Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add --wpscan-api-skip-folders-in-repo-options-file parameter #343

Merged
merged 7 commits into from
Jan 26, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -501,12 +501,16 @@ For example:

-- with this option in place, any files in the `foo/` or `Tests/bar` folders and subfolders will be exempt from PHP linting. The folders are relative to the git repository. Please note that regular expressions are not supported at this time.

Similar option parameter exists for WPScan API scanning, use the `--wpscan-api-skip-folders-in-repo-options-file` option.

Folders can also be specified in files placed at the root of the repository, `.vipgoci_lint_skip_folders` for PHP linting and `.vipgoci_phpcs_skip_folders` for PHPCS scanning. Each folder should be on a line of its own in the relevant file, and each path should be relative to the root of the repository. This feature is activated using command-line options, for example:

> ./vip-go-ci.php --lint-skip-folders-in-repo-options-file=true --phpcs-skip-folders-in-repo-options-file=true

Any folders found in the files at the root of the repository will be merged with options specified on the command-line.

For WPScan API, use file named `.vipgoci_wpscan_api_skip_folders`.

### Skipping large files

By default, `vip-go-ci` will skip scanning of any files that are longer than 15,000 lines and display a warning in GitHub reviews about the files skipped. This means that these files are not PHP linted, not PHPCS scanned nor SVG scanned. This feature was implemented because very large files will often cause scanning to take much longer time than is ideal, delaying submission of results, as well as causing GitHub API errors.
Expand Down
7 changes: 7 additions & 0 deletions main.php
Original file line number Diff line number Diff line change
Expand Up @@ -145,6 +145,10 @@ function vipgoci_help_print() :void {
"\t" . ' with items separated by commas.' . PHP_EOL .
"\t" . '--wpscan-api-skip-folders=ARRAY Directories not to scan using WPScan API scanning. Should be an' . PHP_EOL .
"\t" . ' array with items separated by commas.' . PHP_EOL .
"\t" . '--wpscan-api-skip-folders-in-repo-options-file=BOOL Whether to allow specifying folders that are not to be' . PHP_EOL .
"\t" . ' scanned via WPScan API to be specified in file in' . PHP_EOL .
"\t" . ' root of repository (.vipgoci_wpscan_api_skip_folders).' . PHP_EOL .
"\t" . ' Folders should be separated by newlines.' . PHP_EOL .
"\t" . '--wpscan-api-plugin-file-extensions=ARRAY Use specified file extensions to select which altered plugin files to scan with WPScan API.' . PHP_EOL .
"\t" . ' Default is: "' . implode( ',', VIPGOCI_WPSCAN_PLUGIN_FILE_EXTENSIONS_DEFAULT ) . '"' . PHP_EOL .
"\t" . '--wpscan-api-theme-file-extensions=ARRAY Use specified file extensions to select which altered theme files to scan with WPScan API.' . PHP_EOL .
Expand Down Expand Up @@ -337,6 +341,7 @@ function vipgoci_options_recognized() :array {
'wpscan-api-plugin-file-extensions:',
'wpscan-api-theme-file-extensions:',
'wpscan-api-skip-folders:',
'wpscan-api-skip-folders-in-repo-options-file:',
'wpscan-api-report-end-msg:',

/*
Expand Down Expand Up @@ -709,6 +714,8 @@ function vipgoci_run_init_options_wpscan( array &$options ) :void {

vipgoci_option_bool_handle( $options, 'wpscan-api-dry-mode', 'true' );

vipgoci_option_bool_handle( $options, 'wpscan-api-skip-folders-in-repo-options-file', 'false' );

/*
* Process --wpscan-folders -- expected to be an
* array of values.
Expand Down
16 changes: 11 additions & 5 deletions options.php
Original file line number Diff line number Diff line change
Expand Up @@ -267,9 +267,9 @@ function vipgoci_options_read_repo_file(

/**
* Read from repository files which folders are to
* be skipped from PHPCS scanning and PHP Linting,
* if configured to do so, and join with any folders
* specified on the command line.
* be skipped from PHPCS scanning, PHP Linting and
* WPScan API scanning, if configured to do so, and
* join with any folders specified on the command line.
*
* @param array $options Options array for the program.
*
Expand All @@ -279,7 +279,7 @@ function vipgoci_options_read_repo_skip_files(
array &$options
) :void {
foreach (
array( 'phpcs', 'lint' ) as $scan_type
array( 'phpcs', 'lint', 'wpscan-api' ) as $scan_type
) {
/*
* If not configured to read
Expand Down Expand Up @@ -308,7 +308,13 @@ function vipgoci_options_read_repo_skip_files(
)
);

$type_options_file_name = '.vipgoci_' . $scan_type . '_skip_folders';
$scan_type_file_str = str_replace(
'-',
'_',
$scan_type
);

$type_options_file_name = '.vipgoci_' . $scan_type_file_str . '_skip_folders';

$type_options_file_contents =
vipgoci_gitrepo_fetch_committed_file(
Expand Down
Loading