Skip to content

Commit

Permalink
dont add list prefix automatically for remediation steps (#315)
Browse files Browse the repository at this point in the history
  • Loading branch information
noamd-legit authored Jun 13, 2024
1 parent 9529e37 commit 34641ae
Show file tree
Hide file tree
Showing 5 changed files with 44 additions and 19 deletions.
2 changes: 1 addition & 1 deletion internal/outputer/formatter/formatter_human.go
Original file line number Diff line number Diff line change
Expand Up @@ -146,7 +146,7 @@ func (hp humanPolicyFormatter) FormatText(depth int, format string, args ...inte
return indentMultiline(depth, fmt.Sprintf(format, args...))
}

func (hp humanPolicyFormatter) FormatList(depth int, title string, list []string, ordered bool) string {
func (hp humanPolicyFormatter) FormatList(depth int, title string, list []string, ordered bool, addListPrefix bool) string {
if len(list) == 0 {
return ""
}
Expand Down
35 changes: 30 additions & 5 deletions internal/outputer/formatter/formatter_markdown.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package formatter
import (
"bytes"
"fmt"
"regexp"
"strings"

"github.com/Legit-Labs/legitify/internal/common/severity"
Expand Down Expand Up @@ -174,19 +175,43 @@ func (mp markdownPolicyFormatter) FormatText(depth int, format string, args ...i
return indentMultilineSpecial(depth, fmt.Sprintf(format, args...), mp.Indent(1), mp.Linebreak())
}

func (mp markdownPolicyFormatter) FormatList(depth int, title string, list []string, ordered bool) string {
func isMarkdownListItem(s string) bool {
unorderedPattern := `^[\-\*\+] `
orderedPattern := `^\d+\.\s`

unorderedRegex, err := regexp.Compile(unorderedPattern)
if err != nil {
return false
}

orderedRegex, err := regexp.Compile(orderedPattern)
if err != nil {
return false
}

return unorderedRegex.MatchString(s) || orderedRegex.MatchString(s)
}

func (mp markdownPolicyFormatter) FormatList(depth int, title string, list []string, ordered bool, addListPrefix bool) string {
if len(list) == 0 {
return ""
}

var sb strings.Builder
bullet := "-"
sb.WriteString(mp.FormatText(depth, "%s\n", title))
sb.WriteString(mp.FormatText(depth, "%s\n\n", title))
for i, step := range list {
if ordered {
bullet = fmt.Sprintf("%d.", i+1)
if addListPrefix {
if ordered {
bullet = fmt.Sprintf("%d.", i+1)
}
sb.WriteString(mp.FormatText(depth, "%s %s\n", bullet, step))
} else {
sb.WriteString(mp.FormatText(depth, "%s\n", step))
if !isMarkdownListItem(step) {
sb.WriteString(mp.FormatText(depth, "\n"))
}
}
sb.WriteString(mp.FormatText(depth, "%s %s\n", bullet, step))
}

return sb.String()
Expand Down
2 changes: 1 addition & 1 deletion internal/outputer/formatter/formatter_sarif.go
Original file line number Diff line number Diff line change
Expand Up @@ -217,7 +217,7 @@ func (sp sarifPolicyFormatter) FormatText(depth int, format string, args ...inte
return indentMultilineSpecial(depth, fmt.Sprintf(format, args...), sp.Indent(1), sp.Linebreak())
}

func (sp sarifPolicyFormatter) FormatList(depth int, title string, list []string, ordered bool) string {
func (sp sarifPolicyFormatter) FormatList(depth int, title string, list []string, ordered bool, addListPrefix bool) string {
if len(list) == 0 {
return ""
}
Expand Down
12 changes: 6 additions & 6 deletions internal/outputer/formatter/policies_content.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ type policiesFormatter interface {
FormatTitle(title string, severity string) string
FormatSubtitle(title string) string
FormatText(depth int, format string, args ...interface{}) string
FormatList(depth int, title string, list []string, ordered bool) string
FormatList(depth int, title string, list []string, ordered bool, addListPrefix bool) string
Linebreak() string
Separator() string
Indent(depth int) string
Expand Down Expand Up @@ -94,9 +94,9 @@ func (pc *policiesContent) writeLineBreak() {
pc.writeLine("")
}

func (pc *policiesContent) writeList(title string, list []string, ordered bool) {
func (pc *policiesContent) writeList(title string, list []string, ordered bool, addListPrefix bool) {
title = fmt.Sprintf("%s:", pc.bold(title))
pc.sb.WriteString(pc.pf.FormatList(pc.depth, title, list, ordered))
pc.sb.WriteString(pc.pf.FormatList(pc.depth, title, list, ordered, addListPrefix))
}

func (pc *policiesContent) writeKeyval(key string, val string) {
Expand All @@ -114,10 +114,10 @@ func (pc *policiesContent) writePolicyInfo(policyName string, policyInfo scheme.
pc.writeKeyval("Severity", coloredSeverity)

pc.writeLineBreak()
pc.writeList("Threat", policyInfo.Threat, false)
pc.writeList("Threat", policyInfo.Threat, false, true)

pc.writeLineBreak()
pc.writeList("Remediation Steps", policyInfo.RemediationSteps, true)
pc.writeList("Remediation Steps", policyInfo.RemediationSteps, false, false)
}

func (pc *policiesContent) bold(text interface{}) string {
Expand Down Expand Up @@ -146,7 +146,7 @@ func (pc *policiesContent) writeAux(aux *orderedmap.OrderedMap) {
return
}

pc.writeList("Auxiliary Info", pc.auxAsList(aux), false)
pc.writeList("Auxiliary Info", pc.auxAsList(aux), false, true)
}

func (pc *policiesContent) auxAsList(m *orderedmap.OrderedMap) []string {
Expand Down
12 changes: 6 additions & 6 deletions policies/github/organization.rego
Original file line number Diff line number Diff line change
Expand Up @@ -156,12 +156,12 @@ organization_not_using_single_sign_on := false {
# custom:
# requiredEnrichers: [secretsList]
# remediationSteps:
# - Enter your organization's landing page
# - Go to the settings tab
# - Under the 'Security' title on the left, choose 'Secrets and variables'
# - Click 'Actions'
# - Sort secrets by 'Last Updated'
# - Regenerate every secret older than one year and add the new value to GitHub's secret manager
# - 1. Enter your organization's landing page
# - 2. Go to the settings tab
# - 3. Under the 'Security' title on the left, choose 'Secrets and variables'
# - 4. Click 'Actions'
# - 5. Sort secrets by 'Last Updated'
# - 6. Regenerate every secret older than one year and add the new value to GitHub's secret manager
# severity: MEDIUM
# requiredScopes: [admin:org, repo]
# threat: Sensitive data may have been inadvertently made public in the past, and an attacker who holds this data may gain access to your current CI and services. In addition, there may be old or unnecessary tokens that have not been inspected and can be used to access sensitive information.
Expand Down

0 comments on commit 34641ae

Please sign in to comment.