diff --git a/.envrc.example b/.envrc.example index 6ed668311..d1b4f0862 100644 --- a/.envrc.example +++ b/.envrc.example @@ -6,4 +6,7 @@ export REDIS_INIT="true" export GOOGLE_MAX_ATTEMPT="5" export BEARER_EXECUTABLE_PATH="./bearer" export GITHUB_WORKSPACE="/path/to/bearer/project" -export SCAN_DIR=/Users/username/OWASP \ No newline at end of file +export SCAN_DIR=/Users/username/OWASP +export BEARER_DISABLE_DEFAULT_RULES=true +export BEARER_EXTERNAL_RULE_DIR=../bearer-rules/rules +export BEARER_FORCE=true diff --git a/.gitattributes b/.gitattributes index aab642854..bc7b51096 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,2 +1,2 @@ -pkg/parser/sitter/**/*.c linguist-generated -pkg/parser/sitter/**/*.cc linguist-generated \ No newline at end of file +internal/parser/sitter/**/*.c linguist-generated +internal/parser/sitter/**/*.cc linguist-generated diff --git a/.github/actions/linux-build/Dockerfile b/.github/actions/linux-build/Dockerfile index 1749fec07..2809c05ae 100644 --- a/.github/actions/linux-build/Dockerfile +++ b/.github/actions/linux-build/Dockerfile @@ -18,7 +18,7 @@ RUN apt-get update && \ apt-get update && \ apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin git && \ \ - wget --output-document=/tmp/go.tar.gz https://go.dev/dl/go1.19.8.linux-amd64.tar.gz && \ + wget --output-document=/tmp/go.tar.gz https://go.dev/dl/go1.21.0.linux-amd64.tar.gz && \ tar --extract --gunzip --file=/tmp/go.tar.gz --directory=/usr/local && \ ln -s /usr/local/go/bin/go /usr/local/bin/ && \ \ diff --git a/.github/workflows/canary.yml b/.github/workflows/canary.yml index 71176e7c1..8ccc088e2 100644 --- a/.github/workflows/canary.yml +++ b/.github/workflows/canary.yml @@ -75,7 +75,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v4 with: - go-version: 1.19 + go-version: 1.21 - name: Setup Gon run: brew install mitchellh/gon/gon - name: Import Code-Signing Certificates diff --git a/.github/workflows/command_doc_check.yml b/.github/workflows/command_doc_check.yml index 806528525..13c246aab 100644 --- a/.github/workflows/command_doc_check.yml +++ b/.github/workflows/command_doc_check.yml @@ -19,7 +19,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v4 with: - go-version: 1.19 + go-version: 1.21 - name: Generate command docs run: go run ./scripts/gen-doc-yaml.go - name: Check no uncommited changes diff --git a/.github/workflows/e2e_test.yml b/.github/workflows/e2e_test.yml index 15ebd317f..6a23cbb3f 100644 --- a/.github/workflows/e2e_test.yml +++ b/.github/workflows/e2e_test.yml @@ -19,7 +19,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v4 with: - go-version: 1.19 + go-version: 1.21 - name: Build binary for integration tests run: go build -a -o ./bearer ./cmd/bearer/main.go - name: Run tests diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 9d0b08e35..4e98d2279 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -14,7 +14,7 @@ jobs: steps: - uses: actions/setup-go@v4 with: - go-version: 1.19 + go-version: 1.21 - uses: actions/checkout@v4 - name: golangci-lint uses: golangci/golangci-lint-action@v3 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d9e1643a4..37bb6c996 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -75,7 +75,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v4 with: - go-version: 1.19 + go-version: 1.21 - name: Setup Gon run: brew install mitchellh/gon/gon - name: Import Code-Signing Certificates diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0d46caa17..48fdc0919 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -20,8 +20,6 @@ jobs: - name: Set up Go uses: actions/setup-go@v4 with: - go-version: 1.19 + go-version: 1.21 - name: Run package tests - run: go test -v ./pkg/... - - name: Run detector tests - run: go test -v ./new/detector/... + run: go test -v ./internal/... diff --git a/README.md b/README.md index 40a161427..57fa45205 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ Bearer CLI scans your source code for: * A08: Data Integrity Failures (e.g. Deserialization of Untrusted Data). * A09: Security Logging and Monitoring Failures (e.g. Insertion of Sensitive Information into Log File). * A10: Server-Side Request Forgery (SSRF). - + *Note: all the rules and their code patterns are accessible through the [documentation](https://docs.bearer.com/reference/rules/).* * **Privacy risks** with the ability to detect [sensitive data flow](https://docs.bearer.com/explanations/discovery-and-classification/) such as the use of PII, PHI in your app, and [components](https://docs.bearer.com/reference/recipes/) processing sensitive data (e.g. databases like pgSQL, third-party APIs such as OpenAI, Sentry, etc.). This helps generate a [privacy report](https://docs.bearer.com/guides/privacy/) relevant for: @@ -133,7 +133,7 @@ curl -sfL https://raw.githubusercontent.com/Bearer/bearer/main/contrib/install.s
Docker - Bearer CLI is also available as a Docker image on [Docker Hub](https://hub.docker.com/r/bearer/bearer) and [ghcr.io](https://github.com/Bearer/bearer/pkgs/container/bearer). + Bearer CLI is also available as a Docker image on [Docker Hub](https://hub.docker.com/r/bearer/bearer) and [ghcr.io](https://github.com/bearer/bearer/internals/container/bearer). With docker installed, you can run the following command with the appropriate paths in place of the examples. @@ -243,9 +243,9 @@ We believe that by linking security issues with a clear business impact and risk In addition, by being Free and Open, extendable by design, and built with a great developer UX in mind, we bet you will see the difference for yourself. -### What is the privacy scanner? +### What is the privacy scanner? -In addition of detecting security flaws in your code, Bearer CLI allows you to automate the evidence gathering process needed to generate a privacy report for your compliance team. +In addition of detecting security flaws in your code, Bearer CLI allows you to automate the evidence gathering process needed to generate a privacy report for your compliance team. When you run Bearer CLI on your codebase, it discovers and classifies data by identifying patterns in the source code. Specifically, it looks for data types and matches against them. Most importantly, it never views the actual values—it just can’t—but only the code itself. If you want to learn more, here is the [longer explanation](https://docs.bearer.com/explanations/discovery-and-classification/). diff --git a/api/fetch_ignores.go b/api/fetch_ignores.go index 7875cd796..788bbf37e 100644 --- a/api/fetch_ignores.go +++ b/api/fetch_ignores.go @@ -3,7 +3,7 @@ package api import ( "encoding/json" - ignoretypes "github.com/bearer/bearer/pkg/util/ignore/types" + ignoretypes "github.com/bearer/bearer/internal/util/ignore/types" ) type CloudIgnoreData struct { diff --git a/cmd/bearer/main.go b/cmd/bearer/main.go index 970ee841a..2362fc57d 100644 --- a/cmd/bearer/main.go +++ b/cmd/bearer/main.go @@ -3,8 +3,8 @@ package main import ( "github.com/bearer/bearer/cmd/bearer/build" - "github.com/bearer/bearer/pkg/commands" - "github.com/bearer/bearer/pkg/util/output" + "github.com/bearer/bearer/internal/commands" + "github.com/bearer/bearer/internal/util/output" ) func main() { diff --git a/docs/_data/datatypes.js b/docs/_data/datatypes.js index e9d606014..0473e7f43 100644 --- a/docs/_data/datatypes.js +++ b/docs/_data/datatypes.js @@ -74,10 +74,10 @@ function sortData(typesFile, catsFile, groupsFile) { } // example(); module.exports = async function () { - let dataTypes = await fetchData("../pkg/classification/db/data_types/"); - let dataCats = await fetchData("../pkg/classification/db/data_categories/"); + let dataTypes = await fetchData("../internal/classification/db/data_types/"); + let dataCats = await fetchData("../internal/classification/db/data_categories/"); let groupings = await fetchFile( - "../pkg/classification/db/category_grouping.json" + "../internal/classification/db/category_grouping.json" ); return sortData(dataTypes, dataCats, groupings); }; diff --git a/docs/_data/recipes.js b/docs/_data/recipes.js index 6f6bde3e9..2b8511489 100644 --- a/docs/_data/recipes.js +++ b/docs/_data/recipes.js @@ -16,7 +16,7 @@ async function fetchData(dir) { return { ...data, id: path.basename(file, ".json"), - source: `/pkg/classification/db/recipes/${file}`, + source: `/internal/classification/db/recipes/${file}`, }; }) ); @@ -26,6 +26,6 @@ async function fetchData(dir) { } } module.exports = async function () { - let recipes = await fetchData("../pkg/classification/db/recipes/"); + let recipes = await fetchData("../internal/classification/db/recipes/"); return recipes; }; diff --git a/docs/contributing/code.md b/docs/contributing/code.md index 230e594a2..1b46679d3 100644 --- a/docs/contributing/code.md +++ b/docs/contributing/code.md @@ -8,7 +8,7 @@ If you're interested in contributing code to Bearer CLI, this guide will help yo ## Set up Bearer CLI locally -Bearer CLI is written in [Go](https://www.go.dev), so you'll need golang v1.19 or greater installed. Installation instructions for your architecture can be found at [golang downloads page](https://go.dev/dl/). +Bearer CLI is written in [Go](https://www.go.dev), so you'll need golang v1.21 or greater installed. Installation instructions for your architecture can be found at [golang downloads page](https://go.dev/dl/). Next, confirm the installation by running the following command: @@ -65,13 +65,13 @@ go test ./... Running classification tests: ```bash -go test ./pkg/classification/... -count=1 +go test ./internal/classification/... -count=1 ``` Running a single specific test: ```bash -go test -run ^TestSchema$ ./pkg/classification/schema -count=1 +go test -run ^TestSchema$ ./internal/classification/schema -count=1 ``` ### Integration testing diff --git a/docs/contributing/recipes.md b/docs/contributing/recipes.md index cde204a73..7505287e7 100644 --- a/docs/contributing/recipes.md +++ b/docs/contributing/recipes.md @@ -6,11 +6,11 @@ title: Add or update a recipe Recipes are part of how Bearer CLI makes connections between your code and other sources. These are things like data stores, APIs, and internal services. They work by providing information about endpoints, API base urls, package information, etc. -Recipes are located at `bearer/pkg/classification/db/recipes/`. +Recipes are located at `bearer/internal/classification/db/recipes/`. ```md . -├ pkg/ +├ internal/ │ └ classification/ │ └ db/ │ └ recipes/ @@ -29,7 +29,7 @@ Each recipe consists of a `JSON` file containing the following properties: - `package_manager` (string): The package manager that manages the package, such as npm, go, etc. - `uuid`: A unique identifier to distinguish the recipe from others. See below for [generating a new uuid](#generating-a-uuid). - `sub_type` (string): The subtype of the earlier `type` property. - - `external_service` subtypes: + - `external_service` subtypes: - `third_party` - `data_store` subtypes: - `database` @@ -42,7 +42,7 @@ Each recipe consists of a `JSON` file containing the following properties: - `internal_service` subtypes: - `message_bus` -If any of the existing properties and available values don't meet the needs of your new recipe, [open a new issue]({{meta.sourcePath}}/issues/new/choose). You can view the existing recipes [in the GitHub repo]({{meta.sourcePath}}/tree/main/pkg/classification/db/recipes). +If any of the existing properties and available values don't meet the needs of your new recipe, [open a new issue]({{meta.sourcePath}}/issues/new/choose). You can view the existing recipes [in the GitHub repo]({{meta.sourcePath}}/tree/main/internal/classification/db/recipes). ## Generating a UUID @@ -62,4 +62,4 @@ uuidgen | tr "[:upper:]" "[:lower:]" ## Commiting the new recipe -To contribute the new recipe to Bearer CLI, refer to the [Contributing Code guide](/contributing/code/). \ No newline at end of file +To contribute the new recipe to Bearer CLI, refer to the [Contributing Code guide](/contributing/code/). diff --git a/docs/explanations/reports.md b/docs/explanations/reports.md index ef329699f..7f31e69fc 100644 --- a/docs/explanations/reports.md +++ b/docs/explanations/reports.md @@ -11,7 +11,7 @@ Bearer CLI can generate various types of reports about your codebase, all from t - Usage: `bearer scan . --report security` - Default format: `json` -The security report allows you to quickly see security risks and vulnerabilities found in your codebase using a security [scanner type](/explanations/scanners) (SAST by default). +The security report allows you to quickly see security risks and vulnerabilities found in your codebase using a security [scanner type](/explanations/scanners) (SAST by default). For each violation, the report includes the affected file and, when possible, the line of code and a snippet of the surrounding code. Here's an excerpt from the security report run on the [OWASP Juice Shop app](https://github.com/juice-shop/juice-shop): @@ -111,7 +111,7 @@ By default, Bearer CLI maps all subjects to “User”, but you can override thi bearer scan . --report=privacy --data-subject-mapping=/path/to/mappings.json ``` -The custom map file should follow the format used by [subject_mapping.json]({{meta.sourcePath}}/blob/main/pkg/classification/db/subject_mapping.json). Replace a key’s value with the higher-level subject you’d like to associate it with. Some examples might include Customer, Employee, Client, Patient, etc. Bearer CLI will use your replacement file instead of the default, so make sure to include any and all subjects you want reported. +The custom map file should follow the format used by [subject_mapping.json]({{meta.sourcePath}}/blob/main/internal/classification/db/subject_mapping.json). Replace a key’s value with the higher-level subject you’d like to associate it with. Some examples might include Customer, Employee, Client, Patient, etc. Bearer CLI will use your replacement file instead of the default, so make sure to include any and all subjects you want reported. ## Data Flow Report @@ -185,4 +185,4 @@ If we look at the `db/schema.rb` file mentioned in the report, we can see that e ## Next steps -For additional options on generating reports, selecting format types, and writing the output to a file, see the [command reference](/reference/commands/) documentation. \ No newline at end of file +For additional options on generating reports, selecting format types, and writing the output to a file, see the [command reference](/reference/commands/) documentation. diff --git a/docs/explanations/scanners.md b/docs/explanations/scanners.md index 607afb793..ddc89373d 100644 --- a/docs/explanations/scanners.md +++ b/docs/explanations/scanners.md @@ -4,7 +4,7 @@ title: Scanner Types # Scanner Types -Bearer CLI comes with two types of security scanners, SAST (default) and Secrets. +Bearer CLI comes with two types of security scanners, SAST (default) and Secrets. ## SAST Scanner @@ -51,7 +51,7 @@ Detected: Password in URL File: ../../OWASP/NodeGoat/README.md:59 ``` -You can see a full list of [built-in patterns](https://github.com/Bearer/bearer/blob/main/pkg/detectors/gitleaks/gitlab_config.toml). +You can see a full list of [built-in patterns](https://github.com/Bearer/bearer/blob/main/internal/detectors/gitleaks/gitlab_config.toml). ⚠️ Secret detection patterns are not configurable today. If this is something you'd like to see, please open an [issue](https://github.com/Bearer/bearer/issues). diff --git a/docs/guides/custom-rule.md b/docs/guides/custom-rule.md index dc471978c..436cc6d28 100644 --- a/docs/guides/custom-rule.md +++ b/docs/guides/custom-rule.md @@ -34,7 +34,7 @@ the matched code. - `id`: A unique identifier. Internal rules are named `lang_framework_rule_name`. For rules targeting the language core, `lang` is used instead of a framework name. For example `ruby_lang_logger` and `ruby_rails_logger`. For custom rules, you may consider appending your org name. - `description`: A brief, one-sentence description of the rule. The best practice is to make this an actionable “rule” phrase, such as “Do X” or “Do not do X in Y”. - `cwe_id`: The associated list of [CWE](https://cwe.mitre.org/) identifiers. (Optional) - - `associated_recipe`: Links the rule to a [recipe]({{meta.sourcePath}}/tree/main/pkg/classification/db/recipes). Useful for associating a rule with a third party. Example: “Sentry” (Optional) + - `associated_recipe`: Links the rule to a [recipe]({{meta.sourcePath}}/tree/main/internal/classification/db/recipes). Useful for associating a rule with a third party. Example: “Sentry” (Optional) - `remediation_message`: Used for internal rules, this builds the documentation page for a rule. (Optional) - `documentation_url`: Used to pass custom documentation URL for the security report. This can be useful for linking to your own internal documentation or policies. By default, all rules in the main repo will automatically generate a link to the rule on [docs.bearer.com](/). (Optional) - `auxiliary`: Allows you to define helper rules and detectors to make pattern-building more robust. Auxiliary rules contain a unique `id` and their own `patterns` in the same way rules do. You’re unlikely to use this regularly. See the [weak_encryption](https://github.com/Bearer/bearer-rules/blob/main/ruby/lang/weak_encryption.yml) rule for examples. In addition, see our advice on how to avoid [variable joining](#variable-joining) in auxiliary rules. (Optional) diff --git a/docs/guides/privacy.md b/docs/guides/privacy.md index 4db9b951e..5c6a9453b 100644 --- a/docs/guides/privacy.md +++ b/docs/guides/privacy.md @@ -14,7 +14,7 @@ Bearer CLI's [privacy report type](/explanations/reports/#privacy-report) allows ## Getting started -If you haven't already, install Bearer CLI using the instructions on the [installation page](/reference/installation/) or the [quick start](/quickstart/). +If you haven't already, install Bearer CLI using the instructions on the [installation page](/reference/installation/) or the [quick start](/quickstart/). To run your first privacy report, navigate to the project root and use the `bearer scan` command with the `--report privacy` flag: @@ -110,7 +110,7 @@ This will allow team members to import the report into spreadsheets or their pre ## Subject mapping -Bearer CLI uses "User" as the default data subject. To override this, you can copy the [subject_mapping.json](https://github.com/bearer/bearer/blob/main/pkg/classification/db/subject_mapping.json) and customize it to your needs. Then, use the `--data-subject-mapping` flag to use your mappings instead. This will use your supplied mapping file instead of the default. +Bearer CLI uses "User" as the default data subject. To override this, you can copy the [subject_mapping.json](https://github.com/bearer/bearer/blob/main/internal/classification/db/subject_mapping.json) and customize it to your needs. Then, use the `--data-subject-mapping` flag to use your mappings instead. This will use your supplied mapping file instead of the default. ```bash bearer scan . --report privacy --data-subject-mapping /path/to/mappings.json @@ -120,4 +120,4 @@ This is useful when your team has different terms for data subjects, or multiple ## Next steps -For more ways to make the most of our Bearer CLI, see our guide on [configuring the scan](/guides/configure-scan/) and the [commands reference](/reference/commands/). Need additional help? [Open an issue]({{meta.links.issues}}) or join our [Discord community]({{meta.links.discord}}). \ No newline at end of file +For more ways to make the most of our Bearer CLI, see our guide on [configuring the scan](/guides/configure-scan/) and the [commands reference](/reference/commands/). Need additional help? [Open an issue]({{meta.links.issues}}) or join our [Discord community]({{meta.links.discord}}). diff --git a/docs/reference/commands.njk b/docs/reference/commands.njk index 98165c82f..a61aab921 100644 --- a/docs/reference/commands.njk +++ b/docs/reference/commands.njk @@ -3,7 +3,7 @@ title: Commands layout: layouts/doc.njk --- {# Welcome :wave:. The content of this page is automatically generated based on Bearer's CLI help files. -They can be found here: https://github.com/Bearer/bearer/tree/main/pkg/commands +They can be found here: https://github.com/Bearer/bearer/tree/main/internal/commands #} {% set items = [bearer_scan, bearer_init, bearer_ignore_add, bearer_ignore_show, bearer_ignore_remove, bearer_ignore_pull, bearer_ignore_migrate, bearer_version] %} @@ -60,4 +60,4 @@ Bearer CLI offers a number of commands to use and customize the CLI to your need

In addition to the primary {{ item.name | trim }} command, you can also use {{ item.aliases | trim}} in place of it.

{% endif %} -{% endfor %} \ No newline at end of file +{% endfor %} diff --git a/docs/reference/datatypes.njk b/docs/reference/datatypes.njk index 4cd1d02e9..3830b81b2 100644 --- a/docs/reference/datatypes.njk +++ b/docs/reference/datatypes.njk @@ -3,11 +3,11 @@ title: Data Types layout: layouts/doc.njk --- {# This content of this page is generated. To edit individual types or category text, -edit the files located at https://github.com/Bearer/bearer/tree/main/pkg/classification/db #} +edit the files located at https://github.com/Bearer/bearer/tree/main/internal/classification/db #} {% renderTemplate "liquid,md", datatypes %} # Supported Data Types -Bearer CLI supports {{counts.types}} data types including Personal Data (PD), Sensitive Personal Data, Personally Identifiable Information (PII), and Protected Health Information (PHI). +Bearer CLI supports {{counts.types}} data types including Personal Data (PD), Sensitive Personal Data, Personally Identifiable Information (PII), and Protected Health Information (PHI). The following is a catagorized list of the supported data types. {% endrenderTemplate %} @@ -22,4 +22,4 @@ The following is a catagorized list of the supported data types. {% endfor %} {% endfor %} -{% endfor %} \ No newline at end of file +{% endfor %} diff --git a/docs/reference/installation.md b/docs/reference/installation.md index 693cf7c95..4bf3e6790 100644 --- a/docs/reference/installation.md +++ b/docs/reference/installation.md @@ -66,7 +66,7 @@ sudo yum -y install bearer ### Docker -Bearer CLI is also available as a Docker image on [Docker Hub](https://hub.docker.com/r/bearer/bearer) and [ghcr.io](https://github.com/Bearer/bearer/pkgs/container/bearer). +Bearer CLI is also available as a Docker image on [Docker Hub](https://hub.docker.com/r/bearer/bearer) and [ghcr.io](https://github.com/bearer/bearer/internals/container/bearer). With docker installed, you can run the following command with the appropriate paths in place of the examples. diff --git a/e2e/flags/report_flags_test.go b/e2e/flags/report_flags_test.go index 6a5dc49e7..b8b2d42a3 100644 --- a/e2e/flags/report_flags_test.go +++ b/e2e/flags/report_flags_test.go @@ -6,7 +6,7 @@ import ( "testing" "github.com/bearer/bearer/e2e/internal/testhelper" - "github.com/bearer/bearer/pkg/util/tmpfile" + "github.com/bearer/bearer/internal/util/tmpfile" "github.com/bradleyjkemp/cupaloy" ) diff --git a/e2e/rules/.snapshots/TestSanitizer-testdata-data-sanitizer b/e2e/rules/.snapshots/TestSanitizer-testdata-data-sanitizer index d58602319..f454e2970 100644 --- a/e2e/rules/.snapshots/TestSanitizer-testdata-data-sanitizer +++ b/e2e/rules/.snapshots/TestSanitizer-testdata-data-sanitizer @@ -68,8 +68,8 @@ critical: content: log("abc" + user.email) parent_line_number: 4 snippet: log("abc" + user.email) - fingerprint: 6c505050fabde2c4ed17380d19fab254_2 - old_fingerprint: d2e829ba86a33c5a52844641617ad8a7_2 + fingerprint: 6c505050fabde2c4ed17380d19fab254_1 + old_fingerprint: d2e829ba86a33c5a52844641617ad8a7_1 code_extract: log("abc" + user.email) diff --git a/e2e/rules/testdata/rules/sanitizer.yml b/e2e/rules/testdata/rules/sanitizer.yml index 3bc587d40..133d90d86 100644 --- a/e2e/rules/testdata/rules/sanitizer.yml +++ b/e2e/rules/testdata/rules/sanitizer.yml @@ -14,7 +14,7 @@ auxiliary: filters: - variable: DATA_TYPE detection: datatype - contains: false + scope: cursor - id: sanitizer_test_sanitizer patterns: - hash($$<_>) diff --git a/go.mod b/go.mod index 2d3a2cbcf..abb112f88 100644 --- a/go.mod +++ b/go.mod @@ -1,8 +1,9 @@ module github.com/bearer/bearer -go 1.19 +go 1.21 require ( + github.com/bits-and-blooms/bitset v1.8.0 github.com/bradleyjkemp/cupaloy v2.3.0+incompatible github.com/buildkite/terminal v3.2.0+incompatible github.com/dustin/go-humanize v1.0.1 @@ -16,6 +17,8 @@ require ( github.com/google/uuid v1.3.1 github.com/hhatto/gocloc v0.5.1 github.com/jessevdk/go-flags v1.5.0 + github.com/onsi/ginkgo/v2 v2.12.0 + github.com/onsi/gomega v1.27.10 github.com/open-policy-agent/opa v0.56.0 github.com/rodaine/table v1.1.0 github.com/rs/zerolog v1.30.0 @@ -24,7 +27,6 @@ require ( github.com/schollz/progressbar/v3 v3.13.1 github.com/shirou/gopsutil/v3 v3.23.8 github.com/smacker/go-tree-sitter v0.0.0-20220829074436-0a7a807924f2 - github.com/ssoroka/slice v0.0.0-20220402005549-78f0cea3df8b github.com/stretchr/testify v1.8.4 github.com/tangzero/inflector v1.0.0 github.com/weppos/publicsuffix-go v0.30.1 @@ -85,9 +87,12 @@ require ( github.com/go-logr/logr v1.2.4 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-ole/go-ole v1.2.6 // indirect + github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.3 // indirect + github.com/google/go-cmp v0.5.9 // indirect github.com/google/go-querystring v1.1.0 // indirect + github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 // indirect github.com/gorilla/mux v1.8.0 // indirect github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect github.com/kevinburke/ssh_config v1.2.0 // indirect @@ -112,7 +117,7 @@ require ( go.opentelemetry.io/otel/sdk v1.16.0 // indirect go.opentelemetry.io/otel/trace v1.16.0 // indirect golang.org/x/crypto v0.13.0 // indirect - golang.org/x/tools v0.7.0 // indirect + golang.org/x/tools v0.12.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/protobuf v1.31.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect diff --git a/go.sum b/go.sum index 7e2a1311f..5a3d7925e 100644 --- a/go.sum +++ b/go.sum @@ -54,13 +54,17 @@ github.com/acomagu/bufpipe v1.0.4/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ github.com/agnivade/levenshtein v1.1.1 h1:QY8M92nrzkmr798gCo3kmMyqXFzdQVpxLlGPRBij0P8= github.com/agnivade/levenshtein v1.1.1/go.mod h1:veldBMzWxcCG2ZvUTKD2kJNRdCk5hVbJomOvKkmgYbo= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= +github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= +github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k= github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/bits-and-blooms/bitset v1.8.0 h1:FD+XqgOZDUxxZ8hzoBFuV9+cGWY9CslN6d5MS5JVb4c= +github.com/bits-and-blooms/bitset v1.8.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8= github.com/bradleyjkemp/cupaloy v2.3.0+incompatible h1:UafIjBvWQmS9i/xRg+CamMrnLTKNzo+bdmT/oH34c2Y= github.com/bradleyjkemp/cupaloy v2.3.0+incompatible/go.mod h1:Au1Xw1sgaJ5iSFktEhYsS0dbQiS1B0/XMXl+42y9Ilk= github.com/buildkite/terminal v3.2.0+incompatible h1:08p6611HADinUwK0oyxCaAsnFXVDU4GlTW1TdXVP+5s= @@ -68,9 +72,12 @@ github.com/buildkite/terminal v3.2.0+incompatible/go.mod h1:iQavkS6X0wlozOmO2rxH github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/bytecodealliance/wasmtime-go/v3 v3.0.2 h1:3uZCA/BLTIu+DqCfguByNMJa2HVHpXvjfy0Dy7g6fuA= +github.com/bytecodealliance/wasmtime-go/v3 v3.0.2/go.mod h1:RnUjnIXxEJcL6BgCvNyzCCRzZcxCgsZCi+RNlvYor5Q= github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM= +github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= +github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/charmbracelet/lipgloss v0.6.0 h1:1StyZB9vBSOyuZxQUcUwGr17JmojPNm87inij9N3wJY= @@ -93,12 +100,15 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dgraph-io/badger/v3 v3.2103.5 h1:ylPa6qzbjYRQMU6jokoj4wzcaweHylt//CH0AKt0akg= +github.com/dgraph-io/badger/v3 v3.2103.5/go.mod h1:4MPiseMeDQ3FNCYwRbbcBOGJLf5jsE0PPFzRiKjtcdw= github.com/dgraph-io/ristretto v0.1.1 h1:6CWw5tJNgpegArSHpNHJKldNeq03FQCwYvfMVWajOK8= +github.com/dgraph-io/ristretto v0.1.1/go.mod h1:S1GPSBCYCIhmVNfcth17y2zZtQT6wzkzgwUve0VDWWA= github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48 h1:fRzb/w+pyskVMQ+UbP35JkH8yB7MYb4q/qhBarqZE6g= github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48/go.mod h1:if7Fbed8SFyPtHLHbg49SI7NAdJiC5WIA09pe59rfAA= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819 h1:RIB4cRk+lBqKK3Oy0r2gRX4ui7tuhiZq2SuTtTCi0/0= +github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= @@ -112,9 +122,13 @@ github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBD github.com/fatih/semgroup v1.2.0 h1:h/OLXwEM+3NNyAdZEpMiH1OzfplU09i2qXPVThGZvyg= github.com/fatih/semgroup v1.2.0/go.mod h1:1KAD4iIYfXjE4U13B48VM4z9QUwV5Tt8O4rS879kgm8= github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= +github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= +github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI= +github.com/foxcpp/go-mockdns v1.0.0/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4= github.com/frankban/quicktest v1.14.4 h1:g2rn0vABPOOXmZUj+vbmUp0lPoXEMuhTpIluN0XL9UY= +github.com/frankban/quicktest v1.14.4/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/gertd/go-pluralize v0.2.1 h1:M3uASbVjMnTsPb0PNqg+E/24Vwigyo/tvyMTtAlLgiA= @@ -126,6 +140,7 @@ github.com/gitleaks/go-gitdiff v0.9.0/go.mod h1:pKz0X4YzCKZs30BL+weqBIG7mx0jl4tF github.com/gitsight/go-vcsurl v1.0.1 h1:wkijKsbVg9R2IBP97U7wOANeIW9WJJKkBwS9XqllzWo= github.com/gitsight/go-vcsurl v1.0.1/go.mod h1:qRFdKDa/0Lh9MT0xE+qQBYZ/01+mY1H40rZUHR24X9U= github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY= +github.com/gliderlabs/ssh v0.3.5/go.mod h1:8XB4KraRrX39qHhT6yxPsHedjA08I/uBVwj4xC+/+z4= github.com/go-enry/go-enry/v2 v2.8.4 h1:QrY3hx/RiqCJJRbdU0MOcjfTM1a586J0WSooqdlJIhs= github.com/go-enry/go-enry/v2 v2.8.4/go.mod h1:9yrj4ES1YrbNb1Wb7/PWYr2bpaCXUGRt0uafN0ISyG8= github.com/go-enry/go-oniguruma v1.2.1 h1:k8aAMuJfMrqm/56SG2lV9Cfti6tC4x8673aHCcBk+eo= @@ -135,6 +150,7 @@ github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmS github.com/go-git/go-billy/v5 v5.4.1 h1:Uwp5tDRkPr+l/TnbHOQzp+tmJfLceOlbVucgpTz8ix4= github.com/go-git/go-billy/v5 v5.4.1/go.mod h1:vjbugF6Fz7JIflbVpl1hJsGjSHNltrSw45YK/ukIvQg= github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20230305113008-0c11038e723f h1:Pz0DHeFij3XFhoBRGUDPzSJ+w2UcK5/0JvF8DRI58r8= +github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20230305113008-0c11038e723f/go.mod h1:8LHG1a3SRW71ettAD/jW13h8c6AqjVSeL11RAdgaqpo= github.com/go-git/go-git/v5 v5.8.1 h1:Zo79E4p7TRk0xoRgMq0RShiTHGKcKI4+DI6BfJc/Q+A= github.com/go-git/go-git/v5 v5.8.1/go.mod h1:FHFuoD6yGz5OSKEBK+aWN9Oah0q54Jxl0abmj6GnqAo= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= @@ -149,12 +165,16 @@ github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY= github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/glog v1.1.0 h1:/d3pCKDPWNnvIWe0vVUpNP32qc8U3PDVxySP/y360qE= +github.com/golang/glog v1.1.0/go.mod h1:pfYeQZ3JWZoXTV5sFc986z3HTpwQs9At6P4ImfuP3NQ= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -186,9 +206,11 @@ github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiu github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= +github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/flatbuffers v1.12.1 h1:MVlul7pQNoDzWRLTw5imwYsl+usrS1TXG2H4jg6ImGw= +github.com/google/flatbuffers v1.12.1/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= @@ -221,6 +243,8 @@ github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 h1:yAJXTCF9TqKcTiHJAE8dj7HMvPfh66eeA2JYW7eFpSE= +github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= @@ -231,6 +255,7 @@ github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8 github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0 h1:BZHcxBETFHIdVyhyEfOvn/RdU/QGdLI4y34qQGjGWO0= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0/go.mod h1:hgWBS7lorOAVIJEQMi4ZsPv9hVvWI6+ch50m39Pf2Ks= github.com/h2non/filetype v1.1.3 h1:FKkx9QbD7HR/zjK1Ia5XiBsq9zdLi5Kf3zGyFTAFkGg= github.com/h2non/filetype v1.1.3/go.mod h1:319b3zT68BvV+WRj7cwy856M2ehB3HqNOt6sy1HndBY= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= @@ -254,10 +279,12 @@ github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4 github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.16.0 h1:iULayQNOReoYUe+1qtKOqw9CwJv3aNQu8ivo7lw1HU4= +github.com/klauspost/compress v1.16.0/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -286,6 +313,7 @@ github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/miekg/dns v1.1.43 h1:JKfpVSCB84vrAmHzyrsxB5NAr5kLoMXZArPSw7Qlgyg= +github.com/miekg/dns v1.1.43/go.mod h1:+evo5L0630/F6ca/Z9+GAqzhjGyn8/c+TBaOyfEl0V4= github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db h1:62I3jR2EmQ4l5rM/4FEfDWcRD+abF5XlKShorW5LRoQ= github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db/go.mod h1:l0dey0ia/Uv7NcFFVbCLtqEBQbrT4OCwCSKTEv6enCw= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= @@ -297,6 +325,10 @@ github.com/muesli/termenv v0.11.1-0.20220204035834-5ac8409525e0/go.mod h1:Bd5NYQ github.com/muesli/termenv v0.15.1 h1:UzuTb/+hhlBugQz28rpzey4ZuKcZ03MeKsoG7IJZIxs= github.com/muesli/termenv v0.15.1/go.mod h1:HeAQPTzpfs016yGtA4g00CsdYnVLJvxsS4ANqrZs2sQ= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= +github.com/onsi/ginkgo/v2 v2.12.0 h1:UIVDowFPwpg6yMUpPjGkYvf06K3RAiJXUhCxEwQVHRI= +github.com/onsi/ginkgo/v2 v2.12.0/go.mod h1:ZNEzXISYlqpb8S36iN71ifqLi3vVD1rVJGvWRCJOUpQ= +github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI= +github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M= github.com/open-policy-agent/opa v0.56.0 h1:FUSb6MyckjuffOMshEG8P+HGnckxkJ8ENZJHEzAddhk= github.com/open-policy-agent/opa v0.56.0/go.mod h1:un01L10fkolr00KJMDSqGb2FXCjVyVQOybLtHOfSEfY= github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= @@ -333,6 +365,7 @@ github.com/rodaine/table v1.1.0 h1:/fUlCSdjamMY8VifdQRIu3VWZXYLY7QHFkVorS8NTr4= github.com/rodaine/table v1.1.0/go.mod h1:Qu3q5wi1jTQD6B6HsP6szie/S4w1QUQ8pq22pz9iL8g= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= +github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= github.com/rs/zerolog v1.30.0 h1:SymVODrcRsaRaSInD9yQtKbtWqwsfoPcRff/oRXLj4c= github.com/rs/zerolog v1.30.0/go.mod h1:/tk+P47gFdPXq4QYjvCmT5/Gsug2nagsFWBWhAiSi1w= @@ -371,8 +404,6 @@ github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.16.0 h1:rGGH0XDZhdUOryiDWjmIvUSWpbNqisK8Wk0Vyefw8hc= github.com/spf13/viper v1.16.0/go.mod h1:yg78JgCJcbrQOvV9YLXgkLaZqUidkY9K+Dd1FofRzQg= -github.com/ssoroka/slice v0.0.0-20220402005549-78f0cea3df8b h1:nDFJ1KYD1CSRP3nHtkvCH+ztuoz+QW++OvCLgpS6kQE= -github.com/ssoroka/slice v0.0.0-20220402005549-78f0cea3df8b/go.mod h1:l4Ov7Zo7X3/MCC+pefg/lN7x8X8FKb1Ub7oxosKKJa0= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= @@ -428,12 +459,17 @@ go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= +go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.42.0 h1:pginetY7+onl4qN1vl0xW/V/v6OBZ0vVdH+esuJgvmM= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.42.0/go.mod h1:XiYsayHc36K3EByOO6nbAXnAWbrUxdjUROCEeeROOH8= go.opentelemetry.io/otel v1.16.0 h1:Z7GVAX/UkAXPKsy94IU+i6thsQS4nb7LviLpnaNeW8s= go.opentelemetry.io/otel v1.16.0/go.mod h1:vl0h9NUa1D5s1nv3A5vZOYWn8av4K8Ml6JDeHrT/bx4= go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.16.0 h1:t4ZwRPU+emrcvM2e9DHd0Fsf0JTPVcbfa/BhTDF03d0= +go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.16.0/go.mod h1:vLarbg68dH2Wa77g71zmKQqlQ8+8Rq3GRG31uc0WcWI= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.16.0 h1:cbsD4cUcviQGXdw8+bo5x2wazq10SKz8hEbtCRPcU78= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.16.0/go.mod h1:JgXSGah17croqhJfhByOLVY719k1emAXC8MVhCIJlRs= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.16.0 h1:TVQp/bboR4mhZSav+MdgXB8FaRho1RC8UwVn3T0vjVc= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.16.0/go.mod h1:I33vtIe0sR96wfrUcilIzLoA3mLHhRmz9S9Te0S3gDo= go.opentelemetry.io/otel/metric v1.16.0 h1:RbrpwVG1Hfv85LgnZ7+txXioPDoh6EdbZHo26Q3hqOo= go.opentelemetry.io/otel/metric v1.16.0/go.mod h1:QE47cpOmkwipPiefDwo2wDzwJrlfxxNYodqc4xnGCo4= go.opentelemetry.io/otel/sdk v1.16.0 h1:Z1Ok1YsijYL0CSJpHt4cS3wDDh7p572grzNrBMiMWgE= @@ -441,6 +477,7 @@ go.opentelemetry.io/otel/sdk v1.16.0/go.mod h1:tMsIuKXuuIWPBAOrH+eHtvhTL+SntFtXF go.opentelemetry.io/otel/trace v1.16.0 h1:8JRpaObFoW0pxuVPapkgH8UhHQj+bJW8jJsCZEu5MQs= go.opentelemetry.io/otel/trace v1.16.0/go.mod h1:Yt9vYq1SdNz3xdjZZK7wcXv1qv2pwLkqr2QVwea0ef0= go.opentelemetry.io/proto/otlp v0.19.0 h1:IVN6GR+mhC4s5yfcTbmzHYODqvWAp3ZedA2SJPI1Nnw= +go.opentelemetry.io/proto/otlp v0.19.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= @@ -693,8 +730,8 @@ golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.7.0 h1:W4OVu8VVOaIO0yzWMNdepAulS7YfoS3Zabrm8DOXXU4= -golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= +golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss= +golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -763,8 +800,11 @@ google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20230526161137-0005af68ea54 h1:9NWlQfY2ePejTmfwUH1OWwmznFa+0kKcHGPDvcPza9M= +google.golang.org/genproto v0.0.0-20230526161137-0005af68ea54/go.mod h1:zqTuNwFlFRsw5zIts5VnzLQxSRqh+CGOTVMlYbY0Eyk= google.golang.org/genproto/googleapis/api v0.0.0-20230525234035-dd9d682886f9 h1:m8v1xLLLzMe1m5P+gCTF8nJB9epwZQUBERm20Oy1poQ= +google.golang.org/genproto/googleapis/api v0.0.0-20230525234035-dd9d682886f9/go.mod h1:vHYtlOoi6TsQ3Uk2yxR7NI5z8uoV+3pZtR4jmHIkRig= google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19 h1:0nDDozoAU19Qb2HwhXadU8OcsiO/09cnTqhUtq2MEOM= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -782,6 +822,7 @@ google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.57.0 h1:kfzNeI/klCGD2YPMUlaGNT3pxvYfga7smW3Vth8Zsiw= +google.golang.org/grpc v1.57.0/go.mod h1:Sd+9RMTACXwmub0zcNY2c4arhtrbBYD1AUHI/dt16Mo= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= diff --git a/pkg/classification/classification.go b/internal/classification/classification.go similarity index 81% rename from pkg/classification/classification.go rename to internal/classification/classification.go index 4d5b4ff9e..901477036 100644 --- a/pkg/classification/classification.go +++ b/internal/classification/classification.go @@ -1,13 +1,13 @@ package classification import ( - "github.com/bearer/bearer/pkg/classification/db" - "github.com/bearer/bearer/pkg/classification/dependencies" - "github.com/bearer/bearer/pkg/classification/frameworks" - "github.com/bearer/bearer/pkg/classification/interfaces" - "github.com/bearer/bearer/pkg/classification/schema" - config "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/util/url" + "github.com/bearer/bearer/internal/classification/db" + "github.com/bearer/bearer/internal/classification/dependencies" + "github.com/bearer/bearer/internal/classification/frameworks" + "github.com/bearer/bearer/internal/classification/interfaces" + "github.com/bearer/bearer/internal/classification/schema" + config "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/util/url" ) type Classifier struct { diff --git a/pkg/classification/db/category_grouping.json b/internal/classification/db/category_grouping.json similarity index 100% rename from pkg/classification/db/category_grouping.json rename to internal/classification/db/category_grouping.json diff --git a/pkg/classification/db/data_categories/authenticating.json b/internal/classification/db/data_categories/authenticating.json similarity index 100% rename from pkg/classification/db/data_categories/authenticating.json rename to internal/classification/db/data_categories/authenticating.json diff --git a/pkg/classification/db/data_categories/behavioral_information.json b/internal/classification/db/data_categories/behavioral_information.json similarity index 100% rename from pkg/classification/db/data_categories/behavioral_information.json rename to internal/classification/db/data_categories/behavioral_information.json diff --git a/pkg/classification/db/data_categories/communication.json b/internal/classification/db/data_categories/communication.json similarity index 100% rename from pkg/classification/db/data_categories/communication.json rename to internal/classification/db/data_categories/communication.json diff --git a/pkg/classification/db/data_categories/computer_device.json b/internal/classification/db/data_categories/computer_device.json similarity index 100% rename from pkg/classification/db/data_categories/computer_device.json rename to internal/classification/db/data_categories/computer_device.json diff --git a/pkg/classification/db/data_categories/contact.json b/internal/classification/db/data_categories/contact.json similarity index 100% rename from pkg/classification/db/data_categories/contact.json rename to internal/classification/db/data_categories/contact.json diff --git a/pkg/classification/db/data_categories/credit_history.json b/internal/classification/db/data_categories/credit_history.json similarity index 100% rename from pkg/classification/db/data_categories/credit_history.json rename to internal/classification/db/data_categories/credit_history.json diff --git a/pkg/classification/db/data_categories/criminal_records.json b/internal/classification/db/data_categories/criminal_records.json similarity index 100% rename from pkg/classification/db/data_categories/criminal_records.json rename to internal/classification/db/data_categories/criminal_records.json diff --git a/pkg/classification/db/data_categories/demographic.json b/internal/classification/db/data_categories/demographic.json similarity index 100% rename from pkg/classification/db/data_categories/demographic.json rename to internal/classification/db/data_categories/demographic.json diff --git a/pkg/classification/db/data_categories/ethnicity.json b/internal/classification/db/data_categories/ethnicity.json similarity index 100% rename from pkg/classification/db/data_categories/ethnicity.json rename to internal/classification/db/data_categories/ethnicity.json diff --git a/pkg/classification/db/data_categories/family.json b/internal/classification/db/data_categories/family.json similarity index 100% rename from pkg/classification/db/data_categories/family.json rename to internal/classification/db/data_categories/family.json diff --git a/pkg/classification/db/data_categories/financial_accounts.json b/internal/classification/db/data_categories/financial_accounts.json similarity index 100% rename from pkg/classification/db/data_categories/financial_accounts.json rename to internal/classification/db/data_categories/financial_accounts.json diff --git a/pkg/classification/db/data_categories/identification.json b/internal/classification/db/data_categories/identification.json similarity index 100% rename from pkg/classification/db/data_categories/identification.json rename to internal/classification/db/data_categories/identification.json diff --git a/pkg/classification/db/data_categories/knowledge_and_belief.json b/internal/classification/db/data_categories/knowledge_and_belief.json similarity index 100% rename from pkg/classification/db/data_categories/knowledge_and_belief.json rename to internal/classification/db/data_categories/knowledge_and_belief.json diff --git a/pkg/classification/db/data_categories/location.json b/internal/classification/db/data_categories/location.json similarity index 100% rename from pkg/classification/db/data_categories/location.json rename to internal/classification/db/data_categories/location.json diff --git a/pkg/classification/db/data_categories/medical_and_health.json b/internal/classification/db/data_categories/medical_and_health.json similarity index 100% rename from pkg/classification/db/data_categories/medical_and_health.json rename to internal/classification/db/data_categories/medical_and_health.json diff --git a/pkg/classification/db/data_categories/personal_ownership.json b/internal/classification/db/data_categories/personal_ownership.json similarity index 100% rename from pkg/classification/db/data_categories/personal_ownership.json rename to internal/classification/db/data_categories/personal_ownership.json diff --git a/pkg/classification/db/data_categories/physical_characteristic.json b/internal/classification/db/data_categories/physical_characteristic.json similarity index 100% rename from pkg/classification/db/data_categories/physical_characteristic.json rename to internal/classification/db/data_categories/physical_characteristic.json diff --git a/pkg/classification/db/data_categories/preference.json b/internal/classification/db/data_categories/preference.json similarity index 100% rename from pkg/classification/db/data_categories/preference.json rename to internal/classification/db/data_categories/preference.json diff --git a/pkg/classification/db/data_categories/professional_information.json b/internal/classification/db/data_categories/professional_information.json similarity index 100% rename from pkg/classification/db/data_categories/professional_information.json rename to internal/classification/db/data_categories/professional_information.json diff --git a/pkg/classification/db/data_categories/public_life.json b/internal/classification/db/data_categories/public_life.json similarity index 100% rename from pkg/classification/db/data_categories/public_life.json rename to internal/classification/db/data_categories/public_life.json diff --git a/pkg/classification/db/data_categories/sexual.json b/internal/classification/db/data_categories/sexual.json similarity index 100% rename from pkg/classification/db/data_categories/sexual.json rename to internal/classification/db/data_categories/sexual.json diff --git a/pkg/classification/db/data_categories/social_network.json b/internal/classification/db/data_categories/social_network.json similarity index 100% rename from pkg/classification/db/data_categories/social_network.json rename to internal/classification/db/data_categories/social_network.json diff --git a/pkg/classification/db/data_categories/transactional.json b/internal/classification/db/data_categories/transactional.json similarity index 100% rename from pkg/classification/db/data_categories/transactional.json rename to internal/classification/db/data_categories/transactional.json diff --git a/pkg/classification/db/data_type_classification_patterns/100_telephone_number.json b/internal/classification/db/data_type_classification_patterns/100_telephone_number.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/100_telephone_number.json rename to internal/classification/db/data_type_classification_patterns/100_telephone_number.json diff --git a/pkg/classification/db/data_type_classification_patterns/101_geographic.json b/internal/classification/db/data_type_classification_patterns/101_geographic.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/101_geographic.json rename to internal/classification/db/data_type_classification_patterns/101_geographic.json diff --git a/pkg/classification/db/data_type_classification_patterns/102_transactions.json b/internal/classification/db/data_type_classification_patterns/102_transactions.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/102_transactions.json rename to internal/classification/db/data_type_classification_patterns/102_transactions.json diff --git a/pkg/classification/db/data_type_classification_patterns/103_browser_fingerprint.json b/internal/classification/db/data_type_classification_patterns/103_browser_fingerprint.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/103_browser_fingerprint.json rename to internal/classification/db/data_type_classification_patterns/103_browser_fingerprint.json diff --git a/pkg/classification/db/data_type_classification_patterns/104_emails.json b/internal/classification/db/data_type_classification_patterns/104_emails.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/104_emails.json rename to internal/classification/db/data_type_classification_patterns/104_emails.json diff --git a/pkg/classification/db/data_type_classification_patterns/105_links_clicked.json b/internal/classification/db/data_type_classification_patterns/105_links_clicked.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/105_links_clicked.json rename to internal/classification/db/data_type_classification_patterns/105_links_clicked.json diff --git a/pkg/classification/db/data_type_classification_patterns/106_race.json b/internal/classification/db/data_type_classification_patterns/106_race.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/106_race.json rename to internal/classification/db/data_type_classification_patterns/106_race.json diff --git a/pkg/classification/db/data_type_classification_patterns/107_conversation.json b/internal/classification/db/data_type_classification_patterns/107_conversation.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/107_conversation.json rename to internal/classification/db/data_type_classification_patterns/107_conversation.json diff --git a/pkg/classification/db/data_type_classification_patterns/108_vaccine.json b/internal/classification/db/data_type_classification_patterns/108_vaccine.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/108_vaccine.json rename to internal/classification/db/data_type_classification_patterns/108_vaccine.json diff --git a/pkg/classification/db/data_type_classification_patterns/109_question.json b/internal/classification/db/data_type_classification_patterns/109_question.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/109_question.json rename to internal/classification/db/data_type_classification_patterns/109_question.json diff --git a/pkg/classification/db/data_type_classification_patterns/10_charges.json b/internal/classification/db/data_type_classification_patterns/10_charges.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/10_charges.json rename to internal/classification/db/data_type_classification_patterns/10_charges.json diff --git a/pkg/classification/db/data_type_classification_patterns/110_answer.json b/internal/classification/db/data_type_classification_patterns/110_answer.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/110_answer.json rename to internal/classification/db/data_type_classification_patterns/110_answer.json diff --git a/pkg/classification/db/data_type_classification_patterns/111_click.json b/internal/classification/db/data_type_classification_patterns/111_click.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/111_click.json rename to internal/classification/db/data_type_classification_patterns/111_click.json diff --git a/pkg/classification/db/data_type_classification_patterns/112_tracking.json b/internal/classification/db/data_type_classification_patterns/112_tracking.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/112_tracking.json rename to internal/classification/db/data_type_classification_patterns/112_tracking.json diff --git a/pkg/classification/db/data_type_classification_patterns/113_cart.json b/internal/classification/db/data_type_classification_patterns/113_cart.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/113_cart.json rename to internal/classification/db/data_type_classification_patterns/113_cart.json diff --git a/pkg/classification/db/data_type_classification_patterns/114_payment.json b/internal/classification/db/data_type_classification_patterns/114_payment.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/114_payment.json rename to internal/classification/db/data_type_classification_patterns/114_payment.json diff --git a/pkg/classification/db/data_type_classification_patterns/115_order.json b/internal/classification/db/data_type_classification_patterns/115_order.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/115_order.json rename to internal/classification/db/data_type_classification_patterns/115_order.json diff --git a/pkg/classification/db/data_type_classification_patterns/116_purchase.json b/internal/classification/db/data_type_classification_patterns/116_purchase.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/116_purchase.json rename to internal/classification/db/data_type_classification_patterns/116_purchase.json diff --git a/pkg/classification/db/data_type_classification_patterns/117_token.json b/internal/classification/db/data_type_classification_patterns/117_token.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/117_token.json rename to internal/classification/db/data_type_classification_patterns/117_token.json diff --git a/pkg/classification/db/data_type_classification_patterns/118_invoice.json b/internal/classification/db/data_type_classification_patterns/118_invoice.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/118_invoice.json rename to internal/classification/db/data_type_classification_patterns/118_invoice.json diff --git a/pkg/classification/db/data_type_classification_patterns/119_access_token.json b/internal/classification/db/data_type_classification_patterns/119_access_token.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/119_access_token.json rename to internal/classification/db/data_type_classification_patterns/119_access_token.json diff --git a/pkg/classification/db/data_type_classification_patterns/11_pardons.json b/internal/classification/db/data_type_classification_patterns/11_pardons.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/11_pardons.json rename to internal/classification/db/data_type_classification_patterns/11_pardons.json diff --git a/pkg/classification/db/data_type_classification_patterns/120_billing.json b/internal/classification/db/data_type_classification_patterns/120_billing.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/120_billing.json rename to internal/classification/db/data_type_classification_patterns/120_billing.json diff --git a/pkg/classification/db/data_type_classification_patterns/121_bank_transfer.json b/internal/classification/db/data_type_classification_patterns/121_bank_transfer.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/121_bank_transfer.json rename to internal/classification/db/data_type_classification_patterns/121_bank_transfer.json diff --git a/pkg/classification/db/data_type_classification_patterns/122_creditcard.json b/internal/classification/db/data_type_classification_patterns/122_creditcard.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/122_creditcard.json rename to internal/classification/db/data_type_classification_patterns/122_creditcard.json diff --git a/pkg/classification/db/data_type_classification_patterns/123_paystub.json b/internal/classification/db/data_type_classification_patterns/123_paystub.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/123_paystub.json rename to internal/classification/db/data_type_classification_patterns/123_paystub.json diff --git a/pkg/classification/db/data_type_classification_patterns/124_subscription.json b/internal/classification/db/data_type_classification_patterns/124_subscription.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/124_subscription.json rename to internal/classification/db/data_type_classification_patterns/124_subscription.json diff --git a/pkg/classification/db/data_type_classification_patterns/125_exam.json b/internal/classification/db/data_type_classification_patterns/125_exam.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/125_exam.json rename to internal/classification/db/data_type_classification_patterns/125_exam.json diff --git a/pkg/classification/db/data_type_classification_patterns/126_appointment.json b/internal/classification/db/data_type_classification_patterns/126_appointment.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/126_appointment.json rename to internal/classification/db/data_type_classification_patterns/126_appointment.json diff --git a/pkg/classification/db/data_type_classification_patterns/127_consultation.json b/internal/classification/db/data_type_classification_patterns/127_consultation.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/127_consultation.json rename to internal/classification/db/data_type_classification_patterns/127_consultation.json diff --git a/pkg/classification/db/data_type_classification_patterns/128_document.json b/internal/classification/db/data_type_classification_patterns/128_document.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/128_document.json rename to internal/classification/db/data_type_classification_patterns/128_document.json diff --git a/pkg/classification/db/data_type_classification_patterns/129_file.json b/internal/classification/db/data_type_classification_patterns/129_file.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/129_file.json rename to internal/classification/db/data_type_classification_patterns/129_file.json diff --git a/pkg/classification/db/data_type_classification_patterns/12_driving_license.json b/internal/classification/db/data_type_classification_patterns/12_driving_license.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/12_driving_license.json rename to internal/classification/db/data_type_classification_patterns/12_driving_license.json diff --git a/pkg/classification/db/data_type_classification_patterns/130_content.json b/internal/classification/db/data_type_classification_patterns/130_content.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/130_content.json rename to internal/classification/db/data_type_classification_patterns/130_content.json diff --git a/pkg/classification/db/data_type_classification_patterns/131_device.json b/internal/classification/db/data_type_classification_patterns/131_device.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/131_device.json rename to internal/classification/db/data_type_classification_patterns/131_device.json diff --git a/pkg/classification/db/data_type_classification_patterns/132_identification.json b/internal/classification/db/data_type_classification_patterns/132_identification.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/132_identification.json rename to internal/classification/db/data_type_classification_patterns/132_identification.json diff --git a/pkg/classification/db/data_type_classification_patterns/133_earning.json b/internal/classification/db/data_type_classification_patterns/133_earning.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/133_earning.json rename to internal/classification/db/data_type_classification_patterns/133_earning.json diff --git a/pkg/classification/db/data_type_classification_patterns/134_credentials.json b/internal/classification/db/data_type_classification_patterns/134_credentials.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/134_credentials.json rename to internal/classification/db/data_type_classification_patterns/134_credentials.json diff --git a/pkg/classification/db/data_type_classification_patterns/135_message.json b/internal/classification/db/data_type_classification_patterns/135_message.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/135_message.json rename to internal/classification/db/data_type_classification_patterns/135_message.json diff --git a/pkg/classification/db/data_type_classification_patterns/136_rating.json b/internal/classification/db/data_type_classification_patterns/136_rating.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/136_rating.json rename to internal/classification/db/data_type_classification_patterns/136_rating.json diff --git a/pkg/classification/db/data_type_classification_patterns/137_review.json b/internal/classification/db/data_type_classification_patterns/137_review.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/137_review.json rename to internal/classification/db/data_type_classification_patterns/137_review.json diff --git a/pkg/classification/db/data_type_classification_patterns/138_voice.json b/internal/classification/db/data_type_classification_patterns/138_voice.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/138_voice.json rename to internal/classification/db/data_type_classification_patterns/138_voice.json diff --git a/pkg/classification/db/data_type_classification_patterns/139_amount.json b/internal/classification/db/data_type_classification_patterns/139_amount.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/139_amount.json rename to internal/classification/db/data_type_classification_patterns/139_amount.json diff --git a/pkg/classification/db/data_type_classification_patterns/13_device_identifier.json b/internal/classification/db/data_type_classification_patterns/13_device_identifier.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/13_device_identifier.json rename to internal/classification/db/data_type_classification_patterns/13_device_identifier.json diff --git a/pkg/classification/db/data_type_classification_patterns/140_comment.json b/internal/classification/db/data_type_classification_patterns/140_comment.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/140_comment.json rename to internal/classification/db/data_type_classification_patterns/140_comment.json diff --git a/pkg/classification/db/data_type_classification_patterns/142_fullname.json b/internal/classification/db/data_type_classification_patterns/142_fullname.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/142_fullname.json rename to internal/classification/db/data_type_classification_patterns/142_fullname.json diff --git a/pkg/classification/db/data_type_classification_patterns/143_unique_identifier.json b/internal/classification/db/data_type_classification_patterns/143_unique_identifier.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/143_unique_identifier.json rename to internal/classification/db/data_type_classification_patterns/143_unique_identifier.json diff --git a/pkg/classification/db/data_type_classification_patterns/144_disease.json b/internal/classification/db/data_type_classification_patterns/144_disease.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/144_disease.json rename to internal/classification/db/data_type_classification_patterns/144_disease.json diff --git a/pkg/classification/db/data_type_classification_patterns/145_genetic.json b/internal/classification/db/data_type_classification_patterns/145_genetic.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/145_genetic.json rename to internal/classification/db/data_type_classification_patterns/145_genetic.json diff --git a/pkg/classification/db/data_type_classification_patterns/146_lab_test_results.json b/internal/classification/db/data_type_classification_patterns/146_lab_test_results.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/146_lab_test_results.json rename to internal/classification/db/data_type_classification_patterns/146_lab_test_results.json diff --git a/pkg/classification/db/data_type_classification_patterns/147_health_insurance_number.json b/internal/classification/db/data_type_classification_patterns/147_health_insurance_number.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/147_health_insurance_number.json rename to internal/classification/db/data_type_classification_patterns/147_health_insurance_number.json diff --git a/pkg/classification/db/data_type_classification_patterns/148_insurance.json b/internal/classification/db/data_type_classification_patterns/148_insurance.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/148_insurance.json rename to internal/classification/db/data_type_classification_patterns/148_insurance.json diff --git a/pkg/classification/db/data_type_classification_patterns/149_test.json b/internal/classification/db/data_type_classification_patterns/149_test.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/149_test.json rename to internal/classification/db/data_type_classification_patterns/149_test.json diff --git a/pkg/classification/db/data_type_classification_patterns/14_ethnic_origin.json b/internal/classification/db/data_type_classification_patterns/14_ethnic_origin.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/14_ethnic_origin.json rename to internal/classification/db/data_type_classification_patterns/14_ethnic_origin.json diff --git a/pkg/classification/db/data_type_classification_patterns/150_medical_conditions.json b/internal/classification/db/data_type_classification_patterns/150_medical_conditions.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/150_medical_conditions.json rename to internal/classification/db/data_type_classification_patterns/150_medical_conditions.json diff --git a/pkg/classification/db/data_type_classification_patterns/151_treatment.json b/internal/classification/db/data_type_classification_patterns/151_treatment.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/151_treatment.json rename to internal/classification/db/data_type_classification_patterns/151_treatment.json diff --git a/pkg/classification/db/data_type_classification_patterns/152_scan.json b/internal/classification/db/data_type_classification_patterns/152_scan.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/152_scan.json rename to internal/classification/db/data_type_classification_patterns/152_scan.json diff --git a/pkg/classification/db/data_type_classification_patterns/153_medication.json b/internal/classification/db/data_type_classification_patterns/153_medication.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/153_medication.json rename to internal/classification/db/data_type_classification_patterns/153_medication.json diff --git a/pkg/classification/db/data_type_classification_patterns/154_phi_dates.json b/internal/classification/db/data_type_classification_patterns/154_phi_dates.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/154_phi_dates.json rename to internal/classification/db/data_type_classification_patterns/154_phi_dates.json diff --git a/pkg/classification/db/data_type_classification_patterns/155_diagnosis.json b/internal/classification/db/data_type_classification_patterns/155_diagnosis.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/155_diagnosis.json rename to internal/classification/db/data_type_classification_patterns/155_diagnosis.json diff --git a/pkg/classification/db/data_type_classification_patterns/156_procedures.json b/internal/classification/db/data_type_classification_patterns/156_procedures.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/156_procedures.json rename to internal/classification/db/data_type_classification_patterns/156_procedures.json diff --git a/pkg/classification/db/data_type_classification_patterns/157_risk_assessments.json b/internal/classification/db/data_type_classification_patterns/157_risk_assessments.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/157_risk_assessments.json rename to internal/classification/db/data_type_classification_patterns/157_risk_assessments.json diff --git a/pkg/classification/db/data_type_classification_patterns/158_allergies.json b/internal/classification/db/data_type_classification_patterns/158_allergies.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/158_allergies.json rename to internal/classification/db/data_type_classification_patterns/158_allergies.json diff --git a/pkg/classification/db/data_type_classification_patterns/159_health_insurance_claim_number.json b/internal/classification/db/data_type_classification_patterns/159_health_insurance_claim_number.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/159_health_insurance_claim_number.json rename to internal/classification/db/data_type_classification_patterns/159_health_insurance_claim_number.json diff --git a/pkg/classification/db/data_type_classification_patterns/15_national_origin.json b/internal/classification/db/data_type_classification_patterns/15_national_origin.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/15_national_origin.json rename to internal/classification/db/data_type_classification_patterns/15_national_origin.json diff --git a/pkg/classification/db/data_type_classification_patterns/160_health_provider.json b/internal/classification/db/data_type_classification_patterns/160_health_provider.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/160_health_provider.json rename to internal/classification/db/data_type_classification_patterns/160_health_provider.json diff --git a/pkg/classification/db/data_type_classification_patterns/161_vital_signs.json b/internal/classification/db/data_type_classification_patterns/161_vital_signs.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/161_vital_signs.json rename to internal/classification/db/data_type_classification_patterns/161_vital_signs.json diff --git a/pkg/classification/db/data_type_classification_patterns/162_blood_pressure.json b/internal/classification/db/data_type_classification_patterns/162_blood_pressure.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/162_blood_pressure.json rename to internal/classification/db/data_type_classification_patterns/162_blood_pressure.json diff --git a/pkg/classification/db/data_type_classification_patterns/163_bmi.json b/internal/classification/db/data_type_classification_patterns/163_bmi.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/163_bmi.json rename to internal/classification/db/data_type_classification_patterns/163_bmi.json diff --git a/pkg/classification/db/data_type_classification_patterns/165_tomography.json b/internal/classification/db/data_type_classification_patterns/165_tomography.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/165_tomography.json rename to internal/classification/db/data_type_classification_patterns/165_tomography.json diff --git a/pkg/classification/db/data_type_classification_patterns/166_physical_activity.json b/internal/classification/db/data_type_classification_patterns/166_physical_activity.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/166_physical_activity.json rename to internal/classification/db/data_type_classification_patterns/166_physical_activity.json diff --git a/pkg/classification/db/data_type_classification_patterns/167_x-ray.json b/internal/classification/db/data_type_classification_patterns/167_x-ray.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/167_x-ray.json rename to internal/classification/db/data_type_classification_patterns/167_x-ray.json diff --git a/pkg/classification/db/data_type_classification_patterns/168_concerns.json b/internal/classification/db/data_type_classification_patterns/168_concerns.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/168_concerns.json rename to internal/classification/db/data_type_classification_patterns/168_concerns.json diff --git a/pkg/classification/db/data_type_classification_patterns/169_hospital_admission_date.json b/internal/classification/db/data_type_classification_patterns/169_hospital_admission_date.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/169_hospital_admission_date.json rename to internal/classification/db/data_type_classification_patterns/169_hospital_admission_date.json diff --git a/pkg/classification/db/data_type_classification_patterns/16_biometric_data.json b/internal/classification/db/data_type_classification_patterns/16_biometric_data.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/16_biometric_data.json rename to internal/classification/db/data_type_classification_patterns/16_biometric_data.json diff --git a/pkg/classification/db/data_type_classification_patterns/170_hospital_discharge_date.json b/internal/classification/db/data_type_classification_patterns/170_hospital_discharge_date.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/170_hospital_discharge_date.json rename to internal/classification/db/data_type_classification_patterns/170_hospital_discharge_date.json diff --git a/pkg/classification/db/data_type_classification_patterns/171_cancer.json b/internal/classification/db/data_type_classification_patterns/171_cancer.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/171_cancer.json rename to internal/classification/db/data_type_classification_patterns/171_cancer.json diff --git a/pkg/classification/db/data_type_classification_patterns/172_colonoscopy.json b/internal/classification/db/data_type_classification_patterns/172_colonoscopy.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/172_colonoscopy.json rename to internal/classification/db/data_type_classification_patterns/172_colonoscopy.json diff --git a/pkg/classification/db/data_type_classification_patterns/173_cholesterol_measurement.json b/internal/classification/db/data_type_classification_patterns/173_cholesterol_measurement.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/173_cholesterol_measurement.json rename to internal/classification/db/data_type_classification_patterns/173_cholesterol_measurement.json diff --git a/pkg/classification/db/data_type_classification_patterns/174_blood_glucose.json b/internal/classification/db/data_type_classification_patterns/174_blood_glucose.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/174_blood_glucose.json rename to internal/classification/db/data_type_classification_patterns/174_blood_glucose.json diff --git a/pkg/classification/db/data_type_classification_patterns/175_high_low_density_lipoproteins.json b/internal/classification/db/data_type_classification_patterns/175_high_low_density_lipoproteins.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/175_high_low_density_lipoproteins.json rename to internal/classification/db/data_type_classification_patterns/175_high_low_density_lipoproteins.json diff --git a/pkg/classification/db/data_type_classification_patterns/176_asthma.json b/internal/classification/db/data_type_classification_patterns/176_asthma.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/176_asthma.json rename to internal/classification/db/data_type_classification_patterns/176_asthma.json diff --git a/pkg/classification/db/data_type_classification_patterns/177_hiv.json b/internal/classification/db/data_type_classification_patterns/177_hiv.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/177_hiv.json rename to internal/classification/db/data_type_classification_patterns/177_hiv.json diff --git a/pkg/classification/db/data_type_classification_patterns/178_flu.json b/internal/classification/db/data_type_classification_patterns/178_flu.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/178_flu.json rename to internal/classification/db/data_type_classification_patterns/178_flu.json diff --git a/pkg/classification/db/data_type_classification_patterns/179_giardiasis.json b/internal/classification/db/data_type_classification_patterns/179_giardiasis.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/179_giardiasis.json rename to internal/classification/db/data_type_classification_patterns/179_giardiasis.json diff --git a/pkg/classification/db/data_type_classification_patterns/17_bank_account.json b/internal/classification/db/data_type_classification_patterns/17_bank_account.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/17_bank_account.json rename to internal/classification/db/data_type_classification_patterns/17_bank_account.json diff --git a/pkg/classification/db/data_type_classification_patterns/180_diphtheria.json b/internal/classification/db/data_type_classification_patterns/180_diphtheria.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/180_diphtheria.json rename to internal/classification/db/data_type_classification_patterns/180_diphtheria.json diff --git a/pkg/classification/db/data_type_classification_patterns/181_pneumonia.json b/internal/classification/db/data_type_classification_patterns/181_pneumonia.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/181_pneumonia.json rename to internal/classification/db/data_type_classification_patterns/181_pneumonia.json diff --git a/pkg/classification/db/data_type_classification_patterns/182_tuberculosis.json b/internal/classification/db/data_type_classification_patterns/182_tuberculosis.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/182_tuberculosis.json rename to internal/classification/db/data_type_classification_patterns/182_tuberculosis.json diff --git a/pkg/classification/db/data_type_classification_patterns/183_hypertension.json b/internal/classification/db/data_type_classification_patterns/183_hypertension.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/183_hypertension.json rename to internal/classification/db/data_type_classification_patterns/183_hypertension.json diff --git a/pkg/classification/db/data_type_classification_patterns/184_illness.json b/internal/classification/db/data_type_classification_patterns/184_illness.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/184_illness.json rename to internal/classification/db/data_type_classification_patterns/184_illness.json diff --git a/pkg/classification/db/data_type_classification_patterns/185_therapy.json b/internal/classification/db/data_type_classification_patterns/185_therapy.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/185_therapy.json rename to internal/classification/db/data_type_classification_patterns/185_therapy.json diff --git a/pkg/classification/db/data_type_classification_patterns/186_procedure.json b/internal/classification/db/data_type_classification_patterns/186_procedure.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/186_procedure.json rename to internal/classification/db/data_type_classification_patterns/186_procedure.json diff --git a/pkg/classification/db/data_type_classification_patterns/187_feedback.json b/internal/classification/db/data_type_classification_patterns/187_feedback.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/187_feedback.json rename to internal/classification/db/data_type_classification_patterns/187_feedback.json diff --git a/pkg/classification/db/data_type_classification_patterns/188_agenda.json b/internal/classification/db/data_type_classification_patterns/188_agenda.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/188_agenda.json rename to internal/classification/db/data_type_classification_patterns/188_agenda.json diff --git a/pkg/classification/db/data_type_classification_patterns/189_contraception.json b/internal/classification/db/data_type_classification_patterns/189_contraception.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/189_contraception.json rename to internal/classification/db/data_type_classification_patterns/189_contraception.json diff --git a/pkg/classification/db/data_type_classification_patterns/18_mother's_maiden_name.json b/internal/classification/db/data_type_classification_patterns/18_mother's_maiden_name.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/18_mother's_maiden_name.json rename to internal/classification/db/data_type_classification_patterns/18_mother's_maiden_name.json diff --git a/pkg/classification/db/data_type_classification_patterns/190_physiotherapy.json b/internal/classification/db/data_type_classification_patterns/190_physiotherapy.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/190_physiotherapy.json rename to internal/classification/db/data_type_classification_patterns/190_physiotherapy.json diff --git a/pkg/classification/db/data_type_classification_patterns/191_pregnancy.json b/internal/classification/db/data_type_classification_patterns/191_pregnancy.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/191_pregnancy.json rename to internal/classification/db/data_type_classification_patterns/191_pregnancy.json diff --git a/pkg/classification/db/data_type_classification_patterns/192_message.json b/internal/classification/db/data_type_classification_patterns/192_message.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/192_message.json rename to internal/classification/db/data_type_classification_patterns/192_message.json diff --git a/pkg/classification/db/data_type_classification_patterns/193_symptom.json b/internal/classification/db/data_type_classification_patterns/193_symptom.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/193_symptom.json rename to internal/classification/db/data_type_classification_patterns/193_symptom.json diff --git a/pkg/classification/db/data_type_classification_patterns/194_signature.json b/internal/classification/db/data_type_classification_patterns/194_signature.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/194_signature.json rename to internal/classification/db/data_type_classification_patterns/194_signature.json diff --git a/pkg/classification/db/data_type_classification_patterns/195_replies.json b/internal/classification/db/data_type_classification_patterns/195_replies.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/195_replies.json rename to internal/classification/db/data_type_classification_patterns/195_replies.json diff --git a/pkg/classification/db/data_type_classification_patterns/196_post.json b/internal/classification/db/data_type_classification_patterns/196_post.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/196_post.json rename to internal/classification/db/data_type_classification_patterns/196_post.json diff --git a/pkg/classification/db/data_type_classification_patterns/197_purchases.json b/internal/classification/db/data_type_classification_patterns/197_purchases.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/197_purchases.json rename to internal/classification/db/data_type_classification_patterns/197_purchases.json diff --git a/pkg/classification/db/data_type_classification_patterns/198_comment.json b/internal/classification/db/data_type_classification_patterns/198_comment.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/198_comment.json rename to internal/classification/db/data_type_classification_patterns/198_comment.json diff --git a/pkg/classification/db/data_type_classification_patterns/19_passport_number.json b/internal/classification/db/data_type_classification_patterns/19_passport_number.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/19_passport_number.json rename to internal/classification/db/data_type_classification_patterns/19_passport_number.json diff --git a/pkg/classification/db/data_type_classification_patterns/1_email_address.json b/internal/classification/db/data_type_classification_patterns/1_email_address.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/1_email_address.json rename to internal/classification/db/data_type_classification_patterns/1_email_address.json diff --git a/pkg/classification/db/data_type_classification_patterns/20_cars.json b/internal/classification/db/data_type_classification_patterns/20_cars.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/20_cars.json rename to internal/classification/db/data_type_classification_patterns/20_cars.json diff --git a/pkg/classification/db/data_type_classification_patterns/21_national_identity_number.json b/internal/classification/db/data_type_classification_patterns/21_national_identity_number.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/21_national_identity_number.json rename to internal/classification/db/data_type_classification_patterns/21_national_identity_number.json diff --git a/pkg/classification/db/data_type_classification_patterns/22_telephone_recordings.json b/internal/classification/db/data_type_classification_patterns/22_telephone_recordings.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/22_telephone_recordings.json rename to internal/classification/db/data_type_classification_patterns/22_telephone_recordings.json diff --git a/pkg/classification/db/data_type_classification_patterns/23_voice_mail.json b/internal/classification/db/data_type_classification_patterns/23_voice_mail.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/23_voice_mail.json rename to internal/classification/db/data_type_classification_patterns/23_voice_mail.json diff --git a/pkg/classification/db/data_type_classification_patterns/24_personal_health_history.json b/internal/classification/db/data_type_classification_patterns/24_personal_health_history.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/24_personal_health_history.json rename to internal/classification/db/data_type_classification_patterns/24_personal_health_history.json diff --git a/pkg/classification/db/data_type_classification_patterns/25_family_health_history.json b/internal/classification/db/data_type_classification_patterns/25_family_health_history.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/25_family_health_history.json rename to internal/classification/db/data_type_classification_patterns/25_family_health_history.json diff --git a/pkg/classification/db/data_type_classification_patterns/26_health_records.json b/internal/classification/db/data_type_classification_patterns/26_health_records.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/26_health_records.json rename to internal/classification/db/data_type_classification_patterns/26_health_records.json diff --git a/pkg/classification/db/data_type_classification_patterns/27_disabilities.json b/internal/classification/db/data_type_classification_patterns/27_disabilities.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/27_disabilities.json rename to internal/classification/db/data_type_classification_patterns/27_disabilities.json diff --git a/pkg/classification/db/data_type_classification_patterns/28_drugs_test_results.json b/internal/classification/db/data_type_classification_patterns/28_drugs_test_results.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/28_drugs_test_results.json rename to internal/classification/db/data_type_classification_patterns/28_drugs_test_results.json diff --git a/pkg/classification/db/data_type_classification_patterns/29_blood_type.json b/internal/classification/db/data_type_classification_patterns/29_blood_type.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/29_blood_type.json rename to internal/classification/db/data_type_classification_patterns/29_blood_type.json diff --git a/pkg/classification/db/data_type_classification_patterns/2_email_address.json b/internal/classification/db/data_type_classification_patterns/2_email_address.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/2_email_address.json rename to internal/classification/db/data_type_classification_patterns/2_email_address.json diff --git a/pkg/classification/db/data_type_classification_patterns/30_dna_code.json b/internal/classification/db/data_type_classification_patterns/30_dna_code.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/30_dna_code.json rename to internal/classification/db/data_type_classification_patterns/30_dna_code.json diff --git a/pkg/classification/db/data_type_classification_patterns/31_prescriptions.json b/internal/classification/db/data_type_classification_patterns/31_prescriptions.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/31_prescriptions.json rename to internal/classification/db/data_type_classification_patterns/31_prescriptions.json diff --git a/pkg/classification/db/data_type_classification_patterns/32_place_of_birth.json b/internal/classification/db/data_type_classification_patterns/32_place_of_birth.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/32_place_of_birth.json rename to internal/classification/db/data_type_classification_patterns/32_place_of_birth.json diff --git a/pkg/classification/db/data_type_classification_patterns/33_divorces.json b/internal/classification/db/data_type_classification_patterns/33_divorces.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/33_divorces.json rename to internal/classification/db/data_type_classification_patterns/33_divorces.json diff --git a/pkg/classification/db/data_type_classification_patterns/34_marriages.json b/internal/classification/db/data_type_classification_patterns/34_marriages.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/34_marriages.json rename to internal/classification/db/data_type_classification_patterns/34_marriages.json diff --git a/pkg/classification/db/data_type_classification_patterns/35_friends.json b/internal/classification/db/data_type_classification_patterns/35_friends.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/35_friends.json rename to internal/classification/db/data_type_classification_patterns/35_friends.json diff --git a/pkg/classification/db/data_type_classification_patterns/36_martial_status.json b/internal/classification/db/data_type_classification_patterns/36_martial_status.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/36_martial_status.json rename to internal/classification/db/data_type_classification_patterns/36_martial_status.json diff --git a/pkg/classification/db/data_type_classification_patterns/37_social_status.json b/internal/classification/db/data_type_classification_patterns/37_social_status.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/37_social_status.json rename to internal/classification/db/data_type_classification_patterns/37_social_status.json diff --git a/pkg/classification/db/data_type_classification_patterns/38_student_number.json b/internal/classification/db/data_type_classification_patterns/38_student_number.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/38_student_number.json rename to internal/classification/db/data_type_classification_patterns/38_student_number.json diff --git a/pkg/classification/db/data_type_classification_patterns/39_taxpayer_number.json b/internal/classification/db/data_type_classification_patterns/39_taxpayer_number.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/39_taxpayer_number.json rename to internal/classification/db/data_type_classification_patterns/39_taxpayer_number.json diff --git a/pkg/classification/db/data_type_classification_patterns/3_age_range.json b/internal/classification/db/data_type_classification_patterns/3_age_range.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/3_age_range.json rename to internal/classification/db/data_type_classification_patterns/3_age_range.json diff --git a/pkg/classification/db/data_type_classification_patterns/40_social_security_number.json b/internal/classification/db/data_type_classification_patterns/40_social_security_number.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/40_social_security_number.json rename to internal/classification/db/data_type_classification_patterns/40_social_security_number.json diff --git a/pkg/classification/db/data_type_classification_patterns/41_sexual_preferences.json b/internal/classification/db/data_type_classification_patterns/41_sexual_preferences.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/41_sexual_preferences.json rename to internal/classification/db/data_type_classification_patterns/41_sexual_preferences.json diff --git a/pkg/classification/db/data_type_classification_patterns/42_sexual_history.json b/internal/classification/db/data_type_classification_patterns/42_sexual_history.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/42_sexual_history.json rename to internal/classification/db/data_type_classification_patterns/42_sexual_history.json diff --git a/pkg/classification/db/data_type_classification_patterns/43_disciplinary_actions.json b/internal/classification/db/data_type_classification_patterns/43_disciplinary_actions.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/43_disciplinary_actions.json rename to internal/classification/db/data_type_classification_patterns/43_disciplinary_actions.json diff --git a/pkg/classification/db/data_type_classification_patterns/44_interviews.json b/internal/classification/db/data_type_classification_patterns/44_interviews.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/44_interviews.json rename to internal/classification/db/data_type_classification_patterns/44_interviews.json diff --git a/pkg/classification/db/data_type_classification_patterns/45_job_titles.json b/internal/classification/db/data_type_classification_patterns/45_job_titles.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/45_job_titles.json rename to internal/classification/db/data_type_classification_patterns/45_job_titles.json diff --git a/pkg/classification/db/data_type_classification_patterns/46_work_history.json b/internal/classification/db/data_type_classification_patterns/46_work_history.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/46_work_history.json rename to internal/classification/db/data_type_classification_patterns/46_work_history.json diff --git a/pkg/classification/db/data_type_classification_patterns/47_employment_history.json b/internal/classification/db/data_type_classification_patterns/47_employment_history.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/47_employment_history.json rename to internal/classification/db/data_type_classification_patterns/47_employment_history.json diff --git a/pkg/classification/db/data_type_classification_patterns/48_salary.json b/internal/classification/db/data_type_classification_patterns/48_salary.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/48_salary.json rename to internal/classification/db/data_type_classification_patterns/48_salary.json diff --git a/pkg/classification/db/data_type_classification_patterns/49_certifications.json b/internal/classification/db/data_type_classification_patterns/49_certifications.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/49_certifications.json rename to internal/classification/db/data_type_classification_patterns/49_certifications.json diff --git a/pkg/classification/db/data_type_classification_patterns/4_physical_address.json b/internal/classification/db/data_type_classification_patterns/4_physical_address.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/4_physical_address.json rename to internal/classification/db/data_type_classification_patterns/4_physical_address.json diff --git a/pkg/classification/db/data_type_classification_patterns/50_group_membership.json b/internal/classification/db/data_type_classification_patterns/50_group_membership.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/50_group_membership.json rename to internal/classification/db/data_type_classification_patterns/50_group_membership.json diff --git a/pkg/classification/db/data_type_classification_patterns/51_acquaintances.json b/internal/classification/db/data_type_classification_patterns/51_acquaintances.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/51_acquaintances.json rename to internal/classification/db/data_type_classification_patterns/51_acquaintances.json diff --git a/pkg/classification/db/data_type_classification_patterns/52_opinion.json b/internal/classification/db/data_type_classification_patterns/52_opinion.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/52_opinion.json rename to internal/classification/db/data_type_classification_patterns/52_opinion.json diff --git a/pkg/classification/db/data_type_classification_patterns/53_favorite_foods.json b/internal/classification/db/data_type_classification_patterns/53_favorite_foods.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/53_favorite_foods.json rename to internal/classification/db/data_type_classification_patterns/53_favorite_foods.json diff --git a/pkg/classification/db/data_type_classification_patterns/54_religious_beliefs.json b/internal/classification/db/data_type_classification_patterns/54_religious_beliefs.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/54_religious_beliefs.json rename to internal/classification/db/data_type_classification_patterns/54_religious_beliefs.json diff --git a/pkg/classification/db/data_type_classification_patterns/55_philosophical_beliefs.json b/internal/classification/db/data_type_classification_patterns/55_philosophical_beliefs.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/55_philosophical_beliefs.json rename to internal/classification/db/data_type_classification_patterns/55_philosophical_beliefs.json diff --git a/pkg/classification/db/data_type_classification_patterns/56_vehicle_registration_number.json b/internal/classification/db/data_type_classification_patterns/56_vehicle_registration_number.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/56_vehicle_registration_number.json rename to internal/classification/db/data_type_classification_patterns/56_vehicle_registration_number.json diff --git a/pkg/classification/db/data_type_classification_patterns/57_browsing_behavior.json b/internal/classification/db/data_type_classification_patterns/57_browsing_behavior.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/57_browsing_behavior.json rename to internal/classification/db/data_type_classification_patterns/57_browsing_behavior.json diff --git a/pkg/classification/db/data_type_classification_patterns/58_call_logs.json b/internal/classification/db/data_type_classification_patterns/58_call_logs.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/58_call_logs.json rename to internal/classification/db/data_type_classification_patterns/58_call_logs.json diff --git a/pkg/classification/db/data_type_classification_patterns/59_links_clicked.json b/internal/classification/db/data_type_classification_patterns/59_links_clicked.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/59_links_clicked.json rename to internal/classification/db/data_type_classification_patterns/59_links_clicked.json diff --git a/pkg/classification/db/data_type_classification_patterns/5_country.json b/internal/classification/db/data_type_classification_patterns/5_country.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/5_country.json rename to internal/classification/db/data_type_classification_patterns/5_country.json diff --git a/pkg/classification/db/data_type_classification_patterns/60_date_of_birth.json b/internal/classification/db/data_type_classification_patterns/60_date_of_birth.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/60_date_of_birth.json rename to internal/classification/db/data_type_classification_patterns/60_date_of_birth.json diff --git a/pkg/classification/db/data_type_classification_patterns/61_date_of_birth.json b/internal/classification/db/data_type_classification_patterns/61_date_of_birth.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/61_date_of_birth.json rename to internal/classification/db/data_type_classification_patterns/61_date_of_birth.json diff --git a/pkg/classification/db/data_type_classification_patterns/62_spoken_languages.json b/internal/classification/db/data_type_classification_patterns/62_spoken_languages.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/62_spoken_languages.json rename to internal/classification/db/data_type_classification_patterns/62_spoken_languages.json diff --git a/pkg/classification/db/data_type_classification_patterns/63_spoken_languages.json b/internal/classification/db/data_type_classification_patterns/63_spoken_languages.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/63_spoken_languages.json rename to internal/classification/db/data_type_classification_patterns/63_spoken_languages.json diff --git a/pkg/classification/db/data_type_classification_patterns/64_accents.json b/internal/classification/db/data_type_classification_patterns/64_accents.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/64_accents.json rename to internal/classification/db/data_type_classification_patterns/64_accents.json diff --git a/pkg/classification/db/data_type_classification_patterns/65_race.json b/internal/classification/db/data_type_classification_patterns/65_race.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/65_race.json rename to internal/classification/db/data_type_classification_patterns/65_race.json diff --git a/pkg/classification/db/data_type_classification_patterns/66_credit.json b/internal/classification/db/data_type_classification_patterns/66_credit.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/66_credit.json rename to internal/classification/db/data_type_classification_patterns/66_credit.json diff --git a/pkg/classification/db/data_type_classification_patterns/67_loan_records.json b/internal/classification/db/data_type_classification_patterns/67_loan_records.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/67_loan_records.json rename to internal/classification/db/data_type_classification_patterns/67_loan_records.json diff --git a/pkg/classification/db/data_type_classification_patterns/68_gender_identity.json b/internal/classification/db/data_type_classification_patterns/68_gender_identity.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/68_gender_identity.json rename to internal/classification/db/data_type_classification_patterns/68_gender_identity.json diff --git a/pkg/classification/db/data_type_classification_patterns/69_gender.json b/internal/classification/db/data_type_classification_patterns/69_gender.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/69_gender.json rename to internal/classification/db/data_type_classification_patterns/69_gender.json diff --git a/pkg/classification/db/data_type_classification_patterns/6_credit_card_number.json b/internal/classification/db/data_type_classification_patterns/6_credit_card_number.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/6_credit_card_number.json rename to internal/classification/db/data_type_classification_patterns/6_credit_card_number.json diff --git a/pkg/classification/db/data_type_classification_patterns/70_political_affiliation.json b/internal/classification/db/data_type_classification_patterns/70_political_affiliation.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/70_political_affiliation.json rename to internal/classification/db/data_type_classification_patterns/70_political_affiliation.json diff --git a/pkg/classification/db/data_type_classification_patterns/71_religion.json b/internal/classification/db/data_type_classification_patterns/71_religion.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/71_religion.json rename to internal/classification/db/data_type_classification_patterns/71_religion.json diff --git a/pkg/classification/db/data_type_classification_patterns/72_interactions.json b/internal/classification/db/data_type_classification_patterns/72_interactions.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/72_interactions.json rename to internal/classification/db/data_type_classification_patterns/72_interactions.json diff --git a/pkg/classification/db/data_type_classification_patterns/73_general_reputation.json b/internal/classification/db/data_type_classification_patterns/73_general_reputation.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/73_general_reputation.json rename to internal/classification/db/data_type_classification_patterns/73_general_reputation.json diff --git a/pkg/classification/db/data_type_classification_patterns/74_intentions.json b/internal/classification/db/data_type_classification_patterns/74_intentions.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/74_intentions.json rename to internal/classification/db/data_type_classification_patterns/74_intentions.json diff --git a/pkg/classification/db/data_type_classification_patterns/75_interests.json b/internal/classification/db/data_type_classification_patterns/75_interests.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/75_interests.json rename to internal/classification/db/data_type_classification_patterns/75_interests.json diff --git a/pkg/classification/db/data_type_classification_patterns/76_likes.json b/internal/classification/db/data_type_classification_patterns/76_likes.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/76_likes.json rename to internal/classification/db/data_type_classification_patterns/76_likes.json diff --git a/pkg/classification/db/data_type_classification_patterns/77_dislikes.json b/internal/classification/db/data_type_classification_patterns/77_dislikes.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/77_dislikes.json rename to internal/classification/db/data_type_classification_patterns/77_dislikes.json diff --git a/pkg/classification/db/data_type_classification_patterns/78_attitude.json b/internal/classification/db/data_type_classification_patterns/78_attitude.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/78_attitude.json rename to internal/classification/db/data_type_classification_patterns/78_attitude.json diff --git a/pkg/classification/db/data_type_classification_patterns/79_physical_address.json b/internal/classification/db/data_type_classification_patterns/79_physical_address.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/79_physical_address.json rename to internal/classification/db/data_type_classification_patterns/79_physical_address.json diff --git a/pkg/classification/db/data_type_classification_patterns/7_credit_records.json b/internal/classification/db/data_type_classification_patterns/7_credit_records.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/7_credit_records.json rename to internal/classification/db/data_type_classification_patterns/7_credit_records.json diff --git a/pkg/classification/db/data_type_classification_patterns/80_id_number.json b/internal/classification/db/data_type_classification_patterns/80_id_number.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/80_id_number.json rename to internal/classification/db/data_type_classification_patterns/80_id_number.json diff --git a/pkg/classification/db/data_type_classification_patterns/82_ip_address.json b/internal/classification/db/data_type_classification_patterns/82_ip_address.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/82_ip_address.json rename to internal/classification/db/data_type_classification_patterns/82_ip_address.json diff --git a/pkg/classification/db/data_type_classification_patterns/83_mac_address.json b/internal/classification/db/data_type_classification_patterns/83_mac_address.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/83_mac_address.json rename to internal/classification/db/data_type_classification_patterns/83_mac_address.json diff --git a/pkg/classification/db/data_type_classification_patterns/84_mac_address.json b/internal/classification/db/data_type_classification_patterns/84_mac_address.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/84_mac_address.json rename to internal/classification/db/data_type_classification_patterns/84_mac_address.json diff --git a/pkg/classification/db/data_type_classification_patterns/85_firstname.json b/internal/classification/db/data_type_classification_patterns/85_firstname.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/85_firstname.json rename to internal/classification/db/data_type_classification_patterns/85_firstname.json diff --git a/pkg/classification/db/data_type_classification_patterns/86_firstname.json b/internal/classification/db/data_type_classification_patterns/86_firstname.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/86_firstname.json rename to internal/classification/db/data_type_classification_patterns/86_firstname.json diff --git a/pkg/classification/db/data_type_classification_patterns/87_lastname.json b/internal/classification/db/data_type_classification_patterns/87_lastname.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/87_lastname.json rename to internal/classification/db/data_type_classification_patterns/87_lastname.json diff --git a/pkg/classification/db/data_type_classification_patterns/88_lastname.json b/internal/classification/db/data_type_classification_patterns/88_lastname.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/88_lastname.json rename to internal/classification/db/data_type_classification_patterns/88_lastname.json diff --git a/pkg/classification/db/data_type_classification_patterns/8_credit_capacity.json b/internal/classification/db/data_type_classification_patterns/8_credit_capacity.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/8_credit_capacity.json rename to internal/classification/db/data_type_classification_patterns/8_credit_capacity.json diff --git a/pkg/classification/db/data_type_classification_patterns/90_fullname.json b/internal/classification/db/data_type_classification_patterns/90_fullname.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/90_fullname.json rename to internal/classification/db/data_type_classification_patterns/90_fullname.json diff --git a/pkg/classification/db/data_type_classification_patterns/91_username.json b/internal/classification/db/data_type_classification_patterns/91_username.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/91_username.json rename to internal/classification/db/data_type_classification_patterns/91_username.json diff --git a/pkg/classification/db/data_type_classification_patterns/92_physical_and_mental_health.json b/internal/classification/db/data_type_classification_patterns/92_physical_and_mental_health.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/92_physical_and_mental_health.json rename to internal/classification/db/data_type_classification_patterns/92_physical_and_mental_health.json diff --git a/pkg/classification/db/data_type_classification_patterns/93_physical_and_mental_health.json b/internal/classification/db/data_type_classification_patterns/93_physical_and_mental_health.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/93_physical_and_mental_health.json rename to internal/classification/db/data_type_classification_patterns/93_physical_and_mental_health.json diff --git a/pkg/classification/db/data_type_classification_patterns/94_family_structure.json b/internal/classification/db/data_type_classification_patterns/94_family_structure.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/94_family_structure.json rename to internal/classification/db/data_type_classification_patterns/94_family_structure.json diff --git a/pkg/classification/db/data_type_classification_patterns/95_siblings.json b/internal/classification/db/data_type_classification_patterns/95_siblings.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/95_siblings.json rename to internal/classification/db/data_type_classification_patterns/95_siblings.json diff --git a/pkg/classification/db/data_type_classification_patterns/96_image.json b/internal/classification/db/data_type_classification_patterns/96_image.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/96_image.json rename to internal/classification/db/data_type_classification_patterns/96_image.json diff --git a/pkg/classification/db/data_type_classification_patterns/97_income_brackets.json b/internal/classification/db/data_type_classification_patterns/97_income_brackets.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/97_income_brackets.json rename to internal/classification/db/data_type_classification_patterns/97_income_brackets.json diff --git a/pkg/classification/db/data_type_classification_patterns/98_purchases_and_spending_habits.json b/internal/classification/db/data_type_classification_patterns/98_purchases_and_spending_habits.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/98_purchases_and_spending_habits.json rename to internal/classification/db/data_type_classification_patterns/98_purchases_and_spending_habits.json diff --git a/pkg/classification/db/data_type_classification_patterns/99_passwords.json b/internal/classification/db/data_type_classification_patterns/99_passwords.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/99_passwords.json rename to internal/classification/db/data_type_classification_patterns/99_passwords.json diff --git a/pkg/classification/db/data_type_classification_patterns/9_convictions.json b/internal/classification/db/data_type_classification_patterns/9_convictions.json similarity index 100% rename from pkg/classification/db/data_type_classification_patterns/9_convictions.json rename to internal/classification/db/data_type_classification_patterns/9_convictions.json diff --git a/pkg/classification/db/data_types/accents.json b/internal/classification/db/data_types/accents.json similarity index 100% rename from pkg/classification/db/data_types/accents.json rename to internal/classification/db/data_types/accents.json diff --git a/pkg/classification/db/data_types/acquaintances.json b/internal/classification/db/data_types/acquaintances.json similarity index 100% rename from pkg/classification/db/data_types/acquaintances.json rename to internal/classification/db/data_types/acquaintances.json diff --git a/pkg/classification/db/data_types/age.json b/internal/classification/db/data_types/age.json similarity index 100% rename from pkg/classification/db/data_types/age.json rename to internal/classification/db/data_types/age.json diff --git a/pkg/classification/db/data_types/age_range.json b/internal/classification/db/data_types/age_range.json similarity index 100% rename from pkg/classification/db/data_types/age_range.json rename to internal/classification/db/data_types/age_range.json diff --git a/pkg/classification/db/data_types/apartments.json b/internal/classification/db/data_types/apartments.json similarity index 100% rename from pkg/classification/db/data_types/apartments.json rename to internal/classification/db/data_types/apartments.json diff --git a/pkg/classification/db/data_types/associations.json b/internal/classification/db/data_types/associations.json similarity index 100% rename from pkg/classification/db/data_types/associations.json rename to internal/classification/db/data_types/associations.json diff --git a/pkg/classification/db/data_types/attitude.json b/internal/classification/db/data_types/attitude.json similarity index 100% rename from pkg/classification/db/data_types/attitude.json rename to internal/classification/db/data_types/attitude.json diff --git a/pkg/classification/db/data_types/bank_account.json b/internal/classification/db/data_types/bank_account.json similarity index 100% rename from pkg/classification/db/data_types/bank_account.json rename to internal/classification/db/data_types/bank_account.json diff --git a/pkg/classification/db/data_types/biometric_data.json b/internal/classification/db/data_types/biometric_data.json similarity index 100% rename from pkg/classification/db/data_types/biometric_data.json rename to internal/classification/db/data_types/biometric_data.json diff --git a/pkg/classification/db/data_types/blood_type.json b/internal/classification/db/data_types/blood_type.json similarity index 100% rename from pkg/classification/db/data_types/blood_type.json rename to internal/classification/db/data_types/blood_type.json diff --git a/pkg/classification/db/data_types/browser_fingerprint.json b/internal/classification/db/data_types/browser_fingerprint.json similarity index 100% rename from pkg/classification/db/data_types/browser_fingerprint.json rename to internal/classification/db/data_types/browser_fingerprint.json diff --git a/pkg/classification/db/data_types/browsing_behavior.json b/internal/classification/db/data_types/browsing_behavior.json similarity index 100% rename from pkg/classification/db/data_types/browsing_behavior.json rename to internal/classification/db/data_types/browsing_behavior.json diff --git a/pkg/classification/db/data_types/call_logs.json b/internal/classification/db/data_types/call_logs.json similarity index 100% rename from pkg/classification/db/data_types/call_logs.json rename to internal/classification/db/data_types/call_logs.json diff --git a/pkg/classification/db/data_types/cars.json b/internal/classification/db/data_types/cars.json similarity index 100% rename from pkg/classification/db/data_types/cars.json rename to internal/classification/db/data_types/cars.json diff --git a/pkg/classification/db/data_types/certifications.json b/internal/classification/db/data_types/certifications.json similarity index 100% rename from pkg/classification/db/data_types/certifications.json rename to internal/classification/db/data_types/certifications.json diff --git a/pkg/classification/db/data_types/character.json b/internal/classification/db/data_types/character.json similarity index 100% rename from pkg/classification/db/data_types/character.json rename to internal/classification/db/data_types/character.json diff --git a/pkg/classification/db/data_types/charges.json b/internal/classification/db/data_types/charges.json similarity index 100% rename from pkg/classification/db/data_types/charges.json rename to internal/classification/db/data_types/charges.json diff --git a/pkg/classification/db/data_types/colors.json b/internal/classification/db/data_types/colors.json similarity index 100% rename from pkg/classification/db/data_types/colors.json rename to internal/classification/db/data_types/colors.json diff --git a/pkg/classification/db/data_types/connections.json b/internal/classification/db/data_types/connections.json similarity index 100% rename from pkg/classification/db/data_types/connections.json rename to internal/classification/db/data_types/connections.json diff --git a/pkg/classification/db/data_types/convictions.json b/internal/classification/db/data_types/convictions.json similarity index 100% rename from pkg/classification/db/data_types/convictions.json rename to internal/classification/db/data_types/convictions.json diff --git a/pkg/classification/db/data_types/country.json b/internal/classification/db/data_types/country.json similarity index 100% rename from pkg/classification/db/data_types/country.json rename to internal/classification/db/data_types/country.json diff --git a/pkg/classification/db/data_types/credit.json b/internal/classification/db/data_types/credit.json similarity index 100% rename from pkg/classification/db/data_types/credit.json rename to internal/classification/db/data_types/credit.json diff --git a/pkg/classification/db/data_types/credit_capacity.json b/internal/classification/db/data_types/credit_capacity.json similarity index 100% rename from pkg/classification/db/data_types/credit_capacity.json rename to internal/classification/db/data_types/credit_capacity.json diff --git a/pkg/classification/db/data_types/credit_card_number.json b/internal/classification/db/data_types/credit_card_number.json similarity index 100% rename from pkg/classification/db/data_types/credit_card_number.json rename to internal/classification/db/data_types/credit_card_number.json diff --git a/pkg/classification/db/data_types/credit_records.json b/internal/classification/db/data_types/credit_records.json similarity index 100% rename from pkg/classification/db/data_types/credit_records.json rename to internal/classification/db/data_types/credit_records.json diff --git a/pkg/classification/db/data_types/credit_standing.json b/internal/classification/db/data_types/credit_standing.json similarity index 100% rename from pkg/classification/db/data_types/credit_standing.json rename to internal/classification/db/data_types/credit_standing.json diff --git a/pkg/classification/db/data_types/credit_worthiness.json b/internal/classification/db/data_types/credit_worthiness.json similarity index 100% rename from pkg/classification/db/data_types/credit_worthiness.json rename to internal/classification/db/data_types/credit_worthiness.json diff --git a/pkg/classification/db/data_types/date_of_birth.json b/internal/classification/db/data_types/date_of_birth.json similarity index 100% rename from pkg/classification/db/data_types/date_of_birth.json rename to internal/classification/db/data_types/date_of_birth.json diff --git a/pkg/classification/db/data_types/demeanor.json b/internal/classification/db/data_types/demeanor.json similarity index 100% rename from pkg/classification/db/data_types/demeanor.json rename to internal/classification/db/data_types/demeanor.json diff --git a/pkg/classification/db/data_types/device_identifier.json b/internal/classification/db/data_types/device_identifier.json similarity index 100% rename from pkg/classification/db/data_types/device_identifier.json rename to internal/classification/db/data_types/device_identifier.json diff --git a/pkg/classification/db/data_types/disabilities.json b/internal/classification/db/data_types/disabilities.json similarity index 100% rename from pkg/classification/db/data_types/disabilities.json rename to internal/classification/db/data_types/disabilities.json diff --git a/pkg/classification/db/data_types/disciplinary_actions.json b/internal/classification/db/data_types/disciplinary_actions.json similarity index 100% rename from pkg/classification/db/data_types/disciplinary_actions.json rename to internal/classification/db/data_types/disciplinary_actions.json diff --git a/pkg/classification/db/data_types/dislikes.json b/internal/classification/db/data_types/dislikes.json similarity index 100% rename from pkg/classification/db/data_types/dislikes.json rename to internal/classification/db/data_types/dislikes.json diff --git a/pkg/classification/db/data_types/divorces.json b/internal/classification/db/data_types/divorces.json similarity index 100% rename from pkg/classification/db/data_types/divorces.json rename to internal/classification/db/data_types/divorces.json diff --git a/pkg/classification/db/data_types/dna_code.json b/internal/classification/db/data_types/dna_code.json similarity index 100% rename from pkg/classification/db/data_types/dna_code.json rename to internal/classification/db/data_types/dna_code.json diff --git a/pkg/classification/db/data_types/drugs_test_results.json b/internal/classification/db/data_types/drugs_test_results.json similarity index 100% rename from pkg/classification/db/data_types/drugs_test_results.json rename to internal/classification/db/data_types/drugs_test_results.json diff --git a/pkg/classification/db/data_types/email_address.json b/internal/classification/db/data_types/email_address.json similarity index 100% rename from pkg/classification/db/data_types/email_address.json rename to internal/classification/db/data_types/email_address.json diff --git a/pkg/classification/db/data_types/emails.json b/internal/classification/db/data_types/emails.json similarity index 100% rename from pkg/classification/db/data_types/emails.json rename to internal/classification/db/data_types/emails.json diff --git a/pkg/classification/db/data_types/employee_files.json b/internal/classification/db/data_types/employee_files.json similarity index 100% rename from pkg/classification/db/data_types/employee_files.json rename to internal/classification/db/data_types/employee_files.json diff --git a/pkg/classification/db/data_types/employment_history.json b/internal/classification/db/data_types/employment_history.json similarity index 100% rename from pkg/classification/db/data_types/employment_history.json rename to internal/classification/db/data_types/employment_history.json diff --git a/pkg/classification/db/data_types/ethnic_origin.json b/internal/classification/db/data_types/ethnic_origin.json similarity index 100% rename from pkg/classification/db/data_types/ethnic_origin.json rename to internal/classification/db/data_types/ethnic_origin.json diff --git a/pkg/classification/db/data_types/evaluations.json b/internal/classification/db/data_types/evaluations.json similarity index 100% rename from pkg/classification/db/data_types/evaluations.json rename to internal/classification/db/data_types/evaluations.json diff --git a/pkg/classification/db/data_types/family_health_history.json b/internal/classification/db/data_types/family_health_history.json similarity index 100% rename from pkg/classification/db/data_types/family_health_history.json rename to internal/classification/db/data_types/family_health_history.json diff --git a/pkg/classification/db/data_types/family_structure.json b/internal/classification/db/data_types/family_structure.json similarity index 100% rename from pkg/classification/db/data_types/family_structure.json rename to internal/classification/db/data_types/family_structure.json diff --git a/pkg/classification/db/data_types/favorite_foods.json b/internal/classification/db/data_types/favorite_foods.json similarity index 100% rename from pkg/classification/db/data_types/favorite_foods.json rename to internal/classification/db/data_types/favorite_foods.json diff --git a/pkg/classification/db/data_types/firstname.json b/internal/classification/db/data_types/firstname.json similarity index 100% rename from pkg/classification/db/data_types/firstname.json rename to internal/classification/db/data_types/firstname.json diff --git a/pkg/classification/db/data_types/friends.json b/internal/classification/db/data_types/friends.json similarity index 100% rename from pkg/classification/db/data_types/friends.json rename to internal/classification/db/data_types/friends.json diff --git a/pkg/classification/db/data_types/fullname.json b/internal/classification/db/data_types/fullname.json similarity index 100% rename from pkg/classification/db/data_types/fullname.json rename to internal/classification/db/data_types/fullname.json diff --git a/pkg/classification/db/data_types/gender.json b/internal/classification/db/data_types/gender.json similarity index 100% rename from pkg/classification/db/data_types/gender.json rename to internal/classification/db/data_types/gender.json diff --git a/pkg/classification/db/data_types/gender_identity.json b/internal/classification/db/data_types/gender_identity.json similarity index 100% rename from pkg/classification/db/data_types/gender_identity.json rename to internal/classification/db/data_types/gender_identity.json diff --git a/pkg/classification/db/data_types/general_reputation.json b/internal/classification/db/data_types/general_reputation.json similarity index 100% rename from pkg/classification/db/data_types/general_reputation.json rename to internal/classification/db/data_types/general_reputation.json diff --git a/pkg/classification/db/data_types/geographic.json b/internal/classification/db/data_types/geographic.json similarity index 100% rename from pkg/classification/db/data_types/geographic.json rename to internal/classification/db/data_types/geographic.json diff --git a/pkg/classification/db/data_types/gps_coordinate.json b/internal/classification/db/data_types/gps_coordinate.json similarity index 100% rename from pkg/classification/db/data_types/gps_coordinate.json rename to internal/classification/db/data_types/gps_coordinate.json diff --git a/pkg/classification/db/data_types/group_membership.json b/internal/classification/db/data_types/group_membership.json similarity index 100% rename from pkg/classification/db/data_types/group_membership.json rename to internal/classification/db/data_types/group_membership.json diff --git a/pkg/classification/db/data_types/hair_color.json b/internal/classification/db/data_types/hair_color.json similarity index 100% rename from pkg/classification/db/data_types/hair_color.json rename to internal/classification/db/data_types/hair_color.json diff --git a/pkg/classification/db/data_types/health_records.json b/internal/classification/db/data_types/health_records.json similarity index 100% rename from pkg/classification/db/data_types/health_records.json rename to internal/classification/db/data_types/health_records.json diff --git a/pkg/classification/db/data_types/height.json b/internal/classification/db/data_types/height.json similarity index 100% rename from pkg/classification/db/data_types/height.json rename to internal/classification/db/data_types/height.json diff --git a/pkg/classification/db/data_types/houses.json b/internal/classification/db/data_types/houses.json similarity index 100% rename from pkg/classification/db/data_types/houses.json rename to internal/classification/db/data_types/houses.json diff --git a/pkg/classification/db/data_types/id_number.json b/internal/classification/db/data_types/id_number.json similarity index 100% rename from pkg/classification/db/data_types/id_number.json rename to internal/classification/db/data_types/id_number.json diff --git a/pkg/classification/db/data_types/image.json b/internal/classification/db/data_types/image.json similarity index 100% rename from pkg/classification/db/data_types/image.json rename to internal/classification/db/data_types/image.json diff --git a/pkg/classification/db/data_types/income.json b/internal/classification/db/data_types/income.json similarity index 100% rename from pkg/classification/db/data_types/income.json rename to internal/classification/db/data_types/income.json diff --git a/pkg/classification/db/data_types/income_brackets.json b/internal/classification/db/data_types/income_brackets.json similarity index 100% rename from pkg/classification/db/data_types/income_brackets.json rename to internal/classification/db/data_types/income_brackets.json diff --git a/pkg/classification/db/data_types/intentions.json b/internal/classification/db/data_types/intentions.json similarity index 100% rename from pkg/classification/db/data_types/intentions.json rename to internal/classification/db/data_types/intentions.json diff --git a/pkg/classification/db/data_types/interactions.json b/internal/classification/db/data_types/interactions.json similarity index 100% rename from pkg/classification/db/data_types/interactions.json rename to internal/classification/db/data_types/interactions.json diff --git a/pkg/classification/db/data_types/interests.json b/internal/classification/db/data_types/interests.json similarity index 100% rename from pkg/classification/db/data_types/interests.json rename to internal/classification/db/data_types/interests.json diff --git a/pkg/classification/db/data_types/interviews.json b/internal/classification/db/data_types/interviews.json similarity index 100% rename from pkg/classification/db/data_types/interviews.json rename to internal/classification/db/data_types/interviews.json diff --git a/pkg/classification/db/data_types/ip_address.json b/internal/classification/db/data_types/ip_address.json similarity index 100% rename from pkg/classification/db/data_types/ip_address.json rename to internal/classification/db/data_types/ip_address.json diff --git a/pkg/classification/db/data_types/job_titles.json b/internal/classification/db/data_types/job_titles.json similarity index 100% rename from pkg/classification/db/data_types/job_titles.json rename to internal/classification/db/data_types/job_titles.json diff --git a/pkg/classification/db/data_types/knowledge.json b/internal/classification/db/data_types/knowledge.json similarity index 100% rename from pkg/classification/db/data_types/knowledge.json rename to internal/classification/db/data_types/knowledge.json diff --git a/pkg/classification/db/data_types/lastname.json b/internal/classification/db/data_types/lastname.json similarity index 100% rename from pkg/classification/db/data_types/lastname.json rename to internal/classification/db/data_types/lastname.json diff --git a/pkg/classification/db/data_types/likes.json b/internal/classification/db/data_types/likes.json similarity index 100% rename from pkg/classification/db/data_types/likes.json rename to internal/classification/db/data_types/likes.json diff --git a/pkg/classification/db/data_types/links_clicked.json b/internal/classification/db/data_types/links_clicked.json similarity index 100% rename from pkg/classification/db/data_types/links_clicked.json rename to internal/classification/db/data_types/links_clicked.json diff --git a/pkg/classification/db/data_types/loan_records.json b/internal/classification/db/data_types/loan_records.json similarity index 100% rename from pkg/classification/db/data_types/loan_records.json rename to internal/classification/db/data_types/loan_records.json diff --git a/pkg/classification/db/data_types/mac_address.json b/internal/classification/db/data_types/mac_address.json similarity index 100% rename from pkg/classification/db/data_types/mac_address.json rename to internal/classification/db/data_types/mac_address.json diff --git a/pkg/classification/db/data_types/marriages.json b/internal/classification/db/data_types/marriages.json similarity index 100% rename from pkg/classification/db/data_types/marriages.json rename to internal/classification/db/data_types/marriages.json diff --git a/pkg/classification/db/data_types/martial_status.json b/internal/classification/db/data_types/martial_status.json similarity index 100% rename from pkg/classification/db/data_types/martial_status.json rename to internal/classification/db/data_types/martial_status.json diff --git a/pkg/classification/db/data_types/mother_maiden_name.json b/internal/classification/db/data_types/mother_maiden_name.json similarity index 100% rename from pkg/classification/db/data_types/mother_maiden_name.json rename to internal/classification/db/data_types/mother_maiden_name.json diff --git a/pkg/classification/db/data_types/music.json b/internal/classification/db/data_types/music.json similarity index 100% rename from pkg/classification/db/data_types/music.json rename to internal/classification/db/data_types/music.json diff --git a/pkg/classification/db/data_types/national_origin.json b/internal/classification/db/data_types/national_origin.json similarity index 100% rename from pkg/classification/db/data_types/national_origin.json rename to internal/classification/db/data_types/national_origin.json diff --git a/pkg/classification/db/data_types/offspring.json b/internal/classification/db/data_types/offspring.json similarity index 100% rename from pkg/classification/db/data_types/offspring.json rename to internal/classification/db/data_types/offspring.json diff --git a/pkg/classification/db/data_types/opinions.json b/internal/classification/db/data_types/opinions.json similarity index 100% rename from pkg/classification/db/data_types/opinions.json rename to internal/classification/db/data_types/opinions.json diff --git a/pkg/classification/db/data_types/pardons.json b/internal/classification/db/data_types/pardons.json similarity index 100% rename from pkg/classification/db/data_types/pardons.json rename to internal/classification/db/data_types/pardons.json diff --git a/pkg/classification/db/data_types/passport_number.json b/internal/classification/db/data_types/passport_number.json similarity index 100% rename from pkg/classification/db/data_types/passport_number.json rename to internal/classification/db/data_types/passport_number.json diff --git a/pkg/classification/db/data_types/passwords.json b/internal/classification/db/data_types/passwords.json similarity index 100% rename from pkg/classification/db/data_types/passwords.json rename to internal/classification/db/data_types/passwords.json diff --git a/pkg/classification/db/data_types/personal_health_history.json b/internal/classification/db/data_types/personal_health_history.json similarity index 100% rename from pkg/classification/db/data_types/personal_health_history.json rename to internal/classification/db/data_types/personal_health_history.json diff --git a/pkg/classification/db/data_types/personal_possessions.json b/internal/classification/db/data_types/personal_possessions.json similarity index 100% rename from pkg/classification/db/data_types/personal_possessions.json rename to internal/classification/db/data_types/personal_possessions.json diff --git a/pkg/classification/db/data_types/philosophical_beliefs.json b/internal/classification/db/data_types/philosophical_beliefs.json similarity index 100% rename from pkg/classification/db/data_types/philosophical_beliefs.json rename to internal/classification/db/data_types/philosophical_beliefs.json diff --git a/pkg/classification/db/data_types/physical_address.json b/internal/classification/db/data_types/physical_address.json similarity index 100% rename from pkg/classification/db/data_types/physical_address.json rename to internal/classification/db/data_types/physical_address.json diff --git a/pkg/classification/db/data_types/physical_and_mental_health.json b/internal/classification/db/data_types/physical_and_mental_health.json similarity index 100% rename from pkg/classification/db/data_types/physical_and_mental_health.json rename to internal/classification/db/data_types/physical_and_mental_health.json diff --git a/pkg/classification/db/data_types/physical_traits.json b/internal/classification/db/data_types/physical_traits.json similarity index 100% rename from pkg/classification/db/data_types/physical_traits.json rename to internal/classification/db/data_types/physical_traits.json diff --git a/pkg/classification/db/data_types/piercings.json b/internal/classification/db/data_types/piercings.json similarity index 100% rename from pkg/classification/db/data_types/piercings.json rename to internal/classification/db/data_types/piercings.json diff --git a/pkg/classification/db/data_types/pin.json b/internal/classification/db/data_types/pin.json similarity index 100% rename from pkg/classification/db/data_types/pin.json rename to internal/classification/db/data_types/pin.json diff --git a/pkg/classification/db/data_types/political_affiliation.json b/internal/classification/db/data_types/political_affiliation.json similarity index 100% rename from pkg/classification/db/data_types/political_affiliation.json rename to internal/classification/db/data_types/political_affiliation.json diff --git a/pkg/classification/db/data_types/prescriptions.json b/internal/classification/db/data_types/prescriptions.json similarity index 100% rename from pkg/classification/db/data_types/prescriptions.json rename to internal/classification/db/data_types/prescriptions.json diff --git a/pkg/classification/db/data_types/purchases.json b/internal/classification/db/data_types/purchases.json similarity index 100% rename from pkg/classification/db/data_types/purchases.json rename to internal/classification/db/data_types/purchases.json diff --git a/pkg/classification/db/data_types/purchases_and_spending_habits.json b/internal/classification/db/data_types/purchases_and_spending_habits.json similarity index 100% rename from pkg/classification/db/data_types/purchases_and_spending_habits.json rename to internal/classification/db/data_types/purchases_and_spending_habits.json diff --git a/pkg/classification/db/data_types/race.json b/internal/classification/db/data_types/race.json similarity index 100% rename from pkg/classification/db/data_types/race.json rename to internal/classification/db/data_types/race.json diff --git a/pkg/classification/db/data_types/references.json b/internal/classification/db/data_types/references.json similarity index 100% rename from pkg/classification/db/data_types/references.json rename to internal/classification/db/data_types/references.json diff --git a/pkg/classification/db/data_types/relationships.json b/internal/classification/db/data_types/relationships.json similarity index 100% rename from pkg/classification/db/data_types/relationships.json rename to internal/classification/db/data_types/relationships.json diff --git a/pkg/classification/db/data_types/religion.json b/internal/classification/db/data_types/religion.json similarity index 100% rename from pkg/classification/db/data_types/religion.json rename to internal/classification/db/data_types/religion.json diff --git a/pkg/classification/db/data_types/religious_beliefs.json b/internal/classification/db/data_types/religious_beliefs.json similarity index 100% rename from pkg/classification/db/data_types/religious_beliefs.json rename to internal/classification/db/data_types/religious_beliefs.json diff --git a/pkg/classification/db/data_types/room_number.json b/internal/classification/db/data_types/room_number.json similarity index 100% rename from pkg/classification/db/data_types/room_number.json rename to internal/classification/db/data_types/room_number.json diff --git a/pkg/classification/db/data_types/salary.json b/internal/classification/db/data_types/salary.json similarity index 100% rename from pkg/classification/db/data_types/salary.json rename to internal/classification/db/data_types/salary.json diff --git a/pkg/classification/db/data_types/sales.json b/internal/classification/db/data_types/sales.json similarity index 100% rename from pkg/classification/db/data_types/sales.json rename to internal/classification/db/data_types/sales.json diff --git a/pkg/classification/db/data_types/school_attended.json b/internal/classification/db/data_types/school_attended.json similarity index 100% rename from pkg/classification/db/data_types/school_attended.json rename to internal/classification/db/data_types/school_attended.json diff --git a/pkg/classification/db/data_types/sexual_history.json b/internal/classification/db/data_types/sexual_history.json similarity index 100% rename from pkg/classification/db/data_types/sexual_history.json rename to internal/classification/db/data_types/sexual_history.json diff --git a/pkg/classification/db/data_types/sexual_preferences.json b/internal/classification/db/data_types/sexual_preferences.json similarity index 100% rename from pkg/classification/db/data_types/sexual_preferences.json rename to internal/classification/db/data_types/sexual_preferences.json diff --git a/pkg/classification/db/data_types/siblings.json b/internal/classification/db/data_types/siblings.json similarity index 100% rename from pkg/classification/db/data_types/siblings.json rename to internal/classification/db/data_types/siblings.json diff --git a/pkg/classification/db/data_types/skin_tone.json b/internal/classification/db/data_types/skin_tone.json similarity index 100% rename from pkg/classification/db/data_types/skin_tone.json rename to internal/classification/db/data_types/skin_tone.json diff --git a/pkg/classification/db/data_types/social_status.json b/internal/classification/db/data_types/social_status.json similarity index 100% rename from pkg/classification/db/data_types/social_status.json rename to internal/classification/db/data_types/social_status.json diff --git a/pkg/classification/db/data_types/spoken_languages.json b/internal/classification/db/data_types/spoken_languages.json similarity index 100% rename from pkg/classification/db/data_types/spoken_languages.json rename to internal/classification/db/data_types/spoken_languages.json diff --git a/pkg/classification/db/data_types/tattoos.json b/internal/classification/db/data_types/tattoos.json similarity index 100% rename from pkg/classification/db/data_types/tattoos.json rename to internal/classification/db/data_types/tattoos.json diff --git a/pkg/classification/db/data_types/taxes.json b/internal/classification/db/data_types/taxes.json similarity index 100% rename from pkg/classification/db/data_types/taxes.json rename to internal/classification/db/data_types/taxes.json diff --git a/pkg/classification/db/data_types/telephone_number.json b/internal/classification/db/data_types/telephone_number.json similarity index 100% rename from pkg/classification/db/data_types/telephone_number.json rename to internal/classification/db/data_types/telephone_number.json diff --git a/pkg/classification/db/data_types/telephone_recordings.json b/internal/classification/db/data_types/telephone_recordings.json similarity index 100% rename from pkg/classification/db/data_types/telephone_recordings.json rename to internal/classification/db/data_types/telephone_recordings.json diff --git a/pkg/classification/db/data_types/thoughts.json b/internal/classification/db/data_types/thoughts.json similarity index 100% rename from pkg/classification/db/data_types/thoughts.json rename to internal/classification/db/data_types/thoughts.json diff --git a/pkg/classification/db/data_types/transactions.json b/internal/classification/db/data_types/transactions.json similarity index 100% rename from pkg/classification/db/data_types/transactions.json rename to internal/classification/db/data_types/transactions.json diff --git a/pkg/classification/db/data_types/unique_identifier.json b/internal/classification/db/data_types/unique_identifier.json similarity index 100% rename from pkg/classification/db/data_types/unique_identifier.json rename to internal/classification/db/data_types/unique_identifier.json diff --git a/pkg/classification/db/data_types/username.json b/internal/classification/db/data_types/username.json similarity index 100% rename from pkg/classification/db/data_types/username.json rename to internal/classification/db/data_types/username.json diff --git a/pkg/classification/db/data_types/voice_mail.json b/internal/classification/db/data_types/voice_mail.json similarity index 100% rename from pkg/classification/db/data_types/voice_mail.json rename to internal/classification/db/data_types/voice_mail.json diff --git a/pkg/classification/db/data_types/weight.json b/internal/classification/db/data_types/weight.json similarity index 100% rename from pkg/classification/db/data_types/weight.json rename to internal/classification/db/data_types/weight.json diff --git a/pkg/classification/db/data_types/work_history.json b/internal/classification/db/data_types/work_history.json similarity index 100% rename from pkg/classification/db/data_types/work_history.json rename to internal/classification/db/data_types/work_history.json diff --git a/pkg/classification/db/db.go b/internal/classification/db/db.go similarity index 99% rename from pkg/classification/db/db.go rename to internal/classification/db/db.go index 30ca555ae..a7268dd9d 100644 --- a/pkg/classification/db/db.go +++ b/internal/classification/db/db.go @@ -8,7 +8,7 @@ import ( "regexp" "strings" - "github.com/bearer/bearer/pkg/flag" + "github.com/bearer/bearer/internal/flag" "github.com/tangzero/inflector" ) diff --git a/pkg/classification/db/known_person_object_patterns/account.json b/internal/classification/db/known_person_object_patterns/account.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/account.json rename to internal/classification/db/known_person_object_patterns/account.json diff --git a/pkg/classification/db/known_person_object_patterns/advisor.json b/internal/classification/db/known_person_object_patterns/advisor.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/advisor.json rename to internal/classification/db/known_person_object_patterns/advisor.json diff --git a/pkg/classification/db/known_person_object_patterns/applicant.json b/internal/classification/db/known_person_object_patterns/applicant.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/applicant.json rename to internal/classification/db/known_person_object_patterns/applicant.json diff --git a/pkg/classification/db/known_person_object_patterns/artist.json b/internal/classification/db/known_person_object_patterns/artist.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/artist.json rename to internal/classification/db/known_person_object_patterns/artist.json diff --git a/pkg/classification/db/known_person_object_patterns/attendee.json b/internal/classification/db/known_person_object_patterns/attendee.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/attendee.json rename to internal/classification/db/known_person_object_patterns/attendee.json diff --git a/pkg/classification/db/known_person_object_patterns/author.json b/internal/classification/db/known_person_object_patterns/author.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/author.json rename to internal/classification/db/known_person_object_patterns/author.json diff --git a/pkg/classification/db/known_person_object_patterns/bank_account.json b/internal/classification/db/known_person_object_patterns/bank_account.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/bank_account.json rename to internal/classification/db/known_person_object_patterns/bank_account.json diff --git a/pkg/classification/db/known_person_object_patterns/beneficiar.json b/internal/classification/db/known_person_object_patterns/beneficiar.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/beneficiar.json rename to internal/classification/db/known_person_object_patterns/beneficiar.json diff --git a/pkg/classification/db/known_person_object_patterns/buyer.json b/internal/classification/db/known_person_object_patterns/buyer.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/buyer.json rename to internal/classification/db/known_person_object_patterns/buyer.json diff --git a/pkg/classification/db/known_person_object_patterns/caller.json b/internal/classification/db/known_person_object_patterns/caller.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/caller.json rename to internal/classification/db/known_person_object_patterns/caller.json diff --git a/pkg/classification/db/known_person_object_patterns/candidate.json b/internal/classification/db/known_person_object_patterns/candidate.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/candidate.json rename to internal/classification/db/known_person_object_patterns/candidate.json diff --git a/pkg/classification/db/known_person_object_patterns/cardholder.json b/internal/classification/db/known_person_object_patterns/cardholder.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/cardholder.json rename to internal/classification/db/known_person_object_patterns/cardholder.json diff --git a/pkg/classification/db/known_person_object_patterns/client.json b/internal/classification/db/known_person_object_patterns/client.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/client.json rename to internal/classification/db/known_person_object_patterns/client.json diff --git a/pkg/classification/db/known_person_object_patterns/coach.json b/internal/classification/db/known_person_object_patterns/coach.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/coach.json rename to internal/classification/db/known_person_object_patterns/coach.json diff --git a/pkg/classification/db/known_person_object_patterns/collaborator.json b/internal/classification/db/known_person_object_patterns/collaborator.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/collaborator.json rename to internal/classification/db/known_person_object_patterns/collaborator.json diff --git a/pkg/classification/db/known_person_object_patterns/commenter.json b/internal/classification/db/known_person_object_patterns/commenter.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/commenter.json rename to internal/classification/db/known_person_object_patterns/commenter.json diff --git a/pkg/classification/db/known_person_object_patterns/committer.json b/internal/classification/db/known_person_object_patterns/committer.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/committer.json rename to internal/classification/db/known_person_object_patterns/committer.json diff --git a/pkg/classification/db/known_person_object_patterns/competitor.json b/internal/classification/db/known_person_object_patterns/competitor.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/competitor.json rename to internal/classification/db/known_person_object_patterns/competitor.json diff --git a/pkg/classification/db/known_person_object_patterns/consumer.json b/internal/classification/db/known_person_object_patterns/consumer.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/consumer.json rename to internal/classification/db/known_person_object_patterns/consumer.json diff --git a/pkg/classification/db/known_person_object_patterns/contact.json b/internal/classification/db/known_person_object_patterns/contact.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/contact.json rename to internal/classification/db/known_person_object_patterns/contact.json diff --git a/pkg/classification/db/known_person_object_patterns/contractor.json b/internal/classification/db/known_person_object_patterns/contractor.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/contractor.json rename to internal/classification/db/known_person_object_patterns/contractor.json diff --git a/pkg/classification/db/known_person_object_patterns/contributor.json b/internal/classification/db/known_person_object_patterns/contributor.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/contributor.json rename to internal/classification/db/known_person_object_patterns/contributor.json diff --git a/pkg/classification/db/known_person_object_patterns/credentials.json b/internal/classification/db/known_person_object_patterns/credentials.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/credentials.json rename to internal/classification/db/known_person_object_patterns/credentials.json diff --git a/pkg/classification/db/known_person_object_patterns/customer.json b/internal/classification/db/known_person_object_patterns/customer.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/customer.json rename to internal/classification/db/known_person_object_patterns/customer.json diff --git a/pkg/classification/db/known_person_object_patterns/developer.json b/internal/classification/db/known_person_object_patterns/developer.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/developer.json rename to internal/classification/db/known_person_object_patterns/developer.json diff --git a/pkg/classification/db/known_person_object_patterns/doctor.json b/internal/classification/db/known_person_object_patterns/doctor.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/doctor.json rename to internal/classification/db/known_person_object_patterns/doctor.json diff --git a/pkg/classification/db/known_person_object_patterns/driver.json b/internal/classification/db/known_person_object_patterns/driver.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/driver.json rename to internal/classification/db/known_person_object_patterns/driver.json diff --git a/pkg/classification/db/known_person_object_patterns/employee.json b/internal/classification/db/known_person_object_patterns/employee.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/employee.json rename to internal/classification/db/known_person_object_patterns/employee.json diff --git a/pkg/classification/db/known_person_object_patterns/employer.json b/internal/classification/db/known_person_object_patterns/employer.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/employer.json rename to internal/classification/db/known_person_object_patterns/employer.json diff --git a/pkg/classification/db/known_person_object_patterns/follower.json b/internal/classification/db/known_person_object_patterns/follower.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/follower.json rename to internal/classification/db/known_person_object_patterns/follower.json diff --git a/pkg/classification/db/known_person_object_patterns/guardian.json b/internal/classification/db/known_person_object_patterns/guardian.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/guardian.json rename to internal/classification/db/known_person_object_patterns/guardian.json diff --git a/pkg/classification/db/known_person_object_patterns/identity.json b/internal/classification/db/known_person_object_patterns/identity.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/identity.json rename to internal/classification/db/known_person_object_patterns/identity.json diff --git a/pkg/classification/db/known_person_object_patterns/insuree.json b/internal/classification/db/known_person_object_patterns/insuree.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/insuree.json rename to internal/classification/db/known_person_object_patterns/insuree.json diff --git a/pkg/classification/db/known_person_object_patterns/invitee.json b/internal/classification/db/known_person_object_patterns/invitee.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/invitee.json rename to internal/classification/db/known_person_object_patterns/invitee.json diff --git a/pkg/classification/db/known_person_object_patterns/issuer.json b/internal/classification/db/known_person_object_patterns/issuer.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/issuer.json rename to internal/classification/db/known_person_object_patterns/issuer.json diff --git a/pkg/classification/db/known_person_object_patterns/landlord.json b/internal/classification/db/known_person_object_patterns/landlord.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/landlord.json rename to internal/classification/db/known_person_object_patterns/landlord.json diff --git a/pkg/classification/db/known_person_object_patterns/lead.json b/internal/classification/db/known_person_object_patterns/lead.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/lead.json rename to internal/classification/db/known_person_object_patterns/lead.json diff --git a/pkg/classification/db/known_person_object_patterns/learner.json b/internal/classification/db/known_person_object_patterns/learner.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/learner.json rename to internal/classification/db/known_person_object_patterns/learner.json diff --git a/pkg/classification/db/known_person_object_patterns/login.json b/internal/classification/db/known_person_object_patterns/login.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/login.json rename to internal/classification/db/known_person_object_patterns/login.json diff --git a/pkg/classification/db/known_person_object_patterns/member.json b/internal/classification/db/known_person_object_patterns/member.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/member.json rename to internal/classification/db/known_person_object_patterns/member.json diff --git a/pkg/classification/db/known_person_object_patterns/mentor.json b/internal/classification/db/known_person_object_patterns/mentor.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/mentor.json rename to internal/classification/db/known_person_object_patterns/mentor.json diff --git a/pkg/classification/db/known_person_object_patterns/moderator.json b/internal/classification/db/known_person_object_patterns/moderator.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/moderator.json rename to internal/classification/db/known_person_object_patterns/moderator.json diff --git a/pkg/classification/db/known_person_object_patterns/organizer.json b/internal/classification/db/known_person_object_patterns/organizer.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/organizer.json rename to internal/classification/db/known_person_object_patterns/organizer.json diff --git a/pkg/classification/db/known_person_object_patterns/owner.json b/internal/classification/db/known_person_object_patterns/owner.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/owner.json rename to internal/classification/db/known_person_object_patterns/owner.json diff --git a/pkg/classification/db/known_person_object_patterns/panelist.json b/internal/classification/db/known_person_object_patterns/panelist.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/panelist.json rename to internal/classification/db/known_person_object_patterns/panelist.json diff --git a/pkg/classification/db/known_person_object_patterns/participant.json b/internal/classification/db/known_person_object_patterns/participant.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/participant.json rename to internal/classification/db/known_person_object_patterns/participant.json diff --git a/pkg/classification/db/known_person_object_patterns/partner.json b/internal/classification/db/known_person_object_patterns/partner.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/partner.json rename to internal/classification/db/known_person_object_patterns/partner.json diff --git a/pkg/classification/db/known_person_object_patterns/passenger.json b/internal/classification/db/known_person_object_patterns/passenger.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/passenger.json rename to internal/classification/db/known_person_object_patterns/passenger.json diff --git a/pkg/classification/db/known_person_object_patterns/patient.json b/internal/classification/db/known_person_object_patterns/patient.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/patient.json rename to internal/classification/db/known_person_object_patterns/patient.json diff --git a/pkg/classification/db/known_person_object_patterns/payee.json b/internal/classification/db/known_person_object_patterns/payee.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/payee.json rename to internal/classification/db/known_person_object_patterns/payee.json diff --git a/pkg/classification/db/known_person_object_patterns/payer.json b/internal/classification/db/known_person_object_patterns/payer.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/payer.json rename to internal/classification/db/known_person_object_patterns/payer.json diff --git a/pkg/classification/db/known_person_object_patterns/payor.json b/internal/classification/db/known_person_object_patterns/payor.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/payor.json rename to internal/classification/db/known_person_object_patterns/payor.json diff --git a/pkg/classification/db/known_person_object_patterns/people.json b/internal/classification/db/known_person_object_patterns/people.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/people.json rename to internal/classification/db/known_person_object_patterns/people.json diff --git a/pkg/classification/db/known_person_object_patterns/person.json b/internal/classification/db/known_person_object_patterns/person.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/person.json rename to internal/classification/db/known_person_object_patterns/person.json diff --git a/pkg/classification/db/known_person_object_patterns/player.json b/internal/classification/db/known_person_object_patterns/player.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/player.json rename to internal/classification/db/known_person_object_patterns/player.json diff --git a/pkg/classification/db/known_person_object_patterns/profile.json b/internal/classification/db/known_person_object_patterns/profile.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/profile.json rename to internal/classification/db/known_person_object_patterns/profile.json diff --git a/pkg/classification/db/known_person_object_patterns/reader.json b/internal/classification/db/known_person_object_patterns/reader.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/reader.json rename to internal/classification/db/known_person_object_patterns/reader.json diff --git a/pkg/classification/db/known_person_object_patterns/receiver.json b/internal/classification/db/known_person_object_patterns/receiver.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/receiver.json rename to internal/classification/db/known_person_object_patterns/receiver.json diff --git a/pkg/classification/db/known_person_object_patterns/recipient.json b/internal/classification/db/known_person_object_patterns/recipient.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/recipient.json rename to internal/classification/db/known_person_object_patterns/recipient.json diff --git a/pkg/classification/db/known_person_object_patterns/recruit.json b/internal/classification/db/known_person_object_patterns/recruit.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/recruit.json rename to internal/classification/db/known_person_object_patterns/recruit.json diff --git a/pkg/classification/db/known_person_object_patterns/referee.json b/internal/classification/db/known_person_object_patterns/referee.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/referee.json rename to internal/classification/db/known_person_object_patterns/referee.json diff --git a/pkg/classification/db/known_person_object_patterns/referer.json b/internal/classification/db/known_person_object_patterns/referer.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/referer.json rename to internal/classification/db/known_person_object_patterns/referer.json diff --git a/pkg/classification/db/known_person_object_patterns/registrant.json b/internal/classification/db/known_person_object_patterns/registrant.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/registrant.json rename to internal/classification/db/known_person_object_patterns/registrant.json diff --git a/pkg/classification/db/known_person_object_patterns/seller.json b/internal/classification/db/known_person_object_patterns/seller.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/seller.json rename to internal/classification/db/known_person_object_patterns/seller.json diff --git a/pkg/classification/db/known_person_object_patterns/sender.json b/internal/classification/db/known_person_object_patterns/sender.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/sender.json rename to internal/classification/db/known_person_object_patterns/sender.json diff --git a/pkg/classification/db/known_person_object_patterns/shareholder.json b/internal/classification/db/known_person_object_patterns/shareholder.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/shareholder.json rename to internal/classification/db/known_person_object_patterns/shareholder.json diff --git a/pkg/classification/db/known_person_object_patterns/shopper.json b/internal/classification/db/known_person_object_patterns/shopper.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/shopper.json rename to internal/classification/db/known_person_object_patterns/shopper.json diff --git a/pkg/classification/db/known_person_object_patterns/signer.json b/internal/classification/db/known_person_object_patterns/signer.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/signer.json rename to internal/classification/db/known_person_object_patterns/signer.json diff --git a/pkg/classification/db/known_person_object_patterns/student.json b/internal/classification/db/known_person_object_patterns/student.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/student.json rename to internal/classification/db/known_person_object_patterns/student.json diff --git a/pkg/classification/db/known_person_object_patterns/subscriber.json b/internal/classification/db/known_person_object_patterns/subscriber.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/subscriber.json rename to internal/classification/db/known_person_object_patterns/subscriber.json diff --git a/pkg/classification/db/known_person_object_patterns/supplier.json b/internal/classification/db/known_person_object_patterns/supplier.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/supplier.json rename to internal/classification/db/known_person_object_patterns/supplier.json diff --git a/pkg/classification/db/known_person_object_patterns/teacher.json b/internal/classification/db/known_person_object_patterns/teacher.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/teacher.json rename to internal/classification/db/known_person_object_patterns/teacher.json diff --git a/pkg/classification/db/known_person_object_patterns/trainer.json b/internal/classification/db/known_person_object_patterns/trainer.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/trainer.json rename to internal/classification/db/known_person_object_patterns/trainer.json diff --git a/pkg/classification/db/known_person_object_patterns/user.json b/internal/classification/db/known_person_object_patterns/user.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/user.json rename to internal/classification/db/known_person_object_patterns/user.json diff --git a/pkg/classification/db/known_person_object_patterns/veteran.json b/internal/classification/db/known_person_object_patterns/veteran.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/veteran.json rename to internal/classification/db/known_person_object_patterns/veteran.json diff --git a/pkg/classification/db/known_person_object_patterns/volunteer.json b/internal/classification/db/known_person_object_patterns/volunteer.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/volunteer.json rename to internal/classification/db/known_person_object_patterns/volunteer.json diff --git a/pkg/classification/db/known_person_object_patterns/winner.json b/internal/classification/db/known_person_object_patterns/winner.json similarity index 100% rename from pkg/classification/db/known_person_object_patterns/winner.json rename to internal/classification/db/known_person_object_patterns/winner.json diff --git a/pkg/classification/db/recipes/abbyy_cloud_ocr_sdk.json b/internal/classification/db/recipes/abbyy_cloud_ocr_sdk.json similarity index 100% rename from pkg/classification/db/recipes/abbyy_cloud_ocr_sdk.json rename to internal/classification/db/recipes/abbyy_cloud_ocr_sdk.json diff --git a/pkg/classification/db/recipes/abtasty.json b/internal/classification/db/recipes/abtasty.json similarity index 100% rename from pkg/classification/db/recipes/abtasty.json rename to internal/classification/db/recipes/abtasty.json diff --git a/pkg/classification/db/recipes/active_directory.json b/internal/classification/db/recipes/active_directory.json similarity index 100% rename from pkg/classification/db/recipes/active_directory.json rename to internal/classification/db/recipes/active_directory.json diff --git a/pkg/classification/db/recipes/activecampaign.json b/internal/classification/db/recipes/activecampaign.json similarity index 100% rename from pkg/classification/db/recipes/activecampaign.json rename to internal/classification/db/recipes/activecampaign.json diff --git a/pkg/classification/db/recipes/adictiz.json b/internal/classification/db/recipes/adictiz.json similarity index 100% rename from pkg/classification/db/recipes/adictiz.json rename to internal/classification/db/recipes/adictiz.json diff --git a/pkg/classification/db/recipes/adjust.json b/internal/classification/db/recipes/adjust.json similarity index 100% rename from pkg/classification/db/recipes/adjust.json rename to internal/classification/db/recipes/adjust.json diff --git a/pkg/classification/db/recipes/adobe_campaign_neolane.json b/internal/classification/db/recipes/adobe_campaign_neolane.json similarity index 100% rename from pkg/classification/db/recipes/adobe_campaign_neolane.json rename to internal/classification/db/recipes/adobe_campaign_neolane.json diff --git a/pkg/classification/db/recipes/adobe_scene7.json b/internal/classification/db/recipes/adobe_scene7.json similarity index 100% rename from pkg/classification/db/recipes/adobe_scene7.json rename to internal/classification/db/recipes/adobe_scene7.json diff --git a/pkg/classification/db/recipes/adotmob.json b/internal/classification/db/recipes/adotmob.json similarity index 100% rename from pkg/classification/db/recipes/adotmob.json rename to internal/classification/db/recipes/adotmob.json diff --git a/pkg/classification/db/recipes/adroll.json b/internal/classification/db/recipes/adroll.json similarity index 100% rename from pkg/classification/db/recipes/adroll.json rename to internal/classification/db/recipes/adroll.json diff --git a/pkg/classification/db/recipes/adyen.json b/internal/classification/db/recipes/adyen.json similarity index 100% rename from pkg/classification/db/recipes/adyen.json rename to internal/classification/db/recipes/adyen.json diff --git a/pkg/classification/db/recipes/aerospike.json b/internal/classification/db/recipes/aerospike.json similarity index 100% rename from pkg/classification/db/recipes/aerospike.json rename to internal/classification/db/recipes/aerospike.json diff --git a/pkg/classification/db/recipes/airbrake.json b/internal/classification/db/recipes/airbrake.json similarity index 100% rename from pkg/classification/db/recipes/airbrake.json rename to internal/classification/db/recipes/airbrake.json diff --git a/pkg/classification/db/recipes/airtable.json b/internal/classification/db/recipes/airtable.json similarity index 100% rename from pkg/classification/db/recipes/airtable.json rename to internal/classification/db/recipes/airtable.json diff --git a/pkg/classification/db/recipes/alexa_com.json b/internal/classification/db/recipes/alexa_com.json similarity index 100% rename from pkg/classification/db/recipes/alexa_com.json rename to internal/classification/db/recipes/alexa_com.json diff --git a/pkg/classification/db/recipes/algolia.json b/internal/classification/db/recipes/algolia.json similarity index 100% rename from pkg/classification/db/recipes/algolia.json rename to internal/classification/db/recipes/algolia.json diff --git a/pkg/classification/db/recipes/alibaba_cloud_apis.json b/internal/classification/db/recipes/alibaba_cloud_apis.json similarity index 100% rename from pkg/classification/db/recipes/alibaba_cloud_apis.json rename to internal/classification/db/recipes/alibaba_cloud_apis.json diff --git a/pkg/classification/db/recipes/alloy.json b/internal/classification/db/recipes/alloy.json similarity index 100% rename from pkg/classification/db/recipes/alloy.json rename to internal/classification/db/recipes/alloy.json diff --git a/pkg/classification/db/recipes/almerys.json b/internal/classification/db/recipes/almerys.json similarity index 100% rename from pkg/classification/db/recipes/almerys.json rename to internal/classification/db/recipes/almerys.json diff --git a/pkg/classification/db/recipes/alpaca.json b/internal/classification/db/recipes/alpaca.json similarity index 100% rename from pkg/classification/db/recipes/alpaca.json rename to internal/classification/db/recipes/alpaca.json diff --git a/pkg/classification/db/recipes/amazon_aws_apis.json b/internal/classification/db/recipes/amazon_aws_apis.json similarity index 100% rename from pkg/classification/db/recipes/amazon_aws_apis.json rename to internal/classification/db/recipes/amazon_aws_apis.json diff --git a/pkg/classification/db/recipes/ambassador.json b/internal/classification/db/recipes/ambassador.json similarity index 100% rename from pkg/classification/db/recipes/ambassador.json rename to internal/classification/db/recipes/ambassador.json diff --git a/pkg/classification/db/recipes/amc_theater.json b/internal/classification/db/recipes/amc_theater.json similarity index 100% rename from pkg/classification/db/recipes/amc_theater.json rename to internal/classification/db/recipes/amc_theater.json diff --git a/pkg/classification/db/recipes/ameli.json b/internal/classification/db/recipes/ameli.json similarity index 100% rename from pkg/classification/db/recipes/ameli.json rename to internal/classification/db/recipes/ameli.json diff --git a/pkg/classification/db/recipes/amplitude.json b/internal/classification/db/recipes/amplitude.json similarity index 100% rename from pkg/classification/db/recipes/amplitude.json rename to internal/classification/db/recipes/amplitude.json diff --git a/pkg/classification/db/recipes/apache_airflow.json b/internal/classification/db/recipes/apache_airflow.json similarity index 100% rename from pkg/classification/db/recipes/apache_airflow.json rename to internal/classification/db/recipes/apache_airflow.json diff --git a/pkg/classification/db/recipes/apache_beam.json b/internal/classification/db/recipes/apache_beam.json similarity index 100% rename from pkg/classification/db/recipes/apache_beam.json rename to internal/classification/db/recipes/apache_beam.json diff --git a/pkg/classification/db/recipes/apache_hbase.json b/internal/classification/db/recipes/apache_hbase.json similarity index 100% rename from pkg/classification/db/recipes/apache_hbase.json rename to internal/classification/db/recipes/apache_hbase.json diff --git a/pkg/classification/db/recipes/apache_kafka.json b/internal/classification/db/recipes/apache_kafka.json similarity index 100% rename from pkg/classification/db/recipes/apache_kafka.json rename to internal/classification/db/recipes/apache_kafka.json diff --git a/pkg/classification/db/recipes/apache_spark.json b/internal/classification/db/recipes/apache_spark.json similarity index 100% rename from pkg/classification/db/recipes/apache_spark.json rename to internal/classification/db/recipes/apache_spark.json diff --git a/pkg/classification/db/recipes/apollographql.json b/internal/classification/db/recipes/apollographql.json similarity index 100% rename from pkg/classification/db/recipes/apollographql.json rename to internal/classification/db/recipes/apollographql.json diff --git a/pkg/classification/db/recipes/appbase.json b/internal/classification/db/recipes/appbase.json similarity index 100% rename from pkg/classification/db/recipes/appbase.json rename to internal/classification/db/recipes/appbase.json diff --git a/pkg/classification/db/recipes/appdynamics.json b/internal/classification/db/recipes/appdynamics.json similarity index 100% rename from pkg/classification/db/recipes/appdynamics.json rename to internal/classification/db/recipes/appdynamics.json diff --git a/pkg/classification/db/recipes/apple.json b/internal/classification/db/recipes/apple.json similarity index 100% rename from pkg/classification/db/recipes/apple.json rename to internal/classification/db/recipes/apple.json diff --git a/pkg/classification/db/recipes/apple_pay.json b/internal/classification/db/recipes/apple_pay.json similarity index 100% rename from pkg/classification/db/recipes/apple_pay.json rename to internal/classification/db/recipes/apple_pay.json diff --git a/pkg/classification/db/recipes/appveyor.json b/internal/classification/db/recipes/appveyor.json similarity index 100% rename from pkg/classification/db/recipes/appveyor.json rename to internal/classification/db/recipes/appveyor.json diff --git a/pkg/classification/db/recipes/aquasec.json b/internal/classification/db/recipes/aquasec.json similarity index 100% rename from pkg/classification/db/recipes/aquasec.json rename to internal/classification/db/recipes/aquasec.json diff --git a/pkg/classification/db/recipes/asana.json b/internal/classification/db/recipes/asana.json similarity index 100% rename from pkg/classification/db/recipes/asana.json rename to internal/classification/db/recipes/asana.json diff --git a/pkg/classification/db/recipes/assurcard.json b/internal/classification/db/recipes/assurcard.json similarity index 100% rename from pkg/classification/db/recipes/assurcard.json rename to internal/classification/db/recipes/assurcard.json diff --git a/pkg/classification/db/recipes/athos_worldline.json b/internal/classification/db/recipes/athos_worldline.json similarity index 100% rename from pkg/classification/db/recipes/athos_worldline.json rename to internal/classification/db/recipes/athos_worldline.json diff --git a/pkg/classification/db/recipes/atinternet.json b/internal/classification/db/recipes/atinternet.json similarity index 100% rename from pkg/classification/db/recipes/atinternet.json rename to internal/classification/db/recipes/atinternet.json diff --git a/pkg/classification/db/recipes/atlassian_cloud.json b/internal/classification/db/recipes/atlassian_cloud.json similarity index 100% rename from pkg/classification/db/recipes/atlassian_cloud.json rename to internal/classification/db/recipes/atlassian_cloud.json diff --git a/pkg/classification/db/recipes/auth0.json b/internal/classification/db/recipes/auth0.json similarity index 100% rename from pkg/classification/db/recipes/auth0.json rename to internal/classification/db/recipes/auth0.json diff --git a/pkg/classification/db/recipes/aws_athena.json b/internal/classification/db/recipes/aws_athena.json similarity index 100% rename from pkg/classification/db/recipes/aws_athena.json rename to internal/classification/db/recipes/aws_athena.json diff --git a/pkg/classification/db/recipes/aws_dynamodb.json b/internal/classification/db/recipes/aws_dynamodb.json similarity index 100% rename from pkg/classification/db/recipes/aws_dynamodb.json rename to internal/classification/db/recipes/aws_dynamodb.json diff --git a/pkg/classification/db/recipes/aws_key_management_service_kms.json b/internal/classification/db/recipes/aws_key_management_service_kms.json similarity index 100% rename from pkg/classification/db/recipes/aws_key_management_service_kms.json rename to internal/classification/db/recipes/aws_key_management_service_kms.json diff --git a/pkg/classification/db/recipes/aws_kinesis.json b/internal/classification/db/recipes/aws_kinesis.json similarity index 100% rename from pkg/classification/db/recipes/aws_kinesis.json rename to internal/classification/db/recipes/aws_kinesis.json diff --git a/pkg/classification/db/recipes/aws_redshift.json b/internal/classification/db/recipes/aws_redshift.json similarity index 100% rename from pkg/classification/db/recipes/aws_redshift.json rename to internal/classification/db/recipes/aws_redshift.json diff --git a/pkg/classification/db/recipes/aws_s3.json b/internal/classification/db/recipes/aws_s3.json similarity index 100% rename from pkg/classification/db/recipes/aws_s3.json rename to internal/classification/db/recipes/aws_s3.json diff --git a/pkg/classification/db/recipes/aws_s3_glacier.json b/internal/classification/db/recipes/aws_s3_glacier.json similarity index 100% rename from pkg/classification/db/recipes/aws_s3_glacier.json rename to internal/classification/db/recipes/aws_s3_glacier.json diff --git a/pkg/classification/db/recipes/aws_sqs.json b/internal/classification/db/recipes/aws_sqs.json similarity index 100% rename from pkg/classification/db/recipes/aws_sqs.json rename to internal/classification/db/recipes/aws_sqs.json diff --git a/pkg/classification/db/recipes/azure_cognitive_search.json b/internal/classification/db/recipes/azure_cognitive_search.json similarity index 100% rename from pkg/classification/db/recipes/azure_cognitive_search.json rename to internal/classification/db/recipes/azure_cognitive_search.json diff --git a/pkg/classification/db/recipes/azure_cosmos_db.json b/internal/classification/db/recipes/azure_cosmos_db.json similarity index 100% rename from pkg/classification/db/recipes/azure_cosmos_db.json rename to internal/classification/db/recipes/azure_cosmos_db.json diff --git a/pkg/classification/db/recipes/azure_key_vault.json b/internal/classification/db/recipes/azure_key_vault.json similarity index 100% rename from pkg/classification/db/recipes/azure_key_vault.json rename to internal/classification/db/recipes/azure_key_vault.json diff --git a/pkg/classification/db/recipes/azure_service_bus.json b/internal/classification/db/recipes/azure_service_bus.json similarity index 100% rename from pkg/classification/db/recipes/azure_service_bus.json rename to internal/classification/db/recipes/azure_service_bus.json diff --git a/pkg/classification/db/recipes/azure_storage.json b/internal/classification/db/recipes/azure_storage.json similarity index 100% rename from pkg/classification/db/recipes/azure_storage.json rename to internal/classification/db/recipes/azure_storage.json diff --git a/pkg/classification/db/recipes/badgerdb.json b/internal/classification/db/recipes/badgerdb.json similarity index 100% rename from pkg/classification/db/recipes/badgerdb.json rename to internal/classification/db/recipes/badgerdb.json diff --git a/pkg/classification/db/recipes/bamboohr.json b/internal/classification/db/recipes/bamboohr.json similarity index 100% rename from pkg/classification/db/recipes/bamboohr.json rename to internal/classification/db/recipes/bamboohr.json diff --git a/pkg/classification/db/recipes/bambuser.json b/internal/classification/db/recipes/bambuser.json similarity index 100% rename from pkg/classification/db/recipes/bambuser.json rename to internal/classification/db/recipes/bambuser.json diff --git a/pkg/classification/db/recipes/bank_of_apis_natwest_rbs.json b/internal/classification/db/recipes/bank_of_apis_natwest_rbs.json similarity index 100% rename from pkg/classification/db/recipes/bank_of_apis_natwest_rbs.json rename to internal/classification/db/recipes/bank_of_apis_natwest_rbs.json diff --git a/pkg/classification/db/recipes/barclays.json b/internal/classification/db/recipes/barclays.json similarity index 100% rename from pkg/classification/db/recipes/barclays.json rename to internal/classification/db/recipes/barclays.json diff --git a/pkg/classification/db/recipes/basecamp.json b/internal/classification/db/recipes/basecamp.json similarity index 100% rename from pkg/classification/db/recipes/basecamp.json rename to internal/classification/db/recipes/basecamp.json diff --git a/pkg/classification/db/recipes/bigcommerce.json b/internal/classification/db/recipes/bigcommerce.json similarity index 100% rename from pkg/classification/db/recipes/bigcommerce.json rename to internal/classification/db/recipes/bigcommerce.json diff --git a/pkg/classification/db/recipes/bintray_jfrog.json b/internal/classification/db/recipes/bintray_jfrog.json similarity index 100% rename from pkg/classification/db/recipes/bintray_jfrog.json rename to internal/classification/db/recipes/bintray_jfrog.json diff --git a/pkg/classification/db/recipes/bitbucket.json b/internal/classification/db/recipes/bitbucket.json similarity index 100% rename from pkg/classification/db/recipes/bitbucket.json rename to internal/classification/db/recipes/bitbucket.json diff --git a/pkg/classification/db/recipes/bitly.json b/internal/classification/db/recipes/bitly.json similarity index 100% rename from pkg/classification/db/recipes/bitly.json rename to internal/classification/db/recipes/bitly.json diff --git a/pkg/classification/db/recipes/bitrise.json b/internal/classification/db/recipes/bitrise.json similarity index 100% rename from pkg/classification/db/recipes/bitrise.json rename to internal/classification/db/recipes/bitrise.json diff --git a/pkg/classification/db/recipes/blackfire.json b/internal/classification/db/recipes/blackfire.json similarity index 100% rename from pkg/classification/db/recipes/blackfire.json rename to internal/classification/db/recipes/blackfire.json diff --git a/pkg/classification/db/recipes/boltdb.json b/internal/classification/db/recipes/boltdb.json similarity index 100% rename from pkg/classification/db/recipes/boltdb.json rename to internal/classification/db/recipes/boltdb.json diff --git a/pkg/classification/db/recipes/box.json b/internal/classification/db/recipes/box.json similarity index 100% rename from pkg/classification/db/recipes/box.json rename to internal/classification/db/recipes/box.json diff --git a/pkg/classification/db/recipes/braze.json b/internal/classification/db/recipes/braze.json similarity index 100% rename from pkg/classification/db/recipes/braze.json rename to internal/classification/db/recipes/braze.json diff --git a/pkg/classification/db/recipes/brightbox.json b/internal/classification/db/recipes/brightbox.json similarity index 100% rename from pkg/classification/db/recipes/brightbox.json rename to internal/classification/db/recipes/brightbox.json diff --git a/pkg/classification/db/recipes/browserstack.json b/internal/classification/db/recipes/browserstack.json similarity index 100% rename from pkg/classification/db/recipes/browserstack.json rename to internal/classification/db/recipes/browserstack.json diff --git a/pkg/classification/db/recipes/bugsnag.json b/internal/classification/db/recipes/bugsnag.json similarity index 100% rename from pkg/classification/db/recipes/bugsnag.json rename to internal/classification/db/recipes/bugsnag.json diff --git a/pkg/classification/db/recipes/buntdb.json b/internal/classification/db/recipes/buntdb.json similarity index 100% rename from pkg/classification/db/recipes/buntdb.json rename to internal/classification/db/recipes/buntdb.json diff --git a/pkg/classification/db/recipes/calendly.json b/internal/classification/db/recipes/calendly.json similarity index 100% rename from pkg/classification/db/recipes/calendly.json rename to internal/classification/db/recipes/calendly.json diff --git a/pkg/classification/db/recipes/cashplus.json b/internal/classification/db/recipes/cashplus.json similarity index 100% rename from pkg/classification/db/recipes/cashplus.json rename to internal/classification/db/recipes/cashplus.json diff --git a/pkg/classification/db/recipes/cassandara.json b/internal/classification/db/recipes/cassandara.json similarity index 100% rename from pkg/classification/db/recipes/cassandara.json rename to internal/classification/db/recipes/cassandara.json diff --git a/pkg/classification/db/recipes/centrify.json b/internal/classification/db/recipes/centrify.json similarity index 100% rename from pkg/classification/db/recipes/centrify.json rename to internal/classification/db/recipes/centrify.json diff --git a/pkg/classification/db/recipes/chargebee.json b/internal/classification/db/recipes/chargebee.json similarity index 100% rename from pkg/classification/db/recipes/chargebee.json rename to internal/classification/db/recipes/chargebee.json diff --git a/pkg/classification/db/recipes/chargify.json b/internal/classification/db/recipes/chargify.json similarity index 100% rename from pkg/classification/db/recipes/chargify.json rename to internal/classification/db/recipes/chargify.json diff --git a/pkg/classification/db/recipes/checkout_com.json b/internal/classification/db/recipes/checkout_com.json similarity index 100% rename from pkg/classification/db/recipes/checkout_com.json rename to internal/classification/db/recipes/checkout_com.json diff --git a/pkg/classification/db/recipes/circleci.json b/internal/classification/db/recipes/circleci.json similarity index 100% rename from pkg/classification/db/recipes/circleci.json rename to internal/classification/db/recipes/circleci.json diff --git a/pkg/classification/db/recipes/cirrus_ci.json b/internal/classification/db/recipes/cirrus_ci.json similarity index 100% rename from pkg/classification/db/recipes/cirrus_ci.json rename to internal/classification/db/recipes/cirrus_ci.json diff --git a/pkg/classification/db/recipes/clearbit.json b/internal/classification/db/recipes/clearbit.json similarity index 100% rename from pkg/classification/db/recipes/clearbit.json rename to internal/classification/db/recipes/clearbit.json diff --git a/pkg/classification/db/recipes/clickhouse.json b/internal/classification/db/recipes/clickhouse.json similarity index 100% rename from pkg/classification/db/recipes/clickhouse.json rename to internal/classification/db/recipes/clickhouse.json diff --git a/pkg/classification/db/recipes/clickup.json b/internal/classification/db/recipes/clickup.json similarity index 100% rename from pkg/classification/db/recipes/clickup.json rename to internal/classification/db/recipes/clickup.json diff --git a/pkg/classification/db/recipes/clodo.json b/internal/classification/db/recipes/clodo.json similarity index 100% rename from pkg/classification/db/recipes/clodo.json rename to internal/classification/db/recipes/clodo.json diff --git a/pkg/classification/db/recipes/cloudflare.json b/internal/classification/db/recipes/cloudflare.json similarity index 100% rename from pkg/classification/db/recipes/cloudflare.json rename to internal/classification/db/recipes/cloudflare.json diff --git a/pkg/classification/db/recipes/cloudinary.json b/internal/classification/db/recipes/cloudinary.json similarity index 100% rename from pkg/classification/db/recipes/cloudinary.json rename to internal/classification/db/recipes/cloudinary.json diff --git a/pkg/classification/db/recipes/cloudwatch.json b/internal/classification/db/recipes/cloudwatch.json similarity index 100% rename from pkg/classification/db/recipes/cloudwatch.json rename to internal/classification/db/recipes/cloudwatch.json diff --git a/pkg/classification/db/recipes/cockroachdb.json b/internal/classification/db/recipes/cockroachdb.json similarity index 100% rename from pkg/classification/db/recipes/cockroachdb.json rename to internal/classification/db/recipes/cockroachdb.json diff --git a/pkg/classification/db/recipes/companies_house_gov_uk.json b/internal/classification/db/recipes/companies_house_gov_uk.json similarity index 100% rename from pkg/classification/db/recipes/companies_house_gov_uk.json rename to internal/classification/db/recipes/companies_house_gov_uk.json diff --git a/pkg/classification/db/recipes/complyadvantage.json b/internal/classification/db/recipes/complyadvantage.json similarity index 100% rename from pkg/classification/db/recipes/complyadvantage.json rename to internal/classification/db/recipes/complyadvantage.json diff --git a/pkg/classification/db/recipes/contentful.json b/internal/classification/db/recipes/contentful.json similarity index 100% rename from pkg/classification/db/recipes/contentful.json rename to internal/classification/db/recipes/contentful.json diff --git a/pkg/classification/db/recipes/cookiebot_com.json b/internal/classification/db/recipes/cookiebot_com.json similarity index 100% rename from pkg/classification/db/recipes/cookiebot_com.json rename to internal/classification/db/recipes/cookiebot_com.json diff --git a/pkg/classification/db/recipes/copper.json b/internal/classification/db/recipes/copper.json similarity index 100% rename from pkg/classification/db/recipes/copper.json rename to internal/classification/db/recipes/copper.json diff --git a/pkg/classification/db/recipes/couchbase.json b/internal/classification/db/recipes/couchbase.json similarity index 100% rename from pkg/classification/db/recipes/couchbase.json rename to internal/classification/db/recipes/couchbase.json diff --git a/pkg/classification/db/recipes/crmgang.json b/internal/classification/db/recipes/crmgang.json similarity index 100% rename from pkg/classification/db/recipes/crmgang.json rename to internal/classification/db/recipes/crmgang.json diff --git a/pkg/classification/db/recipes/customer.json b/internal/classification/db/recipes/customer.json similarity index 100% rename from pkg/classification/db/recipes/customer.json rename to internal/classification/db/recipes/customer.json diff --git a/pkg/classification/db/recipes/dalenys.json b/internal/classification/db/recipes/dalenys.json similarity index 100% rename from pkg/classification/db/recipes/dalenys.json rename to internal/classification/db/recipes/dalenys.json diff --git a/pkg/classification/db/recipes/databricks.json b/internal/classification/db/recipes/databricks.json similarity index 100% rename from pkg/classification/db/recipes/databricks.json rename to internal/classification/db/recipes/databricks.json diff --git a/pkg/classification/db/recipes/datadog.json b/internal/classification/db/recipes/datadog.json similarity index 100% rename from pkg/classification/db/recipes/datadog.json rename to internal/classification/db/recipes/datadog.json diff --git a/pkg/classification/db/recipes/datadome.json b/internal/classification/db/recipes/datadome.json similarity index 100% rename from pkg/classification/db/recipes/datadome.json rename to internal/classification/db/recipes/datadome.json diff --git a/pkg/classification/db/recipes/debounce.json b/internal/classification/db/recipes/debounce.json similarity index 100% rename from pkg/classification/db/recipes/debounce.json rename to internal/classification/db/recipes/debounce.json diff --git a/pkg/classification/db/recipes/demdex_adobe.json b/internal/classification/db/recipes/demdex_adobe.json similarity index 100% rename from pkg/classification/db/recipes/demdex_adobe.json rename to internal/classification/db/recipes/demdex_adobe.json diff --git a/pkg/classification/db/recipes/digitalocean.json b/internal/classification/db/recipes/digitalocean.json similarity index 100% rename from pkg/classification/db/recipes/digitalocean.json rename to internal/classification/db/recipes/digitalocean.json diff --git a/pkg/classification/db/recipes/digitalocean_apis.json b/internal/classification/db/recipes/digitalocean_apis.json similarity index 100% rename from pkg/classification/db/recipes/digitalocean_apis.json rename to internal/classification/db/recipes/digitalocean_apis.json diff --git a/pkg/classification/db/recipes/discord.json b/internal/classification/db/recipes/discord.json similarity index 100% rename from pkg/classification/db/recipes/discord.json rename to internal/classification/db/recipes/discord.json diff --git a/pkg/classification/db/recipes/disk.json b/internal/classification/db/recipes/disk.json similarity index 100% rename from pkg/classification/db/recipes/disk.json rename to internal/classification/db/recipes/disk.json diff --git a/pkg/classification/db/recipes/dmp.json b/internal/classification/db/recipes/dmp.json similarity index 100% rename from pkg/classification/db/recipes/dmp.json rename to internal/classification/db/recipes/dmp.json diff --git a/pkg/classification/db/recipes/dnsimple.json b/internal/classification/db/recipes/dnsimple.json similarity index 100% rename from pkg/classification/db/recipes/dnsimple.json rename to internal/classification/db/recipes/dnsimple.json diff --git a/pkg/classification/db/recipes/dnsmadeeasy.json b/internal/classification/db/recipes/dnsmadeeasy.json similarity index 100% rename from pkg/classification/db/recipes/dnsmadeeasy.json rename to internal/classification/db/recipes/dnsmadeeasy.json diff --git a/pkg/classification/db/recipes/docusign.json b/internal/classification/db/recipes/docusign.json similarity index 100% rename from pkg/classification/db/recipes/docusign.json rename to internal/classification/db/recipes/docusign.json diff --git a/pkg/classification/db/recipes/dossier_pharmaceutique.json b/internal/classification/db/recipes/dossier_pharmaceutique.json similarity index 100% rename from pkg/classification/db/recipes/dossier_pharmaceutique.json rename to internal/classification/db/recipes/dossier_pharmaceutique.json diff --git a/pkg/classification/db/recipes/dreamhost.json b/internal/classification/db/recipes/dreamhost.json similarity index 100% rename from pkg/classification/db/recipes/dreamhost.json rename to internal/classification/db/recipes/dreamhost.json diff --git a/pkg/classification/db/recipes/drift.json b/internal/classification/db/recipes/drift.json similarity index 100% rename from pkg/classification/db/recipes/drift.json rename to internal/classification/db/recipes/drift.json diff --git a/pkg/classification/db/recipes/dropbox.json b/internal/classification/db/recipes/dropbox.json similarity index 100% rename from pkg/classification/db/recipes/dropbox.json rename to internal/classification/db/recipes/dropbox.json diff --git a/pkg/classification/db/recipes/dropcontact.json b/internal/classification/db/recipes/dropcontact.json similarity index 100% rename from pkg/classification/db/recipes/dropcontact.json rename to internal/classification/db/recipes/dropcontact.json diff --git a/pkg/classification/db/recipes/dyn_oracle.json b/internal/classification/db/recipes/dyn_oracle.json similarity index 100% rename from pkg/classification/db/recipes/dyn_oracle.json rename to internal/classification/db/recipes/dyn_oracle.json diff --git a/pkg/classification/db/recipes/easypost.json b/internal/classification/db/recipes/easypost.json similarity index 100% rename from pkg/classification/db/recipes/easypost.json rename to internal/classification/db/recipes/easypost.json diff --git a/pkg/classification/db/recipes/edgecast.json b/internal/classification/db/recipes/edgecast.json similarity index 100% rename from pkg/classification/db/recipes/edgecast.json rename to internal/classification/db/recipes/edgecast.json diff --git a/pkg/classification/db/recipes/elastic.json b/internal/classification/db/recipes/elastic.json similarity index 100% rename from pkg/classification/db/recipes/elastic.json rename to internal/classification/db/recipes/elastic.json diff --git a/pkg/classification/db/recipes/elasticsearch.json b/internal/classification/db/recipes/elasticsearch.json similarity index 100% rename from pkg/classification/db/recipes/elasticsearch.json rename to internal/classification/db/recipes/elasticsearch.json diff --git a/pkg/classification/db/recipes/emburse.json b/internal/classification/db/recipes/emburse.json similarity index 100% rename from pkg/classification/db/recipes/emburse.json rename to internal/classification/db/recipes/emburse.json diff --git a/pkg/classification/db/recipes/enboarder.json b/internal/classification/db/recipes/enboarder.json similarity index 100% rename from pkg/classification/db/recipes/enboarder.json rename to internal/classification/db/recipes/enboarder.json diff --git a/pkg/classification/db/recipes/envoy.json b/internal/classification/db/recipes/envoy.json similarity index 100% rename from pkg/classification/db/recipes/envoy.json rename to internal/classification/db/recipes/envoy.json diff --git a/pkg/classification/db/recipes/esante_gouv.json b/internal/classification/db/recipes/esante_gouv.json similarity index 100% rename from pkg/classification/db/recipes/esante_gouv.json rename to internal/classification/db/recipes/esante_gouv.json diff --git a/pkg/classification/db/recipes/essendex.json b/internal/classification/db/recipes/essendex.json similarity index 100% rename from pkg/classification/db/recipes/essendex.json rename to internal/classification/db/recipes/essendex.json diff --git a/pkg/classification/db/recipes/etcd.json b/internal/classification/db/recipes/etcd.json similarity index 100% rename from pkg/classification/db/recipes/etcd.json rename to internal/classification/db/recipes/etcd.json diff --git a/pkg/classification/db/recipes/exoscale_cloud_apis.json b/internal/classification/db/recipes/exoscale_cloud_apis.json similarity index 100% rename from pkg/classification/db/recipes/exoscale_cloud_apis.json rename to internal/classification/db/recipes/exoscale_cloud_apis.json diff --git a/pkg/classification/db/recipes/expensify.json b/internal/classification/db/recipes/expensify.json similarity index 100% rename from pkg/classification/db/recipes/expensify.json rename to internal/classification/db/recipes/expensify.json diff --git a/pkg/classification/db/recipes/facebook.json b/internal/classification/db/recipes/facebook.json similarity index 100% rename from pkg/classification/db/recipes/facebook.json rename to internal/classification/db/recipes/facebook.json diff --git a/pkg/classification/db/recipes/fauna.json b/internal/classification/db/recipes/fauna.json similarity index 100% rename from pkg/classification/db/recipes/fauna.json rename to internal/classification/db/recipes/fauna.json diff --git a/pkg/classification/db/recipes/firebase.json b/internal/classification/db/recipes/firebase.json similarity index 100% rename from pkg/classification/db/recipes/firebase.json rename to internal/classification/db/recipes/firebase.json diff --git a/pkg/classification/db/recipes/firebird.json b/internal/classification/db/recipes/firebird.json similarity index 100% rename from pkg/classification/db/recipes/firebird.json rename to internal/classification/db/recipes/firebird.json diff --git a/pkg/classification/db/recipes/fluentd.json b/internal/classification/db/recipes/fluentd.json similarity index 100% rename from pkg/classification/db/recipes/fluentd.json rename to internal/classification/db/recipes/fluentd.json diff --git a/pkg/classification/db/recipes/forestadmin.json b/internal/classification/db/recipes/forestadmin.json similarity index 100% rename from pkg/classification/db/recipes/forestadmin.json rename to internal/classification/db/recipes/forestadmin.json diff --git a/pkg/classification/db/recipes/fountain.json b/internal/classification/db/recipes/fountain.json similarity index 100% rename from pkg/classification/db/recipes/fountain.json rename to internal/classification/db/recipes/fountain.json diff --git a/pkg/classification/db/recipes/france_billet.json b/internal/classification/db/recipes/france_billet.json similarity index 100% rename from pkg/classification/db/recipes/france_billet.json rename to internal/classification/db/recipes/france_billet.json diff --git a/pkg/classification/db/recipes/freshworks.json b/internal/classification/db/recipes/freshworks.json similarity index 100% rename from pkg/classification/db/recipes/freshworks.json rename to internal/classification/db/recipes/freshworks.json diff --git a/pkg/classification/db/recipes/front.json b/internal/classification/db/recipes/front.json similarity index 100% rename from pkg/classification/db/recipes/front.json rename to internal/classification/db/recipes/front.json diff --git a/pkg/classification/db/recipes/ftp_sftp.json b/internal/classification/db/recipes/ftp_sftp.json similarity index 100% rename from pkg/classification/db/recipes/ftp_sftp.json rename to internal/classification/db/recipes/ftp_sftp.json diff --git a/pkg/classification/db/recipes/galileo.json b/internal/classification/db/recipes/galileo.json similarity index 100% rename from pkg/classification/db/recipes/galileo.json rename to internal/classification/db/recipes/galileo.json diff --git a/pkg/classification/db/recipes/gandi.json b/internal/classification/db/recipes/gandi.json similarity index 100% rename from pkg/classification/db/recipes/gandi.json rename to internal/classification/db/recipes/gandi.json diff --git a/pkg/classification/db/recipes/geckoboard.json b/internal/classification/db/recipes/geckoboard.json similarity index 100% rename from pkg/classification/db/recipes/geckoboard.json rename to internal/classification/db/recipes/geckoboard.json diff --git a/pkg/classification/db/recipes/gfycat.json b/internal/classification/db/recipes/gfycat.json similarity index 100% rename from pkg/classification/db/recipes/gfycat.json rename to internal/classification/db/recipes/gfycat.json diff --git a/pkg/classification/db/recipes/gitea.json b/internal/classification/db/recipes/gitea.json similarity index 100% rename from pkg/classification/db/recipes/gitea.json rename to internal/classification/db/recipes/gitea.json diff --git a/pkg/classification/db/recipes/github.json b/internal/classification/db/recipes/github.json similarity index 100% rename from pkg/classification/db/recipes/github.json rename to internal/classification/db/recipes/github.json diff --git a/pkg/classification/db/recipes/gitlab.json b/internal/classification/db/recipes/gitlab.json similarity index 100% rename from pkg/classification/db/recipes/gitlab.json rename to internal/classification/db/recipes/gitlab.json diff --git a/pkg/classification/db/recipes/glesys.json b/internal/classification/db/recipes/glesys.json similarity index 100% rename from pkg/classification/db/recipes/glesys.json rename to internal/classification/db/recipes/glesys.json diff --git a/pkg/classification/db/recipes/gocardless.json b/internal/classification/db/recipes/gocardless.json similarity index 100% rename from pkg/classification/db/recipes/gocardless.json rename to internal/classification/db/recipes/gocardless.json diff --git a/pkg/classification/db/recipes/google_ads.json b/internal/classification/db/recipes/google_ads.json similarity index 100% rename from pkg/classification/db/recipes/google_ads.json rename to internal/classification/db/recipes/google_ads.json diff --git a/pkg/classification/db/recipes/google_analytics.json b/internal/classification/db/recipes/google_analytics.json similarity index 100% rename from pkg/classification/db/recipes/google_analytics.json rename to internal/classification/db/recipes/google_analytics.json diff --git a/pkg/classification/db/recipes/google_cloud_apis.json b/internal/classification/db/recipes/google_cloud_apis.json similarity index 100% rename from pkg/classification/db/recipes/google_cloud_apis.json rename to internal/classification/db/recipes/google_cloud_apis.json diff --git a/pkg/classification/db/recipes/google_cloud_bigquery.json b/internal/classification/db/recipes/google_cloud_bigquery.json similarity index 100% rename from pkg/classification/db/recipes/google_cloud_bigquery.json rename to internal/classification/db/recipes/google_cloud_bigquery.json diff --git a/pkg/classification/db/recipes/google_cloud_bigtable.json b/internal/classification/db/recipes/google_cloud_bigtable.json similarity index 100% rename from pkg/classification/db/recipes/google_cloud_bigtable.json rename to internal/classification/db/recipes/google_cloud_bigtable.json diff --git a/pkg/classification/db/recipes/google_cloud_dataflow.json b/internal/classification/db/recipes/google_cloud_dataflow.json similarity index 100% rename from pkg/classification/db/recipes/google_cloud_dataflow.json rename to internal/classification/db/recipes/google_cloud_dataflow.json diff --git a/pkg/classification/db/recipes/google_cloud_datastore.json b/internal/classification/db/recipes/google_cloud_datastore.json similarity index 100% rename from pkg/classification/db/recipes/google_cloud_datastore.json rename to internal/classification/db/recipes/google_cloud_datastore.json diff --git a/pkg/classification/db/recipes/google_cloud_firestore.json b/internal/classification/db/recipes/google_cloud_firestore.json similarity index 100% rename from pkg/classification/db/recipes/google_cloud_firestore.json rename to internal/classification/db/recipes/google_cloud_firestore.json diff --git a/pkg/classification/db/recipes/google_cloud_key_management.json b/internal/classification/db/recipes/google_cloud_key_management.json similarity index 100% rename from pkg/classification/db/recipes/google_cloud_key_management.json rename to internal/classification/db/recipes/google_cloud_key_management.json diff --git a/pkg/classification/db/recipes/google_cloud_pub_sub.json b/internal/classification/db/recipes/google_cloud_pub_sub.json similarity index 100% rename from pkg/classification/db/recipes/google_cloud_pub_sub.json rename to internal/classification/db/recipes/google_cloud_pub_sub.json diff --git a/pkg/classification/db/recipes/google_cloud_secret_manager.json b/internal/classification/db/recipes/google_cloud_secret_manager.json similarity index 100% rename from pkg/classification/db/recipes/google_cloud_secret_manager.json rename to internal/classification/db/recipes/google_cloud_secret_manager.json diff --git a/pkg/classification/db/recipes/google_cloud_spanner.json b/internal/classification/db/recipes/google_cloud_spanner.json similarity index 100% rename from pkg/classification/db/recipes/google_cloud_spanner.json rename to internal/classification/db/recipes/google_cloud_spanner.json diff --git a/pkg/classification/db/recipes/google_cloud_storage.json b/internal/classification/db/recipes/google_cloud_storage.json similarity index 100% rename from pkg/classification/db/recipes/google_cloud_storage.json rename to internal/classification/db/recipes/google_cloud_storage.json diff --git a/pkg/classification/db/recipes/google_maps.json b/internal/classification/db/recipes/google_maps.json similarity index 100% rename from pkg/classification/db/recipes/google_maps.json rename to internal/classification/db/recipes/google_maps.json diff --git a/pkg/classification/db/recipes/google_recaptcha.json b/internal/classification/db/recipes/google_recaptcha.json similarity index 100% rename from pkg/classification/db/recipes/google_recaptcha.json rename to internal/classification/db/recipes/google_recaptcha.json diff --git a/pkg/classification/db/recipes/google_service_apis.json b/internal/classification/db/recipes/google_service_apis.json similarity index 100% rename from pkg/classification/db/recipes/google_service_apis.json rename to internal/classification/db/recipes/google_service_apis.json diff --git a/pkg/classification/db/recipes/google_spreadsheets.json b/internal/classification/db/recipes/google_spreadsheets.json similarity index 100% rename from pkg/classification/db/recipes/google_spreadsheets.json rename to internal/classification/db/recipes/google_spreadsheets.json diff --git a/pkg/classification/db/recipes/google_tag_manager.json b/internal/classification/db/recipes/google_tag_manager.json similarity index 100% rename from pkg/classification/db/recipes/google_tag_manager.json rename to internal/classification/db/recipes/google_tag_manager.json diff --git a/pkg/classification/db/recipes/google_workspace_apis.json b/internal/classification/db/recipes/google_workspace_apis.json similarity index 100% rename from pkg/classification/db/recipes/google_workspace_apis.json rename to internal/classification/db/recipes/google_workspace_apis.json diff --git a/pkg/classification/db/recipes/gouv_fr_data.json b/internal/classification/db/recipes/gouv_fr_data.json similarity index 100% rename from pkg/classification/db/recipes/gouv_fr_data.json rename to internal/classification/db/recipes/gouv_fr_data.json diff --git a/pkg/classification/db/recipes/gravatar.json b/internal/classification/db/recipes/gravatar.json similarity index 100% rename from pkg/classification/db/recipes/gravatar.json rename to internal/classification/db/recipes/gravatar.json diff --git a/pkg/classification/db/recipes/gravity_payments.json b/internal/classification/db/recipes/gravity_payments.json similarity index 100% rename from pkg/classification/db/recipes/gravity_payments.json rename to internal/classification/db/recipes/gravity_payments.json diff --git a/pkg/classification/db/recipes/greenhouse.json b/internal/classification/db/recipes/greenhouse.json similarity index 100% rename from pkg/classification/db/recipes/greenhouse.json rename to internal/classification/db/recipes/greenhouse.json diff --git a/pkg/classification/db/recipes/hashicorp_vault.json b/internal/classification/db/recipes/hashicorp_vault.json similarity index 100% rename from pkg/classification/db/recipes/hashicorp_vault.json rename to internal/classification/db/recipes/hashicorp_vault.json diff --git a/pkg/classification/db/recipes/have_i_been_pwned.json b/internal/classification/db/recipes/have_i_been_pwned.json similarity index 100% rename from pkg/classification/db/recipes/have_i_been_pwned.json rename to internal/classification/db/recipes/have_i_been_pwned.json diff --git a/pkg/classification/db/recipes/heap.json b/internal/classification/db/recipes/heap.json similarity index 100% rename from pkg/classification/db/recipes/heap.json rename to internal/classification/db/recipes/heap.json diff --git a/pkg/classification/db/recipes/hellosign.json b/internal/classification/db/recipes/hellosign.json similarity index 100% rename from pkg/classification/db/recipes/hellosign.json rename to internal/classification/db/recipes/hellosign.json diff --git a/pkg/classification/db/recipes/heroku.json b/internal/classification/db/recipes/heroku.json similarity index 100% rename from pkg/classification/db/recipes/heroku.json rename to internal/classification/db/recipes/heroku.json diff --git a/pkg/classification/db/recipes/hiscox.json b/internal/classification/db/recipes/hiscox.json similarity index 100% rename from pkg/classification/db/recipes/hiscox.json rename to internal/classification/db/recipes/hiscox.json diff --git a/pkg/classification/db/recipes/hmrc_gov_uk.json b/internal/classification/db/recipes/hmrc_gov_uk.json similarity index 100% rename from pkg/classification/db/recipes/hmrc_gov_uk.json rename to internal/classification/db/recipes/hmrc_gov_uk.json diff --git a/pkg/classification/db/recipes/honeybadger.json b/internal/classification/db/recipes/honeybadger.json similarity index 100% rename from pkg/classification/db/recipes/honeybadger.json rename to internal/classification/db/recipes/honeybadger.json diff --git a/pkg/classification/db/recipes/hotjar.json b/internal/classification/db/recipes/hotjar.json similarity index 100% rename from pkg/classification/db/recipes/hotjar.json rename to internal/classification/db/recipes/hotjar.json diff --git a/pkg/classification/db/recipes/hubspot.json b/internal/classification/db/recipes/hubspot.json similarity index 100% rename from pkg/classification/db/recipes/hubspot.json rename to internal/classification/db/recipes/hubspot.json diff --git a/pkg/classification/db/recipes/hugging_face.json b/internal/classification/db/recipes/hugging_face.json similarity index 100% rename from pkg/classification/db/recipes/hugging_face.json rename to internal/classification/db/recipes/hugging_face.json diff --git a/pkg/classification/db/recipes/hunter.json b/internal/classification/db/recipes/hunter.json similarity index 100% rename from pkg/classification/db/recipes/hunter.json rename to internal/classification/db/recipes/hunter.json diff --git a/pkg/classification/db/recipes/hypersql.json b/internal/classification/db/recipes/hypersql.json similarity index 100% rename from pkg/classification/db/recipes/hypersql.json rename to internal/classification/db/recipes/hypersql.json diff --git a/pkg/classification/db/recipes/iagility.json b/internal/classification/db/recipes/iagility.json similarity index 100% rename from pkg/classification/db/recipes/iagility.json rename to internal/classification/db/recipes/iagility.json diff --git a/pkg/classification/db/recipes/iban.json b/internal/classification/db/recipes/iban.json similarity index 100% rename from pkg/classification/db/recipes/iban.json rename to internal/classification/db/recipes/iban.json diff --git a/pkg/classification/db/recipes/ibm_db2.json b/internal/classification/db/recipes/ibm_db2.json similarity index 100% rename from pkg/classification/db/recipes/ibm_db2.json rename to internal/classification/db/recipes/ibm_db2.json diff --git a/pkg/classification/db/recipes/iceberg_technology.json b/internal/classification/db/recipes/iceberg_technology.json similarity index 100% rename from pkg/classification/db/recipes/iceberg_technology.json rename to internal/classification/db/recipes/iceberg_technology.json diff --git a/pkg/classification/db/recipes/influxdb.json b/internal/classification/db/recipes/influxdb.json similarity index 100% rename from pkg/classification/db/recipes/influxdb.json rename to internal/classification/db/recipes/influxdb.json diff --git a/pkg/classification/db/recipes/instagram.json b/internal/classification/db/recipes/instagram.json similarity index 100% rename from pkg/classification/db/recipes/instagram.json rename to internal/classification/db/recipes/instagram.json diff --git a/pkg/classification/db/recipes/instana.json b/internal/classification/db/recipes/instana.json similarity index 100% rename from pkg/classification/db/recipes/instana.json rename to internal/classification/db/recipes/instana.json diff --git a/pkg/classification/db/recipes/intercom.json b/internal/classification/db/recipes/intercom.json similarity index 100% rename from pkg/classification/db/recipes/intercom.json rename to internal/classification/db/recipes/intercom.json diff --git a/pkg/classification/db/recipes/intuit.json b/internal/classification/db/recipes/intuit.json similarity index 100% rename from pkg/classification/db/recipes/intuit.json rename to internal/classification/db/recipes/intuit.json diff --git a/pkg/classification/db/recipes/ipdata.json b/internal/classification/db/recipes/ipdata.json similarity index 100% rename from pkg/classification/db/recipes/ipdata.json rename to internal/classification/db/recipes/ipdata.json diff --git a/pkg/classification/db/recipes/ipify_org.json b/internal/classification/db/recipes/ipify_org.json similarity index 100% rename from pkg/classification/db/recipes/ipify_org.json rename to internal/classification/db/recipes/ipify_org.json diff --git a/pkg/classification/db/recipes/ipregistry.json b/internal/classification/db/recipes/ipregistry.json similarity index 100% rename from pkg/classification/db/recipes/ipregistry.json rename to internal/classification/db/recipes/ipregistry.json diff --git a/pkg/classification/db/recipes/iproov.json b/internal/classification/db/recipes/iproov.json similarity index 100% rename from pkg/classification/db/recipes/iproov.json rename to internal/classification/db/recipes/iproov.json diff --git a/pkg/classification/db/recipes/ipstack.json b/internal/classification/db/recipes/ipstack.json similarity index 100% rename from pkg/classification/db/recipes/ipstack.json rename to internal/classification/db/recipes/ipstack.json diff --git a/pkg/classification/db/recipes/iris_openbooks_freeagent.json b/internal/classification/db/recipes/iris_openbooks_freeagent.json similarity index 100% rename from pkg/classification/db/recipes/iris_openbooks_freeagent.json rename to internal/classification/db/recipes/iris_openbooks_freeagent.json diff --git a/pkg/classification/db/recipes/izberg_marketplace.json b/internal/classification/db/recipes/izberg_marketplace.json similarity index 100% rename from pkg/classification/db/recipes/izberg_marketplace.json rename to internal/classification/db/recipes/izberg_marketplace.json diff --git a/pkg/classification/db/recipes/jfrog.json b/internal/classification/db/recipes/jfrog.json similarity index 100% rename from pkg/classification/db/recipes/jfrog.json rename to internal/classification/db/recipes/jfrog.json diff --git a/pkg/classification/db/recipes/jsdelivr.json b/internal/classification/db/recipes/jsdelivr.json similarity index 100% rename from pkg/classification/db/recipes/jsdelivr.json rename to internal/classification/db/recipes/jsdelivr.json diff --git a/pkg/classification/db/recipes/jumio.json b/internal/classification/db/recipes/jumio.json similarity index 100% rename from pkg/classification/db/recipes/jumio.json rename to internal/classification/db/recipes/jumio.json diff --git a/pkg/classification/db/recipes/klarna.json b/internal/classification/db/recipes/klarna.json similarity index 100% rename from pkg/classification/db/recipes/klarna.json rename to internal/classification/db/recipes/klarna.json diff --git a/pkg/classification/db/recipes/la_poste.json b/internal/classification/db/recipes/la_poste.json similarity index 100% rename from pkg/classification/db/recipes/la_poste.json rename to internal/classification/db/recipes/la_poste.json diff --git a/pkg/classification/db/recipes/launchdarkly.json b/internal/classification/db/recipes/launchdarkly.json similarity index 100% rename from pkg/classification/db/recipes/launchdarkly.json rename to internal/classification/db/recipes/launchdarkly.json diff --git a/pkg/classification/db/recipes/lengow.json b/internal/classification/db/recipes/lengow.json similarity index 100% rename from pkg/classification/db/recipes/lengow.json rename to internal/classification/db/recipes/lengow.json diff --git a/pkg/classification/db/recipes/lets_enhance.json b/internal/classification/db/recipes/lets_enhance.json similarity index 100% rename from pkg/classification/db/recipes/lets_enhance.json rename to internal/classification/db/recipes/lets_enhance.json diff --git a/pkg/classification/db/recipes/leveldb.json b/internal/classification/db/recipes/leveldb.json similarity index 100% rename from pkg/classification/db/recipes/leveldb.json rename to internal/classification/db/recipes/leveldb.json diff --git a/pkg/classification/db/recipes/lever.json b/internal/classification/db/recipes/lever.json similarity index 100% rename from pkg/classification/db/recipes/lever.json rename to internal/classification/db/recipes/lever.json diff --git a/pkg/classification/db/recipes/lightstep.json b/internal/classification/db/recipes/lightstep.json similarity index 100% rename from pkg/classification/db/recipes/lightstep.json rename to internal/classification/db/recipes/lightstep.json diff --git a/pkg/classification/db/recipes/linkedin.json b/internal/classification/db/recipes/linkedin.json similarity index 100% rename from pkg/classification/db/recipes/linkedin.json rename to internal/classification/db/recipes/linkedin.json diff --git a/pkg/classification/db/recipes/liquid_web_cloud_apis.json b/internal/classification/db/recipes/liquid_web_cloud_apis.json similarity index 100% rename from pkg/classification/db/recipes/liquid_web_cloud_apis.json rename to internal/classification/db/recipes/liquid_web_cloud_apis.json diff --git a/pkg/classification/db/recipes/logrocket.json b/internal/classification/db/recipes/logrocket.json similarity index 100% rename from pkg/classification/db/recipes/logrocket.json rename to internal/classification/db/recipes/logrocket.json diff --git a/pkg/classification/db/recipes/logz_io.json b/internal/classification/db/recipes/logz_io.json similarity index 100% rename from pkg/classification/db/recipes/logz_io.json rename to internal/classification/db/recipes/logz_io.json diff --git a/pkg/classification/db/recipes/mabaya.json b/internal/classification/db/recipes/mabaya.json similarity index 100% rename from pkg/classification/db/recipes/mabaya.json rename to internal/classification/db/recipes/mabaya.json diff --git a/pkg/classification/db/recipes/mailchimp.json b/internal/classification/db/recipes/mailchimp.json similarity index 100% rename from pkg/classification/db/recipes/mailchimp.json rename to internal/classification/db/recipes/mailchimp.json diff --git a/pkg/classification/db/recipes/mailjet.json b/internal/classification/db/recipes/mailjet.json similarity index 100% rename from pkg/classification/db/recipes/mailjet.json rename to internal/classification/db/recipes/mailjet.json diff --git a/pkg/classification/db/recipes/mangopay.json b/internal/classification/db/recipes/mangopay.json similarity index 100% rename from pkg/classification/db/recipes/mangopay.json rename to internal/classification/db/recipes/mangopay.json diff --git a/pkg/classification/db/recipes/mapbox.json b/internal/classification/db/recipes/mapbox.json similarity index 100% rename from pkg/classification/db/recipes/mapbox.json rename to internal/classification/db/recipes/mapbox.json diff --git a/pkg/classification/db/recipes/mariadb.json b/internal/classification/db/recipes/mariadb.json similarity index 100% rename from pkg/classification/db/recipes/mariadb.json rename to internal/classification/db/recipes/mariadb.json diff --git a/pkg/classification/db/recipes/marketo.json b/internal/classification/db/recipes/marketo.json similarity index 100% rename from pkg/classification/db/recipes/marketo.json rename to internal/classification/db/recipes/marketo.json diff --git a/pkg/classification/db/recipes/maxmind.json b/internal/classification/db/recipes/maxmind.json similarity index 100% rename from pkg/classification/db/recipes/maxmind.json rename to internal/classification/db/recipes/maxmind.json diff --git a/pkg/classification/db/recipes/memcached.json b/internal/classification/db/recipes/memcached.json similarity index 100% rename from pkg/classification/db/recipes/memcached.json rename to internal/classification/db/recipes/memcached.json diff --git a/pkg/classification/db/recipes/message_bus.json b/internal/classification/db/recipes/message_bus.json similarity index 100% rename from pkg/classification/db/recipes/message_bus.json rename to internal/classification/db/recipes/message_bus.json diff --git a/pkg/classification/db/recipes/mettle.json b/internal/classification/db/recipes/mettle.json similarity index 100% rename from pkg/classification/db/recipes/mettle.json rename to internal/classification/db/recipes/mettle.json diff --git a/pkg/classification/db/recipes/microsoft.json b/internal/classification/db/recipes/microsoft.json similarity index 100% rename from pkg/classification/db/recipes/microsoft.json rename to internal/classification/db/recipes/microsoft.json diff --git a/pkg/classification/db/recipes/microsoft_azure_apis.json b/internal/classification/db/recipes/microsoft_azure_apis.json similarity index 100% rename from pkg/classification/db/recipes/microsoft_azure_apis.json rename to internal/classification/db/recipes/microsoft_azure_apis.json diff --git a/pkg/classification/db/recipes/microsoft_sql_server.json b/internal/classification/db/recipes/microsoft_sql_server.json similarity index 100% rename from pkg/classification/db/recipes/microsoft_sql_server.json rename to internal/classification/db/recipes/microsoft_sql_server.json diff --git a/pkg/classification/db/recipes/microsoft_teams.json b/internal/classification/db/recipes/microsoft_teams.json similarity index 100% rename from pkg/classification/db/recipes/microsoft_teams.json rename to internal/classification/db/recipes/microsoft_teams.json diff --git a/pkg/classification/db/recipes/mirakl.json b/internal/classification/db/recipes/mirakl.json similarity index 100% rename from pkg/classification/db/recipes/mirakl.json rename to internal/classification/db/recipes/mirakl.json diff --git a/pkg/classification/db/recipes/mixpanel.json b/internal/classification/db/recipes/mixpanel.json similarity index 100% rename from pkg/classification/db/recipes/mixpanel.json rename to internal/classification/db/recipes/mixpanel.json diff --git a/pkg/classification/db/recipes/monday.json b/internal/classification/db/recipes/monday.json similarity index 100% rename from pkg/classification/db/recipes/monday.json rename to internal/classification/db/recipes/monday.json diff --git a/pkg/classification/db/recipes/mondial_relay.json b/internal/classification/db/recipes/mondial_relay.json similarity index 100% rename from pkg/classification/db/recipes/mondial_relay.json rename to internal/classification/db/recipes/mondial_relay.json diff --git a/pkg/classification/db/recipes/mongodb.json b/internal/classification/db/recipes/mongodb.json similarity index 100% rename from pkg/classification/db/recipes/mongodb.json rename to internal/classification/db/recipes/mongodb.json diff --git a/pkg/classification/db/recipes/mux.json b/internal/classification/db/recipes/mux.json similarity index 100% rename from pkg/classification/db/recipes/mux.json rename to internal/classification/db/recipes/mux.json diff --git a/pkg/classification/db/recipes/mysql.json b/internal/classification/db/recipes/mysql.json similarity index 100% rename from pkg/classification/db/recipes/mysql.json rename to internal/classification/db/recipes/mysql.json diff --git a/pkg/classification/db/recipes/name_com.json b/internal/classification/db/recipes/name_com.json similarity index 100% rename from pkg/classification/db/recipes/name_com.json rename to internal/classification/db/recipes/name_com.json diff --git a/pkg/classification/db/recipes/namesilo.json b/internal/classification/db/recipes/namesilo.json similarity index 100% rename from pkg/classification/db/recipes/namesilo.json rename to internal/classification/db/recipes/namesilo.json diff --git a/pkg/classification/db/recipes/nativex_mobvista.json b/internal/classification/db/recipes/nativex_mobvista.json similarity index 100% rename from pkg/classification/db/recipes/nativex_mobvista.json rename to internal/classification/db/recipes/nativex_mobvista.json diff --git a/pkg/classification/db/recipes/neo4j.json b/internal/classification/db/recipes/neo4j.json similarity index 100% rename from pkg/classification/db/recipes/neo4j.json rename to internal/classification/db/recipes/neo4j.json diff --git a/pkg/classification/db/recipes/nethunt_crm.json b/internal/classification/db/recipes/nethunt_crm.json similarity index 100% rename from pkg/classification/db/recipes/nethunt_crm.json rename to internal/classification/db/recipes/nethunt_crm.json diff --git a/pkg/classification/db/recipes/netlify.json b/internal/classification/db/recipes/netlify.json similarity index 100% rename from pkg/classification/db/recipes/netlify.json rename to internal/classification/db/recipes/netlify.json diff --git a/pkg/classification/db/recipes/new_relic.json b/internal/classification/db/recipes/new_relic.json similarity index 100% rename from pkg/classification/db/recipes/new_relic.json rename to internal/classification/db/recipes/new_relic.json diff --git a/pkg/classification/db/recipes/nightfall.json b/internal/classification/db/recipes/nightfall.json similarity index 100% rename from pkg/classification/db/recipes/nightfall.json rename to internal/classification/db/recipes/nightfall.json diff --git a/pkg/classification/db/recipes/nimble.json b/internal/classification/db/recipes/nimble.json similarity index 100% rename from pkg/classification/db/recipes/nimble.json rename to internal/classification/db/recipes/nimble.json diff --git a/pkg/classification/db/recipes/nodemailer.json b/internal/classification/db/recipes/nodemailer.json similarity index 100% rename from pkg/classification/db/recipes/nodemailer.json rename to internal/classification/db/recipes/nodemailer.json diff --git a/pkg/classification/db/recipes/nuxeo.json b/internal/classification/db/recipes/nuxeo.json similarity index 100% rename from pkg/classification/db/recipes/nuxeo.json rename to internal/classification/db/recipes/nuxeo.json diff --git a/pkg/classification/db/recipes/nylas.json b/internal/classification/db/recipes/nylas.json similarity index 100% rename from pkg/classification/db/recipes/nylas.json rename to internal/classification/db/recipes/nylas.json diff --git a/pkg/classification/db/recipes/ocrolus.json b/internal/classification/db/recipes/ocrolus.json similarity index 100% rename from pkg/classification/db/recipes/ocrolus.json rename to internal/classification/db/recipes/ocrolus.json diff --git a/pkg/classification/db/recipes/okta.json b/internal/classification/db/recipes/okta.json similarity index 100% rename from pkg/classification/db/recipes/okta.json rename to internal/classification/db/recipes/okta.json diff --git a/pkg/classification/db/recipes/oney.json b/internal/classification/db/recipes/oney.json similarity index 100% rename from pkg/classification/db/recipes/oney.json rename to internal/classification/db/recipes/oney.json diff --git a/pkg/classification/db/recipes/onfido.json b/internal/classification/db/recipes/onfido.json similarity index 100% rename from pkg/classification/db/recipes/onfido.json rename to internal/classification/db/recipes/onfido.json diff --git a/pkg/classification/db/recipes/openai.json b/internal/classification/db/recipes/openai.json similarity index 100% rename from pkg/classification/db/recipes/openai.json rename to internal/classification/db/recipes/openai.json diff --git a/pkg/classification/db/recipes/openstack_object_storage.json b/internal/classification/db/recipes/openstack_object_storage.json similarity index 100% rename from pkg/classification/db/recipes/openstack_object_storage.json rename to internal/classification/db/recipes/openstack_object_storage.json diff --git a/pkg/classification/db/recipes/opentok.json b/internal/classification/db/recipes/opentok.json similarity index 100% rename from pkg/classification/db/recipes/opentok.json rename to internal/classification/db/recipes/opentok.json diff --git a/pkg/classification/db/recipes/openweather.json b/internal/classification/db/recipes/openweather.json similarity index 100% rename from pkg/classification/db/recipes/openweather.json rename to internal/classification/db/recipes/openweather.json diff --git a/pkg/classification/db/recipes/optimizely.json b/internal/classification/db/recipes/optimizely.json similarity index 100% rename from pkg/classification/db/recipes/optimizely.json rename to internal/classification/db/recipes/optimizely.json diff --git a/pkg/classification/db/recipes/oracle.json b/internal/classification/db/recipes/oracle.json similarity index 100% rename from pkg/classification/db/recipes/oracle.json rename to internal/classification/db/recipes/oracle.json diff --git a/pkg/classification/db/recipes/ovh_cloud_apis.json b/internal/classification/db/recipes/ovh_cloud_apis.json similarity index 100% rename from pkg/classification/db/recipes/ovh_cloud_apis.json rename to internal/classification/db/recipes/ovh_cloud_apis.json diff --git a/pkg/classification/db/recipes/ozone_open_banking_sandbox.json b/internal/classification/db/recipes/ozone_open_banking_sandbox.json similarity index 100% rename from pkg/classification/db/recipes/ozone_open_banking_sandbox.json rename to internal/classification/db/recipes/ozone_open_banking_sandbox.json diff --git a/pkg/classification/db/recipes/pagerduty.json b/internal/classification/db/recipes/pagerduty.json similarity index 100% rename from pkg/classification/db/recipes/pagerduty.json rename to internal/classification/db/recipes/pagerduty.json diff --git a/pkg/classification/db/recipes/pandadoc.json b/internal/classification/db/recipes/pandadoc.json similarity index 100% rename from pkg/classification/db/recipes/pandadoc.json rename to internal/classification/db/recipes/pandadoc.json diff --git a/pkg/classification/db/recipes/payfit.json b/internal/classification/db/recipes/payfit.json similarity index 100% rename from pkg/classification/db/recipes/payfit.json rename to internal/classification/db/recipes/payfit.json diff --git a/pkg/classification/db/recipes/payline.json b/internal/classification/db/recipes/payline.json similarity index 100% rename from pkg/classification/db/recipes/payline.json rename to internal/classification/db/recipes/payline.json diff --git a/pkg/classification/db/recipes/paylocity.json b/internal/classification/db/recipes/paylocity.json similarity index 100% rename from pkg/classification/db/recipes/paylocity.json rename to internal/classification/db/recipes/paylocity.json diff --git a/pkg/classification/db/recipes/payoneer.json b/internal/classification/db/recipes/payoneer.json similarity index 100% rename from pkg/classification/db/recipes/payoneer.json rename to internal/classification/db/recipes/payoneer.json diff --git a/pkg/classification/db/recipes/paypal.json b/internal/classification/db/recipes/paypal.json similarity index 100% rename from pkg/classification/db/recipes/paypal.json rename to internal/classification/db/recipes/paypal.json diff --git a/pkg/classification/db/recipes/payu.json b/internal/classification/db/recipes/payu.json similarity index 100% rename from pkg/classification/db/recipes/payu.json rename to internal/classification/db/recipes/payu.json diff --git a/pkg/classification/db/recipes/phrase.json b/internal/classification/db/recipes/phrase.json similarity index 100% rename from pkg/classification/db/recipes/phrase.json rename to internal/classification/db/recipes/phrase.json diff --git a/pkg/classification/db/recipes/pipedrive.json b/internal/classification/db/recipes/pipedrive.json similarity index 100% rename from pkg/classification/db/recipes/pipedrive.json rename to internal/classification/db/recipes/pipedrive.json diff --git a/pkg/classification/db/recipes/pipeliner.json b/internal/classification/db/recipes/pipeliner.json similarity index 100% rename from pkg/classification/db/recipes/pipeliner.json rename to internal/classification/db/recipes/pipeliner.json diff --git a/pkg/classification/db/recipes/plaid.json b/internal/classification/db/recipes/plaid.json similarity index 100% rename from pkg/classification/db/recipes/plaid.json rename to internal/classification/db/recipes/plaid.json diff --git a/pkg/classification/db/recipes/porkbun.json b/internal/classification/db/recipes/porkbun.json similarity index 100% rename from pkg/classification/db/recipes/porkbun.json rename to internal/classification/db/recipes/porkbun.json diff --git a/pkg/classification/db/recipes/postgresql.json b/internal/classification/db/recipes/postgresql.json similarity index 100% rename from pkg/classification/db/recipes/postgresql.json rename to internal/classification/db/recipes/postgresql.json diff --git a/pkg/classification/db/recipes/posthog.json b/internal/classification/db/recipes/posthog.json similarity index 100% rename from pkg/classification/db/recipes/posthog.json rename to internal/classification/db/recipes/posthog.json diff --git a/pkg/classification/db/recipes/postmark.json b/internal/classification/db/recipes/postmark.json similarity index 100% rename from pkg/classification/db/recipes/postmark.json rename to internal/classification/db/recipes/postmark.json diff --git a/pkg/classification/db/recipes/prestashop.json b/internal/classification/db/recipes/prestashop.json similarity index 100% rename from pkg/classification/db/recipes/prestashop.json rename to internal/classification/db/recipes/prestashop.json diff --git a/pkg/classification/db/recipes/processout.json b/internal/classification/db/recipes/processout.json similarity index 100% rename from pkg/classification/db/recipes/processout.json rename to internal/classification/db/recipes/processout.json diff --git a/pkg/classification/db/recipes/profitbricks_ionos.json b/internal/classification/db/recipes/profitbricks_ionos.json similarity index 100% rename from pkg/classification/db/recipes/profitbricks_ionos.json rename to internal/classification/db/recipes/profitbricks_ionos.json diff --git a/pkg/classification/db/recipes/prometheus.json b/internal/classification/db/recipes/prometheus.json similarity index 100% rename from pkg/classification/db/recipes/prometheus.json rename to internal/classification/db/recipes/prometheus.json diff --git a/pkg/classification/db/recipes/pubnub.json b/internal/classification/db/recipes/pubnub.json similarity index 100% rename from pkg/classification/db/recipes/pubnub.json rename to internal/classification/db/recipes/pubnub.json diff --git a/pkg/classification/db/recipes/pusher.json b/internal/classification/db/recipes/pusher.json similarity index 100% rename from pkg/classification/db/recipes/pusher.json rename to internal/classification/db/recipes/pusher.json diff --git a/pkg/classification/db/recipes/quanta.json b/internal/classification/db/recipes/quanta.json similarity index 100% rename from pkg/classification/db/recipes/quanta.json rename to internal/classification/db/recipes/quanta.json diff --git a/pkg/classification/db/recipes/rabbitmq.json b/internal/classification/db/recipes/rabbitmq.json similarity index 100% rename from pkg/classification/db/recipes/rabbitmq.json rename to internal/classification/db/recipes/rabbitmq.json diff --git a/pkg/classification/db/recipes/rackspace_cloud.json b/internal/classification/db/recipes/rackspace_cloud.json similarity index 100% rename from pkg/classification/db/recipes/rackspace_cloud.json rename to internal/classification/db/recipes/rackspace_cloud.json diff --git a/pkg/classification/db/recipes/raygun.json b/internal/classification/db/recipes/raygun.json similarity index 100% rename from pkg/classification/db/recipes/raygun.json rename to internal/classification/db/recipes/raygun.json diff --git a/pkg/classification/db/recipes/reddit.json b/internal/classification/db/recipes/reddit.json similarity index 100% rename from pkg/classification/db/recipes/reddit.json rename to internal/classification/db/recipes/reddit.json diff --git a/pkg/classification/db/recipes/redis.json b/internal/classification/db/recipes/redis.json similarity index 100% rename from pkg/classification/db/recipes/redis.json rename to internal/classification/db/recipes/redis.json diff --git a/pkg/classification/db/recipes/reportportal.json b/internal/classification/db/recipes/reportportal.json similarity index 100% rename from pkg/classification/db/recipes/reportportal.json rename to internal/classification/db/recipes/reportportal.json diff --git a/pkg/classification/db/recipes/rethinkdb.json b/internal/classification/db/recipes/rethinkdb.json similarity index 100% rename from pkg/classification/db/recipes/rethinkdb.json rename to internal/classification/db/recipes/rethinkdb.json diff --git a/pkg/classification/db/recipes/revolut.json b/internal/classification/db/recipes/revolut.json similarity index 100% rename from pkg/classification/db/recipes/revolut.json rename to internal/classification/db/recipes/revolut.json diff --git a/pkg/classification/db/recipes/rocket_chat.json b/internal/classification/db/recipes/rocket_chat.json similarity index 100% rename from pkg/classification/db/recipes/rocket_chat.json rename to internal/classification/db/recipes/rocket_chat.json diff --git a/pkg/classification/db/recipes/rollbar.json b/internal/classification/db/recipes/rollbar.json similarity index 100% rename from pkg/classification/db/recipes/rollbar.json rename to internal/classification/db/recipes/rollbar.json diff --git a/pkg/classification/db/recipes/runscope.json b/internal/classification/db/recipes/runscope.json similarity index 100% rename from pkg/classification/db/recipes/runscope.json rename to internal/classification/db/recipes/runscope.json diff --git a/pkg/classification/db/recipes/rydoo.json b/internal/classification/db/recipes/rydoo.json similarity index 100% rename from pkg/classification/db/recipes/rydoo.json rename to internal/classification/db/recipes/rydoo.json diff --git a/pkg/classification/db/recipes/sage.json b/internal/classification/db/recipes/sage.json similarity index 100% rename from pkg/classification/db/recipes/sage.json rename to internal/classification/db/recipes/sage.json diff --git a/pkg/classification/db/recipes/sakura.json b/internal/classification/db/recipes/sakura.json similarity index 100% rename from pkg/classification/db/recipes/sakura.json rename to internal/classification/db/recipes/sakura.json diff --git a/pkg/classification/db/recipes/salesforce.json b/internal/classification/db/recipes/salesforce.json similarity index 100% rename from pkg/classification/db/recipes/salesforce.json rename to internal/classification/db/recipes/salesforce.json diff --git a/pkg/classification/db/recipes/sap.json b/internal/classification/db/recipes/sap.json similarity index 100% rename from pkg/classification/db/recipes/sap.json rename to internal/classification/db/recipes/sap.json diff --git a/pkg/classification/db/recipes/sap_hana.json b/internal/classification/db/recipes/sap_hana.json similarity index 100% rename from pkg/classification/db/recipes/sap_hana.json rename to internal/classification/db/recipes/sap_hana.json diff --git a/pkg/classification/db/recipes/satismeter.json b/internal/classification/db/recipes/satismeter.json similarity index 100% rename from pkg/classification/db/recipes/satismeter.json rename to internal/classification/db/recipes/satismeter.json diff --git a/pkg/classification/db/recipes/scaleway_cloud_apis.json b/internal/classification/db/recipes/scaleway_cloud_apis.json similarity index 100% rename from pkg/classification/db/recipes/scaleway_cloud_apis.json rename to internal/classification/db/recipes/scaleway_cloud_apis.json diff --git a/pkg/classification/db/recipes/scalia_ci.json b/internal/classification/db/recipes/scalia_ci.json similarity index 100% rename from pkg/classification/db/recipes/scalia_ci.json rename to internal/classification/db/recipes/scalia_ci.json diff --git a/pkg/classification/db/recipes/scout_apm.json b/internal/classification/db/recipes/scout_apm.json similarity index 100% rename from pkg/classification/db/recipes/scout_apm.json rename to internal/classification/db/recipes/scout_apm.json diff --git a/pkg/classification/db/recipes/seeuletter_mysendingbox.json b/internal/classification/db/recipes/seeuletter_mysendingbox.json similarity index 100% rename from pkg/classification/db/recipes/seeuletter_mysendingbox.json rename to internal/classification/db/recipes/seeuletter_mysendingbox.json diff --git a/pkg/classification/db/recipes/segment.json b/internal/classification/db/recipes/segment.json similarity index 100% rename from pkg/classification/db/recipes/segment.json rename to internal/classification/db/recipes/segment.json diff --git a/pkg/classification/db/recipes/selligent.json b/internal/classification/db/recipes/selligent.json similarity index 100% rename from pkg/classification/db/recipes/selligent.json rename to internal/classification/db/recipes/selligent.json diff --git a/pkg/classification/db/recipes/sendbird.json b/internal/classification/db/recipes/sendbird.json similarity index 100% rename from pkg/classification/db/recipes/sendbird.json rename to internal/classification/db/recipes/sendbird.json diff --git a/pkg/classification/db/recipes/sendgrid.json b/internal/classification/db/recipes/sendgrid.json similarity index 100% rename from pkg/classification/db/recipes/sendgrid.json rename to internal/classification/db/recipes/sendgrid.json diff --git a/pkg/classification/db/recipes/sendinblue.json b/internal/classification/db/recipes/sendinblue.json similarity index 100% rename from pkg/classification/db/recipes/sendinblue.json rename to internal/classification/db/recipes/sendinblue.json diff --git a/pkg/classification/db/recipes/sentry.json b/internal/classification/db/recipes/sentry.json similarity index 100% rename from pkg/classification/db/recipes/sentry.json rename to internal/classification/db/recipes/sentry.json diff --git a/pkg/classification/db/recipes/shipbob.json b/internal/classification/db/recipes/shipbob.json similarity index 100% rename from pkg/classification/db/recipes/shipbob.json rename to internal/classification/db/recipes/shipbob.json diff --git a/pkg/classification/db/recipes/shopify.json b/internal/classification/db/recipes/shopify.json similarity index 100% rename from pkg/classification/db/recipes/shopify.json rename to internal/classification/db/recipes/shopify.json diff --git a/pkg/classification/db/recipes/skyscanner.json b/internal/classification/db/recipes/skyscanner.json similarity index 100% rename from pkg/classification/db/recipes/skyscanner.json rename to internal/classification/db/recipes/skyscanner.json diff --git a/pkg/classification/db/recipes/slack.json b/internal/classification/db/recipes/slack.json similarity index 100% rename from pkg/classification/db/recipes/slack.json rename to internal/classification/db/recipes/slack.json diff --git a/pkg/classification/db/recipes/small_improvements.json b/internal/classification/db/recipes/small_improvements.json similarity index 100% rename from pkg/classification/db/recipes/small_improvements.json rename to internal/classification/db/recipes/small_improvements.json diff --git a/pkg/classification/db/recipes/smb.json b/internal/classification/db/recipes/smb.json similarity index 100% rename from pkg/classification/db/recipes/smb.json rename to internal/classification/db/recipes/smb.json diff --git a/pkg/classification/db/recipes/snowflake.json b/internal/classification/db/recipes/snowflake.json similarity index 100% rename from pkg/classification/db/recipes/snowflake.json rename to internal/classification/db/recipes/snowflake.json diff --git a/pkg/classification/db/recipes/societeinfo.json b/internal/classification/db/recipes/societeinfo.json similarity index 100% rename from pkg/classification/db/recipes/societeinfo.json rename to internal/classification/db/recipes/societeinfo.json diff --git a/pkg/classification/db/recipes/socket_io.json b/internal/classification/db/recipes/socket_io.json similarity index 100% rename from pkg/classification/db/recipes/socket_io.json rename to internal/classification/db/recipes/socket_io.json diff --git a/pkg/classification/db/recipes/softlayer_ibm_cloud.json b/internal/classification/db/recipes/softlayer_ibm_cloud.json similarity index 100% rename from pkg/classification/db/recipes/softlayer_ibm_cloud.json rename to internal/classification/db/recipes/softlayer_ibm_cloud.json diff --git a/pkg/classification/db/recipes/solocal_bridge.json b/internal/classification/db/recipes/solocal_bridge.json similarity index 100% rename from pkg/classification/db/recipes/solocal_bridge.json rename to internal/classification/db/recipes/solocal_bridge.json diff --git a/pkg/classification/db/recipes/splunk.json b/internal/classification/db/recipes/splunk.json similarity index 100% rename from pkg/classification/db/recipes/splunk.json rename to internal/classification/db/recipes/splunk.json diff --git a/pkg/classification/db/recipes/sqlite.json b/internal/classification/db/recipes/sqlite.json similarity index 100% rename from pkg/classification/db/recipes/sqlite.json rename to internal/classification/db/recipes/sqlite.json diff --git a/pkg/classification/db/recipes/sqreen_datadog.json b/internal/classification/db/recipes/sqreen_datadog.json similarity index 100% rename from pkg/classification/db/recipes/sqreen_datadog.json rename to internal/classification/db/recipes/sqreen_datadog.json diff --git a/pkg/classification/db/recipes/square.json b/internal/classification/db/recipes/square.json similarity index 100% rename from pkg/classification/db/recipes/square.json rename to internal/classification/db/recipes/square.json diff --git a/pkg/classification/db/recipes/stackify.json b/internal/classification/db/recipes/stackify.json similarity index 100% rename from pkg/classification/db/recipes/stackify.json rename to internal/classification/db/recipes/stackify.json diff --git a/pkg/classification/db/recipes/statuspage.json b/internal/classification/db/recipes/statuspage.json similarity index 100% rename from pkg/classification/db/recipes/statuspage.json rename to internal/classification/db/recipes/statuspage.json diff --git a/pkg/classification/db/recipes/stripe.json b/internal/classification/db/recipes/stripe.json similarity index 100% rename from pkg/classification/db/recipes/stripe.json rename to internal/classification/db/recipes/stripe.json diff --git a/pkg/classification/db/recipes/tanker.json b/internal/classification/db/recipes/tanker.json similarity index 100% rename from pkg/classification/db/recipes/tanker.json rename to internal/classification/db/recipes/tanker.json diff --git a/pkg/classification/db/recipes/telegram.json b/internal/classification/db/recipes/telegram.json similarity index 100% rename from pkg/classification/db/recipes/telegram.json rename to internal/classification/db/recipes/telegram.json diff --git a/pkg/classification/db/recipes/tencent_cloud_apis.json b/internal/classification/db/recipes/tencent_cloud_apis.json similarity index 100% rename from pkg/classification/db/recipes/tencent_cloud_apis.json rename to internal/classification/db/recipes/tencent_cloud_apis.json diff --git a/pkg/classification/db/recipes/thunes_limonethik.json b/internal/classification/db/recipes/thunes_limonethik.json similarity index 100% rename from pkg/classification/db/recipes/thunes_limonethik.json rename to internal/classification/db/recipes/thunes_limonethik.json diff --git a/pkg/classification/db/recipes/tide.json b/internal/classification/db/recipes/tide.json similarity index 100% rename from pkg/classification/db/recipes/tide.json rename to internal/classification/db/recipes/tide.json diff --git a/pkg/classification/db/recipes/tidelift.json b/internal/classification/db/recipes/tidelift.json similarity index 100% rename from pkg/classification/db/recipes/tidelift.json rename to internal/classification/db/recipes/tidelift.json diff --git a/pkg/classification/db/recipes/tradier.json b/internal/classification/db/recipes/tradier.json similarity index 100% rename from pkg/classification/db/recipes/tradier.json rename to internal/classification/db/recipes/tradier.json diff --git a/pkg/classification/db/recipes/trafficvance.json b/internal/classification/db/recipes/trafficvance.json similarity index 100% rename from pkg/classification/db/recipes/trafficvance.json rename to internal/classification/db/recipes/trafficvance.json diff --git a/pkg/classification/db/recipes/travefy.json b/internal/classification/db/recipes/travefy.json similarity index 100% rename from pkg/classification/db/recipes/travefy.json rename to internal/classification/db/recipes/travefy.json diff --git a/pkg/classification/db/recipes/travis_ci.json b/internal/classification/db/recipes/travis_ci.json similarity index 100% rename from pkg/classification/db/recipes/travis_ci.json rename to internal/classification/db/recipes/travis_ci.json diff --git a/pkg/classification/db/recipes/treezor.json b/internal/classification/db/recipes/treezor.json similarity index 100% rename from pkg/classification/db/recipes/treezor.json rename to internal/classification/db/recipes/treezor.json diff --git a/pkg/classification/db/recipes/trello.json b/internal/classification/db/recipes/trello.json similarity index 100% rename from pkg/classification/db/recipes/trello.json rename to internal/classification/db/recipes/trello.json diff --git a/pkg/classification/db/recipes/twilio.json b/internal/classification/db/recipes/twilio.json similarity index 100% rename from pkg/classification/db/recipes/twilio.json rename to internal/classification/db/recipes/twilio.json diff --git a/pkg/classification/db/recipes/twitter.json b/internal/classification/db/recipes/twitter.json similarity index 100% rename from pkg/classification/db/recipes/twitter.json rename to internal/classification/db/recipes/twitter.json diff --git a/pkg/classification/db/recipes/typeform.json b/internal/classification/db/recipes/typeform.json similarity index 100% rename from pkg/classification/db/recipes/typeform.json rename to internal/classification/db/recipes/typeform.json diff --git a/pkg/classification/db/recipes/unidentified_data_store.json b/internal/classification/db/recipes/unidentified_data_store.json similarity index 100% rename from pkg/classification/db/recipes/unidentified_data_store.json rename to internal/classification/db/recipes/unidentified_data_store.json diff --git a/pkg/classification/db/recipes/unsplash.json b/internal/classification/db/recipes/unsplash.json similarity index 100% rename from pkg/classification/db/recipes/unsplash.json rename to internal/classification/db/recipes/unsplash.json diff --git a/pkg/classification/db/recipes/uploadecare.json b/internal/classification/db/recipes/uploadecare.json similarity index 100% rename from pkg/classification/db/recipes/uploadecare.json rename to internal/classification/db/recipes/uploadecare.json diff --git a/pkg/classification/db/recipes/uptrends.json b/internal/classification/db/recipes/uptrends.json similarity index 100% rename from pkg/classification/db/recipes/uptrends.json rename to internal/classification/db/recipes/uptrends.json diff --git a/pkg/classification/db/recipes/userlike_com.json b/internal/classification/db/recipes/userlike_com.json similarity index 100% rename from pkg/classification/db/recipes/userlike_com.json rename to internal/classification/db/recipes/userlike_com.json diff --git a/pkg/classification/db/recipes/usersnap.json b/internal/classification/db/recipes/usersnap.json similarity index 100% rename from pkg/classification/db/recipes/usersnap.json rename to internal/classification/db/recipes/usersnap.json diff --git a/pkg/classification/db/recipes/vercel.json b/internal/classification/db/recipes/vercel.json similarity index 100% rename from pkg/classification/db/recipes/vercel.json rename to internal/classification/db/recipes/vercel.json diff --git a/pkg/classification/db/recipes/vero.json b/internal/classification/db/recipes/vero.json similarity index 100% rename from pkg/classification/db/recipes/vero.json rename to internal/classification/db/recipes/vero.json diff --git a/pkg/classification/db/recipes/victorops_splunk.json b/internal/classification/db/recipes/victorops_splunk.json similarity index 100% rename from pkg/classification/db/recipes/victorops_splunk.json rename to internal/classification/db/recipes/victorops_splunk.json diff --git a/pkg/classification/db/recipes/vonage.json b/internal/classification/db/recipes/vonage.json similarity index 100% rename from pkg/classification/db/recipes/vonage.json rename to internal/classification/db/recipes/vonage.json diff --git a/pkg/classification/db/recipes/wistia.json b/internal/classification/db/recipes/wistia.json similarity index 100% rename from pkg/classification/db/recipes/wistia.json rename to internal/classification/db/recipes/wistia.json diff --git a/pkg/classification/db/recipes/wordnik.json b/internal/classification/db/recipes/wordnik.json similarity index 100% rename from pkg/classification/db/recipes/wordnik.json rename to internal/classification/db/recipes/wordnik.json diff --git a/pkg/classification/db/recipes/wordpress.json b/internal/classification/db/recipes/wordpress.json similarity index 100% rename from pkg/classification/db/recipes/wordpress.json rename to internal/classification/db/recipes/wordpress.json diff --git a/pkg/classification/db/recipes/workos.json b/internal/classification/db/recipes/workos.json similarity index 100% rename from pkg/classification/db/recipes/workos.json rename to internal/classification/db/recipes/workos.json diff --git a/pkg/classification/db/recipes/wrike.json b/internal/classification/db/recipes/wrike.json similarity index 100% rename from pkg/classification/db/recipes/wrike.json rename to internal/classification/db/recipes/wrike.json diff --git a/pkg/classification/db/recipes/xero.json b/internal/classification/db/recipes/xero.json similarity index 100% rename from pkg/classification/db/recipes/xero.json rename to internal/classification/db/recipes/xero.json diff --git a/pkg/classification/db/recipes/xignite.json b/internal/classification/db/recipes/xignite.json similarity index 100% rename from pkg/classification/db/recipes/xignite.json rename to internal/classification/db/recipes/xignite.json diff --git a/pkg/classification/db/recipes/yandex_cloud_apis.json b/internal/classification/db/recipes/yandex_cloud_apis.json similarity index 100% rename from pkg/classification/db/recipes/yandex_cloud_apis.json rename to internal/classification/db/recipes/yandex_cloud_apis.json diff --git a/pkg/classification/db/recipes/yodlee.json b/internal/classification/db/recipes/yodlee.json similarity index 100% rename from pkg/classification/db/recipes/yodlee.json rename to internal/classification/db/recipes/yodlee.json diff --git a/pkg/classification/db/recipes/youtube.json b/internal/classification/db/recipes/youtube.json similarity index 100% rename from pkg/classification/db/recipes/youtube.json rename to internal/classification/db/recipes/youtube.json diff --git a/pkg/classification/db/recipes/zapier.json b/internal/classification/db/recipes/zapier.json similarity index 100% rename from pkg/classification/db/recipes/zapier.json rename to internal/classification/db/recipes/zapier.json diff --git a/pkg/classification/db/recipes/zendesk.json b/internal/classification/db/recipes/zendesk.json similarity index 100% rename from pkg/classification/db/recipes/zendesk.json rename to internal/classification/db/recipes/zendesk.json diff --git a/pkg/classification/db/recipes/zeplin.json b/internal/classification/db/recipes/zeplin.json similarity index 100% rename from pkg/classification/db/recipes/zeplin.json rename to internal/classification/db/recipes/zeplin.json diff --git a/pkg/classification/db/recipes/zoho.json b/internal/classification/db/recipes/zoho.json similarity index 100% rename from pkg/classification/db/recipes/zoho.json rename to internal/classification/db/recipes/zoho.json diff --git a/pkg/classification/db/subject_mapping.json b/internal/classification/db/subject_mapping.json similarity index 100% rename from pkg/classification/db/subject_mapping.json rename to internal/classification/db/subject_mapping.json diff --git a/pkg/classification/dependencies/dependencies.go b/internal/classification/dependencies/dependencies.go similarity index 92% rename from pkg/classification/dependencies/dependencies.go rename to internal/classification/dependencies/dependencies.go index 27f29dc07..9dd84fb1a 100644 --- a/pkg/classification/dependencies/dependencies.go +++ b/internal/classification/dependencies/dependencies.go @@ -3,10 +3,10 @@ package dependencies import ( "errors" - "github.com/bearer/bearer/pkg/classification/db" - "github.com/bearer/bearer/pkg/report/dependencies" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/util/classify" + "github.com/bearer/bearer/internal/classification/db" + "github.com/bearer/bearer/internal/report/dependencies" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/util/classify" ) type ClassifiedDependency struct { diff --git a/pkg/classification/dependencies/dependencies_test.go b/internal/classification/dependencies/dependencies_test.go similarity index 90% rename from pkg/classification/dependencies/dependencies_test.go rename to internal/classification/dependencies/dependencies_test.go index a6fb1626f..ce1526ff0 100644 --- a/pkg/classification/dependencies/dependencies_test.go +++ b/internal/classification/dependencies/dependencies_test.go @@ -3,11 +3,11 @@ package dependencies_test import ( "testing" - "github.com/bearer/bearer/pkg/classification/dependencies" - reportdependencies "github.com/bearer/bearer/pkg/report/dependencies" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/source" - "github.com/bearer/bearer/pkg/util/classify" + "github.com/bearer/bearer/internal/classification/dependencies" + reportdependencies "github.com/bearer/bearer/internal/report/dependencies" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/source" + "github.com/bearer/bearer/internal/util/classify" "github.com/stretchr/testify/assert" ) diff --git a/pkg/classification/frameworks/frameworks.go b/internal/classification/frameworks/frameworks.go similarity index 93% rename from pkg/classification/frameworks/frameworks.go rename to internal/classification/frameworks/frameworks.go index 0f78b99f9..be29a89b7 100644 --- a/pkg/classification/frameworks/frameworks.go +++ b/internal/classification/frameworks/frameworks.go @@ -3,9 +3,9 @@ package frameworks import ( "errors" - "github.com/bearer/bearer/pkg/classification/db" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/util/classify" + "github.com/bearer/bearer/internal/classification/db" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/util/classify" ) type classifiableFramework interface { diff --git a/pkg/classification/frameworks/frameworks_test.go b/internal/classification/frameworks/frameworks_test.go similarity index 93% rename from pkg/classification/frameworks/frameworks_test.go rename to internal/classification/frameworks/frameworks_test.go index 689f6e016..30c631e8e 100644 --- a/pkg/classification/frameworks/frameworks_test.go +++ b/internal/classification/frameworks/frameworks_test.go @@ -3,16 +3,16 @@ package frameworks_test import ( "testing" - "github.com/bearer/bearer/pkg/classification/frameworks" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/frameworks/beego" - "github.com/bearer/bearer/pkg/report/frameworks/django" - "github.com/bearer/bearer/pkg/report/frameworks/dotnet" - "github.com/bearer/bearer/pkg/report/frameworks/rails" - "github.com/bearer/bearer/pkg/report/frameworks/spring" - "github.com/bearer/bearer/pkg/report/frameworks/symfony" - "github.com/bearer/bearer/pkg/report/source" - "github.com/bearer/bearer/pkg/util/classify" + "github.com/bearer/bearer/internal/classification/frameworks" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/frameworks/beego" + "github.com/bearer/bearer/internal/report/frameworks/django" + "github.com/bearer/bearer/internal/report/frameworks/dotnet" + "github.com/bearer/bearer/internal/report/frameworks/rails" + "github.com/bearer/bearer/internal/report/frameworks/spring" + "github.com/bearer/bearer/internal/report/frameworks/symfony" + "github.com/bearer/bearer/internal/report/source" + "github.com/bearer/bearer/internal/util/classify" "github.com/stretchr/testify/assert" ) diff --git a/pkg/classification/interfaces/interfaces.go b/internal/classification/interfaces/interfaces.go similarity index 96% rename from pkg/classification/interfaces/interfaces.go rename to internal/classification/interfaces/interfaces.go index 0253dd55d..6daf18fbb 100644 --- a/pkg/classification/interfaces/interfaces.go +++ b/internal/classification/interfaces/interfaces.go @@ -5,11 +5,11 @@ import ( "regexp" "strings" - "github.com/bearer/bearer/pkg/classification/db" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/interfaces" - "github.com/bearer/bearer/pkg/util/classify" - "github.com/bearer/bearer/pkg/util/url" + "github.com/bearer/bearer/internal/classification/db" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/interfaces" + "github.com/bearer/bearer/internal/util/classify" + "github.com/bearer/bearer/internal/util/url" ) type ClassifiedInterface struct { diff --git a/pkg/classification/interfaces/interfaces_test.go b/internal/classification/interfaces/interfaces_test.go similarity index 95% rename from pkg/classification/interfaces/interfaces_test.go rename to internal/classification/interfaces/interfaces_test.go index 01329b944..15823eee3 100644 --- a/pkg/classification/interfaces/interfaces_test.go +++ b/internal/classification/interfaces/interfaces_test.go @@ -3,14 +3,14 @@ package interfaces_test import ( "testing" - "github.com/bearer/bearer/pkg/classification/db" - "github.com/bearer/bearer/pkg/classification/interfaces" + "github.com/bearer/bearer/internal/classification/db" + "github.com/bearer/bearer/internal/classification/interfaces" - "github.com/bearer/bearer/pkg/report/detections" + "github.com/bearer/bearer/internal/report/detections" - reportinterfaces "github.com/bearer/bearer/pkg/report/interfaces" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/util/classify" + reportinterfaces "github.com/bearer/bearer/internal/report/interfaces" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/util/classify" "github.com/stretchr/testify/assert" ) diff --git a/pkg/classification/schema/.snapshots/TestCSharp b/internal/classification/schema/.snapshots/TestCSharp similarity index 100% rename from pkg/classification/schema/.snapshots/TestCSharp rename to internal/classification/schema/.snapshots/TestCSharp diff --git a/pkg/classification/schema/.snapshots/TestCSharpKPI b/internal/classification/schema/.snapshots/TestCSharpKPI similarity index 100% rename from pkg/classification/schema/.snapshots/TestCSharpKPI rename to internal/classification/schema/.snapshots/TestCSharpKPI diff --git a/pkg/classification/schema/.snapshots/TestGo b/internal/classification/schema/.snapshots/TestGo similarity index 100% rename from pkg/classification/schema/.snapshots/TestGo rename to internal/classification/schema/.snapshots/TestGo diff --git a/pkg/classification/schema/.snapshots/TestGoKPI b/internal/classification/schema/.snapshots/TestGoKPI similarity index 100% rename from pkg/classification/schema/.snapshots/TestGoKPI rename to internal/classification/schema/.snapshots/TestGoKPI diff --git a/pkg/classification/schema/.snapshots/TestJava b/internal/classification/schema/.snapshots/TestJava similarity index 100% rename from pkg/classification/schema/.snapshots/TestJava rename to internal/classification/schema/.snapshots/TestJava diff --git a/pkg/classification/schema/.snapshots/TestJavaKPI b/internal/classification/schema/.snapshots/TestJavaKPI similarity index 100% rename from pkg/classification/schema/.snapshots/TestJavaKPI rename to internal/classification/schema/.snapshots/TestJavaKPI diff --git a/pkg/classification/schema/.snapshots/TestJavascript b/internal/classification/schema/.snapshots/TestJavascript similarity index 100% rename from pkg/classification/schema/.snapshots/TestJavascript rename to internal/classification/schema/.snapshots/TestJavascript diff --git a/pkg/classification/schema/.snapshots/TestJavascriptKPI b/internal/classification/schema/.snapshots/TestJavascriptKPI similarity index 100% rename from pkg/classification/schema/.snapshots/TestJavascriptKPI rename to internal/classification/schema/.snapshots/TestJavascriptKPI diff --git a/pkg/classification/schema/.snapshots/TestPHP b/internal/classification/schema/.snapshots/TestPHP similarity index 100% rename from pkg/classification/schema/.snapshots/TestPHP rename to internal/classification/schema/.snapshots/TestPHP diff --git a/pkg/classification/schema/.snapshots/TestPHPKPI b/internal/classification/schema/.snapshots/TestPHPKPI similarity index 100% rename from pkg/classification/schema/.snapshots/TestPHPKPI rename to internal/classification/schema/.snapshots/TestPHPKPI diff --git a/pkg/classification/schema/.snapshots/TestPython b/internal/classification/schema/.snapshots/TestPython similarity index 100% rename from pkg/classification/schema/.snapshots/TestPython rename to internal/classification/schema/.snapshots/TestPython diff --git a/pkg/classification/schema/.snapshots/TestPythonKPI b/internal/classification/schema/.snapshots/TestPythonKPI similarity index 100% rename from pkg/classification/schema/.snapshots/TestPythonKPI rename to internal/classification/schema/.snapshots/TestPythonKPI diff --git a/pkg/classification/schema/.snapshots/TestRuby b/internal/classification/schema/.snapshots/TestRuby similarity index 100% rename from pkg/classification/schema/.snapshots/TestRuby rename to internal/classification/schema/.snapshots/TestRuby diff --git a/pkg/classification/schema/.snapshots/TestRubyKPI b/internal/classification/schema/.snapshots/TestRubyKPI similarity index 100% rename from pkg/classification/schema/.snapshots/TestRubyKPI rename to internal/classification/schema/.snapshots/TestRubyKPI diff --git a/pkg/classification/schema/.snapshots/TestTypescript b/internal/classification/schema/.snapshots/TestTypescript similarity index 100% rename from pkg/classification/schema/.snapshots/TestTypescript rename to internal/classification/schema/.snapshots/TestTypescript diff --git a/pkg/classification/schema/.snapshots/TestTypescriptKPI b/internal/classification/schema/.snapshots/TestTypescriptKPI similarity index 100% rename from pkg/classification/schema/.snapshots/TestTypescriptKPI rename to internal/classification/schema/.snapshots/TestTypescriptKPI diff --git a/pkg/classification/schema/fixtures/csharp.json b/internal/classification/schema/fixtures/csharp.json similarity index 100% rename from pkg/classification/schema/fixtures/csharp.json rename to internal/classification/schema/fixtures/csharp.json diff --git a/internal/classification/schema/fixtures/go.json b/internal/classification/schema/fixtures/go.json new file mode 100644 index 000000000..93867b4ab --- /dev/null +++ b/internal/classification/schema/fixtures/go.json @@ -0,0 +1 @@ +[{"name":"walletServiceTransactionNotificationsServer","filename":"rpc/walletrpc/api.pb.go","detector_type":"Go","properties":[{"name":"Send","type":"function"}]},{"name":"walletServiceTransactionNotificationsClient","filename":"rpc/walletrpc/api.pb.go","detector_type":"Go","properties":[{"name":"Recv","type":"function"}]},{"name":"walletServiceSpentnessNotificationsServer","filename":"rpc/walletrpc/api.pb.go","detector_type":"Go","properties":[{"name":"Send","type":"function"}]},{"name":"walletServiceSpentnessNotificationsClient","filename":"rpc/walletrpc/api.pb.go","detector_type":"Go","properties":[{"name":"Recv","type":"function"}]},{"name":"walletServiceClient","filename":"rpc/walletrpc/api.pb.go","detector_type":"Go","properties":[{"name":"cc","type":"object"},{"name":"Ping","type":"function"},{"name":"Network","type":"function"},{"name":"AccountNumber","type":"function"},{"name":"Accounts","type":"function"},{"name":"Balance","type":"function"},{"name":"GetTransactions","type":"function"},{"name":"TransactionNotifications","type":"function"},{"name":"SpentnessNotifications","type":"function"},{"name":"AccountNotifications","type":"function"},{"name":"ChangePassphrase","type":"function"},{"name":"RenameAccount","type":"function"},{"name":"NextAccount","type":"function"},{"name":"NextAddress","type":"function","data_type_info":"Physical Address","state":"valid","reason":"known_pattern","false_positive":false},{"name":"ImportPrivateKey","type":"function"},{"name":"FundTransaction","type":"function"},{"name":"SignTransaction","type":"function"},{"name":"PublishTransaction","type":"function"}],"state":"valid"},{"name":"walletServiceAccountNotificationsServer","filename":"rpc/walletrpc/api.pb.go","detector_type":"Go","properties":[{"name":"Send","type":"function"}]},{"name":"walletServiceAccountNotificationsClient","filename":"rpc/walletrpc/api.pb.go","detector_type":"Go","properties":[{"name":"Recv","type":"function"}]},{"name":"walletServer","filename":"rpc/rpcserver/server.go","detector_type":"Go","properties":[{"name":"wallet","type":"object"},{"name":"Ping","type":"function"},{"name":"Network","type":"function"},{"name":"BankAccountNumber","type":"function","data_type_info":"Bank Account","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Accounts","type":"function"},{"name":"PaymentAccountNumber","type":"function","data_type_info":"Transactions","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"NextAccount","type":"function"},{"name":"NextAddress","type":"function","data_type_info":"Physical Address","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"CreditRecords","type":"function","data_type_info":"Credit Records","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Balance","type":"function"},{"name":"FundTransaction","type":"function"},{"name":"GetTransactions","type":"function"},{"name":"ChangePassphrase","type":"function"},{"name":"SignTransaction","type":"function"},{"name":"PublishTransaction","type":"function"},{"name":"TransactionNotifications","type":"function"},{"name":"SpentnessNotifications","type":"function"},{"name":"AccountNotifications","type":"function"}],"state":"valid"},{"name":"user","filename":"internal/importer/instapaper/instapaper.go","detector_type":"Go","properties":[{"name":"UserId","type":"number","data_type_info":"User","state":"valid","reason":"valid_object_and_db_identifier","false_positive":false},{"name":"Username","type":"string","data_type_info":"Username","state":"valid","reason":"known_pattern","false_positive":false},{"name":"palceOfBirth","type":"string"},{"name":"FirstName","type":"string","data_type_info":"Firstname","state":"valid","reason":"known_pattern","false_positive":false},{"name":"LastName","type":"string","data_type_info":"Lastname","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Photo","type":"object"},{"name":"dob","type":"function","data_type_info":"Date of birth","state":"valid","reason":"known_pattern","false_positive":false},{"name":"likes","type":"number","data_type_info":"Likes","state":"valid","reason":"known_pattern","false_positive":false},{"name":"dislikes","type":"number"},{"name":"name","type":"string","data_type_info":"Fullname","state":"valid","reason":"known_pattern","false_positive":false}],"state":"valid"},{"name":"walker","filename":"setup/mscs/msc2836/msc2836.go","detector_type":"Go","properties":[{"name":"ctx","type":"object"},{"name":"req","type":"object"},{"name":"db","type":"object"},{"name":"fn","type":"object"},{"name":"WalkFrom","type":"function"},{"name":"addChildren","type":"function"},{"name":"nextChild","type":"function"},{"name":"childrenForParent","type":"function"},{"name":"rootRoomID","type":"string"},{"name":"caller","type":"object"},{"name":"serverName","type":"object"},{"name":"thisServer","type":"object"},{"name":"callLogs","type":"object","data_type_info":"Call Logs","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"fsAPI","type":"object"},{"name":"cache","type":"object"},{"name":"suggestedOnly","type":"boolean"},{"name":"limit","type":"number"},{"name":"maxDepth","type":"number"},{"name":"paginationToken","type":"string"},{"name":"paginationCache","type":"object"},{"name":"mu","type":"object"},{"name":"newPaginationCache","type":"function"},{"name":"loadPaginationCache","type":"function"},{"name":"storePaginationCache","type":"function"},{"name":"walk","type":"function"},{"name":"stateEvent","type":"function"},{"name":"publicRoomsChunk","type":"function"},{"name":"federatedRoomInfo","type":"function"},{"name":"roomExists","type":"function"},{"name":"authorised","type":"function"},{"name":"authorisedServer","type":"function"},{"name":"authorisedUser","type":"function"},{"name":"restrictedJoinRuleAllowedRooms","type":"function"},{"name":"childReferences","type":"function"}],"state":"valid"},{"name":"vxlanDeviceAttrs","filename":"vendor/github.com/coreos/flannel/backend/vxlan/device.go","detector_type":"Go","properties":[{"name":"vni","type":"number"},{"name":"userId","type":"string","data_type_info":"User","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"vtepIndex","type":"number"},{"name":"vtepAddr","type":"object"},{"name":"vtepPort","type":"number"},{"name":"gbp","type":"boolean"},{"name":"device_id","type":"string"},{"name":"ip_address","type":"object"}],"data_type_info":"Device","state":"valid","reason":"known_data_object","false_positive":false},{"name":"visitDocumentCtx","filename":"vendor/github.com/blevesearch/zapx/v11/segment.go","detector_type":"Go","properties":[{"name":"buf","type":"object"},{"name":"reader","type":"object"},{"name":"arrayPos","type":"object"},{"name":"readerId","type":"object","data_type_info":"Reader","state":"valid","reason":"known_database_identifier","false_positive":false}],"state":"valid"},{"name":"userClaims","filename":"enterprise/cmd/frontend/internal/auth/openidconnect/middleware.go","detector_type":"Go","properties":[{"name":"Family","type":"string","data_type_info":"Family Structure","state":"valid","reason":"known_pattern","false_positive":false},{"name":"GivenName","type":"string","data_type_info":"Firstname","state":"valid","reason":"known_pattern","false_positive":false},{"name":"FamilyName","type":"string"},{"name":"PreferredUsername","type":"string","data_type_info":"Username","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Picture","type":"string","data_type_info":"Image","state":"valid","reason":"known_pattern","false_positive":false},{"name":"EmailVerified","type":"boolean"}],"state":"valid"},{"name":"userFavorite","filename":"tools/resetdb/datagen.go","detector_type":"Go","properties":[{"name":"UserID","type":"string","data_type_info":"User","state":"valid","reason":"valid_object_and_db_identifier","false_positive":false},{"name":"FavoriteFood","type":"object","data_type_info":"Favorite Foods","state":"valid","reason":"known_pattern","false_positive":false}],"state":"valid"},{"name":"validateOpUpdateFindingsFilter","filename":"service/macie2/validators.go","detector_type":"Go","properties":[{"name":"HandleInitialize","type":"function"}]},{"name":"validateOpUpdateFindingsFeedback","filename":"service/guardduty/validators.go","detector_type":"Go","properties":[{"name":"UserID","type":"function","data_type_info":"User","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"HandleInitialize","type":"function"}],"data_type_info":"Feedback","state":"valid","reason":"known_data_object","false_positive":false},{"name":"validateOpUpdateFindings","filename":"service/accessanalyzer/validators.go","detector_type":"Go","properties":[{"name":"ID","type":"function"},{"name":"HandleInitialize","type":"function"}]},{"name":"twitterUser","filename":"datasources/twitter/models.go","detector_type":"Go","properties":[{"name":"ContributorsEnabled","type":"boolean"},{"name":"CreatedAt","type":"string"},{"name":"DefaultProfile","type":"boolean"},{"name":"DefaultProfileImage","type":"boolean"},{"name":"Description","type":"string"},{"name":"Entities","type":"object"},{"name":"FavouritesCount","type":"number"},{"name":"FollowersCount","type":"number"},{"name":"Following","type":"object","data_type_info":"Interests","state":"valid","reason":"known_pattern","false_positive":false},{"name":"FollowRequestSent","type":"object"},{"name":"FriendsCount","type":"number","data_type_info":"Friends","state":"valid","reason":"known_pattern","false_positive":false},{"name":"GeoEnabled","type":"boolean"},{"name":"Accent","type":"boolean"},{"name":"IsTranslationEnabled","type":"boolean"},{"name":"IsTranslator","type":"boolean"},{"name":"Lang","type":"string"},{"name":"ListedCount","type":"number"},{"name":"Location","type":"string","data_type_info":"Geographic","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Name","type":"string","data_type_info":"Fullname","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Notifications","type":"object"},{"name":"ProfileBackgroundColor","type":"string"},{"name":"ProfileBackgroundImageURL","type":"string"},{"name":"ProfileBackgroundImageURLHTTPS","type":"string"},{"name":"ProfileBackgroundTile","type":"boolean"},{"name":"ProfileBannerURL","type":"string"},{"name":"ProfileImageURL","type":"string"},{"name":"ProfileImageURLHTTPS","type":"string"},{"name":"ProfileLinkColor","type":"string"},{"name":"ProfileSidebarBorderColor","type":"string"},{"name":"Membership","type":"string","data_type_info":"Group Membership","state":"valid","reason":"known_pattern","false_positive":false},{"name":"ProfileTextColor","type":"string"},{"name":"ProfileUseBackgroundImage","type":"boolean"},{"name":"Reputation","type":"boolean"},{"name":"ScreenName","type":"string"},{"name":"SocialStatus","type":"number","data_type_info":"Social Status","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Longitude","type":"object","data_type_info":"Geographic","state":"valid","reason":"known_pattern","false_positive":false},{"name":"TranslatorType","type":"string"},{"name":"URL","type":"string"},{"name":"UserID","type":"object","data_type_info":"User","state":"valid","reason":"valid_object_and_db_identifier","false_positive":false},{"name":"UserIDStr","type":"string","data_type_info":"Unique Identifier","state":"valid","reason":"known_pattern","false_positive":false},{"name":"GenderIdentity","type":"object","data_type_info":"Gender identity","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Verified","type":"boolean"}],"state":"valid"},{"name":"topoResult","filename":"admin/topology/topology.go","detector_type":"Go","properties":[{"name":"IsExist","type":"boolean"},{"name":"UUID","type":"string"},{"name":"Route","type":"string"},{"name":"IDNum","type":"number","data_type_info":"ID Number","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"AllNodes","type":"object"}],"state":"valid"},{"name":"Identification","filename":"pkg/gateway/wallet.go","detector_type":"Go","properties":[{"name":"CreateUserStore","type":"function"},{"name":"UserId","type":"function","data_type_info":"User","state":"valid","reason":"known_database_identifier","false_positive":false}],"data_type_info":"Identification","state":"valid","reason":"known_data_object","false_positive":false},{"name":"verificationRequest","filename":"internal/controllers/verification.go","detector_type":"Go","properties":[{"name":"Recaptcha","type":"string"},{"name":"Email","type":"string","data_type_info":"Email Address","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Interactions","type":"string","data_type_info":"Interactions","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Username","type":"string","data_type_info":"Username","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Password","type":"string","data_type_info":"Passwords","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Intentions","type":"string","data_type_info":"Intentions","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"SessionSecret","type":"string"}],"state":"valid"},{"name":"verificationImpl","filename":"internal/controllers/verification.go","detector_type":"Go","properties":[{"name":"Interests","type":"function"},{"name":"verify","type":"function"}]},{"name":"vulncheck","filename":"cmd/govim/internal/golang_org_x_tools/lsp/cmd/vulncheck.go","detector_type":"Go","properties":[{"name":"app","type":"object"},{"name":"Name","type":"function","data_type_info":"Fullname","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Parent","type":"function"},{"name":"Interview","type":"function","data_type_info":"Interviews","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"ShortHelp","type":"function"},{"name":"DetailedHelp","type":"function"},{"name":"Run","type":"function"}],"state":"valid"},{"name":"validateOpUntagResource","filename":"service/iot1clickdevicesservice/validators.go","detector_type":"Go","properties":[{"name":"ID","type":"function"},{"name":"ClicksTracking","type":"function","data_type_info":"Links clicked","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"HandleInitialize","type":"function"}],"state":"valid"},{"name":"vxlanDevice","filename":"vendor/github.com/coreos/flannel/backend/vxlan/device.go","detector_type":"Go","properties":[{"name":"link","type":"object"},{"name":"directRouting","type":"boolean"},{"name":"Configure","type":"function"},{"name":"MACAddr","type":"function"},{"name":"AddFDB","type":"function"},{"name":"DelFDB","type":"function"},{"name":"AddARP","type":"function"},{"name":"DelARP","type":"function"},{"name":"macPrefix","type":"string"},{"name":"AddEndpoint","type":"function"},{"name":"DelEndpoint","type":"function"},{"name":"ConjureMac","type":"function"}]},{"name":"vrfMessage","filename":"hare/eligibility/oracle.go","detector_type":"Go","properties":[{"name":"Beacon","type":"object"},{"name":"ReceiverId","type":"number","data_type_info":"Receiver","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"Layer","type":"object"},{"name":"Epoch","type":"object"},{"name":"Counter","type":"number"}],"data_type_info":"Message","state":"valid","reason":"known_data_object","false_positive":false},{"name":"updateReq","filename":"pkg/api/user/transport/http.go","detector_type":"Go","properties":[{"name":"ID","type":"number"},{"name":"FirstName","type":"string","data_type_info":"Firstname","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"LastName","type":"string","data_type_info":"Lastname","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Mobile","type":"string","data_type_info":"Telephone Number","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"NationalOrigin","type":"string","data_type_info":"National origin","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Race","type":"string","data_type_info":"Race","state":"valid","reason":"valid_extended_pattern","false_positive":false}],"state":"valid"},{"name":"validateOpGetBucketRequestPayment","filename":"service/s3/validators.go","detector_type":"Go","properties":[{"name":"PayeeID","type":"function","data_type_info":"Payee","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"HandleInitialize","type":"function"}],"state":"valid"},{"name":"validateOpPostCommentReply","filename":"service/codecommit/validators.go","detector_type":"Go","properties":[{"name":"AccountID","type":"function"},{"name":"HandleInitialize","type":"function"}]},{"name":"reviewRequest","filename":"pkg/webhook/policy.go","detector_type":"Go","properties":[{"name":"validateModifySet","type":"function"},{"name":"profileId","type":"function","data_type_info":"Profile","state":"valid","reason":"known_database_identifier","false_positive":false}],"data_type_info":"Review","state":"valid","reason":"known_data_object","false_positive":false},{"name":"variadic","filename":"internal/api/signature.go","detector_type":"Go","properties":[{"name":"name","type":"string"},{"name":"ParameterList","type":"function"},{"name":"Arguments","type":"function"},{"name":"ParameterName","type":"function"},{"name":"Signature","type":"function"},{"name":"Length","type":"function"}]},{"name":"waitingSubscription","filename":"pkg/scheduler/framework/runtime/waiting_susbcriptions_map.go","detector_type":"Go","properties":[{"name":"SubscriberId","type":"function","data_type_info":"Subscriber","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"Reject","type":"function"}],"data_type_info":"Subscription","state":"valid","reason":"known_data_object","false_positive":false},{"name":"validateOpUpdateConfigurationSetTrackingOptions","filename":"service/ses/validators.go","detector_type":"Go","properties":[{"name":"OwnerID","type":"function","data_type_info":"Owner","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"HandleInitialize","type":"function"}],"data_type_info":"Tracking","state":"valid","reason":"known_data_object","false_positive":false},{"name":"userNetworkState","filename":"orc8r/cloud/go/services/analytics/calculations/user_state.go","detector_type":"Go","properties":[{"name":"WorkHistory","type":"number","data_type_info":"Work History","state":"valid","reason":"known_pattern","false_positive":false},{"name":"username","type":"object","data_type_info":"Username","state":"valid","reason":"known_pattern","false_positive":false}],"state":"valid"},{"name":"translationServiceClient","filename":"vendor/google.golang.org/genproto/googleapis/cloud/translate/v3/translation_service.pb.go","detector_type":"Go","properties":[{"name":"cc","type":"object"},{"name":"TranslateText","type":"function"},{"name":"DetectLanguage","type":"function","data_type_info":"Language","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Languages","type":"function"},{"name":"Accentt","type":"function"},{"name":"CreateGlossary","type":"function"},{"name":"ListGlossaries","type":"function"},{"name":"GetGlossary","type":"function"},{"name":"DeleteGlossary","type":"function"}],"state":"valid"},{"name":"viewOauthSignupVars","filename":"oauth_signup.go","detector_type":"Go","properties":[{"name":"To","type":"string"},{"name":"Message","type":"object"},{"name":"Flashes","type":"object"},{"name":"AccessToken","type":"string","data_type_info":"Access Token","state":"valid","reason":"known_pattern","false_positive":false},{"name":"TokenUsername","type":"string","data_type_info":"Username","state":"valid","reason":"known_pattern","false_positive":false},{"name":"TokenAlias","type":"string"},{"name":"Email","type":"string","data_type_info":"Email Address","state":"valid","reason":"known_pattern","false_positive":false},{"name":"TokenRemoteUser","type":"string"},{"name":"Provider","type":"string"},{"name":"ClientID","type":"string","data_type_info":"Client","state":"valid","reason":"valid_object_and_db_identifier","false_positive":false},{"name":"TokenHash","type":"string"},{"name":"InviteCode","type":"string"},{"name":"Username","type":"string","data_type_info":"Username","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Login","type":"string"}],"state":"valid"},{"name":"userResolver","filename":"codegen/testserver/followschema/resolver.go","detector_type":"Go","properties":[{"name":"Friends","type":"function","data_type_info":"Friends","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Pets","type":"function"},{"name":"Acquaintances","type":"function","data_type_info":"Acquaintances","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Likes","type":"function","data_type_info":"Likes","state":"valid","reason":"known_pattern","false_positive":false}],"state":"valid"},{"name":"userDetailResp","filename":"pkg/easywework/user_info_api.go","detector_type":"Go","properties":[{"name":"UserID","type":"string","data_type_info":"User","state":"valid","reason":"valid_object_and_db_identifier","false_positive":false},{"name":"Name","type":"string","data_type_info":"Fullname","state":"valid","reason":"known_pattern","false_positive":false},{"name":"DeptIDs","type":"object"},{"name":"Age","type":"object","data_type_info":"Age Range","state":"valid","reason":"known_pattern","false_positive":false},{"name":"IsLeaderInDept","type":"object"},{"name":"Position","type":"string"},{"name":"Mobile","type":"string","data_type_info":"Telephone Number","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Gender","type":"string","data_type_info":"Gender","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Email","type":"string","data_type_info":"Email Address","state":"valid","reason":"known_pattern","false_positive":false},{"name":"AvatarURL","type":"string","data_type_info":"Image","state":"valid","reason":"known_pattern","false_positive":false},{"name":"TelephoneNumber","type":"string","data_type_info":"Telephone Number","state":"valid","reason":"known_pattern","false_positive":false},{"name":"IsEnabled","type":"number"},{"name":"Alias","type":"string"},{"name":"Status","type":"number"},{"name":"QRCodeURL","type":"string"},{"name":"Extattr","type":"object"}],"state":"valid"},{"name":"GetAmount","filename":"wallet/wallet_store.go","detector_type":"Go","properties":[{"name":"SetFeeAm","type":"function"},{"name":"GetFeeAm","type":"function"},{"name":"PayerId","type":"function","data_type_info":"Payer","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"GetWallet","type":"function"}],"data_type_info":"Amount","state":"valid","reason":"known_data_object","false_positive":false},{"name":"userResponse","filename":"api/user.go","detector_type":"Go","properties":[{"name":"Username","type":"string","data_type_info":"Username","state":"valid","reason":"known_pattern","false_positive":false},{"name":"FullName","type":"string","data_type_info":"Fullname","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Email","type":"string","data_type_info":"Email Address","state":"valid","reason":"known_pattern","false_positive":false},{"name":"PasswordChangedAt","type":"date"},{"name":"BankAccount","type":"date","data_type_info":"Bank Account","state":"valid","reason":"known_pattern","false_positive":false}],"state":"valid"},{"name":"BankTransfer","filename":"core/service/impl/2.wallet_service.go","detector_type":"Go","properties":[{"name":"_repo","type":"object"},{"name":"CreateWallet","type":"function"},{"name":"AccountId","type":"function"},{"name":"GetWallet","type":"function"},{"name":"GetWalletByCode","type":"function"},{"name":"GetWalletLog","type":"function"}]},{"name":"triggerBehaviourResult","filename":"triggers.go","detector_type":"Go","properties":[{"name":"Handler","type":"object"},{"name":"UnmetGuardConditions","type":"object"}]},{"name":"vmContext","filename":"vm/systemSmartContracts/eei.go","detector_type":"Go","properties":[{"name":"blockChainHook","type":"object"},{"name":"cryptoHook","type":"object"},{"name":"validatorAccountsDB","type":"object"},{"name":"systemContracts","type":"object"},{"name":"inputParser","type":"object"},{"name":"chanceComputer","type":"object"},{"name":"scAddress","type":"object","data_type_info":"Physical Address","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"storageUpdate","type":"object"},{"name":"outputAccounts","type":"object"},{"name":"gasRemaining","type":"number"},{"name":"returnMessage","type":"string"},{"name":"output","type":"object"},{"name":"CallLogs","type":"object","data_type_info":"Call Logs","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"SetSystemSCContainer","type":"function"},{"name":"GetContract","type":"function"},{"name":"GetStorage","type":"function"},{"name":"SetStorage","type":"function"},{"name":"GetBalance","type":"function"},{"name":"SendGlobalSettingToAll","type":"function"},{"name":"Transfer","type":"function"},{"name":"copyToNewContext","type":"function"},{"name":"mergeContext","type":"function"},{"name":"createContractCallInput","type":"function"},{"name":"DeploySystemSC","type":"function"},{"name":"addContractDeployToOutput","type":"function"},{"name":"ExecuteOnDestContext","type":"function"},{"name":"Finish","type":"function"},{"name":"AddReturnMessage","type":"function"},{"name":"AddLogEntry","type":"function"},{"name":"BlockChainHook","type":"function"},{"name":"CryptoHook","type":"function"},{"name":"CleanCache","type":"function"},{"name":"SetGasProvided","type":"function"},{"name":"UseGas","type":"function"},{"name":"GasLeft","type":"function"},{"name":"softCleanCache","type":"function"},{"name":"CreateVMOutput","type":"function"},{"name":"SetSCAddress","type":"function","data_type_info":"Physical Address","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"AddCode","type":"function"},{"name":"AddTxValueToSmartContract","type":"function"},{"name":"IsValidator","type":"function"},{"name":"StatusFromValidatorStatistics","type":"function"},{"name":"CanUnJail","type":"function"},{"name":"IsBadRating","type":"function"},{"name":"CleanStorageUpdates","type":"function"},{"name":"IsInterfaceNil","type":"function"}],"state":"valid"},{"name":"vehicleServiceClient","filename":"googleapis/maps/fleetengine/v1/vehicle_api.pb.go","detector_type":"Go","properties":[{"name":"cars","type":"object","data_type_info":"Cars","state":"valid","reason":"known_pattern","false_positive":false},{"name":"CreateVehicle","type":"function"},{"name":"GetVehicle","type":"function"},{"name":"UpdateVehicle","type":"function"},{"name":"UpdateVehicleLocation","type":"function","data_type_info":"Geographic","state":"valid","reason":"known_pattern","false_positive":false},{"name":"VehicleRegistrationNumber","type":"function","data_type_info":"Vehicle registration number","state":"valid","reason":"known_pattern","false_positive":false},{"name":"ListVehicles","type":"function"},{"name":"SearchVehicles","type":"function"},{"name":"SearchFuzzedVehicles","type":"function"}],"state":"valid"},{"name":"wCartQuickSkuJdo","filename":"core/domain/cart/wholesale_cart.go","detector_type":"Go","properties":[{"name":"CustomerId","type":"number","data_type_info":"Customer","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"SkuId","type":"number"},{"name":"ItemName","type":"string"},{"name":"SkuCode","type":"string"},{"name":"SkuImage","type":"string"},{"name":"SpecWord","type":"string"},{"name":"Quantity","type":"number"},{"name":"Price","type":"number"}],"data_type_info":"Cart","state":"valid","reason":"known_data_object","false_positive":false},{"name":"click","filename":"service/iot1clickprojects/validators.go","detector_type":"Go","properties":[{"name":"userID","type":"function","data_type_info":"User","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"HandleInitialize","type":"function"}],"data_type_info":"Click","state":"valid","reason":"known_data_object","false_positive":false},{"name":"CommentGetter","type":"object","filename":"pkg/sql/schemachanger/scdecomp/decomp.go","detector_type":"Go","state":"invalid","properties":[]},{"name":"volumesnapshotcontentGetter","filename":"pkg/models/resources/v1alpha3/volumesnapshotcontent/volumesnapshotcontent.go","detector_type":"Go","properties":[{"name":"informers","type":"object"},{"name":"Get","type":"function"},{"name":"List","type":"function"},{"name":"compare","type":"function"},{"name":"ShopperId","type":"function","data_type_info":"Shopper","state":"valid","reason":"known_database_identifier","false_positive":false}],"state":"valid"},{"name":"validateOpStartConversation","filename":"service/lexruntimev2/validators.go","detector_type":"Go","properties":[{"name":"USER_ID","type":"function","data_type_info":"User","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"HandleInitialize","type":"function"}],"data_type_info":"Conversation","state":"valid","reason":"known_data_object","false_positive":false},{"name":"venueLocationItem","filename":"pkg/importer/swarm/api.go","detector_type":"Go","properties":[{"name":"Address","type":"string"},{"name":"City","type":"string"},{"name":"PostalCode","type":"string"},{"name":"State","type":"string"},{"name":"Country","type":"string"},{"name":"Lat","type":"number"},{"name":"Lng","type":"number"}]},{"name":"venueItem","filename":"pkg/importer/swarm/api.go","detector_type":"Go","properties":[{"name":"Id","type":"string"},{"name":"Name","type":"string"},{"name":"Location","type":"object"},{"name":"Categories","type":"object"},{"name":"primaryCategory","type":"function"},{"name":"icon","type":"function"}]},{"name":"venueCategory","filename":"pkg/importer/swarm/api.go","detector_type":"Go","properties":[{"name":"Primary","type":"boolean"},{"name":"Name","type":"string"},{"name":"Icon","type":"object"}]},{"name":"verifyCredentialsResp","filename":"builtin/credential/github/path_login.go","detector_type":"Go","properties":[{"name":"UserId","type":"object","data_type_info":"User","state":"valid","reason":"valid_object_and_db_identifier","false_positive":false},{"name":"Org","type":"object"},{"name":"Policies","type":"object"},{"name":"TeamNames","type":"object"},{"name":"Warnings","type":"object"},{"name":"Config","type":"object"}],"state":"valid"},{"name":"wallet","filename":"design-pattern/structual/facade/facade.go","detector_type":"Go","properties":[{"name":"balance","type":"number"},{"name":"creditRemaining","type":"function"},{"name":"debitBalance","type":"function"}]},{"name":"trading","filename":"tools/executiontester/blockchain/trading.go","detector_type":"Go","properties":[{"name":"kyber","type":"string"},{"name":"kyberProxy","type":"string"},{"name":"reserve","type":"string"},{"name":"creditTotal","type":"string","data_type_info":"Credit","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"expectedRate","type":"string"},{"name":"conversionRate","type":"string"},{"name":"eapStorage","type":"string"},{"name":"fpManage","type":"string"},{"name":"stbToken","type":"string"},{"name":"CreateReserve","type":"function"},{"name":"CreditCapacity","type":"function","data_type_info":"Credit Capacity","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Start","type":"function"},{"name":"QuoteRate","type":"function"},{"name":"Trade","type":"function"},{"name":"SetTrading","type":"function"},{"name":"SetTradingProxy","type":"function"},{"name":"SetExpectedRate","type":"function"},{"name":"SetEapStorage","type":"function"},{"name":"SetFpManage","type":"function"},{"name":"SetStableToken","type":"function"}],"state":"valid"}] diff --git a/pkg/classification/schema/fixtures/java.json b/internal/classification/schema/fixtures/java.json similarity index 100% rename from pkg/classification/schema/fixtures/java.json rename to internal/classification/schema/fixtures/java.json diff --git a/pkg/classification/schema/fixtures/javascript.json b/internal/classification/schema/fixtures/javascript.json similarity index 100% rename from pkg/classification/schema/fixtures/javascript.json rename to internal/classification/schema/fixtures/javascript.json diff --git a/pkg/classification/schema/fixtures/php.json b/internal/classification/schema/fixtures/php.json similarity index 100% rename from pkg/classification/schema/fixtures/php.json rename to internal/classification/schema/fixtures/php.json diff --git a/pkg/classification/schema/fixtures/python.json b/internal/classification/schema/fixtures/python.json similarity index 100% rename from pkg/classification/schema/fixtures/python.json rename to internal/classification/schema/fixtures/python.json diff --git a/pkg/classification/schema/fixtures/ruby.json b/internal/classification/schema/fixtures/ruby.json similarity index 100% rename from pkg/classification/schema/fixtures/ruby.json rename to internal/classification/schema/fixtures/ruby.json diff --git a/pkg/classification/schema/fixtures/typescript.json b/internal/classification/schema/fixtures/typescript.json similarity index 100% rename from pkg/classification/schema/fixtures/typescript.json rename to internal/classification/schema/fixtures/typescript.json diff --git a/pkg/classification/schema/internal/testhelper/testhelper.go b/internal/classification/schema/internal/testhelper/testhelper.go similarity index 97% rename from pkg/classification/schema/internal/testhelper/testhelper.go rename to internal/classification/schema/internal/testhelper/testhelper.go index d1884059c..792b84f27 100644 --- a/pkg/classification/schema/internal/testhelper/testhelper.go +++ b/internal/classification/schema/internal/testhelper/testhelper.go @@ -4,9 +4,9 @@ import ( "encoding/json" "os" - "github.com/bearer/bearer/pkg/classification/schema" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/util/classify" + "github.com/bearer/bearer/internal/classification/schema" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/util/classify" "github.com/stretchr/testify/assert" ) diff --git a/pkg/classification/schema/kpi_test.go b/internal/classification/schema/kpi_test.go similarity index 97% rename from pkg/classification/schema/kpi_test.go rename to internal/classification/schema/kpi_test.go index ab05f513a..51b100ea1 100644 --- a/pkg/classification/schema/kpi_test.go +++ b/internal/classification/schema/kpi_test.go @@ -3,9 +3,9 @@ package schema_test import ( "testing" - "github.com/bearer/bearer/pkg/classification/db" - "github.com/bearer/bearer/pkg/classification/schema" - "github.com/bearer/bearer/pkg/classification/schema/internal/testhelper" + "github.com/bearer/bearer/internal/classification/db" + "github.com/bearer/bearer/internal/classification/schema" + "github.com/bearer/bearer/internal/classification/schema/internal/testhelper" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/classification/schema/schema.go b/internal/classification/schema/schema.go similarity index 98% rename from pkg/classification/schema/schema.go rename to internal/classification/schema/schema.go index 62ccf96fe..57d5a453f 100644 --- a/pkg/classification/schema/schema.go +++ b/internal/classification/schema/schema.go @@ -3,12 +3,12 @@ package schema import ( "regexp" - "github.com/bearer/bearer/pkg/flag" + "github.com/bearer/bearer/internal/flag" - "github.com/bearer/bearer/pkg/classification/db" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/util/classify" - "github.com/bearer/bearer/pkg/util/normalize_key" + "github.com/bearer/bearer/internal/classification/db" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/util/classify" + "github.com/bearer/bearer/internal/util/normalize_key" ) var regexpIdentifierMatcher = regexp.MustCompile(`(uu)?id$`) diff --git a/pkg/classification/schema/schema_test.go b/internal/classification/schema/schema_test.go similarity index 98% rename from pkg/classification/schema/schema_test.go rename to internal/classification/schema/schema_test.go index d0ac2c5c2..c9b83c59d 100644 --- a/pkg/classification/schema/schema_test.go +++ b/internal/classification/schema/schema_test.go @@ -3,11 +3,11 @@ package schema_test import ( "testing" - "github.com/bearer/bearer/pkg/classification/db" - "github.com/bearer/bearer/pkg/classification/schema" - "github.com/bearer/bearer/pkg/report/detectors" - reportschema "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/util/classify" + "github.com/bearer/bearer/internal/classification/db" + "github.com/bearer/bearer/internal/classification/schema" + "github.com/bearer/bearer/internal/report/detectors" + reportschema "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/util/classify" "github.com/stretchr/testify/assert" ) diff --git a/pkg/commands/app.go b/internal/commands/app.go similarity index 97% rename from pkg/commands/app.go rename to internal/commands/app.go index 2e05acf87..28a9abcf4 100644 --- a/pkg/commands/app.go +++ b/internal/commands/app.go @@ -3,8 +3,8 @@ package commands import ( "fmt" - "github.com/bearer/bearer/pkg/commands/artifact" - "github.com/bearer/bearer/pkg/flag" + "github.com/bearer/bearer/internal/commands/artifact" + "github.com/bearer/bearer/internal/flag" "github.com/spf13/cobra" ) diff --git a/pkg/commands/artifact/run.go b/internal/commands/artifact/run.go similarity index 86% rename from pkg/commands/artifact/run.go rename to internal/commands/artifact/run.go index 530b34b93..858e51717 100644 --- a/pkg/commands/artifact/run.go +++ b/internal/commands/artifact/run.go @@ -16,26 +16,26 @@ import ( "golang.org/x/exp/maps" "github.com/bearer/bearer/api" - evalstats "github.com/bearer/bearer/new/detector/evaluator/stats" - "github.com/bearer/bearer/pkg/commands/artifact/scanid" - "github.com/bearer/bearer/pkg/commands/process/filelist" - "github.com/bearer/bearer/pkg/commands/process/filelist/files" - "github.com/bearer/bearer/pkg/commands/process/gitrepository" - "github.com/bearer/bearer/pkg/commands/process/orchestrator" - "github.com/bearer/bearer/pkg/commands/process/orchestrator/work" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/flag" - "github.com/bearer/bearer/pkg/report/basebranchfindings" - reportoutput "github.com/bearer/bearer/pkg/report/output" - "github.com/bearer/bearer/pkg/report/output/saas" - "github.com/bearer/bearer/pkg/report/output/stats" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" - "github.com/bearer/bearer/pkg/util/ignore" - ignoretypes "github.com/bearer/bearer/pkg/util/ignore/types" - outputhandler "github.com/bearer/bearer/pkg/util/output" - "github.com/bearer/bearer/pkg/version_check" - - "github.com/bearer/bearer/pkg/types" + "github.com/bearer/bearer/internal/commands/artifact/scanid" + "github.com/bearer/bearer/internal/commands/process/filelist" + "github.com/bearer/bearer/internal/commands/process/filelist/files" + "github.com/bearer/bearer/internal/commands/process/gitrepository" + "github.com/bearer/bearer/internal/commands/process/orchestrator" + "github.com/bearer/bearer/internal/commands/process/orchestrator/work" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/report/basebranchfindings" + reportoutput "github.com/bearer/bearer/internal/report/output" + "github.com/bearer/bearer/internal/report/output/saas" + "github.com/bearer/bearer/internal/report/output/stats" + outputtypes "github.com/bearer/bearer/internal/report/output/types" + scannerstats "github.com/bearer/bearer/internal/scanner/stats" + "github.com/bearer/bearer/internal/util/ignore" + ignoretypes "github.com/bearer/bearer/internal/util/ignore/types" + outputhandler "github.com/bearer/bearer/internal/util/output" + "github.com/bearer/bearer/internal/version_check" + + "github.com/bearer/bearer/internal/types" ) var ErrFileListEmpty = errors.New("couldn't find any files to scan in the specified directory") @@ -67,22 +67,25 @@ type Runner interface { } type runner struct { - reportPath string + targetPath, + reportPath string reuseDetection bool goclocResult *gocloc.Result scanSettings settings.Config - stats *evalstats.Stats + stats *scannerstats.Stats } // NewRunner initializes Runner that provides scanning functionalities. func NewRunner( ctx context.Context, scanSettings settings.Config, + targetPath string, goclocResult *gocloc.Result, - stats *evalstats.Stats, + stats *scannerstats.Stats, ) Runner { r := &runner{ scanSettings: scanSettings, + targetPath: targetPath, goclocResult: goclocResult, stats: stats, } @@ -150,17 +153,12 @@ func (r *runner) Scan(ctx context.Context, opts flag.Options) ([]files.File, *ba outputhandler.StdErrLog(fmt.Sprintf("Scanning target %s", opts.Target)) } - targetPath, err := filepath.Abs(opts.Target) - if err != nil { - return nil, nil, fmt.Errorf("failed to get absolute target: %w", err) - } - - repository, err := gitrepository.New(ctx, r.scanSettings, targetPath, opts.DiffBaseBranch) + repository, err := gitrepository.New(ctx, r.scanSettings, r.targetPath, opts.DiffBaseBranch) if err != nil { return nil, nil, fmt.Errorf("git repository error: %w", err) } - fileList, err := filelist.Discover(repository, targetPath, r.goclocResult, r.scanSettings) + fileList, err := filelist.Discover(repository, r.targetPath, r.goclocResult, r.scanSettings) if err != nil { return nil, nil, err } @@ -170,7 +168,7 @@ func (r *runner) Scan(ctx context.Context, opts flag.Options) ([]files.File, *ba } orchestrator, err := orchestrator.New( - work.Repository{Dir: opts.Target}, + work.Repository{Dir: r.targetPath}, r.scanSettings, r.stats, len(fileList.Files), @@ -252,7 +250,12 @@ func getIgnoredFingerprints(client *api.API, settings settings.Config) ( // Run performs artifact scanning func Run(ctx context.Context, opts flag.Options) (err error) { - inputgocloc, err := stats.GoclocDetectorOutput(opts.ScanOptions.Target) + targetPath, err := filepath.Abs(opts.Target) + if err != nil { + return fmt.Errorf("failed to get absolute target: %w", err) + } + + inputgocloc, err := stats.GoclocDetectorOutput(targetPath) if err != nil { log.Debug().Msgf("Error in line of code output %s", err) return err @@ -298,14 +301,14 @@ func Run(ctx context.Context, opts flag.Options) (err error) { } }() - var stats *evalstats.Stats + var stats *scannerstats.Stats if scanSettings.Debug { - stats = evalstats.New() + stats = scannerstats.New() } gitrepository.ConfigureGithubAuth(scanSettings.Scan.GithubToken) - r := NewRunner(ctx, scanSettings, inputgocloc, stats) + r := NewRunner(ctx, scanSettings, targetPath, inputgocloc, stats) defer r.Close(ctx) files, baseBranchFindings, err := r.Scan(ctx, opts) diff --git a/pkg/commands/artifact/run_test.go b/internal/commands/artifact/run_test.go similarity index 100% rename from pkg/commands/artifact/run_test.go rename to internal/commands/artifact/run_test.go diff --git a/pkg/commands/artifact/scanid/scanid.go b/internal/commands/artifact/scanid/scanid.go similarity index 97% rename from pkg/commands/artifact/scanid/scanid.go rename to internal/commands/artifact/scanid/scanid.go index 44f6d2d47..315515460 100644 --- a/pkg/commands/artifact/scanid/scanid.go +++ b/internal/commands/artifact/scanid/scanid.go @@ -14,7 +14,7 @@ import ( "github.com/rs/zerolog/log" "github.com/bearer/bearer/cmd/bearer/build" - "github.com/bearer/bearer/pkg/commands/process/settings" + "github.com/bearer/bearer/internal/commands/process/settings" ) func Build(scanSettings settings.Config) (string, error) { diff --git a/pkg/commands/debugprofile/debugprofile.go b/internal/commands/debugprofile/debugprofile.go similarity index 96% rename from pkg/commands/debugprofile/debugprofile.go rename to internal/commands/debugprofile/debugprofile.go index f0ecdfaea..409b4af87 100644 --- a/pkg/commands/debugprofile/debugprofile.go +++ b/internal/commands/debugprofile/debugprofile.go @@ -7,7 +7,7 @@ import ( "github.com/rs/zerolog/log" "github.com/spf13/viper" - "github.com/bearer/bearer/pkg/flag" + "github.com/bearer/bearer/internal/flag" ) var cpuFile *os.File diff --git a/pkg/commands/ignore.go b/internal/commands/ignore.go similarity index 98% rename from pkg/commands/ignore.go rename to internal/commands/ignore.go index 6f9ac1c47..401e9a15d 100644 --- a/pkg/commands/ignore.go +++ b/internal/commands/ignore.go @@ -7,13 +7,14 @@ import ( "os" "strings" - "github.com/bearer/bearer/pkg/flag" - "github.com/bearer/bearer/pkg/report/output/saas" - "github.com/bearer/bearer/pkg/util/ignore" - ignoretypes "github.com/bearer/bearer/pkg/util/ignore/types" - "github.com/bearer/bearer/pkg/util/output" "github.com/spf13/cobra" "github.com/spf13/viper" + + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/report/output/saas" + "github.com/bearer/bearer/internal/util/ignore" + ignoretypes "github.com/bearer/bearer/internal/util/ignore/types" + "github.com/bearer/bearer/internal/util/output" ) var migratedIgnoreComment = "migrated from bearer.yml" diff --git a/pkg/commands/init.go b/internal/commands/init.go similarity index 100% rename from pkg/commands/init.go rename to internal/commands/init.go diff --git a/pkg/commands/process/filelist/filelist.go b/internal/commands/process/filelist/filelist.go similarity index 82% rename from pkg/commands/process/filelist/filelist.go rename to internal/commands/process/filelist/filelist.go index 1ee943ac8..559a49889 100644 --- a/pkg/commands/process/filelist/filelist.go +++ b/internal/commands/process/filelist/filelist.go @@ -8,11 +8,11 @@ import ( "github.com/hhatto/gocloc" "github.com/rs/zerolog/log" - flfiles "github.com/bearer/bearer/pkg/commands/process/filelist/files" - "github.com/bearer/bearer/pkg/commands/process/filelist/ignore" - "github.com/bearer/bearer/pkg/commands/process/filelist/timeout" - "github.com/bearer/bearer/pkg/commands/process/gitrepository" - "github.com/bearer/bearer/pkg/commands/process/settings" + flfiles "github.com/bearer/bearer/internal/commands/process/filelist/files" + "github.com/bearer/bearer/internal/commands/process/filelist/ignore" + "github.com/bearer/bearer/internal/commands/process/filelist/timeout" + "github.com/bearer/bearer/internal/commands/process/gitrepository" + "github.com/bearer/bearer/internal/commands/process/settings" ) // Discover searches directory for files to scan, skipping the ones specified by skip config and assigning timeout speficfied by timeout config diff --git a/pkg/commands/process/filelist/filelist_test.go b/internal/commands/process/filelist/filelist_test.go similarity index 93% rename from pkg/commands/process/filelist/filelist_test.go rename to internal/commands/process/filelist/filelist_test.go index f6a69417b..7f0d9c303 100644 --- a/pkg/commands/process/filelist/filelist_test.go +++ b/internal/commands/process/filelist/filelist_test.go @@ -4,10 +4,10 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/commands/process/filelist" - "github.com/bearer/bearer/pkg/commands/process/filelist/files" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/flag" + "github.com/bearer/bearer/internal/commands/process/filelist" + "github.com/bearer/bearer/internal/commands/process/filelist/files" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/flag" "github.com/hhatto/gocloc" "github.com/stretchr/testify/assert" ) diff --git a/pkg/commands/process/filelist/files/files.go b/internal/commands/process/filelist/files/files.go similarity index 77% rename from pkg/commands/process/filelist/files/files.go rename to internal/commands/process/filelist/files/files.go index d057907ee..2d77a567b 100644 --- a/pkg/commands/process/filelist/files/files.go +++ b/internal/commands/process/filelist/files/files.go @@ -3,7 +3,7 @@ package files import ( "time" - bbftypes "github.com/bearer/bearer/pkg/report/basebranchfindings/types" + bbftypes "github.com/bearer/bearer/internal/report/basebranchfindings/types" ) type List struct { diff --git a/pkg/commands/process/filelist/ignore/ignore.go b/internal/commands/process/filelist/ignore/ignore.go similarity index 94% rename from pkg/commands/process/filelist/ignore/ignore.go rename to internal/commands/process/filelist/ignore/ignore.go index 0bf26cba0..80acbbff8 100644 --- a/pkg/commands/process/filelist/ignore/ignore.go +++ b/internal/commands/process/filelist/ignore/ignore.go @@ -1,13 +1,12 @@ package ignore import ( - "fmt" "io/fs" "os" "path/filepath" "strings" - "github.com/bearer/bearer/pkg/commands/process/settings" + "github.com/bearer/bearer/internal/commands/process/settings" "github.com/hhatto/gocloc" "github.com/rs/zerolog/log" ignore "github.com/sabhiram/go-gitignore" @@ -50,7 +49,7 @@ func (fileignore *FileIgnore) Ignore( log.Debug().Msgf("skipping file due to size: %s %s", projectPath, relativePath) return true } - if isMinified(fmt.Sprintf("%s%s", projectPath, filePath), fileInfo.Size(), goclocResult) { + if isMinified(filePath, fileInfo.Size(), goclocResult) { log.Debug().Msgf("skipping file (suspected minified JS): %s %s", projectPath, filePath) return true } diff --git a/pkg/commands/process/filelist/testdata/happy_path/skip/users/admin.go b/internal/commands/process/filelist/testdata/happy_path/skip/users/admin.go similarity index 100% rename from pkg/commands/process/filelist/testdata/happy_path/skip/users/admin.go rename to internal/commands/process/filelist/testdata/happy_path/skip/users/admin.go diff --git a/pkg/commands/process/filelist/testdata/happy_path/skip/users/minifiedJs.min.js b/internal/commands/process/filelist/testdata/happy_path/skip/users/minifiedJs.min.js similarity index 100% rename from pkg/commands/process/filelist/testdata/happy_path/skip/users/minifiedJs.min.js rename to internal/commands/process/filelist/testdata/happy_path/skip/users/minifiedJs.min.js diff --git a/pkg/commands/process/filelist/testdata/happy_path/skip/users/users.go b/internal/commands/process/filelist/testdata/happy_path/skip/users/users.go similarity index 100% rename from pkg/commands/process/filelist/testdata/happy_path/skip/users/users.go rename to internal/commands/process/filelist/testdata/happy_path/skip/users/users.go diff --git a/pkg/commands/process/filelist/testdata/happy_path/standard/user.go b/internal/commands/process/filelist/testdata/happy_path/standard/user.go similarity index 100% rename from pkg/commands/process/filelist/testdata/happy_path/standard/user.go rename to internal/commands/process/filelist/testdata/happy_path/standard/user.go diff --git a/pkg/commands/process/filelist/timeout/timeout.go b/internal/commands/process/filelist/timeout/timeout.go similarity index 89% rename from pkg/commands/process/filelist/timeout/timeout.go rename to internal/commands/process/filelist/timeout/timeout.go index 0aab07f39..3a2f52107 100644 --- a/pkg/commands/process/filelist/timeout/timeout.go +++ b/internal/commands/process/filelist/timeout/timeout.go @@ -4,7 +4,7 @@ import ( "io/fs" "time" - "github.com/bearer/bearer/pkg/commands/process/settings" + "github.com/bearer/bearer/internal/commands/process/settings" ) func Assign(fileInfo fs.FileInfo, config settings.Config) time.Duration { diff --git a/pkg/commands/process/gitrepository/gitrepository.go b/internal/commands/process/gitrepository/gitrepository.go similarity index 96% rename from pkg/commands/process/gitrepository/gitrepository.go rename to internal/commands/process/gitrepository/gitrepository.go index 54955addc..d418c7575 100644 --- a/pkg/commands/process/gitrepository/gitrepository.go +++ b/internal/commands/process/gitrepository/gitrepository.go @@ -22,12 +22,12 @@ import ( "github.com/rs/zerolog/log" "golang.org/x/oauth2" - "github.com/bearer/bearer/pkg/commands/process/filelist/files" - "github.com/bearer/bearer/pkg/commands/process/filelist/ignore" - "github.com/bearer/bearer/pkg/commands/process/filelist/timeout" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/basebranchfindings" - bbftypes "github.com/bearer/bearer/pkg/report/basebranchfindings/types" + "github.com/bearer/bearer/internal/commands/process/filelist/files" + "github.com/bearer/bearer/internal/commands/process/filelist/ignore" + "github.com/bearer/bearer/internal/commands/process/filelist/timeout" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/report/basebranchfindings" + bbftypes "github.com/bearer/bearer/internal/report/basebranchfindings/types" ) type Repository struct { diff --git a/pkg/commands/process/orchestrator/orchestrator.go b/internal/commands/process/orchestrator/orchestrator.go similarity index 90% rename from pkg/commands/process/orchestrator/orchestrator.go rename to internal/commands/process/orchestrator/orchestrator.go index 727305627..5a29a3199 100644 --- a/pkg/commands/process/orchestrator/orchestrator.go +++ b/internal/commands/process/orchestrator/orchestrator.go @@ -10,15 +10,16 @@ import ( "github.com/rs/zerolog/log" - "github.com/bearer/bearer/new/detector/evaluator/stats" - "github.com/bearer/bearer/pkg/commands/process/filelist/files" - "github.com/bearer/bearer/pkg/commands/process/orchestrator/pool" - "github.com/bearer/bearer/pkg/commands/process/orchestrator/work" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/util/jsonlines" - bearerprogress "github.com/bearer/bearer/pkg/util/progressbar" - "github.com/bearer/bearer/pkg/util/tmpfile" + "github.com/bearer/bearer/internal/commands/process/filelist/files" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/scanner/stats" + "github.com/bearer/bearer/internal/util/jsonlines" + bearerprogress "github.com/bearer/bearer/internal/util/progressbar" + "github.com/bearer/bearer/internal/util/tmpfile" + + "github.com/bearer/bearer/internal/commands/process/orchestrator/pool" + "github.com/bearer/bearer/internal/commands/process/orchestrator/work" ) type Orchestrator struct { diff --git a/pkg/commands/process/orchestrator/pool/pool.go b/internal/commands/process/orchestrator/pool/pool.go similarity index 90% rename from pkg/commands/process/orchestrator/pool/pool.go rename to internal/commands/process/orchestrator/pool/pool.go index 0b6cf9ec0..d756983b3 100644 --- a/pkg/commands/process/orchestrator/pool/pool.go +++ b/internal/commands/process/orchestrator/pool/pool.go @@ -7,12 +7,13 @@ import ( "sync" "time" - "github.com/bearer/bearer/new/detector/evaluator/stats" - "github.com/bearer/bearer/pkg/commands/process/orchestrator/work" - "github.com/bearer/bearer/pkg/commands/process/orchestrator/worker" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/util/output" "github.com/rs/zerolog/log" + + "github.com/bearer/bearer/internal/commands/process/orchestrator/work" + "github.com/bearer/bearer/internal/commands/process/orchestrator/worker" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/scanner/stats" + "github.com/bearer/bearer/internal/util/output" ) type Pool struct { diff --git a/pkg/commands/process/orchestrator/pool/process.go b/internal/commands/process/orchestrator/pool/process.go similarity index 96% rename from pkg/commands/process/orchestrator/pool/process.go rename to internal/commands/process/orchestrator/pool/process.go index e035f741e..90191d93b 100644 --- a/pkg/commands/process/orchestrator/pool/process.go +++ b/internal/commands/process/orchestrator/pool/process.go @@ -13,15 +13,16 @@ import ( "os/exec" "strconv" "strings" + "syscall" "time" "github.com/rs/zerolog/log" gopsutilprocess "github.com/shirou/gopsutil/v3/process" - "github.com/bearer/bearer/pkg/commands/process/orchestrator/work" - "github.com/bearer/bearer/pkg/commands/process/orchestrator/worker" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/util/output" + "github.com/bearer/bearer/internal/commands/process/orchestrator/work" + "github.com/bearer/bearer/internal/commands/process/orchestrator/worker" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/util/output" ) var ( @@ -58,6 +59,7 @@ func newProcess(options *ProcessOptions, id string) (*Process, error) { arguments := append( options.baseArguments, + "--parent-process-id", strconv.Itoa(syscall.Getpid()), "--port", strconv.Itoa(port), "--worker-id", id, ) diff --git a/pkg/commands/process/orchestrator/work/work.go b/internal/commands/process/orchestrator/work/work.go similarity index 78% rename from pkg/commands/process/orchestrator/work/work.go rename to internal/commands/process/orchestrator/work/work.go index b73808f87..71068f6f7 100644 --- a/pkg/commands/process/orchestrator/work/work.go +++ b/internal/commands/process/orchestrator/work/work.go @@ -1,8 +1,8 @@ package work import ( - "github.com/bearer/bearer/new/detector/evaluator/stats" - "github.com/bearer/bearer/pkg/commands/process/filelist/files" + "github.com/bearer/bearer/internal/commands/process/filelist/files" + "github.com/bearer/bearer/internal/scanner/stats" ) type InitializeResponse struct { diff --git a/pkg/commands/process/orchestrator/worker/worker.go b/internal/commands/process/orchestrator/worker/worker.go similarity index 66% rename from pkg/commands/process/orchestrator/worker/worker.go rename to internal/commands/process/orchestrator/worker/worker.go index cf943e70c..a06f456a8 100644 --- a/pkg/commands/process/orchestrator/worker/worker.go +++ b/internal/commands/process/orchestrator/worker/worker.go @@ -6,37 +6,41 @@ import ( "errors" "fmt" "net" + "net/http" "os" "os/signal" - - "net/http" "runtime" + "slices" + "syscall" + "time" - "github.com/bearer/bearer/new/detector/evaluator/stats" - customdetector "github.com/bearer/bearer/new/scanner" - "github.com/bearer/bearer/pkg/classification" - "github.com/bearer/bearer/pkg/commands/debugprofile" - "github.com/bearer/bearer/pkg/commands/process/orchestrator/work" - config "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/report/writer" "github.com/rs/zerolog/log" - "golang.org/x/exp/slices" + + "github.com/bearer/bearer/internal/classification" + "github.com/bearer/bearer/internal/commands/debugprofile" + config "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/report/writer" + "github.com/bearer/bearer/internal/scanner" + "github.com/bearer/bearer/internal/scanner/stats" + + "github.com/bearer/bearer/internal/commands/process/orchestrator/work" ) var ErrorTimeoutReached = errors.New("file processing time exceeded") type Worker struct { - debug bool - classifer *classification.Classifier - scanners []string + debug bool + classifer *classification.Classifier + enabledScanners []string + sastScanner *scanner.Scanner } func (worker *Worker) Setup(config config.Config) error { worker.debug = config.Debug - worker.scanners = config.Scan.Scanner + worker.enabledScanners = config.Scan.Scanner - if slices.Contains(worker.scanners, "sast") { + if slices.Contains(worker.enabledScanners, "sast") { classifier, err := classification.NewClassifier(&classification.Config{Config: config}) if err != nil { return err @@ -47,11 +51,12 @@ func (worker *Worker) Setup(config config.Config) error { return err } - err = customdetector.Setup(&config, classifier) + sastScanner, err := scanner.New(classifier.Schema, config.Rules) if err != nil { return err } + worker.sastScanner = sastScanner worker.classifer = classifier } @@ -79,7 +84,8 @@ func (worker *Worker) Scan(ctx context.Context, scanRequest work.ProcessRequest) File: file, }, fileStats, - worker.scanners, + worker.enabledScanners, + worker.sastScanner, ) if ctx.Err() != nil { @@ -89,10 +95,17 @@ func (worker *Worker) Scan(ctx context.Context, scanRequest work.ProcessRequest) return fileStats, err } -func Start(port string) error { +func (worker *Worker) Close() { + if worker.sastScanner != nil { + worker.sastScanner.Close() + } +} + +func Start(parentProcessID int, port string) error { worker := Worker{} - ctx, _ := signal.NotifyContext(context.Background(), os.Interrupt) + ctx, cancelProcess := signal.NotifyContext(context.Background(), os.Interrupt) + go monitorParentProcess(ctx, parentProcessID, cancelProcess) server := &http.Server{ Addr: `localhost:` + port, @@ -152,7 +165,7 @@ func Start(port string) error { log.Debug().Msgf("error shutting down server: %s", err) } - customdetector.Close() + worker.Close() close(done) }() @@ -165,3 +178,19 @@ func Start(port string) error { <-done return nil } + +func monitorParentProcess(ctx context.Context, parentProcessID int, cancel func()) { + timer := time.NewTimer(5 * time.Second) + + for { + select { + case <-timer.C: + if syscall.Getppid() != parentProcessID { + log.Debug().Msg("parent process gone, stopping") + cancel() + } + case <-ctx.Done(): + return + } + } +} diff --git a/pkg/commands/process/settings/built_in_rules/sql/lang/create_table.yml b/internal/commands/process/settings/built_in_rules/sql/lang/create_table.yml similarity index 100% rename from pkg/commands/process/settings/built_in_rules/sql/lang/create_table.yml rename to internal/commands/process/settings/built_in_rules/sql/lang/create_table.yml diff --git a/pkg/commands/process/settings/built_in_rules/third_party/gitleaks/secret_detection.yml b/internal/commands/process/settings/built_in_rules/third_party/gitleaks/secret_detection.yml similarity index 100% rename from pkg/commands/process/settings/built_in_rules/third_party/gitleaks/secret_detection.yml rename to internal/commands/process/settings/built_in_rules/third_party/gitleaks/secret_detection.yml diff --git a/pkg/commands/process/settings/policies.yml b/internal/commands/process/settings/policies.yml similarity index 100% rename from pkg/commands/process/settings/policies.yml rename to internal/commands/process/settings/policies.yml diff --git a/pkg/commands/process/settings/policies/common.rego b/internal/commands/process/settings/policies/common.rego similarity index 100% rename from pkg/commands/process/settings/policies/common.rego rename to internal/commands/process/settings/policies/common.rego diff --git a/pkg/commands/process/settings/policies/privacy_report.rego b/internal/commands/process/settings/policies/privacy_report.rego similarity index 100% rename from pkg/commands/process/settings/policies/privacy_report.rego rename to internal/commands/process/settings/policies/privacy_report.rego diff --git a/pkg/commands/process/settings/policies/risk_policy.rego b/internal/commands/process/settings/policies/risk_policy.rego similarity index 100% rename from pkg/commands/process/settings/policies/risk_policy.rego rename to internal/commands/process/settings/policies/risk_policy.rego diff --git a/pkg/commands/process/settings/policies/verifier_policy.rego b/internal/commands/process/settings/policies/verifier_policy.rego similarity index 100% rename from pkg/commands/process/settings/policies/verifier_policy.rego rename to internal/commands/process/settings/policies/verifier_policy.rego diff --git a/pkg/commands/process/settings/processors/db_encrypted.rego b/internal/commands/process/settings/processors/db_encrypted.rego similarity index 100% rename from pkg/commands/process/settings/processors/db_encrypted.rego rename to internal/commands/process/settings/processors/db_encrypted.rego diff --git a/pkg/commands/process/settings/processors/rails_encrypted.rego b/internal/commands/process/settings/processors/rails_encrypted.rego similarity index 100% rename from pkg/commands/process/settings/processors/rails_encrypted.rego rename to internal/commands/process/settings/processors/rails_encrypted.rego diff --git a/pkg/commands/process/settings/regexp.go b/internal/commands/process/settings/regexp.go similarity index 100% rename from pkg/commands/process/settings/regexp.go rename to internal/commands/process/settings/regexp.go diff --git a/pkg/commands/process/settings/ruleLoader.go b/internal/commands/process/settings/ruleLoader.go similarity index 100% rename from pkg/commands/process/settings/ruleLoader.go rename to internal/commands/process/settings/ruleLoader.go diff --git a/pkg/commands/process/settings/ruleValidator.go b/internal/commands/process/settings/ruleValidator.go similarity index 96% rename from pkg/commands/process/settings/ruleValidator.go rename to internal/commands/process/settings/ruleValidator.go index d60782f02..26d52c4ef 100644 --- a/pkg/commands/process/settings/ruleValidator.go +++ b/internal/commands/process/settings/ruleValidator.go @@ -23,7 +23,7 @@ func ValidateRule(entry []byte, filename string) string { jsonData, err := yaml.YAMLToJSON(entry) if err != nil { - validationStr.WriteString("File fdormat is invalid") + validationStr.WriteString("File format is invalid") return validationStr.String() } diff --git a/pkg/commands/process/settings/rules.go b/internal/commands/process/settings/rules.go similarity index 97% rename from pkg/commands/process/settings/rules.go rename to internal/commands/process/settings/rules.go index 763976b5e..9664eae73 100644 --- a/pkg/commands/process/settings/rules.go +++ b/internal/commands/process/settings/rules.go @@ -7,13 +7,14 @@ import ( "path/filepath" "strings" - "github.com/bearer/bearer/pkg/flag" - "github.com/bearer/bearer/pkg/report/customdetectors" - "github.com/bearer/bearer/pkg/util/output" - "github.com/bearer/bearer/pkg/util/set" - "github.com/bearer/bearer/pkg/version_check" "github.com/rs/zerolog/log" "gopkg.in/yaml.v3" + + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/report/customdetectors" + "github.com/bearer/bearer/internal/util/output" + "github.com/bearer/bearer/internal/util/set" + "github.com/bearer/bearer/internal/version_check" ) const ( @@ -431,6 +432,7 @@ func BuildRules(definitions map[string]RuleDefinition, enabledRules map[string]s for _, auxiliaryDefinition := range definition.Auxiliary { rules[auxiliaryDefinition.Id] = &Rule{ + Id: auxiliaryDefinition.Id, Type: defaultAuxiliaryRuleType, Languages: definition.Languages, ParamParenting: auxiliaryDefinition.ParamParenting, diff --git a/pkg/commands/process/settings/rules/javascript/lang/jwt/.snapshots/TestJavascriptJWT--jwt_insecure.yml b/internal/commands/process/settings/rules/javascript/lang/jwt/.snapshots/TestJavascriptJWT--jwt_insecure.yml similarity index 100% rename from pkg/commands/process/settings/rules/javascript/lang/jwt/.snapshots/TestJavascriptJWT--jwt_insecure.yml rename to internal/commands/process/settings/rules/javascript/lang/jwt/.snapshots/TestJavascriptJWT--jwt_insecure.yml diff --git a/pkg/commands/process/settings/rules/javascript/lang/jwt/testdata/jwt_insecure.js b/internal/commands/process/settings/rules/javascript/lang/jwt/testdata/jwt_insecure.js similarity index 100% rename from pkg/commands/process/settings/rules/javascript/lang/jwt/testdata/jwt_insecure.js rename to internal/commands/process/settings/rules/javascript/lang/jwt/testdata/jwt_insecure.js diff --git a/pkg/commands/process/settings/rules/ruby/lang/weak_encryption/.snapshots/TestRubyLangWeakEncryption--sha1.yml b/internal/commands/process/settings/rules/ruby/lang/weak_encryption/.snapshots/TestRubyLangWeakEncryption--sha1.yml similarity index 100% rename from pkg/commands/process/settings/rules/ruby/lang/weak_encryption/.snapshots/TestRubyLangWeakEncryption--sha1.yml rename to internal/commands/process/settings/rules/ruby/lang/weak_encryption/.snapshots/TestRubyLangWeakEncryption--sha1.yml diff --git a/pkg/commands/process/settings/rules/ruby/lang/weak_encryption/testdata/sha1.rb b/internal/commands/process/settings/rules/ruby/lang/weak_encryption/testdata/sha1.rb similarity index 100% rename from pkg/commands/process/settings/rules/ruby/lang/weak_encryption/testdata/sha1.rb rename to internal/commands/process/settings/rules/ruby/lang/weak_encryption/testdata/sha1.rb diff --git a/pkg/commands/process/settings/settings.go b/internal/commands/process/settings/settings.go similarity index 93% rename from pkg/commands/process/settings/settings.go rename to internal/commands/process/settings/settings.go index bbf9768c7..0e8164af6 100644 --- a/pkg/commands/process/settings/settings.go +++ b/internal/commands/process/settings/settings.go @@ -9,13 +9,14 @@ import ( "gopkg.in/yaml.v3" "github.com/bearer/bearer/api" - "github.com/bearer/bearer/pkg/flag" - globaltypes "github.com/bearer/bearer/pkg/types" - "github.com/bearer/bearer/pkg/util/ignore" - ignoretypes "github.com/bearer/bearer/pkg/util/ignore/types" - "github.com/bearer/bearer/pkg/util/output" - "github.com/bearer/bearer/pkg/util/rego" - "github.com/bearer/bearer/pkg/version_check" + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/util/ignore" + ignoretypes "github.com/bearer/bearer/internal/util/ignore/types" + "github.com/bearer/bearer/internal/util/output" + "github.com/bearer/bearer/internal/util/rego" + "github.com/bearer/bearer/internal/version_check" + + globaltypes "github.com/bearer/bearer/internal/types" ) var ( @@ -90,9 +91,11 @@ const ( type RuleReferenceScope string const ( - CURSOR_SCOPE RuleReferenceScope = "cursor" - NESTED_SCOPE RuleReferenceScope = "nested" - RESULT_SCOPE RuleReferenceScope = "result" + CURSOR_STRICT_SCOPE RuleReferenceScope = "cursor_strict" + CURSOR_SCOPE RuleReferenceScope = "cursor" + NESTED_SCOPE RuleReferenceScope = "nested" + NESTED_STRICT_SCOPE RuleReferenceScope = "nested_strict" + RESULT_SCOPE RuleReferenceScope = "result" DefaultScope = NESTED_SCOPE ) @@ -208,13 +211,19 @@ type Rule struct { OmitParent bool `mapstructure:"omit_parent" json:"omit_parent" yaml:"omit_parent"` } +type RuleReferenceImport struct { + Variable string `mapstructure:"variable" json:"variable" yaml:"variable"` + As string `mapstructure:"as" json:"as" yaml:"as"` +} + type PatternFilter struct { - Not *PatternFilter `mapstructure:"not" json:"not" yaml:"not"` - Either []PatternFilter `mapstructure:"either" json:"either" yaml:"either"` - Variable string `mapstructure:"variable" json:"variable" yaml:"variable"` - Detection string `mapstructure:"detection" json:"detection" yaml:"detection"` - Scope RuleReferenceScope `mapstructure:"scope" json:"scope" yaml:"scope"` - Filters []PatternFilter `mapstructure:"filters" json:"filters" yaml:"filters"` + Not *PatternFilter `mapstructure:"not" json:"not" yaml:"not"` + Either []PatternFilter `mapstructure:"either" json:"either" yaml:"either"` + Variable string `mapstructure:"variable" json:"variable" yaml:"variable"` + Detection string `mapstructure:"detection" json:"detection" yaml:"detection"` + Scope RuleReferenceScope `mapstructure:"scope" json:"scope" yaml:"scope"` + Filters []PatternFilter `mapstructure:"filters" json:"filters" yaml:"filters"` + Imports []RuleReferenceImport `mapstructure:"imports" json:"imports" yaml:"imports"` // Contains is deprecated in favour of Scope Contains *bool `mapstructure:"contains" json:"contains" yaml:"contains"` Regex *Regexp `mapstructure:"regex" json:"regex" yaml:"regex"` diff --git a/pkg/commands/processing_worker.go b/internal/commands/processing_worker.go similarity index 81% rename from pkg/commands/processing_worker.go rename to internal/commands/processing_worker.go index eb6888f0b..a550fe94a 100644 --- a/pkg/commands/processing_worker.go +++ b/internal/commands/processing_worker.go @@ -3,13 +3,14 @@ package commands import ( "fmt" - "github.com/bearer/bearer/pkg/commands/debugprofile" - "github.com/bearer/bearer/pkg/commands/process/orchestrator/worker" - "github.com/bearer/bearer/pkg/flag" - "github.com/bearer/bearer/pkg/util/output" "github.com/rs/zerolog/log" "github.com/spf13/cobra" "github.com/spf13/viper" + + "github.com/bearer/bearer/internal/commands/debugprofile" + "github.com/bearer/bearer/internal/commands/process/orchestrator/worker" + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/util/output" ) func NewProcessingWorkerCommand() *cobra.Command { @@ -44,7 +45,7 @@ func NewProcessingWorkerCommand() *cobra.Command { log.Debug().Msgf("running scan worker on port `%s`", processOptions.Port) - err = worker.Start(processOptions.Port) + err = worker.Start(processOptions.ParentProcessID, processOptions.Port) return err }, Hidden: true, diff --git a/pkg/commands/scan.go b/internal/commands/scan.go similarity index 92% rename from pkg/commands/scan.go rename to internal/commands/scan.go index d2c1eac34..d0a359b48 100644 --- a/pkg/commands/scan.go +++ b/internal/commands/scan.go @@ -3,11 +3,11 @@ package commands import ( "fmt" - "github.com/bearer/bearer/pkg/commands/artifact" - "github.com/bearer/bearer/pkg/commands/debugprofile" - "github.com/bearer/bearer/pkg/flag" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/output" + "github.com/bearer/bearer/internal/commands/artifact" + "github.com/bearer/bearer/internal/commands/debugprofile" + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/output" "github.com/rs/zerolog/log" "github.com/spf13/cobra" "github.com/spf13/viper" diff --git a/pkg/commands/version.go b/internal/commands/version.go similarity index 89% rename from pkg/commands/version.go rename to internal/commands/version.go index 8b1933ebf..8760f4b77 100644 --- a/pkg/commands/version.go +++ b/internal/commands/version.go @@ -3,12 +3,13 @@ package commands import ( "fmt" - "github.com/bearer/bearer/pkg/flag" - "github.com/bearer/bearer/pkg/util/output" - "github.com/bearer/bearer/pkg/version_check" "github.com/rs/zerolog/log" "github.com/spf13/cobra" "github.com/spf13/viper" + + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/util/output" + "github.com/bearer/bearer/internal/version_check" ) func NewVersionCommand(version string, commitSHA string) *cobra.Command { diff --git a/pkg/detectors/beego/.snapshots/TestDetectorReportDatabases b/internal/detectors/beego/.snapshots/TestDetectorReportDatabases similarity index 100% rename from pkg/detectors/beego/.snapshots/TestDetectorReportDatabases rename to internal/detectors/beego/.snapshots/TestDetectorReportDatabases diff --git a/pkg/detectors/beego/beego.go b/internal/detectors/beego/beego.go similarity index 91% rename from pkg/detectors/beego/beego.go rename to internal/detectors/beego/beego.go index e64e6f7f0..6ce37b08a 100644 --- a/pkg/detectors/beego/beego.go +++ b/internal/detectors/beego/beego.go @@ -5,13 +5,13 @@ import ( "github.com/smacker/go-tree-sitter/golang" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/golang_util" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/frameworks/beego" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/golang_util" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/frameworks/beego" + "github.com/bearer/bearer/internal/util/file" ) const ormPackage = "github.com/beego/beego/v2/client/orm" diff --git a/pkg/detectors/beego/beego_test.go b/internal/detectors/beego/beego_test.go similarity index 74% rename from pkg/detectors/beego/beego_test.go rename to internal/detectors/beego/beego_test.go index 014b1ccff..a835bddb6 100644 --- a/pkg/detectors/beego/beego_test.go +++ b/internal/detectors/beego/beego_test.go @@ -6,8 +6,8 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - reportdetectors "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + reportdetectors "github.com/bearer/bearer/internal/report/detectors" ) const detectorType = reportdetectors.DetectorBeego diff --git a/pkg/detectors/beego/testdata/beego/database.go b/internal/detectors/beego/testdata/beego/database.go similarity index 100% rename from pkg/detectors/beego/testdata/beego/database.go rename to internal/detectors/beego/testdata/beego/database.go diff --git a/pkg/detectors/beego/testdata/beego/database2.go b/internal/detectors/beego/testdata/beego/database2.go similarity index 100% rename from pkg/detectors/beego/testdata/beego/database2.go rename to internal/detectors/beego/testdata/beego/database2.go diff --git a/pkg/detectors/beego/testdata/beego/go.mod b/internal/detectors/beego/testdata/beego/go.mod similarity index 100% rename from pkg/detectors/beego/testdata/beego/go.mod rename to internal/detectors/beego/testdata/beego/go.mod diff --git a/pkg/detectors/beego/testdata/beego/main.go b/internal/detectors/beego/testdata/beego/main.go similarity index 100% rename from pkg/detectors/beego/testdata/beego/main.go rename to internal/detectors/beego/testdata/beego/main.go diff --git a/pkg/detectors/beego/testdata/go_not_beego/go.mod b/internal/detectors/beego/testdata/go_not_beego/go.mod similarity index 100% rename from pkg/detectors/beego/testdata/go_not_beego/go.mod rename to internal/detectors/beego/testdata/go_not_beego/go.mod diff --git a/pkg/detectors/beego/testdata/go_not_beego/main.go b/internal/detectors/beego/testdata/go_not_beego/main.go similarity index 100% rename from pkg/detectors/beego/testdata/go_not_beego/main.go rename to internal/detectors/beego/testdata/go_not_beego/main.go diff --git a/pkg/detectors/beego/testdata/not_go/Gemfile b/internal/detectors/beego/testdata/not_go/Gemfile similarity index 100% rename from pkg/detectors/beego/testdata/not_go/Gemfile rename to internal/detectors/beego/testdata/not_go/Gemfile diff --git a/pkg/detectors/csharp/.snapshots/TestDetectorReportDataTypes b/internal/detectors/csharp/.snapshots/TestDetectorReportDataTypes similarity index 100% rename from pkg/detectors/csharp/.snapshots/TestDetectorReportDataTypes rename to internal/detectors/csharp/.snapshots/TestDetectorReportDataTypes diff --git a/pkg/detectors/csharp/.snapshots/TestDetectorReportInterfaces b/internal/detectors/csharp/.snapshots/TestDetectorReportInterfaces similarity index 100% rename from pkg/detectors/csharp/.snapshots/TestDetectorReportInterfaces rename to internal/detectors/csharp/.snapshots/TestDetectorReportInterfaces diff --git a/pkg/detectors/csharp/csharp.go b/internal/detectors/csharp/csharp.go similarity index 87% rename from pkg/detectors/csharp/csharp.go rename to internal/detectors/csharp/csharp.go index eb2f9b9d7..a71f0839f 100644 --- a/pkg/detectors/csharp/csharp.go +++ b/internal/detectors/csharp/csharp.go @@ -5,17 +5,17 @@ import ( "github.com/smacker/go-tree-sitter/csharp" - "github.com/bearer/bearer/pkg/detectors/csharp/datatype" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/interfacedetector" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/report/variables" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/csharp/datatype" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/interfacedetector" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/report/variables" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" ) var ( diff --git a/pkg/detectors/csharp/csharp_test.go b/internal/detectors/csharp/csharp_test.go similarity index 74% rename from pkg/detectors/csharp/csharp_test.go rename to internal/detectors/csharp/csharp_test.go index 017d4ec94..effafd778 100644 --- a/pkg/detectors/csharp/csharp_test.go +++ b/internal/detectors/csharp/csharp_test.go @@ -6,12 +6,12 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/csharp" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/csharp" + "github.com/bearer/bearer/internal/parser/nodeid" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + detectortypes "github.com/bearer/bearer/internal/report/detectors" ) const detectorType = detectortypes.DetectorCSharp diff --git a/pkg/detectors/csharp/datatype/datatype.go b/internal/detectors/csharp/datatype/datatype.go similarity index 93% rename from pkg/detectors/csharp/datatype/datatype.go rename to internal/detectors/csharp/datatype/datatype.go index 95cfd4347..c8fc03a18 100644 --- a/pkg/detectors/csharp/datatype/datatype.go +++ b/internal/detectors/csharp/datatype/datatype.go @@ -3,14 +3,14 @@ package datatype import ( "strings" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/datatype" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/schema" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/datatype" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/schema" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" "github.com/smacker/go-tree-sitter/csharp" ) diff --git a/pkg/detectors/csharp/testdata/datatypes/datatypes.cs b/internal/detectors/csharp/testdata/datatypes/datatypes.cs similarity index 100% rename from pkg/detectors/csharp/testdata/datatypes/datatypes.cs rename to internal/detectors/csharp/testdata/datatypes/datatypes.cs diff --git a/pkg/detectors/csharp/testdata/project/config.cs b/internal/detectors/csharp/testdata/project/config.cs similarity index 100% rename from pkg/detectors/csharp/testdata/project/config.cs rename to internal/detectors/csharp/testdata/project/config.cs diff --git a/pkg/detectors/csharp/testdata/project/urls.cs b/internal/detectors/csharp/testdata/project/urls.cs similarity index 100% rename from pkg/detectors/csharp/testdata/project/urls.cs rename to internal/detectors/csharp/testdata/project/urls.cs diff --git a/pkg/detectors/custom/config/config.go b/internal/detectors/custom/config/config.go similarity index 95% rename from pkg/detectors/custom/config/config.go rename to internal/detectors/custom/config/config.go index 3364fb4a7..ff66d8d62 100644 --- a/pkg/detectors/custom/config/config.go +++ b/internal/detectors/custom/config/config.go @@ -1,7 +1,7 @@ package config import ( - "github.com/bearer/bearer/pkg/commands/process/settings" + "github.com/bearer/bearer/internal/commands/process/settings" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/detectors/custom/custom.go b/internal/detectors/custom/custom.go similarity index 91% rename from pkg/detectors/custom/custom.go rename to internal/detectors/custom/custom.go index 21024f794..ced674d7c 100644 --- a/pkg/detectors/custom/custom.go +++ b/internal/detectors/custom/custom.go @@ -7,27 +7,28 @@ import ( "io" "os" "regexp" + "slices" "strings" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/detectors/custom/config" - sqldetector "github.com/bearer/bearer/pkg/detectors/sql/custom_detector" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - language "github.com/bearer/bearer/pkg/parser/custom" - parserdatatype "github.com/bearer/bearer/pkg/parser/datatype" - "github.com/bearer/bearer/pkg/report/detections" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" - "github.com/bearer/bearer/pkg/report/source" - "github.com/bearer/bearer/pkg/util/file" - "golang.org/x/exp/slices" - - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/parser/sitter/sql" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/schema" sitter "github.com/smacker/go-tree-sitter" + + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/detectors/custom/config" + sqldetector "github.com/bearer/bearer/internal/detectors/sql/custom_detector" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + language "github.com/bearer/bearer/internal/parser/custom" + parserdatatype "github.com/bearer/bearer/internal/parser/datatype" + "github.com/bearer/bearer/internal/report/detections" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" + "github.com/bearer/bearer/internal/report/source" + "github.com/bearer/bearer/internal/util/file" + + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/parser/sitter/sql" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/schema" ) var insecureUrlPattern = regexp.MustCompile(`^http[^s]`) diff --git a/pkg/detectors/dependencies/buildgradle/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/buildgradle/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/buildgradle/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/buildgradle/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/buildgradle/buildgradle.go b/internal/detectors/dependencies/buildgradle/buildgradle.go similarity index 52% rename from pkg/detectors/dependencies/buildgradle/buildgradle.go rename to internal/detectors/dependencies/buildgradle/buildgradle.go index 8741dfb79..3f7b524ae 100644 --- a/pkg/detectors/dependencies/buildgradle/buildgradle.go +++ b/internal/detectors/dependencies/buildgradle/buildgradle.go @@ -1,9 +1,9 @@ package buildgradle import ( - grdlparser "github.com/bearer/bearer/pkg/detectors/dependencies/buildgradle/parser" - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/util/file" + grdlparser "github.com/bearer/bearer/internal/detectors/dependencies/buildgradle/parser" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/util/file" ) // Discover parses build.gradle file and add discovered dependencies to report diff --git a/pkg/detectors/dependencies/buildgradle/buildgradle_test.go b/internal/detectors/dependencies/buildgradle/buildgradle_test.go similarity index 76% rename from pkg/detectors/dependencies/buildgradle/buildgradle_test.go rename to internal/detectors/dependencies/buildgradle/buildgradle_test.go index ccfab8617..e4717fd07 100644 --- a/pkg/detectors/dependencies/buildgradle/buildgradle_test.go +++ b/internal/detectors/dependencies/buildgradle/buildgradle_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/buildgradle/parser/parser.go b/internal/detectors/dependencies/buildgradle/parser/parser.go similarity index 93% rename from pkg/detectors/dependencies/buildgradle/parser/parser.go rename to internal/detectors/dependencies/buildgradle/parser/parser.go index c4c300c6d..0d54a5702 100644 --- a/pkg/detectors/dependencies/buildgradle/parser/parser.go +++ b/internal/detectors/dependencies/buildgradle/parser/parser.go @@ -5,9 +5,9 @@ import ( "os" "regexp" - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/linescanner" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/linescanner" "github.com/rs/zerolog/log" ) diff --git a/pkg/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/checksums/checksums.lock b/internal/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/checksums/checksums.lock similarity index 100% rename from pkg/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/checksums/checksums.lock rename to internal/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/checksums/checksums.lock diff --git a/pkg/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/dependencies-accessors/dependencies-accessors.lock b/internal/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/dependencies-accessors/dependencies-accessors.lock similarity index 100% rename from pkg/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/dependencies-accessors/dependencies-accessors.lock rename to internal/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/dependencies-accessors/dependencies-accessors.lock diff --git a/pkg/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/dependencies-accessors/gc.properties b/internal/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/dependencies-accessors/gc.properties similarity index 100% rename from pkg/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/dependencies-accessors/gc.properties rename to internal/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/dependencies-accessors/gc.properties diff --git a/pkg/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/fileChanges/last-build.bin b/internal/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/fileChanges/last-build.bin similarity index 100% rename from pkg/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/fileChanges/last-build.bin rename to internal/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/fileChanges/last-build.bin diff --git a/pkg/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/fileHashes/fileHashes.lock b/internal/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/fileHashes/fileHashes.lock similarity index 100% rename from pkg/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/fileHashes/fileHashes.lock rename to internal/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/fileHashes/fileHashes.lock diff --git a/pkg/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/gc.properties b/internal/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/gc.properties similarity index 100% rename from pkg/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/gc.properties rename to internal/detectors/dependencies/buildgradle/testdata/.gradle/7.3.3/gc.properties diff --git a/pkg/detectors/dependencies/buildgradle/testdata/.gradle/vcs-1/gc.properties b/internal/detectors/dependencies/buildgradle/testdata/.gradle/vcs-1/gc.properties similarity index 100% rename from pkg/detectors/dependencies/buildgradle/testdata/.gradle/vcs-1/gc.properties rename to internal/detectors/dependencies/buildgradle/testdata/.gradle/vcs-1/gc.properties diff --git a/pkg/detectors/dependencies/buildgradle/testdata/build.gradle b/internal/detectors/dependencies/buildgradle/testdata/build.gradle similarity index 100% rename from pkg/detectors/dependencies/buildgradle/testdata/build.gradle rename to internal/detectors/dependencies/buildgradle/testdata/build.gradle diff --git a/pkg/detectors/dependencies/composerjson/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/composerjson/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/composerjson/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/composerjson/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/composerjson/composerjson.go b/internal/detectors/dependencies/composerjson/composerjson.go similarity index 88% rename from pkg/detectors/dependencies/composerjson/composerjson.go rename to internal/detectors/dependencies/composerjson/composerjson.go index cce3a5057..0e65153c7 100644 --- a/pkg/detectors/dependencies/composerjson/composerjson.go +++ b/internal/detectors/dependencies/composerjson/composerjson.go @@ -4,10 +4,10 @@ import ( "github.com/rs/zerolog/log" "github.com/smacker/go-tree-sitter/javascript" - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" ) var language = javascript.GetLanguage() diff --git a/pkg/detectors/dependencies/composerjson/composerjson_test.go b/internal/detectors/dependencies/composerjson/composerjson_test.go similarity index 76% rename from pkg/detectors/dependencies/composerjson/composerjson_test.go rename to internal/detectors/dependencies/composerjson/composerjson_test.go index e6716d019..7eb1b3de5 100644 --- a/pkg/detectors/dependencies/composerjson/composerjson_test.go +++ b/internal/detectors/dependencies/composerjson/composerjson_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/composerjson/testdata/composer.json b/internal/detectors/dependencies/composerjson/testdata/composer.json similarity index 100% rename from pkg/detectors/dependencies/composerjson/testdata/composer.json rename to internal/detectors/dependencies/composerjson/testdata/composer.json diff --git a/pkg/detectors/dependencies/composerlock/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/composerlock/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/composerlock/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/composerlock/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/composerlock/composerlock.go b/internal/detectors/dependencies/composerlock/composerlock.go similarity index 89% rename from pkg/detectors/dependencies/composerlock/composerlock.go rename to internal/detectors/dependencies/composerlock/composerlock.go index 187e1817c..3923ded47 100644 --- a/pkg/detectors/dependencies/composerlock/composerlock.go +++ b/internal/detectors/dependencies/composerlock/composerlock.go @@ -4,10 +4,10 @@ import ( "github.com/rs/zerolog/log" "github.com/smacker/go-tree-sitter/javascript" - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" ) var language = javascript.GetLanguage() diff --git a/pkg/detectors/dependencies/composerlock/composerlock_test.go b/internal/detectors/dependencies/composerlock/composerlock_test.go similarity index 76% rename from pkg/detectors/dependencies/composerlock/composerlock_test.go rename to internal/detectors/dependencies/composerlock/composerlock_test.go index 200fefb3c..baf45b4de 100644 --- a/pkg/detectors/dependencies/composerlock/composerlock_test.go +++ b/internal/detectors/dependencies/composerlock/composerlock_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/composerlock/testdata/composer.lock b/internal/detectors/dependencies/composerlock/testdata/composer.lock similarity index 100% rename from pkg/detectors/dependencies/composerlock/testdata/composer.lock rename to internal/detectors/dependencies/composerlock/testdata/composer.lock diff --git a/pkg/detectors/dependencies/dependencies.go b/internal/detectors/dependencies/dependencies.go similarity index 62% rename from pkg/detectors/dependencies/dependencies.go rename to internal/detectors/dependencies/dependencies.go index b9c2093df..2a209fa8d 100644 --- a/pkg/detectors/dependencies/dependencies.go +++ b/internal/detectors/dependencies/dependencies.go @@ -1,33 +1,33 @@ package dependencies import ( - "github.com/bearer/bearer/pkg/detectors/dependencies/buildgradle" - "github.com/bearer/bearer/pkg/detectors/dependencies/composerjson" - "github.com/bearer/bearer/pkg/detectors/dependencies/composerlock" - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/detectors/dependencies/gemfile" - "github.com/bearer/bearer/pkg/detectors/dependencies/gosum" - "github.com/bearer/bearer/pkg/detectors/dependencies/ivy" - "github.com/bearer/bearer/pkg/detectors/dependencies/mvnplugin" - "github.com/bearer/bearer/pkg/detectors/dependencies/npm" - "github.com/bearer/bearer/pkg/detectors/dependencies/nuget" - packageconfig "github.com/bearer/bearer/pkg/detectors/dependencies/package-config" - packagejson "github.com/bearer/bearer/pkg/detectors/dependencies/package-json" - paketdependencies "github.com/bearer/bearer/pkg/detectors/dependencies/paket-dependencies" - "github.com/bearer/bearer/pkg/detectors/dependencies/pipdeptree" - "github.com/bearer/bearer/pkg/detectors/dependencies/piplock" - "github.com/bearer/bearer/pkg/detectors/dependencies/poetry" - pomxml "github.com/bearer/bearer/pkg/detectors/dependencies/pom-xml" - projectjson "github.com/bearer/bearer/pkg/detectors/dependencies/project-json" - "github.com/bearer/bearer/pkg/detectors/dependencies/pyproject" - "github.com/bearer/bearer/pkg/detectors/dependencies/requirements" - "github.com/bearer/bearer/pkg/detectors/dependencies/yarnlock" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/dependencies" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/source" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/dependencies/buildgradle" + "github.com/bearer/bearer/internal/detectors/dependencies/composerjson" + "github.com/bearer/bearer/internal/detectors/dependencies/composerlock" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/detectors/dependencies/gemfile" + "github.com/bearer/bearer/internal/detectors/dependencies/gosum" + "github.com/bearer/bearer/internal/detectors/dependencies/ivy" + "github.com/bearer/bearer/internal/detectors/dependencies/mvnplugin" + "github.com/bearer/bearer/internal/detectors/dependencies/npm" + "github.com/bearer/bearer/internal/detectors/dependencies/nuget" + packageconfig "github.com/bearer/bearer/internal/detectors/dependencies/package-config" + packagejson "github.com/bearer/bearer/internal/detectors/dependencies/package-json" + paketdependencies "github.com/bearer/bearer/internal/detectors/dependencies/paket-dependencies" + "github.com/bearer/bearer/internal/detectors/dependencies/pipdeptree" + "github.com/bearer/bearer/internal/detectors/dependencies/piplock" + "github.com/bearer/bearer/internal/detectors/dependencies/poetry" + pomxml "github.com/bearer/bearer/internal/detectors/dependencies/pom-xml" + projectjson "github.com/bearer/bearer/internal/detectors/dependencies/project-json" + "github.com/bearer/bearer/internal/detectors/dependencies/pyproject" + "github.com/bearer/bearer/internal/detectors/dependencies/requirements" + "github.com/bearer/bearer/internal/detectors/dependencies/yarnlock" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/dependencies" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/source" + "github.com/bearer/bearer/internal/util/file" ) type detector struct{} diff --git a/pkg/detectors/dependencies/depsbase/depsbase.go b/internal/detectors/dependencies/depsbase/depsbase.go similarity index 100% rename from pkg/detectors/dependencies/depsbase/depsbase.go rename to internal/detectors/dependencies/depsbase/depsbase.go diff --git a/pkg/detectors/dependencies/gemfile/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/gemfile/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/gemfile/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/gemfile/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/gemfile/gemfile-lock.go b/internal/detectors/dependencies/gemfile/gemfile-lock.go similarity index 95% rename from pkg/detectors/dependencies/gemfile/gemfile-lock.go rename to internal/detectors/dependencies/gemfile/gemfile-lock.go index 2605e33b8..b520c0be3 100644 --- a/pkg/detectors/dependencies/gemfile/gemfile-lock.go +++ b/internal/detectors/dependencies/gemfile/gemfile-lock.go @@ -5,9 +5,9 @@ import ( "os" "regexp" - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/linescanner" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/linescanner" "github.com/rs/zerolog/log" ) diff --git a/pkg/detectors/dependencies/gemfile/gemfile-lock_test.go b/internal/detectors/dependencies/gemfile/gemfile-lock_test.go similarity index 76% rename from pkg/detectors/dependencies/gemfile/gemfile-lock_test.go rename to internal/detectors/dependencies/gemfile/gemfile-lock_test.go index 2aa40c05e..7e0f3fc67 100644 --- a/pkg/detectors/dependencies/gemfile/gemfile-lock_test.go +++ b/internal/detectors/dependencies/gemfile/gemfile-lock_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/gemfile/testdata/Gemfile.lock b/internal/detectors/dependencies/gemfile/testdata/Gemfile.lock similarity index 100% rename from pkg/detectors/dependencies/gemfile/testdata/Gemfile.lock rename to internal/detectors/dependencies/gemfile/testdata/Gemfile.lock diff --git a/pkg/detectors/dependencies/gosum/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/gosum/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/gosum/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/gosum/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/gosum/go.go b/internal/detectors/dependencies/gosum/go.go similarity index 86% rename from pkg/detectors/dependencies/gosum/go.go rename to internal/detectors/dependencies/gosum/go.go index b1dfc9e73..26060cc4f 100644 --- a/pkg/detectors/dependencies/gosum/go.go +++ b/internal/detectors/dependencies/gosum/go.go @@ -6,9 +6,9 @@ import ( "os" "strings" - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/linescanner" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/linescanner" "github.com/rs/zerolog/log" ) diff --git a/pkg/detectors/dependencies/gosum/go_test.go b/internal/detectors/dependencies/gosum/go_test.go similarity index 76% rename from pkg/detectors/dependencies/gosum/go_test.go rename to internal/detectors/dependencies/gosum/go_test.go index 21e5ecacd..b77108b2b 100644 --- a/pkg/detectors/dependencies/gosum/go_test.go +++ b/internal/detectors/dependencies/gosum/go_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/gosum/testdata/go.sum b/internal/detectors/dependencies/gosum/testdata/go.sum similarity index 100% rename from pkg/detectors/dependencies/gosum/testdata/go.sum rename to internal/detectors/dependencies/gosum/testdata/go.sum diff --git a/pkg/detectors/dependencies/ivy/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/ivy/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/ivy/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/ivy/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/ivy/ivy.go b/internal/detectors/dependencies/ivy/ivy.go similarity index 92% rename from pkg/detectors/dependencies/ivy/ivy.go rename to internal/detectors/dependencies/ivy/ivy.go index af9b5e4ca..a1de53597 100644 --- a/pkg/detectors/dependencies/ivy/ivy.go +++ b/internal/detectors/dependencies/ivy/ivy.go @@ -6,11 +6,11 @@ import ( "regexp" "strings" - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/parser" - xml "github.com/bearer/bearer/pkg/parser/sitter/xml2" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/parser" + xml "github.com/bearer/bearer/internal/parser/sitter/xml2" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" "github.com/rs/zerolog/log" ) diff --git a/pkg/detectors/dependencies/ivy/ivy_test.go b/internal/detectors/dependencies/ivy/ivy_test.go similarity index 76% rename from pkg/detectors/dependencies/ivy/ivy_test.go rename to internal/detectors/dependencies/ivy/ivy_test.go index 71f073887..1bba30906 100644 --- a/pkg/detectors/dependencies/ivy/ivy_test.go +++ b/internal/detectors/dependencies/ivy/ivy_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/ivy/testdata/ivy-report.xml b/internal/detectors/dependencies/ivy/testdata/ivy-report.xml similarity index 100% rename from pkg/detectors/dependencies/ivy/testdata/ivy-report.xml rename to internal/detectors/dependencies/ivy/testdata/ivy-report.xml diff --git a/pkg/detectors/dependencies/mvnplugin/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/mvnplugin/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/mvnplugin/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/mvnplugin/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/mvnplugin/mvnplugin.go b/internal/detectors/dependencies/mvnplugin/mvnplugin.go similarity index 89% rename from pkg/detectors/dependencies/mvnplugin/mvnplugin.go rename to internal/detectors/dependencies/mvnplugin/mvnplugin.go index 7bce365eb..22bca4248 100644 --- a/pkg/detectors/dependencies/mvnplugin/mvnplugin.go +++ b/internal/detectors/dependencies/mvnplugin/mvnplugin.go @@ -1,10 +1,10 @@ package mvnplugin import ( - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" "github.com/rs/zerolog/log" "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/dependencies/mvnplugin/mvnplugin_test.go b/internal/detectors/dependencies/mvnplugin/mvnplugin_test.go similarity index 76% rename from pkg/detectors/dependencies/mvnplugin/mvnplugin_test.go rename to internal/detectors/dependencies/mvnplugin/mvnplugin_test.go index 2d48de0f1..692e3d256 100644 --- a/pkg/detectors/dependencies/mvnplugin/mvnplugin_test.go +++ b/internal/detectors/dependencies/mvnplugin/mvnplugin_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/mvnplugin/testdata/maven-dependencies.json b/internal/detectors/dependencies/mvnplugin/testdata/maven-dependencies.json similarity index 100% rename from pkg/detectors/dependencies/mvnplugin/testdata/maven-dependencies.json rename to internal/detectors/dependencies/mvnplugin/testdata/maven-dependencies.json diff --git a/pkg/detectors/dependencies/npm/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/npm/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/npm/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/npm/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/npm/npm.go b/internal/detectors/dependencies/npm/npm.go similarity index 93% rename from pkg/detectors/dependencies/npm/npm.go rename to internal/detectors/dependencies/npm/npm.go index 38c0a30a2..1f87f88da 100644 --- a/pkg/detectors/dependencies/npm/npm.go +++ b/internal/detectors/dependencies/npm/npm.go @@ -1,10 +1,10 @@ package npm import ( - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" "github.com/rs/zerolog/log" "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/dependencies/npm/npm_test.go b/internal/detectors/dependencies/npm/npm_test.go similarity index 76% rename from pkg/detectors/dependencies/npm/npm_test.go rename to internal/detectors/dependencies/npm/npm_test.go index 10fa5a267..e5d20dd1f 100644 --- a/pkg/detectors/dependencies/npm/npm_test.go +++ b/internal/detectors/dependencies/npm/npm_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/npm/testdata/npm-shrinkwrap.json b/internal/detectors/dependencies/npm/testdata/npm-shrinkwrap.json similarity index 100% rename from pkg/detectors/dependencies/npm/testdata/npm-shrinkwrap.json rename to internal/detectors/dependencies/npm/testdata/npm-shrinkwrap.json diff --git a/pkg/detectors/dependencies/npm/testdata/package-lock.json b/internal/detectors/dependencies/npm/testdata/package-lock.json similarity index 100% rename from pkg/detectors/dependencies/npm/testdata/package-lock.json rename to internal/detectors/dependencies/npm/testdata/package-lock.json diff --git a/pkg/detectors/dependencies/nuget/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/nuget/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/nuget/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/nuget/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/nuget/nuget.go b/internal/detectors/dependencies/nuget/nuget.go similarity index 93% rename from pkg/detectors/dependencies/nuget/nuget.go rename to internal/detectors/dependencies/nuget/nuget.go index 524c5b1d2..814cd5719 100644 --- a/pkg/detectors/dependencies/nuget/nuget.go +++ b/internal/detectors/dependencies/nuget/nuget.go @@ -1,10 +1,10 @@ package nuget import ( - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" "github.com/rs/zerolog/log" "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/dependencies/nuget/nuget_test.go b/internal/detectors/dependencies/nuget/nuget_test.go similarity index 76% rename from pkg/detectors/dependencies/nuget/nuget_test.go rename to internal/detectors/dependencies/nuget/nuget_test.go index 527c1563f..bd4e009d1 100644 --- a/pkg/detectors/dependencies/nuget/nuget_test.go +++ b/internal/detectors/dependencies/nuget/nuget_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/nuget/testdata/packages.lock.json b/internal/detectors/dependencies/nuget/testdata/packages.lock.json similarity index 100% rename from pkg/detectors/dependencies/nuget/testdata/packages.lock.json rename to internal/detectors/dependencies/nuget/testdata/packages.lock.json diff --git a/pkg/detectors/dependencies/package-config/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/package-config/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/package-config/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/package-config/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/package-config/package-config.go b/internal/detectors/dependencies/package-config/package-config.go similarity index 86% rename from pkg/detectors/dependencies/package-config/package-config.go rename to internal/detectors/dependencies/package-config/package-config.go index 6931f6c7a..56114775d 100644 --- a/pkg/detectors/dependencies/package-config/package-config.go +++ b/internal/detectors/dependencies/package-config/package-config.go @@ -1,11 +1,11 @@ package packageconfig import ( - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/parser" - xml "github.com/bearer/bearer/pkg/parser/sitter/xml2" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/parser" + xml "github.com/bearer/bearer/internal/parser/sitter/xml2" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" "github.com/rs/zerolog/log" ) diff --git a/pkg/detectors/dependencies/package-config/package-config_test.go b/internal/detectors/dependencies/package-config/package-config_test.go similarity index 76% rename from pkg/detectors/dependencies/package-config/package-config_test.go rename to internal/detectors/dependencies/package-config/package-config_test.go index 1919a4651..17c71859e 100644 --- a/pkg/detectors/dependencies/package-config/package-config_test.go +++ b/internal/detectors/dependencies/package-config/package-config_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/package-config/testdata/packages.config b/internal/detectors/dependencies/package-config/testdata/packages.config similarity index 100% rename from pkg/detectors/dependencies/package-config/testdata/packages.config rename to internal/detectors/dependencies/package-config/testdata/packages.config diff --git a/pkg/detectors/dependencies/package-json/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/package-json/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/package-json/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/package-json/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/package-json/package-json.go b/internal/detectors/dependencies/package-json/package-json.go similarity index 87% rename from pkg/detectors/dependencies/package-json/package-json.go rename to internal/detectors/dependencies/package-json/package-json.go index 98809fda0..69bbd838b 100644 --- a/pkg/detectors/dependencies/package-json/package-json.go +++ b/internal/detectors/dependencies/package-json/package-json.go @@ -1,10 +1,10 @@ package packagejson import ( - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" "github.com/rs/zerolog/log" "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/dependencies/package-json/package-json_test.go b/internal/detectors/dependencies/package-json/package-json_test.go similarity index 76% rename from pkg/detectors/dependencies/package-json/package-json_test.go rename to internal/detectors/dependencies/package-json/package-json_test.go index dae92520d..39e1e4985 100644 --- a/pkg/detectors/dependencies/package-json/package-json_test.go +++ b/internal/detectors/dependencies/package-json/package-json_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/package-json/testdata/package.json b/internal/detectors/dependencies/package-json/testdata/package.json similarity index 100% rename from pkg/detectors/dependencies/package-json/testdata/package.json rename to internal/detectors/dependencies/package-json/testdata/package.json diff --git a/pkg/detectors/dependencies/paket-dependencies/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/paket-dependencies/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/paket-dependencies/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/paket-dependencies/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/paket-dependencies/paket-dependencies.go b/internal/detectors/dependencies/paket-dependencies/paket-dependencies.go similarity index 93% rename from pkg/detectors/dependencies/paket-dependencies/paket-dependencies.go rename to internal/detectors/dependencies/paket-dependencies/paket-dependencies.go index 5f740305b..e5c094126 100644 --- a/pkg/detectors/dependencies/paket-dependencies/paket-dependencies.go +++ b/internal/detectors/dependencies/paket-dependencies/paket-dependencies.go @@ -6,9 +6,9 @@ import ( "regexp" "strings" - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/linescanner" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/linescanner" "github.com/rs/zerolog/log" ) diff --git a/pkg/detectors/dependencies/paket-dependencies/paket-dependencies_test.go b/internal/detectors/dependencies/paket-dependencies/paket-dependencies_test.go similarity index 76% rename from pkg/detectors/dependencies/paket-dependencies/paket-dependencies_test.go rename to internal/detectors/dependencies/paket-dependencies/paket-dependencies_test.go index 94bd073e2..9cff490ea 100644 --- a/pkg/detectors/dependencies/paket-dependencies/paket-dependencies_test.go +++ b/internal/detectors/dependencies/paket-dependencies/paket-dependencies_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/paket-dependencies/testdata/paket.dependencies b/internal/detectors/dependencies/paket-dependencies/testdata/paket.dependencies similarity index 100% rename from pkg/detectors/dependencies/paket-dependencies/testdata/paket.dependencies rename to internal/detectors/dependencies/paket-dependencies/testdata/paket.dependencies diff --git a/pkg/detectors/dependencies/pipdeptree/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/pipdeptree/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/pipdeptree/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/pipdeptree/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/pipdeptree/pipdeptree.go b/internal/detectors/dependencies/pipdeptree/pipdeptree.go similarity index 87% rename from pkg/detectors/dependencies/pipdeptree/pipdeptree.go rename to internal/detectors/dependencies/pipdeptree/pipdeptree.go index 61f535d01..5a4d2f080 100644 --- a/pkg/detectors/dependencies/pipdeptree/pipdeptree.go +++ b/internal/detectors/dependencies/pipdeptree/pipdeptree.go @@ -1,10 +1,10 @@ package pipdeptree import ( - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" "github.com/rs/zerolog/log" "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/dependencies/pipdeptree/pipdeptree_test.go b/internal/detectors/dependencies/pipdeptree/pipdeptree_test.go similarity index 76% rename from pkg/detectors/dependencies/pipdeptree/pipdeptree_test.go rename to internal/detectors/dependencies/pipdeptree/pipdeptree_test.go index c89927381..429b90c56 100644 --- a/pkg/detectors/dependencies/pipdeptree/pipdeptree_test.go +++ b/internal/detectors/dependencies/pipdeptree/pipdeptree_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/pipdeptree/testdata/pipdeptree.json b/internal/detectors/dependencies/pipdeptree/testdata/pipdeptree.json similarity index 100% rename from pkg/detectors/dependencies/pipdeptree/testdata/pipdeptree.json rename to internal/detectors/dependencies/pipdeptree/testdata/pipdeptree.json diff --git a/pkg/detectors/dependencies/piplock/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/piplock/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/piplock/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/piplock/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/piplock/piplock.go b/internal/detectors/dependencies/piplock/piplock.go similarity index 86% rename from pkg/detectors/dependencies/piplock/piplock.go rename to internal/detectors/dependencies/piplock/piplock.go index 73d5e6071..9d0025ad4 100644 --- a/pkg/detectors/dependencies/piplock/piplock.go +++ b/internal/detectors/dependencies/piplock/piplock.go @@ -1,10 +1,10 @@ package piplock import ( - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" "github.com/rs/zerolog/log" "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/dependencies/piplock/piplock_test.go b/internal/detectors/dependencies/piplock/piplock_test.go similarity index 76% rename from pkg/detectors/dependencies/piplock/piplock_test.go rename to internal/detectors/dependencies/piplock/piplock_test.go index 2c83dcbc7..6f1dea60f 100644 --- a/pkg/detectors/dependencies/piplock/piplock_test.go +++ b/internal/detectors/dependencies/piplock/piplock_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/piplock/testdata/Pipfile.lock b/internal/detectors/dependencies/piplock/testdata/Pipfile.lock similarity index 100% rename from pkg/detectors/dependencies/piplock/testdata/Pipfile.lock rename to internal/detectors/dependencies/piplock/testdata/Pipfile.lock diff --git a/pkg/detectors/dependencies/poetry/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/poetry/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/poetry/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/poetry/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/poetry/poetry.go b/internal/detectors/dependencies/poetry/poetry.go similarity index 84% rename from pkg/detectors/dependencies/poetry/poetry.go rename to internal/detectors/dependencies/poetry/poetry.go index d6700da82..33bac39e8 100644 --- a/pkg/detectors/dependencies/poetry/poetry.go +++ b/internal/detectors/dependencies/poetry/poetry.go @@ -1,11 +1,11 @@ package poetry import ( - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/sitter/toml" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/sitter/toml" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" "github.com/rs/zerolog/log" ) diff --git a/pkg/detectors/dependencies/poetry/poetry_test.go b/internal/detectors/dependencies/poetry/poetry_test.go similarity index 76% rename from pkg/detectors/dependencies/poetry/poetry_test.go rename to internal/detectors/dependencies/poetry/poetry_test.go index 9c2b0a5fb..69c908901 100644 --- a/pkg/detectors/dependencies/poetry/poetry_test.go +++ b/internal/detectors/dependencies/poetry/poetry_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/poetry/testdata/poetry.lock b/internal/detectors/dependencies/poetry/testdata/poetry.lock similarity index 100% rename from pkg/detectors/dependencies/poetry/testdata/poetry.lock rename to internal/detectors/dependencies/poetry/testdata/poetry.lock diff --git a/pkg/detectors/dependencies/pom-xml/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/pom-xml/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/pom-xml/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/pom-xml/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/pom-xml/pom-xml.go b/internal/detectors/dependencies/pom-xml/pom-xml.go similarity index 86% rename from pkg/detectors/dependencies/pom-xml/pom-xml.go rename to internal/detectors/dependencies/pom-xml/pom-xml.go index 2b4cdfab3..50c4723ae 100644 --- a/pkg/detectors/dependencies/pom-xml/pom-xml.go +++ b/internal/detectors/dependencies/pom-xml/pom-xml.go @@ -1,11 +1,11 @@ package pomxml import ( - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/parser" - xml "github.com/bearer/bearer/pkg/parser/sitter/xml2" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/parser" + xml "github.com/bearer/bearer/internal/parser/sitter/xml2" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" "github.com/rs/zerolog/log" ) diff --git a/pkg/detectors/dependencies/pom-xml/pom-xml_test.go b/internal/detectors/dependencies/pom-xml/pom-xml_test.go similarity index 76% rename from pkg/detectors/dependencies/pom-xml/pom-xml_test.go rename to internal/detectors/dependencies/pom-xml/pom-xml_test.go index 03045dd2a..2cf9cdd70 100644 --- a/pkg/detectors/dependencies/pom-xml/pom-xml_test.go +++ b/internal/detectors/dependencies/pom-xml/pom-xml_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/pom-xml/testdata/large-file/pom.xml b/internal/detectors/dependencies/pom-xml/testdata/large-file/pom.xml similarity index 100% rename from pkg/detectors/dependencies/pom-xml/testdata/large-file/pom.xml rename to internal/detectors/dependencies/pom-xml/testdata/large-file/pom.xml diff --git a/pkg/detectors/dependencies/pom-xml/testdata/v1/pom.xml b/internal/detectors/dependencies/pom-xml/testdata/v1/pom.xml similarity index 100% rename from pkg/detectors/dependencies/pom-xml/testdata/v1/pom.xml rename to internal/detectors/dependencies/pom-xml/testdata/v1/pom.xml diff --git a/pkg/detectors/dependencies/pom-xml/testdata/v2-iso/pom.xml b/internal/detectors/dependencies/pom-xml/testdata/v2-iso/pom.xml similarity index 100% rename from pkg/detectors/dependencies/pom-xml/testdata/v2-iso/pom.xml rename to internal/detectors/dependencies/pom-xml/testdata/v2-iso/pom.xml diff --git a/pkg/detectors/dependencies/pom-xml/testdata/v2/pom.xml b/internal/detectors/dependencies/pom-xml/testdata/v2/pom.xml similarity index 100% rename from pkg/detectors/dependencies/pom-xml/testdata/v2/pom.xml rename to internal/detectors/dependencies/pom-xml/testdata/v2/pom.xml diff --git a/pkg/detectors/dependencies/project-json/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/project-json/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/project-json/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/project-json/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/project-json/project-json.go b/internal/detectors/dependencies/project-json/project-json.go similarity index 87% rename from pkg/detectors/dependencies/project-json/project-json.go rename to internal/detectors/dependencies/project-json/project-json.go index c5b2d71f9..f18f13ccd 100644 --- a/pkg/detectors/dependencies/project-json/project-json.go +++ b/internal/detectors/dependencies/project-json/project-json.go @@ -1,10 +1,10 @@ package projectjson import ( - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" "github.com/rs/zerolog/log" "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/dependencies/project-json/project-json_test.go b/internal/detectors/dependencies/project-json/project-json_test.go similarity index 76% rename from pkg/detectors/dependencies/project-json/project-json_test.go rename to internal/detectors/dependencies/project-json/project-json_test.go index 7127e7da7..28106bbfd 100644 --- a/pkg/detectors/dependencies/project-json/project-json_test.go +++ b/internal/detectors/dependencies/project-json/project-json_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/project-json/testdata/project.json b/internal/detectors/dependencies/project-json/testdata/project.json similarity index 100% rename from pkg/detectors/dependencies/project-json/testdata/project.json rename to internal/detectors/dependencies/project-json/testdata/project.json diff --git a/pkg/detectors/dependencies/pyproject/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/pyproject/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/pyproject/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/pyproject/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/pyproject/pyproject.go b/internal/detectors/dependencies/pyproject/pyproject.go similarity index 83% rename from pkg/detectors/dependencies/pyproject/pyproject.go rename to internal/detectors/dependencies/pyproject/pyproject.go index 03664be68..76126d6a0 100644 --- a/pkg/detectors/dependencies/pyproject/pyproject.go +++ b/internal/detectors/dependencies/pyproject/pyproject.go @@ -1,11 +1,11 @@ package pyproject import ( - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/sitter/toml" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/sitter/toml" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" "github.com/rs/zerolog/log" ) diff --git a/pkg/detectors/dependencies/pyproject/pyproject_test.go b/internal/detectors/dependencies/pyproject/pyproject_test.go similarity index 76% rename from pkg/detectors/dependencies/pyproject/pyproject_test.go rename to internal/detectors/dependencies/pyproject/pyproject_test.go index 3bf124a1f..b4721444c 100644 --- a/pkg/detectors/dependencies/pyproject/pyproject_test.go +++ b/internal/detectors/dependencies/pyproject/pyproject_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/pyproject/testdata/pyproject.toml b/internal/detectors/dependencies/pyproject/testdata/pyproject.toml similarity index 100% rename from pkg/detectors/dependencies/pyproject/testdata/pyproject.toml rename to internal/detectors/dependencies/pyproject/testdata/pyproject.toml diff --git a/pkg/detectors/dependencies/requirements/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/requirements/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/requirements/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/requirements/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/requirements/requirements.go b/internal/detectors/dependencies/requirements/requirements.go similarity index 85% rename from pkg/detectors/dependencies/requirements/requirements.go rename to internal/detectors/dependencies/requirements/requirements.go index 5975ba031..2904db4b3 100644 --- a/pkg/detectors/dependencies/requirements/requirements.go +++ b/internal/detectors/dependencies/requirements/requirements.go @@ -5,9 +5,9 @@ import ( "os" "regexp" - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/linescanner" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/linescanner" "github.com/rs/zerolog/log" ) diff --git a/pkg/detectors/dependencies/requirements/requirements_test.go b/internal/detectors/dependencies/requirements/requirements_test.go similarity index 76% rename from pkg/detectors/dependencies/requirements/requirements_test.go rename to internal/detectors/dependencies/requirements/requirements_test.go index a73f83431..ed2c1deab 100644 --- a/pkg/detectors/dependencies/requirements/requirements_test.go +++ b/internal/detectors/dependencies/requirements/requirements_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/dependencies/requirements/testdata/requirements.txt b/internal/detectors/dependencies/requirements/testdata/requirements.txt similarity index 100% rename from pkg/detectors/dependencies/requirements/testdata/requirements.txt rename to internal/detectors/dependencies/requirements/testdata/requirements.txt diff --git a/pkg/detectors/dependencies/yarnlock/.snapshots/TestDependenciesReport b/internal/detectors/dependencies/yarnlock/.snapshots/TestDependenciesReport similarity index 100% rename from pkg/detectors/dependencies/yarnlock/.snapshots/TestDependenciesReport rename to internal/detectors/dependencies/yarnlock/.snapshots/TestDependenciesReport diff --git a/pkg/detectors/dependencies/yarnlock/testdata/yarn.lock b/internal/detectors/dependencies/yarnlock/testdata/yarn.lock similarity index 100% rename from pkg/detectors/dependencies/yarnlock/testdata/yarn.lock rename to internal/detectors/dependencies/yarnlock/testdata/yarn.lock diff --git a/pkg/detectors/dependencies/yarnlock/yarnlock.go b/internal/detectors/dependencies/yarnlock/yarnlock.go similarity index 92% rename from pkg/detectors/dependencies/yarnlock/yarnlock.go rename to internal/detectors/dependencies/yarnlock/yarnlock.go index 006d00ce5..cef65407a 100644 --- a/pkg/detectors/dependencies/yarnlock/yarnlock.go +++ b/internal/detectors/dependencies/yarnlock/yarnlock.go @@ -6,9 +6,9 @@ import ( "regexp" "strings" - "github.com/bearer/bearer/pkg/detectors/dependencies/depsbase" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/linescanner" + "github.com/bearer/bearer/internal/detectors/dependencies/depsbase" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/linescanner" "github.com/rs/zerolog/log" ) diff --git a/pkg/detectors/dependencies/yarnlock/yarnlock_test.go b/internal/detectors/dependencies/yarnlock/yarnlock_test.go similarity index 76% rename from pkg/detectors/dependencies/yarnlock/yarnlock_test.go rename to internal/detectors/dependencies/yarnlock/yarnlock_test.go index 9d1ac41bc..469211d90 100644 --- a/pkg/detectors/dependencies/yarnlock/yarnlock_test.go +++ b/internal/detectors/dependencies/yarnlock/yarnlock_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/detectors.go b/internal/detectors/detectors.go similarity index 68% rename from pkg/detectors/detectors.go rename to internal/detectors/detectors.go index 10b118e67..6f2bbbdf9 100644 --- a/pkg/detectors/detectors.go +++ b/internal/detectors/detectors.go @@ -5,46 +5,47 @@ import ( "fmt" "path/filepath" "runtime/debug" + "slices" - "github.com/bearer/bearer/new/detector/evaluator/stats" - "github.com/bearer/bearer/new/scanner" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/detectors/beego" - "github.com/bearer/bearer/pkg/detectors/csharp" - "github.com/bearer/bearer/pkg/detectors/custom" - "github.com/bearer/bearer/pkg/detectors/dependencies" - "github.com/bearer/bearer/pkg/detectors/django" - "github.com/bearer/bearer/pkg/detectors/dotnet" - "github.com/bearer/bearer/pkg/detectors/envfile" - "github.com/bearer/bearer/pkg/detectors/gitleaks" - "github.com/bearer/bearer/pkg/detectors/golang" - "github.com/bearer/bearer/pkg/detectors/graphql" - "github.com/bearer/bearer/pkg/detectors/html" - "github.com/bearer/bearer/pkg/detectors/ipynb" - "github.com/bearer/bearer/pkg/detectors/java" - "github.com/bearer/bearer/pkg/detectors/javascript" - "github.com/bearer/bearer/pkg/detectors/openapi" - "github.com/bearer/bearer/pkg/detectors/php" - "github.com/bearer/bearer/pkg/detectors/proto" - "github.com/bearer/bearer/pkg/detectors/python" - "github.com/bearer/bearer/pkg/detectors/rails" - "github.com/bearer/bearer/pkg/detectors/ruby" - "github.com/bearer/bearer/pkg/detectors/simple" - "github.com/bearer/bearer/pkg/detectors/spring" - "github.com/bearer/bearer/pkg/detectors/sql" - "github.com/bearer/bearer/pkg/detectors/symfony" - "github.com/bearer/bearer/pkg/detectors/tsx" - "github.com/bearer/bearer/pkg/detectors/typescript" - "github.com/bearer/bearer/pkg/detectors/yamlconfig" - "github.com/bearer/bearer/pkg/util/file" - "golang.org/x/exp/slices" - - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser/nodeid" "github.com/rs/zerolog/log" - reporttypes "github.com/bearer/bearer/pkg/report" - reportdetectors "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/detectors/beego" + "github.com/bearer/bearer/internal/detectors/csharp" + "github.com/bearer/bearer/internal/detectors/custom" + "github.com/bearer/bearer/internal/detectors/dependencies" + "github.com/bearer/bearer/internal/detectors/django" + "github.com/bearer/bearer/internal/detectors/dotnet" + "github.com/bearer/bearer/internal/detectors/envfile" + "github.com/bearer/bearer/internal/detectors/gitleaks" + "github.com/bearer/bearer/internal/detectors/golang" + "github.com/bearer/bearer/internal/detectors/graphql" + "github.com/bearer/bearer/internal/detectors/html" + "github.com/bearer/bearer/internal/detectors/ipynb" + "github.com/bearer/bearer/internal/detectors/java" + "github.com/bearer/bearer/internal/detectors/javascript" + "github.com/bearer/bearer/internal/detectors/openapi" + "github.com/bearer/bearer/internal/detectors/php" + "github.com/bearer/bearer/internal/detectors/proto" + "github.com/bearer/bearer/internal/detectors/python" + "github.com/bearer/bearer/internal/detectors/rails" + "github.com/bearer/bearer/internal/detectors/ruby" + "github.com/bearer/bearer/internal/detectors/simple" + "github.com/bearer/bearer/internal/detectors/spring" + "github.com/bearer/bearer/internal/detectors/sql" + "github.com/bearer/bearer/internal/detectors/symfony" + "github.com/bearer/bearer/internal/detectors/tsx" + "github.com/bearer/bearer/internal/detectors/typescript" + "github.com/bearer/bearer/internal/detectors/yamlconfig" + "github.com/bearer/bearer/internal/scanner" + "github.com/bearer/bearer/internal/scanner/stats" + "github.com/bearer/bearer/internal/util/file" + + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser/nodeid" + + reporttypes "github.com/bearer/bearer/internal/report" + reportdetectors "github.com/bearer/bearer/internal/report/detectors" ) type InitializedDetector struct { @@ -137,9 +138,18 @@ func Extract( filename string, report reporttypes.Report, fileStats *stats.FileStats, - scanners []string, + enabledScanners []string, + sastScanner *scanner.Scanner, ) error { - return ExtractWithDetectors(ctx, path, filename, report, fileStats, Registrations(scanners)) + return ExtractWithDetectors( + ctx, + path, + filename, + report, + fileStats, + Registrations(enabledScanners), + sastScanner, + ) } func ExtractWithDetectors( @@ -149,6 +159,7 @@ func ExtractWithDetectors( report reporttypes.Report, fileStats *stats.FileStats, allDetectors []InitializedDetector, + sastScanner *scanner.Scanner, ) error { activeDetectors := make(map[InitializedDetector]activeDetector) @@ -189,10 +200,9 @@ func ExtractWithDetectors( } defer recovery() - err := scanner.Detect(ctx, report, fileStats, file) - if err != nil { - log.Debug().Msgf("failed to process file %s for detector: %s", file.RelativePath, err) - report.AddError(file.RelativePath, fmt.Errorf("failed to process file for detector : %s", err)) + if err := sastScanner.Scan(ctx, report, fileStats, file); err != nil { + log.Debug().Msgf("failed to scan file %s: %s", file.RelativePath, err) + report.AddError(file.RelativePath, fmt.Errorf("failed to scan file: %s", err)) } for _, detector := range allDetectors { diff --git a/pkg/detectors/django/.snapshots/TestDetectorReportDatabases b/internal/detectors/django/.snapshots/TestDetectorReportDatabases similarity index 100% rename from pkg/detectors/django/.snapshots/TestDetectorReportDatabases rename to internal/detectors/django/.snapshots/TestDetectorReportDatabases diff --git a/pkg/detectors/django/django.go b/internal/detectors/django/django.go similarity index 88% rename from pkg/detectors/django/django.go rename to internal/detectors/django/django.go index 39244ab1e..4c2b10e69 100644 --- a/pkg/detectors/django/django.go +++ b/internal/detectors/django/django.go @@ -4,12 +4,12 @@ import ( "errors" "strings" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/frameworks/django" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/frameworks/django" + "github.com/bearer/bearer/internal/util/file" "github.com/smacker/go-tree-sitter/python" ) diff --git a/pkg/detectors/django/django_test.go b/internal/detectors/django/django_test.go similarity index 74% rename from pkg/detectors/django/django_test.go rename to internal/detectors/django/django_test.go index ec84e148e..ecde1161f 100644 --- a/pkg/detectors/django/django_test.go +++ b/internal/detectors/django/django_test.go @@ -6,8 +6,8 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - reportdetectors "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + reportdetectors "github.com/bearer/bearer/internal/report/detectors" ) const detectorType = reportdetectors.DetectorDjango diff --git a/pkg/detectors/django/testdata/django/manage.py b/internal/detectors/django/testdata/django/manage.py similarity index 100% rename from pkg/detectors/django/testdata/django/manage.py rename to internal/detectors/django/testdata/django/manage.py diff --git a/pkg/detectors/django/testdata/django/myapp/settings.py b/internal/detectors/django/testdata/django/myapp/settings.py similarity index 100% rename from pkg/detectors/django/testdata/django/myapp/settings.py rename to internal/detectors/django/testdata/django/myapp/settings.py diff --git a/pkg/detectors/django/testdata/not_django/manage.py b/internal/detectors/django/testdata/not_django/manage.py similarity index 100% rename from pkg/detectors/django/testdata/not_django/manage.py rename to internal/detectors/django/testdata/not_django/manage.py diff --git a/pkg/detectors/dotnet/.snapshots/TestDetectorReportDbContexts b/internal/detectors/dotnet/.snapshots/TestDetectorReportDbContexts similarity index 100% rename from pkg/detectors/dotnet/.snapshots/TestDetectorReportDbContexts rename to internal/detectors/dotnet/.snapshots/TestDetectorReportDbContexts diff --git a/pkg/detectors/dotnet/dotnet.go b/internal/detectors/dotnet/dotnet.go similarity index 89% rename from pkg/detectors/dotnet/dotnet.go rename to internal/detectors/dotnet/dotnet.go index 34d260c01..af6832342 100644 --- a/pkg/detectors/dotnet/dotnet.go +++ b/internal/detectors/dotnet/dotnet.go @@ -4,12 +4,12 @@ import ( "os" "path/filepath" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/frameworks/dotnet" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/frameworks/dotnet" + "github.com/bearer/bearer/internal/util/file" "github.com/smacker/go-tree-sitter/csharp" ) diff --git a/pkg/detectors/dotnet/dotnet_test.go b/internal/detectors/dotnet/dotnet_test.go similarity index 76% rename from pkg/detectors/dotnet/dotnet_test.go rename to internal/detectors/dotnet/dotnet_test.go index 4b01d70e1..7dfacaa23 100644 --- a/pkg/detectors/dotnet/dotnet_test.go +++ b/internal/detectors/dotnet/dotnet_test.go @@ -6,9 +6,9 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" - reportdetectors "github.com/bearer/bearer/pkg/report/detectors" + reportdetectors "github.com/bearer/bearer/internal/report/detectors" ) const detectorType = reportdetectors.DetectorDotnet diff --git a/pkg/detectors/dotnet/testdata/project/db_contexts/multiple/Startup.cs b/internal/detectors/dotnet/testdata/project/db_contexts/multiple/Startup.cs similarity index 100% rename from pkg/detectors/dotnet/testdata/project/db_contexts/multiple/Startup.cs rename to internal/detectors/dotnet/testdata/project/db_contexts/multiple/Startup.cs diff --git a/pkg/detectors/dotnet/testdata/project/db_contexts/multiple/TodoApi.csproj b/internal/detectors/dotnet/testdata/project/db_contexts/multiple/TodoApi.csproj similarity index 100% rename from pkg/detectors/dotnet/testdata/project/db_contexts/multiple/TodoApi.csproj rename to internal/detectors/dotnet/testdata/project/db_contexts/multiple/TodoApi.csproj diff --git a/pkg/detectors/dotnet/testdata/project/db_contexts/multiple/nested/Startup.cs b/internal/detectors/dotnet/testdata/project/db_contexts/multiple/nested/Startup.cs similarity index 100% rename from pkg/detectors/dotnet/testdata/project/db_contexts/multiple/nested/Startup.cs rename to internal/detectors/dotnet/testdata/project/db_contexts/multiple/nested/Startup.cs diff --git a/pkg/detectors/dotnet/testdata/project/multiple/MvcMovie.csproj b/internal/detectors/dotnet/testdata/project/multiple/MvcMovie.csproj similarity index 100% rename from pkg/detectors/dotnet/testdata/project/multiple/MvcMovie.csproj rename to internal/detectors/dotnet/testdata/project/multiple/MvcMovie.csproj diff --git a/pkg/detectors/dotnet/testdata/project/multiple/TodoApi.csproj b/internal/detectors/dotnet/testdata/project/multiple/TodoApi.csproj similarity index 100% rename from pkg/detectors/dotnet/testdata/project/multiple/TodoApi.csproj rename to internal/detectors/dotnet/testdata/project/multiple/TodoApi.csproj diff --git a/pkg/detectors/dotnet/testdata/project/single/TodoApi.csproj b/internal/detectors/dotnet/testdata/project/single/TodoApi.csproj similarity index 100% rename from pkg/detectors/dotnet/testdata/project/single/TodoApi.csproj rename to internal/detectors/dotnet/testdata/project/single/TodoApi.csproj diff --git a/pkg/detectors/dotnet/testdata/project/test/TodoApiTests.csproj b/internal/detectors/dotnet/testdata/project/test/TodoApiTests.csproj similarity index 100% rename from pkg/detectors/dotnet/testdata/project/test/TodoApiTests.csproj rename to internal/detectors/dotnet/testdata/project/test/TodoApiTests.csproj diff --git a/pkg/detectors/envfile/.snapshots/TestDetectorReportVariables b/internal/detectors/envfile/.snapshots/TestDetectorReportVariables similarity index 100% rename from pkg/detectors/envfile/.snapshots/TestDetectorReportVariables rename to internal/detectors/envfile/.snapshots/TestDetectorReportVariables diff --git a/pkg/detectors/envfile/envfile.go b/internal/detectors/envfile/envfile.go similarity index 77% rename from pkg/detectors/envfile/envfile.go rename to internal/detectors/envfile/envfile.go index 70c7cdd0a..b858a1220 100644 --- a/pkg/detectors/envfile/envfile.go +++ b/internal/detectors/envfile/envfile.go @@ -6,14 +6,14 @@ import ( "github.com/smacker/go-tree-sitter/bash" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/interfaces" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - reportinterface "github.com/bearer/bearer/pkg/report/interfaces" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/interfaces" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + reportinterface "github.com/bearer/bearer/internal/report/interfaces" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/util/file" ) var ( diff --git a/pkg/detectors/envfile/envfile_test.go b/internal/detectors/envfile/envfile_test.go similarity index 77% rename from pkg/detectors/envfile/envfile_test.go rename to internal/detectors/envfile/envfile_test.go index 8aee09f5d..60779a924 100644 --- a/pkg/detectors/envfile/envfile_test.go +++ b/internal/detectors/envfile/envfile_test.go @@ -6,8 +6,8 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" ) const detectorType = detectors.DetectorEnvFile diff --git a/pkg/detectors/envfile/testdata/variables/.envrc.example b/internal/detectors/envfile/testdata/variables/.envrc.example similarity index 100% rename from pkg/detectors/envfile/testdata/variables/.envrc.example rename to internal/detectors/envfile/testdata/variables/.envrc.example diff --git a/pkg/detectors/gitleaks/.snapshots/TestSecretLeaks b/internal/detectors/gitleaks/.snapshots/TestSecretLeaks similarity index 100% rename from pkg/detectors/gitleaks/.snapshots/TestSecretLeaks rename to internal/detectors/gitleaks/.snapshots/TestSecretLeaks diff --git a/pkg/detectors/gitleaks/gitlab_config.toml b/internal/detectors/gitleaks/gitlab_config.toml similarity index 100% rename from pkg/detectors/gitleaks/gitlab_config.toml rename to internal/detectors/gitleaks/gitlab_config.toml diff --git a/pkg/detectors/gitleaks/gitleaks.go b/internal/detectors/gitleaks/gitleaks.go similarity index 83% rename from pkg/detectors/gitleaks/gitleaks.go rename to internal/detectors/gitleaks/gitleaks.go index e6286d1e1..4c29f8cf5 100644 --- a/pkg/detectors/gitleaks/gitleaks.go +++ b/internal/detectors/gitleaks/gitleaks.go @@ -5,12 +5,12 @@ import ( "log" "strings" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/secret" - "github.com/bearer/bearer/pkg/report/source" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/secret" + "github.com/bearer/bearer/internal/report/source" + "github.com/bearer/bearer/internal/util/file" "github.com/pelletier/go-toml" "github.com/zricethezav/gitleaks/v8/config" "github.com/zricethezav/gitleaks/v8/detect" diff --git a/pkg/detectors/gitleaks/gitleaks_test.go b/internal/detectors/gitleaks/gitleaks_test.go similarity index 62% rename from pkg/detectors/gitleaks/gitleaks_test.go rename to internal/detectors/gitleaks/gitleaks_test.go index bd376627b..747ffae7e 100644 --- a/pkg/detectors/gitleaks/gitleaks_test.go +++ b/internal/detectors/gitleaks/gitleaks_test.go @@ -6,12 +6,12 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors/gitleaks" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/gitleaks" + detectortypes "github.com/bearer/bearer/internal/report/detectors" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/parser/nodeid" ) const detectorType = detectortypes.DetectorGitleaks diff --git a/pkg/detectors/gitleaks/testdata/aws.js b/internal/detectors/gitleaks/testdata/aws.js similarity index 100% rename from pkg/detectors/gitleaks/testdata/aws.js rename to internal/detectors/gitleaks/testdata/aws.js diff --git a/pkg/detectors/gitleaks/testdata/regex/rsa.pem b/internal/detectors/gitleaks/testdata/regex/rsa.pem similarity index 100% rename from pkg/detectors/gitleaks/testdata/regex/rsa.pem rename to internal/detectors/gitleaks/testdata/regex/rsa.pem diff --git a/pkg/detectors/golang/.snapshots/TestDetectorReportDataTypes b/internal/detectors/golang/.snapshots/TestDetectorReportDataTypes similarity index 100% rename from pkg/detectors/golang/.snapshots/TestDetectorReportDataTypes rename to internal/detectors/golang/.snapshots/TestDetectorReportDataTypes diff --git a/pkg/detectors/golang/.snapshots/TestDetectorReportInterfacesPaths b/internal/detectors/golang/.snapshots/TestDetectorReportInterfacesPaths similarity index 100% rename from pkg/detectors/golang/.snapshots/TestDetectorReportInterfacesPaths rename to internal/detectors/golang/.snapshots/TestDetectorReportInterfacesPaths diff --git a/pkg/detectors/golang/.snapshots/TestDetectorReportInterfacesProject b/internal/detectors/golang/.snapshots/TestDetectorReportInterfacesProject similarity index 100% rename from pkg/detectors/golang/.snapshots/TestDetectorReportInterfacesProject rename to internal/detectors/golang/.snapshots/TestDetectorReportInterfacesProject diff --git a/pkg/detectors/golang/datatype/datatype.go b/internal/detectors/golang/datatype/datatype.go similarity index 94% rename from pkg/detectors/golang/datatype/datatype.go rename to internal/detectors/golang/datatype/datatype.go index de68ad3b4..c951b7f33 100644 --- a/pkg/detectors/golang/datatype/datatype.go +++ b/internal/detectors/golang/datatype/datatype.go @@ -3,14 +3,14 @@ package datatype import ( "strings" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/datatype" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/schema" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/datatype" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/schema" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" "github.com/smacker/go-tree-sitter/golang" ) diff --git a/pkg/detectors/golang/golang.go b/internal/detectors/golang/golang.go similarity index 88% rename from pkg/detectors/golang/golang.go rename to internal/detectors/golang/golang.go index ee0e302bb..200c78102 100644 --- a/pkg/detectors/golang/golang.go +++ b/internal/detectors/golang/golang.go @@ -6,19 +6,19 @@ import ( "github.com/go-enry/go-enry/v2/regex" "github.com/smacker/go-tree-sitter/golang" - "github.com/bearer/bearer/pkg/detectors/golang/datatype" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/golang_util" - "github.com/bearer/bearer/pkg/parser/interfacedetector" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/report/variables" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/normalize_key" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/golang/datatype" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/golang_util" + "github.com/bearer/bearer/internal/parser/interfacedetector" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/report/variables" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/normalize_key" + "github.com/bearer/bearer/internal/util/stringutil" ) var ( diff --git a/pkg/detectors/golang/golang_test.go b/internal/detectors/golang/golang_test.go similarity index 80% rename from pkg/detectors/golang/golang_test.go rename to internal/detectors/golang/golang_test.go index 909fef161..9324e829d 100644 --- a/pkg/detectors/golang/golang_test.go +++ b/internal/detectors/golang/golang_test.go @@ -6,12 +6,12 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/golang" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/golang" + "github.com/bearer/bearer/internal/parser/nodeid" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + detectortypes "github.com/bearer/bearer/internal/report/detectors" ) const detectorType = detectortypes.DetectorGo diff --git a/pkg/detectors/golang/testdata/datatypes/datatype.go b/internal/detectors/golang/testdata/datatypes/datatype.go similarity index 100% rename from pkg/detectors/golang/testdata/datatypes/datatype.go rename to internal/detectors/golang/testdata/datatypes/datatype.go diff --git a/pkg/detectors/golang/testdata/paths/paths.go b/internal/detectors/golang/testdata/paths/paths.go similarity index 100% rename from pkg/detectors/golang/testdata/paths/paths.go rename to internal/detectors/golang/testdata/paths/paths.go diff --git a/pkg/detectors/golang/testdata/project/config.go b/internal/detectors/golang/testdata/project/config.go similarity index 100% rename from pkg/detectors/golang/testdata/project/config.go rename to internal/detectors/golang/testdata/project/config.go diff --git a/pkg/detectors/golang/testdata/project/urls.go b/internal/detectors/golang/testdata/project/urls.go similarity index 100% rename from pkg/detectors/golang/testdata/project/urls.go rename to internal/detectors/golang/testdata/project/urls.go diff --git a/pkg/detectors/graphql/.snapshots/TestBuildReportSchema b/internal/detectors/graphql/.snapshots/TestBuildReportSchema similarity index 100% rename from pkg/detectors/graphql/.snapshots/TestBuildReportSchema rename to internal/detectors/graphql/.snapshots/TestBuildReportSchema diff --git a/pkg/detectors/graphql/graphql.go b/internal/detectors/graphql/graphql.go similarity index 85% rename from pkg/detectors/graphql/graphql.go rename to internal/detectors/graphql/graphql.go index f46d038f5..90b315368 100644 --- a/pkg/detectors/graphql/graphql.go +++ b/internal/detectors/graphql/graphql.go @@ -3,17 +3,17 @@ package graphql import ( "strings" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - parserschema "github.com/bearer/bearer/pkg/parser/schema" - "github.com/bearer/bearer/pkg/parser/sitter/graphql" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/pluralize" - - reporttypes "github.com/bearer/bearer/pkg/report" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + parserschema "github.com/bearer/bearer/internal/parser/schema" + "github.com/bearer/bearer/internal/parser/sitter/graphql" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/pluralize" + + reporttypes "github.com/bearer/bearer/internal/report" ) var ( diff --git a/pkg/detectors/graphql/graphql_test.go b/internal/detectors/graphql/graphql_test.go similarity index 62% rename from pkg/detectors/graphql/graphql_test.go rename to internal/detectors/graphql/graphql_test.go index 0ee6d2e01..7aa73a9e2 100644 --- a/pkg/detectors/graphql/graphql_test.go +++ b/internal/detectors/graphql/graphql_test.go @@ -4,11 +4,11 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/graphql" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/parser/nodeid" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/graphql" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/parser/nodeid" + detectortypes "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/graphql/testdata/schemas/schema.graphql b/internal/detectors/graphql/testdata/schemas/schema.graphql similarity index 100% rename from pkg/detectors/graphql/testdata/schemas/schema.graphql rename to internal/detectors/graphql/testdata/schemas/schema.graphql diff --git a/pkg/detectors/html/.snapshots/TestDetectorReportInterfaces b/internal/detectors/html/.snapshots/TestDetectorReportInterfaces similarity index 100% rename from pkg/detectors/html/.snapshots/TestDetectorReportInterfaces rename to internal/detectors/html/.snapshots/TestDetectorReportInterfaces diff --git a/pkg/detectors/html/html.go b/internal/detectors/html/html.go similarity index 84% rename from pkg/detectors/html/html.go rename to internal/detectors/html/html.go index 3ae5ac23f..368d4ff18 100644 --- a/pkg/detectors/html/html.go +++ b/internal/detectors/html/html.go @@ -1,17 +1,17 @@ package html import ( - "github.com/bearer/bearer/pkg/detectors/javascript" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/interfaces" - "github.com/bearer/bearer/pkg/parser/nodeid" - html "github.com/bearer/bearer/pkg/parser/sitter/html2" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - interfacetype "github.com/bearer/bearer/pkg/report/interfaces" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/javascript" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/interfaces" + "github.com/bearer/bearer/internal/parser/nodeid" + html "github.com/bearer/bearer/internal/parser/sitter/html2" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + interfacetype "github.com/bearer/bearer/internal/report/interfaces" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/util/file" ) var ( diff --git a/pkg/detectors/html/html_test.go b/internal/detectors/html/html_test.go similarity index 64% rename from pkg/detectors/html/html_test.go rename to internal/detectors/html/html_test.go index 9ab5ed23e..ff259117e 100644 --- a/pkg/detectors/html/html_test.go +++ b/internal/detectors/html/html_test.go @@ -6,12 +6,12 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors/html" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/html" + detectortypes "github.com/bearer/bearer/internal/report/detectors" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/parser/nodeid" ) const detectorType = detectortypes.DetectorHTML diff --git a/pkg/detectors/html/testdata/project/app.vue b/internal/detectors/html/testdata/project/app.vue similarity index 100% rename from pkg/detectors/html/testdata/project/app.vue rename to internal/detectors/html/testdata/project/app.vue diff --git a/pkg/detectors/html/testdata/project/base.html.twig b/internal/detectors/html/testdata/project/base.html.twig similarity index 100% rename from pkg/detectors/html/testdata/project/base.html.twig rename to internal/detectors/html/testdata/project/base.html.twig diff --git a/pkg/detectors/html/testdata/project/google_analytics.html b/internal/detectors/html/testdata/project/google_analytics.html similarity index 100% rename from pkg/detectors/html/testdata/project/google_analytics.html rename to internal/detectors/html/testdata/project/google_analytics.html diff --git a/pkg/detectors/html/testdata/project/index.cshtml b/internal/detectors/html/testdata/project/index.cshtml similarity index 100% rename from pkg/detectors/html/testdata/project/index.cshtml rename to internal/detectors/html/testdata/project/index.cshtml diff --git a/pkg/detectors/html/testdata/project/index.ejs b/internal/detectors/html/testdata/project/index.ejs similarity index 100% rename from pkg/detectors/html/testdata/project/index.ejs rename to internal/detectors/html/testdata/project/index.ejs diff --git a/pkg/detectors/html/testdata/project/index.handlebars b/internal/detectors/html/testdata/project/index.handlebars similarity index 100% rename from pkg/detectors/html/testdata/project/index.handlebars rename to internal/detectors/html/testdata/project/index.handlebars diff --git a/pkg/detectors/html/testdata/project/index.html b/internal/detectors/html/testdata/project/index.html similarity index 100% rename from pkg/detectors/html/testdata/project/index.html rename to internal/detectors/html/testdata/project/index.html diff --git a/pkg/detectors/html/testdata/project/index.html.erb b/internal/detectors/html/testdata/project/index.html.erb similarity index 100% rename from pkg/detectors/html/testdata/project/index.html.erb rename to internal/detectors/html/testdata/project/index.html.erb diff --git a/pkg/detectors/html/testdata/project/index.html.twig b/internal/detectors/html/testdata/project/index.html.twig similarity index 100% rename from pkg/detectors/html/testdata/project/index.html.twig rename to internal/detectors/html/testdata/project/index.html.twig diff --git a/pkg/detectors/html/testdata/project/index.jinja b/internal/detectors/html/testdata/project/index.jinja similarity index 100% rename from pkg/detectors/html/testdata/project/index.jinja rename to internal/detectors/html/testdata/project/index.jinja diff --git a/pkg/detectors/html/testdata/project/index.liquid b/internal/detectors/html/testdata/project/index.liquid similarity index 100% rename from pkg/detectors/html/testdata/project/index.liquid rename to internal/detectors/html/testdata/project/index.liquid diff --git a/pkg/detectors/html/testdata/project/index.mustache b/internal/detectors/html/testdata/project/index.mustache similarity index 100% rename from pkg/detectors/html/testdata/project/index.mustache rename to internal/detectors/html/testdata/project/index.mustache diff --git a/pkg/detectors/html/testdata/project/index.phtml b/internal/detectors/html/testdata/project/index.phtml similarity index 100% rename from pkg/detectors/html/testdata/project/index.phtml rename to internal/detectors/html/testdata/project/index.phtml diff --git a/pkg/detectors/internal/testhelper/testhelper.go b/internal/detectors/internal/testhelper/testhelper.go similarity index 88% rename from pkg/detectors/internal/testhelper/testhelper.go rename to internal/detectors/internal/testhelper/testhelper.go index 0b3ad5e8a..17ba78350 100644 --- a/pkg/detectors/internal/testhelper/testhelper.go +++ b/internal/detectors/internal/testhelper/testhelper.go @@ -7,19 +7,19 @@ import ( "path/filepath" "strings" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - - "github.com/bearer/bearer/pkg/report/dependencies" - "github.com/bearer/bearer/pkg/report/detections" - reportdetectors "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/frameworks" - "github.com/bearer/bearer/pkg/report/interfaces" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/report/schema/datatype" - "github.com/bearer/bearer/pkg/report/secret" - "github.com/bearer/bearer/pkg/report/source" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + + "github.com/bearer/bearer/internal/report/dependencies" + "github.com/bearer/bearer/internal/report/detections" + reportdetectors "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/frameworks" + "github.com/bearer/bearer/internal/report/interfaces" + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/report/schema/datatype" + "github.com/bearer/bearer/internal/report/secret" + "github.com/bearer/bearer/internal/report/source" "github.com/stretchr/testify/assert" ) @@ -53,7 +53,7 @@ func Extract( } for _, filename := range files { - err = detectors.ExtractWithDetectors(context.Background(), path, filename, &report, nil, registrations) + err = detectors.ExtractWithDetectors(context.Background(), path, filename, &report, nil, registrations, nil) if !assert.Nil(t, err) { t.Errorf("report has errored %s", err) } diff --git a/pkg/detectors/ipynb/.snapshots/TestDetectorReportInterfaces b/internal/detectors/ipynb/.snapshots/TestDetectorReportInterfaces similarity index 100% rename from pkg/detectors/ipynb/.snapshots/TestDetectorReportInterfaces rename to internal/detectors/ipynb/.snapshots/TestDetectorReportInterfaces diff --git a/pkg/detectors/ipynb/ipynb.go b/internal/detectors/ipynb/ipynb.go similarity index 87% rename from pkg/detectors/ipynb/ipynb.go rename to internal/detectors/ipynb/ipynb.go index 57609fbf3..06e01adf4 100644 --- a/pkg/detectors/ipynb/ipynb.go +++ b/internal/detectors/ipynb/ipynb.go @@ -4,13 +4,13 @@ import ( "strconv" "strings" - "github.com/bearer/bearer/pkg/detectors/python" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/detectors/python" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" jslang "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/ipynb/ipynb_test.go b/internal/detectors/ipynb/ipynb_test.go similarity index 64% rename from pkg/detectors/ipynb/ipynb_test.go rename to internal/detectors/ipynb/ipynb_test.go index 4a4e0cb1c..c892496df 100644 --- a/pkg/detectors/ipynb/ipynb_test.go +++ b/internal/detectors/ipynb/ipynb_test.go @@ -6,12 +6,12 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors/ipynb" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/ipynb" + detectortypes "github.com/bearer/bearer/internal/report/detectors" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/parser/nodeid" ) const detectorType = detectortypes.DetectorIPYNB diff --git a/pkg/detectors/ipynb/testdata/notebooks/small.ipynb b/internal/detectors/ipynb/testdata/notebooks/small.ipynb similarity index 100% rename from pkg/detectors/ipynb/testdata/notebooks/small.ipynb rename to internal/detectors/ipynb/testdata/notebooks/small.ipynb diff --git a/pkg/detectors/java/.snapshots/TestDetectorReportDataTypes b/internal/detectors/java/.snapshots/TestDetectorReportDataTypes similarity index 100% rename from pkg/detectors/java/.snapshots/TestDetectorReportDataTypes rename to internal/detectors/java/.snapshots/TestDetectorReportDataTypes diff --git a/pkg/detectors/java/.snapshots/TestDetectorReportPaths b/internal/detectors/java/.snapshots/TestDetectorReportPaths similarity index 100% rename from pkg/detectors/java/.snapshots/TestDetectorReportPaths rename to internal/detectors/java/.snapshots/TestDetectorReportPaths diff --git a/pkg/detectors/java/.snapshots/TestDetectorReportVariables b/internal/detectors/java/.snapshots/TestDetectorReportVariables similarity index 100% rename from pkg/detectors/java/.snapshots/TestDetectorReportVariables rename to internal/detectors/java/.snapshots/TestDetectorReportVariables diff --git a/pkg/detectors/java/datatype/datatype.go b/internal/detectors/java/datatype/datatype.go similarity index 89% rename from pkg/detectors/java/datatype/datatype.go rename to internal/detectors/java/datatype/datatype.go index 689c86888..796d7df77 100644 --- a/pkg/detectors/java/datatype/datatype.go +++ b/internal/detectors/java/datatype/datatype.go @@ -3,14 +3,14 @@ package datatype import ( "strings" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/datatype" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/schema" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/datatype" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/schema" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" "github.com/smacker/go-tree-sitter/java" ) diff --git a/pkg/detectors/java/java.go b/internal/detectors/java/java.go similarity index 85% rename from pkg/detectors/java/java.go rename to internal/detectors/java/java.go index 2da839e2a..f425457fd 100644 --- a/pkg/detectors/java/java.go +++ b/internal/detectors/java/java.go @@ -5,16 +5,16 @@ import ( "github.com/smacker/go-tree-sitter/java" - "github.com/bearer/bearer/pkg/detectors/java/datatype" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/interfacedetector" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/report/variables" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/java/datatype" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/interfacedetector" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/report/variables" + "github.com/bearer/bearer/internal/util/file" ) var ( diff --git a/pkg/detectors/java/java_test.go b/internal/detectors/java/java_test.go similarity index 80% rename from pkg/detectors/java/java_test.go rename to internal/detectors/java/java_test.go index 4cad63a67..fdbea0500 100644 --- a/pkg/detectors/java/java_test.go +++ b/internal/detectors/java/java_test.go @@ -6,12 +6,12 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/java" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/java" + "github.com/bearer/bearer/internal/parser/nodeid" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + detectortypes "github.com/bearer/bearer/internal/report/detectors" ) const detectorType = detectortypes.DetectorJava diff --git a/pkg/detectors/java/testdata/datatype/datatype.java b/internal/detectors/java/testdata/datatype/datatype.java similarity index 100% rename from pkg/detectors/java/testdata/datatype/datatype.java rename to internal/detectors/java/testdata/datatype/datatype.java diff --git a/pkg/detectors/java/testdata/paths/config.java b/internal/detectors/java/testdata/paths/config.java similarity index 100% rename from pkg/detectors/java/testdata/paths/config.java rename to internal/detectors/java/testdata/paths/config.java diff --git a/pkg/detectors/java/testdata/variables/config.java b/internal/detectors/java/testdata/variables/config.java similarity index 100% rename from pkg/detectors/java/testdata/variables/config.java rename to internal/detectors/java/testdata/variables/config.java diff --git a/pkg/detectors/javascript/.snapshots/TestDetectorReportDatatypes b/internal/detectors/javascript/.snapshots/TestDetectorReportDatatypes similarity index 100% rename from pkg/detectors/javascript/.snapshots/TestDetectorReportDatatypes rename to internal/detectors/javascript/.snapshots/TestDetectorReportDatatypes diff --git a/pkg/detectors/javascript/.snapshots/TestDetectorReportGeneral b/internal/detectors/javascript/.snapshots/TestDetectorReportGeneral similarity index 100% rename from pkg/detectors/javascript/.snapshots/TestDetectorReportGeneral rename to internal/detectors/javascript/.snapshots/TestDetectorReportGeneral diff --git a/pkg/detectors/javascript/datatype/datatype.go b/internal/detectors/javascript/datatype/datatype.go similarity index 63% rename from pkg/detectors/javascript/datatype/datatype.go rename to internal/detectors/javascript/datatype/datatype.go index a33b1c2dc..3952db60b 100644 --- a/pkg/detectors/javascript/datatype/datatype.go +++ b/internal/detectors/javascript/datatype/datatype.go @@ -1,13 +1,13 @@ package datatype import ( - "github.com/bearer/bearer/pkg/parser" - parserdatatype "github.com/bearer/bearer/pkg/parser/datatype" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/detectors" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + parserdatatype "github.com/bearer/bearer/internal/parser/datatype" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/detectors" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" ) func Discover(report report.Report, tree *parser.Tree, idGenerator nodeid.Generator) { diff --git a/pkg/detectors/javascript/datatype/objects.go b/internal/detectors/javascript/datatype/objects.go similarity index 97% rename from pkg/detectors/javascript/datatype/objects.go rename to internal/detectors/javascript/datatype/objects.go index a2d8536e6..be8ff62f4 100644 --- a/pkg/detectors/javascript/datatype/objects.go +++ b/internal/detectors/javascript/datatype/objects.go @@ -3,10 +3,10 @@ package datatype import ( "strings" - "github.com/bearer/bearer/pkg/parser" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" - "github.com/bearer/bearer/pkg/report/schema" + "github.com/bearer/bearer/internal/report/schema" "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/javascript/datatype/properties.go b/internal/detectors/javascript/datatype/properties.go similarity index 92% rename from pkg/detectors/javascript/datatype/properties.go rename to internal/detectors/javascript/datatype/properties.go index cd69fc02a..263f6bbd3 100644 --- a/pkg/detectors/javascript/datatype/properties.go +++ b/internal/detectors/javascript/datatype/properties.go @@ -1,12 +1,12 @@ package datatype import ( - "github.com/bearer/bearer/pkg/parser" - parserdatatype "github.com/bearer/bearer/pkg/parser/datatype" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + parserdatatype "github.com/bearer/bearer/internal/parser/datatype" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema" "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/javascript/javascript.go b/internal/detectors/javascript/javascript.go similarity index 89% rename from pkg/detectors/javascript/javascript.go rename to internal/detectors/javascript/javascript.go index b86ed1324..f41d8ea72 100644 --- a/pkg/detectors/javascript/javascript.go +++ b/internal/detectors/javascript/javascript.go @@ -8,16 +8,16 @@ import ( sitter "github.com/smacker/go-tree-sitter" - "github.com/bearer/bearer/pkg/detectors/javascript/datatype" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/interfacedetector" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/report/variables" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/javascript/datatype" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/interfacedetector" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/report/variables" + "github.com/bearer/bearer/internal/util/file" ) var ( diff --git a/pkg/detectors/javascript/javascript_test.go b/internal/detectors/javascript/javascript_test.go similarity index 80% rename from pkg/detectors/javascript/javascript_test.go rename to internal/detectors/javascript/javascript_test.go index 59e3e6675..923039c11 100644 --- a/pkg/detectors/javascript/javascript_test.go +++ b/internal/detectors/javascript/javascript_test.go @@ -6,12 +6,12 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors/javascript" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/javascript" + detectortypes "github.com/bearer/bearer/internal/report/detectors" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/parser/nodeid" ) const detectorType = detectortypes.DetectorJavascript diff --git a/pkg/detectors/javascript/testdata/datatypes/datatypes.js b/internal/detectors/javascript/testdata/datatypes/datatypes.js similarity index 100% rename from pkg/detectors/javascript/testdata/datatypes/datatypes.js rename to internal/detectors/javascript/testdata/datatypes/datatypes.js diff --git a/pkg/detectors/javascript/testdata/datatypes_performance/angular1.8.min.js b/internal/detectors/javascript/testdata/datatypes_performance/angular1.8.min.js similarity index 100% rename from pkg/detectors/javascript/testdata/datatypes_performance/angular1.8.min.js rename to internal/detectors/javascript/testdata/datatypes_performance/angular1.8.min.js diff --git a/pkg/detectors/javascript/testdata/general/paths/main.js b/internal/detectors/javascript/testdata/general/paths/main.js similarity index 100% rename from pkg/detectors/javascript/testdata/general/paths/main.js rename to internal/detectors/javascript/testdata/general/paths/main.js diff --git a/pkg/detectors/javascript/testdata/general/variables/config.js b/internal/detectors/javascript/testdata/general/variables/config.js similarity index 100% rename from pkg/detectors/javascript/testdata/general/variables/config.js rename to internal/detectors/javascript/testdata/general/variables/config.js diff --git a/pkg/detectors/javascript/util/util.go b/internal/detectors/javascript/util/util.go similarity index 96% rename from pkg/detectors/javascript/util/util.go rename to internal/detectors/javascript/util/util.go index da7caaabd..20d0430ca 100644 --- a/pkg/detectors/javascript/util/util.go +++ b/internal/detectors/javascript/util/util.go @@ -1,8 +1,8 @@ package util import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/util/stringutil" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/detectors/openapi/.snapshots/TestDetectorV2json b/internal/detectors/openapi/.snapshots/TestDetectorV2json similarity index 100% rename from pkg/detectors/openapi/.snapshots/TestDetectorV2json rename to internal/detectors/openapi/.snapshots/TestDetectorV2json diff --git a/pkg/detectors/openapi/.snapshots/TestDetectorV2yaml b/internal/detectors/openapi/.snapshots/TestDetectorV2yaml similarity index 100% rename from pkg/detectors/openapi/.snapshots/TestDetectorV2yaml rename to internal/detectors/openapi/.snapshots/TestDetectorV2yaml diff --git a/pkg/detectors/openapi/.snapshots/TestDetectorV3json b/internal/detectors/openapi/.snapshots/TestDetectorV3json similarity index 100% rename from pkg/detectors/openapi/.snapshots/TestDetectorV3json rename to internal/detectors/openapi/.snapshots/TestDetectorV3json diff --git a/pkg/detectors/openapi/.snapshots/TestDetectorV3yaml b/internal/detectors/openapi/.snapshots/TestDetectorV3yaml similarity index 100% rename from pkg/detectors/openapi/.snapshots/TestDetectorV3yaml rename to internal/detectors/openapi/.snapshots/TestDetectorV3yaml diff --git a/pkg/detectors/openapi/.snapshots/TestOtherjson b/internal/detectors/openapi/.snapshots/TestOtherjson similarity index 100% rename from pkg/detectors/openapi/.snapshots/TestOtherjson rename to internal/detectors/openapi/.snapshots/TestOtherjson diff --git a/pkg/detectors/openapi/json/objects.go b/internal/detectors/openapi/json/objects.go similarity index 81% rename from pkg/detectors/openapi/json/objects.go rename to internal/detectors/openapi/json/objects.go index a86832ab8..ed068a983 100644 --- a/pkg/detectors/openapi/json/objects.go +++ b/internal/detectors/openapi/json/objects.go @@ -1,10 +1,10 @@ package json import ( - "github.com/bearer/bearer/pkg/detectors/openapi/queries" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema/schemahelper" + "github.com/bearer/bearer/internal/detectors/openapi/queries" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema/schemahelper" "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/openapi/json/operationId.go b/internal/detectors/openapi/json/operationId.go similarity index 82% rename from pkg/detectors/openapi/json/operationId.go rename to internal/detectors/openapi/json/operationId.go index 09bd1d90d..297e4a066 100644 --- a/pkg/detectors/openapi/json/operationId.go +++ b/internal/detectors/openapi/json/operationId.go @@ -1,10 +1,10 @@ package json import ( - "github.com/bearer/bearer/pkg/detectors/openapi/queries" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema/schemahelper" + "github.com/bearer/bearer/internal/detectors/openapi/queries" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema/schemahelper" "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/openapi/json/paths.go b/internal/detectors/openapi/json/paths.go similarity index 82% rename from pkg/detectors/openapi/json/paths.go rename to internal/detectors/openapi/json/paths.go index 4b376aa27..13fda3337 100644 --- a/pkg/detectors/openapi/json/paths.go +++ b/internal/detectors/openapi/json/paths.go @@ -1,9 +1,9 @@ package json import ( - "github.com/bearer/bearer/pkg/detectors/openapi/queries" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report/operations/operationshelper" + "github.com/bearer/bearer/internal/detectors/openapi/queries" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report/operations/operationshelper" "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/openapi/openapi.go b/internal/detectors/openapi/openapi.go similarity index 83% rename from pkg/detectors/openapi/openapi.go rename to internal/detectors/openapi/openapi.go index 7494772d9..ea417c6bd 100644 --- a/pkg/detectors/openapi/openapi.go +++ b/internal/detectors/openapi/openapi.go @@ -5,20 +5,20 @@ import ( "encoding/json" "os" - "github.com/bearer/bearer/pkg/detectors/openapi/v2json" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/openapi/v2json" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/util/file" "github.com/ghodss/yaml" // Need to use this as some features use custom JSON unmarshalling "github.com/rs/zerolog/log" "golang.org/x/mod/semver" - "github.com/bearer/bearer/pkg/detectors/openapi/v2yaml" - "github.com/bearer/bearer/pkg/detectors/openapi/v3json" - "github.com/bearer/bearer/pkg/detectors/openapi/v3yaml" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/openapi/v2yaml" + "github.com/bearer/bearer/internal/detectors/openapi/v3json" + "github.com/bearer/bearer/internal/detectors/openapi/v3yaml" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/report/detectors" - reporttypes "github.com/bearer/bearer/pkg/report" + reporttypes "github.com/bearer/bearer/internal/report" ) type version struct { diff --git a/pkg/detectors/openapi/openapi_test.go b/internal/detectors/openapi/openapi_test.go similarity index 80% rename from pkg/detectors/openapi/openapi_test.go rename to internal/detectors/openapi/openapi_test.go index 76fbb998d..828791fae 100644 --- a/pkg/detectors/openapi/openapi_test.go +++ b/internal/detectors/openapi/openapi_test.go @@ -4,11 +4,11 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/detectors/openapi" - "github.com/bearer/bearer/pkg/parser/nodeid" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/detectors/openapi" + "github.com/bearer/bearer/internal/parser/nodeid" + detectortypes "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/openapi/queries/objects.go b/internal/detectors/openapi/queries/objects.go similarity index 88% rename from pkg/detectors/openapi/queries/objects.go rename to internal/detectors/openapi/queries/objects.go index a7e69d3c2..f497d9e10 100644 --- a/pkg/detectors/openapi/queries/objects.go +++ b/internal/detectors/openapi/queries/objects.go @@ -1,11 +1,11 @@ package queries import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/report/schema/schemahelper" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/report/schema/schemahelper" + "github.com/bearer/bearer/internal/util/stringutil" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/detectors/openapi/queries/operationId.go b/internal/detectors/openapi/queries/operationId.go similarity index 87% rename from pkg/detectors/openapi/queries/operationId.go rename to internal/detectors/openapi/queries/operationId.go index 1d85d73c2..94ca730b2 100644 --- a/pkg/detectors/openapi/queries/operationId.go +++ b/internal/detectors/openapi/queries/operationId.go @@ -1,10 +1,10 @@ package queries import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema/schemahelper" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema/schemahelper" + "github.com/bearer/bearer/internal/util/stringutil" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/detectors/openapi/queries/paths.go b/internal/detectors/openapi/queries/paths.go similarity index 78% rename from pkg/detectors/openapi/queries/paths.go rename to internal/detectors/openapi/queries/paths.go index f9a8a0d2a..a2e94e843 100644 --- a/pkg/detectors/openapi/queries/paths.go +++ b/internal/detectors/openapi/queries/paths.go @@ -1,10 +1,10 @@ package queries import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report/operations" - "github.com/bearer/bearer/pkg/report/operations/operationshelper" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report/operations" + "github.com/bearer/bearer/internal/report/operations/operationshelper" + "github.com/bearer/bearer/internal/util/stringutil" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/detectors/openapi/queries/queries.go b/internal/detectors/openapi/queries/queries.go similarity index 67% rename from pkg/detectors/openapi/queries/queries.go rename to internal/detectors/openapi/queries/queries.go index cd9f2a08c..8c7f1d92e 100644 --- a/pkg/detectors/openapi/queries/queries.go +++ b/internal/detectors/openapi/queries/queries.go @@ -1,7 +1,7 @@ package queries import ( - "github.com/bearer/bearer/pkg/parser" + "github.com/bearer/bearer/internal/parser" ) type ChildMatch interface { diff --git a/pkg/detectors/openapi/queries/urls.go b/internal/detectors/openapi/queries/urls.go similarity index 93% rename from pkg/detectors/openapi/queries/urls.go rename to internal/detectors/openapi/queries/urls.go index 82420765c..407cb95f1 100644 --- a/pkg/detectors/openapi/queries/urls.go +++ b/internal/detectors/openapi/queries/urls.go @@ -5,8 +5,8 @@ import ( "encoding/json" "os" - "github.com/bearer/bearer/pkg/report/operations" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/report/operations" + "github.com/bearer/bearer/internal/util/file" "gopkg.in/yaml.v3" ) diff --git a/pkg/detectors/openapi/queries/v2parameters.go b/internal/detectors/openapi/queries/v2parameters.go similarity index 76% rename from pkg/detectors/openapi/queries/v2parameters.go rename to internal/detectors/openapi/queries/v2parameters.go index e1512f1e0..8f8b274a0 100644 --- a/pkg/detectors/openapi/queries/v2parameters.go +++ b/internal/detectors/openapi/queries/v2parameters.go @@ -1,11 +1,11 @@ package queries import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/report/schema/schemahelper" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/report/schema/schemahelper" + "github.com/bearer/bearer/internal/util/stringutil" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/detectors/openapi/queries/v3parameters.go b/internal/detectors/openapi/queries/v3parameters.go similarity index 83% rename from pkg/detectors/openapi/queries/v3parameters.go rename to internal/detectors/openapi/queries/v3parameters.go index fe3845133..6094dd9cf 100644 --- a/pkg/detectors/openapi/queries/v3parameters.go +++ b/internal/detectors/openapi/queries/v3parameters.go @@ -1,11 +1,11 @@ package queries import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/report/schema/schemahelper" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/report/schema/schemahelper" + "github.com/bearer/bearer/internal/util/stringutil" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/detectors/openapi/reportadder/reportadder.go b/internal/detectors/openapi/reportadder/reportadder.go similarity index 83% rename from pkg/detectors/openapi/reportadder/reportadder.go rename to internal/detectors/openapi/reportadder/reportadder.go index d423a22a7..4fdf58610 100644 --- a/pkg/detectors/openapi/reportadder/reportadder.go +++ b/internal/detectors/openapi/reportadder/reportadder.go @@ -3,14 +3,14 @@ package reportadder import ( "sort" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - reporttypes "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/report/schema/schemahelper" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + reporttypes "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/report/schema/schemahelper" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" ) type SortableSchema struct { diff --git a/pkg/detectors/openapi/testdata/arrayjson/packages.json b/internal/detectors/openapi/testdata/arrayjson/packages.json similarity index 100% rename from pkg/detectors/openapi/testdata/arrayjson/packages.json rename to internal/detectors/openapi/testdata/arrayjson/packages.json diff --git a/pkg/detectors/openapi/testdata/v2json/petstore-swagger.json b/internal/detectors/openapi/testdata/v2json/petstore-swagger.json similarity index 100% rename from pkg/detectors/openapi/testdata/v2json/petstore-swagger.json rename to internal/detectors/openapi/testdata/v2json/petstore-swagger.json diff --git a/pkg/detectors/openapi/testdata/v2yaml/petstore-swagger.yaml b/internal/detectors/openapi/testdata/v2yaml/petstore-swagger.yaml similarity index 100% rename from pkg/detectors/openapi/testdata/v2yaml/petstore-swagger.yaml rename to internal/detectors/openapi/testdata/v2yaml/petstore-swagger.yaml diff --git a/pkg/detectors/openapi/testdata/v3json/petstore-openapi.json b/internal/detectors/openapi/testdata/v3json/petstore-openapi.json similarity index 100% rename from pkg/detectors/openapi/testdata/v3json/petstore-openapi.json rename to internal/detectors/openapi/testdata/v3json/petstore-openapi.json diff --git a/pkg/detectors/openapi/testdata/v3yaml/petstore-openapi.yaml b/internal/detectors/openapi/testdata/v3yaml/petstore-openapi.yaml similarity index 100% rename from pkg/detectors/openapi/testdata/v3yaml/petstore-openapi.yaml rename to internal/detectors/openapi/testdata/v3yaml/petstore-openapi.yaml diff --git a/pkg/detectors/openapi/v2json/v2json.go b/internal/detectors/openapi/v2json/v2json.go similarity index 73% rename from pkg/detectors/openapi/v2json/v2json.go rename to internal/detectors/openapi/v2json/v2json.go index 054a9775e..902322df9 100644 --- a/pkg/detectors/openapi/v2json/v2json.go +++ b/internal/detectors/openapi/v2json/v2json.go @@ -1,15 +1,15 @@ package v2json import ( - "github.com/bearer/bearer/pkg/detectors/openapi/json" - "github.com/bearer/bearer/pkg/detectors/openapi/queries" - "github.com/bearer/bearer/pkg/detectors/openapi/reportadder" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - reporttypes "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/operations/operationshelper" - "github.com/bearer/bearer/pkg/report/schema/schemahelper" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/openapi/json" + "github.com/bearer/bearer/internal/detectors/openapi/queries" + "github.com/bearer/bearer/internal/detectors/openapi/reportadder" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + reporttypes "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/operations/operationshelper" + "github.com/bearer/bearer/internal/report/schema/schemahelper" + "github.com/bearer/bearer/internal/util/file" "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/openapi/v2yaml/v2yml.go b/internal/detectors/openapi/v2yaml/v2yml.go similarity index 73% rename from pkg/detectors/openapi/v2yaml/v2yml.go rename to internal/detectors/openapi/v2yaml/v2yml.go index 5abfb8e3d..c2742e358 100644 --- a/pkg/detectors/openapi/v2yaml/v2yml.go +++ b/internal/detectors/openapi/v2yaml/v2yml.go @@ -1,15 +1,15 @@ package v2yaml import ( - "github.com/bearer/bearer/pkg/detectors/openapi/queries" - "github.com/bearer/bearer/pkg/detectors/openapi/reportadder" - yamlparser "github.com/bearer/bearer/pkg/detectors/openapi/yaml" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - reporttypes "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/operations/operationshelper" - "github.com/bearer/bearer/pkg/report/schema/schemahelper" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/openapi/queries" + "github.com/bearer/bearer/internal/detectors/openapi/reportadder" + yamlparser "github.com/bearer/bearer/internal/detectors/openapi/yaml" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + reporttypes "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/operations/operationshelper" + "github.com/bearer/bearer/internal/report/schema/schemahelper" + "github.com/bearer/bearer/internal/util/file" "github.com/smacker/go-tree-sitter/yaml" ) diff --git a/pkg/detectors/openapi/v3json/v3json.go b/internal/detectors/openapi/v3json/v3json.go similarity index 73% rename from pkg/detectors/openapi/v3json/v3json.go rename to internal/detectors/openapi/v3json/v3json.go index 6505f06be..71ef2c6b9 100644 --- a/pkg/detectors/openapi/v3json/v3json.go +++ b/internal/detectors/openapi/v3json/v3json.go @@ -1,15 +1,15 @@ package v3json import ( - "github.com/bearer/bearer/pkg/detectors/openapi/json" - "github.com/bearer/bearer/pkg/detectors/openapi/queries" - "github.com/bearer/bearer/pkg/detectors/openapi/reportadder" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - reporttypes "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/operations/operationshelper" - "github.com/bearer/bearer/pkg/report/schema/schemahelper" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/openapi/json" + "github.com/bearer/bearer/internal/detectors/openapi/queries" + "github.com/bearer/bearer/internal/detectors/openapi/reportadder" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + reporttypes "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/operations/operationshelper" + "github.com/bearer/bearer/internal/report/schema/schemahelper" + "github.com/bearer/bearer/internal/util/file" "github.com/smacker/go-tree-sitter/javascript" ) diff --git a/pkg/detectors/openapi/v3yaml/v3yml.go b/internal/detectors/openapi/v3yaml/v3yml.go similarity index 73% rename from pkg/detectors/openapi/v3yaml/v3yml.go rename to internal/detectors/openapi/v3yaml/v3yml.go index 903fbd6ce..7bb4104bb 100644 --- a/pkg/detectors/openapi/v3yaml/v3yml.go +++ b/internal/detectors/openapi/v3yaml/v3yml.go @@ -1,15 +1,15 @@ package v3yaml import ( - "github.com/bearer/bearer/pkg/detectors/openapi/queries" - "github.com/bearer/bearer/pkg/detectors/openapi/reportadder" - yamlparser "github.com/bearer/bearer/pkg/detectors/openapi/yaml" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - reporttypes "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/operations/operationshelper" - "github.com/bearer/bearer/pkg/report/schema/schemahelper" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/openapi/queries" + "github.com/bearer/bearer/internal/detectors/openapi/reportadder" + yamlparser "github.com/bearer/bearer/internal/detectors/openapi/yaml" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + reporttypes "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/operations/operationshelper" + "github.com/bearer/bearer/internal/report/schema/schemahelper" + "github.com/bearer/bearer/internal/util/file" "github.com/smacker/go-tree-sitter/yaml" ) diff --git a/pkg/detectors/openapi/yaml/objects.go b/internal/detectors/openapi/yaml/objects.go similarity index 84% rename from pkg/detectors/openapi/yaml/objects.go rename to internal/detectors/openapi/yaml/objects.go index 15e5394ab..3645ece81 100644 --- a/pkg/detectors/openapi/yaml/objects.go +++ b/internal/detectors/openapi/yaml/objects.go @@ -1,10 +1,10 @@ package yaml import ( - "github.com/bearer/bearer/pkg/detectors/openapi/queries" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema/schemahelper" + "github.com/bearer/bearer/internal/detectors/openapi/queries" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema/schemahelper" "github.com/smacker/go-tree-sitter/yaml" ) diff --git a/pkg/detectors/openapi/yaml/operationId.go b/internal/detectors/openapi/yaml/operationId.go similarity index 84% rename from pkg/detectors/openapi/yaml/operationId.go rename to internal/detectors/openapi/yaml/operationId.go index 29ba3b2f6..55a96d230 100644 --- a/pkg/detectors/openapi/yaml/operationId.go +++ b/internal/detectors/openapi/yaml/operationId.go @@ -1,10 +1,10 @@ package yaml import ( - "github.com/bearer/bearer/pkg/detectors/openapi/queries" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema/schemahelper" + "github.com/bearer/bearer/internal/detectors/openapi/queries" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema/schemahelper" "github.com/smacker/go-tree-sitter/yaml" ) diff --git a/pkg/detectors/openapi/yaml/paths.go b/internal/detectors/openapi/yaml/paths.go similarity index 85% rename from pkg/detectors/openapi/yaml/paths.go rename to internal/detectors/openapi/yaml/paths.go index 0f6ade5d1..fcfdf7032 100644 --- a/pkg/detectors/openapi/yaml/paths.go +++ b/internal/detectors/openapi/yaml/paths.go @@ -1,9 +1,9 @@ package yaml import ( - "github.com/bearer/bearer/pkg/detectors/openapi/queries" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report/operations/operationshelper" + "github.com/bearer/bearer/internal/detectors/openapi/queries" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report/operations/operationshelper" "github.com/smacker/go-tree-sitter/yaml" ) diff --git a/pkg/detectors/php/.snapshots/TestDetectorReportContext b/internal/detectors/php/.snapshots/TestDetectorReportContext similarity index 100% rename from pkg/detectors/php/.snapshots/TestDetectorReportContext rename to internal/detectors/php/.snapshots/TestDetectorReportContext diff --git a/pkg/detectors/php/.snapshots/TestDetectorReportDatatype b/internal/detectors/php/.snapshots/TestDetectorReportDatatype similarity index 100% rename from pkg/detectors/php/.snapshots/TestDetectorReportDatatype rename to internal/detectors/php/.snapshots/TestDetectorReportDatatype diff --git a/pkg/detectors/php/.snapshots/TestDetectorReportIgnore b/internal/detectors/php/.snapshots/TestDetectorReportIgnore similarity index 100% rename from pkg/detectors/php/.snapshots/TestDetectorReportIgnore rename to internal/detectors/php/.snapshots/TestDetectorReportIgnore diff --git a/pkg/detectors/php/.snapshots/TestDetectorReportInterfaces1 b/internal/detectors/php/.snapshots/TestDetectorReportInterfaces1 similarity index 100% rename from pkg/detectors/php/.snapshots/TestDetectorReportInterfaces1 rename to internal/detectors/php/.snapshots/TestDetectorReportInterfaces1 diff --git a/pkg/detectors/php/.snapshots/TestDetectorReportInterfaces2 b/internal/detectors/php/.snapshots/TestDetectorReportInterfaces2 similarity index 100% rename from pkg/detectors/php/.snapshots/TestDetectorReportInterfaces2 rename to internal/detectors/php/.snapshots/TestDetectorReportInterfaces2 diff --git a/pkg/detectors/php/context/assignment_expression.go b/internal/detectors/php/context/assignment_expression.go similarity index 80% rename from pkg/detectors/php/context/assignment_expression.go rename to internal/detectors/php/context/assignment_expression.go index 25deb3f77..2622858c9 100644 --- a/pkg/detectors/php/context/assignment_expression.go +++ b/internal/detectors/php/context/assignment_expression.go @@ -1,8 +1,8 @@ package context import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report/variables" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report/variables" ) func variableAssignmentExpression(node *parser.Node) *variables.Variable { diff --git a/pkg/detectors/php/context/finder.go b/internal/detectors/php/context/finder.go similarity index 89% rename from pkg/detectors/php/context/finder.go rename to internal/detectors/php/context/finder.go index 3155bc066..6d9b451df 100644 --- a/pkg/detectors/php/context/finder.go +++ b/internal/detectors/php/context/finder.go @@ -1,10 +1,10 @@ package context import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/context" - "github.com/bearer/bearer/pkg/report/variables" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/context" + "github.com/bearer/bearer/internal/report/variables" + "github.com/bearer/bearer/internal/util/stringutil" ) func FindContext(tree *parser.Tree) *context.Resolver { diff --git a/pkg/detectors/php/context/property_element.go b/internal/detectors/php/context/property_element.go similarity index 87% rename from pkg/detectors/php/context/property_element.go rename to internal/detectors/php/context/property_element.go index 9e43410e4..e4b433f3f 100644 --- a/pkg/detectors/php/context/property_element.go +++ b/internal/detectors/php/context/property_element.go @@ -1,8 +1,8 @@ package context import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report/variables" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report/variables" ) func variablePropertyElement(node *parser.Node) *variables.Variable { diff --git a/pkg/detectors/php/datatype/datatype.go b/internal/detectors/php/datatype/datatype.go similarity index 86% rename from pkg/detectors/php/datatype/datatype.go rename to internal/detectors/php/datatype/datatype.go index 6e5e9af61..55fef0e01 100644 --- a/pkg/detectors/php/datatype/datatype.go +++ b/internal/detectors/php/datatype/datatype.go @@ -1,16 +1,16 @@ package datatype import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/datatype" - "github.com/bearer/bearer/pkg/report/detections" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" - - "github.com/bearer/bearer/pkg/parser/nodeid" - php "github.com/bearer/bearer/pkg/parser/sitter/php2" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/schema" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/datatype" + "github.com/bearer/bearer/internal/report/detections" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" + + "github.com/bearer/bearer/internal/parser/nodeid" + php "github.com/bearer/bearer/internal/parser/sitter/php2" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/schema" ) var classesQuery = parser.QueryMustCompile(php.GetLanguage(), diff --git a/pkg/detectors/php/datatype/properties.go b/internal/detectors/php/datatype/properties.go similarity index 90% rename from pkg/detectors/php/datatype/properties.go rename to internal/detectors/php/datatype/properties.go index c308d2774..e5303c514 100644 --- a/pkg/detectors/php/datatype/properties.go +++ b/internal/detectors/php/datatype/properties.go @@ -1,12 +1,12 @@ package datatype import ( - "github.com/bearer/bearer/pkg/parser" - parserdatatype "github.com/bearer/bearer/pkg/parser/datatype" - "github.com/bearer/bearer/pkg/parser/nodeid" - php "github.com/bearer/bearer/pkg/parser/sitter/php2" - "github.com/bearer/bearer/pkg/report/schema" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + parserdatatype "github.com/bearer/bearer/internal/parser/datatype" + "github.com/bearer/bearer/internal/parser/nodeid" + php "github.com/bearer/bearer/internal/parser/sitter/php2" + "github.com/bearer/bearer/internal/report/schema" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/detectors/php/php.go b/internal/detectors/php/php.go similarity index 87% rename from pkg/detectors/php/php.go rename to internal/detectors/php/php.go index e70846c2b..dd7ce2c0d 100644 --- a/pkg/detectors/php/php.go +++ b/internal/detectors/php/php.go @@ -4,24 +4,24 @@ import ( "os" "regexp" - "github.com/bearer/bearer/pkg/detectors/html" - "github.com/bearer/bearer/pkg/detectors/php/context" - "github.com/bearer/bearer/pkg/detectors/php/datatype" - "github.com/bearer/bearer/pkg/parser/interfacedetector" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/parser/schema" - php "github.com/bearer/bearer/pkg/parser/sitter/php2" + "github.com/bearer/bearer/internal/detectors/html" + "github.com/bearer/bearer/internal/detectors/php/context" + "github.com/bearer/bearer/internal/detectors/php/datatype" + "github.com/bearer/bearer/internal/parser/interfacedetector" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/parser/schema" + php "github.com/bearer/bearer/internal/parser/sitter/php2" sitter "github.com/smacker/go-tree-sitter" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - reporttypes "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/report/variables" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + reporttypes "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/report/variables" ) var ( diff --git a/pkg/detectors/php/php_test.go b/internal/detectors/php/php_test.go similarity index 87% rename from pkg/detectors/php/php_test.go rename to internal/detectors/php/php_test.go index d2c1e8a9f..f6c8d381a 100644 --- a/pkg/detectors/php/php_test.go +++ b/internal/detectors/php/php_test.go @@ -6,12 +6,12 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors/php" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/php" + detectortypes "github.com/bearer/bearer/internal/report/detectors" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/parser/nodeid" ) const detectorType = detectortypes.DetectorPHP diff --git a/pkg/detectors/php/testdata/context/context.php b/internal/detectors/php/testdata/context/context.php similarity index 100% rename from pkg/detectors/php/testdata/context/context.php rename to internal/detectors/php/testdata/context/context.php diff --git a/pkg/detectors/php/testdata/datatype/datatype.php b/internal/detectors/php/testdata/datatype/datatype.php similarity index 100% rename from pkg/detectors/php/testdata/datatype/datatype.php rename to internal/detectors/php/testdata/datatype/datatype.php diff --git a/pkg/detectors/php/testdata/ignore/phive b/internal/detectors/php/testdata/ignore/phive similarity index 100% rename from pkg/detectors/php/testdata/ignore/phive rename to internal/detectors/php/testdata/ignore/phive diff --git a/pkg/detectors/php/testdata/paths/paths.php b/internal/detectors/php/testdata/paths/paths.php similarity index 100% rename from pkg/detectors/php/testdata/paths/paths.php rename to internal/detectors/php/testdata/paths/paths.php diff --git a/pkg/detectors/php/testdata/variables/config.php b/internal/detectors/php/testdata/variables/config.php similarity index 100% rename from pkg/detectors/php/testdata/variables/config.php rename to internal/detectors/php/testdata/variables/config.php diff --git a/pkg/detectors/proto/.snapshots/TestBuildReportSchema b/internal/detectors/proto/.snapshots/TestBuildReportSchema similarity index 100% rename from pkg/detectors/proto/.snapshots/TestBuildReportSchema rename to internal/detectors/proto/.snapshots/TestBuildReportSchema diff --git a/pkg/detectors/proto/proto.go b/internal/detectors/proto/proto.go similarity index 85% rename from pkg/detectors/proto/proto.go rename to internal/detectors/proto/proto.go index 0c9b14667..ad7260629 100644 --- a/pkg/detectors/proto/proto.go +++ b/internal/detectors/proto/proto.go @@ -3,17 +3,17 @@ package proto import ( "strings" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/sitter/proto" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/pluralize" - - "github.com/bearer/bearer/pkg/parser/nodeid" - parserschema "github.com/bearer/bearer/pkg/parser/schema" - reporttypes "github.com/bearer/bearer/pkg/report" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/sitter/proto" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/pluralize" + + "github.com/bearer/bearer/internal/parser/nodeid" + parserschema "github.com/bearer/bearer/internal/parser/schema" + reporttypes "github.com/bearer/bearer/internal/report" ) var ( diff --git a/pkg/detectors/proto/proto_test.go b/internal/detectors/proto/proto_test.go similarity index 62% rename from pkg/detectors/proto/proto_test.go rename to internal/detectors/proto/proto_test.go index 85b3135eb..d5c05dbf8 100644 --- a/pkg/detectors/proto/proto_test.go +++ b/internal/detectors/proto/proto_test.go @@ -4,12 +4,12 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/proto" - "github.com/bearer/bearer/pkg/parser/nodeid" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/proto" + "github.com/bearer/bearer/internal/parser/nodeid" + detectortypes "github.com/bearer/bearer/internal/report/detectors" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/proto/testdata/protos/schema.proto b/internal/detectors/proto/testdata/protos/schema.proto similarity index 100% rename from pkg/detectors/proto/testdata/protos/schema.proto rename to internal/detectors/proto/testdata/protos/schema.proto diff --git a/pkg/detectors/python/.snapshots/TestDetectorReportDatatype b/internal/detectors/python/.snapshots/TestDetectorReportDatatype similarity index 100% rename from pkg/detectors/python/.snapshots/TestDetectorReportDatatype rename to internal/detectors/python/.snapshots/TestDetectorReportDatatype diff --git a/pkg/detectors/python/.snapshots/TestDetectorReportInterfacePaths b/internal/detectors/python/.snapshots/TestDetectorReportInterfacePaths similarity index 100% rename from pkg/detectors/python/.snapshots/TestDetectorReportInterfacePaths rename to internal/detectors/python/.snapshots/TestDetectorReportInterfacePaths diff --git a/pkg/detectors/python/.snapshots/TestDetectorReportInterfaceProjects b/internal/detectors/python/.snapshots/TestDetectorReportInterfaceProjects similarity index 100% rename from pkg/detectors/python/.snapshots/TestDetectorReportInterfaceProjects rename to internal/detectors/python/.snapshots/TestDetectorReportInterfaceProjects diff --git a/pkg/detectors/python/datatype/datatype.go b/internal/detectors/python/datatype/datatype.go similarity index 89% rename from pkg/detectors/python/datatype/datatype.go rename to internal/detectors/python/datatype/datatype.go index 63dc1d1d9..7ef8192ff 100644 --- a/pkg/detectors/python/datatype/datatype.go +++ b/internal/detectors/python/datatype/datatype.go @@ -1,14 +1,14 @@ package datatype import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/datatype" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/schema" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/datatype" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/schema" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" "github.com/smacker/go-tree-sitter/python" ) diff --git a/pkg/detectors/python/datatype/properties.go b/internal/detectors/python/datatype/properties.go similarity index 93% rename from pkg/detectors/python/datatype/properties.go rename to internal/detectors/python/datatype/properties.go index e8cc1aca1..019f7f5c9 100644 --- a/pkg/detectors/python/datatype/properties.go +++ b/internal/detectors/python/datatype/properties.go @@ -3,11 +3,11 @@ package datatype import ( "strings" - "github.com/bearer/bearer/pkg/parser" - parserdatatype "github.com/bearer/bearer/pkg/parser/datatype" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + parserdatatype "github.com/bearer/bearer/internal/parser/datatype" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" "github.com/smacker/go-tree-sitter/python" ) diff --git a/pkg/detectors/python/python.go b/internal/detectors/python/python.go similarity index 91% rename from pkg/detectors/python/python.go rename to internal/detectors/python/python.go index 4608872d7..201d5842b 100644 --- a/pkg/detectors/python/python.go +++ b/internal/detectors/python/python.go @@ -5,16 +5,16 @@ import ( "github.com/smacker/go-tree-sitter/python" - "github.com/bearer/bearer/pkg/detectors/python/datatype" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/interfacedetector" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/report/variables" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/python/datatype" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/interfacedetector" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/report/variables" + "github.com/bearer/bearer/internal/util/file" ) const environItem = "environ" diff --git a/pkg/detectors/python/python_test.go b/internal/detectors/python/python_test.go similarity index 81% rename from pkg/detectors/python/python_test.go rename to internal/detectors/python/python_test.go index 50a8b0f1b..25d4f1917 100644 --- a/pkg/detectors/python/python_test.go +++ b/internal/detectors/python/python_test.go @@ -6,12 +6,12 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors/python" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/python" + detectortypes "github.com/bearer/bearer/internal/report/detectors" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/parser/nodeid" ) const detectorType = detectortypes.DetectorPython diff --git a/pkg/detectors/python/testdata/datatype/datatype.py b/internal/detectors/python/testdata/datatype/datatype.py similarity index 100% rename from pkg/detectors/python/testdata/datatype/datatype.py rename to internal/detectors/python/testdata/datatype/datatype.py diff --git a/pkg/detectors/python/testdata/paths/main.py b/internal/detectors/python/testdata/paths/main.py similarity index 100% rename from pkg/detectors/python/testdata/paths/main.py rename to internal/detectors/python/testdata/paths/main.py diff --git a/pkg/detectors/python/testdata/project/config.py b/internal/detectors/python/testdata/project/config.py similarity index 100% rename from pkg/detectors/python/testdata/project/config.py rename to internal/detectors/python/testdata/project/config.py diff --git a/pkg/detectors/python/testdata/project/urls.py b/internal/detectors/python/testdata/project/urls.py similarity index 100% rename from pkg/detectors/python/testdata/project/urls.py rename to internal/detectors/python/testdata/project/urls.py diff --git a/pkg/detectors/rails/.snapshots/TestBuildReportCaches b/internal/detectors/rails/.snapshots/TestBuildReportCaches similarity index 100% rename from pkg/detectors/rails/.snapshots/TestBuildReportCaches rename to internal/detectors/rails/.snapshots/TestBuildReportCaches diff --git a/pkg/detectors/rails/.snapshots/TestBuildReportDatabaseSchema b/internal/detectors/rails/.snapshots/TestBuildReportDatabaseSchema similarity index 100% rename from pkg/detectors/rails/.snapshots/TestBuildReportDatabaseSchema rename to internal/detectors/rails/.snapshots/TestBuildReportDatabaseSchema diff --git a/pkg/detectors/rails/.snapshots/TestBuildReportMultipleDatabases b/internal/detectors/rails/.snapshots/TestBuildReportMultipleDatabases similarity index 100% rename from pkg/detectors/rails/.snapshots/TestBuildReportMultipleDatabases rename to internal/detectors/rails/.snapshots/TestBuildReportMultipleDatabases diff --git a/pkg/detectors/rails/.snapshots/TestBuildReportSingleDatabase b/internal/detectors/rails/.snapshots/TestBuildReportSingleDatabase similarity index 100% rename from pkg/detectors/rails/.snapshots/TestBuildReportSingleDatabase rename to internal/detectors/rails/.snapshots/TestBuildReportSingleDatabase diff --git a/pkg/detectors/rails/.snapshots/TestBuildReportStorageProviders b/internal/detectors/rails/.snapshots/TestBuildReportStorageProviders similarity index 100% rename from pkg/detectors/rails/.snapshots/TestBuildReportStorageProviders rename to internal/detectors/rails/.snapshots/TestBuildReportStorageProviders diff --git a/pkg/detectors/rails/cache/cache.go b/internal/detectors/rails/cache/cache.go similarity index 75% rename from pkg/detectors/rails/cache/cache.go rename to internal/detectors/rails/cache/cache.go index 8dc910949..2538c49aa 100644 --- a/pkg/detectors/rails/cache/cache.go +++ b/internal/detectors/rails/cache/cache.go @@ -3,11 +3,11 @@ package cache import ( "github.com/smacker/go-tree-sitter/ruby" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/frameworks/rails" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/frameworks/rails" + "github.com/bearer/bearer/internal/util/file" ) var ( diff --git a/pkg/detectors/rails/rails.go b/internal/detectors/rails/rails.go similarity index 89% rename from pkg/detectors/rails/rails.go rename to internal/detectors/rails/rails.go index fc38b8764..93d78e36a 100644 --- a/pkg/detectors/rails/rails.go +++ b/internal/detectors/rails/rails.go @@ -8,17 +8,17 @@ import ( "github.com/rs/zerolog/log" "gopkg.in/yaml.v3" - "github.com/bearer/bearer/pkg/detectors/rails/cache" - "github.com/bearer/bearer/pkg/detectors/rails/schema_rb" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/frameworks/rails" - "github.com/bearer/bearer/pkg/report/source" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/maputil" - "github.com/bearer/bearer/pkg/util/pointers" + "github.com/bearer/bearer/internal/detectors/rails/cache" + "github.com/bearer/bearer/internal/detectors/rails/schema_rb" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/frameworks/rails" + "github.com/bearer/bearer/internal/report/source" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/maputil" + "github.com/bearer/bearer/internal/util/pointers" ) var ( diff --git a/pkg/detectors/rails/rails_test.go b/internal/detectors/rails/rails_test.go similarity index 81% rename from pkg/detectors/rails/rails_test.go rename to internal/detectors/rails/rails_test.go index a7259bd9d..421ce71dc 100644 --- a/pkg/detectors/rails/rails_test.go +++ b/internal/detectors/rails/rails_test.go @@ -6,12 +6,12 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors" + detectortypes "github.com/bearer/bearer/internal/report/detectors" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/detectors/rails" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/detectors/rails" + "github.com/bearer/bearer/internal/parser/nodeid" ) var detectorType = detectortypes.DetectorRails diff --git a/pkg/detectors/rails/schema_rb/schema_rb.go b/internal/detectors/rails/schema_rb/schema_rb.go similarity index 88% rename from pkg/detectors/rails/schema_rb/schema_rb.go rename to internal/detectors/rails/schema_rb/schema_rb.go index 06e18f0b8..35d67a22b 100644 --- a/pkg/detectors/rails/schema_rb/schema_rb.go +++ b/internal/detectors/rails/schema_rb/schema_rb.go @@ -5,14 +5,14 @@ import ( "github.com/smacker/go-tree-sitter/ruby" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - parserschema "github.com/bearer/bearer/pkg/parser/schema" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/pluralize" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + parserschema "github.com/bearer/bearer/internal/parser/schema" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/pluralize" ) var ( diff --git a/pkg/detectors/rails/testdata/cache/bin/rails b/internal/detectors/rails/testdata/cache/bin/rails similarity index 100% rename from pkg/detectors/rails/testdata/cache/bin/rails rename to internal/detectors/rails/testdata/cache/bin/rails diff --git a/pkg/detectors/rails/testdata/cache/config/application.rb b/internal/detectors/rails/testdata/cache/config/application.rb similarity index 100% rename from pkg/detectors/rails/testdata/cache/config/application.rb rename to internal/detectors/rails/testdata/cache/config/application.rb diff --git a/pkg/detectors/rails/testdata/cache/config/environments/production.rb b/internal/detectors/rails/testdata/cache/config/environments/production.rb similarity index 100% rename from pkg/detectors/rails/testdata/cache/config/environments/production.rb rename to internal/detectors/rails/testdata/cache/config/environments/production.rb diff --git a/pkg/detectors/rails/testdata/database/multiple/bin/rails b/internal/detectors/rails/testdata/database/multiple/bin/rails similarity index 100% rename from pkg/detectors/rails/testdata/database/multiple/bin/rails rename to internal/detectors/rails/testdata/database/multiple/bin/rails diff --git a/pkg/detectors/rails/testdata/database/multiple/config/database.yml b/internal/detectors/rails/testdata/database/multiple/config/database.yml similarity index 100% rename from pkg/detectors/rails/testdata/database/multiple/config/database.yml rename to internal/detectors/rails/testdata/database/multiple/config/database.yml diff --git a/pkg/detectors/rails/testdata/database/single/bin/rails b/internal/detectors/rails/testdata/database/single/bin/rails similarity index 100% rename from pkg/detectors/rails/testdata/database/single/bin/rails rename to internal/detectors/rails/testdata/database/single/bin/rails diff --git a/pkg/detectors/rails/testdata/database/single/config/database.yml b/internal/detectors/rails/testdata/database/single/config/database.yml similarity index 100% rename from pkg/detectors/rails/testdata/database/single/config/database.yml rename to internal/detectors/rails/testdata/database/single/config/database.yml diff --git a/pkg/detectors/rails/testdata/schema/bin/rails b/internal/detectors/rails/testdata/schema/bin/rails similarity index 100% rename from pkg/detectors/rails/testdata/schema/bin/rails rename to internal/detectors/rails/testdata/schema/bin/rails diff --git a/pkg/detectors/rails/testdata/schema/db/schema.rb b/internal/detectors/rails/testdata/schema/db/schema.rb similarity index 100% rename from pkg/detectors/rails/testdata/schema/db/schema.rb rename to internal/detectors/rails/testdata/schema/db/schema.rb diff --git a/pkg/detectors/rails/testdata/storage/bin/rails b/internal/detectors/rails/testdata/storage/bin/rails similarity index 100% rename from pkg/detectors/rails/testdata/storage/bin/rails rename to internal/detectors/rails/testdata/storage/bin/rails diff --git a/pkg/detectors/rails/testdata/storage/config/storage.yml b/internal/detectors/rails/testdata/storage/config/storage.yml similarity index 100% rename from pkg/detectors/rails/testdata/storage/config/storage.yml rename to internal/detectors/rails/testdata/storage/config/storage.yml diff --git a/pkg/detectors/ruby/.snapshots/TestDetectorReportDatatype b/internal/detectors/ruby/.snapshots/TestDetectorReportDatatype similarity index 100% rename from pkg/detectors/ruby/.snapshots/TestDetectorReportDatatype rename to internal/detectors/ruby/.snapshots/TestDetectorReportDatatype diff --git a/pkg/detectors/ruby/.snapshots/TestDetectorReportInterfacesPaths b/internal/detectors/ruby/.snapshots/TestDetectorReportInterfacesPaths similarity index 100% rename from pkg/detectors/ruby/.snapshots/TestDetectorReportInterfacesPaths rename to internal/detectors/ruby/.snapshots/TestDetectorReportInterfacesPaths diff --git a/pkg/detectors/ruby/.snapshots/TestDetectorReportInterfacesVariables b/internal/detectors/ruby/.snapshots/TestDetectorReportInterfacesVariables similarity index 100% rename from pkg/detectors/ruby/.snapshots/TestDetectorReportInterfacesVariables rename to internal/detectors/ruby/.snapshots/TestDetectorReportInterfacesVariables diff --git a/pkg/detectors/ruby/datatype/class_assignment.go b/internal/detectors/ruby/datatype/class_assignment.go similarity index 94% rename from pkg/detectors/ruby/datatype/class_assignment.go rename to internal/detectors/ruby/datatype/class_assignment.go index 9223bdbf7..bc0342a27 100644 --- a/pkg/detectors/ruby/datatype/class_assignment.go +++ b/internal/detectors/ruby/datatype/class_assignment.go @@ -3,9 +3,9 @@ package datatype import ( "strings" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report/schema" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report/schema" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" "github.com/smacker/go-tree-sitter/ruby" ) diff --git a/pkg/detectors/ruby/datatype/datatype.go b/internal/detectors/ruby/datatype/datatype.go similarity index 91% rename from pkg/detectors/ruby/datatype/datatype.go rename to internal/detectors/ruby/datatype/datatype.go index 004be79a3..f552fd3fd 100644 --- a/pkg/detectors/ruby/datatype/datatype.go +++ b/internal/detectors/ruby/datatype/datatype.go @@ -3,11 +3,11 @@ package datatype import ( "strings" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/datatype" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/datatype" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" "github.com/smacker/go-tree-sitter/ruby" ) diff --git a/pkg/detectors/ruby/datatype/properties.go b/internal/detectors/ruby/datatype/properties.go similarity index 96% rename from pkg/detectors/ruby/datatype/properties.go rename to internal/detectors/ruby/datatype/properties.go index bc81648ce..5990323f8 100644 --- a/pkg/detectors/ruby/datatype/properties.go +++ b/internal/detectors/ruby/datatype/properties.go @@ -3,12 +3,12 @@ package datatype import ( "strings" - "github.com/bearer/bearer/pkg/parser" - parserdatatype "github.com/bearer/bearer/pkg/parser/datatype" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/parser" + parserdatatype "github.com/bearer/bearer/internal/parser/datatype" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" + "github.com/bearer/bearer/internal/util/stringutil" sitter "github.com/smacker/go-tree-sitter" "github.com/smacker/go-tree-sitter/ruby" ) diff --git a/pkg/detectors/ruby/datatype/structures.go b/internal/detectors/ruby/datatype/structures.go similarity index 92% rename from pkg/detectors/ruby/datatype/structures.go rename to internal/detectors/ruby/datatype/structures.go index ce2e654c3..64d543dc8 100644 --- a/pkg/detectors/ruby/datatype/structures.go +++ b/internal/detectors/ruby/datatype/structures.go @@ -1,9 +1,9 @@ package datatype import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report/schema" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report/schema" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" "github.com/smacker/go-tree-sitter/ruby" ) diff --git a/pkg/detectors/ruby/ruby.go b/internal/detectors/ruby/ruby.go similarity index 86% rename from pkg/detectors/ruby/ruby.go rename to internal/detectors/ruby/ruby.go index 4d86b92dc..8769a2582 100644 --- a/pkg/detectors/ruby/ruby.go +++ b/internal/detectors/ruby/ruby.go @@ -4,19 +4,19 @@ import ( "regexp" "strings" - "github.com/bearer/bearer/pkg/detectors/ruby/datatype" - "github.com/bearer/bearer/pkg/util/file" - - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/interfacedetector" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/report/variables" - "github.com/bearer/bearer/pkg/util/regex" + "github.com/bearer/bearer/internal/detectors/ruby/datatype" + "github.com/bearer/bearer/internal/util/file" + + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/interfacedetector" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/report/variables" + "github.com/bearer/bearer/internal/util/regex" "github.com/smacker/go-tree-sitter/ruby" ) diff --git a/pkg/detectors/ruby/ruby_test.go b/internal/detectors/ruby/ruby_test.go similarity index 81% rename from pkg/detectors/ruby/ruby_test.go rename to internal/detectors/ruby/ruby_test.go index c6518a7da..9220e5167 100644 --- a/pkg/detectors/ruby/ruby_test.go +++ b/internal/detectors/ruby/ruby_test.go @@ -6,12 +6,12 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors/ruby" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/ruby" + detectortypes "github.com/bearer/bearer/internal/report/detectors" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/parser/nodeid" ) const detectorType = detectortypes.DetectorRuby diff --git a/pkg/detectors/ruby/testdata/datatype/datatype.rb b/internal/detectors/ruby/testdata/datatype/datatype.rb similarity index 100% rename from pkg/detectors/ruby/testdata/datatype/datatype.rb rename to internal/detectors/ruby/testdata/datatype/datatype.rb diff --git a/pkg/detectors/ruby/testdata/paths/main.rb b/internal/detectors/ruby/testdata/paths/main.rb similarity index 100% rename from pkg/detectors/ruby/testdata/paths/main.rb rename to internal/detectors/ruby/testdata/paths/main.rb diff --git a/pkg/detectors/ruby/testdata/variables/config.rb b/internal/detectors/ruby/testdata/variables/config.rb similarity index 100% rename from pkg/detectors/ruby/testdata/variables/config.rb rename to internal/detectors/ruby/testdata/variables/config.rb diff --git a/pkg/detectors/simple/.snapshots/TestBuildReportInterfaces b/internal/detectors/simple/.snapshots/TestBuildReportInterfaces similarity index 100% rename from pkg/detectors/simple/.snapshots/TestBuildReportInterfaces rename to internal/detectors/simple/.snapshots/TestBuildReportInterfaces diff --git a/pkg/detectors/simple/simple.go b/internal/detectors/simple/simple.go similarity index 81% rename from pkg/detectors/simple/simple.go rename to internal/detectors/simple/simple.go index fc465cadc..3823cb03c 100644 --- a/pkg/detectors/simple/simple.go +++ b/internal/detectors/simple/simple.go @@ -4,16 +4,16 @@ import ( "os" "regexp" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser/interfaces" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - interfacestype "github.com/bearer/bearer/pkg/report/interfaces" - "github.com/bearer/bearer/pkg/report/source" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/linescanner" - "github.com/bearer/bearer/pkg/util/pointers" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser/interfaces" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + interfacestype "github.com/bearer/bearer/internal/report/interfaces" + "github.com/bearer/bearer/internal/report/source" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/linescanner" + "github.com/bearer/bearer/internal/util/pointers" "github.com/go-enry/go-enry/v2" ) diff --git a/pkg/detectors/simple/simple_test.go b/internal/detectors/simple/simple_test.go similarity index 77% rename from pkg/detectors/simple/simple_test.go rename to internal/detectors/simple/simple_test.go index 965845118..8c064e01b 100644 --- a/pkg/detectors/simple/simple_test.go +++ b/internal/detectors/simple/simple_test.go @@ -4,8 +4,8 @@ import ( "path/filepath" "testing" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" "github.com/bradleyjkemp/cupaloy" ) diff --git a/pkg/detectors/simple/testdata/project/structure.sql b/internal/detectors/simple/testdata/project/structure.sql similarity index 100% rename from pkg/detectors/simple/testdata/project/structure.sql rename to internal/detectors/simple/testdata/project/structure.sql diff --git a/pkg/detectors/simple/testdata/project/unknown.pl b/internal/detectors/simple/testdata/project/unknown.pl similarity index 100% rename from pkg/detectors/simple/testdata/project/unknown.pl rename to internal/detectors/simple/testdata/project/unknown.pl diff --git a/pkg/detectors/spring/.snapshots/TestBuildReportDataStores b/internal/detectors/spring/.snapshots/TestBuildReportDataStores similarity index 100% rename from pkg/detectors/spring/.snapshots/TestBuildReportDataStores rename to internal/detectors/spring/.snapshots/TestBuildReportDataStores diff --git a/pkg/detectors/spring/spring.go b/internal/detectors/spring/spring.go similarity index 92% rename from pkg/detectors/spring/spring.go rename to internal/detectors/spring/spring.go index 5baa237c8..7ab81882a 100644 --- a/pkg/detectors/spring/spring.go +++ b/internal/detectors/spring/spring.go @@ -9,14 +9,14 @@ import ( "github.com/rs/zerolog/log" "gopkg.in/yaml.v3" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/frameworks/spring" - "github.com/bearer/bearer/pkg/report/source" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/linescanner" - "github.com/bearer/bearer/pkg/util/pointers" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/frameworks/spring" + "github.com/bearer/bearer/internal/report/source" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/linescanner" + "github.com/bearer/bearer/internal/util/pointers" ) var ( diff --git a/pkg/detectors/spring/spring_test.go b/internal/detectors/spring/spring_test.go similarity index 87% rename from pkg/detectors/spring/spring_test.go rename to internal/detectors/spring/spring_test.go index 77ea5998a..e3a5e58bd 100644 --- a/pkg/detectors/spring/spring_test.go +++ b/internal/detectors/spring/spring_test.go @@ -7,8 +7,8 @@ import ( "github.com/bradleyjkemp/cupaloy" "github.com/stretchr/testify/assert" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - reportdetectors "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + reportdetectors "github.com/bearer/bearer/internal/report/detectors" ) const detectorType = reportdetectors.DetectorSpring diff --git a/pkg/detectors/spring/testdata/java_not_spring/pom.xml b/internal/detectors/spring/testdata/java_not_spring/pom.xml similarity index 100% rename from pkg/detectors/spring/testdata/java_not_spring/pom.xml rename to internal/detectors/spring/testdata/java_not_spring/pom.xml diff --git a/pkg/detectors/spring/testdata/java_not_spring/src/main/Application.java b/internal/detectors/spring/testdata/java_not_spring/src/main/Application.java similarity index 100% rename from pkg/detectors/spring/testdata/java_not_spring/src/main/Application.java rename to internal/detectors/spring/testdata/java_not_spring/src/main/Application.java diff --git a/pkg/detectors/spring/testdata/java_not_spring/src/main/resources/application.properties b/internal/detectors/spring/testdata/java_not_spring/src/main/resources/application.properties similarity index 100% rename from pkg/detectors/spring/testdata/java_not_spring/src/main/resources/application.properties rename to internal/detectors/spring/testdata/java_not_spring/src/main/resources/application.properties diff --git a/pkg/detectors/spring/testdata/not_java/Gemfile b/internal/detectors/spring/testdata/not_java/Gemfile similarity index 100% rename from pkg/detectors/spring/testdata/not_java/Gemfile rename to internal/detectors/spring/testdata/not_java/Gemfile diff --git a/pkg/detectors/spring/testdata/spring/pom.xml b/internal/detectors/spring/testdata/spring/pom.xml similarity index 100% rename from pkg/detectors/spring/testdata/spring/pom.xml rename to internal/detectors/spring/testdata/spring/pom.xml diff --git a/pkg/detectors/spring/testdata/spring/src/main/Application.java b/internal/detectors/spring/testdata/spring/src/main/Application.java similarity index 100% rename from pkg/detectors/spring/testdata/spring/src/main/Application.java rename to internal/detectors/spring/testdata/spring/src/main/Application.java diff --git a/pkg/detectors/spring/testdata/spring/src/main/ignore/application.properties b/internal/detectors/spring/testdata/spring/src/main/ignore/application.properties similarity index 100% rename from pkg/detectors/spring/testdata/spring/src/main/ignore/application.properties rename to internal/detectors/spring/testdata/spring/src/main/ignore/application.properties diff --git a/pkg/detectors/spring/testdata/spring/src/main/ignore/application.yml b/internal/detectors/spring/testdata/spring/src/main/ignore/application.yml similarity index 100% rename from pkg/detectors/spring/testdata/spring/src/main/ignore/application.yml rename to internal/detectors/spring/testdata/spring/src/main/ignore/application.yml diff --git a/pkg/detectors/spring/testdata/spring/src/main/ignore2/application.properties b/internal/detectors/spring/testdata/spring/src/main/ignore2/application.properties similarity index 100% rename from pkg/detectors/spring/testdata/spring/src/main/ignore2/application.properties rename to internal/detectors/spring/testdata/spring/src/main/ignore2/application.properties diff --git a/pkg/detectors/spring/testdata/spring/src/main/ignore2/application.yml b/internal/detectors/spring/testdata/spring/src/main/ignore2/application.yml similarity index 100% rename from pkg/detectors/spring/testdata/spring/src/main/ignore2/application.yml rename to internal/detectors/spring/testdata/spring/src/main/ignore2/application.yml diff --git a/pkg/detectors/spring/testdata/spring/src/main/resources/application.properties b/internal/detectors/spring/testdata/spring/src/main/resources/application.properties similarity index 100% rename from pkg/detectors/spring/testdata/spring/src/main/resources/application.properties rename to internal/detectors/spring/testdata/spring/src/main/resources/application.properties diff --git a/pkg/detectors/spring/testdata/spring/src/main/resources/application.yml b/internal/detectors/spring/testdata/spring/src/main/resources/application.yml similarity index 100% rename from pkg/detectors/spring/testdata/spring/src/main/resources/application.yml rename to internal/detectors/spring/testdata/spring/src/main/resources/application.yml diff --git a/pkg/detectors/spring/testdata/spring/src/main/resources2/application.properties b/internal/detectors/spring/testdata/spring/src/main/resources2/application.properties similarity index 100% rename from pkg/detectors/spring/testdata/spring/src/main/resources2/application.properties rename to internal/detectors/spring/testdata/spring/src/main/resources2/application.properties diff --git a/pkg/detectors/spring/testdata/spring/src/main/resources2/application.yml b/internal/detectors/spring/testdata/spring/src/main/resources2/application.yml similarity index 100% rename from pkg/detectors/spring/testdata/spring/src/main/resources2/application.yml rename to internal/detectors/spring/testdata/spring/src/main/resources2/application.yml diff --git a/pkg/detectors/spring/testdata/spring/src/main/resources3/application.properties b/internal/detectors/spring/testdata/spring/src/main/resources3/application.properties similarity index 100% rename from pkg/detectors/spring/testdata/spring/src/main/resources3/application.properties rename to internal/detectors/spring/testdata/spring/src/main/resources3/application.properties diff --git a/pkg/detectors/spring/testdata/spring/src/main/resources3/application.yml b/internal/detectors/spring/testdata/spring/src/main/resources3/application.yml similarity index 100% rename from pkg/detectors/spring/testdata/spring/src/main/resources3/application.yml rename to internal/detectors/spring/testdata/spring/src/main/resources3/application.yml diff --git a/pkg/detectors/spring/testdata/spring/src/main/resources4/application.properties b/internal/detectors/spring/testdata/spring/src/main/resources4/application.properties similarity index 100% rename from pkg/detectors/spring/testdata/spring/src/main/resources4/application.properties rename to internal/detectors/spring/testdata/spring/src/main/resources4/application.properties diff --git a/pkg/detectors/spring/testdata/spring/src/main/resources4/application.yml b/internal/detectors/spring/testdata/spring/src/main/resources4/application.yml similarity index 100% rename from pkg/detectors/spring/testdata/spring/src/main/resources4/application.yml rename to internal/detectors/spring/testdata/spring/src/main/resources4/application.yml diff --git a/pkg/detectors/sql/custom_detector/compile_pattern.go b/internal/detectors/sql/custom_detector/compile_pattern.go similarity index 83% rename from pkg/detectors/sql/custom_detector/compile_pattern.go rename to internal/detectors/sql/custom_detector/compile_pattern.go index 443d0fcfe..c2b76a9c5 100644 --- a/pkg/detectors/sql/custom_detector/compile_pattern.go +++ b/internal/detectors/sql/custom_detector/compile_pattern.go @@ -3,12 +3,12 @@ package customdetector import ( "regexp" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/detectors/custom/config" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/custom" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/detectors/custom/config" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/custom" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/util/file" ) var tableNameRegex = regexp.MustCompile(`\$TABLE_NAME`) diff --git a/pkg/detectors/sql/custom_detector/custom_detector.go b/internal/detectors/sql/custom_detector/custom_detector.go similarity index 87% rename from pkg/detectors/sql/custom_detector/custom_detector.go rename to internal/detectors/sql/custom_detector/custom_detector.go index 8aae13965..44a206b73 100644 --- a/pkg/detectors/sql/custom_detector/custom_detector.go +++ b/internal/detectors/sql/custom_detector/custom_detector.go @@ -3,9 +3,9 @@ package customdetector import ( "strings" - "github.com/bearer/bearer/pkg/detectors/custom/config" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/sitter/sql" + "github.com/bearer/bearer/internal/detectors/custom/config" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/sitter/sql" ) var language = sql.GetLanguage() diff --git a/pkg/detectors/sql/custom_detector/extract_arguments.go b/internal/detectors/sql/custom_detector/extract_arguments.go similarity index 86% rename from pkg/detectors/sql/custom_detector/extract_arguments.go rename to internal/detectors/sql/custom_detector/extract_arguments.go index a19efc72a..8f45e8fd7 100644 --- a/pkg/detectors/sql/custom_detector/extract_arguments.go +++ b/internal/detectors/sql/custom_detector/extract_arguments.go @@ -1,11 +1,11 @@ package customdetector import ( - "github.com/bearer/bearer/pkg/detectors/sql/util" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/detectors/sql/util" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" ) func (detector *Detector) ExtractArguments(node *parser.Node, idGenerator nodeid.Generator) (map[parser.NodeID]*schemadatatype.DataType, error) { diff --git a/pkg/detectors/sql/sql.go b/internal/detectors/sql/sql.go similarity index 70% rename from pkg/detectors/sql/sql.go rename to internal/detectors/sql/sql.go index 02f5ee8bb..d0908aa6e 100644 --- a/pkg/detectors/sql/sql.go +++ b/internal/detectors/sql/sql.go @@ -1,13 +1,13 @@ package sql import ( - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/util/file" - reporttypes "github.com/bearer/bearer/pkg/report" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + reporttypes "github.com/bearer/bearer/internal/report" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" ) type detector struct { diff --git a/pkg/detectors/sql/util/util.go b/internal/detectors/sql/util/util.go similarity index 96% rename from pkg/detectors/sql/util/util.go rename to internal/detectors/sql/util/util.go index 1f69d67b9..0ecae279c 100644 --- a/pkg/detectors/sql/util/util.go +++ b/internal/detectors/sql/util/util.go @@ -4,7 +4,7 @@ import ( "regexp" "strings" - "github.com/bearer/bearer/pkg/report/schema" + "github.com/bearer/bearer/internal/report/schema" ) func StripQuotes(value string) string { diff --git a/pkg/detectors/symfony/.snapshots/TestBuildReportDataStores b/internal/detectors/symfony/.snapshots/TestBuildReportDataStores similarity index 100% rename from pkg/detectors/symfony/.snapshots/TestBuildReportDataStores rename to internal/detectors/symfony/.snapshots/TestBuildReportDataStores diff --git a/pkg/detectors/symfony/symfony.go b/internal/detectors/symfony/symfony.go similarity index 87% rename from pkg/detectors/symfony/symfony.go rename to internal/detectors/symfony/symfony.go index ada890bfc..004735435 100644 --- a/pkg/detectors/symfony/symfony.go +++ b/internal/detectors/symfony/symfony.go @@ -8,14 +8,14 @@ import ( "gopkg.in/yaml.v3" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/frameworks/symfony" - "github.com/bearer/bearer/pkg/report/source" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/maputil" - "github.com/bearer/bearer/pkg/util/pointers" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/frameworks/symfony" + "github.com/bearer/bearer/internal/report/source" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/maputil" + "github.com/bearer/bearer/internal/util/pointers" ) var ( diff --git a/pkg/detectors/symfony/symfony_test.go b/internal/detectors/symfony/symfony_test.go similarity index 87% rename from pkg/detectors/symfony/symfony_test.go rename to internal/detectors/symfony/symfony_test.go index 212cf011d..5cf71d20e 100644 --- a/pkg/detectors/symfony/symfony_test.go +++ b/internal/detectors/symfony/symfony_test.go @@ -7,9 +7,9 @@ import ( "github.com/bradleyjkemp/cupaloy" "github.com/stretchr/testify/assert" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" - reportdetectors "github.com/bearer/bearer/pkg/report/detectors" + reportdetectors "github.com/bearer/bearer/internal/report/detectors" ) const detectorType = reportdetectors.DetectorSymfony diff --git a/pkg/detectors/symfony/testdata/not_php/package.json b/internal/detectors/symfony/testdata/not_php/package.json similarity index 100% rename from pkg/detectors/symfony/testdata/not_php/package.json rename to internal/detectors/symfony/testdata/not_php/package.json diff --git a/pkg/detectors/symfony/testdata/php_not_symfony/composer.json b/internal/detectors/symfony/testdata/php_not_symfony/composer.json similarity index 100% rename from pkg/detectors/symfony/testdata/php_not_symfony/composer.json rename to internal/detectors/symfony/testdata/php_not_symfony/composer.json diff --git a/pkg/detectors/symfony/testdata/symfony/app/config/config.yml b/internal/detectors/symfony/testdata/symfony/app/config/config.yml similarity index 100% rename from pkg/detectors/symfony/testdata/symfony/app/config/config.yml rename to internal/detectors/symfony/testdata/symfony/app/config/config.yml diff --git a/pkg/detectors/symfony/testdata/symfony/composer.json b/internal/detectors/symfony/testdata/symfony/composer.json similarity index 100% rename from pkg/detectors/symfony/testdata/symfony/composer.json rename to internal/detectors/symfony/testdata/symfony/composer.json diff --git a/pkg/detectors/symfony/testdata/symfony/config/packages/doctrine.yml b/internal/detectors/symfony/testdata/symfony/config/packages/doctrine.yml similarity index 100% rename from pkg/detectors/symfony/testdata/symfony/config/packages/doctrine.yml rename to internal/detectors/symfony/testdata/symfony/config/packages/doctrine.yml diff --git a/pkg/detectors/symfony/testdata/symfony/src/AppBundle/AppBundle.php b/internal/detectors/symfony/testdata/symfony/src/AppBundle/AppBundle.php similarity index 100% rename from pkg/detectors/symfony/testdata/symfony/src/AppBundle/AppBundle.php rename to internal/detectors/symfony/testdata/symfony/src/AppBundle/AppBundle.php diff --git a/pkg/detectors/tsx/.snapshots/TestDetectorReportGeneral b/internal/detectors/tsx/.snapshots/TestDetectorReportGeneral similarity index 100% rename from pkg/detectors/tsx/.snapshots/TestDetectorReportGeneral rename to internal/detectors/tsx/.snapshots/TestDetectorReportGeneral diff --git a/pkg/detectors/tsx/testdata/general/config.tsx b/internal/detectors/tsx/testdata/general/config.tsx similarity index 100% rename from pkg/detectors/tsx/testdata/general/config.tsx rename to internal/detectors/tsx/testdata/general/config.tsx diff --git a/pkg/detectors/tsx/tsx.go b/internal/detectors/tsx/tsx.go similarity index 87% rename from pkg/detectors/tsx/tsx.go rename to internal/detectors/tsx/tsx.go index 668af4521..6d7a19333 100644 --- a/pkg/detectors/tsx/tsx.go +++ b/internal/detectors/tsx/tsx.go @@ -7,16 +7,16 @@ import ( sitter "github.com/smacker/go-tree-sitter" - "github.com/bearer/bearer/pkg/detectors/types" - typescript_datatype "github.com/bearer/bearer/pkg/detectors/typescript/datatype" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/interfacedetector" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/report/variables" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/types" + typescript_datatype "github.com/bearer/bearer/internal/detectors/typescript/datatype" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/interfacedetector" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/report/variables" + "github.com/bearer/bearer/internal/util/file" ) var ( diff --git a/pkg/detectors/tsx/tsx_test.go b/internal/detectors/tsx/tsx_test.go similarity index 64% rename from pkg/detectors/tsx/tsx_test.go rename to internal/detectors/tsx/tsx_test.go index 3777d291f..b231a9dec 100644 --- a/pkg/detectors/tsx/tsx_test.go +++ b/internal/detectors/tsx/tsx_test.go @@ -6,12 +6,12 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors/tsx" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/tsx" + detectortypes "github.com/bearer/bearer/internal/report/detectors" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/parser/nodeid" ) const detectorType = detectortypes.DetectorJavascript diff --git a/pkg/detectors/types/types.go b/internal/detectors/types/types.go similarity index 71% rename from pkg/detectors/types/types.go rename to internal/detectors/types/types.go index 11f330f8c..94cdce6ff 100644 --- a/pkg/detectors/types/types.go +++ b/internal/detectors/types/types.go @@ -1,8 +1,8 @@ package types import ( - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/util/file" ) type DetectorConstructor func() Detector diff --git a/pkg/detectors/typescript/.snapshots/TestDetectorReportDatatype b/internal/detectors/typescript/.snapshots/TestDetectorReportDatatype similarity index 100% rename from pkg/detectors/typescript/.snapshots/TestDetectorReportDatatype rename to internal/detectors/typescript/.snapshots/TestDetectorReportDatatype diff --git a/pkg/detectors/typescript/.snapshots/TestDetectorReportGeneral b/internal/detectors/typescript/.snapshots/TestDetectorReportGeneral similarity index 100% rename from pkg/detectors/typescript/.snapshots/TestDetectorReportGeneral rename to internal/detectors/typescript/.snapshots/TestDetectorReportGeneral diff --git a/pkg/detectors/typescript/.snapshots/TestDetectorReportKnex b/internal/detectors/typescript/.snapshots/TestDetectorReportKnex similarity index 100% rename from pkg/detectors/typescript/.snapshots/TestDetectorReportKnex rename to internal/detectors/typescript/.snapshots/TestDetectorReportKnex diff --git a/pkg/detectors/typescript/datatype/datatype.go b/internal/detectors/typescript/datatype/datatype.go similarity index 93% rename from pkg/detectors/typescript/datatype/datatype.go rename to internal/detectors/typescript/datatype/datatype.go index 0ff2efaab..1b299f35b 100644 --- a/pkg/detectors/typescript/datatype/datatype.go +++ b/internal/detectors/typescript/datatype/datatype.go @@ -3,15 +3,15 @@ package datatype import ( "strings" - "github.com/bearer/bearer/pkg/detectors/typescript/datatype/knex" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/datatype" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/schema" - schemadatatype "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/detectors/typescript/datatype/knex" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/datatype" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/schema" + schemadatatype "github.com/bearer/bearer/internal/report/schema/datatype" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/detectors/typescript/datatype/knex/functions.go b/internal/detectors/typescript/datatype/knex/functions.go similarity index 91% rename from pkg/detectors/typescript/datatype/knex/functions.go rename to internal/detectors/typescript/datatype/knex/functions.go index 8b9ff1572..80ad87136 100644 --- a/pkg/detectors/typescript/datatype/knex/functions.go +++ b/internal/detectors/typescript/datatype/knex/functions.go @@ -3,11 +3,11 @@ package knex import ( "sort" - "github.com/bearer/bearer/pkg/detectors/javascript/util" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - reportknex "github.com/bearer/bearer/pkg/report/frameworks/knex" + "github.com/bearer/bearer/internal/detectors/javascript/util" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + reportknex "github.com/bearer/bearer/internal/report/frameworks/knex" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/detectors/typescript/datatype/knex/knex.go b/internal/detectors/typescript/datatype/knex/knex.go similarity index 71% rename from pkg/detectors/typescript/datatype/knex/knex.go rename to internal/detectors/typescript/datatype/knex/knex.go index a3cdab3e2..2ca01255e 100644 --- a/pkg/detectors/typescript/datatype/knex/knex.go +++ b/internal/detectors/typescript/datatype/knex/knex.go @@ -1,9 +1,9 @@ package knex import ( - "github.com/bearer/bearer/pkg/detectors/javascript/util" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report" + "github.com/bearer/bearer/internal/detectors/javascript/util" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/detectors/typescript/datatype/knex/table.go b/internal/detectors/typescript/datatype/knex/table.go similarity index 89% rename from pkg/detectors/typescript/datatype/knex/table.go rename to internal/detectors/typescript/datatype/knex/table.go index fab7ef45e..ff851f283 100644 --- a/pkg/detectors/typescript/datatype/knex/table.go +++ b/internal/detectors/typescript/datatype/knex/table.go @@ -1,10 +1,10 @@ package knex import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - reportknex "github.com/bearer/bearer/pkg/report/frameworks/knex" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + reportknex "github.com/bearer/bearer/internal/report/frameworks/knex" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/detectors/typescript/testdata/datatype/schema.ts b/internal/detectors/typescript/testdata/datatype/schema.ts similarity index 100% rename from pkg/detectors/typescript/testdata/datatype/schema.ts rename to internal/detectors/typescript/testdata/datatype/schema.ts diff --git a/pkg/detectors/typescript/testdata/datatype_knex/datatype_knex.ts b/internal/detectors/typescript/testdata/datatype_knex/datatype_knex.ts similarity index 100% rename from pkg/detectors/typescript/testdata/datatype_knex/datatype_knex.ts rename to internal/detectors/typescript/testdata/datatype_knex/datatype_knex.ts diff --git a/pkg/detectors/typescript/testdata/general/variables/config.ts b/internal/detectors/typescript/testdata/general/variables/config.ts similarity index 100% rename from pkg/detectors/typescript/testdata/general/variables/config.ts rename to internal/detectors/typescript/testdata/general/variables/config.ts diff --git a/pkg/detectors/typescript/typescript.go b/internal/detectors/typescript/typescript.go similarity index 87% rename from pkg/detectors/typescript/typescript.go rename to internal/detectors/typescript/typescript.go index ddca9350d..7589e2f1c 100644 --- a/pkg/detectors/typescript/typescript.go +++ b/internal/detectors/typescript/typescript.go @@ -7,16 +7,16 @@ import ( sitter "github.com/smacker/go-tree-sitter" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/detectors/typescript/datatype" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/interfacedetector" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/report/variables" - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/detectors/typescript/datatype" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/interfacedetector" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/report/variables" + "github.com/bearer/bearer/internal/util/file" ) var ( diff --git a/pkg/detectors/typescript/typescript_test.go b/internal/detectors/typescript/typescript_test.go similarity index 80% rename from pkg/detectors/typescript/typescript_test.go rename to internal/detectors/typescript/typescript_test.go index 72f7cc938..2670f035d 100644 --- a/pkg/detectors/typescript/typescript_test.go +++ b/internal/detectors/typescript/typescript_test.go @@ -6,12 +6,12 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors/typescript" - detectortypes "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/typescript" + detectortypes "github.com/bearer/bearer/internal/report/detectors" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/parser/nodeid" ) const detectorType = detectortypes.DetectorJavascript diff --git a/pkg/detectors/yamlconfig/.snapshots/TestDetectorReportInterfaces b/internal/detectors/yamlconfig/.snapshots/TestDetectorReportInterfaces similarity index 100% rename from pkg/detectors/yamlconfig/.snapshots/TestDetectorReportInterfaces rename to internal/detectors/yamlconfig/.snapshots/TestDetectorReportInterfaces diff --git a/pkg/detectors/yamlconfig/.snapshots/TestDetectorReportVariables b/internal/detectors/yamlconfig/.snapshots/TestDetectorReportVariables similarity index 100% rename from pkg/detectors/yamlconfig/.snapshots/TestDetectorReportVariables rename to internal/detectors/yamlconfig/.snapshots/TestDetectorReportVariables diff --git a/pkg/detectors/yamlconfig/testdata/project/.github/workflows/workflow-github.yml b/internal/detectors/yamlconfig/testdata/project/.github/workflows/workflow-github.yml similarity index 100% rename from pkg/detectors/yamlconfig/testdata/project/.github/workflows/workflow-github.yml rename to internal/detectors/yamlconfig/testdata/project/.github/workflows/workflow-github.yml diff --git a/pkg/detectors/yamlconfig/testdata/project/config/parameters.yml.j2 b/internal/detectors/yamlconfig/testdata/project/config/parameters.yml.j2 similarity index 100% rename from pkg/detectors/yamlconfig/testdata/project/config/parameters.yml.j2 rename to internal/detectors/yamlconfig/testdata/project/config/parameters.yml.j2 diff --git a/pkg/detectors/yamlconfig/testdata/project/docker-compose.yml.tpl b/internal/detectors/yamlconfig/testdata/project/docker-compose.yml.tpl similarity index 100% rename from pkg/detectors/yamlconfig/testdata/project/docker-compose.yml.tpl rename to internal/detectors/yamlconfig/testdata/project/docker-compose.yml.tpl diff --git a/pkg/detectors/yamlconfig/testdata/project/locale.en.yml b/internal/detectors/yamlconfig/testdata/project/locale.en.yml similarity index 100% rename from pkg/detectors/yamlconfig/testdata/project/locale.en.yml rename to internal/detectors/yamlconfig/testdata/project/locale.en.yml diff --git a/pkg/detectors/yamlconfig/testdata/project/locales/client.hu.yml b/internal/detectors/yamlconfig/testdata/project/locales/client.hu.yml similarity index 100% rename from pkg/detectors/yamlconfig/testdata/project/locales/client.hu.yml rename to internal/detectors/yamlconfig/testdata/project/locales/client.hu.yml diff --git a/pkg/detectors/yamlconfig/testdata/project/locales/en.yml b/internal/detectors/yamlconfig/testdata/project/locales/en.yml similarity index 100% rename from pkg/detectors/yamlconfig/testdata/project/locales/en.yml rename to internal/detectors/yamlconfig/testdata/project/locales/en.yml diff --git a/pkg/detectors/yamlconfig/testdata/project/translations/en.yml b/internal/detectors/yamlconfig/testdata/project/translations/en.yml similarity index 100% rename from pkg/detectors/yamlconfig/testdata/project/translations/en.yml rename to internal/detectors/yamlconfig/testdata/project/translations/en.yml diff --git a/pkg/detectors/yamlconfig/yamlconfig.go b/internal/detectors/yamlconfig/yamlconfig.go similarity index 87% rename from pkg/detectors/yamlconfig/yamlconfig.go rename to internal/detectors/yamlconfig/yamlconfig.go index 9d67418b4..a6e8fc707 100644 --- a/pkg/detectors/yamlconfig/yamlconfig.go +++ b/internal/detectors/yamlconfig/yamlconfig.go @@ -11,17 +11,17 @@ import ( sitter "github.com/smacker/go-tree-sitter" - "github.com/bearer/bearer/pkg/detectors/types" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/interfaces" - "github.com/bearer/bearer/pkg/report" - reportinterface "github.com/bearer/bearer/pkg/report/interfaces" - "github.com/bearer/bearer/pkg/util/file" - - "github.com/bearer/bearer/pkg/parser/sitter/config_variables" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/report/variables" + "github.com/bearer/bearer/internal/detectors/types" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/interfaces" + "github.com/bearer/bearer/internal/report" + reportinterface "github.com/bearer/bearer/internal/report/interfaces" + "github.com/bearer/bearer/internal/util/file" + + "github.com/bearer/bearer/internal/parser/sitter/config_variables" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/report/variables" ) var ( diff --git a/pkg/detectors/yamlconfig/yamlconfig_test.go b/internal/detectors/yamlconfig/yamlconfig_test.go similarity index 83% rename from pkg/detectors/yamlconfig/yamlconfig_test.go rename to internal/detectors/yamlconfig/yamlconfig_test.go index cccb6a40c..fe330320b 100644 --- a/pkg/detectors/yamlconfig/yamlconfig_test.go +++ b/internal/detectors/yamlconfig/yamlconfig_test.go @@ -6,8 +6,8 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/detectors/internal/testhelper" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/detectors/internal/testhelper" + "github.com/bearer/bearer/internal/report/detectors" ) const detectorType = detectors.DetectorYamlConfig diff --git a/pkg/flag/general_flags.go b/internal/flag/general_flags.go similarity index 98% rename from pkg/flag/general_flags.go rename to internal/flag/general_flags.go index bf79f3de3..1d9931011 100644 --- a/pkg/flag/general_flags.go +++ b/internal/flag/general_flags.go @@ -4,7 +4,7 @@ import ( "fmt" "github.com/bearer/bearer/api" - pointer "github.com/bearer/bearer/pkg/util/pointers" + pointer "github.com/bearer/bearer/internal/util/pointers" "github.com/rs/zerolog/log" ) diff --git a/pkg/flag/ignore_add_flags.go b/internal/flag/ignore_add_flags.go similarity index 100% rename from pkg/flag/ignore_add_flags.go rename to internal/flag/ignore_add_flags.go diff --git a/pkg/flag/ignore_migrate_flags.go b/internal/flag/ignore_migrate_flags.go similarity index 100% rename from pkg/flag/ignore_migrate_flags.go rename to internal/flag/ignore_migrate_flags.go diff --git a/pkg/flag/ignore_show_flags.go b/internal/flag/ignore_show_flags.go similarity index 100% rename from pkg/flag/ignore_show_flags.go rename to internal/flag/ignore_show_flags.go diff --git a/pkg/flag/options.go b/internal/flag/options.go similarity index 97% rename from pkg/flag/options.go rename to internal/flag/options.go index daaa4dea1..3f7a5deb0 100644 --- a/pkg/flag/options.go +++ b/internal/flag/options.go @@ -3,13 +3,13 @@ package flag import ( "errors" "fmt" + "slices" "strings" "time" "github.com/spf13/cobra" "github.com/spf13/pflag" "github.com/spf13/viper" - "github.com/ssoroka/slice" ) var ErrInvalidScannerReportCombination = errors.New("invalid scanner argument; privacy report requires sast scanner") @@ -161,6 +161,14 @@ func getDuration(flag *Flag) time.Duration { return viper.GetDuration(flag.ConfigName) } +func getInteger(flag *Flag) int { + if flag == nil { + return -1 + } + + return viper.GetInt(flag.ConfigName) +} + func (f *Flags) groups() []FlagGroup { var groups []FlagGroup // This order affects the usage message, so they are sorted by frequency of use. @@ -280,7 +288,7 @@ func (f *Flags) ToOptions(args []string) (Options, error) { return Options{}, fmt.Errorf("scan flag error: %w", err) } - if opts.ReportOptions.Report == "privacy" && !slice.Contains(opts.ScanOptions.Scanner, "sast") { + if opts.ReportOptions.Report == "privacy" && !slices.Contains(opts.ScanOptions.Scanner, "sast") { return Options{}, ErrInvalidScannerReportCombination } } diff --git a/pkg/flag/process_flags.go b/internal/flag/process_flags.go similarity index 56% rename from pkg/flag/process_flags.go rename to internal/flag/process_flags.go index e5610a20a..265164b6e 100644 --- a/pkg/flag/process_flags.go +++ b/internal/flag/process_flags.go @@ -1,6 +1,12 @@ package flag var ( + ParentProcessIDFlag = Flag{ + Name: "parent-process-id", + ConfigName: "process.parent-process-id", + Value: -1, + } + PortFlag = Flag{ Name: "port", ConfigName: "process.port", @@ -18,20 +24,22 @@ var ( ) type ProcessFlagGroup struct { - PortFlag *Flag - WorkerIDFlag *Flag - WorkerDebugProfileFlag *Flag + ParentProcessIDFlag *Flag + PortFlag *Flag + WorkerIDFlag *Flag } type ProcessOptions struct { - WorkerID string `mapstructure:"worker-id" json:"worker-id" yaml:"worker-id"` - Port string `mapstructure:"port" json:"port" yaml:"port"` + ParentProcessID int + WorkerID string `mapstructure:"worker-id" json:"worker-id" yaml:"worker-id"` + Port string `mapstructure:"port" json:"port" yaml:"port"` } func NewProcessGroup() *ProcessFlagGroup { return &ProcessFlagGroup{ - PortFlag: &PortFlag, - WorkerIDFlag: &WorkerIDFlag, + ParentProcessIDFlag: &ParentProcessIDFlag, + PortFlag: &PortFlag, + WorkerIDFlag: &WorkerIDFlag, } } @@ -41,6 +49,7 @@ func (f *ProcessFlagGroup) Name() string { func (f *ProcessFlagGroup) Flags() []*Flag { return []*Flag{ + f.ParentProcessIDFlag, f.PortFlag, f.WorkerIDFlag, } @@ -51,7 +60,8 @@ func (f *ProcessFlagGroup) ToOptions() (ProcessOptions, error) { workerID := getString(f.WorkerIDFlag) return ProcessOptions{ - Port: port, - WorkerID: workerID, + ParentProcessID: getInteger(f.ParentProcessIDFlag), + Port: port, + WorkerID: workerID, }, nil } diff --git a/pkg/flag/report_flags.go b/internal/flag/report_flags.go similarity index 99% rename from pkg/flag/report_flags.go rename to internal/flag/report_flags.go index 7d65ed700..e6e402e59 100644 --- a/pkg/flag/report_flags.go +++ b/internal/flag/report_flags.go @@ -3,7 +3,7 @@ package flag import ( "errors" - "github.com/bearer/bearer/pkg/types" + "github.com/bearer/bearer/internal/types" ) var ( diff --git a/pkg/flag/repository_flags.go b/internal/flag/repository_flags.go similarity index 100% rename from pkg/flag/repository_flags.go rename to internal/flag/repository_flags.go diff --git a/pkg/flag/rule_flags.go b/internal/flag/rule_flags.go similarity index 100% rename from pkg/flag/rule_flags.go rename to internal/flag/rule_flags.go diff --git a/pkg/flag/scan_flags.go b/internal/flag/scan_flags.go similarity index 100% rename from pkg/flag/scan_flags.go rename to internal/flag/scan_flags.go diff --git a/pkg/git/checkout.go b/internal/git/checkout.go similarity index 100% rename from pkg/git/checkout.go rename to internal/git/checkout.go diff --git a/pkg/git/clone.go b/internal/git/clone.go similarity index 97% rename from pkg/git/clone.go rename to internal/git/clone.go index 327742699..fba296860 100644 --- a/pkg/git/clone.go +++ b/internal/git/clone.go @@ -5,10 +5,10 @@ import ( "fmt" "net/url" "os" + "slices" "time" "github.com/rs/zerolog/log" - "github.com/ssoroka/slice" ) func CloneAndGetTree(token string, url *url.URL, branchName string) (*Tree, error) { @@ -68,7 +68,7 @@ func CloneRangeAndCheckoutFiles( } func appendMailmap(filenames []string, treeFiles []TreeFile) []string { - if slice.Contains(filenames, mailmapFilename) { + if slices.Contains(filenames, mailmapFilename) { return filenames } diff --git a/pkg/git/commit_list.go b/internal/git/commit_list.go similarity index 100% rename from pkg/git/commit_list.go rename to internal/git/commit_list.go diff --git a/pkg/git/current_commit.go b/internal/git/current_commit.go similarity index 100% rename from pkg/git/current_commit.go rename to internal/git/current_commit.go diff --git a/pkg/git/defunct_cleanup.go b/internal/git/defunct_cleanup.go similarity index 100% rename from pkg/git/defunct_cleanup.go rename to internal/git/defunct_cleanup.go diff --git a/pkg/git/fetch.go b/internal/git/fetch.go similarity index 100% rename from pkg/git/fetch.go rename to internal/git/fetch.go diff --git a/pkg/git/git.go b/internal/git/git.go similarity index 100% rename from pkg/git/git.go rename to internal/git/git.go diff --git a/pkg/git/renames.go b/internal/git/renames.go similarity index 100% rename from pkg/git/renames.go rename to internal/git/renames.go diff --git a/pkg/git/tree.go b/internal/git/tree.go similarity index 96% rename from pkg/git/tree.go rename to internal/git/tree.go index 75f23d0bd..e5c2971b3 100644 --- a/pkg/git/tree.go +++ b/internal/git/tree.go @@ -5,10 +5,9 @@ import ( "fmt" "io" "path" + "slices" "strings" "time" - - "github.com/ssoroka/slice" ) const blankID = "0000000000000000000000000000000000000000" @@ -106,7 +105,9 @@ func getObjectIDsForRangeFiles(rootDir, firstCommitSHA, lastCommitSHA string, fi return nil, err } - return slice.Unique(append(firstCommitFileObjectIDs, rangeUsedObjectIDs...)), nil + ids := append(firstCommitFileObjectIDs, rangeUsedObjectIDs...) + slices.Sort(ids) + return slices.Compact(ids), nil } // Returns all the object ids of files touched by the given range of commits. @@ -191,7 +192,7 @@ func getObjectIDsForFiles(rootDir, commitSHA string, filenames []string) ([]stri continue } - if slice.Contains(specialFiles, path.Base(treeFile.Filename)) { + if slices.Contains(specialFiles, path.Base(treeFile.Filename)) { objectIDs = append(objectIDs, treeFile.SHA) } } diff --git a/internal/github_api/version_check.go b/internal/github_api/version_check.go new file mode 100644 index 000000000..ac551a399 --- /dev/null +++ b/internal/github_api/version_check.go @@ -0,0 +1,29 @@ +package github_api + +import ( + "context" + "fmt" + "strings" + + "github.com/bearer/bearer/cmd/bearer/build" + "github.com/bearer/bearer/internal/util/output" + "github.com/google/go-github/github" + "github.com/rs/zerolog/log" +) + +func VersionCheck(ctx context.Context, disableVersionCheck bool, Quiet bool) { + if disableVersionCheck { + log.Debug().Msgf("Version checking disabled. Skipping version check") + } else { + client := github.NewClient(nil) + release, _, err := client.Repositories.GetLatestRelease(ctx, "bearer", "bearer") + if err != nil { + log.Debug().Msgf("couldn't retrieve latest release from GitHub %s", err) + } else { + version := strings.TrimPrefix(*release.Name, "v") + if version != build.Version && build.Version != "dev" && !Quiet { + output.StdErrLog(fmt.Sprintf("You are running an outdated version of Bearer CLI, %s is now available. You can find update instructions at https://docs.bearer.com/reference/installation/#updating-bearer", *release.Name)) + } + } + } +} diff --git a/new/detector/composition/java/.snapshots/TestScope--scope.yml b/internal/languages/java/.snapshots/TestScope--scope.yml similarity index 63% rename from new/detector/composition/java/.snapshots/TestScope--scope.yml rename to internal/languages/java/.snapshots/TestScope--scope.yml index c67dd3d89..1f5115f81 100644 --- a/new/detector/composition/java/.snapshots/TestScope--scope.yml +++ b/internal/languages/java/.snapshots/TestScope--scope.yml @@ -35,26 +35,26 @@ high: title: Test detection filter scopes description: Test detection filter scopes documentation_url: "" - line_number: 5 + line_number: 3 full_filename: scope.java filename: scope.java source: location: - start: 5 - end: 5 + start: 3 + end: 3 column: start: 1 - end: 42 + end: 48 sink: location: - start: 5 - end: 5 + start: 3 + end: 3 column: start: 1 - end: 42 - content: scopeNested(request.getParameter("oops")) - parent_line_number: 5 - snippet: scopeNested(request.getParameter("oops")) + end: 48 + content: 'scopeCursor(x ? request.getParameter("ok") : y)' + parent_line_number: 3 + snippet: 'scopeCursor(x ? request.getParameter("ok") : y)' fingerprint: bdbeee20feb34c6881d975716e2fe09f_1 old_fingerprint: bdbeee20feb34c6881d975716e2fe09f_1 - rule: @@ -73,17 +73,17 @@ high: end: 6 column: start: 1 - end: 50 + end: 42 sink: location: start: 6 end: 6 column: start: 1 - end: 50 - content: 'scopeNested(x ? request.getParameter("oops") : y)' + end: 42 + content: scopeNested(request.getParameter("oops")) parent_line_number: 6 - snippet: 'scopeNested(x ? request.getParameter("oops") : y)' + snippet: scopeNested(request.getParameter("oops")) fingerprint: bdbeee20feb34c6881d975716e2fe09f_2 old_fingerprint: bdbeee20feb34c6881d975716e2fe09f_2 - rule: @@ -102,19 +102,48 @@ high: end: 7 column: start: 1 - end: 50 + end: 46 sink: location: start: 7 end: 7 column: start: 1 - end: 50 - content: 'scopeNested(request.getParameter("oops") ? x : y)' + end: 46 + content: scopeNested(x + request.getParameter("oops")) parent_line_number: 7 - snippet: 'scopeNested(request.getParameter("oops") ? x : y)' + snippet: scopeNested(x + request.getParameter("oops")) fingerprint: bdbeee20feb34c6881d975716e2fe09f_3 old_fingerprint: bdbeee20feb34c6881d975716e2fe09f_3 + - rule: + cwe_ids: + - "42" + id: scope_test + title: Test detection filter scopes + description: Test detection filter scopes + documentation_url: "" + line_number: 8 + full_filename: scope.java + filename: scope.java + source: + location: + start: 8 + end: 8 + column: + start: 1 + end: 50 + sink: + location: + start: 8 + end: 8 + column: + start: 1 + end: 50 + content: 'scopeNested(x ? request.getParameter("oops") : y)' + parent_line_number: 8 + snippet: 'scopeNested(x ? request.getParameter("oops") : y)' + fingerprint: bdbeee20feb34c6881d975716e2fe09f_4 + old_fingerprint: bdbeee20feb34c6881d975716e2fe09f_4 - rule: cwe_ids: - "42" @@ -131,19 +160,48 @@ high: end: 9 column: start: 1 - end: 42 + end: 50 sink: location: start: 9 end: 9 + column: + start: 1 + end: 50 + content: 'scopeNested(request.getParameter("oops") ? x : y)' + parent_line_number: 9 + snippet: 'scopeNested(request.getParameter("oops") ? x : y)' + fingerprint: bdbeee20feb34c6881d975716e2fe09f_5 + old_fingerprint: bdbeee20feb34c6881d975716e2fe09f_5 + - rule: + cwe_ids: + - "42" + id: scope_test + title: Test detection filter scopes + description: Test detection filter scopes + documentation_url: "" + line_number: 11 + full_filename: scope.java + filename: scope.java + source: + location: + start: 11 + end: 11 + column: + start: 1 + end: 42 + sink: + location: + start: 11 + end: 11 column: start: 1 end: 42 content: scopeResult(request.getParameter("oops")) - parent_line_number: 9 + parent_line_number: 11 snippet: scopeResult(request.getParameter("oops")) - fingerprint: bdbeee20feb34c6881d975716e2fe09f_4 - old_fingerprint: bdbeee20feb34c6881d975716e2fe09f_4 + fingerprint: bdbeee20feb34c6881d975716e2fe09f_6 + old_fingerprint: bdbeee20feb34c6881d975716e2fe09f_6 - rule: cwe_ids: - "42" @@ -151,26 +209,55 @@ high: title: Test detection filter scopes description: Test detection filter scopes documentation_url: "" - line_number: 10 + line_number: 12 full_filename: scope.java filename: scope.java source: location: - start: 10 - end: 10 + start: 12 + end: 12 + column: + start: 1 + end: 46 + sink: + location: + start: 12 + end: 12 + column: + start: 1 + end: 46 + content: scopeResult(x + request.getParameter("oops")) + parent_line_number: 12 + snippet: scopeResult(x + request.getParameter("oops")) + fingerprint: bdbeee20feb34c6881d975716e2fe09f_7 + old_fingerprint: bdbeee20feb34c6881d975716e2fe09f_7 + - rule: + cwe_ids: + - "42" + id: scope_test + title: Test detection filter scopes + description: Test detection filter scopes + documentation_url: "" + line_number: 13 + full_filename: scope.java + filename: scope.java + source: + location: + start: 13 + end: 13 column: start: 1 end: 50 sink: location: - start: 10 - end: 10 + start: 13 + end: 13 column: start: 1 end: 50 content: 'scopeResult(x ? request.getParameter("oops") : y)' - parent_line_number: 10 + parent_line_number: 13 snippet: 'scopeResult(x ? request.getParameter("oops") : y)' - fingerprint: bdbeee20feb34c6881d975716e2fe09f_5 - old_fingerprint: bdbeee20feb34c6881d975716e2fe09f_5 + fingerprint: bdbeee20feb34c6881d975716e2fe09f_8 + old_fingerprint: bdbeee20feb34c6881d975716e2fe09f_8 diff --git a/new/detector/composition/java/.snapshots/flow/TestFlow--different-line.yml b/internal/languages/java/.snapshots/flow/TestFlow--different-line.yml similarity index 100% rename from new/detector/composition/java/.snapshots/flow/TestFlow--different-line.yml rename to internal/languages/java/.snapshots/flow/TestFlow--different-line.yml diff --git a/new/detector/composition/java/.snapshots/flow/TestFlow--same-line.yml b/internal/languages/java/.snapshots/flow/TestFlow--same-line.yml similarity index 100% rename from new/detector/composition/java/.snapshots/flow/TestFlow--same-line.yml rename to internal/languages/java/.snapshots/flow/TestFlow--same-line.yml diff --git a/internal/languages/java/analyzer/analyzer.go b/internal/languages/java/analyzer/analyzer.go new file mode 100644 index 000000000..e097e4d3a --- /dev/null +++ b/internal/languages/java/analyzer/analyzer.go @@ -0,0 +1,271 @@ +package analyzer + +import ( + "slices" + "strings" + + sitter "github.com/smacker/go-tree-sitter" + + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/language" +) + +// methods that use `this` in their result +var reflexiveMethods = []string{ + // String + "getBytes", + "replace", + "replaceAll", + "split", + "substring", + "toCharArray", + // StringBuilder + "append", + "toString", + // Enumeration + "nextElement", +} + +type analyzer struct { + builder *tree.Builder + scope *language.Scope +} + +func New(builder *tree.Builder) language.Analyzer { + return &analyzer{ + builder: builder, + scope: language.NewScope(nil), + } +} + +func (analyzer *analyzer) Analyze(node *sitter.Node, visitChildren func() error) error { + switch node.Type() { + case "class_body", + "method_declaration", + "lambda_expression", + "for_statement", + "block", + "try_with_resources_statement": + return analyzer.withScope(language.NewScope(analyzer.scope), func() error { + return visitChildren() + }) + case "assignment_expression": + return analyzer.analyzeAssignment(node, visitChildren) + case "variable_declarator": + return analyzer.analyzeVariableDeclarator(node, visitChildren) + case "parenthesized_expression": + return analyzer.analyzeParentheses(node, visitChildren) + case "ternary_expression": + return analyzer.analyzeTernary(node, visitChildren) + case "method_invocation": + return analyzer.analyzeMethodInvocation(node, visitChildren) + case "field_access": + return analyzer.analyzeFieldAccess(node, visitChildren) + case "enhanced_for_statement": + return analyzer.analyzeEnhancedForStatement(node, visitChildren) + case "formal_parameter", "catch_formal_parameter": + return analyzer.analyzeParameter(node, visitChildren) + case "resource": + return analyzer.analyzeResource(node, visitChildren) + case "switch": + return analyzer.analyzeSwitch(node, visitChildren) + case "switch_block": + return analyzer.analyzeGenericConstruct(node, visitChildren) + case "switch_label": + return visitChildren() + case "argument_list", "array_access", "array_initializer", "binary_expression", "unary_expression": + return analyzer.analyzeGenericOperation(node, visitChildren) + default: + // statements don't have results + if !strings.HasSuffix(node.Type(), "_statement") { + analyzer.builder.Dataflow(node, analyzer.builder.ChildrenExcept(node, node.ChildByFieldName("condition"))...) + } + + return visitChildren() + } +} + +// foo = a +// foo += a +func (analyzer *analyzer) analyzeAssignment(node *sitter.Node, visitChildren func() error) error { + left := node.ChildByFieldName("left") + right := node.ChildByFieldName("right") + operator := node.Child(1) + + if analyzer.builder.ContentFor(operator) == "=" { + analyzer.builder.Alias(node, right) + } else { + analyzer.lookupVariable(left) + analyzer.builder.Dataflow(node, left, right) + } + + analyzer.lookupVariable(right) + + err := visitChildren() + + if left.Type() == "identifier" { + analyzer.scope.Assign(analyzer.builder.ContentFor(left), node) + } + + return err +} + +// the "foo = 1" part in: +// +// class X { +// void m() { +// Integer foo = 1; +// } +// } +func (analyzer *analyzer) analyzeVariableDeclarator(node *sitter.Node, visitChildren func() error) error { + name := node.ChildByFieldName("name") + + // backwards compatibility with rules. fixup rules to use variable name node, + // and then remove this + analyzer.builder.Alias(name, node.Parent()) + + if value := node.ChildByFieldName("value"); value != nil { + analyzer.lookupVariable(value) + analyzer.builder.Alias(name, value) + } + + err := visitChildren() + + analyzer.scope.Declare(analyzer.builder.ContentFor(name), name) + + return err +} + +// (foo) +func (analyzer *analyzer) analyzeParentheses(node *sitter.Node, visitChildren func() error) error { + child := node.NamedChild(0) + analyzer.builder.Alias(node, child) + analyzer.lookupVariable(child) + + return visitChildren() +} + +// a ? x : y +func (analyzer *analyzer) analyzeTernary(node *sitter.Node, visitChildren func() error) error { + condition := node.ChildByFieldName("condition") + consequence := node.ChildByFieldName("consequence") + alternative := node.ChildByFieldName("alternative") + + analyzer.lookupVariable(condition) + analyzer.lookupVariable(consequence) + analyzer.lookupVariable(alternative) + + analyzer.builder.Alias(node, consequence, alternative) + + return visitChildren() +} + +// foo.bar(1, 2); +func (analyzer *analyzer) analyzeMethodInvocation(node *sitter.Node, visitChildren func() error) error { + if object := node.ChildByFieldName("object"); object != nil { + analyzer.lookupVariable(object) + + if slices.Contains(reflexiveMethods, analyzer.builder.ContentFor(node.ChildByFieldName("name"))) { + analyzer.builder.Dataflow(node, object) + } + } + + if arguments := node.ChildByFieldName("arguments"); arguments != nil { + analyzer.builder.Dataflow(node, arguments) + } + + return visitChildren() +} + +// foo.bar +func (analyzer *analyzer) analyzeFieldAccess(node *sitter.Node, visitChildren func() error) error { + analyzer.lookupVariable(node.ChildByFieldName("object")) + + return visitChildren() +} + +// for (String value : array) +func (analyzer *analyzer) analyzeEnhancedForStatement(node *sitter.Node, visitChildren func() error) error { + return analyzer.withScope(language.NewScope(analyzer.scope), func() error { + name := node.ChildByFieldName("name") + value := node.ChildByFieldName("value") + + analyzer.lookupVariable(value) + analyzer.builder.Dataflow(name, value) + analyzer.scope.Declare(analyzer.builder.ContentFor(name), name) + + return visitChildren() + }) +} + +// method parameter declaration or catch parameter declaration +// +// void m(String foo) {} +// try {} catch (Exception foo) {} +func (analyzer *analyzer) analyzeParameter(node *sitter.Node, visitChildren func() error) error { + name := node.ChildByFieldName("name") + analyzer.builder.Alias(node, name) + + if name.Type() == "identifier" { + analyzer.scope.Declare(analyzer.builder.ContentFor(name), name) + } + + return visitChildren() +} + +// parts like "foo" and "File f = open()" from: +// try (foo; File f = open(); Other b = ...) {} +func (analyzer *analyzer) analyzeResource(node *sitter.Node, visitChildren func() error) error { + if name := node.ChildByFieldName("name"); name != nil { + value := node.ChildByFieldName("value") + analyzer.builder.Alias(node, value) + analyzer.scope.Declare(analyzer.builder.ContentFor(name), name) + } + + return visitChildren() +} + +func (analyzer *analyzer) analyzeSwitch(node *sitter.Node, visitChildren func() error) error { + analyzer.builder.Alias(node, node.ChildByFieldName("body")) + + return visitChildren() +} + +// default analysis, where the children are assumed to be aliases +func (analyzer *analyzer) analyzeGenericConstruct(node *sitter.Node, visitChildren func() error) error { + analyzer.builder.Alias(node, analyzer.builder.ChildrenFor(node)...) + + return visitChildren() +} + +// default analysis, where the children are assumed to be data sources +func (analyzer *analyzer) analyzeGenericOperation(node *sitter.Node, visitChildren func() error) error { + children := analyzer.builder.ChildrenFor(node) + analyzer.builder.Dataflow(node, children...) + + for _, child := range children { + analyzer.lookupVariable(child) + } + + return visitChildren() +} + +func (analyzer *analyzer) withScope(newScope *language.Scope, body func() error) error { + oldScope := analyzer.scope + + analyzer.scope = newScope + err := body() + analyzer.scope = oldScope + + return err +} + +func (analyzer *analyzer) lookupVariable(node *sitter.Node) { + if node == nil || node.Type() != "identifier" { + return + } + + if pointsToNode := analyzer.scope.Lookup(analyzer.builder.ContentFor(node)); pointsToNode != nil { + analyzer.builder.Alias(node, pointsToNode) + } +} diff --git a/internal/languages/java/detectors/.snapshots/TestJavaObjects-object_class b/internal/languages/java/detectors/.snapshots/TestJavaObjects-object_class new file mode 100644 index 000000000..23b660811 --- /dev/null +++ b/internal/languages/java/detectors/.snapshots/TestJavaObjects-object_class @@ -0,0 +1,227 @@ +type: program +id: 0 +range: 1:1 - 9:2 +dataflow_sources: + - 1 +children: + - type: class_declaration + id: 1 + range: 1:1 - 9:2 + dataflow_sources: + - 2 + - 4 + - 5 + - 6 + queries: + - 1 + children: + - type: modifiers + id: 2 + range: 1:1 - 1:7 + dataflow_sources: + - 3 + children: + - type: '"public"' + id: 3 + range: 1:1 - 1:7 + - type: '"class"' + id: 4 + range: 1:8 - 1:13 + - type: identifier + id: 5 + range: 1:14 - 1:18 + content: User + - type: class_body + id: 6 + range: 2:1 - 9:2 + children: + - type: '"{"' + id: 7 + range: 2:1 - 2:2 + - type: field_declaration + id: 8 + range: 3:5 - 3:24 + dataflow_sources: + - 9 + - 11 + - 12 + - 14 + children: + - type: modifiers + id: 9 + range: 3:5 - 3:11 + dataflow_sources: + - 10 + children: + - type: '"public"' + id: 10 + range: 3:5 - 3:11 + - type: type_identifier + id: 11 + range: 3:12 - 3:18 + content: String + - type: variable_declarator + id: 12 + range: 3:19 - 3:23 + children: + - type: identifier + id: 13 + range: 3:19 - 3:23 + content: name + alias_of: + - 8 + - type: '";"' + id: 14 + range: 3:23 - 3:24 + - type: method_declaration + id: 15 + range: 5:5 - 8:6 + children: + - type: modifiers + id: 16 + range: 5:5 - 5:11 + dataflow_sources: + - 17 + children: + - type: '"public"' + id: 17 + range: 5:5 - 5:11 + - type: type_identifier + id: 18 + range: 5:12 - 5:18 + content: String + - type: identifier + id: 19 + range: 5:19 - 5:32 + content: LowercaseName + - type: formal_parameters + id: 20 + range: 5:32 - 5:34 + dataflow_sources: + - 21 + - 22 + children: + - type: '"("' + id: 21 + range: 5:32 - 5:33 + - type: '")"' + id: 22 + range: 5:33 - 5:34 + - type: block + id: 23 + range: 6:5 - 8:6 + children: + - type: '"{"' + id: 24 + range: 6:5 - 6:6 + - type: return_statement + id: 25 + range: 7:9 - 7:35 + children: + - type: '"return"' + id: 26 + range: 7:9 - 7:15 + - type: method_invocation + id: 27 + range: 7:16 - 7:34 + dataflow_sources: + - 31 + children: + - type: identifier + id: 28 + range: 7:16 - 7:20 + content: name + alias_of: + - 13 + - type: '"."' + id: 29 + range: 7:20 - 7:21 + - type: identifier + id: 30 + range: 7:21 - 7:32 + content: toLowerCase + - type: argument_list + id: 31 + range: 7:32 - 7:34 + dataflow_sources: + - 32 + - 33 + children: + - type: '"("' + id: 32 + range: 7:32 - 7:33 + - type: '")"' + id: 33 + range: 7:33 - 7:34 + - type: '";"' + id: 34 + range: 7:34 - 7:35 + - type: '"}"' + id: 35 + range: 8:5 - 8:6 + - type: '"}"' + id: 36 + range: 9:1 - 9:2 + +- node: 1 + content: |- + public class User + { + public String name; + + public String LowercaseName() + { + return name.toLowerCase(); + } + } + data: + properties: + - name: User + node: null + object: + ruleid: object + matchnode: + id: 1 + typeid: 1 + contentstart: + byte: 0 + line: 1 + column: 1 + contentend: + byte: 127 + line: 9 + column: 2 + executingdetectors: [] + data: + properties: + - name: name + node: + id: 13 + typeid: 5 + contentstart: + byte: 38 + line: 3 + column: 19 + contentend: + byte: 42 + line: 3 + column: 23 + executingdetectors: [] + object: null + - name: LowercaseName + node: + id: 19 + typeid: 5 + contentstart: + byte: 63 + line: 5 + column: 19 + contentend: + byte: 76 + line: 5 + column: 32 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + diff --git a/internal/languages/java/detectors/.snapshots/TestJavaObjects-object_no_class b/internal/languages/java/detectors/.snapshots/TestJavaObjects-object_no_class new file mode 100644 index 000000000..058a9dc5c --- /dev/null +++ b/internal/languages/java/detectors/.snapshots/TestJavaObjects-object_no_class @@ -0,0 +1,59 @@ +type: program +id: 0 +range: 1:1 - 1:11 +dataflow_sources: + - 1 +children: + - type: expression_statement + id: 1 + range: 1:1 - 1:11 + children: + - type: field_access + id: 2 + range: 1:1 - 1:10 + queries: + - 2 + children: + - type: identifier + id: 3 + range: 1:1 - 1:5 + content: user + - type: '"."' + id: 4 + range: 1:5 - 1:6 + - type: identifier + id: 5 + range: 1:6 - 1:10 + content: name + - type: '";"' + id: 6 + range: 1:10 - 1:11 + +- node: 2 + content: user.name + data: + properties: + - name: user + node: null + object: + ruleid: object + matchnode: + id: 2 + typeid: 2 + contentstart: + byte: 0 + line: 1 + column: 1 + contentend: + byte: 9 + line: 1 + column: 10 + executingdetectors: [] + data: + properties: + - name: name + node: null + object: null + isvirtual: true + isvirtual: true + diff --git a/internal/languages/java/detectors/.snapshots/TestJavaString-string b/internal/languages/java/detectors/.snapshots/TestJavaString-string new file mode 100644 index 000000000..c6bf64a4f --- /dev/null +++ b/internal/languages/java/detectors/.snapshots/TestJavaString-string @@ -0,0 +1,382 @@ +type: program +id: 0 +range: 1:1 - 14:1 +dataflow_sources: + - 1 +children: + - type: class_declaration + id: 1 + range: 1:1 - 13:2 + dataflow_sources: + - 2 + - 4 + - 5 + - 6 + queries: + - 1 + children: + - type: modifiers + id: 2 + range: 1:1 - 1:7 + dataflow_sources: + - 3 + children: + - type: '"public"' + id: 3 + range: 1:1 - 1:7 + - type: '"class"' + id: 4 + range: 1:8 - 1:13 + - type: identifier + id: 5 + range: 1:14 - 1:19 + content: Greet + - type: class_body + id: 6 + range: 1:20 - 13:2 + children: + - type: '"{"' + id: 7 + range: 1:20 - 1:21 + - type: field_declaration + id: 8 + range: 2:3 - 2:34 + dataflow_sources: + - 9 + - 10 + - 14 + children: + - type: type_identifier + id: 9 + range: 2:3 - 2:8 + content: const + - type: variable_declarator + id: 10 + range: 2:9 - 2:33 + children: + - type: identifier + id: 11 + range: 2:9 - 2:17 + content: Greeting + alias_of: + - 8 + - 13 + - type: '"="' + id: 12 + range: 2:18 - 2:19 + - type: string_literal + id: 13 + range: 2:20 - 2:33 + content: '"Hello World"' + - type: '";"' + id: 14 + range: 2:33 - 2:34 + - type: method_declaration + id: 15 + range: 4:3 - 12:4 + children: + - type: modifiers + id: 16 + range: 4:3 - 4:16 + dataflow_sources: + - 17 + - 18 + children: + - type: '"public"' + id: 17 + range: 4:3 - 4:9 + - type: '"static"' + id: 18 + range: 4:10 - 4:16 + - type: void_type + id: 19 + range: 4:17 - 4:21 + content: void + - type: identifier + id: 20 + range: 4:22 - 4:26 + content: main + - type: formal_parameters + id: 21 + range: 4:26 - 4:41 + dataflow_sources: + - 22 + - 23 + - 30 + children: + - type: '"("' + id: 22 + range: 4:26 - 4:27 + - type: formal_parameter + id: 23 + range: 4:27 - 4:40 + alias_of: + - 29 + children: + - type: array_type + id: 24 + range: 4:27 - 4:35 + dataflow_sources: + - 25 + - 26 + children: + - type: type_identifier + id: 25 + range: 4:27 - 4:33 + content: String + - type: dimensions + id: 26 + range: 4:33 - 4:35 + dataflow_sources: + - 27 + - 28 + children: + - type: '"["' + id: 27 + range: 4:33 - 4:34 + - type: '"]"' + id: 28 + range: 4:34 - 4:35 + - type: identifier + id: 29 + range: 4:36 - 4:40 + content: args + - type: '")"' + id: 30 + range: 4:40 - 4:41 + - type: block + id: 31 + range: 5:3 - 12:4 + children: + - type: '"{"' + id: 32 + range: 5:3 - 5:4 + - type: local_variable_declaration + id: 33 + range: 6:5 - 6:28 + dataflow_sources: + - 34 + - 35 + - 42 + children: + - type: type_identifier + id: 34 + range: 6:5 - 6:8 + content: var + - type: variable_declarator + id: 35 + range: 6:9 - 6:27 + children: + - type: identifier + id: 36 + range: 6:9 - 6:10 + content: s + alias_of: + - 33 + - 38 + - type: '"="' + id: 37 + range: 6:11 - 6:12 + - type: binary_expression + id: 38 + range: 6:13 - 6:27 + dataflow_sources: + - 39 + - 40 + - 41 + children: + - type: identifier + id: 39 + range: 6:13 - 6:21 + content: Greeting + alias_of: + - 11 + - type: '"+"' + id: 40 + range: 6:22 - 6:23 + - type: string_literal + id: 41 + range: 6:24 - 6:27 + content: '"!"' + - type: '";"' + id: 42 + range: 6:27 - 6:28 + - type: expression_statement + id: 43 + range: 7:5 - 7:15 + children: + - type: assignment_expression + id: 44 + range: 7:5 - 7:14 + dataflow_sources: + - 45 + - 47 + queries: + - 0 + children: + - type: identifier + id: 45 + range: 7:5 - 7:6 + content: s + alias_of: + - 36 + - type: '"+="' + id: 46 + range: 7:7 - 7:9 + - type: string_literal + id: 47 + range: 7:10 - 7:14 + content: '"!!"' + - type: '";"' + id: 48 + range: 7:14 - 7:15 + - type: local_variable_declaration + id: 49 + range: 9:5 - 9:24 + dataflow_sources: + - 50 + - 51 + - 55 + children: + - type: type_identifier + id: 50 + range: 9:5 - 9:11 + content: String + - type: variable_declarator + id: 51 + range: 9:12 - 9:23 + children: + - type: identifier + id: 52 + range: 9:12 - 9:14 + content: s2 + alias_of: + - 49 + - 54 + - type: '"="' + id: 53 + range: 9:15 - 9:16 + - type: string_literal + id: 54 + range: 9:17 - 9:23 + content: '"hey "' + - type: '";"' + id: 55 + range: 9:23 - 9:24 + - type: expression_statement + id: 56 + range: 10:5 - 10:19 + children: + - type: assignment_expression + id: 57 + range: 10:5 - 10:18 + dataflow_sources: + - 58 + - 60 + queries: + - 0 + children: + - type: identifier + id: 58 + range: 10:5 - 10:7 + content: s2 + alias_of: + - 52 + - type: '"+="' + id: 59 + range: 10:8 - 10:10 + - type: array_access + id: 60 + range: 10:11 - 10:18 + dataflow_sources: + - 61 + - 62 + - 63 + - 64 + children: + - type: identifier + id: 61 + range: 10:11 - 10:15 + content: args + alias_of: + - 29 + - type: '"["' + id: 62 + range: 10:15 - 10:16 + - type: decimal_integer_literal + id: 63 + range: 10:16 - 10:17 + content: "0" + - type: '"]"' + id: 64 + range: 10:17 - 10:18 + - type: '";"' + id: 65 + range: 10:18 - 10:19 + - type: expression_statement + id: 66 + range: 11:5 - 11:20 + children: + - type: assignment_expression + id: 67 + range: 11:5 - 11:19 + dataflow_sources: + - 68 + - 70 + queries: + - 0 + children: + - type: identifier + id: 68 + range: 11:5 - 11:7 + content: s2 + alias_of: + - 57 + - type: '"+="' + id: 69 + range: 11:8 - 11:10 + - type: string_literal + id: 70 + range: 11:11 - 11:19 + content: '" there"' + - type: '";"' + id: 71 + range: 11:19 - 11:20 + - type: '"}"' + id: 72 + range: 12:3 - 12:4 + - type: '"}"' + id: 73 + range: 13:1 - 13:2 + +- node: 13 + content: '"Hello World"' + data: + value: Hello World + isliteral: true +- node: 38 + content: Greeting + "!" + data: + value: Hello World! + isliteral: true +- node: 47 + content: '"!!"' + data: + value: '!!' + isliteral: true +- node: 54 + content: '"hey "' + data: + value: 'hey ' + isliteral: true +- node: 70 + content: '" there"' + data: + value: ' there' + isliteral: true +- node: 41 + content: '"!"' + data: + value: '!' + isliteral: true + diff --git a/new/detector/implementation/java/java_test.go b/internal/languages/java/detectors/detectors_test.go similarity index 63% rename from new/detector/implementation/java/java_test.go rename to internal/languages/java/detectors/detectors_test.go index 01f3b279e..57e36ed32 100644 --- a/new/detector/implementation/java/java_test.go +++ b/internal/languages/java/detectors/detectors_test.go @@ -1,10 +1,10 @@ -package java_test +package detectors_test import ( "testing" - "github.com/bearer/bearer/new/detector/composition/java" - "github.com/bearer/bearer/new/detector/implementation/testhelper" + "github.com/bearer/bearer/internal/languages/java" + "github.com/bearer/bearer/internal/scanner/detectors/testhelper" ) func TestJavaObjects(t *testing.T) { @@ -17,5 +17,5 @@ func TestJavaString(t *testing.T) { } func runTest(t *testing.T, name, detectorType, fileName string) { - testhelper.RunTest(t, name, java.New, detectorType, fileName) + testhelper.RunTest(t, name, java.Get(), detectorType, fileName) } diff --git a/new/detector/implementation/java/object/object.go b/internal/languages/java/detectors/object/object.go similarity index 59% rename from new/detector/implementation/java/object/object.go rename to internal/languages/java/detectors/object/object.go index 7dc88c844..1a5a5aa75 100644 --- a/new/detector/implementation/java/object/object.go +++ b/internal/languages/java/detectors/object/object.go @@ -1,25 +1,25 @@ package object import ( - "github.com/bearer/bearer/new/detector/detection" - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/ruleset" - "github.com/bearer/bearer/new/detector/implementation/generic" - generictypes "github.com/bearer/bearer/new/detector/implementation/generic/types" + "github.com/bearer/bearer/internal/scanner/detectors/common" + "github.com/bearer/bearer/internal/scanner/detectors/types" ) type objectDetector struct { types.DetectorBase // Base - classQuery *tree.Query + classQuery *query.Query // Naming - assignmentQuery *tree.Query + assignmentQuery *query.Query // Projection - fieldAccessQuery *tree.Query + fieldAccessQuery *query.Query } -func New(querySet *tree.QuerySet) (types.Detector, error) { +func New(querySet *query.Set) types.Detector { // user = // User user = assignmentQuery := querySet.Add(`[ @@ -53,22 +53,18 @@ func New(querySet *tree.QuerySet) (types.Detector, error) { assignmentQuery: assignmentQuery, classQuery: classQuery, fieldAccessQuery: fieldAccessQuery, - }, nil -} - -func (detector *objectDetector) Name() string { - return "object" + } } -func (detector *objectDetector) NestedDetections() bool { - return false +func (detector *objectDetector) Rule() *ruleset.Rule { + return ruleset.BuiltinObjectRule } func (detector *objectDetector) DetectAt( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { - detections, err := detector.getAssignment(node, evaluationState) + detections, err := detector.getAssignment(node, detectorContext) if len(detections) != 0 || err != nil { return detections, err } @@ -78,12 +74,12 @@ func (detector *objectDetector) DetectAt( return detections, err } - return detector.getProjections(node, evaluationState) + return detector.getProjections(node, detectorContext) } func (detector *objectDetector) getAssignment( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { result, err := detector.assignmentQuery.MatchOnceAt(node) @@ -91,16 +87,19 @@ func (detector *objectDetector) getAssignment( return nil, err } - rightObjects, err := generic.GetNonVirtualObjects(evaluationState, result["right"]) + rightObjects, err := common.GetNonVirtualObjects( + detectorContext, + result["value"], + ) if err != nil { return nil, err } var objects []interface{} for _, object := range rightObjects { - objects = append(objects, generictypes.Object{ + objects = append(objects, common.Object{ IsVirtual: true, - Properties: []generictypes.Property{{ + Properties: []common.Property{{ Name: result["name"].Content(), Node: node, Object: object, @@ -112,36 +111,33 @@ func (detector *objectDetector) getAssignment( } func (detector *objectDetector) getClass(node *tree.Node) ([]interface{}, error) { - results, err := detector.classQuery.MatchAt(node) - if len(results) == 0 || err != nil { - return nil, err + results := detector.classQuery.MatchAt(node) + if len(results) == 0 { + return nil, nil } className := results[0]["class_name"].Content() - var properties []generictypes.Property + var properties []common.Property for _, result := range results { nameNode := result["name"] - properties = append(properties, generictypes.Property{ + properties = append(properties, common.Property{ Name: nameNode.Content(), Node: nameNode, }) } - return []interface{}{generictypes.Object{ - Properties: []generictypes.Property{{ + return []interface{}{common.Object{ + Properties: []common.Property{{ Name: className, - Object: &detection.Detection{ - DetectorType: "object", - MatchNode: node, - Data: generictypes.Object{ + Object: &types.Detection{ + RuleID: ruleset.BuiltinObjectRule.ID(), + MatchNode: node, + Data: common.Object{ Properties: properties, }, }, }}, }}, nil } - -func (detector *objectDetector) Close() { -} diff --git a/new/detector/implementation/java/object/projection.go b/internal/languages/java/detectors/object/projection.go similarity index 76% rename from new/detector/implementation/java/object/projection.go rename to internal/languages/java/detectors/object/projection.go index 3046965ad..4eaa6ea66 100644 --- a/new/detector/implementation/java/object/projection.go +++ b/internal/languages/java/detectors/object/projection.go @@ -1,14 +1,15 @@ package object import ( - "github.com/bearer/bearer/new/detector/implementation/generic" - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" + "github.com/bearer/bearer/internal/scanner/ast/tree" + + "github.com/bearer/bearer/internal/scanner/detectors/common" + "github.com/bearer/bearer/internal/scanner/detectors/types" ) func (detector *objectDetector) getProjections( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { result, err := detector.fieldAccessQuery.MatchOnceAt(node) if err != nil { @@ -18,9 +19,9 @@ func (detector *objectDetector) getProjections( if result != nil { objectNode := result["object"] - objects, err := generic.ProjectObject( + objects, err := common.ProjectObject( node, - evaluationState, + detectorContext, objectNode, getObjectName(objectNode), result["field"].Content(), diff --git a/internal/languages/java/detectors/string/string.go b/internal/languages/java/detectors/string/string.go new file mode 100644 index 000000000..66b8a0a8e --- /dev/null +++ b/internal/languages/java/detectors/string/string.go @@ -0,0 +1,46 @@ +package string + +import ( + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/ruleset" + "github.com/bearer/bearer/internal/util/stringutil" + + "github.com/bearer/bearer/internal/scanner/detectors/common" + "github.com/bearer/bearer/internal/scanner/detectors/types" +) + +type stringDetector struct { + types.DetectorBase +} + +func New(querySet *query.Set) types.Detector { + return &stringDetector{} +} + +func (detector *stringDetector) Rule() *ruleset.Rule { + return ruleset.BuiltinStringRule +} + +func (detector *stringDetector) DetectAt( + node *tree.Node, + detectorContext types.Context, +) ([]interface{}, error) { + switch node.Type() { + case "string_literal": + return []interface{}{common.String{ + Value: stringutil.StripQuotes(node.Content()), + IsLiteral: true, + }}, nil + case "binary_expression": + if node.Children()[1].Content() == "+" { + return common.ConcatenateChildStrings(node, detectorContext) + } + case "assignment_expression": + if node.Children()[1].Content() == "+=" { + return common.ConcatenateAssignEquals(node, detectorContext) + } + } + + return nil, nil +} diff --git a/new/detector/implementation/java/testdata/class.java b/internal/languages/java/detectors/testdata/class.java similarity index 100% rename from new/detector/implementation/java/testdata/class.java rename to internal/languages/java/detectors/testdata/class.java diff --git a/new/detector/implementation/java/testdata/no_class.java b/internal/languages/java/detectors/testdata/no_class.java similarity index 100% rename from new/detector/implementation/java/testdata/no_class.java rename to internal/languages/java/detectors/testdata/no_class.java diff --git a/new/detector/implementation/java/testdata/string.java b/internal/languages/java/detectors/testdata/string.java similarity index 100% rename from new/detector/implementation/java/testdata/string.java rename to internal/languages/java/detectors/testdata/string.java diff --git a/internal/languages/java/java.go b/internal/languages/java/java.go new file mode 100644 index 000000000..4d0b67d82 --- /dev/null +++ b/internal/languages/java/java.go @@ -0,0 +1,59 @@ +package java + +import ( + sitter "github.com/smacker/go-tree-sitter" + "github.com/smacker/go-tree-sitter/java" + + "github.com/bearer/bearer/internal/classification/schema" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/tree" + detectortypes "github.com/bearer/bearer/internal/scanner/detectors/types" + + "github.com/bearer/bearer/internal/languages/java/analyzer" + "github.com/bearer/bearer/internal/languages/java/detectors/object" + stringdetector "github.com/bearer/bearer/internal/languages/java/detectors/string" + "github.com/bearer/bearer/internal/languages/java/pattern" + "github.com/bearer/bearer/internal/scanner/detectors/datatype" + "github.com/bearer/bearer/internal/scanner/detectors/insecureurl" + "github.com/bearer/bearer/internal/scanner/detectors/stringliteral" + "github.com/bearer/bearer/internal/scanner/language" +) + +type implementation struct { + pattern pattern.Pattern +} + +func Get() language.Language { + return &implementation{} +} + +func (*implementation) ID() string { + return "java" +} + +func (*implementation) EnryLanguages() []string { + return []string{"Java"} +} + +func (*implementation) NewBuiltInDetectors(schemaClassifier *schema.Classifier, querySet *query.Set) []detectortypes.Detector { + return []detectortypes.Detector{ + object.New(querySet), + datatype.New(detectors.DetectorJava, schemaClassifier), + stringdetector.New(querySet), + stringliteral.New(querySet), + insecureurl.New(querySet), + } +} + +func (*implementation) SitterLanguage() *sitter.Language { + return java.GetLanguage() +} + +func (language *implementation) Pattern() language.Pattern { + return &language.pattern +} + +func (*implementation) NewAnalyzer(builder *tree.Builder) language.Analyzer { + return analyzer.New(builder) +} diff --git a/new/detector/composition/java/java_test.go b/internal/languages/java/java_test.go similarity index 86% rename from new/detector/composition/java/java_test.go rename to internal/languages/java/java_test.go index 98f14e2dd..d3d8ee6fe 100644 --- a/new/detector/composition/java/java_test.go +++ b/internal/languages/java/java_test.go @@ -4,7 +4,7 @@ import ( _ "embed" "testing" - "github.com/bearer/bearer/new/detector/composition/testhelper" + "github.com/bearer/bearer/internal/languages/testhelper" ) //go:embed testdata/logger.yml diff --git a/internal/languages/java/pattern/pattern.go b/internal/languages/java/pattern/pattern.go new file mode 100644 index 000000000..be455cbc1 --- /dev/null +++ b/internal/languages/java/pattern/pattern.go @@ -0,0 +1,122 @@ +package pattern + +import ( + "fmt" + "regexp" + "slices" + "strings" + + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/language" + "github.com/bearer/bearer/internal/util/regex" +) + +var ( + // $ or $ or $ + patternQueryVariableRegex = regexp.MustCompile(`\$<(?P[^>:!\.]+)(?::(?P[^>]+))?>`) + matchNodeRegex = regexp.MustCompile(`\$`) + ellipsisRegex = regexp.MustCompile(`\$<\.\.\.>`) + + // todo: see if it is ok to replace typescripts `member_expression` with javas `field_access` and `method_invocation` + allowedPatternQueryTypes = []string{"identifier", "type_identifier", "_", "field_access", "method_invocation", "string_literal"} +) + +type Pattern struct { + language.PatternBase +} + +func (*Pattern) ExtractVariables(input string) (string, []language.PatternVariable, error) { + nameIndex := patternQueryVariableRegex.SubexpIndex("name") + typesIndex := patternQueryVariableRegex.SubexpIndex("types") + i := 0 + + var params []language.PatternVariable + + replaced, err := regex.ReplaceAllWithSubmatches(patternQueryVariableRegex, input, func(submatches []string) (string, error) { + nodeTypes := strings.Split(submatches[typesIndex], "|") + if nodeTypes[0] == "" { + nodeTypes = []string{"_"} + } + + for _, nodeType := range nodeTypes { + if !slices.Contains(allowedPatternQueryTypes, nodeType) { + return "", fmt.Errorf("invalid node type '%s' in pattern query", nodeType) + } + } + + dummyValue := produceDummyValue(i, nodeTypes[0]) + + params = append(params, language.PatternVariable{ + Name: submatches[nameIndex], + NodeTypes: nodeTypes, + DummyValue: dummyValue, + }) + + i += 1 + + return dummyValue, nil + }) + + if err != nil { + return "", nil, err + } + + return replaced, params, nil +} + +func produceDummyValue(i int, nodeType string) string { + return "CurioVar" + fmt.Sprint(i) +} + +func (*Pattern) FindMatchNode(input []byte) [][]int { + return matchNodeRegex.FindAllIndex(input, -1) +} + +func (*Pattern) FindUnanchoredPoints(input []byte) [][]int { + return ellipsisRegex.FindAllIndex(input, -1) +} + +func (*Pattern) LeafContentTypes() []string { + return []string{ + // todo: see if type identifier should be removed from here (User user) `User` is type + // identifiers + "identifier", "modifier", + // types + // int user, User user, void user function, + "integral_type", "type_identifier", "void_type", + // datatypes/literals + "string_literal", "character_literal", "null_literal", "true", "false", "decimal_integer_literal", "decimal_floating_point_literal", + } +} + +func (*Pattern) IsAnchored(node *tree.Node) (bool, bool) { + parent := node.Parent() + if parent == nil { + return true, true + } + + // Class body class_body + // function block + // lambda () -> {} block + // try {} catch () {} + unAnchored := []string{"class_body", "block", "try_statement", "catch_type", "resource_specification"} + + isUnanchored := !slices.Contains(unAnchored, parent.Type()) + return isUnanchored, isUnanchored +} + +func (*Pattern) IsRoot(node *tree.Node) bool { + return !(node.Type() == "expression_statement") +} + +func (*Pattern) NodeTypes(node *tree.Node) []string { + if node.Type() == "statement_block" && node.Parent().Type() == "program" { + if len(node.NamedChildren()) == 0 { + return []string{"object"} + } else { + return []string{node.Type(), "program"} + } + } + + return []string{node.Type()} +} diff --git a/new/detector/composition/java/testdata/logger.yml b/internal/languages/java/testdata/logger.yml similarity index 100% rename from new/detector/composition/java/testdata/logger.yml rename to internal/languages/java/testdata/logger.yml diff --git a/internal/languages/java/testdata/scope/scope.java b/internal/languages/java/testdata/scope/scope.java new file mode 100644 index 000000000..645aad526 --- /dev/null +++ b/internal/languages/java/testdata/scope/scope.java @@ -0,0 +1,14 @@ +scopeCursor(request.getParameter("oops")); +scopeCursor(x + request.getParameter("oops")); +scopeCursor(x ? request.getParameter("ok") : y); +scopeCursor(request.getParameter("ok") ? x : y); + +scopeNested(request.getParameter("oops")); +scopeNested(x + request.getParameter("oops")); +scopeNested(x ? request.getParameter("oops") : y); +scopeNested(request.getParameter("oops") ? x : y); + +scopeResult(request.getParameter("oops")); +scopeResult(x + request.getParameter("oops")); +scopeResult(x ? request.getParameter("oops") : y); +scopeResult(request.getParameter("ok") ? x : y); diff --git a/new/detector/composition/java/testdata/scope_rule.yml b/internal/languages/java/testdata/scope_rule.yml similarity index 100% rename from new/detector/composition/java/testdata/scope_rule.yml rename to internal/languages/java/testdata/scope_rule.yml diff --git a/new/detector/composition/java/testdata/testcases/flow/different-line.java b/internal/languages/java/testdata/testcases/flow/different-line.java similarity index 100% rename from new/detector/composition/java/testdata/testcases/flow/different-line.java rename to internal/languages/java/testdata/testcases/flow/different-line.java diff --git a/new/detector/composition/java/testdata/testcases/flow/same-line.java b/internal/languages/java/testdata/testcases/flow/same-line.java similarity index 100% rename from new/detector/composition/java/testdata/testcases/flow/same-line.java rename to internal/languages/java/testdata/testcases/flow/same-line.java diff --git a/new/detector/composition/javascript/.snapshots/TestPatternVariables--main.yml b/internal/languages/javascript/.snapshots/TestPatternVariables--main.yml similarity index 100% rename from new/detector/composition/javascript/.snapshots/TestPatternVariables--main.yml rename to internal/languages/javascript/.snapshots/TestPatternVariables--main.yml diff --git a/new/detector/composition/javascript/.snapshots/TestScope--scope.yml b/internal/languages/javascript/.snapshots/TestScope--scope.yml similarity index 62% rename from new/detector/composition/javascript/.snapshots/TestScope--scope.yml rename to internal/languages/javascript/.snapshots/TestScope--scope.yml index aab0c02a0..83bb6f378 100644 --- a/new/detector/composition/javascript/.snapshots/TestScope--scope.yml +++ b/internal/languages/javascript/.snapshots/TestScope--scope.yml @@ -35,26 +35,26 @@ high: title: Test detection filter scopes description: Test detection filter scopes documentation_url: "" - line_number: 5 + line_number: 3 full_filename: scope.js filename: scope.js source: location: - start: 5 - end: 5 + start: 3 + end: 3 column: start: 1 - end: 29 + end: 37 sink: location: - start: 5 - end: 5 + start: 3 + end: 3 column: start: 1 - end: 29 - content: scopeNested(req.params.oops) - parent_line_number: 5 - snippet: scopeNested(req.params.oops) + end: 37 + content: 'scopeCursor(x ? req.params.oops : y)' + parent_line_number: 3 + snippet: 'scopeCursor(x ? req.params.oops : y)' fingerprint: 408407aa362e0520faf6b66c3d59bb8c_1 old_fingerprint: 408407aa362e0520faf6b66c3d59bb8c_1 - rule: @@ -73,17 +73,17 @@ high: end: 6 column: start: 1 - end: 37 + end: 29 sink: location: start: 6 end: 6 column: start: 1 - end: 37 - content: 'scopeNested(x ? req.params.oops : y)' + end: 29 + content: scopeNested(req.params.oops) parent_line_number: 6 - snippet: 'scopeNested(x ? req.params.oops : y)' + snippet: scopeNested(req.params.oops) fingerprint: 408407aa362e0520faf6b66c3d59bb8c_2 old_fingerprint: 408407aa362e0520faf6b66c3d59bb8c_2 - rule: @@ -102,19 +102,48 @@ high: end: 7 column: start: 1 - end: 37 + end: 33 sink: location: start: 7 end: 7 column: start: 1 - end: 37 - content: 'scopeNested(req.params.oops ? x : y)' + end: 33 + content: scopeResult(req.params.oops + x) parent_line_number: 7 - snippet: 'scopeNested(req.params.oops ? x : y)' + snippet: scopeResult(req.params.oops + x) fingerprint: 408407aa362e0520faf6b66c3d59bb8c_3 old_fingerprint: 408407aa362e0520faf6b66c3d59bb8c_3 + - rule: + cwe_ids: + - "42" + id: scope_test + title: Test detection filter scopes + description: Test detection filter scopes + documentation_url: "" + line_number: 8 + full_filename: scope.js + filename: scope.js + source: + location: + start: 8 + end: 8 + column: + start: 1 + end: 37 + sink: + location: + start: 8 + end: 8 + column: + start: 1 + end: 37 + content: 'scopeNested(x ? req.params.oops : y)' + parent_line_number: 8 + snippet: 'scopeNested(x ? req.params.oops : y)' + fingerprint: 408407aa362e0520faf6b66c3d59bb8c_4 + old_fingerprint: 408407aa362e0520faf6b66c3d59bb8c_4 - rule: cwe_ids: - "42" @@ -131,19 +160,77 @@ high: end: 9 column: start: 1 - end: 29 + end: 37 sink: location: start: 9 end: 9 + column: + start: 1 + end: 37 + content: 'scopeNested(req.params.oops ? x : y)' + parent_line_number: 9 + snippet: 'scopeNested(req.params.oops ? x : y)' + fingerprint: 408407aa362e0520faf6b66c3d59bb8c_5 + old_fingerprint: 408407aa362e0520faf6b66c3d59bb8c_5 + - rule: + cwe_ids: + - "42" + id: scope_test + title: Test detection filter scopes + description: Test detection filter scopes + documentation_url: "" + line_number: 11 + full_filename: scope.js + filename: scope.js + source: + location: + start: 11 + end: 11 + column: + start: 1 + end: 29 + sink: + location: + start: 11 + end: 11 column: start: 1 end: 29 content: scopeResult(req.params.oops) - parent_line_number: 9 + parent_line_number: 11 snippet: scopeResult(req.params.oops) - fingerprint: 408407aa362e0520faf6b66c3d59bb8c_4 - old_fingerprint: 408407aa362e0520faf6b66c3d59bb8c_4 + fingerprint: 408407aa362e0520faf6b66c3d59bb8c_6 + old_fingerprint: 408407aa362e0520faf6b66c3d59bb8c_6 + - rule: + cwe_ids: + - "42" + id: scope_test + title: Test detection filter scopes + description: Test detection filter scopes + documentation_url: "" + line_number: 12 + full_filename: scope.js + filename: scope.js + source: + location: + start: 12 + end: 12 + column: + start: 1 + end: 33 + sink: + location: + start: 12 + end: 12 + column: + start: 1 + end: 33 + content: scopeResult(req.params.oops + x) + parent_line_number: 12 + snippet: scopeResult(req.params.oops + x) + fingerprint: 408407aa362e0520faf6b66c3d59bb8c_7 + old_fingerprint: 408407aa362e0520faf6b66c3d59bb8c_7 - rule: cwe_ids: - "42" @@ -151,26 +238,26 @@ high: title: Test detection filter scopes description: Test detection filter scopes documentation_url: "" - line_number: 10 + line_number: 13 full_filename: scope.js filename: scope.js source: location: - start: 10 - end: 10 + start: 13 + end: 13 column: start: 1 end: 37 sink: location: - start: 10 - end: 10 + start: 13 + end: 13 column: start: 1 end: 37 content: 'scopeResult(x ? req.params.oops : y)' - parent_line_number: 10 + parent_line_number: 13 snippet: 'scopeResult(x ? req.params.oops : y)' - fingerprint: 408407aa362e0520faf6b66c3d59bb8c_5 - old_fingerprint: 408407aa362e0520faf6b66c3d59bb8c_5 + fingerprint: 408407aa362e0520faf6b66c3d59bb8c_8 + old_fingerprint: 408407aa362e0520faf6b66c3d59bb8c_8 diff --git a/new/detector/composition/javascript/.snapshots/flow/TestFlow--assigment-expression.yml b/internal/languages/javascript/.snapshots/flow/TestFlow--assigment-expression.yml similarity index 100% rename from new/detector/composition/javascript/.snapshots/flow/TestFlow--assigment-expression.yml rename to internal/languages/javascript/.snapshots/flow/TestFlow--assigment-expression.yml diff --git a/new/detector/composition/javascript/.snapshots/flow/TestFlow--variable-declarator.yml b/internal/languages/javascript/.snapshots/flow/TestFlow--variable-declarator.yml similarity index 100% rename from new/detector/composition/javascript/.snapshots/flow/TestFlow--variable-declarator.yml rename to internal/languages/javascript/.snapshots/flow/TestFlow--variable-declarator.yml diff --git a/new/detector/composition/javascript/.snapshots/import/TestImport--import.yml b/internal/languages/javascript/.snapshots/import/TestImport--import.yml similarity index 100% rename from new/detector/composition/javascript/.snapshots/import/TestImport--import.yml rename to internal/languages/javascript/.snapshots/import/TestImport--import.yml diff --git a/new/detector/composition/javascript/.snapshots/object-deconstructing/TestObjectDeconstructing--deconstructing.yml b/internal/languages/javascript/.snapshots/object-deconstructing/TestObjectDeconstructing--deconstructing.yml similarity index 100% rename from new/detector/composition/javascript/.snapshots/object-deconstructing/TestObjectDeconstructing--deconstructing.yml rename to internal/languages/javascript/.snapshots/object-deconstructing/TestObjectDeconstructing--deconstructing.yml diff --git a/new/detector/composition/javascript/.snapshots/object-deconstructing/TestObjectDeconstructing--multiple_objects.yml b/internal/languages/javascript/.snapshots/object-deconstructing/TestObjectDeconstructing--multiple_objects.yml similarity index 100% rename from new/detector/composition/javascript/.snapshots/object-deconstructing/TestObjectDeconstructing--multiple_objects.yml rename to internal/languages/javascript/.snapshots/object-deconstructing/TestObjectDeconstructing--multiple_objects.yml diff --git a/new/detector/composition/javascript/.snapshots/string/TestString--concatanation.yml b/internal/languages/javascript/.snapshots/string/TestString--concatanation.yml similarity index 100% rename from new/detector/composition/javascript/.snapshots/string/TestString--concatanation.yml rename to internal/languages/javascript/.snapshots/string/TestString--concatanation.yml diff --git a/new/detector/composition/javascript/.snapshots/string/TestString--simple.yml b/internal/languages/javascript/.snapshots/string/TestString--simple.yml similarity index 100% rename from new/detector/composition/javascript/.snapshots/string/TestString--simple.yml rename to internal/languages/javascript/.snapshots/string/TestString--simple.yml diff --git a/new/detector/composition/javascript/.snapshots/string/TestString--single-quotes.yml b/internal/languages/javascript/.snapshots/string/TestString--single-quotes.yml similarity index 100% rename from new/detector/composition/javascript/.snapshots/string/TestString--single-quotes.yml rename to internal/languages/javascript/.snapshots/string/TestString--single-quotes.yml diff --git a/new/detector/composition/javascript/.snapshots/string/TestString--template-variable-reconciliation.yml b/internal/languages/javascript/.snapshots/string/TestString--template-variable-reconciliation.yml similarity index 100% rename from new/detector/composition/javascript/.snapshots/string/TestString--template-variable-reconciliation.yml rename to internal/languages/javascript/.snapshots/string/TestString--template-variable-reconciliation.yml diff --git a/new/detector/composition/javascript/.snapshots/string/TestString--template.yml b/internal/languages/javascript/.snapshots/string/TestString--template.yml similarity index 100% rename from new/detector/composition/javascript/.snapshots/string/TestString--template.yml rename to internal/languages/javascript/.snapshots/string/TestString--template.yml diff --git a/internal/languages/javascript/analyzer/analyzer.go b/internal/languages/javascript/analyzer/analyzer.go new file mode 100644 index 000000000..79dccc38c --- /dev/null +++ b/internal/languages/javascript/analyzer/analyzer.go @@ -0,0 +1,333 @@ +package analyzer + +import ( + "slices" + "strings" + + sitter "github.com/smacker/go-tree-sitter" + + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/language" +) + +// methods that use `this` in their result +var reflexiveMethods = []string{ + // String + "replace", + "replaceAll", +} + +type analyzer struct { + builder *tree.Builder + scope *language.Scope +} + +func New(builder *tree.Builder) language.Analyzer { + return &analyzer{ + builder: builder, + scope: language.NewScope(nil), + } +} + +func (analyzer *analyzer) Analyze(node *sitter.Node, visitChildren func() error) error { + switch node.Type() { + // () => {} + // function getName() {} + case "function", "arrow_function", "method_definition": + return analyzer.withScope(language.NewScope(analyzer.scope), func() error { + return visitChildren() + }) + case "assignment_expression": + return analyzer.analyzeAssignment(node, visitChildren) + case "augmented_assignment_expression": + return analyzer.analyzeAugmentedAssignment(node, visitChildren) + case "variable_declarator": + return analyzer.analyzeVariableDeclarator(node, visitChildren) + case "shorthand_property_identifier_pattern": + return analyzer.analyzeShorthandPropertyIdentifierPattern(node, visitChildren) + case "member_expression": + return analyzer.analyzeMember(node, visitChildren) + case "subscript_expression": + return analyzer.analyzeSubscript(node, visitChildren) + case "new_expression": + return analyzer.analyzeNew(node, visitChildren) + case "call_expression": + return analyzer.analyzeCall(node, visitChildren) + case "required_parameter", "optional_parameter": + return analyzer.analyzeParameter(node, visitChildren) + case "import_clause": + return analyzer.analyzeImportClause(node, visitChildren) + case "namespace_import": + return analyzer.analyzeNamespaceImport(node, visitChildren) + case "import_specifier": + return analyzer.analyzeImportSpecifier(node, visitChildren) + case "ternary_expression": + return analyzer.analyzeTernary(node, visitChildren) + case "parenthesized_expression": + return analyzer.analyzeParentheses(node, visitChildren) + case "object": + return analyzer.analyzeObject(node, visitChildren) + case "spread_element": + return analyzer.analyzeSpreadElement(node, visitChildren) + case "arguments", + "array", + "binary_expression", + "pair", + "template_substitution", + "unary_expression": + return analyzer.analyzeGenericOperation(node, visitChildren) + default: + // statements don't have results + if !strings.HasSuffix(node.Type(), "_statement") { + analyzer.builder.Dataflow(node, analyzer.builder.ChildrenFor(node)...) + } + + return visitChildren() + } +} + +// user = ... +func (analyzer *analyzer) analyzeAssignment(node *sitter.Node, visitChildren func() error) error { + left := node.ChildByFieldName("left") + right := node.ChildByFieldName("right") + analyzer.builder.Alias(node, right) + analyzer.lookupVariable(right) + + err := visitChildren() + + if left.Type() == "identifier" { + analyzer.scope.Assign(analyzer.builder.ContentFor(left), node) + } + + return err +} + +// x += y +func (analyzer *analyzer) analyzeAugmentedAssignment(node *sitter.Node, visitChildren func() error) error { + left := node.ChildByFieldName("left") + right := node.ChildByFieldName("right") + analyzer.builder.Dataflow(node, left, right) + analyzer.lookupVariable(left) + analyzer.lookupVariable(right) + + err := visitChildren() + + if left.Type() == "identifier" { + analyzer.scope.Assign(analyzer.builder.ContentFor(left), node) + } + + return err +} + +// const user = ... +// var user = ... +// let user = ... +func (analyzer *analyzer) analyzeVariableDeclarator(node *sitter.Node, visitChildren func() error) error { + name := node.ChildByFieldName("name") + value := node.ChildByFieldName("value") + analyzer.builder.Alias(node, value) + analyzer.lookupVariable(value) + + err := visitChildren() + + if name.Type() == "identifier" { + analyzer.scope.Declare(analyzer.builder.ContentFor(name), node) + } + + return err +} + +// const { foo } = ... +func (analyzer *analyzer) analyzeShorthandPropertyIdentifierPattern( + node *sitter.Node, + visitChildren func() error, +) error { + analyzer.scope.Declare(analyzer.builder.ContentFor(node), node) + + return visitChildren() +} + +// foo.bar +func (analyzer *analyzer) analyzeMember(node *sitter.Node, visitChildren func() error) error { + object := node.ChildByFieldName("object") + analyzer.builder.Dataflow(node, object) + analyzer.lookupVariable(object) + + return visitChildren() +} + +// foo["bar"] +func (analyzer *analyzer) analyzeSubscript(node *sitter.Node, visitChildren func() error) error { + object := node.ChildByFieldName("object") + analyzer.builder.Dataflow(node, object) + analyzer.lookupVariable(object) + + return visitChildren() +} + +// new Foo() +func (analyzer *analyzer) analyzeNew(node *sitter.Node, visitChildren func() error) error { + constructor := node.ChildByFieldName("constructor") + analyzer.lookupVariable(constructor) + + if arguments := node.ChildByFieldName("arguments"); arguments != nil { + analyzer.builder.Alias(node, arguments) + } + + return visitChildren() +} + +// foo.bar(1, 2) +func (analyzer *analyzer) analyzeCall(node *sitter.Node, visitChildren func() error) error { + function := node.ChildByFieldName("function") + analyzer.lookupVariable(function) + + if function.Type() == "member_expression" { + property := function.ChildByFieldName("property") + if slices.Contains(reflexiveMethods, analyzer.builder.ContentFor(property)) { + analyzer.builder.Dataflow(node, function) + } + } + + if arguments := node.ChildByFieldName("arguments"); arguments != nil { + analyzer.builder.Dataflow(node, arguments) + } + + return visitChildren() +} + +// parameter definition +// foo(a, b = 1) +func (analyzer *analyzer) analyzeParameter(node *sitter.Node, visitChildren func() error) error { + if pattern := node.ChildByFieldName("pattern"); pattern != nil && pattern.Type() == "identifier" { + analyzer.scope.Declare(analyzer.builder.ContentFor(pattern), node) + analyzer.builder.Alias(node, pattern) + } + + if value := node.ChildByFieldName("value"); value != nil { + analyzer.lookupVariable(value) + analyzer.builder.Alias(node, value) + } + + return visitChildren() +} + +// parts between "import" and "from": +// import a, * as x from "library" +func (analyzer *analyzer) analyzeImportClause(node *sitter.Node, visitChildren func() error) error { + for _, child := range analyzer.builder.ChildrenFor(node) { + if child.Type() == "identifier" { + analyzer.scope.Declare(analyzer.builder.ContentFor(child), child) + } + } + + return visitChildren() +} + +// "* as x" part from: +// import * as x from "library" +func (analyzer *analyzer) analyzeNamespaceImport(node *sitter.Node, visitChildren func() error) error { + for _, child := range analyzer.builder.ChildrenFor(node) { + if child.Type() == "identifier" { + analyzer.scope.Declare(analyzer.builder.ContentFor(child), child) + } + } + + return visitChildren() +} + +// individual items inside the {}: +// import { x, y as foo } from "library" +func (analyzer *analyzer) analyzeImportSpecifier(node *sitter.Node, visitChildren func() error) error { + importedName := node.ChildByFieldName("name") + + if alias := node.ChildByFieldName("alias"); alias != nil { + importedName = alias + } + + analyzer.builder.Alias(node, importedName) + analyzer.scope.Declare(analyzer.builder.ContentFor(importedName), importedName) + + return visitChildren() +} + +// a ? x : y +func (analyzer *analyzer) analyzeTernary(node *sitter.Node, visitChildren func() error) error { + condition := node.ChildByFieldName("condition") + consequence := node.ChildByFieldName("consequence") + alternative := node.ChildByFieldName("alternative") + + analyzer.lookupVariable(condition) + analyzer.lookupVariable(consequence) + analyzer.lookupVariable(alternative) + + analyzer.builder.Alias(node, consequence, alternative) + + return visitChildren() +} + +// (foo) +func (analyzer *analyzer) analyzeParentheses(node *sitter.Node, visitChildren func() error) error { + child := node.NamedChild(0) + analyzer.builder.Alias(node, child) + analyzer.lookupVariable(child) + + return visitChildren() +} + +// { ...source, x, y: 42 } +func (analyzer *analyzer) analyzeObject(node *sitter.Node, visitChildren func() error) error { + for _, child := range analyzer.builder.ChildrenFor(node) { + if child.Type() == "spread_element" { + analyzer.builder.Alias(node, child) + continue + } + + analyzer.builder.Dataflow(node, child) + analyzer.lookupVariable(child) + } + + return visitChildren() +} + +// `...source` in { ...source } +func (analyzer *analyzer) analyzeSpreadElement(node *sitter.Node, visitChildren func() error) error { + identifier := node.NamedChild(0) + + analyzer.builder.Alias(node, identifier) + analyzer.lookupVariable(identifier) + + return visitChildren() +} + +// default analysis, where the children are assumed to be data sources +func (analyzer *analyzer) analyzeGenericOperation(node *sitter.Node, visitChildren func() error) error { + children := analyzer.builder.ChildrenFor(node) + analyzer.builder.Dataflow(node, children...) + + for _, child := range children { + analyzer.lookupVariable(child) + } + + return visitChildren() +} + +func (analyzer *analyzer) withScope(newScope *language.Scope, body func() error) error { + oldScope := analyzer.scope + + analyzer.scope = newScope + err := body() + analyzer.scope = oldScope + + return err +} + +func (analyzer *analyzer) lookupVariable(node *sitter.Node) { + if node == nil || !(node.Type() == "identifier" || node.Type() == "shorthand_property_identifier") { + return + } + + if pointsToNode := analyzer.scope.Lookup(analyzer.builder.ContentFor(node)); pointsToNode != nil { + analyzer.builder.Alias(node, pointsToNode) + } +} diff --git a/internal/languages/javascript/detectors/.snapshots/TestJavascriptFileTypes-file_type_jsx b/internal/languages/javascript/detectors/.snapshots/TestJavascriptFileTypes-file_type_jsx new file mode 100644 index 000000000..a38b3404b --- /dev/null +++ b/internal/languages/javascript/detectors/.snapshots/TestJavascriptFileTypes-file_type_jsx @@ -0,0 +1,208 @@ +type: program +id: 0 +range: 1:1 - 3:1 +dataflow_sources: + - 1 +children: + - type: lexical_declaration + id: 1 + range: 1:1 - 1:61 + dataflow_sources: + - 2 + - 3 + - 27 + children: + - type: '"const"' + id: 2 + range: 1:1 - 1:6 + - type: variable_declarator + id: 3 + range: 1:7 - 1:60 + alias_of: + - 17 + queries: + - 1 + children: + - type: identifier + id: 4 + range: 1:7 - 1:11 + content: user + - type: type_annotation + id: 5 + range: 1:11 - 1:30 + dataflow_sources: + - 6 + - 7 + children: + - type: '":"' + id: 6 + range: 1:11 - 1:12 + - type: object_type + id: 7 + range: 1:13 - 1:30 + dataflow_sources: + - 8 + - 9 + - 15 + children: + - type: '"{"' + id: 8 + range: 1:13 - 1:14 + - type: property_signature + id: 9 + range: 1:15 - 1:28 + dataflow_sources: + - 10 + - 11 + children: + - type: property_identifier + id: 10 + range: 1:15 - 1:20 + content: email + - type: type_annotation + id: 11 + range: 1:20 - 1:28 + dataflow_sources: + - 12 + - 13 + children: + - type: '":"' + id: 12 + range: 1:20 - 1:21 + - type: predefined_type + id: 13 + range: 1:22 - 1:28 + dataflow_sources: + - 14 + children: + - type: '"string"' + id: 14 + range: 1:22 - 1:28 + - type: '"}"' + id: 15 + range: 1:29 - 1:30 + - type: '"="' + id: 16 + range: 1:31 - 1:32 + - type: object + id: 17 + range: 1:33 - 1:60 + dataflow_sources: + - 18 + - 19 + - 26 + queries: + - 0 + children: + - type: '"{"' + id: 18 + range: 1:33 - 1:34 + - type: pair + id: 19 + range: 1:35 - 1:58 + dataflow_sources: + - 20 + - 21 + - 22 + children: + - type: property_identifier + id: 20 + range: 1:35 - 1:40 + content: email + - type: '":"' + id: 21 + range: 1:40 - 1:41 + - type: string + id: 22 + range: 1:42 - 1:58 + dataflow_sources: + - 23 + - 24 + - 25 + children: + - type: '"""' + id: 23 + range: 1:42 - 1:43 + - type: string_fragment + id: 24 + range: 1:43 - 1:57 + content: jhon@gmail.com + - type: '"""' + id: 25 + range: 1:57 - 1:58 + - type: '"}"' + id: 26 + range: 1:59 - 1:60 + - type: '";"' + id: 27 + range: 1:60 - 1:61 + +- node: 3 + content: 'user: { email: string } = { email: "jhon@gmail.com" }' + data: + properties: + - name: user + node: + id: 3 + typeid: 3 + contentstart: + byte: 6 + line: 1 + column: 7 + contentend: + byte: 59 + line: 1 + column: 60 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 17 + typeid: 15 + contentstart: + byte: 32 + line: 1 + column: 33 + contentend: + byte: 59 + line: 1 + column: 60 + executingdetectors: [] + data: + properties: + - name: email + node: + id: 19 + typeid: 16 + contentstart: + byte: 34 + line: 1 + column: 35 + contentend: + byte: 57 + line: 1 + column: 58 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true +- node: 17 + content: '{ email: "jhon@gmail.com" }' + data: + properties: + - name: email + node: + id: 19 + typeid: 16 + contentstart: + byte: 34 + line: 1 + column: 35 + contentend: + byte: 57 + line: 1 + column: 58 + executingdetectors: [] + object: null + isvirtual: false + diff --git a/internal/languages/javascript/detectors/.snapshots/TestJavascriptFileTypes-file_type_tsx b/internal/languages/javascript/detectors/.snapshots/TestJavascriptFileTypes-file_type_tsx new file mode 100644 index 000000000..a38b3404b --- /dev/null +++ b/internal/languages/javascript/detectors/.snapshots/TestJavascriptFileTypes-file_type_tsx @@ -0,0 +1,208 @@ +type: program +id: 0 +range: 1:1 - 3:1 +dataflow_sources: + - 1 +children: + - type: lexical_declaration + id: 1 + range: 1:1 - 1:61 + dataflow_sources: + - 2 + - 3 + - 27 + children: + - type: '"const"' + id: 2 + range: 1:1 - 1:6 + - type: variable_declarator + id: 3 + range: 1:7 - 1:60 + alias_of: + - 17 + queries: + - 1 + children: + - type: identifier + id: 4 + range: 1:7 - 1:11 + content: user + - type: type_annotation + id: 5 + range: 1:11 - 1:30 + dataflow_sources: + - 6 + - 7 + children: + - type: '":"' + id: 6 + range: 1:11 - 1:12 + - type: object_type + id: 7 + range: 1:13 - 1:30 + dataflow_sources: + - 8 + - 9 + - 15 + children: + - type: '"{"' + id: 8 + range: 1:13 - 1:14 + - type: property_signature + id: 9 + range: 1:15 - 1:28 + dataflow_sources: + - 10 + - 11 + children: + - type: property_identifier + id: 10 + range: 1:15 - 1:20 + content: email + - type: type_annotation + id: 11 + range: 1:20 - 1:28 + dataflow_sources: + - 12 + - 13 + children: + - type: '":"' + id: 12 + range: 1:20 - 1:21 + - type: predefined_type + id: 13 + range: 1:22 - 1:28 + dataflow_sources: + - 14 + children: + - type: '"string"' + id: 14 + range: 1:22 - 1:28 + - type: '"}"' + id: 15 + range: 1:29 - 1:30 + - type: '"="' + id: 16 + range: 1:31 - 1:32 + - type: object + id: 17 + range: 1:33 - 1:60 + dataflow_sources: + - 18 + - 19 + - 26 + queries: + - 0 + children: + - type: '"{"' + id: 18 + range: 1:33 - 1:34 + - type: pair + id: 19 + range: 1:35 - 1:58 + dataflow_sources: + - 20 + - 21 + - 22 + children: + - type: property_identifier + id: 20 + range: 1:35 - 1:40 + content: email + - type: '":"' + id: 21 + range: 1:40 - 1:41 + - type: string + id: 22 + range: 1:42 - 1:58 + dataflow_sources: + - 23 + - 24 + - 25 + children: + - type: '"""' + id: 23 + range: 1:42 - 1:43 + - type: string_fragment + id: 24 + range: 1:43 - 1:57 + content: jhon@gmail.com + - type: '"""' + id: 25 + range: 1:57 - 1:58 + - type: '"}"' + id: 26 + range: 1:59 - 1:60 + - type: '";"' + id: 27 + range: 1:60 - 1:61 + +- node: 3 + content: 'user: { email: string } = { email: "jhon@gmail.com" }' + data: + properties: + - name: user + node: + id: 3 + typeid: 3 + contentstart: + byte: 6 + line: 1 + column: 7 + contentend: + byte: 59 + line: 1 + column: 60 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 17 + typeid: 15 + contentstart: + byte: 32 + line: 1 + column: 33 + contentend: + byte: 59 + line: 1 + column: 60 + executingdetectors: [] + data: + properties: + - name: email + node: + id: 19 + typeid: 16 + contentstart: + byte: 34 + line: 1 + column: 35 + contentend: + byte: 57 + line: 1 + column: 58 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true +- node: 17 + content: '{ email: "jhon@gmail.com" }' + data: + properties: + - name: email + node: + id: 19 + typeid: 16 + contentstart: + byte: 34 + line: 1 + column: 35 + contentend: + byte: 57 + line: 1 + column: 58 + executingdetectors: [] + object: null + isvirtual: false + diff --git a/internal/languages/javascript/detectors/.snapshots/TestJavascriptObjectDetector-object_class b/internal/languages/javascript/detectors/.snapshots/TestJavascriptObjectDetector-object_class new file mode 100644 index 000000000..9e60cadb0 --- /dev/null +++ b/internal/languages/javascript/detectors/.snapshots/TestJavascriptObjectDetector-object_class @@ -0,0 +1,205 @@ +type: program +id: 0 +range: 1:1 - 7:1 +dataflow_sources: + - 1 +children: + - type: class_declaration + id: 1 + range: 1:1 - 6:2 + dataflow_sources: + - 2 + - 3 + - 4 + queries: + - 4 + children: + - type: '"class"' + id: 2 + range: 1:1 - 1:6 + - type: type_identifier + id: 3 + range: 1:7 - 1:11 + content: User + - type: class_body + id: 4 + range: 1:12 - 6:2 + dataflow_sources: + - 5 + - 6 + - 19 + - 27 + - 35 + children: + - type: '"{"' + id: 5 + range: 1:12 - 1:13 + - type: method_definition + id: 6 + range: 2:3 - 2:24 + children: + - type: property_identifier + id: 7 + range: 2:3 - 2:14 + content: constructor + - type: formal_parameters + id: 8 + range: 2:15 - 2:21 + dataflow_sources: + - 9 + - 10 + - 12 + - 13 + - 15 + children: + - type: '"("' + id: 9 + range: 2:15 - 2:16 + - type: required_parameter + id: 10 + range: 2:16 - 2:17 + alias_of: + - 11 + children: + - type: identifier + id: 11 + range: 2:16 - 2:17 + content: a + - type: '","' + id: 12 + range: 2:17 - 2:18 + - type: required_parameter + id: 13 + range: 2:19 - 2:20 + alias_of: + - 14 + children: + - type: identifier + id: 14 + range: 2:19 - 2:20 + content: b + - type: '")"' + id: 15 + range: 2:20 - 2:21 + - type: statement_block + id: 16 + range: 2:22 - 2:24 + dataflow_sources: + - 17 + - 18 + children: + - type: '"{"' + id: 17 + range: 2:22 - 2:23 + - type: '"}"' + id: 18 + range: 2:23 - 2:24 + - type: method_definition + id: 19 + range: 4:3 - 4:9 + children: + - type: property_identifier + id: 20 + range: 4:3 - 4:4 + content: x + - type: formal_parameters + id: 21 + range: 4:4 - 4:6 + dataflow_sources: + - 22 + - 23 + children: + - type: '"("' + id: 22 + range: 4:4 - 4:5 + - type: '")"' + id: 23 + range: 4:5 - 4:6 + - type: statement_block + id: 24 + range: 4:7 - 4:9 + dataflow_sources: + - 25 + - 26 + children: + - type: '"{"' + id: 25 + range: 4:7 - 4:8 + - type: '"}"' + id: 26 + range: 4:8 - 4:9 + - type: method_definition + id: 27 + range: 5:3 - 5:9 + children: + - type: property_identifier + id: 28 + range: 5:3 - 5:4 + content: "y" + - type: formal_parameters + id: 29 + range: 5:4 - 5:6 + dataflow_sources: + - 30 + - 31 + children: + - type: '"("' + id: 30 + range: 5:4 - 5:5 + - type: '")"' + id: 31 + range: 5:5 - 5:6 + - type: statement_block + id: 32 + range: 5:7 - 5:9 + dataflow_sources: + - 33 + - 34 + children: + - type: '"{"' + id: 33 + range: 5:7 - 5:8 + - type: '"}"' + id: 34 + range: 5:8 - 5:9 + - type: '"}"' + id: 35 + range: 6:1 - 6:2 + +- node: 1 + content: |- + class User { + constructor (a, b) {} + + x() {} + y() {} + } + data: + properties: + - name: User + node: null + object: + ruleid: object + matchnode: + id: 1 + typeid: 1 + contentstart: + byte: 0 + line: 1 + column: 1 + contentend: + byte: 57 + line: 6 + column: 2 + executingdetectors: [] + data: + properties: + - name: x + node: null + object: null + - name: "y" + node: null + object: null + isvirtual: false + isvirtual: false + diff --git a/internal/languages/javascript/detectors/.snapshots/TestJavascriptObjectDetector-object_object b/internal/languages/javascript/detectors/.snapshots/TestJavascriptObjectDetector-object_object new file mode 100644 index 000000000..0dfa3b758 --- /dev/null +++ b/internal/languages/javascript/detectors/.snapshots/TestJavascriptObjectDetector-object_object @@ -0,0 +1,647 @@ +type: program +id: 0 +range: 1:1 - 7:1 +dataflow_sources: + - 1 + - 16 +children: + - type: lexical_declaration + id: 1 + range: 1:1 - 1:26 + dataflow_sources: + - 2 + - 3 + children: + - type: '"let"' + id: 2 + range: 1:1 - 1:4 + - type: variable_declarator + id: 3 + range: 1:5 - 1:26 + alias_of: + - 6 + queries: + - 1 + children: + - type: identifier + id: 4 + range: 1:5 - 1:11 + content: nested + - type: '"="' + id: 5 + range: 1:12 - 1:13 + - type: object + id: 6 + range: 1:14 - 1:26 + dataflow_sources: + - 7 + - 8 + - 15 + queries: + - 0 + children: + - type: '"{"' + id: 7 + range: 1:14 - 1:15 + - type: pair + id: 8 + range: 1:16 - 1:24 + dataflow_sources: + - 9 + - 13 + - 14 + children: + - type: string + id: 9 + range: 1:16 - 1:19 + dataflow_sources: + - 10 + - 11 + - 12 + children: + - type: '"""' + id: 10 + range: 1:16 - 1:17 + - type: string_fragment + id: 11 + range: 1:17 - 1:18 + content: a + - type: '"""' + id: 12 + range: 1:18 - 1:19 + - type: '":"' + id: 13 + range: 1:19 - 1:20 + - type: number + id: 14 + range: 1:21 - 1:24 + content: "123" + - type: '"}"' + id: 15 + range: 1:25 - 1:26 + - type: expression_statement + id: 16 + range: 3:1 - 6:3 + children: + - type: call_expression + id: 17 + range: 3:1 - 6:3 + dataflow_sources: + - 19 + queries: + - 7 + children: + - type: identifier + id: 18 + range: 3:1 - 3:5 + content: call + - type: arguments + id: 19 + range: 3:5 - 6:3 + dataflow_sources: + - 20 + - 21 + - 45 + children: + - type: '"("' + id: 20 + range: 3:5 - 3:6 + - type: object + id: 21 + range: 3:6 - 6:2 + dataflow_sources: + - 22 + - 23 + - 33 + - 34 + - 44 + queries: + - 0 + children: + - type: '"{"' + id: 22 + range: 3:6 - 3:7 + - type: pair + id: 23 + range: 4:3 - 4:19 + dataflow_sources: + - 24 + - 25 + - 26 + children: + - type: property_identifier + id: 24 + range: 4:3 - 4:4 + content: x + - type: '":"' + id: 25 + range: 4:4 - 4:5 + - type: object + id: 26 + range: 4:6 - 4:19 + dataflow_sources: + - 27 + - 28 + - 32 + queries: + - 0 + children: + - type: '"{"' + id: 27 + range: 4:6 - 4:7 + - type: pair + id: 28 + range: 4:8 - 4:17 + dataflow_sources: + - 29 + - 30 + - 31 + children: + - type: property_identifier + id: 29 + range: 4:8 - 4:9 + content: "n" + - type: '":"' + id: 30 + range: 4:9 - 4:10 + - type: identifier + id: 31 + range: 4:11 - 4:17 + content: nested + alias_of: + - 3 + - type: '"}"' + id: 32 + range: 4:18 - 4:19 + - type: '","' + id: 33 + range: 4:19 - 4:20 + - type: pair + id: 34 + range: 5:3 - 5:14 + dataflow_sources: + - 35 + - 36 + - 37 + children: + - type: property_identifier + id: 35 + range: 5:3 - 5:4 + content: "y" + - type: '":"' + id: 36 + range: 5:4 - 5:5 + - type: object + id: 37 + range: 5:6 - 5:14 + dataflow_sources: + - 38 + - 39 + - 43 + queries: + - 0 + children: + - type: '"{"' + id: 38 + range: 5:6 - 5:7 + - type: pair + id: 39 + range: 5:8 - 5:12 + dataflow_sources: + - 40 + - 41 + - 42 + children: + - type: property_identifier + id: 40 + range: 5:8 - 5:9 + content: b + - type: '":"' + id: 41 + range: 5:9 - 5:10 + - type: number + id: 42 + range: 5:11 - 5:12 + content: "4" + - type: '"}"' + id: 43 + range: 5:13 - 5:14 + - type: '"}"' + id: 44 + range: 6:1 - 6:2 + - type: '")"' + id: 45 + range: 6:2 - 6:3 + +- node: 3 + content: 'nested = { "a": 123 }' + data: + properties: + - name: nested + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 25 + line: 1 + column: 26 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 25 + line: 1 + column: 26 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 15 + line: 1 + column: 16 + contentend: + byte: 23 + line: 1 + column: 24 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true +- node: 6 + content: '{ "a": 123 }' + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 15 + line: 1 + column: 16 + contentend: + byte: 23 + line: 1 + column: 24 + executingdetectors: [] + object: null + isvirtual: false +- node: 21 + content: |- + { + x: { n: nested }, + y: { b: 4 } + } + data: + properties: + - name: x + node: + id: 23 + typeid: 8 + contentstart: + byte: 36 + line: 4 + column: 3 + contentend: + byte: 52 + line: 4 + column: 19 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 26 + typeid: 6 + contentstart: + byte: 39 + line: 4 + column: 6 + contentend: + byte: 52 + line: 4 + column: 19 + executingdetectors: [] + data: + properties: + - name: "n" + node: + id: 28 + typeid: 8 + contentstart: + byte: 41 + line: 4 + column: 8 + contentend: + byte: 50 + line: 4 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 25 + line: 1 + column: 26 + executingdetectors: [] + data: + properties: + - name: nested + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 25 + line: 1 + column: 26 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 25 + line: 1 + column: 26 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 15 + line: 1 + column: 16 + contentend: + byte: 23 + line: 1 + column: 24 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true + - name: "n" + node: + id: 28 + typeid: 8 + contentstart: + byte: 41 + line: 4 + column: 8 + contentend: + byte: 50 + line: 4 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 25 + line: 1 + column: 26 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 15 + line: 1 + column: 16 + contentend: + byte: 23 + line: 1 + column: 24 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + - name: "y" + node: + id: 34 + typeid: 8 + contentstart: + byte: 56 + line: 5 + column: 3 + contentend: + byte: 67 + line: 5 + column: 14 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 37 + typeid: 6 + contentstart: + byte: 59 + line: 5 + column: 6 + contentend: + byte: 67 + line: 5 + column: 14 + executingdetectors: [] + data: + properties: + - name: b + node: + id: 39 + typeid: 8 + contentstart: + byte: 61 + line: 5 + column: 8 + contentend: + byte: 65 + line: 5 + column: 12 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 26 + content: '{ n: nested }' + data: + properties: + - name: "n" + node: + id: 28 + typeid: 8 + contentstart: + byte: 41 + line: 4 + column: 8 + contentend: + byte: 50 + line: 4 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 25 + line: 1 + column: 26 + executingdetectors: [] + data: + properties: + - name: nested + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 25 + line: 1 + column: 26 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 25 + line: 1 + column: 26 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 15 + line: 1 + column: 16 + contentend: + byte: 23 + line: 1 + column: 24 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true + - name: "n" + node: + id: 28 + typeid: 8 + contentstart: + byte: 41 + line: 4 + column: 8 + contentend: + byte: 50 + line: 4 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 25 + line: 1 + column: 26 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 15 + line: 1 + column: 16 + contentend: + byte: 23 + line: 1 + column: 24 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 37 + content: '{ b: 4 }' + data: + properties: + - name: b + node: + id: 39 + typeid: 8 + contentstart: + byte: 61 + line: 5 + column: 8 + contentend: + byte: 65 + line: 5 + column: 12 + executingdetectors: [] + object: null + isvirtual: false + diff --git a/internal/languages/javascript/detectors/.snapshots/TestJavascriptObjectDetector-object_projection b/internal/languages/javascript/detectors/.snapshots/TestJavascriptObjectDetector-object_projection new file mode 100644 index 000000000..364e8bdbc --- /dev/null +++ b/internal/languages/javascript/detectors/.snapshots/TestJavascriptObjectDetector-object_projection @@ -0,0 +1,2307 @@ +type: program +id: 0 +range: 1:1 - 17:1 +dataflow_sources: + - 1 + - 30 + - 31 + - 36 + - 48 + - 49 + - 54 + - 63 + - 64 + - 93 + - 125 + - 126 +children: + - type: lexical_declaration + id: 1 + range: 1:1 - 1:39 + dataflow_sources: + - 2 + - 3 + children: + - type: '"let"' + id: 2 + range: 1:1 - 1:4 + - type: variable_declarator + id: 3 + range: 1:5 - 1:39 + alias_of: + - 6 + queries: + - 1 + children: + - type: identifier + id: 4 + range: 1:5 - 1:8 + content: obj + - type: '"="' + id: 5 + range: 1:9 - 1:10 + - type: object + id: 6 + range: 1:11 - 1:39 + dataflow_sources: + - 7 + - 8 + - 24 + - 25 + - 29 + queries: + - 0 + children: + - type: '"{"' + id: 7 + range: 1:11 - 1:12 + - type: pair + id: 8 + range: 1:13 - 1:31 + dataflow_sources: + - 9 + - 10 + - 11 + children: + - type: property_identifier + id: 9 + range: 1:13 - 1:14 + content: x + - type: '":"' + id: 10 + range: 1:14 - 1:15 + - type: object + id: 11 + range: 1:16 - 1:31 + dataflow_sources: + - 12 + - 13 + - 23 + queries: + - 0 + children: + - type: '"{"' + id: 12 + range: 1:16 - 1:17 + - type: pair + id: 13 + range: 1:18 - 1:29 + dataflow_sources: + - 14 + - 15 + - 16 + children: + - type: property_identifier + id: 14 + range: 1:18 - 1:19 + content: a + - type: '":"' + id: 15 + range: 1:19 - 1:20 + - type: object + id: 16 + range: 1:21 - 1:29 + dataflow_sources: + - 17 + - 18 + - 22 + queries: + - 0 + children: + - type: '"{"' + id: 17 + range: 1:21 - 1:22 + - type: pair + id: 18 + range: 1:23 - 1:27 + dataflow_sources: + - 19 + - 20 + - 21 + children: + - type: property_identifier + id: 19 + range: 1:23 - 1:24 + content: i + - type: '":"' + id: 20 + range: 1:24 - 1:25 + - type: number + id: 21 + range: 1:26 - 1:27 + content: "3" + - type: '"}"' + id: 22 + range: 1:28 - 1:29 + - type: '"}"' + id: 23 + range: 1:30 - 1:31 + - type: '","' + id: 24 + range: 1:31 - 1:32 + - type: pair + id: 25 + range: 1:33 - 1:37 + dataflow_sources: + - 26 + - 27 + - 28 + children: + - type: property_identifier + id: 26 + range: 1:33 - 1:34 + content: "y" + - type: '":"' + id: 27 + range: 1:34 - 1:35 + - type: number + id: 28 + range: 1:36 - 1:37 + content: "4" + - type: '"}"' + id: 29 + range: 1:38 - 1:39 + - type: comment + id: 30 + range: 3:1 - 3:20 + content: // Known properties + - type: expression_statement + id: 31 + range: 4:1 - 4:6 + children: + - type: member_expression + id: 32 + range: 4:1 - 4:6 + dataflow_sources: + - 33 + queries: + - 5 + children: + - type: identifier + id: 33 + range: 4:1 - 4:4 + content: obj + alias_of: + - 3 + - type: '"."' + id: 34 + range: 4:4 - 4:5 + - type: property_identifier + id: 35 + range: 4:5 - 4:6 + content: x + - type: expression_statement + id: 36 + range: 5:1 - 5:11 + children: + - type: member_expression + id: 37 + range: 5:1 - 5:11 + dataflow_sources: + - 38 + queries: + - 5 + children: + - type: subscript_expression + id: 38 + range: 5:1 - 5:9 + dataflow_sources: + - 39 + queries: + - 6 + children: + - type: identifier + id: 39 + range: 5:1 - 5:4 + content: obj + alias_of: + - 3 + - type: '"["' + id: 40 + range: 5:4 - 5:5 + - type: string + id: 41 + range: 5:5 - 5:8 + dataflow_sources: + - 42 + - 43 + - 44 + children: + - type: '"""' + id: 42 + range: 5:5 - 5:6 + - type: string_fragment + id: 43 + range: 5:6 - 5:7 + content: x + - type: '"""' + id: 44 + range: 5:7 - 5:8 + - type: '"]"' + id: 45 + range: 5:8 - 5:9 + - type: '"."' + id: 46 + range: 5:9 - 5:10 + - type: property_identifier + id: 47 + range: 5:10 - 5:11 + content: a + - type: comment + id: 48 + range: 7:1 - 7:22 + content: // Unknown properties + - type: expression_statement + id: 49 + range: 8:1 - 8:6 + children: + - type: member_expression + id: 50 + range: 8:1 - 8:6 + dataflow_sources: + - 51 + queries: + - 5 + children: + - type: identifier + id: 51 + range: 8:1 - 8:4 + content: obj + alias_of: + - 3 + - type: '"."' + id: 52 + range: 8:4 - 8:5 + - type: property_identifier + id: 53 + range: 8:5 - 8:6 + content: z + - type: expression_statement + id: 54 + range: 9:1 - 9:9 + children: + - type: subscript_expression + id: 55 + range: 9:1 - 9:9 + dataflow_sources: + - 56 + queries: + - 6 + children: + - type: identifier + id: 56 + range: 9:1 - 9:4 + content: obj + alias_of: + - 3 + - type: '"["' + id: 57 + range: 9:4 - 9:5 + - type: string + id: 58 + range: 9:5 - 9:8 + dataflow_sources: + - 59 + - 60 + - 61 + children: + - type: '"""' + id: 59 + range: 9:5 - 9:6 + - type: string_fragment + id: 60 + range: 9:6 - 9:7 + content: w + - type: '"""' + id: 61 + range: 9:7 - 9:8 + - type: '"]"' + id: 62 + range: 9:8 - 9:9 + - type: comment + id: 63 + range: 11:1 - 11:8 + content: // Call + - type: expression_statement + id: 64 + range: 12:1 - 12:42 + children: + - type: call_expression + id: 65 + range: 12:1 - 12:42 + dataflow_sources: + - 70 + queries: + - 7 + children: + - type: member_expression + id: 66 + range: 12:1 - 12:6 + dataflow_sources: + - 67 + queries: + - 5 + children: + - type: identifier + id: 67 + range: 12:1 - 12:4 + content: obj + alias_of: + - 3 + - type: '"."' + id: 68 + range: 12:4 - 12:5 + - type: property_identifier + id: 69 + range: 12:5 - 12:6 + content: x + - type: arguments + id: 70 + range: 12:6 - 12:42 + dataflow_sources: + - 71 + - 72 + - 82 + - 83 + - 92 + children: + - type: '"("' + id: 71 + range: 12:6 - 12:7 + - type: object + id: 72 + range: 12:7 - 12:21 + dataflow_sources: + - 73 + - 74 + - 81 + queries: + - 0 + children: + - type: '"{"' + id: 73 + range: 12:7 - 12:8 + - type: pair + id: 74 + range: 12:9 - 12:19 + dataflow_sources: + - 75 + - 76 + - 77 + children: + - type: property_identifier + id: 75 + range: 12:9 - 12:14 + content: email + - type: '":"' + id: 76 + range: 12:14 - 12:15 + - type: string + id: 77 + range: 12:16 - 12:19 + dataflow_sources: + - 78 + - 79 + - 80 + children: + - type: '"""' + id: 78 + range: 12:16 - 12:17 + - type: string_fragment + id: 79 + range: 12:17 - 12:18 + content: ' ' + - type: '"""' + id: 80 + range: 12:18 - 12:19 + - type: '"}"' + id: 81 + range: 12:20 - 12:21 + - type: '","' + id: 82 + range: 12:21 - 12:22 + - type: object + id: 83 + range: 12:23 - 12:41 + dataflow_sources: + - 84 + - 85 + - 91 + queries: + - 0 + children: + - type: '"{"' + id: 84 + range: 12:23 - 12:24 + - type: pair + id: 85 + range: 12:25 - 12:39 + dataflow_sources: + - 86 + - 87 + - 88 + children: + - type: property_identifier + id: 86 + range: 12:25 - 12:35 + content: first_name + - type: '":"' + id: 87 + range: 12:35 - 12:36 + - type: string + id: 88 + range: 12:37 - 12:39 + dataflow_sources: + - 89 + - 90 + children: + - type: '"""' + id: 89 + range: 12:37 - 12:38 + - type: '"""' + id: 90 + range: 12:38 - 12:39 + - type: '"}"' + id: 91 + range: 12:40 - 12:41 + - type: '")"' + id: 92 + range: 12:41 - 12:42 + - type: expression_statement + id: 93 + range: 13:1 - 13:44 + children: + - type: member_expression + id: 94 + range: 13:1 - 13:44 + dataflow_sources: + - 95 + queries: + - 5 + children: + - type: call_expression + id: 95 + range: 13:1 - 13:42 + dataflow_sources: + - 100 + queries: + - 7 + children: + - type: member_expression + id: 96 + range: 13:1 - 13:6 + dataflow_sources: + - 97 + queries: + - 5 + children: + - type: identifier + id: 97 + range: 13:1 - 13:4 + content: obj + alias_of: + - 3 + - type: '"."' + id: 98 + range: 13:4 - 13:5 + - type: property_identifier + id: 99 + range: 13:5 - 13:6 + content: x + - type: arguments + id: 100 + range: 13:6 - 13:42 + dataflow_sources: + - 101 + - 102 + - 112 + - 113 + - 122 + children: + - type: '"("' + id: 101 + range: 13:6 - 13:7 + - type: object + id: 102 + range: 13:7 - 13:21 + dataflow_sources: + - 103 + - 104 + - 111 + queries: + - 0 + children: + - type: '"{"' + id: 103 + range: 13:7 - 13:8 + - type: pair + id: 104 + range: 13:9 - 13:19 + dataflow_sources: + - 105 + - 106 + - 107 + children: + - type: property_identifier + id: 105 + range: 13:9 - 13:14 + content: email + - type: '":"' + id: 106 + range: 13:14 - 13:15 + - type: string + id: 107 + range: 13:16 - 13:19 + dataflow_sources: + - 108 + - 109 + - 110 + children: + - type: '"""' + id: 108 + range: 13:16 - 13:17 + - type: string_fragment + id: 109 + range: 13:17 - 13:18 + content: ' ' + - type: '"""' + id: 110 + range: 13:18 - 13:19 + - type: '"}"' + id: 111 + range: 13:20 - 13:21 + - type: '","' + id: 112 + range: 13:21 - 13:22 + - type: object + id: 113 + range: 13:23 - 13:41 + dataflow_sources: + - 114 + - 115 + - 121 + queries: + - 0 + children: + - type: '"{"' + id: 114 + range: 13:23 - 13:24 + - type: pair + id: 115 + range: 13:25 - 13:39 + dataflow_sources: + - 116 + - 117 + - 118 + children: + - type: property_identifier + id: 116 + range: 13:25 - 13:35 + content: first_name + - type: '":"' + id: 117 + range: 13:35 - 13:36 + - type: string + id: 118 + range: 13:37 - 13:39 + dataflow_sources: + - 119 + - 120 + children: + - type: '"""' + id: 119 + range: 13:37 - 13:38 + - type: '"""' + id: 120 + range: 13:38 - 13:39 + - type: '"}"' + id: 121 + range: 13:40 - 13:41 + - type: '")"' + id: 122 + range: 13:41 - 13:42 + - type: '"."' + id: 123 + range: 13:42 - 13:43 + - type: property_identifier + id: 124 + range: 13:43 - 13:44 + content: a + - type: comment + id: 125 + range: 15:1 - 15:18 + content: // Deconstruction + - type: lexical_declaration + id: 126 + range: 16:1 - 16:16 + dataflow_sources: + - 127 + - 128 + children: + - type: '"let"' + id: 127 + range: 16:1 - 16:4 + - type: variable_declarator + id: 128 + range: 16:5 - 16:16 + alias_of: + - 134 + children: + - type: object_pattern + id: 129 + range: 16:5 - 16:10 + dataflow_sources: + - 130 + - 131 + - 132 + children: + - type: '"{"' + id: 130 + range: 16:5 - 16:6 + - type: shorthand_property_identifier_pattern + id: 131 + range: 16:7 - 16:8 + content: x + queries: + - 2 + - type: '"}"' + id: 132 + range: 16:9 - 16:10 + - type: '"="' + id: 133 + range: 16:11 - 16:12 + - type: identifier + id: 134 + range: 16:13 - 16:16 + content: obj + alias_of: + - 3 + +- node: 3 + content: 'obj = { x: { a: { i: 3 } }, y: 4 }' + data: + properties: + - name: obj + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 38 + line: 1 + column: 39 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 10 + line: 1 + column: 11 + contentend: + byte: 38 + line: 1 + column: 39 + executingdetectors: [] + data: + properties: + - name: x + node: + id: 8 + typeid: 8 + contentstart: + byte: 12 + line: 1 + column: 13 + contentend: + byte: 30 + line: 1 + column: 31 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 11 + typeid: 6 + contentstart: + byte: 15 + line: 1 + column: 16 + contentend: + byte: 30 + line: 1 + column: 31 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + - name: "y" + node: + id: 25 + typeid: 8 + contentstart: + byte: 32 + line: 1 + column: 33 + contentend: + byte: 36 + line: 1 + column: 37 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true +- node: 32 + content: obj.x + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 32 + content: obj.x + data: + properties: + - name: x + node: null + object: + ruleid: object + matchnode: + id: 32 + typeid: 16 + contentstart: + byte: 60 + line: 4 + column: 1 + contentend: + byte: 65 + line: 4 + column: 6 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + isvirtual: true +- node: 32 + content: obj.x + data: + properties: + - name: obj + node: null + object: + ruleid: object + matchnode: + id: 32 + typeid: 16 + contentstart: + byte: 60 + line: 4 + column: 1 + contentend: + byte: 65 + line: 4 + column: 6 + executingdetectors: [] + data: + properties: + - name: x + node: null + object: null + isvirtual: true + isvirtual: true +- node: 37 + content: obj["x"].a + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false +- node: 37 + content: obj["x"].a + data: + properties: + - name: a + node: null + object: + ruleid: object + matchnode: + id: 37 + typeid: 16 + contentstart: + byte: 66 + line: 5 + column: 1 + contentend: + byte: 76 + line: 5 + column: 11 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true +- node: 37 + content: obj["x"].a + data: + properties: + - name: x + node: null + object: + ruleid: object + matchnode: + id: 37 + typeid: 16 + contentstart: + byte: 66 + line: 5 + column: 1 + contentend: + byte: 76 + line: 5 + column: 11 + executingdetectors: [] + data: + properties: + - name: a + node: null + object: null + isvirtual: true + isvirtual: true +- node: 50 + content: obj.z + data: + properties: + - name: obj + node: null + object: + ruleid: object + matchnode: + id: 50 + typeid: 16 + contentstart: + byte: 100 + line: 8 + column: 1 + contentend: + byte: 105 + line: 8 + column: 6 + executingdetectors: [] + data: + properties: + - name: z + node: null + object: null + isvirtual: true + isvirtual: true +- node: 55 + content: obj["w"] + data: + properties: + - name: obj + node: null + object: + ruleid: object + matchnode: + id: 55 + typeid: 18 + contentstart: + byte: 106 + line: 9 + column: 1 + contentend: + byte: 114 + line: 9 + column: 9 + executingdetectors: [] + data: + properties: + - name: w + node: null + object: null + isvirtual: true + isvirtual: true +- node: 65 + content: 'obj.x({ email: " " }, { first_name: "" })' + data: + properties: + - name: "" + node: null + object: + ruleid: object + matchnode: + id: 66 + typeid: 16 + contentstart: + byte: 124 + line: 12 + column: 1 + contentend: + byte: 129 + line: 12 + column: 6 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + - name: "" + node: null + object: + ruleid: object + matchnode: + id: 66 + typeid: 16 + contentstart: + byte: 124 + line: 12 + column: 1 + contentend: + byte: 129 + line: 12 + column: 6 + executingdetectors: [] + data: + properties: + - name: x + node: null + object: + ruleid: object + matchnode: + id: 66 + typeid: 16 + contentstart: + byte: 124 + line: 12 + column: 1 + contentend: + byte: 129 + line: 12 + column: 6 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + isvirtual: true + - name: "" + node: null + object: + ruleid: object + matchnode: + id: 66 + typeid: 16 + contentstart: + byte: 124 + line: 12 + column: 1 + contentend: + byte: 129 + line: 12 + column: 6 + executingdetectors: [] + data: + properties: + - name: obj + node: null + object: + ruleid: object + matchnode: + id: 66 + typeid: 16 + contentstart: + byte: 124 + line: 12 + column: 1 + contentend: + byte: 129 + line: 12 + column: 6 + executingdetectors: [] + data: + properties: + - name: x + node: null + object: null + isvirtual: true + isvirtual: true + isvirtual: true +- node: 94 + content: 'obj.x({ email: " " }, { first_name: "" }).a' + data: + properties: + - name: x + node: null + object: + ruleid: object + matchnode: + id: 94 + typeid: 16 + contentstart: + byte: 166 + line: 13 + column: 1 + contentend: + byte: 209 + line: 13 + column: 44 + executingdetectors: [] + data: + properties: + - name: a + node: null + object: null + isvirtual: true + isvirtual: true +- node: 6 + content: '{ x: { a: { i: 3 } }, y: 4 }' + data: + properties: + - name: x + node: + id: 8 + typeid: 8 + contentstart: + byte: 12 + line: 1 + column: 13 + contentend: + byte: 30 + line: 1 + column: 31 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 11 + typeid: 6 + contentstart: + byte: 15 + line: 1 + column: 16 + contentend: + byte: 30 + line: 1 + column: 31 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + - name: "y" + node: + id: 25 + typeid: 8 + contentstart: + byte: 32 + line: 1 + column: 33 + contentend: + byte: 36 + line: 1 + column: 37 + executingdetectors: [] + object: null + isvirtual: false +- node: 38 + content: obj["x"] + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 38 + content: obj["x"] + data: + properties: + - name: x + node: null + object: + ruleid: object + matchnode: + id: 38 + typeid: 18 + contentstart: + byte: 66 + line: 5 + column: 1 + contentend: + byte: 74 + line: 5 + column: 9 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + isvirtual: true +- node: 38 + content: obj["x"] + data: + properties: + - name: obj + node: null + object: + ruleid: object + matchnode: + id: 38 + typeid: 18 + contentstart: + byte: 66 + line: 5 + column: 1 + contentend: + byte: 74 + line: 5 + column: 9 + executingdetectors: [] + data: + properties: + - name: x + node: null + object: null + isvirtual: true + isvirtual: true +- node: 66 + content: obj.x + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 66 + content: obj.x + data: + properties: + - name: x + node: null + object: + ruleid: object + matchnode: + id: 66 + typeid: 16 + contentstart: + byte: 124 + line: 12 + column: 1 + contentend: + byte: 129 + line: 12 + column: 6 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + isvirtual: true +- node: 66 + content: obj.x + data: + properties: + - name: obj + node: null + object: + ruleid: object + matchnode: + id: 66 + typeid: 16 + contentstart: + byte: 124 + line: 12 + column: 1 + contentend: + byte: 129 + line: 12 + column: 6 + executingdetectors: [] + data: + properties: + - name: x + node: null + object: null + isvirtual: true + isvirtual: true +- node: 95 + content: 'obj.x({ email: " " }, { first_name: "" })' + data: + properties: + - name: "" + node: null + object: + ruleid: object + matchnode: + id: 96 + typeid: 16 + contentstart: + byte: 166 + line: 13 + column: 1 + contentend: + byte: 171 + line: 13 + column: 6 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + - name: "" + node: null + object: + ruleid: object + matchnode: + id: 96 + typeid: 16 + contentstart: + byte: 166 + line: 13 + column: 1 + contentend: + byte: 171 + line: 13 + column: 6 + executingdetectors: [] + data: + properties: + - name: x + node: null + object: + ruleid: object + matchnode: + id: 96 + typeid: 16 + contentstart: + byte: 166 + line: 13 + column: 1 + contentend: + byte: 171 + line: 13 + column: 6 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + isvirtual: true + - name: "" + node: null + object: + ruleid: object + matchnode: + id: 96 + typeid: 16 + contentstart: + byte: 166 + line: 13 + column: 1 + contentend: + byte: 171 + line: 13 + column: 6 + executingdetectors: [] + data: + properties: + - name: obj + node: null + object: + ruleid: object + matchnode: + id: 96 + typeid: 16 + contentstart: + byte: 166 + line: 13 + column: 1 + contentend: + byte: 171 + line: 13 + column: 6 + executingdetectors: [] + data: + properties: + - name: x + node: null + object: null + isvirtual: true + isvirtual: true + isvirtual: true +- node: 72 + content: '{ email: " " }' + data: + properties: + - name: email + node: + id: 74 + typeid: 8 + contentstart: + byte: 132 + line: 12 + column: 9 + contentend: + byte: 142 + line: 12 + column: 19 + executingdetectors: [] + object: null + isvirtual: false +- node: 83 + content: '{ first_name: "" }' + data: + properties: + - name: first_name + node: + id: 85 + typeid: 8 + contentstart: + byte: 148 + line: 12 + column: 25 + contentend: + byte: 162 + line: 12 + column: 39 + executingdetectors: [] + object: null + isvirtual: false +- node: 96 + content: obj.x + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 96 + content: obj.x + data: + properties: + - name: x + node: null + object: + ruleid: object + matchnode: + id: 96 + typeid: 16 + contentstart: + byte: 166 + line: 13 + column: 1 + contentend: + byte: 171 + line: 13 + column: 6 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + isvirtual: true +- node: 96 + content: obj.x + data: + properties: + - name: obj + node: null + object: + ruleid: object + matchnode: + id: 96 + typeid: 16 + contentstart: + byte: 166 + line: 13 + column: 1 + contentend: + byte: 171 + line: 13 + column: 6 + executingdetectors: [] + data: + properties: + - name: x + node: null + object: null + isvirtual: true + isvirtual: true +- node: 131 + content: x + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 131 + content: x + data: + properties: + - name: x + node: null + object: + ruleid: object + matchnode: + id: 131 + typeid: 29 + contentstart: + byte: 235 + line: 16 + column: 7 + contentend: + byte: 236 + line: 16 + column: 8 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + isvirtual: true +- node: 131 + content: x + data: + properties: + - name: obj + node: null + object: + ruleid: object + matchnode: + id: 131 + typeid: 29 + contentstart: + byte: 235 + line: 16 + column: 7 + contentend: + byte: 236 + line: 16 + column: 8 + executingdetectors: [] + data: + properties: + - name: x + node: null + object: null + isvirtual: true + isvirtual: true +- node: 11 + content: '{ a: { i: 3 } }' + data: + properties: + - name: a + node: + id: 13 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 16 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 102 + content: '{ email: " " }' + data: + properties: + - name: email + node: + id: 104 + typeid: 8 + contentstart: + byte: 174 + line: 13 + column: 9 + contentend: + byte: 184 + line: 13 + column: 19 + executingdetectors: [] + object: null + isvirtual: false +- node: 113 + content: '{ first_name: "" }' + data: + properties: + - name: first_name + node: + id: 115 + typeid: 8 + contentstart: + byte: 190 + line: 13 + column: 25 + contentend: + byte: 204 + line: 13 + column: 39 + executingdetectors: [] + object: null + isvirtual: false +- node: 16 + content: '{ i: 3 }' + data: + properties: + - name: i + node: + id: 18 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + diff --git a/internal/languages/javascript/detectors/.snapshots/TestJavascriptObjectDetector-object_spread b/internal/languages/javascript/detectors/.snapshots/TestJavascriptObjectDetector-object_spread new file mode 100644 index 000000000..96afefa28 --- /dev/null +++ b/internal/languages/javascript/detectors/.snapshots/TestJavascriptObjectDetector-object_spread @@ -0,0 +1,1569 @@ +type: program +id: 0 +range: 1:1 - 8:1 +dataflow_sources: + - 1 + - 13 + - 29 +children: + - type: lexical_declaration + id: 1 + range: 1:1 - 1:22 + dataflow_sources: + - 2 + - 3 + children: + - type: '"let"' + id: 2 + range: 1:1 - 1:4 + - type: variable_declarator + id: 3 + range: 1:5 - 1:22 + alias_of: + - 6 + queries: + - 1 + children: + - type: identifier + id: 4 + range: 1:5 - 1:9 + content: user + - type: '"="' + id: 5 + range: 1:10 - 1:11 + - type: object + id: 6 + range: 1:12 - 1:22 + dataflow_sources: + - 7 + - 8 + - 12 + queries: + - 0 + children: + - type: '"{"' + id: 7 + range: 1:12 - 1:13 + - type: pair + id: 8 + range: 1:14 - 1:20 + dataflow_sources: + - 9 + - 10 + - 11 + children: + - type: property_identifier + id: 9 + range: 1:14 - 1:15 + content: a + - type: '":"' + id: 10 + range: 1:15 - 1:16 + - type: number + id: 11 + range: 1:17 - 1:20 + content: "123" + - type: '"}"' + id: 12 + range: 1:21 - 1:22 + - type: lexical_declaration + id: 13 + range: 2:1 - 2:33 + dataflow_sources: + - 14 + - 15 + children: + - type: '"let"' + id: 14 + range: 2:1 - 2:4 + - type: variable_declarator + id: 15 + range: 2:5 - 2:33 + alias_of: + - 18 + queries: + - 1 + children: + - type: identifier + id: 16 + range: 2:5 - 2:11 + content: nested + - type: '"="' + id: 17 + range: 2:12 - 2:13 + - type: object + id: 18 + range: 2:14 - 2:33 + dataflow_sources: + - 19 + - 23 + - 24 + - 28 + alias_of: + - 20 + queries: + - 0 + - 3 + children: + - type: '"{"' + id: 19 + range: 2:14 - 2:15 + - type: spread_element + id: 20 + range: 2:16 - 2:23 + alias_of: + - 22 + children: + - type: '"..."' + id: 21 + range: 2:16 - 2:19 + - type: identifier + id: 22 + range: 2:19 - 2:23 + content: user + alias_of: + - 3 + - type: '","' + id: 23 + range: 2:23 - 2:24 + - type: pair + id: 24 + range: 2:25 - 2:31 + dataflow_sources: + - 25 + - 26 + - 27 + children: + - type: property_identifier + id: 25 + range: 2:25 - 2:26 + content: b + - type: '":"' + id: 26 + range: 2:26 - 2:27 + - type: number + id: 27 + range: 2:28 - 2:31 + content: "456" + - type: '"}"' + id: 28 + range: 2:32 - 2:33 + - type: expression_statement + id: 29 + range: 4:1 - 7:3 + children: + - type: call_expression + id: 30 + range: 4:1 - 7:3 + dataflow_sources: + - 32 + queries: + - 7 + children: + - type: identifier + id: 31 + range: 4:1 - 4:5 + content: call + - type: arguments + id: 32 + range: 4:5 - 7:3 + dataflow_sources: + - 33 + - 34 + - 59 + children: + - type: '"("' + id: 33 + range: 4:5 - 4:6 + - type: object + id: 34 + range: 4:6 - 7:2 + dataflow_sources: + - 35 + - 36 + - 46 + - 47 + - 57 + - 58 + queries: + - 0 + children: + - type: '"{"' + id: 35 + range: 4:6 - 4:7 + - type: pair + id: 36 + range: 5:3 - 5:19 + dataflow_sources: + - 37 + - 38 + - 39 + children: + - type: property_identifier + id: 37 + range: 5:3 - 5:4 + content: x + - type: '":"' + id: 38 + range: 5:4 - 5:5 + - type: object + id: 39 + range: 5:6 - 5:19 + dataflow_sources: + - 40 + - 41 + - 45 + queries: + - 0 + children: + - type: '"{"' + id: 40 + range: 5:6 - 5:7 + - type: pair + id: 41 + range: 5:8 - 5:17 + dataflow_sources: + - 42 + - 43 + - 44 + children: + - type: property_identifier + id: 42 + range: 5:8 - 5:9 + content: "n" + - type: '":"' + id: 43 + range: 5:9 - 5:10 + - type: identifier + id: 44 + range: 5:11 - 5:17 + content: nested + alias_of: + - 15 + - type: '"}"' + id: 45 + range: 5:18 - 5:19 + - type: '","' + id: 46 + range: 5:19 - 5:20 + - type: pair + id: 47 + range: 6:3 - 6:14 + dataflow_sources: + - 48 + - 49 + - 50 + children: + - type: property_identifier + id: 48 + range: 6:3 - 6:4 + content: "y" + - type: '":"' + id: 49 + range: 6:4 - 6:5 + - type: object + id: 50 + range: 6:6 - 6:14 + dataflow_sources: + - 51 + - 52 + - 56 + queries: + - 0 + children: + - type: '"{"' + id: 51 + range: 6:6 - 6:7 + - type: pair + id: 52 + range: 6:8 - 6:12 + dataflow_sources: + - 53 + - 54 + - 55 + children: + - type: property_identifier + id: 53 + range: 6:8 - 6:9 + content: c + - type: '":"' + id: 54 + range: 6:9 - 6:10 + - type: number + id: 55 + range: 6:11 - 6:12 + content: "4" + - type: '"}"' + id: 56 + range: 6:13 - 6:14 + - type: '","' + id: 57 + range: 6:14 - 6:15 + - type: '"}"' + id: 58 + range: 7:1 - 7:2 + - type: '")"' + id: 59 + range: 7:2 - 7:3 + +- node: 3 + content: 'user = { a: 123 }' + data: + properties: + - name: user + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 11 + line: 1 + column: 12 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true +- node: 15 + content: 'nested = { ...user, b: 456 }' + data: + properties: + - name: nested + node: + id: 15 + typeid: 3 + contentstart: + byte: 26 + line: 2 + column: 5 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 18 + typeid: 6 + contentstart: + byte: 35 + line: 2 + column: 14 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + data: + properties: + - name: user + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 11 + line: 1 + column: 12 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + - name: b + node: + id: 24 + typeid: 8 + contentstart: + byte: 46 + line: 2 + column: 25 + contentend: + byte: 52 + line: 2 + column: 31 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true +- node: 15 + content: 'nested = { ...user, b: 456 }' + data: + properties: + - name: nested + node: + id: 15 + typeid: 3 + contentstart: + byte: 26 + line: 2 + column: 5 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 11 + line: 1 + column: 12 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true +- node: 6 + content: '{ a: 123 }' + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false +- node: 18 + content: '{ ...user, b: 456 }' + data: + properties: + - name: user + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 11 + line: 1 + column: 12 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + - name: b + node: + id: 24 + typeid: 8 + contentstart: + byte: 46 + line: 2 + column: 25 + contentend: + byte: 52 + line: 2 + column: 31 + executingdetectors: [] + object: null + isvirtual: false +- node: 34 + content: |- + { + x: { n: nested }, + y: { c: 4 }, + } + data: + properties: + - name: x + node: + id: 36 + typeid: 8 + contentstart: + byte: 65 + line: 5 + column: 3 + contentend: + byte: 81 + line: 5 + column: 19 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 39 + typeid: 6 + contentstart: + byte: 68 + line: 5 + column: 6 + contentend: + byte: 81 + line: 5 + column: 19 + executingdetectors: [] + data: + properties: + - name: "n" + node: + id: 41 + typeid: 8 + contentstart: + byte: 70 + line: 5 + column: 8 + contentend: + byte: 79 + line: 5 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 15 + typeid: 3 + contentstart: + byte: 26 + line: 2 + column: 5 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + data: + properties: + - name: nested + node: + id: 15 + typeid: 3 + contentstart: + byte: 26 + line: 2 + column: 5 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 18 + typeid: 6 + contentstart: + byte: 35 + line: 2 + column: 14 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + data: + properties: + - name: user + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 11 + line: 1 + column: 12 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + - name: b + node: + id: 24 + typeid: 8 + contentstart: + byte: 46 + line: 2 + column: 25 + contentend: + byte: 52 + line: 2 + column: 31 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true + - name: "n" + node: + id: 41 + typeid: 8 + contentstart: + byte: 70 + line: 5 + column: 8 + contentend: + byte: 79 + line: 5 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 15 + typeid: 3 + contentstart: + byte: 26 + line: 2 + column: 5 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + data: + properties: + - name: nested + node: + id: 15 + typeid: 3 + contentstart: + byte: 26 + line: 2 + column: 5 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 11 + line: 1 + column: 12 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true + - name: "n" + node: + id: 41 + typeid: 8 + contentstart: + byte: 70 + line: 5 + column: 8 + contentend: + byte: 79 + line: 5 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 18 + typeid: 6 + contentstart: + byte: 35 + line: 2 + column: 14 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + data: + properties: + - name: user + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 11 + line: 1 + column: 12 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + - name: b + node: + id: 24 + typeid: 8 + contentstart: + byte: 46 + line: 2 + column: 25 + contentend: + byte: 52 + line: 2 + column: 31 + executingdetectors: [] + object: null + isvirtual: false + - name: "n" + node: + id: 41 + typeid: 8 + contentstart: + byte: 70 + line: 5 + column: 8 + contentend: + byte: 79 + line: 5 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: user + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 11 + line: 1 + column: 12 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true + - name: "n" + node: + id: 41 + typeid: 8 + contentstart: + byte: 70 + line: 5 + column: 8 + contentend: + byte: 79 + line: 5 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 11 + line: 1 + column: 12 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + - name: "y" + node: + id: 47 + typeid: 8 + contentstart: + byte: 85 + line: 6 + column: 3 + contentend: + byte: 96 + line: 6 + column: 14 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 50 + typeid: 6 + contentstart: + byte: 88 + line: 6 + column: 6 + contentend: + byte: 96 + line: 6 + column: 14 + executingdetectors: [] + data: + properties: + - name: c + node: + id: 52 + typeid: 8 + contentstart: + byte: 90 + line: 6 + column: 8 + contentend: + byte: 94 + line: 6 + column: 12 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 39 + content: '{ n: nested }' + data: + properties: + - name: "n" + node: + id: 41 + typeid: 8 + contentstart: + byte: 70 + line: 5 + column: 8 + contentend: + byte: 79 + line: 5 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 15 + typeid: 3 + contentstart: + byte: 26 + line: 2 + column: 5 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + data: + properties: + - name: nested + node: + id: 15 + typeid: 3 + contentstart: + byte: 26 + line: 2 + column: 5 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 18 + typeid: 6 + contentstart: + byte: 35 + line: 2 + column: 14 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + data: + properties: + - name: user + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 11 + line: 1 + column: 12 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + - name: b + node: + id: 24 + typeid: 8 + contentstart: + byte: 46 + line: 2 + column: 25 + contentend: + byte: 52 + line: 2 + column: 31 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true + - name: "n" + node: + id: 41 + typeid: 8 + contentstart: + byte: 70 + line: 5 + column: 8 + contentend: + byte: 79 + line: 5 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 15 + typeid: 3 + contentstart: + byte: 26 + line: 2 + column: 5 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + data: + properties: + - name: nested + node: + id: 15 + typeid: 3 + contentstart: + byte: 26 + line: 2 + column: 5 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 11 + line: 1 + column: 12 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true + - name: "n" + node: + id: 41 + typeid: 8 + contentstart: + byte: 70 + line: 5 + column: 8 + contentend: + byte: 79 + line: 5 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 18 + typeid: 6 + contentstart: + byte: 35 + line: 2 + column: 14 + contentend: + byte: 54 + line: 2 + column: 33 + executingdetectors: [] + data: + properties: + - name: user + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 11 + line: 1 + column: 12 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + - name: b + node: + id: 24 + typeid: 8 + contentstart: + byte: 46 + line: 2 + column: 25 + contentend: + byte: 52 + line: 2 + column: 31 + executingdetectors: [] + object: null + isvirtual: false + - name: "n" + node: + id: 41 + typeid: 8 + contentstart: + byte: 70 + line: 5 + column: 8 + contentend: + byte: 79 + line: 5 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: user + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 11 + line: 1 + column: 12 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true + - name: "n" + node: + id: 41 + typeid: 8 + contentstart: + byte: 70 + line: 5 + column: 8 + contentend: + byte: 79 + line: 5 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 6 + typeid: 6 + contentstart: + byte: 11 + line: 1 + column: 12 + contentend: + byte: 21 + line: 1 + column: 22 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 8 + typeid: 8 + contentstart: + byte: 13 + line: 1 + column: 14 + contentend: + byte: 19 + line: 1 + column: 20 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 50 + content: '{ c: 4 }' + data: + properties: + - name: c + node: + id: 52 + typeid: 8 + contentstart: + byte: 90 + line: 6 + column: 8 + contentend: + byte: 94 + line: 6 + column: 12 + executingdetectors: [] + object: null + isvirtual: false + diff --git a/internal/languages/javascript/detectors/.snapshots/TestJavascriptStringDetector-string_assign_eq b/internal/languages/javascript/detectors/.snapshots/TestJavascriptStringDetector-string_assign_eq new file mode 100644 index 000000000..e9818bd76 --- /dev/null +++ b/internal/languages/javascript/detectors/.snapshots/TestJavascriptStringDetector-string_assign_eq @@ -0,0 +1,199 @@ +type: program +id: 0 +range: 1:1 - 7:1 +dataflow_sources: + - 1 + - 10 + - 18 + - 23 + - 29 +children: + - type: lexical_declaration + id: 1 + range: 1:1 - 1:14 + dataflow_sources: + - 2 + - 3 + children: + - type: '"const"' + id: 2 + range: 1:1 - 1:6 + - type: variable_declarator + id: 3 + range: 1:7 - 1:14 + alias_of: + - 6 + queries: + - 1 + children: + - type: identifier + id: 4 + range: 1:7 - 1:8 + content: x + - type: '"="' + id: 5 + range: 1:9 - 1:10 + - type: string + id: 6 + range: 1:11 - 1:14 + dataflow_sources: + - 7 + - 8 + - 9 + children: + - type: '"""' + id: 7 + range: 1:11 - 1:12 + - type: string_fragment + id: 8 + range: 1:12 - 1:13 + content: a + - type: '"""' + id: 9 + range: 1:13 - 1:14 + - type: expression_statement + id: 10 + range: 2:1 - 2:9 + children: + - type: augmented_assignment_expression + id: 11 + range: 2:1 - 2:9 + dataflow_sources: + - 12 + - 14 + children: + - type: identifier + id: 12 + range: 2:1 - 2:2 + content: x + alias_of: + - 3 + - type: '"+="' + id: 13 + range: 2:3 - 2:5 + - type: string + id: 14 + range: 2:6 - 2:9 + dataflow_sources: + - 15 + - 16 + - 17 + children: + - type: '"""' + id: 15 + range: 2:6 - 2:7 + - type: string_fragment + id: 16 + range: 2:7 - 2:8 + content: b + - type: '"""' + id: 17 + range: 2:8 - 2:9 + - type: expression_statement + id: 18 + range: 3:1 - 3:10 + children: + - type: augmented_assignment_expression + id: 19 + range: 3:1 - 3:10 + dataflow_sources: + - 20 + - 22 + children: + - type: identifier + id: 20 + range: 3:1 - 3:2 + content: x + alias_of: + - 11 + - type: '"+="' + id: 21 + range: 3:3 - 3:5 + - type: identifier + id: 22 + range: 3:6 - 3:10 + content: name + - type: lexical_declaration + id: 23 + range: 5:1 - 5:15 + dataflow_sources: + - 24 + - 25 + children: + - type: '"const"' + id: 24 + range: 5:1 - 5:6 + - type: variable_declarator + id: 25 + range: 5:7 - 5:15 + alias_of: + - 28 + queries: + - 1 + children: + - type: identifier + id: 26 + range: 5:7 - 5:8 + content: "y" + - type: '"="' + id: 27 + range: 5:9 - 5:10 + - type: identifier + id: 28 + range: 5:11 - 5:15 + content: name + - type: expression_statement + id: 29 + range: 6:1 - 6:9 + children: + - type: augmented_assignment_expression + id: 30 + range: 6:1 - 6:9 + dataflow_sources: + - 31 + - 33 + children: + - type: identifier + id: 31 + range: 6:1 - 6:2 + content: "y" + alias_of: + - 25 + - type: '"+="' + id: 32 + range: 6:3 - 6:5 + - type: string + id: 33 + range: 6:6 - 6:9 + dataflow_sources: + - 34 + - 35 + - 36 + children: + - type: '"""' + id: 34 + range: 6:6 - 6:7 + - type: string_fragment + id: 35 + range: 6:7 - 6:8 + content: c + - type: '"""' + id: 36 + range: 6:8 - 6:9 + +- node: 6 + content: '"a"' + data: + value: a + isliteral: true +- node: 14 + content: '"b"' + data: + value: b + isliteral: true +- node: 33 + content: '"c"' + data: + value: c + isliteral: true + diff --git a/internal/languages/javascript/detectors/.snapshots/TestJavascriptStringDetector-string_literal b/internal/languages/javascript/detectors/.snapshots/TestJavascriptStringDetector-string_literal new file mode 100644 index 000000000..9bd77fcf8 --- /dev/null +++ b/internal/languages/javascript/detectors/.snapshots/TestJavascriptStringDetector-string_literal @@ -0,0 +1,189 @@ +type: program +id: 0 +range: 1:1 - 7:1 +dataflow_sources: + - 1 + - 6 + - 17 + - 25 +children: + - type: expression_statement + id: 1 + range: 1:1 - 1:5 + children: + - type: string + id: 2 + range: 1:1 - 1:5 + dataflow_sources: + - 3 + - 4 + - 5 + children: + - type: '"""' + id: 3 + range: 1:1 - 1:2 + - type: string_fragment + id: 4 + range: 1:2 - 1:4 + content: ab + - type: '"""' + id: 5 + range: 1:4 - 1:5 + - type: expression_statement + id: 6 + range: 3:1 - 3:10 + children: + - type: binary_expression + id: 7 + range: 3:1 - 3:10 + dataflow_sources: + - 8 + - 12 + - 13 + children: + - type: string + id: 8 + range: 3:1 - 3:4 + dataflow_sources: + - 9 + - 10 + - 11 + children: + - type: '"""' + id: 9 + range: 3:1 - 3:2 + - type: string_fragment + id: 10 + range: 3:2 - 3:3 + content: a + - type: '"""' + id: 11 + range: 3:3 - 3:4 + - type: '"+"' + id: 12 + range: 3:5 - 3:6 + - type: string + id: 13 + range: 3:7 - 3:10 + dataflow_sources: + - 14 + - 15 + - 16 + children: + - type: '"""' + id: 14 + range: 3:7 - 3:8 + - type: string_fragment + id: 15 + range: 3:8 - 3:9 + content: b + - type: '"""' + id: 16 + range: 3:9 - 3:10 + - type: expression_statement + id: 17 + range: 5:1 - 5:8 + children: + - type: assignment_expression + id: 18 + range: 5:1 - 5:8 + alias_of: + - 21 + queries: + - 1 + children: + - type: identifier + id: 19 + range: 5:1 - 5:2 + content: x + - type: '"="' + id: 20 + range: 5:3 - 5:4 + - type: string + id: 21 + range: 5:5 - 5:8 + dataflow_sources: + - 22 + - 23 + - 24 + children: + - type: '"""' + id: 22 + range: 5:5 - 5:6 + - type: string_fragment + id: 23 + range: 5:6 - 5:7 + content: a + - type: '"""' + id: 24 + range: 5:7 - 5:8 + - type: expression_statement + id: 25 + range: 6:1 - 6:9 + children: + - type: template_string + id: 26 + range: 6:1 - 6:9 + dataflow_sources: + - 27 + - 28 + - 32 + children: + - type: '"`"' + id: 27 + range: 6:1 - 6:2 + - type: template_substitution + id: 28 + range: 6:2 - 6:6 + dataflow_sources: + - 29 + - 30 + - 31 + children: + - type: '"${"' + id: 29 + range: 6:2 - 6:4 + - type: identifier + id: 30 + range: 6:4 - 6:5 + content: x + alias_of: + - 18 + - type: '"}"' + id: 31 + range: 6:5 - 6:6 + - type: '"`"' + id: 32 + range: 6:8 - 6:9 + +- node: 2 + content: '"ab"' + data: + value: ab + isliteral: true +- node: 7 + content: '"a" + "b"' + data: + value: ab + isliteral: true +- node: 26 + content: '`${x} b`' + data: + value: a b + isliteral: true +- node: 8 + content: '"a"' + data: + value: a + isliteral: true +- node: 13 + content: '"b"' + data: + value: b + isliteral: true +- node: 21 + content: '"a"' + data: + value: a + isliteral: true + diff --git a/internal/languages/javascript/detectors/.snapshots/TestJavascriptStringDetector-string_non_literal b/internal/languages/javascript/detectors/.snapshots/TestJavascriptStringDetector-string_non_literal new file mode 100644 index 000000000..99ec52f20 --- /dev/null +++ b/internal/languages/javascript/detectors/.snapshots/TestJavascriptStringDetector-string_non_literal @@ -0,0 +1,97 @@ +type: program +id: 0 +range: 1:1 - 4:1 +dataflow_sources: + - 1 + - 9 +children: + - type: expression_statement + id: 1 + range: 1:1 - 1:8 + children: + - type: binary_expression + id: 2 + range: 1:1 - 1:8 + dataflow_sources: + - 3 + - 7 + - 8 + children: + - type: string + id: 3 + range: 1:1 - 1:4 + dataflow_sources: + - 4 + - 5 + - 6 + children: + - type: '"""' + id: 4 + range: 1:1 - 1:2 + - type: string_fragment + id: 5 + range: 1:2 - 1:3 + content: a + - type: '"""' + id: 6 + range: 1:3 - 1:4 + - type: '"+"' + id: 7 + range: 1:5 - 1:6 + - type: identifier + id: 8 + range: 1:7 - 1:8 + content: x + - type: expression_statement + id: 9 + range: 3:1 - 3:9 + children: + - type: template_string + id: 10 + range: 3:1 - 3:9 + dataflow_sources: + - 11 + - 12 + - 16 + children: + - type: '"`"' + id: 11 + range: 3:1 - 3:2 + - type: template_substitution + id: 12 + range: 3:2 - 3:6 + dataflow_sources: + - 13 + - 14 + - 15 + children: + - type: '"${"' + id: 13 + range: 3:2 - 3:4 + - type: identifier + id: 14 + range: 3:4 - 3:5 + content: x + - type: '"}"' + id: 15 + range: 3:5 - 3:6 + - type: '"`"' + id: 16 + range: 3:8 - 3:9 + +- node: 2 + content: '"a" + x' + data: + value: a* + isliteral: false +- node: 10 + content: '`${x} b`' + data: + value: '* b' + isliteral: false +- node: 3 + content: '"a"' + data: + value: a + isliteral: true + diff --git a/internal/languages/javascript/detectors/.snapshots/TestJavascriptTypes-typed_object_const b/internal/languages/javascript/detectors/.snapshots/TestJavascriptTypes-typed_object_const new file mode 100644 index 000000000..a38b3404b --- /dev/null +++ b/internal/languages/javascript/detectors/.snapshots/TestJavascriptTypes-typed_object_const @@ -0,0 +1,208 @@ +type: program +id: 0 +range: 1:1 - 3:1 +dataflow_sources: + - 1 +children: + - type: lexical_declaration + id: 1 + range: 1:1 - 1:61 + dataflow_sources: + - 2 + - 3 + - 27 + children: + - type: '"const"' + id: 2 + range: 1:1 - 1:6 + - type: variable_declarator + id: 3 + range: 1:7 - 1:60 + alias_of: + - 17 + queries: + - 1 + children: + - type: identifier + id: 4 + range: 1:7 - 1:11 + content: user + - type: type_annotation + id: 5 + range: 1:11 - 1:30 + dataflow_sources: + - 6 + - 7 + children: + - type: '":"' + id: 6 + range: 1:11 - 1:12 + - type: object_type + id: 7 + range: 1:13 - 1:30 + dataflow_sources: + - 8 + - 9 + - 15 + children: + - type: '"{"' + id: 8 + range: 1:13 - 1:14 + - type: property_signature + id: 9 + range: 1:15 - 1:28 + dataflow_sources: + - 10 + - 11 + children: + - type: property_identifier + id: 10 + range: 1:15 - 1:20 + content: email + - type: type_annotation + id: 11 + range: 1:20 - 1:28 + dataflow_sources: + - 12 + - 13 + children: + - type: '":"' + id: 12 + range: 1:20 - 1:21 + - type: predefined_type + id: 13 + range: 1:22 - 1:28 + dataflow_sources: + - 14 + children: + - type: '"string"' + id: 14 + range: 1:22 - 1:28 + - type: '"}"' + id: 15 + range: 1:29 - 1:30 + - type: '"="' + id: 16 + range: 1:31 - 1:32 + - type: object + id: 17 + range: 1:33 - 1:60 + dataflow_sources: + - 18 + - 19 + - 26 + queries: + - 0 + children: + - type: '"{"' + id: 18 + range: 1:33 - 1:34 + - type: pair + id: 19 + range: 1:35 - 1:58 + dataflow_sources: + - 20 + - 21 + - 22 + children: + - type: property_identifier + id: 20 + range: 1:35 - 1:40 + content: email + - type: '":"' + id: 21 + range: 1:40 - 1:41 + - type: string + id: 22 + range: 1:42 - 1:58 + dataflow_sources: + - 23 + - 24 + - 25 + children: + - type: '"""' + id: 23 + range: 1:42 - 1:43 + - type: string_fragment + id: 24 + range: 1:43 - 1:57 + content: jhon@gmail.com + - type: '"""' + id: 25 + range: 1:57 - 1:58 + - type: '"}"' + id: 26 + range: 1:59 - 1:60 + - type: '";"' + id: 27 + range: 1:60 - 1:61 + +- node: 3 + content: 'user: { email: string } = { email: "jhon@gmail.com" }' + data: + properties: + - name: user + node: + id: 3 + typeid: 3 + contentstart: + byte: 6 + line: 1 + column: 7 + contentend: + byte: 59 + line: 1 + column: 60 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 17 + typeid: 15 + contentstart: + byte: 32 + line: 1 + column: 33 + contentend: + byte: 59 + line: 1 + column: 60 + executingdetectors: [] + data: + properties: + - name: email + node: + id: 19 + typeid: 16 + contentstart: + byte: 34 + line: 1 + column: 35 + contentend: + byte: 57 + line: 1 + column: 58 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true +- node: 17 + content: '{ email: "jhon@gmail.com" }' + data: + properties: + - name: email + node: + id: 19 + typeid: 16 + contentstart: + byte: 34 + line: 1 + column: 35 + contentend: + byte: 57 + line: 1 + column: 58 + executingdetectors: [] + object: null + isvirtual: false + diff --git a/internal/languages/javascript/detectors/.snapshots/TestJavascriptTypes-typed_object_let b/internal/languages/javascript/detectors/.snapshots/TestJavascriptTypes-typed_object_let new file mode 100644 index 000000000..9a941d2b5 --- /dev/null +++ b/internal/languages/javascript/detectors/.snapshots/TestJavascriptTypes-typed_object_let @@ -0,0 +1,208 @@ +type: program +id: 0 +range: 1:1 - 3:1 +dataflow_sources: + - 1 +children: + - type: lexical_declaration + id: 1 + range: 1:1 - 1:59 + dataflow_sources: + - 2 + - 3 + - 27 + children: + - type: '"let"' + id: 2 + range: 1:1 - 1:4 + - type: variable_declarator + id: 3 + range: 1:5 - 1:58 + alias_of: + - 17 + queries: + - 1 + children: + - type: identifier + id: 4 + range: 1:5 - 1:9 + content: user + - type: type_annotation + id: 5 + range: 1:9 - 1:28 + dataflow_sources: + - 6 + - 7 + children: + - type: '":"' + id: 6 + range: 1:9 - 1:10 + - type: object_type + id: 7 + range: 1:11 - 1:28 + dataflow_sources: + - 8 + - 9 + - 15 + children: + - type: '"{"' + id: 8 + range: 1:11 - 1:12 + - type: property_signature + id: 9 + range: 1:13 - 1:26 + dataflow_sources: + - 10 + - 11 + children: + - type: property_identifier + id: 10 + range: 1:13 - 1:18 + content: email + - type: type_annotation + id: 11 + range: 1:18 - 1:26 + dataflow_sources: + - 12 + - 13 + children: + - type: '":"' + id: 12 + range: 1:18 - 1:19 + - type: predefined_type + id: 13 + range: 1:20 - 1:26 + dataflow_sources: + - 14 + children: + - type: '"string"' + id: 14 + range: 1:20 - 1:26 + - type: '"}"' + id: 15 + range: 1:27 - 1:28 + - type: '"="' + id: 16 + range: 1:29 - 1:30 + - type: object + id: 17 + range: 1:31 - 1:58 + dataflow_sources: + - 18 + - 19 + - 26 + queries: + - 0 + children: + - type: '"{"' + id: 18 + range: 1:31 - 1:32 + - type: pair + id: 19 + range: 1:33 - 1:56 + dataflow_sources: + - 20 + - 21 + - 22 + children: + - type: property_identifier + id: 20 + range: 1:33 - 1:38 + content: email + - type: '":"' + id: 21 + range: 1:38 - 1:39 + - type: string + id: 22 + range: 1:40 - 1:56 + dataflow_sources: + - 23 + - 24 + - 25 + children: + - type: '"""' + id: 23 + range: 1:40 - 1:41 + - type: string_fragment + id: 24 + range: 1:41 - 1:55 + content: jhon@gmail.com + - type: '"""' + id: 25 + range: 1:55 - 1:56 + - type: '"}"' + id: 26 + range: 1:57 - 1:58 + - type: '";"' + id: 27 + range: 1:58 - 1:59 + +- node: 3 + content: 'user: { email: string } = { email: "jhon@gmail.com" }' + data: + properties: + - name: user + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 57 + line: 1 + column: 58 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 17 + typeid: 15 + contentstart: + byte: 30 + line: 1 + column: 31 + contentend: + byte: 57 + line: 1 + column: 58 + executingdetectors: [] + data: + properties: + - name: email + node: + id: 19 + typeid: 16 + contentstart: + byte: 32 + line: 1 + column: 33 + contentend: + byte: 55 + line: 1 + column: 56 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true +- node: 17 + content: '{ email: "jhon@gmail.com" }' + data: + properties: + - name: email + node: + id: 19 + typeid: 16 + contentstart: + byte: 32 + line: 1 + column: 33 + contentend: + byte: 55 + line: 1 + column: 56 + executingdetectors: [] + object: null + isvirtual: false + diff --git a/internal/languages/javascript/detectors/.snapshots/TestJavascriptTypes-typed_object_var b/internal/languages/javascript/detectors/.snapshots/TestJavascriptTypes-typed_object_var new file mode 100644 index 000000000..dc12538a7 --- /dev/null +++ b/internal/languages/javascript/detectors/.snapshots/TestJavascriptTypes-typed_object_var @@ -0,0 +1,208 @@ +type: program +id: 0 +range: 1:1 - 3:1 +dataflow_sources: + - 1 +children: + - type: variable_declaration + id: 1 + range: 1:1 - 1:59 + dataflow_sources: + - 2 + - 3 + - 27 + children: + - type: '"var"' + id: 2 + range: 1:1 - 1:4 + - type: variable_declarator + id: 3 + range: 1:5 - 1:58 + alias_of: + - 17 + queries: + - 1 + children: + - type: identifier + id: 4 + range: 1:5 - 1:9 + content: user + - type: type_annotation + id: 5 + range: 1:9 - 1:28 + dataflow_sources: + - 6 + - 7 + children: + - type: '":"' + id: 6 + range: 1:9 - 1:10 + - type: object_type + id: 7 + range: 1:11 - 1:28 + dataflow_sources: + - 8 + - 9 + - 15 + children: + - type: '"{"' + id: 8 + range: 1:11 - 1:12 + - type: property_signature + id: 9 + range: 1:13 - 1:26 + dataflow_sources: + - 10 + - 11 + children: + - type: property_identifier + id: 10 + range: 1:13 - 1:18 + content: email + - type: type_annotation + id: 11 + range: 1:18 - 1:26 + dataflow_sources: + - 12 + - 13 + children: + - type: '":"' + id: 12 + range: 1:18 - 1:19 + - type: predefined_type + id: 13 + range: 1:20 - 1:26 + dataflow_sources: + - 14 + children: + - type: '"string"' + id: 14 + range: 1:20 - 1:26 + - type: '"}"' + id: 15 + range: 1:27 - 1:28 + - type: '"="' + id: 16 + range: 1:29 - 1:30 + - type: object + id: 17 + range: 1:31 - 1:58 + dataflow_sources: + - 18 + - 19 + - 26 + queries: + - 0 + children: + - type: '"{"' + id: 18 + range: 1:31 - 1:32 + - type: pair + id: 19 + range: 1:33 - 1:56 + dataflow_sources: + - 20 + - 21 + - 22 + children: + - type: property_identifier + id: 20 + range: 1:33 - 1:38 + content: email + - type: '":"' + id: 21 + range: 1:38 - 1:39 + - type: string + id: 22 + range: 1:40 - 1:56 + dataflow_sources: + - 23 + - 24 + - 25 + children: + - type: '"""' + id: 23 + range: 1:40 - 1:41 + - type: string_fragment + id: 24 + range: 1:41 - 1:55 + content: jhon@gmail.com + - type: '"""' + id: 25 + range: 1:55 - 1:56 + - type: '"}"' + id: 26 + range: 1:57 - 1:58 + - type: '";"' + id: 27 + range: 1:58 - 1:59 + +- node: 3 + content: 'user: { email: string } = { email: "jhon@gmail.com" }' + data: + properties: + - name: user + node: + id: 3 + typeid: 3 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 57 + line: 1 + column: 58 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 17 + typeid: 15 + contentstart: + byte: 30 + line: 1 + column: 31 + contentend: + byte: 57 + line: 1 + column: 58 + executingdetectors: [] + data: + properties: + - name: email + node: + id: 19 + typeid: 16 + contentstart: + byte: 32 + line: 1 + column: 33 + contentend: + byte: 55 + line: 1 + column: 56 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true +- node: 17 + content: '{ email: "jhon@gmail.com" }' + data: + properties: + - name: email + node: + id: 19 + typeid: 16 + contentstart: + byte: 32 + line: 1 + column: 33 + contentend: + byte: 55 + line: 1 + column: 56 + executingdetectors: [] + object: null + isvirtual: false + diff --git a/new/detector/implementation/javascript/javascript_test.go b/internal/languages/javascript/detectors/detectors_test.go similarity index 84% rename from new/detector/implementation/javascript/javascript_test.go rename to internal/languages/javascript/detectors/detectors_test.go index 67df80e55..932fba74c 100644 --- a/new/detector/implementation/javascript/javascript_test.go +++ b/internal/languages/javascript/detectors/detectors_test.go @@ -1,10 +1,10 @@ -package ruby_test +package detectors_test import ( "testing" - "github.com/bearer/bearer/new/detector/composition/javascript" - "github.com/bearer/bearer/new/detector/implementation/testhelper" + "github.com/bearer/bearer/internal/languages/javascript" + "github.com/bearer/bearer/internal/scanner/detectors/testhelper" ) func TestJavascriptObjectDetector(t *testing.T) { @@ -32,5 +32,5 @@ func TestJavascriptFileTypes(t *testing.T) { } func runTest(t *testing.T, name, detectorType, fileName string) { - testhelper.RunTest(t, name, javascript.New, detectorType, fileName) + testhelper.RunTest(t, name, javascript.Get(), detectorType, fileName) } diff --git a/new/detector/implementation/javascript/object/object.go b/internal/languages/javascript/detectors/object/object.go similarity index 58% rename from new/detector/implementation/javascript/object/object.go rename to internal/languages/javascript/detectors/object/object.go index fb7a929a4..209f7698b 100644 --- a/new/detector/implementation/javascript/object/object.go +++ b/internal/languages/javascript/detectors/object/object.go @@ -1,32 +1,32 @@ package object import ( - "github.com/bearer/bearer/new/detector/detection" - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/util/stringutil" - - "github.com/bearer/bearer/new/detector/implementation/generic" - generictypes "github.com/bearer/bearer/new/detector/implementation/generic/types" + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/ruleset" + "github.com/bearer/bearer/internal/util/stringutil" + + "github.com/bearer/bearer/internal/scanner/detectors/common" + "github.com/bearer/bearer/internal/scanner/detectors/types" ) type objectDetector struct { types.DetectorBase // Base - objectPairQuery *tree.Query - classQuery *tree.Query + objectPairQuery *query.Query + classQuery *query.Query // Naming - assignmentQuery *tree.Query + assignmentQuery *query.Query // Projection - memberExpressionQuery *tree.Query - subscriptExpressionQuery *tree.Query - callQuery *tree.Query - objectDeconstructionQuery *tree.Query - spreadElementQuery *tree.Query + memberExpressionQuery *query.Query + subscriptExpressionQuery *query.Query + callQuery *query.Query + objectDeconstructionQuery *query.Query + spreadElementQuery *query.Query } -func New(querySet *tree.QuerySet) (types.Detector, error) { +func New(querySet *query.Set) types.Detector { // { first_name: ..., ... } objectPairQuery := querySet.Add(`(object (pair key: (_) @key value: (_) @value) @pair) @root`) @@ -76,27 +76,23 @@ func New(querySet *tree.QuerySet) (types.Detector, error) { memberExpressionQuery: memberExpressionQuery, subscriptExpressionQuery: subscriptExpressionQuery, callQuery: callQuery, - }, nil -} - -func (detector *objectDetector) Name() string { - return "object" + } } -func (detector *objectDetector) NestedDetections() bool { - return false +func (detector *objectDetector) Rule() *ruleset.Rule { + return ruleset.BuiltinObjectRule } func (detector *objectDetector) DetectAt( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { - detections, err := detector.getObject(node, evaluationState) + detections, err := detector.getObject(node, detectorContext) if len(detections) != 0 || err != nil { return detections, err } - detections, err = detector.getAssignment(node, evaluationState) + detections, err = detector.getAssignment(node, detectorContext) if len(detections) != 0 || err != nil { return detections, err } @@ -106,51 +102,49 @@ func (detector *objectDetector) DetectAt( return detections, err } - return detector.getProjections(node, evaluationState) + return detector.getProjections(node, detectorContext) } func (detector *objectDetector) getObject( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { - var properties []generictypes.Property - spreadResults, err := detector.spreadElementQuery.MatchAt(node) - if err != nil { - return nil, err - } + var properties []common.Property + spreadResults := detector.spreadElementQuery.MatchAt(node) for _, spreadResult := range spreadResults { - detections, err := evaluationState.Evaluate(spreadResult["identifier"], "object", "", settings.CURSOR_SCOPE, true) - + detections, err := detectorContext.Scan( + spreadResult["identifier"], + ruleset.BuiltinObjectRule, + traversalstrategy.Cursor, + ) if err != nil { return nil, err } + for _, detection := range detections { - properties = append(properties, detection.Data.(generictypes.Object).Properties...) + properties = append(properties, detection.Data.(common.Object).Properties...) } } - results, err := detector.objectPairQuery.MatchAt(node) - if len(results) == 0 || err != nil { - return nil, err - } - + results := detector.objectPairQuery.MatchAt(node) for _, result := range results { var name string key := result["key"] + keyContent := key.Content() switch key.Type() { case "string": // {"user": "admin_user"} - name = stringutil.StripQuotes(key.Content()) + name = stringutil.StripQuotes(keyContent) case "property_identifier": // { user: "admin_user"} - name = key.Content() + name = keyContent } if name == "" { continue } - propertyObjects, err := evaluationState.Evaluate(result["value"], "object", "", settings.NESTED_SCOPE, true) + propertyObjects, err := detectorContext.Scan(result["value"], ruleset.BuiltinObjectRule, traversalstrategy.Cursor) if err != nil { return nil, err } @@ -158,7 +152,7 @@ func (detector *objectDetector) getObject( pairNode := result["pair"] if len(propertyObjects) == 0 { - properties = append(properties, generictypes.Property{ + properties = append(properties, common.Property{ Name: name, Node: pairNode, }) @@ -167,7 +161,7 @@ func (detector *objectDetector) getObject( } for _, propertyObject := range propertyObjects { - properties = append(properties, generictypes.Property{ + properties = append(properties, common.Property{ Name: name, Node: pairNode, Object: propertyObject, @@ -175,28 +169,32 @@ func (detector *objectDetector) getObject( } } - return []interface{}{generictypes.Object{Properties: properties}}, nil + if len(properties) == 0 { + return nil, nil + } + + return []interface{}{common.Object{Properties: properties}}, nil } func (detector *objectDetector) getAssignment( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { result, err := detector.assignmentQuery.MatchOnceAt(node) if result == nil || err != nil { return nil, err } - valueObjects, err := generic.GetNonVirtualObjects(evaluationState, result["value"]) + valueObjects, err := common.GetNonVirtualObjects(detectorContext, result["value"]) if err != nil { return nil, err } var objects []interface{} for _, object := range valueObjects { - objects = append(objects, generictypes.Object{ + objects = append(objects, common.Object{ IsVirtual: true, - Properties: []generictypes.Property{{ + Properties: []common.Property{{ Name: result["name"].Content(), Node: node, Object: object, @@ -208,45 +206,39 @@ func (detector *objectDetector) getAssignment( } func (detector *objectDetector) getClass(node *tree.Node) ([]interface{}, error) { - results, err := detector.classQuery.MatchAt(node) - if len(results) == 0 || err != nil { - return nil, err + results := detector.classQuery.MatchAt(node) + if len(results) == 0 { + return nil, nil } className := results[0]["class_name"].Content() - var properties []generictypes.Property + var properties []common.Property for _, result := range results { methodName := result["method_name"].Content() if methodName == "constructor" { - params := result["params"] - - for i := 0; i < params.ChildCount(); i++ { - param := params.Child(i) + for _, param := range result["params"].Children() { if param.Type() != "identifier" { continue } - properties = append(properties, generictypes.Property{Name: param.Content()}) + properties = append(properties, common.Property{Name: param.Content()}) } } else { - properties = append(properties, generictypes.Property{Name: methodName}) + properties = append(properties, common.Property{Name: methodName}) } } - return []interface{}{generictypes.Object{ - Properties: []generictypes.Property{{ + return []interface{}{common.Object{ + Properties: []common.Property{{ Name: className, - Object: &detection.Detection{ - DetectorType: "object", - MatchNode: node, - Data: generictypes.Object{ + Object: &types.Detection{ + RuleID: ruleset.BuiltinObjectRule.ID(), + MatchNode: node, + Data: common.Object{ Properties: properties, }, }, }}, }}, nil } - -func (detector *objectDetector) Close() { -} diff --git a/new/detector/implementation/javascript/object/projection.go b/internal/languages/javascript/detectors/object/projection.go similarity index 57% rename from new/detector/implementation/javascript/object/projection.go rename to internal/languages/javascript/detectors/object/projection.go index 06b0094d8..7aa954160 100644 --- a/new/detector/implementation/javascript/object/projection.go +++ b/internal/languages/javascript/detectors/object/projection.go @@ -1,52 +1,53 @@ package object import ( - "github.com/bearer/bearer/new/detector/implementation/generic" - generictypes "github.com/bearer/bearer/new/detector/implementation/generic/types" - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/ruleset" + "github.com/bearer/bearer/internal/util/stringutil" + + "github.com/bearer/bearer/internal/scanner/detectors/common" + "github.com/bearer/bearer/internal/scanner/detectors/types" ) func (detector *objectDetector) getProjections( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { - objects, err := detector.getMemberExpressionProjections(node, evaluationState) + objects, err := detector.getMemberExpressionProjections(node, detectorContext) if len(objects) != 0 || err != nil { return objects, err } - objects, err = detector.getSubscriptExpressionProjections(node, evaluationState) + objects, err = detector.getSubscriptExpressionProjections(node, detectorContext) if len(objects) != 0 || err != nil { return objects, err } - objects, err = detector.getCallProjections(node, evaluationState) + objects, err = detector.getCallProjections(node, detectorContext) if len(objects) != 0 || err != nil { return objects, err } - return detector.getObjectDeconstructionProjections(node, evaluationState) + return detector.getObjectDeconstructionProjections(node, detectorContext) } func (detector *objectDetector) getMemberExpressionProjections( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { result, err := detector.memberExpressionQuery.MatchOnceAt(node) if result == nil || err != nil { return nil, err } - objectNode, isPropertyAccess := getProjectedObject(result["object"]) + objectNode, isPropertyAccess := getProjectedObject(detectorContext, result["object"]) - objects, err := generic.ProjectObject( + objects, err := common.ProjectObject( node, - evaluationState, + detectorContext, objectNode, - getObjectName(objectNode), + getObjectName(detectorContext, objectNode), result["property"].Content(), isPropertyAccess, ) @@ -59,24 +60,24 @@ func (detector *objectDetector) getMemberExpressionProjections( func (detector *objectDetector) getSubscriptExpressionProjections( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { result, err := detector.subscriptExpressionQuery.MatchOnceAt(node) if result == nil || err != nil { return nil, err } - objectNode, isPropertyAccess := getProjectedObject(result["object"]) - propertyName := getSubscriptProperty(result["root"]) + objectNode, isPropertyAccess := getProjectedObject(detectorContext, result["object"]) + propertyName := getSubscriptProperty(detectorContext, result["root"]) if propertyName == "" { return nil, nil } - objects, err := generic.ProjectObject( + objects, err := common.ProjectObject( node, - evaluationState, + detectorContext, objectNode, - getObjectName(objectNode), + getObjectName(detectorContext, objectNode), propertyName, isPropertyAccess, ) @@ -89,30 +90,30 @@ func (detector *objectDetector) getSubscriptExpressionProjections( func (detector *objectDetector) getCallProjections( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { result, err := detector.callQuery.MatchOnceAt(node) if result == nil || err != nil { return nil, err } - var properties []generictypes.Property + var properties []common.Property - functionDetections, err := evaluationState.Evaluate(result["function"], "object", "", settings.NESTED_SCOPE, true) + functionDetections, err := detectorContext.Scan(result["function"], ruleset.BuiltinObjectRule, traversalstrategy.Cursor) if len(functionDetections) == 0 || err != nil { return nil, err } for _, detection := range functionDetections { - properties = append(properties, generictypes.Property{Object: detection}) + properties = append(properties, common.Property{Object: detection}) } - return []interface{}{generictypes.Object{Properties: properties, IsVirtual: true}}, nil + return []interface{}{common.Object{Properties: properties, IsVirtual: true}}, nil } func (detector *objectDetector) getObjectDeconstructionProjections( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { result, err := detector.objectDeconstructionQuery.MatchOnceAt(node) if result == nil || err != nil { @@ -125,11 +126,11 @@ func (detector *objectDetector) getObjectDeconstructionProjections( return nil, nil } - objects, err := generic.ProjectObject( + objects, err := common.ProjectObject( node, - evaluationState, + detectorContext, objectNode, - getObjectName(objectNode), + getObjectName(detectorContext, objectNode), propertyName, true, ) @@ -140,7 +141,7 @@ func (detector *objectDetector) getObjectDeconstructionProjections( return objects, nil } -func getObjectName(objectNode *tree.Node) string { +func getObjectName(detectorContext types.Context, objectNode *tree.Node) string { // user.name or user["name"] if objectNode.Type() == "identifier" { return objectNode.Content() @@ -153,13 +154,13 @@ func getObjectName(objectNode *tree.Node) string { // address["city"].zip or address["city"]["zip"] if objectNode.Type() == "subscript_expression" { - return getSubscriptProperty(objectNode) + return getSubscriptProperty(detectorContext, objectNode) } return "" } -func getSubscriptProperty(node *tree.Node) string { +func getSubscriptProperty(detectorContext types.Context, node *tree.Node) string { indexNode := node.ChildByFieldName("index") if indexNode.Type() == "string" { return stringutil.StripQuotes(indexNode.Content()) @@ -168,7 +169,7 @@ func getSubscriptProperty(node *tree.Node) string { return "" } -func getProjectedObject(objectNode *tree.Node) (*tree.Node, bool) { +func getProjectedObject(detectorContext types.Context, objectNode *tree.Node) (*tree.Node, bool) { if objectNode.Type() == "call_expression" { return objectNode.ChildByFieldName("function"), false } diff --git a/internal/languages/javascript/detectors/string/string.go b/internal/languages/javascript/detectors/string/string.go new file mode 100644 index 000000000..3d4441458 --- /dev/null +++ b/internal/languages/javascript/detectors/string/string.go @@ -0,0 +1,90 @@ +package string + +import ( + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/ruleset" + "github.com/bearer/bearer/internal/util/stringutil" + + "github.com/bearer/bearer/internal/scanner/detectors/common" + "github.com/bearer/bearer/internal/scanner/detectors/types" +) + +type stringDetector struct { + types.DetectorBase +} + +func New(querySet *query.Set) types.Detector { + return &stringDetector{} +} + +func (detector *stringDetector) Rule() *ruleset.Rule { + return ruleset.BuiltinStringRule +} + +func (detector *stringDetector) DetectAt( + node *tree.Node, + detectorContext types.Context, +) ([]interface{}, error) { + switch node.Type() { + case "string": + return []interface{}{common.String{ + Value: stringutil.StripQuotes(node.Content()), + IsLiteral: true, + }}, nil + case "template_string": + return handleTemplateString(node, detectorContext) + case "binary_expression": + if node.Children()[1].Content() == "+" { + return common.ConcatenateChildStrings(node, detectorContext) + } + case "augmented_assignment_expression": + if node.Children()[1].Content() == "+=" { + return common.ConcatenateAssignEquals(node, detectorContext) + } + } + + return nil, nil +} + +func handleTemplateString(node *tree.Node, detectorContext types.Context) ([]interface{}, error) { + text := "" + isLiteral := true + + err := node.EachContentPart(func(partText string) error { + text += partText + return nil + }, func(child *tree.Node) error { + var childValue string + var childIsLiteral bool + namedChildren := child.NamedChildren() + + if len(namedChildren) == 0 { + childValue = "" + childIsLiteral = true + } else { + var err error + childValue, childIsLiteral, err = common.GetStringValue(namedChildren[0], detectorContext) + if err != nil { + return err + } + } + + if childValue == "" && !childIsLiteral { + childValue = "*" + } + + text += childValue + + if !childIsLiteral { + isLiteral = false + } + + return nil + }) + + return []interface{}{common.String{ + Value: text, + IsLiteral: isLiteral, + }}, err +} diff --git a/new/detector/implementation/javascript/testdata/file_type.jsx b/internal/languages/javascript/detectors/testdata/file_type.jsx similarity index 100% rename from new/detector/implementation/javascript/testdata/file_type.jsx rename to internal/languages/javascript/detectors/testdata/file_type.jsx diff --git a/new/detector/implementation/javascript/testdata/file_type.tsx b/internal/languages/javascript/detectors/testdata/file_type.tsx similarity index 100% rename from new/detector/implementation/javascript/testdata/file_type.tsx rename to internal/languages/javascript/detectors/testdata/file_type.tsx diff --git a/new/detector/implementation/javascript/testdata/object_class.js b/internal/languages/javascript/detectors/testdata/object_class.js similarity index 100% rename from new/detector/implementation/javascript/testdata/object_class.js rename to internal/languages/javascript/detectors/testdata/object_class.js diff --git a/new/detector/implementation/javascript/testdata/object_object.js b/internal/languages/javascript/detectors/testdata/object_object.js similarity index 100% rename from new/detector/implementation/javascript/testdata/object_object.js rename to internal/languages/javascript/detectors/testdata/object_object.js diff --git a/new/detector/implementation/javascript/testdata/object_projection.js b/internal/languages/javascript/detectors/testdata/object_projection.js similarity index 100% rename from new/detector/implementation/javascript/testdata/object_projection.js rename to internal/languages/javascript/detectors/testdata/object_projection.js diff --git a/new/detector/implementation/javascript/testdata/object_spread.js b/internal/languages/javascript/detectors/testdata/object_spread.js similarity index 100% rename from new/detector/implementation/javascript/testdata/object_spread.js rename to internal/languages/javascript/detectors/testdata/object_spread.js diff --git a/new/detector/implementation/javascript/testdata/string_assign_eq.js b/internal/languages/javascript/detectors/testdata/string_assign_eq.js similarity index 100% rename from new/detector/implementation/javascript/testdata/string_assign_eq.js rename to internal/languages/javascript/detectors/testdata/string_assign_eq.js diff --git a/new/detector/implementation/javascript/testdata/string_literal.js b/internal/languages/javascript/detectors/testdata/string_literal.js similarity index 100% rename from new/detector/implementation/javascript/testdata/string_literal.js rename to internal/languages/javascript/detectors/testdata/string_literal.js diff --git a/new/detector/implementation/javascript/testdata/string_non_literal.js b/internal/languages/javascript/detectors/testdata/string_non_literal.js similarity index 100% rename from new/detector/implementation/javascript/testdata/string_non_literal.js rename to internal/languages/javascript/detectors/testdata/string_non_literal.js diff --git a/new/detector/implementation/javascript/testdata/typed_object_const.ts b/internal/languages/javascript/detectors/testdata/typed_object_const.ts similarity index 100% rename from new/detector/implementation/javascript/testdata/typed_object_const.ts rename to internal/languages/javascript/detectors/testdata/typed_object_const.ts diff --git a/new/detector/implementation/javascript/testdata/typed_object_let.ts b/internal/languages/javascript/detectors/testdata/typed_object_let.ts similarity index 100% rename from new/detector/implementation/javascript/testdata/typed_object_let.ts rename to internal/languages/javascript/detectors/testdata/typed_object_let.ts diff --git a/new/detector/implementation/javascript/testdata/typed_object_var.ts b/internal/languages/javascript/detectors/testdata/typed_object_var.ts similarity index 100% rename from new/detector/implementation/javascript/testdata/typed_object_var.ts rename to internal/languages/javascript/detectors/testdata/typed_object_var.ts diff --git a/internal/languages/javascript/javascript.go b/internal/languages/javascript/javascript.go new file mode 100644 index 000000000..e9b2033be --- /dev/null +++ b/internal/languages/javascript/javascript.go @@ -0,0 +1,59 @@ +package javascript + +import ( + sitter "github.com/smacker/go-tree-sitter" + "github.com/smacker/go-tree-sitter/typescript/tsx" + + "github.com/bearer/bearer/internal/classification/schema" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/tree" + detectortypes "github.com/bearer/bearer/internal/scanner/detectors/types" + + "github.com/bearer/bearer/internal/languages/javascript/analyzer" + "github.com/bearer/bearer/internal/languages/javascript/detectors/object" + stringdetector "github.com/bearer/bearer/internal/languages/javascript/detectors/string" + "github.com/bearer/bearer/internal/languages/javascript/pattern" + "github.com/bearer/bearer/internal/scanner/detectors/datatype" + "github.com/bearer/bearer/internal/scanner/detectors/insecureurl" + "github.com/bearer/bearer/internal/scanner/detectors/stringliteral" + "github.com/bearer/bearer/internal/scanner/language" +) + +type implementation struct { + pattern pattern.Pattern +} + +func Get() language.Language { + return &implementation{} +} + +func (*implementation) ID() string { + return "javascript" +} + +func (*implementation) EnryLanguages() []string { + return []string{"JavaScript", "TypeScript", "TSX"} +} + +func (*implementation) NewBuiltInDetectors(schemaClassifier *schema.Classifier, querySet *query.Set) []detectortypes.Detector { + return []detectortypes.Detector{ + object.New(querySet), + datatype.New(detectors.DetectorJavascript, schemaClassifier), + stringdetector.New(querySet), + stringliteral.New(querySet), + insecureurl.New(querySet), + } +} + +func (*implementation) SitterLanguage() *sitter.Language { + return tsx.GetLanguage() +} + +func (language *implementation) Pattern() language.Pattern { + return &language.pattern +} + +func (*implementation) NewAnalyzer(builder *tree.Builder) language.Analyzer { + return analyzer.New(builder) +} diff --git a/new/detector/composition/javascript/javascript_test.go b/internal/languages/javascript/javascript_test.go similarity index 95% rename from new/detector/composition/javascript/javascript_test.go rename to internal/languages/javascript/javascript_test.go index a5c5d4c94..4e7172292 100644 --- a/new/detector/composition/javascript/javascript_test.go +++ b/internal/languages/javascript/javascript_test.go @@ -4,7 +4,7 @@ import ( _ "embed" "testing" - "github.com/bearer/bearer/new/detector/composition/testhelper" + "github.com/bearer/bearer/internal/languages/testhelper" ) //go:embed testdata/import_rule.yml diff --git a/internal/languages/javascript/pattern/pattern.go b/internal/languages/javascript/pattern/pattern.go new file mode 100644 index 000000000..d784265f0 --- /dev/null +++ b/internal/languages/javascript/pattern/pattern.go @@ -0,0 +1,144 @@ +package pattern + +import ( + "fmt" + "regexp" + "slices" + "strings" + + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/language" + "github.com/bearer/bearer/internal/util/regex" +) + +var ( + // $ or $ or $ + patternQueryVariableRegex = regexp.MustCompile(`\$<(?P[^>:!\.]+)(?::(?P[^>]+))?>`) + matchNodeRegex = regexp.MustCompile(`\$`) + ellipsisRegex = regexp.MustCompile(`\$<\.\.\.>`) + + patternMatchNodeContainerTypes = []string{"import_clause", "import_specifier", "required_parameter"} + + allowedPatternQueryTypes = []string{"identifier", "property_identifier", "_", "member_expression", "string", "template_string"} +) + +type Pattern struct { + language.PatternBase +} + +func (*Pattern) IsLeaf(node *tree.Node) bool { + return node.Type() == "string" +} + +func (*Pattern) ExtractVariables(input string) (string, []language.PatternVariable, error) { + nameIndex := patternQueryVariableRegex.SubexpIndex("name") + typesIndex := patternQueryVariableRegex.SubexpIndex("types") + i := 0 + + var params []language.PatternVariable + + replaced, err := regex.ReplaceAllWithSubmatches(patternQueryVariableRegex, input, func(submatches []string) (string, error) { + nodeTypes := strings.Split(submatches[typesIndex], "|") + if nodeTypes[0] == "" { + nodeTypes = []string{"_"} + } + + for _, nodeType := range nodeTypes { + if !slices.Contains(allowedPatternQueryTypes, nodeType) { + return "", fmt.Errorf("invalid node type '%s' in pattern query", nodeType) + } + } + + dummyValue := produceDummyValue(i, nodeTypes[0]) + + params = append(params, language.PatternVariable{ + Name: submatches[nameIndex], + NodeTypes: nodeTypes, + DummyValue: dummyValue, + }) + + i += 1 + + return dummyValue, nil + }) + + if err != nil { + return "", nil, err + } + + return replaced, params, nil +} + +func produceDummyValue(i int, nodeType string) string { + return "CurioVar" + fmt.Sprint(i) +} + +func (*Pattern) FindMatchNode(input []byte) [][]int { + return matchNodeRegex.FindAllIndex(input, -1) +} + +func (*Pattern) FindUnanchoredPoints(input []byte) [][]int { + return ellipsisRegex.FindAllIndex(input, -1) +} + +func (*Pattern) ContainerTypes() []string { + return patternMatchNodeContainerTypes +} + +func (*Pattern) LeafContentTypes() []string { + return []string{ + // identifiers + "identifier", "property_identifier", "shorthand_property_identifier", "type_identifier", + // datatypes/literals + "template_string", "string_fragment", "number", "null", "true", "false", + } +} + +func (*Pattern) IsAnchored(node *tree.Node) (bool, bool) { + if node.Type() == "pair" { + return false, false + } + + parent := node.Parent() + if parent == nil { + return true, true + } + + // Class body class_body + // arrow functions statement_block + // function statement_block + // method statement_block + unAnchored := []string{"statement_block", "class_body", "object_pattern", "named_imports"} + + isUnanchored := !slices.Contains(unAnchored, parent.Type()) + return isUnanchored, isUnanchored +} + +func (*Pattern) IsRoot(node *tree.Node) bool { + return !(node.Type() == "expression_statement") +} + +func (*Pattern) NodeTypes(node *tree.Node) []string { + if node.Type() == "statement_block" && node.Parent().Type() == "program" { + if len(node.NamedChildren()) == 0 { + return []string{"object"} + } else { + return []string{node.Type(), "program"} + } + } + + return []string{node.Type()} +} + +func (*Pattern) FixupVariableDummyValue(input []byte, node *tree.Node, dummyValue string) string { + parent := node.Parent() + if parent == nil { + return dummyValue + } + + if parent.NamedChildren()[0].Type() == "import_clause" { + return "\"" + dummyValue + "\"" + } + + return dummyValue +} diff --git a/new/detector/composition/javascript/testdata/datatype.yml b/internal/languages/javascript/testdata/datatype.yml similarity index 100% rename from new/detector/composition/javascript/testdata/datatype.yml rename to internal/languages/javascript/testdata/datatype.yml diff --git a/new/detector/composition/javascript/testdata/deconstructing.yml b/internal/languages/javascript/testdata/deconstructing.yml similarity index 100% rename from new/detector/composition/javascript/testdata/deconstructing.yml rename to internal/languages/javascript/testdata/deconstructing.yml diff --git a/new/detector/composition/javascript/testdata/import/import.js b/internal/languages/javascript/testdata/import/import.js similarity index 100% rename from new/detector/composition/javascript/testdata/import/import.js rename to internal/languages/javascript/testdata/import/import.js diff --git a/new/detector/composition/javascript/testdata/import_rule.yml b/internal/languages/javascript/testdata/import_rule.yml similarity index 100% rename from new/detector/composition/javascript/testdata/import_rule.yml rename to internal/languages/javascript/testdata/import_rule.yml diff --git a/new/detector/composition/javascript/testdata/insecureURL.yml b/internal/languages/javascript/testdata/insecureURL.yml similarity index 100% rename from new/detector/composition/javascript/testdata/insecureURL.yml rename to internal/languages/javascript/testdata/insecureURL.yml diff --git a/new/detector/composition/javascript/testdata/pattern_variables/main.js b/internal/languages/javascript/testdata/pattern_variables/main.js similarity index 100% rename from new/detector/composition/javascript/testdata/pattern_variables/main.js rename to internal/languages/javascript/testdata/pattern_variables/main.js diff --git a/new/detector/composition/javascript/testdata/pattern_variables_rule.yml b/internal/languages/javascript/testdata/pattern_variables_rule.yml similarity index 100% rename from new/detector/composition/javascript/testdata/pattern_variables_rule.yml rename to internal/languages/javascript/testdata/pattern_variables_rule.yml diff --git a/new/detector/composition/javascript/testdata/scope/scope.js b/internal/languages/javascript/testdata/scope/scope.js similarity index 66% rename from new/detector/composition/javascript/testdata/scope/scope.js rename to internal/languages/javascript/testdata/scope/scope.js index e954fedea..0f05e6a85 100644 --- a/new/detector/composition/javascript/testdata/scope/scope.js +++ b/internal/languages/javascript/testdata/scope/scope.js @@ -1,11 +1,14 @@ scopeCursor(req.params.oops) -scopeCursor(x ? req.params.ok : y) +scopeCursor(req.params.ok + x) +scopeCursor(x ? req.params.oops : y) scopeCursor(req.params.ok ? x : y) scopeNested(req.params.oops) +scopeResult(req.params.oops + x) scopeNested(x ? req.params.oops : y) scopeNested(req.params.oops ? x : y) scopeResult(req.params.oops) +scopeResult(req.params.oops + x) scopeResult(x ? req.params.oops : y) scopeResult(req.params.ok ? x : y) diff --git a/new/detector/composition/javascript/testdata/scope_rule.yml b/internal/languages/javascript/testdata/scope_rule.yml similarity index 100% rename from new/detector/composition/javascript/testdata/scope_rule.yml rename to internal/languages/javascript/testdata/scope_rule.yml diff --git a/new/detector/composition/javascript/testdata/testcases/flow/assigment-expression.js b/internal/languages/javascript/testdata/testcases/flow/assigment-expression.js similarity index 100% rename from new/detector/composition/javascript/testdata/testcases/flow/assigment-expression.js rename to internal/languages/javascript/testdata/testcases/flow/assigment-expression.js diff --git a/new/detector/composition/javascript/testdata/testcases/flow/variable-declarator.js b/internal/languages/javascript/testdata/testcases/flow/variable-declarator.js similarity index 100% rename from new/detector/composition/javascript/testdata/testcases/flow/variable-declarator.js rename to internal/languages/javascript/testdata/testcases/flow/variable-declarator.js diff --git a/new/detector/composition/javascript/testdata/testcases/object-deconstructing/deconstructing.js b/internal/languages/javascript/testdata/testcases/object-deconstructing/deconstructing.js similarity index 100% rename from new/detector/composition/javascript/testdata/testcases/object-deconstructing/deconstructing.js rename to internal/languages/javascript/testdata/testcases/object-deconstructing/deconstructing.js diff --git a/new/detector/composition/javascript/testdata/testcases/object-deconstructing/multiple_objects.js b/internal/languages/javascript/testdata/testcases/object-deconstructing/multiple_objects.js similarity index 100% rename from new/detector/composition/javascript/testdata/testcases/object-deconstructing/multiple_objects.js rename to internal/languages/javascript/testdata/testcases/object-deconstructing/multiple_objects.js diff --git a/new/detector/composition/javascript/testdata/testcases/string/concatanation.js b/internal/languages/javascript/testdata/testcases/string/concatanation.js similarity index 100% rename from new/detector/composition/javascript/testdata/testcases/string/concatanation.js rename to internal/languages/javascript/testdata/testcases/string/concatanation.js diff --git a/new/detector/composition/javascript/testdata/testcases/string/simple.js b/internal/languages/javascript/testdata/testcases/string/simple.js similarity index 100% rename from new/detector/composition/javascript/testdata/testcases/string/simple.js rename to internal/languages/javascript/testdata/testcases/string/simple.js diff --git a/new/detector/composition/javascript/testdata/testcases/string/single-quotes.js b/internal/languages/javascript/testdata/testcases/string/single-quotes.js similarity index 100% rename from new/detector/composition/javascript/testdata/testcases/string/single-quotes.js rename to internal/languages/javascript/testdata/testcases/string/single-quotes.js diff --git a/new/detector/composition/javascript/testdata/testcases/string/template-variable-reconciliation.js b/internal/languages/javascript/testdata/testcases/string/template-variable-reconciliation.js similarity index 100% rename from new/detector/composition/javascript/testdata/testcases/string/template-variable-reconciliation.js rename to internal/languages/javascript/testdata/testcases/string/template-variable-reconciliation.js diff --git a/new/detector/composition/javascript/testdata/testcases/string/template.js b/internal/languages/javascript/testdata/testcases/string/template.js similarity index 100% rename from new/detector/composition/javascript/testdata/testcases/string/template.js rename to internal/languages/javascript/testdata/testcases/string/template.js diff --git a/new/detector/composition/ruby/.snapshots/TestPatternVariables--main.yml b/internal/languages/ruby/.snapshots/TestPatternVariables--main.yml similarity index 100% rename from new/detector/composition/ruby/.snapshots/TestPatternVariables--main.yml rename to internal/languages/ruby/.snapshots/TestPatternVariables--main.yml diff --git a/new/detector/composition/ruby/.snapshots/TestRuby--call.yml b/internal/languages/ruby/.snapshots/TestRuby--call.yml similarity index 100% rename from new/detector/composition/ruby/.snapshots/TestRuby--call.yml rename to internal/languages/ruby/.snapshots/TestRuby--call.yml diff --git a/new/detector/composition/ruby/.snapshots/TestRuby--insecure-url.yml b/internal/languages/ruby/.snapshots/TestRuby--insecure-url.yml similarity index 100% rename from new/detector/composition/ruby/.snapshots/TestRuby--insecure-url.yml rename to internal/languages/ruby/.snapshots/TestRuby--insecure-url.yml diff --git a/new/detector/composition/ruby/.snapshots/TestRuby--object-variable-reconciliation.yml b/internal/languages/ruby/.snapshots/TestRuby--object-variable-reconciliation.yml similarity index 100% rename from new/detector/composition/ruby/.snapshots/TestRuby--object-variable-reconciliation.yml rename to internal/languages/ruby/.snapshots/TestRuby--object-variable-reconciliation.yml diff --git a/new/detector/composition/ruby/.snapshots/TestRuby--object.yml b/internal/languages/ruby/.snapshots/TestRuby--object.yml similarity index 100% rename from new/detector/composition/ruby/.snapshots/TestRuby--object.yml rename to internal/languages/ruby/.snapshots/TestRuby--object.yml diff --git a/new/detector/composition/ruby/.snapshots/TestScope--scope.yml b/internal/languages/ruby/.snapshots/TestScope--scope.yml similarity index 62% rename from new/detector/composition/ruby/.snapshots/TestScope--scope.yml rename to internal/languages/ruby/.snapshots/TestScope--scope.yml index 5d50a3446..d04dd7f6c 100644 --- a/new/detector/composition/ruby/.snapshots/TestScope--scope.yml +++ b/internal/languages/ruby/.snapshots/TestScope--scope.yml @@ -35,26 +35,26 @@ high: title: Test detection filter scopes description: Test detection filter scopes documentation_url: "" - line_number: 5 + line_number: 3 full_filename: scope.rb filename: scope.rb source: location: - start: 5 - end: 5 + start: 3 + end: 3 column: start: 1 - end: 28 + end: 36 sink: location: - start: 5 - end: 5 + start: 3 + end: 3 column: start: 1 - end: 28 - content: scope_nested(params[:oops]) - parent_line_number: 5 - snippet: scope_nested(params[:oops]) + end: 36 + content: 'scope_cursor(x ? params[:oops] : y)' + parent_line_number: 3 + snippet: 'scope_cursor(x ? params[:oops] : y)' fingerprint: 23e17866f80f43957a84e824da9ce255_1 old_fingerprint: 23e17866f80f43957a84e824da9ce255_1 - rule: @@ -73,17 +73,17 @@ high: end: 6 column: start: 1 - end: 36 + end: 28 sink: location: start: 6 end: 6 column: start: 1 - end: 36 - content: 'scope_nested(x ? params[:oops] : y)' + end: 28 + content: scope_nested(params[:oops]) parent_line_number: 6 - snippet: 'scope_nested(x ? params[:oops] : y)' + snippet: scope_nested(params[:oops]) fingerprint: 23e17866f80f43957a84e824da9ce255_2 old_fingerprint: 23e17866f80f43957a84e824da9ce255_2 - rule: @@ -102,19 +102,48 @@ high: end: 7 column: start: 1 - end: 36 + end: 32 sink: location: start: 7 end: 7 column: start: 1 - end: 36 - content: 'scope_nested(params[:oops] ? x : y)' + end: 32 + content: scope_nested(params[:oops] + x) parent_line_number: 7 - snippet: 'scope_nested(params[:oops] ? x : y)' + snippet: scope_nested(params[:oops] + x) fingerprint: 23e17866f80f43957a84e824da9ce255_3 old_fingerprint: 23e17866f80f43957a84e824da9ce255_3 + - rule: + cwe_ids: + - "42" + id: scope_test + title: Test detection filter scopes + description: Test detection filter scopes + documentation_url: "" + line_number: 8 + full_filename: scope.rb + filename: scope.rb + source: + location: + start: 8 + end: 8 + column: + start: 1 + end: 36 + sink: + location: + start: 8 + end: 8 + column: + start: 1 + end: 36 + content: 'scope_nested(x ? params[:oops] : y)' + parent_line_number: 8 + snippet: 'scope_nested(x ? params[:oops] : y)' + fingerprint: 23e17866f80f43957a84e824da9ce255_4 + old_fingerprint: 23e17866f80f43957a84e824da9ce255_4 - rule: cwe_ids: - "42" @@ -131,19 +160,77 @@ high: end: 9 column: start: 1 - end: 28 + end: 36 sink: location: start: 9 end: 9 + column: + start: 1 + end: 36 + content: 'scope_nested(params[:oops] ? x : y)' + parent_line_number: 9 + snippet: 'scope_nested(params[:oops] ? x : y)' + fingerprint: 23e17866f80f43957a84e824da9ce255_5 + old_fingerprint: 23e17866f80f43957a84e824da9ce255_5 + - rule: + cwe_ids: + - "42" + id: scope_test + title: Test detection filter scopes + description: Test detection filter scopes + documentation_url: "" + line_number: 11 + full_filename: scope.rb + filename: scope.rb + source: + location: + start: 11 + end: 11 + column: + start: 1 + end: 28 + sink: + location: + start: 11 + end: 11 column: start: 1 end: 28 content: scope_result(params[:oops]) - parent_line_number: 9 + parent_line_number: 11 snippet: scope_result(params[:oops]) - fingerprint: 23e17866f80f43957a84e824da9ce255_4 - old_fingerprint: 23e17866f80f43957a84e824da9ce255_4 + fingerprint: 23e17866f80f43957a84e824da9ce255_6 + old_fingerprint: 23e17866f80f43957a84e824da9ce255_6 + - rule: + cwe_ids: + - "42" + id: scope_test + title: Test detection filter scopes + description: Test detection filter scopes + documentation_url: "" + line_number: 12 + full_filename: scope.rb + filename: scope.rb + source: + location: + start: 12 + end: 12 + column: + start: 1 + end: 32 + sink: + location: + start: 12 + end: 12 + column: + start: 1 + end: 32 + content: scope_result(params[:oops] + x) + parent_line_number: 12 + snippet: scope_result(params[:oops] + x) + fingerprint: 23e17866f80f43957a84e824da9ce255_7 + old_fingerprint: 23e17866f80f43957a84e824da9ce255_7 - rule: cwe_ids: - "42" @@ -151,26 +238,26 @@ high: title: Test detection filter scopes description: Test detection filter scopes documentation_url: "" - line_number: 10 + line_number: 13 full_filename: scope.rb filename: scope.rb source: location: - start: 10 - end: 10 + start: 13 + end: 13 column: start: 1 end: 36 sink: location: - start: 10 - end: 10 + start: 13 + end: 13 column: start: 1 end: 36 content: 'scope_result(x ? params[:oops] : y)' - parent_line_number: 10 + parent_line_number: 13 snippet: 'scope_result(x ? params[:oops] : y)' - fingerprint: 23e17866f80f43957a84e824da9ce255_5 - old_fingerprint: 23e17866f80f43957a84e824da9ce255_5 + fingerprint: 23e17866f80f43957a84e824da9ce255_8 + old_fingerprint: 23e17866f80f43957a84e824da9ce255_8 diff --git a/internal/languages/ruby/analyzer/analyzer.go b/internal/languages/ruby/analyzer/analyzer.go new file mode 100644 index 000000000..3ceb519cb --- /dev/null +++ b/internal/languages/ruby/analyzer/analyzer.go @@ -0,0 +1,318 @@ +package analyzer + +import ( + "slices" + + sitter "github.com/smacker/go-tree-sitter" + + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/language" +) + +// methods that use `self` in their result +var reflexiveMethods = []string{ + "to_a", + "to_ary", + "to_h", + "to_hash", + "to_s", + "to_str", + "to_i", + "to_f", + "to_c", + "to_d", + "to_r", + "to_sym", + "to_json", + //string + "bytes", + "capitalize", + "capitalize!", + "chars", + "delete", + "delete!", + "delete_prefix", + "delete_prefix!", + "delete_suffix", + "delete_suffix!", + "downcase", + "downcase!", + "downcase!", + "encode", + "encode!", + "force_encoding", + "gsub", + "gsub!", + "lines", + "ljust", + "lstrip", + "lstrip!", + "rjust", + "rstrip", + "rstrip!", + "scrub", + "scrub!", + "split", + "strip", + "strip!", + "sub", + "sub!", + "swapcase", + "swapcase!", + "unicode_normalize", + "upcase", + "upcase!", + // hash + "fetch", + "slice", + // activesupport + "classify", + "presence", + "html_safe", + // activerecord + "attributes", +} + +type analyzer struct { + builder *tree.Builder + scope *language.Scope +} + +func New(builder *tree.Builder) language.Analyzer { + return &analyzer{ + builder: builder, + scope: language.NewScope(nil), + } +} + +func (analyzer *analyzer) Analyze(node *sitter.Node, visitChildren func() error) error { + switch node.Type() { + case "method": + return analyzer.withScope(language.NewScope(nil), func() error { + return visitChildren() + }) + case "block", "do_block": + return analyzer.withScope(language.NewScope(analyzer.scope), func() error { + return visitChildren() + }) + case "assignment": + return analyzer.analyzeAssignment(node, visitChildren) + case "operator_assignment": + return analyzer.analyzeOperatorAssignment(node, visitChildren) + case "call": + return analyzer.analyzeCall(node, visitChildren) + case "element_reference": + return analyzer.analyzeElementReference(node, visitChildren) + case "case": + return analyzer.analyzeCase(node, visitChildren) + case "when": + return analyzer.analyzeWhen(node, visitChildren) + case "then", "else": + return analyzer.analyzeBasicBlock(node, visitChildren) + case "keyword_parameter", "optional_parameter": + return analyzer.analyzeParameter(node, visitChildren) + case "method_parameters", "block_parameters": + return analyzer.analyzeParameterList(node, visitChildren) + case "parenthesized_statements": + return analyzer.analyzeParentheses(node, visitChildren) + case "conditional": + return analyzer.analyzeConditional(node, visitChildren) + case "pair", "argument_list", "interpolation", "array", "binary", "unary": + return analyzer.analyzeGenericOperation(node, visitChildren) + default: + analyzer.builder.Dataflow(node, analyzer.builder.ChildrenExcept(node, node.ChildByFieldName("condition"))...) + + return visitChildren() + } +} + +func (analyzer *analyzer) analyzeAssignment(node *sitter.Node, visitChildren func() error) error { + left := node.ChildByFieldName("left") + right := node.ChildByFieldName("right") + analyzer.builder.Alias(node, right) + analyzer.lookupVariable(right) + + err := visitChildren() + + if left.Type() == "identifier" { + analyzer.scope.Assign(analyzer.builder.ContentFor(left), node) + } + + return err +} + +// x += y +func (analyzer *analyzer) analyzeOperatorAssignment(node *sitter.Node, visitChildren func() error) error { + left := node.ChildByFieldName("left") + right := node.ChildByFieldName("right") + analyzer.builder.Dataflow(node, left, right) + analyzer.lookupVariable(left) + analyzer.lookupVariable(right) + + err := visitChildren() + + if left.Type() == "identifier" { + analyzer.scope.Assign(analyzer.builder.ContentFor(left), node) + } + + return err +} + +// foo.bar(42) +func (analyzer *analyzer) analyzeCall(node *sitter.Node, visitChildren func() error) error { + if receiver := node.ChildByFieldName("receiver"); receiver != nil { + analyzer.lookupVariable(receiver) + + if slices.Contains(reflexiveMethods, analyzer.builder.ContentFor(node.ChildByFieldName("method"))) { + analyzer.builder.Dataflow(node, receiver) + } + } + + if argumentsNode := node.ChildByFieldName("arguments"); argumentsNode != nil { + analyzer.builder.Dataflow(node, argumentsNode) + } + + return visitChildren() +} + +// foo["bar"] +func (analyzer *analyzer) analyzeElementReference(node *sitter.Node, visitChildren func() error) error { + objectNode := node.ChildByFieldName("object") + analyzer.builder.Dataflow(node, objectNode) + analyzer.lookupVariable(objectNode) + + return visitChildren() +} + +// case foo +// ... +// end +func (analyzer *analyzer) analyzeCase(node *sitter.Node, visitChildren func() error) error { + if valueNode := node.ChildByFieldName("value"); valueNode != nil { + analyzer.builder.Alias( + node, + analyzer.builder.ChildrenExcept(node, valueNode)..., + ) + } else { + analyzer.builder.Alias(node, analyzer.builder.ChildrenFor(node)...) + } + + return visitChildren() +} + +// Any construct that is just a block of code. eg. +// +// if x +// expr... +// end +// case/if +// ... +// else +// expr... +// end +func (analyzer *analyzer) analyzeBasicBlock(node *sitter.Node, visitChildren func() error) error { + if lastChild := analyzer.builder.LastChild(node); lastChild != nil { + analyzer.builder.Alias(node, lastChild) + } + + return visitChildren() +} + +// case foo +// when 1 +// end +func (analyzer *analyzer) analyzeWhen(node *sitter.Node, visitChildren func() error) error { + if patternNode := node.ChildByFieldName("pattern"); patternNode != nil { + analyzer.builder.Alias( + node, + analyzer.builder.ChildrenExcept(node, patternNode)..., + ) + } else { + analyzer.builder.Alias(node, analyzer.builder.ChildrenFor(node)...) + } + + return visitChildren() +} + +// keyword or default parameter definition +// def m(a = 1, b:) +func (analyzer *analyzer) analyzeParameter(node *sitter.Node, visitChildren func() error) error { + nameNode := node.ChildByFieldName("name") + + if nameNode.Type() == "identifier" { + analyzer.scope.Declare(analyzer.builder.ContentFor(nameNode), nameNode) + } + + return visitChildren() +} + +// all parameter definitions for a method/block +// def m(a, b = 1) +func (analyzer *analyzer) analyzeParameterList(node *sitter.Node, visitChildren func() error) error { + children := analyzer.builder.ChildrenFor(node) + analyzer.builder.Dataflow(node, children...) + + for _, child := range children { + if child.Type() == "identifier" { + analyzer.scope.Declare(analyzer.builder.ContentFor(child), child) + } + } + + return visitChildren() +} + +// (foo) +func (analyzer *analyzer) analyzeParentheses(node *sitter.Node, visitChildren func() error) error { + child := node.NamedChild(0) + analyzer.builder.Alias(node, child) + analyzer.lookupVariable(child) + + return visitChildren() +} + +// foo ? x : y +func (analyzer *analyzer) analyzeConditional(node *sitter.Node, visitChildren func() error) error { + condition := node.ChildByFieldName("condition") + consequence := node.ChildByFieldName("consequence") + alternative := node.ChildByFieldName("alternative") + + analyzer.lookupVariable(condition) + analyzer.lookupVariable(consequence) + analyzer.lookupVariable(alternative) + + analyzer.builder.Alias(node, consequence, alternative) + + return visitChildren() +} + +// default analysis, where the children are assumed to be data sources +func (analyzer *analyzer) analyzeGenericOperation(node *sitter.Node, visitChildren func() error) error { + children := analyzer.builder.ChildrenFor(node) + analyzer.builder.Dataflow(node, children...) + + for _, child := range children { + analyzer.lookupVariable(child) + } + + return visitChildren() +} + +func (analyzer *analyzer) withScope(newScope *language.Scope, body func() error) error { + oldScope := analyzer.scope + + analyzer.scope = newScope + err := body() + analyzer.scope = oldScope + + return err +} + +func (analyzer *analyzer) lookupVariable(node *sitter.Node) { + if node == nil || node.Type() != "identifier" { + return + } + + if pointsToNode := analyzer.scope.Lookup(analyzer.builder.ContentFor(node)); pointsToNode != nil { + analyzer.builder.Alias(node, pointsToNode) + } +} diff --git a/internal/languages/ruby/detectors/.snapshots/TestRubyObjectDetector-object_class b/internal/languages/ruby/detectors/.snapshots/TestRubyObjectDetector-object_class new file mode 100644 index 000000000..c2c25d4c1 --- /dev/null +++ b/internal/languages/ruby/detectors/.snapshots/TestRubyObjectDetector-object_class @@ -0,0 +1,204 @@ +type: program +id: 0 +range: 1:1 - 10:1 +dataflow_sources: + - 1 +children: + - type: class + id: 1 + range: 1:1 - 9:4 + dataflow_sources: + - 2 + - 3 + - 4 + - 10 + - 14 + - 24 + queries: + - 3 + children: + - type: '"class"' + id: 2 + range: 1:1 - 1:6 + - type: constant + id: 3 + range: 1:7 - 1:8 + content: A + - type: call + id: 4 + range: 2:3 - 2:27 + dataflow_sources: + - 6 + children: + - type: identifier + id: 5 + range: 2:3 - 2:16 + content: attr_accessor + - type: argument_list + id: 6 + range: 2:17 - 2:27 + dataflow_sources: + - 7 + - 8 + - 9 + children: + - type: simple_symbol + id: 7 + range: 2:17 - 2:21 + content: :one + - type: '","' + id: 8 + range: 2:21 - 2:22 + - type: simple_symbol + id: 9 + range: 2:23 - 2:27 + content: :two + - type: method + id: 10 + range: 4:3 - 5:6 + children: + - type: '"def"' + id: 11 + range: 4:3 - 4:6 + - type: identifier + id: 12 + range: 4:7 - 4:12 + content: three + - type: '"end"' + id: 13 + range: 5:3 - 5:6 + - type: method + id: 14 + range: 7:3 - 8:6 + children: + - type: '"def"' + id: 15 + range: 7:3 - 7:6 + - type: identifier + id: 16 + range: 7:7 - 7:11 + content: four + - type: method_parameters + id: 17 + range: 7:11 - 7:17 + dataflow_sources: + - 18 + - 19 + - 20 + - 21 + - 22 + children: + - type: '"("' + id: 18 + range: 7:11 - 7:12 + - type: identifier + id: 19 + range: 7:12 - 7:13 + content: a + - type: '","' + id: 20 + range: 7:13 - 7:14 + - type: identifier + id: 21 + range: 7:15 - 7:16 + content: b + - type: '")"' + id: 22 + range: 7:16 - 7:17 + - type: '"end"' + id: 23 + range: 8:3 - 8:6 + - type: '"end"' + id: 24 + range: 9:1 - 9:4 + +- node: 1 + content: |- + class A + attr_accessor :one, :two + + def three + end + + def four(a, b) + end + end + data: + properties: + - name: A + node: null + object: + ruleid: object + matchnode: + id: 1 + typeid: 1 + contentstart: + byte: 0 + line: 1 + column: 1 + contentend: + byte: 81 + line: 9 + column: 4 + executingdetectors: [] + data: + properties: + - name: one + node: + id: 7 + typeid: 7 + contentstart: + byte: 24 + line: 2 + column: 17 + contentend: + byte: 28 + line: 2 + column: 21 + executingdetectors: [] + object: null + - name: two + node: + id: 9 + typeid: 7 + contentstart: + byte: 30 + line: 2 + column: 23 + contentend: + byte: 34 + line: 2 + column: 27 + executingdetectors: [] + object: null + - name: three + node: + id: 12 + typeid: 5 + contentstart: + byte: 42 + line: 4 + column: 7 + contentend: + byte: 47 + line: 4 + column: 12 + executingdetectors: [] + object: null + - name: four + node: + id: 16 + typeid: 5 + contentstart: + byte: 61 + line: 7 + column: 7 + contentend: + byte: 65 + line: 7 + column: 11 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + diff --git a/internal/languages/ruby/detectors/.snapshots/TestRubyObjectDetector-object_hash b/internal/languages/ruby/detectors/.snapshots/TestRubyObjectDetector-object_hash new file mode 100644 index 000000000..55927282c --- /dev/null +++ b/internal/languages/ruby/detectors/.snapshots/TestRubyObjectDetector-object_hash @@ -0,0 +1,775 @@ +type: program +id: 0 +range: 1:1 - 10:1 +dataflow_sources: + - 1 + - 25 +children: + - type: assignment + id: 1 + range: 1:1 - 4:2 + alias_of: + - 4 + queries: + - 2 + children: + - type: identifier + id: 2 + range: 1:1 - 1:7 + content: nested + - type: '"="' + id: 3 + range: 1:8 - 1:9 + - type: hash + id: 4 + range: 1:10 - 4:2 + dataflow_sources: + - 5 + - 6 + - 13 + - 14 + - 24 + queries: + - 0 + children: + - type: '"{"' + id: 5 + range: 1:10 - 1:11 + - type: pair + id: 6 + range: 2:3 - 2:14 + dataflow_sources: + - 7 + - 11 + - 12 + children: + - type: string + id: 7 + range: 2:3 - 2:8 + dataflow_sources: + - 8 + - 9 + - 10 + children: + - type: '"""' + id: 8 + range: 2:3 - 2:4 + - type: string_content + id: 9 + range: 2:4 - 2:7 + content: one + - type: '"""' + id: 10 + range: 2:7 - 2:8 + - type: '"=>"' + id: 11 + range: 2:9 - 2:11 + - type: integer + id: 12 + range: 2:12 - 2:14 + content: "42" + - type: '","' + id: 13 + range: 2:14 - 2:15 + - type: pair + id: 14 + range: 3:3 - 3:16 + dataflow_sources: + - 15 + - 19 + - 20 + children: + - type: string + id: 15 + range: 3:3 - 3:8 + dataflow_sources: + - 16 + - 17 + - 18 + children: + - type: '"""' + id: 16 + range: 3:3 - 3:4 + - type: string_content + id: 17 + range: 3:4 - 3:7 + content: two + - type: '"""' + id: 18 + range: 3:7 - 3:8 + - type: '"=>"' + id: 19 + range: 3:9 - 3:11 + - type: string + id: 20 + range: 3:12 - 3:16 + dataflow_sources: + - 21 + - 22 + - 23 + children: + - type: '"""' + id: 21 + range: 3:12 - 3:13 + - type: string_content + id: 22 + range: 3:13 - 3:15 + content: hi + - type: '"""' + id: 23 + range: 3:15 - 3:16 + - type: '"}"' + id: 24 + range: 4:1 - 4:2 + - type: call + id: 25 + range: 6:1 - 9:3 + dataflow_sources: + - 27 + children: + - type: identifier + id: 26 + range: 6:1 - 6:5 + content: call + - type: argument_list + id: 27 + range: 6:5 - 9:3 + dataflow_sources: + - 28 + - 29 + - 53 + children: + - type: '"("' + id: 28 + range: 6:5 - 6:6 + - type: hash + id: 29 + range: 6:6 - 9:2 + dataflow_sources: + - 30 + - 31 + - 41 + - 42 + - 52 + queries: + - 0 + children: + - type: '"{"' + id: 30 + range: 6:6 - 6:7 + - type: pair + id: 31 + range: 7:3 - 7:19 + dataflow_sources: + - 32 + - 33 + - 34 + children: + - type: hash_key_symbol + id: 32 + range: 7:3 - 7:4 + content: x + - type: '":"' + id: 33 + range: 7:4 - 7:5 + - type: hash + id: 34 + range: 7:6 - 7:19 + dataflow_sources: + - 35 + - 36 + - 40 + queries: + - 0 + children: + - type: '"{"' + id: 35 + range: 7:6 - 7:7 + - type: pair + id: 36 + range: 7:8 - 7:17 + dataflow_sources: + - 37 + - 38 + - 39 + children: + - type: hash_key_symbol + id: 37 + range: 7:8 - 7:9 + content: "n" + - type: '":"' + id: 38 + range: 7:9 - 7:10 + - type: identifier + id: 39 + range: 7:11 - 7:17 + content: nested + alias_of: + - 1 + - type: '"}"' + id: 40 + range: 7:18 - 7:19 + - type: '","' + id: 41 + range: 7:19 - 7:20 + - type: pair + id: 42 + range: 8:3 - 8:14 + dataflow_sources: + - 43 + - 44 + - 45 + children: + - type: hash_key_symbol + id: 43 + range: 8:3 - 8:4 + content: "y" + - type: '":"' + id: 44 + range: 8:4 - 8:5 + - type: hash + id: 45 + range: 8:6 - 8:14 + dataflow_sources: + - 46 + - 47 + - 51 + queries: + - 0 + children: + - type: '"{"' + id: 46 + range: 8:6 - 8:7 + - type: pair + id: 47 + range: 8:8 - 8:12 + dataflow_sources: + - 48 + - 49 + - 50 + children: + - type: hash_key_symbol + id: 48 + range: 8:8 - 8:9 + content: b + - type: '":"' + id: 49 + range: 8:9 - 8:10 + - type: integer + id: 50 + range: 8:11 - 8:12 + content: "4" + - type: '"}"' + id: 51 + range: 8:13 - 8:14 + - type: '"}"' + id: 52 + range: 9:1 - 9:2 + - type: '")"' + id: 53 + range: 9:2 - 9:3 + +- node: 1 + content: |- + nested = { + "one" => 42, + "two" => "hi" + } + data: + properties: + - name: nested + node: + id: 1 + typeid: 1 + contentstart: + byte: 0 + line: 1 + column: 1 + contentend: + byte: 43 + line: 4 + column: 2 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 4 + typeid: 4 + contentstart: + byte: 9 + line: 1 + column: 10 + contentend: + byte: 43 + line: 4 + column: 2 + executingdetectors: [] + data: + properties: + - name: one + node: + id: 6 + typeid: 6 + contentstart: + byte: 13 + line: 2 + column: 3 + contentend: + byte: 24 + line: 2 + column: 14 + executingdetectors: [] + object: null + - name: two + node: + id: 14 + typeid: 6 + contentstart: + byte: 28 + line: 3 + column: 3 + contentend: + byte: 41 + line: 3 + column: 16 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true +- node: 4 + content: |- + { + "one" => 42, + "two" => "hi" + } + data: + properties: + - name: one + node: + id: 6 + typeid: 6 + contentstart: + byte: 13 + line: 2 + column: 3 + contentend: + byte: 24 + line: 2 + column: 14 + executingdetectors: [] + object: null + - name: two + node: + id: 14 + typeid: 6 + contentstart: + byte: 28 + line: 3 + column: 3 + contentend: + byte: 41 + line: 3 + column: 16 + executingdetectors: [] + object: null + isvirtual: false +- node: 29 + content: |- + { + x: { n: nested }, + y: { b: 4 } + } + data: + properties: + - name: x + node: + id: 31 + typeid: 6 + contentstart: + byte: 54 + line: 7 + column: 3 + contentend: + byte: 70 + line: 7 + column: 19 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 34 + typeid: 4 + contentstart: + byte: 57 + line: 7 + column: 6 + contentend: + byte: 70 + line: 7 + column: 19 + executingdetectors: [] + data: + properties: + - name: "n" + node: + id: 36 + typeid: 6 + contentstart: + byte: 59 + line: 7 + column: 8 + contentend: + byte: 68 + line: 7 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 1 + typeid: 1 + contentstart: + byte: 0 + line: 1 + column: 1 + contentend: + byte: 43 + line: 4 + column: 2 + executingdetectors: [] + data: + properties: + - name: nested + node: + id: 1 + typeid: 1 + contentstart: + byte: 0 + line: 1 + column: 1 + contentend: + byte: 43 + line: 4 + column: 2 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 4 + typeid: 4 + contentstart: + byte: 9 + line: 1 + column: 10 + contentend: + byte: 43 + line: 4 + column: 2 + executingdetectors: [] + data: + properties: + - name: one + node: + id: 6 + typeid: 6 + contentstart: + byte: 13 + line: 2 + column: 3 + contentend: + byte: 24 + line: 2 + column: 14 + executingdetectors: [] + object: null + - name: two + node: + id: 14 + typeid: 6 + contentstart: + byte: 28 + line: 3 + column: 3 + contentend: + byte: 41 + line: 3 + column: 16 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true + - name: "n" + node: + id: 36 + typeid: 6 + contentstart: + byte: 59 + line: 7 + column: 8 + contentend: + byte: 68 + line: 7 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 4 + typeid: 4 + contentstart: + byte: 9 + line: 1 + column: 10 + contentend: + byte: 43 + line: 4 + column: 2 + executingdetectors: [] + data: + properties: + - name: one + node: + id: 6 + typeid: 6 + contentstart: + byte: 13 + line: 2 + column: 3 + contentend: + byte: 24 + line: 2 + column: 14 + executingdetectors: [] + object: null + - name: two + node: + id: 14 + typeid: 6 + contentstart: + byte: 28 + line: 3 + column: 3 + contentend: + byte: 41 + line: 3 + column: 16 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + - name: "y" + node: + id: 42 + typeid: 6 + contentstart: + byte: 74 + line: 8 + column: 3 + contentend: + byte: 85 + line: 8 + column: 14 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 45 + typeid: 4 + contentstart: + byte: 77 + line: 8 + column: 6 + contentend: + byte: 85 + line: 8 + column: 14 + executingdetectors: [] + data: + properties: + - name: b + node: + id: 47 + typeid: 6 + contentstart: + byte: 79 + line: 8 + column: 8 + contentend: + byte: 83 + line: 8 + column: 12 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 34 + content: '{ n: nested }' + data: + properties: + - name: "n" + node: + id: 36 + typeid: 6 + contentstart: + byte: 59 + line: 7 + column: 8 + contentend: + byte: 68 + line: 7 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 1 + typeid: 1 + contentstart: + byte: 0 + line: 1 + column: 1 + contentend: + byte: 43 + line: 4 + column: 2 + executingdetectors: [] + data: + properties: + - name: nested + node: + id: 1 + typeid: 1 + contentstart: + byte: 0 + line: 1 + column: 1 + contentend: + byte: 43 + line: 4 + column: 2 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 4 + typeid: 4 + contentstart: + byte: 9 + line: 1 + column: 10 + contentend: + byte: 43 + line: 4 + column: 2 + executingdetectors: [] + data: + properties: + - name: one + node: + id: 6 + typeid: 6 + contentstart: + byte: 13 + line: 2 + column: 3 + contentend: + byte: 24 + line: 2 + column: 14 + executingdetectors: [] + object: null + - name: two + node: + id: 14 + typeid: 6 + contentstart: + byte: 28 + line: 3 + column: 3 + contentend: + byte: 41 + line: 3 + column: 16 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true + - name: "n" + node: + id: 36 + typeid: 6 + contentstart: + byte: 59 + line: 7 + column: 8 + contentend: + byte: 68 + line: 7 + column: 17 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 4 + typeid: 4 + contentstart: + byte: 9 + line: 1 + column: 10 + contentend: + byte: 43 + line: 4 + column: 2 + executingdetectors: [] + data: + properties: + - name: one + node: + id: 6 + typeid: 6 + contentstart: + byte: 13 + line: 2 + column: 3 + contentend: + byte: 24 + line: 2 + column: 14 + executingdetectors: [] + object: null + - name: two + node: + id: 14 + typeid: 6 + contentstart: + byte: 28 + line: 3 + column: 3 + contentend: + byte: 41 + line: 3 + column: 16 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 45 + content: '{ b: 4 }' + data: + properties: + - name: b + node: + id: 47 + typeid: 6 + contentstart: + byte: 79 + line: 8 + column: 8 + contentend: + byte: 83 + line: 8 + column: 12 + executingdetectors: [] + object: null + isvirtual: false + diff --git a/internal/languages/ruby/detectors/.snapshots/TestRubyObjectDetector-object_projection b/internal/languages/ruby/detectors/.snapshots/TestRubyObjectDetector-object_projection new file mode 100644 index 000000000..e30cc7e08 --- /dev/null +++ b/internal/languages/ruby/detectors/.snapshots/TestRubyObjectDetector-object_projection @@ -0,0 +1,1159 @@ +type: program +id: 0 +range: 1:1 - 14:10 +dataflow_sources: + - 1 + - 31 + - 32 + - 36 + - 47 + - 48 + - 52 + - 56 + - 64 + - 65 + - 80 +children: + - type: call + id: 1 + range: 1:1 - 1:39 + dataflow_sources: + - 3 + children: + - type: identifier + id: 2 + range: 1:1 - 1:4 + content: let + - type: argument_list + id: 3 + range: 1:5 - 1:39 + dataflow_sources: + - 4 + children: + - type: assignment + id: 4 + range: 1:5 - 1:39 + alias_of: + - 7 + queries: + - 2 + children: + - type: identifier + id: 5 + range: 1:5 - 1:8 + content: obj + - type: '"="' + id: 6 + range: 1:9 - 1:10 + - type: hash + id: 7 + range: 1:11 - 1:39 + dataflow_sources: + - 8 + - 9 + - 25 + - 26 + - 30 + queries: + - 0 + children: + - type: '"{"' + id: 8 + range: 1:11 - 1:12 + - type: pair + id: 9 + range: 1:13 - 1:31 + dataflow_sources: + - 10 + - 11 + - 12 + children: + - type: hash_key_symbol + id: 10 + range: 1:13 - 1:14 + content: x + - type: '":"' + id: 11 + range: 1:14 - 1:15 + - type: hash + id: 12 + range: 1:16 - 1:31 + dataflow_sources: + - 13 + - 14 + - 24 + queries: + - 0 + children: + - type: '"{"' + id: 13 + range: 1:16 - 1:17 + - type: pair + id: 14 + range: 1:18 - 1:29 + dataflow_sources: + - 15 + - 16 + - 17 + children: + - type: hash_key_symbol + id: 15 + range: 1:18 - 1:19 + content: a + - type: '":"' + id: 16 + range: 1:19 - 1:20 + - type: hash + id: 17 + range: 1:21 - 1:29 + dataflow_sources: + - 18 + - 19 + - 23 + queries: + - 0 + children: + - type: '"{"' + id: 18 + range: 1:21 - 1:22 + - type: pair + id: 19 + range: 1:23 - 1:27 + dataflow_sources: + - 20 + - 21 + - 22 + children: + - type: hash_key_symbol + id: 20 + range: 1:23 - 1:24 + content: i + - type: '":"' + id: 21 + range: 1:24 - 1:25 + - type: integer + id: 22 + range: 1:26 - 1:27 + content: "3" + - type: '"}"' + id: 23 + range: 1:28 - 1:29 + - type: '"}"' + id: 24 + range: 1:30 - 1:31 + - type: '","' + id: 25 + range: 1:31 - 1:32 + - type: pair + id: 26 + range: 1:33 - 1:37 + dataflow_sources: + - 27 + - 28 + - 29 + children: + - type: hash_key_symbol + id: 27 + range: 1:33 - 1:34 + content: "y" + - type: '":"' + id: 28 + range: 1:34 - 1:35 + - type: integer + id: 29 + range: 1:36 - 1:37 + content: "4" + - type: '"}"' + id: 30 + range: 1:38 - 1:39 + - type: comment + id: 31 + range: 3:1 - 3:19 + content: '# Known properties' + - type: call + id: 32 + range: 4:1 - 4:6 + queries: + - 4 + children: + - type: identifier + id: 33 + range: 4:1 - 4:4 + content: obj + alias_of: + - 4 + - type: '"."' + id: 34 + range: 4:4 - 4:5 + - type: identifier + id: 35 + range: 4:5 - 4:6 + content: x + - type: call + id: 36 + range: 5:1 - 5:11 + queries: + - 4 + children: + - type: element_reference + id: 37 + range: 5:1 - 5:9 + dataflow_sources: + - 38 + queries: + - 5 + children: + - type: identifier + id: 38 + range: 5:1 - 5:4 + content: obj + alias_of: + - 4 + - type: '"["' + id: 39 + range: 5:4 - 5:5 + - type: string + id: 40 + range: 5:5 - 5:8 + dataflow_sources: + - 41 + - 42 + - 43 + children: + - type: '"""' + id: 41 + range: 5:5 - 5:6 + - type: string_content + id: 42 + range: 5:6 - 5:7 + content: x + - type: '"""' + id: 43 + range: 5:7 - 5:8 + - type: '"]"' + id: 44 + range: 5:8 - 5:9 + - type: '"."' + id: 45 + range: 5:9 - 5:10 + - type: identifier + id: 46 + range: 5:10 - 5:11 + content: a + - type: comment + id: 47 + range: 7:1 - 7:21 + content: '# Unknown properties' + - type: call + id: 48 + range: 8:1 - 8:6 + queries: + - 4 + children: + - type: identifier + id: 49 + range: 8:1 - 8:4 + content: obj + alias_of: + - 4 + - type: '"."' + id: 50 + range: 8:4 - 8:5 + - type: identifier + id: 51 + range: 8:5 - 8:6 + content: z + - type: call + id: 52 + range: 9:1 - 9:9 + queries: + - 4 + children: + - type: instance_variable + id: 53 + range: 9:1 - 9:7 + content: '@myvar' + - type: '"."' + id: 54 + range: 9:7 - 9:8 + - type: identifier + id: 55 + range: 9:8 - 9:9 + content: x + - type: element_reference + id: 56 + range: 10:1 - 10:12 + dataflow_sources: + - 57 + queries: + - 5 + children: + - type: instance_variable + id: 57 + range: 10:1 - 10:7 + content: '@myvar' + - type: '"["' + id: 58 + range: 10:7 - 10:8 + - type: string + id: 59 + range: 10:8 - 10:11 + dataflow_sources: + - 60 + - 61 + - 62 + children: + - type: '"""' + id: 60 + range: 10:8 - 10:9 + - type: string_content + id: 61 + range: 10:9 - 10:10 + content: w + - type: '"""' + id: 62 + range: 10:10 - 10:11 + - type: '"]"' + id: 63 + range: 10:11 - 10:12 + - type: comment + id: 64 + range: 12:1 - 12:17 + content: '# Multiple index' + - type: assignment + id: 65 + range: 13:1 - 13:27 + alias_of: + - 68 + queries: + - 2 + children: + - type: identifier + id: 66 + range: 13:1 - 13:4 + content: foo + - type: '"="' + id: 67 + range: 13:5 - 13:6 + - type: array + id: 68 + range: 13:7 - 13:27 + dataflow_sources: + - 69 + - 70 + - 71 + - 72 + - 73 + - 74 + - 75 + - 76 + - 77 + - 78 + - 79 + children: + - type: '"["' + id: 69 + range: 13:7 - 13:8 + - type: simple_symbol + id: 70 + range: 13:8 - 13:10 + content: :a + - type: '","' + id: 71 + range: 13:10 - 13:11 + - type: simple_symbol + id: 72 + range: 13:12 - 13:14 + content: :b + - type: '","' + id: 73 + range: 13:14 - 13:15 + - type: simple_symbol + id: 74 + range: 13:16 - 13:18 + content: :c + - type: '","' + id: 75 + range: 13:18 - 13:19 + - type: simple_symbol + id: 76 + range: 13:20 - 13:22 + content: :d + - type: '","' + id: 77 + range: 13:22 - 13:23 + - type: simple_symbol + id: 78 + range: 13:24 - 13:26 + content: :e + - type: '"]"' + id: 79 + range: 13:26 - 13:27 + - type: element_reference + id: 80 + range: 14:1 - 14:10 + dataflow_sources: + - 81 + children: + - type: identifier + id: 81 + range: 14:1 - 14:4 + content: foo + alias_of: + - 65 + - type: '"["' + id: 82 + range: 14:4 - 14:5 + - type: integer + id: 83 + range: 14:5 - 14:6 + content: "0" + - type: '","' + id: 84 + range: 14:6 - 14:7 + - type: integer + id: 85 + range: 14:8 - 14:9 + content: "2" + - type: '"]"' + id: 86 + range: 14:9 - 14:10 + +- node: 32 + content: obj.x + data: + properties: + - name: a + node: + id: 14 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 17 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 19 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 32 + content: obj.x + data: + properties: + - name: x + node: null + object: + ruleid: object + matchnode: + id: 32 + typeid: 1 + contentstart: + byte: 59 + line: 4 + column: 1 + contentend: + byte: 64 + line: 4 + column: 6 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 14 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 17 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 19 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + isvirtual: true +- node: 32 + content: obj.x + data: + properties: + - name: obj + node: null + object: + ruleid: object + matchnode: + id: 32 + typeid: 1 + contentstart: + byte: 59 + line: 4 + column: 1 + contentend: + byte: 64 + line: 4 + column: 6 + executingdetectors: [] + data: + properties: + - name: x + node: null + object: null + isvirtual: true + isvirtual: true +- node: 36 + content: obj["x"].a + data: + properties: + - name: i + node: + id: 19 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false +- node: 36 + content: obj["x"].a + data: + properties: + - name: a + node: null + object: + ruleid: object + matchnode: + id: 36 + typeid: 1 + contentstart: + byte: 65 + line: 5 + column: 1 + contentend: + byte: 75 + line: 5 + column: 11 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 19 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true +- node: 36 + content: obj["x"].a + data: + properties: + - name: x + node: null + object: + ruleid: object + matchnode: + id: 36 + typeid: 1 + contentstart: + byte: 65 + line: 5 + column: 1 + contentend: + byte: 75 + line: 5 + column: 11 + executingdetectors: [] + data: + properties: + - name: a + node: null + object: null + isvirtual: true + isvirtual: true +- node: 48 + content: obj.z + data: + properties: + - name: obj + node: null + object: + ruleid: object + matchnode: + id: 48 + typeid: 1 + contentstart: + byte: 98 + line: 8 + column: 1 + contentend: + byte: 103 + line: 8 + column: 6 + executingdetectors: [] + data: + properties: + - name: z + node: null + object: null + isvirtual: true + isvirtual: true +- node: 52 + content: '@myvar.x' + data: + properties: + - name: myvar + node: null + object: + ruleid: object + matchnode: + id: 52 + typeid: 1 + contentstart: + byte: 104 + line: 9 + column: 1 + contentend: + byte: 112 + line: 9 + column: 9 + executingdetectors: [] + data: + properties: + - name: x + node: null + object: null + isvirtual: true + isvirtual: true +- node: 56 + content: '@myvar["w"]' + data: + properties: + - name: myvar + node: null + object: + ruleid: object + matchnode: + id: 56 + typeid: 16 + contentstart: + byte: 113 + line: 10 + column: 1 + contentend: + byte: 124 + line: 10 + column: 12 + executingdetectors: [] + data: + properties: + - name: w + node: null + object: null + isvirtual: true + isvirtual: true +- node: 37 + content: obj["x"] + data: + properties: + - name: a + node: + id: 14 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 17 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 19 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 37 + content: obj["x"] + data: + properties: + - name: x + node: null + object: + ruleid: object + matchnode: + id: 37 + typeid: 16 + contentstart: + byte: 65 + line: 5 + column: 1 + contentend: + byte: 73 + line: 5 + column: 9 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 14 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 17 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 19 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + isvirtual: true +- node: 37 + content: obj["x"] + data: + properties: + - name: obj + node: null + object: + ruleid: object + matchnode: + id: 37 + typeid: 16 + contentstart: + byte: 65 + line: 5 + column: 1 + contentend: + byte: 73 + line: 5 + column: 9 + executingdetectors: [] + data: + properties: + - name: x + node: null + object: null + isvirtual: true + isvirtual: true +- node: 4 + content: 'obj = { x: { a: { i: 3 } }, y: 4 }' + data: + properties: + - name: obj + node: + id: 4 + typeid: 4 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 38 + line: 1 + column: 39 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 7 + typeid: 6 + contentstart: + byte: 10 + line: 1 + column: 11 + contentend: + byte: 38 + line: 1 + column: 39 + executingdetectors: [] + data: + properties: + - name: x + node: + id: 9 + typeid: 8 + contentstart: + byte: 12 + line: 1 + column: 13 + contentend: + byte: 30 + line: 1 + column: 31 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 12 + typeid: 6 + contentstart: + byte: 15 + line: 1 + column: 16 + contentend: + byte: 30 + line: 1 + column: 31 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 14 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 17 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 19 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + - name: "y" + node: + id: 26 + typeid: 8 + contentstart: + byte: 32 + line: 1 + column: 33 + contentend: + byte: 36 + line: 1 + column: 37 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: true +- node: 7 + content: '{ x: { a: { i: 3 } }, y: 4 }' + data: + properties: + - name: x + node: + id: 9 + typeid: 8 + contentstart: + byte: 12 + line: 1 + column: 13 + contentend: + byte: 30 + line: 1 + column: 31 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 12 + typeid: 6 + contentstart: + byte: 15 + line: 1 + column: 16 + contentend: + byte: 30 + line: 1 + column: 31 + executingdetectors: [] + data: + properties: + - name: a + node: + id: 14 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 17 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 19 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false + - name: "y" + node: + id: 26 + typeid: 8 + contentstart: + byte: 32 + line: 1 + column: 33 + contentend: + byte: 36 + line: 1 + column: 37 + executingdetectors: [] + object: null + isvirtual: false +- node: 12 + content: '{ a: { i: 3 } }' + data: + properties: + - name: a + node: + id: 14 + typeid: 8 + contentstart: + byte: 17 + line: 1 + column: 18 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + object: + ruleid: object + matchnode: + id: 17 + typeid: 6 + contentstart: + byte: 20 + line: 1 + column: 21 + contentend: + byte: 28 + line: 1 + column: 29 + executingdetectors: [] + data: + properties: + - name: i + node: + id: 19 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + isvirtual: false +- node: 17 + content: '{ i: 3 }' + data: + properties: + - name: i + node: + id: 19 + typeid: 8 + contentstart: + byte: 22 + line: 1 + column: 23 + contentend: + byte: 26 + line: 1 + column: 27 + executingdetectors: [] + object: null + isvirtual: false + diff --git a/internal/languages/ruby/detectors/.snapshots/TestRubyStringDetector-string_assign_eq b/internal/languages/ruby/detectors/.snapshots/TestRubyStringDetector-string_assign_eq new file mode 100644 index 000000000..f4346c113 --- /dev/null +++ b/internal/languages/ruby/detectors/.snapshots/TestRubyStringDetector-string_assign_eq @@ -0,0 +1,182 @@ +type: program +id: 0 +range: 1:1 - 7:1 +dataflow_sources: + - 1 + - 8 + - 15 + - 19 + - 23 +children: + - type: assignment + id: 1 + range: 1:1 - 1:8 + alias_of: + - 4 + queries: + - 2 + children: + - type: identifier + id: 2 + range: 1:1 - 1:2 + content: x + - type: '"="' + id: 3 + range: 1:3 - 1:4 + - type: string + id: 4 + range: 1:5 - 1:8 + dataflow_sources: + - 5 + - 6 + - 7 + children: + - type: '"""' + id: 5 + range: 1:5 - 1:6 + - type: string_content + id: 6 + range: 1:6 - 1:7 + content: a + - type: '"""' + id: 7 + range: 1:7 - 1:8 + - type: operator_assignment + id: 8 + range: 2:1 - 2:9 + dataflow_sources: + - 9 + - 11 + children: + - type: identifier + id: 9 + range: 2:1 - 2:2 + content: x + alias_of: + - 1 + - type: '"+="' + id: 10 + range: 2:3 - 2:5 + - type: string + id: 11 + range: 2:6 - 2:9 + dataflow_sources: + - 12 + - 13 + - 14 + children: + - type: '"""' + id: 12 + range: 2:6 - 2:7 + - type: string_content + id: 13 + range: 2:7 - 2:8 + content: b + - type: '"""' + id: 14 + range: 2:8 - 2:9 + - type: operator_assignment + id: 15 + range: 3:1 - 3:10 + dataflow_sources: + - 16 + - 18 + children: + - type: identifier + id: 16 + range: 3:1 - 3:2 + content: x + alias_of: + - 8 + - type: '"+="' + id: 17 + range: 3:3 - 3:5 + - type: identifier + id: 18 + range: 3:6 - 3:10 + content: name + - type: assignment + id: 19 + range: 5:1 - 5:9 + alias_of: + - 22 + queries: + - 2 + children: + - type: identifier + id: 20 + range: 5:1 - 5:2 + content: "y" + - type: '"="' + id: 21 + range: 5:3 - 5:4 + - type: identifier + id: 22 + range: 5:5 - 5:9 + content: name + - type: operator_assignment + id: 23 + range: 6:1 - 6:9 + dataflow_sources: + - 24 + - 26 + children: + - type: identifier + id: 24 + range: 6:1 - 6:2 + content: "y" + alias_of: + - 19 + - type: '"+="' + id: 25 + range: 6:3 - 6:5 + - type: string + id: 26 + range: 6:6 - 6:9 + dataflow_sources: + - 27 + - 28 + - 29 + children: + - type: '"""' + id: 27 + range: 6:6 - 6:7 + - type: string_content + id: 28 + range: 6:7 - 6:8 + content: c + - type: '"""' + id: 29 + range: 6:8 - 6:9 + +- node: 4 + content: '"a"' + data: + value: a + isliteral: true +- node: 11 + content: '"b"' + data: + value: b + isliteral: true +- node: 26 + content: '"c"' + data: + value: c + isliteral: true +- node: 6 + content: a + data: + value: a + isliteral: true +- node: 13 + content: b + data: + value: b + isliteral: true +- node: 28 + content: c + data: + value: c + isliteral: true + diff --git a/internal/languages/ruby/detectors/.snapshots/TestRubyStringDetector-string_literal b/internal/languages/ruby/detectors/.snapshots/TestRubyStringDetector-string_literal new file mode 100644 index 000000000..d6015d185 --- /dev/null +++ b/internal/languages/ruby/detectors/.snapshots/TestRubyStringDetector-string_literal @@ -0,0 +1,208 @@ +type: program +id: 0 +range: 1:1 - 7:1 +dataflow_sources: + - 1 + - 5 + - 15 + - 22 +children: + - type: string + id: 1 + range: 1:1 - 1:5 + dataflow_sources: + - 2 + - 3 + - 4 + children: + - type: '"""' + id: 2 + range: 1:1 - 1:2 + - type: string_content + id: 3 + range: 1:2 - 1:4 + content: ab + - type: '"""' + id: 4 + range: 1:4 - 1:5 + - type: binary + id: 5 + range: 3:1 - 3:10 + dataflow_sources: + - 6 + - 10 + - 11 + children: + - type: string + id: 6 + range: 3:1 - 3:4 + dataflow_sources: + - 7 + - 8 + - 9 + children: + - type: '"""' + id: 7 + range: 3:1 - 3:2 + - type: string_content + id: 8 + range: 3:2 - 3:3 + content: a + - type: '"""' + id: 9 + range: 3:3 - 3:4 + - type: '"+"' + id: 10 + range: 3:5 - 3:6 + - type: string + id: 11 + range: 3:7 - 3:10 + dataflow_sources: + - 12 + - 13 + - 14 + children: + - type: '"""' + id: 12 + range: 3:7 - 3:8 + - type: string_content + id: 13 + range: 3:8 - 3:9 + content: b + - type: '"""' + id: 14 + range: 3:9 - 3:10 + - type: assignment + id: 15 + range: 5:1 - 5:8 + alias_of: + - 18 + queries: + - 2 + children: + - type: identifier + id: 16 + range: 5:1 - 5:2 + content: x + - type: '"="' + id: 17 + range: 5:3 - 5:4 + - type: string + id: 18 + range: 5:5 - 5:8 + dataflow_sources: + - 19 + - 20 + - 21 + children: + - type: '"""' + id: 19 + range: 5:5 - 5:6 + - type: string_content + id: 20 + range: 5:6 - 5:7 + content: a + - type: '"""' + id: 21 + range: 5:7 - 5:8 + - type: string + id: 22 + range: 6:1 - 6:9 + dataflow_sources: + - 23 + - 24 + - 28 + - 29 + children: + - type: '"""' + id: 23 + range: 6:1 - 6:2 + - type: interpolation + id: 24 + range: 6:2 - 6:6 + dataflow_sources: + - 25 + - 26 + - 27 + children: + - type: '"#{"' + id: 25 + range: 6:2 - 6:4 + - type: identifier + id: 26 + range: 6:4 - 6:5 + content: x + alias_of: + - 15 + - type: '"}"' + id: 27 + range: 6:5 - 6:6 + - type: string_content + id: 28 + range: 6:6 - 6:8 + content: ' b' + - type: '"""' + id: 29 + range: 6:8 - 6:9 + +- node: 1 + content: '"ab"' + data: + value: ab + isliteral: true +- node: 5 + content: '"a" + "b"' + data: + value: ab + isliteral: true +- node: 22 + content: '"#{x} b"' + data: + value: a b + isliteral: true +- node: 3 + content: ab + data: + value: ab + isliteral: true +- node: 6 + content: '"a"' + data: + value: a + isliteral: true +- node: 11 + content: '"b"' + data: + value: b + isliteral: true +- node: 18 + content: '"a"' + data: + value: a + isliteral: true +- node: 24 + content: '#{x}' + data: + value: a + isliteral: true +- node: 28 + content: ' b' + data: + value: ' b' + isliteral: true +- node: 8 + content: a + data: + value: a + isliteral: true +- node: 13 + content: b + data: + value: b + isliteral: true +- node: 20 + content: a + data: + value: a + isliteral: true + diff --git a/internal/languages/ruby/detectors/.snapshots/TestRubyStringDetector-string_non_literal b/internal/languages/ruby/detectors/.snapshots/TestRubyStringDetector-string_non_literal new file mode 100644 index 000000000..26edde4e9 --- /dev/null +++ b/internal/languages/ruby/detectors/.snapshots/TestRubyStringDetector-string_non_literal @@ -0,0 +1,109 @@ +type: program +id: 0 +range: 1:1 - 4:1 +dataflow_sources: + - 1 + - 8 +children: + - type: binary + id: 1 + range: 1:1 - 1:8 + dataflow_sources: + - 2 + - 6 + - 7 + children: + - type: string + id: 2 + range: 1:1 - 1:4 + dataflow_sources: + - 3 + - 4 + - 5 + children: + - type: '"""' + id: 3 + range: 1:1 - 1:2 + - type: string_content + id: 4 + range: 1:2 - 1:3 + content: a + - type: '"""' + id: 5 + range: 1:3 - 1:4 + - type: '"+"' + id: 6 + range: 1:5 - 1:6 + - type: identifier + id: 7 + range: 1:7 - 1:8 + content: x + - type: string + id: 8 + range: 3:1 - 3:9 + dataflow_sources: + - 9 + - 10 + - 14 + - 15 + children: + - type: '"""' + id: 9 + range: 3:1 - 3:2 + - type: interpolation + id: 10 + range: 3:2 - 3:6 + dataflow_sources: + - 11 + - 12 + - 13 + children: + - type: '"#{"' + id: 11 + range: 3:2 - 3:4 + - type: identifier + id: 12 + range: 3:4 - 3:5 + content: x + - type: '"}"' + id: 13 + range: 3:5 - 3:6 + - type: string_content + id: 14 + range: 3:6 - 3:8 + content: ' b' + - type: '"""' + id: 15 + range: 3:8 - 3:9 + +- node: 1 + content: '"a" + x' + data: + value: a* + isliteral: false +- node: 8 + content: '"#{x} b"' + data: + value: '* b' + isliteral: false +- node: 2 + content: '"a"' + data: + value: a + isliteral: true +- node: 10 + content: '#{x}' + data: + value: '*' + isliteral: false +- node: 14 + content: ' b' + data: + value: ' b' + isliteral: true +- node: 4 + content: a + data: + value: a + isliteral: true + diff --git a/new/detector/implementation/ruby/common/common.go b/internal/languages/ruby/detectors/common/common.go similarity index 55% rename from new/detector/implementation/ruby/common/common.go rename to internal/languages/ruby/detectors/common/common.go index 85e60472d..6730535dd 100644 --- a/new/detector/implementation/ruby/common/common.go +++ b/internal/languages/ruby/detectors/common/common.go @@ -1,6 +1,6 @@ package common -import "github.com/bearer/bearer/new/language/tree" +import "github.com/bearer/bearer/internal/scanner/ast/tree" func GetLiteralKey(keyNode *tree.Node) string { switch keyNode.Type() { @@ -9,8 +9,8 @@ func GetLiteralKey(keyNode *tree.Node) string { case "simple_symbol": return keyNode.Content()[1:] case "string": - if keyNode.NamedChildCount() == 1 && keyNode.Child(1).Type() == "string_content" { - return keyNode.Child(1).Content() + if len(keyNode.Children()) == 3 && keyNode.Children()[1].Type() == "string_content" { + return keyNode.Children()[1].Content() } } diff --git a/new/detector/implementation/ruby/ruby_test.go b/internal/languages/ruby/detectors/detectors_test.go similarity index 75% rename from new/detector/implementation/ruby/ruby_test.go rename to internal/languages/ruby/detectors/detectors_test.go index 820975bcd..dfe801937 100644 --- a/new/detector/implementation/ruby/ruby_test.go +++ b/internal/languages/ruby/detectors/detectors_test.go @@ -1,10 +1,10 @@ -package ruby_test +package detectors_test import ( "testing" - "github.com/bearer/bearer/new/detector/composition/ruby" - "github.com/bearer/bearer/new/detector/implementation/testhelper" + "github.com/bearer/bearer/internal/languages/ruby" + "github.com/bearer/bearer/internal/scanner/detectors/testhelper" ) func TestRubyObjectDetector(t *testing.T) { @@ -20,5 +20,5 @@ func TestRubyStringDetector(t *testing.T) { } func runTest(t *testing.T, name string, detectorType, fileName string) { - testhelper.RunTest(t, name, ruby.New, detectorType, fileName) + testhelper.RunTest(t, name, ruby.Get(), detectorType, fileName) } diff --git a/new/detector/implementation/ruby/object/object.go b/internal/languages/ruby/detectors/object/object.go similarity index 55% rename from new/detector/implementation/ruby/object/object.go rename to internal/languages/ruby/detectors/object/object.go index 84a366883..5ba27dfd6 100644 --- a/new/detector/implementation/ruby/object/object.go +++ b/internal/languages/ruby/detectors/object/object.go @@ -1,30 +1,30 @@ package object import ( - "github.com/bearer/bearer/new/detector/detection" - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/pkg/commands/process/settings" - - "github.com/bearer/bearer/new/detector/implementation/generic" - generictypes "github.com/bearer/bearer/new/detector/implementation/generic/types" - "github.com/bearer/bearer/new/detector/implementation/ruby/common" + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/ruleset" + + "github.com/bearer/bearer/internal/languages/ruby/detectors/common" + detectorscommon "github.com/bearer/bearer/internal/scanner/detectors/common" + "github.com/bearer/bearer/internal/scanner/detectors/types" ) type objectDetector struct { types.DetectorBase // Base - hashPairQuery *tree.Query - keywordArgumentQuery *tree.Query - classQuery *tree.Query + hashPairQuery *query.Query + keywordArgumentQuery *query.Query + classQuery *query.Query // Naming - assignmentQuery *tree.Query + assignmentQuery *query.Query // Projection - callsQuery *tree.Query - elementReferenceQuery *tree.Query + callsQuery *query.Query + elementReferenceQuery *query.Query } -func New(querySet *tree.QuerySet) (types.Detector, error) { +func New(querySet *query.Set) types.Detector { // { first_name: ..., ... } hashPairQuery := querySet.Add(`(hash (pair key: (_) @key value: (_) @value) @pair) @root`) @@ -61,54 +61,50 @@ func New(querySet *tree.QuerySet) (types.Detector, error) { classQuery: classQuery, callsQuery: callsQuery, elementReferenceQuery: elementReferenceQuery, - }, nil -} - -func (detector *objectDetector) Name() string { - return "object" + } } -func (detector *objectDetector) NestedDetections() bool { - return false +func (detector *objectDetector) Rule() *ruleset.Rule { + return ruleset.BuiltinObjectRule } func (detector *objectDetector) DetectAt( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { - detections, err := detector.getHash(node, evaluationState) + detections, err := detector.getHash(node, detectorContext) if len(detections) != 0 || err != nil { return detections, err } - detections, err = detector.getKeywordArgument(node, evaluationState) + detections, err = detector.getKeywordArgument(node, detectorContext) if len(detections) != 0 || err != nil { return detections, err } - detections, err = detector.getAssignment(node, evaluationState) + detections, err = detector.getAssignment(node, detectorContext) if len(detections) != 0 || err != nil { return detections, err } - detections, err = detector.getClass(node) + detections, err = detector.getClass(node, detectorContext) if len(detections) != 0 || err != nil { return detections, err } - return detector.getProjections(node, evaluationState) + return detector.getProjections(node, detectorContext) } func (detector *objectDetector) getHash( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { - results, err := detector.hashPairQuery.MatchAt(node) - if len(results) == 0 || err != nil { - return nil, err + results := detector.hashPairQuery.MatchAt(node) + if len(results) == 0 { + return nil, nil } - var properties []generictypes.Property + var properties []detectorscommon.Property for _, result := range results { pairNode := result["pair"] @@ -117,13 +113,13 @@ func (detector *objectDetector) getHash( continue } - propertyObjects, err := evaluationState.Evaluate(result["value"], "object", "", settings.NESTED_SCOPE, true) + propertyObjects, err := detectorContext.Scan(result["value"], ruleset.BuiltinObjectRule, traversalstrategy.Cursor) if err != nil { return nil, err } if len(propertyObjects) == 0 { - properties = append(properties, generictypes.Property{ + properties = append(properties, detectorscommon.Property{ Name: name, Node: pairNode, }) @@ -132,7 +128,7 @@ func (detector *objectDetector) getHash( } for _, propertyObject := range propertyObjects { - properties = append(properties, generictypes.Property{ + properties = append(properties, detectorscommon.Property{ Name: name, Node: pairNode, Object: propertyObject, @@ -140,12 +136,12 @@ func (detector *objectDetector) getHash( } } - return []interface{}{generictypes.Object{Properties: properties}}, nil + return []interface{}{detectorscommon.Object{Properties: properties}}, nil } func (detector *objectDetector) getKeywordArgument( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { result, err := detector.keywordArgumentQuery.MatchOnceAt(node) if result == nil || err != nil { @@ -157,50 +153,50 @@ func (detector *objectDetector) getKeywordArgument( return nil, nil } - propertyObjects, err := evaluationState.Evaluate(result["value"], "object", "", settings.NESTED_SCOPE, true) + propertyObjects, err := detectorContext.Scan(result["value"], ruleset.BuiltinObjectRule, traversalstrategy.Cursor) if err != nil { return nil, err } - var properties []generictypes.Property + var properties []detectorscommon.Property if len(propertyObjects) == 0 { - properties = append(properties, generictypes.Property{ + properties = append(properties, detectorscommon.Property{ Name: name, Node: node, }) } for _, propertyObject := range propertyObjects { - properties = append(properties, generictypes.Property{ + properties = append(properties, detectorscommon.Property{ Name: name, Node: node, Object: propertyObject, }) } - return []interface{}{generictypes.Object{Properties: properties}}, nil + return []interface{}{detectorscommon.Object{Properties: properties}}, nil } func (detector *objectDetector) getAssignment( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { result, err := detector.assignmentQuery.MatchOnceAt(node) if result == nil || err != nil { return nil, err } - valueObjects, err := generic.GetNonVirtualObjects(evaluationState, result["value"]) + valueObjects, err := detectorscommon.GetNonVirtualObjects(detectorContext, result["value"]) if err != nil { return nil, err } var objects []interface{} for _, object := range valueObjects { - objects = append(objects, generictypes.Object{ + objects = append(objects, detectorscommon.Object{ IsVirtual: true, - Properties: []generictypes.Property{{ + Properties: []detectorscommon.Property{{ Name: result["name"].Content(), Node: node, Object: object, @@ -211,15 +207,18 @@ func (detector *objectDetector) getAssignment( return objects, nil } -func (detector *objectDetector) getClass(node *tree.Node) ([]interface{}, error) { - results, err := detector.classQuery.MatchAt(node) - if len(results) == 0 || err != nil { - return nil, err +func (detector *objectDetector) getClass( + node *tree.Node, + detectorContext types.Context, +) ([]interface{}, error) { + results := detector.classQuery.MatchAt(node) + if len(results) == 0 { + return nil, nil } className := results[0]["class_name"].Content() - var properties []generictypes.Property + var properties []detectorscommon.Property for _, result := range results { nameNode := result["name"] name := nameNode.Content() @@ -229,26 +228,23 @@ func (detector *objectDetector) getClass(node *tree.Node) ([]interface{}, error) } if name != "initialize" { - properties = append(properties, generictypes.Property{ + properties = append(properties, detectorscommon.Property{ Name: name, Node: nameNode, }) } } - return []interface{}{generictypes.Object{ - Properties: []generictypes.Property{{ + return []interface{}{detectorscommon.Object{ + Properties: []detectorscommon.Property{{ Name: className, - Object: &detection.Detection{ - DetectorType: "object", - MatchNode: node, - Data: generictypes.Object{ + Object: &types.Detection{ + RuleID: ruleset.BuiltinObjectRule.ID(), + MatchNode: node, + Data: detectorscommon.Object{ Properties: properties, }, }, }}, }}, nil } - -func (detector *objectDetector) Close() { -} diff --git a/new/detector/implementation/ruby/object/projection.go b/internal/languages/ruby/detectors/object/projection.go similarity index 72% rename from new/detector/implementation/ruby/object/projection.go rename to internal/languages/ruby/detectors/object/projection.go index e48de4352..266a16905 100644 --- a/new/detector/implementation/ruby/object/projection.go +++ b/internal/languages/ruby/detectors/object/projection.go @@ -1,15 +1,16 @@ package object import ( - "github.com/bearer/bearer/new/detector/implementation/generic" - "github.com/bearer/bearer/new/detector/implementation/ruby/common" - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" + "github.com/bearer/bearer/internal/scanner/ast/tree" + + "github.com/bearer/bearer/internal/languages/ruby/detectors/common" + detectorscommon "github.com/bearer/bearer/internal/scanner/detectors/common" + "github.com/bearer/bearer/internal/scanner/detectors/types" ) func (detector *objectDetector) getProjections( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { result, err := detector.callsQuery.MatchOnceAt(node) if err != nil { @@ -18,14 +19,15 @@ func (detector *objectDetector) getProjections( if result != nil { receiverNode := result["receiver"] + astReceiverNode := receiverNode - objects, err := generic.ProjectObject( + objects, err := detectorscommon.ProjectObject( node, - evaluationState, - receiverNode, - getObjectName(receiverNode), + detectorContext, + astReceiverNode, + getObjectName(astReceiverNode), result["method"].Content(), - getIsPropertyAccess(receiverNode), + getIsPropertyAccess(astReceiverNode), ) if err != nil { return nil, err @@ -46,9 +48,9 @@ func (detector *objectDetector) getProjections( return nil, nil } - objects, err := generic.ProjectObject( + objects, err := detectorscommon.ProjectObject( node, - evaluationState, + detectorContext, objectNode, getObjectName(objectNode), propertyName, @@ -89,7 +91,7 @@ func getObjectName(objectNode *tree.Node) string { } func getElementProperty(node *tree.Node) string { - return common.GetLiteralKey(node.NamedChild(1)) + return common.GetLiteralKey(node.Children()[2]) } func getIsPropertyAccess(objectNode *tree.Node) bool { diff --git a/internal/languages/ruby/detectors/string/string.go b/internal/languages/ruby/detectors/string/string.go new file mode 100644 index 000000000..972d62e34 --- /dev/null +++ b/internal/languages/ruby/detectors/string/string.go @@ -0,0 +1,47 @@ +package string + +import ( + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/ruleset" + + "github.com/bearer/bearer/internal/scanner/detectors/common" + "github.com/bearer/bearer/internal/scanner/detectors/types" +) + +type stringDetector struct { + types.DetectorBase +} + +func New(querySet *query.Set) types.Detector { + return &stringDetector{} +} + +func (detector *stringDetector) Rule() *ruleset.Rule { + return ruleset.BuiltinStringRule +} + +func (detector *stringDetector) DetectAt( + node *tree.Node, + detectorContext types.Context, +) ([]interface{}, error) { + switch node.Type() { + case "string_content": + return []interface{}{common.String{ + Value: node.Content(), + IsLiteral: true, + }}, nil + case "interpolation", "string": + return common.ConcatenateChildStrings(node, detectorContext) + case "binary": + if node.Children()[1].Content() == "+" { + return common.ConcatenateChildStrings(node, detectorContext) + } + case "operator_assignment": + if node.Children()[1].Content() == "+=" { + return common.ConcatenateAssignEquals(node, detectorContext) + } + } + + return nil, nil +} diff --git a/new/detector/implementation/ruby/testdata/object_class.rb b/internal/languages/ruby/detectors/testdata/object_class.rb similarity index 100% rename from new/detector/implementation/ruby/testdata/object_class.rb rename to internal/languages/ruby/detectors/testdata/object_class.rb diff --git a/new/detector/implementation/ruby/testdata/object_hash.rb b/internal/languages/ruby/detectors/testdata/object_hash.rb similarity index 100% rename from new/detector/implementation/ruby/testdata/object_hash.rb rename to internal/languages/ruby/detectors/testdata/object_hash.rb diff --git a/new/detector/implementation/ruby/testdata/object_projection.rb b/internal/languages/ruby/detectors/testdata/object_projection.rb similarity index 100% rename from new/detector/implementation/ruby/testdata/object_projection.rb rename to internal/languages/ruby/detectors/testdata/object_projection.rb diff --git a/new/detector/implementation/ruby/testdata/string_assign_eq.rb b/internal/languages/ruby/detectors/testdata/string_assign_eq.rb similarity index 100% rename from new/detector/implementation/ruby/testdata/string_assign_eq.rb rename to internal/languages/ruby/detectors/testdata/string_assign_eq.rb diff --git a/new/detector/implementation/ruby/testdata/string_literal.rb b/internal/languages/ruby/detectors/testdata/string_literal.rb similarity index 100% rename from new/detector/implementation/ruby/testdata/string_literal.rb rename to internal/languages/ruby/detectors/testdata/string_literal.rb diff --git a/new/detector/implementation/ruby/testdata/string_non_literal.rb b/internal/languages/ruby/detectors/testdata/string_non_literal.rb similarity index 100% rename from new/detector/implementation/ruby/testdata/string_non_literal.rb rename to internal/languages/ruby/detectors/testdata/string_non_literal.rb diff --git a/internal/languages/ruby/pattern/pattern.go b/internal/languages/ruby/pattern/pattern.go new file mode 100644 index 000000000..e661c74c8 --- /dev/null +++ b/internal/languages/ruby/pattern/pattern.go @@ -0,0 +1,199 @@ +package pattern + +import ( + "fmt" + "regexp" + "slices" + "strings" + + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/util/regex" + + "github.com/bearer/bearer/internal/scanner/language" +) + +var ( + // $ or $ or $ + patternQueryVariableRegex = regexp.MustCompile(`\$<(?P[^>:!\.]+)(?::(?P[^>]+))?>`) + matchNodeRegex = regexp.MustCompile(`\$`) + ellipsisRegex = regexp.MustCompile(`\$<\.\.\.>`) + + anonymousPatternNodeParentTypes = []string{"binary"} + patternMatchNodeContainerTypes = []string{"argument_list", "keyword_parameter", "optional_parameter"} + unanchoredPatternNodeTypes = []string{"pair", "keyword_parameter"} + allowedPatternQueryTypes = []string{"identifier", "constant", "_", "call", "simple_symbol"} + + classPatternErrorRegex = regexp.MustCompile(`\Aclass\s*\z`) +) + +type Pattern struct { + language.PatternBase +} + +func (*Pattern) ExtractVariables(input string) (string, []language.PatternVariable, error) { + nameIndex := patternQueryVariableRegex.SubexpIndex("name") + typesIndex := patternQueryVariableRegex.SubexpIndex("types") + i := 0 + + var params []language.PatternVariable + + replaced, err := regex.ReplaceAllWithSubmatches(patternQueryVariableRegex, input, func(submatches []string) (string, error) { + nodeTypes := strings.Split(submatches[typesIndex], "|") + if nodeTypes[0] == "" { + nodeTypes = []string{"_"} + } + + for _, nodeType := range nodeTypes { + if !slices.Contains(allowedPatternQueryTypes, nodeType) { + return "", fmt.Errorf("invalid node type '%s' in pattern query", nodeType) + } + } + + dummyValue := produceDummyValue(i, nodeTypes[0]) + + params = append(params, language.PatternVariable{ + Name: submatches[nameIndex], + NodeTypes: nodeTypes, + DummyValue: dummyValue, + }) + + i += 1 + + return dummyValue, nil + }) + + if err != nil { + return "", nil, err + } + + return replaced, params, nil +} + +func (*Pattern) FindMatchNode(input []byte) [][]int { + return matchNodeRegex.FindAllIndex(input, -1) +} + +func (*Pattern) FindUnanchoredPoints(input []byte) [][]int { + return ellipsisRegex.FindAllIndex(input, -1) +} + +func produceDummyValue(i int, nodeType string) string { + return "curioVar" + fmt.Sprint(i) +} + +func (*Pattern) LeafContentTypes() []string { + return []string{ + // identifiers + "identifier", "constant", + // datatypes/literals + "number", "string_content", "integer", "float", "boolean", "nil", "simple_symbol", "hash_key_symbol", + } +} + +func (*Pattern) AnonymousParentTypes() []string { + return anonymousPatternNodeParentTypes +} + +func (*Pattern) ContainerTypes() []string { + return patternMatchNodeContainerTypes +} + +func (*Pattern) IsAnchored(node *tree.Node) (bool, bool) { + if slices.Contains(unanchoredPatternNodeTypes, node.Type()) { + return false, false + } + + parent := node.Parent() + if parent == nil { + return true, true + } + + // Class body + if parent.Type() == "class" { + if node == parent.ChildByFieldName("name") { + return true, false + } + + return false, false + } + + // Block body + if parent.Type() == "do_block" || parent.Type() == "block" { + if node == parent.ChildByFieldName("parameters") { + return true, false + } + + return false, false + } + + // Method body + if parent.Type() == "method" { + if node == parent.ChildByFieldName("name") || node == parent.ChildByFieldName("parameters") { + return true, false + } + + return false, false + } + + // Conditional body + if parent.Type() == "then" { + return false, false + } + + if (parent.Type() == "if" || parent.Type() == "elsif" || parent.Type() == "unless") && + node == parent.ChildByFieldName("condition") { + return true, false + } + + return true, true +} + +func (*Pattern) NodeTypes(node *tree.Node) []string { + parent := node.Parent() + + // Make these equivalent: + // key: value + // :key => value + if parent != nil && + parent.Type() == "pair" && + node == parent.ChildByFieldName("key") && + (node.Type() == "hash_key_symbol" || node.Type() == "simple_symbol") { + return []string{"hash_key_symbol", "simple_symbol"} + } + + // Make these equivalent: + // call do ... end + // call { ... } + if node.Type() == "block" || node.Type() == "do_block" { + return []string{"block", "do_block"} + } + + return []string{node.Type()} +} + +func (*Pattern) TranslateContent(fromNodeType, toNodeType, content string) string { + if fromNodeType == "hash_key_symbol" && toNodeType == "simple_symbol" { + return ":" + content + } + + if fromNodeType == "simple_symbol" && toNodeType == "hash_key_symbol" { + return content[1:] + } + + return content +} + +func (*Pattern) FixupVariableDummyValue(input []byte, node *tree.Node, dummyValue string) string { + for ancestor := node.Parent(); ancestor != nil; ancestor = ancestor.Parent() { + if ancestor.Type() != "ERROR" { + continue + } + + errorPrefix := input[ancestor.ContentStart.Byte:node.ContentStart.Byte] + if classPatternErrorRegex.Match(errorPrefix) { + return strings.ToUpper(string(dummyValue[0])) + dummyValue[1:] + } + } + + return dummyValue +} diff --git a/internal/languages/ruby/ruby.go b/internal/languages/ruby/ruby.go new file mode 100644 index 000000000..cce31f392 --- /dev/null +++ b/internal/languages/ruby/ruby.go @@ -0,0 +1,59 @@ +package ruby + +import ( + sitter "github.com/smacker/go-tree-sitter" + "github.com/smacker/go-tree-sitter/ruby" + + "github.com/bearer/bearer/internal/classification/schema" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/tree" + detectortypes "github.com/bearer/bearer/internal/scanner/detectors/types" + + "github.com/bearer/bearer/internal/languages/ruby/analyzer" + "github.com/bearer/bearer/internal/languages/ruby/detectors/object" + stringdetector "github.com/bearer/bearer/internal/languages/ruby/detectors/string" + "github.com/bearer/bearer/internal/languages/ruby/pattern" + "github.com/bearer/bearer/internal/scanner/detectors/datatype" + "github.com/bearer/bearer/internal/scanner/detectors/insecureurl" + "github.com/bearer/bearer/internal/scanner/detectors/stringliteral" + "github.com/bearer/bearer/internal/scanner/language" +) + +type implementation struct { + pattern pattern.Pattern +} + +func Get() language.Language { + return &implementation{} +} + +func (*implementation) ID() string { + return "ruby" +} + +func (*implementation) EnryLanguages() []string { + return []string{"Ruby"} +} + +func (*implementation) NewBuiltInDetectors(schemaClassifier *schema.Classifier, querySet *query.Set) []detectortypes.Detector { + return []detectortypes.Detector{ + object.New(querySet), + datatype.New(detectors.DetectorRuby, schemaClassifier), + stringdetector.New(querySet), + stringliteral.New(querySet), + insecureurl.New(querySet), + } +} + +func (*implementation) SitterLanguage() *sitter.Language { + return ruby.GetLanguage() +} + +func (language *implementation) Pattern() language.Pattern { + return &language.pattern +} + +func (*implementation) NewAnalyzer(builder *tree.Builder) language.Analyzer { + return analyzer.New(builder) +} diff --git a/new/detector/composition/ruby/ruby_test.go b/internal/languages/ruby/ruby_test.go similarity index 91% rename from new/detector/composition/ruby/ruby_test.go rename to internal/languages/ruby/ruby_test.go index 94e0425a3..3e8d6e03e 100644 --- a/new/detector/composition/ruby/ruby_test.go +++ b/internal/languages/ruby/ruby_test.go @@ -4,7 +4,7 @@ import ( _ "embed" "testing" - "github.com/bearer/bearer/new/detector/composition/testhelper" + "github.com/bearer/bearer/internal/languages/testhelper" ) //go:embed testdata/rule.yml diff --git a/new/detector/composition/ruby/testdata/pattern_variables/main.rb b/internal/languages/ruby/testdata/pattern_variables/main.rb similarity index 100% rename from new/detector/composition/ruby/testdata/pattern_variables/main.rb rename to internal/languages/ruby/testdata/pattern_variables/main.rb diff --git a/new/detector/composition/ruby/testdata/pattern_variables_rule.yml b/internal/languages/ruby/testdata/pattern_variables_rule.yml similarity index 100% rename from new/detector/composition/ruby/testdata/pattern_variables_rule.yml rename to internal/languages/ruby/testdata/pattern_variables_rule.yml diff --git a/new/detector/composition/ruby/testdata/rule.yml b/internal/languages/ruby/testdata/rule.yml similarity index 100% rename from new/detector/composition/ruby/testdata/rule.yml rename to internal/languages/ruby/testdata/rule.yml diff --git a/new/detector/composition/ruby/testdata/scope/scope.rb b/internal/languages/ruby/testdata/scope/scope.rb similarity index 66% rename from new/detector/composition/ruby/testdata/scope/scope.rb rename to internal/languages/ruby/testdata/scope/scope.rb index 43932cac0..759f37327 100644 --- a/new/detector/composition/ruby/testdata/scope/scope.rb +++ b/internal/languages/ruby/testdata/scope/scope.rb @@ -1,11 +1,14 @@ scope_cursor(params[:oops]) -scope_cursor(x ? params[:ok] : y) +scope_cursor(params[:ok] + x) +scope_cursor(x ? params[:oops] : y) scope_cursor(params[:ok] ? x : y) scope_nested(params[:oops]) +scope_nested(params[:oops] + x) scope_nested(x ? params[:oops] : y) scope_nested(params[:oops] ? x : y) scope_result(params[:oops]) +scope_result(params[:oops] + x) scope_result(x ? params[:oops] : y) scope_result(params[:ok] ? x : y) diff --git a/new/detector/composition/ruby/testdata/scope_rule.yml b/internal/languages/ruby/testdata/scope_rule.yml similarity index 100% rename from new/detector/composition/ruby/testdata/scope_rule.yml rename to internal/languages/ruby/testdata/scope_rule.yml diff --git a/new/detector/composition/ruby/testdata/testcases/call.rb b/internal/languages/ruby/testdata/testcases/call.rb similarity index 100% rename from new/detector/composition/ruby/testdata/testcases/call.rb rename to internal/languages/ruby/testdata/testcases/call.rb diff --git a/new/detector/composition/ruby/testdata/testcases/insecure-url.rb b/internal/languages/ruby/testdata/testcases/insecure-url.rb similarity index 100% rename from new/detector/composition/ruby/testdata/testcases/insecure-url.rb rename to internal/languages/ruby/testdata/testcases/insecure-url.rb diff --git a/new/detector/composition/ruby/testdata/testcases/object-variable-reconciliation.rb b/internal/languages/ruby/testdata/testcases/object-variable-reconciliation.rb similarity index 100% rename from new/detector/composition/ruby/testdata/testcases/object-variable-reconciliation.rb rename to internal/languages/ruby/testdata/testcases/object-variable-reconciliation.rb diff --git a/new/detector/composition/ruby/testdata/testcases/object.rb b/internal/languages/ruby/testdata/testcases/object.rb similarity index 100% rename from new/detector/composition/ruby/testdata/testcases/object.rb rename to internal/languages/ruby/testdata/testcases/object.rb diff --git a/new/detector/composition/testhelper/testhelper.go b/internal/languages/testhelper/testhelper.go similarity index 86% rename from new/detector/composition/testhelper/testhelper.go rename to internal/languages/testhelper/testhelper.go index 9d18f1d52..018d69423 100644 --- a/new/detector/composition/testhelper/testhelper.go +++ b/internal/languages/testhelper/testhelper.go @@ -12,17 +12,17 @@ import ( "github.com/rs/zerolog" "gopkg.in/yaml.v3" - "github.com/bearer/bearer/pkg/commands" - "github.com/bearer/bearer/pkg/commands/process/filelist" - "github.com/bearer/bearer/pkg/commands/process/filelist/files" - "github.com/bearer/bearer/pkg/commands/process/orchestrator/work" - "github.com/bearer/bearer/pkg/commands/process/orchestrator/worker" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/flag" - "github.com/bearer/bearer/pkg/report/output" - "github.com/bearer/bearer/pkg/types" - util "github.com/bearer/bearer/pkg/util/output" - "github.com/bearer/bearer/pkg/version_check" + "github.com/bearer/bearer/internal/commands" + "github.com/bearer/bearer/internal/commands/process/filelist" + "github.com/bearer/bearer/internal/commands/process/filelist/files" + "github.com/bearer/bearer/internal/commands/process/orchestrator/work" + "github.com/bearer/bearer/internal/commands/process/orchestrator/worker" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/report/output" + "github.com/bearer/bearer/internal/types" + util "github.com/bearer/bearer/internal/util/output" + "github.com/bearer/bearer/internal/version_check" ) type Runner struct { diff --git a/pkg/parser/context/finder.go b/internal/parser/context/finder.go similarity index 95% rename from pkg/parser/context/finder.go rename to internal/parser/context/finder.go index 916ab5ae8..23d93bca5 100644 --- a/pkg/parser/context/finder.go +++ b/internal/parser/context/finder.go @@ -1,8 +1,8 @@ package context import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report/variables" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report/variables" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/parser/context/resolver.go b/internal/parser/context/resolver.go similarity index 93% rename from pkg/parser/context/resolver.go rename to internal/parser/context/resolver.go index 0f537e312..d2222cec1 100644 --- a/pkg/parser/context/resolver.go +++ b/internal/parser/context/resolver.go @@ -4,8 +4,8 @@ import ( "errors" "fmt" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report/variables" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report/variables" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/parser/custom/custom.go b/internal/parser/custom/custom.go similarity index 82% rename from pkg/parser/custom/custom.go rename to internal/parser/custom/custom.go index 69e46190f..8a94a0fc3 100644 --- a/pkg/parser/custom/custom.go +++ b/internal/parser/custom/custom.go @@ -1,11 +1,11 @@ package custom import ( - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/detectors/custom/config" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/detectors/custom/config" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema/datatype" ) type Detector interface { diff --git a/pkg/parser/datatype/datatype.go b/internal/parser/datatype/datatype.go similarity index 94% rename from pkg/parser/datatype/datatype.go rename to internal/parser/datatype/datatype.go index 3d90e8e53..bcecf2c34 100644 --- a/pkg/parser/datatype/datatype.go +++ b/internal/parser/datatype/datatype.go @@ -3,8 +3,8 @@ package datatype import ( "errors" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report/schema/datatype" ) type Finder struct { diff --git a/pkg/parser/datatype/merge.go b/internal/parser/datatype/merge.go similarity index 97% rename from pkg/parser/datatype/merge.go rename to internal/parser/datatype/merge.go index a7e15b3c7..b1a3fd4d5 100644 --- a/pkg/parser/datatype/merge.go +++ b/internal/parser/datatype/merge.go @@ -1,7 +1,7 @@ package datatype import ( - "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/report/schema/datatype" ) // MergeDatatypesByPropertyNames iterates trough source properties and adds missing datatypes from enrichment diff --git a/pkg/parser/datatype/parented_by.go b/internal/parser/datatype/parented_by.go similarity index 85% rename from pkg/parser/datatype/parented_by.go rename to internal/parser/datatype/parented_by.go index cec0e27a7..6d4c07c6a 100644 --- a/pkg/parser/datatype/parented_by.go +++ b/internal/parser/datatype/parented_by.go @@ -1,6 +1,6 @@ package datatype -import "github.com/bearer/bearer/pkg/parser" +import "github.com/bearer/bearer/internal/parser" // IsParentedByNodeID checks if her or any of her parents have a given nodeID func IsParentedByNodeID(nodeID parser.NodeID, node *parser.Node) bool { diff --git a/pkg/parser/datatype/property_finder.go b/internal/parser/datatype/property_finder.go similarity index 90% rename from pkg/parser/datatype/property_finder.go rename to internal/parser/datatype/property_finder.go index b29e7e056..b9288d94b 100644 --- a/pkg/parser/datatype/property_finder.go +++ b/internal/parser/datatype/property_finder.go @@ -1,8 +1,8 @@ package datatype import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report/schema/datatype" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/parser/datatype/scope.go b/internal/parser/datatype/scope.go similarity index 96% rename from pkg/parser/datatype/scope.go rename to internal/parser/datatype/scope.go index 3e4fdf31b..85b13df4f 100644 --- a/pkg/parser/datatype/scope.go +++ b/internal/parser/datatype/scope.go @@ -3,9 +3,9 @@ package datatype import ( "sort" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/schema/datatype" ) type Scope struct { diff --git a/pkg/parser/datatype/variable_reconciliation.go b/internal/parser/datatype/variable_reconciliation.go similarity index 93% rename from pkg/parser/datatype/variable_reconciliation.go rename to internal/parser/datatype/variable_reconciliation.go index 32e980873..7b4baeb03 100644 --- a/pkg/parser/datatype/variable_reconciliation.go +++ b/internal/parser/datatype/variable_reconciliation.go @@ -1,8 +1,8 @@ package datatype import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report/schema/datatype" ) type ReconciliationRequest struct { diff --git a/pkg/parser/golang_util/golang_util.go b/internal/parser/golang_util/golang_util.go similarity index 96% rename from pkg/parser/golang_util/golang_util.go rename to internal/parser/golang_util/golang_util.go index fbd19b0b6..e33fea905 100644 --- a/pkg/parser/golang_util/golang_util.go +++ b/internal/parser/golang_util/golang_util.go @@ -6,7 +6,7 @@ import ( "github.com/smacker/go-tree-sitter/golang" - "github.com/bearer/bearer/pkg/parser" + "github.com/bearer/bearer/internal/parser" ) var ( diff --git a/pkg/parser/interfacedetector/interfaces.go b/internal/parser/interfacedetector/interfaces.go similarity index 79% rename from pkg/parser/interfacedetector/interfaces.go rename to internal/parser/interfacedetector/interfaces.go index 32306dd2b..b7df50a56 100644 --- a/pkg/parser/interfacedetector/interfaces.go +++ b/internal/parser/interfacedetector/interfaces.go @@ -1,14 +1,14 @@ package interfacedetector import ( - "github.com/bearer/bearer/pkg/parser" - parsercontext "github.com/bearer/bearer/pkg/parser/context" - "github.com/bearer/bearer/pkg/parser/interfaces" - "github.com/bearer/bearer/pkg/report" - reportinterface "github.com/bearer/bearer/pkg/report/interfaces" + "github.com/bearer/bearer/internal/parser" + parsercontext "github.com/bearer/bearer/internal/parser/context" + "github.com/bearer/bearer/internal/parser/interfaces" + "github.com/bearer/bearer/internal/report" + reportinterface "github.com/bearer/bearer/internal/report/interfaces" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/values" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/values" ) type Request struct { diff --git a/pkg/parser/interfaces/interfaces.go b/internal/parser/interfaces/interfaces.go similarity index 71% rename from pkg/parser/interfaces/interfaces.go rename to internal/parser/interfaces/interfaces.go index 43676b531..8cff02214 100644 --- a/pkg/parser/interfaces/interfaces.go +++ b/internal/parser/interfaces/interfaces.go @@ -1,10 +1,10 @@ package interfaces import ( - "github.com/bearer/bearer/pkg/parser/interfaces/paths" - "github.com/bearer/bearer/pkg/parser/interfaces/urls" - "github.com/bearer/bearer/pkg/report/interfaces" - "github.com/bearer/bearer/pkg/report/values" + "github.com/bearer/bearer/internal/parser/interfaces/paths" + "github.com/bearer/bearer/internal/parser/interfaces/urls" + "github.com/bearer/bearer/internal/report/interfaces" + "github.com/bearer/bearer/internal/report/values" ) func KeyIsRelevant(key string) bool { diff --git a/pkg/parser/interfaces/paths/paths.go b/internal/parser/interfaces/paths/paths.go similarity index 88% rename from pkg/parser/interfaces/paths/paths.go rename to internal/parser/interfaces/paths/paths.go index 5b71fef88..f551cfa86 100644 --- a/pkg/parser/interfaces/paths/paths.go +++ b/internal/parser/interfaces/paths/paths.go @@ -5,9 +5,9 @@ import ( "regexp" "strings" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/util/normalize_key" - "github.com/bearer/bearer/pkg/util/regex" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/util/normalize_key" + "github.com/bearer/bearer/internal/util/regex" ) var ( diff --git a/pkg/parser/interfaces/urls/urls.go b/internal/parser/interfaces/urls/urls.go similarity index 92% rename from pkg/parser/interfaces/urls/urls.go rename to internal/parser/interfaces/urls/urls.go index 17137a5c1..b9755b2ca 100644 --- a/pkg/parser/interfaces/urls/urls.go +++ b/internal/parser/interfaces/urls/urls.go @@ -4,10 +4,10 @@ import ( "regexp" "strings" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/report/variables" - "github.com/bearer/bearer/pkg/util/normalize_key" - "github.com/bearer/bearer/pkg/util/regex" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/report/variables" + "github.com/bearer/bearer/internal/util/normalize_key" + "github.com/bearer/bearer/internal/util/regex" "golang.org/x/net/publicsuffix" ) diff --git a/pkg/parser/interfaces/urls/urls_test.go b/internal/parser/interfaces/urls/urls_test.go similarity index 91% rename from pkg/parser/interfaces/urls/urls_test.go rename to internal/parser/interfaces/urls/urls_test.go index 48f5558b0..9df4bdb31 100644 --- a/pkg/parser/interfaces/urls/urls_test.go +++ b/internal/parser/interfaces/urls/urls_test.go @@ -5,9 +5,9 @@ import ( "github.com/stretchr/testify/assert" - "github.com/bearer/bearer/pkg/parser/interfaces/urls" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/report/variables" + "github.com/bearer/bearer/internal/parser/interfaces/urls" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/report/variables" ) func TestValueIsRelevant(t *testing.T) { diff --git a/pkg/parser/nodeid/nodeid.go b/internal/parser/nodeid/nodeid.go similarity index 95% rename from pkg/parser/nodeid/nodeid.go rename to internal/parser/nodeid/nodeid.go index 531bae9ca..6ffabcc98 100644 --- a/pkg/parser/nodeid/nodeid.go +++ b/internal/parser/nodeid/nodeid.go @@ -3,7 +3,7 @@ package nodeid import ( "strconv" - "github.com/bearer/bearer/pkg/parser" + "github.com/bearer/bearer/internal/parser" "github.com/google/uuid" ) diff --git a/pkg/parser/parser.go b/internal/parser/parser.go similarity index 98% rename from pkg/parser/parser.go rename to internal/parser/parser.go index 8182ea627..df31fff80 100644 --- a/pkg/parser/parser.go +++ b/internal/parser/parser.go @@ -9,10 +9,10 @@ import ( "github.com/rs/zerolog/log" - "github.com/bearer/bearer/pkg/report/source" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/stringutil" + "github.com/bearer/bearer/internal/report/source" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/stringutil" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/parser/schema/fieldId.go b/internal/parser/schema/fieldId.go similarity index 81% rename from pkg/parser/schema/fieldId.go rename to internal/parser/schema/fieldId.go index fdc23b5a8..d918ece1e 100644 --- a/pkg/parser/schema/fieldId.go +++ b/internal/parser/schema/fieldId.go @@ -1,8 +1,8 @@ package schema import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" ) type UUIDHolder struct { diff --git a/pkg/parser/schema/schema.go b/internal/parser/schema/schema.go similarity index 90% rename from pkg/parser/schema/schema.go rename to internal/parser/schema/schema.go index 16a7cfe22..af80639ed 100644 --- a/pkg/parser/schema/schema.go +++ b/internal/parser/schema/schema.go @@ -1,9 +1,9 @@ package schema import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/report/values" - "github.com/bearer/bearer/pkg/report/variables" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/report/values" + "github.com/bearer/bearer/internal/report/variables" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/parser/sitter/config_variables/binding.go b/internal/parser/sitter/config_variables/binding.go similarity index 100% rename from pkg/parser/sitter/config_variables/binding.go rename to internal/parser/sitter/config_variables/binding.go diff --git a/pkg/parser/sitter/config_variables/binding_test.go b/internal/parser/sitter/config_variables/binding_test.go similarity index 94% rename from pkg/parser/sitter/config_variables/binding_test.go rename to internal/parser/sitter/config_variables/binding_test.go index 49c372218..9e6372eea 100644 --- a/pkg/parser/sitter/config_variables/binding_test.go +++ b/internal/parser/sitter/config_variables/binding_test.go @@ -6,7 +6,7 @@ import ( "github.com/stretchr/testify/assert" - "github.com/bearer/bearer/pkg/parser/sitter/config_variables" + "github.com/bearer/bearer/internal/parser/sitter/config_variables" sitter "github.com/smacker/go-tree-sitter" ) diff --git a/pkg/parser/sitter/config_variables/grammar.js b/internal/parser/sitter/config_variables/grammar.js similarity index 100% rename from pkg/parser/sitter/config_variables/grammar.js rename to internal/parser/sitter/config_variables/grammar.js diff --git a/pkg/parser/sitter/config_variables/parser.c b/internal/parser/sitter/config_variables/parser.c similarity index 100% rename from pkg/parser/sitter/config_variables/parser.c rename to internal/parser/sitter/config_variables/parser.c diff --git a/pkg/parser/sitter/config_variables/parser.h b/internal/parser/sitter/config_variables/parser.h similarity index 100% rename from pkg/parser/sitter/config_variables/parser.h rename to internal/parser/sitter/config_variables/parser.h diff --git a/pkg/parser/sitter/config_variables/test/corpus/examples.txt b/internal/parser/sitter/config_variables/test/corpus/examples.txt similarity index 100% rename from pkg/parser/sitter/config_variables/test/corpus/examples.txt rename to internal/parser/sitter/config_variables/test/corpus/examples.txt diff --git a/pkg/parser/sitter/graphql/README.md b/internal/parser/sitter/graphql/README.md similarity index 100% rename from pkg/parser/sitter/graphql/README.md rename to internal/parser/sitter/graphql/README.md diff --git a/pkg/parser/sitter/graphql/binding.go b/internal/parser/sitter/graphql/binding.go similarity index 100% rename from pkg/parser/sitter/graphql/binding.go rename to internal/parser/sitter/graphql/binding.go diff --git a/pkg/parser/sitter/graphql/parser.c b/internal/parser/sitter/graphql/parser.c similarity index 100% rename from pkg/parser/sitter/graphql/parser.c rename to internal/parser/sitter/graphql/parser.c diff --git a/pkg/parser/sitter/graphql/tree_sitter/parser.h b/internal/parser/sitter/graphql/tree_sitter/parser.h similarity index 100% rename from pkg/parser/sitter/graphql/tree_sitter/parser.h rename to internal/parser/sitter/graphql/tree_sitter/parser.h diff --git a/pkg/parser/sitter/html2/binding.go b/internal/parser/sitter/html2/binding.go similarity index 100% rename from pkg/parser/sitter/html2/binding.go rename to internal/parser/sitter/html2/binding.go diff --git a/pkg/parser/sitter/html2/parser.c b/internal/parser/sitter/html2/parser.c similarity index 100% rename from pkg/parser/sitter/html2/parser.c rename to internal/parser/sitter/html2/parser.c diff --git a/pkg/parser/sitter/html2/readme.md b/internal/parser/sitter/html2/readme.md similarity index 100% rename from pkg/parser/sitter/html2/readme.md rename to internal/parser/sitter/html2/readme.md diff --git a/pkg/parser/sitter/html2/scanner.cc b/internal/parser/sitter/html2/scanner.cc similarity index 100% rename from pkg/parser/sitter/html2/scanner.cc rename to internal/parser/sitter/html2/scanner.cc diff --git a/pkg/parser/sitter/html2/tag.h b/internal/parser/sitter/html2/tag.h similarity index 100% rename from pkg/parser/sitter/html2/tag.h rename to internal/parser/sitter/html2/tag.h diff --git a/pkg/parser/sitter/html2/tree_sitter/parser.h b/internal/parser/sitter/html2/tree_sitter/parser.h similarity index 100% rename from pkg/parser/sitter/html2/tree_sitter/parser.h rename to internal/parser/sitter/html2/tree_sitter/parser.h diff --git a/pkg/parser/sitter/php2/binding.go b/internal/parser/sitter/php2/binding.go similarity index 100% rename from pkg/parser/sitter/php2/binding.go rename to internal/parser/sitter/php2/binding.go diff --git a/pkg/parser/sitter/php2/parser.c b/internal/parser/sitter/php2/parser.c similarity index 100% rename from pkg/parser/sitter/php2/parser.c rename to internal/parser/sitter/php2/parser.c diff --git a/pkg/parser/sitter/php2/scanner.cc b/internal/parser/sitter/php2/scanner.cc similarity index 100% rename from pkg/parser/sitter/php2/scanner.cc rename to internal/parser/sitter/php2/scanner.cc diff --git a/pkg/parser/sitter/php2/tree_sitter/parser.h b/internal/parser/sitter/php2/tree_sitter/parser.h similarity index 100% rename from pkg/parser/sitter/php2/tree_sitter/parser.h rename to internal/parser/sitter/php2/tree_sitter/parser.h diff --git a/pkg/parser/sitter/proto/README.md b/internal/parser/sitter/proto/README.md similarity index 100% rename from pkg/parser/sitter/proto/README.md rename to internal/parser/sitter/proto/README.md diff --git a/pkg/parser/sitter/proto/binding.go b/internal/parser/sitter/proto/binding.go similarity index 100% rename from pkg/parser/sitter/proto/binding.go rename to internal/parser/sitter/proto/binding.go diff --git a/pkg/parser/sitter/proto/binding_test.go b/internal/parser/sitter/proto/binding_test.go similarity index 97% rename from pkg/parser/sitter/proto/binding_test.go rename to internal/parser/sitter/proto/binding_test.go index c95a1742c..a9c6a98a9 100644 --- a/pkg/parser/sitter/proto/binding_test.go +++ b/internal/parser/sitter/proto/binding_test.go @@ -4,7 +4,7 @@ import ( "context" "testing" - "github.com/bearer/bearer/pkg/parser/sitter/proto" + "github.com/bearer/bearer/internal/parser/sitter/proto" "github.com/stretchr/testify/assert" sitter "github.com/smacker/go-tree-sitter" diff --git a/pkg/parser/sitter/proto/parser.c b/internal/parser/sitter/proto/parser.c similarity index 100% rename from pkg/parser/sitter/proto/parser.c rename to internal/parser/sitter/proto/parser.c diff --git a/pkg/parser/sitter/proto/tree_sitter/parser.h b/internal/parser/sitter/proto/tree_sitter/parser.h similarity index 100% rename from pkg/parser/sitter/proto/tree_sitter/parser.h rename to internal/parser/sitter/proto/tree_sitter/parser.h diff --git a/pkg/parser/sitter/sql/README.md b/internal/parser/sitter/sql/README.md similarity index 100% rename from pkg/parser/sitter/sql/README.md rename to internal/parser/sitter/sql/README.md diff --git a/pkg/parser/sitter/sql/binding.go b/internal/parser/sitter/sql/binding.go similarity index 100% rename from pkg/parser/sitter/sql/binding.go rename to internal/parser/sitter/sql/binding.go diff --git a/pkg/parser/sitter/sql/parser.c b/internal/parser/sitter/sql/parser.c similarity index 100% rename from pkg/parser/sitter/sql/parser.c rename to internal/parser/sitter/sql/parser.c diff --git a/pkg/parser/sitter/sql/scanner.cc b/internal/parser/sitter/sql/scanner.cc similarity index 100% rename from pkg/parser/sitter/sql/scanner.cc rename to internal/parser/sitter/sql/scanner.cc diff --git a/pkg/parser/sitter/sql/tree_sitter/parser.h b/internal/parser/sitter/sql/tree_sitter/parser.h similarity index 100% rename from pkg/parser/sitter/sql/tree_sitter/parser.h rename to internal/parser/sitter/sql/tree_sitter/parser.h diff --git a/pkg/parser/sitter/toml/binding.go b/internal/parser/sitter/toml/binding.go similarity index 100% rename from pkg/parser/sitter/toml/binding.go rename to internal/parser/sitter/toml/binding.go diff --git a/pkg/parser/sitter/toml/parser.c b/internal/parser/sitter/toml/parser.c similarity index 100% rename from pkg/parser/sitter/toml/parser.c rename to internal/parser/sitter/toml/parser.c diff --git a/pkg/parser/sitter/toml/readme.md b/internal/parser/sitter/toml/readme.md similarity index 100% rename from pkg/parser/sitter/toml/readme.md rename to internal/parser/sitter/toml/readme.md diff --git a/pkg/parser/sitter/toml/scanner.c b/internal/parser/sitter/toml/scanner.c similarity index 100% rename from pkg/parser/sitter/toml/scanner.c rename to internal/parser/sitter/toml/scanner.c diff --git a/pkg/parser/sitter/toml/tree_sitter/parser.h b/internal/parser/sitter/toml/tree_sitter/parser.h similarity index 100% rename from pkg/parser/sitter/toml/tree_sitter/parser.h rename to internal/parser/sitter/toml/tree_sitter/parser.h diff --git a/pkg/parser/sitter/xml2/binding.go b/internal/parser/sitter/xml2/binding.go similarity index 100% rename from pkg/parser/sitter/xml2/binding.go rename to internal/parser/sitter/xml2/binding.go diff --git a/pkg/parser/sitter/xml2/parser.c b/internal/parser/sitter/xml2/parser.c similarity index 100% rename from pkg/parser/sitter/xml2/parser.c rename to internal/parser/sitter/xml2/parser.c diff --git a/pkg/parser/sitter/xml2/readme.md b/internal/parser/sitter/xml2/readme.md similarity index 100% rename from pkg/parser/sitter/xml2/readme.md rename to internal/parser/sitter/xml2/readme.md diff --git a/pkg/parser/sitter/xml2/scanner.cc b/internal/parser/sitter/xml2/scanner.cc similarity index 100% rename from pkg/parser/sitter/xml2/scanner.cc rename to internal/parser/sitter/xml2/scanner.cc diff --git a/pkg/parser/sitter/xml2/tree_sitter/parser.h b/internal/parser/sitter/xml2/tree_sitter/parser.h similarity index 100% rename from pkg/parser/sitter/xml2/tree_sitter/parser.h rename to internal/parser/sitter/xml2/tree_sitter/parser.h diff --git a/pkg/report/basebranchfindings/basebranchfindings.go b/internal/report/basebranchfindings/basebranchfindings.go similarity index 88% rename from pkg/report/basebranchfindings/basebranchfindings.go rename to internal/report/basebranchfindings/basebranchfindings.go index 2bcf0a397..635a4a04c 100644 --- a/pkg/report/basebranchfindings/basebranchfindings.go +++ b/internal/report/basebranchfindings/basebranchfindings.go @@ -1,9 +1,10 @@ package basebranchfindings import ( - "github.com/bearer/bearer/pkg/commands/process/filelist/files" - "github.com/bearer/bearer/pkg/report/basebranchfindings/types" - "golang.org/x/exp/slices" + "slices" + + "github.com/bearer/bearer/internal/commands/process/filelist/files" + "github.com/bearer/bearer/internal/report/basebranchfindings/types" ) type key struct { diff --git a/pkg/report/basebranchfindings/basebranchfindings_test.go b/internal/report/basebranchfindings/basebranchfindings_test.go similarity index 94% rename from pkg/report/basebranchfindings/basebranchfindings_test.go rename to internal/report/basebranchfindings/basebranchfindings_test.go index 2b7fa3a40..06cba38d8 100644 --- a/pkg/report/basebranchfindings/basebranchfindings_test.go +++ b/internal/report/basebranchfindings/basebranchfindings_test.go @@ -5,8 +5,8 @@ import ( "github.com/stretchr/testify/assert" - "github.com/bearer/bearer/pkg/report/basebranchfindings" - "github.com/bearer/bearer/pkg/report/basebranchfindings/types" + "github.com/bearer/bearer/internal/report/basebranchfindings" + "github.com/bearer/bearer/internal/report/basebranchfindings/types" ) func TestLineRangeOverlap(t *testing.T) { diff --git a/pkg/report/basebranchfindings/chunks.go b/internal/report/basebranchfindings/chunks.go similarity index 96% rename from pkg/report/basebranchfindings/chunks.go rename to internal/report/basebranchfindings/chunks.go index a16661d5e..4514624d5 100644 --- a/pkg/report/basebranchfindings/chunks.go +++ b/internal/report/basebranchfindings/chunks.go @@ -1,6 +1,6 @@ package basebranchfindings -import "github.com/bearer/bearer/pkg/report/basebranchfindings/types" +import "github.com/bearer/bearer/internal/report/basebranchfindings/types" type chunk struct { ChangeType types.ChangeType diff --git a/pkg/report/basebranchfindings/types/types.go b/internal/report/basebranchfindings/types/types.go similarity index 100% rename from pkg/report/basebranchfindings/types/types.go rename to internal/report/basebranchfindings/types/types.go diff --git a/pkg/report/config/config.go b/internal/report/config/config.go similarity index 100% rename from pkg/report/config/config.go rename to internal/report/config/config.go diff --git a/pkg/report/customdetectors/customdetectors.go b/internal/report/customdetectors/customdetectors.go similarity index 100% rename from pkg/report/customdetectors/customdetectors.go rename to internal/report/customdetectors/customdetectors.go diff --git a/pkg/report/dependencies/dependencies.go b/internal/report/dependencies/dependencies.go similarity index 88% rename from pkg/report/dependencies/dependencies.go rename to internal/report/dependencies/dependencies.go index 4e411a821..a8c5f2d2a 100644 --- a/pkg/report/dependencies/dependencies.go +++ b/internal/report/dependencies/dependencies.go @@ -1,6 +1,6 @@ package dependencies -import "github.com/bearer/bearer/pkg/report/detectors" +import "github.com/bearer/bearer/internal/report/detectors" type Provider string diff --git a/pkg/report/detections/detections.go b/internal/report/detections/detections.go similarity index 94% rename from pkg/report/detections/detections.go rename to internal/report/detections/detections.go index 8220e67ff..3b03df5a0 100644 --- a/pkg/report/detections/detections.go +++ b/internal/report/detections/detections.go @@ -3,9 +3,9 @@ package detections import ( "time" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/frameworks" - "github.com/bearer/bearer/pkg/report/source" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/frameworks" + "github.com/bearer/bearer/internal/report/source" ) type DetectionType string diff --git a/pkg/report/detectors/detectors.go b/internal/report/detectors/detectors.go similarity index 100% rename from pkg/report/detectors/detectors.go rename to internal/report/detectors/detectors.go diff --git a/pkg/report/detectors/openapi.go b/internal/report/detectors/openapi.go similarity index 100% rename from pkg/report/detectors/openapi.go rename to internal/report/detectors/openapi.go diff --git a/pkg/report/domain/domain.go b/internal/report/domain/domain.go similarity index 100% rename from pkg/report/domain/domain.go rename to internal/report/domain/domain.go diff --git a/pkg/report/frameworks/beego/beego.go b/internal/report/frameworks/beego/beego.go similarity index 96% rename from pkg/report/frameworks/beego/beego.go rename to internal/report/frameworks/beego/beego.go index 75c45b14f..4fd4d5073 100644 --- a/pkg/report/frameworks/beego/beego.go +++ b/internal/report/frameworks/beego/beego.go @@ -1,7 +1,7 @@ package beego import ( - "github.com/bearer/bearer/pkg/report/frameworks" + "github.com/bearer/bearer/internal/report/frameworks" ) const TypeDatabase frameworks.Type = "database" diff --git a/pkg/report/frameworks/django/django.go b/internal/report/frameworks/django/django.go similarity index 92% rename from pkg/report/frameworks/django/django.go rename to internal/report/frameworks/django/django.go index 07c6acc73..bc13d81c5 100644 --- a/pkg/report/frameworks/django/django.go +++ b/internal/report/frameworks/django/django.go @@ -1,6 +1,6 @@ package django -import "github.com/bearer/bearer/pkg/report/frameworks" +import "github.com/bearer/bearer/internal/report/frameworks" const TypeDatabase frameworks.Type = "database" diff --git a/pkg/report/frameworks/dotnet/dotnet.go b/internal/report/frameworks/dotnet/dotnet.go similarity index 92% rename from pkg/report/frameworks/dotnet/dotnet.go rename to internal/report/frameworks/dotnet/dotnet.go index 93aa1e845..5b3b59d79 100644 --- a/pkg/report/frameworks/dotnet/dotnet.go +++ b/internal/report/frameworks/dotnet/dotnet.go @@ -1,7 +1,7 @@ package dotnet import ( - "github.com/bearer/bearer/pkg/report/frameworks" + "github.com/bearer/bearer/internal/report/frameworks" ) const TypeDatabase frameworks.Type = "database" diff --git a/pkg/report/frameworks/frameworks.go b/internal/report/frameworks/frameworks.go similarity index 100% rename from pkg/report/frameworks/frameworks.go rename to internal/report/frameworks/frameworks.go diff --git a/pkg/report/frameworks/knex/knex.go b/internal/report/frameworks/knex/knex.go similarity index 84% rename from pkg/report/frameworks/knex/knex.go rename to internal/report/frameworks/knex/knex.go index 628539631..1c7a1617d 100644 --- a/pkg/report/frameworks/knex/knex.go +++ b/internal/report/frameworks/knex/knex.go @@ -1,6 +1,6 @@ package knex -import "github.com/bearer/bearer/pkg/report/frameworks" +import "github.com/bearer/bearer/internal/report/frameworks" const TypeFunction frameworks.Type = "knex_function" const TypeSchema frameworks.Type = "knex_schema" diff --git a/pkg/report/frameworks/rails/rails.go b/internal/report/frameworks/rails/rails.go similarity index 97% rename from pkg/report/frameworks/rails/rails.go rename to internal/report/frameworks/rails/rails.go index d638672e7..60bfad430 100644 --- a/pkg/report/frameworks/rails/rails.go +++ b/internal/report/frameworks/rails/rails.go @@ -3,7 +3,7 @@ package rails import ( "strings" - "github.com/bearer/bearer/pkg/report/frameworks" + "github.com/bearer/bearer/internal/report/frameworks" ) const TypeCache frameworks.Type = "cache" diff --git a/pkg/report/frameworks/spring/spring.go b/internal/report/frameworks/spring/spring.go similarity index 94% rename from pkg/report/frameworks/spring/spring.go rename to internal/report/frameworks/spring/spring.go index 4916780ed..ea2aa21d5 100644 --- a/pkg/report/frameworks/spring/spring.go +++ b/internal/report/frameworks/spring/spring.go @@ -1,7 +1,7 @@ package spring import ( - "github.com/bearer/bearer/pkg/report/frameworks" + "github.com/bearer/bearer/internal/report/frameworks" ) const TypeDatabase frameworks.Type = "database" diff --git a/pkg/report/frameworks/symfony/symfony.go b/internal/report/frameworks/symfony/symfony.go similarity index 93% rename from pkg/report/frameworks/symfony/symfony.go rename to internal/report/frameworks/symfony/symfony.go index c7dd2d161..5959992b4 100644 --- a/pkg/report/frameworks/symfony/symfony.go +++ b/internal/report/frameworks/symfony/symfony.go @@ -1,6 +1,6 @@ package symfony -import "github.com/bearer/bearer/pkg/report/frameworks" +import "github.com/bearer/bearer/internal/report/frameworks" const TypeDatabase frameworks.Type = "database" diff --git a/pkg/report/interfaces/interfaces.go b/internal/report/interfaces/interfaces.go similarity index 86% rename from pkg/report/interfaces/interfaces.go rename to internal/report/interfaces/interfaces.go index eaab6b660..1cc7869af 100644 --- a/pkg/report/interfaces/interfaces.go +++ b/internal/report/interfaces/interfaces.go @@ -1,7 +1,7 @@ package interfaces import ( - "github.com/bearer/bearer/pkg/report/values" + "github.com/bearer/bearer/internal/report/values" ) type Type string diff --git a/pkg/report/operations/operations.go b/internal/report/operations/operations.go similarity index 100% rename from pkg/report/operations/operations.go rename to internal/report/operations/operations.go diff --git a/pkg/report/operations/operationshelper/operationshelper.go b/internal/report/operations/operationshelper/operationshelper.go similarity index 52% rename from pkg/report/operations/operationshelper/operationshelper.go rename to internal/report/operations/operationshelper/operationshelper.go index 11615efce..680688f0d 100644 --- a/pkg/report/operations/operationshelper/operationshelper.go +++ b/internal/report/operations/operationshelper/operationshelper.go @@ -1,8 +1,8 @@ package operationshelper import ( - "github.com/bearer/bearer/pkg/report/operations" - "github.com/bearer/bearer/pkg/report/source" + "github.com/bearer/bearer/internal/report/operations" + "github.com/bearer/bearer/internal/report/source" ) type Operation struct { diff --git a/pkg/report/output/dataflow/components/components.go b/internal/report/output/dataflow/components/components.go similarity index 94% rename from pkg/report/output/dataflow/components/components.go rename to internal/report/output/dataflow/components/components.go index 003aa94e8..9c5357929 100644 --- a/pkg/report/output/dataflow/components/components.go +++ b/internal/report/output/dataflow/components/components.go @@ -4,13 +4,13 @@ import ( "regexp" "strings" - "github.com/bearer/bearer/pkg/report/output/dataflow/types" + "github.com/bearer/bearer/internal/report/output/dataflow/types" - dependenciesclassification "github.com/bearer/bearer/pkg/classification/dependencies" - frameworkclassification "github.com/bearer/bearer/pkg/classification/frameworks" - interfaceclassification "github.com/bearer/bearer/pkg/classification/interfaces" - "github.com/bearer/bearer/pkg/util/classify" - "github.com/bearer/bearer/pkg/util/maputil" + dependenciesclassification "github.com/bearer/bearer/internal/classification/dependencies" + frameworkclassification "github.com/bearer/bearer/internal/classification/frameworks" + interfaceclassification "github.com/bearer/bearer/internal/classification/interfaces" + "github.com/bearer/bearer/internal/util/classify" + "github.com/bearer/bearer/internal/util/maputil" ) type Holder struct { diff --git a/pkg/report/output/dataflow/components/components_test.go b/internal/report/output/dataflow/components/components_test.go similarity index 93% rename from pkg/report/output/dataflow/components/components_test.go rename to internal/report/output/dataflow/components/components_test.go index 66f491d30..cabfeb972 100644 --- a/pkg/report/output/dataflow/components/components_test.go +++ b/internal/report/output/dataflow/components/components_test.go @@ -4,13 +4,14 @@ import ( "os" "testing" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/output/dataflow" - "github.com/bearer/bearer/pkg/report/output/dataflow/types" - "github.com/bearer/bearer/pkg/report/output/detectors" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" - globaltypes "github.com/bearer/bearer/pkg/types" "github.com/stretchr/testify/assert" + + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/report/output/dataflow" + "github.com/bearer/bearer/internal/report/output/dataflow/types" + "github.com/bearer/bearer/internal/report/output/detectors" + outputtypes "github.com/bearer/bearer/internal/report/output/types" + globaltypes "github.com/bearer/bearer/internal/types" ) func TestDataflowComponents(t *testing.T) { diff --git a/pkg/report/output/dataflow/dataflow.go b/internal/report/output/dataflow/dataflow.go similarity index 88% rename from pkg/report/output/dataflow/dataflow.go rename to internal/report/output/dataflow/dataflow.go index 94f529291..4fcfd1a3b 100644 --- a/pkg/report/output/dataflow/dataflow.go +++ b/internal/report/output/dataflow/dataflow.go @@ -5,18 +5,18 @@ import ( "encoding/json" "fmt" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/customdetectors" - "github.com/bearer/bearer/pkg/report/detections" - reportdetectors "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/output/dataflow/components" - "github.com/bearer/bearer/pkg/report/output/dataflow/datatypes" - "github.com/bearer/bearer/pkg/report/output/dataflow/detectiondecoder" - fileerrors "github.com/bearer/bearer/pkg/report/output/dataflow/file_errors" - "github.com/bearer/bearer/pkg/report/output/dataflow/risks" - "github.com/bearer/bearer/pkg/report/output/types" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/output" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/report/customdetectors" + "github.com/bearer/bearer/internal/report/detections" + reportdetectors "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/output/dataflow/components" + "github.com/bearer/bearer/internal/report/output/dataflow/datatypes" + "github.com/bearer/bearer/internal/report/output/dataflow/detectiondecoder" + fileerrors "github.com/bearer/bearer/internal/report/output/dataflow/file_errors" + "github.com/bearer/bearer/internal/report/output/dataflow/risks" + "github.com/bearer/bearer/internal/report/output/types" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/output" ) var allowedDetections []detections.DetectionType = []detections.DetectionType{ diff --git a/pkg/report/output/dataflow/datatypes/datatypes.go b/internal/report/output/dataflow/datatypes/datatypes.go similarity index 92% rename from pkg/report/output/dataflow/datatypes/datatypes.go rename to internal/report/output/dataflow/datatypes/datatypes.go index 0c5312c47..126011d7a 100644 --- a/pkg/report/output/dataflow/datatypes/datatypes.go +++ b/internal/report/output/dataflow/datatypes/datatypes.go @@ -3,16 +3,16 @@ package datatypes import ( "sort" - "github.com/bearer/bearer/pkg/classification/db" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/output/dataflow/detectiondecoder" - "github.com/bearer/bearer/pkg/report/output/dataflow/types" - "github.com/bearer/bearer/pkg/report/schema" - - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/util/classify" - "github.com/bearer/bearer/pkg/util/maputil" + "github.com/bearer/bearer/internal/classification/db" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/output/dataflow/detectiondecoder" + "github.com/bearer/bearer/internal/report/output/dataflow/types" + "github.com/bearer/bearer/internal/report/schema" + + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/util/classify" + "github.com/bearer/bearer/internal/util/maputil" ) type Holder struct { diff --git a/pkg/report/output/dataflow/datatypes/datatypes_test.go b/internal/report/output/dataflow/datatypes/datatypes_test.go similarity index 95% rename from pkg/report/output/dataflow/datatypes/datatypes_test.go rename to internal/report/output/dataflow/datatypes/datatypes_test.go index 46fae8187..24aa26d7a 100644 --- a/pkg/report/output/dataflow/datatypes/datatypes_test.go +++ b/internal/report/output/dataflow/datatypes/datatypes_test.go @@ -4,13 +4,14 @@ import ( "os" "testing" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/output/dataflow" - "github.com/bearer/bearer/pkg/report/output/dataflow/types" - "github.com/bearer/bearer/pkg/report/output/detectors" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" - globaltypes "github.com/bearer/bearer/pkg/types" "github.com/stretchr/testify/assert" + + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/report/output/dataflow" + "github.com/bearer/bearer/internal/report/output/dataflow/types" + "github.com/bearer/bearer/internal/report/output/detectors" + outputtypes "github.com/bearer/bearer/internal/report/output/types" + globaltypes "github.com/bearer/bearer/internal/types" ) func TestDataflowDataType(t *testing.T) { diff --git a/pkg/report/output/dataflow/datatypes/get_extras.go b/internal/report/output/dataflow/datatypes/get_extras.go similarity index 96% rename from pkg/report/output/dataflow/datatypes/get_extras.go rename to internal/report/output/dataflow/datatypes/get_extras.go index 2dc02100e..9da121d9b 100644 --- a/pkg/report/output/dataflow/datatypes/get_extras.go +++ b/internal/report/output/dataflow/datatypes/get_extras.go @@ -5,11 +5,11 @@ import ( "errors" "fmt" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/output/dataflow/types" - regohelper "github.com/bearer/bearer/pkg/util/rego" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/output/dataflow/types" + regohelper "github.com/bearer/bearer/internal/util/rego" "github.com/open-policy-agent/opa/rego" ) diff --git a/pkg/report/output/dataflow/detectiondecoder/dependency_classification.go b/internal/report/output/dataflow/detectiondecoder/dependency_classification.go similarity index 88% rename from pkg/report/output/dataflow/detectiondecoder/dependency_classification.go rename to internal/report/output/dataflow/detectiondecoder/dependency_classification.go index cb7e0a347..2d5ec9359 100644 --- a/pkg/report/output/dataflow/detectiondecoder/dependency_classification.go +++ b/internal/report/output/dataflow/detectiondecoder/dependency_classification.go @@ -5,7 +5,7 @@ import ( "encoding/json" "fmt" - dependenciesclassification "github.com/bearer/bearer/pkg/classification/dependencies" + dependenciesclassification "github.com/bearer/bearer/internal/classification/dependencies" ) func GetClassifiedDependency(detection interface{}) (dependenciesclassification.ClassifiedDependency, error) { diff --git a/pkg/report/output/dataflow/detectiondecoder/framework_classification.go b/internal/report/output/dataflow/detectiondecoder/framework_classification.go similarity index 88% rename from pkg/report/output/dataflow/detectiondecoder/framework_classification.go rename to internal/report/output/dataflow/detectiondecoder/framework_classification.go index 5436c12ec..f41156a67 100644 --- a/pkg/report/output/dataflow/detectiondecoder/framework_classification.go +++ b/internal/report/output/dataflow/detectiondecoder/framework_classification.go @@ -5,7 +5,7 @@ import ( "encoding/json" "fmt" - frameworkclassification "github.com/bearer/bearer/pkg/classification/frameworks" + frameworkclassification "github.com/bearer/bearer/internal/classification/frameworks" ) func GetClassifiedFramework(detection interface{}) (frameworkclassification.ClassifiedFramework, error) { diff --git a/pkg/report/output/dataflow/detectiondecoder/interface_classification.go b/internal/report/output/dataflow/detectiondecoder/interface_classification.go similarity index 88% rename from pkg/report/output/dataflow/detectiondecoder/interface_classification.go rename to internal/report/output/dataflow/detectiondecoder/interface_classification.go index c4d1e1ef9..d7d4086c4 100644 --- a/pkg/report/output/dataflow/detectiondecoder/interface_classification.go +++ b/internal/report/output/dataflow/detectiondecoder/interface_classification.go @@ -5,7 +5,7 @@ import ( "encoding/json" "fmt" - interfaceclassification "github.com/bearer/bearer/pkg/classification/interfaces" + interfaceclassification "github.com/bearer/bearer/internal/classification/interfaces" ) func GetClassifiedInterface(detection interface{}) (interfaceclassification.ClassifiedInterface, error) { diff --git a/pkg/report/output/dataflow/detectiondecoder/schema_classification.go b/internal/report/output/dataflow/detectiondecoder/schema_classification.go similarity index 86% rename from pkg/report/output/dataflow/detectiondecoder/schema_classification.go rename to internal/report/output/dataflow/detectiondecoder/schema_classification.go index 8a53d7b92..73213002e 100644 --- a/pkg/report/output/dataflow/detectiondecoder/schema_classification.go +++ b/internal/report/output/dataflow/detectiondecoder/schema_classification.go @@ -5,10 +5,10 @@ import ( "encoding/json" "fmt" - schemaclassification "github.com/bearer/bearer/pkg/classification/schema" + schemaclassification "github.com/bearer/bearer/internal/classification/schema" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/schema" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/schema" ) func GetSchemaClassification(schema schema.Schema) (schemaclassification.Classification, error) { diff --git a/pkg/report/output/dataflow/file_errors/file_errors.go b/internal/report/output/dataflow/file_errors/file_errors.go similarity index 84% rename from pkg/report/output/dataflow/file_errors/file_errors.go rename to internal/report/output/dataflow/file_errors/file_errors.go index 30324b03b..889902199 100644 --- a/pkg/report/output/dataflow/file_errors/file_errors.go +++ b/internal/report/output/dataflow/file_errors/file_errors.go @@ -1,8 +1,8 @@ package file_errors import ( - "github.com/bearer/bearer/pkg/report/detections" - fileerrors "github.com/bearer/bearer/pkg/report/output/dataflow/types" + "github.com/bearer/bearer/internal/report/detections" + fileerrors "github.com/bearer/bearer/internal/report/output/dataflow/types" ) type Holder struct { diff --git a/pkg/report/output/dataflow/formatter.go b/internal/report/output/dataflow/formatter.go similarity index 70% rename from pkg/report/output/dataflow/formatter.go rename to internal/report/output/dataflow/formatter.go index 5fd29eda7..74b230754 100644 --- a/pkg/report/output/dataflow/formatter.go +++ b/internal/report/output/dataflow/formatter.go @@ -1,10 +1,10 @@ package dataflow import ( - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/flag" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" - outputhandler "github.com/bearer/bearer/pkg/util/output" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/flag" + outputtypes "github.com/bearer/bearer/internal/report/output/types" + outputhandler "github.com/bearer/bearer/internal/util/output" ) type Formatter struct { diff --git a/pkg/report/output/dataflow/risks/risks.go b/internal/report/output/dataflow/risks/risks.go similarity index 94% rename from pkg/report/output/dataflow/risks/risks.go rename to internal/report/output/dataflow/risks/risks.go index 5b481a239..a523d2071 100644 --- a/pkg/report/output/dataflow/risks/risks.go +++ b/internal/report/output/dataflow/risks/risks.go @@ -4,16 +4,16 @@ import ( "bytes" "encoding/json" - "github.com/bearer/bearer/pkg/classification/db" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/output/dataflow/detectiondecoder" - "github.com/bearer/bearer/pkg/report/output/dataflow/types" - "github.com/bearer/bearer/pkg/report/schema" - - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/util/classify" - "github.com/bearer/bearer/pkg/util/maputil" + "github.com/bearer/bearer/internal/classification/db" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/output/dataflow/detectiondecoder" + "github.com/bearer/bearer/internal/report/output/dataflow/types" + "github.com/bearer/bearer/internal/report/schema" + + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/util/classify" + "github.com/bearer/bearer/internal/util/maputil" ) type Holder struct { diff --git a/pkg/report/output/dataflow/risks/risks_test.go b/internal/report/output/dataflow/risks/risks_test.go similarity index 95% rename from pkg/report/output/dataflow/risks/risks_test.go rename to internal/report/output/dataflow/risks/risks_test.go index b548783e1..186bc0d40 100644 --- a/pkg/report/output/dataflow/risks/risks_test.go +++ b/internal/report/output/dataflow/risks/risks_test.go @@ -4,14 +4,15 @@ import ( "os" "testing" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/customdetectors" - "github.com/bearer/bearer/pkg/report/output/dataflow" - "github.com/bearer/bearer/pkg/report/output/dataflow/types" - "github.com/bearer/bearer/pkg/report/output/detectors" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" - globaltypes "github.com/bearer/bearer/pkg/types" "github.com/stretchr/testify/assert" + + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/report/customdetectors" + "github.com/bearer/bearer/internal/report/output/dataflow" + "github.com/bearer/bearer/internal/report/output/dataflow/types" + "github.com/bearer/bearer/internal/report/output/detectors" + outputtypes "github.com/bearer/bearer/internal/report/output/types" + globaltypes "github.com/bearer/bearer/internal/types" ) func TestDataflowRisks(t *testing.T) { diff --git a/pkg/report/output/dataflow/types/components.go b/internal/report/output/dataflow/types/components.go similarity index 100% rename from pkg/report/output/dataflow/types/components.go rename to internal/report/output/dataflow/types/components.go diff --git a/pkg/report/output/dataflow/types/datatypes.go b/internal/report/output/dataflow/types/datatypes.go similarity index 97% rename from pkg/report/output/dataflow/types/datatypes.go rename to internal/report/output/dataflow/types/datatypes.go index 732cc3af6..2c892049b 100644 --- a/pkg/report/output/dataflow/types/datatypes.go +++ b/internal/report/output/dataflow/types/datatypes.go @@ -1,7 +1,7 @@ package types import ( - "github.com/bearer/bearer/pkg/report/schema" + "github.com/bearer/bearer/internal/report/schema" ) type Datatype struct { diff --git a/pkg/report/output/dataflow/types/file_errors.go b/internal/report/output/dataflow/types/file_errors.go similarity index 100% rename from pkg/report/output/dataflow/types/file_errors.go rename to internal/report/output/dataflow/types/file_errors.go diff --git a/pkg/report/output/dataflow/types/risks.go b/internal/report/output/dataflow/types/risks.go similarity index 96% rename from pkg/report/output/dataflow/types/risks.go rename to internal/report/output/dataflow/types/risks.go index 4896ba241..d1f086bb2 100644 --- a/pkg/report/output/dataflow/types/risks.go +++ b/internal/report/output/dataflow/types/risks.go @@ -1,6 +1,6 @@ package types -import "github.com/bearer/bearer/pkg/report/schema" +import "github.com/bearer/bearer/internal/report/schema" type RiskDetector struct { DetectorID string `json:"detector_id" yaml:"detector_id"` diff --git a/pkg/report/output/detectors/detectors.go b/internal/report/output/detectors/detectors.go similarity index 68% rename from pkg/report/output/detectors/detectors.go rename to internal/report/output/detectors/detectors.go index db1204f8a..a9f2a4e25 100644 --- a/pkg/report/output/detectors/detectors.go +++ b/internal/report/output/detectors/detectors.go @@ -6,11 +6,11 @@ import ( "github.com/rs/zerolog/log" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/output/types" - globaltypes "github.com/bearer/bearer/pkg/types" - "github.com/bearer/bearer/pkg/util/jsonlines" - "github.com/bearer/bearer/pkg/util/output" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/report/output/types" + globaltypes "github.com/bearer/bearer/internal/types" + "github.com/bearer/bearer/internal/util/jsonlines" + "github.com/bearer/bearer/internal/util/output" ) func AddReportData(reportData *types.ReportData, report globaltypes.Report, config settings.Config) error { diff --git a/pkg/report/output/detectors/formatter.go b/internal/report/output/detectors/formatter.go similarity index 70% rename from pkg/report/output/detectors/formatter.go rename to internal/report/output/detectors/formatter.go index cb6d5bc32..5da44aff3 100644 --- a/pkg/report/output/detectors/formatter.go +++ b/internal/report/output/detectors/formatter.go @@ -1,10 +1,10 @@ package detectors import ( - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/flag" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" - outputhandler "github.com/bearer/bearer/pkg/util/output" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/flag" + outputtypes "github.com/bearer/bearer/internal/report/output/types" + outputhandler "github.com/bearer/bearer/internal/util/output" ) type Formatter struct { diff --git a/pkg/report/output/gitlab/.snapshots/TestJuiceShopSarif b/internal/report/output/gitlab/.snapshots/TestJuiceShopSarif similarity index 100% rename from pkg/report/output/gitlab/.snapshots/TestJuiceShopSarif rename to internal/report/output/gitlab/.snapshots/TestJuiceShopSarif diff --git a/pkg/report/output/gitlab/gitlab.go b/internal/report/output/gitlab/gitlab.go similarity index 95% rename from pkg/report/output/gitlab/gitlab.go rename to internal/report/output/gitlab/gitlab.go index 2fc49d760..0317e2b48 100644 --- a/pkg/report/output/gitlab/gitlab.go +++ b/internal/report/output/gitlab/gitlab.go @@ -6,8 +6,8 @@ import ( "time" "github.com/bearer/bearer/cmd/bearer/build" - gitlab "github.com/bearer/bearer/pkg/report/output/gitlab/types" - securitytypes "github.com/bearer/bearer/pkg/report/output/security/types" + gitlab "github.com/bearer/bearer/internal/report/output/gitlab/types" + securitytypes "github.com/bearer/bearer/internal/report/output/security/types" ) func ReportGitLab( diff --git a/pkg/report/output/gitlab/gitlab_test.go b/internal/report/output/gitlab/gitlab_test.go similarity index 89% rename from pkg/report/output/gitlab/gitlab_test.go rename to internal/report/output/gitlab/gitlab_test.go index 39708cd8a..d8381b03a 100644 --- a/pkg/report/output/gitlab/gitlab_test.go +++ b/internal/report/output/gitlab/gitlab_test.go @@ -9,8 +9,8 @@ import ( "github.com/bradleyjkemp/cupaloy" - securitytypes "github.com/bearer/bearer/pkg/report/output/security/types" - util "github.com/bearer/bearer/pkg/util/output" + securitytypes "github.com/bearer/bearer/internal/report/output/security/types" + util "github.com/bearer/bearer/internal/util/output" ) func TestJuiceShopSarif(t *testing.T) { diff --git a/pkg/report/output/gitlab/testdata/juice-shop-security-report.json b/internal/report/output/gitlab/testdata/juice-shop-security-report.json similarity index 100% rename from pkg/report/output/gitlab/testdata/juice-shop-security-report.json rename to internal/report/output/gitlab/testdata/juice-shop-security-report.json diff --git a/pkg/report/output/gitlab/types/types.go b/internal/report/output/gitlab/types/types.go similarity index 100% rename from pkg/report/output/gitlab/types/types.go rename to internal/report/output/gitlab/types/types.go diff --git a/pkg/report/output/html/.snapshots/TestBearPublishingPrivacyHtml.html b/internal/report/output/html/.snapshots/TestBearPublishingPrivacyHtml.html similarity index 100% rename from pkg/report/output/html/.snapshots/TestBearPublishingPrivacyHtml.html rename to internal/report/output/html/.snapshots/TestBearPublishingPrivacyHtml.html diff --git a/pkg/report/output/html/.snapshots/TestJuiceShopSecurityHtml.html b/internal/report/output/html/.snapshots/TestJuiceShopSecurityHtml.html similarity index 100% rename from pkg/report/output/html/.snapshots/TestJuiceShopSecurityHtml.html rename to internal/report/output/html/.snapshots/TestJuiceShopSecurityHtml.html diff --git a/pkg/report/output/html/html.go b/internal/report/output/html/html.go similarity index 93% rename from pkg/report/output/html/html.go rename to internal/report/output/html/html.go index 85635cc2e..26f29b940 100644 --- a/pkg/report/output/html/html.go +++ b/internal/report/output/html/html.go @@ -7,12 +7,13 @@ import ( "text/template" "time" - html "github.com/bearer/bearer/pkg/report/output/html/types" - privacytypes "github.com/bearer/bearer/pkg/report/output/privacy/types" - securitytypes "github.com/bearer/bearer/pkg/report/output/security/types" - "github.com/bearer/bearer/pkg/util/maputil" term "github.com/buildkite/terminal" "github.com/russross/blackfriday" + + html "github.com/bearer/bearer/internal/report/output/html/types" + privacytypes "github.com/bearer/bearer/internal/report/output/privacy/types" + securitytypes "github.com/bearer/bearer/internal/report/output/security/types" + "github.com/bearer/bearer/internal/util/maputil" ) //go:embed security.tmpl diff --git a/pkg/report/output/html/html_test.go b/internal/report/output/html/html_test.go similarity index 89% rename from pkg/report/output/html/html_test.go rename to internal/report/output/html/html_test.go index 98f855b3c..cba8aa32b 100644 --- a/pkg/report/output/html/html_test.go +++ b/internal/report/output/html/html_test.go @@ -5,9 +5,10 @@ import ( "os" "testing" - privacytypes "github.com/bearer/bearer/pkg/report/output/privacy/types" - securitytypes "github.com/bearer/bearer/pkg/report/output/security/types" "github.com/bradleyjkemp/cupaloy" + + privacytypes "github.com/bearer/bearer/internal/report/output/privacy/types" + securitytypes "github.com/bearer/bearer/internal/report/output/security/types" ) func TestJuiceShopSecurityHtml(t *testing.T) { diff --git a/pkg/report/output/html/privacy.tmpl b/internal/report/output/html/privacy.tmpl similarity index 100% rename from pkg/report/output/html/privacy.tmpl rename to internal/report/output/html/privacy.tmpl diff --git a/pkg/report/output/html/security.tmpl b/internal/report/output/html/security.tmpl similarity index 100% rename from pkg/report/output/html/security.tmpl rename to internal/report/output/html/security.tmpl diff --git a/pkg/report/output/html/styles.css b/internal/report/output/html/styles.css similarity index 100% rename from pkg/report/output/html/styles.css rename to internal/report/output/html/styles.css diff --git a/pkg/report/output/html/testdata/bear-publishing-privacy-report.json b/internal/report/output/html/testdata/bear-publishing-privacy-report.json similarity index 100% rename from pkg/report/output/html/testdata/bear-publishing-privacy-report.json rename to internal/report/output/html/testdata/bear-publishing-privacy-report.json diff --git a/pkg/report/output/html/testdata/juice-shop-security-report.json b/internal/report/output/html/testdata/juice-shop-security-report.json similarity index 100% rename from pkg/report/output/html/testdata/juice-shop-security-report.json rename to internal/report/output/html/testdata/juice-shop-security-report.json diff --git a/pkg/report/output/html/types/types.go b/internal/report/output/html/types/types.go similarity index 85% rename from pkg/report/output/html/types/types.go rename to internal/report/output/html/types/types.go index 5661ee5c2..be9dfeb66 100644 --- a/pkg/report/output/html/types/types.go +++ b/internal/report/output/html/types/types.go @@ -1,7 +1,7 @@ package types import ( - privacytypes "github.com/bearer/bearer/pkg/report/output/privacy/types" + privacytypes "github.com/bearer/bearer/internal/report/output/privacy/types" ) type GroupedThirdParty struct { diff --git a/pkg/report/output/html/wrapper.tmpl b/internal/report/output/html/wrapper.tmpl similarity index 100% rename from pkg/report/output/html/wrapper.tmpl rename to internal/report/output/html/wrapper.tmpl diff --git a/pkg/report/output/output.go b/internal/report/output/output.go similarity index 85% rename from pkg/report/output/output.go rename to internal/report/output/output.go index 2384b4d01..a6e7fffeb 100644 --- a/pkg/report/output/output.go +++ b/internal/report/output/output.go @@ -8,18 +8,18 @@ import ( "github.com/google/uuid" "github.com/hhatto/gocloc" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/flag" - "github.com/bearer/bearer/pkg/report/basebranchfindings" - globaltypes "github.com/bearer/bearer/pkg/types" - - "github.com/bearer/bearer/pkg/report/output/dataflow" - "github.com/bearer/bearer/pkg/report/output/detectors" - "github.com/bearer/bearer/pkg/report/output/privacy" - "github.com/bearer/bearer/pkg/report/output/saas" - "github.com/bearer/bearer/pkg/report/output/security" - "github.com/bearer/bearer/pkg/report/output/stats" - "github.com/bearer/bearer/pkg/report/output/types" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/report/basebranchfindings" + globaltypes "github.com/bearer/bearer/internal/types" + + "github.com/bearer/bearer/internal/report/output/dataflow" + "github.com/bearer/bearer/internal/report/output/detectors" + "github.com/bearer/bearer/internal/report/output/privacy" + "github.com/bearer/bearer/internal/report/output/saas" + "github.com/bearer/bearer/internal/report/output/security" + "github.com/bearer/bearer/internal/report/output/stats" + "github.com/bearer/bearer/internal/report/output/types" ) var ErrUndefinedFormat = errors.New("undefined output format") diff --git a/pkg/report/output/privacy/.snapshots/TestAddReportData b/internal/report/output/privacy/.snapshots/TestAddReportData similarity index 100% rename from pkg/report/output/privacy/.snapshots/TestAddReportData rename to internal/report/output/privacy/.snapshots/TestAddReportData diff --git a/pkg/report/output/privacy/.snapshots/TestBuildCsvString b/internal/report/output/privacy/.snapshots/TestBuildCsvString similarity index 100% rename from pkg/report/output/privacy/.snapshots/TestBuildCsvString rename to internal/report/output/privacy/.snapshots/TestBuildCsvString diff --git a/pkg/report/output/privacy/formatter.go b/internal/report/output/privacy/formatter.go similarity index 78% rename from pkg/report/output/privacy/formatter.go rename to internal/report/output/privacy/formatter.go index 610fa04c4..0e0ecc60b 100644 --- a/pkg/report/output/privacy/formatter.go +++ b/internal/report/output/privacy/formatter.go @@ -3,11 +3,11 @@ package privacy import ( "fmt" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/flag" - "github.com/bearer/bearer/pkg/report/output/html" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" - outputhandler "github.com/bearer/bearer/pkg/util/output" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/report/output/html" + outputtypes "github.com/bearer/bearer/internal/report/output/types" + outputhandler "github.com/bearer/bearer/internal/util/output" ) type Formatter struct { diff --git a/pkg/report/output/privacy/privacy.go b/internal/report/output/privacy/privacy.go similarity index 96% rename from pkg/report/output/privacy/privacy.go rename to internal/report/output/privacy/privacy.go index 4a11b195c..703cd7efd 100644 --- a/pkg/report/output/privacy/privacy.go +++ b/internal/report/output/privacy/privacy.go @@ -8,16 +8,16 @@ import ( "golang.org/x/exp/maps" - "github.com/bearer/bearer/pkg/classification/db" - "github.com/bearer/bearer/pkg/commands/process/settings" - globaltypes "github.com/bearer/bearer/pkg/types" - "github.com/bearer/bearer/pkg/util/output" - "github.com/bearer/bearer/pkg/util/progressbar" - "github.com/bearer/bearer/pkg/util/rego" - - "github.com/bearer/bearer/pkg/report/output/privacy/types" - "github.com/bearer/bearer/pkg/report/output/security" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" + "github.com/bearer/bearer/internal/classification/db" + "github.com/bearer/bearer/internal/commands/process/settings" + globaltypes "github.com/bearer/bearer/internal/types" + "github.com/bearer/bearer/internal/util/output" + "github.com/bearer/bearer/internal/util/progressbar" + "github.com/bearer/bearer/internal/util/rego" + + "github.com/bearer/bearer/internal/report/output/privacy/types" + "github.com/bearer/bearer/internal/report/output/security" + outputtypes "github.com/bearer/bearer/internal/report/output/types" ) type RuleInput struct { diff --git a/pkg/report/output/privacy/privacy_test.go b/internal/report/output/privacy/privacy_test.go similarity index 89% rename from pkg/report/output/privacy/privacy_test.go rename to internal/report/output/privacy/privacy_test.go index ee4a240f1..20ed63bee 100644 --- a/pkg/report/output/privacy/privacy_test.go +++ b/internal/report/output/privacy/privacy_test.go @@ -5,14 +5,14 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/flag" - "github.com/bearer/bearer/pkg/report/output/dataflow/types" - "github.com/bearer/bearer/pkg/report/output/privacy" - "github.com/bearer/bearer/pkg/report/output/testhelper" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/version_check" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/report/output/dataflow/types" + "github.com/bearer/bearer/internal/report/output/privacy" + "github.com/bearer/bearer/internal/report/output/testhelper" + outputtypes "github.com/bearer/bearer/internal/report/output/types" + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/version_check" ) func TestBuildCsvString(t *testing.T) { diff --git a/pkg/report/output/privacy/types/types.go b/internal/report/output/privacy/types/types.go similarity index 100% rename from pkg/report/output/privacy/types/types.go rename to internal/report/output/privacy/types/types.go diff --git a/pkg/report/output/reviewdog/.snapshots/TestRailsGoatReviewdog b/internal/report/output/reviewdog/.snapshots/TestRailsGoatReviewdog similarity index 100% rename from pkg/report/output/reviewdog/.snapshots/TestRailsGoatReviewdog rename to internal/report/output/reviewdog/.snapshots/TestRailsGoatReviewdog diff --git a/pkg/report/output/reviewdog/reviewdog.go b/internal/report/output/reviewdog/reviewdog.go similarity index 90% rename from pkg/report/output/reviewdog/reviewdog.go rename to internal/report/output/reviewdog/reviewdog.go index 4181c5440..529249518 100644 --- a/pkg/report/output/reviewdog/reviewdog.go +++ b/internal/report/output/reviewdog/reviewdog.go @@ -1,8 +1,8 @@ package reviewdog import ( - reviewdog "github.com/bearer/bearer/pkg/report/output/reviewdog/types" - securitytypes "github.com/bearer/bearer/pkg/report/output/security/types" + reviewdog "github.com/bearer/bearer/internal/report/output/reviewdog/types" + securitytypes "github.com/bearer/bearer/internal/report/output/security/types" ) func ReportReviewdog(outputDetections map[string][]securitytypes.Finding) (reviewdog.ReviewdogOutput, error) { diff --git a/pkg/report/output/reviewdog/reviewdog_test.go b/internal/report/output/reviewdog/reviewdog_test.go similarity index 83% rename from pkg/report/output/reviewdog/reviewdog_test.go rename to internal/report/output/reviewdog/reviewdog_test.go index 7c891ab94..8dd235b79 100644 --- a/pkg/report/output/reviewdog/reviewdog_test.go +++ b/internal/report/output/reviewdog/reviewdog_test.go @@ -8,9 +8,9 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/report/output/reviewdog" - securitytypes "github.com/bearer/bearer/pkg/report/output/security/types" - "github.com/bearer/bearer/pkg/util/output" + "github.com/bearer/bearer/internal/report/output/reviewdog" + securitytypes "github.com/bearer/bearer/internal/report/output/security/types" + "github.com/bearer/bearer/internal/util/output" ) func TestRailsGoatReviewdog(t *testing.T) { diff --git a/pkg/report/output/reviewdog/testdata/rails-goat-security-report.json b/internal/report/output/reviewdog/testdata/rails-goat-security-report.json similarity index 100% rename from pkg/report/output/reviewdog/testdata/rails-goat-security-report.json rename to internal/report/output/reviewdog/testdata/rails-goat-security-report.json diff --git a/pkg/report/output/reviewdog/types/types.go b/internal/report/output/reviewdog/types/types.go similarity index 100% rename from pkg/report/output/reviewdog/types/types.go rename to internal/report/output/reviewdog/types/types.go diff --git a/pkg/report/output/saas/formatter.go b/internal/report/output/saas/formatter.go similarity index 70% rename from pkg/report/output/saas/formatter.go rename to internal/report/output/saas/formatter.go index b40e3cd9b..1bb455af3 100644 --- a/pkg/report/output/saas/formatter.go +++ b/internal/report/output/saas/formatter.go @@ -1,10 +1,10 @@ package saas import ( - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/flag" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" - outputhandler "github.com/bearer/bearer/pkg/util/output" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/flag" + outputtypes "github.com/bearer/bearer/internal/report/output/types" + outputhandler "github.com/bearer/bearer/internal/util/output" ) type Formatter struct { diff --git a/pkg/report/output/saas/saas.go b/internal/report/output/saas/saas.go similarity index 94% rename from pkg/report/output/saas/saas.go rename to internal/report/output/saas/saas.go index 0fa4a4725..3489c9ddf 100644 --- a/pkg/report/output/saas/saas.go +++ b/internal/report/output/saas/saas.go @@ -14,13 +14,13 @@ import ( "github.com/bearer/bearer/api" "github.com/bearer/bearer/api/s3" "github.com/bearer/bearer/cmd/bearer/build" - "github.com/bearer/bearer/pkg/commands/process/settings" - saas "github.com/bearer/bearer/pkg/report/output/saas/types" - securitytypes "github.com/bearer/bearer/pkg/report/output/security/types" - "github.com/bearer/bearer/pkg/report/output/types" - "github.com/bearer/bearer/pkg/util/file" - util "github.com/bearer/bearer/pkg/util/output" - pointer "github.com/bearer/bearer/pkg/util/pointers" + "github.com/bearer/bearer/internal/commands/process/settings" + saas "github.com/bearer/bearer/internal/report/output/saas/types" + securitytypes "github.com/bearer/bearer/internal/report/output/security/types" + "github.com/bearer/bearer/internal/report/output/types" + "github.com/bearer/bearer/internal/util/file" + util "github.com/bearer/bearer/internal/util/output" + pointer "github.com/bearer/bearer/internal/util/pointers" ) func GetReport(reportData *types.ReportData, config settings.Config, ensureMeta bool) error { diff --git a/pkg/report/output/saas/types/types.go b/internal/report/output/saas/types/types.go similarity index 89% rename from pkg/report/output/saas/types/types.go rename to internal/report/output/saas/types/types.go index 2e13a6eb5..ffb725ae8 100644 --- a/pkg/report/output/saas/types/types.go +++ b/internal/report/output/saas/types/types.go @@ -1,9 +1,9 @@ package types import ( - dataflowtypes "github.com/bearer/bearer/pkg/report/output/dataflow/types" - securitytypes "github.com/bearer/bearer/pkg/report/output/security/types" - ignoretypes "github.com/bearer/bearer/pkg/util/ignore/types" + dataflowtypes "github.com/bearer/bearer/internal/report/output/dataflow/types" + securitytypes "github.com/bearer/bearer/internal/report/output/security/types" + ignoretypes "github.com/bearer/bearer/internal/util/ignore/types" ) type Meta struct { diff --git a/pkg/report/output/sarif/.snapshots/TestJuiceShopSarif b/internal/report/output/sarif/.snapshots/TestJuiceShopSarif similarity index 100% rename from pkg/report/output/sarif/.snapshots/TestJuiceShopSarif rename to internal/report/output/sarif/.snapshots/TestJuiceShopSarif diff --git a/pkg/report/output/sarif/sarif.go b/internal/report/output/sarif/sarif.go similarity index 90% rename from pkg/report/output/sarif/sarif.go rename to internal/report/output/sarif/sarif.go index 50c2f4f52..10bdba405 100644 --- a/pkg/report/output/sarif/sarif.go +++ b/internal/report/output/sarif/sarif.go @@ -1,9 +1,9 @@ package sarif import ( - "github.com/bearer/bearer/pkg/commands/process/settings" - sarif "github.com/bearer/bearer/pkg/report/output/sarif/types" - securitytypes "github.com/bearer/bearer/pkg/report/output/security/types" + "github.com/bearer/bearer/internal/commands/process/settings" + sarif "github.com/bearer/bearer/internal/report/output/sarif/types" + securitytypes "github.com/bearer/bearer/internal/report/output/security/types" ) func ReportSarif(outputDetections map[string][]securitytypes.Finding, rules map[string]*settings.Rule) (sarif.SarifOutput, error) { diff --git a/pkg/report/output/sarif/sarif_test.go b/internal/report/output/sarif/sarif_test.go similarity index 88% rename from pkg/report/output/sarif/sarif_test.go rename to internal/report/output/sarif/sarif_test.go index 1ca864ca6..8ed4c6800 100644 --- a/pkg/report/output/sarif/sarif_test.go +++ b/internal/report/output/sarif/sarif_test.go @@ -8,10 +8,10 @@ import ( "github.com/bradleyjkemp/cupaloy" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/output/sarif" - securitytypes "github.com/bearer/bearer/pkg/report/output/security/types" - util "github.com/bearer/bearer/pkg/util/output" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/report/output/sarif" + securitytypes "github.com/bearer/bearer/internal/report/output/security/types" + util "github.com/bearer/bearer/internal/util/output" ) func TestJuiceShopSarif(t *testing.T) { diff --git a/pkg/report/output/sarif/testdata/juice-shop-security-report.json b/internal/report/output/sarif/testdata/juice-shop-security-report.json similarity index 100% rename from pkg/report/output/sarif/testdata/juice-shop-security-report.json rename to internal/report/output/sarif/testdata/juice-shop-security-report.json diff --git a/pkg/report/output/sarif/types/types.go b/internal/report/output/sarif/types/types.go similarity index 100% rename from pkg/report/output/sarif/types/types.go rename to internal/report/output/sarif/types/types.go diff --git a/pkg/report/output/security/.snapshots/TestAddReportData b/internal/report/output/security/.snapshots/TestAddReportData similarity index 100% rename from pkg/report/output/security/.snapshots/TestAddReportData rename to internal/report/output/security/.snapshots/TestAddReportData diff --git a/pkg/report/output/security/.snapshots/TestAddReportDataWithSeverity b/internal/report/output/security/.snapshots/TestAddReportDataWithSeverity similarity index 100% rename from pkg/report/output/security/.snapshots/TestAddReportDataWithSeverity rename to internal/report/output/security/.snapshots/TestAddReportDataWithSeverity diff --git a/pkg/report/output/security/.snapshots/TestBuildReportString b/internal/report/output/security/.snapshots/TestBuildReportString similarity index 100% rename from pkg/report/output/security/.snapshots/TestBuildReportString rename to internal/report/output/security/.snapshots/TestBuildReportString diff --git a/pkg/report/output/security/.snapshots/TestCalculateSeverity b/internal/report/output/security/.snapshots/TestCalculateSeverity similarity index 100% rename from pkg/report/output/security/.snapshots/TestCalculateSeverity rename to internal/report/output/security/.snapshots/TestCalculateSeverity diff --git a/pkg/report/output/security/.snapshots/TestNoRulesBuildReportString b/internal/report/output/security/.snapshots/TestNoRulesBuildReportString similarity index 100% rename from pkg/report/output/security/.snapshots/TestNoRulesBuildReportString rename to internal/report/output/security/.snapshots/TestNoRulesBuildReportString diff --git a/pkg/report/output/security/formatter.go b/internal/report/output/security/formatter.go similarity index 81% rename from pkg/report/output/security/formatter.go rename to internal/report/output/security/formatter.go index 574975282..96d28fc89 100644 --- a/pkg/report/output/security/formatter.go +++ b/internal/report/output/security/formatter.go @@ -4,15 +4,16 @@ import ( "fmt" "time" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/flag" - "github.com/bearer/bearer/pkg/report/output/gitlab" - "github.com/bearer/bearer/pkg/report/output/html" - "github.com/bearer/bearer/pkg/report/output/reviewdog" - "github.com/bearer/bearer/pkg/report/output/sarif" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" - outputhandler "github.com/bearer/bearer/pkg/util/output" "github.com/hhatto/gocloc" + + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/report/output/gitlab" + "github.com/bearer/bearer/internal/report/output/html" + "github.com/bearer/bearer/internal/report/output/reviewdog" + "github.com/bearer/bearer/internal/report/output/sarif" + outputtypes "github.com/bearer/bearer/internal/report/output/types" + outputhandler "github.com/bearer/bearer/internal/util/output" ) type Formatter struct { diff --git a/pkg/report/output/security/security.go b/internal/report/output/security/security.go similarity index 96% rename from pkg/report/output/security/security.go rename to internal/report/output/security/security.go index e08f6271c..cf5a0577f 100644 --- a/pkg/report/output/security/security.go +++ b/internal/report/output/security/security.go @@ -4,33 +4,32 @@ import ( "crypto/md5" "encoding/json" "fmt" + "slices" "sort" "strings" "golang.org/x/exp/maps" - "golang.org/x/exp/slices" "github.com/fatih/color" "github.com/hhatto/gocloc" "github.com/rodaine/table" "github.com/schollz/progressbar/v3" - "github.com/ssoroka/slice" - - "github.com/bearer/bearer/pkg/classification/db" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/basebranchfindings" - globaltypes "github.com/bearer/bearer/pkg/types" - "github.com/bearer/bearer/pkg/util/file" - ignoretypes "github.com/bearer/bearer/pkg/util/ignore/types" - "github.com/bearer/bearer/pkg/util/maputil" - "github.com/bearer/bearer/pkg/util/output" - bearerprogressbar "github.com/bearer/bearer/pkg/util/progressbar" - "github.com/bearer/bearer/pkg/util/rego" - "github.com/bearer/bearer/pkg/util/set" - - types "github.com/bearer/bearer/pkg/report/output/security/types" - stats "github.com/bearer/bearer/pkg/report/output/stats" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" + + "github.com/bearer/bearer/internal/classification/db" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/report/basebranchfindings" + globaltypes "github.com/bearer/bearer/internal/types" + "github.com/bearer/bearer/internal/util/file" + ignoretypes "github.com/bearer/bearer/internal/util/ignore/types" + "github.com/bearer/bearer/internal/util/maputil" + "github.com/bearer/bearer/internal/util/output" + bearerprogressbar "github.com/bearer/bearer/internal/util/progressbar" + "github.com/bearer/bearer/internal/util/rego" + "github.com/bearer/bearer/internal/util/set" + + types "github.com/bearer/bearer/internal/report/output/security/types" + stats "github.com/bearer/bearer/internal/report/output/stats" + outputtypes "github.com/bearer/bearer/internal/report/output/types" ) var underline = color.New(color.Underline).SprintFunc() @@ -577,8 +576,8 @@ func countRules( var shouldCount bool if rule.Language() == "secret" { - shouldCount = slice.Contains(config.Scan.Scanner, "secrets") - } else if slice.Contains(config.Scan.Scanner, "sast") { + shouldCount = slices.Contains(config.Scan.Scanner, "secrets") + } else if slices.Contains(config.Scan.Scanner, "sast") { if rule.Language() == "JavaScript" { shouldCount = languages["JavaScript"] != nil || languages["TypeScript"] != nil } else { diff --git a/pkg/report/output/security/security_test.go b/internal/report/output/security/security_test.go similarity index 92% rename from pkg/report/output/security/security_test.go rename to internal/report/output/security/security_test.go index 755e70717..8ed876153 100644 --- a/pkg/report/output/security/security_test.go +++ b/internal/report/output/security/security_test.go @@ -7,17 +7,16 @@ import ( "github.com/hhatto/gocloc" "github.com/stretchr/testify/assert" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/flag" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/version_check" - - dataflowtypes "github.com/bearer/bearer/pkg/report/output/dataflow/types" - "github.com/bearer/bearer/pkg/report/output/security" - securitytypes "github.com/bearer/bearer/pkg/report/output/security/types" - "github.com/bearer/bearer/pkg/report/output/testhelper" - "github.com/bearer/bearer/pkg/report/output/types" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/version_check" + + dataflowtypes "github.com/bearer/bearer/internal/report/output/dataflow/types" + "github.com/bearer/bearer/internal/report/output/security" + securitytypes "github.com/bearer/bearer/internal/report/output/security/types" + "github.com/bearer/bearer/internal/report/output/testhelper" + outputtypes "github.com/bearer/bearer/internal/report/output/types" ) func TestBuildReportString(t *testing.T) { @@ -254,7 +253,7 @@ func dummyDataflowData() *outputtypes.ReportData { risks[0] = criticalRisk risks[1] = lowRisk - dataflow := &types.DataFlow{ + dataflow := &outputtypes.DataFlow{ Datatypes: []dataflowtypes.Datatype{ { Name: "Email Address", diff --git a/pkg/report/output/security/types/types.go b/internal/report/output/security/types/types.go similarity index 97% rename from pkg/report/output/security/types/types.go rename to internal/report/output/security/types/types.go index 707d8899e..45888190e 100644 --- a/pkg/report/output/security/types/types.go +++ b/internal/report/output/security/types/types.go @@ -4,9 +4,10 @@ import ( "fmt" "strings" - "github.com/bearer/bearer/pkg/util/file" - ignoretypes "github.com/bearer/bearer/pkg/util/ignore/types" "github.com/fatih/color" + + "github.com/bearer/bearer/internal/util/file" + ignoretypes "github.com/bearer/bearer/internal/util/ignore/types" ) type Finding struct { diff --git a/pkg/report/output/stats/formatter.go b/internal/report/output/stats/formatter.go similarity index 70% rename from pkg/report/output/stats/formatter.go rename to internal/report/output/stats/formatter.go index 1a4830947..777880e1c 100644 --- a/pkg/report/output/stats/formatter.go +++ b/internal/report/output/stats/formatter.go @@ -1,10 +1,10 @@ package stats import ( - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/flag" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" - outputhandler "github.com/bearer/bearer/pkg/util/output" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/flag" + outputtypes "github.com/bearer/bearer/internal/report/output/types" + outputhandler "github.com/bearer/bearer/internal/util/output" ) type Formatter struct { diff --git a/pkg/report/output/stats/gocloc_detector.go b/internal/report/output/stats/gocloc_detector.go similarity index 100% rename from pkg/report/output/stats/gocloc_detector.go rename to internal/report/output/stats/gocloc_detector.go diff --git a/pkg/report/output/stats/stats.go b/internal/report/output/stats/stats.go similarity index 93% rename from pkg/report/output/stats/stats.go rename to internal/report/output/stats/stats.go index 6ae6fd9e2..edd4ed292 100644 --- a/pkg/report/output/stats/stats.go +++ b/internal/report/output/stats/stats.go @@ -4,13 +4,14 @@ import ( "fmt" "strings" - "github.com/bearer/bearer/pkg/classification/db" - "github.com/bearer/bearer/pkg/commands/process/settings" - - "github.com/bearer/bearer/pkg/report/output/stats/types" - outputtypes "github.com/bearer/bearer/pkg/report/output/types" - "github.com/bearer/bearer/pkg/util/maputil" "github.com/hhatto/gocloc" + + "github.com/bearer/bearer/internal/classification/db" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/util/maputil" + + "github.com/bearer/bearer/internal/report/output/stats/types" + outputtypes "github.com/bearer/bearer/internal/report/output/types" ) func AddReportData( diff --git a/pkg/report/output/stats/types/types.go b/internal/report/output/stats/types/types.go similarity index 100% rename from pkg/report/output/stats/types/types.go rename to internal/report/output/stats/types/types.go diff --git a/pkg/report/output/testhelper/testhelper.go b/internal/report/output/testhelper/testhelper.go similarity index 99% rename from pkg/report/output/testhelper/testhelper.go rename to internal/report/output/testhelper/testhelper.go index a788dd936..509f2d404 100644 --- a/pkg/report/output/testhelper/testhelper.go +++ b/internal/report/output/testhelper/testhelper.go @@ -1,6 +1,6 @@ package testhelper -import "github.com/bearer/bearer/pkg/commands/process/settings" +import "github.com/bearer/bearer/internal/commands/process/settings" // new rules are added func CustomRule() *settings.Rule { diff --git a/pkg/report/output/types/types.go b/internal/report/output/types/types.go similarity index 75% rename from pkg/report/output/types/types.go rename to internal/report/output/types/types.go index 3ff8bb501..f07aa829f 100644 --- a/pkg/report/output/types/types.go +++ b/internal/report/output/types/types.go @@ -1,11 +1,11 @@ package types import ( - dataflowtypes "github.com/bearer/bearer/pkg/report/output/dataflow/types" - privacytypes "github.com/bearer/bearer/pkg/report/output/privacy/types" - saastypes "github.com/bearer/bearer/pkg/report/output/saas/types" - securitytypes "github.com/bearer/bearer/pkg/report/output/security/types" - statstypes "github.com/bearer/bearer/pkg/report/output/stats/types" + dataflowtypes "github.com/bearer/bearer/internal/report/output/dataflow/types" + privacytypes "github.com/bearer/bearer/internal/report/output/privacy/types" + saastypes "github.com/bearer/bearer/internal/report/output/saas/types" + securitytypes "github.com/bearer/bearer/internal/report/output/security/types" + statstypes "github.com/bearer/bearer/internal/report/output/stats/types" ) type ReportData struct { diff --git a/pkg/report/report.go b/internal/report/report.go similarity index 52% rename from pkg/report/report.go rename to internal/report/report.go index 9e170b835..44185cfe8 100644 --- a/pkg/report/report.go +++ b/internal/report/report.go @@ -1,16 +1,16 @@ package report import ( - "github.com/bearer/bearer/pkg/report/dependencies" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/frameworks" - "github.com/bearer/bearer/pkg/report/interfaces" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/report/schema/datatype" + "github.com/bearer/bearer/internal/report/dependencies" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/frameworks" + "github.com/bearer/bearer/internal/report/interfaces" + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/report/schema/datatype" - "github.com/bearer/bearer/pkg/report/secret" - "github.com/bearer/bearer/pkg/report/source" + "github.com/bearer/bearer/internal/report/secret" + "github.com/bearer/bearer/internal/report/source" ) type Report interface { diff --git a/pkg/report/schema/datatype/datatype.go b/internal/report/schema/datatype/datatype.go similarity index 94% rename from pkg/report/schema/datatype/datatype.go rename to internal/report/schema/datatype/datatype.go index a39aecddb..fee135fca 100644 --- a/pkg/report/schema/datatype/datatype.go +++ b/internal/report/schema/datatype/datatype.go @@ -4,14 +4,14 @@ import ( "sort" "strings" - classificationschema "github.com/bearer/bearer/pkg/classification/schema" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/util/normalize_key" - "github.com/bearer/bearer/pkg/util/pluralize" + classificationschema "github.com/bearer/bearer/internal/classification/schema" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/util/normalize_key" + "github.com/bearer/bearer/internal/util/pluralize" ) type ReportDataType interface { diff --git a/pkg/report/schema/schema.go b/internal/report/schema/schema.go similarity index 91% rename from pkg/report/schema/schema.go rename to internal/report/schema/schema.go index 9d99d14d8..e4d2b43c5 100644 --- a/pkg/report/schema/schema.go +++ b/internal/report/schema/schema.go @@ -1,10 +1,10 @@ package schema import ( - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/source" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/source" ) const ( diff --git a/internal/report/schema/schemahelper/schemahelper.go b/internal/report/schema/schemahelper/schemahelper.go new file mode 100644 index 000000000..6872868b0 --- /dev/null +++ b/internal/report/schema/schemahelper/schemahelper.go @@ -0,0 +1,11 @@ +package schemahelper + +import ( + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/report/source" +) + +type Schema struct { + Source source.Source + Value schema.Schema +} diff --git a/pkg/report/secret/secret.go b/internal/report/secret/secret.go similarity index 100% rename from pkg/report/secret/secret.go rename to internal/report/secret/secret.go diff --git a/pkg/report/source/source.go b/internal/report/source/source.go similarity index 97% rename from pkg/report/source/source.go rename to internal/report/source/source.go index 9e2c39ff0..80c461f69 100644 --- a/pkg/report/source/source.go +++ b/internal/report/source/source.go @@ -1,7 +1,7 @@ package source import ( - "github.com/bearer/bearer/pkg/util/file" + "github.com/bearer/bearer/internal/util/file" ) // Source represents a part of a source file that is referenced in the scan report. diff --git a/pkg/report/values/values.go b/internal/report/values/values.go similarity index 98% rename from pkg/report/values/values.go rename to internal/report/values/values.go index 1e95edc5c..0f14665ab 100644 --- a/pkg/report/values/values.go +++ b/internal/report/values/values.go @@ -4,7 +4,7 @@ import ( "fmt" "strings" - "github.com/bearer/bearer/pkg/report/variables" + "github.com/bearer/bearer/internal/report/variables" "github.com/rs/zerolog/log" ) diff --git a/pkg/report/variables/variables.go b/internal/report/variables/variables.go similarity index 100% rename from pkg/report/variables/variables.go rename to internal/report/variables/variables.go diff --git a/pkg/report/writer/detectors.go b/internal/report/writer/detectors.go similarity index 89% rename from pkg/report/writer/detectors.go rename to internal/report/writer/detectors.go index c58285907..ba992c801 100644 --- a/pkg/report/writer/detectors.go +++ b/internal/report/writer/detectors.go @@ -5,24 +5,24 @@ import ( "io" "log" - classification "github.com/bearer/bearer/pkg/classification" - classificationschema "github.com/bearer/bearer/pkg/classification/schema" + classification "github.com/bearer/bearer/internal/classification" + classificationschema "github.com/bearer/bearer/internal/classification/schema" zerolog "github.com/rs/zerolog/log" - "github.com/bearer/bearer/pkg/parser" - "github.com/bearer/bearer/pkg/parser/nodeid" + "github.com/bearer/bearer/internal/parser" + "github.com/bearer/bearer/internal/parser/nodeid" - "github.com/bearer/bearer/pkg/report/dependencies" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/frameworks" - "github.com/bearer/bearer/pkg/report/interfaces" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/report/schema/datatype" - "github.com/bearer/bearer/pkg/report/secret" - "github.com/bearer/bearer/pkg/report/source" + "github.com/bearer/bearer/internal/report/dependencies" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/frameworks" + "github.com/bearer/bearer/internal/report/interfaces" + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/report/schema/datatype" + "github.com/bearer/bearer/internal/report/secret" + "github.com/bearer/bearer/internal/report/source" - "github.com/bearer/bearer/pkg/util/jsonlines" + "github.com/bearer/bearer/internal/util/jsonlines" ) type StoredSchema struct { diff --git a/internal/scanner/ast/ast.go b/internal/scanner/ast/ast.go new file mode 100644 index 000000000..8c3eda7c6 --- /dev/null +++ b/internal/scanner/ast/ast.go @@ -0,0 +1,136 @@ +package ast + +import ( + "context" + "fmt" + "strings" + + "github.com/rs/zerolog/log" + sitter "github.com/smacker/go-tree-sitter" + + "github.com/bearer/bearer/internal/scanner/language" + "github.com/bearer/bearer/internal/scanner/ruleset" + + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/tree" +) + +func Parse( + ctx context.Context, + language language.Language, + contentBytes []byte, +) (*tree.Tree, error) { + builder, err := parseBuilder(ctx, language, contentBytes) + if err != nil { + return nil, err + } + + return builder.Build(), nil +} + +func ParseAndAnalyze( + ctx context.Context, + language language.Language, + ruleSet *ruleset.Set, + querySet *query.Set, + contentBytes []byte, +) (*tree.Tree, error) { + builder, err := parseBuilder(ctx, language, contentBytes) + if err != nil { + return nil, err + } + + if err := querySet.Query(ctx, builder, builder.SitterRootNode()); err != nil { + return nil, fmt.Errorf("error running ast queries: %w", err) + } + + analyzer := language.NewAnalyzer(builder) + if err := analyzeNode(ctx, ruleSet, builder, analyzer, builder.SitterRootNode()); err != nil { + return nil, fmt.Errorf("error running language analysis: %w", err) + } + + return builder.Build(), nil +} + +func parseBuilder( + ctx context.Context, + language language.Language, + contentBytes []byte, +) (*tree.Builder, error) { + parser := sitter.NewParser() + defer parser.Close() + + parser.SetLanguage(language.SitterLanguage()) + + sitterTree, err := parser.ParseCtx(ctx, nil, contentBytes) + if err != nil { + return nil, err + } + + return tree.NewBuilder(contentBytes, sitterTree.RootNode()), nil +} + +func analyzeNode( + ctx context.Context, + ruleSet *ruleset.Set, + builder *tree.Builder, + analyzer language.Analyzer, + node *sitter.Node, +) error { + if ctx.Err() != nil { + return ctx.Err() + } + + visitChildren := func() error { + childCount := int(node.ChildCount()) + + var disabledRules []*ruleset.Rule + for i := 0; i < childCount; i++ { + child := node.Child(i) + if !child.IsNamed() { + continue + } + + disabledRules = addDisabledRules(ruleSet, builder, disabledRules, node) + if err := analyzeNode(ctx, ruleSet, builder, analyzer, child); err != nil { + return err + } + } + + return nil + } + + return analyzer.Analyze(node, visitChildren) +} + +func addDisabledRules( + ruleSet *ruleset.Set, + builder *tree.Builder, + disabledRules []*ruleset.Rule, + node *sitter.Node, +) []*ruleset.Rule { + if node.Type() == "comment" { + nextDisabledRules := disabledRules + + nodeContent := builder.ContentFor(node) + if strings.Contains(nodeContent, "bearer:disable") { + rawRuleIDs := strings.Split(nodeContent, "bearer:disable")[1] + + for _, ruleID := range strings.Split(rawRuleIDs, ",") { + rule, err := ruleSet.RuleByID(strings.TrimSpace(ruleID)) + if err != nil { + log.Debug().Msgf("ignoring unknown disabled rule '%s': %s", ruleID, err) + continue + } + + nextDisabledRules = append(nextDisabledRules, rule) + } + } + + return nextDisabledRules + } + + builder.AddDisabledRules(node, disabledRules) + + return nil +} diff --git a/internal/scanner/ast/query/query.go b/internal/scanner/ast/query/query.go new file mode 100644 index 000000000..b9ffded4c --- /dev/null +++ b/internal/scanner/ast/query/query.go @@ -0,0 +1,184 @@ +package query + +import ( + "context" + "errors" + "strings" + + "github.com/rs/zerolog/log" + sitter "github.com/smacker/go-tree-sitter" + "gopkg.in/yaml.v3" + + "github.com/bearer/bearer/internal/scanner/ast/tree" +) + +type Set struct { + languageID string + sitterLanguage *sitter.Language + queries []Query + queryByInput map[string]*Query + sitterCursor *sitter.QueryCursor + sitterQuery *sitter.Query +} + +type Query struct { + querySet *Set + id int + input string +} + +func NewSet(languageID string, sitterLanguage *sitter.Language) *Set { + return &Set{ + languageID: languageID, + sitterLanguage: sitterLanguage, + sitterCursor: sitter.NewQueryCursor(), + queryByInput: make(map[string]*Query), + } +} + +func (querySet *Set) Add(input string) *Query { + if query := querySet.queryByInput[input]; query != nil { + return query + } + + id := len(querySet.queries) + querySet.queries = append(querySet.queries, Query{ + querySet: querySet, + id: id, + input: input, + }) + + querySet.freeSitterQuery() + + query := &querySet.queries[id] + querySet.queryByInput[input] = query + return query +} + +func (querySet *Set) Query(ctx context.Context, builder *tree.Builder, rootNode *sitter.Node) error { + if querySet.sitterQuery == nil { + return errors.New("query set has not been compiled") + } + + querySet.sitterCursor.Exec(querySet.sitterQuery, rootNode) + + captureNames := make(map[uint32]string) + + for { + if ctx.Err() != nil { + return ctx.Err() + } + + match, found := querySet.sitterCursor.NextMatch() + if !found { + break + } + + result := make(map[string]*sitter.Node) + for _, capture := range match.Captures { + name := captureNames[capture.Index] + if name == "" { + name = querySet.sitterQuery.CaptureNameForId(capture.Index) + captureNames[capture.Index] = name + } + + result[name] = capture.Node + } + + resultRoot, rootExists := result["root"] + if !rootExists { + return errors.New("missing @root capture in tree sitter query") + } + + matchNode, matchNodeExists := result["match"] + if !matchNodeExists { + matchNode = resultRoot + } + + builder.QueryResult(int(match.PatternIndex), matchNode, result) + } + + return nil +} + +func (querySet *Set) Compile() error { + if querySet.sitterQuery != nil { + return nil + } + + var s strings.Builder + + for _, query := range querySet.queries { + s.WriteString(query.input) + s.WriteString("\n") + } + + if log.Trace().Enabled() { + log.Trace().Msgf("%s queries:\n%s", querySet.languageID, querySet.dump()) + } + + sitterQuery, err := sitter.NewQuery([]byte(s.String()), querySet.sitterLanguage) + if err != nil { + return err + } + + querySet.sitterQuery = sitterQuery + + return nil +} + +type dumpValue struct { + ID int + Input string +} + +func (querySet *Set) dump() string { + queries := make([]dumpValue, len(querySet.queries)) + + for i, query := range querySet.queries { + queries[i].ID = query.id + queries[i].Input = query.input + } + + yamlQueries, err := yaml.Marshal(queries) + if err != nil { + return err.Error() + } + + return string(yamlQueries) +} + +func (querySet *Set) Close() { + querySet.sitterCursor.Close() + querySet.freeSitterQuery() +} + +func (queries *Set) freeSitterQuery() { + if queries.sitterQuery == nil { + return + } + + queries.sitterQuery.Close() + queries.sitterQuery = nil +} + +func (query *Query) ID() int { + return query.id +} + +func (query *Query) MatchAt(node *tree.Node) []tree.QueryResult { + return node.QueryResults(query.id) +} + +func (query *Query) MatchOnceAt(node *tree.Node) (tree.QueryResult, error) { + results := query.MatchAt(node) + if len(results) > 1 { + return nil, errors.New("query returned more than one result") + } + + if len(results) == 0 { + return nil, nil + } + + return results[0], nil +} diff --git a/internal/scanner/ast/traversalstrategy/builtin.go b/internal/scanner/ast/traversalstrategy/builtin.go new file mode 100644 index 000000000..a7a0eac0d --- /dev/null +++ b/internal/scanner/ast/traversalstrategy/builtin.go @@ -0,0 +1,83 @@ +package traversalstrategy + +import ( + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/scanner/ast/tree" +) + +var ( + Nested = &nestedStrategy{} + NestedStrict = &nestedStrictStrategy{} + Result = &resultStrategy{} + Cursor = &cursorStrategy{} + CursorStrict = &cursorStrictStrategy{} +) + +type nestedStrategy struct{} + +var nestedTraverse = makeTraverse(func(next *[]*tree.Node, node *tree.Node) { + *next = append(*next, node.Children()...) + *next = append(*next, node.AliasOf()...) +}) + +func (strategy *nestedStrategy) Scope() settings.RuleReferenceScope { + return settings.NESTED_SCOPE +} + +func (strategy *nestedStrategy) Traverse(cache *Cache, rootNode *tree.Node, visit func(node *tree.Node) (bool, error)) error { + return nestedTraverse(cache, rootNode, visit) +} + +type nestedStrictStrategy struct{} + +var nestedStrictTraverse = makeTraverse(func(next *[]*tree.Node, node *tree.Node) { + *next = append(*next, node.Children()...) +}) + +func (strategy *nestedStrictStrategy) Scope() settings.RuleReferenceScope { + return settings.NESTED_STRICT_SCOPE +} + +func (strategy *nestedStrictStrategy) Traverse(cache *Cache, rootNode *tree.Node, visit func(node *tree.Node) (bool, error)) error { + return nestedStrictTraverse(cache, rootNode, visit) +} + +type resultStrategy struct{} + +var resultTraverse = makeTraverse(func(next *[]*tree.Node, node *tree.Node) { + *next = append(*next, node.AliasOf()...) + *next = append(*next, node.DataflowSources()...) +}) + +func (strategy *resultStrategy) Scope() settings.RuleReferenceScope { + return settings.RESULT_SCOPE +} + +func (strategy *resultStrategy) Traverse(cache *Cache, rootNode *tree.Node, visit func(node *tree.Node) (bool, error)) error { + return resultTraverse(cache, rootNode, visit) +} + +type cursorStrategy struct{} + +var cursorTraverse = makeTraverse(func(next *[]*tree.Node, node *tree.Node) { + *next = append(*next, node.AliasOf()...) +}) + +func (strategy *cursorStrategy) Scope() settings.RuleReferenceScope { + return settings.CURSOR_SCOPE +} + +func (strategy *cursorStrategy) Traverse(cache *Cache, rootNode *tree.Node, visit func(node *tree.Node) (bool, error)) error { + return cursorTraverse(cache, rootNode, visit) +} + +type cursorStrictStrategy struct{} + +func (strategy *cursorStrictStrategy) Scope() settings.RuleReferenceScope { + return settings.CURSOR_STRICT_SCOPE +} + +func (strategy *cursorStrictStrategy) Traverse(cache *Cache, rootNode *tree.Node, visit func(node *tree.Node) (bool, error)) error { + _, err := visit(rootNode) + return err +} diff --git a/internal/scanner/ast/traversalstrategy/traversalstrategy.go b/internal/scanner/ast/traversalstrategy/traversalstrategy.go new file mode 100644 index 000000000..55a0d10c4 --- /dev/null +++ b/internal/scanner/ast/traversalstrategy/traversalstrategy.go @@ -0,0 +1,111 @@ +package traversalstrategy + +import ( + "fmt" + + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bits-and-blooms/bitset" +) + +type Strategy interface { + Scope() settings.RuleReferenceScope + Traverse(cache *Cache, rootNode *tree.Node, visit func(node *tree.Node) (bool, error)) error +} + +func Get(scope settings.RuleReferenceScope) (Strategy, error) { + switch scope { + case settings.NESTED_SCOPE: + return Nested, nil + case settings.NESTED_STRICT_SCOPE: + return NestedStrict, nil + case settings.RESULT_SCOPE: + return Result, nil + case settings.CURSOR_SCOPE: + return Cursor, nil + case settings.CURSOR_STRICT_SCOPE: + return CursorStrict, nil + default: + return nil, fmt.Errorf("unknown scope '%s'", scope) + } +} + +type Cache struct { + nodeCount int + allocated []*data +} + +type data struct { + seen *bitset.BitSet + nodes, + next []*tree.Node +} + +func NewCache(nodeCount int) *Cache { + return &Cache{nodeCount: nodeCount} +} + +func (cache *Cache) get() *data { + if len(cache.allocated) == 0 { + return &data{ + seen: bitset.New(uint(cache.nodeCount)), + nodes: make([]*tree.Node, 0, 1000), + next: make([]*tree.Node, 0, 1000), + } + } + + index := len(cache.allocated) - 1 + data := cache.allocated[index] + cache.allocated = cache.allocated[:index] + return data +} + +func (cache *Cache) put(data *data) { + // same buffer but zero length + data.nodes = data.nodes[:0] + data.next = data.next[:0] + data.seen.ClearAll() + + cache.allocated = append(cache.allocated, data) +} + +func makeTraverse(appendNext func(next *[]*tree.Node, node *tree.Node)) func(cache *Cache, rootNode *tree.Node, visit func(node *tree.Node) (bool, error)) error { + return func(cache *Cache, rootNode *tree.Node, visit func(node *tree.Node) (bool, error)) error { + data := cache.get() + defer cache.put(data) + + data.nodes = append(data.nodes, rootNode) + + for { + if len(data.nodes) == 0 { + break + } + + for _, node := range data.nodes { + bit := uint(node.ID) + if data.seen.Test(bit) { + continue + } + data.seen.Set(bit) + + stopTraversal, err := visit(node) + if err != nil { + return err + } + + if stopTraversal { + continue + } + + appendNext(&data.next, node) + } + + old := data.nodes + data.nodes = data.next + // allow memory to be re-used + data.next = old[:0] + } + + return nil + } +} diff --git a/internal/scanner/ast/tree/.snapshots/TestTree b/internal/scanner/ast/tree/.snapshots/TestTree new file mode 100644 index 000000000..a72615024 --- /dev/null +++ b/internal/scanner/ast/tree/.snapshots/TestTree @@ -0,0 +1,48 @@ +type: program +id: 0 +range: 2:3 - 5:2 +children: + - type: method + id: 1 + range: 2:3 - 4:6 + children: + - type: '"def"' + id: 2 + range: 2:3 - 2:6 + - type: identifier + id: 3 + range: 2:7 - 2:8 + content: m + - type: method_parameters + id: 4 + range: 2:8 - 2:11 + children: + - type: '"("' + id: 5 + range: 2:8 - 2:9 + - type: identifier + id: 6 + range: 2:9 - 2:10 + content: a + - type: '")"' + id: 7 + range: 2:10 - 2:11 + - type: call + id: 8 + range: 3:4 - 3:9 + children: + - type: identifier + id: 9 + range: 3:4 - 3:5 + content: a + - type: '"."' + id: 10 + range: 3:5 - 3:6 + - type: identifier + id: 11 + range: 3:6 - 3:9 + content: foo + - type: '"end"' + id: 12 + range: 4:3 - 4:6 + diff --git a/internal/scanner/ast/tree/builder.go b/internal/scanner/ast/tree/builder.go new file mode 100644 index 000000000..5c1657181 --- /dev/null +++ b/internal/scanner/ast/tree/builder.go @@ -0,0 +1,271 @@ +package tree + +import ( + "slices" + + "github.com/bearer/bearer/internal/scanner/ruleset" + sitter "github.com/smacker/go-tree-sitter" +) + +type Builder struct { + contentBytes []byte + types []string + nodes []Node + rootNodeID int + children, + dataflowSources, + aliasOf map[int][]int + sitterRootNode *sitter.Node + sitterToNodeID map[*sitter.Node]int +} + +func NewBuilder(contentBytes []byte, sitterRootNode *sitter.Node) *Builder { + builder := &Builder{ + contentBytes: contentBytes, + nodes: make([]Node, 0, 1000), + children: make(map[int][]int), + dataflowSources: make(map[int][]int), + aliasOf: make(map[int][]int), + sitterRootNode: sitterRootNode, + sitterToNodeID: make(map[*sitter.Node]int), + } + + builder.rootNodeID = builder.addNode(sitterRootNode) + + return builder +} + +func (builder *Builder) SitterRootNode() *sitter.Node { + return builder.sitterRootNode +} + +func (builder *Builder) LastChild(node *sitter.Node) *sitter.Node { + childCount := int(node.ChildCount()) + if childCount == 0 { + return nil + } + + return node.Child(childCount - 1) +} + +func (builder *Builder) ChildrenFor(node *sitter.Node) []*sitter.Node { + childCount := int(node.ChildCount()) + children := make([]*sitter.Node, childCount) + + for i := 0; i < childCount; i++ { + children[i] = node.Child(i) + } + + return children +} +func (builder *Builder) ChildrenExcept(node, excludedNode *sitter.Node) []*sitter.Node { + childCount := int(node.ChildCount()) + children := make([]*sitter.Node, 0, childCount) + + for i := 0; i < childCount; i++ { + if child := node.Child(i); child != excludedNode { + children = append(children, child) + } + } + + return children +} + +func (builder *Builder) ContentFor(node *sitter.Node) string { + return node.Content(builder.contentBytes) +} + +func (builder *Builder) Dataflow(toNode *sitter.Node, fromNodes ...*sitter.Node) { + toID := builder.sitterToNodeID[toNode] + + builder.dataflowSources[toID] = append( + builder.dataflowSources[toID], + builder.sitterToNodeIDs(fromNodes)..., + ) +} + +func (builder *Builder) Alias(toNode *sitter.Node, fromNodes ...*sitter.Node) { + toID := builder.sitterToNodeID[toNode] + + builder.aliasOf[toID] = append( + builder.aliasOf[toID], + builder.sitterToNodeIDs(fromNodes)..., + ) +} + +func (builder *Builder) AddDisabledRules(sitterNode *sitter.Node, rules []*ruleset.Rule) { + node := &builder.nodes[builder.sitterToNodeID[sitterNode]] + + for _, rule := range rules { + node.disabledRuleIndices = append(node.disabledRuleIndices, rule.Index()) + } +} + +func (builder *Builder) sitterToNodeIDs(nodes []*sitter.Node) []int { + ids := make([]int, len(nodes)) + + for i, node := range nodes { + ids[i] = builder.sitterToNodeID[node] + } + + return ids +} + +func (builder *Builder) QueryResult(queryID int, sitterNode *sitter.Node, result map[string]*sitter.Node) { + node := &builder.nodes[builder.sitterToNodeID[sitterNode]] + + if node.queryResults == nil { + node.queryResults = make(map[int][]QueryResult) + } + + node.queryResults[queryID] = append(node.queryResults[queryID], builder.translateNodeMap(result)) +} + +func (builder *Builder) Build() *Tree { + builder.buildChildren() + builder.buildDataflowSources() + builder.buildAliasOf() + + tree := &Tree{ + contentBytes: builder.contentBytes, + types: builder.types, + nodes: builder.nodes, + rootNode: &builder.nodes[builder.rootNodeID], + sitterToNode: builder.buildSitterToNode(), + } + + for i := range tree.nodes { + tree.nodes[i].tree = tree + tree.nodes[i].parent = tree.sitterToNode[tree.nodes[i].sitterNode.Parent()] + } + + return tree +} + +func (builder *Builder) addNode(sitterNode *sitter.Node) int { + id := len(builder.nodes) + builder.sitterToNodeID[sitterNode] = id + + startPoint := sitterNode.StartPoint() + endPoint := sitterNode.EndPoint() + + sitterType := sitterNode.Type() + if !sitterNode.IsNamed() { + sitterType = `"` + sitterType + `"` + } + + builder.nodes = append(builder.nodes, Node{ + sitterNode: sitterNode, + ID: id, + TypeID: builder.internType(sitterType), + ContentStart: Position{ + Byte: int(sitterNode.StartByte()), + Line: int(startPoint.Row) + 1, + Column: int(startPoint.Column) + 1, + }, + ContentEnd: Position{ + Byte: int(sitterNode.EndByte()), + Line: int(endPoint.Row) + 1, + Column: int(endPoint.Column) + 1, + }, + }) + + builder.children[id] = builder.addChildren(id, sitterNode) + + return id +} + +func (builder *Builder) addChildren(parentID int, sitterNode *sitter.Node) []int { + childCount := int(sitterNode.ChildCount()) + if childCount == 0 { + return nil + } + + children := make([]int, childCount) + for i := 0; i < childCount; i++ { + children[i] = builder.addNode(sitterNode.Child(i)) + } + + return children +} + +func (builder *Builder) buildChildren() { + builder.buildAdjacencyList(builder.children, func(node *Node, children []*Node) { + node.children = children + }) +} + +func (builder *Builder) buildDataflowSources() { + builder.buildAdjacencyList(builder.dataflowSources, func(node *Node, dataflowSources []*Node) { + node.dataflowSources = dataflowSources + }) +} + +func (builder *Builder) buildAliasOf() { + builder.buildAdjacencyList(builder.aliasOf, func(node *Node, aliasOf []*Node) { + node.aliasOf = aliasOf + }) +} + +func (builder *Builder) buildAdjacencyList( + nodeToAdjacencyIDs map[int][]int, + assignToNode func(node *Node, adjacentNodes []*Node), +) { + totalCount := 0 + for _, adjacentIDs := range nodeToAdjacencyIDs { + totalCount += len(adjacentIDs) + } + + // use a single backing slice for memory-local traversal + store := make([]*Node, totalCount) + + offset := 0 + for id := range builder.nodes { + adjacentIDs := nodeToAdjacencyIDs[id] + count := len(adjacentIDs) + if count == 0 { + continue + } + + // this shares memory with the store + adjacentNodes := store[offset : offset+count] + + for i, adjacentID := range adjacentIDs { + adjacentNodes[i] = &builder.nodes[adjacentID] + } + + assignToNode(&builder.nodes[id], adjacentNodes) + offset += count + } +} + +func (builder *Builder) buildSitterToNode() map[*sitter.Node]*Node { + result := make(map[*sitter.Node]*Node) + + for sitterNode, ID := range builder.sitterToNodeID { + result[sitterNode] = &builder.nodes[ID] + } + + return result +} + +func (builder *Builder) internType(nodeType string) int { + id := slices.Index(builder.types, nodeType) + if id != -1 { + return id + } + + id = len(builder.types) + builder.types = append(builder.types, nodeType) + return id +} + +func (builder *Builder) translateNodeMap(sitterMap map[string]*sitter.Node) map[string]*Node { + result := make(map[string]*Node) + + for name, sitterNode := range sitterMap { + result[name] = &builder.nodes[builder.sitterToNodeID[sitterNode]] + } + + return result +} diff --git a/internal/scanner/ast/tree/tree.go b/internal/scanner/ast/tree/tree.go new file mode 100644 index 000000000..9485c0e95 --- /dev/null +++ b/internal/scanner/ast/tree/tree.go @@ -0,0 +1,257 @@ +package tree + +import ( + "fmt" + + sitter "github.com/smacker/go-tree-sitter" + "golang.org/x/exp/slices" + "gopkg.in/yaml.v3" +) + +type Tree struct { + contentBytes []byte + types []string + nodes []Node + rootNode *Node + sitterToNode map[*sitter.Node]*Node +} + +type QueryResult map[string]*Node + +type Node struct { + tree *Tree + ID, + TypeID int + ContentStart, + ContentEnd Position + parent *Node + children, + dataflowSources, + aliasOf []*Node + disabledRuleIndices []int + // FIXME: remove the need for this + sitterNode *sitter.Node + queryResults map[int][]QueryResult + // FIXME: probably shouldn't be public + ExecutingDetectors []int +} + +type Position struct { + Byte, + Line, + Column int +} + +func (tree *Tree) ContentBytes() []byte { + return tree.contentBytes +} + +func (tree *Tree) NodeCount() int { + return len(tree.nodes) +} + +func (tree *Tree) RootNode() *Node { + return tree.rootNode +} + +func (tree *Tree) NodeFromSitter(sitterNode *sitter.Node) *Node { + return tree.sitterToNode[sitterNode] +} + +func (node *Node) Tree() *Tree { + return node.tree +} + +func (node *Node) SitterNode() *sitter.Node { + return node.sitterNode +} + +func (node *Node) Type() string { + return node.tree.types[node.TypeID] +} + +func (node *Node) IsNamed() bool { + // FIXME: don't use the sitter node + return node.sitterNode.IsNamed() +} + +func (node *Node) Parent() *Node { + return node.parent +} + +func (node *Node) Content() string { + return string(node.tree.contentBytes[node.ContentStart.Byte:node.ContentEnd.Byte]) +} + +func (node *Node) Debug() string { + return fmt.Sprintf( + "node-%d (%d:%d:%s)", + node.ID, + node.ContentStart.Line, + node.ContentStart.Column, + node.Type(), + ) +} + +func (node *Node) Children() []*Node { + return node.children +} + +// FIXME: can we remove this? +func (node *Node) NamedChildren() []*Node { + namedChildren := make([]*Node, 0, len(node.children)) + + for _, child := range node.children { + if child.IsNamed() { + namedChildren = append(namedChildren, child) + } + } + + return namedChildren +} + +func (node *Node) ChildByFieldName(name string) *Node { + // FIXME: don't use the sitter node + return node.tree.sitterToNode[node.sitterNode.ChildByFieldName(name)] +} + +func (node *Node) DataflowSources() []*Node { + return node.dataflowSources +} + +func (node *Node) AliasOf() []*Node { + return node.aliasOf +} + +func (node *Node) DisabledRuleIndices() []int { + return node.disabledRuleIndices +} + +func (node *Node) QueryResults(queryID int) []QueryResult { + if node.queryResults == nil { + return nil + } + + return node.queryResults[queryID] +} + +type nodeDump struct { + Type string + ID int + Range string + Content string `yaml:",omitempty"` + DataflowSources []int `yaml:"dataflow_sources,omitempty"` + AliasOf []int `yaml:"alias_of,omitempty"` + Queries []int `yaml:",omitempty"` + Children []nodeDump `yaml:",omitempty"` +} + +func (node *Node) Dump() string { + dump := node.dumpValue() + yamlDump, err := yaml.Marshal(&dump) + if err != nil { + return err.Error() + } + + return string(yamlDump) +} + +func (node *Node) dumpValue() nodeDump { + childDump := make([]nodeDump, len(node.children)) + for i, child := range node.children { + childDump[i] = child.dumpValue() + } + + var queries []int + for queryID := range node.queryResults { + queries = append(queries, queryID) + } + slices.Sort(queries) + + contentRange := fmt.Sprintf( + "%d:%d - %d:%d", + node.ContentStart.Line, + node.ContentStart.Column, + node.ContentEnd.Line, + node.ContentEnd.Column, + ) + + content := "" + if len(node.children) == 0 && node.Type()[0] != '"' { + content = node.Content() + } + + return nodeDump{ + Type: node.Type(), + ID: node.ID, + Range: contentRange, + Content: content, + DataflowSources: nodeListToID(node.dataflowSources), + AliasOf: nodeListToID(node.aliasOf), + Children: childDump, + Queries: queries, + } +} + +func nodeListToID(nodes []*Node) []int { + result := make([]int, len(nodes)) + + for i, node := range nodes { + result[i] = node.ID + } + + slices.Sort(result) + return result +} + +// FIXME: remove this +func (node *Node) EachContentPart(onText func(text string) error, onChild func(child *Node) error) error { + start := node.ContentStart.Byte + end := start + + emit := func() error { + if end <= start { + return nil + } + + return onText(string(node.tree.contentBytes[start:end])) + } + + for _, child := range node.children { + end = child.ContentStart.Byte + + if err := emit(); err != nil { + return err + } + + if child.IsNamed() { + if err := onChild(child); err != nil { + return err + } + } + + start = child.ContentEnd.Byte + end = start + } + + if err := emit(); err != nil { + return err + } + + return nil +} + +// FIXME: maybe users of this could work iteratively? +func (node *Node) Walk(visit func(node *Node, visitChildren func() error) error) error { + visitChildren := func() error { + for _, child := range node.Children() { + if err := child.Walk(visit); err != nil { + return err + } + } + + return nil + } + + return visit(node, visitChildren) +} diff --git a/internal/scanner/ast/tree/tree_test.go b/internal/scanner/ast/tree/tree_test.go new file mode 100644 index 000000000..b1970ce55 --- /dev/null +++ b/internal/scanner/ast/tree/tree_test.go @@ -0,0 +1,34 @@ +package tree_test + +import ( + "context" + "testing" + + "github.com/bradleyjkemp/cupaloy" + sitter "github.com/smacker/go-tree-sitter" + "github.com/smacker/go-tree-sitter/ruby" + + "github.com/bearer/bearer/internal/scanner/ast/tree" +) + +func parseTree(t *testing.T, content string) *tree.Tree { + contentBytes := []byte(content) + sitterLanguage := ruby.GetLanguage() + + sitterRootNode, err := sitter.ParseCtx(context.Background(), contentBytes, sitterLanguage) + if err != nil { + t.Fatalf("failed to parse input: %s", err) + } + + return tree.NewBuilder(contentBytes, sitterRootNode).Build() +} + +func TestTree(t *testing.T) { + tree := parseTree(t, ` + def m(a) + a.foo + end + `) + + cupaloy.SnapshotT(t, tree.RootNode().Dump()) +} diff --git a/internal/scanner/cache/cache.go b/internal/scanner/cache/cache.go new file mode 100644 index 000000000..d4111d9ad --- /dev/null +++ b/internal/scanner/cache/cache.go @@ -0,0 +1,118 @@ +package cache + +import ( + "github.com/rs/zerolog/log" + + treepkg "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/detectorset" + "github.com/bearer/bearer/internal/scanner/ruleset" + "github.com/bearer/bearer/internal/util/set" +) + +const ( + minNodeCount = 20_000 // minimum number of AST nodes for cache to be enabled + maxCacheSize = 1000 // maximum number of AST nodes per cache/shared-cache + evictionSize = 100 // number of AST nodes to evict when max is reached +) + +type entry struct { + rule *ruleset.Rule + result *detectorset.Result +} + +type Shared struct { + ruleIndexSet set.Set[int] + data map[*treepkg.Node][]entry +} + +func NewShared(rules []*ruleset.Rule) *Shared { + ruleIndexSet := set.New[int]() + for _, rule := range rules { + if rule.Type() == ruleset.RuleTypeBuiltin || rule.Type() == ruleset.RuleTypeShared { + ruleIndexSet.Add(rule.Index()) + } + } + + return &Shared{ + ruleIndexSet: ruleIndexSet, + data: make(map[*treepkg.Node][]entry), + } +} + +type Cache struct { + enabled bool + shared *Shared + data map[*treepkg.Node][]entry +} + +func NewCache(tree *treepkg.Tree, sharedCache *Shared) *Cache { + enabled := tree.NodeCount() > minNodeCount + if enabled { + log.Trace().Msg("cache enabled") + } + + return &Cache{ + enabled: enabled, + shared: sharedCache, + data: make(map[*treepkg.Node][]entry), + } +} + +func (cache *Cache) Clear() { + if cache == nil || !cache.enabled { + return + } + + clear(cache.data) +} + +func (cache *Cache) Get(node *treepkg.Node, rule *ruleset.Rule) (*detectorset.Result, bool) { + if cache == nil || (!cache.enabled && rule != ruleset.BuiltinDatatypeRule) { + return nil, false + } + + for _, entry := range cache.dataFor(rule)[node] { + if entry.rule == rule { + return entry.result, true + } + } + + return nil, false +} + +func (cache *Cache) Put(node *treepkg.Node, rule *ruleset.Rule, result *detectorset.Result) { + if cache == nil || (!cache.enabled && rule != ruleset.BuiltinDatatypeRule) { + return + } + + data := cache.dataFor(rule) + + if len(data) > maxCacheSize { + log.Trace().Msg("detection cache full, evicting entries") + + i := 0 + for evictedNode := range data { + if i == evictionSize { + break + } + + data[evictedNode] = nil + delete(data, evictedNode) + + i++ + } + } + + data[node] = append(data[node], entry{ + rule: rule, + result: result, + }) +} + +func (cache *Cache) dataFor(rule *ruleset.Rule) map[*treepkg.Node][]entry { + if cache.shared.ruleIndexSet.Has(rule.Index()) { + return cache.shared.data + } else { + return cache.data + } +} diff --git a/internal/scanner/detectors/.snapshots/TestDatatypeDetector-datatype b/internal/scanner/detectors/.snapshots/TestDatatypeDetector-datatype new file mode 100644 index 000000000..7906abedc --- /dev/null +++ b/internal/scanner/detectors/.snapshots/TestDatatypeDetector-datatype @@ -0,0 +1,554 @@ +type: program +id: 0 +range: 1:1 - 7:1 +dataflow_sources: + - 1 +children: + - type: assignment + id: 1 + range: 1:1 - 6:2 + alias_of: + - 4 + queries: + - 2 + children: + - type: identifier + id: 2 + range: 1:1 - 1:2 + content: x + - type: '"="' + id: 3 + range: 1:3 - 1:4 + - type: hash + id: 4 + range: 1:5 - 6:2 + dataflow_sources: + - 5 + - 6 + - 24 + - 25 + - 31 + queries: + - 0 + children: + - type: '"{"' + id: 5 + range: 1:5 - 1:6 + - type: pair + id: 6 + range: 2:3 - 4:4 + dataflow_sources: + - 7 + - 8 + - 9 + children: + - type: hash_key_symbol + id: 7 + range: 2:3 - 2:4 + content: "y" + - type: '":"' + id: 8 + range: 2:4 - 2:5 + - type: hash + id: 9 + range: 2:6 - 4:4 + dataflow_sources: + - 10 + - 11 + - 23 + queries: + - 0 + children: + - type: '"{"' + id: 10 + range: 2:6 - 2:7 + - type: pair + id: 11 + range: 3:5 - 3:29 + dataflow_sources: + - 12 + - 13 + - 14 + children: + - type: hash_key_symbol + id: 12 + range: 3:5 - 3:9 + content: user + - type: '":"' + id: 13 + range: 3:9 - 3:10 + - type: hash + id: 14 + range: 3:11 - 3:29 + dataflow_sources: + - 15 + - 16 + - 22 + queries: + - 0 + children: + - type: '"{"' + id: 15 + range: 3:11 - 3:12 + - type: pair + id: 16 + range: 3:13 - 3:27 + dataflow_sources: + - 17 + - 18 + - 19 + children: + - type: hash_key_symbol + id: 17 + range: 3:13 - 3:23 + content: first_name + - type: '":"' + id: 18 + range: 3:23 - 3:24 + - type: string + id: 19 + range: 3:25 - 3:27 + dataflow_sources: + - 20 + - 21 + children: + - type: '"""' + id: 20 + range: 3:25 - 3:26 + - type: '"""' + id: 21 + range: 3:26 - 3:27 + - type: '"}"' + id: 22 + range: 3:28 - 3:29 + - type: '"}"' + id: 23 + range: 4:3 - 4:4 + - type: '","' + id: 24 + range: 4:4 - 4:5 + - type: pair + id: 25 + range: 5:3 - 5:12 + dataflow_sources: + - 26 + - 27 + - 28 + children: + - type: hash_key_symbol + id: 26 + range: 5:3 - 5:8 + content: email + - type: '":"' + id: 27 + range: 5:8 - 5:9 + - type: string + id: 28 + range: 5:10 - 5:12 + dataflow_sources: + - 29 + - 30 + children: + - type: '"""' + id: 29 + range: 5:10 - 5:11 + - type: '"""' + id: 30 + range: 5:11 - 5:12 + - type: '"}"' + id: 31 + range: 6:1 - 6:2 + +- node: 1 + content: |- + x = { + y: { + user: { first_name: "" } + }, + email: "" + } + data: + properties: + - name: x + node: + id: 1 + typeid: 1 + contentstart: + byte: 0 + line: 1 + column: 1 + contentend: + byte: 60 + line: 6 + column: 2 + executingdetectors: [] + classification: + name: x + datatype: null + decision: + state: valid + reason: invalid_object_with_valid_properties + datatype: + ruleid: datatype + matchnode: + id: 4 + typeid: 4 + contentstart: + byte: 4 + line: 1 + column: 5 + contentend: + byte: 60 + line: 6 + column: 2 + executingdetectors: [] + data: + properties: + - name: "y" + node: + id: 6 + typeid: 6 + contentstart: + byte: 8 + line: 2 + column: 3 + contentend: + byte: 45 + line: 4 + column: 4 + executingdetectors: [] + classification: + name: "y" + datatype: null + decision: + state: invalid + reason: invalid_property + datatype: + ruleid: datatype + matchnode: + id: 9 + typeid: 4 + contentstart: + byte: 11 + line: 2 + column: 6 + contentend: + byte: 45 + line: 4 + column: 4 + executingdetectors: [] + data: + properties: + - name: user + node: + id: 11 + typeid: 6 + contentstart: + byte: 17 + line: 3 + column: 5 + contentend: + byte: 41 + line: 3 + column: 29 + executingdetectors: [] + classification: + name: user + datatype: null + decision: + state: valid + reason: valid_object_with_valid_properties + datatype: + ruleid: datatype + matchnode: + id: 14 + typeid: 4 + contentstart: + byte: 23 + line: 3 + column: 11 + contentend: + byte: 41 + line: 3 + column: 29 + executingdetectors: [] + data: + properties: + - name: first_name + node: + id: 16 + typeid: 6 + contentstart: + byte: 25 + line: 3 + column: 13 + contentend: + byte: 39 + line: 3 + column: 27 + executingdetectors: [] + classification: + name: first name + subject_name: User + datatype: + name: Firstname + uuid: 380c8cde-ca2e-44ed-82db-2ab1e7c255c7 + category_uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e + category: + name: Identification + uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e + groups: + 172d90e3-cb9a-46b6-90e5-dd7169c3af54: + name: PII + uuid: 172d90e3-cb9a-46b6-90e5-dd7169c3af54 + e1d3135b-3c0f-4b55-abce-19f27a26cbb3: + name: Personal Data + uuid: e1d3135b-3c0f-4b55-abce-19f27a26cbb3 + decision: + state: valid + reason: known_pattern + datatype: null + - name: email + node: + id: 25 + typeid: 6 + contentstart: + byte: 49 + line: 5 + column: 3 + contentend: + byte: 58 + line: 5 + column: 12 + executingdetectors: [] + classification: + name: email + datatype: + name: Email Address + uuid: 22e24c62-82d3-4b72-827c-e261533331bd + category_uuid: cef587dd-76db-430b-9e18-7b031e1a193b + category: + name: Contact + uuid: cef587dd-76db-430b-9e18-7b031e1a193b + groups: + 172d90e3-cb9a-46b6-90e5-dd7169c3af54: + name: PII + uuid: 172d90e3-cb9a-46b6-90e5-dd7169c3af54 + e1d3135b-3c0f-4b55-abce-19f27a26cbb3: + name: Personal Data + uuid: e1d3135b-3c0f-4b55-abce-19f27a26cbb3 + decision: + state: valid + reason: valid_unknown_pattern + datatype: null +- node: 4 + content: |- + { + y: { + user: { first_name: "" } + }, + email: "" + } + data: + properties: + - name: "y" + node: + id: 6 + typeid: 6 + contentstart: + byte: 8 + line: 2 + column: 3 + contentend: + byte: 45 + line: 4 + column: 4 + executingdetectors: [] + classification: + name: "y" + datatype: null + decision: + state: invalid + reason: belongs_to_invalid_object + datatype: + ruleid: datatype + matchnode: + id: 9 + typeid: 4 + contentstart: + byte: 11 + line: 2 + column: 6 + contentend: + byte: 45 + line: 4 + column: 4 + executingdetectors: [] + data: + properties: + - name: user + node: + id: 11 + typeid: 6 + contentstart: + byte: 17 + line: 3 + column: 5 + contentend: + byte: 41 + line: 3 + column: 29 + executingdetectors: [] + classification: + name: user + datatype: null + decision: + state: valid + reason: valid_object_with_valid_properties + datatype: + ruleid: datatype + matchnode: + id: 14 + typeid: 4 + contentstart: + byte: 23 + line: 3 + column: 11 + contentend: + byte: 41 + line: 3 + column: 29 + executingdetectors: [] + data: + properties: + - name: first_name + node: + id: 16 + typeid: 6 + contentstart: + byte: 25 + line: 3 + column: 13 + contentend: + byte: 39 + line: 3 + column: 27 + executingdetectors: [] + classification: + name: first name + subject_name: User + datatype: + name: Firstname + uuid: 380c8cde-ca2e-44ed-82db-2ab1e7c255c7 + category_uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e + category: + name: Identification + uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e + groups: + 172d90e3-cb9a-46b6-90e5-dd7169c3af54: + name: PII + uuid: 172d90e3-cb9a-46b6-90e5-dd7169c3af54 + e1d3135b-3c0f-4b55-abce-19f27a26cbb3: + name: Personal Data + uuid: e1d3135b-3c0f-4b55-abce-19f27a26cbb3 + decision: + state: valid + reason: known_pattern + datatype: null + - name: email + node: + id: 25 + typeid: 6 + contentstart: + byte: 49 + line: 5 + column: 3 + contentend: + byte: 58 + line: 5 + column: 12 + executingdetectors: [] + classification: + name: email + datatype: null + decision: + state: invalid + reason: belongs_to_invalid_object + datatype: null +- node: 9 + content: |- + { + user: { first_name: "" } + } + data: + properties: + - name: user + node: + id: 11 + typeid: 6 + contentstart: + byte: 17 + line: 3 + column: 5 + contentend: + byte: 41 + line: 3 + column: 29 + executingdetectors: [] + classification: + name: user + datatype: null + decision: + state: valid + reason: valid_object_with_valid_properties + datatype: + ruleid: datatype + matchnode: + id: 14 + typeid: 4 + contentstart: + byte: 23 + line: 3 + column: 11 + contentend: + byte: 41 + line: 3 + column: 29 + executingdetectors: [] + data: + properties: + - name: first_name + node: + id: 16 + typeid: 6 + contentstart: + byte: 25 + line: 3 + column: 13 + contentend: + byte: 39 + line: 3 + column: 27 + executingdetectors: [] + classification: + name: first name + subject_name: User + datatype: + name: Firstname + uuid: 380c8cde-ca2e-44ed-82db-2ab1e7c255c7 + category_uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e + category: + name: Identification + uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e + groups: + 172d90e3-cb9a-46b6-90e5-dd7169c3af54: + name: PII + uuid: 172d90e3-cb9a-46b6-90e5-dd7169c3af54 + e1d3135b-3c0f-4b55-abce-19f27a26cbb3: + name: Personal Data + uuid: e1d3135b-3c0f-4b55-abce-19f27a26cbb3 + decision: + state: valid + reason: known_pattern + datatype: null + diff --git a/internal/scanner/detectors/.snapshots/TestDatatypeDetectorInvalidDetection-datatype b/internal/scanner/detectors/.snapshots/TestDatatypeDetectorInvalidDetection-datatype new file mode 100644 index 000000000..42d354f3a --- /dev/null +++ b/internal/scanner/detectors/.snapshots/TestDatatypeDetectorInvalidDetection-datatype @@ -0,0 +1,305 @@ +type: program +id: 0 +range: 1:1 - 5:2 +dataflow_sources: + - 1 +children: + - type: call + id: 1 + range: 1:1 - 5:2 + dataflow_sources: + - 3 + children: + - type: identifier + id: 2 + range: 1:1 - 1:7 + content: public + - type: argument_list + id: 3 + range: 1:8 - 5:2 + dataflow_sources: + - 4 + children: + - type: class + id: 4 + range: 1:8 - 5:2 + dataflow_sources: + - 5 + - 6 + - 7 + - 8 + - 63 + children: + - type: '"class"' + id: 5 + range: 1:8 - 1:13 + - type: constant + id: 6 + range: 1:14 - 1:31 + content: HashingAssignment + - type: '";"' + id: 7 + range: 1:31 - 1:31 + - type: call + id: 8 + range: 1:32 - 5:2 + dataflow_sources: + - 10 + children: + - type: identifier + id: 9 + range: 1:32 - 1:39 + content: extends + - type: argument_list + id: 10 + range: 1:40 - 5:2 + dataflow_sources: + - 11 + children: + - type: call + id: 11 + range: 1:40 - 5:2 + children: + - type: constant + id: 12 + range: 1:40 - 1:58 + content: AssignmentEndpoint + - type: block + id: 13 + range: 1:59 - 5:2 + children: + - type: '"{"' + id: 14 + range: 1:59 - 1:60 + - type: call + id: 15 + range: 2:3 - 4:4 + dataflow_sources: + - 17 + children: + - type: identifier + id: 16 + range: 2:3 - 2:9 + content: public + - type: argument_list + id: 17 + range: 2:10 - 4:4 + dataflow_sources: + - 18 + children: + - type: call + id: 18 + range: 2:10 - 4:4 + dataflow_sources: + - 20 + children: + - type: constant + id: 19 + range: 2:10 - 2:16 + content: String + - type: argument_list + id: 20 + range: 2:17 - 4:4 + dataflow_sources: + - 21 + children: + - type: call + id: 21 + range: 2:17 - 4:4 + dataflow_sources: + - 23 + children: + - type: identifier + id: 22 + range: 2:17 - 2:23 + content: getMd5 + - type: argument_list + id: 23 + range: 2:23 - 2:51 + dataflow_sources: + - 24 + - 25 + - 29 + children: + - type: '"("' + id: 24 + range: 2:23 - 2:24 + - type: call + id: 25 + range: 2:24 - 2:50 + dataflow_sources: + - 27 + children: + - type: constant + id: 26 + range: 2:24 - 2:42 + content: HttpServletRequest + - type: argument_list + id: 27 + range: 2:43 - 2:50 + dataflow_sources: + - 28 + children: + - type: identifier + id: 28 + range: 2:43 - 2:50 + content: request + - type: '")"' + id: 29 + range: 2:50 - 2:51 + - type: block + id: 30 + range: 2:52 - 4:4 + children: + - type: '"{"' + id: 31 + range: 2:52 - 2:53 + - type: call + id: 32 + range: 3:5 - 3:66 + dataflow_sources: + - 34 + children: + - type: constant + id: 33 + range: 3:5 - 3:11 + content: String + - type: argument_list + id: 34 + range: 3:12 - 3:66 + dataflow_sources: + - 35 + children: + - type: assignment + id: 35 + range: 3:12 - 3:66 + alias_of: + - 38 + queries: + - 2 + children: + - type: identifier + id: 36 + range: 3:12 - 3:18 + content: secret + - type: '"="' + id: 37 + range: 3:19 - 3:20 + - type: element_reference + id: 38 + range: 3:21 - 3:66 + dataflow_sources: + - 39 + queries: + - 5 + children: + - type: constant + id: 39 + range: 3:21 - 3:28 + content: SECRETS + - type: '"["' + id: 40 + range: 3:28 - 3:29 + - type: call + id: 41 + range: 3:29 - 3:65 + dataflow_sources: + - 43 + children: + - type: identifier + id: 42 + range: 3:29 - 3:32 + content: new + - type: argument_list + id: 43 + range: 3:33 - 3:65 + dataflow_sources: + - 44 + children: + - type: call + id: 44 + range: 3:33 - 3:65 + dataflow_sources: + - 52 + queries: + - 4 + children: + - type: call + id: 45 + range: 3:33 - 3:41 + dataflow_sources: + - 47 + children: + - type: constant + id: 46 + range: 3:33 - 3:39 + content: Random + - type: argument_list + id: 47 + range: 3:39 - 3:41 + dataflow_sources: + - 48 + - 49 + children: + - type: '"("' + id: 48 + range: 3:39 - 3:40 + - type: '")"' + id: 49 + range: 3:40 - 3:41 + - type: '"."' + id: 50 + range: 3:41 - 3:42 + - type: identifier + id: 51 + range: 3:42 - 3:49 + content: nextInt + - type: argument_list + id: 52 + range: 3:49 - 3:65 + dataflow_sources: + - 53 + - 54 + - 58 + children: + - type: '"("' + id: 53 + range: 3:49 - 3:50 + - type: call + id: 54 + range: 3:50 - 3:64 + queries: + - 4 + children: + - type: constant + id: 55 + range: 3:50 - 3:57 + content: SECRETS + - type: '"."' + id: 56 + range: 3:57 - 3:58 + - type: identifier + id: 57 + range: 3:58 - 3:64 + content: length + - type: '")"' + id: 58 + range: 3:64 - 3:65 + - type: '"]"' + id: 59 + range: 3:65 - 3:66 + - type: '";"' + id: 60 + range: 3:66 - 3:67 + - type: '"}"' + id: 61 + range: 4:3 - 4:4 + - type: '"}"' + id: 62 + range: 5:1 - 5:2 + - type: '"end"' + id: 63 + range: 5:2 - 5:2 + +[] + diff --git a/internal/scanner/detectors/.snapshots/TestInsecureUrlDetector-insecure_url b/internal/scanner/detectors/.snapshots/TestInsecureUrlDetector-insecure_url new file mode 100644 index 000000000..80149d8a4 --- /dev/null +++ b/internal/scanner/detectors/.snapshots/TestInsecureUrlDetector-insecure_url @@ -0,0 +1,99 @@ +type: program +id: 0 +range: 1:1 - 6:25 +dataflow_sources: + - 1 + - 2 + - 6 + - 7 + - 11 + - 15 +children: + - type: comment + id: 1 + range: 1:1 - 1:8 + content: '# match' + - type: string + id: 2 + range: 2:1 - 2:26 + dataflow_sources: + - 3 + - 4 + - 5 + children: + - type: '"""' + id: 3 + range: 2:1 - 2:2 + - type: string_content + id: 4 + range: 2:2 - 2:25 + content: http://api.insecure.com + - type: '"""' + id: 5 + range: 2:25 - 2:26 + - type: comment + id: 6 + range: 3:1 - 3:12 + content: '# not match' + - type: string + id: 7 + range: 4:1 - 4:25 + dataflow_sources: + - 8 + - 9 + - 10 + children: + - type: '"""' + id: 8 + range: 4:1 - 4:2 + - type: string_content + id: 9 + range: 4:2 - 4:24 + content: https://api.secure.com + - type: '"""' + id: 10 + range: 4:24 - 4:25 + - type: string + id: 11 + range: 5:1 - 5:30 + dataflow_sources: + - 12 + - 13 + - 14 + children: + - type: '"""' + id: 12 + range: 5:1 - 5:2 + - type: string_content + id: 13 + range: 5:2 - 5:29 + content: http://localhost:3000/admin + - type: '"""' + id: 14 + range: 5:29 - 5:30 + - type: string + id: 15 + range: 6:1 - 6:25 + dataflow_sources: + - 16 + - 17 + - 18 + children: + - type: '"""' + id: 16 + range: 6:1 - 6:2 + - type: string_content + id: 17 + range: 6:2 - 6:24 + content: http://127.0.0.1/admin + - type: '"""' + id: 18 + range: 6:24 - 6:25 + +- node: 2 + content: '"http://api.insecure.com"' + data: null +- node: 4 + content: http://api.insecure.com + data: null + diff --git a/internal/scanner/detectors/common/object.go b/internal/scanner/detectors/common/object.go new file mode 100644 index 000000000..a15991268 --- /dev/null +++ b/internal/scanner/detectors/common/object.go @@ -0,0 +1,100 @@ +package common + +import ( + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/ruleset" + + "github.com/bearer/bearer/internal/scanner/detectors/types" +) + +type Object struct { + Properties []Property + // IsVirtual describes whether this object actually exists, or has + // been detected as part of a variable name + IsVirtual bool +} + +type Property struct { + Name string + Node *tree.Node + Object *types.Detection +} + +func GetNonVirtualObjects( + detectorContext types.Context, + node *tree.Node, +) ([]*types.Detection, error) { + detections, err := detectorContext.Scan(node, ruleset.BuiltinObjectRule, traversalstrategy.Cursor) + if err != nil { + return nil, err + } + + var result []*types.Detection + for _, detection := range detections { + data := detection.Data.(Object) + if !data.IsVirtual { + result = append(result, detection) + } + } + + return result, nil +} + +func ProjectObject( + node *tree.Node, + detectorContext types.Context, + objectNode *tree.Node, + objectName, + propertyName string, + isPropertyAccess bool, +) ([]interface{}, error) { + var result []interface{} + + if isPropertyAccess { + objectDetections, err := GetNonVirtualObjects(detectorContext, objectNode) + if err != nil { + return nil, err + } + + for _, objectDetection := range objectDetections { + objectData := objectDetection.Data.(Object) + + for _, property := range objectData.Properties { + if property.Name == propertyName && property.Object != nil { + result = append(result, property.Object.Data) + result = append(result, Object{ + Properties: []Property{{ + Name: propertyName, + Object: &types.Detection{ + RuleID: ruleset.BuiltinObjectRule.ID(), + MatchNode: node, + Data: property.Object.Data, + }, + }}, + IsVirtual: true, + }) + } + } + } + } + + if objectName != "" { + result = append(result, Object{ + Properties: []Property{{ + Name: objectName, + Object: &types.Detection{ + RuleID: ruleset.BuiltinObjectRule.ID(), + MatchNode: node, + Data: Object{ + Properties: []Property{{Name: propertyName}}, + IsVirtual: true, + }, + }, + }}, + IsVirtual: true, + }) + } + + return result, nil +} diff --git a/internal/scanner/detectors/common/string.go b/internal/scanner/detectors/common/string.go new file mode 100644 index 000000000..442256ba8 --- /dev/null +++ b/internal/scanner/detectors/common/string.go @@ -0,0 +1,115 @@ +package common + +import ( + "fmt" + + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/ruleset" + + "github.com/bearer/bearer/internal/scanner/detectors/types" +) + +type String struct { + Value string + IsLiteral bool +} + +func GetStringValue(node *tree.Node, detectorContext types.Context) (string, bool, error) { + detections, err := detectorContext.Scan(node, ruleset.BuiltinStringRule, traversalstrategy.Cursor) + if err != nil { + return "", false, err + } + + switch len(detections) { + case 0: + return "", false, nil + case 1: + childString := detections[0].Data.(String) + + return childString.Value, childString.IsLiteral, nil + default: + literalValue := "" + for _, detection := range detections { + childString := detection.Data.(String) + if childString.IsLiteral && childString.Value != "" { + if literalValue != "" && childString.Value != literalValue { + return "", false, nil + } + + literalValue = childString.Value + } + } + + return literalValue, true, nil + } +} + +func ConcatenateChildStrings(node *tree.Node, detectorContext types.Context) ([]interface{}, error) { + value := "" + isLiteral := true + + for _, child := range node.Children() { + if !child.IsNamed() { + continue + } + + childValue, childIsLiteral, err := GetStringValue(child, detectorContext) + if err != nil { + return nil, err + } + + if childValue == "" && !childIsLiteral { + childValue = "*" + } + + value += childValue + + if !childIsLiteral { + isLiteral = false + } + } + + return []interface{}{String{ + Value: value, + IsLiteral: isLiteral, + }}, nil +} + +func ConcatenateAssignEquals(node *tree.Node, detectorContext types.Context) ([]interface{}, error) { + dataflowSources := node.ChildByFieldName("left").DataflowSources() + if len(dataflowSources) == 0 { + return nil, nil + } + if len(dataflowSources) != 1 { + return nil, fmt.Errorf("expected exactly one data source for `+=` node but got %d", len(dataflowSources)) + } + + left, leftIsLiteral, err := GetStringValue(dataflowSources[0], detectorContext) + if err != nil { + return nil, err + } + + right, rightIsLiteral, err := GetStringValue(node.ChildByFieldName("right"), detectorContext) + if err != nil { + return nil, err + } + + if left == "" && !leftIsLiteral { + left = "*" + + // No detection when neither parts are a string + if right == "" && !rightIsLiteral { + return nil, nil + } + } + + if right == "" && !rightIsLiteral { + right = "*" + } + + return []interface{}{String{ + Value: left + right, + IsLiteral: leftIsLiteral && rightIsLiteral, + }}, nil +} diff --git a/internal/scanner/detectors/customrule/customrule.go b/internal/scanner/detectors/customrule/customrule.go new file mode 100644 index 000000000..39e061647 --- /dev/null +++ b/internal/scanner/detectors/customrule/customrule.go @@ -0,0 +1,119 @@ +package customrule + +import ( + "fmt" + + "github.com/rs/zerolog/log" + + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/tree" + detectortypes "github.com/bearer/bearer/internal/scanner/detectors/types" + "github.com/bearer/bearer/internal/scanner/language" + "github.com/bearer/bearer/internal/scanner/ruleset" + "github.com/bearer/bearer/internal/scanner/variableshape" + + "github.com/bearer/bearer/internal/scanner/detectors/customrule/filters" + "github.com/bearer/bearer/internal/scanner/detectors/customrule/patternquery" + "github.com/bearer/bearer/internal/scanner/detectors/customrule/types" +) + +type Pattern struct { + Index int + Pattern string + Query patternquery.Query + Filter filters.Filter +} + +type Detector struct { + detectortypes.DetectorBase + rule *ruleset.Rule + patterns []Pattern +} + +func New( + language language.Language, + ruleSet *ruleset.Set, + variableShapeSet *variableshape.Set, + querySet *query.Set, + rule *ruleset.Rule, +) (detectortypes.Detector, error) { + variableShape := variableShapeSet.Shape(rule) + + var compiledPatterns []Pattern + for i, pattern := range rule.Patterns() { + patternQuery, err := patternquery.Compile( + language, + querySet, + rule.ID(), + i, + pattern.Pattern, + pattern.Focus, + variableShape, + ) + if err != nil { + return nil, fmt.Errorf("error compiling pattern: %s", err) + } + + filter, err := translateFiltersTop(ruleSet, variableShapeSet, variableShapeSet.Shape(rule), pattern.Filters) + if err != nil { + return nil, err + } + + compiledPatterns = append(compiledPatterns, Pattern{ + Index: i, + Pattern: pattern.Pattern, + Query: patternQuery, + Filter: filter, + }) + } + + return &Detector{ + patterns: compiledPatterns, + rule: rule, + }, nil +} + +func (detector *Detector) Rule() *ruleset.Rule { + return detector.rule +} + +func (detector *Detector) DetectAt( + node *tree.Node, + detectorContext detectortypes.Context, +) ([]interface{}, error) { + var detectionsData []interface{} + + for _, pattern := range detector.patterns { + results, err := pattern.Query.MatchAt(node) + if err != nil { + return nil, err + } + + if log.Trace().Enabled() && len(results) != 0 { + log.Trace().Msgf("pattern %s matched (without filters)", pattern.Query.ID()) + } + + for _, result := range results { + filterResult, err := pattern.Filter.Evaluate(detectorContext, result.Variables) + if err != nil { + return nil, err + } + if filterResult == nil || len(filterResult.Matches()) == 0 { + log.Trace().Msg("filters didn't match") + continue + } + + for _, match := range filterResult.Matches() { + detectionsData = append(detectionsData, types.Data{ + Pattern: pattern.Pattern, + Datatypes: match.DatatypeDetections(), + Variables: match.Variables(), + }) + } + + log.Trace().Msg("filters matched") + } + } + + return detectionsData, nil +} diff --git a/internal/scanner/detectors/customrule/filter.go b/internal/scanner/detectors/customrule/filter.go new file mode 100644 index 000000000..f5803d620 --- /dev/null +++ b/internal/scanner/detectors/customrule/filter.go @@ -0,0 +1,268 @@ +package customrule + +import ( + "fmt" + "slices" + + "github.com/rs/zerolog/log" + + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/detectors/customrule/filters" + "github.com/bearer/bearer/internal/scanner/ruleset" + "github.com/bearer/bearer/internal/scanner/variableshape" +) + +func translateFiltersTop( + ruleSet *ruleset.Set, + variableShapeSet *variableshape.Set, + variableShape *variableshape.Shape, + sourceFilters []settings.PatternFilter, +) (filters.Filter, error) { + children, err := translateFilters(ruleSet, variableShapeSet, variableShape, sourceFilters) + if err != nil { + return nil, err + } + + return &filters.All{Children: children}, nil +} + +func translateFilters( + ruleSet *ruleset.Set, + variableShapeSet *variableshape.Set, + variableShape *variableshape.Shape, + sourceFilters []settings.PatternFilter, +) ([]filters.Filter, error) { + filters := make([]filters.Filter, len(sourceFilters)) + + sortFilters(sourceFilters) + for i, sourceFilter := range sourceFilters { + filter, err := translateFilter(ruleSet, variableShapeSet, variableShape, &sourceFilter) + if err != nil { + return nil, err + } + + filters[i] = filter + } + + return filters, nil +} + +func translateFilter( + ruleSet *ruleset.Set, + variableShapeSet *variableshape.Set, + variableShape *variableshape.Shape, + sourceFilter *settings.PatternFilter, +) (filters.Filter, error) { + if sourceFilter.Not != nil { + child, err := translateFilter(ruleSet, variableShapeSet, variableShape, sourceFilter.Not) + if err != nil { + return nil, err + } + + return &filters.Not{Child: child}, nil + } + + if len(sourceFilter.Either) != 0 { + children, err := translateFilters(ruleSet, variableShapeSet, variableShape, sourceFilter.Either) + if err != nil { + return nil, err + } + + return &filters.Either{Children: children}, nil + } + + if sourceFilter.FilenameRegex != nil { + return &filters.FilenameRegex{Regex: sourceFilter.FilenameRegex.Regexp}, nil + } + + variable, err := variableShape.Variable(sourceFilter.Variable) + if err != nil { + return nil, err + } + + if sourceFilter.Detection != "" { + rule, err := ruleSet.RuleByID(sourceFilter.Detection) + if err != nil { + return nil, err + } + + ruleFilter, err := translateFiltersTop( + ruleSet, + variableShapeSet, + variableShapeSet.Shape(rule), + sourceFilter.Filters, + ) + if err != nil { + return nil, err + } + + traversalStrategy, err := traversalstrategy.Get(sourceFilter.Scope) + if err != nil { + return nil, err + } + + childVariableShape := variableShapeSet.Shape(rule) + + importedVariables := make([]filters.ImportedVariable, len(sourceFilter.Imports)) + for i, importedVariable := range sourceFilter.Imports { + parentVariable, err := variableShape.Variable(importedVariable.As) + if err != nil { + return nil, err + } + + childVariable, err := childVariableShape.Variable(importedVariable.Variable) + if err != nil { + return nil, err + } + + importedVariables[i] = filters.ImportedVariable{ + ParentVariable: parentVariable, + ChildVariable: childVariable, + } + } + + return &filters.Rule{ + Variable: variable, + Rule: rule, + TraversalStrategy: traversalStrategy, + IsDatatypeRule: sourceFilter.Detection == "datatype", + Filter: ruleFilter, + ImportedVariables: importedVariables, + }, nil + } + + if len(sourceFilter.Values) != 0 { + return &filters.Values{ + Variable: variable, + Values: sourceFilter.Values, + }, nil + } + + if sourceFilter.Regex != nil { + return &filters.Regex{ + Variable: variable, + Regex: sourceFilter.Regex.Regexp, + }, nil + } + + if sourceFilter.LengthLessThan != nil { + return &filters.StringLengthLessThan{ + Variable: variable, + Value: *sourceFilter.LengthLessThan, + }, nil + } + + if sourceFilter.StringRegex != nil { + return &filters.StringRegex{ + Variable: variable, + Regex: sourceFilter.StringRegex.Regexp, + }, nil + } + + if sourceFilter.LessThan != nil { + return &filters.IntegerLessThan{ + Variable: variable, + Value: *sourceFilter.LessThan, + }, nil + } + + if sourceFilter.LessThanOrEqual != nil { + return &filters.IntegerLessThanOrEqual{ + Variable: variable, + Value: *sourceFilter.LessThanOrEqual, + }, nil + } + + if sourceFilter.GreaterThan != nil { + return &filters.IntegerGreaterThan{ + Variable: variable, + Value: *sourceFilter.GreaterThan, + }, nil + } + + if sourceFilter.GreaterThanOrEqual != nil { + return &filters.IntegerGreaterThanOrEqual{ + Variable: variable, + Value: *sourceFilter.GreaterThanOrEqual, + }, nil + } + + log.Debug().Msgf("unknown filter type: %#v", sourceFilter) + return &filters.Unknown{}, nil +} + +func sortFilters(filters []settings.PatternFilter) { + slices.SortFunc(filters, func(a, b settings.PatternFilter) int { + return scoreFilter(a) - scoreFilter(b) + }) + + for i := range filters { + sortFilter(&filters[i]) + } +} + +func sortFilter(filter *settings.PatternFilter) { + switch { + case len(filter.Either) != 0: + sortFilters(filter.Either) + case filter.Not != nil: + sortFilter(filter.Not) + } +} + +func scoreFilter(filter settings.PatternFilter) int { + if filter.Regex != nil || + len(filter.Values) != 0 || + filter.LengthLessThan != nil || + filter.LessThan != nil || + filter.LessThanOrEqual != nil || + filter.GreaterThan != nil || + filter.GreaterThanOrEqual != nil || + filter.FilenameRegex != nil { + return 1 + } + + if filter.Detection == "datatype" { + return 7 + } + + if filter.StringRegex != nil || + filter.Detection != "" && filter.Scope == settings.CURSOR_STRICT_SCOPE { + return 2 + } + + if filter.Detection != "" && filter.Scope == settings.CURSOR_SCOPE { + return 3 + } + + if filter.Detection != "" && filter.Scope == settings.NESTED_STRICT_SCOPE { + return 4 + } + + if filter.Detection != "" && filter.Scope == settings.RESULT_SCOPE { + return 5 + } + + if filter.Detection != "" && filter.Scope == settings.NESTED_SCOPE { + return 6 + } + + if filter.Not != nil { + return scoreFilter(*filter.Not) + } + + if len(filter.Either) != 0 { + max := 0 + + for _, subFilter := range filter.Either { + if subScore := scoreFilter(subFilter); subScore > max { + max = subScore + } + } + + return max + } + + panic(fmt.Sprintf("unknown filter %#v", filter)) +} diff --git a/internal/scanner/detectors/customrule/filters/filters.go b/internal/scanner/detectors/customrule/filters/filters.go new file mode 100644 index 000000000..7394cb921 --- /dev/null +++ b/internal/scanner/detectors/customrule/filters/filters.go @@ -0,0 +1,522 @@ +package filters + +import ( + "regexp" + "slices" + "strconv" + + "github.com/rs/zerolog/log" + + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/detectors/common" + "github.com/bearer/bearer/internal/scanner/detectors/customrule/types" + detectortypes "github.com/bearer/bearer/internal/scanner/detectors/types" + "github.com/bearer/bearer/internal/scanner/ruleset" + "github.com/bearer/bearer/internal/scanner/variableshape" +) + +type Result struct { + matches []Match +} + +func NewResult(matches ...Match) *Result { + return &Result{matches: matches} +} + +type Match struct { + variables variableshape.Values + datatypeDetections []*detectortypes.Detection +} + +func NewMatch(variables variableshape.Values, datatypeDetections []*detectortypes.Detection) Match { + return Match{variables: variables, datatypeDetections: datatypeDetections} +} + +func (result *Result) Matches() []Match { + return result.matches +} + +func (match *Match) Variables() variableshape.Values { + return match.variables +} + +func (match *Match) DatatypeDetections() []*detectortypes.Detection { + return match.datatypeDetections +} + +type Filter interface { + Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, + ) (*Result, error) +} + +type Not struct { + Child Filter +} + +func (filter *Not) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*Result, error) { + childResult, err := filter.Child.Evaluate(detectorContext, patternVariables) + if err != nil { + return nil, err + } + + if childResult == nil { + log.Trace().Msg("filters.Not: nil") + return nil, nil + } + + result := len(childResult.Matches()) == 0 + + if log.Trace().Enabled() { + log.Trace().Msgf("filters.Not: %t", result) + } + + return boolResult(patternVariables, result), nil +} + +type Either struct { + Children []Filter +} + +func (filter *Either) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*Result, error) { + var matches []Match + + unknownResult := true + for _, child := range filter.Children { + subResult, err := child.Evaluate(detectorContext, patternVariables) + if err != nil { + return nil, err + } + + if subResult == nil { + continue + } + + unknownResult = false + matches = append(matches, subResult.matches...) + } + + if unknownResult { + return nil, nil + } + + return NewResult(matches...), nil +} + +type All struct { + Children []Filter +} + +func (filter *All) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*Result, error) { + var matches []Match + + if len(filter.Children) == 0 { + log.Trace().Msg("filters.All: true (no children)") + return boolResult(patternVariables, true), nil + } + + for i, child := range filter.Children { + subResult, err := child.Evaluate(detectorContext, patternVariables) + if err != nil { + return nil, err + } + + if subResult == nil { + log.Trace().Msg("filters.All: nil") + return nil, nil + } + + if i == 0 { + matches = subResult.matches + continue + } + + matches = filter.joinMatches(matches, subResult.matches) + + if len(matches) == 0 { + log.Trace().Msg("filters.All: no matches") + return NewResult(), nil + } + } + + log.Trace().Msg("filters.All: matches") + return NewResult(matches...), nil +} + +func (filter *All) joinMatches(matches, childMatches []Match) []Match { + var result []Match + + for _, match := range matches { + for _, childMatch := range childMatches { + if variables, variablesMatch := match.variables.Merge(childMatch.variables); variablesMatch { + result = append(result, NewMatch( + variables, + // FIXME: this seems like it will create unnecessary duplicates + append(match.datatypeDetections, childMatch.datatypeDetections...), + )) + } + } + } + + return result +} + +type FilenameRegex struct { + Regex *regexp.Regexp +} + +func (filter *FilenameRegex) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*Result, error) { + return boolResult(patternVariables, filter.Regex.MatchString(detectorContext.Filename())), nil +} + +type ImportedVariable struct { + ParentVariable, + ChildVariable *variableshape.Variable +} + +type Rule struct { + Variable *variableshape.Variable + Rule *ruleset.Rule + TraversalStrategy traversalstrategy.Strategy + IsDatatypeRule bool + Filter Filter + ImportedVariables []ImportedVariable +} + +func (filter *Rule) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*Result, error) { + node := patternVariables.Node(filter.Variable) + detections, err := detectorContext.Scan(node, filter.Rule, filter.TraversalStrategy) + if err != nil { + return nil, err + } + + if len(detections) == 0 { + return NewResult(), nil + } + + if filter.IsDatatypeRule { + log.Trace().Msg("filters.Rule: match (datatype)") + return NewResult(NewMatch(patternVariables, detections)), nil + } + + if log.Trace().Enabled() { + log.Trace().Msgf("filters.Rule: %d detections", len(detections)) + } + + var matches []Match + hasPatternVariableMatch := false + + var datatypeDetections []*detectortypes.Detection + + for _, detection := range detections { + data, ok := detection.Data.(types.Data) + if !ok { // Built-in detector + log.Trace().Msg("filters.Rule: match (built-in)") + + hasPatternVariableMatch = true + continue + } + + subResult, err := filter.Filter.Evaluate(detectorContext, data.Variables) + if err != nil { + return nil, err + } + + if subResult == nil { + log.Trace().Msg("filters.Rule: no match (filter result unknown)") + continue + } + + if len(subResult.matches) == 0 { + log.Trace().Msg("filters.Rule: no match") + continue + } + + if len(filter.ImportedVariables) == 0 { + log.Trace().Msg("filters.Rule: match (no imported vars)") + + hasPatternVariableMatch = true + datatypeDetections = append(datatypeDetections, data.Datatypes...) + + for _, detectionMatch := range subResult.matches { + datatypeDetections = append(datatypeDetections, detectionMatch.datatypeDetections...) + } + + continue + } + + matched := false + for _, detectionMatch := range subResult.matches { + if variables, variablesMatch := filter.importVariables(patternVariables, detectionMatch.variables); variablesMatch { + matched = true + matches = append(matches, NewMatch(variables, detectionMatch.datatypeDetections)) + } + } + + if matched { + log.Trace().Msg("filters.Rule: match") + + if len(data.Datatypes) != 0 { + hasPatternVariableMatch = true + datatypeDetections = append(datatypeDetections, data.Datatypes...) + } + } else { + log.Trace().Msg("filters.Rule: no match (variable mismatch)") + } + } + + if hasPatternVariableMatch { + matches = append(matches, NewMatch(patternVariables, datatypeDetections)) + } + + return NewResult(matches...), nil +} + +func (filter *Rule) importVariables(parentVariables, childVariables variableshape.Values) (variableshape.Values, bool) { + if len(filter.ImportedVariables) == 0 { + return parentVariables, true + } + + variables := parentVariables.Clone() + + for _, importedVariable := range filter.ImportedVariables { + parentNode := parentVariables.Node(importedVariable.ParentVariable) + childNode := childVariables.Node(importedVariable.ChildVariable) + + if childNode == nil { + continue + } + + if parentNode != nil && parentNode != childNode { + return nil, false + } + + variables.Set(importedVariable.ParentVariable, childNode) + } + + return variables, true +} + +type Values struct { + Variable *variableshape.Variable + Values []string +} + +func (filter *Values) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*Result, error) { + node := patternVariables.Node(filter.Variable) + return boolResult(patternVariables, slices.Contains(filter.Values, node.Content())), nil +} + +type Regex struct { + Variable *variableshape.Variable + Regex *regexp.Regexp +} + +func (filter *Regex) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*Result, error) { + node := patternVariables.Node(filter.Variable) + result := filter.Regex.MatchString(node.Content()) + + if log.Trace().Enabled() { + log.Trace().Msgf( + "filters.Regex: %t for pattern %s at %s, content=%s", + result, + filter.Regex.String(), + node.Debug(), + node.Content(), + ) + } + + return boolResult(patternVariables, result), nil +} + +type StringLengthLessThan struct { + Variable *variableshape.Variable + Value int +} + +func (filter *StringLengthLessThan) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*Result, error) { + node := patternVariables.Node(filter.Variable) + value, isString, err := lookupString(detectorContext, node) + if err != nil || !isString { + return nil, err + } + + return boolResult(patternVariables, len(value) < filter.Value), nil +} + +type StringRegex struct { + Variable *variableshape.Variable + Regex *regexp.Regexp +} + +func (filter *StringRegex) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*Result, error) { + node := patternVariables.Node(filter.Variable) + value, isString, err := lookupString(detectorContext, node) + if err != nil { + return nil, err + } + + if !isString { + if log.Trace().Enabled() { + log.Trace().Msgf("filters.StringRegex: nil for pattern %s at %s", filter.Regex.String(), node.Debug()) + } + + return nil, nil + } + + result := filter.Regex.MatchString(value) + if log.Trace().Enabled() { + log.Trace().Msgf( + "filters.StringRegex: %t for pattern %s at %s, content=%s", + result, + filter.Regex.String(), + node.Debug(), + value, + ) + } + + return boolResult(patternVariables, result), nil +} + +type IntegerLessThan struct { + Variable *variableshape.Variable + Value int +} + +func (filter *IntegerLessThan) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*Result, error) { + node := patternVariables.Node(filter.Variable) + value, isInteger, err := parseInteger(node) + if err != nil || !isInteger { + return nil, err + } + + return boolResult(patternVariables, value < filter.Value), nil +} + +type IntegerLessThanOrEqual struct { + Variable *variableshape.Variable + Value int +} + +func (filter *IntegerLessThanOrEqual) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*Result, error) { + node := patternVariables.Node(filter.Variable) + value, isInteger, err := parseInteger(node) + if err != nil || !isInteger { + return nil, err + } + + return boolResult(patternVariables, value <= filter.Value), nil +} + +type IntegerGreaterThan struct { + Variable *variableshape.Variable + Value int +} + +func (filter *IntegerGreaterThan) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*Result, error) { + node := patternVariables.Node(filter.Variable) + value, isInteger, err := parseInteger(node) + if err != nil || !isInteger { + return nil, err + } + + return boolResult(patternVariables, value > filter.Value), nil +} + +type IntegerGreaterThanOrEqual struct { + Variable *variableshape.Variable + Value int +} + +func (filter *IntegerGreaterThanOrEqual) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*Result, error) { + node := patternVariables.Node(filter.Variable) + value, isInteger, err := parseInteger(node) + if err != nil || !isInteger { + return nil, err + } + + return boolResult(patternVariables, value >= filter.Value), nil +} + +type Unknown struct{} + +func (filter *Unknown) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*Result, error) { + return nil, nil +} + +func lookupString( + detectorContext detectortypes.Context, + node *tree.Node, +) (string, bool, error) { + value, isLiteral, err := common.GetStringValue(node, detectorContext) + if err != nil || (value == "" && !isLiteral) { + return "", false, err + } + + return value, true, nil +} + +func parseInteger(node *tree.Node) (int, bool, error) { + value, err := strconv.Atoi(node.Content()) + if err != nil { + return 0, false, nil + } + + return value, true, nil +} + +func boolResult(patternVariables variableshape.Values, value bool) *Result { + return NewResult(boolMatches(patternVariables, value)...) +} + +func boolMatches(patternVariables variableshape.Values, value bool) []Match { + if value { + return []Match{NewMatch(patternVariables, nil)} + } else { + return nil + } +} diff --git a/internal/scanner/detectors/customrule/filters/filters_suite_test.go b/internal/scanner/detectors/customrule/filters/filters_suite_test.go new file mode 100644 index 000000000..b9d5c0fb6 --- /dev/null +++ b/internal/scanner/detectors/customrule/filters/filters_suite_test.go @@ -0,0 +1,13 @@ +package filters_test + +import ( + "testing" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" +) + +func TestFilters(t *testing.T) { + RegisterFailHandler(Fail) + RunSpecs(t, "Filters Suite") +} diff --git a/internal/scanner/detectors/customrule/filters/filters_test.go b/internal/scanner/detectors/customrule/filters/filters_test.go new file mode 100644 index 000000000..150041411 --- /dev/null +++ b/internal/scanner/detectors/customrule/filters/filters_test.go @@ -0,0 +1,736 @@ +package filters_test + +import ( + "context" + "regexp" + "strings" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + "github.com/bearer/bearer/internal/languages/ruby" + "github.com/bearer/bearer/internal/scanner/ast" + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/detectors/common" + "github.com/bearer/bearer/internal/scanner/detectors/customrule/filters" + detectortypes "github.com/bearer/bearer/internal/scanner/detectors/types" + "github.com/bearer/bearer/internal/scanner/ruleset" + "github.com/bearer/bearer/internal/scanner/variableshape" + "github.com/bearer/bearer/internal/util/pointers" +) + +type MockFilter struct { + result *filters.Result + err error +} + +type MockDetectorContext struct { + filename string + scan func( + rootNode *tree.Node, + rule *ruleset.Rule, + traversalStrategy traversalstrategy.Strategy, + ) ([]*detectortypes.Detection, error) +} + +func (context *MockDetectorContext) Filename() string { + return context.filename +} + +func (context *MockDetectorContext) Scan( + rootNode *tree.Node, + rule *ruleset.Rule, + traversalStrategy traversalstrategy.Strategy, +) ([]*detectortypes.Detection, error) { + if context.scan != nil { + return context.scan(rootNode, rule, traversalStrategy) + } + + Fail("MockDetectorContext.scan called but no scan function was set") + panic("unreachable") +} + +func (filter *MockFilter) Evaluate( + detectorContext detectortypes.Context, + patternVariables variableshape.Values, +) (*filters.Result, error) { + return filter.result, filter.err +} + +var defaultDetectorContext = &MockDetectorContext{ + filename: "src/foo.go", +} + +var _ = Describe("Not", func() { + var filter *filters.Not + var patternVariables = []*tree.Node{{ID: 42}} + + When("the child filter has a match", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.Not{ + Child: &MockFilter{result: filters.NewResult(filters.NewMatch(nil, nil))}, + } + }) + + It("returns a result with NO matches", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal(filters.NewResult())) + }) + }) + + When("the child filter has NO matches", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.Not{ + Child: &MockFilter{result: filters.NewResult()}, + } + }) + + It("returns a result with a match using the pattern variables", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal( + filters.NewResult(filters.NewMatch(patternVariables, nil)), + )) + }) + }) + + When("the child filter result is unknown", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.Not{ + Child: &MockFilter{result: nil}, + } + }) + + It("returns an unknown result", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(BeNil()) + }) + }) +}) + +var _ = Describe("Either", func() { + var filter *filters.Either + patternVariables := []*tree.Node{{ID: 42}} + + When("there are child filter matches", func() { + match1 := filters.NewMatch([]*tree.Node{{ID: 1}}, nil) + match2 := filters.NewMatch([]*tree.Node{{ID: 2}}, nil) + match3 := filters.NewMatch([]*tree.Node{{ID: 3}}, nil) + + BeforeEach(func(ctx SpecContext) { + filter = &filters.Either{ + Children: []filters.Filter{ + &MockFilter{result: filters.NewResult(match1, match2)}, + &MockFilter{result: filters.NewResult(match3)}, + &MockFilter{result: nil}, + &MockFilter{result: filters.NewResult()}, + }, + } + }) + + It("returns a result with all matches combined", func(ctx SpecContext) { + result, err := filter.Evaluate(defaultDetectorContext, patternVariables) + + Expect(err).To(BeNil()) + Expect(result).ToNot(BeNil()) + Expect(result.Matches()).To(ContainElements(match1, match2, match3)) + }) + }) + + When("no child filter matches", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.Either{ + Children: []filters.Filter{ + &MockFilter{result: nil}, + &MockFilter{result: filters.NewResult()}, + }, + } + }) + + It("returns a result with NO matches", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal(filters.NewResult())) + }) + }) + + When("all child filter results are unknown", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.Either{ + Children: []filters.Filter{ + &MockFilter{result: nil}, + &MockFilter{result: nil}, + }, + } + }) + + It("returns an unknown result", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(BeNil()) + }) + }) + + When("there are NO child filters", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.Either{Children: nil} + }) + + It("returns an unknown result", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(BeNil()) + }) + }) +}) + +var _ = Describe("All", func() { + var filter *filters.All + var nodes []*tree.Node + var patternVariables variableshape.Values + + datatype1 := &detectortypes.Detection{RuleID: "dt1"} + datatype2 := &detectortypes.Detection{RuleID: "dt2"} + datatype3 := &detectortypes.Detection{RuleID: "dt3"} + datatype4 := &detectortypes.Detection{RuleID: "dt4"} + datatype5 := &detectortypes.Detection{RuleID: "dt5"} + discordantDatatype := &detectortypes.Detection{RuleID: "dtd"} + + var match1, match2, match3, match4, match5, discordantMatch filters.Match + + BeforeEach(func(ctx SpecContext) { + nodes = parseNodes(ctx, []string{"n1", "n2", "n3", "n4", "n5", "n6", "n7", "n8"}) + patternVariables = []*tree.Node{nodes[0], nil, nil, nil} + + match1 = filters.NewMatch([]*tree.Node{nodes[0], nil, nil, nil}, []*detectortypes.Detection{datatype1}) + match2 = filters.NewMatch([]*tree.Node{nil, nodes[2], nodes[4], nil}, []*detectortypes.Detection{datatype2}) + match3 = filters.NewMatch([]*tree.Node{nil, nodes[3], nodes[5], nil}, []*detectortypes.Detection{datatype3}) + match4 = filters.NewMatch([]*tree.Node{nodes[0], nodes[3], nil, nodes[6]}, []*detectortypes.Detection{datatype4}) + match5 = filters.NewMatch([]*tree.Node{nodes[0], nodes[3], nil, nodes[7]}, []*detectortypes.Detection{datatype5}) + discordantMatch = filters.NewMatch([]*tree.Node{nodes[1], nil, nil, nil}, []*detectortypes.Detection{discordantDatatype}) + }) + + When("there is a single child filter with matches", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.All{ + Children: []filters.Filter{ + &MockFilter{result: filters.NewResult(match1, match2)}, + }, + } + }) + + It("returns a result with the child matches", func(ctx SpecContext) { + result, err := filter.Evaluate(defaultDetectorContext, patternVariables) + + Expect(err).To(BeNil()) + Expect(result).ToNot(BeNil()) + Expect(result.Matches()).To(ContainElements(match1, match2)) + }) + }) + + When("there are multiple child filters that all match", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.All{ + Children: []filters.Filter{ + &MockFilter{result: filters.NewResult(match1)}, + &MockFilter{result: filters.NewResult(match2, match3)}, + &MockFilter{result: filters.NewResult(match4, match5)}, + }, + } + }) + + It("returns a result with the matches joined by variables", func(ctx SpecContext) { + result, err := filter.Evaluate(defaultDetectorContext, patternVariables) + + Expect(err).To(BeNil()) + Expect(result).ToNot(BeNil()) + Expect(result.Matches()).To(ContainElements( + filters.NewMatch( + []*tree.Node{nodes[0], nodes[3], nodes[5], nodes[6]}, + []*detectortypes.Detection{datatype1, datatype3, datatype4}, + ), + filters.NewMatch( + []*tree.Node{nodes[0], nodes[3], nodes[5], nodes[7]}, + []*detectortypes.Detection{datatype1, datatype3, datatype5}, + ), + )) + }) + }) + + When("one child has NO matches that join to the other matches", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.All{ + Children: []filters.Filter{ + // this is the same example as above, but with the addition of + // the discordant match + &MockFilter{result: filters.NewResult(match1)}, + &MockFilter{result: filters.NewResult(match2, match3)}, + &MockFilter{result: filters.NewResult(match4, match5)}, + &MockFilter{result: filters.NewResult(discordantMatch)}, + }, + } + }) + + It("returns a result with NO matches", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal(filters.NewResult())) + }) + }) + + When("at least one child filter result is unknown", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.All{ + Children: []filters.Filter{ + &MockFilter{result: filters.NewResult(match1)}, + &MockFilter{result: nil}, + }, + } + }) + + It("returns an unknown result", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(BeNil()) + }) + }) + + When("there are NO child filters", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.All{Children: nil} + }) + + It("returns a result with a single match using the pattern variables", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal( + filters.NewResult(filters.NewMatch(patternVariables, nil)), + )) + }) + }) +}) + +var _ = Describe("FilenameRegex", func() { + var filter *filters.FilenameRegex + patternVariables := []*tree.Node{{ID: 42}} + + When("the filename matches the regex", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.FilenameRegex{Regex: regexp.MustCompile(`foo`)} + }) + + It("returns a result with a match using the pattern variables", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal( + filters.NewResult(filters.NewMatch(patternVariables, nil)), + )) + }) + }) + + When("the filename does NOT match the regex", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.FilenameRegex{Regex: regexp.MustCompile(`bar`)} + }) + + It("returns a result with NO matches", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal(filters.NewResult())) + }) + }) +}) + +var _ = Describe("Rule", func() { +}) + +var _ = Describe("Values", func() { + var filter *filters.Values + var variable *variableshape.Variable + var patternVariables variableshape.Values + + BeforeEach(func(ctx SpecContext) { + variable, patternVariables = setupContentTest(ctx, "hello", "other") + }) + + When("the variable node's content is equal to one of the filter's values", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.Values{Variable: variable, Values: []string{"hello", "other"}} + }) + + It("returns a result with a match using the pattern variables", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal( + filters.NewResult(filters.NewMatch(patternVariables, nil)), + )) + }) + }) + + When("the variable node's content does NOT match any filter value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.Values{Variable: variable, Values: []string{"other"}} + }) + + It("returns a result with NO matches", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal(filters.NewResult())) + }) + }) +}) + +var _ = Describe("Regex", func() { + var filter *filters.Regex + var variable *variableshape.Variable + var patternVariables variableshape.Values + + BeforeEach(func(ctx SpecContext) { + variable, patternVariables = setupContentTest(ctx, "hello", "other") + }) + + When("the variable node's content matches the regex", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.Regex{Variable: variable, Regex: regexp.MustCompile(`l{2}`)} + }) + + It("returns a result with a match using the pattern variables", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal( + filters.NewResult(filters.NewMatch(patternVariables, nil)), + )) + }) + }) + + When("the variable node's content does NOT match the regex", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.Regex{Variable: variable, Regex: regexp.MustCompile(`other`)} + }) + + It("returns a result with NO matches", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal(filters.NewResult())) + }) + }) +}) + +var _ = Describe("StringLengthLessThan", func() { + var filter *filters.StringLengthLessThan + var variable *variableshape.Variable + var detectorContext detectortypes.Context + var patternVariables variableshape.Values + + BeforeEach(func(ctx SpecContext) { + variable, patternVariables = setupContentTest(ctx, "hello", "other") + detectorContext = setupStringTest(patternVariables.Node(variable), pointers.String("foo")) + }) + + When("the variable node's string detector value has length less than the filter value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.StringLengthLessThan{Variable: variable, Value: 4} + }) + + It("returns a result with a match using the pattern variables", func(ctx SpecContext) { + Expect(filter.Evaluate(detectorContext, patternVariables)).To(Equal( + filters.NewResult(filters.NewMatch(patternVariables, nil)), + )) + }) + }) + + When("the variable node's string detector value has length greater than or equal to the filter value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.StringLengthLessThan{Variable: variable, Value: 3} + }) + + It("returns a result with NO matches", func(ctx SpecContext) { + Expect(filter.Evaluate(detectorContext, patternVariables)).To(Equal(filters.NewResult())) + }) + }) + + When("the variable node has NO string detector value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.StringLengthLessThan{Variable: variable, Value: 4} + detectorContext = setupStringTest(patternVariables.Node(variable), nil) + }) + + It("returns an unknown result", func(ctx SpecContext) { + Expect(filter.Evaluate(detectorContext, patternVariables)).To(BeNil()) + }) + }) +}) + +var _ = Describe("StringRegex", func() { + var filter *filters.StringRegex + var variable *variableshape.Variable + var detectorContext detectortypes.Context + var patternVariables variableshape.Values + + BeforeEach(func(ctx SpecContext) { + variable, patternVariables = setupContentTest(ctx, "hello", "other") + detectorContext = setupStringTest(patternVariables.Node(variable), pointers.String("foo")) + }) + + When("the variable node's string detector value matches the filter regex", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.StringRegex{Variable: variable, Regex: regexp.MustCompile(`o{2}`)} + }) + + It("returns a result with a match using the pattern variables", func(ctx SpecContext) { + Expect(filter.Evaluate(detectorContext, patternVariables)).To(Equal( + filters.NewResult(filters.NewMatch(patternVariables, nil)), + )) + }) + }) + + When("the variable node's string detector value does NOT match the filter regex", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.StringRegex{Variable: variable, Regex: regexp.MustCompile(`bar`)} + }) + + It("returns a result with NO matches", func(ctx SpecContext) { + Expect(filter.Evaluate(detectorContext, patternVariables)).To(Equal(filters.NewResult())) + }) + }) + + When("the variable node has NO string detector value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.StringRegex{Variable: variable, Regex: regexp.MustCompile(`o{2}`)} + detectorContext = setupStringTest(patternVariables.Node(variable), nil) + }) + + It("returns an unknown result", func(ctx SpecContext) { + Expect(filter.Evaluate(detectorContext, patternVariables)).To(BeNil()) + }) + }) +}) + +var _ = Describe("IntegerLessThan", func() { + var filter *filters.IntegerLessThan + var variable *variableshape.Variable + var patternVariables variableshape.Values + + BeforeEach(func(ctx SpecContext) { + variable, patternVariables = setupContentTest(ctx, "9", "other") + }) + + When("the variable node's content is an integer less than the filter value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.IntegerLessThan{Variable: variable, Value: 10} + }) + + It("returns a result with a match using the pattern variables", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal( + filters.NewResult(filters.NewMatch(patternVariables, nil)), + )) + }) + }) + + When("the variable node's content is an integer greater than or equal to the filter value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.IntegerLessThan{Variable: variable, Value: 9} + }) + + It("returns a result with NO matches", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal(filters.NewResult())) + }) + }) + + When("the variable node is not an integer value", func() { + BeforeEach(func(ctx SpecContext) { + variable, patternVariables = setupContentTest(ctx, "hello", "other") + filter = &filters.IntegerLessThan{Variable: variable, Value: 10} + }) + + It("returns an unknown result", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(BeNil()) + }) + }) +}) + +var _ = Describe("IntegerLessThanOrEqual", func() { + var filter *filters.IntegerLessThanOrEqual + var variable *variableshape.Variable + var patternVariables variableshape.Values + + BeforeEach(func(ctx SpecContext) { + variable, patternVariables = setupContentTest(ctx, "9", "other") + }) + + When("the variable node's content is an integer less than the filter value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.IntegerLessThanOrEqual{Variable: variable, Value: 10} + }) + + It("returns a result with a match using the pattern variables", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal( + filters.NewResult(filters.NewMatch(patternVariables, nil)), + )) + }) + + }) + When("the variable node's content is an integer equal to the filter value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.IntegerLessThanOrEqual{Variable: variable, Value: 9} + }) + + It("returns a result with a match using the pattern variables", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal( + filters.NewResult(filters.NewMatch(patternVariables, nil)), + )) + }) + }) + + When("the variable node's content is an integer greater than the filter value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.IntegerLessThanOrEqual{Variable: variable, Value: 8} + }) + + It("returns a result with NO matches", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal(filters.NewResult())) + }) + }) + + When("the variable node is not an integer value", func() { + BeforeEach(func(ctx SpecContext) { + variable, patternVariables = setupContentTest(ctx, "hello", "other") + filter = &filters.IntegerLessThanOrEqual{Variable: variable, Value: 10} + }) + + It("returns an unknown result", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(BeNil()) + }) + }) +}) + +var _ = Describe("IntegerGreaterThan", func() { + var filter *filters.IntegerGreaterThan + var variable *variableshape.Variable + var patternVariables variableshape.Values + + BeforeEach(func(ctx SpecContext) { + variable, patternVariables = setupContentTest(ctx, "9", "other") + }) + + When("the variable node's content is an integer greater than the filter value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.IntegerGreaterThan{Variable: variable, Value: 8} + }) + + It("returns a result with a match using the pattern variables", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal( + filters.NewResult(filters.NewMatch(patternVariables, nil)), + )) + }) + }) + + When("the variable node's content is an integer less than or equal to the filter value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.IntegerGreaterThan{Variable: variable, Value: 9} + }) + + It("returns a result with NO matches", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal(filters.NewResult())) + }) + }) + + When("the variable node is not an integer value", func() { + BeforeEach(func(ctx SpecContext) { + variable, patternVariables = setupContentTest(ctx, "hello", "other") + filter = &filters.IntegerGreaterThan{Variable: variable, Value: 8} + }) + + It("returns an unknown result", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(BeNil()) + }) + }) +}) + +var _ = Describe("IntegerGreaterThanOrEqual", func() { + var filter *filters.IntegerGreaterThanOrEqual + var variable *variableshape.Variable + var patternVariables variableshape.Values + + BeforeEach(func(ctx SpecContext) { + variable, patternVariables = setupContentTest(ctx, "9", "other") + }) + + When("the variable node's content is an integer greater than the filter value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.IntegerGreaterThanOrEqual{Variable: variable, Value: 8} + }) + + It("returns a result with a match using the pattern variables", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal( + filters.NewResult(filters.NewMatch(patternVariables, nil)), + )) + }) + }) + + When("the variable node's content is an integer equal to the filter value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.IntegerGreaterThanOrEqual{Variable: variable, Value: 9} + }) + + It("returns a result with a match using the pattern variables", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal( + filters.NewResult(filters.NewMatch(patternVariables, nil)), + )) + }) + }) + + When("the variable node's content is an integer less than the filter value", func() { + BeforeEach(func(ctx SpecContext) { + filter = &filters.IntegerGreaterThanOrEqual{Variable: variable, Value: 10} + }) + + It("returns a result with NO matches", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(Equal(filters.NewResult())) + }) + }) + + When("the variable node is not an integer value", func() { + BeforeEach(func(ctx SpecContext) { + variable, patternVariables = setupContentTest(ctx, "hello", "other") + filter = &filters.IntegerGreaterThanOrEqual{Variable: variable, Value: 8} + }) + + It("returns an unknown result", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, patternVariables)).To(BeNil()) + }) + }) +}) + +var _ = Describe("Unknown", func() { + filter := &filters.Unknown{} + + It("returns an unknown result", func(ctx SpecContext) { + Expect(filter.Evaluate(defaultDetectorContext, nil)).To(BeNil()) + }) +}) + +func parseNodes(ctx context.Context, content []string) []*tree.Node { + tree, err := ast.Parse(ctx, ruby.Get(), []byte(strings.Join(content, "\n"))) + Expect(err).To(BeNil()) + return tree.RootNode().NamedChildren() +} + +func setupContentTest(ctx context.Context, content, otherContent string) (*variableshape.Variable, variableshape.Values) { + variableShape := variableshape.NewBuilder().Add("one").Add("two").Build() + + otherVariable, err := variableShape.Variable("one") + Expect(err).To(BeNil()) + variable, err := variableShape.Variable("two") + Expect(err).To(BeNil()) + + nodes := parseNodes(ctx, []string{otherContent, content}) + + patternVariables := variableShape.NewValues() + patternVariables.Set(otherVariable, nodes[0]) + patternVariables.Set(variable, nodes[1]) + + return variable, patternVariables +} + +func setupStringTest(node *tree.Node, value *string) detectortypes.Context { + return &MockDetectorContext{ + filename: defaultDetectorContext.filename, + scan: func( + rootNode *tree.Node, + rule *ruleset.Rule, + traversalStrategy traversalstrategy.Strategy, + ) ([]*detectortypes.Detection, error) { + if rootNode == node && + rule == ruleset.BuiltinStringRule && + traversalStrategy == traversalstrategy.Cursor { + + if value == nil { + return nil, nil + } + + return []*detectortypes.Detection{{ + RuleID: rule.ID(), + MatchNode: rootNode, + Data: common.String{Value: *value, IsLiteral: true}, + }}, nil + } + + Fail("unexpected call to MockDetectorContext.scan") + panic("unreachable") + }, + } +} diff --git a/new/language/patternquery/builder/builder.go b/internal/scanner/detectors/customrule/patternquery/builder/builder.go similarity index 59% rename from new/language/patternquery/builder/builder.go rename to internal/scanner/detectors/customrule/patternquery/builder/builder.go index 315bb7608..bc96d2c0c 100644 --- a/new/language/patternquery/builder/builder.go +++ b/internal/scanner/detectors/customrule/patternquery/builder/builder.go @@ -3,68 +3,67 @@ package builder import ( "context" "fmt" + "slices" "strconv" "strings" - "golang.org/x/exp/slices" - - "github.com/bearer/bearer/new/language/implementation" - "github.com/bearer/bearer/new/language/patternquery/types" - "github.com/bearer/bearer/new/language/tree" - languagetypes "github.com/bearer/bearer/new/language/types" - "github.com/bearer/bearer/pkg/parser/nodeid" "github.com/rs/zerolog/log" + + "github.com/bearer/bearer/internal/parser/nodeid" + "github.com/bearer/bearer/internal/scanner/ast" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/language" ) type InputParams struct { - Variables []types.Variable + VariableNames []string + Variables []language.PatternVariable MatchNodeOffset int UnanchoredOffsets []int } type Result struct { Query string + VariableNames []string ParamToVariable map[string]string EqualParams [][]string ParamToContent map[string]map[string]string - RootVariable *types.Variable + RootVariable *language.PatternVariable } type builder struct { - langImplementation implementation.Implementation - stringBuilder strings.Builder - idGenerator nodeid.Generator - inputParams InputParams - variableToParams map[string][]string - paramToContent map[string]map[string]string - matchNode *tree.Node + patternLanguage language.Pattern + stringBuilder strings.Builder + idGenerator nodeid.Generator + inputParams InputParams + variableToParams map[string][]string + paramToContent map[string]map[string]string + matchNode *tree.Node } func Build( - lang languagetypes.Language, - langImplementation implementation.Implementation, + language language.Language, input string, focusedVariable string, ) (*Result, error) { - processedInput, inputParams, err := processInput(langImplementation, input) + patternLanguage := language.Pattern() + processedInput, inputParams, err := processInput(patternLanguage, input) if err != nil { return nil, err } - tree, err := lang.Parse(context.TODO(), processedInput) + tree, err := ast.Parse(context.TODO(), language, processedInput) if err != nil { return nil, err } - defer tree.Close() if fixedInput, fixed := fixupInput( - langImplementation, + patternLanguage, processedInput, inputParams.Variables, tree.RootNode(), ); fixed { - tree.Close() - tree, err = lang.Parse(context.TODO(), fixedInput) + tree, err = ast.Parse(context.TODO(), language, fixedInput) if err != nil { return nil, err } @@ -72,31 +71,31 @@ func Build( root := tree.RootNode() - if root.ChildCount() != 1 { - return nil, fmt.Errorf("expecting 1 node but got %d", root.ChildCount()) + if len(root.Children()) != 1 { + return nil, fmt.Errorf("expecting 1 node but got %d", len(root.Children())) } for { - root = root.Child(0) + root = root.Children()[0] - if langImplementation.IsRootOfRuleQuery(root) { + if patternLanguage.IsRoot(root) { break } } builder := builder{ - langImplementation: langImplementation, - stringBuilder: strings.Builder{}, - idGenerator: &nodeid.IntGenerator{}, - inputParams: *inputParams, - variableToParams: make(map[string][]string), - paramToContent: make(map[string]map[string]string), + patternLanguage: patternLanguage, + stringBuilder: strings.Builder{}, + idGenerator: &nodeid.IntGenerator{}, + inputParams: *inputParams, + variableToParams: make(map[string][]string), + paramToContent: make(map[string]map[string]string), } builder.setMatchNode( inputParams.MatchNodeOffset, focusedVariable, - langImplementation.PatternMatchNodeContainerTypes(), + patternLanguage.ContainerTypes(), tree.RootNode(), ) if builder.matchNode == nil { @@ -112,16 +111,16 @@ func Build( } func fixupInput( - langImplementation implementation.Implementation, - input string, - variables []types.Variable, + patternLanguage language.Pattern, + byteInput []byte, + variables []language.PatternVariable, rootNode *tree.Node, -) (string, bool) { +) ([]byte, bool) { insideError := false inputOffset := 0 - byteInput := []byte(input) - newInput := []byte(input) + newInput := make([]byte, len(byteInput)) + copy(newInput, byteInput) fixed := false err := rootNode.Walk(func(node *tree.Node, visitChildren func() error) error { @@ -138,26 +137,16 @@ func fixupInput( return nil } - variable := getVariableFor(node, langImplementation, variables) + variable := getVariableFor(node, patternLanguage, variables) if variable == nil { return nil } if log.Trace().Enabled() { - var parentDebug, grandparentDebug string - if parent := node.Parent(); parent != nil { - parentDebug = parent.Debug(true) - if grandparent := parent.Parent(); grandparent != nil { - grandparentDebug = grandparent.Debug(true) - } - } - - log.Trace().Msgf("attempting pattern fixup. node: %s", node.Debug(true)) - log.Trace().Msgf("fixup parent: %s", parentDebug) - log.Trace().Msgf("fixup grandparent: %s", grandparentDebug) + log.Trace().Msgf("attempting pattern fixup. node: %s", node.Debug()) } - newValue := langImplementation.FixupPatternVariableDummyValue(byteInput, node, variable.DummyValue) + newValue := patternLanguage.FixupVariableDummyValue(byteInput, node, variable.DummyValue) if newValue == variable.DummyValue { return nil } @@ -168,10 +157,10 @@ func fixupInput( newInput = append( append( - newInput[:node.StartByte()+inputOffset], + newInput[:node.ContentStart.Byte+inputOffset], newValue..., ), - newInput[node.EndByte()+inputOffset:]..., + newInput[node.ContentEnd.Byte+inputOffset:]..., ) inputOffset += valueOffset @@ -184,11 +173,11 @@ func fixupInput( panic(err) } - return string(newInput), fixed + return newInput, fixed } func (builder *builder) build(rootNode *tree.Node) (*Result, error) { - if rootNode.ChildCount() == 0 { + if len(rootNode.Children()) == 0 { variable := builder.getVariableFor(rootNode) if variable != nil { return &Result{RootVariable: variable}, nil @@ -208,6 +197,7 @@ func (builder *builder) build(rootNode *tree.Node) (*Result, error) { return &Result{ Query: builder.stringBuilder.String(), + VariableNames: builder.inputParams.VariableNames, ParamToVariable: paramToVariable, EqualParams: equalParams, ParamToContent: builder.paramToContent, @@ -215,19 +205,19 @@ func (builder *builder) build(rootNode *tree.Node) (*Result, error) { } func (builder *builder) compileNode(node *tree.Node, isRoot bool, isLastChild bool) error { - if node.IsError() { + if node.SitterNode().IsError() { return fmt.Errorf( "error parsing pattern at %d:%d: %s", - node.StartLineNumber(), - node.StartColumnNumber(), + node.ContentStart.Line, + node.ContentStart.Column, node.Content(), ) } - nodeAnchoredBefore, nodeAnchoredAfter := builder.langImplementation.PatternIsAnchored(node) + nodeAnchoredBefore, nodeAnchoredAfter := builder.patternLanguage.IsAnchored(node) anchored := !isRoot && node.IsNamed() && nodeAnchoredBefore - if anchored && !slices.Contains(builder.inputParams.UnanchoredOffsets, node.StartByte()) { + if anchored && !slices.Contains(builder.inputParams.UnanchoredOffsets, node.ContentStart.Byte) { builder.write(". ") } @@ -235,17 +225,17 @@ func (builder *builder) compileNode(node *tree.Node, isRoot bool, isLastChild bo builder.compileVariableNode(variable) } else if !node.IsNamed() { builder.compileAnonymousNode(node) - } else if node.NamedChildCount() == 0 { + } else if len(node.NamedChildren()) == 0 { builder.compileLeafNode(node) } else if err := builder.compileNodeWithChildren(node); err != nil { return err } - if node.Equal(builder.matchNode) { + if node == builder.matchNode { builder.write(" @match") } - if anchored && isLastChild && nodeAnchoredAfter && !slices.Contains(builder.inputParams.UnanchoredOffsets, node.EndByte()) { + if anchored && isLastChild && nodeAnchoredAfter && !slices.Contains(builder.inputParams.UnanchoredOffsets, node.ContentEnd.Byte) { builder.write(" .") } @@ -253,7 +243,7 @@ func (builder *builder) compileNode(node *tree.Node, isRoot bool, isLastChild bo } // variable nodes match their type and capture their content -func (builder *builder) compileVariableNode(variable *types.Variable) { +func (builder *builder) compileVariableNode(variable *language.PatternVariable) { if variable.Name == "_" { builder.write("(_)") return @@ -276,7 +266,7 @@ func (builder *builder) compileVariableNode(variable *types.Variable) { // Anonymous nodes match their content as a literal func (builder *builder) compileAnonymousNode(node *tree.Node) { - if !slices.Contains(builder.langImplementation.AnonymousPatternNodeParentTypes(), node.Parent().Type()) { + if !slices.Contains(builder.patternLanguage.AnonymousParentTypes(), node.Parent().Type()) { return } @@ -285,10 +275,10 @@ func (builder *builder) compileAnonymousNode(node *tree.Node) { // Leaves match their type and content func (builder *builder) compileLeafNode(node *tree.Node) { - if !slices.Contains(builder.langImplementation.PatternLeafContentTypes(), node.Type()) { + if !slices.Contains(builder.patternLanguage.LeafContentTypes(), node.Type()) { builder.write("[") - for _, nodeType := range builder.langImplementation.PatternNodeTypes(node) { + for _, nodeType := range builder.patternLanguage.NodeTypes(node) { builder.write(" (") builder.write(nodeType) builder.write(" )") @@ -304,8 +294,8 @@ func (builder *builder) compileLeafNode(node *tree.Node) { builder.write("[") - for _, nodeType := range builder.langImplementation.PatternNodeTypes(node) { - paramContent[nodeType] = builder.langImplementation.TranslatePatternContent( + for _, nodeType := range builder.patternLanguage.NodeTypes(node) { + paramContent[nodeType] = builder.patternLanguage.TranslateContent( node.Type(), nodeType, node.Content(), ) @@ -323,23 +313,23 @@ func (builder *builder) compileLeafNode(node *tree.Node) { func (builder *builder) compileNodeWithChildren(node *tree.Node) error { builder.write("[") - var lastNode *tree.Node - if slices.Contains(builder.langImplementation.AnonymousPatternNodeParentTypes(), node.Type()) { - lastNode = node.Child(node.ChildCount() - 1) + var children []*tree.Node + if slices.Contains(builder.patternLanguage.AnonymousParentTypes(), node.Type()) { + children = node.Children() } else { - lastNode = node.NamedChild(node.NamedChildCount() - 1) + children = node.NamedChildren() } - for _, nodeType := range builder.langImplementation.PatternNodeTypes(node) { + lastNode := children[len(children)-1] + + for _, nodeType := range builder.patternLanguage.NodeTypes(node) { builder.write("(") builder.write(nodeType) - for i := 0; i < node.ChildCount(); i++ { + for _, child := range node.Children() { builder.write(" ") - child := node.Child(i) - - if err := builder.compileNode(child, false, child.Equal(lastNode)); err != nil { + if err := builder.compileNode(child, false, child == lastNode); err != nil { return err } } @@ -369,21 +359,17 @@ func (builder *builder) processVariableToParams() (map[string]string, [][]string return paramToVariable, equalParams } -func (builder *builder) getVariableFor(node *tree.Node) *types.Variable { - return getVariableFor(node, builder.langImplementation, builder.inputParams.Variables) +func (builder *builder) getVariableFor(node *tree.Node) *language.PatternVariable { + return getVariableFor(node, builder.patternLanguage, builder.inputParams.Variables) } func getVariableFor( node *tree.Node, - langImplementation implementation.Implementation, - variables []types.Variable, -) *types.Variable { + patternLanguage language.Pattern, + variables []language.PatternVariable, +) *language.PatternVariable { for i, variable := range variables { - if langImplementation.ShouldSkipNode(node) { - continue - } - - if (node.NamedChildCount() == 0 || langImplementation.IsMatchLeaf(node)) && node.Content() == variable.DummyValue { + if (len(node.NamedChildren()) == 0 || patternLanguage.IsLeaf(node)) && node.Content() == variable.DummyValue { return &variables[i] } } @@ -412,7 +398,7 @@ func (builder *builder) setMatchNode( return nil } } else { - if node.StartByte() == offset && !slices.Contains(containerTypes, node.Type()) { + if node.ContentStart.Byte == offset && !slices.Contains(containerTypes, node.Type()) { builder.matchNode = node return nil } diff --git a/new/language/patternquery/builder/input.go b/internal/scanner/detectors/customrule/patternquery/builder/input.go similarity index 61% rename from new/language/patternquery/builder/input.go rename to internal/scanner/detectors/customrule/patternquery/builder/input.go index dc0327f91..132206019 100644 --- a/new/language/patternquery/builder/input.go +++ b/internal/scanner/detectors/customrule/patternquery/builder/input.go @@ -4,29 +4,30 @@ import ( "errors" "fmt" - "github.com/bearer/bearer/new/language/implementation" + "github.com/bearer/bearer/internal/scanner/language" + "github.com/bearer/bearer/internal/util/set" ) -func processInput(langImplementation implementation.Implementation, input string) (string, *InputParams, error) { - inputWithoutVariables, variables, err := langImplementation.ExtractPatternVariables(input) +func processInput(patternLanguage language.Pattern, input string) ([]byte, *InputParams, error) { + inputWithoutVariables, variables, err := patternLanguage.ExtractVariables(input) if err != nil { - return "", nil, fmt.Errorf("error processing variables: %s", err) + return nil, nil, fmt.Errorf("error processing variables: %s", err) } inputWithoutVariablesBytes := []byte(inputWithoutVariables) - matchNodePositions := langImplementation.FindPatternMatchNode(inputWithoutVariablesBytes) + matchNodePositions := patternLanguage.FindMatchNode(inputWithoutVariablesBytes) inputWithoutMatchNode := stripPositions(inputWithoutVariablesBytes, matchNodePositions) matchNodeOffset := 0 if len(matchNodePositions) > 1 { - return "", nil, errors.New("pattern must only contain a single match node") + return nil, nil, errors.New("pattern must only contain a single match node") } if len(matchNodePositions) == 1 { matchNodeOffset = matchNodePositions[0][0] } - unanchoredPositions := langImplementation.FindPatternUnanchoredPoints(inputWithoutMatchNode) + unanchoredPositions := patternLanguage.FindUnanchoredPoints(inputWithoutMatchNode) inputWithoutUnanchored := stripPositions(inputWithoutMatchNode, unanchoredPositions) unanchoredOffsets := make([]int, len(unanchoredPositions)) @@ -34,8 +35,14 @@ func processInput(langImplementation implementation.Implementation, input string unanchoredOffsets[i] = adjustForPositions(position[0], unanchoredPositions[:i]) } - return string(inputWithoutUnanchored), &InputParams{ + variableNames := set.New[string]() + for _, variable := range variables { + variableNames.Add(variable.Name) + } + + return inputWithoutUnanchored, &InputParams{ Variables: variables, + VariableNames: variableNames.Items(), MatchNodeOffset: adjustForPositions(matchNodeOffset, unanchoredPositions), UnanchoredOffsets: unanchoredOffsets, }, nil diff --git a/internal/scanner/detectors/customrule/patternquery/patternquery.go b/internal/scanner/detectors/customrule/patternquery/patternquery.go new file mode 100644 index 000000000..826d7a9d3 --- /dev/null +++ b/internal/scanner/detectors/customrule/patternquery/patternquery.go @@ -0,0 +1,247 @@ +package patternquery + +import ( + "fmt" + "slices" + + "github.com/rs/zerolog/log" + "gopkg.in/yaml.v3" + + astquery "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/language" + "github.com/bearer/bearer/internal/scanner/variableshape" + + "github.com/bearer/bearer/internal/scanner/detectors/customrule/patternquery/builder" +) + +type Query interface { + ID() string + MatchAt(node *tree.Node) ([]*Result, error) + MatchOnceAt(node *tree.Node) (*Result, error) +} + +type query struct { + id string + input string + treeQuery *astquery.Query + paramToShapeVariable map[string]*variableshape.Variable + equalParams [][]string + paramToContent map[string]map[string]string + variableShape *variableshape.Shape +} + +type rootVariableQuery struct { + id string + variable *language.PatternVariable + shapeVariable *variableshape.Variable + variableShape *variableshape.Shape +} + +type Result struct { + MatchNode *tree.Node + Variables variableshape.Values +} + +func Compile( + language language.Language, + querySet *astquery.Set, + ruleID string, + patternIndex int, + input string, + focusedVariable string, + variableShape *variableshape.Shape, +) (Query, error) { + builderResult, err := builder.Build(language, input, focusedVariable) + if err != nil { + return nil, fmt.Errorf("failed to build: %s", err) + } + + id := fmt.Sprintf("%s[%d]", ruleID, patternIndex) + + if builderResult.RootVariable != nil { + log.Trace().Msgf("single variable pattern %s: %s -> %#v", id, input, *builderResult.RootVariable) + + shapeVariable, err := variableShape.Variable(builderResult.RootVariable.Name) + if err != nil { + return nil, err + } + + return &rootVariableQuery{ + id: id, + variable: builderResult.RootVariable, + shapeVariable: shapeVariable, + variableShape: variableShape, + }, nil + } + + paramToShapeVariable := make(map[string]*variableshape.Variable) + for param, variableName := range builderResult.ParamToVariable { + shapeVariable, err := variableShape.Variable(variableName) + if err != nil { + return nil, err + } + + paramToShapeVariable[param] = shapeVariable + } + + query := &query{ + id: id, + input: input, + treeQuery: querySet.Add(builderResult.Query), + paramToShapeVariable: paramToShapeVariable, + equalParams: builderResult.EqualParams, + paramToContent: builderResult.ParamToContent, + variableShape: variableShape, + } + + if log.Trace().Enabled() { + log.Trace().Msgf("compiled pattern:\n%s", query.dump()) + } + + return query, nil +} + +type dumpValue struct { + ID string + Pattern string + TreeQueryID int `yaml:"tree_query_id"` + ParamToVariable map[string]string `yaml:"param_to_variable,omitempty"` + ParamToContent map[string]map[string]string `yaml:"param_to_content,omitempty"` + EqualParams [][]string `yaml:"equal_params,omitempty"` +} + +func (query *query) dump() string { + paramToVariableName := make(map[string]string) + for param, variable := range query.paramToShapeVariable { + paramToVariableName[param] = variable.Name() + } + + yamlQuery, err := yaml.Marshal(&dumpValue{ + ID: query.id, + Pattern: query.input, + TreeQueryID: query.treeQuery.ID(), + ParamToVariable: paramToVariableName, + ParamToContent: query.paramToContent, + EqualParams: query.equalParams, + }) + if err != nil { + return err.Error() + } + + return string(yamlQuery) +} + +func (query *query) ID() string { + return query.id +} + +func (query *query) MatchAt(node *tree.Node) ([]*Result, error) { + treeResults := query.treeQuery.MatchAt(node) + + var results []*Result + for _, treeResult := range treeResults { + if result := query.matchAndTranslateTreeResult(treeResult); result != nil { + results = append(results, result) + } + } + + return results, nil +} + +func (query *query) MatchOnceAt(node *tree.Node) (*Result, error) { + treeResult, err := query.treeQuery.MatchOnceAt(node) + if err != nil { + return nil, err + } + + return query.matchAndTranslateTreeResult(treeResult), nil +} + +func (query *query) matchAndTranslateTreeResult(treeResult tree.QueryResult) *Result { + if treeResult == nil { + return nil + } + + for _, equalParams := range query.equalParams { + var equalContent []string + for _, equalParam := range equalParams { + if node, exists := treeResult[equalParam]; exists { + equalContent = append(equalContent, node.Content()) + } + } + + if len(equalContent) < 2 { + continue + } + + value := equalContent[0] + for _, content := range equalContent[1:] { + if content != value { + return nil + } + } + } + + for param, typedContent := range query.paramToContent { + node, exists := treeResult[param] + if !exists { + continue + } + + if content, typeMatched := typedContent[node.Type()]; !typeMatched || node.Content() != content { + return nil + } + } + + variables := query.variableShape.NewValues() + + for paramName, node := range treeResult { + if variable := query.paramToShapeVariable[paramName]; variable != nil { + variables.Set(variable, node) + } + } + + return &Result{ + MatchNode: treeResult["match"], + Variables: variables, + } +} + +func (query *rootVariableQuery) ID() string { + return query.id +} + +func (query *rootVariableQuery) MatchAt(node *tree.Node) ([]*Result, error) { + if !query.isCompatibleType(node) { + return nil, nil + } + + return []*Result{query.resultFor(node)}, nil +} + +func (query *rootVariableQuery) MatchOnceAt(node *tree.Node) (*Result, error) { + if !query.isCompatibleType(node) { + return nil, nil + } + + return query.resultFor(node), nil +} + +func (query *rootVariableQuery) isCompatibleType(node *tree.Node) bool { + if slices.Contains(query.variable.NodeTypes, "_") { + return true + } + + return slices.Contains(query.variable.NodeTypes, node.Type()) +} + +func (query *rootVariableQuery) resultFor(node *tree.Node) *Result { + variables := query.variableShape.NewValues() + variables.Set(query.shapeVariable, node) + + return &Result{ + MatchNode: node, + Variables: variables, + } +} diff --git a/internal/scanner/detectors/customrule/types/types.go b/internal/scanner/detectors/customrule/types/types.go new file mode 100644 index 000000000..237a5eaf3 --- /dev/null +++ b/internal/scanner/detectors/customrule/types/types.go @@ -0,0 +1,12 @@ +package types + +import ( + detectortypes "github.com/bearer/bearer/internal/scanner/detectors/types" + "github.com/bearer/bearer/internal/scanner/variableshape" +) + +type Data struct { + Pattern string + Datatypes []*detectortypes.Detection + Variables variableshape.Values +} diff --git a/new/detector/implementation/generic/datatype/datatype.go b/internal/scanner/detectors/datatype/datatype.go similarity index 68% rename from new/detector/implementation/generic/datatype/datatype.go rename to internal/scanner/detectors/datatype/datatype.go index d7e9cf117..8d914b1dc 100644 --- a/new/detector/implementation/generic/datatype/datatype.go +++ b/internal/scanner/detectors/datatype/datatype.go @@ -1,16 +1,15 @@ package datatype import ( - detectiontypes "github.com/bearer/bearer/new/detector/detection" - generictypes "github.com/bearer/bearer/new/detector/implementation/generic/types" - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" - languagetypes "github.com/bearer/bearer/new/language/types" - classificationschema "github.com/bearer/bearer/pkg/classification/schema" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/util/classify" + classificationschema "github.com/bearer/bearer/internal/classification/schema" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/detectors/common" + "github.com/bearer/bearer/internal/scanner/detectors/types" + "github.com/bearer/bearer/internal/scanner/ruleset" + "github.com/bearer/bearer/internal/util/classify" ) type Data struct { @@ -21,7 +20,7 @@ type Property struct { Name string Node *tree.Node Classification classificationschema.Classification - Datatype *detectiontypes.Detection + Datatype *types.Detection } type datatypeDetector struct { @@ -30,26 +29,22 @@ type datatypeDetector struct { classifier *classificationschema.Classifier } -func New(detectorType detectors.Type, lang languagetypes.Language, classifier *classificationschema.Classifier) (types.Detector, error) { +func New(detectorType detectors.Type, classifier *classificationschema.Classifier) types.Detector { return &datatypeDetector{ detectorType: detectorType, classifier: classifier, - }, nil -} - -func (detector *datatypeDetector) Name() string { - return "datatype" + } } -func (detector *datatypeDetector) NestedDetections() bool { - return false +func (detector *datatypeDetector) Rule() *ruleset.Rule { + return ruleset.BuiltinDatatypeRule } func (detector *datatypeDetector) DetectAt( node *tree.Node, - evaluationState types.EvaluationState, + detectorContext types.Context, ) ([]interface{}, error) { - objectDetections, err := evaluationState.Evaluate(node, "object", "", settings.CURSOR_SCOPE, false) + objectDetections, err := detectorContext.Scan(node, ruleset.BuiltinObjectRule, traversalstrategy.CursorStrict) if err != nil { return nil, err } @@ -57,7 +52,7 @@ func (detector *datatypeDetector) DetectAt( var result []interface{} for _, object := range objectDetections { - data, _, containsValidClassification := detector.classifyObject(evaluationState.FileName(), "", object) + data, _, containsValidClassification := detector.classifyObject(detectorContext.Filename(), "", object) if containsValidClassification { result = append(result, data) } @@ -66,14 +61,12 @@ func (detector *datatypeDetector) DetectAt( return result, nil } -func (detector *datatypeDetector) Close() {} - func (detector *datatypeDetector) classifyObject( filename, name string, - detection *detectiontypes.Detection, + detection *types.Detection, ) (Data, classificationschema.Classification, bool) { - objectData := detection.Data.(generictypes.Object) + objectData := detection.Data.(common.Object) classification := detector.classifier.Classify(buildClassificationRequest(detector.detectorType, filename, name, objectData)) containsValidClassification := classification.Classification.Decision.State == classify.Valid @@ -112,19 +105,19 @@ func (detector *datatypeDetector) classifyObject( func (detector *datatypeDetector) classifyProperty( filename, name string, - detection *detectiontypes.Detection, + detection *types.Detection, parentClassification classificationschema.Classification, -) (*detectiontypes.Detection, classificationschema.Classification, bool) { +) (*types.Detection, classificationschema.Classification, bool) { if detection == nil { return nil, parentClassification, false } data, propertyClassification, containsValidClassification := detector.classifyObject(filename, name, detection) - propertyDetection := &detectiontypes.Detection{ - DetectorType: "datatype", - MatchNode: detection.MatchNode, - Data: data, + propertyDetection := &types.Detection{ + RuleID: "datatype", + MatchNode: detection.MatchNode, + Data: data, } if parentClassification.Decision.State == classify.Valid { @@ -142,7 +135,12 @@ func (detector *datatypeDetector) classifyProperty( containsValidClassification || propertyClassification.Decision.State == classify.Valid } -func buildClassificationRequest(detectorType detectors.Type, filename, name string, data generictypes.Object) classificationschema.ClassificationRequest { +func buildClassificationRequest( + detectorType detectors.Type, + filename, + name string, + data common.Object, +) classificationschema.ClassificationRequest { var properties []*classificationschema.ClassificationRequestDetection for _, property := range data.Properties { diff --git a/new/detector/implementation/generic/generic_test.go b/internal/scanner/detectors/detectors_test.go similarity index 68% rename from new/detector/implementation/generic/generic_test.go rename to internal/scanner/detectors/detectors_test.go index ad8afb261..80ce51b92 100644 --- a/new/detector/implementation/generic/generic_test.go +++ b/internal/scanner/detectors/detectors_test.go @@ -1,10 +1,10 @@ -package generic_test +package detectors_test import ( "testing" - "github.com/bearer/bearer/new/detector/composition/ruby" - "github.com/bearer/bearer/new/detector/implementation/testhelper" + "github.com/bearer/bearer/internal/languages/ruby" + "github.com/bearer/bearer/internal/scanner/detectors/testhelper" ) func TestDatatypeDetector(t *testing.T) { @@ -20,5 +20,5 @@ func TestInsecureUrlDetector(t *testing.T) { } func runTest(t *testing.T, name string, detectorType, fileName string) { - testhelper.RunTest(t, name, ruby.New, detectorType, fileName) + testhelper.RunTest(t, name, ruby.Get(), detectorType, fileName) } diff --git a/internal/scanner/detectors/insecureurl/insecureurl.go b/internal/scanner/detectors/insecureurl/insecureurl.go new file mode 100644 index 000000000..74fabba03 --- /dev/null +++ b/internal/scanner/detectors/insecureurl/insecureurl.go @@ -0,0 +1,51 @@ +package insecureurl + +import ( + "regexp" + + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/detectors/common" + "github.com/bearer/bearer/internal/scanner/detectors/types" + "github.com/bearer/bearer/internal/scanner/ruleset" +) + +type insecureURLDetector struct { + types.DetectorBase +} + +var insecureUrlPattern = regexp.MustCompile(`^http:`) +var localhostInsecureUrlPattern = regexp.MustCompile(`^http://(localhost|127.0.0.1)`) + +func New(querySet *query.Set) types.Detector { + return &insecureURLDetector{} +} + +func (detector *insecureURLDetector) Rule() *ruleset.Rule { + return ruleset.BuiltinInsecureURLRule +} + +func (detector *insecureURLDetector) DetectAt( + node *tree.Node, + detectorContext types.Context, +) ([]interface{}, error) { + detections, err := detectorContext.Scan(node, ruleset.BuiltinStringRule, traversalstrategy.CursorStrict) + if err != nil { + return nil, err + } + + for _, detection := range detections { + value := detection.Data.(common.String).Value + if insecureUrlPattern.MatchString(value) { + if localhostInsecureUrlPattern.MatchString(value) { + // ignore insecure local URLs + continue + } + + return []interface{}{nil}, nil + } + } + + return nil, nil +} diff --git a/internal/scanner/detectors/stringliteral/stringliteral.go b/internal/scanner/detectors/stringliteral/stringliteral.go new file mode 100644 index 000000000..fd8a66b78 --- /dev/null +++ b/internal/scanner/detectors/stringliteral/stringliteral.go @@ -0,0 +1,43 @@ +package stringliteral + +import ( + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/detectors/common" + "github.com/bearer/bearer/internal/scanner/detectors/types" + "github.com/bearer/bearer/internal/scanner/ruleset" +) + +type stringLiteralDetector struct { + types.DetectorBase +} + +func New(querySet *query.Set) types.Detector { + return &stringLiteralDetector{} +} + +func (detector *stringLiteralDetector) Rule() *ruleset.Rule { + return ruleset.BuiltinStringLiteralRule +} + +func (detector *stringLiteralDetector) DetectAt( + node *tree.Node, + detectorContext types.Context, +) ([]interface{}, error) { + detections, err := detectorContext.Scan(node, ruleset.BuiltinStringRule, traversalstrategy.CursorStrict) + if err != nil { + return nil, err + } + + for _, detection := range detections { + data := detection.Data.(common.String) + if data.IsLiteral { + if len(data.Value) > 0 { + return []interface{}{nil}, nil + } + } + } + + return nil, nil +} diff --git a/new/detector/implementation/generic/testdata/datatype.rb b/internal/scanner/detectors/testdata/datatype.rb similarity index 100% rename from new/detector/implementation/generic/testdata/datatype.rb rename to internal/scanner/detectors/testdata/datatype.rb diff --git a/new/detector/implementation/generic/testdata/insecureurl.rb b/internal/scanner/detectors/testdata/insecureurl.rb similarity index 100% rename from new/detector/implementation/generic/testdata/insecureurl.rb rename to internal/scanner/detectors/testdata/insecureurl.rb diff --git a/new/detector/implementation/generic/testdata/invalid_datatype.java b/internal/scanner/detectors/testdata/invalid_datatype.java similarity index 100% rename from new/detector/implementation/generic/testdata/invalid_datatype.java rename to internal/scanner/detectors/testdata/invalid_datatype.java diff --git a/internal/scanner/detectors/testhelper/testhelper.go b/internal/scanner/detectors/testhelper/testhelper.go new file mode 100644 index 000000000..03b846856 --- /dev/null +++ b/internal/scanner/detectors/testhelper/testhelper.go @@ -0,0 +1,126 @@ +package testhelper + +import ( + "context" + "os" + "testing" + + "github.com/bradleyjkemp/cupaloy" + "github.com/rs/zerolog" + "gopkg.in/yaml.v3" + + "github.com/bearer/bearer/internal/classification" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/scanner/ast" + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/detectorset" + "github.com/bearer/bearer/internal/scanner/language" + "github.com/bearer/bearer/internal/scanner/rulescanner" + "github.com/bearer/bearer/internal/scanner/ruleset" + "github.com/bearer/bearer/internal/scanner/variableshape" +) + +type result struct { + Node int + Content string + Data interface{} +} + +func RunTest( + t *testing.T, + name string, + language language.Language, + detectorType string, + fileName string, +) { + zerolog.SetGlobalLevel(zerolog.InfoLevel) + + t.Run(name, func(tt *testing.T) { + classifier, err := classification.NewClassifier(&classification.Config{ + Config: settings.Config{ + Scan: flag.ScanOptions{ + DisableDomainResolution: true, + DomainResolutionTimeout: 0, + Context: flag.Context(flag.Empty), + }, + }, + }) + if err != nil { + tt.Fatalf("failed to create classifier: %s", err) + } + + ruleSet, err := ruleset.New(language.ID(), make(map[string]*settings.Rule)) + if err != nil { + tt.Fatalf("failed to create rule set: %s", err) + } + + variableShapeSet, err := variableshape.NewSet(language, ruleSet) + if err != nil { + tt.Fatalf("failed to create variable shape set: %s", err) + } + + querySet := query.NewSet(language.ID(), language.SitterLanguage()) + detectorSet, err := detectorset.New( + classifier.Schema, + language, + ruleSet, + variableShapeSet, + querySet, + ) + if err != nil { + tt.Fatalf("failed to create detector set: %s", err) + } + + if err := querySet.Compile(); err != nil { + tt.Fatalf("failed to compile queries: %s", err) + } + + contentBytes, err := os.ReadFile(fileName) + if err != nil { + tt.Fatalf("failed to read file: %s", err) + } + + tree, err := ast.ParseAndAnalyze(context.Background(), language, ruleSet, querySet, contentBytes) + if err != nil { + tt.Fatalf("failed to parse file: %s", err) + } + + ruleScanner := rulescanner.New( + context.Background(), + detectorSet, + fileName, + nil, + traversalstrategy.NewCache(tree.NodeCount()), + nil, + ) + + rule, err := ruleSet.RuleByID(detectorType) + if err != nil { + tt.Fatalf("failed to lookup rule: %s", err) + } + + detections, err := ruleScanner.Scan(tree.RootNode(), rule, traversalstrategy.NestedStrict) + if err != nil { + tt.Fatalf("failed to scan with rule scanner: %s", err) + } + + results := make([]result, len(detections)) + for i, detection := range detections { + node := detection.MatchNode + results[i] = result{ + Node: node.ID, + Content: node.Content(), + Data: detection.Data, + } + } + + yamlResults, err := yaml.Marshal(results) + if err != nil { + tt.Fatalf("failed to marshal results: %s", err) + } + + cupaloy.SnapshotT(tt, tree.RootNode().Dump(), string(yamlResults)) + }) +} diff --git a/internal/scanner/detectors/types/types.go b/internal/scanner/detectors/types/types.go new file mode 100644 index 000000000..1c34bf293 --- /dev/null +++ b/internal/scanner/detectors/types/types.go @@ -0,0 +1,29 @@ +package types + +import ( + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/ruleset" +) + +type Detection struct { + RuleID string + MatchNode *tree.Node + Data interface{} +} + +type Context interface { + Filename() string + Scan( + rootNode *tree.Node, + rule *ruleset.Rule, + traversalStrategy traversalstrategy.Strategy, + ) ([]*Detection, error) +} + +type Detector interface { + Rule() *ruleset.Rule + DetectAt(node *tree.Node, detectorContext Context) ([]interface{}, error) +} + +type DetectorBase struct{} diff --git a/internal/scanner/detectorset/detectorset.go b/internal/scanner/detectorset/detectorset.go new file mode 100644 index 000000000..0f4777ff1 --- /dev/null +++ b/internal/scanner/detectorset/detectorset.go @@ -0,0 +1,143 @@ +package detectorset + +import ( + "fmt" + "slices" + "strings" + + "github.com/bearer/bearer/internal/classification/schema" + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/detectors/customrule" + detectortypes "github.com/bearer/bearer/internal/scanner/detectors/types" + "github.com/bearer/bearer/internal/scanner/language" + "github.com/bearer/bearer/internal/scanner/ruleset" + "github.com/bearer/bearer/internal/scanner/variableshape" +) + +const () + +type Result struct { + Detections []*detectortypes.Detection + Sanitized bool +} + +type Set interface { + DetectAt( + node *tree.Node, + rule *ruleset.Rule, + detectorContext detectortypes.Context, + ) (*Result, error) +} + +type detectorSet struct { + detectors []detectortypes.Detector +} + +func New( + schemaClassifier *schema.Classifier, + language language.Language, + ruleSet *ruleset.Set, + variableShapeSet *variableshape.Set, + querySet *query.Set, +) (Set, error) { + detectors := make([]detectortypes.Detector, len(ruleSet.Rules())) + + for _, detector := range language.NewBuiltInDetectors(schemaClassifier, querySet) { + detectors[detector.Rule().Index()] = detector + } + + for _, rule := range ruleSet.Rules() { + if rule.Type() == ruleset.RuleTypeBuiltin { + continue + } + + detector, err := customrule.New(language, ruleSet, variableShapeSet, querySet, rule) + if err != nil { + return nil, fmt.Errorf("failed to create %s detector: %w", rule.ID(), err) + } + + detectors[rule.Index()] = detector + } + + return &detectorSet{ + detectors: detectors, + }, nil +} + +func (set *detectorSet) DetectAt( + node *tree.Node, + rule *ruleset.Rule, + detectorContext detectortypes.Context, +) (*Result, error) { + if slices.Contains(node.ExecutingDetectors, rule.Index()) { + executingRules := make([]string, len(node.ExecutingDetectors)) + for i, ruleIndex := range node.ExecutingDetectors { + executingRules[i] = set.detectors[ruleIndex].Rule().ID() + } + + return nil, fmt.Errorf( + "cycle found during rule evaluation at %s: [%s > %s]", + node.Debug(), + strings.Join(executingRules, " > "), + rule.ID(), + ) + } + + node.ExecutingDetectors = append(node.ExecutingDetectors, rule.Index()) + result, err := set.detectSanitized(node, rule, detectorContext) + node.ExecutingDetectors = node.ExecutingDetectors[:len(node.ExecutingDetectors)-1] + + return result, err +} + +func (set *detectorSet) detectSanitized( + node *tree.Node, + rule *ruleset.Rule, + detectorContext detectortypes.Context, +) (*Result, error) { + detector := set.detectors[rule.Index()] + + if isSanitized, err := set.isSanitized(rule, node, detectorContext); isSanitized || err != nil { + return &Result{Sanitized: true}, err + } + + detectionsData, err := detector.DetectAt(node, detectorContext) + if err != nil { + return nil, err + } + + if len(detectionsData) == 0 { + return &Result{}, nil + } + + detections := make([]*detectortypes.Detection, len(detectionsData)) + for i, data := range detectionsData { + detections[i] = &detectortypes.Detection{ + RuleID: rule.ID(), + MatchNode: node, + Data: data, + } + } + + return &Result{Detections: detections}, nil +} + +func (set *detectorSet) isSanitized( + rule *ruleset.Rule, + node *tree.Node, + detectorContext detectortypes.Context, +) (bool, error) { + sanitizerRule := rule.SanitizerRule() + if sanitizerRule == nil { + return false, nil + } + + detections, err := detectorContext.Scan(node, sanitizerRule, traversalstrategy.CursorStrict) + if err != nil { + return false, err + } + + return len(detections) != 0, nil +} diff --git a/internal/scanner/language/language.go b/internal/scanner/language/language.go new file mode 100644 index 000000000..3992eae98 --- /dev/null +++ b/internal/scanner/language/language.go @@ -0,0 +1,23 @@ +package language + +import ( + sitter "github.com/smacker/go-tree-sitter" + + "github.com/bearer/bearer/internal/classification/schema" + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/tree" + detectortypes "github.com/bearer/bearer/internal/scanner/detectors/types" +) + +type Language interface { + ID() string + EnryLanguages() []string + NewBuiltInDetectors(schemaClassifier *schema.Classifier, querySet *query.Set) []detectortypes.Detector + SitterLanguage() *sitter.Language + Pattern() Pattern + NewAnalyzer(builder *tree.Builder) Analyzer +} + +type Analyzer interface { + Analyze(node *sitter.Node, visitChildren func() error) error +} diff --git a/internal/scanner/language/pattern.go b/internal/scanner/language/pattern.go new file mode 100644 index 000000000..070b5efca --- /dev/null +++ b/internal/scanner/language/pattern.go @@ -0,0 +1,108 @@ +package language + +import "github.com/bearer/bearer/internal/scanner/ast/tree" + +type PatternVariable struct { + NodeTypes []string + DummyValue string + Name string +} + +type Pattern interface { + // ExtractVariables parses variables from a pattern and returns a new pattern + // with the variables replaced with a dummy value, along with a list of the + // variables. Dummy values are needed to allow Tree Sitter to parse the + // pattern without error. + ExtractVariables(input string) (string, []PatternVariable, error) + // FixupVariableDummyValue is used to return a new dummy value to use, when + // the initial parse of a pattern resulted in errors. This can be used in the + // case where the default dummy value is not valid in the syntax. + FixupVariableDummyValue(input []byte, node *tree.Node, dummyValue string) string + // IsRoot returns whether a node should be ignored or be a root of a pattern + // + // eg. given a javascript code like this: + // const context = { + // email: "foo@domain.com", + // } + // logger.child(context).info(user.name); + // if we want to pull both datatypes inside `child()` as well as inside `info()` + // we want to ignore member_expressions as roots. + IsRoot(node *tree.Node) bool + // IsLeaf returns whether the given node should be treated as a leaf, even if + // it has children + IsLeaf(node *tree.Node) bool + // FindUnanchoredPoints returns pairs of start and end offsets for the + // unanchored points in the input. This is to allow different syntax for + // specifying the unanchored points in different languages. + // + // eg. given a Ruby pattern like this (where `$<...>` means an unanchored point): + // some_call($<...>$$<...>) + // we would return [[10, 16], [29, 35]] + FindUnanchoredPoints(input []byte) [][]int + // IsAnchored returns whether a node in a pattern should be compiled with + // anchors (`.`) before and after it in the resulting tree sitter query + // + // eg. given a Ruby pattern like this: + // some_call($) do + // other_call + // end + // it is natural for `$`` to only match the first argument, but + // we wouldn't expect `other_call` to be the first expression in the block + IsAnchored(node *tree.Node) (bool, bool) + // AnonymousParentTypes returns a list of node types for which anonymous + // children should be matched against. Generally, we don't want to match + // anonymous nodes as they make the pattern too restrictive. + // + // eg. given Ruby code like this: + // a == b + // you will get a tree like this (where nodes in `"` are anonymous): + // (binary (identifier) "==" (identifier)) + // If we don't match the "==" then the pattern would also incorrectly match: + // a != b + AnonymousParentTypes() []string + // NodeTypes returns the types to use for a given node. This allows us + // to match using equivalent syntax without having to enumerate all the + // combinations in rules. + // + // eg. given a Ruby pattern like this: + // call(verify_mode: OpenSSL::SSL::VERIFY_NONE) + // we want to match both of these code examples, despite differences in the + // way they parse: + // call(verify_mode: OpenSSL::SSL::VERIFY_NONE) + // call(:verify_mode => OpenSSL::SSL::VERIFY_NONE) + NodeTypes(node *tree.Node) []string + // LeafContentTypes returns all the leaf node types which should be matched + // on their content. eg. strings literals will match their literal values + LeafContentTypes() []string + // TranslateContent converts the content of a pattern node to a different + // type. This is used when NodeTypes returns multiple types for a leaf node. + // + // eg. given the situation described in the comment for NodeTypes, we must + // match against the following content for the symbol: + // call(verify_mode: OpenSSL::SSL::VERIFY_NONE) -> verify_mode + // call(:verify_mode => OpenSSL::SSL::VERIFY_NONE) -> :verify_mode + TranslateContent(fromNodeType, toNodeType, content string) string + // FindMatchNode returns pairs of start and end offsets for the pattern match + // node. This is to allow different syntax for specifying the match node in + // different languages. There can only be one match node in a pattern, but + // multiple are supported here to avoid implementing the error handling in + // each language. + // + // eg. given a Ruby pattern like this (where `$` means the match node) + // some_call($$) + // we would return `[[10, 14]]` + FindMatchNode(input []byte) [][]int + // ContainerTypes returns a list of node types from which a match node should + // not be able to escape. There can be multiple nodes in the tree at the same + // character position, and we want to allow a match node to be the highest + // position node, terminating at a container node. + // + // eg. given the following Ruby pattern: + // some_call($key: value) + // the match node is initially parsed at the `key` node. We want to allow it to + // expand up to the pair node `key: value`, but not into the argument list. ie. + // given the following Ruby code matching the pattern: + // some_call key: value, other_key: value2 + // we want the content of the match to be `key: value` and not `key: value, other_key: value2` + ContainerTypes() []string +} diff --git a/internal/scanner/language/patternbase.go b/internal/scanner/language/patternbase.go new file mode 100644 index 000000000..c4ec7f199 --- /dev/null +++ b/internal/scanner/language/patternbase.go @@ -0,0 +1,33 @@ +package language + +import "github.com/bearer/bearer/internal/scanner/ast/tree" + +type PatternBase struct{} + +func (*PatternBase) IsLeaf(node *tree.Node) bool { + return false +} + +func (*PatternBase) TranslateContent(fromNodeType, toNodeType, content string) string { + return content +} + +func (*PatternBase) IsRoot(node *tree.Node) bool { + return true +} + +func (*PatternBase) ShouldSkipNode(node *tree.Node) bool { + return false +} + +func (*PatternBase) ContainerTypes() []string { + return nil +} + +func (*PatternBase) FixupVariableDummyValue(input []byte, node *tree.Node, dummyValue string) string { + return dummyValue +} + +func (*PatternBase) AnonymousParentTypes() []string { + return nil +} diff --git a/internal/scanner/language/scope.go b/internal/scanner/language/scope.go new file mode 100644 index 000000000..0a745d396 --- /dev/null +++ b/internal/scanner/language/scope.go @@ -0,0 +1,45 @@ +package language + +import sitter "github.com/smacker/go-tree-sitter" + +type Scope struct { + parent *Scope + variables map[string]*sitter.Node +} + +func NewScope(parent *Scope) *Scope { + return &Scope{ + parent: parent, + variables: make(map[string]*sitter.Node), + } +} + +func (scope *Scope) Declare(name string, node *sitter.Node) { + scope.variables[name] = node +} + +func (scope *Scope) Assign(name string, node *sitter.Node) { + targetScope := scope + if _, declarationScope := scope.lookupWithScope(name); declarationScope != nil { + targetScope = declarationScope + } + + targetScope.variables[name] = node +} + +func (scope *Scope) Lookup(name string) *sitter.Node { + node, _ := scope.lookupWithScope(name) + return node +} + +func (scope *Scope) lookupWithScope(name string) (*sitter.Node, *Scope) { + if node, exists := scope.variables[name]; exists { + return node, scope + } + + if scope.parent != nil { + return scope.parent.lookupWithScope(name) + } + + return nil, nil +} diff --git a/internal/scanner/languagescanner/languagescanner.go b/internal/scanner/languagescanner/languagescanner.go new file mode 100644 index 000000000..3f41cce99 --- /dev/null +++ b/internal/scanner/languagescanner/languagescanner.go @@ -0,0 +1,140 @@ +package languagescanner + +import ( + "context" + "fmt" + "os" + "slices" + + "github.com/rs/zerolog/log" + + "github.com/bearer/bearer/internal/classification/schema" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/scanner/ast" + "github.com/bearer/bearer/internal/scanner/ast/query" + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/ast/tree" + detectortypes "github.com/bearer/bearer/internal/scanner/detectors/types" + "github.com/bearer/bearer/internal/scanner/language" + "github.com/bearer/bearer/internal/scanner/ruleset" + "github.com/bearer/bearer/internal/scanner/variableshape" + "github.com/bearer/bearer/internal/util/file" + + "github.com/bearer/bearer/internal/scanner/cache" + "github.com/bearer/bearer/internal/scanner/detectorset" + "github.com/bearer/bearer/internal/scanner/rulescanner" + "github.com/bearer/bearer/internal/scanner/stats" +) + +type Scanner struct { + language language.Language + ruleSet *ruleset.Set + querySet *query.Set + detectorSet detectorset.Set +} + +func New( + language language.Language, + schemaClassifier *schema.Classifier, + rules map[string]*settings.Rule, +) (*Scanner, error) { + ruleSet, err := ruleset.New(language.ID(), rules) + if err != nil { + return nil, fmt.Errorf("error creating rule set: %w", err) + } + + variableShapeSet, err := variableshape.NewSet(language, ruleSet) + if err != nil { + return nil, fmt.Errorf("error creating variable shape set: %w", err) + } + + querySet := query.NewSet(language.ID(), language.SitterLanguage()) + + detectorSet, err := detectorset.New(schemaClassifier, language, ruleSet, variableShapeSet, querySet) + if err != nil { + querySet.Close() + return nil, fmt.Errorf("failed to create detector set: %w", err) + } + + if err = querySet.Compile(); err != nil { + querySet.Close() + return nil, fmt.Errorf("error compiling query set: %w", err) + } + + return &Scanner{ + language: language, + ruleSet: ruleSet, + querySet: querySet, + detectorSet: detectorSet, + }, nil +} + +func (scanner *Scanner) LanguageID() string { + return scanner.language.ID() +} + +func (scanner *Scanner) Scan( + ctx context.Context, + fileStats *stats.FileStats, + fileInfo *file.FileInfo, +) ([]*detectortypes.Detection, error) { + if !slices.Contains(scanner.language.EnryLanguages(), fileInfo.Language) { + return nil, nil + } + + contentBytes, err := os.ReadFile(fileInfo.AbsolutePath) + if err != nil { + return nil, fmt.Errorf("failed to read file: %w", err) + } + + tree, err := ast.ParseAndAnalyze(ctx, scanner.language, scanner.ruleSet, scanner.querySet, contentBytes) + if err != nil { + return nil, err + } + + if log.Trace().Enabled() { + log.Trace().Msgf("tree (%d nodes):\n%s", tree.NodeCount(), tree.RootNode().Dump()) + } + + sharedCache := cache.NewShared(scanner.ruleSet.Rules()) + traversalCache := traversalstrategy.NewCache(tree.NodeCount()) + cache := cache.NewCache(tree, sharedCache) + ruleScanner := rulescanner.New( + ctx, + scanner.detectorSet, + fileInfo.FileInfo.Name(), + fileStats, + traversalCache, + cache, + ) + + return scanner.evaluateRules(ruleScanner, cache, tree) +} + +func (scanner *Scanner) evaluateRules( + ruleScanner *rulescanner.Scanner, + cache *cache.Cache, + tree *tree.Tree, +) ([]*detectortypes.Detection, error) { + + var detections []*detectortypes.Detection + for _, rule := range scanner.ruleSet.Rules() { + if rule.Type() != ruleset.RuleTypeTopLevel { + continue + } + + cache.Clear() + ruleDetections, err := ruleScanner.Scan(tree.RootNode(), rule, traversalstrategy.NestedStrict) + if err != nil { + return nil, err + } + + detections = append(detections, ruleDetections...) + } + + return detections, nil +} + +func (scanner *Scanner) Close() { + scanner.querySet.Close() +} diff --git a/internal/scanner/rulescanner/rulescanner.go b/internal/scanner/rulescanner/rulescanner.go new file mode 100644 index 000000000..8fce2be2e --- /dev/null +++ b/internal/scanner/rulescanner/rulescanner.go @@ -0,0 +1,165 @@ +package rulescanner + +import ( + "context" + "fmt" + "slices" + "time" + + "github.com/rs/zerolog/log" + + "github.com/bearer/bearer/internal/scanner/ast/traversalstrategy" + "github.com/bearer/bearer/internal/scanner/ast/tree" + "github.com/bearer/bearer/internal/scanner/cache" + detectortypes "github.com/bearer/bearer/internal/scanner/detectors/types" + "github.com/bearer/bearer/internal/scanner/detectorset" + "github.com/bearer/bearer/internal/scanner/ruleset" + "github.com/bearer/bearer/internal/scanner/stats" +) + +type Scanner struct { + ctx context.Context + detectorSet detectorset.Set + filename string + stats *stats.FileStats + traversalCache *traversalstrategy.Cache + cache *cache.Cache +} + +func New( + ctx context.Context, + detectorSet detectorset.Set, + filename string, + stats *stats.FileStats, + traversalCache *traversalstrategy.Cache, + cache *cache.Cache, +) *Scanner { + return &Scanner{ + ctx: ctx, + detectorSet: detectorSet, + filename: filename, + stats: stats, + traversalCache: traversalCache, + cache: cache, + } +} + +func (scanner *Scanner) Scan( + rootNode *tree.Node, + rule *ruleset.Rule, + traversalStrategy traversalstrategy.Strategy, +) ([]*detectortypes.Detection, error) { + if scanner.stats != nil { + startTime := time.Now() + defer scanner.stats.Rule(rule.ID(), startTime) + } + + if log.Trace().Enabled() { + log.Trace().Msgf( + "rule %s scan start at %s [%s]", + rule.ID(), + rootNode.Debug(), + traversalStrategy.Scope(), + ) + } + + var detections []*detectortypes.Detection + if err := traversalStrategy.Traverse(scanner.traversalCache, rootNode, func(node *tree.Node) (bool, error) { + if scanner.ctx.Err() != nil { + return false, scanner.ctx.Err() + } + + result, err := scanner.detectAtNode(rule, node) + if result == nil || err != nil { + return false, err + } + + detections = append(detections, result.Detections...) + return result.Sanitized, nil + }); err != nil { + return nil, err + } + + if log.Trace().Enabled() { + log.Trace().Msgf( + "rule %s scan end at %s [%s]: %d detections", + rule.ID(), + rootNode.Debug(), + traversalStrategy.Scope(), + len(detections), + ) + } + + return detections, nil +} + +func (scanner *Scanner) Filename() string { + return scanner.filename +} + +func (scanner *Scanner) detectAtNode(rule *ruleset.Rule, node *tree.Node) (*detectorset.Result, error) { + if log.Trace().Enabled() { + log.Trace().Msgf("detect at node start: %s at %s", rule.ID(), node.Debug()) + } + + if result, cached := scanner.cache.Get(node, rule); cached { + if log.Trace().Enabled() { + log.Trace().Msgf( + "detect at node end: %s at %s: %s (cached)", + rule.ID(), + node.Debug(), + traceResultText(result), + ) + } + + return result, nil + } + + if scanner.ruleDisabledForNode(rule, node) { + if log.Trace().Enabled() { + log.Trace().Msgf( + "detect at node end: %s at %s: rule disabled", + rule.ID(), + node.Debug(), + ) + } + + scanner.cache.Put(node, rule, nil) + return nil, nil + } + + result, err := scanner.detectorSet.DetectAt(node, rule, scanner) + if err != nil { + return nil, err + } + + if log.Trace().Enabled() { + log.Trace().Msgf( + "detect at node end: %s at %s: %s", + rule.ID(), + node.Debug(), + traceResultText(result), + ) + } + + scanner.cache.Put(node, rule, result) + return result, nil +} + +func (scanner *Scanner) ruleDisabledForNode(rule *ruleset.Rule, node *tree.Node) bool { + for current := node; current != nil; current = current.Parent() { + if slices.Contains(node.DisabledRuleIndices(), rule.Index()) { + return true + } + } + + return false +} + +func traceResultText(result *detectorset.Result) string { + if result.Sanitized { + return "sanitized" + } + + return fmt.Sprintf("%d detections", len(result.Detections)) +} diff --git a/internal/scanner/ruleset/builtin.go b/internal/scanner/ruleset/builtin.go new file mode 100644 index 000000000..fbf5f323f --- /dev/null +++ b/internal/scanner/ruleset/builtin.go @@ -0,0 +1,42 @@ +package ruleset + +var ( + BuiltinObjectRule = &Rule{ + index: 0, + id: "object", + ruleType: RuleTypeBuiltin, + } + + BuiltinStringRule = &Rule{ + index: 1, + id: "string", + ruleType: RuleTypeBuiltin, + } + + BuiltinDatatypeRule = &Rule{ + index: 2, + id: "datatype", + ruleType: RuleTypeBuiltin, + } + + BuiltinInsecureURLRule = &Rule{ + index: 3, + id: "insecure_url", + ruleType: RuleTypeBuiltin, + } + + BuiltinStringLiteralRule = &Rule{ + index: 4, + id: "string_literal", + ruleType: RuleTypeBuiltin, + } + + // index in the slice and the index number above must match + builtinRules = []*Rule{ + BuiltinObjectRule, + BuiltinStringRule, + BuiltinDatatypeRule, + BuiltinInsecureURLRule, + BuiltinStringLiteralRule, + } +) diff --git a/internal/scanner/ruleset/ruleset.go b/internal/scanner/ruleset/ruleset.go new file mode 100644 index 000000000..46b2a0425 --- /dev/null +++ b/internal/scanner/ruleset/ruleset.go @@ -0,0 +1,156 @@ +package ruleset + +import ( + "fmt" + "slices" + + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/report/customdetectors" + "github.com/bearer/bearer/internal/util/set" +) + +type RuleType int + +const ( + RuleTypeTopLevel RuleType = iota + RuleTypeShared + RuleTypeBuiltin + RuleTypeAuxiliary +) + +type Set struct { + rules []*Rule + rulesByID map[string]*Rule +} + +type Rule struct { + index int + id string + ruleType RuleType + sanitizerRule *Rule + patterns []settings.RulePattern +} + +func New(languageID string, settingsRules map[string]*settings.Rule) (*Set, error) { + languageRules := getLanguageRules(settingsRules, languageID) + triggerRuleIDs := getTriggerRuleIDs(languageRules) + + rulesByID := make(map[string]*Rule) + var rules []*Rule + + for _, rule := range builtinRules { + if rulesByID[rule.id] != nil { + return nil, fmt.Errorf("duplicate built-in rule '%s'", rule.id) + } + + rules = append(rules, rule) + rulesByID[rule.id] = rule + } + + for _, settingsRule := range languageRules { + rule := &Rule{ + index: len(rules), + id: settingsRule.Id, + ruleType: getRuleType(triggerRuleIDs, settingsRule), + patterns: settingsRule.Patterns, + } + + if rulesByID[rule.id] != nil { + return nil, fmt.Errorf("duplicate rule '%s'", rule.id) + } + + rules = append(rules, rule) + rulesByID[rule.id] = rule + } + + for _, rule := range rules { + if rule.ruleType == RuleTypeBuiltin { + continue + } + + settingsRule := settingsRules[rule.id] + if settingsRule.SanitizerRuleID == "" { + continue + } + + sanitizerRule := rulesByID[settingsRule.SanitizerRuleID] + if sanitizerRule == nil { + return nil, fmt.Errorf("invalid rule id for sanitizer '%s'", settingsRule.SanitizerRuleID) + } + + rule.sanitizerRule = sanitizerRule + } + + return &Set{ + rules: rules, + rulesByID: rulesByID, + }, nil +} + +func getLanguageRules(settingsRules map[string]*settings.Rule, languageID string) []*settings.Rule { + var result []*settings.Rule + + for _, settingsRule := range settingsRules { + if slices.Contains(settingsRule.Languages, languageID) { + result = append(result, settingsRule) + } + } + + return result +} + +func getTriggerRuleIDs(languageRules []*settings.Rule) set.Set[string] { + triggerRuleIDs := set.New[string]() + + for _, settingsRule := range languageRules { + if settingsRule.Trigger.RequiredDetection != nil { + triggerRuleIDs.Add(*settingsRule.Trigger.RequiredDetection) + } + } + + return triggerRuleIDs +} + +func getRuleType(triggerRuleIDs set.Set[string], settingsRule *settings.Rule) RuleType { + switch { + case settingsRule.Type == customdetectors.TypeShared: + return RuleTypeShared + case !settingsRule.IsAuxilary || triggerRuleIDs.Has(settingsRule.Id): + return RuleTypeTopLevel + default: + return RuleTypeAuxiliary + } +} + +func (set *Set) RuleByID(id string) (*Rule, error) { + rule, exists := set.rulesByID[id] + if !exists { + return nil, fmt.Errorf("invalid rule id '%s'", id) + } + + return rule, nil +} + +func (set *Set) Rules() []*Rule { + return set.rules +} + +func (rule *Rule) Index() int { + return rule.index +} + +func (rule *Rule) ID() string { + return rule.id +} + +func (rule *Rule) Type() RuleType { + return rule.ruleType +} + +func (rule *Rule) SanitizerRule() *Rule { + return rule.sanitizerRule +} + +func (rule *Rule) Patterns() []settings.RulePattern { + return rule.patterns +} diff --git a/internal/scanner/scanner.go b/internal/scanner/scanner.go new file mode 100644 index 000000000..0225d4d5b --- /dev/null +++ b/internal/scanner/scanner.go @@ -0,0 +1,167 @@ +package scanner + +import ( + "context" + "fmt" + "strings" + + schemaclassifier "github.com/bearer/bearer/internal/classification/schema" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/languages/java" + "github.com/bearer/bearer/internal/languages/javascript" + "github.com/bearer/bearer/internal/languages/ruby" + "github.com/bearer/bearer/internal/report" + reportdetections "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/detectors" + reportschema "github.com/bearer/bearer/internal/report/schema" + "github.com/bearer/bearer/internal/report/source" + customruletypes "github.com/bearer/bearer/internal/scanner/detectors/customrule/types" + "github.com/bearer/bearer/internal/scanner/detectors/datatype" + detectortypes "github.com/bearer/bearer/internal/scanner/detectors/types" + "github.com/bearer/bearer/internal/scanner/language" + "github.com/bearer/bearer/internal/util/file" + "github.com/bearer/bearer/internal/util/pluralize" + + "github.com/bearer/bearer/internal/scanner/languagescanner" + "github.com/bearer/bearer/internal/scanner/stats" +) + +type Scanner struct { + languageScanners []*languagescanner.Scanner +} + +func New(schemaClassifier *schemaclassifier.Classifier, rules map[string]*settings.Rule) (*Scanner, error) { + languages := []language.Language{ + java.Get(), + javascript.Get(), + ruby.Get(), + } + + languageScanners := make([]*languagescanner.Scanner, len(languages)) + + for i, language := range languages { + languageScanner, err := languagescanner.New(language, schemaClassifier, rules) + if err != nil { + return nil, fmt.Errorf("error creating %s language scanner: %w", language.ID(), err) + } + + languageScanners[i] = languageScanner + } + + return &Scanner{languageScanners: languageScanners}, nil +} + +func (scanner *Scanner) Scan( + ctx context.Context, + report report.Report, + fileStats *stats.FileStats, + file *file.FileInfo, +) error { + if scanner == nil { + return nil + } + + for _, languageScanner := range scanner.languageScanners { + detections, err := languageScanner.Scan(ctx, fileStats, file) + if err != nil { + return fmt.Errorf("%s scan failed: %w", languageScanner.LanguageID(), err) + } + + for _, detection := range detections { + detectorType := detectors.Type(detection.RuleID) + data := detection.Data.(customruletypes.Data) + + if len(data.Datatypes) == 0 { + report.AddDetection(reportdetections.TypeCustomRisk, + detectorType, + source.New( + file, + file.Path, + detection.MatchNode.ContentStart.Line, + detection.MatchNode.ContentStart.Column, + detection.MatchNode.ContentEnd.Line, + detection.MatchNode.ContentEnd.Column, + data.Pattern, + ), + reportschema.Source{ + StartLineNumber: detection.MatchNode.ContentStart.Line, + EndLineNumber: detection.MatchNode.ContentEnd.Line, + StartColumnNumber: detection.MatchNode.ContentStart.Column, + EndColumnNumber: detection.MatchNode.ContentEnd.Column, + Content: detection.MatchNode.Content(), + }) + } + + for _, datatypeDetection := range data.Datatypes { + reportDatatypeDetection( + report, + file, + detectorType, + detection, + datatypeDetection, + "", + ) + } + } + } + + return nil +} + +func reportDatatypeDetection( + report reportdetections.ReportDetection, + file *file.FileInfo, + detectorType detectors.Type, + detection, + datatypeDetection *detectortypes.Detection, + objectName string, +) { + data := datatypeDetection.Data.(datatype.Data) + + for _, property := range data.Properties { + report.AddDetection( + reportdetections.TypeCustomClassified, + detectorType, + source.New( + file, + file.Path, + property.Node.ContentStart.Line, + property.Node.ContentStart.Column, + property.Node.ContentEnd.Line, + property.Node.ContentEnd.Column, + "", + ), + reportschema.Schema{ + ObjectName: objectName, + NormalizedObjectName: pluralize.Singular(strings.ToLower(objectName)), + FieldName: property.Name, + NormalizedFieldName: pluralize.Singular(strings.ToLower(property.Name)), + Classification: property.Classification, + Source: &reportschema.Source{ + StartLineNumber: detection.MatchNode.ContentStart.Line, + EndLineNumber: detection.MatchNode.ContentEnd.Line, + StartColumnNumber: detection.MatchNode.ContentStart.Column, + EndColumnNumber: detection.MatchNode.ContentEnd.Column, + Content: detection.MatchNode.Content(), + }, + }, + ) + + if property.Datatype != nil { + reportDatatypeDetection( + report, + file, + detectorType, + detection, + property.Datatype, + property.Name, + ) + } + } +} + +func (scanner *Scanner) Close() { + for _, languageScanner := range scanner.languageScanners { + languageScanner.Close() + } +} diff --git a/new/detector/evaluator/stats/stats.go b/internal/scanner/stats/stats.go similarity index 92% rename from new/detector/evaluator/stats/stats.go rename to internal/scanner/stats/stats.go index 3f97556ec..690382407 100644 --- a/new/detector/evaluator/stats/stats.go +++ b/internal/scanner/stats/stats.go @@ -4,12 +4,12 @@ import ( "encoding/json" "fmt" "io" + "slices" "strings" "sync" "time" "golang.org/x/exp/maps" - "golang.org/x/exp/slices" "github.com/dustin/go-humanize" ) @@ -166,9 +166,12 @@ func (stats *Stats) reportSlowestFiles(writer io.StringWriter) { "Slowest files (total runtime %s):\n", stats.totalFileDuration.Truncate(time.Millisecond)), ) - slices.SortFunc(stats.slowFiles, func(a, b slowFile) bool { - return a.duration > b.duration || - (a.duration == b.duration && a.filename < b.filename) + slices.SortFunc(stats.slowFiles, func(a, b slowFile) int { + if a.duration == b.duration { + return strings.Compare(a.filename, b.filename) + } + + return int(b.duration - a.duration) }) for _, file := range stats.slowFiles { @@ -193,8 +196,8 @@ func (stats *Stats) reportSlowestRules(writer io.StringWriter) { totalRuleDuration.Truncate(time.Millisecond), )) sortedRuleIDs := maps.Keys(stats.rules) - slices.SortFunc(sortedRuleIDs, func(a, b string) bool { - return stats.rules[a] > stats.rules[b] + slices.SortFunc(sortedRuleIDs, func(a, b string) int { + return int(stats.rules[b] - stats.rules[a]) }) numSlowRules := maxSlowRules @@ -220,8 +223,8 @@ func (stats *Stats) reportFailedFiles(writer io.StringWriter) { } writer.WriteString("\nFailed files:\n") //nolint:errcheck - slices.SortFunc(stats.failedFiles, func(a, b failedFile) bool { - return a.filename < b.filename + slices.SortFunc(stats.failedFiles, func(a, b failedFile) int { + return strings.Compare(a.filename, b.filename) }) for _, file := range stats.failedFiles { diff --git a/internal/scanner/variableshape/variableshape.go b/internal/scanner/variableshape/variableshape.go new file mode 100644 index 000000000..c8eb722dc --- /dev/null +++ b/internal/scanner/variableshape/variableshape.go @@ -0,0 +1,204 @@ +package variableshape + +import ( + "fmt" + + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/scanner/ast/tree" + patternquerybuilder "github.com/bearer/bearer/internal/scanner/detectors/customrule/patternquery/builder" + "github.com/bearer/bearer/internal/scanner/language" + "github.com/bearer/bearer/internal/scanner/ruleset" +) + +type Values []*tree.Node + +func (values Values) Clone() Values { + if len(values) == 0 { + return nil + } + + result := make(Values, len(values)) + copy(result, values) + return result +} + +func (values Values) Merge(other Values) (Values, bool) { + if len(values) == 0 { + return nil, true + } + + if &values[0] == &other[0] { + return values, true + } + + result := make(Values, len(values)) + for i, node := range values { + otherNode := other[i] + + if node == nil || node == otherNode { + result[i] = otherNode + continue + } + + if otherNode == nil { + result[i] = node + continue + } + + return nil, false + } + + return result, true +} + +func (values Values) Node(variable *Variable) *tree.Node { + return values[variable.id] +} + +func (values Values) Set(variable *Variable, node *tree.Node) { + values[variable.id] = node +} + +type Variable struct { + id int + name string +} + +func (variable *Variable) Name() string { + return variable.name +} + +type Builder struct { + variables []Variable + nameToID map[string]int +} + +func NewBuilder() *Builder { + return &Builder{ + nameToID: make(map[string]int), + } +} + +func (builder *Builder) Add(name string) *Builder { + _, exists := builder.nameToID[name] + if exists { + return builder + } + + id := len(builder.variables) + + builder.variables = append(builder.variables, Variable{ + id: id, + name: name, + }) + + builder.nameToID[name] = id + + return builder +} + +func (builder *Builder) Build() Shape { + nameToVariable := make(map[string]*Variable) + for i := range builder.variables { + variable := &builder.variables[i] + nameToVariable[variable.name] = variable + } + + return Shape{ + variables: builder.variables, + nameToVariable: nameToVariable, + } +} + +type Shape struct { + variables []Variable + nameToVariable map[string]*Variable +} + +func (shape *Shape) Variable(name string) (*Variable, error) { + variable, exists := shape.nameToVariable[name] + if !exists { + return nil, fmt.Errorf("unknown variable '%s'", name) + } + + return variable, nil +} + +func (shape *Shape) NewValues() Values { + if len(shape.variables) == 0 { + return nil + } + + return make(Values, len(shape.variables)) +} + +type Set struct { + shapes []Shape +} + +func NewSet(language language.Language, ruleSet *ruleset.Set) (*Set, error) { + set := &Set{ + shapes: make([]Shape, len(ruleSet.Rules())), + } + + for _, rule := range ruleSet.Rules() { + if err := set.add(language, rule); err != nil { + return nil, err + } + } + + return set, nil +} + +// FIXME: don't do this! +func (set *Set) add(language language.Language, rule *ruleset.Rule) error { + builder := NewBuilder() + + for _, pattern := range rule.Patterns() { + if err := addVariablesFromPattern(language, builder, pattern.Pattern); err != nil { + return err + } + + addVariablesFromFilters(builder, pattern.Filters) + } + + set.shapes[rule.Index()] = builder.Build() + return nil +} + +func (set *Set) Shape(rule *ruleset.Rule) *Shape { + return &set.shapes[rule.Index()] +} + +func addVariablesFromPattern(language language.Language, builder *Builder, pattern string) error { + result, err := patternquerybuilder.Build(language, pattern, "") + if err != nil { + return err + } + + if result.RootVariable != nil { + builder.Add(result.RootVariable.Name) + return nil + } + + for _, name := range result.VariableNames { + builder.Add(name) + } + + return nil +} + +func addVariablesFromFilters(builder *Builder, filters []settings.PatternFilter) { + for _, filter := range filters { + addVariablesFromFilter(builder, filter) + } +} + +func addVariablesFromFilter(builder *Builder, filter settings.PatternFilter) { + for _, importedVariable := range filter.Imports { + builder.Add(importedVariable.As) + } + + addVariablesFromFilters(builder, filter.Either) + addVariablesFromFilters(builder, filter.Filters) +} diff --git a/pkg/types/artifact.go b/internal/types/artifact.go similarity index 100% rename from pkg/types/artifact.go rename to internal/types/artifact.go diff --git a/pkg/types/report.go b/internal/types/report.go similarity index 100% rename from pkg/types/report.go rename to internal/types/report.go diff --git a/pkg/types/severity.go b/internal/types/severity.go similarity index 100% rename from pkg/types/severity.go rename to internal/types/severity.go diff --git a/pkg/types/target.go b/internal/types/target.go similarity index 100% rename from pkg/types/target.go rename to internal/types/target.go diff --git a/pkg/types/trigger.go b/internal/types/trigger.go similarity index 100% rename from pkg/types/trigger.go rename to internal/types/trigger.go diff --git a/pkg/util/cache/utils.go b/internal/util/cache/utils.go similarity index 100% rename from pkg/util/cache/utils.go rename to internal/util/cache/utils.go diff --git a/pkg/util/classify/classify.go b/internal/util/classify/classify.go similarity index 94% rename from pkg/util/classify/classify.go rename to internal/util/classify/classify.go index 9069396db..f85bd76dd 100644 --- a/pkg/util/classify/classify.go +++ b/internal/util/classify/classify.go @@ -3,7 +3,7 @@ package classify import ( "regexp" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/report/detectors" ) type ValidationState string diff --git a/pkg/util/classify/classify_schema.go b/internal/util/classify/classify_schema.go similarity index 95% rename from pkg/util/classify/classify_schema.go rename to internal/util/classify/classify_schema.go index 1bd9242e0..2460b93ca 100644 --- a/pkg/util/classify/classify_schema.go +++ b/internal/util/classify/classify_schema.go @@ -3,7 +3,7 @@ package classify import ( "fmt" - "github.com/bearer/bearer/pkg/report/detectors" + "github.com/bearer/bearer/internal/report/detectors" ) var objectStopWords = map[string]struct{}{ diff --git a/pkg/util/classify/classify_schema_test.go b/internal/util/classify/classify_schema_test.go similarity index 95% rename from pkg/util/classify/classify_schema_test.go rename to internal/util/classify/classify_schema_test.go index 0588491a5..6546a9fc8 100644 --- a/pkg/util/classify/classify_schema_test.go +++ b/internal/util/classify/classify_schema_test.go @@ -3,8 +3,8 @@ package classify_test import ( "testing" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/util/classify" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/util/classify" "github.com/stretchr/testify/assert" ) diff --git a/pkg/util/classify/classify_test.go b/internal/util/classify/classify_test.go similarity index 92% rename from pkg/util/classify/classify_test.go rename to internal/util/classify/classify_test.go index da8a37716..1a1b96eee 100644 --- a/pkg/util/classify/classify_test.go +++ b/internal/util/classify/classify_test.go @@ -3,8 +3,8 @@ package classify_test import ( "testing" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/util/classify" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/util/classify" "github.com/stretchr/testify/assert" ) diff --git a/pkg/util/components/components.go b/internal/util/components/components.go similarity index 73% rename from pkg/util/components/components.go rename to internal/util/components/components.go index 985f2711e..5aa77ed0f 100644 --- a/pkg/util/components/components.go +++ b/internal/util/components/components.go @@ -3,8 +3,8 @@ package components import ( "regexp" - "github.com/bearer/bearer/pkg/util/normalize_key" - "github.com/bearer/bearer/pkg/util/regex" + "github.com/bearer/bearer/internal/util/normalize_key" + "github.com/bearer/bearer/internal/util/regex" ) var keyPatterns = []*regexp.Regexp{ diff --git a/pkg/util/file/file.go b/internal/util/file/file.go similarity index 99% rename from pkg/util/file/file.go rename to internal/util/file/file.go index 50e302e05..168a8da35 100644 --- a/pkg/util/file/file.go +++ b/internal/util/file/file.go @@ -14,7 +14,7 @@ import ( "github.com/go-enry/go-enry/v2" "github.com/rs/zerolog/log" - "github.com/bearer/bearer/pkg/util/regex" + "github.com/bearer/bearer/internal/util/regex" ignore "github.com/sabhiram/go-gitignore" ) diff --git a/pkg/util/ignore/ignore.go b/internal/util/ignore/ignore.go similarity index 96% rename from pkg/util/ignore/ignore.go rename to internal/util/ignore/ignore.go index 35117ae6c..6379fe2e0 100644 --- a/pkg/util/ignore/ignore.go +++ b/internal/util/ignore/ignore.go @@ -9,11 +9,13 @@ import ( "strings" "time" - "github.com/bearer/bearer/api" - types "github.com/bearer/bearer/pkg/util/ignore/types" - pointer "github.com/bearer/bearer/pkg/util/pointers" - "github.com/fatih/color" "golang.org/x/exp/maps" + + "github.com/fatih/color" + + "github.com/bearer/bearer/api" + types "github.com/bearer/bearer/internal/util/ignore/types" + pointer "github.com/bearer/bearer/internal/util/pointers" ) func GetIgnoredFingerprints(bearerIgnoreFilePath string, target *string) (ignoredFingerprints map[string]types.IgnoredFingerprint, fileExists bool, err error) { diff --git a/pkg/util/ignore/ignore_test.go b/internal/util/ignore/ignore_test.go similarity index 95% rename from pkg/util/ignore/ignore_test.go rename to internal/util/ignore/ignore_test.go index 2f5b9426b..da4f0cc44 100644 --- a/pkg/util/ignore/ignore_test.go +++ b/internal/util/ignore/ignore_test.go @@ -3,10 +3,12 @@ package ignore_test import ( "testing" - "github.com/bearer/bearer/pkg/util/ignore" - types "github.com/bearer/bearer/pkg/util/ignore/types" - "github.com/stretchr/testify/assert" "golang.org/x/exp/maps" + + "github.com/stretchr/testify/assert" + + "github.com/bearer/bearer/internal/util/ignore" + types "github.com/bearer/bearer/internal/util/ignore/types" ) func TestGetIgnoredFingerprints(t *testing.T) { diff --git a/pkg/util/ignore/types/types.go b/internal/util/ignore/types/types.go similarity index 100% rename from pkg/util/ignore/types/types.go rename to internal/util/ignore/types/types.go diff --git a/pkg/util/jsonlines/jsonlines.go b/internal/util/jsonlines/jsonlines.go similarity index 97% rename from pkg/util/jsonlines/jsonlines.go rename to internal/util/jsonlines/jsonlines.go index da5c45965..1545a418d 100644 --- a/pkg/util/jsonlines/jsonlines.go +++ b/internal/util/jsonlines/jsonlines.go @@ -6,7 +6,7 @@ import ( "io" "reflect" - "github.com/bearer/bearer/pkg/util/linescanner" + "github.com/bearer/bearer/internal/util/linescanner" ) const maxTokenSizeBytes int = 5 * 1024 * 1024 diff --git a/pkg/util/jsonlines/jsonlines_test.go b/internal/util/jsonlines/jsonlines_test.go similarity index 95% rename from pkg/util/jsonlines/jsonlines_test.go rename to internal/util/jsonlines/jsonlines_test.go index 1b525dd4b..b416f2e72 100644 --- a/pkg/util/jsonlines/jsonlines_test.go +++ b/internal/util/jsonlines/jsonlines_test.go @@ -4,7 +4,7 @@ import ( "os" "testing" - "github.com/bearer/bearer/pkg/util/jsonlines" + "github.com/bearer/bearer/internal/util/jsonlines" "github.com/mitchellh/mapstructure" "github.com/stretchr/testify/assert" ) diff --git a/pkg/util/linescanner/linescanner.go b/internal/util/linescanner/linescanner.go similarity index 100% rename from pkg/util/linescanner/linescanner.go rename to internal/util/linescanner/linescanner.go diff --git a/pkg/util/maputil/maputil.go b/internal/util/maputil/maputil.go similarity index 100% rename from pkg/util/maputil/maputil.go rename to internal/util/maputil/maputil.go diff --git a/pkg/util/normalize_key/normalize_key.go b/internal/util/normalize_key/normalize_key.go similarity index 100% rename from pkg/util/normalize_key/normalize_key.go rename to internal/util/normalize_key/normalize_key.go diff --git a/pkg/util/normalize_key/normalize_key_test.go b/internal/util/normalize_key/normalize_key_test.go similarity index 90% rename from pkg/util/normalize_key/normalize_key_test.go rename to internal/util/normalize_key/normalize_key_test.go index 7c26a684a..01deacbbd 100644 --- a/pkg/util/normalize_key/normalize_key_test.go +++ b/internal/util/normalize_key/normalize_key_test.go @@ -3,7 +3,7 @@ package normalize_key_test import ( "testing" - "github.com/bearer/bearer/pkg/util/normalize_key" + "github.com/bearer/bearer/internal/util/normalize_key" "github.com/stretchr/testify/assert" ) diff --git a/pkg/util/output/output.go b/internal/util/output/output.go similarity index 98% rename from pkg/util/output/output.go rename to internal/util/output/output.go index c55260a53..1620eeda8 100644 --- a/pkg/util/output/output.go +++ b/internal/util/output/output.go @@ -7,7 +7,7 @@ import ( "os" "time" - "github.com/bearer/bearer/pkg/flag" + "github.com/bearer/bearer/internal/flag" "github.com/rs/zerolog" "github.com/rs/zerolog/log" "github.com/spf13/cobra" diff --git a/pkg/util/pluralize/pluralize.go b/internal/util/pluralize/pluralize.go similarity index 100% rename from pkg/util/pluralize/pluralize.go rename to internal/util/pluralize/pluralize.go diff --git a/pkg/util/pointers/pointers.go b/internal/util/pointers/pointers.go similarity index 70% rename from pkg/util/pointers/pointers.go rename to internal/util/pointers/pointers.go index 9cf77c65c..f02311e50 100644 --- a/pkg/util/pointers/pointers.go +++ b/internal/util/pointers/pointers.go @@ -7,3 +7,7 @@ func String(value string) *string { func Int(value int) *int { return &value } + +func Bool(value bool) *bool { + return &value +} diff --git a/pkg/util/progressbar/progressbar.go b/internal/util/progressbar/progressbar.go similarity index 89% rename from pkg/util/progressbar/progressbar.go rename to internal/util/progressbar/progressbar.go index 76739c0e2..ef340d133 100644 --- a/pkg/util/progressbar/progressbar.go +++ b/internal/util/progressbar/progressbar.go @@ -1,8 +1,8 @@ package progressbar import ( - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/util/output" + "github.com/bearer/bearer/internal/commands/process/settings" + "github.com/bearer/bearer/internal/util/output" "github.com/schollz/progressbar/v3" ) diff --git a/pkg/util/regex/regex.go b/internal/util/regex/regex.go similarity index 100% rename from pkg/util/regex/regex.go rename to internal/util/regex/regex.go diff --git a/pkg/util/rego/rego.go b/internal/util/rego/rego.go similarity index 100% rename from pkg/util/rego/rego.go rename to internal/util/rego/rego.go diff --git a/pkg/util/set/set.go b/internal/util/set/set.go similarity index 100% rename from pkg/util/set/set.go rename to internal/util/set/set.go diff --git a/pkg/util/stringutil/stringutil.go b/internal/util/stringutil/stringutil.go similarity index 100% rename from pkg/util/stringutil/stringutil.go rename to internal/util/stringutil/stringutil.go diff --git a/pkg/util/tmpfile/tmpfile.go b/internal/util/tmpfile/tmpfile.go similarity index 87% rename from pkg/util/tmpfile/tmpfile.go rename to internal/util/tmpfile/tmpfile.go index 89ef528be..e4ffb8356 100644 --- a/pkg/util/tmpfile/tmpfile.go +++ b/internal/util/tmpfile/tmpfile.go @@ -5,7 +5,7 @@ import ( "fmt" "os" - "github.com/bearer/bearer/pkg/util/output" + "github.com/bearer/bearer/internal/util/output" ) var ErrCreateFailed = errors.New("failed to create file") diff --git a/pkg/util/url/domain_resolver.go b/internal/util/url/domain_resolver.go similarity index 100% rename from pkg/util/url/domain_resolver.go rename to internal/util/url/domain_resolver.go diff --git a/pkg/util/url/domain_resolver_test.go b/internal/util/url/domain_resolver_test.go similarity index 98% rename from pkg/util/url/domain_resolver_test.go rename to internal/util/url/domain_resolver_test.go index ac9cfa71b..af6d08498 100644 --- a/pkg/util/url/domain_resolver_test.go +++ b/internal/util/url/domain_resolver_test.go @@ -6,7 +6,7 @@ import ( "net" "testing" - "github.com/bearer/bearer/pkg/util/url" + "github.com/bearer/bearer/internal/util/url" "github.com/stretchr/testify/assert" ) diff --git a/pkg/util/url/url.go b/internal/util/url/url.go similarity index 99% rename from pkg/util/url/url.go rename to internal/util/url/url.go index 1cbc52669..a93c2ce1b 100644 --- a/pkg/util/url/url.go +++ b/internal/util/url/url.go @@ -8,8 +8,8 @@ import ( "regexp" "strings" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/util/classify" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/util/classify" "github.com/weppos/publicsuffix-go/publicsuffix" ) diff --git a/pkg/util/url/url_test.go b/internal/util/url/url_test.go similarity index 98% rename from pkg/util/url/url_test.go rename to internal/util/url/url_test.go index f5d82f819..2a04d3eee 100644 --- a/pkg/util/url/url_test.go +++ b/internal/util/url/url_test.go @@ -6,11 +6,11 @@ import ( "net" "testing" - "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/source" - "github.com/bearer/bearer/pkg/util/classify" - "github.com/bearer/bearer/pkg/util/url" + "github.com/bearer/bearer/internal/report/detections" + "github.com/bearer/bearer/internal/report/detectors" + "github.com/bearer/bearer/internal/report/source" + "github.com/bearer/bearer/internal/util/classify" + "github.com/bearer/bearer/internal/util/url" "github.com/stretchr/testify/assert" ) diff --git a/pkg/version_check/bearer_version.go b/internal/version_check/bearer_version.go similarity index 91% rename from pkg/version_check/bearer_version.go rename to internal/version_check/bearer_version.go index c8b34522b..94781c846 100644 --- a/pkg/version_check/bearer_version.go +++ b/internal/version_check/bearer_version.go @@ -3,9 +3,10 @@ package version_check import ( "encoding/json" - "github.com/bearer/bearer/api" - "github.com/bearer/bearer/pkg/flag" "github.com/spf13/viper" + + "github.com/bearer/bearer/api" + "github.com/bearer/bearer/internal/flag" ) func GetBearerVerionMeta(languages []string) (*VersionMeta, error) { diff --git a/pkg/version_check/github_version.go b/internal/version_check/github_version.go similarity index 99% rename from pkg/version_check/github_version.go rename to internal/version_check/github_version.go index 1632c35d0..0e4113c80 100644 --- a/pkg/version_check/github_version.go +++ b/internal/version_check/github_version.go @@ -8,8 +8,9 @@ import ( "strings" "time" - "github.com/bearer/bearer/cmd/bearer/build" "github.com/google/go-github/github" + + "github.com/bearer/bearer/cmd/bearer/build" ) func githubClient() *github.Client { diff --git a/pkg/version_check/version_check.go b/internal/version_check/version_check.go similarity index 94% rename from pkg/version_check/version_check.go rename to internal/version_check/version_check.go index f7fe4408d..087d560d8 100644 --- a/pkg/version_check/version_check.go +++ b/internal/version_check/version_check.go @@ -3,11 +3,12 @@ package version_check import ( "context" - "github.com/bearer/bearer/cmd/bearer/build" - "github.com/bearer/bearer/pkg/flag" - "github.com/bearer/bearer/pkg/util/output" "github.com/rs/zerolog/log" "github.com/spf13/viper" + + "github.com/bearer/bearer/cmd/bearer/build" + "github.com/bearer/bearer/internal/flag" + "github.com/bearer/bearer/internal/util/output" ) type VersionMeta struct { diff --git a/new/detector/composition/composition.go b/new/detector/composition/composition.go deleted file mode 100644 index 8ba46a9d4..000000000 --- a/new/detector/composition/composition.go +++ /dev/null @@ -1,106 +0,0 @@ -package composition - -import ( - "strings" - - "github.com/bearer/bearer/new/detector/detection" - "github.com/bearer/bearer/new/detector/implementation/custom" - "github.com/bearer/bearer/new/detector/implementation/generic/datatype" - reportdetections "github.com/bearer/bearer/pkg/report/detections" - "github.com/bearer/bearer/pkg/report/detectors" - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/report/source" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bearer/bearer/pkg/util/pluralize" -) - -func ReportDetections(report reportdetections.ReportDetection, file *file.FileInfo, detections []*detection.Detection) { - for _, detection := range detections { - detectorType := detectors.Type(detection.DetectorType) - data := detection.Data.(custom.Data) - - if len(data.Datatypes) == 0 { - report.AddDetection(reportdetections.TypeCustomRisk, - detectorType, - source.New( - file, - file.Path, - detection.MatchNode.StartLineNumber(), - detection.MatchNode.StartColumnNumber(), - detection.MatchNode.EndLineNumber(), - detection.MatchNode.EndColumnNumber(), - data.Pattern, - ), - schema.Source{ - StartLineNumber: detection.MatchNode.StartLineNumber(), - EndLineNumber: detection.MatchNode.EndLineNumber(), - StartColumnNumber: detection.MatchNode.StartColumnNumber(), - EndColumnNumber: detection.MatchNode.EndColumnNumber(), - Content: detection.MatchNode.Content(), - }) - } - - for _, datatypeDetection := range data.Datatypes { - reportDatatypeDetection( - report, - file, - detectorType, - detection, - datatypeDetection, - "", - ) - } - } -} - -func reportDatatypeDetection( - report reportdetections.ReportDetection, - file *file.FileInfo, - detectorType detectors.Type, - detection, - datatypeDetection *detection.Detection, - objectName string, -) { - data := datatypeDetection.Data.(datatype.Data) - - for _, property := range data.Properties { - report.AddDetection( - reportdetections.TypeCustomClassified, - detectorType, - source.New( - file, - file.Path, - property.Node.StartLineNumber(), - property.Node.StartColumnNumber(), - property.Node.EndLineNumber(), - property.Node.EndColumnNumber(), - "", - ), - schema.Schema{ - ObjectName: objectName, - NormalizedObjectName: pluralize.Singular(strings.ToLower(objectName)), - FieldName: property.Name, - NormalizedFieldName: pluralize.Singular(strings.ToLower(property.Name)), - Classification: property.Classification, - Source: &schema.Source{ - StartLineNumber: detection.MatchNode.StartLineNumber(), - EndLineNumber: detection.MatchNode.EndLineNumber(), - StartColumnNumber: detection.MatchNode.StartColumnNumber(), - EndColumnNumber: detection.MatchNode.EndColumnNumber(), - Content: detection.MatchNode.Content(), - }, - }, - ) - - if property.Datatype != nil { - reportDatatypeDetection( - report, - file, - detectorType, - detection, - property.Datatype, - property.Name, - ) - } - } -} diff --git a/new/detector/composition/java/java.go b/new/detector/composition/java/java.go deleted file mode 100644 index e6d979415..000000000 --- a/new/detector/composition/java/java.go +++ /dev/null @@ -1,258 +0,0 @@ -package java - -import ( - "context" - "fmt" - "os" - - "golang.org/x/exp/slices" - - "github.com/bearer/bearer/pkg/classification" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/customdetectors" - "github.com/bearer/bearer/pkg/util/file" - - "github.com/bearer/bearer/new/detector/composition/types" - "github.com/bearer/bearer/new/detector/detection" - "github.com/bearer/bearer/new/detector/evaluator" - cachepkg "github.com/bearer/bearer/new/detector/evaluator/cache" - "github.com/bearer/bearer/new/detector/evaluator/stats" - "github.com/bearer/bearer/new/detector/implementation/custom" - "github.com/bearer/bearer/new/detector/implementation/generic/datatype" - "github.com/bearer/bearer/new/detector/implementation/generic/insecureurl" - "github.com/bearer/bearer/new/detector/implementation/generic/stringliteral" - "github.com/bearer/bearer/new/detector/implementation/java/object" - "github.com/bearer/bearer/new/language" - - stringdetector "github.com/bearer/bearer/new/detector/implementation/java/string" - detectorset "github.com/bearer/bearer/new/detector/set" - detectortypes "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/implementation" - java "github.com/bearer/bearer/new/language/implementation/java" - "github.com/bearer/bearer/new/language/tree" - languagetypes "github.com/bearer/bearer/new/language/types" - reporttypes "github.com/bearer/bearer/pkg/report/detectors" -) - -type Composition struct { - customDetectorTypes []string - sharedDetectorTypes []string - detectorSet detectortypes.DetectorSet - langImplementation implementation.Implementation - lang languagetypes.Language - querySet *tree.QuerySet - closers []func() - rules map[string]*settings.Rule -} - -func New( - rules map[string]*settings.Rule, - classifier *classification.Classifier, -) (detectortypes.Composition, error) { - lang, err := language.Get("java") - if err != nil { - return nil, fmt.Errorf("failed to lookup language: %s", err) - } - - querySet := lang.NewQuerySet() - - composition := &Composition{ - langImplementation: java.Get(), - lang: lang, - querySet: querySet, - } - - staticDetectors := []struct { - constructor func(*tree.QuerySet) (detectortypes.Detector, error) - name string - }{ - { - constructor: object.New, - name: "object detector", - }, - { - constructor: stringdetector.New, - name: "string detector", - }, - { - constructor: insecureurl.New, - name: "insecure url detector", - }, - { - constructor: stringliteral.New, - name: "string literal detector", - }, - } - - // instantiate custom java detectors - javaRules := map[string]*settings.Rule{} - for ruleName, rule := range rules { - if !slices.Contains(rule.Languages, "java") { - continue - } - javaRules[ruleName] = rule - } - - composition.rules = javaRules - - detectorsLen := len(javaRules) + len(staticDetectors) - receiver := make(chan types.DetectorInitResult, detectorsLen) - - var detectors []detectortypes.Detector - - for _, detectorCreator := range staticDetectors { - creator := detectorCreator - - go func() { - detector, err := creator.constructor(querySet) - receiver <- types.DetectorInitResult{ - Error: err, - Detector: detector, - DetectorName: creator.name, - } - }() - } - - detector, err := datatype.New(reporttypes.DetectorJava, lang, classifier.Schema) - if err != nil { - composition.Close() - return nil, fmt.Errorf("failed to create datatype detector: %s", err) - } - detectors = append(detectors, detector) - composition.closers = append(composition.closers, detector.Close) - - presenceRules := map[string]bool{} - for _, rule := range javaRules { - if rule.Trigger.RequiredDetection != nil { - presenceRules[*rule.Trigger.RequiredDetection] = true - } - } - - for ruleName, rule := range javaRules { - patterns := rule.Patterns - localRuleName := ruleName - - if rule.Type == customdetectors.TypeShared { - composition.sharedDetectorTypes = append(composition.sharedDetectorTypes, ruleName) - } else { - if !rule.IsAuxilary || presenceRules[ruleName] { - composition.customDetectorTypes = append(composition.customDetectorTypes, ruleName) - } - } - - go func() { - customDetector, err := custom.New( - lang, - querySet, - localRuleName, - patterns, - javaRules, - ) - - receiver <- types.DetectorInitResult{ - Error: err, - Detector: customDetector, - DetectorName: "customDetector: " + localRuleName, - } - }() - } - - for i := 0; i < detectorsLen; i++ { - response := <-receiver - if response.Error != nil { - composition.Close() - return nil, fmt.Errorf("failed to create detector %s: %s", response.DetectorName, response.Error) - } - detectors = append(detectors, response.Detector) - composition.closers = append(composition.closers, response.Detector.Close) - } - - detectorSet, err := detectorset.New(detectors) - if err != nil { - composition.Close() - return nil, fmt.Errorf("failed to create detector set: %s", err) - } - composition.detectorSet = detectorSet - - return composition, querySet.Compile() -} - -func (composition *Composition) Close() { - for _, closeFunc := range composition.closers { - closeFunc() - } - - composition.querySet.Close() -} - -func (composition *Composition) DetectFromFile( - ctx context.Context, - fileStats *stats.FileStats, - file *file.FileInfo, -) ([]*detection.Detection, error) { - return composition.DetectFromFileWithTypes( - ctx, - fileStats, - file, - composition.customDetectorTypes, - composition.sharedDetectorTypes, - ) -} - -func (composition *Composition) DetectFromFileWithTypes( - ctx context.Context, - fileStats *stats.FileStats, - file *file.FileInfo, - detectorTypes, sharedDetectorTypes []string, -) ([]*detection.Detection, error) { - if file.Language != "Java" { - return nil, nil - } - - fileContent, err := os.ReadFile(file.AbsolutePath) - if err != nil { - return nil, fmt.Errorf("failed to read file %s", err) - } - - tree, err := composition.lang.Parse(ctx, string(fileContent)) - if err != nil { - return nil, fmt.Errorf("failed to parse file %s", err) - } - - evaluator := evaluator.New( - ctx, - composition.langImplementation, - composition.lang, - composition.detectorSet, - tree, - file.FileInfo.Name(), - fileStats, - ) - - sharedCache := cachepkg.NewShared(sharedDetectorTypes) - - var result []*detection.Detection - for _, detectorType := range detectorTypes { - cache := cachepkg.NewCache(sharedCache) - rule := composition.rules[detectorType] - sanitizerRuleID := "" - if rule != nil { - sanitizerRuleID = rule.SanitizerRuleID - } - detections, err := evaluator.Evaluate( - tree.RootNode(), - detectorType, - sanitizerRuleID, - cache, - settings.DefaultScope, - false, - ) - if err != nil { - return nil, err - } - - result = append(result, detections...) - } - - return result, nil -} diff --git a/new/detector/composition/java/testdata/scope/scope.java b/new/detector/composition/java/testdata/scope/scope.java deleted file mode 100644 index 63af410e7..000000000 --- a/new/detector/composition/java/testdata/scope/scope.java +++ /dev/null @@ -1,11 +0,0 @@ -scopeCursor(request.getParameter("oops")) -scopeCursor(x ? request.getParameter("ok") : y) -scopeCursor(request.getParameter("ok") ? x : y) - -scopeNested(request.getParameter("oops")) -scopeNested(x ? request.getParameter("oops") : y) -scopeNested(request.getParameter("oops") ? x : y) - -scopeResult(request.getParameter("oops")) -scopeResult(x ? request.getParameter("oops") : y) -scopeResult(request.getParameter("ok") ? x : y) diff --git a/new/detector/composition/javascript/javascript.go b/new/detector/composition/javascript/javascript.go deleted file mode 100644 index 2064676e9..000000000 --- a/new/detector/composition/javascript/javascript.go +++ /dev/null @@ -1,258 +0,0 @@ -package javascript - -import ( - "context" - "fmt" - "os" - - "golang.org/x/exp/slices" - - "github.com/bearer/bearer/pkg/classification" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/customdetectors" - "github.com/bearer/bearer/pkg/util/file" - - "github.com/bearer/bearer/new/detector/composition/types" - "github.com/bearer/bearer/new/detector/detection" - "github.com/bearer/bearer/new/detector/evaluator" - cachepkg "github.com/bearer/bearer/new/detector/evaluator/cache" - "github.com/bearer/bearer/new/detector/evaluator/stats" - "github.com/bearer/bearer/new/detector/implementation/custom" - "github.com/bearer/bearer/new/detector/implementation/generic/datatype" - "github.com/bearer/bearer/new/detector/implementation/generic/insecureurl" - "github.com/bearer/bearer/new/detector/implementation/generic/stringliteral" - "github.com/bearer/bearer/new/detector/implementation/javascript/object" - "github.com/bearer/bearer/new/language" - - stringdetector "github.com/bearer/bearer/new/detector/implementation/javascript/string" - detectorset "github.com/bearer/bearer/new/detector/set" - detectortypes "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/implementation" - "github.com/bearer/bearer/new/language/implementation/javascript" - "github.com/bearer/bearer/new/language/tree" - languagetypes "github.com/bearer/bearer/new/language/types" - reporttypes "github.com/bearer/bearer/pkg/report/detectors" -) - -type Composition struct { - customDetectorTypes []string - sharedDetectorTypes []string - detectorSet detectortypes.DetectorSet - langImplementation implementation.Implementation - lang languagetypes.Language - querySet *tree.QuerySet - closers []func() - rules map[string]*settings.Rule -} - -func New( - rules map[string]*settings.Rule, - classifier *classification.Classifier, -) (detectortypes.Composition, error) { - lang, err := language.Get("javascript") - if err != nil { - return nil, fmt.Errorf("failed to lookup language: %s", err) - } - - querySet := lang.NewQuerySet() - - composition := &Composition{ - langImplementation: javascript.Get(), - lang: lang, - querySet: querySet, - } - - staticDetectors := []struct { - constructor func(*tree.QuerySet) (detectortypes.Detector, error) - name string - }{ - { - constructor: object.New, - name: "object detector", - }, - { - constructor: stringdetector.New, - name: "string detector", - }, - { - constructor: insecureurl.New, - name: "insecure url detector", - }, - { - constructor: stringliteral.New, - name: "string literal detector", - }, - } - - // instantiate custom javascript detectors - jsRules := map[string]*settings.Rule{} - for ruleName, rule := range rules { - if !slices.Contains(rule.Languages, "javascript") { - continue - } - jsRules[ruleName] = rule - } - - composition.rules = jsRules - - detectorsLen := len(jsRules) + len(staticDetectors) - receiver := make(chan types.DetectorInitResult, detectorsLen) - - var detectors []detectortypes.Detector - - for _, detectorCreator := range staticDetectors { - creator := detectorCreator - - go func() { - detector, err := creator.constructor(querySet) - receiver <- types.DetectorInitResult{ - Error: err, - Detector: detector, - DetectorName: creator.name, - } - }() - } - - detector, err := datatype.New(reporttypes.DetectorJavascript, lang, classifier.Schema) - if err != nil { - composition.Close() - return nil, fmt.Errorf("failed to create datatype detector: %s", err) - } - detectors = append(detectors, detector) - composition.closers = append(composition.closers, detector.Close) - - presenceRules := map[string]bool{} - for _, rule := range jsRules { - if rule.Trigger.RequiredDetection != nil { - presenceRules[*rule.Trigger.RequiredDetection] = true - } - } - - for ruleName, rule := range jsRules { - patterns := rule.Patterns - localRuleName := ruleName - - if rule.Type == customdetectors.TypeShared { - composition.sharedDetectorTypes = append(composition.sharedDetectorTypes, ruleName) - } else { - if !rule.IsAuxilary || presenceRules[ruleName] { - composition.customDetectorTypes = append(composition.customDetectorTypes, ruleName) - } - } - - go func() { - customDetector, err := custom.New( - lang, - querySet, - localRuleName, - patterns, - jsRules, - ) - - receiver <- types.DetectorInitResult{ - Error: err, - Detector: customDetector, - DetectorName: "customDetector: " + localRuleName, - } - }() - } - - for i := 0; i < detectorsLen; i++ { - response := <-receiver - if response.Error != nil { - composition.Close() - return nil, fmt.Errorf("failed to create detector %s: %s", response.DetectorName, response.Error) - } - detectors = append(detectors, response.Detector) - composition.closers = append(composition.closers, response.Detector.Close) - } - - detectorSet, err := detectorset.New(detectors) - if err != nil { - composition.Close() - return nil, fmt.Errorf("failed to create detector set: %s", err) - } - composition.detectorSet = detectorSet - - return composition, querySet.Compile() -} - -func (composition *Composition) Close() { - for _, closeFunc := range composition.closers { - closeFunc() - } - - composition.querySet.Close() -} - -func (composition *Composition) DetectFromFile( - ctx context.Context, - fileStats *stats.FileStats, - file *file.FileInfo, -) ([]*detection.Detection, error) { - return composition.DetectFromFileWithTypes( - ctx, - fileStats, - file, - composition.customDetectorTypes, - composition.sharedDetectorTypes, - ) -} - -func (composition *Composition) DetectFromFileWithTypes( - ctx context.Context, - fileStats *stats.FileStats, - file *file.FileInfo, - detectorTypes, sharedDetectorTypes []string, -) ([]*detection.Detection, error) { - if file.Language != "JavaScript" && file.Language != "TypeScript" && file.Language != "TSX" { - return nil, nil - } - - fileContent, err := os.ReadFile(file.AbsolutePath) - if err != nil { - return nil, fmt.Errorf("failed to read file %s", err) - } - - tree, err := composition.lang.Parse(ctx, string(fileContent)) - if err != nil { - return nil, fmt.Errorf("failed to parse file %s", err) - } - - evaluator := evaluator.New( - ctx, - composition.langImplementation, - composition.lang, - composition.detectorSet, - tree, - file.FileInfo.Name(), - fileStats, - ) - - sharedCache := cachepkg.NewShared(sharedDetectorTypes) - - var result []*detection.Detection - for _, detectorType := range detectorTypes { - cache := cachepkg.NewCache(sharedCache) - rule := composition.rules[detectorType] - sanitizerRuleID := "" - if rule != nil { - sanitizerRuleID = rule.SanitizerRuleID - } - detections, err := evaluator.Evaluate( - tree.RootNode(), - detectorType, - sanitizerRuleID, - cache, - settings.DefaultScope, - false, - ) - if err != nil { - return nil, err - } - - result = append(result, detections...) - } - - return result, nil -} diff --git a/new/detector/composition/ruby/ruby.go b/new/detector/composition/ruby/ruby.go deleted file mode 100644 index cf8749c58..000000000 --- a/new/detector/composition/ruby/ruby.go +++ /dev/null @@ -1,257 +0,0 @@ -package ruby - -import ( - "context" - "fmt" - "os" - - "golang.org/x/exp/slices" - - "github.com/bearer/bearer/new/detector/composition/types" - "github.com/bearer/bearer/new/detector/detection" - "github.com/bearer/bearer/new/detector/evaluator" - cachepkg "github.com/bearer/bearer/new/detector/evaluator/cache" - "github.com/bearer/bearer/new/detector/evaluator/stats" - "github.com/bearer/bearer/new/detector/implementation/custom" - "github.com/bearer/bearer/new/detector/implementation/generic/datatype" - "github.com/bearer/bearer/new/detector/implementation/generic/insecureurl" - "github.com/bearer/bearer/new/detector/implementation/generic/stringliteral" - "github.com/bearer/bearer/new/detector/implementation/ruby/object" - "github.com/bearer/bearer/new/language" - - "github.com/bearer/bearer/pkg/classification" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report/customdetectors" - "github.com/bearer/bearer/pkg/util/file" - - stringdetector "github.com/bearer/bearer/new/detector/implementation/ruby/string" - detectorset "github.com/bearer/bearer/new/detector/set" - detectortypes "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/implementation" - "github.com/bearer/bearer/new/language/implementation/ruby" - "github.com/bearer/bearer/new/language/tree" - languagetypes "github.com/bearer/bearer/new/language/types" - reporttypes "github.com/bearer/bearer/pkg/report/detectors" -) - -type Composition struct { - customDetectorTypes []string - sharedDetectorTypes []string - detectorSet detectortypes.DetectorSet - langImplementation implementation.Implementation - lang languagetypes.Language - querySet *tree.QuerySet - closers []func() - rules map[string]*settings.Rule -} - -func New( - rules map[string]*settings.Rule, - classifier *classification.Classifier, -) (detectortypes.Composition, error) { - lang, err := language.Get("ruby") - if err != nil { - return nil, fmt.Errorf("failed to lookup language: %s", err) - } - - querySet := lang.NewQuerySet() - - composition := &Composition{ - langImplementation: ruby.Get(), - lang: lang, - querySet: querySet, - } - - staticDetectors := []struct { - constructor func(*tree.QuerySet) (detectortypes.Detector, error) - name string - }{ - { - constructor: object.New, - name: "object detector", - }, - { - constructor: stringdetector.New, - name: "string detector", - }, - { - constructor: insecureurl.New, - name: "insecure url detector", - }, - { - constructor: stringliteral.New, - name: "string literal detector", - }, - } - - // instantiate custom ruby detectors - rubyRules := map[string]*settings.Rule{} - for ruleName, rule := range rules { - if !slices.Contains(rule.Languages, "ruby") { - continue - } - rubyRules[ruleName] = rule - } - - composition.rules = rubyRules - - detectorsLen := len(rubyRules) + len(staticDetectors) - receiver := make(chan types.DetectorInitResult, detectorsLen) - - var detectors []detectortypes.Detector - - for _, detectorCreator := range staticDetectors { - creator := detectorCreator - go func() { - detector, err := creator.constructor(querySet) - receiver <- types.DetectorInitResult{ - Error: err, - Detector: detector, - DetectorName: creator.name, - } - }() - } - - detector, err := datatype.New(reporttypes.DetectorRuby, lang, classifier.Schema) - if err != nil { - composition.Close() - return nil, fmt.Errorf("failed to create datatype detector: %s", err) - } - detectors = append(detectors, detector) - composition.closers = append(composition.closers, detector.Close) - - presenceRules := map[string]bool{} - for _, rule := range rubyRules { - if rule.Trigger.RequiredDetection != nil { - presenceRules[*rule.Trigger.RequiredDetection] = true - } - } - - for ruleName, rule := range rubyRules { - patterns := rule.Patterns - localRuleName := ruleName - - if rule.Type == customdetectors.TypeShared { - composition.sharedDetectorTypes = append(composition.sharedDetectorTypes, ruleName) - } else { - if !rule.IsAuxilary || presenceRules[ruleName] { - composition.customDetectorTypes = append(composition.customDetectorTypes, ruleName) - } - } - - go func() { - customDetector, err := custom.New( - lang, - querySet, - localRuleName, - patterns, - rubyRules, - ) - - receiver <- types.DetectorInitResult{ - Error: err, - Detector: customDetector, - DetectorName: "customDetector:" + localRuleName, - } - }() - } - - for i := 0; i < detectorsLen; i++ { - response := <-receiver - if response.Error != nil { - composition.Close() - return nil, fmt.Errorf("failed to create detector %s: %s", response.DetectorName, response.Error) - } - detectors = append(detectors, response.Detector) - composition.closers = append(composition.closers, response.Detector.Close) - } - - detectorSet, err := detectorset.New(detectors) - if err != nil { - composition.Close() - return nil, fmt.Errorf("failed to create detector set: %s", err) - } - composition.detectorSet = detectorSet - - return composition, querySet.Compile() -} - -func (composition *Composition) Close() { - for _, closeFunc := range composition.closers { - closeFunc() - } - - composition.querySet.Close() -} - -func (composition *Composition) DetectFromFile( - ctx context.Context, - fileStats *stats.FileStats, - file *file.FileInfo, -) ([]*detection.Detection, error) { - return composition.DetectFromFileWithTypes( - ctx, - fileStats, - file, - composition.customDetectorTypes, - composition.sharedDetectorTypes, - ) -} - -func (composition *Composition) DetectFromFileWithTypes( - ctx context.Context, - fileStats *stats.FileStats, - file *file.FileInfo, - detectorTypes, sharedDetectorTypes []string, -) ([]*detection.Detection, error) { - if file.Language != "Ruby" { - return nil, nil - } - - fileContent, err := os.ReadFile(file.AbsolutePath) - if err != nil { - return nil, fmt.Errorf("failed to read file %s", err) - } - - tree, err := composition.lang.Parse(ctx, string(fileContent)) - if err != nil { - return nil, fmt.Errorf("failed to parse file %s", err) - } - - evaluator := evaluator.New( - ctx, - composition.langImplementation, - composition.lang, - composition.detectorSet, - tree, - file.FileInfo.Name(), - fileStats, - ) - - sharedCache := cachepkg.NewShared(sharedDetectorTypes) - - var result []*detection.Detection - for _, detectorType := range detectorTypes { - cache := cachepkg.NewCache(sharedCache) - rule := composition.rules[detectorType] - sanitizerRuleID := "" - if rule != nil { - sanitizerRuleID = rule.SanitizerRuleID - } - detections, err := evaluator.Evaluate( - tree.RootNode(), - detectorType, - sanitizerRuleID, - cache, - settings.DefaultScope, - false, - ) - if err != nil { - return nil, err - } - - result = append(result, detections...) - } - - return result, nil -} diff --git a/new/detector/composition/types/types.go b/new/detector/composition/types/types.go deleted file mode 100644 index 09bdfd281..000000000 --- a/new/detector/composition/types/types.go +++ /dev/null @@ -1,12 +0,0 @@ -package types - -import ( - detectortypes "github.com/bearer/bearer/new/detector/types" -) - -type DetectorInitResult struct { - Error error - Detector detectortypes.Detector - DetectorName string - Order int -} diff --git a/new/detector/detection/detection.go b/new/detector/detection/detection.go deleted file mode 100644 index e73e790e8..000000000 --- a/new/detector/detection/detection.go +++ /dev/null @@ -1,9 +0,0 @@ -package detection - -import "github.com/bearer/bearer/new/language/tree" - -type Detection struct { - DetectorType string - MatchNode *tree.Node - Data interface{} -} diff --git a/new/detector/evaluator/cache/cache.go b/new/detector/evaluator/cache/cache.go deleted file mode 100644 index e7b1c3880..000000000 --- a/new/detector/evaluator/cache/cache.go +++ /dev/null @@ -1,94 +0,0 @@ -package cache - -import ( - "github.com/bearer/bearer/new/detector/detection" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/util/set" -) - -const ( - maxCacheSize = 10_000 - evictionSize = 1000 -) - -type Key struct { - rootNodeID tree.NodeID - ruleID string - scope settings.RuleReferenceScope - followFlow bool -} - -func NewKey( - rootNode *tree.Node, - ruleID string, - scope settings.RuleReferenceScope, - followFlow bool, -) Key { - return Key{ - rootNodeID: rootNode.ID(), - ruleID: ruleID, - scope: scope, - followFlow: followFlow, - } -} - -type cacheMap map[Key][]*detection.Detection - -type Shared struct { - ruleIDs set.Set[string] - data cacheMap -} - -func NewShared(ruleIDs []string) *Shared { - idSet := set.New[string]() - idSet.AddAll(ruleIDs) - - return &Shared{ - ruleIDs: idSet, - data: make(cacheMap), - } -} - -type Cache struct { - shared *Shared - data cacheMap -} - -func NewCache(sharedCache *Shared) *Cache { - return &Cache{ - shared: sharedCache, - data: make(cacheMap), - } -} - -func (cache *Cache) Get(key Key) ([]*detection.Detection, bool) { - detections, cached := cache.dataFor(key)[key] - return detections, cached -} - -func (cache *Cache) Put(key Key, detections []*detection.Detection) { - data := cache.dataFor(key) - - if len(data) > maxCacheSize { - i := 0 - for evictedKey := range data { - if i == evictionSize { - break - } - - delete(data, evictedKey) - i++ - } - } - - data[key] = detections -} - -func (cache *Cache) dataFor(key Key) cacheMap { - if cache.shared.ruleIDs.Has(key.ruleID) { - return cache.shared.data - } - - return cache.data -} diff --git a/new/detector/evaluator/evaluator.go b/new/detector/evaluator/evaluator.go deleted file mode 100644 index df67c7b69..000000000 --- a/new/detector/evaluator/evaluator.go +++ /dev/null @@ -1,366 +0,0 @@ -package evaluator - -import ( - "context" - "fmt" - "strings" - "time" - - "github.com/bearer/bearer/new/detector/detection" - cachepkg "github.com/bearer/bearer/new/detector/evaluator/cache" - "github.com/bearer/bearer/new/detector/evaluator/stats" - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/implementation" - "github.com/bearer/bearer/new/language/tree" - langtree "github.com/bearer/bearer/new/language/tree" - languagetypes "github.com/bearer/bearer/new/language/types" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/rs/zerolog/log" - "golang.org/x/exp/slices" -) - -type Evaluator struct { - ctx context.Context - langImplementation implementation.Implementation - lang languagetypes.Language - detectorSet types.DetectorSet - fileStats *stats.FileStats - executingDetectors map[langtree.NodeID][]string - fileName string - rulesDisabledForNodes map[string][]*langtree.Node -} - -func New( - ctx context.Context, - langImplementation implementation.Implementation, - lang languagetypes.Language, - detectorSet types.DetectorSet, - tree *langtree.Tree, - fileName string, - fileStats *stats.FileStats, -) *Evaluator { - return &Evaluator{ - ctx: ctx, - langImplementation: langImplementation, - lang: lang, - fileName: fileName, - detectorSet: detectorSet, - fileStats: fileStats, - executingDetectors: make(map[langtree.NodeID][]string), - rulesDisabledForNodes: mapNodesToDisabledRules(tree.RootNode()), - } -} - -func (evaluator *Evaluator) Evaluate( - rootNode *langtree.Node, - detectorType, sanitizerDetectorType string, - cache *cachepkg.Cache, - scope settings.RuleReferenceScope, - followFlow bool, -) ([]*detection.Detection, error) { - if rootNode == nil { - return nil, nil - } - - startTime := time.Now() - - if log.Trace().Enabled() { - log.Trace().Msgf("evaluate start: %s at %s", detectorType, rootNode.Debug(true)) - } - - key := cachepkg.NewKey(rootNode, detectorType, scope, followFlow) - - if detections, cached := cache.Get(key); cached { - evaluator.fileStats.Rule(detectorType, startTime) - - if log.Trace().Enabled() { - log.Trace().Msgf( - "evaluate end: %s at %s: %d detections (cached)", - detectorType, - rootNode.Debug(false), - len(detections), - ) - } - - return detections, nil - } - - nestedDetections, err := evaluator.detectorSet.NestedDetections(detectorType) - if err != nil { - return nil, err - } - - var result []*detection.Detection - var nestedMode bool - - if err := rootNode.Walk(func(node *langtree.Node, visitChildren func() error) error { - if evaluator.ctx.Err() != nil { - return evaluator.ctx.Err() - } - - if scope == settings.RESULT_SCOPE && !evaluator.langImplementation.ContributesToResult(node) { - return nil - } - - if nestedMode && !evaluator.langImplementation.PassthroughNested(node) { - return nil - } - - detections, sanitized, err := evaluator.sanitizedNodeDetections(node, detectorType, sanitizerDetectorType, cache, scope) - if sanitized || err != nil { - return err - } - - if followFlow { - for _, unifiedNode := range node.UnifiedNodes() { - unifiedNodeDetections, err := evaluator.Evaluate(unifiedNode, detectorType, sanitizerDetectorType, cache, scope, true) - if err != nil { - return err - } - - detections = append(detections, unifiedNodeDetections...) - } - } - - result = append(result, detections...) - - if scope != settings.CURSOR_SCOPE && !evaluator.langImplementation.IsMatchLeaf(node) { - parentNestedMode := nestedMode - - if len(detections) != 0 && nestedDetections { - nestedMode = true - } - - err = visitChildren() - nestedMode = parentNestedMode - } - - return err - }); err != nil { - return nil, err - } - - cache.Put(key, result) - - evaluator.fileStats.Rule(detectorType, startTime) - - if log.Trace().Enabled() { - log.Trace().Msgf( - "evaluate end: %s at %s: %d detections", - detectorType, - rootNode.Debug(false), - len(result), - ) - } - - return result, nil -} - -func (evaluator *Evaluator) ruleDisabledForNode(ruleId string, node *langtree.Node) bool { - nodesToIgnore := evaluator.rulesDisabledForNodes[ruleId] - if nodesToIgnore == nil { - return false - } - - // check node - for _, ignoredNode := range nodesToIgnore { - if ignoredNode.Equal(node) { - return true - } - } - - // check node ancestors - parent := node.Parent() - for parent != nil { - for _, ignoredNode := range nodesToIgnore { - if ignoredNode.Equal(parent) { - return true - } - } - - parent = parent.Parent() - } - - return false -} - -func mapNodesToDisabledRules(rootNode *langtree.Node) map[string][]*langtree.Node { - res := make(map[string][]*langtree.Node) - var disabledRules []string - err := rootNode.Walk(func(node *langtree.Node, visitChildren func() error) error { - if node.Type() == "comment" { - // reset rules skipped array - disabledRules = []string{} - - nodeContent := node.Content() - if strings.Contains(nodeContent, "bearer:disable") { - ruleIdsStr := strings.Split(nodeContent, "bearer:disable")[1] - - for _, ruleId := range strings.Split(ruleIdsStr, ",") { - disabledRules = append(disabledRules, strings.TrimSpace(ruleId)) - } - } - - return visitChildren() - } - - // add rules skipped and node to result map - for _, ruleId := range disabledRules { - res[ruleId] = append(res[ruleId], node) - } - - // reset rules skipped array - disabledRules = []string{} - return visitChildren() - }) - - // walk itself shouldn't trigger an error, and we aren't creating any - if err != nil { - panic(err) - } - - return res -} - -func (evaluator *Evaluator) sanitizedNodeDetections( - node *langtree.Node, - detectorType, sanitizerDetectorType string, - cache *cachepkg.Cache, - scope settings.RuleReferenceScope, -) ([]*detection.Detection, bool, error) { - if sanitizerDetectorType != "" { - sanitizerDetections, err := evaluator.detectAtNode(node, sanitizerDetectorType, cache, settings.DefaultScope) - if len(sanitizerDetections) != 0 || err != nil { - return nil, true, err - } - } - - detections, err := evaluator.detectAtNode(node, detectorType, cache, scope) - return detections, false, err -} - -func (evaluator *Evaluator) detectAtNode( - node *langtree.Node, - detectorType string, - cache *cachepkg.Cache, - scope settings.RuleReferenceScope, -) ([]*detection.Detection, error) { - if log.Trace().Enabled() { - log.Trace().Msgf("detect at node start: %s at %s", detectorType, node.Debug(true)) - } - - key := cachepkg.NewKey(node, detectorType, settings.CURSOR_SCOPE, false) - - if detections, cached := cache.Get(key); cached { - if log.Trace().Enabled() { - log.Trace().Msgf( - "detect at node end: %s at %s: %d detections (cached)", - detectorType, - node.Debug(false), - len(detections), - ) - } - - return detections, nil - } - - if evaluator.ruleDisabledForNode(detectorType, node) { - if log.Trace().Enabled() { - log.Trace().Msgf( - "detect at node end: %s at %s: rule disabled", - detectorType, - node.Debug(false), - ) - } - - cache.Put(key, nil) - return nil, nil - } - - var detections []*detection.Detection - if err := evaluator.withCycleProtection(node, detectorType, func() (err error) { - state := evaluationState{ - cache: cache, - scope: scope, - evaluator: evaluator, - } - detections, err = evaluator.detectorSet.DetectAt(node, detectorType, state) - cache.Put(key, detections) - return - }); err != nil { - return nil, err - } - - if log.Trace().Enabled() { - log.Trace().Msgf( - "detect at node end: %s at %s: %d detections", - detectorType, - node.Debug(false), - len(detections), - ) - } - - return detections, nil -} - -func (evaluator *Evaluator) withCycleProtection(node *langtree.Node, detectorType string, body func() error) error { - nodeID := node.ID() - - executingDetectors := evaluator.executingDetectors[nodeID] - if slices.Contains(evaluator.executingDetectors[nodeID], detectorType) { - return fmt.Errorf( - "cycle found in detector usage: [%s > %s]\nnode type: %s, content:\n%s", - strings.Join(executingDetectors, " > "), - detectorType, - node.Type(), - node.Content(), - ) - } - - evaluator.executingDetectors[nodeID] = append(evaluator.executingDetectors[nodeID], detectorType) - - if err := body(); err != nil { - return err - } - - if len(evaluator.executingDetectors[nodeID]) == 1 { - delete(evaluator.executingDetectors, nodeID) - } else { - executingDetectors := evaluator.executingDetectors[nodeID] - evaluator.executingDetectors[nodeID] = executingDetectors[:len(executingDetectors)-1] - } - - return nil -} - -type evaluationState struct { - cache *cachepkg.Cache - scope settings.RuleReferenceScope - evaluator *Evaluator -} - -func (state evaluationState) Evaluate( - rootNode *tree.Node, - detectorType, - sanitizerDetectorType string, - scope settings.RuleReferenceScope, - followFlow bool, -) ([]*detection.Detection, error) { - effectiveScope := scope - if effectiveScope == settings.NESTED_SCOPE && state.scope == settings.RESULT_SCOPE { - effectiveScope = settings.RESULT_SCOPE - } - - return state.evaluator.Evaluate( - rootNode, - detectorType, - sanitizerDetectorType, - state.cache, - effectiveScope, - followFlow, - ) -} - -func (state evaluationState) FileName() string { - return state.evaluator.fileName -} diff --git a/new/detector/implementation/custom/custom.go b/new/detector/implementation/custom/custom.go deleted file mode 100644 index 57e629dda..000000000 --- a/new/detector/implementation/custom/custom.go +++ /dev/null @@ -1,175 +0,0 @@ -package custom - -import ( - "fmt" - - "github.com/bearer/bearer/new/detector/detection" - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" - languagetypes "github.com/bearer/bearer/new/language/types" - "github.com/bearer/bearer/pkg/commands/process/settings" - "golang.org/x/exp/slices" -) - -type Data struct { - Pattern string - Datatypes []*detection.Detection - VariableNodes map[string]*tree.Node -} - -type Pattern struct { - Pattern string - Query languagetypes.PatternQuery - Filters []settings.PatternFilter -} - -type customDetector struct { - types.DetectorBase - detectorType string - patterns []Pattern - rules map[string]*settings.Rule -} - -func New( - lang languagetypes.Language, - querySet *tree.QuerySet, - detectorType string, - patterns []settings.RulePattern, - rules map[string]*settings.Rule, -) (types.Detector, error) { - var compiledPatterns []Pattern - for _, pattern := range patterns { - patternQuery, err := lang.CompilePatternQuery(querySet, pattern.Pattern, pattern.Focus) - if err != nil { - return nil, fmt.Errorf("error compiling pattern: %s", err) - } - - sortFilters(pattern.Filters) - - compiledPatterns = append(compiledPatterns, Pattern{ - Pattern: pattern.Pattern, - Query: patternQuery, - Filters: pattern.Filters, - }) - - // TODO: validate filters against pattern - } - - return &customDetector{ - detectorType: detectorType, - patterns: compiledPatterns, - rules: rules, - }, nil -} - -func (detector *customDetector) Name() string { - return detector.detectorType -} - -func (detector *customDetector) DetectAt( - node *tree.Node, - evaluationState types.EvaluationState, -) ([]interface{}, error) { - var detectionsData []interface{} - - for _, pattern := range detector.patterns { - results, err := pattern.Query.MatchAt(node) - if err != nil { - return nil, err - } - - for _, result := range results { - filtersMatch, datatypeDetections, variableNodes, err := matchAllFilters( - evaluationState, - result.Variables, - pattern.Filters, - detector.rules, - ) - if err != nil { - return nil, err - } - - if !filtersMatch { - continue - } - - detectionsData = append(detectionsData, Data{ - Pattern: pattern.Pattern, - Datatypes: datatypeDetections, - VariableNodes: variableNodes, - }) - } - } - - return detectionsData, nil -} - -func (detector *customDetector) Close() { -} - -func sortFilters(filters []settings.PatternFilter) { - slices.SortFunc(filters, func(a, b settings.PatternFilter) bool { - return scoreFilter(a) < scoreFilter(b) - }) - - for i := range filters { - sortFilter(&filters[i]) - } -} - -func sortFilter(filter *settings.PatternFilter) { - switch { - case len(filter.Either) != 0: - sortFilters(filter.Either) - case filter.Not != nil: - sortFilter(filter.Not) - } -} - -func scoreFilter(filter settings.PatternFilter) int { - if filter.Regex != nil || - len(filter.Values) != 0 || - filter.LengthLessThan != nil || - filter.LessThan != nil || - filter.LessThanOrEqual != nil || - filter.GreaterThan != nil || - filter.GreaterThanOrEqual != nil || - filter.FilenameRegex != nil { - return 1 - } - - if filter.Detection == "datatype" { - return 5 - } - - if filter.StringRegex != nil || - filter.Detection != "" && filter.Scope == settings.CURSOR_SCOPE { - return 2 - } - - if filter.Detection != "" && filter.Scope == settings.RESULT_SCOPE { - return 3 - } - - if filter.Detection != "" && filter.Scope == settings.NESTED_SCOPE { - return 4 - } - - if filter.Not != nil { - return scoreFilter(*filter.Not) - } - - if len(filter.Either) != 0 { - max := 0 - - for _, subFilter := range filter.Either { - if subScore := scoreFilter(subFilter); subScore > max { - max = subScore - } - } - - return max - } - - panic(fmt.Sprintf("unknown filter %#v", filter)) -} diff --git a/new/detector/implementation/custom/filter.go b/new/detector/implementation/custom/filter.go deleted file mode 100644 index 4ea7f9e17..000000000 --- a/new/detector/implementation/custom/filter.go +++ /dev/null @@ -1,304 +0,0 @@ -package custom - -import ( - "strconv" - - "golang.org/x/exp/slices" - - "github.com/bearer/bearer/new/detector/detection" - "github.com/bearer/bearer/new/detector/implementation/generic" - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/rs/zerolog/log" -) - -func matchFilter( - evaluationState types.EvaluationState, - variables map[string]*tree.Node, - joinedVariables map[string]*tree.Node, - filter settings.PatternFilter, - rules map[string]*settings.Rule, -) (*bool, []*detection.Detection, error) { - if filter.Not != nil { - match, _, err := matchFilter(evaluationState, variables, joinedVariables, *filter.Not, rules) - if match == nil { - return nil, nil, err - } - return boolPointer(!*match), nil, err - } - - if len(filter.Either) != 0 { - return matchEitherFilters(evaluationState, variables, joinedVariables, filter.Either, rules) - } - - if filter.FilenameRegex != nil { - return boolPointer(filter.FilenameRegex.MatchString(evaluationState.FileName())), nil, nil - } - - node, ok := variables[filter.Variable] - // shouldn't happen if filters are validated against pattern - if !ok { - return nil, nil, nil - } - - if filter.Detection != "" { - return matchDetectionFilter( - evaluationState, - variables, - joinedVariables, - node, - filter, - rules, - ) - } - - matched, err := matchContentFilter(evaluationState, filter, node) - return matched, nil, err -} - -func matchAllFilters( - evaluationState types.EvaluationState, - variables map[string]*tree.Node, - filters []settings.PatternFilter, - rules map[string]*settings.Rule, -) (bool, []*detection.Detection, map[string]*tree.Node, error) { - var datatypeDetections []*detection.Detection - - joinedVariables := make(map[string]*tree.Node) - for name, node := range variables { - joinedVariables[name] = node - } - - for _, filter := range filters { - matched, subDataTypeDetections, err := matchFilter(evaluationState, variables, joinedVariables, filter, rules) - if matched == nil || !*matched || err != nil { - return false, nil, nil, err - } - - datatypeDetections = append(datatypeDetections, subDataTypeDetections...) - } - - return true, datatypeDetections, joinedVariables, nil -} - -func matchEitherFilters( - evaluationState types.EvaluationState, - variables map[string]*tree.Node, - joinedVariables map[string]*tree.Node, - filters []settings.PatternFilter, - rules map[string]*settings.Rule, -) (*bool, []*detection.Detection, error) { - var datatypeDetections []*detection.Detection - oneMatched := false - oneNotMatched := false - - for _, subFilter := range filters { - subMatch, subDatatypeDetections, err := matchFilter(evaluationState, variables, joinedVariables, subFilter, rules) - if err != nil { - return nil, nil, err - } - - datatypeDetections = append(datatypeDetections, subDatatypeDetections...) - oneMatched = oneMatched || (subMatch != nil && *subMatch) - oneNotMatched = oneNotMatched || (subMatch != nil && !*subMatch) - } - - if oneMatched { - return boolPointer(true), datatypeDetections, nil - } - - if oneNotMatched { - return boolPointer(false), nil, nil - } - - return nil, nil, nil -} - -func matchDetectionFilter( - evaluationState types.EvaluationState, - variables map[string]*tree.Node, - joinedVariables map[string]*tree.Node, - node *tree.Node, - filter settings.PatternFilter, - rules map[string]*settings.Rule, -) (*bool, []*detection.Detection, error) { - ruleID := filter.Detection - sanitizerRuleID := "" - if rule, ok := rules[ruleID]; ok { - sanitizerRuleID = rule.SanitizerRuleID - } - - if ruleID == "datatype" { - detections, err := evaluationState.Evaluate(node, "datatype", sanitizerRuleID, filter.Scope, true) - - return boolPointer(len(detections) != 0), detections, err - } - - detections, err := evaluationState.Evaluate(node, ruleID, sanitizerRuleID, filter.Scope, true) - - var datatypeDetections []*detection.Detection - ignoredVariables := getIgnoredVariables(detections) - foundDetection := false - - for _, detection := range detections { - data, ok := detection.Data.(Data) - if !ok { // Built-in detector - foundDetection = true - continue - } - - filtersMatch, _, _, err := matchAllFilters(evaluationState, data.VariableNodes, filter.Filters, rules) - if err != nil { - return nil, nil, err - } - if !filtersMatch { - continue - } - - variablesMatch := true - for name, node := range data.VariableNodes { - if existingNode, existing := joinedVariables[name]; existing { - if !existingNode.Equal(node) { - variablesMatch = false - break - } - } - } - - if !variablesMatch { - continue - } - - foundDetection = true - for name, node := range data.VariableNodes { - if _, ignored := ignoredVariables[name]; !ignored { - joinedVariables[name] = node - } - } - - datatypeDetections = append(datatypeDetections, data.Datatypes...) - } - - return boolPointer(foundDetection), datatypeDetections, err -} - -func matchContentFilter( - evaluationState types.EvaluationState, - filter settings.PatternFilter, - node *tree.Node, -) (*bool, error) { - content := node.Content() - - if len(filter.Values) != 0 { - return boolPointer(slices.Contains(filter.Values, content)), nil - } - - if filter.Regex != nil { - return boolPointer(filter.Regex.MatchString(content)), nil - } - - if filter.LengthLessThan != nil { - strValue, _, err := generic.GetStringValue(node, evaluationState) - if err != nil || strValue == "" { - return nil, err - } - - if len(strValue) >= *filter.LengthLessThan { - return boolPointer(false), nil - } - - return boolPointer(true), nil - } - - if filter.StringRegex != nil { - value, isLiteral, err := generic.GetStringValue(node, evaluationState) - if err != nil || (value == "" && !isLiteral) { - return nil, err - } - - return boolPointer(filter.StringRegex.MatchString(value)), nil - } - - if filter.LessThan != nil { - value, err := strconv.Atoi(content) - if err != nil { - return nil, nil - } - - if value >= *filter.LessThan { - return boolPointer(false), nil - } - - return boolPointer(true), nil - } - - if filter.LessThanOrEqual != nil { - value, err := strconv.Atoi(content) - if err != nil { - return nil, nil - } - - if value > *filter.LessThanOrEqual { - return boolPointer(false), nil - } - - return boolPointer(true), nil - } - - if filter.GreaterThan != nil { - value, err := strconv.Atoi(content) - if err != nil { - return nil, nil - } - - if value <= *filter.GreaterThan { - return boolPointer(false), nil - } - - return boolPointer(true), nil - } - - if filter.GreaterThanOrEqual != nil { - value, err := strconv.Atoi(content) - if err != nil { - return nil, nil - } - - if value < *filter.GreaterThanOrEqual { - return boolPointer(false), nil - } - - return boolPointer(true), nil - } - - log.Debug().Msgf("unknown filter: %#v", filter) - return nil, nil -} - -func boolPointer(value bool) *bool { - return &value -} - -func getIgnoredVariables(detections []*detection.Detection) map[string]struct{} { - ignoredVariables := make(map[string]struct{}) - seenNodes := make(map[string]*tree.Node) - - for _, detection := range detections { - data, ok := detection.Data.(Data) - if !ok { - continue - } - - for name, node := range data.VariableNodes { - seenNode := seenNodes[name] - if seenNode != nil && !seenNode.Equal(node) { - ignoredVariables[name] = struct{}{} - } - - seenNodes[name] = node - } - } - - return ignoredVariables -} diff --git a/new/detector/implementation/generic/.snapshots/TestDatatypeDetector-datatype b/new/detector/implementation/generic/.snapshots/TestDatatypeDetector-datatype deleted file mode 100644 index 8d9e500b2..000000000 --- a/new/detector/implementation/generic/.snapshots/TestDatatypeDetector-datatype +++ /dev/null @@ -1,276 +0,0 @@ -- position: "1:1" - content: |- - x = { - y: { - user: { first_name: "" } - }, - email: "" - } - data: - properties: - - name: x - node: {} - classification: - name: x - datatype: null - decision: - state: valid - reason: invalid_object_with_valid_properties - datatype: - detectortype: datatype - matchnode: {} - data: - properties: - - name: "y" - node: {} - classification: - name: "y" - datatype: null - decision: - state: invalid - reason: invalid_property - datatype: - detectortype: datatype - matchnode: {} - data: - properties: - - name: user - node: {} - classification: - name: user - datatype: null - decision: - state: valid - reason: valid_object_with_valid_properties - datatype: - detectortype: datatype - matchnode: {} - data: - properties: - - name: first_name - node: {} - classification: - name: first name - subject_name: User - datatype: - name: Firstname - uuid: 380c8cde-ca2e-44ed-82db-2ab1e7c255c7 - category_uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e - category: - name: Identification - uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e - groups: - 172d90e3-cb9a-46b6-90e5-dd7169c3af54: - name: PII - uuid: 172d90e3-cb9a-46b6-90e5-dd7169c3af54 - e1d3135b-3c0f-4b55-abce-19f27a26cbb3: - name: Personal Data - uuid: e1d3135b-3c0f-4b55-abce-19f27a26cbb3 - decision: - state: valid - reason: known_pattern - datatype: null - - name: "y" - node: {} - classification: - name: "y" - datatype: null - decision: - state: valid - reason: invalid_object_with_valid_properties - datatype: - detectortype: datatype - matchnode: {} - data: - properties: - - name: first_name - node: {} - classification: - name: first name - datatype: - name: Firstname - uuid: 380c8cde-ca2e-44ed-82db-2ab1e7c255c7 - category_uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e - category: - name: Identification - uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e - groups: - 172d90e3-cb9a-46b6-90e5-dd7169c3af54: - name: PII - uuid: 172d90e3-cb9a-46b6-90e5-dd7169c3af54 - e1d3135b-3c0f-4b55-abce-19f27a26cbb3: - name: Personal Data - uuid: e1d3135b-3c0f-4b55-abce-19f27a26cbb3 - decision: - state: valid - reason: valid_unknown_pattern - datatype: null - - name: email - node: {} - classification: - name: email - datatype: - name: Email Address - uuid: 22e24c62-82d3-4b72-827c-e261533331bd - category_uuid: cef587dd-76db-430b-9e18-7b031e1a193b - category: - name: Contact - uuid: cef587dd-76db-430b-9e18-7b031e1a193b - groups: - 172d90e3-cb9a-46b6-90e5-dd7169c3af54: - name: PII - uuid: 172d90e3-cb9a-46b6-90e5-dd7169c3af54 - e1d3135b-3c0f-4b55-abce-19f27a26cbb3: - name: Personal Data - uuid: e1d3135b-3c0f-4b55-abce-19f27a26cbb3 - decision: - state: valid - reason: valid_unknown_pattern - datatype: null -- position: "1:5" - content: |- - { - y: { - user: { first_name: "" } - }, - email: "" - } - data: - properties: - - name: "y" - node: {} - classification: - name: "y" - datatype: null - decision: - state: invalid - reason: belongs_to_invalid_object - datatype: - detectortype: datatype - matchnode: {} - data: - properties: - - name: user - node: {} - classification: - name: user - datatype: null - decision: - state: valid - reason: valid_object_with_valid_properties - datatype: - detectortype: datatype - matchnode: {} - data: - properties: - - name: first_name - node: {} - classification: - name: first name - subject_name: User - datatype: - name: Firstname - uuid: 380c8cde-ca2e-44ed-82db-2ab1e7c255c7 - category_uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e - category: - name: Identification - uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e - groups: - 172d90e3-cb9a-46b6-90e5-dd7169c3af54: - name: PII - uuid: 172d90e3-cb9a-46b6-90e5-dd7169c3af54 - e1d3135b-3c0f-4b55-abce-19f27a26cbb3: - name: Personal Data - uuid: e1d3135b-3c0f-4b55-abce-19f27a26cbb3 - decision: - state: valid - reason: known_pattern - datatype: null - - name: "y" - node: {} - classification: - name: "y" - datatype: null - decision: - state: valid - reason: invalid_object_with_valid_properties - datatype: - detectortype: datatype - matchnode: {} - data: - properties: - - name: first_name - node: {} - classification: - name: first name - datatype: - name: Firstname - uuid: 380c8cde-ca2e-44ed-82db-2ab1e7c255c7 - category_uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e - category: - name: Identification - uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e - groups: - 172d90e3-cb9a-46b6-90e5-dd7169c3af54: - name: PII - uuid: 172d90e3-cb9a-46b6-90e5-dd7169c3af54 - e1d3135b-3c0f-4b55-abce-19f27a26cbb3: - name: Personal Data - uuid: e1d3135b-3c0f-4b55-abce-19f27a26cbb3 - decision: - state: valid - reason: valid_unknown_pattern - datatype: null - - name: email - node: {} - classification: - name: email - datatype: null - decision: - state: invalid - reason: belongs_to_invalid_object - datatype: null -- position: "2:6" - content: |- - { - user: { first_name: "" } - } - data: - properties: - - name: user - node: {} - classification: - name: user - datatype: null - decision: - state: valid - reason: valid_object_with_valid_properties - datatype: - detectortype: datatype - matchnode: {} - data: - properties: - - name: first_name - node: {} - classification: - name: first name - subject_name: User - datatype: - name: Firstname - uuid: 380c8cde-ca2e-44ed-82db-2ab1e7c255c7 - category_uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e - category: - name: Identification - uuid: 14124881-6b92-4fc5-8005-ea7c1c09592e - groups: - 172d90e3-cb9a-46b6-90e5-dd7169c3af54: - name: PII - uuid: 172d90e3-cb9a-46b6-90e5-dd7169c3af54 - e1d3135b-3c0f-4b55-abce-19f27a26cbb3: - name: Personal Data - uuid: e1d3135b-3c0f-4b55-abce-19f27a26cbb3 - decision: - state: valid - reason: known_pattern - datatype: null - diff --git a/new/detector/implementation/generic/.snapshots/TestDatatypeDetectorInvalidDetection-datatype b/new/detector/implementation/generic/.snapshots/TestDatatypeDetectorInvalidDetection-datatype deleted file mode 100644 index 7dd438752..000000000 --- a/new/detector/implementation/generic/.snapshots/TestDatatypeDetectorInvalidDetection-datatype +++ /dev/null @@ -1,2 +0,0 @@ -[] - diff --git a/new/detector/implementation/generic/.snapshots/TestInsecureUrlDetector-insecure_url b/new/detector/implementation/generic/.snapshots/TestInsecureUrlDetector-insecure_url deleted file mode 100644 index 2522c6bf9..000000000 --- a/new/detector/implementation/generic/.snapshots/TestInsecureUrlDetector-insecure_url +++ /dev/null @@ -1,4 +0,0 @@ -- position: "2:1" - content: '"http://api.insecure.com"' - data: null - diff --git a/new/detector/implementation/generic/generic.go b/new/detector/implementation/generic/generic.go deleted file mode 100644 index 6188d8e35..000000000 --- a/new/detector/implementation/generic/generic.go +++ /dev/null @@ -1,181 +0,0 @@ -package generic - -import ( - "fmt" - - "github.com/bearer/bearer/new/detector/detection" - generictypes "github.com/bearer/bearer/new/detector/implementation/generic/types" - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/pkg/commands/process/settings" -) - -func GetNonVirtualObjects( - evaluationState types.EvaluationState, - node *tree.Node, -) ([]*detection.Detection, error) { - detections, err := evaluationState.Evaluate(node, "object", "", settings.CURSOR_SCOPE, true) - if err != nil { - return nil, err - } - - var result []*detection.Detection - for _, detection := range detections { - data := detection.Data.(generictypes.Object) - if !data.IsVirtual { - result = append(result, detection) - } - } - - return result, nil -} - -func ProjectObject( - node *tree.Node, - evaluationState types.EvaluationState, - objectNode *tree.Node, - objectName, - propertyName string, - isPropertyAccess bool, -) ([]interface{}, error) { - var result []interface{} - - if isPropertyAccess { - objectDetections, err := GetNonVirtualObjects(evaluationState, objectNode) - if err != nil { - return nil, err - } - - for _, objectDetection := range objectDetections { - objectData := objectDetection.Data.(generictypes.Object) - - for _, property := range objectData.Properties { - if property.Name == propertyName && property.Object != nil { - result = append(result, property.Object.Data) - result = append(result, generictypes.Object{ - Properties: []generictypes.Property{{ - Name: propertyName, - Object: &detection.Detection{ - DetectorType: "object", - MatchNode: node, - Data: property.Object.Data, - }, - }}, - IsVirtual: true, - }) - } - } - } - } - - if objectName != "" { - result = append(result, generictypes.Object{ - Properties: []generictypes.Property{{ - Name: objectName, - Object: &detection.Detection{ - DetectorType: "object", - MatchNode: node, - Data: generictypes.Object{ - Properties: []generictypes.Property{{Name: propertyName}}, - IsVirtual: true, - }, - }, - }}, - IsVirtual: true, - }) - } - - return result, nil -} - -func GetStringValue(node *tree.Node, evaluationState types.EvaluationState) (string, bool, error) { - detections, err := evaluationState.Evaluate(node, "string", "", settings.CURSOR_SCOPE, true) - if err != nil { - return "", false, err - } - - switch len(detections) { - case 0: - return "", false, nil - case 1: - childString := detections[0].Data.(generictypes.String) - - return childString.Value, childString.IsLiteral, nil - default: - return "", false, fmt.Errorf( - "expected single string detection but got %d for %s", - len(detections), - node.Debug(true), - ) - } -} - -func ConcatenateChildStrings(node *tree.Node, evaluationState types.EvaluationState) ([]interface{}, error) { - value := "" - isLiteral := true - - for i := 0; i < node.ChildCount(); i += 1 { - child := node.Child(i) - if !child.IsNamed() { - continue - } - - childValue, childIsLiteral, err := GetStringValue(child, evaluationState) - if err != nil { - return nil, err - } - - if childValue == "" && !childIsLiteral { - childValue = "*" - } - - value += childValue - - if !childIsLiteral { - isLiteral = false - } - } - - return []interface{}{generictypes.String{ - Value: value, - IsLiteral: isLiteral, - }}, nil -} - -func ConcatenateAssignEquals(node *tree.Node, evaluationState types.EvaluationState) ([]interface{}, error) { - unifiedNodes := node.ChildByFieldName("left").UnifiedNodes() - if len(unifiedNodes) == 0 { - return nil, nil - } - if len(unifiedNodes) != 1 { - return nil, fmt.Errorf("expected exactly one unified `+=` node but got %d", len(unifiedNodes)) - } - - left, leftIsLiteral, err := GetStringValue(unifiedNodes[0], evaluationState) - if err != nil { - return nil, err - } - - right, rightIsLiteral, err := GetStringValue(node.ChildByFieldName("right"), evaluationState) - if err != nil { - return nil, err - } - - if left == "" && !leftIsLiteral { - left = "*" - - // No detection when neither parts are a string - if right == "" && !rightIsLiteral { - return nil, nil - } - } - - if right == "" && !rightIsLiteral { - right = "*" - } - - return []interface{}{generictypes.String{ - Value: left + right, - IsLiteral: leftIsLiteral && rightIsLiteral, - }}, nil -} diff --git a/new/detector/implementation/generic/insecureurl/insecureurl.go b/new/detector/implementation/generic/insecureurl/insecureurl.go deleted file mode 100644 index a648bf284..000000000 --- a/new/detector/implementation/generic/insecureurl/insecureurl.go +++ /dev/null @@ -1,52 +0,0 @@ -package insecureurl - -import ( - "regexp" - - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/pkg/commands/process/settings" - - generictypes "github.com/bearer/bearer/new/detector/implementation/generic/types" -) - -type insecureURLDetector struct { - types.DetectorBase -} - -var insecureUrlPattern = regexp.MustCompile(`^http:`) -var localhostInsecureUrlPattern = regexp.MustCompile(`^http://(localhost|127.0.0.1)`) - -func New(querySet *tree.QuerySet) (types.Detector, error) { - return &insecureURLDetector{}, nil -} - -func (detector *insecureURLDetector) Name() string { - return "insecure_url" -} - -func (detector *insecureURLDetector) DetectAt( - node *tree.Node, - evaluationState types.EvaluationState, -) ([]interface{}, error) { - detections, err := evaluationState.Evaluate(node, "string", "", settings.CURSOR_SCOPE, false) - if err != nil { - return nil, err - } - - for _, detection := range detections { - value := detection.Data.(generictypes.String).Value - if insecureUrlPattern.MatchString(value) { - if localhostInsecureUrlPattern.MatchString(value) { - // ignore insecure local URLs - continue - } - - return []interface{}{nil}, nil - } - } - - return nil, nil -} - -func (detector *insecureURLDetector) Close() {} diff --git a/new/detector/implementation/generic/stringliteral/stringliteral.go b/new/detector/implementation/generic/stringliteral/stringliteral.go deleted file mode 100644 index c265c9d63..000000000 --- a/new/detector/implementation/generic/stringliteral/stringliteral.go +++ /dev/null @@ -1,43 +0,0 @@ -package stringliteral - -import ( - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/pkg/commands/process/settings" - - generictypes "github.com/bearer/bearer/new/detector/implementation/generic/types" -) - -type stringLiteralDetector struct { - types.DetectorBase -} - -func New(querySet *tree.QuerySet) (types.Detector, error) { - return &stringLiteralDetector{}, nil -} - -func (detector *stringLiteralDetector) Name() string { - return "string_literal" -} - -func (detector *stringLiteralDetector) DetectAt( - node *tree.Node, - evaluationState types.EvaluationState, -) ([]interface{}, error) { - detections, err := evaluationState.Evaluate(node, "string", "", settings.CURSOR_SCOPE, false) - if err != nil { - return nil, err - } - - for _, detection := range detections { - if detection.Data.(generictypes.String).IsLiteral { - if len(detection.Data.(generictypes.String).Value) > 0 { - return []interface{}{nil}, nil - } - } - } - - return nil, nil -} - -func (detector *stringLiteralDetector) Close() {} diff --git a/new/detector/implementation/generic/types/types.go b/new/detector/implementation/generic/types/types.go deleted file mode 100644 index 60fd07b81..000000000 --- a/new/detector/implementation/generic/types/types.go +++ /dev/null @@ -1,24 +0,0 @@ -package types - -import ( - "github.com/bearer/bearer/new/detector/detection" - "github.com/bearer/bearer/new/language/tree" -) - -type Object struct { - Properties []Property - // IsVirtual describes whether this object actually exists, or has - // been detected as part of a variable name - IsVirtual bool -} - -type Property struct { - Name string - Node *tree.Node - Object *detection.Detection -} - -type String struct { - Value string - IsLiteral bool -} diff --git a/new/detector/implementation/java/.snapshots/TestJavaObjects-object_class b/new/detector/implementation/java/.snapshots/TestJavaObjects-object_class deleted file mode 100644 index eb80e6d23..000000000 --- a/new/detector/implementation/java/.snapshots/TestJavaObjects-object_class +++ /dev/null @@ -1,29 +0,0 @@ -- position: "1:1" - content: |- - public class User - { - public String name; - - public String LowercaseName() - { - return name.toLowerCase(); - } - } - data: - properties: - - name: User - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: name - node: {} - object: null - - name: LowercaseName - node: {} - object: null - isvirtual: false - isvirtual: false - diff --git a/new/detector/implementation/java/.snapshots/TestJavaObjects-object_no_class b/new/detector/implementation/java/.snapshots/TestJavaObjects-object_no_class deleted file mode 100644 index 493c69bea..000000000 --- a/new/detector/implementation/java/.snapshots/TestJavaObjects-object_no_class +++ /dev/null @@ -1,17 +0,0 @@ -- position: "1:1" - content: user.name - data: - properties: - - name: user - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: name - node: null - object: null - isvirtual: true - isvirtual: true - diff --git a/new/detector/implementation/java/.snapshots/TestJavaString-string b/new/detector/implementation/java/.snapshots/TestJavaString-string deleted file mode 100644 index 79e3664c4..000000000 --- a/new/detector/implementation/java/.snapshots/TestJavaString-string +++ /dev/null @@ -1,31 +0,0 @@ -- position: "2:20" - content: '"Hello World"' - data: - value: Hello World - isliteral: true -- position: "6:13" - content: Greeting + "!" - data: - value: Hello World! - isliteral: true -- position: "7:5" - content: s += "!!" - data: - value: Hello World!!! - isliteral: true -- position: "9:17" - content: '"hey "' - data: - value: 'hey ' - isliteral: true -- position: "10:5" - content: s2 += args[0] - data: - value: hey * - isliteral: false -- position: "11:5" - content: s2 += " there" - data: - value: hey * there - isliteral: false - diff --git a/new/detector/implementation/java/string/string.go b/new/detector/implementation/java/string/string.go deleted file mode 100644 index 83cd73f03..000000000 --- a/new/detector/implementation/java/string/string.go +++ /dev/null @@ -1,47 +0,0 @@ -package string - -import ( - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/pkg/util/stringutil" - - "github.com/bearer/bearer/new/detector/implementation/generic" - generictypes "github.com/bearer/bearer/new/detector/implementation/generic/types" -) - -type stringDetector struct { - types.DetectorBase -} - -func New(querySet *tree.QuerySet) (types.Detector, error) { - return &stringDetector{}, nil -} - -func (detector *stringDetector) Name() string { - return "string" -} - -func (detector *stringDetector) DetectAt( - node *tree.Node, - evaluationState types.EvaluationState, -) ([]interface{}, error) { - switch node.Type() { - case "string_literal": - return []interface{}{generictypes.String{ - Value: stringutil.StripQuotes(node.Content()), - IsLiteral: true, - }}, nil - case "binary_expression": - if node.AnonymousChild(0).Content() == "+" { - return generic.ConcatenateChildStrings(node, evaluationState) - } - case "assignment_expression": - if node.AnonymousChild(0).Content() == "+=" { - return generic.ConcatenateAssignEquals(node, evaluationState) - } - } - - return nil, nil -} - -func (detector *stringDetector) Close() {} diff --git a/new/detector/implementation/javascript/.snapshots/TestJavascriptFileTypes-file_type_jsx b/new/detector/implementation/javascript/.snapshots/TestJavascriptFileTypes-file_type_jsx deleted file mode 100644 index 7c83e4d76..000000000 --- a/new/detector/implementation/javascript/.snapshots/TestJavascriptFileTypes-file_type_jsx +++ /dev/null @@ -1,25 +0,0 @@ -- position: "1:7" - content: 'user: { email: string } = { email: "jhon@gmail.com" }' - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: email - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "1:33" - content: '{ email: "jhon@gmail.com" }' - data: - properties: - - name: email - node: {} - object: null - isvirtual: false - diff --git a/new/detector/implementation/javascript/.snapshots/TestJavascriptFileTypes-file_type_tsx b/new/detector/implementation/javascript/.snapshots/TestJavascriptFileTypes-file_type_tsx deleted file mode 100644 index 7c83e4d76..000000000 --- a/new/detector/implementation/javascript/.snapshots/TestJavascriptFileTypes-file_type_tsx +++ /dev/null @@ -1,25 +0,0 @@ -- position: "1:7" - content: 'user: { email: string } = { email: "jhon@gmail.com" }' - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: email - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "1:33" - content: '{ email: "jhon@gmail.com" }' - data: - properties: - - name: email - node: {} - object: null - isvirtual: false - diff --git a/new/detector/implementation/javascript/.snapshots/TestJavascriptObjectDetector-object_class b/new/detector/implementation/javascript/.snapshots/TestJavascriptObjectDetector-object_class deleted file mode 100644 index 4f7d5b4c0..000000000 --- a/new/detector/implementation/javascript/.snapshots/TestJavascriptObjectDetector-object_class +++ /dev/null @@ -1,26 +0,0 @@ -- position: "1:1" - content: |- - class User { - constructor (a, b) {} - - x() {} - y() {} - } - data: - properties: - - name: User - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: null - - name: "y" - node: null - object: null - isvirtual: false - isvirtual: false - diff --git a/new/detector/implementation/javascript/.snapshots/TestJavascriptObjectDetector-object_object b/new/detector/implementation/javascript/.snapshots/TestJavascriptObjectDetector-object_object deleted file mode 100644 index d71234d8f..000000000 --- a/new/detector/implementation/javascript/.snapshots/TestJavascriptObjectDetector-object_object +++ /dev/null @@ -1,189 +0,0 @@ -- position: "1:5" - content: 'nested = { "a": 123 }' - data: - properties: - - name: nested - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "1:14" - content: '{ "a": 123 }' - data: - properties: - - name: a - node: {} - object: null - isvirtual: false -- position: "3:6" - content: |- - { - x: { n: nested }, - y: { b: 4 } - } - data: - properties: - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: nested - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: true - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: nested - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: true - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: "y" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: b - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "4:6" - content: '{ n: nested }' - data: - properties: - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: nested - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: true - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "5:6" - content: '{ b: 4 }' - data: - properties: - - name: b - node: {} - object: null - isvirtual: false - diff --git a/new/detector/implementation/javascript/.snapshots/TestJavascriptObjectDetector-object_projection b/new/detector/implementation/javascript/.snapshots/TestJavascriptObjectDetector-object_projection deleted file mode 100644 index 9f71a49e5..000000000 --- a/new/detector/implementation/javascript/.snapshots/TestJavascriptObjectDetector-object_projection +++ /dev/null @@ -1,1211 +0,0 @@ -- position: "1:5" - content: 'obj = { x: { a: { i: 3 } }, y: 4 }' - data: - properties: - - name: obj - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - - name: "y" - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "1:11" - content: '{ x: { a: { i: 3 } }, y: 4 }' - data: - properties: - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - - name: "y" - node: {} - object: null - isvirtual: false -- position: "1:16" - content: '{ a: { i: 3 } }' - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "1:21" - content: '{ i: 3 }' - data: - properties: - - name: i - node: {} - object: null - isvirtual: false -- position: "4:1" - content: obj.x - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "4:1" - content: obj.x - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - isvirtual: true -- position: "4:1" - content: obj.x - data: - properties: - - name: i - node: {} - object: null - isvirtual: false -- position: "4:1" - content: obj.x - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "4:1" - content: obj.x - data: - properties: - - name: obj - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: null - isvirtual: true - isvirtual: true -- position: "5:1" - content: obj["x"].a - data: - properties: - - name: i - node: {} - object: null - isvirtual: false -- position: "5:1" - content: obj["x"].a - data: - properties: - - name: a - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "5:1" - content: obj["x"].a - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: null - object: null - isvirtual: true - isvirtual: true -- position: "5:1" - content: obj["x"] - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "5:1" - content: obj["x"] - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - isvirtual: true -- position: "5:1" - content: obj["x"] - data: - properties: - - name: i - node: {} - object: null - isvirtual: false -- position: "5:1" - content: obj["x"] - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "5:1" - content: obj["x"] - data: - properties: - - name: obj - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: null - isvirtual: true - isvirtual: true -- position: "8:1" - content: obj.z - data: - properties: - - name: obj - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: z - node: null - object: null - isvirtual: true - isvirtual: true -- position: "9:1" - content: obj["w"] - data: - properties: - - name: obj - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: w - node: null - object: null - isvirtual: true - isvirtual: true -- position: "12:1" - content: 'obj.x({ email: " " }, { first_name: "" })' - data: - properties: - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - isvirtual: true - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: true - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: obj - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: null - isvirtual: true - isvirtual: true - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: obj - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - - name: "y" - node: {} - object: null - isvirtual: false - isvirtual: true - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - - name: "y" - node: {} - object: null - isvirtual: false - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - - name: "y" - node: {} - object: null - isvirtual: false - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "12:1" - content: obj.x - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "12:1" - content: obj.x - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - isvirtual: true -- position: "12:1" - content: obj.x - data: - properties: - - name: i - node: {} - object: null - isvirtual: false -- position: "12:1" - content: obj.x - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "12:1" - content: obj.x - data: - properties: - - name: obj - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: null - isvirtual: true - isvirtual: true -- position: "12:7" - content: '{ email: " " }' - data: - properties: - - name: email - node: {} - object: null - isvirtual: false -- position: "12:23" - content: '{ first_name: "" }' - data: - properties: - - name: first_name - node: {} - object: null - isvirtual: false -- position: "13:1" - content: 'obj.x({ email: " " }, { first_name: "" }).a' - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: null - object: null - isvirtual: true - isvirtual: true -- position: "13:1" - content: 'obj.x({ email: " " }, { first_name: "" })' - data: - properties: - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - isvirtual: true - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: true - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: obj - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: null - isvirtual: true - isvirtual: true - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: obj - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - - name: "y" - node: {} - object: null - isvirtual: false - isvirtual: true - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - - name: "y" - node: {} - object: null - isvirtual: false - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - - name: "y" - node: {} - object: null - isvirtual: false - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: "" - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "13:1" - content: obj.x - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "13:1" - content: obj.x - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - isvirtual: true -- position: "13:1" - content: obj.x - data: - properties: - - name: i - node: {} - object: null - isvirtual: false -- position: "13:1" - content: obj.x - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "13:1" - content: obj.x - data: - properties: - - name: obj - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: null - isvirtual: true - isvirtual: true -- position: "13:7" - content: '{ email: " " }' - data: - properties: - - name: email - node: {} - object: null - isvirtual: false -- position: "13:23" - content: '{ first_name: "" }' - data: - properties: - - name: first_name - node: {} - object: null - isvirtual: false -- position: "16:7" - content: x - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "16:7" - content: x - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - isvirtual: true -- position: "16:7" - content: x - data: - properties: - - name: i - node: {} - object: null - isvirtual: false -- position: "16:7" - content: x - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "16:7" - content: x - data: - properties: - - name: obj - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: null - isvirtual: true - isvirtual: true - diff --git a/new/detector/implementation/javascript/.snapshots/TestJavascriptObjectDetector-object_spread b/new/detector/implementation/javascript/.snapshots/TestJavascriptObjectDetector-object_spread deleted file mode 100644 index af5c805a2..000000000 --- a/new/detector/implementation/javascript/.snapshots/TestJavascriptObjectDetector-object_spread +++ /dev/null @@ -1,613 +0,0 @@ -- position: "1:5" - content: 'user = { a: 123 }' - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "1:12" - content: '{ a: 123 }' - data: - properties: - - name: a - node: {} - object: null - isvirtual: false -- position: "2:5" - content: 'nested = { ...user, b: 456 }' - data: - properties: - - name: nested - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: a - node: {} - object: null - - name: b - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "2:14" - content: '{ ...user, b: 456 }' - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: a - node: {} - object: null - - name: b - node: {} - object: null - isvirtual: false -- position: "4:6" - content: |- - { - x: { n: nested }, - y: { c: 4 }, - } - data: - properties: - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: nested - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: a - node: {} - object: null - - name: b - node: {} - object: null - isvirtual: false - isvirtual: true - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: a - node: {} - object: null - - name: b - node: {} - object: null - isvirtual: false - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: true - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: a - node: {} - object: null - - name: b - node: {} - object: null - isvirtual: false - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: true - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: nested - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: a - node: {} - object: null - - name: b - node: {} - object: null - isvirtual: false - isvirtual: true - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: a - node: {} - object: null - - name: b - node: {} - object: null - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: true - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: a - node: {} - object: null - - name: b - node: {} - object: null - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: true - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: "y" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: c - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "5:6" - content: '{ n: nested }' - data: - properties: - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: nested - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: a - node: {} - object: null - - name: b - node: {} - object: null - isvirtual: false - isvirtual: true - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: a - node: {} - object: null - - name: b - node: {} - object: null - isvirtual: false - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: true - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: a - node: {} - object: null - - name: b - node: {} - object: null - isvirtual: false - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: true - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "6:6" - content: '{ c: 4 }' - data: - properties: - - name: c - node: {} - object: null - isvirtual: false - diff --git a/new/detector/implementation/javascript/.snapshots/TestJavascriptStringDetector-string_assign_eq b/new/detector/implementation/javascript/.snapshots/TestJavascriptStringDetector-string_assign_eq deleted file mode 100644 index dfad8c0b0..000000000 --- a/new/detector/implementation/javascript/.snapshots/TestJavascriptStringDetector-string_assign_eq +++ /dev/null @@ -1,21 +0,0 @@ -- position: "1:11" - content: '"a"' - data: - value: a - isliteral: true -- position: "2:1" - content: x += "b" - data: - value: ab - isliteral: true -- position: "3:1" - content: x += name - data: - value: ab* - isliteral: false -- position: "6:1" - content: y += "c" - data: - value: '*c' - isliteral: false - diff --git a/new/detector/implementation/javascript/.snapshots/TestJavascriptStringDetector-string_literal b/new/detector/implementation/javascript/.snapshots/TestJavascriptStringDetector-string_literal deleted file mode 100644 index 2a7bd243b..000000000 --- a/new/detector/implementation/javascript/.snapshots/TestJavascriptStringDetector-string_literal +++ /dev/null @@ -1,21 +0,0 @@ -- position: "1:1" - content: '"ab"' - data: - value: ab - isliteral: true -- position: "3:1" - content: '"a" + "b"' - data: - value: ab - isliteral: true -- position: "5:5" - content: '"a"' - data: - value: a - isliteral: true -- position: "6:1" - content: '`${x} b`' - data: - value: a b - isliteral: true - diff --git a/new/detector/implementation/javascript/.snapshots/TestJavascriptStringDetector-string_non_literal b/new/detector/implementation/javascript/.snapshots/TestJavascriptStringDetector-string_non_literal deleted file mode 100644 index 2ebe67530..000000000 --- a/new/detector/implementation/javascript/.snapshots/TestJavascriptStringDetector-string_non_literal +++ /dev/null @@ -1,11 +0,0 @@ -- position: "1:1" - content: '"a" + x' - data: - value: a* - isliteral: false -- position: "3:1" - content: '`${x} b`' - data: - value: '* b' - isliteral: false - diff --git a/new/detector/implementation/javascript/.snapshots/TestJavascriptTypes-typed_object_const b/new/detector/implementation/javascript/.snapshots/TestJavascriptTypes-typed_object_const deleted file mode 100644 index 7c83e4d76..000000000 --- a/new/detector/implementation/javascript/.snapshots/TestJavascriptTypes-typed_object_const +++ /dev/null @@ -1,25 +0,0 @@ -- position: "1:7" - content: 'user: { email: string } = { email: "jhon@gmail.com" }' - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: email - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "1:33" - content: '{ email: "jhon@gmail.com" }' - data: - properties: - - name: email - node: {} - object: null - isvirtual: false - diff --git a/new/detector/implementation/javascript/.snapshots/TestJavascriptTypes-typed_object_let b/new/detector/implementation/javascript/.snapshots/TestJavascriptTypes-typed_object_let deleted file mode 100644 index c98331e64..000000000 --- a/new/detector/implementation/javascript/.snapshots/TestJavascriptTypes-typed_object_let +++ /dev/null @@ -1,25 +0,0 @@ -- position: "1:5" - content: 'user: { email: string } = { email: "jhon@gmail.com" }' - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: email - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "1:31" - content: '{ email: "jhon@gmail.com" }' - data: - properties: - - name: email - node: {} - object: null - isvirtual: false - diff --git a/new/detector/implementation/javascript/.snapshots/TestJavascriptTypes-typed_object_var b/new/detector/implementation/javascript/.snapshots/TestJavascriptTypes-typed_object_var deleted file mode 100644 index c98331e64..000000000 --- a/new/detector/implementation/javascript/.snapshots/TestJavascriptTypes-typed_object_var +++ /dev/null @@ -1,25 +0,0 @@ -- position: "1:5" - content: 'user: { email: string } = { email: "jhon@gmail.com" }' - data: - properties: - - name: user - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: email - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "1:31" - content: '{ email: "jhon@gmail.com" }' - data: - properties: - - name: email - node: {} - object: null - isvirtual: false - diff --git a/new/detector/implementation/javascript/string/string.go b/new/detector/implementation/javascript/string/string.go deleted file mode 100644 index 48493de0f..000000000 --- a/new/detector/implementation/javascript/string/string.go +++ /dev/null @@ -1,81 +0,0 @@ -package string - -import ( - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/pkg/util/stringutil" - - "github.com/bearer/bearer/new/detector/implementation/generic" - generictypes "github.com/bearer/bearer/new/detector/implementation/generic/types" -) - -type stringDetector struct { - types.DetectorBase -} - -func New(querySet *tree.QuerySet) (types.Detector, error) { - return &stringDetector{}, nil -} - -func (detector *stringDetector) Name() string { - return "string" -} - -func (detector *stringDetector) DetectAt( - node *tree.Node, - evaluationState types.EvaluationState, -) ([]interface{}, error) { - switch node.Type() { - case "string": - return []interface{}{generictypes.String{ - Value: stringutil.StripQuotes(node.Content()), - IsLiteral: true, - }}, nil - case "template_string": - return handleTemplateString(node, evaluationState) - case "binary_expression": - if node.AnonymousChild(0).Content() == "+" { - return generic.ConcatenateChildStrings(node, evaluationState) - } - case "augmented_assignment_expression": - if node.AnonymousChild(0).Content() == "+=" { - return generic.ConcatenateAssignEquals(node, evaluationState) - } - } - - return nil, nil -} - -func handleTemplateString(node *tree.Node, evaluationState types.EvaluationState) ([]interface{}, error) { - text := "" - isLiteral := true - - err := node.EachContentPart(func(partText string) error { - text += partText - return nil - }, func(child *tree.Node) error { - childValue, childIsLiteral, err := generic.GetStringValue(child.Child(1), evaluationState) - if err != nil { - return err - } - - if childValue == "" && !childIsLiteral { - childValue = "*" - } - - text += childValue - - if !childIsLiteral { - isLiteral = false - } - - return nil - }) - - return []interface{}{generictypes.String{ - Value: text, - IsLiteral: isLiteral, - }}, err -} - -func (detector *stringDetector) Close() {} diff --git a/new/detector/implementation/ruby/.snapshots/TestRubyObjectDetector-object_class b/new/detector/implementation/ruby/.snapshots/TestRubyObjectDetector-object_class deleted file mode 100644 index cc893ede4..000000000 --- a/new/detector/implementation/ruby/.snapshots/TestRubyObjectDetector-object_class +++ /dev/null @@ -1,35 +0,0 @@ -- position: "1:1" - content: |- - class A - attr_accessor :one, :two - - def three - end - - def four(a, b) - end - end - data: - properties: - - name: A - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: one - node: {} - object: null - - name: two - node: {} - object: null - - name: three - node: {} - object: null - - name: four - node: {} - object: null - isvirtual: false - isvirtual: false - diff --git a/new/detector/implementation/ruby/.snapshots/TestRubyObjectDetector-object_hash b/new/detector/implementation/ruby/.snapshots/TestRubyObjectDetector-object_hash deleted file mode 100644 index 2f4b4e01c..000000000 --- a/new/detector/implementation/ruby/.snapshots/TestRubyObjectDetector-object_hash +++ /dev/null @@ -1,230 +0,0 @@ -- position: "1:1" - content: |- - nested = { - "one" => 42, - "two" => "hi" - } - data: - properties: - - name: nested - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: one - node: {} - object: null - - name: two - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "1:10" - content: |- - { - "one" => 42, - "two" => "hi" - } - data: - properties: - - name: one - node: {} - object: null - - name: two - node: {} - object: null - isvirtual: false -- position: "6:6" - content: |- - { - x: { n: nested }, - y: { b: 4 } - } - data: - properties: - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: nested - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: one - node: {} - object: null - - name: two - node: {} - object: null - isvirtual: false - isvirtual: true - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: one - node: {} - object: null - - name: two - node: {} - object: null - isvirtual: false - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: one - node: {} - object: null - - name: two - node: {} - object: null - isvirtual: false - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: nested - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: one - node: {} - object: null - - name: two - node: {} - object: null - isvirtual: false - isvirtual: true - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: one - node: {} - object: null - - name: two - node: {} - object: null - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: one - node: {} - object: null - - name: two - node: {} - object: null - isvirtual: false - - name: "y" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: b - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "7:6" - content: '{ n: nested }' - data: - properties: - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: nested - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: one - node: {} - object: null - - name: two - node: {} - object: null - isvirtual: false - isvirtual: true - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: one - node: {} - object: null - - name: two - node: {} - object: null - isvirtual: false - - name: "n" - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: one - node: {} - object: null - - name: two - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "8:6" - content: '{ b: 4 }' - data: - properties: - - name: b - node: {} - object: null - isvirtual: false - diff --git a/new/detector/implementation/ruby/.snapshots/TestRubyObjectDetector-object_projection b/new/detector/implementation/ruby/.snapshots/TestRubyObjectDetector-object_projection deleted file mode 100644 index 8945f524e..000000000 --- a/new/detector/implementation/ruby/.snapshots/TestRubyObjectDetector-object_projection +++ /dev/null @@ -1,357 +0,0 @@ -- position: "1:5" - content: 'obj = { x: { a: { i: 3 } }, y: 4 }' - data: - properties: - - name: obj - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - - name: "y" - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "1:11" - content: '{ x: { a: { i: 3 } }, y: 4 }' - data: - properties: - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - - name: x - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - - name: "y" - node: {} - object: null - isvirtual: false -- position: "1:16" - content: '{ a: { i: 3 } }' - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "1:21" - content: '{ i: 3 }' - data: - properties: - - name: i - node: {} - object: null - isvirtual: false -- position: "4:1" - content: obj.x - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "4:1" - content: obj.x - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - isvirtual: true -- position: "4:1" - content: obj.x - data: - properties: - - name: i - node: {} - object: null - isvirtual: false -- position: "4:1" - content: obj.x - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "4:1" - content: obj.x - data: - properties: - - name: obj - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: null - isvirtual: true - isvirtual: true -- position: "5:1" - content: obj["x"].a - data: - properties: - - name: i - node: {} - object: null - isvirtual: false -- position: "5:1" - content: obj["x"].a - data: - properties: - - name: a - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "5:1" - content: obj["x"].a - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: null - object: null - isvirtual: true - isvirtual: true -- position: "5:1" - content: obj["x"] - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false -- position: "5:1" - content: obj["x"] - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: a - node: {} - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: false - isvirtual: true -- position: "5:1" - content: obj["x"] - data: - properties: - - name: i - node: {} - object: null - isvirtual: false -- position: "5:1" - content: obj["x"] - data: - properties: - - name: x - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: i - node: {} - object: null - isvirtual: false - isvirtual: true -- position: "5:1" - content: obj["x"] - data: - properties: - - name: obj - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: null - isvirtual: true - isvirtual: true -- position: "8:1" - content: obj.z - data: - properties: - - name: obj - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: z - node: null - object: null - isvirtual: true - isvirtual: true -- position: "9:1" - content: '@myvar.x' - data: - properties: - - name: myvar - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: x - node: null - object: null - isvirtual: true - isvirtual: true -- position: "10:1" - content: '@myvar["w"]' - data: - properties: - - name: myvar - node: null - object: - detectortype: object - matchnode: {} - data: - properties: - - name: w - node: null - object: null - isvirtual: true - isvirtual: true - diff --git a/new/detector/implementation/ruby/.snapshots/TestRubyStringDetector-string_assign_eq b/new/detector/implementation/ruby/.snapshots/TestRubyStringDetector-string_assign_eq deleted file mode 100644 index 672e6ad57..000000000 --- a/new/detector/implementation/ruby/.snapshots/TestRubyStringDetector-string_assign_eq +++ /dev/null @@ -1,21 +0,0 @@ -- position: "1:5" - content: '"a"' - data: - value: a - isliteral: true -- position: "2:1" - content: x += "b" - data: - value: ab - isliteral: true -- position: "3:1" - content: x += name - data: - value: ab* - isliteral: false -- position: "6:1" - content: y += "c" - data: - value: '*c' - isliteral: false - diff --git a/new/detector/implementation/ruby/.snapshots/TestRubyStringDetector-string_literal b/new/detector/implementation/ruby/.snapshots/TestRubyStringDetector-string_literal deleted file mode 100644 index d55fc2316..000000000 --- a/new/detector/implementation/ruby/.snapshots/TestRubyStringDetector-string_literal +++ /dev/null @@ -1,21 +0,0 @@ -- position: "1:1" - content: '"ab"' - data: - value: ab - isliteral: true -- position: "3:1" - content: '"a" + "b"' - data: - value: ab - isliteral: true -- position: "5:5" - content: '"a"' - data: - value: a - isliteral: true -- position: "6:1" - content: '"#{x} b"' - data: - value: a b - isliteral: true - diff --git a/new/detector/implementation/ruby/.snapshots/TestRubyStringDetector-string_non_literal b/new/detector/implementation/ruby/.snapshots/TestRubyStringDetector-string_non_literal deleted file mode 100644 index 69ad61afe..000000000 --- a/new/detector/implementation/ruby/.snapshots/TestRubyStringDetector-string_non_literal +++ /dev/null @@ -1,11 +0,0 @@ -- position: "1:1" - content: '"a" + x' - data: - value: a* - isliteral: false -- position: "3:1" - content: '"#{x} b"' - data: - value: '* b' - isliteral: false - diff --git a/new/detector/implementation/ruby/string/string.go b/new/detector/implementation/ruby/string/string.go deleted file mode 100644 index c53a3ad15..000000000 --- a/new/detector/implementation/ruby/string/string.go +++ /dev/null @@ -1,48 +0,0 @@ -package string - -import ( - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" - - "github.com/bearer/bearer/new/detector/implementation/generic" - generictypes "github.com/bearer/bearer/new/detector/implementation/generic/types" -) - -type stringDetector struct { - types.DetectorBase -} - -func New(querySet *tree.QuerySet) (types.Detector, error) { - return &stringDetector{}, nil -} - -func (detector *stringDetector) Name() string { - return "string" -} - -func (detector *stringDetector) DetectAt( - node *tree.Node, - evaluationState types.EvaluationState, -) ([]interface{}, error) { - switch node.Type() { - case "string_content": - return []interface{}{generictypes.String{ - Value: node.Content(), - IsLiteral: true, - }}, nil - case "interpolation", "string": - return generic.ConcatenateChildStrings(node, evaluationState) - case "binary": - if node.AnonymousChild(0).Content() == "+" { - return generic.ConcatenateChildStrings(node, evaluationState) - } - case "operator_assignment": - if node.AnonymousChild(0).Content() == "+=" { - return generic.ConcatenateAssignEquals(node, evaluationState) - } - } - - return nil, nil -} - -func (detector *stringDetector) Close() {} diff --git a/new/detector/implementation/testhelper/testhelper.go b/new/detector/implementation/testhelper/testhelper.go deleted file mode 100644 index 3c62f81c8..000000000 --- a/new/detector/implementation/testhelper/testhelper.go +++ /dev/null @@ -1,80 +0,0 @@ -package testhelper - -import ( - "context" - "fmt" - "testing" - - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/pkg/classification" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/flag" - "github.com/bearer/bearer/pkg/util/file" - "github.com/bradleyjkemp/cupaloy" - "github.com/rs/zerolog" - "gopkg.in/yaml.v3" -) - -type result struct { - Position string - Content string - Data interface{} -} - -func RunTest( - t *testing.T, - name string, - compositionInstantiator func(map[string]*settings.Rule, *classification.Classifier) (types.Composition, error), - detectorType string, - fileName string, -) { - zerolog.SetGlobalLevel(zerolog.InfoLevel) - - t.Run(name, func(tt *testing.T) { - classifier, err := classification.NewClassifier(&classification.Config{ - Config: settings.Config{ - Scan: flag.ScanOptions{ - DisableDomainResolution: true, - DomainResolutionTimeout: 0, - Context: flag.Context(flag.Empty), - }, - }, - }) - if err != nil { - tt.Fatalf("failed to create classifier: %s", err) - } - - composition, err := compositionInstantiator(make(map[string]*settings.Rule), classifier) - if err != nil { - tt.Fatalf("failed to create composition: %s", err) - } - defer composition.Close() - - fileInfo, err := file.FileInfoFromPath(fileName) - if err != nil { - tt.Fatalf("failed to create file info for %s: %s", fileName, err) - } - - detections, err := composition.DetectFromFileWithTypes(context.Background(), nil, fileInfo, []string{detectorType}, nil) - if err != nil { - tt.Fatalf("failed to detect: %s", err) - } - - results := make([]result, len(detections)) - for i, detection := range detections { - node := detection.MatchNode - results[i] = result{ - Position: fmt.Sprintf("%d:%d", node.StartLineNumber(), node.StartColumnNumber()), - Content: node.Content(), - Data: detection.Data, - } - } - - yamlResults, err := yaml.Marshal(results) - if err != nil { - tt.Fatalf("failed to marshal results: %s", err) - } - - cupaloy.SnapshotT(tt, string(yamlResults)) - }) -} diff --git a/new/detector/set/set.go b/new/detector/set/set.go deleted file mode 100644 index eaaba1b29..000000000 --- a/new/detector/set/set.go +++ /dev/null @@ -1,76 +0,0 @@ -package set - -import ( - "fmt" - - "github.com/bearer/bearer/new/detector/detection" - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/new/language/tree" -) - -type set struct { - detectors map[string]types.Detector -} - -func New(detectors []types.Detector) (types.DetectorSet, error) { - detectorMap := make(map[string]types.Detector) - - for _, detector := range detectors { - name := detector.Name() - - if _, existing := detectorMap[name]; existing { - return nil, fmt.Errorf("duplicate detector '%s'", name) - } - - detectorMap[name] = detector - } - - return &set{ - detectors: detectorMap, - }, nil -} - -func (set *set) NestedDetections(detectorType string) (bool, error) { - detector, err := set.lookupDetector(detectorType) - if err != nil { - return false, err - } - - return detector.NestedDetections(), nil -} - -func (set *set) DetectAt( - node *tree.Node, - detectorType string, - evaluationState types.EvaluationState, -) ([]*detection.Detection, error) { - detector, err := set.lookupDetector(detectorType) - if err != nil { - return nil, err - } - - detectionsData, err := detector.DetectAt(node, evaluationState) - if err != nil { - return nil, err - } - - detections := make([]*detection.Detection, len(detectionsData)) - for i, data := range detectionsData { - detections[i] = &detection.Detection{ - DetectorType: detectorType, - MatchNode: node, - Data: data, - } - } - - return detections, nil -} - -func (set *set) lookupDetector(detectorType string) (types.Detector, error) { - detector, ok := set.detectors[detectorType] - if !ok { - return nil, fmt.Errorf("detector type '%s' not registered", detectorType) - } - - return detector, nil -} diff --git a/new/detector/types/types.go b/new/detector/types/types.go deleted file mode 100644 index c350fc8c6..000000000 --- a/new/detector/types/types.go +++ /dev/null @@ -1,55 +0,0 @@ -package types - -import ( - "context" - - "github.com/bearer/bearer/new/detector/detection" - "github.com/bearer/bearer/new/detector/evaluator/stats" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/util/file" -) - -type EvaluationState interface { - Evaluate( - rootNode *tree.Node, - detectorType, - sanitizerDetectorType string, - scope settings.RuleReferenceScope, - followFlow bool, - ) ([]*detection.Detection, error) - FileName() string -} - -type DetectorSet interface { - NestedDetections(detectorType string) (bool, error) - DetectAt( - node *tree.Node, - detectorType string, - evaluationState EvaluationState, - ) ([]*detection.Detection, error) -} - -type Detector interface { - Name() string - DetectAt(node *tree.Node, evaluationState EvaluationState) ([]interface{}, error) - NestedDetections() bool - Close() -} - -type DetectorBase struct{} - -func (*DetectorBase) NestedDetections() bool { - return true -} - -type Composition interface { - DetectFromFile(ctx context.Context, fileStats *stats.FileStats, file *file.FileInfo) ([]*detection.Detection, error) - DetectFromFileWithTypes( - ctx context.Context, - fileStats *stats.FileStats, - file *file.FileInfo, - detectorTypes, sharedDetectorTypes []string, - ) ([]*detection.Detection, error) - Close() -} diff --git a/new/language/base/base.go b/new/language/base/base.go deleted file mode 100644 index 6fdaad465..000000000 --- a/new/language/base/base.go +++ /dev/null @@ -1,39 +0,0 @@ -package base - -import ( - "context" - - "github.com/bearer/bearer/new/language/implementation" - "github.com/bearer/bearer/new/language/patternquery" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/new/language/types" -) - -type Language struct { - implementation implementation.Implementation -} - -func New(implementation implementation.Implementation) *Language { - return &Language{implementation: implementation} -} - -func (lang *Language) Parse(ctx context.Context, input string) (*tree.Tree, error) { - tree, err := tree.Parse(ctx, lang.implementation.SitterLanguage(), input) - if err != nil { - return nil, err - } - - if err := lang.implementation.AnalyzeFlow(ctx, tree.RootNode()); err != nil { - return nil, err - } - - return tree, nil -} - -func (lang *Language) NewQuerySet() *tree.QuerySet { - return tree.NewQuerySet(lang.implementation.SitterLanguage()) -} - -func (lang *Language) CompilePatternQuery(querySet *tree.QuerySet, input, focusedVariable string) (types.PatternQuery, error) { - return patternquery.Compile(lang, lang.implementation, querySet, input, focusedVariable) -} diff --git a/new/language/implementation/implementation.go b/new/language/implementation/implementation.go deleted file mode 100644 index 178876017..000000000 --- a/new/language/implementation/implementation.go +++ /dev/null @@ -1,191 +0,0 @@ -package implementation - -import ( - "context" - - sitter "github.com/smacker/go-tree-sitter" - - patternquerytypes "github.com/bearer/bearer/new/language/patternquery/types" - "github.com/bearer/bearer/new/language/tree" -) - -type Implementation interface { - Name() string - SitterLanguage() *sitter.Language - // AnalyzeFlow unifies nodes that represent the same value in the tree. - // - // eg. given Ruby code like this: - // user = { first_name: "" } - // some_call(user) - // user[:first_name] - // the `user` identifier node on lines 2 and 3 will be unified with the - // assignment node - AnalyzeFlow(ctx context.Context, rootNode *tree.Node) error - // ExtractPatternVariables parses variables from a pattern and returns a new - // pattern with the variables replaced with a dummy value, along with a list - // of the variables. Dummy values are needed to allow Tree Sitter to parse - // the pattern without error. - ExtractPatternVariables(input string) (string, []patternquerytypes.Variable, error) - // FindPatternMatchNode returns pairs of start and end offsets for the - // pattern match node. This is to allow different syntax for specifying the - // match node in different languages. There can only be one match node in a - // pattern, but multiple are supported here to avoid implementing the error - // handling in each language. - // - // eg. given a Ruby pattern like this (where `$` means the match node) - // some_call($$) - // we would return `[[10, 14]]` - FindPatternMatchNode(input []byte) [][]int - // FindPatternUnanchoredPoints returns pairs of start and end offsets for the - // unanchored points in the input. This is to allow different syntax for - // specifying the unanchored points in different languages. - // - // eg. given a Ruby pattern like this (where `$<...>` means an unanchored point): - // some_call($<...>$$<...>) - // we would return [[10, 16], [29, 35]] - FindPatternUnanchoredPoints(input []byte) [][]int - // AnonymousPatternNodeParentTypes returns a list of node types for which - // anonymous children should be matched against. Generally, we don't want to - // match anonymous nodes as they make the pattern too restrictive. - // - // eg. given Ruby code like this: - // a == b - // you will get a tree like this (where nodes in `"` are anonymous): - // (binary (identifier) "==" (identifier)) - // If we don't match the "==" then the pattern would also incorrectly match: - // a != b - AnonymousPatternNodeParentTypes() []string - // PatternMatchNodeContainerTypes returns a list of node types from which a - // match node should not be able to escape. There can be multiple nodes in the - // tree at the same character position, and we want to allow a match node to - // be the highest position node, terminating at a container node. - // - // eg. given the following Ruby pattern: - // some_call($key: value) - // the match node is initially parsed at the `key` node. We want to allow it to - // expand up to the pair node `key: value`, but not into the argument list. ie. - // given the following Ruby code matching the pattern: - // some_call key: value, other_key: value2 - // we want the content of the match to be `key: value` and not `key: value, other_key: value2` - PatternMatchNodeContainerTypes() []string - // PatternIsAnchored returns whether a node in a pattern should be compiled - // with anchors (`.`) before and after it in the resulting tree sitter query - // - // eg. given a Ruby pattern like this: - // some_call($) do - // other_call - // end - // it is natural for `$`` to only match the first argument, but - // we wouldn't expect `other_call` to be the first expression in the block - PatternIsAnchored(node *tree.Node) (bool, bool) - // PatternNodeTypes returns the types to use for a given node. This allows us - // to match using equivalent syntax without having to enumerate all the - // combinations in rules. - // - // eg. given a Ruby pattern like this: - // call(verify_mode: OpenSSL::SSL::VERIFY_NONE) - // we want to match both of these code examples, despite differences in the - // way they parse: - // call(verify_mode: OpenSSL::SSL::VERIFY_NONE) - // call(:verify_mode => OpenSSL::SSL::VERIFY_NONE) - PatternNodeTypes(node *tree.Node) []string - // TranslatePatternContent converts the content of a pattern node to a - // different type. This is used when PatternNodeTypes returns multiple types - // for a leaf node. - // - // eg. given the situation described in the comment for PatternNodeTypes, we - // must match against the following content for the symbol: - // call(verify_mode: OpenSSL::SSL::VERIFY_NONE) -> verify_mode - // call(:verify_mode => OpenSSL::SSL::VERIFY_NONE) -> :verify_mode - TranslatePatternContent(fromNodeType, toNodeType, content string) string - // IsRootOfRuleQuery returns whether a node should be ignored or be a root - // of a custom rule query - // - // eg. given a javascript code like this: - // const context = { - // email: "foo@domain.com", - // } - // logger.child(context).info(user.name); - // if we want to pull both datatypes inside `child()` as well as inside `info()` - // we want to ignore member_expressions as roots. - IsRootOfRuleQuery(node *tree.Node) bool - PatternLeafContentTypes() []string - FixupPatternVariableDummyValue(input []byte, node *tree.Node, dummyValue string) string - // ShouldSkipNode returns wether a node should should be skipped or assigned variable to it - // it is useful for cases when you have nested nodes to ignore and want to assign variable to its child - // - // eg. given the following tree sitter - // arguments - // formal_parameters - // required_parameter - // identifier - // - // if you want to get only identifier instead of required parameter ShouldSkipNode should return true - // for required parameter - ShouldSkipNode(node *tree.Node) bool - - PassthroughNested(node *tree.Node) bool - - ContributesToResult(node *tree.Node) bool - IsMatchLeaf(node *tree.Node) bool -} - -type Base struct{} - -func (implementation *Base) IsMatchLeaf(node *tree.Node) bool { - return false -} - -func (*Base) TranslatePatternContent(fromNodeType, toNodeType, content string) string { - return content -} - -func (*Base) IsRootOfRuleQuery(node *tree.Node) bool { - return true -} - -func (*Base) ShouldSkipNode(node *tree.Node) bool { - return false -} - -type Scope struct { - parent *Scope - variables map[string]*tree.Node -} - -func NewScope(parent *Scope) *Scope { - return &Scope{ - parent: parent, - variables: make(map[string]*tree.Node), - } -} - -func (scope *Scope) Declare(name string, node *tree.Node) { - scope.variables[name] = node -} - -func (scope *Scope) Assign(name string, node *tree.Node) { - targetScope := scope - if _, declarationScope := scope.lookupWithScope(name); declarationScope != nil { - targetScope = declarationScope - } - - targetScope.variables[name] = node -} - -func (scope *Scope) Lookup(name string) *tree.Node { - node, _ := scope.lookupWithScope(name) - return node -} - -func (scope *Scope) lookupWithScope(name string) (*tree.Node, *Scope) { - if node, exists := scope.variables[name]; exists { - return node, scope - } - - if scope.parent != nil { - return scope.parent.lookupWithScope(name) - } - - return nil, nil -} diff --git a/new/language/implementation/java/java.go b/new/language/implementation/java/java.go deleted file mode 100644 index 61ade7df1..000000000 --- a/new/language/implementation/java/java.go +++ /dev/null @@ -1,360 +0,0 @@ -package java - -import ( - "context" - "fmt" - "regexp" - "strings" - - "golang.org/x/exp/slices" - - "github.com/bearer/bearer/new/language/implementation" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/pkg/util/regex" - "github.com/ssoroka/slice" - - patternquerytypes "github.com/bearer/bearer/new/language/patternquery/types" - sitter "github.com/smacker/go-tree-sitter" - "github.com/smacker/go-tree-sitter/java" -) - -var ( - variableLookupParents = []string{ - "argument_list", - "array_access", - "array_initializer", - "binary_expression", - "field_declaration", - "ternary_expression", - } - - anonymousPatternNodeParentTypes = []string{} - patternMatchNodeContainerTypes = []string{} - - // $ or $ or $ - patternQueryVariableRegex = regexp.MustCompile(`\$<(?P[^>:!\.]+)(?::(?P[^>]+))?>`) - - // todo: see if it is ok to replace typescripts `member_expression` with javas `field_access` and `method_invocation` - allowedPatternQueryTypes = []string{"identifier", "type_identifier", "_", "field_access", "method_invocation", "string_literal"} - - matchNodeRegex = regexp.MustCompile(`\$`) - - ellipsisRegex = regexp.MustCompile(`\$<\.\.\.>`) - - passthroughMethods = []string{} -) - -type javaImplementation struct { - implementation.Base -} - -func Get() implementation.Implementation { - return &javaImplementation{} -} - -func (*javaImplementation) Name() string { - return "java" -} - -func (implementation *javaImplementation) SitterLanguage() *sitter.Language { - return java.GetLanguage() -} - -func (*javaImplementation) AnalyzeFlow(ctx context.Context, rootNode *tree.Node) error { - scope := implementation.NewScope(nil) - - return rootNode.Walk(func(node *tree.Node, visitChildren func() error) error { - if ctx.Err() != nil { - return ctx.Err() - } - - switch node.Type() { - // public class Main { - // - // } - case "class_body": - previousScope := scope - scope = implementation.NewScope(previousScope) - err := visitChildren() - scope = previousScope - return err - // public class Main { - // // method declaration - // static void myMethod() { - // - // } - // } - // - // lambda_expression - // numbers.forEach( (n) -> { System.out.println(n); } ); - case "method_declaration", "lambda_expression", "for_statement", "enhanced_for_statement", "block": - previousScope := scope - scope = implementation.NewScope(previousScope) - err := visitChildren() - scope = previousScope - return err - // user = ... - case "assignment_expression": - err := visitChildren() - - left := node.ChildByFieldName("left") - right := node.ChildByFieldName("right") - - if node.AnonymousChild(0).Content() == "=" { - node.UnifyWith(right) - } - - if left.Type() == "identifier" { - scope.Assign(left.Content(), node) - } - - return err - case "field_declaration": - err := visitChildren() - - declarator := node.ChildByFieldName("declarator") - if declarator != nil { - scope.Declare(declarator.ChildByFieldName("name").Content(), node) - - if value := declarator.ChildByFieldName("value"); value != nil { - node.UnifyWith(value) - } - } - - return err - // String user = "John"; - case "local_variable_declaration": - declarator := node.ChildByFieldName("declarator") - - name := declarator.ChildByFieldName("name") - value := declarator.ChildByFieldName("value") - - if name.Type() == "identifier" { - err := visitChildren() - - scope.Declare(name.Content(), node) - node.UnifyWith(value) - - return err - } - // // TODO: figure out this one - // case "shorthand_property_identifier_pattern": - // scope.Assign(node.Content(), node) - case "identifier": - parent := node.Parent() - if parent == nil { - break - } - - if slice.Contains(variableLookupParents, parent.Type()) || - (parent.Type() == "scoped_type_identifier" && node.Equal(parent.Child(0))) || - (parent.Type() == "method_invocation" && node.Equal(parent.ChildByFieldName("object"))) || - (parent.Type() == "field_access" && node.Equal(parent.ChildByFieldName("object"))) || - (parent.Type() == "variable_declarator" && node.Equal(parent.ChildByFieldName("value"))) || - (parent.Type() == "assignment_expression" && node.Equal(parent.ChildByFieldName("right"))) || - (parent.Type() == "assignment_expression" && node.Equal(parent.ChildByFieldName("left")) && parent.AnonymousChild(0).Content() != "=") || - (parent.Type() == "enhanced_for_statement" && node.Equal(parent.ChildByFieldName("value"))) { - if scopedNode := scope.Lookup(node.Content()); scopedNode != nil { - node.UnifyWith(scopedNode) - } - } - - if parent.Type() == "formal_parameter" || - parent.Type() == "catch_formal_parameter" || - (parent.Type() == "resource" && node.Equal(parent.ChildByFieldName("name"))) { - scope.Declare(node.Content(), node) - } - - if parent.Type() == "enhanced_for_statement" && node.Equal(parent.ChildByFieldName("name")) { - scope.Declare(node.Content(), node) - node.UnifyWith(parent.ChildByFieldName("value")) - } - - // todo: see what this is - // case "property_identifier": - // parent := node.Parent() - // if parent != nil && slice.Contains(variableLookupParents, parent.Type()) { - // if scopedNode := scope.Lookup(node.Content()); scopedNode != nil { - // node.UnifyWith(scopedNode) - // } - // } - // } - } - return visitChildren() - }) -} - -// TODO: See if anything needs to be added here -func (implementation *javaImplementation) ExtractPatternVariables(input string) (string, []patternquerytypes.Variable, error) { - nameIndex := patternQueryVariableRegex.SubexpIndex("name") - typesIndex := patternQueryVariableRegex.SubexpIndex("types") - i := 0 - - var params []patternquerytypes.Variable - - replaced, err := regex.ReplaceAllWithSubmatches(patternQueryVariableRegex, input, func(submatches []string) (string, error) { - nodeTypes := strings.Split(submatches[typesIndex], "|") - if nodeTypes[0] == "" { - nodeTypes = []string{"_"} - } - - for _, nodeType := range nodeTypes { - if !slices.Contains(allowedPatternQueryTypes, nodeType) { - return "", fmt.Errorf("invalid node type '%s' in pattern query", nodeType) - } - } - - dummyValue := produceDummyValue(i, nodeTypes[0]) - - params = append(params, patternquerytypes.Variable{ - Name: submatches[nameIndex], - NodeTypes: nodeTypes, - DummyValue: dummyValue, - }) - - i += 1 - - return dummyValue, nil - }) - - if err != nil { - return "", nil, err - } - - return replaced, params, nil -} - -func produceDummyValue(i int, nodeType string) string { - return "CurioVar" + fmt.Sprint(i) -} - -// TODO: See if anything needs to be added here -func (implementation *javaImplementation) AnonymousPatternNodeParentTypes() []string { - return anonymousPatternNodeParentTypes -} - -// TODO: See if anything needs to be added here -func (implementation *javaImplementation) FindPatternMatchNode(input []byte) [][]int { - return matchNodeRegex.FindAllIndex(input, -1) -} - -// TODO: See if anything needs to be added here -func (implementation *javaImplementation) FindPatternUnanchoredPoints(input []byte) [][]int { - return ellipsisRegex.FindAllIndex(input, -1) -} - -func (implementation *javaImplementation) PatternMatchNodeContainerTypes() []string { - return patternMatchNodeContainerTypes -} - -func (*javaImplementation) PatternLeafContentTypes() []string { - return []string{ - // todo: see if type identifier should be removed from here (User user) `User` is type - // identifiers - "identifier", "modifier", - // types - // int user, User user, void user function, - "integral_type", "type_identifier", "void_type", - // datatypes/literals - "string_literal", "character_literal", "null_literal", "true", "false", "decimal_integer_literal", "decimal_floating_point_literal", - } -} - -func (implementation *javaImplementation) PatternIsAnchored(node *tree.Node) (bool, bool) { - parent := node.Parent() - if parent == nil { - return true, true - } - - // Class body class_body - // function block - // lambda () -> {} block - // try {} catch () {} - unAnchored := []string{"class_body", "block", "try_statement", "catch_type", "resource_specification"} - - isUnanchored := !slices.Contains(unAnchored, parent.Type()) - return isUnanchored, isUnanchored -} - -func (implementation *javaImplementation) IsRootOfRuleQuery(node *tree.Node) bool { - return !(node.Type() == "expression_statement") -} - -func (implementation *javaImplementation) PatternNodeTypes(node *tree.Node) []string { - if node.Type() == "statement_block" && node.Parent().Type() == "program" { - if node.NamedChildCount() == 0 { - return []string{"object"} - } else { - return []string{node.Type(), "program"} - } - } - - return []string{node.Type()} -} - -func (*javaImplementation) PassthroughNested(node *tree.Node) bool { - if node.Type() != "arguments" { - return false - } - - callNode := node.Parent() - if callNode.Type() != "field_access" { - return false - } - - functionNode := callNode.ChildByFieldName("function") - - var method string - var wildcardMethod string - switch functionNode.Type() { - case "identifier": - return slices.Contains(passthroughMethods, functionNode.Content()) - case "member_expression": - object := functionNode.ChildByFieldName("object") - if object.Type() == "identifier" { - property := functionNode.ChildByFieldName("property").Content() - method = object.Content() + "." + property - wildcardMethod = "*." + property - } - } - - return slices.Contains(passthroughMethods, method) || slices.Contains(passthroughMethods, wildcardMethod) -} - -func (*javaImplementation) ContributesToResult(node *tree.Node) bool { - // Statements don't have results - if strings.HasSuffix(node.Type(), "_statement") { - return false - } - - // Switch case - if node.Type() == "switch_label" { - return false - } - - parent := node.Parent() - if parent == nil { - return true - } - - // Must not be a ternary/switch condition - if node.Equal(parent.ChildByFieldName("condition")) { - return false - } - - // Not the name part of a declaration - if parent.Type() == "variable_declarator" && node.Equal(parent.ChildByFieldName("name")) { - return false - } - - // Not the left part of an `=` assignment - if parent.Type() == "assignment_expression" && node.Equal(parent.ChildByFieldName("left")) { - return parent.AnonymousChild(0).Content() != "=" - } - - return true -} - -func (*javaImplementation) FixupPatternVariableDummyValue(input []byte, node *tree.Node, dummyValue string) string { - return dummyValue -} diff --git a/new/language/implementation/javascript/javascript.go b/new/language/implementation/javascript/javascript.go deleted file mode 100644 index 5b270734e..000000000 --- a/new/language/implementation/javascript/javascript.go +++ /dev/null @@ -1,381 +0,0 @@ -package javascript - -import ( - "context" - "fmt" - "regexp" - "strings" - - "github.com/ssoroka/slice" - "golang.org/x/exp/slices" - - "github.com/bearer/bearer/new/language/implementation" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/pkg/util/regex" - - patternquerytypes "github.com/bearer/bearer/new/language/patternquery/types" - sitter "github.com/smacker/go-tree-sitter" - "github.com/smacker/go-tree-sitter/typescript/tsx" -) - -var ( - variableLookupParents = []string{ - "pair", - "arguments", - "binary_expression", - "template_substitution", - "array", - "spread_element", - "augmented_assignment_expression", - } - - anonymousPatternNodeParentTypes = []string{} - patternMatchNodeContainerTypes = []string{"import_clause", "import_specifier", "required_parameter"} - - // $ or $ or $ - patternQueryVariableRegex = regexp.MustCompile(`\$<(?P[^>:!\.]+)(?::(?P[^>]+))?>`) - allowedPatternQueryTypes = []string{"identifier", "property_identifier", "_", "member_expression", "string", "template_string"} - - matchNodeRegex = regexp.MustCompile(`\$`) - - ellipsisRegex = regexp.MustCompile(`\$<\.\.\.>`) - - passthroughMethods = []string{"JSON.parse", "JSON.stringify"} -) - -type javascriptImplementation struct { - implementation.Base -} - -func Get() implementation.Implementation { - return &javascriptImplementation{} -} - -func (*javascriptImplementation) Name() string { - return "javascript" -} - -func (implementation *javascriptImplementation) SitterLanguage() *sitter.Language { - return tsx.GetLanguage() -} - -func (*javascriptImplementation) AnalyzeFlow(ctx context.Context, rootNode *tree.Node) error { - scope := implementation.NewScope(nil) - - return rootNode.Walk(func(node *tree.Node, visitChildren func() error) error { - if ctx.Err() != nil { - return ctx.Err() - } - - switch node.Type() { - // () => {} - // function getName() {} - case "function", "arrow_function", "method_definition": - previousScope := scope - scope = implementation.NewScope(previousScope) - err := visitChildren() - scope = previousScope - return err - // user = ... - case "assignment_expression": - left := node.ChildByFieldName("left") - right := node.ChildByFieldName("right") - - if left.Type() == "identifier" { - err := visitChildren() - - scope.Assign(left.Content(), node) - node.UnifyWith(right) - - return err - } - // x += y - case "augmented_assignment_expression": - err := visitChildren() - - left := node.ChildByFieldName("left") - if left.Type() == "identifier" { - scope.Assign(left.Content(), node) - } - - return err - // const user = ... - // var user = ... - // let user = ... - case "variable_declarator": - name := node.ChildByFieldName("name") - value := node.ChildByFieldName("value") - - if name.Type() == "identifier" { - err := visitChildren() - - scope.Declare(name.Content(), node) - node.UnifyWith(value) - - return err - } - case "shorthand_property_identifier_pattern": - scope.Declare(node.Content(), node) - case "identifier": - parent := node.Parent() - if parent == nil { - break - } - - if slice.Contains(variableLookupParents, parent.Type()) || - (parent.Type() == "assignment_expression" && node.Equal(parent.ChildByFieldName("right"))) || - (parent.Type() == "new_expression" && node.Equal(parent.ChildByFieldName("constructor"))) || - (parent.Type() == "variable_declarator" && node.Equal(parent.ChildByFieldName("value"))) || - (parent.Type() == "member_expression" && node.Equal(parent.ChildByFieldName("object"))) || - (parent.Type() == "call_expression" && node.Equal(parent.ChildByFieldName("function"))) || - (parent.Type() == "subscript_expression" && node.Equal(parent.ChildByFieldName("object"))) { - if scopedNode := scope.Lookup(node.Content()); scopedNode != nil { - node.UnifyWith(scopedNode) - } - - break - } - - // typescript: different type of identifier - if parent.Type() == "required_parameter" { - scope.Declare(node.Content(), node) - break - } - - if parent.Type() == "arguments" { - callNode := parent.Parent() - callNode.UnifyWith(node) - break - } - - if isImportedIdentifier(node) { - scope.Declare(node.Content(), node) - } - case "property_identifier": - parent := node.Parent() - if parent != nil && slice.Contains(variableLookupParents, parent.Type()) { - if scopedNode := scope.Lookup(node.Content()); scopedNode != nil { - node.UnifyWith(scopedNode) - } - } - } - - return visitChildren() - }) -} - -func (implementation *javascriptImplementation) IsMatchLeaf(node *tree.Node) bool { - return node.Type() == "string" -} - -func (implementation *javascriptImplementation) ExtractPatternVariables(input string) (string, []patternquerytypes.Variable, error) { - nameIndex := patternQueryVariableRegex.SubexpIndex("name") - typesIndex := patternQueryVariableRegex.SubexpIndex("types") - i := 0 - - var params []patternquerytypes.Variable - - replaced, err := regex.ReplaceAllWithSubmatches(patternQueryVariableRegex, input, func(submatches []string) (string, error) { - nodeTypes := strings.Split(submatches[typesIndex], "|") - if nodeTypes[0] == "" { - nodeTypes = []string{"_"} - } - - for _, nodeType := range nodeTypes { - if !slices.Contains(allowedPatternQueryTypes, nodeType) { - return "", fmt.Errorf("invalid node type '%s' in pattern query", nodeType) - } - } - - dummyValue := produceDummyValue(i, nodeTypes[0]) - - params = append(params, patternquerytypes.Variable{ - Name: submatches[nameIndex], - NodeTypes: nodeTypes, - DummyValue: dummyValue, - }) - - i += 1 - - return dummyValue, nil - }) - - if err != nil { - return "", nil, err - } - - return replaced, params, nil -} - -func produceDummyValue(i int, nodeType string) string { - return "CurioVar" + fmt.Sprint(i) -} - -func (implementation *javascriptImplementation) AnonymousPatternNodeParentTypes() []string { - return anonymousPatternNodeParentTypes -} - -func (implementation *javascriptImplementation) FindPatternMatchNode(input []byte) [][]int { - return matchNodeRegex.FindAllIndex(input, -1) -} - -func (implementation *javascriptImplementation) FindPatternUnanchoredPoints(input []byte) [][]int { - return ellipsisRegex.FindAllIndex(input, -1) -} - -func (implementation *javascriptImplementation) PatternMatchNodeContainerTypes() []string { - return patternMatchNodeContainerTypes -} - -func (javascriptImplementation *javascriptImplementation) ShouldSkipNode(node *tree.Node) bool { - return node.Type() == "required_parameter" -} - -func (*javascriptImplementation) PatternLeafContentTypes() []string { - return []string{ - // identifiers - "identifier", "property_identifier", "shorthand_property_identifier", "type_identifier", - // datatypes/literals - "template_string", "string_fragment", "number", "null", "true", "false", - } -} - -func (implementation *javascriptImplementation) PatternIsAnchored(node *tree.Node) (bool, bool) { - if node.Type() == "pair" { - return false, false - } - - parent := node.Parent() - if parent == nil { - return true, true - } - - // Class body class_body - // arrow functions statement_block - // function statement_block - // method statement_block - unAnchored := []string{"statement_block", "class_body", "object_pattern", "named_imports"} - - isUnanchored := !slices.Contains(unAnchored, parent.Type()) - return isUnanchored, isUnanchored -} - -func (implementation *javascriptImplementation) IsRootOfRuleQuery(node *tree.Node) bool { - return !(node.Type() == "expression_statement") -} - -func (implementation *javascriptImplementation) PatternNodeTypes(node *tree.Node) []string { - if node.Type() == "statement_block" && node.Parent().Type() == "program" { - if node.NamedChildCount() == 0 { - return []string{"object"} - } else { - return []string{node.Type(), "program"} - } - } - - return []string{node.Type()} -} - -func (*javascriptImplementation) PassthroughNested(node *tree.Node) bool { - if node.Type() != "arguments" { - return false - } - - callNode := node.Parent() - if callNode.Type() != "call_expression" { - return false - } - - functionNode := callNode.ChildByFieldName("function") - - var method string - var wildcardMethod string - switch functionNode.Type() { - case "identifier": - return slices.Contains(passthroughMethods, functionNode.Content()) - case "member_expression": - object := functionNode.ChildByFieldName("object") - if object.Type() == "identifier" { - property := functionNode.ChildByFieldName("property").Content() - method = object.Content() + "." + property - wildcardMethod = "*." + property - } - } - - return slices.Contains(passthroughMethods, method) || slices.Contains(passthroughMethods, wildcardMethod) -} - -func (*javascriptImplementation) ContributesToResult(node *tree.Node) bool { - // Statements don't have results - if strings.HasSuffix(node.Type(), "_statement") { - return false - } - - parent := node.Parent() - if parent == nil { - return true - } - - // Must not be a ternary condition - if parent.Type() == "ternary_expression" && node.Equal(parent.ChildByFieldName("condition")) { - return false - } - - // Not the name part of a declaration - if parent.Type() == "variable_declarator" && node.Equal(parent.ChildByFieldName("name")) { - return false - } - - // Not the left part of an assignment - if parent.Type() == "assignment_expression" && node.Equal(parent.ChildByFieldName("left")) { - return false - } - - return true -} - -func isImportedIdentifier(node *tree.Node) bool { - parent := node.Parent() - if parent == nil { - return false - } - - // import x from "library" - if parent.Type() == "import_clause" { - return true - } - - // import * as x from "library" - if parent.Type() == "namespace_import" { - return true - } - - if parent.Type() != "import_specifier" { - return false - } - - // import { x } from "library" - if parent.ChildByFieldName("alias") == nil { - return true - } - - // import { a as x } from "library" - if node.Equal(parent.ChildByFieldName("alias")) { - return true - } - - return false -} - -func (*javascriptImplementation) FixupPatternVariableDummyValue(input []byte, node *tree.Node, dummyValue string) string { - parent := node.Parent() - if parent == nil { - return dummyValue - } - - if parent.NamedChild(0).Type() == "import_clause" { - return "\"" + dummyValue + "\"" - } - - return dummyValue -} diff --git a/new/language/implementation/ruby/ruby.go b/new/language/implementation/ruby/ruby.go deleted file mode 100644 index f308c431f..000000000 --- a/new/language/implementation/ruby/ruby.go +++ /dev/null @@ -1,357 +0,0 @@ -package ruby - -import ( - "context" - "fmt" - "regexp" - "strings" - - sitter "github.com/smacker/go-tree-sitter" - "github.com/smacker/go-tree-sitter/ruby" - "github.com/ssoroka/slice" - "golang.org/x/exp/slices" - - "github.com/bearer/bearer/new/language/implementation" - patternquerytypes "github.com/bearer/bearer/new/language/patternquery/types" - "github.com/bearer/bearer/new/language/tree" - "github.com/bearer/bearer/pkg/util/regex" -) - -var ( - variableLookupParents = []string{"pair", "argument_list", "interpolation", "array", "binary", "operator_assignment"} - - anonymousPatternNodeParentTypes = []string{"binary"} - patternMatchNodeContainerTypes = []string{"argument_list", "keyword_parameter", "optional_parameter"} - unanchoredPatternNodeTypes = []string{"pair", "keyword_parameter"} - - // $ or $ or $ - patternQueryVariableRegex = regexp.MustCompile(`\$<(?P[^>:!\.]+)(?::(?P[^>]+))?>`) - allowedPatternQueryTypes = []string{"identifier", "constant", "_", "call", "simple_symbol"} - - matchNodeRegex = regexp.MustCompile(`\$`) - - ellipsisRegex = regexp.MustCompile(`\$<\.\.\.>`) - - classPatternErrorRegex = regexp.MustCompile(`\Aclass\s*\z`) - - passthroughMethods = []string{"JSON.parse", "JSON.parse!", "*.to_json"} -) - -type rubyImplementation struct { - implementation.Base -} - -func Get() implementation.Implementation { - return &rubyImplementation{} -} - -func (*rubyImplementation) Name() string { - return "ruby" -} - -func (*rubyImplementation) SitterLanguage() *sitter.Language { - return ruby.GetLanguage() -} - -func (*rubyImplementation) AnalyzeFlow(ctx context.Context, rootNode *tree.Node) error { - scope := implementation.NewScope(nil) - - return rootNode.Walk(func(node *tree.Node, visitChildren func() error) error { - if ctx.Err() != nil { - return ctx.Err() - } - - switch node.Type() { - case "method": - scope = implementation.NewScope(nil) - case "assignment": - left := node.ChildByFieldName("left") - right := node.ChildByFieldName("right") - - if left.Type() == "identifier" { - err := visitChildren() - - scope.Assign(left.Content(), node) - node.UnifyWith(right) - - return err - } - // x += y - case "operator_assignment": - err := visitChildren() - - left := node.ChildByFieldName("left") - if left.Type() == "identifier" { - scope.Assign(left.Content(), node) - } - - return err - case "identifier": - parent := node.Parent() - if parent == nil { - break - } - - if slice.Contains(variableLookupParents, parent.Type()) || - (parent.Type() == "assignment" && node.Equal(parent.ChildByFieldName("right"))) || - (parent.Type() == "call" && node.Equal(parent.ChildByFieldName("receiver"))) || - (parent.Type() == "element_reference" && node.Equal(parent.ChildByFieldName("object"))) { - if scopedNode := scope.Lookup(node.Content()); scopedNode != nil { - node.UnifyWith(scopedNode) - } - } - - if parent.Type() == "method_parameters" || - parent.Type() == "block_parameters" || - (parent.Type() == "keyword_parameter" && node.Equal(parent.ChildByFieldName("name"))) || - (parent.Type() == "optional_parameter" && node.Equal(parent.ChildByFieldName("name"))) { - scope.Declare(node.Content(), node) - } - - if parent.Type() == "argument_list" { - callNode := parent.Parent() - callNode.UnifyWith(node) - } - case "block", "do_block": - previousScope := scope - scope = implementation.NewScope(scope) - err := visitChildren() - scope = previousScope - return err - } - - return visitChildren() - }) -} - -func (*rubyImplementation) ExtractPatternVariables(input string) (string, []patternquerytypes.Variable, error) { - nameIndex := patternQueryVariableRegex.SubexpIndex("name") - typesIndex := patternQueryVariableRegex.SubexpIndex("types") - i := 0 - - var params []patternquerytypes.Variable - - replaced, err := regex.ReplaceAllWithSubmatches(patternQueryVariableRegex, input, func(submatches []string) (string, error) { - nodeTypes := strings.Split(submatches[typesIndex], "|") - if nodeTypes[0] == "" { - nodeTypes = []string{"_"} - } - - for _, nodeType := range nodeTypes { - if !slices.Contains(allowedPatternQueryTypes, nodeType) { - return "", fmt.Errorf("invalid node type '%s' in pattern query", nodeType) - } - } - - dummyValue := produceDummyValue(i, nodeTypes[0]) - - params = append(params, patternquerytypes.Variable{ - Name: submatches[nameIndex], - NodeTypes: nodeTypes, - DummyValue: dummyValue, - }) - - i += 1 - - return dummyValue, nil - }) - - if err != nil { - return "", nil, err - } - - return replaced, params, nil -} - -func (*rubyImplementation) FindPatternMatchNode(input []byte) [][]int { - return matchNodeRegex.FindAllIndex(input, -1) -} - -func (*rubyImplementation) FindPatternUnanchoredPoints(input []byte) [][]int { - return ellipsisRegex.FindAllIndex(input, -1) -} - -func produceDummyValue(i int, nodeType string) string { - return "curioVar" + fmt.Sprint(i) -} - -func (*rubyImplementation) PatternLeafContentTypes() []string { - return []string{ - // identifiers - "identifier", "constant", - // datatypes/literals - "number", "string_content", "integer", "float", "boolean", "nil", "simple_symbol", "hash_key_symbol", - } -} - -func (*rubyImplementation) AnonymousPatternNodeParentTypes() []string { - return anonymousPatternNodeParentTypes -} - -func (*rubyImplementation) PatternMatchNodeContainerTypes() []string { - return patternMatchNodeContainerTypes -} - -func (*rubyImplementation) PatternIsAnchored(node *tree.Node) (bool, bool) { - if slices.Contains(unanchoredPatternNodeTypes, node.Type()) { - return false, false - } - - parent := node.Parent() - if parent == nil { - return true, true - } - - // Class body - if parent.Type() == "class" { - if node.Equal(parent.ChildByFieldName("name")) { - return true, false - } - - return false, false - } - - // Block body - if parent.Type() == "do_block" || parent.Type() == "block" { - if node.Equal(parent.ChildByFieldName("parameters")) { - return true, false - } - - return false, false - } - - // Method body - if parent.Type() == "method" { - if node.Equal(parent.ChildByFieldName("name")) || node.Equal(parent.ChildByFieldName("parameters")) { - return true, false - } - - return false, false - } - - // Conditional body - if parent.Type() == "then" { - return false, false - } - - if (parent.Type() == "if" || parent.Type() == "elsif" || parent.Type() == "unless") && - node.Equal(parent.ChildByFieldName("condition")) { - return true, false - } - - return true, true -} - -func (*rubyImplementation) PatternNodeTypes(node *tree.Node) []string { - parent := node.Parent() - - // Make these equivalent: - // key: value - // :key => value - if parent != nil && - parent.Type() == "pair" && - node.Equal(parent.ChildByFieldName("key")) && - (node.Type() == "hash_key_symbol" || node.Type() == "simple_symbol") { - return []string{"hash_key_symbol", "simple_symbol"} - } - - // Make these equivalent: - // call do ... end - // call { ... } - if node.Type() == "block" || node.Type() == "do_block" { - return []string{"block", "do_block"} - } - - return []string{node.Type()} -} - -func (*rubyImplementation) TranslatePatternContent(fromNodeType, toNodeType, content string) string { - if fromNodeType == "hash_key_symbol" && toNodeType == "simple_symbol" { - return ":" + content - } - - if fromNodeType == "simple_symbol" && toNodeType == "hash_key_symbol" { - return content[1:] - } - - return content -} - -func (*rubyImplementation) PassthroughNested(node *tree.Node) bool { - callNode := node.Parent() - if callNode.Type() != "call" { - return false - } - - receiverNode := callNode.ChildByFieldName("receiver") - - if node.Type() != "arguments_list" && (receiverNode == nil || !node.Equal(receiverNode)) { - return false - } - - var receiverMethod string - var wildcardMethod string - - if receiverNode != nil { - methodName := callNode.ChildByFieldName("method").Content() - - if receiverNode.Type() == "identifier" { - receiverMethod = receiverNode.Content() + "." + methodName - } - - wildcardMethod = "*." + methodName - } - - return slices.Contains(passthroughMethods, receiverMethod) || slices.Contains(passthroughMethods, wildcardMethod) -} - -func (*rubyImplementation) ContributesToResult(node *tree.Node) bool { - parent := node.Parent() - if parent == nil { - return true - } - - // Must not be a condition - if node.Equal(parent.ChildByFieldName("condition")) { - return false - } - - // Must not be a case value - if parent.Type() == "case" && node.Equal(parent.ChildByFieldName("value")) { - return false - } - - // Must not be a case-when pattern - if parent.Type() == "when" && node.Equal(parent.ChildByFieldName("pattern")) { - return false - } - - // Not the left part of an assignment - if parent.Type() == "assignment" && node.Equal(parent.ChildByFieldName("left")) { - return false - } - - // Must be the last expression in an expression block - if slices.Contains([]string{"then", "else"}, parent.Type()) { - if !node.Equal(parent.Child(parent.ChildCount() - 1)) { - return false - } - } - - return true -} - -func (*rubyImplementation) FixupPatternVariableDummyValue(input []byte, node *tree.Node, dummyValue string) string { - for ancestor := node.Parent(); ancestor != nil; ancestor = ancestor.Parent() { - if ancestor.Type() != "ERROR" { - continue - } - - errorPrefix := input[ancestor.StartByte():node.StartByte()] - if classPatternErrorRegex.Match(errorPrefix) { - return strings.ToUpper(string(dummyValue[0])) + dummyValue[1:] - } - } - - return dummyValue -} diff --git a/new/language/language.go b/new/language/language.go deleted file mode 100644 index fe4b16372..000000000 --- a/new/language/language.go +++ /dev/null @@ -1,34 +0,0 @@ -package language - -import ( - "fmt" - - "github.com/bearer/bearer/new/language/base" - "github.com/bearer/bearer/new/language/implementation" - "github.com/bearer/bearer/new/language/implementation/java" - "github.com/bearer/bearer/new/language/implementation/javascript" - "github.com/bearer/bearer/new/language/implementation/ruby" - "github.com/bearer/bearer/new/language/types" -) - -func Get(name string) (types.Language, error) { - implementation, err := getImplementation(name) - if err != nil { - return nil, err - } - - return base.New(implementation), nil -} - -func getImplementation(name string) (implementation.Implementation, error) { - switch name { - case "java": - return java.Get(), nil - case "ruby": - return ruby.Get(), nil - case "javascript": - return javascript.Get(), nil - default: - return nil, fmt.Errorf("unsupported language '%s'", name) - } -} diff --git a/new/language/patternquery/patternquery.go b/new/language/patternquery/patternquery.go deleted file mode 100644 index c850d49d7..000000000 --- a/new/language/patternquery/patternquery.go +++ /dev/null @@ -1,166 +0,0 @@ -package patternquery - -import ( - "fmt" - - "github.com/rs/zerolog/log" - "golang.org/x/exp/slices" - - "github.com/bearer/bearer/new/language/implementation" - "github.com/bearer/bearer/new/language/patternquery/builder" - "github.com/bearer/bearer/new/language/patternquery/types" - "github.com/bearer/bearer/new/language/tree" - languagetypes "github.com/bearer/bearer/new/language/types" -) - -type Query struct { - treeQuery *tree.Query - paramToVariable map[string]string - equalParams [][]string - paramToContent map[string]map[string]string -} - -type RootVariableQuery struct { - variable *types.Variable -} - -func Compile( - lang languagetypes.Language, - langImplementation implementation.Implementation, - querySet *tree.QuerySet, - input string, - focusedVariable string, -) (types.PatternQuery, error) { - builderResult, err := builder.Build(lang, langImplementation, input, focusedVariable) - if err != nil { - return nil, fmt.Errorf("failed to build: %s", err) - } - - if builderResult.RootVariable != nil { - log.Trace().Msgf("single variable pattern %s -> %#v", input, *builderResult.RootVariable) - return &RootVariableQuery{variable: builderResult.RootVariable}, nil - } - - log.Trace().Msgf("compiled pattern %s -> %s", input, builderResult.Query) - - return &Query{ - treeQuery: querySet.Add(builderResult.Query), - paramToVariable: builderResult.ParamToVariable, - equalParams: builderResult.EqualParams, - paramToContent: builderResult.ParamToContent, - }, nil -} - -func (query *Query) MatchAt(node *tree.Node) ([]*languagetypes.PatternQueryResult, error) { - treeResults, err := query.treeQuery.MatchAt(node) - if err != nil { - return nil, err - } - - var results []*languagetypes.PatternQueryResult - - for _, treeResult := range treeResults { - result := query.matchAndTranslateTreeResult(treeResult, node) - if result != nil { - results = append(results, result) - } - } - - return results, nil -} - -func (query *Query) MatchOnceAt(node *tree.Node) (*languagetypes.PatternQueryResult, error) { - treeResult, err := query.treeQuery.MatchOnceAt(node) - if err != nil { - return nil, err - } - - return query.matchAndTranslateTreeResult(treeResult, node), nil -} - -func (query *Query) matchAndTranslateTreeResult(treeResult tree.QueryResult, rootNode *tree.Node) *languagetypes.PatternQueryResult { - if treeResult == nil { - return nil - } - - for _, equalParams := range query.equalParams { - var equalContent []string - for _, equalParam := range equalParams { - if node, exists := treeResult[equalParam]; exists { - equalContent = append(equalContent, node.Content()) - } - } - - if len(equalContent) < 2 { - continue - } - - value := equalContent[0] - for _, content := range equalContent[1:] { - if content != value { - return nil - } - } - } - - for param, typedContent := range query.paramToContent { - node, exists := treeResult[param] - if !exists { - continue - } - - if content, typeMatched := typedContent[node.Type()]; !typeMatched || node.Content() != content { - return nil - } - } - - variables := make(tree.QueryResult) - - for paramName, node := range treeResult { - variableName := query.paramToVariable[paramName] - if variableName != "" { - variables[variableName] = node - } - } - - return &languagetypes.PatternQueryResult{ - MatchNode: treeResult["match"], - Variables: variables, - } -} - -func (query *RootVariableQuery) MatchAt(node *tree.Node) ([]*languagetypes.PatternQueryResult, error) { - if !query.isCompatibleType(node) { - return nil, nil - } - - return []*languagetypes.PatternQueryResult{query.resultFor(node)}, nil -} - -func (query *RootVariableQuery) MatchOnceAt(node *tree.Node) (*languagetypes.PatternQueryResult, error) { - if !query.isCompatibleType(node) { - return nil, nil - } - - return query.resultFor(node), nil -} - -func (query *RootVariableQuery) isCompatibleType(node *tree.Node) bool { - if slices.Contains(query.variable.NodeTypes, "_") { - return true - } - - return slices.Contains(query.variable.NodeTypes, node.Type()) -} - -func (query *RootVariableQuery) resultFor(node *tree.Node) *languagetypes.PatternQueryResult { - variables := make(tree.QueryResult) - variables[query.variable.Name] = node - - return &languagetypes.PatternQueryResult{ - MatchNode: node, - Variables: variables, - } -} - -func (query *RootVariableQuery) Close() {} diff --git a/new/language/patternquery/types/types.go b/new/language/patternquery/types/types.go deleted file mode 100644 index 1bc6aad07..000000000 --- a/new/language/patternquery/types/types.go +++ /dev/null @@ -1,17 +0,0 @@ -package types - -import ( - "github.com/bearer/bearer/new/language/tree" - languagetypes "github.com/bearer/bearer/new/language/types" -) - -type Variable struct { - NodeTypes []string - DummyValue string - Name string -} - -type PatternQuery interface { - MatchAt(node *tree.Node) ([]*languagetypes.PatternQueryResult, error) - MatchOnceAt(node *tree.Node) (*languagetypes.PatternQueryResult, error) -} diff --git a/new/language/tree/node.go b/new/language/tree/node.go deleted file mode 100644 index aa32dac4c..000000000 --- a/new/language/tree/node.go +++ /dev/null @@ -1,211 +0,0 @@ -package tree - -import ( - "fmt" - - sitter "github.com/smacker/go-tree-sitter" -) - -type Node struct { - tree *Tree - sitterNode *sitter.Node -} - -type NodeID *sitter.Node - -func (node *Node) Debug(includeContent bool) string { - content := "" - if includeContent { - content = ":\n" + node.Content() - } - - return fmt.Sprintf( - "%d:%d:%s%s", - node.StartLineNumber(), - node.StartColumnNumber(), - node.Type(), - content, - ) -} - -func (node *Node) ID() NodeID { - return node.sitterNode -} - -func (node *Node) Equal(other *Node) bool { - if other == nil { - return false - } - - return node.sitterNode.Equal(other.sitterNode) -} - -func (node *Node) Type() string { - return node.sitterNode.Type() -} - -func (node *Node) Content() string { - return node.sitterNode.Content(node.tree.input) -} - -func (node *Node) StartByte() int { - return int(node.sitterNode.StartByte()) -} - -func (node *Node) EndByte() int { - return int(node.sitterNode.EndByte()) -} - -func (node *Node) StartLineNumber() int { - return int(node.sitterNode.StartPoint().Row + 1) -} - -func (node *Node) EndLineNumber() int { - return int(node.sitterNode.EndPoint().Row + 1) -} - -func (node *Node) StartColumnNumber() int { - return int(node.sitterNode.StartPoint().Column + 1) -} - -func (node *Node) EndColumnNumber() int { - return int(node.sitterNode.EndPoint().Column + 1) -} - -func (node *Node) Parent() *Node { - return node.tree.wrap(node.sitterNode.Parent()) -} - -func (node *Node) ChildCount() int { - return int(node.sitterNode.ChildCount()) -} - -func (node *Node) NamedChildCount() int { - count := 0 - for i := 0; i < int(node.sitterNode.ChildCount()); i++ { - if node.sitterNode.Child(i).IsNamed() { - count++ - } - } - - return count -} - -func (node *Node) Child(i int) *Node { - return node.tree.wrap(node.sitterNode.Child(i)) -} - -func (node *Node) NamedChild(i int) *Node { - count := 0 - for j := 0; j < int(node.sitterNode.ChildCount()); j++ { - child := node.sitterNode.Child(j) - - if child.IsNamed() { - if count == i { - return node.tree.wrap(child) - } - - count++ - } - } - - return nil -} - -func (node *Node) EachContentPart(onText func(text string) error, onChild func(child *Node) error) error { - n := int(node.sitterNode.ChildCount()) - - start := node.sitterNode.StartByte() - end := start - - emit := func() error { - if end <= start { - return nil - } - - return onText(string(node.tree.input[start:end])) - } - - for i := 0; i < n; i++ { - child := node.sitterNode.Child(i) - end = child.StartByte() - - if err := emit(); err != nil { - return err - } - - if child.IsNamed() { - if err := onChild(node.tree.wrap(child)); err != nil { - return err - } - } - - start = child.EndByte() - end = start - } - - if err := emit(); err != nil { - return err - } - - return nil -} - -func (node *Node) AnonymousChild(i int) *Node { - n := int(node.sitterNode.ChildCount()) - k := 0 - - for j := 0; j < n; j++ { - child := node.sitterNode.Child(j) - if child.IsNamed() { - continue - } - - if k == i { - return node.tree.wrap(child) - } - - k += 1 - } - - return nil -} - -func (node *Node) ChildByFieldName(name string) *Node { - return node.tree.wrap(node.sitterNode.ChildByFieldName(name)) -} - -func (node *Node) IsNamed() bool { - return node.sitterNode.IsNamed() -} - -func (node *Node) IsError() bool { - return node.sitterNode.IsError() -} - -func (node *Node) Walk(visit func(node *Node, visitChildren func() error) error) error { - visitChildren := func() error { - for i := 0; i < node.ChildCount(); i += 1 { - child := node.Child(i) - if !child.IsNamed() { - continue - } - - if err := child.Walk(visit); err != nil { - return err - } - } - - return nil - } - - return visit(node, visitChildren) -} - -func (node *Node) UnifyWith(earlierNode *Node) { - node.tree.unifyNodes(node, earlierNode) -} - -func (node *Node) UnifiedNodes() []*Node { - return node.tree.unifiedNodesFor(node) -} diff --git a/new/language/tree/query.go b/new/language/tree/query.go deleted file mode 100644 index f4e3e37e3..000000000 --- a/new/language/tree/query.go +++ /dev/null @@ -1,193 +0,0 @@ -package tree - -import ( - "errors" - "strings" - "sync" - - sitter "github.com/smacker/go-tree-sitter" -) - -type QuerySet struct { - mu sync.RWMutex - sitterLanguage *sitter.Language - queries []Query - queryByInput map[string]*Query - sitterCursor *sitter.QueryCursor - sitterQuery *sitter.Query -} - -type Query struct { - querySet *QuerySet - id int - input string -} - -type QueryResult map[string]*Node -type NodeResults map[NodeID][]QueryResult -type QuerySetResults map[int]NodeResults - -func NewQuerySet(sitterLanguage *sitter.Language) *QuerySet { - return &QuerySet{ - sitterLanguage: sitterLanguage, - sitterCursor: sitter.NewQueryCursor(), - queryByInput: make(map[string]*Query), - } -} - -func (querySet *QuerySet) Add(input string) *Query { - querySet.mu.Lock() - defer querySet.mu.Unlock() - - if query := querySet.queryByInput[input]; query != nil { - return query - } - - id := len(querySet.queries) - querySet.queries = append(querySet.queries, Query{ - querySet: querySet, - id: id, - input: input, - }) - - querySet.freeSitterQuery() - - query := &querySet.queries[id] - querySet.queryByInput[input] = query - return query -} - -func (querySet *QuerySet) Query(tree *Tree) (QuerySetResults, error) { - querySet.mu.RLock() - defer querySet.mu.RUnlock() - - if querySet.sitterQuery == nil { - return nil, errors.New("query set has not been compiled") - } - - results := querySet.newResults() - querySet.sitterCursor.Exec(querySet.sitterQuery, tree.RootNode().sitterNode) - - for { - match, found := querySet.sitterCursor.NextMatch() - if !found { - break - } - - result := make(QueryResult) - for _, capture := range match.Captures { - result[querySet.sitterQuery.CaptureNameForId(capture.Index)] = tree.wrap(capture.Node) - } - - resultRoot, rootExists := result["root"] - if !rootExists { - return nil, errors.New("missing @root capture in tree sitter query") - } - - matchNode, matchNodeExists := result["match"] - if !matchNodeExists { - matchNode = resultRoot - } - - results.add(int(match.PatternIndex), matchNode.ID(), result) - } - - return results, nil -} - -func (querySet *QuerySet) Compile() error { - querySet.mu.Lock() - defer querySet.mu.Unlock() - - if querySet.sitterQuery != nil { - return nil - } - - var s strings.Builder - - for _, query := range querySet.queries { - s.WriteString(query.input) - s.WriteString("\n") - } - - sitterQuery, err := sitter.NewQuery([]byte(s.String()), querySet.sitterLanguage) - if err != nil { - return err - } - - querySet.sitterQuery = sitterQuery - - return nil -} - -func (querySet *QuerySet) Close() { - querySet.sitterCursor.Close() - querySet.freeSitterQuery() -} - -func (queries *QuerySet) freeSitterQuery() { - if queries.sitterQuery == nil { - return - } - - queries.sitterQuery.Close() - queries.sitterQuery = nil -} - -func (querySet *QuerySet) newResults() QuerySetResults { - results := make(QuerySetResults) - - // make sure all queries are in the map so we don't re-trigger for queries with - // no results - for queryID := range querySet.queries { - results[queryID] = nil - } - - return results -} - -func (query *Query) MatchAt(node *Node) ([]QueryResult, error) { - inCache := false - var nodeCache NodeResults - if node.tree.queryCache != nil { - nodeCache, inCache = node.tree.queryCache[query.id] - } - - if !inCache { - results, err := query.querySet.Query(node.tree) - if err != nil { - return nil, err - } - - node.tree.queryCache = results - nodeCache = results[query.id] - } - - return nodeCache[node.ID()], nil -} - -func (query *Query) MatchOnceAt(node *Node) (QueryResult, error) { - results, err := query.MatchAt(node) - if err != nil { - return nil, err - } - - if len(results) == 0 { - return nil, nil - } - if len(results) > 1 { - return nil, errors.New("query returned more than one result") - } - - return results[0], nil -} - -func (results QuerySetResults) add(queryID int, nodeID NodeID, result QueryResult) { - nodeResults := results[queryID] - if nodeResults == nil { - nodeResults = make(NodeResults) - results[queryID] = nodeResults - } - - nodeResults[nodeID] = append(nodeResults[nodeID], result) -} diff --git a/new/language/tree/tree.go b/new/language/tree/tree.go deleted file mode 100644 index d48126055..000000000 --- a/new/language/tree/tree.go +++ /dev/null @@ -1,71 +0,0 @@ -package tree - -import ( - "context" - - sitter "github.com/smacker/go-tree-sitter" -) - -type Tree struct { - input []byte - sitterTree *sitter.Tree - unifiedNodes map[NodeID][]*Node - queryCache QuerySetResults -} - -func Parse(ctx context.Context, sitterLanguage *sitter.Language, input string) (*Tree, error) { - inputBytes := []byte(input) - - parser := sitter.NewParser() - defer parser.Close() - - parser.SetLanguage(sitterLanguage) - - sitterTree, err := parser.ParseCtx(ctx, nil, inputBytes) - if err != nil { - return nil, err - } - - return &Tree{ - input: inputBytes, - sitterTree: sitterTree, - unifiedNodes: make(map[NodeID][]*Node), - }, nil -} - -func (tree *Tree) RootNode() *Node { - return tree.wrap(tree.sitterTree.RootNode()) -} - -func (tree *Tree) Close() { - tree.sitterTree.Close() -} - -func (tree *Tree) wrap(sitterNode *sitter.Node) *Node { - if sitterNode == nil { - return nil - } - - return &Node{tree: tree, sitterNode: sitterNode} -} - -func (tree *Tree) unifyNodes(laterNode *Node, earlierNode *Node) { - if laterNode.Equal(earlierNode) { - return - } - - existingUnifiedNodes := tree.unifiedNodes[laterNode.ID()] - - for _, other := range existingUnifiedNodes { - if other.Equal(earlierNode) { - // already unified - return - } - } - - tree.unifiedNodes[laterNode.ID()] = append(existingUnifiedNodes, earlierNode) -} - -func (tree *Tree) unifiedNodesFor(node *Node) []*Node { - return tree.unifiedNodes[node.ID()] -} diff --git a/new/language/types/types.go b/new/language/types/types.go deleted file mode 100644 index 5bd0203c2..000000000 --- a/new/language/types/types.go +++ /dev/null @@ -1,23 +0,0 @@ -package types - -import ( - "context" - - "github.com/bearer/bearer/new/language/tree" -) - -type PatternQueryResult struct { - MatchNode *tree.Node - Variables tree.QueryResult -} - -type PatternQuery interface { - MatchAt(node *tree.Node) ([]*PatternQueryResult, error) - MatchOnceAt(node *tree.Node) (*PatternQueryResult, error) -} - -type Language interface { - Parse(ctx context.Context, input string) (*tree.Tree, error) - NewQuerySet() *tree.QuerySet - CompilePatternQuery(querySet *tree.QuerySet, input, focusedVariable string) (PatternQuery, error) -} diff --git a/new/scanner/scanner.go b/new/scanner/scanner.go deleted file mode 100644 index c816aa560..000000000 --- a/new/scanner/scanner.go +++ /dev/null @@ -1,79 +0,0 @@ -package scanner - -import ( - "context" - "fmt" - - "github.com/bearer/bearer/new/detector/composition" - "github.com/bearer/bearer/new/detector/composition/java" - "github.com/bearer/bearer/new/detector/composition/javascript" - "github.com/bearer/bearer/new/detector/composition/ruby" - "github.com/bearer/bearer/new/detector/evaluator/stats" - "github.com/bearer/bearer/new/detector/types" - "github.com/bearer/bearer/pkg/classification" - "github.com/bearer/bearer/pkg/commands/process/settings" - "github.com/bearer/bearer/pkg/report" - "github.com/bearer/bearer/pkg/util/file" -) - -type language struct { - name string - composition types.Composition -} - -type scannerType []language - -var scanner scannerType - -func Close() { - for _, language := range scanner { - language.composition.Close() - } -} - -func Setup(config *settings.Config, classifier *classification.Classifier) (err error) { - var toInstantiate = []struct { - constructor func(map[string]*settings.Rule, *classification.Classifier) (types.Composition, error) - name string - }{ - { - constructor: ruby.New, - name: "ruby", - }, - { - constructor: javascript.New, - name: "javascript", - }, - { - constructor: java.New, - name: "java", - }, - } - - for _, instantiatior := range toInstantiate { - composition, err := instantiatior.constructor(config.Rules, classifier) - if err != nil { - return fmt.Errorf("failed to instantiate composition %s:%s", instantiatior.name, err) - } - - scanner = append(scanner, language{ - name: instantiatior.name, - composition: composition, - }) - } - - return err -} - -func Detect(ctx context.Context, report report.Report, fileStats *stats.FileStats, file *file.FileInfo) error { - for _, language := range scanner { - detections, err := language.composition.DetectFromFile(ctx, fileStats, file) - if err != nil { - return fmt.Errorf("%s failed to detect in file %s: %s", language.name, file.AbsolutePath, err) - } - - composition.ReportDetections(report, file, detections) - } - - return nil -} diff --git a/pkg/classification/schema/fixtures/go.json b/pkg/classification/schema/fixtures/go.json deleted file mode 100644 index f6c931326..000000000 --- a/pkg/classification/schema/fixtures/go.json +++ /dev/null @@ -1 +0,0 @@ -[{"name":"walletServiceTransactionNotificationsServer","filename":"rpc/walletrpc/api.pb.go","detector_type":"Go","properties":[{"name":"Send","type":"function"}]},{"name":"walletServiceTransactionNotificationsClient","filename":"rpc/walletrpc/api.pb.go","detector_type":"Go","properties":[{"name":"Recv","type":"function"}]},{"name":"walletServiceSpentnessNotificationsServer","filename":"rpc/walletrpc/api.pb.go","detector_type":"Go","properties":[{"name":"Send","type":"function"}]},{"name":"walletServiceSpentnessNotificationsClient","filename":"rpc/walletrpc/api.pb.go","detector_type":"Go","properties":[{"name":"Recv","type":"function"}]},{"name":"walletServiceClient","filename":"rpc/walletrpc/api.pb.go","detector_type":"Go","properties":[{"name":"cc","type":"object"},{"name":"Ping","type":"function"},{"name":"Network","type":"function"},{"name":"AccountNumber","type":"function"},{"name":"Accounts","type":"function"},{"name":"Balance","type":"function"},{"name":"GetTransactions","type":"function"},{"name":"TransactionNotifications","type":"function"},{"name":"SpentnessNotifications","type":"function"},{"name":"AccountNotifications","type":"function"},{"name":"ChangePassphrase","type":"function"},{"name":"RenameAccount","type":"function"},{"name":"NextAccount","type":"function"},{"name":"NextAddress","type":"function","data_type_info":"Physical Address","state":"valid","reason":"known_pattern","false_positive":false},{"name":"ImportPrivateKey","type":"function"},{"name":"FundTransaction","type":"function"},{"name":"SignTransaction","type":"function"},{"name":"PublishTransaction","type":"function"}],"state":"valid"},{"name":"walletServiceAccountNotificationsServer","filename":"rpc/walletrpc/api.pb.go","detector_type":"Go","properties":[{"name":"Send","type":"function"}]},{"name":"walletServiceAccountNotificationsClient","filename":"rpc/walletrpc/api.pb.go","detector_type":"Go","properties":[{"name":"Recv","type":"function"}]},{"name":"walletServer","filename":"rpc/rpcserver/server.go","detector_type":"Go","properties":[{"name":"wallet","type":"object"},{"name":"Ping","type":"function"},{"name":"Network","type":"function"},{"name":"BankAccountNumber","type":"function","data_type_info":"Bank Account","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Accounts","type":"function"},{"name":"PaymentAccountNumber","type":"function","data_type_info":"Transactions","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"NextAccount","type":"function"},{"name":"NextAddress","type":"function","data_type_info":"Physical Address","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"CreditRecords","type":"function","data_type_info":"Credit Records","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Balance","type":"function"},{"name":"FundTransaction","type":"function"},{"name":"GetTransactions","type":"function"},{"name":"ChangePassphrase","type":"function"},{"name":"SignTransaction","type":"function"},{"name":"PublishTransaction","type":"function"},{"name":"TransactionNotifications","type":"function"},{"name":"SpentnessNotifications","type":"function"},{"name":"AccountNotifications","type":"function"}],"state":"valid"},{"name":"user","filename":"pkg/importer/instapaper/instapaper.go","detector_type":"Go","properties":[{"name":"UserId","type":"number","data_type_info":"User","state":"valid","reason":"valid_object_and_db_identifier","false_positive":false},{"name":"Username","type":"string","data_type_info":"Username","state":"valid","reason":"known_pattern","false_positive":false},{"name":"palceOfBirth","type":"string"},{"name":"FirstName","type":"string","data_type_info":"Firstname","state":"valid","reason":"known_pattern","false_positive":false},{"name":"LastName","type":"string","data_type_info":"Lastname","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Photo","type":"object"},{"name":"dob","type":"function","data_type_info":"Date of birth","state":"valid","reason":"known_pattern","false_positive":false},{"name":"likes","type":"number","data_type_info":"Likes","state":"valid","reason":"known_pattern","false_positive":false},{"name":"dislikes","type":"number"},{"name":"name","type":"string","data_type_info":"Fullname","state":"valid","reason":"known_pattern","false_positive":false}],"state":"valid"},{"name":"walker","filename":"setup/mscs/msc2836/msc2836.go","detector_type":"Go","properties":[{"name":"ctx","type":"object"},{"name":"req","type":"object"},{"name":"db","type":"object"},{"name":"fn","type":"object"},{"name":"WalkFrom","type":"function"},{"name":"addChildren","type":"function"},{"name":"nextChild","type":"function"},{"name":"childrenForParent","type":"function"},{"name":"rootRoomID","type":"string"},{"name":"caller","type":"object"},{"name":"serverName","type":"object"},{"name":"thisServer","type":"object"},{"name":"callLogs","type":"object","data_type_info":"Call Logs","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"fsAPI","type":"object"},{"name":"cache","type":"object"},{"name":"suggestedOnly","type":"boolean"},{"name":"limit","type":"number"},{"name":"maxDepth","type":"number"},{"name":"paginationToken","type":"string"},{"name":"paginationCache","type":"object"},{"name":"mu","type":"object"},{"name":"newPaginationCache","type":"function"},{"name":"loadPaginationCache","type":"function"},{"name":"storePaginationCache","type":"function"},{"name":"walk","type":"function"},{"name":"stateEvent","type":"function"},{"name":"publicRoomsChunk","type":"function"},{"name":"federatedRoomInfo","type":"function"},{"name":"roomExists","type":"function"},{"name":"authorised","type":"function"},{"name":"authorisedServer","type":"function"},{"name":"authorisedUser","type":"function"},{"name":"restrictedJoinRuleAllowedRooms","type":"function"},{"name":"childReferences","type":"function"}],"state":"valid"},{"name":"vxlanDeviceAttrs","filename":"vendor/github.com/coreos/flannel/backend/vxlan/device.go","detector_type":"Go","properties":[{"name":"vni","type":"number"},{"name":"userId","type":"string","data_type_info":"User","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"vtepIndex","type":"number"},{"name":"vtepAddr","type":"object"},{"name":"vtepPort","type":"number"},{"name":"gbp","type":"boolean"},{"name":"device_id","type":"string"},{"name":"ip_address","type":"object"}],"data_type_info":"Device","state":"valid","reason":"known_data_object","false_positive":false},{"name":"visitDocumentCtx","filename":"vendor/github.com/blevesearch/zapx/v11/segment.go","detector_type":"Go","properties":[{"name":"buf","type":"object"},{"name":"reader","type":"object"},{"name":"arrayPos","type":"object"},{"name":"readerId","type":"object","data_type_info":"Reader","state":"valid","reason":"known_database_identifier","false_positive":false}],"state":"valid"},{"name":"userClaims","filename":"enterprise/cmd/frontend/internal/auth/openidconnect/middleware.go","detector_type":"Go","properties":[{"name":"Family","type":"string","data_type_info":"Family Structure","state":"valid","reason":"known_pattern","false_positive":false},{"name":"GivenName","type":"string","data_type_info":"Firstname","state":"valid","reason":"known_pattern","false_positive":false},{"name":"FamilyName","type":"string"},{"name":"PreferredUsername","type":"string","data_type_info":"Username","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Picture","type":"string","data_type_info":"Image","state":"valid","reason":"known_pattern","false_positive":false},{"name":"EmailVerified","type":"boolean"}],"state":"valid"},{"name":"userFavorite","filename":"tools/resetdb/datagen.go","detector_type":"Go","properties":[{"name":"UserID","type":"string","data_type_info":"User","state":"valid","reason":"valid_object_and_db_identifier","false_positive":false},{"name":"FavoriteFood","type":"object","data_type_info":"Favorite Foods","state":"valid","reason":"known_pattern","false_positive":false}],"state":"valid"},{"name":"validateOpUpdateFindingsFilter","filename":"service/macie2/validators.go","detector_type":"Go","properties":[{"name":"HandleInitialize","type":"function"}]},{"name":"validateOpUpdateFindingsFeedback","filename":"service/guardduty/validators.go","detector_type":"Go","properties":[{"name":"UserID","type":"function","data_type_info":"User","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"HandleInitialize","type":"function"}],"data_type_info":"Feedback","state":"valid","reason":"known_data_object","false_positive":false},{"name":"validateOpUpdateFindings","filename":"service/accessanalyzer/validators.go","detector_type":"Go","properties":[{"name":"ID","type":"function"},{"name":"HandleInitialize","type":"function"}]},{"name":"twitterUser","filename":"datasources/twitter/models.go","detector_type":"Go","properties":[{"name":"ContributorsEnabled","type":"boolean"},{"name":"CreatedAt","type":"string"},{"name":"DefaultProfile","type":"boolean"},{"name":"DefaultProfileImage","type":"boolean"},{"name":"Description","type":"string"},{"name":"Entities","type":"object"},{"name":"FavouritesCount","type":"number"},{"name":"FollowersCount","type":"number"},{"name":"Following","type":"object","data_type_info":"Interests","state":"valid","reason":"known_pattern","false_positive":false},{"name":"FollowRequestSent","type":"object"},{"name":"FriendsCount","type":"number","data_type_info":"Friends","state":"valid","reason":"known_pattern","false_positive":false},{"name":"GeoEnabled","type":"boolean"},{"name":"Accent","type":"boolean"},{"name":"IsTranslationEnabled","type":"boolean"},{"name":"IsTranslator","type":"boolean"},{"name":"Lang","type":"string"},{"name":"ListedCount","type":"number"},{"name":"Location","type":"string","data_type_info":"Geographic","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Name","type":"string","data_type_info":"Fullname","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Notifications","type":"object"},{"name":"ProfileBackgroundColor","type":"string"},{"name":"ProfileBackgroundImageURL","type":"string"},{"name":"ProfileBackgroundImageURLHTTPS","type":"string"},{"name":"ProfileBackgroundTile","type":"boolean"},{"name":"ProfileBannerURL","type":"string"},{"name":"ProfileImageURL","type":"string"},{"name":"ProfileImageURLHTTPS","type":"string"},{"name":"ProfileLinkColor","type":"string"},{"name":"ProfileSidebarBorderColor","type":"string"},{"name":"Membership","type":"string","data_type_info":"Group Membership","state":"valid","reason":"known_pattern","false_positive":false},{"name":"ProfileTextColor","type":"string"},{"name":"ProfileUseBackgroundImage","type":"boolean"},{"name":"Reputation","type":"boolean"},{"name":"ScreenName","type":"string"},{"name":"SocialStatus","type":"number","data_type_info":"Social Status","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Longitude","type":"object","data_type_info":"Geographic","state":"valid","reason":"known_pattern","false_positive":false},{"name":"TranslatorType","type":"string"},{"name":"URL","type":"string"},{"name":"UserID","type":"object","data_type_info":"User","state":"valid","reason":"valid_object_and_db_identifier","false_positive":false},{"name":"UserIDStr","type":"string","data_type_info":"Unique Identifier","state":"valid","reason":"known_pattern","false_positive":false},{"name":"GenderIdentity","type":"object","data_type_info":"Gender identity","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Verified","type":"boolean"}],"state":"valid"},{"name":"topoResult","filename":"admin/topology/topology.go","detector_type":"Go","properties":[{"name":"IsExist","type":"boolean"},{"name":"UUID","type":"string"},{"name":"Route","type":"string"},{"name":"IDNum","type":"number","data_type_info":"ID Number","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"AllNodes","type":"object"}],"state":"valid"},{"name":"Identification","filename":"pkg/gateway/wallet.go","detector_type":"Go","properties":[{"name":"CreateUserStore","type":"function"},{"name":"UserId","type":"function","data_type_info":"User","state":"valid","reason":"known_database_identifier","false_positive":false}],"data_type_info":"Identification","state":"valid","reason":"known_data_object","false_positive":false},{"name":"verificationRequest","filename":"internal/controllers/verification.go","detector_type":"Go","properties":[{"name":"Recaptcha","type":"string"},{"name":"Email","type":"string","data_type_info":"Email Address","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Interactions","type":"string","data_type_info":"Interactions","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Username","type":"string","data_type_info":"Username","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Password","type":"string","data_type_info":"Passwords","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Intentions","type":"string","data_type_info":"Intentions","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"SessionSecret","type":"string"}],"state":"valid"},{"name":"verificationImpl","filename":"internal/controllers/verification.go","detector_type":"Go","properties":[{"name":"Interests","type":"function"},{"name":"verify","type":"function"}]},{"name":"vulncheck","filename":"cmd/govim/internal/golang_org_x_tools/lsp/cmd/vulncheck.go","detector_type":"Go","properties":[{"name":"app","type":"object"},{"name":"Name","type":"function","data_type_info":"Fullname","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Parent","type":"function"},{"name":"Interview","type":"function","data_type_info":"Interviews","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"ShortHelp","type":"function"},{"name":"DetailedHelp","type":"function"},{"name":"Run","type":"function"}],"state":"valid"},{"name":"validateOpUntagResource","filename":"service/iot1clickdevicesservice/validators.go","detector_type":"Go","properties":[{"name":"ID","type":"function"},{"name":"ClicksTracking","type":"function","data_type_info":"Links clicked","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"HandleInitialize","type":"function"}],"state":"valid"},{"name":"vxlanDevice","filename":"vendor/github.com/coreos/flannel/backend/vxlan/device.go","detector_type":"Go","properties":[{"name":"link","type":"object"},{"name":"directRouting","type":"boolean"},{"name":"Configure","type":"function"},{"name":"MACAddr","type":"function"},{"name":"AddFDB","type":"function"},{"name":"DelFDB","type":"function"},{"name":"AddARP","type":"function"},{"name":"DelARP","type":"function"},{"name":"macPrefix","type":"string"},{"name":"AddEndpoint","type":"function"},{"name":"DelEndpoint","type":"function"},{"name":"ConjureMac","type":"function"}]},{"name":"vrfMessage","filename":"hare/eligibility/oracle.go","detector_type":"Go","properties":[{"name":"Beacon","type":"object"},{"name":"ReceiverId","type":"number","data_type_info":"Receiver","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"Layer","type":"object"},{"name":"Epoch","type":"object"},{"name":"Counter","type":"number"}],"data_type_info":"Message","state":"valid","reason":"known_data_object","false_positive":false},{"name":"updateReq","filename":"pkg/api/user/transport/http.go","detector_type":"Go","properties":[{"name":"ID","type":"number"},{"name":"FirstName","type":"string","data_type_info":"Firstname","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"LastName","type":"string","data_type_info":"Lastname","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Mobile","type":"string","data_type_info":"Telephone Number","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"NationalOrigin","type":"string","data_type_info":"National origin","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Race","type":"string","data_type_info":"Race","state":"valid","reason":"valid_extended_pattern","false_positive":false}],"state":"valid"},{"name":"validateOpGetBucketRequestPayment","filename":"service/s3/validators.go","detector_type":"Go","properties":[{"name":"PayeeID","type":"function","data_type_info":"Payee","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"HandleInitialize","type":"function"}],"state":"valid"},{"name":"validateOpPostCommentReply","filename":"service/codecommit/validators.go","detector_type":"Go","properties":[{"name":"AccountID","type":"function"},{"name":"HandleInitialize","type":"function"}]},{"name":"reviewRequest","filename":"pkg/webhook/policy.go","detector_type":"Go","properties":[{"name":"validateModifySet","type":"function"},{"name":"profileId","type":"function","data_type_info":"Profile","state":"valid","reason":"known_database_identifier","false_positive":false}],"data_type_info":"Review","state":"valid","reason":"known_data_object","false_positive":false},{"name":"variadic","filename":"internal/api/signature.go","detector_type":"Go","properties":[{"name":"name","type":"string"},{"name":"ParameterList","type":"function"},{"name":"Arguments","type":"function"},{"name":"ParameterName","type":"function"},{"name":"Signature","type":"function"},{"name":"Length","type":"function"}]},{"name":"waitingSubscription","filename":"pkg/scheduler/framework/runtime/waiting_susbcriptions_map.go","detector_type":"Go","properties":[{"name":"SubscriberId","type":"function","data_type_info":"Subscriber","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"Reject","type":"function"}],"data_type_info":"Subscription","state":"valid","reason":"known_data_object","false_positive":false},{"name":"validateOpUpdateConfigurationSetTrackingOptions","filename":"service/ses/validators.go","detector_type":"Go","properties":[{"name":"OwnerID","type":"function","data_type_info":"Owner","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"HandleInitialize","type":"function"}],"data_type_info":"Tracking","state":"valid","reason":"known_data_object","false_positive":false},{"name":"userNetworkState","filename":"orc8r/cloud/go/services/analytics/calculations/user_state.go","detector_type":"Go","properties":[{"name":"WorkHistory","type":"number","data_type_info":"Work History","state":"valid","reason":"known_pattern","false_positive":false},{"name":"username","type":"object","data_type_info":"Username","state":"valid","reason":"known_pattern","false_positive":false}],"state":"valid"},{"name":"translationServiceClient","filename":"vendor/google.golang.org/genproto/googleapis/cloud/translate/v3/translation_service.pb.go","detector_type":"Go","properties":[{"name":"cc","type":"object"},{"name":"TranslateText","type":"function"},{"name":"DetectLanguage","type":"function","data_type_info":"Language","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Languages","type":"function"},{"name":"Accentt","type":"function"},{"name":"CreateGlossary","type":"function"},{"name":"ListGlossaries","type":"function"},{"name":"GetGlossary","type":"function"},{"name":"DeleteGlossary","type":"function"}],"state":"valid"},{"name":"viewOauthSignupVars","filename":"oauth_signup.go","detector_type":"Go","properties":[{"name":"To","type":"string"},{"name":"Message","type":"object"},{"name":"Flashes","type":"object"},{"name":"AccessToken","type":"string","data_type_info":"Access Token","state":"valid","reason":"known_pattern","false_positive":false},{"name":"TokenUsername","type":"string","data_type_info":"Username","state":"valid","reason":"known_pattern","false_positive":false},{"name":"TokenAlias","type":"string"},{"name":"Email","type":"string","data_type_info":"Email Address","state":"valid","reason":"known_pattern","false_positive":false},{"name":"TokenRemoteUser","type":"string"},{"name":"Provider","type":"string"},{"name":"ClientID","type":"string","data_type_info":"Client","state":"valid","reason":"valid_object_and_db_identifier","false_positive":false},{"name":"TokenHash","type":"string"},{"name":"InviteCode","type":"string"},{"name":"Username","type":"string","data_type_info":"Username","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Login","type":"string"}],"state":"valid"},{"name":"userResolver","filename":"codegen/testserver/followschema/resolver.go","detector_type":"Go","properties":[{"name":"Friends","type":"function","data_type_info":"Friends","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Pets","type":"function"},{"name":"Acquaintances","type":"function","data_type_info":"Acquaintances","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Likes","type":"function","data_type_info":"Likes","state":"valid","reason":"known_pattern","false_positive":false}],"state":"valid"},{"name":"userDetailResp","filename":"pkg/easywework/user_info_api.go","detector_type":"Go","properties":[{"name":"UserID","type":"string","data_type_info":"User","state":"valid","reason":"valid_object_and_db_identifier","false_positive":false},{"name":"Name","type":"string","data_type_info":"Fullname","state":"valid","reason":"known_pattern","false_positive":false},{"name":"DeptIDs","type":"object"},{"name":"Age","type":"object","data_type_info":"Age Range","state":"valid","reason":"known_pattern","false_positive":false},{"name":"IsLeaderInDept","type":"object"},{"name":"Position","type":"string"},{"name":"Mobile","type":"string","data_type_info":"Telephone Number","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Gender","type":"string","data_type_info":"Gender","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Email","type":"string","data_type_info":"Email Address","state":"valid","reason":"known_pattern","false_positive":false},{"name":"AvatarURL","type":"string","data_type_info":"Image","state":"valid","reason":"known_pattern","false_positive":false},{"name":"TelephoneNumber","type":"string","data_type_info":"Telephone Number","state":"valid","reason":"known_pattern","false_positive":false},{"name":"IsEnabled","type":"number"},{"name":"Alias","type":"string"},{"name":"Status","type":"number"},{"name":"QRCodeURL","type":"string"},{"name":"Extattr","type":"object"}],"state":"valid"},{"name":"GetAmount","filename":"wallet/wallet_store.go","detector_type":"Go","properties":[{"name":"SetFeeAm","type":"function"},{"name":"GetFeeAm","type":"function"},{"name":"PayerId","type":"function","data_type_info":"Payer","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"GetWallet","type":"function"}],"data_type_info":"Amount","state":"valid","reason":"known_data_object","false_positive":false},{"name":"userResponse","filename":"api/user.go","detector_type":"Go","properties":[{"name":"Username","type":"string","data_type_info":"Username","state":"valid","reason":"known_pattern","false_positive":false},{"name":"FullName","type":"string","data_type_info":"Fullname","state":"valid","reason":"known_pattern","false_positive":false},{"name":"Email","type":"string","data_type_info":"Email Address","state":"valid","reason":"known_pattern","false_positive":false},{"name":"PasswordChangedAt","type":"date"},{"name":"BankAccount","type":"date","data_type_info":"Bank Account","state":"valid","reason":"known_pattern","false_positive":false}],"state":"valid"},{"name":"BankTransfer","filename":"core/service/impl/2.wallet_service.go","detector_type":"Go","properties":[{"name":"_repo","type":"object"},{"name":"CreateWallet","type":"function"},{"name":"AccountId","type":"function"},{"name":"GetWallet","type":"function"},{"name":"GetWalletByCode","type":"function"},{"name":"GetWalletLog","type":"function"}]},{"name":"triggerBehaviourResult","filename":"triggers.go","detector_type":"Go","properties":[{"name":"Handler","type":"object"},{"name":"UnmetGuardConditions","type":"object"}]},{"name":"vmContext","filename":"vm/systemSmartContracts/eei.go","detector_type":"Go","properties":[{"name":"blockChainHook","type":"object"},{"name":"cryptoHook","type":"object"},{"name":"validatorAccountsDB","type":"object"},{"name":"systemContracts","type":"object"},{"name":"inputParser","type":"object"},{"name":"chanceComputer","type":"object"},{"name":"scAddress","type":"object","data_type_info":"Physical Address","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"storageUpdate","type":"object"},{"name":"outputAccounts","type":"object"},{"name":"gasRemaining","type":"number"},{"name":"returnMessage","type":"string"},{"name":"output","type":"object"},{"name":"CallLogs","type":"object","data_type_info":"Call Logs","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"SetSystemSCContainer","type":"function"},{"name":"GetContract","type":"function"},{"name":"GetStorage","type":"function"},{"name":"SetStorage","type":"function"},{"name":"GetBalance","type":"function"},{"name":"SendGlobalSettingToAll","type":"function"},{"name":"Transfer","type":"function"},{"name":"copyToNewContext","type":"function"},{"name":"mergeContext","type":"function"},{"name":"createContractCallInput","type":"function"},{"name":"DeploySystemSC","type":"function"},{"name":"addContractDeployToOutput","type":"function"},{"name":"ExecuteOnDestContext","type":"function"},{"name":"Finish","type":"function"},{"name":"AddReturnMessage","type":"function"},{"name":"AddLogEntry","type":"function"},{"name":"BlockChainHook","type":"function"},{"name":"CryptoHook","type":"function"},{"name":"CleanCache","type":"function"},{"name":"SetGasProvided","type":"function"},{"name":"UseGas","type":"function"},{"name":"GasLeft","type":"function"},{"name":"softCleanCache","type":"function"},{"name":"CreateVMOutput","type":"function"},{"name":"SetSCAddress","type":"function","data_type_info":"Physical Address","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"AddCode","type":"function"},{"name":"AddTxValueToSmartContract","type":"function"},{"name":"IsValidator","type":"function"},{"name":"StatusFromValidatorStatistics","type":"function"},{"name":"CanUnJail","type":"function"},{"name":"IsBadRating","type":"function"},{"name":"CleanStorageUpdates","type":"function"},{"name":"IsInterfaceNil","type":"function"}],"state":"valid"},{"name":"vehicleServiceClient","filename":"googleapis/maps/fleetengine/v1/vehicle_api.pb.go","detector_type":"Go","properties":[{"name":"cars","type":"object","data_type_info":"Cars","state":"valid","reason":"known_pattern","false_positive":false},{"name":"CreateVehicle","type":"function"},{"name":"GetVehicle","type":"function"},{"name":"UpdateVehicle","type":"function"},{"name":"UpdateVehicleLocation","type":"function","data_type_info":"Geographic","state":"valid","reason":"known_pattern","false_positive":false},{"name":"VehicleRegistrationNumber","type":"function","data_type_info":"Vehicle registration number","state":"valid","reason":"known_pattern","false_positive":false},{"name":"ListVehicles","type":"function"},{"name":"SearchVehicles","type":"function"},{"name":"SearchFuzzedVehicles","type":"function"}],"state":"valid"},{"name":"wCartQuickSkuJdo","filename":"core/domain/cart/wholesale_cart.go","detector_type":"Go","properties":[{"name":"CustomerId","type":"number","data_type_info":"Customer","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"SkuId","type":"number"},{"name":"ItemName","type":"string"},{"name":"SkuCode","type":"string"},{"name":"SkuImage","type":"string"},{"name":"SpecWord","type":"string"},{"name":"Quantity","type":"number"},{"name":"Price","type":"number"}],"data_type_info":"Cart","state":"valid","reason":"known_data_object","false_positive":false},{"name":"click","filename":"service/iot1clickprojects/validators.go","detector_type":"Go","properties":[{"name":"userID","type":"function","data_type_info":"User","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"HandleInitialize","type":"function"}],"data_type_info":"Click","state":"valid","reason":"known_data_object","false_positive":false},{"name":"CommentGetter","type":"object","filename":"pkg/sql/schemachanger/scdecomp/decomp.go","detector_type":"Go","state":"invalid","properties":[]},{"name":"volumesnapshotcontentGetter","filename":"pkg/models/resources/v1alpha3/volumesnapshotcontent/volumesnapshotcontent.go","detector_type":"Go","properties":[{"name":"informers","type":"object"},{"name":"Get","type":"function"},{"name":"List","type":"function"},{"name":"compare","type":"function"},{"name":"ShopperId","type":"function","data_type_info":"Shopper","state":"valid","reason":"known_database_identifier","false_positive":false}],"state":"valid"},{"name":"validateOpStartConversation","filename":"service/lexruntimev2/validators.go","detector_type":"Go","properties":[{"name":"USER_ID","type":"function","data_type_info":"User","state":"valid","reason":"known_database_identifier","false_positive":false},{"name":"HandleInitialize","type":"function"}],"data_type_info":"Conversation","state":"valid","reason":"known_data_object","false_positive":false},{"name":"venueLocationItem","filename":"pkg/importer/swarm/api.go","detector_type":"Go","properties":[{"name":"Address","type":"string"},{"name":"City","type":"string"},{"name":"PostalCode","type":"string"},{"name":"State","type":"string"},{"name":"Country","type":"string"},{"name":"Lat","type":"number"},{"name":"Lng","type":"number"}]},{"name":"venueItem","filename":"pkg/importer/swarm/api.go","detector_type":"Go","properties":[{"name":"Id","type":"string"},{"name":"Name","type":"string"},{"name":"Location","type":"object"},{"name":"Categories","type":"object"},{"name":"primaryCategory","type":"function"},{"name":"icon","type":"function"}]},{"name":"venueCategory","filename":"pkg/importer/swarm/api.go","detector_type":"Go","properties":[{"name":"Primary","type":"boolean"},{"name":"Name","type":"string"},{"name":"Icon","type":"object"}]},{"name":"verifyCredentialsResp","filename":"builtin/credential/github/path_login.go","detector_type":"Go","properties":[{"name":"UserId","type":"object","data_type_info":"User","state":"valid","reason":"valid_object_and_db_identifier","false_positive":false},{"name":"Org","type":"object"},{"name":"Policies","type":"object"},{"name":"TeamNames","type":"object"},{"name":"Warnings","type":"object"},{"name":"Config","type":"object"}],"state":"valid"},{"name":"wallet","filename":"design-pattern/structual/facade/facade.go","detector_type":"Go","properties":[{"name":"balance","type":"number"},{"name":"creditRemaining","type":"function"},{"name":"debitBalance","type":"function"}]},{"name":"trading","filename":"tools/executiontester/blockchain/trading.go","detector_type":"Go","properties":[{"name":"kyber","type":"string"},{"name":"kyberProxy","type":"string"},{"name":"reserve","type":"string"},{"name":"creditTotal","type":"string","data_type_info":"Credit","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"expectedRate","type":"string"},{"name":"conversionRate","type":"string"},{"name":"eapStorage","type":"string"},{"name":"fpManage","type":"string"},{"name":"stbToken","type":"string"},{"name":"CreateReserve","type":"function"},{"name":"CreditCapacity","type":"function","data_type_info":"Credit Capacity","state":"valid","reason":"valid_extended_pattern","false_positive":false},{"name":"Start","type":"function"},{"name":"QuoteRate","type":"function"},{"name":"Trade","type":"function"},{"name":"SetTrading","type":"function"},{"name":"SetTradingProxy","type":"function"},{"name":"SetExpectedRate","type":"function"},{"name":"SetEapStorage","type":"function"},{"name":"SetFpManage","type":"function"},{"name":"SetStableToken","type":"function"}],"state":"valid"}] \ No newline at end of file diff --git a/pkg/detectors/ipynb/testdata/.DS_Store b/pkg/detectors/ipynb/testdata/.DS_Store deleted file mode 100644 index 3044d3ec7..000000000 Binary files a/pkg/detectors/ipynb/testdata/.DS_Store and /dev/null differ diff --git a/pkg/parser/interfaces/.DS_Store b/pkg/parser/interfaces/.DS_Store deleted file mode 100644 index 697154ba7..000000000 Binary files a/pkg/parser/interfaces/.DS_Store and /dev/null differ diff --git a/pkg/report/schema/schemahelper/schemahelper.go b/pkg/report/schema/schemahelper/schemahelper.go deleted file mode 100644 index c3a7ebd21..000000000 --- a/pkg/report/schema/schemahelper/schemahelper.go +++ /dev/null @@ -1,11 +0,0 @@ -package schemahelper - -import ( - "github.com/bearer/bearer/pkg/report/schema" - "github.com/bearer/bearer/pkg/report/source" -) - -type Schema struct { - Source source.Source - Value schema.Schema -} diff --git a/pkg/scanner/scan.go b/pkg/scanner/scan.go deleted file mode 100644 index e38449afa..000000000 --- a/pkg/scanner/scan.go +++ /dev/null @@ -1,40 +0,0 @@ -package scanner - -import ( - "context" - "fmt" - "os" - - "github.com/bearer/bearer/new/detector/evaluator/stats" - classification "github.com/bearer/bearer/pkg/classification" - "github.com/bearer/bearer/pkg/detectors" - "github.com/bearer/bearer/pkg/report/writer" -) - -func Scan( - ctx context.Context, - rootDir string, - filename string, - outputPath string, - classifier *classification.Classifier, - fileStats *stats.FileStats, - scanners []string, -) error { - file, err := os.OpenFile(outputPath, os.O_RDWR|os.O_TRUNC, 0666) - - if err != nil { - return fmt.Errorf("fail opening output file %w", err) - } - defer file.Close() - - rep := writer.Detectors{ - Classifier: classifier, - File: file, - } - - if err := detectors.Extract(ctx, rootDir, filename, &rep, fileStats, scanners); err != nil { - return err - } - - return nil -} diff --git a/scripts/gen-doc-yaml.go b/scripts/gen-doc-yaml.go index 40852326c..dba98828c 100644 --- a/scripts/gen-doc-yaml.go +++ b/scripts/gen-doc-yaml.go @@ -7,7 +7,7 @@ import ( "strings" "github.com/bearer/bearer/cmd/bearer/build" - "github.com/bearer/bearer/pkg/commands" + "github.com/bearer/bearer/internal/commands" "github.com/spf13/cobra" "github.com/spf13/cobra/doc" ) diff --git a/scripts/run_tests.sh b/scripts/run_tests.sh index 5c4283aa0..03e33fee2 100755 --- a/scripts/run_tests.sh +++ b/scripts/run_tests.sh @@ -2,6 +2,9 @@ # # Run the project test suite +# Ensures environment variables are not going to conflict with tests +unset ${!BEARER_*} + DEFAULT_TEST_ARGS="-count=1 -v ./..." do_info() {