Implement checking for the Patchwork user agent

[FeTetra]

This PR adds a check for the user agent which is provided by Zaprit's PRX plugin: "patchwork". The plugin has client-side security features, and the point of this PR is to allow Lighthouse instances to enforce the usage of the plugin if they want people to connect. The user agent provides the both a major and minor version. To which I have also added the ability to require a minimum major and minor version alongside the plugin itself. This is created according to the format of the user agent which Zaprit provided me: "PatchworkLBP1 {PATCHWORK_VERSION_MAJOR}.{PATCHWORK_VERSION_MINOR}".

^{_{i havent tested it yet :p}}

[github-actions]

Qodana for .NET

1108 new problems were found

Inspection name	Severity	Problems
XML highlighting	🔴 Failure	8
Unresolved reference	🔴 Failure	4
Annotator	🔴 Failure	1
Possible performance issues caused by unlimited string length	🔶 Warning	74
Redundant nullable directive	🔶 Warning	60
Unknown ID	🔶 Warning	16
Auto-property accessor is never used (non-private accessibility)	🔶 Warning	14
Path error	🔶 Warning	8
Missing required 'alt' attribute	🔶 Warning	6
Redundant using directive	🔶 Warning	6
Element is localizable	🔶 Warning	4
Unused schema declaration	🔶 Warning	4
Usage of navigational property can return incomplete data	🔶 Warning	3
RoslynAnalyzers Avoid using 'async void' for test methods as it is deprecated in xUnit.net v3	🔶 Warning	3
Conditional access qualifier expression is not null according to nullable reference types' annotations	🔶 Warning	2
Non-accessed field (private accessibility)	🔶 Warning	2
Specify string culture explicitly	🔶 Warning	2
Auto-property accessor is never used (private accessibility)	🔶 Warning	2
Unused nullable directive	🔶 Warning	2
Unknown HTML entity	🔶 Warning	1
Unused selector	🔶 Warning	1
Disposal of a variable already captured by the 'using' statement	🔶 Warning	1
Empty statement is redundant	🔶 Warning	1
Return value must be disposed but the method or function is not annotated with [MustDisposeResource]	🔶 Warning	1
Redundant cast	🔶 Warning	1
Redundant member initializer	🔶 Warning	1
Redundant nullable warning suppression expression	🔶 Warning	1
Do not use object initializer for 'using' variable	🔶 Warning	1
Property can be made init-only (non-private accessibility)	◽️ Notice	252
Use collection expression syntax	◽️ Notice	193
Convert constructor into primary constructor	◽️ Notice	135
Auto-property can be made get-only (non-private accessibility)	◽️ Notice	76
RoslynAnalyzers Do not use boolean asserts for simple equality tests	◽️ Notice	38
Type member is never used (non-private accessibility)	◽️ Notice	26
Member can be made private (non-private accessibility)	◽️ Notice	21
Add/remove 'this.' qualifier	◽️ Notice	14
Property can be made init-only (private accessibility)	◽️ Notice	12
Unresolved reference	◽️ Notice	10
Redundant type declaration body	◽️ Notice	8
Type is never used (non-private accessibility)	◽️ Notice	8
RoslynAnalyzers Use the 'StringComparison' method overloads to perform case-insensitive string comparisons	◽️ Notice	6
Important tags or attributes missing (<img> should specify alternative text)	◽️ Notice	6
Remove redundant parentheses	◽️ Notice	4
RoslynAnalyzers Avoid constant arrays as arguments	◽️ Notice	4
RoslynAnalyzers Use char overload	◽️ Notice	4
RoslynAnalyzers Instantiate argument exceptions correctly	◽️ Notice	4
Merge null/pattern/value checks into 'or'/'and' patterns	◽️ Notice	4
Use raw string	◽️ Notice	4
Use preferred style for trailing comma before new line in multiline lists	◽️ Notice	3
RoslynAnalyzers Use concrete types when possible for improved performance	◽️ Notice	3
Convert constructor into member initializers	◽️ Notice	3
Member can be made protected (non-private accessibility)	◽️ Notice	3
Unused parameter (non-private accessibility)	◽️ Notice	3
Class with virtual (overridable) members never inherited (non-private accessibility)	◽️ Notice	2
'if-return' statement can be rewritten as 'return' statement	◽️ Notice	2
Query can return incomplete data for related entities	◽️ Notice	2
Part of foreach loop can be converted into LINQ-expression but another 'GetEnumerator' method will be used	◽️ Notice	2
Merge null/pattern checks into complex pattern	◽️ Notice	2
Non-accessed field (non-private accessibility)	◽️ Notice	2
Mapped path	◽️ Notice	2
RoslynAnalyzers Suggest using IHeaderDictionary properties	◽️ Notice	1
Use preferred body style (convert into method or operator with preferred body style)	◽️ Notice	1
Auto-property can be made get-only (private accessibility)	◽️ Notice	1
RoslynAnalyzers Mark members as static	◽️ Notice	1
RoslynAnalyzers Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method	◽️ Notice	1
RoslynAnalyzers Avoid using 'Enumerable.Any()' extension method	◽️ Notice	1
RoslynAnalyzers Non-constant fields should not be visible	◽️ Notice	1
Dictionary lookup can be simplified with 'GetValueOrDefault'	◽️ Notice	1
Class is never instantiated (non-private accessibility)	◽️ Notice	1
'if' statement can be rewritten as '?:' expression	◽️ Notice	1
Invert 'if' statement to reduce nesting	◽️ Notice	1
Member can be made static (shared) (non-private accessibility)	◽️ Notice	1
Method has async overload	◽️ Notice	1
Put local function after 'return' or 'continue'	◽️ Notice	1
Redundant empty argument list on object creation expression	◽️ Notice	1
Redundant string interpolation	◽️ Notice	1
Some values of the enum are not processed inside 'switch' statement and are handled via default section	◽️ Notice	1
Unassigned field (non-private accessibility)	◽️ Notice	1
Type member is never accessed via base type (non-private accessibility)	◽️ Notice	1
Method return value is never used (non-private accessibility)	◽️ Notice	1

View the detailed Qodana report

To be able to view the detailed Qodana report, you can either:

• Register at Qodana Cloud and configure the action
• Use GitHub Code Scanning with Qodana
• Host Qodana report at GitHub Pages
• Inspect and use qodana.sarif.json (see the Qodana SARIF format for details)

To get *.log files or any other Qodana artifacts, run the action with upload-result option set to true,
so that the action will upload the files as the job artifacts:

      - name: 'Qodana Scan'
        uses: JetBrains/qodana-action@v2024.3.4
        with:
          upload-result: true

Detected 72 dependencies

Third-party software list

This page lists the third-party software dependencies used in ProjectLighthouse

Dependency	Version	Licenses
BCrypt.Net-Next	4.0.3	MIT
BouncyCastle.Cryptography	2.4.0	MIT
Discord.Net.Core	3.15.0	MIT
Discord.Net.Rest	3.15.0	MIT
Discord.Net.Webhook	3.15.0	MIT
DistributedLock.Core	1.0.6	MIT
DistributedLock.MySql	1.0.2	MIT
GitInfo	3.3.5	MIT
Humanizer.Core	2.14.1	MIT
JetBrains.Annotations	2023.3.0	MIT
Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore	8.0.6	MIT
Microsoft.Bcl.AsyncInterfaces	6.0.0	MIT
Microsoft.CSharp	4.7.0	MIT
Microsoft.CodeAnalysis.Analyzers	3.3.3	MIT
Microsoft.CodeAnalysis.CSharp.Workspaces	4.5.0	MIT
Microsoft.CodeAnalysis.CSharp	4.5.0	MIT
Microsoft.CodeAnalysis.Common	4.5.0	MIT
Microsoft.CodeAnalysis.Workspaces.Common	4.5.0	MIT
Microsoft.EntityFrameworkCore.Abstractions	8.0.6	MIT
Microsoft.EntityFrameworkCore.Analyzers	8.0.6	MIT
Microsoft.EntityFrameworkCore.Design	8.0.6	MIT
Microsoft.EntityFrameworkCore.Relational	8.0.6	MIT
Microsoft.EntityFrameworkCore	8.0.6	MIT
Microsoft.Extensions.ApiDescription.Server	6.0.5	MIT
Microsoft.Extensions.Caching.Abstractions	8.0.0	MIT
Microsoft.Extensions.Caching.Memory	8.0.0	MIT
Microsoft.Extensions.Configuration.Abstractions	8.0.0	MIT
Microsoft.Extensions.DependencyInjection.Abstractions	8.0.0	MIT
Microsoft.Extensions.DependencyInjection	8.0.0	MIT
Microsoft.Extensions.DependencyModel	8.0.0	MIT
Microsoft.Extensions.Logging.Abstractions	8.0.0	MIT
Microsoft.Extensions.Logging	8.0.0	MIT
Microsoft.Extensions.Options	8.0.0	MIT
Microsoft.Extensions.Primitives	8.0.0	MIT
Microsoft.OpenApi	1.6.14	MIT
Mono.TextTemplating	2.2.1	MIT
MySqlConnector	2.3.5	MIT
Newtonsoft.Json	13.0.3	MIT
Pfim	0.11.2	MIT
Pipelines.Sockets.Unofficial	2.2.8	MIT
Pomelo.EntityFrameworkCore.MySql	8.0.2	MIT
QRCoder	1.5.1	MIT
Redis.OM	0.7.1	MIT
SharpZipLib	1.4.2	MIT
SixLabors.ImageSharp	3.1.5	Apache-2.0 PROPRIETARY-LICENSE
StackExchange.Redis	2.7.17	MIT
Swashbuckle.AspNetCore.Swagger	6.6.2	MIT
Swashbuckle.AspNetCore.SwaggerGen	6.6.2	MIT
Swashbuckle.AspNetCore.SwaggerUI	6.6.2	MIT
Swashbuckle.AspNetCore	6.6.2	MIT
System.CodeDom	4.4.0	MIT
System.Collections.Immutable	6.0.0	MIT
System.Composition.AttributedModel	6.0.0	MIT
System.Composition.Convention	6.0.0	MIT
System.Composition.Hosting	6.0.0	MIT
System.Composition.Runtime	6.0.0	MIT
System.Composition.TypedParts	6.0.0	MIT
System.Composition	6.0.0	MIT
System.IO.Pipelines	6.0.3	MIT
System.Interactive.Async	6.0.1	MIT
System.Linq.Async	6.0.1	MIT
System.Reflection.Metadata	6.0.1	MIT
System.Runtime.CompilerServices.Unsafe	6.0.0	MIT
System.Text.Encoding.CodePages	6.0.0	MIT
System.Text.Encodings.Web	8.0.0	MIT
System.Text.Json	8.0.0	MIT
System.Threading.Channels	6.0.0	MIT
System.Threading.Tasks.Extensions	4.5.4	MIT
System.ValueTuple	4.5.0	MIT
ThisAssembly.Constants	1.4.1	MIT
Ulid	1.2.6	MIT
YamlDotNet	15.1.6	MIT

Contact Qodana team

Contact us at qodana-support@jetbrains.com

• Or via our issue tracker: https://jb.gg/qodana-issue
• Or share your feedback: https://jb.gg/qodana-discussions

[jvyden]

There are some important security-focused concerns & considerations here

[Zaprit]

See comments

[Slendy]

LGTM, just change requiredMajor and requiredMinor to be private

[Zaprit]

my only concern is the configuration version, 30 doesn't seem right given that it was at 27