Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Story #11293 pastis standalone #1335

Merged
merged 1 commit into from
Jul 5, 2023
Merged

Story #11293 pastis standalone #1335

merged 1 commit into from
Jul 5, 2023

Conversation

Regzox
Copy link
Contributor

@Regzox Regzox commented May 11, 2023

Générer un exécutable de PASTIS en mode standalone.

@TDevillechabrolle
Copy link
Contributor

TDevillechabrolle commented May 11, 2023
edited
Loading

Logo
Checkmarx One – Scan Summary & Detailse6178ea8-088a-41fd-87c8-f0d6f70d3820

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM CVE-2022-25883 Npm-semver-7.5.3 Vulnerable Package
MEDIUM CVE-2022-25883 Npm-semver-7.3.2 Vulnerable Package
MEDIUM CVE-2022-25883 Npm-semver-6.3.0 Vulnerable Package
MEDIUM CVE-2022-25883 Npm-semver-5.7.1 Vulnerable Package
MEDIUM CVE-2022-25883 Npm-semver-5.3.0 Vulnerable Package
MEDIUM Unchecked_Input_for_Loop_Condition /api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java: 132 Attack Vector
LOW Log_Forging /api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java: 198 Attack Vector
LOW Log_Forging /api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java: 198 Attack Vector
LOW Log_Forging /api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java: 198 Attack Vector
LOW Log_Forging /api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java: 198 Attack Vector

Fixed Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH CVE-2020-7793 Npm-ua-parser-js-0.7.22 Vulnerable Package
HIGH CVE-2021-27292 Npm-ua-parser-js-0.7.22 Vulnerable Package
HIGH CVE-2022-25927 Npm-ua-parser-js-0.7.22 Vulnerable Package
HIGH CVE-2023-32695 Npm-socket.io-parser-3.3.3 Vulnerable Package
MEDIUM CVE-2016-10735 Npm-bootstrap-3.3.6 Vulnerable Package
MEDIUM CVE-2018-14040 Npm-bootstrap-3.3.6 Vulnerable Package
MEDIUM CVE-2018-14042 Npm-bootstrap-3.3.6 Vulnerable Package
MEDIUM CVE-2018-20676 Npm-bootstrap-3.3.6 Vulnerable Package
MEDIUM CVE-2018-20677 Npm-bootstrap-3.3.6 Vulnerable Package
MEDIUM CVE-2019-5786 Npm-puppeteer-1.20.0 Vulnerable Package
MEDIUM CVE-2019-8331 Npm-bootstrap-3.3.6 Vulnerable Package
MEDIUM CVE-2021-23495 Npm-karma-5.2.3 Vulnerable Package
MEDIUM CVE-2022-0437 Npm-karma-5.2.3 Vulnerable Package
MEDIUM Cx816df59e-1cc9 Npm-marked-0.7.0 Vulnerable Package
MEDIUM SSRF /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 150 Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java: 105 Attack Vector
LOW Log_Forging /api/api-security/security-internal/src/main/java/fr/gouv/vitamui/security/server/rest/CertificateCrudController.java: 118 Attack Vector
LOW Log_Forging /api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java: 159 Attack Vector
LOW Log_Forging /api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java: 159 Attack Vector
LOW Log_Forging /api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java: 159 Attack Vector
LOW Log_Forging /api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java: 159 Attack Vector

@Regzox Regzox added enhancement New feature or request javascript Pull requests that update Javascript code java Pull requests that update Java code VAS VAS contribution labels Jun 1, 2023
@Regzox Regzox requested review from bbenaissa and mhameg June 1, 2023 14:36
@Regzox Regzox force-pushed the story_#11293_pastis_standalone branch 2 times, most recently from 67acdcd to a014017 Compare June 1, 2023 15:28
@Regzox Regzox self-assigned this Jun 1, 2023
@Regzox Regzox force-pushed the story_#11293_pastis_standalone branch from a014017 to c1f7c87 Compare June 2, 2023 14:49
@GiooDev GiooDev added this to the IT 120 milestone Jun 15, 2023
@Regzox Regzox force-pushed the story_#11293_pastis_standalone branch 2 times, most recently from 2bb3442 to e7f6302 Compare June 16, 2023 14:10
@GiooDev GiooDev modified the milestones: IT 120, IT 121 Jun 21, 2023
@Regzox
story #11293 build(pastis-standalone): fix pastis standalone build
57d2364 
changes:
* rename environment interface
* copy pastis-standalone requied frontend stuff to ui-frontend/projects/pastis
* remove from commons modules the profile standalone and weird source code copies
* add a build for standalone to package.json ui-frontend
* add an angular configuration to setup standalone environment
* update plugin launch4j and wrapped jdk 11 url
@Regzox Regzox force-pushed the story_#11293_pastis_standalone branch from e7f6302 to 57d2364 Compare July 3, 2023 08:26
@GiooDev GiooDev merged commit 2d56bc4 into develop Jul 5, 2023
@GiooDev GiooDev deleted the story_#11293_pastis_standalone branch July 5, 2023 09:37
laedanrex pushed a commit that referenced this pull request Jul 18, 2023
@Regzox @laedanrex
story #11293 build(pastis-standalone): fix pastis standalone build (#…
999239a 
…1335)

changes:
* rename environment interface
* copy pastis-standalone requied frontend stuff to ui-frontend/projects/pastis
* remove from commons modules the profile standalone and weird source code copies
* add a build for standalone to package.json ui-frontend
* add an angular configuration to setup standalone environment
* update plugin launch4j and wrapped jdk 11 url

Co-authored-by: Daniel Radeau <daniel.radeau.ext@culture.gouv.fr>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mhameg mhameg mhameg approved these changes

@laedanrex laedanrex laedanrex approved these changes

@bbenaissa bbenaissa Awaiting requested review from bbenaissa

Assignees

@Regzox Regzox

Labels
enhancement New feature or request java Pull requests that update Java code javascript Pull requests that update Javascript code VAS VAS contribution
Projects
None yet
Milestone
IT 121
Development

Successfully merging this pull request may close these issues.
5 participants
@Regzox @TDevillechabrolle @laedanrex @mhameg @GiooDev