From 6d4b9593b6b5be80a3d3de9b61cadc5aa9c1996c Mon Sep 17 00:00:00 2001 From: lanyuhang Date: Fri, 17 May 2019 17:05:39 +0800 Subject: [PATCH] feat: add openrasp-v8 as sub module --- .gitmodules | 3 + openrasp-plugin-devtool/.editorconfig | 10 - openrasp-plugin-devtool/.eslintrc.js | 33 - openrasp-plugin-devtool/.gitignore | 2 - openrasp-plugin-devtool/.npmignore | 1 - openrasp-plugin-devtool/LICENSE | 28 - openrasp-plugin-devtool/README.md | 40 - openrasp-plugin-devtool/bin/rasp | 11 - openrasp-plugin-devtool/bin/rasp-check | 2 - openrasp-plugin-devtool/dist/checkpoint.js | 309 ------ openrasp-plugin-devtool/dist/context.js | 95 -- openrasp-plugin-devtool/dist/error.js | 55 - openrasp-plugin-devtool/dist/rasp.js | 115 --- openrasp-plugin-devtool/example/plugin.js | 165 --- .../example/test/ability.test.js | 23 - openrasp-plugin-devtool/index.js | 4 - openrasp-plugin-devtool/lib/buildenv.js | 10 - .../lib/case/ability.test.js | 142 --- openrasp-plugin-devtool/lib/case/code.test.js | 63 -- .../lib/case/eslintconfig.js | 15 - openrasp-plugin-devtool/lib/case/sql-safe | 2 - openrasp-plugin-devtool/lib/case/sql-unsafe | 1 - openrasp-plugin-devtool/lib/check.js | 52 - .../lib/environment/checkpoint.js | 192 ---- .../lib/environment/context.js | 65 -- .../lib/environment/error.js | 33 - .../lib/environment/rasp.js | 95 -- openrasp-plugin-devtool/package.json | 35 - openrasp-plugin-devtool/yarn.lock | 952 ------------------ openrasp-v8 | 1 + 30 files changed, 4 insertions(+), 2550 deletions(-) create mode 100644 .gitmodules delete mode 100644 openrasp-plugin-devtool/.editorconfig delete mode 100644 openrasp-plugin-devtool/.eslintrc.js delete mode 100644 openrasp-plugin-devtool/.gitignore delete mode 100644 openrasp-plugin-devtool/.npmignore delete mode 100644 openrasp-plugin-devtool/LICENSE delete mode 100644 openrasp-plugin-devtool/README.md delete mode 100644 openrasp-plugin-devtool/bin/rasp delete mode 100644 openrasp-plugin-devtool/bin/rasp-check delete mode 100644 openrasp-plugin-devtool/dist/checkpoint.js delete mode 100644 openrasp-plugin-devtool/dist/context.js delete mode 100644 openrasp-plugin-devtool/dist/error.js delete mode 100644 openrasp-plugin-devtool/dist/rasp.js delete mode 100644 openrasp-plugin-devtool/example/plugin.js delete mode 100644 openrasp-plugin-devtool/example/test/ability.test.js delete mode 100644 openrasp-plugin-devtool/index.js delete mode 100644 openrasp-plugin-devtool/lib/buildenv.js delete mode 100644 openrasp-plugin-devtool/lib/case/ability.test.js delete mode 100644 openrasp-plugin-devtool/lib/case/code.test.js delete mode 100644 openrasp-plugin-devtool/lib/case/eslintconfig.js delete mode 100644 openrasp-plugin-devtool/lib/case/sql-safe delete mode 100644 openrasp-plugin-devtool/lib/case/sql-unsafe delete mode 100644 openrasp-plugin-devtool/lib/check.js delete mode 100644 openrasp-plugin-devtool/lib/environment/checkpoint.js delete mode 100644 openrasp-plugin-devtool/lib/environment/context.js delete mode 100644 openrasp-plugin-devtool/lib/environment/error.js delete mode 100644 openrasp-plugin-devtool/lib/environment/rasp.js delete mode 100644 openrasp-plugin-devtool/package.json delete mode 100644 openrasp-plugin-devtool/yarn.lock create mode 160000 openrasp-v8 diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 000000000..cded41373 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "openrasp-v8"] + path = openrasp-v8 + url = https://github.com/baidu-security/openrasp-v8.git diff --git a/openrasp-plugin-devtool/.editorconfig b/openrasp-plugin-devtool/.editorconfig deleted file mode 100644 index a43ac0668..000000000 --- a/openrasp-plugin-devtool/.editorconfig +++ /dev/null @@ -1,10 +0,0 @@ -root = true - -[*] -indent_style = space -indent_size = 4 -end_of_line = lf -charset = utf-8 - -[*.{json,yml}] -indent_size = 2 diff --git a/openrasp-plugin-devtool/.eslintrc.js b/openrasp-plugin-devtool/.eslintrc.js deleted file mode 100644 index a246b8516..000000000 --- a/openrasp-plugin-devtool/.eslintrc.js +++ /dev/null @@ -1,33 +0,0 @@ -'use strict' -module.exports = { - 'env': { - 'es6': true, - 'commonjs': true, - 'node': true - }, - 'extends': 'eslint:recommended', - 'rules': { - 'indent': ['error', 4], - 'linebreak-style': 'off', - 'quotes': 'off', - 'semi': ['error', 'always'], - 'no-unused-vars': 'off', - 'no-console': 'off', - 'space-before-blocks': ['error', 'always'], - 'space-infix-ops': 'error', - 'space-before-function-paren': ['error', { - 'anonymous': 'always', - 'named': 'never' - }], - 'arrow-spacing': 'error', - 'comma-spacing': ['error', {'before': false, 'after': true}], - 'keyword-spacing': ['error', {'before': true, 'after': true}], - 'key-spacing': ['error', {'beforeColon': false, 'afterColon': true}] - }, - 'globals':{ - 'RASP': true, - 'Attack': true, - 'PluginError': true, - 'Context': true - } -} diff --git a/openrasp-plugin-devtool/.gitignore b/openrasp-plugin-devtool/.gitignore deleted file mode 100644 index 28f1ba756..000000000 --- a/openrasp-plugin-devtool/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -node_modules -.DS_Store \ No newline at end of file diff --git a/openrasp-plugin-devtool/.npmignore b/openrasp-plugin-devtool/.npmignore deleted file mode 100644 index 3c3629e64..000000000 --- a/openrasp-plugin-devtool/.npmignore +++ /dev/null @@ -1 +0,0 @@ -node_modules diff --git a/openrasp-plugin-devtool/LICENSE b/openrasp-plugin-devtool/LICENSE deleted file mode 100644 index 42f560e69..000000000 --- a/openrasp-plugin-devtool/LICENSE +++ /dev/null @@ -1,28 +0,0 @@ -BSD 3-Clause License - -Copyright (c) 2017 Baidu, Inc. All Rights Reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - -* Redistributions of source code must retain the above copyright notice, this - list of conditions and the following disclaimer. - -* Redistributions in binary form must reproduce the above copyright notice, - this list of conditions and the following disclaimer in the documentation - and/or other materials provided with the distribution. - -* Neither the name of the copyright holder nor the names of its - contributors may be used to endorse or promote products derived from - this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/openrasp-plugin-devtool/README.md b/openrasp-plugin-devtool/README.md deleted file mode 100644 index 611efabe0..000000000 --- a/openrasp-plugin-devtool/README.md +++ /dev/null @@ -1,40 +0,0 @@ -# OpenRASP - -A CLI tool for [OpenRASP](https://rasp.baidu.com) JavaScript plugins development. - -### Installation - -Prerequisites: [Node.js](https://nodejs.org) (>=4.x) with npm version 3+ - -```bash -$ npm install -g openrasp -``` - -### Usage - -Check the ability and syntax of the plugin: - -```bash -$ rasp check - - Usage: rasp check - - - Options: - - -t, --test-dir specify a custom test cases directory - -h, --help output usage information -``` -Example: - -```bash -$ rasp check plugin.js - - √ 插件代码检查 代码规范: 150ms - √ 插件代码检查 模拟环境: 15ms - √ 插件能力测试 sql 安全 DESC wp_users: 16ms - √ 插件能力测试 sql 安全 select name, email from users where id = 1002: 0ms - √ 插件能力测试 sql 不安全 select name, email from users where id = 1002 and 1=2 union select table_name, table_schema from information_schema.tables: 0ms - - 5 passing (238ms) -``` diff --git a/openrasp-plugin-devtool/bin/rasp b/openrasp-plugin-devtool/bin/rasp deleted file mode 100644 index fe39dd148..000000000 --- a/openrasp-plugin-devtool/bin/rasp +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/env node -/* eslint-env node */ - -console.log(); -console.log(' OpenRASP - https://rasp.baidu.com'); - -require('commander') - .version(require('../package').version) - .usage(' [options]') - .command('check', 'check the plugin') - .parse(process.argv); diff --git a/openrasp-plugin-devtool/bin/rasp-check b/openrasp-plugin-devtool/bin/rasp-check deleted file mode 100644 index 1b81a553d..000000000 --- a/openrasp-plugin-devtool/bin/rasp-check +++ /dev/null @@ -1,2 +0,0 @@ -#!/usr/bin/env node -require('../lib/check'); diff --git a/openrasp-plugin-devtool/dist/checkpoint.js b/openrasp-plugin-devtool/dist/checkpoint.js deleted file mode 100644 index 889a9f363..000000000 --- a/openrasp-plugin-devtool/dist/checkpoint.js +++ /dev/null @@ -1,309 +0,0 @@ -/** - * @file - */ -'use strict'; - -var _createClass = function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; }(); - -function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } } - -var CheckPointCommand = function () { - function CheckPointCommand(data) { - _classCallCheck(this, CheckPointCommand); - - this.command = data.command; - } - - _createClass(CheckPointCommand, null, [{ - key: 'name', - get: function get() { - return 'command'; - } - }]); - - return CheckPointCommand; -}(); -Object.defineProperty(global, 'CheckPointCommand', { - value: CheckPointCommand, - enumerable: true -}); - -var CheckPointDirectory = function () { - function CheckPointDirectory(data) { - _classCallCheck(this, CheckPointDirectory); - - this.path = data.path; - this.realpath = data.realpath; - } - - _createClass(CheckPointDirectory, null, [{ - key: 'name', - get: function get() { - return 'directory'; - } - }]); - - return CheckPointDirectory; -}(); -Object.defineProperty(global, 'CheckPointDirectory', { - value: CheckPointDirectory, - enumerable: true -}); - -var CheckPointFileUpload = function () { - function CheckPointFileUpload(data) { - _classCallCheck(this, CheckPointFileUpload); - - this.filename = data.filename; - this.content = data.content; - } - - _createClass(CheckPointFileUpload, null, [{ - key: 'name', - get: function get() { - return 'fileUpload'; - } - }]); - - return CheckPointFileUpload; -}(); -Object.defineProperty(global, 'CheckPointFileUpload', { - value: CheckPointFileUpload, - enumerable: true -}); - -var CheckPointReadFile = function () { - function CheckPointReadFile(data) { - _classCallCheck(this, CheckPointReadFile); - - this.path = data.path; - this.realpath = data.realpath; - } - - _createClass(CheckPointReadFile, null, [{ - key: 'name', - get: function get() { - return 'readFile'; - } - }]); - - return CheckPointReadFile; -}(); -Object.defineProperty(global, 'CheckPointReadFile', { - value: CheckPointReadFile, - enumerable: true -}); - -var CheckPointRequest = function () { - function CheckPointRequest(data) { - _classCallCheck(this, CheckPointRequest); - - this.request = data.request; - } - - _createClass(CheckPointRequest, null, [{ - key: 'name', - get: function get() { - return 'request'; - } - }]); - - return CheckPointRequest; -}(); -Object.defineProperty(global, 'CheckPointRequest', { - value: CheckPointRequest, - enumerable: true -}); - -var CheckPointSQL = function () { - function CheckPointSQL(data) { - _classCallCheck(this, CheckPointSQL); - - this.query = data.query; - this.server = data.server; - } - - _createClass(CheckPointSQL, null, [{ - key: 'name', - get: function get() { - return 'sql'; - } - }]); - - return CheckPointSQL; -}(); -Object.defineProperty(global, 'CheckPointSQL', { - value: CheckPointSQL, - enumerable: true -}); - -var CheckPointWriteFile = function () { - function CheckPointWriteFile(data) { - _classCallCheck(this, CheckPointWriteFile); - - this.name = data.name; - this.realpath = data.realpath; - this.content = data.content; - } - - _createClass(CheckPointWriteFile, null, [{ - key: 'name', - get: function get() { - return 'writeFile'; - } - }]); - - return CheckPointWriteFile; -}(); -Object.defineProperty(global, 'CheckPointWriteFile', { - value: CheckPointWriteFile, - enumerable: true -}); - -var CheckPointXXE = function () { - function CheckPointXXE(data) { - _classCallCheck(this, CheckPointXXE); - - this.entity = data.entity; - } - - _createClass(CheckPointXXE, null, [{ - key: 'name', - get: function get() { - return 'xxe'; - } - }]); - - return CheckPointXXE; -}(); -Object.defineProperty(global, 'CheckPointXXE', { - value: CheckPointXXE, - enumerable: true -}); - -var CheckPointOGNL = function () { - function CheckPointOGNL(data) { - _classCallCheck(this, CheckPointOGNL); - - this.expression = data.expression; - } - - _createClass(CheckPointOGNL, null, [{ - key: 'name', - get: function get() { - return 'ognl'; - } - }]); - - return CheckPointOGNL; -}(); -Object.defineProperty(global, 'CheckPointOGNL', { - value: CheckPointOGNL, - enumerable: true -}); - -var CheckPointDeserialization = function () { - function CheckPointDeserialization(data) { - _classCallCheck(this, CheckPointDeserialization); - - this.clazz = data.clazz; - } - - _createClass(CheckPointDeserialization, null, [{ - key: 'name', - get: function get() { - return 'deserialization'; - } - }]); - - return CheckPointDeserialization; -}(); -Object.defineProperty(global, 'CheckPointDeserialization', { - value: CheckPointDeserialization, - enumerable: true -}); - -var CheckPointWebdav = function () { - function CheckPointWebdav(data) { - _classCallCheck(this, CheckPointWebdav); - - this.clazz = data.clazz; - } - - _createClass(CheckPointWebdav, null, [{ - key: 'name', - get: function get() { - return 'webdav'; - } - }]); - - return CheckPointWebdav; -}(); -Object.defineProperty(global, 'CheckPointWebdav', { - value: CheckPointWebdav, - enumerable: true -}); - -var CheckPointSSRF = function () { - function CheckPointSSRF(data) { - _classCallCheck(this, CheckPointSSRF); - - this.clazz = data.clazz; - } - - _createClass(CheckPointSSRF, null, [{ - key: 'name', - get: function get() { - return 'ssrf'; - } - }]); - - return CheckPointSSRF; -}(); -Object.defineProperty(global, 'CheckPointSSRF', { - value: CheckPointSSRF, - enumerable: true -}); - -var CheckPointInclude = function () { - function CheckPointInclude(data) { - _classCallCheck(this, CheckPointInclude); - - this.clazz = data.clazz; - } - - _createClass(CheckPointInclude, null, [{ - key: 'name', - get: function get() { - return 'include'; - } - }]); - - return CheckPointInclude; -}(); -Object.defineProperty(global, 'CheckPointInclude', { - value: CheckPointInclude, - enumerable: true -}); - -var CheckPointRename = function () { - function CheckPointRename(data) { - _classCallCheck(this, CheckPointRename); - - this.source = data.source; - this.dest = data.dest; - } - - _createClass(CheckPointRename, null, [{ - key: 'name', - get: function get() { - return 'rename'; - } - }]); - - return CheckPointRename; -}(); -Object.defineProperty(global, 'CheckPointRename', { - value: CheckPointRename, - enumerable: true -}); \ No newline at end of file diff --git a/openrasp-plugin-devtool/dist/context.js b/openrasp-plugin-devtool/dist/context.js deleted file mode 100644 index 7c30e3705..000000000 --- a/openrasp-plugin-devtool/dist/context.js +++ /dev/null @@ -1,95 +0,0 @@ -/** - * @file - */ -'use strict'; - -var _createClass = function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; }(); - -function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } } - -var Context = function () { - function Context(data) { - _classCallCheck(this, Context); - - Object.assign(this, data); - } - - _createClass(Context, [{ - key: 'path', - get: function get() { - if (this.getPath) { - return this.getPath(); - } - } - }, { - key: 'url', - get: function get() { - if (this.getUrl) { - return this.getUrl(); - } - } - }, { - key: 'querystring', - get: function get() { - if (this.getQuerystring) { - return this.getQuerystring(); - } - } - }, { - key: 'method', - get: function get() { - if (this.getMethod) { - return this.getMethod(); - } - } - }, { - key: 'protocol', - get: function get() { - if (this.getProtocol) { - return this.getProtocol(); - } - } - }, { - key: 'header', - get: function get() { - if (this.getHeader) { - return this.getHeader(); - } - } - }, { - key: 'parameter', - get: function get() { - if (this.getParameter) { - return this.getParameter(); - } - } - }, { - key: 'body', - get: function get() { - if (this.getBody) { - return this.getBody(); - } - } - }, { - key: 'remoteAddr', - get: function get() { - if (this.getRemoteAddr) { - return this.getRemoteAddr(); - } - } - }, { - key: 'server', - get: function get() { - if (this.getServer) { - return this.getServer(); - } - } - }]); - - return Context; -}(); - -Object.defineProperty(global, 'Context', { - value: Context, - enumerable: true -}); \ No newline at end of file diff --git a/openrasp-plugin-devtool/dist/error.js b/openrasp-plugin-devtool/dist/error.js deleted file mode 100644 index 1a36168da..000000000 --- a/openrasp-plugin-devtool/dist/error.js +++ /dev/null @@ -1,55 +0,0 @@ -/** - * @file - */ -'use strict'; - -function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } } - -function _possibleConstructorReturn(self, call) { if (!self) { throw new ReferenceError("this hasn't been initialised - super() hasn't been called"); } return call && (typeof call === "object" || typeof call === "function") ? call : self; } - -function _inherits(subClass, superClass) { if (typeof superClass !== "function" && superClass !== null) { throw new TypeError("Super expression must either be null or a function, not " + typeof superClass); } subClass.prototype = Object.create(superClass && superClass.prototype, { constructor: { value: subClass, enumerable: false, writable: true, configurable: true } }); if (superClass) Object.setPrototypeOf ? Object.setPrototypeOf(subClass, superClass) : subClass.__proto__ = superClass; } - -var Attack = function (_Error) { - _inherits(Attack, _Error); - - function Attack(msg) { - _classCallCheck(this, Attack); - - var _this = _possibleConstructorReturn(this, (Attack.__proto__ || Object.getPrototypeOf(Attack)).call(this, msg)); - - Object.defineProperty(_this, 'name', { - value: 'Attack' - }); - Error.captureStackTrace(_this, Attack); - return _this; - } - - return Attack; -}(Error); - -var PluginError = function (_Error2) { - _inherits(PluginError, _Error2); - - function PluginError(msg) { - _classCallCheck(this, PluginError); - - var _this2 = _possibleConstructorReturn(this, (PluginError.__proto__ || Object.getPrototypeOf(PluginError)).call(this, msg)); - - Object.defineProperty(_this2, 'name', { - value: 'PluginError' - }); - Error.captureStackTrace(_this2, Attack); - return _this2; - } - - return PluginError; -}(Error); - -Object.defineProperty(global, 'Attack', { - value: Attack, - enumerable: true -}); -Object.defineProperty(global, 'PluginError', { - value: PluginError, - enumerable: true -}); \ No newline at end of file diff --git a/openrasp-plugin-devtool/dist/rasp.js b/openrasp-plugin-devtool/dist/rasp.js deleted file mode 100644 index 817f94bb4..000000000 --- a/openrasp-plugin-devtool/dist/rasp.js +++ /dev/null @@ -1,115 +0,0 @@ -/** - * @file - */ -'use strict'; -/* globals Attack */ - -var _typeof = typeof Symbol === "function" && typeof Symbol.iterator === "symbol" ? function (obj) { return typeof obj; } : function (obj) { return obj && typeof Symbol === "function" && obj.constructor === Symbol && obj !== Symbol.prototype ? "symbol" : typeof obj; }; - -var _createClass = function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ("value" in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; }(); - -function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError("Cannot call a class as a function"); } } - -var RASP = function () { - function RASP(name) { - _classCallCheck(this, RASP); - - if (typeof name !== 'string' || name.length == 0) { - throw new TypeError('Plugin name must be a string'); - } - this.name = name; - RASP.plugins[name] = this; - } - - _createClass(RASP, [{ - key: 'register', - value: function register(checkPoint, checkProcess) { - if (typeof checkPoint !== 'string' || checkPoint.length == 0) { - throw new TypeError('Check point name must be a string'); - } - if (!RASP.checkPoints[checkPoint]) { - this.log('Unknown check point name \'' + checkPoint + '\''); - return; - } - if (typeof checkProcess !== 'function') { - throw new TypeError('Check process must be a function'); - } - RASP.checkPoints[checkPoint].push({ - func: checkProcess, - plugin: this - }); - } - }, { - key: 'log', - value: function log() { - var len = arguments.length; - var args = Array(len); - for (var key = 0; key < len; key++) { - args[key] = arguments[key]; - } - console.log.apply(console, ['[' + this.name + ']'].concat(args)); - } - }, { - key: 'request', - value: function request() {} - }, { - key: 'getCache', - value: function getCache() {} - }, { - key: 'setCache', - value: function setCache() {} - }], [{ - key: 'check', - value: function check(checkPoint, checkParams, checkContext) { - if (typeof checkPoint !== 'string' || checkPoint.length == 0) { - throw new TypeError('Check point name must be a string'); - } - if (!RASP.checkPoints[checkPoint]) { - throw new Error('Unknown check point name \'' + checkPoint + '\''); - } - var results = RASP.checkPoints[checkPoint].map(function (checkProcess) { - var result = {}; - try { - result = checkProcess.func(checkParams, checkContext); - } catch (e) { - if (e instanceof Attack) { - result.action = 'block'; - result.message = e.message + '\n' + e.stack; - } else { - console.log(e.toString(), '\n', e.stack); - result.action = 'ignore'; - } - } - result = (typeof result === 'undefined' ? 'undefined' : _typeof(result)) === 'object' ? result : {}; - result.action = result.action || 'ignore'; - result.message = result.message || ''; - result.name = result.name || checkProcess.plugin.name; - result.confidence = result.confidence || 0; - return result; - }); - return results; - } - }, { - key: 'clean', - value: function clean() { - Object.keys(RASP.plugins).forEach(function (key) { - delete RASP.plugins[key]; - }); - Object.keys(global).filter(function (key) { - return key.startsWith('CheckPoint'); - }).forEach(function (key) { - RASP.checkPoints[global[key].name] = []; - }); - } - }]); - - return RASP; -}(); -RASP.plugins = {}; -RASP.checkPoints = {}; -RASP.clean(); - -Object.defineProperty(global, 'RASP', { - value: RASP, - enumerable: true -}); \ No newline at end of file diff --git a/openrasp-plugin-devtool/example/plugin.js b/openrasp-plugin-devtool/example/plugin.js deleted file mode 100644 index 386dce2de..000000000 --- a/openrasp-plugin-devtool/example/plugin.js +++ /dev/null @@ -1,165 +0,0 @@ -/** - * @file - */ -'use strict'; -/* globals RASP */ -var plugin = new RASP('example'); - -var clean = { - action: 'ignore', - message: '无风险' -}; - -var xssRegex = /||javascript:(?!(?:history\.(?:go|back)|void\(0\)))/i; -var nameRegex = /\.(jspx?|php[345]?|phtml)\.?$/i; -var uaRegex = /nessus|sqlmap|nikto|havij|netsparker/i; -var sqlRegex = /\bupdatexml\s*\(|\bextractvalue\s*\(|\bunion.*select.*(from|into|benchmark).*\b/i; -var sysRegex = /^\/(etc|proc|sys|var\/log)(\/|$)/; -var ognlPayloads = [ - 'ognl.OgnlContext', - 'ognl.TypeConverter', - 'ognl.MemberAccess', - '_memberAccess', - 'ognl.ClassResolver', - 'java.lang.Runtime', - 'java.lang.Class', - 'java.lang.ClassLoader', - 'java.lang.System', - 'java.lang.ProcessBuilder', - 'java.lang.Object', 'java.lang.Shutdown', - 'java.io.File', - 'javax.script.ScriptEngineManager', - 'com.opensymphony.xwork2.ActionContext' -]; -var deserializationInvalidClazz = [ - 'org.apache.commons.collections.functors.InvokerTransformer', - 'org.apache.commons.collections.functors.InstantiateTransformer', - 'org.apache.commons.collections4.functors.InvokerTransformer', - 'org.apache.commons.collections4.functors.InstantiateTransformer', - 'org.codehaus.groovy.runtime.ConvertedClosure', - 'org.codehaus.groovy.runtime.MethodClosure', - 'org.springframework.beans.factory.ObjectFactory' -]; - -function canonicalPath(path) { - return path.replace(/\/\.\//g, '/').replace(/\/+/g, '/'); -} - -plugin.register('directory', function (params) { - var path = canonicalPath(params.path); - if (path.indexOf('/../../../') !== -1) { - return { - action: 'block', - message: '目录遍历攻击' - }; - } - - if (sysRegex.test(path)) { - return { - action: 'block', - message: '读取系统目录' - }; - } - return clean; -}); - -plugin.register('readFile', function (params) { - var path = canonicalPath(params.path); - if (path.indexOf('/../../../') !== -1) { - return { - action: 'block', - message: '目录遍历攻击' - }; - } - - if (sysRegex.test(path)) { - return { - action: 'block', - message: '读取系统文件' - }; - } - return clean; -}); - -plugin.register('writeFile', function (params) { - return clean; -}); - -plugin.register('fileUpload', function (params) { - if (nameRegex.test(params.filename)) { - return { - action: 'block', - message: '尝试上传脚本文件: ' + params.filename - }; - } - return clean; -}); - -plugin.register('sql', function (params) { - if (sqlRegex.test(params.query)) { - return { - action: 'block', - message: 'SQL 注入攻击' - }; - } - return clean; -}); - -plugin.register('command', function (params) { - return { - action: 'block', - message: '尝试执行命令' - }; -}); - -plugin.register('xxe', function (params) { - var items = params.entity.split('://'); - - if (items.length >= 2) { - var protocol = items[0]; - /* eslint-disable */ - var path = items[1]; - /* eslint-enable */ - if (protocol === 'gopher') { - return { - action: 'block', - message: 'SSRF 攻击(gopher 协议)' - }; - } - - if (protocol === 'file') { - return { - action: 'log', - message: '尝试读取外部实体 (file 协议)' - }; - } - } - return clean; -}); - -plugin.register('ognl', function (params) { - var ognlExpression = params.expression; - for (var index in ognlPayloads) { - if (ognlExpression.indexOf(ognlPayloads[index]) > -1) { - return { - action: 'block', - message: '尝试ognl远程命令执行' - }; - } - - } - return clean; -}); - -plugin.register('deserialization', function (params) { - var clazz = params.clazz; - for (var index in deserializationInvalidClazz) { - if (clazz === deserializationInvalidClazz[index]) { - return { - action: 'block', - message: '尝试反序列化攻击' - }; - } - } - return clean; -}); diff --git a/openrasp-plugin-devtool/example/test/ability.test.js b/openrasp-plugin-devtool/example/test/ability.test.js deleted file mode 100644 index b574dbf94..000000000 --- a/openrasp-plugin-devtool/example/test/ability.test.js +++ /dev/null @@ -1,23 +0,0 @@ -/** - * @file - */ -'use strict'; -/* eslint-env mocha */ -/* globals Context */ -const expect = require('chai').expect; -describe('自定义测试', function () { - describe('SQL注入测试', function () { - it('union 注入', function () { - var results = RASP.check('sql', { - server: 'mysql', - query: `select name, email from users where id = 1002 and 1=2 - union select table_name, table_schema from information_schema.tables` - }, new Context()); - expect(results).to.be.a('array'); - results.forEach(result => { - expect(result).to.have.property('action').to.equal('block'); - expect(result).to.have.property('message').to.be.a('string'); - }); - }); - }); -}); diff --git a/openrasp-plugin-devtool/index.js b/openrasp-plugin-devtool/index.js deleted file mode 100644 index 5c2307f55..000000000 --- a/openrasp-plugin-devtool/index.js +++ /dev/null @@ -1,4 +0,0 @@ -/** - * @file - */ -require('./lib/buildenv'); diff --git a/openrasp-plugin-devtool/lib/buildenv.js b/openrasp-plugin-devtool/lib/buildenv.js deleted file mode 100644 index 3782b5185..000000000 --- a/openrasp-plugin-devtool/lib/buildenv.js +++ /dev/null @@ -1,10 +0,0 @@ -/** - * @file - */ -'use strict'; -const path = require('path'); - -require(path.resolve(__dirname, 'environment', 'checkpoint.js')); -require(path.resolve(__dirname, 'environment', 'context.js')); -require(path.resolve(__dirname, 'environment', 'error.js')); -require(path.resolve(__dirname, 'environment', 'rasp.js')); diff --git a/openrasp-plugin-devtool/lib/case/ability.test.js b/openrasp-plugin-devtool/lib/case/ability.test.js deleted file mode 100644 index f9b21345f..000000000 --- a/openrasp-plugin-devtool/lib/case/ability.test.js +++ /dev/null @@ -1,142 +0,0 @@ -/** - * @file - */ -'use strict'; -/* eslint-env mocha */ -/* global RASP, Context */ - -const expect = require('chai').expect; -const fs = require('fs'); -const path = require('path'); -const program = require('commander'); - -describe('插件能力测试', function () { - describe('sql', function () { - before(function () { - if (!Array.isArray(RASP.checkPoints.sql) || - RASP.checkPoints.sql.length === 0) { - this.skip(); - } - }); - - describe('安全', function () { - let safe = fs.readFileSync(path.resolve(__dirname, './sql-safe'), 'utf8') - .replace(/\r\n/g, '\n').split('\n').filter(sql => sql.trim().length !== 0); - safe.forEach(sql => { - it(sql, function () { - let results = RASP.check('sql', { - query: sql, - server: 'mysql' - }, new Context()); - expect(results).to.be.a('array'); - results.forEach(result => { - expect(result).to.be.a('object'); - expect(result.action).to.be.a('string').but.not.equal('block'); - }); - }); - }); - }); - - describe('不安全', function () { - let unsafe = fs.readFileSync(path.resolve(__dirname, './sql-unsafe'), 'utf8') - .replace(/\r\n/g, '\n').split('\n').filter(sql => sql.trim().length !== 0); - unsafe.forEach(sql => { - it(sql, function () { - let results = RASP.check('sql', { - query: sql, - server: 'mysql' - }, new Context()); - expect(results).to.be.a('array'); - results.forEach(result => { - expect(result).to.be.a('object'); - expect(result.action).to.be.a('string').and.equal('block'); - }); - }); - }); - }); - }); - - describe('xxe', function () { - before(function () { - if (!Array.isArray(RASP.checkPoints.xxe) || - RASP.checkPoints.xxe.length === 0) { - this.skip(); - } - }); - - describe('安全', function () {}); - describe('不安全', function () {}); - }); - - describe('directory', function () { - before(function () { - if (!Array.isArray(RASP.checkPoints.directory) || - RASP.checkPoints.directory.length === 0) { - this.skip(); - } - }); - - describe('安全', function () {}); - describe('不安全', function () {}); - }); - - describe('request', function () { - before(function () { - if (!Array.isArray(RASP.checkPoints.request) || - RASP.checkPoints.request.length === 0) { - this.skip(); - } - }); - - describe('安全', function () {}); - describe('不安全', function () {}); - }); - - describe('readFile', function () { - before(function () { - if (!Array.isArray(RASP.checkPoints.readFile) || - RASP.checkPoints.readFile.length === 0) { - this.skip(); - } - }); - - describe('安全', function () {}); - describe('不安全', function () {}); - }); - - describe('writeFile', function () { - before(function () { - if (!Array.isArray(RASP.checkPoints.writeFile) || - RASP.checkPoints.writeFile.length === 0) { - this.skip(); - } - }); - - describe('安全', function () {}); - describe('不安全', function () {}); - }); - - describe('fileUpload', function () { - before(function () { - if (!Array.isArray(RASP.checkPoints.fileUpload) || - RASP.checkPoints.fileUpload.length === 0) { - this.skip(); - } - }); - - describe('安全', function () {}); - describe('不安全', function () {}); - }); - - describe('command', function () { - before(function () { - if (!Array.isArray(RASP.checkPoints.command) || - RASP.checkPoints.command.length === 0) { - this.skip(); - } - }); - - describe('安全', function () {}); - describe('不安全', function () {}); - }); -}); diff --git a/openrasp-plugin-devtool/lib/case/code.test.js b/openrasp-plugin-devtool/lib/case/code.test.js deleted file mode 100644 index dd0701d96..000000000 --- a/openrasp-plugin-devtool/lib/case/code.test.js +++ /dev/null @@ -1,63 +0,0 @@ -/** - * @file - */ -'use strict'; -/* eslint-env mocha */ - -const fs = require('fs'); -const vm = require('vm'); -const path = require('path'); -const program = require('commander'); -const CLIEngine = require('eslint').CLIEngine; -let cli = new CLIEngine({ - configFile: path.resolve(__dirname, 'eslintconfig.js'), - useEslintrc: false -}); - -describe('插件代码检查', function () { - before(function () { - this.filename = program.args[0]; - this.filepath = path.resolve(process.cwd(), this.filename); - }); - - it('代码规范', function () { - this.slow(500); - let report = cli.executeOnFiles([this.filepath]); - let formatter = cli.getFormatter(); - - if (report) { - if (report.errorCount > 0) { - throw new Error(formatter(report.results)); - } else if (report.warningCount > 0) { - console.log(formatter(report.results)); - } - } - }); - - it('模拟环境', function () { - let sandbox = {console}; - sandbox.global = sandbox; - vm.createContext(sandbox); - - let checkpoint = path.resolve(__dirname, '..', 'environment', 'checkpoint.js'); - let context = path.resolve(__dirname, '..', 'environment', 'context.js'); - let error = path.resolve(__dirname, '..', 'environment', 'error.js'); - let rasp = path.resolve(__dirname, '..', 'environment', 'rasp.js'); - - vm.runInContext(`(function(){ ${fs.readFileSync(checkpoint, 'utf8')} })()`, sandbox, { - filename: 'checkpoint' - }); - vm.runInContext(`(function(){ ${fs.readFileSync(context, 'utf8')} })()`, sandbox, { - filename: 'context' - }); - vm.runInContext(`(function(){ ${fs.readFileSync(error, 'utf8')} })()`, sandbox, { - filename: 'error' - }); - vm.runInContext(`(function(){ ${fs.readFileSync(rasp, 'utf8')} })()`, sandbox, { - filename: 'rasp' - }); - vm.runInContext(`(function(){ ${fs.readFileSync(this.filepath, 'utf8')} })()`, sandbox, { - filename: this.filename - }); - }); -}); diff --git a/openrasp-plugin-devtool/lib/case/eslintconfig.js b/openrasp-plugin-devtool/lib/case/eslintconfig.js deleted file mode 100644 index 81a64256b..000000000 --- a/openrasp-plugin-devtool/lib/case/eslintconfig.js +++ /dev/null @@ -1,15 +0,0 @@ -/** - * @file - */ -'use strict'; -module.exports = { - 'extends': 'eslint:recommended', - 'globals': { - 'RASP': true, - 'Attack': true, - 'PluginError': true - }, - 'rules': { - 'no-unused-vars': 'off' - } -}; diff --git a/openrasp-plugin-devtool/lib/case/sql-safe b/openrasp-plugin-devtool/lib/case/sql-safe deleted file mode 100644 index 9c41fe765..000000000 --- a/openrasp-plugin-devtool/lib/case/sql-safe +++ /dev/null @@ -1,2 +0,0 @@ -DESC wp_users -select name, email from users where id = 1002 diff --git a/openrasp-plugin-devtool/lib/case/sql-unsafe b/openrasp-plugin-devtool/lib/case/sql-unsafe deleted file mode 100644 index 9fa646ff3..000000000 --- a/openrasp-plugin-devtool/lib/case/sql-unsafe +++ /dev/null @@ -1 +0,0 @@ -select name, email from users where id = 1002 and 1=2 union select table_name, table_schema from information_schema.tables diff --git a/openrasp-plugin-devtool/lib/check.js b/openrasp-plugin-devtool/lib/check.js deleted file mode 100644 index b95ad64da..000000000 --- a/openrasp-plugin-devtool/lib/check.js +++ /dev/null @@ -1,52 +0,0 @@ -/** - * @file - */ -'use strict'; -/* eslint-env node */ -const fs = require('fs'); -const path = require('path'); -const program = require('commander'); -const Mocha = require('mocha'); -require('./buildenv'); - -program.usage('') - .option('-t, --test-dir ', 'specify a custom test cases directory') - .parse(process.argv); - -if (program.args.length < 1) { - return program.help(); -} - -let filename = program.args[0]; -let filepath = path.resolve(process.cwd(), filename); -require(filepath); - -let mocha = new Mocha({ - bail: true, - useColors: true, - slow: 20, - reporter: 'list' -}); - -mocha.addFile( - path.join(path.resolve(__dirname, 'case', 'code.test.js')) -); -mocha.addFile( - path.join(path.resolve(__dirname, 'case', 'ability.test.js')) -); - -if (program.testDir) { - fs.readdirSync(path.resolve(process.cwd(), program.testDir)) - .filter(file => file.substr(-8) === '.test.js') - .forEach(file => { - mocha.addFile( - path.join(path.resolve(process.cwd(), program.testDir, file)) - ); - }); -} - -mocha.run(failures => { - process.on('exit', () => { - process.exit(failures); - }); -}); diff --git a/openrasp-plugin-devtool/lib/environment/checkpoint.js b/openrasp-plugin-devtool/lib/environment/checkpoint.js deleted file mode 100644 index 47fb55177..000000000 --- a/openrasp-plugin-devtool/lib/environment/checkpoint.js +++ /dev/null @@ -1,192 +0,0 @@ -/** - * @file - */ -'use strict'; - -const CheckPointCommand = class { - constructor(data) { - this.command = data.command; - } - - static get name() { - return 'command'; - } -}; -Object.defineProperty(global, 'CheckPointCommand', { - value: CheckPointCommand, - enumerable: true -}); - -const CheckPointDirectory = class { - constructor(data) { - this.path = data.path; - this.realpath = data.realpath; - } - - static get name() { - return 'directory'; - } -}; -Object.defineProperty(global, 'CheckPointDirectory', { - value: CheckPointDirectory, - enumerable: true -}); - -const CheckPointFileUpload = class { - constructor(data) { - this.filename = data.filename; - this.content = data.content; - } - - static get name() { - return 'fileUpload'; - } -}; -Object.defineProperty(global, 'CheckPointFileUpload', { - value: CheckPointFileUpload, - enumerable: true -}); - -const CheckPointReadFile = class { - constructor(data) { - this.path = data.path; - this.realpath = data.realpath; - } - - static get name() { - return 'readFile'; - } -}; -Object.defineProperty(global, 'CheckPointReadFile', { - value: CheckPointReadFile, - enumerable: true -}); - -const CheckPointRequest = class { - constructor(data) { - this.request = data.request; - } - - static get name() { - return 'request'; - } -}; -Object.defineProperty(global, 'CheckPointRequest', { - value: CheckPointRequest, - enumerable: true -}); - -const CheckPointSQL = class { - constructor(data) { - this.query = data.query; - this.server = data.server; - } - - static get name() { - return 'sql'; - } -}; -Object.defineProperty(global, 'CheckPointSQL', { - value: CheckPointSQL, - enumerable: true -}); - -const CheckPointWriteFile = class { - constructor(data) { - this.name = data.name; - this.realpath = data.realpath; - this.content = data.content; - } - - static get name() { - return 'writeFile'; - } -}; -Object.defineProperty(global, 'CheckPointWriteFile', { - value: CheckPointWriteFile, - enumerable: true -}); - -const CheckPointXXE = class { - constructor(data) { - this.entity = data.entity; - } - - static get name() { - return 'xxe'; - } -}; -Object.defineProperty(global, 'CheckPointXXE', { - value: CheckPointXXE, - enumerable: true -}); - -const CheckPointOGNL = class { - constructor(data) { - this.expression = data.expression; - } - - static get name() { - return 'ognl'; - } -}; -Object.defineProperty(global, 'CheckPointOGNL', { - value: CheckPointOGNL, - enumerable: true -}); - -const CheckPointDeserialization = class { - constructor(data) { - this.clazz = data.clazz; - } - - static get name() { - return 'deserialization'; - } -}; -Object.defineProperty(global, 'CheckPointDeserialization', { - value: CheckPointDeserialization, - enumerable: true -}); - -const CheckPointWebdav = class { - constructor(data) { - this.clazz = data.clazz; - } - - static get name() { - return 'webdav'; - } -}; -Object.defineProperty(global, 'CheckPointWebdav', { - value: CheckPointWebdav, - enumerable: true -}); - -const CheckPointSSRF = class { - constructor(data) { - this.clazz = data.clazz; - } - - static get name() { - return 'ssrf'; - } -}; -Object.defineProperty(global, 'CheckPointSSRF', { - value: CheckPointSSRF, - enumerable: true -}); - -const CheckPointInclude = class { - constructor(data) { - this.clazz = data.clazz; - } - - static get name() { - return 'include'; - } -}; -Object.defineProperty(global, 'CheckPointInclude', { - value: CheckPointInclude, - enumerable: true -}); diff --git a/openrasp-plugin-devtool/lib/environment/context.js b/openrasp-plugin-devtool/lib/environment/context.js deleted file mode 100644 index b694496fb..000000000 --- a/openrasp-plugin-devtool/lib/environment/context.js +++ /dev/null @@ -1,65 +0,0 @@ -/** - * @file - */ -'use strict'; - -const Context = class { - constructor(data) { - Object.assign(this, data); - } - get path() { - if (this.getPath) { - return this.getPath(); - } - } - get url() { - if (this.getUrl) { - return this.getUrl(); - } - } - get querystring() { - if (this.getQuerystring) { - return this.getQuerystring(); - } - } - get method() { - if (this.getMethod) { - return this.getMethod(); - } - } - get protocol() { - if (this.getProtocol) { - return this.getProtocol(); - } - } - get header() { - if (this.getHeader) { - return this.getHeader(); - } - } - get parameter() { - if (this.getParameter) { - return this.getParameter(); - } - } - get body() { - if (this.getBody) { - return this.getBody(); - } - } - get remoteAddr() { - if (this.getRemoteAddr) { - return this.getRemoteAddr(); - } - } - get server() { - if (this.getServer) { - return this.getServer(); - } - } -}; - -Object.defineProperty(global, 'Context', { - value: Context, - enumerable: true -}); diff --git a/openrasp-plugin-devtool/lib/environment/error.js b/openrasp-plugin-devtool/lib/environment/error.js deleted file mode 100644 index 374d030fc..000000000 --- a/openrasp-plugin-devtool/lib/environment/error.js +++ /dev/null @@ -1,33 +0,0 @@ -/** - * @file - */ -'use strict'; - -const Attack = class extends Error { - constructor(msg) { - super(msg); - Object.defineProperty(this, 'name', { - value: 'Attack' - }); - Error.captureStackTrace(this, Attack); - } -}; - -const PluginError = class extends Error { - constructor(msg) { - super(msg); - Object.defineProperty(this, 'name', { - value: 'PluginError' - }); - Error.captureStackTrace(this, Attack); - } -}; - -Object.defineProperty(global, 'Attack', { - value: Attack, - enumerable: true -}); -Object.defineProperty(global, 'PluginError', { - value: PluginError, - enumerable: true -}); diff --git a/openrasp-plugin-devtool/lib/environment/rasp.js b/openrasp-plugin-devtool/lib/environment/rasp.js deleted file mode 100644 index cff0aa758..000000000 --- a/openrasp-plugin-devtool/lib/environment/rasp.js +++ /dev/null @@ -1,95 +0,0 @@ -/** - * @file - */ -'use strict'; -/* globals Attack */ -const RASP = class { - constructor(name) { - if (typeof(name) !== 'string' || name.length == 0) { - throw new TypeError('Plugin name must be a string'); - } - this.name = name; - RASP.plugins[name] = this; - } - - static check(checkPoint, checkParams, checkContext) { - if (typeof(checkPoint) !== 'string' || checkPoint.length == 0) { - throw new TypeError('Check point name must be a string'); - } - if (!RASP.checkPoints[checkPoint]) { - throw new Error('Unknown check point name \'' + checkPoint + '\''); - } - let results = RASP.checkPoints[checkPoint].map(checkProcess => { - let result = {}; - try { - result = checkProcess.func(checkParams, checkContext); - } catch (e) { - if (e instanceof Attack) { - result.action = 'block'; - result.message = e.message + '\n' + e.stack; - } else { - console.log(e.toString(), '\n', e.stack); - result.action = 'ignore'; - } - } - result = typeof(result) === 'object' ? result : {}; - result.action = result.action || 'ignore'; - result.message = result.message || ''; - result.name = result.name || checkProcess.plugin.name; - result.confidence = result.confidence || 0; - return result; - }); - return results; - } - - static clean() { - Object.keys(RASP.plugins).forEach(key => { - delete RASP.plugins[key]; - }) - Object.keys(global) - .filter(key => key.startsWith('CheckPoint')) - .forEach(key => { - RASP.checkPoints[global[key].name] = []; - }); - } - - register(checkPoint, checkProcess) { - if (typeof(checkPoint) !== 'string' || checkPoint.length == 0) { - throw new TypeError('Check point name must be a string'); - } - if (!RASP.checkPoints[checkPoint]) { - this.log('Unknown check point name \'' + checkPoint + '\''); - return; - } - if (typeof(checkProcess) !== 'function') { - throw new TypeError('Check process must be a function'); - } - RASP.checkPoints[checkPoint].push({ - func: checkProcess, - plugin: this - }); - } - - log() { - let len = arguments.length; - let args = Array(len); - for (let key = 0; key < len; key++) { - args[key] = arguments[key]; - } - console.log.apply(console, ['[' + this.name + ']'].concat(args)); - } - - request() {} - - getCache() {} - - setCache() {} -}; -RASP.plugins = {}; -RASP.checkPoints = {}; -RASP.clean(); - -Object.defineProperty(global, 'RASP', { - value: RASP, - enumerable: true -}); diff --git a/openrasp-plugin-devtool/package.json b/openrasp-plugin-devtool/package.json deleted file mode 100644 index edc165443..000000000 --- a/openrasp-plugin-devtool/package.json +++ /dev/null @@ -1,35 +0,0 @@ -{ - "name": "openrasp", - "version": "0.1.5", - "description": "A CLI tool for OpenRASP JavaScript plugins development", - "preferGlobal": true, - "main": "index.js", - "scripts": { - "build": "babel -d dist --presets es2015 lib/environment", - "test": "echo \"Error: no test specified\" && exit 1" - }, - "homepage": "https://rasp.baidu.com", - "bin": { - "rasp": "bin/rasp", - "rasp-check": "bin/rasp-check" - }, - "repository": { - "type": "git", - "url": "git+https://github.com/baidu-security/openrasp-plugin-devtool.git" - }, - "bugs": { - "url": "https://github.com/baidu-security/openrasp-plugin-devtool/issues" - }, - "author": "Lan Yuhang ", - "license": "BSD", - "dependencies": { - "chai": "^4.0.2", - "commander": "^2.11.0", - "eslint": "^4.1.1", - "mocha": "^3.4.2" - }, - "devDependencies": { - "babel-cli": "^6.26.0", - "babel-preset-es2015": "^6.24.1" - } -} diff --git a/openrasp-plugin-devtool/yarn.lock b/openrasp-plugin-devtool/yarn.lock deleted file mode 100644 index 9a7dffa4e..000000000 --- a/openrasp-plugin-devtool/yarn.lock +++ /dev/null @@ -1,952 +0,0 @@ -# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. -# yarn lockfile v1 - - -acorn-jsx@^3.0.0: - version "3.0.1" - resolved "http://registry.npm.taobao.org/acorn-jsx/download/acorn-jsx-3.0.1.tgz#afdf9488fb1ecefc8348f6fb22f464e32a58b36b" - dependencies: - acorn "^3.0.4" - -acorn@^3.0.4: - version "3.3.0" - resolved "http://registry.npm.taobao.org/acorn/download/acorn-3.3.0.tgz#45e37fb39e8da3f25baee3ff5369e2bb5f22017a" - -acorn@^5.0.1: - version "5.1.1" - resolved "http://registry.npm.taobao.org/acorn/download/acorn-5.1.1.tgz#53fe161111f912ab999ee887a90a0bc52822fd75" - -ajv-keywords@^1.0.0: - version "1.5.1" - resolved "http://registry.npm.taobao.org/ajv-keywords/download/ajv-keywords-1.5.1.tgz#314dd0a4b3368fad3dfcdc54ede6171b886daf3c" - -ajv@^4.7.0: - version "4.11.8" - resolved "http://registry.npm.taobao.org/ajv/download/ajv-4.11.8.tgz#82ffb02b29e662ae53bdc20af15947706739c536" - dependencies: - co "^4.6.0" - json-stable-stringify "^1.0.1" - -ajv@^5.2.0: - version "5.2.2" - resolved "http://registry.npm.taobao.org/ajv/download/ajv-5.2.2.tgz#47c68d69e86f5d953103b0074a9430dc63da5e39" - dependencies: - co "^4.6.0" - fast-deep-equal "^1.0.0" - json-schema-traverse "^0.3.0" - json-stable-stringify "^1.0.1" - -ansi-escapes@^2.0.0: - version "2.0.0" - resolved "http://registry.npm.taobao.org/ansi-escapes/download/ansi-escapes-2.0.0.tgz#5bae52be424878dd9783e8910e3fc2922e83c81b" - -ansi-regex@^2.0.0: - version "2.1.1" - resolved "http://registry.npm.taobao.org/ansi-regex/download/ansi-regex-2.1.1.tgz#c3b33ab5ee360d86e0e628f0468ae7ef27d654df" - -ansi-regex@^3.0.0: - version "3.0.0" - resolved "http://registry.npm.taobao.org/ansi-regex/download/ansi-regex-3.0.0.tgz#ed0317c322064f79466c02966bddb605ab37d998" - -ansi-styles@^2.2.1: - version "2.2.1" - resolved "http://registry.npm.taobao.org/ansi-styles/download/ansi-styles-2.2.1.tgz#b432dd3358b634cf75e1e4664368240533c1ddbe" - -ansi-styles@^3.1.0: - version "3.2.0" - resolved "http://registry.npm.taobao.org/ansi-styles/download/ansi-styles-3.2.0.tgz#c159b8d5be0f9e5a6f346dab94f16ce022161b88" - dependencies: - color-convert "^1.9.0" - -argparse@^1.0.7: - version "1.0.9" - resolved "http://registry.npm.taobao.org/argparse/download/argparse-1.0.9.tgz#73d83bc263f86e97f8cc4f6bae1b0e90a7d22c86" - dependencies: - sprintf-js "~1.0.2" - -array-union@^1.0.1: - version "1.0.2" - resolved "http://registry.npm.taobao.org/array-union/download/array-union-1.0.2.tgz#9a34410e4f4e3da23dea375be5be70f24778ec39" - dependencies: - array-uniq "^1.0.1" - -array-uniq@^1.0.1: - version "1.0.3" - resolved "http://registry.npm.taobao.org/array-uniq/download/array-uniq-1.0.3.tgz#af6ac877a25cc7f74e058894753858dfdb24fdb6" - -arrify@^1.0.0: - version "1.0.1" - resolved "http://registry.npm.taobao.org/arrify/download/arrify-1.0.1.tgz#898508da2226f380df904728456849c1501a4b0d" - -assertion-error@^1.0.1: - version "1.0.2" - resolved "http://registry.npm.taobao.org/assertion-error/download/assertion-error-1.0.2.tgz#13ca515d86206da0bac66e834dd397d87581094c" - -babel-code-frame@^6.22.0: - version "6.22.0" - resolved "http://registry.npm.taobao.org/babel-code-frame/download/babel-code-frame-6.22.0.tgz#027620bee567a88c32561574e7fd0801d33118e4" - dependencies: - chalk "^1.1.0" - esutils "^2.0.2" - js-tokens "^3.0.0" - -balanced-match@^1.0.0: - version "1.0.0" - resolved "http://registry.npm.taobao.org/balanced-match/download/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767" - -brace-expansion@^1.1.7: - version "1.1.8" - resolved "http://registry.npm.taobao.org/brace-expansion/download/brace-expansion-1.1.8.tgz#c07b211c7c952ec1f8efd51a77ef0d1d3990a292" - dependencies: - balanced-match "^1.0.0" - concat-map "0.0.1" - -browser-stdout@1.3.0: - version "1.3.0" - resolved "http://registry.npm.taobao.org/browser-stdout/download/browser-stdout-1.3.0.tgz#f351d32969d32fa5d7a5567154263d928ae3bd1f" - -caller-path@^0.1.0: - version "0.1.0" - resolved "http://registry.npm.taobao.org/caller-path/download/caller-path-0.1.0.tgz#94085ef63581ecd3daa92444a8fe94e82577751f" - dependencies: - callsites "^0.2.0" - -callsites@^0.2.0: - version "0.2.0" - resolved "http://registry.npm.taobao.org/callsites/download/callsites-0.2.0.tgz#afab96262910a7f33c19a5775825c69f34e350ca" - -chai@^4.0.2: - version "4.1.0" - resolved "http://registry.npm.taobao.org/chai/download/chai-4.1.0.tgz#331a0391b55c3af8740ae9c3b7458bc1c3805e6d" - dependencies: - assertion-error "^1.0.1" - check-error "^1.0.1" - deep-eql "^2.0.1" - get-func-name "^2.0.0" - pathval "^1.0.0" - type-detect "^4.0.0" - -chalk@^1.1.0, chalk@^1.1.1, chalk@^1.1.3: - version "1.1.3" - resolved "http://registry.npm.taobao.org/chalk/download/chalk-1.1.3.tgz#a8115c55e4a702fe4d150abd3872822a7e09fc98" - dependencies: - ansi-styles "^2.2.1" - escape-string-regexp "^1.0.2" - has-ansi "^2.0.0" - strip-ansi "^3.0.0" - supports-color "^2.0.0" - -chalk@^2.0.0: - version "2.0.1" - resolved "http://registry.npm.taobao.org/chalk/download/chalk-2.0.1.tgz#dbec49436d2ae15f536114e76d14656cdbc0f44d" - dependencies: - ansi-styles "^3.1.0" - escape-string-regexp "^1.0.5" - supports-color "^4.0.0" - -check-error@^1.0.1: - version "1.0.2" - resolved "http://registry.npm.taobao.org/check-error/download/check-error-1.0.2.tgz#574d312edd88bb5dd8912e9286dd6c0aed4aac82" - -circular-json@^0.3.1: - version "0.3.3" - resolved "http://registry.npm.taobao.org/circular-json/download/circular-json-0.3.3.tgz#815c99ea84f6809529d2f45791bdf82711352d66" - -cli-cursor@^2.1.0: - version "2.1.0" - resolved "http://registry.npm.taobao.org/cli-cursor/download/cli-cursor-2.1.0.tgz#b35dac376479facc3e94747d41d0d0f5238ffcb5" - dependencies: - restore-cursor "^2.0.0" - -cli-width@^2.0.0: - version "2.1.0" - resolved "http://registry.npm.taobao.org/cli-width/download/cli-width-2.1.0.tgz#b234ca209b29ef66fc518d9b98d5847b00edf00a" - -co@^4.6.0: - version "4.6.0" - resolved "http://registry.npm.taobao.org/co/download/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" - -color-convert@^1.9.0: - version "1.9.0" - resolved "http://registry.npm.taobao.org/color-convert/download/color-convert-1.9.0.tgz#1accf97dd739b983bf994d56fec8f95853641b7a" - dependencies: - color-name "^1.1.1" - -color-name@^1.1.1: - version "1.1.3" - resolved "http://registry.npm.taobao.org/color-name/download/color-name-1.1.3.tgz#a7d0558bd89c42f795dd42328f740831ca53bc25" - -commander@2.9.0: - version "2.9.0" - resolved "http://registry.npm.taobao.org/commander/download/commander-2.9.0.tgz#9c99094176e12240cb22d6c5146098400fe0f7d4" - dependencies: - graceful-readlink ">= 1.0.0" - -commander@^2.11.0: - version "2.11.0" - resolved "http://registry.npm.taobao.org/commander/download/commander-2.11.0.tgz#157152fd1e7a6c8d98a5b715cf376df928004563" - -concat-map@0.0.1: - version "0.0.1" - resolved "http://registry.npm.taobao.org/concat-map/download/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" - -concat-stream@^1.6.0: - version "1.6.0" - resolved "http://registry.npm.taobao.org/concat-stream/download/concat-stream-1.6.0.tgz#0aac662fd52be78964d5532f694784e70110acf7" - dependencies: - inherits "^2.0.3" - readable-stream "^2.2.2" - typedarray "^0.0.6" - -core-util-is@~1.0.0: - version "1.0.2" - resolved "http://registry.npm.taobao.org/core-util-is/download/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" - -cross-spawn@^5.1.0: - version "5.1.0" - resolved "http://registry.npm.taobao.org/cross-spawn/download/cross-spawn-5.1.0.tgz#e8bd0efee58fcff6f8f94510a0a554bbfa235449" - dependencies: - lru-cache "^4.0.1" - shebang-command "^1.2.0" - which "^1.2.9" - -debug@2.6.8, debug@^2.6.8: - version "2.6.8" - resolved "http://registry.npm.taobao.org/debug/download/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc" - dependencies: - ms "2.0.0" - -deep-eql@^2.0.1: - version "2.0.2" - resolved "http://registry.npm.taobao.org/deep-eql/download/deep-eql-2.0.2.tgz#b1bac06e56f0a76777686d50c9feb75c2ed7679a" - dependencies: - type-detect "^3.0.0" - -deep-is@~0.1.3: - version "0.1.3" - resolved "http://registry.npm.taobao.org/deep-is/download/deep-is-0.1.3.tgz#b369d6fb5dbc13eecf524f91b070feedc357cf34" - -del@^2.0.2: - version "2.2.2" - resolved "http://registry.npm.taobao.org/del/download/del-2.2.2.tgz#c12c981d067846c84bcaf862cff930d907ffd1a8" - dependencies: - globby "^5.0.0" - is-path-cwd "^1.0.0" - is-path-in-cwd "^1.0.0" - object-assign "^4.0.1" - pify "^2.0.0" - pinkie-promise "^2.0.0" - rimraf "^2.2.8" - -diff@3.2.0: - version "3.2.0" - resolved "http://registry.npm.taobao.org/diff/download/diff-3.2.0.tgz#c9ce393a4b7cbd0b058a725c93df299027868ff9" - -doctrine@^2.0.0: - version "2.0.0" - resolved "http://registry.npm.taobao.org/doctrine/download/doctrine-2.0.0.tgz#c73d8d2909d22291e1a007a395804da8b665fe63" - dependencies: - esutils "^2.0.2" - isarray "^1.0.0" - -escape-string-regexp@1.0.5, escape-string-regexp@^1.0.2, escape-string-regexp@^1.0.5: - version "1.0.5" - resolved "http://registry.npm.taobao.org/escape-string-regexp/download/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" - -eslint-scope@^3.7.1: - version "3.7.1" - resolved "http://registry.npm.taobao.org/eslint-scope/download/eslint-scope-3.7.1.tgz#3d63c3edfda02e06e01a452ad88caacc7cdcb6e8" - dependencies: - esrecurse "^4.1.0" - estraverse "^4.1.1" - -eslint@^4.1.1: - version "4.3.0" - resolved "http://registry.npm.taobao.org/eslint/download/eslint-4.3.0.tgz#fcd7c96376bbf34c85ee67ed0012a299642b108f" - dependencies: - ajv "^5.2.0" - babel-code-frame "^6.22.0" - chalk "^1.1.3" - concat-stream "^1.6.0" - cross-spawn "^5.1.0" - debug "^2.6.8" - doctrine "^2.0.0" - eslint-scope "^3.7.1" - espree "^3.4.3" - esquery "^1.0.0" - estraverse "^4.2.0" - esutils "^2.0.2" - file-entry-cache "^2.0.0" - functional-red-black-tree "^1.0.1" - glob "^7.1.2" - globals "^9.17.0" - ignore "^3.3.3" - imurmurhash "^0.1.4" - inquirer "^3.0.6" - is-resolvable "^1.0.0" - js-yaml "^3.8.4" - json-stable-stringify "^1.0.1" - levn "^0.3.0" - lodash "^4.17.4" - minimatch "^3.0.2" - mkdirp "^0.5.1" - natural-compare "^1.4.0" - optionator "^0.8.2" - path-is-inside "^1.0.2" - pluralize "^4.0.0" - progress "^2.0.0" - require-uncached "^1.0.3" - semver "^5.3.0" - strip-json-comments "~2.0.1" - table "^4.0.1" - text-table "~0.2.0" - -espree@^3.4.3: - version "3.4.3" - resolved "http://registry.npm.taobao.org/espree/download/espree-3.4.3.tgz#2910b5ccd49ce893c2ffffaab4fd8b3a31b82374" - dependencies: - acorn "^5.0.1" - acorn-jsx "^3.0.0" - -esprima@^4.0.0: - version "4.0.0" - resolved "http://registry.npm.taobao.org/esprima/download/esprima-4.0.0.tgz#4499eddcd1110e0b218bacf2fa7f7f59f55ca804" - -esquery@^1.0.0: - version "1.0.0" - resolved "http://registry.npm.taobao.org/esquery/download/esquery-1.0.0.tgz#cfba8b57d7fba93f17298a8a006a04cda13d80fa" - dependencies: - estraverse "^4.0.0" - -esrecurse@^4.1.0: - version "4.2.0" - resolved "http://registry.npm.taobao.org/esrecurse/download/esrecurse-4.2.0.tgz#fa9568d98d3823f9a41d91e902dcab9ea6e5b163" - dependencies: - estraverse "^4.1.0" - object-assign "^4.0.1" - -estraverse@^4.0.0, estraverse@^4.1.0, estraverse@^4.1.1, estraverse@^4.2.0: - version "4.2.0" - resolved "http://registry.npm.taobao.org/estraverse/download/estraverse-4.2.0.tgz#0dee3fed31fcd469618ce7342099fc1afa0bdb13" - -esutils@^2.0.2: - version "2.0.2" - resolved "http://registry.npm.taobao.org/esutils/download/esutils-2.0.2.tgz#0abf4f1caa5bcb1f7a9d8acc6dea4faaa04bac9b" - -external-editor@^2.0.4: - version "2.0.4" - resolved "http://registry.npm.taobao.org/external-editor/download/external-editor-2.0.4.tgz#1ed9199da9cbfe2ef2f7a31b2fde8b0d12368972" - dependencies: - iconv-lite "^0.4.17" - jschardet "^1.4.2" - tmp "^0.0.31" - -fast-deep-equal@^1.0.0: - version "1.0.0" - resolved "http://registry.npm.taobao.org/fast-deep-equal/download/fast-deep-equal-1.0.0.tgz#96256a3bc975595eb36d82e9929d060d893439ff" - -fast-levenshtein@~2.0.4: - version "2.0.6" - resolved "http://registry.npm.taobao.org/fast-levenshtein/download/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917" - -figures@^2.0.0: - version "2.0.0" - resolved "http://registry.npm.taobao.org/figures/download/figures-2.0.0.tgz#3ab1a2d2a62c8bfb431a0c94cb797a2fce27c962" - dependencies: - escape-string-regexp "^1.0.5" - -file-entry-cache@^2.0.0: - version "2.0.0" - resolved "http://registry.npm.taobao.org/file-entry-cache/download/file-entry-cache-2.0.0.tgz#c392990c3e684783d838b8c84a45d8a048458361" - dependencies: - flat-cache "^1.2.1" - object-assign "^4.0.1" - -flat-cache@^1.2.1: - version "1.2.2" - resolved "http://registry.npm.taobao.org/flat-cache/download/flat-cache-1.2.2.tgz#fa86714e72c21db88601761ecf2f555d1abc6b96" - dependencies: - circular-json "^0.3.1" - del "^2.0.2" - graceful-fs "^4.1.2" - write "^0.2.1" - -fs.realpath@^1.0.0: - version "1.0.0" - resolved "http://registry.npm.taobao.org/fs.realpath/download/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" - -functional-red-black-tree@^1.0.1: - version "1.0.1" - resolved "http://registry.npm.taobao.org/functional-red-black-tree/download/functional-red-black-tree-1.0.1.tgz#1b0ab3bd553b2a0d6399d29c0e3ea0b252078327" - -get-func-name@^2.0.0: - version "2.0.0" - resolved "http://registry.npm.taobao.org/get-func-name/download/get-func-name-2.0.0.tgz#ead774abee72e20409433a066366023dd6887a41" - -glob@7.1.1: - version "7.1.1" - resolved "http://registry.npm.taobao.org/glob/download/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8" - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.2" - once "^1.3.0" - path-is-absolute "^1.0.0" - -glob@^7.0.3, glob@^7.0.5, glob@^7.1.2: - version "7.1.2" - resolved "http://registry.npm.taobao.org/glob/download/glob-7.1.2.tgz#c19c9df9a028702d678612384a6552404c636d15" - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.4" - once "^1.3.0" - path-is-absolute "^1.0.0" - -globals@^9.17.0: - version "9.18.0" - resolved "http://registry.npm.taobao.org/globals/download/globals-9.18.0.tgz#aa3896b3e69b487f17e31ed2143d69a8e30c2d8a" - -globby@^5.0.0: - version "5.0.0" - resolved "http://registry.npm.taobao.org/globby/download/globby-5.0.0.tgz#ebd84667ca0dbb330b99bcfc68eac2bc54370e0d" - dependencies: - array-union "^1.0.1" - arrify "^1.0.0" - glob "^7.0.3" - object-assign "^4.0.1" - pify "^2.0.0" - pinkie-promise "^2.0.0" - -graceful-fs@^4.1.2: - version "4.1.11" - resolved "http://registry.npm.taobao.org/graceful-fs/download/graceful-fs-4.1.11.tgz#0e8bdfe4d1ddb8854d64e04ea7c00e2a026e5658" - -"graceful-readlink@>= 1.0.0": - version "1.0.1" - resolved "http://registry.npm.taobao.org/graceful-readlink/download/graceful-readlink-1.0.1.tgz#4cafad76bc62f02fa039b2f94e9a3dd3a391a725" - -growl@1.9.2: - version "1.9.2" - resolved "http://registry.npm.taobao.org/growl/download/growl-1.9.2.tgz#0ea7743715db8d8de2c5ede1775e1b45ac85c02f" - -has-ansi@^2.0.0: - version "2.0.0" - resolved "http://registry.npm.taobao.org/has-ansi/download/has-ansi-2.0.0.tgz#34f5049ce1ecdf2b0649af3ef24e45ed35416d91" - dependencies: - ansi-regex "^2.0.0" - -has-flag@^1.0.0: - version "1.0.0" - resolved "http://registry.npm.taobao.org/has-flag/download/has-flag-1.0.0.tgz#9d9e793165ce017a00f00418c43f942a7b1d11fa" - -has-flag@^2.0.0: - version "2.0.0" - resolved "http://registry.npm.taobao.org/has-flag/download/has-flag-2.0.0.tgz#e8207af1cc7b30d446cc70b734b5e8be18f88d51" - -iconv-lite@^0.4.17: - version "0.4.18" - resolved "http://registry.npm.taobao.org/iconv-lite/download/iconv-lite-0.4.18.tgz#23d8656b16aae6742ac29732ea8f0336a4789cf2" - -ignore@^3.3.3: - version "3.3.3" - resolved "http://registry.npm.taobao.org/ignore/download/ignore-3.3.3.tgz#432352e57accd87ab3110e82d3fea0e47812156d" - -imurmurhash@^0.1.4: - version "0.1.4" - resolved "http://registry.npm.taobao.org/imurmurhash/download/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea" - -inflight@^1.0.4: - version "1.0.6" - resolved "http://registry.npm.taobao.org/inflight/download/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" - dependencies: - once "^1.3.0" - wrappy "1" - -inherits@2, inherits@^2.0.3, inherits@~2.0.3: - version "2.0.3" - resolved "http://registry.npm.taobao.org/inherits/download/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de" - -inquirer@^3.0.6: - version "3.2.1" - resolved "http://registry.npm.taobao.org/inquirer/download/inquirer-3.2.1.tgz#06ceb0f540f45ca548c17d6840959878265fa175" - dependencies: - ansi-escapes "^2.0.0" - chalk "^2.0.0" - cli-cursor "^2.1.0" - cli-width "^2.0.0" - external-editor "^2.0.4" - figures "^2.0.0" - lodash "^4.3.0" - mute-stream "0.0.7" - run-async "^2.2.0" - rx-lite "^4.0.8" - rx-lite-aggregates "^4.0.8" - string-width "^2.1.0" - strip-ansi "^4.0.0" - through "^2.3.6" - -is-fullwidth-code-point@^2.0.0: - version "2.0.0" - resolved "http://registry.npm.taobao.org/is-fullwidth-code-point/download/is-fullwidth-code-point-2.0.0.tgz#a3b30a5c4f199183167aaab93beefae3ddfb654f" - -is-path-cwd@^1.0.0: - version "1.0.0" - resolved "http://registry.npm.taobao.org/is-path-cwd/download/is-path-cwd-1.0.0.tgz#d225ec23132e89edd38fda767472e62e65f1106d" - -is-path-in-cwd@^1.0.0: - version "1.0.0" - resolved "http://registry.npm.taobao.org/is-path-in-cwd/download/is-path-in-cwd-1.0.0.tgz#6477582b8214d602346094567003be8a9eac04dc" - dependencies: - is-path-inside "^1.0.0" - -is-path-inside@^1.0.0: - version "1.0.0" - resolved "http://registry.npm.taobao.org/is-path-inside/download/is-path-inside-1.0.0.tgz#fc06e5a1683fbda13de667aff717bbc10a48f37f" - dependencies: - path-is-inside "^1.0.1" - -is-promise@^2.1.0: - version "2.1.0" - resolved "http://registry.npm.taobao.org/is-promise/download/is-promise-2.1.0.tgz#79a2a9ece7f096e80f36d2b2f3bc16c1ff4bf3fa" - -is-resolvable@^1.0.0: - version "1.0.0" - resolved "http://registry.npm.taobao.org/is-resolvable/download/is-resolvable-1.0.0.tgz#8df57c61ea2e3c501408d100fb013cf8d6e0cc62" - dependencies: - tryit "^1.0.1" - -isarray@^1.0.0, isarray@~1.0.0: - version "1.0.0" - resolved "http://registry.npm.taobao.org/isarray/download/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" - -isexe@^2.0.0: - version "2.0.0" - resolved "http://registry.npm.taobao.org/isexe/download/isexe-2.0.0.tgz#e8fbf374dc556ff8947a10dcb0572d633f2cfa10" - -js-tokens@^3.0.0: - version "3.0.2" - resolved "http://registry.npm.taobao.org/js-tokens/download/js-tokens-3.0.2.tgz#9866df395102130e38f7f996bceb65443209c25b" - -js-yaml@^3.8.4: - version "3.9.1" - resolved "http://registry.npm.taobao.org/js-yaml/download/js-yaml-3.9.1.tgz#08775cebdfdd359209f0d2acd383c8f86a6904a0" - dependencies: - argparse "^1.0.7" - esprima "^4.0.0" - -jschardet@^1.4.2: - version "1.5.0" - resolved "http://registry.npm.taobao.org/jschardet/download/jschardet-1.5.0.tgz#a61f310306a5a71188e1b1acd08add3cfbb08b1e" - -json-schema-traverse@^0.3.0: - version "0.3.1" - resolved "http://registry.npm.taobao.org/json-schema-traverse/download/json-schema-traverse-0.3.1.tgz#349a6d44c53a51de89b40805c5d5e59b417d3340" - -json-stable-stringify@^1.0.1: - version "1.0.1" - resolved "http://registry.npm.taobao.org/json-stable-stringify/download/json-stable-stringify-1.0.1.tgz#9a759d39c5f2ff503fd5300646ed445f88c4f9af" - dependencies: - jsonify "~0.0.0" - -json3@3.3.2: - version "3.3.2" - resolved "http://registry.npm.taobao.org/json3/download/json3-3.3.2.tgz#3c0434743df93e2f5c42aee7b19bcb483575f4e1" - -jsonify@~0.0.0: - version "0.0.0" - resolved "http://registry.npm.taobao.org/jsonify/download/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73" - -levn@^0.3.0, levn@~0.3.0: - version "0.3.0" - resolved "http://registry.npm.taobao.org/levn/download/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee" - dependencies: - prelude-ls "~1.1.2" - type-check "~0.3.2" - -lodash._baseassign@^3.0.0: - version "3.2.0" - resolved "http://registry.npm.taobao.org/lodash._baseassign/download/lodash._baseassign-3.2.0.tgz#8c38a099500f215ad09e59f1722fd0c52bfe0a4e" - dependencies: - lodash._basecopy "^3.0.0" - lodash.keys "^3.0.0" - -lodash._basecopy@^3.0.0: - version "3.0.1" - resolved "http://registry.npm.taobao.org/lodash._basecopy/download/lodash._basecopy-3.0.1.tgz#8da0e6a876cf344c0ad8a54882111dd3c5c7ca36" - -lodash._basecreate@^3.0.0: - version "3.0.3" - resolved "http://registry.npm.taobao.org/lodash._basecreate/download/lodash._basecreate-3.0.3.tgz#1bc661614daa7fc311b7d03bf16806a0213cf821" - -lodash._getnative@^3.0.0: - version "3.9.1" - resolved "http://registry.npm.taobao.org/lodash._getnative/download/lodash._getnative-3.9.1.tgz#570bc7dede46d61cdcde687d65d3eecbaa3aaff5" - -lodash._isiterateecall@^3.0.0: - version "3.0.9" - resolved "http://registry.npm.taobao.org/lodash._isiterateecall/download/lodash._isiterateecall-3.0.9.tgz#5203ad7ba425fae842460e696db9cf3e6aac057c" - -lodash.create@3.1.1: - version "3.1.1" - resolved "http://registry.npm.taobao.org/lodash.create/download/lodash.create-3.1.1.tgz#d7f2849f0dbda7e04682bb8cd72ab022461debe7" - dependencies: - lodash._baseassign "^3.0.0" - lodash._basecreate "^3.0.0" - lodash._isiterateecall "^3.0.0" - -lodash.isarguments@^3.0.0: - version "3.1.0" - resolved "http://registry.npm.taobao.org/lodash.isarguments/download/lodash.isarguments-3.1.0.tgz#2f573d85c6a24289ff00663b491c1d338ff3458a" - -lodash.isarray@^3.0.0: - version "3.0.4" - resolved "http://registry.npm.taobao.org/lodash.isarray/download/lodash.isarray-3.0.4.tgz#79e4eb88c36a8122af86f844aa9bcd851b5fbb55" - -lodash.keys@^3.0.0: - version "3.1.2" - resolved "http://registry.npm.taobao.org/lodash.keys/download/lodash.keys-3.1.2.tgz#4dbc0472b156be50a0b286855d1bd0b0c656098a" - dependencies: - lodash._getnative "^3.0.0" - lodash.isarguments "^3.0.0" - lodash.isarray "^3.0.0" - -lodash@^4.0.0, lodash@^4.17.4, lodash@^4.3.0: - version "4.17.4" - resolved "http://registry.npm.taobao.org/lodash/download/lodash-4.17.4.tgz#78203a4d1c328ae1d86dca6460e369b57f4055ae" - -lru-cache@^4.0.1: - version "4.1.1" - resolved "http://registry.npm.taobao.org/lru-cache/download/lru-cache-4.1.1.tgz#622e32e82488b49279114a4f9ecf45e7cd6bba55" - dependencies: - pseudomap "^1.0.2" - yallist "^2.1.2" - -mimic-fn@^1.0.0: - version "1.1.0" - resolved "http://registry.npm.taobao.org/mimic-fn/download/mimic-fn-1.1.0.tgz#e667783d92e89dbd342818b5230b9d62a672ad18" - -minimatch@^3.0.2, minimatch@^3.0.4: - version "3.0.4" - resolved "http://registry.npm.taobao.org/minimatch/download/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083" - dependencies: - brace-expansion "^1.1.7" - -minimist@0.0.8: - version "0.0.8" - resolved "http://registry.npm.taobao.org/minimist/download/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d" - -mkdirp@0.5.1, mkdirp@^0.5.1: - version "0.5.1" - resolved "http://registry.npm.taobao.org/mkdirp/download/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903" - dependencies: - minimist "0.0.8" - -mocha@^3.4.2: - version "3.5.0" - resolved "http://registry.npm.taobao.org/mocha/download/mocha-3.5.0.tgz#1328567d2717f997030f8006234bce9b8cd72465" - dependencies: - browser-stdout "1.3.0" - commander "2.9.0" - debug "2.6.8" - diff "3.2.0" - escape-string-regexp "1.0.5" - glob "7.1.1" - growl "1.9.2" - json3 "3.3.2" - lodash.create "3.1.1" - mkdirp "0.5.1" - supports-color "3.1.2" - -ms@2.0.0: - version "2.0.0" - resolved "http://registry.npm.taobao.org/ms/download/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" - -mute-stream@0.0.7: - version "0.0.7" - resolved "http://registry.npm.taobao.org/mute-stream/download/mute-stream-0.0.7.tgz#3075ce93bc21b8fab43e1bc4da7e8115ed1e7bab" - -natural-compare@^1.4.0: - version "1.4.0" - resolved "http://registry.npm.taobao.org/natural-compare/download/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" - -object-assign@^4.0.1: - version "4.1.1" - resolved "http://registry.npm.taobao.org/object-assign/download/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863" - -once@^1.3.0: - version "1.4.0" - resolved "http://registry.npm.taobao.org/once/download/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1" - dependencies: - wrappy "1" - -onetime@^2.0.0: - version "2.0.1" - resolved "http://registry.npm.taobao.org/onetime/download/onetime-2.0.1.tgz#067428230fd67443b2794b22bba528b6867962d4" - dependencies: - mimic-fn "^1.0.0" - -optionator@^0.8.2: - version "0.8.2" - resolved "http://registry.npm.taobao.org/optionator/download/optionator-0.8.2.tgz#364c5e409d3f4d6301d6c0b4c05bba50180aeb64" - dependencies: - deep-is "~0.1.3" - fast-levenshtein "~2.0.4" - levn "~0.3.0" - prelude-ls "~1.1.2" - type-check "~0.3.2" - wordwrap "~1.0.0" - -os-tmpdir@~1.0.1: - version "1.0.2" - resolved "http://registry.npm.taobao.org/os-tmpdir/download/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274" - -path-is-absolute@^1.0.0: - version "1.0.1" - resolved "http://registry.npm.taobao.org/path-is-absolute/download/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" - -path-is-inside@^1.0.1, path-is-inside@^1.0.2: - version "1.0.2" - resolved "http://registry.npm.taobao.org/path-is-inside/download/path-is-inside-1.0.2.tgz#365417dede44430d1c11af61027facf074bdfc53" - -pathval@^1.0.0: - version "1.1.0" - resolved "http://registry.npm.taobao.org/pathval/download/pathval-1.1.0.tgz#b942e6d4bde653005ef6b71361def8727d0645e0" - -pify@^2.0.0: - version "2.3.0" - resolved "http://registry.npm.taobao.org/pify/download/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c" - -pinkie-promise@^2.0.0: - version "2.0.1" - resolved "http://registry.npm.taobao.org/pinkie-promise/download/pinkie-promise-2.0.1.tgz#2135d6dfa7a358c069ac9b178776288228450ffa" - dependencies: - pinkie "^2.0.0" - -pinkie@^2.0.0: - version "2.0.4" - resolved "http://registry.npm.taobao.org/pinkie/download/pinkie-2.0.4.tgz#72556b80cfa0d48a974e80e77248e80ed4f7f870" - -pluralize@^4.0.0: - version "4.0.0" - resolved "http://registry.npm.taobao.org/pluralize/download/pluralize-4.0.0.tgz#59b708c1c0190a2f692f1c7618c446b052fd1762" - -prelude-ls@~1.1.2: - version "1.1.2" - resolved "http://registry.npm.taobao.org/prelude-ls/download/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54" - -process-nextick-args@~1.0.6: - version "1.0.7" - resolved "http://registry.npm.taobao.org/process-nextick-args/download/process-nextick-args-1.0.7.tgz#150e20b756590ad3f91093f25a4f2ad8bff30ba3" - -progress@^2.0.0: - version "2.0.0" - resolved "http://registry.npm.taobao.org/progress/download/progress-2.0.0.tgz#8a1be366bf8fc23db2bd23f10c6fe920b4389d1f" - -pseudomap@^1.0.2: - version "1.0.2" - resolved "http://registry.npm.taobao.org/pseudomap/download/pseudomap-1.0.2.tgz#f052a28da70e618917ef0a8ac34c1ae5a68286b3" - -readable-stream@^2.2.2: - version "2.3.3" - resolved "http://registry.npm.taobao.org/readable-stream/download/readable-stream-2.3.3.tgz#368f2512d79f9d46fdfc71349ae7878bbc1eb95c" - dependencies: - core-util-is "~1.0.0" - inherits "~2.0.3" - isarray "~1.0.0" - process-nextick-args "~1.0.6" - safe-buffer "~5.1.1" - string_decoder "~1.0.3" - util-deprecate "~1.0.1" - -require-uncached@^1.0.3: - version "1.0.3" - resolved "http://registry.npm.taobao.org/require-uncached/download/require-uncached-1.0.3.tgz#4e0d56d6c9662fd31e43011c4b95aa49955421d3" - dependencies: - caller-path "^0.1.0" - resolve-from "^1.0.0" - -resolve-from@^1.0.0: - version "1.0.1" - resolved "http://registry.npm.taobao.org/resolve-from/download/resolve-from-1.0.1.tgz#26cbfe935d1aeeeabb29bc3fe5aeb01e93d44226" - -restore-cursor@^2.0.0: - version "2.0.0" - resolved "http://registry.npm.taobao.org/restore-cursor/download/restore-cursor-2.0.0.tgz#9f7ee287f82fd326d4fd162923d62129eee0dfaf" - dependencies: - onetime "^2.0.0" - signal-exit "^3.0.2" - -rimraf@^2.2.8: - version "2.6.1" - resolved "http://registry.npm.taobao.org/rimraf/download/rimraf-2.6.1.tgz#c2338ec643df7a1b7fe5c54fa86f57428a55f33d" - dependencies: - glob "^7.0.5" - -run-async@^2.2.0: - version "2.3.0" - resolved "http://registry.npm.taobao.org/run-async/download/run-async-2.3.0.tgz#0371ab4ae0bdd720d4166d7dfda64ff7a445a6c0" - dependencies: - is-promise "^2.1.0" - -rx-lite-aggregates@^4.0.8: - version "4.0.8" - resolved "http://registry.npm.taobao.org/rx-lite-aggregates/download/rx-lite-aggregates-4.0.8.tgz#753b87a89a11c95467c4ac1626c4efc4e05c67be" - dependencies: - rx-lite "*" - -rx-lite@*, rx-lite@^4.0.8: - version "4.0.8" - resolved "http://registry.npm.taobao.org/rx-lite/download/rx-lite-4.0.8.tgz#0b1e11af8bc44836f04a6407e92da42467b79444" - -safe-buffer@~5.1.0, safe-buffer@~5.1.1: - version "5.1.1" - resolved "http://registry.npm.taobao.org/safe-buffer/download/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853" - -semver@^5.3.0: - version "5.4.1" - resolved "http://registry.npm.taobao.org/semver/download/semver-5.4.1.tgz#e059c09d8571f0540823733433505d3a2f00b18e" - -shebang-command@^1.2.0: - version "1.2.0" - resolved "http://registry.npm.taobao.org/shebang-command/download/shebang-command-1.2.0.tgz#44aac65b695b03398968c39f363fee5deafdf1ea" - dependencies: - shebang-regex "^1.0.0" - -shebang-regex@^1.0.0: - version "1.0.0" - resolved "http://registry.npm.taobao.org/shebang-regex/download/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3" - -signal-exit@^3.0.2: - version "3.0.2" - resolved "http://registry.npm.taobao.org/signal-exit/download/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" - -slice-ansi@0.0.4: - version "0.0.4" - resolved "http://registry.npm.taobao.org/slice-ansi/download/slice-ansi-0.0.4.tgz#edbf8903f66f7ce2f8eafd6ceed65e264c831b35" - -sprintf-js@~1.0.2: - version "1.0.3" - resolved "http://registry.npm.taobao.org/sprintf-js/download/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" - -string-width@^2.0.0, string-width@^2.1.0: - version "2.1.1" - resolved "http://registry.npm.taobao.org/string-width/download/string-width-2.1.1.tgz#ab93f27a8dc13d28cac815c462143a6d9012ae9e" - dependencies: - is-fullwidth-code-point "^2.0.0" - strip-ansi "^4.0.0" - -string_decoder@~1.0.3: - version "1.0.3" - resolved "http://registry.npm.taobao.org/string_decoder/download/string_decoder-1.0.3.tgz#0fc67d7c141825de94282dd536bec6b9bce860ab" - dependencies: - safe-buffer "~5.1.0" - -strip-ansi@^3.0.0: - version "3.0.1" - resolved "http://registry.npm.taobao.org/strip-ansi/download/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf" - dependencies: - ansi-regex "^2.0.0" - -strip-ansi@^4.0.0: - version "4.0.0" - resolved "http://registry.npm.taobao.org/strip-ansi/download/strip-ansi-4.0.0.tgz#a8479022eb1ac368a871389b635262c505ee368f" - dependencies: - ansi-regex "^3.0.0" - -strip-json-comments@~2.0.1: - version "2.0.1" - resolved "http://registry.npm.taobao.org/strip-json-comments/download/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a" - -supports-color@3.1.2: - version "3.1.2" - resolved "http://registry.npm.taobao.org/supports-color/download/supports-color-3.1.2.tgz#72a262894d9d408b956ca05ff37b2ed8a6e2a2d5" - dependencies: - has-flag "^1.0.0" - -supports-color@^2.0.0: - version "2.0.0" - resolved "http://registry.npm.taobao.org/supports-color/download/supports-color-2.0.0.tgz#535d045ce6b6363fa40117084629995e9df324c7" - -supports-color@^4.0.0: - version "4.2.1" - resolved "http://registry.npm.taobao.org/supports-color/download/supports-color-4.2.1.tgz#65a4bb2631e90e02420dba5554c375a4754bb836" - dependencies: - has-flag "^2.0.0" - -table@^4.0.1: - version "4.0.1" - resolved "http://registry.npm.taobao.org/table/download/table-4.0.1.tgz#a8116c133fac2c61f4a420ab6cdf5c4d61f0e435" - dependencies: - ajv "^4.7.0" - ajv-keywords "^1.0.0" - chalk "^1.1.1" - lodash "^4.0.0" - slice-ansi "0.0.4" - string-width "^2.0.0" - -text-table@~0.2.0: - version "0.2.0" - resolved "http://registry.npm.taobao.org/text-table/download/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" - -through@^2.3.6: - version "2.3.8" - resolved "http://registry.npm.taobao.org/through/download/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5" - -tmp@^0.0.31: - version "0.0.31" - resolved "http://registry.npm.taobao.org/tmp/download/tmp-0.0.31.tgz#8f38ab9438e17315e5dbd8b3657e8bfb277ae4a7" - dependencies: - os-tmpdir "~1.0.1" - -tryit@^1.0.1: - version "1.0.3" - resolved "http://registry.npm.taobao.org/tryit/download/tryit-1.0.3.tgz#393be730a9446fd1ead6da59a014308f36c289cb" - -type-check@~0.3.2: - version "0.3.2" - resolved "http://registry.npm.taobao.org/type-check/download/type-check-0.3.2.tgz#5884cab512cf1d355e3fb784f30804b2b520db72" - dependencies: - prelude-ls "~1.1.2" - -type-detect@^3.0.0: - version "3.0.0" - resolved "http://registry.npm.taobao.org/type-detect/download/type-detect-3.0.0.tgz#46d0cc8553abb7b13a352b0d6dea2fd58f2d9b55" - -type-detect@^4.0.0: - version "4.0.3" - resolved "http://registry.npm.taobao.org/type-detect/download/type-detect-4.0.3.tgz#0e3f2670b44099b0b46c284d136a7ef49c74c2ea" - -typedarray@^0.0.6: - version "0.0.6" - resolved "http://registry.npm.taobao.org/typedarray/download/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" - -util-deprecate@~1.0.1: - version "1.0.2" - resolved "http://registry.npm.taobao.org/util-deprecate/download/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" - -which@^1.2.9: - version "1.3.0" - resolved "http://registry.npm.taobao.org/which/download/which-1.3.0.tgz#ff04bdfc010ee547d780bec38e1ac1c2777d253a" - dependencies: - isexe "^2.0.0" - -wordwrap@~1.0.0: - version "1.0.0" - resolved "http://registry.npm.taobao.org/wordwrap/download/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" - -wrappy@1: - version "1.0.2" - resolved "http://registry.npm.taobao.org/wrappy/download/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" - -write@^0.2.1: - version "0.2.1" - resolved "http://registry.npm.taobao.org/write/download/write-0.2.1.tgz#5fc03828e264cea3fe91455476f7a3c566cb0757" - dependencies: - mkdirp "^0.5.1" - -yallist@^2.1.2: - version "2.1.2" - resolved "http://registry.npm.taobao.org/yallist/download/yallist-2.1.2.tgz#1c11f9218f076089a47dd512f93c6699a6a81d52" diff --git a/openrasp-v8 b/openrasp-v8 new file mode 160000 index 000000000..9c39eec04 --- /dev/null +++ b/openrasp-v8 @@ -0,0 +1 @@ +Subproject commit 9c39eec04ee4e4e5d9405e3450995b00addc7383