feat: add javascript support (#452)

* feat: add javascript * fix: make javascript work * test: add test field to exported js detections * test: add framework for testing detectors * fix: after merge fixes * fix testhelper * fix: javascript * chore: remove js files * fix: check for file errors * fix: remove ruby logs * feat: extrapolate common code * Revert "chore: remove js files" This reverts commit 17a1a87. enrich ruby test cases feat: add js test case feat: add support for variable declarators fix: improve tests fix: redo ruby tests * feat: changes after rebase * fix: after rebase * feat: improve tests * feat: add method signature * feat: add property test: add member expression tests feat: add subscript expression feat: add support for property * feat: add javascript string * test: rename tests * fix: close queries in test * fix: apply formatting * fix: add error check * feat: add javascript tests * fix: integration tests * fix: update javascript tests * feat: implement anchoring * feat: add support for logger rules * fix: remove unused code * feat: add quote stripping * fix: naming * fix: node types * fix: implement descend into detection node * fix: implement missing js methods * fix: tests --------- Co-authored-by: vjerci <27707350+vjerci@users.noreply.github.com>
Bearer · Feb 7, 2023 · 31c7c93 · 31c7c93
1 parent a4493e4
commit 31c7c93
Show file tree

Hide file tree

Showing 95 changed files with 3,482 additions and 56 deletions.
diff --git a/integration/rules/helper_test.go b/integration/rules/helper_test.go
@@ -0,0 +1,57 @@
+package integration_test
+
+import (
+	"fmt"
+	"path/filepath"
+	"strings"
+	"testing"
+
+	"github.com/bearer/curio/integration/internal/testhelper"
+	"github.com/bearer/curio/pkg/commands/process/settings/rules"
+	"github.com/rs/zerolog/log"
+)
+
+var rulesFs = &rules.Rules
+
+func buildRulesTestCase(name, reportType, ruleID, filename string) testhelper.TestCase {
+	arguments := []string{
+		"scan",
+		filepath.Join("pkg", "commands", "process", "settings", "rules", filename),
+		"--report=" + reportType,
+		"--format=yaml",
+		"--only-rule=" + ruleID,
+	}
+	options := testhelper.TestCaseOptions{}
+
+	return testhelper.NewTestCase(name, arguments, options)
+}
+
+func runRulesTest(folderPath, format, ruleID string, t *testing.T) {
+	snapshotDirectory := "../../pkg/commands/process/settings/rules/" + folderPath + "/.snapshots"
+
+	testDataDir := fmt.Sprintf("%s/testdata", folderPath)
+
+	log.Debug().Msgf("%s", testDataDir)
+
+	testdataDirEntries, err := rulesFs.ReadDir(testDataDir)
+	if err != nil {
+		t.Fatalf("failed to read rules/%s dir %e", folderPath, err)
+	}
+
+	dataflowTests := []testhelper.TestCase{}
+	for _, testdataFile := range testdataDirEntries {
+		name := testdataFile.Name()
+
+		testName := strings.Replace(fmt.Sprintf("%s_%s_%s", format, folderPath, name), "/", "_", -1)
+		dataflowTests = append(dataflowTests,
+			buildRulesTestCase(
+				testName,
+				format,
+				ruleID,
+				fmt.Sprintf("%s/testdata/%s", folderPath, name),
+			),
+		)
+	}
+
+	testhelper.RunTestsWithSnapshotSubdirectory(t, dataflowTests, snapshotDirectory)
+}
diff --git a/integration/rules/javascript_test.go b/integration/rules/javascript_test.go
@@ -0,0 +1,23 @@
+package integration_test
+
+import "testing"
+
+func TestJavascriptLangLoggerSummary(t *testing.T) {
+	t.Parallel()
+	runRulesTest("javascript/lang/logger", "summary", "javascript_lang_logger", t)
+}
+
+func TestJavascriptLangLoggerDataflow(t *testing.T) {
+	t.Parallel()
+	runRulesTest("javascript/lang/logger", "dataflow", "javascript_lang_logger", t)
+}
+
+func TestJavascriptLangSessionSummary(t *testing.T) {
+	t.Parallel()
+	runRulesTest("javascript/lang/session", "summary", "javascript_session", t)
+}
+
+func TestJavascriptLangSessionDataflow(t *testing.T) {
+	t.Parallel()
+	runRulesTest("javascript/lang/session", "dataflow", "javascript_session", t)
+}
diff --git a/integration/rules/rules_test.go → integration/rules/ruby_test.go b/integration/rules/rules_test.go → integration/rules/ruby_test.go
@@ -1,30 +1,9 @@
 package integration_test
 
 import (
-	"fmt"
-	"path/filepath"
-	"strings"
 	"testing"
-
-	"github.com/bearer/curio/integration/internal/testhelper"
-	"github.com/bearer/curio/pkg/commands/process/settings/rules"
 )
 
-var rulesFs = &rules.Rules
-
-func buildRulesTestCase(name, reportType, ruleID, filename string) testhelper.TestCase {
-	arguments := []string{
-		"scan",
-		filepath.Join("pkg", "commands", "process", "settings", "rules", filename),
-		"--report=" + reportType,
-		"--format=yaml",
-		"--only-rule=" + ruleID,
-	}
-	options := testhelper.TestCaseOptions{}
-
-	return testhelper.NewTestCase(name, arguments, options)
-}
-
 func TestRubyLangCookiesSummary(t *testing.T) {
 	t.Parallel()
 	runRulesTest("ruby/lang/cookies", "summary", "ruby_lang_cookies", t)
@@ -224,28 +203,3 @@ func TestRubyThirdPartiesSentryDataflow(t *testing.T) {
 	t.Parallel()
 	runRulesTest("ruby/third_parties/sentry", "dataflow", "ruby_third_parties_sentry", t)
 }
-
-func runRulesTest(folderPath, format, ruleID string, t *testing.T) {
-	snapshotDirectory := "../../pkg/commands/process/settings/rules/" + folderPath + "/.snapshots"
-	testdataDirEntries, err := rulesFs.ReadDir(fmt.Sprintf("%s/testdata", folderPath))
-	if err != nil {
-		t.Fatalf("failed to read rules/%s dir %e", folderPath, err)
-	}
-
-	dataflowTests := []testhelper.TestCase{}
-	for _, testdataFile := range testdataDirEntries {
-		name := testdataFile.Name()
-
-		testName := strings.Replace(fmt.Sprintf("%s_%s_%s", format, folderPath, name), "/", "_", -1)
-		dataflowTests = append(dataflowTests,
-			buildRulesTestCase(
-				testName,
-				format,
-				ruleID,
-				fmt.Sprintf("%s/testdata/%s", folderPath, name),
-			),
-		)
-	}
-
-	testhelper.RunTestsWithSnapshotSubdirectory(t, dataflowTests, snapshotDirectory)
-}
diff --git a/new/detector/composition/javascript/.snapshots/TestClass-constructor.json b/new/detector/composition/javascript/.snapshots/TestClass-constructor.json
@@ -0,0 +1,144 @@
+[
+	{
+		"DetectorType": "class_name",
+		"MatchNode": {},
+		"Data": {
+			"Pattern": "$\u003cDATA_TYPE\u003e\n",
+			"Datatypes": [
+				{
+					"DetectorType": "datatype",
+					"MatchNode": {},
+					"Data": {
+						"Name": "User",
+						"Classification": {
+							"name": "user",
+							"decision": {
+								"state": "valid",
+								"reason": "valid_object_with_valid_properties"
+							}
+						},
+						"Properties": [
+							{
+								"Name": "name",
+								"Detection": {
+									"DetectorType": "property",
+									"MatchNode": {},
+									"Data": {
+										"Name": "name"
+									}
+								},
+								"Classification": {
+									"name": "name",
+									"subject_name": "User",
+									"data_type": {
+										"name": "Fullname",
+										"uuid": "1617291b-bc22-4267-ad5e-8054b2505958",
+										"category_uuid": "14124881-6b92-4fc5-8005-ea7c1c09592e"
+									},
+									"decision": {
+										"state": "valid",
+										"reason": "known_pattern"
+									}
+								}
+							},
+							{
+								"Name": "city",
+								"Detection": {
+									"DetectorType": "property",
+									"MatchNode": {},
+									"Data": {
+										"Name": "city"
+									}
+								},
+								"Classification": {
+									"name": "city",
+									"subject_name": "User",
+									"data_type": {
+										"name": "Physical Address",
+										"uuid": "5a80a938-6fb2-4d9a-9c47-8d377e036506",
+										"category_uuid": "cef587dd-76db-430b-9e18-7b031e1a193b"
+									},
+									"decision": {
+										"state": "valid",
+										"reason": "known_pattern"
+									}
+								}
+							}
+						]
+					}
+				}
+			]
+		}
+	},
+	{
+		"DetectorType": "class_name",
+		"MatchNode": {},
+		"Data": {
+			"Pattern": "$\u003cDATA_TYPE\u003e\n",
+			"Datatypes": [
+				{
+					"DetectorType": "datatype",
+					"MatchNode": {},
+					"Data": {
+						"Name": "User",
+						"Classification": {
+							"name": "user",
+							"decision": {
+								"state": "valid",
+								"reason": "valid_object_with_valid_properties"
+							}
+						},
+						"Properties": [
+							{
+								"Name": "name",
+								"Detection": {
+									"DetectorType": "property",
+									"MatchNode": {},
+									"Data": {
+										"Name": "name"
+									}
+								},
+								"Classification": {
+									"name": "name",
+									"subject_name": "User",
+									"data_type": {
+										"name": "Fullname",
+										"uuid": "1617291b-bc22-4267-ad5e-8054b2505958",
+										"category_uuid": "14124881-6b92-4fc5-8005-ea7c1c09592e"
+									},
+									"decision": {
+										"state": "valid",
+										"reason": "known_pattern"
+									}
+								}
+							},
+							{
+								"Name": "city",
+								"Detection": {
+									"DetectorType": "property",
+									"MatchNode": {},
+									"Data": {
+										"Name": "city"
+									}
+								},
+								"Classification": {
+									"name": "city",
+									"subject_name": "User",
+									"data_type": {
+										"name": "Physical Address",
+										"uuid": "5a80a938-6fb2-4d9a-9c47-8d377e036506",
+										"category_uuid": "cef587dd-76db-430b-9e18-7b031e1a193b"
+									},
+									"decision": {
+										"state": "valid",
+										"reason": "known_pattern"
+									}
+								}
+							}
+						]
+					}
+				}
+			]
+		}
+	}
+]
diff --git a/new/detector/composition/javascript/.snapshots/TestClass-method.json b/new/detector/composition/javascript/.snapshots/TestClass-method.json
@@ -0,0 +1,50 @@
+[
+	{
+		"DetectorType": "class_name",
+		"MatchNode": {},
+		"Data": {
+			"Pattern": "$\u003cDATA_TYPE\u003e\n",
+			"Datatypes": [
+				{
+					"DetectorType": "datatype",
+					"MatchNode": {},
+					"Data": {
+						"Name": "User",
+						"Classification": {
+							"name": "user",
+							"decision": {
+								"state": "invalid",
+								"reason": "valid_object_with_invalid_properties"
+							}
+						},
+						"Properties": null
+					}
+				}
+			]
+		}
+	},
+	{
+		"DetectorType": "class_name",
+		"MatchNode": {},
+		"Data": {
+			"Pattern": "$\u003cDATA_TYPE\u003e\n",
+			"Datatypes": [
+				{
+					"DetectorType": "datatype",
+					"MatchNode": {},
+					"Data": {
+						"Name": "User",
+						"Classification": {
+							"name": "user",
+							"decision": {
+								"state": "invalid",
+								"reason": "valid_object_with_invalid_properties"
+							}
+						},
+						"Properties": null
+					}
+				}
+			]
+		}
+	}
+]
diff --git a/new/detector/composition/javascript/.snapshots/TestClass-name.json b/new/detector/composition/javascript/.snapshots/TestClass-name.json
@@ -0,0 +1,50 @@
+[
+	{
+		"DetectorType": "class_name",
+		"MatchNode": {},
+		"Data": {
+			"Pattern": "$\u003cDATA_TYPE\u003e\n",
+			"Datatypes": [
+				{
+					"DetectorType": "datatype",
+					"MatchNode": {},
+					"Data": {
+						"Name": "User",
+						"Classification": {
+							"name": "user",
+							"decision": {
+								"state": "invalid",
+								"reason": "valid_object_with_invalid_properties"
+							}
+						},
+						"Properties": null
+					}
+				}
+			]
+		}
+	},
+	{
+		"DetectorType": "class_name",
+		"MatchNode": {},
+		"Data": {
+			"Pattern": "$\u003cDATA_TYPE\u003e\n",
+			"Datatypes": [
+				{
+					"DetectorType": "datatype",
+					"MatchNode": {},
+					"Data": {
+						"Name": "User",
+						"Classification": {
+							"name": "user",
+							"decision": {
+								"state": "invalid",
+								"reason": "valid_object_with_invalid_properties"
+							}
+						},
+						"Properties": null
+					}
+				}
+			]
+		}
+	}
+]