Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🔄 synced file(s) with DevExpress/testcafe-build-system #209

Merged
merged 3 commits into from
Dec 6, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 19 additions & 16 deletions .github/labels.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,17 +5,17 @@
:
# Post a comment
comment: |
Thank you for your inquiry. This issue looks like a question that would be best [asked on StackOverflow](https://stackoverflow.com/questions/ask?tags=testcafe) - an amazing platform for users to ask and answer questions. We try to keep the GitHub issues tracker for bugs and feature requests only (see [Contributing](https://github.com/DevExpress/testcafe#contributing)).
Thank you for your inquiry. It looks like you're asking a question. We use GitHub to track bug reports and enhancement requests (see [Contributing](https://github.com/DevExpress/testcafe#contributing)). Address your question to the TestCafe community on [StackOverflow](https://stackoverflow.com/questions/ask?tags=testcafe) instead.
If you think that this issue is a bug, feel free to [open a new issue](https://github.com/DevExpress/testcafe/issues/new?template=bug-report.md), but please make sure to follow the issue template. Thank you in advance.
If you encountered a bug, [open a new issue](https://github.com/DevExpress/testcafe/issues/new?template=bug-report.md), and follow the "bug report" template. Thank you in advance.
unlabel: 'STATE: Need response'
close: true

? 'STATE: Non-latest version'
:
# Post a comment
comment: |
Thank you for submitting this issue. Since you are using an outdated version of TestCafe, we recommend you update TestCafe to the [latest version](https://github.com/DevExpress/testcafe/releases/latest) to check if this issue has been addressed. We constantly improve our tools, and there is a chance that this issue has been already resolved and/or is no longer reproducible in the latest version. We look forward to your response.
Thank you for submitting a bug report. It looks like you're using an outdated version of TestCafe. Every TestCafe update contains bug fixes and enhancements. Install [the latest version](https://github.com/DevExpress/testcafe/releases/latest) of TestCafe and see if you can reproduce the bug. We look forward to your response.
label: 'STATE: Need clarification'
unlabel:
- 'STATE: Non-latest version'
Expand All @@ -25,7 +25,7 @@
:
# Post a comment
comment: |
Thank you for submitting this issue. We would love to assist you and diagnose it. However, we need a simple sample that we can easily run on our side in order to replicate the issue and research its cause. Without a sample, we are not able to figure out what's going on and why this issue occurs. Refer to this article to create the best example: [How To: Create a Minimal Working Example When You Submit an Issue](https://testcafe.io/402636/faq#how-to-create-a-minimal-working-example-when-you-submit-an-issue). We look forward to your response.
Thank you for submitting a bug report. We would love to help you investigate the issue. Please share a *simple* code example that reliably reproduces the bug. For more information, read the following article: [How To Create a Minimal Working Example When You Submit an Issue](https://testcafe.io/documentation/402636/faq/general-info#how-to-create-a-minimal-working-example-when-you-submit-an-issue). We look forward to your response.
label: 'STATE: Need clarification'
unlabel:
- 'STATE: Need simple sample'
Expand All @@ -35,9 +35,10 @@
:
# Post a comment
comment: |
Thank you for submitting this issue. We would love to assist you and diagnose this issue. However, since your website sits behind a proxy and/or requires authentication, I will not be able to access it. Our policy prevents us from accessing a customer's internal resources without prior written approval from the entity that owns the server/web resource.
Thank you for submitting a bug report. We would love to help you investigate the issue. Unfortunately, we cannot reproduce the bug, because your code example accesses a web resource that requires authentication.
If you want us to research the problem further, we'll need access to the server/web resource. Please ask the website owner to send us ([[email protected]](mailto:[email protected])) written confirmation. It must permit DevExpress personnel to remotely access the website and its internal resources for research/testing and debugging purposes.
Please create a [Minimal Example](https://testcafe.io/documentation/402636/faq/general-info#how-to-create-a-minimal-working-example-when-you-submit-an-issue) that works locally or without authentication. Do not share any private data - the DevExpress support team cannot access private resources. We look forward to your response.
label: 'STATE: Need clarification'
unlabel:
- 'STATE: Need access confirmation'
Expand All @@ -47,7 +48,7 @@
:
# Post a comment
comment: |
Thank you for submitting this issue. However, the information you shared is insufficient to determine its cause. Please submit a new issue and fill the issue template completely - specify your TestCafe version and share a sample application with a test case that we can run on our side to reproduce and research the issue.
Thank you for submitting a bug report. The information you shared is not sufficient to determine the cause of the issue. Please create a new GitHub ticket and fill every section of the "bug report" template. Include the framework's version number, and don't forget to share a [Minimal Working Example](https://testcafe.io/documentation/402636/faq/general-info#how-to-create-a-minimal-working-example-when-you-submit-an-issue) that reliably reproduces the issue.
unlabel:
- 'STATE: Incomplete template'
- 'STATE: Need response'
Expand All @@ -57,7 +58,7 @@
:
# Post a comment
comment: |
No updates yet. Once we get any results, we will post them in this thread.
No updates yet. Once we make more progress, we will leave a comment.
unlabel:
- 'STATE: No updates'
- 'STATE: Need response'
Expand All @@ -66,7 +67,7 @@
:
# Post a comment
comment: |
Any personal estimate may be misleading, so we cannot currently tell it at the moment. Once we get any results, we will post them in this thread.
Personal predictions can be unreliable, so we are not ready to give you an ETA. Once we make more progress, we will leave a comment.
unlabel:
- 'STATE: No estimations'
- 'STATE: Need response'
Expand All @@ -75,7 +76,7 @@
:
# Post a comment
comment: |
We are focused on implementing features from our [Roadmap](https://devexpress.github.io/testcafe/roadmap/). Since this enhancement is not there, we cannot tell you any time frames on when we will be able to address it. If this feature is important for you, please submit a Pull Request with its implementation. See the [Сontribution guide](https://github.com/DevExpress/testcafe/blob/master/CONTRIBUTING.md) for more information.
The TestCafe team has yet to allocate any resources for the development of this capability. We cannot give you an ETA on its completion. If this capability is important for you, please submit a Pull Request with an implementation. See the [Сontribution guide](https://github.com/DevExpress/testcafe/blob/master/CONTRIBUTING.md) for more information.
unlabel:
- 'STATE: Outdated proposal'
- 'STATE: Need response'
Expand All @@ -84,7 +85,9 @@
:
# Post a comment
comment: |
We address issues according to their severity, priority, and other factors. It appears that this issue is an edge case. If this issue is important for you, please submit a Pull Request with a fix. See the [Сontribution guide](https://github.com/DevExpress/testcafe/blob/master/CONTRIBUTING.md) for more information.
When the TestCafe team decides which issues to address, it evaluates their severity, as well as the number of affected users. It appears that the issue you raised is an edge case.
If this issue is important for you, please submit a Pull Request with a fix. See the [Сontribution guide](https://github.com/DevExpress/testcafe/blob/master/CONTRIBUTING.md) for more information.
unlabel:
- 'STATE: Outdated issue'
- 'STATE: Need response'
Expand All @@ -93,7 +96,7 @@
:
# Post a comment
comment: |
There are no workarounds. Once we get any updates, we will post them in this thread.
There are no workarounds at the moment. We'll leave a comment if we discover a workaround, or fix the bug.
unlabel:
- 'STATE: No workarounds'
- 'STATE: Need response'
Expand All @@ -102,7 +105,7 @@
:
# Post a comment
comment: |
Thank you for your contribution to TestCafe. We will review this PR.
Thank you for your contribution to TestCafe. When a member of the TestCafe team becomes available, they will review this PR.
unlabel:
- 'STATE: PR Review Pending'
- 'STATE: Need response'
Expand All @@ -111,7 +114,7 @@
:
# Post a comment
comment: |
We appreciate you taking the time to share the information about this issue. We replicated it, and it is currently in our internal queue. Please note that the research may take time. We'll update this thread once we have news.
We appreciate you taking the time to share information about this issue. We reproduced the bug and added this ticket to our internal task queue. We'll update this thread once we have news.
unlabel:
- 'STATE: Issue accepted'
- 'STATE: Need response'
Expand All @@ -120,7 +123,7 @@
:
# Post a comment
comment: |
Thank you for bringing this to our attention. We will be happy to look into this enhancement. We'll update this thread once we have news to share. In the absence of communication from us, it's safe to assume that there are no updates.
Thank you for bringing this enhancement to our attention. We will be happy to look into it. We'll update this thread once we have news. If we do not publish any new comments, it's safe to assume that there are no new updates.
unlabel:
- 'STATE: Enhancement accepted'
- 'STATE: Need response'
- 'STATE: Need response'
177 changes: 177 additions & 0 deletions .github/scripts/security-checker.mjs
Original file line number Diff line number Diff line change
@@ -0,0 +1,177 @@
const STATES = {
open: 'open',
closed: 'closed',
};

const LABELS = {
dependabot: 'dependabot',
codeq: 'codeql',
security: 'security notification',
};

class SecurityChecker {
constructor (github, context, issueRepo) {
this.github = github;
this.issueRepo = issueRepo;
this.context = {
owner: context.repo.owner,
repo: context.repo.repo,
};
}

async check () {
const dependabotAlerts = await this.getDependabotAlerts();
const codeqlAlerts = await this.getCodeqlAlerts();
const existedIssues = await this.getExistedIssues();

this.alertDictionary = this.createAlertDictionary(existedIssues);

await this.closeSpoiledIssues();
this.createDependabotlIssues(dependabotAlerts);
this.createCodeqlIssues(codeqlAlerts);
}

async getDependabotAlerts () {
const { data } = await this.github.rest.dependabot.listAlertsForRepo({ state: STATES.open, ...this.context });

return data;
}

async getCodeqlAlerts () {
try {
const { data } = await this.github.rest.codeScanning.listAlertsForRepo({ state: STATES.open, ...this.context });

return data;
}
catch (e) {
if (e.message.includes('no analysis found'))
return [];

throw e;
}
}

async getExistedIssues () {
const { data: existedIssues } = await this.github.rest.issues.listForRepo({
owner: this.context.owner,
repo: this.issueRepo,
labels: [LABELS.security],
state: STATES.open,
});

return existedIssues;
}

createAlertDictionary (existedIssues) {
return existedIssues.reduce((res, issue) => {
const [, url, number] = issue.body.match(/Link:\s*(https.*?(\d+)$)/);

if (!url)
return res;

res[url] = {
issue, number,
isDependabot: url.includes('dependabot'),
};

return res;
}, {});
}

async closeSpoiledIssues () {
for (const key in this.alertDictionary) {
const alert = this.alertDictionary[key];

if (alert.isDependabot) {
const isAlertOpened = await this.isDependabotAlertOpened(alert.number);

if (isAlertOpened)
continue;

await this.closeIssue(alert.issue.number);
}
}
}

async isDependabotAlertOpened (alertNumber) {
const alert = await this.getDependabotAlertInfo(alertNumber);

return alert.state === STATES.open;
}

async getDependabotAlertInfo (alertNumber) {
try {
const { data } = await this.github.rest.dependabot.getAlert({ alert_number: alertNumber, ...this.context });

return data;
}
catch (e) {
if (e.message.includes('No alert found for alert number'))
return {};

throw e;
}
}

async closeIssue (issueNumber) {
return this.github.rest.issues.update({
owner: this.context.owner,
repo: this.issueRepo,
issue_number: issueNumber,
state: STATES.closed,
});
}

async createDependabotlIssues (dependabotAlerts) {
dependabotAlerts.forEach(alert => {
if (!this.needCreateIssue(alert))
return;

this.createIssue({
labels: [LABELS.dependabot, LABELS.security, alert.dependency.scope],
originRepo: this.context.repo,
summary: alert.security_advisory.summary,
description: alert.security_advisory.description,
link: alert.html_url,
issuePackage: alert.dependency.package.name,
});
});
}

async createCodeqlIssues (codeqlAlerts) {
codeqlAlerts.forEach(alert => {
if (!this.needCreateIssue(alert))
return;

this.createIssue({
labels: [LABELS.codeql, LABELS.security],
originRepo: this.context.repo,
summary: alert.rule.description,
description: alert.most_recent_instance.message.text,
link: alert.html_url,
});
});
}

needCreateIssue (alert) {
return !this.alertDictionary[alert.html_url];
}

async createIssue ({ labels, originRepo, summary, description, link, issuePackage = '' }) {
const title = `[${originRepo}] ${summary}`;
const body = ''
+ `#### Repository: \`${originRepo}\`\n`
+ (issuePackage ? `#### Package: \`${issuePackage}\`\n` : '')
+ `#### Description:\n`
+ `${description}\n`
+ `#### Link: ${link}`;

return this.github.rest.issues.create({
title, body, labels,
owner: this.context.owner,
repo: this.issueRepo,
});
}
}

export default SecurityChecker;
Loading
Loading