action@v6 - name: Set up JDK - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: 'zulu' java-version: '21' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 17f880b..649a5d4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -16,12 +16,12 @@ jobs: contents: write packages: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 - uses: coursier/cache-action@v6 - name: Set up JDK - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: 'zulu' java-version: '21' diff --git a/.github/workflows/repotests.yml b/.github/workflows/repotests.yml index 549a99e..0f1f695 100644 --- a/.github/workflows/repotests.yml +++ b/.github/workflows/repotests.yml @@ -13,28 +13,32 @@ jobs: java-version: [ '21' ] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'HooliCorp/java-sec-code' path: 'repotests/java-sec-code' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'DefectDojo/django-DefectDojo' path: 'repotests/django-DefectDojo' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'nodejs/node' path: 'repotests/nodejs' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'awsdocs/aws-doc-sdk-examples' path: 'repotests/aws-doc-sdk-examples' + - uses: actions/checkout@v4 + with: + repository: 'friendica/friendica' + path: 'repotests/friendica' - uses: coursier/cache-action@v6 - name: Set up JDK - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: 'zulu' java-version: ${{ matrix.java-version }} @@ -53,6 +57,9 @@ jobs: ./atom.sh usages --remove-atom -o /tmp/v8.atom -l h $GITHUB_WORKSPACE/repotests/nodejs/deps/v8 -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/v8.slices.json ./atom.sh usages --remove-atom -o /tmp/uv.atom -l h $GITHUB_WORKSPACE/repotests/nodejs/deps/uv -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/uv.slices.json ./atom.sh usages --remove-atom -o /tmp/aws.atom -l h $GITHUB_WORKSPACE/repotests/aws-doc-sdk-examples/cpp -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/aws.slices.json + ./atom.sh usages --remove-atom -o /tmp/friendica.atom -l h $GITHUB_WORKSPACE/repotests/friendica -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/friend.slices.json + cdxgen -t php -o $GITHUB_WORKSPACE/repotests/friendica/bom.json $GITHUB_WORKSPACE/repotests/friendica + ./atom.sh reachables --remove-atom -o /tmp/friendica2.atom -l h $GITHUB_WORKSPACE/repotests/friendica -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/friend2.slices.json env: JAVA_TOOL_OPTIONS: "-Dfile.encoding=UTF-8" GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -63,48 +70,48 @@ jobs: java-version: ['17', '19', '20'] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'ShiftLeftSecurity/shiftleft-java-example' path: 'repotests/shiftleft-java-example' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'juice-shop/juice-shop' path: 'repotests/juice-shop' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'ShiftLeftSecurity/shiftleft-ts-example' path: 'repotests/shiftleft-ts-example' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'libexpat/libexpat' path: 'repotests/libexpat' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'HooliCorp/java-sec-code' path: 'repotests/java-sec-code' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'HooliCorp/DjanGoat' path: 'repotests/DjanGoat' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'DefectDojo/django-DefectDojo' path: 'repotests/django-DefectDojo' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'nodejs/node' path: 'repotests/nodejs' - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: 'awsdocs/aws-doc-sdk-examples' path: 'repotests/aws-doc-sdk-examples' - uses: coursier/cache-action@v6 - name: Set up JDK - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: 'zulu' java-version: ${{ matrix.java-version }} diff --git a/README.md b/README.md index 0f9c184..1f1a802 100644 --- a/README.md +++ b/README.md @@ -172,7 +172,7 @@ docker run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthr - JavaScript - TypeScript - Python -- PHP +- PHP (Requires PHP >= 7.0. Supports PHP 5.2 to 8.3) ## Atom Specification diff --git a/build.sbt b/build.sbt index 9d8a50b..2a3df4f 100644 --- a/build.sbt +++ b/build.sbt @@ -1,9 +1,9 @@ name := "atom" ThisBuild / organization := "io.appthreat" -ThisBuild / version := "1.8.1" +ThisBuild / version := "1.8.2" ThisBuild / scalaVersion := "3.3.1" -val chenVersion = "1.1.3" +val chenVersion = "1.1.4" lazy val atom = Projects.atom diff --git a/codemeta.json b/codemeta.json index 37d1000..c670ef4 100644 --- a/codemeta.json +++ b/codemeta.json @@ -7,7 +7,7 @@ "downloadUrl": "https://github.com/AppThreat/atom", "issueTracker": "https://github.com/AppThreat/atom/issues", "name": "atom", - "version": "1.8.1", + "version": "1.8.2", "description": "Atom is a novel intermediate representation for next-generation code analysis.", "applicationCategory": "code-analysis", "keywords": [ diff --git a/wrapper/nodejs/build.ps1 b/wrapper/nodejs/build.ps1 index e6d9da7..921e42a 100644 --- a/wrapper/nodejs/build.ps1 +++ b/wrapper/nodejs/build.ps1 @@ -1,4 +1,16 @@ copy ..\..\target\atom.zip plugins\ Expand-Archive -Path ..\..\target\atom.zip -DestinationPath plugins\ -Force -Remove-Item plugins\atom.zip +Remove-Item -Force plugins\atom.zip + +php --php-ini php.ini -r "copy('http://getcomposer.org/installer', 'composer-setup.php');" +php -r "if (hash_file('sha384', 'composer-setup.php') === 'e21205b207c3ff031906575712edab6f13eb0b361f2085f1f1237b7126d785e826a450292b6cfd1d64d92e6563bbde02') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" +php --php-ini php.ini composer-setup.php +php -r "unlink('composer-setup.php');" +$env:COMPOSER_VENDOR_DIR="plugins" +php --php-ini php.ini composer.phar require nikic/php-parser:4.18.0 --ignore-platform-reqs --optimize-autoloader + npm install + +Remove-Item -Force composer.phar +Remove-Item -Force composer.json +Remove-Item -Force composer.lock diff --git a/wrapper/nodejs/build.sh b/wrapper/nodejs/build.sh index 8d8ba57..1b101bc 100755 --- a/wrapper/nodejs/build.sh +++ b/wrapper/nodejs/build.sh @@ -12,7 +12,7 @@ php -r "if (hash_file('sha384', 'composer-setup.php') === 'e21205b207c3ff0319065 php composer-setup.php php -r "unlink('composer-setup.php');" export COMPOSER_VENDOR_DIR=plugins -php composer.phar require nikic/php-parser --ignore-platform-reqs --optimize-autoloader +php composer.phar require nikic/php-parser:4.18.0 --ignore-platform-reqs --optimize-autoloader npm install diff --git a/wrapper/nodejs/package-lock.json b/wrapper/nodejs/package-lock.json index 19ac205..d951441 100644 --- a/wrapper/nodejs/package-lock.json +++ b/wrapper/nodejs/package-lock.json @@ -1,12 +1,12 @@ { "name": "@appthreat/atom", - "version": "1.8.1", + "version": "1.8.2", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@appthreat/atom", - "version": "1.8.1", + "version": "1.8.2", "license": "Apache-2.0", "dependencies": { "@babel/parser": "^7.23.6", diff --git a/wrapper/nodejs/package.json b/wrapper/nodejs/package.json index 7468c01..cf8bba9 100644 --- a/wrapper/nodejs/package.json +++ b/wrapper/nodejs/package.json @@ -1,6 +1,6 @@ { "name": "@appthreat/atom", - "version": "1.8.1", + "version": "1.8.2", "description": "Create atom (⚛) representation for your application, packages and libraries", "exports": "./index.js", "type": "module", diff --git a/wrapper/nodejs/php.ini b/wrapper/nodejs/php.ini new file mode 100644 index 0000000..ac7809e --- /dev/null +++ b/wrapper/nodejs/php.ini @@ -0,0 +1,2 @@ +extension=openssl +extension=zip diff --git a/wrapper/nodejs/phpastgen.js b/wrapper/nodejs/phpastgen.js index 49f3796..edafcca 100755 --- a/wrapper/nodejs/phpastgen.js +++ b/wrapper/nodejs/phpastgen.js @@ -20,11 +20,17 @@ function main(argvs) { return false; } const cwd = process.env.ATOM_CWD || process.cwd(); - spawnSync(PHP_PARSER_BIN, argvs, { + argvs.splice( + 0, + 1, + process.env.PHP_PARSER_BIN || join(PLUGINS_HOME, "bin", "php-parse") + ); + spawnSync(process.env.PHP_CMD || "php", argvs, { encoding: "utf-8", cwd, stdio: "inherit", stderr: "inherit", + env: process.env, timeout: process.env.ATOM_TIMEOUT || process.env.ASTGEN_TIMEOUT }); }