Merge pull request #12 from markroethof/master

Contributing!

Author: phifogg

ca8467c41b9abc10ce0f62c3b24bcbaa/checksum.txt

@@ -1 +1 @@
-ZOjLMA-C4RrIKNJc7i4svPHUEqPMY7c9JS9VarReiQPQ2sx2BGoBbm-1XwYKmazygymq8qa85ay0E9F21phcknYTmQ5Wla0JME5c2xmPQWV-x25CfLnK2a87yPJgQOQ7HTn2FiJm5bvBHXiX9fD_8MAwZF3EVUh1Vr6sJA_sKt_OCvResvBeRt1s9-eCyQOvcInU1hsSEm50eJNjRMTAVeWcMHNGPn1hNkcBouo0ZPJuSmgj8o67r6xIQXAX6o8smC17Tzo9UMoRr8p6MkfZuLs0-kikYzM9yE1gJuZqRSENu1oIYVxJsAfCaYllYyaf3B0NtRztaSaM8GuHrIiCMNky3KnxXs1otdzQOHzLVE15RHaLnnJxe3lRg20BuSitwNVbf4KZ4z0-1z5ncY2Oca9A3QLg7NNnW8zZWsAyl0THgnpTBVMqBMFelclDXoC9VUlPKFdMFiZ4T135v90kKcSEdLEn-wuIkzjXTTRnSB5AKasER_0ZB8QAA9ezvAzWBRgotzabgDT49UWcdj6D6nTaB8XbMCS2Ccj9YBGXS1W_gGVB8dFQL-NcHpRkG3TWdHSSNiKKSlM_S5N7aiw42W6wa8F_tHOsd28_hvYo1tdy2laSfCQ6kCHNzvrdQ_gnF6YzfcqLmVXTnD-yZhDPfIaek78TOoCqm5E82qgEmsc
+0x5JTGsuVftI6THFgd6j9kal0k6pwsnj87lodT9JdStqAayDcXdIdBk8dUx8rlf8_56U6lhRuZjOjMzr-8Bxhx9agM0G74E146s0Xejsu0kRSCW-gRwWm81jRtlvIeSfUAOc7KKbN8Yze_spJZd3xQ7KeA_eJT7XC35nPp2l3BtTSxbOJWAA3z__5StnoxHXag6QPhjIe9qvb872kl2ZksWp7PA0PUZ6S_VgFCRnzJVUy8EcuvDJLGzIZMtLhCQfftaWobqh96jpDGemEQtqxuefYrpgt8egIACDL3dgWSzd-MGaqx3ptqP9uyyAN_OWDu6sNpAJbjgxkvEx0vMMDIX6b9421p-LpoJDITTlI3yEsmXvAu7bOPvhbprXqOYC0w7BQ230UYBANBqgY15k6pttWnH6PyQU-mifsXPLg6OglVplGf884Y1Ak93-BANTOPNI1HwuQQIB_SWPyvL-_NLzMd7bNb9i-UtrjH4x4nZ1-DPVO6-iXSVm0IHdzHPxuM70OjDBZJN_v2tKekmwEGTgoD9bDIVnoODydrwjAsqZ1LxSNCKqkWN2VII0IEsSVrLAwzBl0SKWcQ4xo8pT2sssdxXOCd_eiXLVlYkSudrcK6DcmxugaXUajKumJkNt3rapqLTNsxXZ9jUHoRaVnUO5iGWi3ofqtw-ALdKOgS4

ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_linter_check_0b7623d41b1afc10ce0f62c3b24bcb24.xml

@@ -29,7 +29,7 @@ Care should be taken when setting system properties (sys_properties) using this
 					return;
 				}
 				
-				if (childnode.getNameIdentifier() === "setProperty" || node.getNameIdentifier() === "cacheFlush") {
+				if (childnode.getNameIdentifier() === "setProperty" || childnode.getNameIdentifier() === "cacheFlush") {
 					method_found = true;
 					return;
 				}
@@ -45,21 +45,21 @@ Care should be taken when setting system properties (sys_properties) using this
 				engine.finding.incrementWithNode(node);
 			}
         }
-
     });
+	
 })(engine);]]></script>
         <short_description>Cache flushed as part of scripts</short_description>
         <sys_class_name>scan_linter_check</sys_class_name>
         <sys_created_by>daniel.draes</sys_created_by>
         <sys_created_on>2021-08-27 07:18:40</sys_created_on>
         <sys_id>0b7623d41b1afc10ce0f62c3b24bcb24</sys_id>
-        <sys_mod_count>8</sys_mod_count>
+        <sys_mod_count>11</sys_mod_count>
         <sys_name>Cache flushed as part of scripts</sys_name>
         <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
         <sys_policy/>
         <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
         <sys_update_name>scan_linter_check_0b7623d41b1afc10ce0f62c3b24bcb24</sys_update_name>
-        <sys_updated_by>daniel.draes</sys_updated_by>
-        <sys_updated_on>2021-08-27 08:12:47</sys_updated_on>
+        <sys_updated_by>mark.roethof</sys_updated_by>
+        <sys_updated_on>2021-10-03 16:55:38</sys_updated_on>
     </scan_linter_check>
 </record_update>

ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_linter_check_0eeac3042f0730103307235df699b6d1.xml

@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_linter_check">
+    <scan_linter_check action="INSERT_OR_UPDATE">
+        <active>true</active>
+        <category>performance</category>
+        <description>getXMLAnswer only retrieves the Answer which we are actually after. getXML retrieves the whole XML document. In most cases, we are not interested in the whole XML document, though only in the Answer.&#13;
+For the rare cases where you are interested in the whole XML document, simply mute the generated scan finding.</description>
+        <documentation_url>https://community.servicenow.com/community?id=community_article&amp;sys_id=1c10a1fedbbd4890feb1a851ca961909</documentation_url>
+        <finding_type>scan_finding</finding_type>
+        <name>Consider using getXMLAnswer instead of getXML</name>
+        <priority>3</priority>
+        <resolution_details>Replace the usage of getXML by getXMLAnswer.</resolution_details>
+        <run_condition/>
+        <score_max>100</score_max>
+        <score_min>0</score_min>
+        <score_scale>1</score_scale>
+        <script><![CDATA[(function (engine) {
+
+	// Perform Linter Check
+	engine.rootNode.visit(function(node) {
+		if(node.getTypeName() === "NAME" &&
+		   node.getNameIdentifier() === "getXML" &&
+		   node.getParent().getTypeName() === "GETPROP") {
+			// Create scan finding
+			engine.finding.incrementWithNode(node);
+		}
+	});
+
+})(engine);]]></script>
+        <short_description>Consider using getXMLAnswer instead of getXML</short_description>
+        <sys_class_name>scan_linter_check</sys_class_name>
+        <sys_created_by>mark.roethof</sys_created_by>
+        <sys_created_on>2021-10-02 17:26:47</sys_created_on>
+        <sys_id>0eeac3042f0730103307235df699b6d1</sys_id>
+        <sys_mod_count>0</sys_mod_count>
+        <sys_name>Consider using getXMLAnswer instead of getXML</sys_name>
+        <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
+        <sys_policy/>
+        <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
+        <sys_update_name>scan_linter_check_0eeac3042f0730103307235df699b6d1</sys_update_name>
+        <sys_updated_by>mark.roethof</sys_updated_by>
+        <sys_updated_on>2021-10-02 17:26:47</sys_updated_on>
+    </scan_linter_check>
+</record_update>

ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_linter_check_2e2a8fc02f0730103307235df699b659.xml

@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_linter_check">
+    <scan_linter_check action="INSERT_OR_UPDATE">
+        <active>true</active>
+        <category>manageability</category>
+        <description>In general, you should use the array literal notation when possible. It is easier to read, it gives the compiler a chance to optimize your code, and it's mostly faster too.</description>
+        <documentation_url>https://www.java67.com/2014/08/difference-between-string-literal-and-new-String-object-Java.html</documentation_url>
+        <finding_type>scan_finding</finding_type>
+        <name>Don't use new Array()</name>
+        <priority>4</priority>
+        <resolution_details>Use [] instead of new Array().</resolution_details>
+        <run_condition/>
+        <score_max>100</score_max>
+        <score_min>0</score_min>
+        <score_scale>1</score_scale>
+        <script><![CDATA[(function (engine) {
+
+	// Perform Linter Check
+	engine.rootNode.visit(function(node) {
+		if(node.getTypeName() === "NAME" &&
+		   node.getNameIdentifier() === "Array" &&
+		   node.getParent().getTypeName() === "NEW") {
+			// Create scan finding
+			engine.finding.incrementWithNode(node);
+		}
+	});
+
+})(engine);]]></script>
+        <short_description>Don't use new Array()</short_description>
+        <sys_class_name>scan_linter_check</sys_class_name>
+        <sys_created_by>mark.roethof</sys_created_by>
+        <sys_created_on>2021-10-02 17:23:33</sys_created_on>
+        <sys_id>2e2a8fc02f0730103307235df699b659</sys_id>
+        <sys_mod_count>0</sys_mod_count>
+        <sys_name>Don't use new Array()</sys_name>
+        <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
+        <sys_policy/>
+        <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
+        <sys_update_name>scan_linter_check_2e2a8fc02f0730103307235df699b659</sys_update_name>
+        <sys_updated_by>mark.roethof</sys_updated_by>
+        <sys_updated_on>2021-10-02 17:23:33</sys_updated_on>
+    </scan_linter_check>
+</record_update>

ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_linter_check_51e943c02f0730103307235df699b64b.xml

@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_linter_check">
+    <scan_linter_check action="INSERT_OR_UPDATE">
+        <active>true</active>
+        <category>manageability</category>
+        <description>In general, you should use the object literal notation when possible. It is easier to read, it gives the compiler a chance to optimize your code, and it's mostly faster too.</description>
+        <documentation_url>https://www.java67.com/2014/08/difference-between-string-literal-and-new-String-object-Java.html</documentation_url>
+        <finding_type>scan_finding</finding_type>
+        <name>Don't use new Object()</name>
+        <priority>4</priority>
+        <resolution_details>Use {} instead of new Object().</resolution_details>
+        <run_condition/>
+        <score_max>100</score_max>
+        <score_min>0</score_min>
+        <score_scale>1</score_scale>
+        <script><![CDATA[(function (engine) {
+
+	// Perform Linter Check
+	engine.rootNode.visit(function(node) {
+		if(node.getTypeName() === "NAME" &&
+		   node.getNameIdentifier() === "Object" &&
+		   node.getParent().getTypeName() === "NEW") {
+			// Create scan finding
+			engine.finding.incrementWithNode(node);
+		}
+	});
+
+})(engine);]]></script>
+        <short_description>Don't use new Object()</short_description>
+        <sys_class_name>scan_linter_check</sys_class_name>
+        <sys_created_by>mark.roethof</sys_created_by>
+        <sys_created_on>2021-10-02 17:22:22</sys_created_on>
+        <sys_id>51e943c02f0730103307235df699b64b</sys_id>
+        <sys_mod_count>0</sys_mod_count>
+        <sys_name>Don't use new Object()</sys_name>
+        <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
+        <sys_policy/>
+        <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
+        <sys_update_name>scan_linter_check_51e943c02f0730103307235df699b64b</sys_update_name>
+        <sys_updated_by>mark.roethof</sys_updated_by>
+        <sys_updated_on>2021-10-02 17:22:22</sys_updated_on>
+    </scan_linter_check>
+</record_update>

ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_linter_check_b46a4fc02f0730103307235df699b6e0.xml

@@ -0,0 +1,95 @@
+<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_linter_check">
+    <scan_linter_check action="INSERT_OR_UPDATE">
+        <active>true</active>
+        <category>manageability</category>
+        <description>The "gs.log()", "gs.debug()", "console.log()", etc. statements can be used to write information to the system log, while the "gs.print()", etc. statements also sends it as output to the screen. It is generally used when debugging. Using "gs.log()", "gs.debug()", "console.log()", etc. statements on a production instance will pollute the system log, while it is never used as you do not perform debugging on a production instance.</description>
+        <documentation_url/>
+        <finding_type>scan_finding</finding_type>
+        <name>Scripts should not contain debugging statements in production</name>
+        <priority>3</priority>
+        <resolution_details>The best practice is to remove (commented) debug statements from scripts or making them conditionally controlled by a property.</resolution_details>
+        <run_condition/>
+        <score_max>100</score_max>
+        <score_min>0</score_min>
+        <score_scale>1</score_scale>
+        <script><![CDATA[(function(engine) {
+
+	engine.rootNode.visit(function(node) {
+		// gs.log, gs.info, gs.debug, gs.print
+		if(node.getTypeName() === "GETPROP") {
+			var gs_found = false;
+			var method_found = false;
+
+			node.visit(function(childnode) {
+				if(childnode.getTypeName() != "NAME") {
+					return;
+				}
+
+				if(childnode.getNameIdentifier() === "log" || childnode.getNameIdentifier() === "info" || childnode.getNameIdentifier() === "debug" || childnode.getNameIdentifier() === "print") {
+					method_found = true;
+					return;
+				}
+
+				if(childnode.getNameIdentifier() === "gs") {
+					gs_found = true;
+					return;
+				}
+			});
+
+			// Create scan finding
+			if(gs_found && method_found) {
+				engine.finding.incrementWithNode(node);
+			}
+		}
+		
+		// console.log
+		if(node.getTypeName() === "GETPROP") {
+			var console_found = false;
+			var log_found = false;
+
+			node.visit(function(childnode) {
+				if(childnode.getTypeName() != "NAME") {
+					return;
+				}
+
+				if(childnode.getNameIdentifier() === "log") {
+					log_found = true;
+					return;
+				}
+
+				if(childnode.getNameIdentifier() === "console") {
+					console_found = true;
+					return;
+				}
+			});
+
+			// Create scan finding
+			if(console_found && log_found) {
+				engine.finding.incrementWithNode(node);
+			}
+		}
+		
+		// jslog
+		if(node.getNameIdentifier() && node.getTypeName() === 'NAME' && node.getNameIdentifier() === 'jslog' && node.getParent().getTypeName() === 'CALL') {
+			// Create scan finding
+			engine.finding.incrementWithNode(node);
+		}
+
+	});
+
+})(engine);]]></script>
+        <short_description>Scripts should not contain debugging statements in production</short_description>
+        <sys_class_name>scan_linter_check</sys_class_name>
+        <sys_created_by>mark.roethof</sys_created_by>
+        <sys_created_on>2021-10-02 17:24:32</sys_created_on>
+        <sys_id>b46a4fc02f0730103307235df699b6e0</sys_id>
+        <sys_mod_count>0</sys_mod_count>
+        <sys_name>Scripts should not contain debugging statements in production</sys_name>
+        <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
+        <sys_policy/>
+        <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
+        <sys_update_name>scan_linter_check_b46a4fc02f0730103307235df699b6e0</sys_update_name>
+        <sys_updated_by>mark.roethof</sys_updated_by>
+        <sys_updated_on>2021-10-02 17:24:32</sys_updated_on>
+    </scan_linter_check>
+</record_update>

ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_script_only_check_7f8a38342f0330103307235df699b6b3.xml

@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_script_only_check">
+    <scan_script_only_check action="INSERT_OR_UPDATE">
+        <active>true</active>
+        <category>manageability</category>
+        <description>In general, for a single record only a few Workflow context will be running. If a high number of Workflow context are active, this often indicates an issue on the starting conditions of your Workflow. More then 10 active Workflow context is considered being a high number. </description>
+        <documentation_url/>
+        <finding_type>scan_finding</finding_type>
+        <name>High number of workflows running for a single record</name>
+        <priority>2</priority>
+        <resolution_details>Resolve the high number of triggered Workflow context and investigate the starting conditions of your Workflow and correct where necessary.</resolution_details>
+        <run_condition/>
+        <score_max>100</score_max>
+        <score_min>0</score_min>
+        <score_scale>1</score_scale>
+        <script><![CDATA[(function (finding) {
+
+	// Count record
+	var countRecord = new GlideAggregate('wf_context');
+	countRecord.addEncodedQuery('state=executing');
+	countRecord.groupBy('id');
+	countRecord.addAggregate('COUNT');
+	countRecord._query();
+
+	while(countRecord._next()) {
+		if(countRecord.getAggregate('COUNT') > 10) {
+			// Get record
+			var getRecord = new GlideRecord('wf_context');
+			getRecord.addQuery('id', countRecord.id);
+			getRecord.setLimit(1);
+			getRecord._query();
+
+			if(getRecord._next()) {
+				// Create scan finding
+				var createFinding = new GlideRecord(getRecord.getValue('table'));
+
+				if(createFinding.get(getRecord.getValue('id'))) {
+					finding.setCurrentSource(createFinding);
+					finding.increment();
+				}
+			}
+		}
+	}
+
+})(finding);]]></script>
+        <short_description>High number of workflows running for a single record</short_description>
+        <sys_class_name>scan_script_only_check</sys_class_name>
+        <sys_created_by>mark.roethof</sys_created_by>
+        <sys_created_on>2021-10-04 14:52:29</sys_created_on>
+        <sys_id>7f8a38342f0330103307235df699b6b3</sys_id>
+        <sys_mod_count>0</sys_mod_count>
+        <sys_name>High number of workflows running for a single record</sys_name>
+        <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
+        <sys_policy/>
+        <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
+        <sys_update_name>scan_script_only_check_7f8a38342f0330103307235df699b6b3</sys_update_name>
+        <sys_updated_by>mark.roethof</sys_updated_by>
+        <sys_updated_on>2021-10-04 14:52:29</sys_updated_on>
+    </scan_script_only_check>
+</record_update>

ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_table_check_33687cb02f0330103307235df699b685.xml

@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_table_check">
+    <scan_table_check action="INSERT_OR_UPDATE">
+        <active>true</active>
+        <advanced>false</advanced>
+        <category>manageability</category>
+        <conditions table="ecc_queue">state=ready^sys_created_onRELATIVELT@minute@ago@5^EQ<item display_value="ready" endquery="false" field="state" goto="false" newquery="false" operator="=" or="false" value="ready"/>
+            <item endquery="false" field="sys_created_on" goto="false" newquery="false" operator="RELATIVE" or="false" value="LT@minute@ago@5"/>
+            <item endquery="true" field="" goto="false" newquery="false" operator="=" or="false" value=""/>
+        </conditions>
+        <description>External Communication Channel (ECC) Queue is a connection point between an instance and the MID Server. Jobs that the MID Server needs to perform are saved in this queue until the MID Server is ready to handle them. The default polling interval is set to 40 seconds. When there are unprocessed queue records, this can indicate a large volume of queue records, a processing issue in general, or a MID Server issue.</description>
+        <documentation_url/>
+        <finding_type>scan_finding</finding_type>
+        <name>Unprocessed queues</name>
+        <priority>1</priority>
+        <resolution_details>Investigate the unprocessed queue records.</resolution_details>
+        <run_condition/>
+        <score_max>100</score_max>
+        <score_min>0</score_min>
+        <score_scale>1</score_scale>
+        <script><![CDATA[(function (engine) {
+
+    // Add your code here
+
+})(engine);]]></script>
+        <short_description>Unprocessed queues</short_description>
+        <sys_class_name>scan_table_check</sys_class_name>
+        <sys_created_by>mark.roethof</sys_created_by>
+        <sys_created_on>2021-10-04 14:43:47</sys_created_on>
+        <sys_id>33687cb02f0330103307235df699b685</sys_id>
+        <sys_mod_count>0</sys_mod_count>
+        <sys_name>Unprocessed queues</sys_name>
+        <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
+        <sys_policy/>
+        <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
+        <sys_update_name>scan_table_check_33687cb02f0330103307235df699b685</sys_update_name>
+        <sys_updated_by>mark.roethof</sys_updated_by>
+        <sys_updated_on>2021-10-04 14:43:47</sys_updated_on>
+        <table>ecc_queue</table>
+        <use_manifest>false</use_manifest>
+    </scan_table_check>
+</record_update>