Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Xelians] - Recharting CEA apps #1675

Merged
merged 31 commits into from
Mar 27, 2024
Merged

[Xelians] - Recharting CEA apps #1675

merged 31 commits into from
Mar 27, 2024

Conversation

ebernard
Copy link
Contributor

Merge feature/trv/recharting-rebased to develop. See #1599

@vitam-devops
Copy link
Collaborator

vitam-devops commented Mar 11, 2024
edited
Loading

Logo
Checkmarx One – Scan Summary & Detailscfdc5246-7615-4e56-853a-e813f1e0aef2

New Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH CVE-2019-15599 Npm-tree-kill-1.2.1 Vulnerable Package
HIGH CVE-2020-28502 Npm-xmlhttprequest-ssl-1.5.5 Vulnerable Package
HIGH CVE-2020-36048 Npm-engine.io-3.2.1 Vulnerable Package
HIGH CVE-2020-36049 Npm-socket.io-parser-3.2.0 Vulnerable Package
HIGH CVE-2020-7660 Npm-serialize-javascript-1.9.1 Vulnerable Package
HIGH CVE-2020-7788 Npm-ini-1.3.5 Vulnerable Package
HIGH CVE-2020-7793 Npm-ua-parser-js-0.7.22 Vulnerable Package
HIGH CVE-2021-27292 Npm-ua-parser-js-0.7.22 Vulnerable Package
HIGH CVE-2021-31597 Npm-xmlhttprequest-ssl-1.5.5 Vulnerable Package
HIGH CVE-2022-2421 Npm-socket.io-parser-3.2.0 Vulnerable Package
HIGH CVE-2022-25927 Npm-ua-parser-js-0.7.22 Vulnerable Package
HIGH CVE-2023-32695 Npm-socket.io-parser-3.2.0 Vulnerable Package
HIGH CVE-2023-32695 Npm-socket.io-parser-3.3.3 Vulnerable Package
MEDIUM CVE-2019-16769 Npm-serialize-javascript-1.9.1 Vulnerable Package
MEDIUM CVE-2020-15366 Npm-ajv-6.10.0 Vulnerable Package
MEDIUM CVE-2020-15366 Npm-ajv-5.5.2 Vulnerable Package
MEDIUM CVE-2020-28481 Npm-socket.io-2.1.1 Vulnerable Package
MEDIUM CVE-2020-7693 Npm-sockjs-0.3.19 Vulnerable Package
MEDIUM CVE-2021-23364 Npm-browserslist-4.5.5 Vulnerable Package
MEDIUM CVE-2021-23495 Npm-karma-4.1.0 Vulnerable Package
MEDIUM CVE-2021-23495 Npm-karma-5.2.3 Vulnerable Package
MEDIUM CVE-2022-0437 Npm-karma-5.2.3 Vulnerable Package
MEDIUM CVE-2022-0437 Npm-karma-4.1.0 Vulnerable Package
MEDIUM CVE-2022-21704 Npm-log4js-4.5.1 Vulnerable Package
MEDIUM CVE-2022-41940 Npm-engine.io-3.2.1 Vulnerable Package
MEDIUM Cleartext_Submission_of_Sensitive_Information /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/user/service/UserEmailInternalService.java: 98 Attack Vector
MEDIUM Cx816df59e-1cc9 Npm-marked-0.7.0 Vulnerable Package
LOW Client_DOM_Open_Redirect /ui/ui-frontend-common/src/app/modules/authentication/services/oidc-authenticator.service.ts: 106 Attack Vector
LOW Heap_Inspection /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/user/service/UserInternalService.java: 483 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/FileFormatExternalController.java: 186 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/FileFormatExternalController.java: 186 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/UserInternalController.java: 94 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/AgencyInternalController.java: 179 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/AgencyInternalController.java: 179 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/AgencyInternalController.java: 179 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/AgencyInternalController.java: 179 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/UserInternalController.java: 94 Attack Vector
LOW Use_Of_Hardcoded_Password_In_Config /api/api-iam/iam-internal/src/main/resources/exported-data.properties: 19 Attack Vector

Fixed Issues

Severity Issue Source File / Package
HIGH CVE-2023-28857 Maven-org.apereo.cas:cas-server-support-x509-core-6.6.4
HIGH Missing User Instruction /Dockerfile: 11
HIGH Missing User Instruction /Dockerfile: 10
HIGH Missing User Instruction /Dockerfile: 10
HIGH Missing User Instruction /Dockerfile: 10
HIGH No New Privileges Not Set /vitam-recette.yml: 17
HIGH No New Privileges Not Set /vitam-recette.yml: 54
HIGH No New Privileges Not Set /docker-compose.yml: 10
HIGH No New Privileges Not Set /vitam-dev.yml: 19
HIGH Passwords And Secrets - Generic Password /Dockerfile: 67
HIGH Passwords And Secrets - Generic Password /mongo_cluster.yml: 34
HIGH Passwords And Secrets - Generic Password /mongo_dev.yml: 37
HIGH Passwords And Secrets - Generic Password /mongo_cluster.yml: 11
HIGH Passwords And Secrets - Password in URL /mongo_dev.yml: 38
HIGH Privileged Containers Enabled /docker-compose.yml: 52
HIGH Privileged Containers Enabled /vitam-recette.yml: 14
HIGH Privileged Containers Enabled /docker-compose.yml: 7
HIGH Privileged Containers Enabled /vitam-dev.yml: 16
HIGH Privileged Containers Enabled /docker-compose.yml: 21
HIGH Privileged Containers Enabled /vitam-recette.yml: 51
HIGH Volume Has Sensitive Host Directory /docker-compose.yml: 9
HIGH Volume Has Sensitive Host Directory /docker-compose.yml: 10
HIGH Volume Has Sensitive Host Directory /docker-compose.yml: 26
HIGH Volume Has Sensitive Host Directory /vitam-dev.yml: 25
HIGH Volume Has Sensitive Host Directory /docker-compose.yml: 25
HIGH Volume Has Sensitive Host Directory /vitam-recette.yml: 20
HIGH Volume Has Sensitive Host Directory /vitam-recette.yml: 57
HIGH Volume Has Sensitive Host Directory /vitam-dev.yml: 27
HIGH Volume Has Sensitive Host Directory /vitam-dev.yml: 26
MEDIUM Add Instead of Copy /Dockerfile: 46
MEDIUM Add Instead of Copy /Dockerfile: 47
MEDIUM Add Instead of Copy /Dockerfile: 15
MEDIUM Cleartext_Submission_of_Sensitive_Information /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/user/service/UserEmailInternalService.java: 99
MEDIUM Container Traffic Not Bound To Host Interface /vitam-recette.yml: 21
MEDIUM Container Traffic Not Bound To Host Interface /mongo_cluster.yml: 60
MEDIUM Container Traffic Not Bound To Host Interface /docker-compose.yml: 38
MEDIUM Container Traffic Not Bound To Host Interface /docker-compose.yml: 7
MEDIUM Container Traffic Not Bound To Host Interface /mongo_dev.yml: 29
MEDIUM Container Traffic Not Bound To Host Interface /docker-compose.yml: 19
MEDIUM Container Traffic Not Bound To Host Interface /jaeger-docker-compose.yml: 5
MEDIUM Container Traffic Not Bound To Host Interface /mongo_dev.yml: 12
MEDIUM Container Traffic Not Bound To Host Interface /mongo_cluster.yml: 16
MEDIUM Container Traffic Not Bound To Host Interface /vitam-recette.yml: 58
MEDIUM Container Traffic Not Bound To Host Interface /mongo_cluster.yml: 39
MEDIUM Container Traffic Not Bound To Host Interface /vitam-dev.yml: 28
MEDIUM Healthcheck Not Set /docker-compose.yml: 4
MEDIUM Healthcheck Not Set /vitam-recette.yml: 41
MEDIUM Healthcheck Not Set /docker-compose.yml: 49
MEDIUM Healthcheck Not Set /docker-compose.yml: 3
MEDIUM Healthcheck Not Set /mongo_dev.yml: 4
MEDIUM Healthcheck Not Set /docker-compose.yml: 27
MEDIUM Healthcheck Not Set /docker-compose.yml: 4
MEDIUM Healthcheck Not Set /jaeger-docker-compose.yml: 3
MEDIUM Healthcheck Not Set /mongo_cluster.yml: 4
MEDIUM Healthcheck Not Set /vitam-recette.yml: 4
MEDIUM Healthcheck Not Set /mongo_cluster.yml: 27
MEDIUM Healthcheck Not Set /docker-compose.yml: 4
MEDIUM Healthcheck Not Set /mongo_cluster.yml: 49
MEDIUM Healthcheck Not Set /vitam-dev.yml: 4
MEDIUM Healthcheck Not Set /mongo_dev.yml: 25
MEDIUM Healthcheck Not Set /docker-compose.yml: 4
MEDIUM Healthcheck Not Set /docker-compose.yml: 41
MEDIUM Healthcheck Not Set /docker-compose.yml: 17
MEDIUM Host Namespace is Shared /vitam-recette.yml: 41
MEDIUM Host Namespace is Shared /vitam-recette.yml: 4
MEDIUM Host Namespace is Shared /docker-compose.yml: 4
MEDIUM Host Namespace is Shared /mongo_dev.yml: 4
MEDIUM Host Namespace is Shared /docker-compose.yml: 49
MEDIUM Host Namespace is Shared /jaeger-docker-compose.yml: 3
MEDIUM Host Namespace is Shared /docker-compose.yml: 41
MEDIUM Host Namespace is Shared /mongo_cluster.yml: 4
MEDIUM Host Namespace is Shared /docker-compose.yml: 4
MEDIUM Host Namespace is Shared /docker-compose.yml: 17
MEDIUM Host Namespace is Shared /mongo_cluster.yml: 49
MEDIUM Host Namespace is Shared /docker-compose.yml: 4
MEDIUM Host Namespace is Shared /docker-compose.yml: 3
MEDIUM Host Namespace is Shared /mongo_dev.yml: 25
MEDIUM Host Namespace is Shared /docker-compose.yml: 4
MEDIUM Host Namespace is Shared /mongo_cluster.yml: 27
MEDIUM Host Namespace is Shared /docker-compose.yml: 27
MEDIUM Host Namespace is Shared /vitam-dev.yml: 4
MEDIUM Image Version Not Explicit /Dockerfile: 11
MEDIUM Memory Not Limited /docker-compose.yml: 4
MEDIUM Memory Not Limited /docker-compose.yml: 17
MEDIUM Memory Not Limited /docker-compose.yml: 4
MEDIUM Memory Not Limited /mongo_dev.yml: 4
MEDIUM Memory Not Limited /mongo_cluster.yml: 49
MEDIUM Memory Not Limited /mongo_dev.yml: 25
MEDIUM Memory Not Limited /jaeger-docker-compose.yml: 3
MEDIUM Memory Not Limited /docker-compose.yml: 41
MEDIUM Memory Not Limited /vitam-recette.yml: 4
MEDIUM Memory Not Limited /docker-compose.yml: 4
MEDIUM Memory Not Limited /mongo_cluster.yml: 4
MEDIUM Memory Not Limited /docker-compose.yml: 4
MEDIUM Memory Not Limited /mongo_cluster.yml: 27
MEDIUM Memory Not Limited /docker-compose.yml: 27
MEDIUM Memory Not Limited /vitam-recette.yml: 41
MEDIUM Memory Not Limited /docker-compose.yml: 3
MEDIUM Memory Not Limited /vitam-dev.yml: 4
MEDIUM Memory Not Limited /docker-compose.yml: 49
MEDIUM Networks Not Set /jaeger-docker-compose.yml: 3
MEDIUM Networks Not Set /docker-compose.yml: 4
MEDIUM Networks Not Set /docker-compose.yml: 4
MEDIUM Networks Not Set /docker-compose.yml: 41
MEDIUM Networks Not Set /docker-compose.yml: 3
MEDIUM Networks Not Set /vitam-dev.yml: 4
MEDIUM Networks Not Set /docker-compose.yml: 4
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118
MEDIUM Privileged Ports Mapped In Container /vitam-recette.yml: 21
MEDIUM Privileged Ports Mapped In Container /vitam-dev.yml: 28
MEDIUM Security Opt Not Set /docker-compose.yml: 49
MEDIUM Security Opt Not Set /mongo_dev.yml: 4
MEDIUM Security Opt Not Set /mongo_cluster.yml: 4
MEDIUM Security Opt Not Set /docker-compose.yml: 4
MEDIUM Security Opt Not Set /docker-compose.yml: 17
MEDIUM Security Opt Not Set /docker-compose.yml: 3
MEDIUM Security Opt Not Set /mongo_dev.yml: 25
MEDIUM Security Opt Not Set /docker-compose.yml: 4
MEDIUM Security Opt Not Set /docker-compose.yml: 41
MEDIUM Security Opt Not Set /mongo_cluster.yml: 27
MEDIUM Security Opt Not Set /jaeger-docker-compose.yml: 3
MEDIUM Security Opt Not Set /docker-compose.yml: 4
MEDIUM Security Opt Not Set /docker-compose.yml: 27
MEDIUM Security Opt Not Set /mongo_cluster.yml: 49
MEDIUM Shared Host Network Namespace /docker-compose.yml: 6
MEDIUM Shared Host Network Namespace /docker-compose.yml: 45
MEDIUM Shared Host Network Namespace /docker-compose.yml: 5
MEDIUM Update Instruction Alone /Dockerfile: 14
MEDIUM Update Instruction Alone /Dockerfile: 17
MEDIUM Update Instruction Alone /Dockerfile: 14
MEDIUM Yum Clean All Missing /Dockerfile: 39
MEDIUM Yum Clean All Missing /Dockerfile: 45
MEDIUM Yum install Without Version /Dockerfile: 60
MEDIUM Yum install Without Version /Dockerfile: 33
MEDIUM Yum install Without Version /Dockerfile: 33
MEDIUM Yum install Without Version /Dockerfile: 14
MEDIUM Yum install Without Version /Dockerfile: 64
MEDIUM Yum install Without Version /Dockerfile: 60
MEDIUM Yum install Without Version /Dockerfile: 69
MEDIUM Yum install Without Version /Dockerfile: 60
MEDIUM Yum install Without Version /Dockerfile: 33
MEDIUM Yum install Without Version /Dockerfile: 77
MEDIUM Yum install Without Version /Dockerfile: 33
MEDIUM Yum install Without Version /Dockerfile: 39
MEDIUM Yum install Without Version /Dockerfile: 60
MEDIUM Yum install Without Version /Dockerfile: 60
MEDIUM Yum install Without Version /Dockerfile: 60
MEDIUM Yum install Without Version /Dockerfile: 33
MEDIUM Yum install Without Version /Dockerfile: 17
MEDIUM Yum install Without Version /Dockerfile: 64
MEDIUM Yum install Without Version /Dockerfile: 33
MEDIUM Yum install Without Version /Dockerfile: 45
MEDIUM Yum install Without Version /Dockerfile: 64
MEDIUM Yum install Without Version /Dockerfile: 60
MEDIUM Yum install Without Version /Dockerfile: 33
MEDIUM Yum install Without Version /Dockerfile: 64
MEDIUM Yum install Without Version /Dockerfile: 33
MEDIUM Yum install Without Version /Dockerfile: 60
MEDIUM Yum install Without Version /Dockerfile: 14
MEDIUM Yum install Without Version /Dockerfile: 64
LOW Angular_Usage_of_Unsafe_DOM_Sanitizer /ui/ui-frontend-common/src/app/modules/components/navbar/navbar.component.ts: 81
LOW Container Capabilities Unrestricted /mongo_cluster.yml: 27
LOW Container Capabilities Unrestricted /mongo_dev.yml: 25
LOW Container Capabilities Unrestricted /docker-compose.yml: 4
LOW Container Capabilities Unrestricted /docker-compose.yml: 3
LOW Container Capabilities Unrestricted /docker-compose.yml: 49
LOW Container Capabilities Unrestricted /docker-compose.yml: 4
LOW Container Capabilities Unrestricted /docker-compose.yml: 17
LOW Container Capabilities Unrestricted /vitam-dev.yml: 17
LOW Container Capabilities Unrestricted /mongo_cluster.yml: 49
LOW Container Capabilities Unrestricted /jaeger-docker-compose.yml: 3
LOW Container Capabilities Unrestricted /mongo_dev.yml: 4
LOW Container Capabilities Unrestricted /docker-compose.yml: 27
LOW Container Capabilities Unrestricted /docker-compose.yml: 41
LOW Container Capabilities Unrestricted /vitam-dev.yml: 4
LOW Container Capabilities Unrestricted /docker-compose.yml: 4
LOW Container Capabilities Unrestricted /mongo_cluster.yml: 4
LOW Cpus Not Limited

More results are available on AST platform

@pyXelians pyXelians force-pushed the feature/trv/recharting-rebased branch 4 times, most recently from d88f02b to 7a000d6 Compare March 14, 2024 11:15
@pyXelians pyXelians force-pushed the feature/trv/recharting-rebased branch from 7a000d6 to 91643bc Compare March 14, 2024 13:25
Regzox
Regzox reviewed Mar 14, 2024
View reviewed changes
Copy link
Contributor

@Regzox Regzox left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • 246/710

ebernard
ebernard commented Mar 15, 2024
View reviewed changes
api/api-iam/iam-external/src/main/resources/assets/logo.png Outdated
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ne doit pas faire partie de la PR.

api/api-iam/iam-external/src/main/resources/assets/mobile_app_home.png Outdated Show resolved Hide resolved
...src/main/java/fr/gouv/vitamui/iam/internal/server/application/dao/ApplicationRepository.java Show resolved Hide resolved
...java/fr/gouv/vitamui/iam/internal/server/application/service/ApplicationInternalService.java Show resolved Hide resolved
...nternal/src/main/java/fr/gouv/vitamui/iam/internal/server/user/service/TranslateService.java Show resolved Hide resolved
ui/ui-frontend/projects/referential/src/sass/_tooltip.scss Outdated Show resolved Hide resolved
ui/ui-frontend/projects/referential/src/sass/_vitamui-tab-group.scss Outdated Show resolved Hide resolved
ui/ui-frontend/projects/referential/src/sass/login.scss Outdated Show resolved Hide resolved
ui/ui-frontend/projects/referential/src/sass/styles.scss Outdated Show resolved Hide resolved
...ntend/projects/vitamui-library/src/lib/components/confirm-action/confirm-action.component.ts Outdated Show resolved Hide resolved
@Regzox
Copy link
Contributor

Regzox commented Mar 15, 2024

J'ai une erreur 500 avec le compte admin sur l'export des users. Le bug est reproductible en local et sur xel.

@pyXelians pyXelians force-pushed the feature/trv/recharting-rebased branch from 91643bc to 0027e37 Compare March 19, 2024 13:52
@GiooDev GiooDev added this to the IT 133 milestone Mar 25, 2024
@GiooDev GiooDev added OPS REVIEW Mandatory if deployment/ directory is modified. Xelians XELIANS contribution CEA CEA contribution labels Mar 25, 2024
ebernard and others added 25 commits March 27, 2024 16:39
@ebernard
Fix rebase-related problems
31497e9
@ebernard
[FIX CRO-361] Fix ingest contracts and access contracts
1cc4fbc
@ebernard
[CRO-360] fix refreshing positions when modifying the default search …
5a75531 
…access contract
@Pierre-Xelians @ebernard
[FIX CRO-366] fix create duplicate
f7384ab
@Pierre-Xelians @ebernard
[FIX CRO-355] fix agency absence of pop-in to save changes
99edb5d
@Pierre-Xelians @ebernard
[FIX CRO-363] Fix audit creation
3cd021e
@ebernard
[FIX CRO-380] Return to initial state if modification not saved
10ca662
@Pierre-Xelians @ebernard
[FIX CRO-379] Fix filing plan BOTH mode
e79bb83
@Pierre-Xelians @ebernard
[FIX CRO-357] Fix file format import
4241064
@ebernard
[FIX CRO-358] fix import KO with successful import message
0e181c5
@Pierre-Xelians @ebernard
[FIX CRO-368] Fix contexts update and creation
893dcec
@ebernard
[FIX CRO-356] fix review the ergonomics of the board
b8a66ff
@ebernard
[FIX CRO-383] If switch "all access" ON, do not display step 2
46ef2db
@Pierre-Xelians @ebernard
[FIX CRO-381] add scrollbar in security profile creation
45c2bb1
@ebernard
[FIX CRO-386] Changing permissions KO
bcf1629
@Pierre-Xelians @ebernard
[FIX CRO-366] fix create duplicate in backend
e062c63
@ebernard
TECH - Fix rebase
db63670
@Pierre-Xelians @ebernard
[FIX CRO-322] Fix multi-select bugs
c484891
@Pierre-Xelians @ebernard
[BUG CRO-389] fix multiselect keyboardboard navigation
d0c6f8e
@ebernard
[FIX CRO-387] fix rule's type is editable
7eeed9b
@ebernard
TECH Fix prettier
47bd087
@Pierre-Xelians @ebernard
[TECH] Add vitam developers comments
728d185
@Pierre-Xelians @ebernard
[TECH] fix indentation
30b448c
@ebernard
Fix build
482a42e
@ebernard
Fix integration test
4015061
@ebernard ebernard force-pushed the feature/trv/recharting-rebased branch from 574a3a9 to 4015061 Compare March 27, 2024 15:40
@ebernard ebernard changed the title Recharting CEA apps [Xelians] - Recharting CEA apps Mar 27, 2024
@GiooDev GiooDev merged commit ba85a80 into develop Mar 27, 2024
1 check was pending
@GiooDev GiooDev deleted the feature/trv/recharting-rebased branch March 27, 2024 15:57
@ebernard ebernard mentioned this pull request Apr 2, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@laedanrex laedanrex laedanrex left review comments

@Regzox Regzox Regzox left review comments

@pyXelians pyXelians pyXelians left review comments

@Pierre-Xelians Pierre-Xelians Pierre-Xelians left review comments

Assignees
No one assigned
Labels
CEA CEA contribution OPS REVIEW Mandatory if deployment/ directory is modified. Xelians XELIANS contribution
Projects
None yet
Milestone
IT 133
Development

Successfully merging this pull request may close these issues.
8 participants
@ebernard @vitam-devops @Regzox @laedanrex @pyXelians @Pierre-Xelians @GiooDev @Ro3090