From e31194d276abdd7eca22d26b15b821bc4a5c1ad8 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 27 Oct 2021 07:09:59 +0000 Subject: [PATCH 1/2] fix: upgrade axios from 0.21.4 to 0.22.0 Snyk has created this PR to upgrade axios from 0.21.4 to 0.22.0. See this package in npm: https://www.npmjs.com/package/axios See this project in Snyk: https://app.snyk.io/org/securecodebox/project/f177f813-0bac-418b-bd84-1635c57687eb?utm_source=github&utm_medium=referral&page=upgrade-pr --- parser-sdk/nodejs/package-lock.json | 30 ++++++++++++++--------------- parser-sdk/nodejs/package.json | 2 +- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/parser-sdk/nodejs/package-lock.json b/parser-sdk/nodejs/package-lock.json index 2ded2aa24c..1341a2409b 100644 --- a/parser-sdk/nodejs/package-lock.json +++ b/parser-sdk/nodejs/package-lock.json @@ -13,7 +13,7 @@ "ajv": "^8.6.3", "ajv-draft-04": "^1.0.0", "ajv-formats": "^2.1.0", - "axios": "^0.21.4", + "axios": "^0.22.0", "jsonpointer": "^4.1.0", "uuid": "^8.3.2", "ws": "^7.5.5" @@ -276,11 +276,11 @@ "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" }, "node_modules/axios": { - "version": "0.21.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", - "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==", + "version": "0.22.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.22.0.tgz", + "integrity": "sha512-Z0U3uhqQeg1oNcihswf4ZD57O3NrR1+ZXhxaROaWpDmsDTx7T2HNBV2ulBtie2hwJptu8UvgnJoK+BIqdzh/1w==", "dependencies": { - "follow-redirects": "^1.14.0" + "follow-redirects": "^1.14.4" } }, "node_modules/balanced-match": { @@ -530,9 +530,9 @@ "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" }, "node_modules/follow-redirects": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.1.tgz", - "integrity": "sha512-HWqDgT7ZEkqRzBvc2s64vSZ/hfOceEol3ac/7tKwzuvEyWx3/4UegXh5oBOIotkGsObyk3xznnSRVADBgWSQVg==", + "version": "1.14.4", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.4.tgz", + "integrity": "sha512-zwGkiSXC1MUJG/qmeIFH2HBJx9u0V46QGUe3YR1fXG8bXQxq7fLj0RjLZQ5nubr9qNJUZrH+xUcwXEoXNpfS+g==", "funding": [ { "type": "individual", @@ -1762,11 +1762,11 @@ "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" }, "axios": { - "version": "0.21.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", - "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==", + "version": "0.22.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.22.0.tgz", + "integrity": "sha512-Z0U3uhqQeg1oNcihswf4ZD57O3NrR1+ZXhxaROaWpDmsDTx7T2HNBV2ulBtie2hwJptu8UvgnJoK+BIqdzh/1w==", "requires": { - "follow-redirects": "^1.14.0" + "follow-redirects": "^1.14.4" } }, "balanced-match": { @@ -1963,9 +1963,9 @@ "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" }, "follow-redirects": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.1.tgz", - "integrity": "sha512-HWqDgT7ZEkqRzBvc2s64vSZ/hfOceEol3ac/7tKwzuvEyWx3/4UegXh5oBOIotkGsObyk3xznnSRVADBgWSQVg==" + "version": "1.14.4", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.4.tgz", + "integrity": "sha512-zwGkiSXC1MUJG/qmeIFH2HBJx9u0V46QGUe3YR1fXG8bXQxq7fLj0RjLZQ5nubr9qNJUZrH+xUcwXEoXNpfS+g==" }, "forever-agent": { "version": "0.6.1", diff --git a/parser-sdk/nodejs/package.json b/parser-sdk/nodejs/package.json index 0c2d939b67..49a5e421c1 100644 --- a/parser-sdk/nodejs/package.json +++ b/parser-sdk/nodejs/package.json @@ -11,7 +11,7 @@ "ajv": "^8.6.3", "ajv-draft-04": "^1.0.0", "ajv-formats": "^2.1.0", - "axios": "^0.21.4", + "axios": "^0.22.0", "jsonpointer": "^4.1.0", "uuid": "^8.3.2", "ws": "^7.5.5" From c9d6edad965a24a25751a2539e29d6b30d6fdf35 Mon Sep 17 00:00:00 2001 From: J12934 Date: Wed, 27 Oct 2021 07:10:20 +0000 Subject: [PATCH 2/2] Updating Helm Docs Signed-off-by: GitHub Actions --- hooks/notification/README.md | 44 +++++++++++++++++++++++++++++++++--- 1 file changed, 41 insertions(+), 3 deletions(-) diff --git a/hooks/notification/README.md b/hooks/notification/README.md index 5b3811b26a..6ca700b61f 100644 --- a/hooks/notification/README.md +++ b/hooks/notification/README.md @@ -126,7 +126,7 @@ This means that you can define key-value pairs as well as providing envs via sec The rules can be defined in the values of the Chart. The syntax and semantic for these rules are quite similar to CascadingRules (See: [secureCodeBox | CascadingRules](/docs/api/crds/cascading-rule)) To define Rules you will have to provide the `rules` field with one or more `matches` elements. -Each `machtes` defines one Rule. +Each `matches` defines one Rule. For example: ```yaml @@ -147,7 +147,7 @@ Within the `matches` you will have to provide `anyOf` `anyOf` contains one or more conditions to be met by the finding to match the rule. Notice that only one of these elements needs to match the finding for the rule to match. -#### Configuration of a Slack Notification +#### Configuration of a Slack Notification (WebHook) To configure a Slack notification set the `type` to `slack` and the `endPoint` to point to your env containing your Webhook URL to slack. You can use one of the following default templates: @@ -155,6 +155,44 @@ You can use one of the following default templates: - `slack-messageCard`: Sends a message with a summary listing the number of findings per category and severity. - `slack-individual-findings-with-defectdojo`: Sends a message with a list of all findings with a link to the finding in DefectDojo. Will only work correctly if the DefectDojo hook is installed in the same namespace. +##### Example Config + +The below example shows how to create a helm values chart and load secrets for access. +You must have `endPoint` point to a [defined environment variable](https://github.com/secureCodeBox/secureCodeBox/blob/main/hooks/notification/hook/hook.ts#L20), not a string. + +``` +# cat myvalues.yaml + +notificationChannels: + - name: nmapopenports + type: slack + template: slack-messageCard + skipNotificationOnZeroFinding: true + rules: + - matches: + anyOf: + - category: "Open Port" + endPoint: POINTER_TO_ENV +env: + - name: POINTER_TO_ENV + valueFrom: + secretKeyRef: + name: myslacksecret + key: SLACK_WEB_HOOK + +# cat values_slack_secrets.yaml +apiVersion: v1 +kind: Secret +metadata: + name: myslacksecret +type: Opaque +data: + SLACK_WEB_HOOK: NOIDONTHINKSOBASE64STUFF + +kubectl apply -f values_slack_secrets.yaml +helm upgrade --install nwh secureCodeBox/notification-hook --values myvalues.yaml +``` + #### Configuration of a Slack App Notification The `slack-app` notifier is an _alternate_ way to send notifications to slack using the slack api directly rather then using webhooks. @@ -247,7 +285,7 @@ env: value: secureCodeBox ``` -### Configuration Of A MS Teams Notification +#### Configuration Of A MS Teams Notification To configure a MS Teams notification you need to set the type to `ms-teams`. In `endPoint` you need to specify the MS Teams webhook.