This repository has been archived by the owner on Jul 13, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 12
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
initial check of rewrite, CORS not required
- Loading branch information
Showing
451 changed files
with
87,896 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
# Javascript Node CircleCI 2.0 configuration file | ||
# | ||
# Check https://circleci.com/docs/2.0/language-javascript/ for more details | ||
# | ||
version: 2 | ||
jobs: | ||
build: | ||
docker: | ||
# specify the version you desire here | ||
- image: circleci/node:10.15.1 | ||
|
||
# Specify service dependencies here if necessary | ||
# CircleCI maintains a library of pre-built images | ||
# documented at https://circleci.com/docs/2.0/circleci-images/ | ||
# - image: circleci/mongo:3.4.4 | ||
|
||
working_directory: ~/repo | ||
|
||
steps: | ||
- checkout | ||
|
||
# Download and cache dependencies | ||
- restore_cache: | ||
keys: | ||
- v1-dependencies-{{ checksum "package.json" }} | ||
# fallback to using the latest cache if no exact match is found | ||
- v1-dependencies- | ||
|
||
- run: npm install | ||
|
||
- save_cache: | ||
paths: | ||
- node_modules | ||
key: v1-dependencies-{{ checksum "package.json" }} | ||
|
||
# run tests! | ||
- run: npm test |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
#!/usr/bin/env bash | ||
# fail if any commands fails | ||
set -e | ||
# debug log | ||
set -x | ||
|
||
# write your script here | ||
echo "Hello World!" | ||
|
||
# or run a script from your repository, like: | ||
# bash ./path/to/script.sh | ||
# not just bash, e.g.: | ||
# ruby ./path/to/script.rb | ||
iqScannerDirectory="iqscanner" | ||
mkdir -p $iqScannerDirectory | ||
if [ -z "$(ls -A $iqScannerDirectory)" ]; then | ||
echo "Empty" | ||
else | ||
echo "Not Empty" | ||
rm $iqScannerDirectory/* | ||
fi | ||
IQ_CLI_ADDRESS=${IQ_CLI_ADDRESS} | ||
IQ_SERVER_ADDRESS=${IQ_SERVER_ADDRESS} | ||
|
||
wget -q $IQ_CLI_ADDRESS -P $iqScannerDirectory | ||
|
||
|
||
filename=$(ls $iqScannerDirectory) && tar -zxvf $iqScannerDirectory/$filename -C $iqScannerDirectory | ||
cliScanner=$(ls $iqScannerDirectory/*cli*) | ||
|
||
#copying the dependencies | ||
# ./gradlew copyDependenciesRelease | ||
|
||
#now we scan with IQScanner | ||
#./gradlew iqScan $cliScanner, $IQ_SERVER_ADDRESS, $IQ_SERVER_USER_NAME, $IQ_SERVER_PASSWORD | ||
|
||
iqscandir='/home/circleci/node_modules' | ||
appName=chome-extension-nexus-iq | ||
java -jar $cliScanner -s $IQ_SERVER_ADDRESS -a ${NEXUS_IQ_USER_NAME}:${NEXUS_IQ_PASSWORD} -i $appName $iqscandir |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
.DS_Store | ||
node_modules | ||
.circleci/zzconfig.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
MIT License | ||
|
||
Copyright (c) 2019 ctownshend | ||
|
||
Permission is hereby granted, free of charge, to any person obtaining a copy | ||
of this software and associated documentation files (the "Software"), to deal | ||
in the Software without restriction, including without limitation the rights | ||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
copies of the Software, and to permit persons to whom the Software is | ||
furnished to do so, subject to the following conditions: | ||
|
||
The above copyright notice and this permission notice shall be included in all | ||
copies or substantial portions of the Software. | ||
|
||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | ||
SOFTWARE. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,180 @@ | ||
# Chrome Extension for Sonatype Nexexus IQ | ||
|
||
<img src="images/SON_logo_favicon.png" alt="drawing" width="250"/> | ||
</br> | ||
Sonatype Nexus IQ Server scan of a component from a chrome extension | ||
|
||
[![DepShield Badge](https://depshield.sonatype.org/badges/ctownshend/chrome-extension-nexus-iq/depshield.svg)](https://depshield.github.io) | ||
|
||
[![CircleCI](https://circleci.com/gh/ctownshend/chrome-extension-nexus-iq.svg?style=svg)](https://circleci.com/gh/ctownshend/chrome-extension-nexus-iq) | ||
|
||
## Table of Contents | ||
- [Purpose](#purpose) | ||
- [Usage](#usage) | ||
- [Examples](#examples) | ||
- [Installation](#installation) | ||
|
||
|
||
|
||
## Purpose | ||
To allow you to inspect a package before you download it. The plugin requires a valid Sonatype Nexus Lifecycle instance. You must be licensed to use Nexus lifecycle to use this plugin. | ||
The plugin can scan packages at the following repositories. | ||
|
||
1. Java - maven - https://search.maven.org/ | ||
2. Java - maven - https://mvnrepository.com/ | ||
3. JS/Node - npm - https://www.npmjs.com/ | ||
4. .Net - nuget - https://www.nuget.org/ | ||
5. Ruby - rubygems - https://rubygems.org/ | ||
6. Python - pypi - https://pypi.org/ | ||
7. php - packagist/composer/ - https://packagist.org/ | ||
8. R - CRAN - https://cran.r-project.org/ | ||
9. Rust - Crates- https://crates.io/ | ||
10. Golang - Go - https://gocenter.jfrog.com/ | ||
|
||
|
||
|
||
|
||
## Usage | ||
1. The install will create a new icon in your Chrome Browser next to the location box. | ||
<br/> | ||
<img src="images/Extensions_Icon_created.png" alt="drawing" width="250"/> | ||
<br/> | ||
|
||
2. The plugin will work on any new page opened after install. It will not work on pages already opened at time of install. | ||
|
||
3. Navigate to one of the pages that the extension is compatible with (see the list below). | ||
|
||
4. Click on the Blue Lightbulb... | ||
<br/> | ||
<img src="images/Extension_lodash_-_npm_4.17.9.png" alt="drawing" width="250"/> | ||
<br/> | ||
4.1 ...The solution will think for a second...Then show the Data. | ||
<br/> | ||
<img src="images/Extension_thinking_icon.png" alt="drawing" width="250"/> | ||
<br/> | ||
|
||
5. Component Information | ||
<img src="images/Extension_Component_info.png" alt="drawing" width="250"/> | ||
<br/> | ||
6. License Information | ||
<img src="images/Extension_Licensing.png" alt="drawing" width="250"/> | ||
<br/> | ||
7. Security Information | ||
<img src="images/Extension_Security.png" alt="drawing" width="250"/> | ||
<br/> | ||
|
||
|
||
|
||
## Examples | ||
The list of pages that are supported are here. | ||
|
||
|
||
* Java - maven - <br/> | ||
`https://search.maven.org/artifact/<group>/<artifact>/<version>/<extension>` | ||
<br/>e.g. https://search.maven.org/artifact/org.apache.struts/struts2-core/2.3.30/jar | ||
* Java - maven | ||
`https://mvnrepository.com/artifact/<group>/<artifact>/<version>` | ||
<br/>e.g. https://mvnrepository.com/artifact/commons-collections/commons-collections/3.2.1 | ||
* JS/Node - npm - <br/> | ||
`https://www.npmjs.com/package/<package>` | ||
<br/>e.g. https://www.npmjs.com/package/lodash/ | ||
<br/>and | ||
<br/>`https://www.npmjs.com/package/<package>/v/<version>` | ||
<br/>e.g. https://www.npmjs.com/package/lodash/v/4.17.9 | ||
|
||
|
||
## Installation | ||
1. Download the plugin from Github | ||
2. Open Chrome Browser | ||
3. Click on the three dots, then More Tools, then Extensions | ||
<br/> | ||
<img src="images/Extensions.png" alt="drawing" width="250"/> | ||
<br/> | ||
4. Click on load unpacked | ||
<br/> | ||
<img src="images/Extensions_Load_upacked.png" alt="drawing" width="250"/> | ||
<br/> | ||
5. Navigate to the folder where you downloaded the plugin fro gihub onto your local machine. | ||
<br/> | ||
<img src="images/Extensions_Choose_Folder.png" alt="drawing" width="250"/> | ||
<br/> | ||
6. You will be prompted to enter your login details. (Important: Please not that this version stores your details in plain text in Chrome Storage. We are investigated secure storage but at this time we do not support it.) | ||
<br/> | ||
<img src="images/Extensions_Empty_login.png" alt="drawing" width="250"/> | ||
<br/> | ||
7. Enter your delays and click save. | ||
<br/> | ||
<img src="images/Extensions_Login_Entered.png" alt="drawing" width="250"/> | ||
<br/> | ||
7. You will be advised that your details are saved, and the screen will close. You will be taken back to the Extensions Install screen in Chrome. Close the screen and begin using. | ||
8. The installer will have created a new icon in your Chrome Menu Bar. | ||
<br/> | ||
<img src="images/Extensions_Icon_created.png" alt="drawing" width="250"/> | ||
<br/> | ||
|
||
|
||
### Uninstall | ||
If you do not want to use the extension then you can right click on the icon and choose Remove from Chrome | ||
<br/> | ||
<img src="images/Extension_Disabled.png" alt="drawing" width="250"/> | ||
<br/> | ||
|
||
|
||
|
||
|
||
|
||
## Drop | ||
### Version History | ||
#### Version 1.7.4-Styling | ||
* Styling of User interface | ||
|
||
|
||
|
||
#### Version 1.7.3-All URLS | ||
* Supports running IQ server on any URL | ||
* Fixed various bugs | ||
|
||
#### Version 1.7.2-added new formats | ||
* added new formats | ||
* Fixed various bugs | ||
* Added unit tests | ||
|
||
##### Formats/package manager pages supported as of 1.7.2 | ||
* Java - maven - https://search.maven.org/ | ||
* Java - maven - https://mvnrepository.com/ | ||
* JS/Node - npm - https://www.npmjs.com/ | ||
* .Net - nuget - https://www.nuget.org/ | ||
* Ruby - rubygems - https://rubygems.org/ | ||
* Python - pypi - https://pypi.org/ | ||
* php - packagist/composer/ - https://packagist.org/ | ||
* R - CRAN - https://cran.r-project.org/ | ||
* Rust - Crates- https://crates.io/ | ||
* Golang - Go - https://gocenter.jfrog.com/ | ||
|
||
#### Version 1.7.1 - Fixed popup | ||
* Fixed popup logic bug. | ||
* Began adding testing | ||
|
||
|
||
#### Version 1.7 - initial release | ||
Complete rewrite to fix cookie problem with calling Nexus IQ server. | ||
I have decided the best way to fix the security issues for now is to limit access to http://iq-server:8070. | ||
So you will have to alias your localhost as iq-server in your /etc/hosts/ file to use this plugin for now. | ||
I will think about a change which gives access to all URLS like so below | ||
|
||
Add "*://*/*" to permissions section like so | ||
|
||
`"permissions": [ | ||
"*://*/*", | ||
` | ||
|
||
This would then mean you would not need to alias Nexus IQ. | ||
|
||
Supports scanning components in the following repos | ||
* https://search.maven.org/ | ||
* https://mvnrepository.com/ | ||
* https://www.npmjs.com/ | ||
* https://www.nuget.org/ | ||
* https://rubygems.org/ | ||
* https://pypi.org/ | ||
* https://packagist.org/ |
Oops, something went wrong.