diff --git a/README.md b/README.md index e9fb79ba84..5fc8d919f5 100644 --- a/README.md +++ b/README.md @@ -239,7 +239,6 @@ The layer can check on a recipe-level or on an image-level. | tscancode | C and lua linter | https://github.com/Tencent/TscanCode | | | | x | x | | | | | | | | | | | | | | | x | | | upc | check for simple privilege escalation vectors | https://github.com/pentestmonkey/unix-privesc-check | | | x | | | | | | | | | x | | | | | | | x | | | | vulture | Find dead python code | https://github.com/jendrikseipp/vulture | | | x | x | | | x | | | | | | | | | | | | | x | | -| wotan | Typescript/javascript linter | https://github.com/fimbullinter/wotan | meta-oe, manual enable | x | x | x | | | | | x | | | | | | | | | | | x | x | | xmllint | XML linter | http://xmlsoft.org/xmllint.html | | | x | x | | | | | | | | | | | | | | x | | x | | | yamllint | YAML linter | https://github.com/adrienverge/yamllint | | | x | x | | | | | | | | | | | | | | x | | | x | | yara | Find suspicious pattern in binaries | https://github.com/VirusTotal/yara | | | x | | | | | | | | | x | | | | | | | x | | | @@ -324,7 +323,6 @@ each tool does have it's own benefits and flaws so don't be mad if you have 10k+ - [tscancode](docs/conf/module/tscancode.md) - [upc](docs/conf/module/upc.md) - [vulture](docs/conf/module/vulture.md) - - [wotan](docs/conf/module/wotan.md) - [xmllint](docs/conf/module/xmllint.md) - [yamllint](docs/conf/module/yamllint.md) - [yara](docs/conf/module/yara.md) diff --git a/classes/sca-blacklist.bbclass b/classes/sca-blacklist.bbclass index ccac875f12..80850f0fcf 100644 --- a/classes/sca-blacklist.bbclass +++ b/classes/sca-blacklist.bbclass @@ -67,7 +67,6 @@ SCA_BLACKLIST_tlv ?= "linux-.* busybox openssh" SCA_BLACKLIST_tscanscode ?= "linux-.*" SCA_BLACKLIST_upc ?= "" SCA_BLACKLIST_vulture ?= "" -SCA_BLACKLIST_wotan ?= "" SCA_BLACKLIST_xmllint ?= "" SCA_BLACKLIST_yamllint ?= "" SCA_BLACKLIST_yara ?= "" diff --git a/classes/sca-global.bbclass b/classes/sca-global.bbclass index ba5b4cf15f..fc7bffa313 100644 --- a/classes/sca-global.bbclass +++ b/classes/sca-global.bbclass @@ -151,7 +151,6 @@ SCA_AVAILABLE_MODULES ?= "\ " # additional layer requirements SCA_AVAILABLE_MODULES[inspec] = "openembedded-layer rubygems" -SCA_AVAILABLE_MODULES[wotan] = "openembedded-layer" # Modules using crossemu support, because they need some extra "love" _SCA_CROSSEMU_MODULES = "\ diff --git a/classes/sca-on-image.bbclass b/classes/sca-on-image.bbclass index aa1caf507a..c8220cf131 100755 --- a/classes/sca-on-image.bbclass +++ b/classes/sca-on-image.bbclass @@ -40,7 +40,6 @@ SCA_ENABLED_MODULES_IMAGE ?= "\ tlv \ upc \ vulture \ - wotan \ xmllint \ yamllint \ yara \ diff --git a/classes/sca-on-recipe.bbclass b/classes/sca-on-recipe.bbclass index 3ee669629e..719badb99c 100755 --- a/classes/sca-on-recipe.bbclass +++ b/classes/sca-on-recipe.bbclass @@ -64,7 +64,6 @@ SCA_ENABLED_MODULES_RECIPE ?= "\ tlv \ tscancode \ vulture \ - wotan \ xmllint \ yamllint \ " diff --git a/classes/sca-wotan-core.bbclass b/classes/sca-wotan-core.bbclass deleted file mode 100755 index d560f10b35..0000000000 --- a/classes/sca-wotan-core.bbclass +++ /dev/null @@ -1,106 +0,0 @@ -## SPDX-License-Identifier: BSD-2-Clause -## Copyright (c) 2019, Konrad Weihmann - -SCA_WOTAN_EXTRA_SUPPRESS ?= "" -SCA_WOTAN_EXTRA_FATAL ?= "" -SCA_WOTAN_FILE_FILTER ?= ".js .ts .vue" -SCA_WOTAN_CONFIG ?= "wotan:recommended" - -inherit sca-conv-to-export -inherit sca-datamodel -inherit sca-global -inherit sca-helper -inherit sca-license-filter -inherit sca-suppress -inherit sca-image-backtrack - -DEPENDS += "wotan-native" - -SCA_RAW_RESULT_FILE[wotan] = "json" - -def do_sca_conv_wotan(d): - import os - import json - - package_name = d.getVar("PN") - buildpath = d.getVar("SCA_SOURCES_DIR") - - _suppress = sca_suppress_init(d, "SCA_WOTAN_EXTRA_SUPPRESS", - d.expand("${STAGING_DATADIR_NATIVE}/wotan-${SCA_MODE}-suppress")) - _findings = [] - - if os.path.exists(sca_raw_result_file(d, "wotan")): - content = [] - with open(sca_raw_result_file(d, "wotan"), "r") as f: - try: - content = json.load(f) - except json.JSONDecodeError: - content = [] - for m in content: - try: - g = sca_get_model_class(d, - PackageName=package_name, - BuildPath=buildpath, - Tool="wotan", - File=m["fileName"], - Line=str(m["start"]["line"]), - Column=str(m["start"]["character"] + 1), - Message=m["message"], - ID=m["ruleName"], - Severity=m["severity"]) - if _suppress.Suppressed(g): - continue - if g.Scope not in clean_split(d, "SCA_SCOPE_FILTER"): - continue - if g.Severity in sca_allowed_warning_level(d): - _findings += sca_backtrack_findings(d, g) - except Exception as exp: - sca_log_note(d, str(exp)) - - sca_add_model_class_list(d, _findings) - return sca_save_model_to_string(d) - -def exec_wrap_combine_json_wotan(a, b, **kwargs): - import json - try: - b = "\n".join([x for x in b.split("\n") if not x.startswith("Rule") and not x.endswith("requires type information.")]) - b = json.loads(b) - except: - b = [] - - try: - a = json.loads(a) - a += b - except: - a = b - return json.dumps(a) - -python do_sca_wotan_core() { - import os - import subprocess - - _args = ["wotan"] - _args += ["-c", d.getVar("SCA_WOTAN_CONFIG")] - _args += ["--fix", "false"] - _args += ["--formatter", "json"] - - _files = get_files_by_extention(d, d.getVar("SCA_SOURCES_DIR"), d.getVar("SCA_WOTAN_FILE_FILTER"), \ - sca_filter_files(d, d.getVar("SCA_SOURCES_DIR"), clean_split(d, "SCA_FILE_FILTER_EXTRA"))) - - cmd_output = exec_wrap_check_output(d, _args, _files, combine=exec_wrap_combine_json_wotan, default_val=[]) - - with open(sca_raw_result_file(d, "wotan"), "w") as o: - o.write(cmd_output) -} - -python do_sca_wotan_core_report() { - import os - ## Create data model - d.setVar("SCA_DATAMODEL_STORAGE", "{}/wotan.dm".format(d.getVar("T"))) - dm_output = do_sca_conv_wotan(d) - with open(d.getVar("SCA_DATAMODEL_STORAGE"), "w") as o: - o.write(dm_output) - - sca_task_aftermath(d, "wotan", get_fatal_entries(d, "SCA_WOTAN_EXTRA_FATAL", - d.expand("${STAGING_DATADIR_NATIVE}/wotan-${SCA_MODE}-fatal"))) -} diff --git a/classes/sca-wotan-image.bbclass b/classes/sca-wotan-image.bbclass deleted file mode 100755 index c27de77e5e..0000000000 --- a/classes/sca-wotan-image.bbclass +++ /dev/null @@ -1,13 +0,0 @@ -## SPDX-License-Identifier: BSD-2-Clause -## Copyright (c) 2019, Konrad Weihmann - -inherit sca-helper -inherit sca-global -inherit sca-wotan-core - -do_sca_wotan_core[doc] = "Lint type/javascript files in image" -do_sca_wotan_core_report[doc] = "Report findings from do_sca_wotan_core" -addtask do_sca_wotan_core before do_image_complete after do_image -addtask do_sca_wotan_core_report after do_sca_wotan_core before do_sca_deploy - -DEPENDS += "sca-image-wotan-rules-native" diff --git a/classes/sca-wotan-recipe.bbclass b/classes/sca-wotan-recipe.bbclass deleted file mode 100755 index ebb69bab87..0000000000 --- a/classes/sca-wotan-recipe.bbclass +++ /dev/null @@ -1,14 +0,0 @@ -## SPDX-License-Identifier: BSD-2-Clause -## Copyright (c) 2019, Konrad Weihmann - -inherit sca-helper -inherit sca-global -inherit sca-wotan-core -inherit sca-tracefiles - -do_sca_wotan_core[doc] = "Lint type/javascript files" -do_sca_wotan_core_report[doc] = "Report findings from do_sca_wotan_core" -addtask do_sca_wotan_core after do_compile before do_sca_tracefiles -addtask do_sca_wotan_core_report after do_sca_tracefiles before do_sca_deploy - -DEPENDS += "sca-recipe-wotan-rules-native" diff --git a/docs/conf/module/wotan.md b/docs/conf/module/wotan.md deleted file mode 100644 index cbe922e909..0000000000 --- a/docs/conf/module/wotan.md +++ /dev/null @@ -1,62 +0,0 @@ -# Configuration for wotan - -## Supported environments/languages - -* JavaScript - -## Configuration - -| var | purpose | type | default | -| ------------- |:-------------:| -----:| -----: -| SCA_BLACKLIST_wotan | Blacklist filter for this tool | space-separated-list | "" -| SCA_WOTAN_EXTRA_FATAL | Extra error-IDs leading to build termination when found | space-separated-list | "": -| SCA_WOTAN_EXTRA_SUPPRESS | Extra error-IDs to be suppressed | space-separated-list | "" -| SCA_WOTAN_FILE_FILTER | File extension to scan for | space-separated-list | ".js .ts .vue" -| SCA_WOTAN_CONFIG | Configuration preset to use | space-separated-list | "wotan:recommended" - -## Supports - -* [x] suppression of IDs -* [x] terminate build on fatal -* [x] run on recipe -* [x] run on image -* [ ] run with SCA-layer default settings (see SCA_AVAILABLE_MODULES) - -## Requires - -* [x] requires online access - -## Known error-IDs - -__tbd__ - -## Checking scope - -* [ ] security -* [x] functional defects -* [ ] compliance -* [x] style issues - -## Statistics - -* ⬛⬛⬛⬛⬜⬜⬜⬜⬜⬜ 04/10 Build Speed -* ⬛⬛⬛⬛⬛⬛⬛⬛⬛⬛ 10/10 Execution Speed -* ⬛⬛⬛⬛⬛⬛⬛⬛⬜⬜ 08/10 Quality - -## Score mapping - -### Error considered as security relevant - -* n.a. - -### Error considered as functional defect - -* wotan.wotan.* - -### Error consired as compliance issue - -* n.a. - -### Error considered as style issue - -* n.a. diff --git a/files/module_list.csv b/files/module_list.csv index 295ee20b9e..5d2845689c 100644 --- a/files/module_list.csv +++ b/files/module_list.csv @@ -64,7 +64,6 @@ tlv,Find duplicate code,https://github.com/priv-kweihmann/tlv,manual enable,,x,x tscancode,C and lua linter,https://github.com/Tencent/TscanCode,,,,x,x,,,,,,,,,,,,,,,x, upc,check for simple privilege escalation vectors,https://github.com/pentestmonkey/unix-privesc-check,,,x,,,,,,,,,x,,,,,,,x,, vulture,Find dead python code,https://github.com/jendrikseipp/vulture,,,x,x,,,x,,,,,,,,,,,,,x, -wotan,Typescript/javascript linter,https://github.com/fimbullinter/wotan,"meta-oe, manual enable",x,x,x,,,,,x,,,,,,,,,,,x,x xmllint,XML linter,http://xmlsoft.org/xmllint.html,,,x,x,,,,,,,,,,,,,,x,,x, yamllint,YAML linter,https://github.com/adrienverge/yamllint,,,x,x,,,,,,,,,,,,,,x,,,x yara,Find suspicious pattern in binaries,https://github.com/VirusTotal/yara,,,x,,,,,,,,,x,,,,,,,x,, \ No newline at end of file diff --git a/recipes-sca-rules/sca-image-wotan-rules-native/files/fatal b/recipes-sca-rules/sca-image-wotan-rules-native/files/fatal deleted file mode 100755 index e69de29bb2..0000000000 diff --git a/recipes-sca-rules/sca-image-wotan-rules-native/files/suppress b/recipes-sca-rules/sca-image-wotan-rules-native/files/suppress deleted file mode 100755 index e69de29bb2..0000000000 diff --git a/recipes-sca-rules/sca-image-wotan-rules-native/sca-image-wotan-rules-native_1.0.bb b/recipes-sca-rules/sca-image-wotan-rules-native/sca-image-wotan-rules-native_1.0.bb deleted file mode 100755 index 52cd5c8178..0000000000 --- a/recipes-sca-rules/sca-image-wotan-rules-native/sca-image-wotan-rules-native_1.0.bb +++ /dev/null @@ -1,19 +0,0 @@ -SUMMARY = "SCA ruleset for wotan at images" -DESCRIPTION = "Rules to configure how wotan is affecting the build" - -DEFAULT_PREFERENCE = "${SCA_DEFAULT_PREFERENCE}" -LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://${SCA_LAYERDIR}/LICENSE;md5=a4a2bbea1db029f21b3a328c7a059172" - -SRC_URI = "file://fatal \ - file://suppress" - -inherit native - -do_install() { - install -d "${D}${datadir}" - install "${WORKDIR}/suppress" "${D}${datadir}/wotan-image-suppress" - install "${WORKDIR}/fatal" "${D}${datadir}/wotan-image-fatal" -} - -FILES:${PN} = "${datadir}" diff --git a/recipes-sca-rules/sca-recipe-wotan-rules-native/files/fatal b/recipes-sca-rules/sca-recipe-wotan-rules-native/files/fatal deleted file mode 100755 index e69de29bb2..0000000000 diff --git a/recipes-sca-rules/sca-recipe-wotan-rules-native/files/suppress b/recipes-sca-rules/sca-recipe-wotan-rules-native/files/suppress deleted file mode 100755 index e69de29bb2..0000000000 diff --git a/recipes-sca-rules/sca-recipe-wotan-rules-native/sca-recipe-wotan-rules-native_1.0.bb b/recipes-sca-rules/sca-recipe-wotan-rules-native/sca-recipe-wotan-rules-native_1.0.bb deleted file mode 100755 index 5083e99465..0000000000 --- a/recipes-sca-rules/sca-recipe-wotan-rules-native/sca-recipe-wotan-rules-native_1.0.bb +++ /dev/null @@ -1,19 +0,0 @@ -SUMMARY = "SCA ruleset for wotan at recipes" -DESCRIPTION = "Rules to configure how wotan is affecting the build" - -DEFAULT_PREFERENCE = "${SCA_DEFAULT_PREFERENCE}" -LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://${SCA_LAYERDIR}/LICENSE;md5=a4a2bbea1db029f21b3a328c7a059172" - -SRC_URI = "file://suppress \ - file://fatal" - -inherit native - -do_install() { - install -d "${D}${datadir}" - install "${WORKDIR}/fatal" "${D}${datadir}/wotan-recipe-fatal" - install "${WORKDIR}/suppress" "${D}${datadir}/wotan-recipe-suppress" -} - -FILES:${PN} = "${datadir}" diff --git a/recipes-sca/wotan-native/files/wotan.sca.description b/recipes-sca/wotan-native/files/wotan.sca.description deleted file mode 100644 index 480b92a152..0000000000 --- a/recipes-sca/wotan-native/files/wotan.sca.description +++ /dev/null @@ -1,33 +0,0 @@ -{ - "buildspeed": 4, - "execspeed": 10, - "languages": [ - "javascript", - "typescript" - ], - "uses": [ - "@npm" - ], - "online": true, - "quality": 8, - "scope": [ - "functional", - "style" - ], - "score": { - "functional": [ - "wotan.wotan..*" - ] - }, - "test": { - "integration": [ - {"cmd": ["wotan", "-v"], "returncode": 0} - ], - "findings": [ - "bad-javascript" - ], - "no-findings": [ - "busybox" - ] - } -} \ No newline at end of file diff --git a/recipes-sca/wotan-native/wotan-native_1.0.bb b/recipes-sca/wotan-native/wotan-native_1.0.bb deleted file mode 100644 index b14e8688f7..0000000000 --- a/recipes-sca/wotan-native/wotan-native_1.0.bb +++ /dev/null @@ -1,17 +0,0 @@ -SUMMARY = "sca definition for wotan" - -DEFAULT_PREFERENCE = "${SCA_DEFAULT_PREFERENCE}" -LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://${SCA_LAYERDIR}/LICENSE;md5=a4a2bbea1db029f21b3a328c7a059172" - -DEPENDS += "\ - npm-fimbul-valtyr-native \ - npm-fimbul-ve-native \ - npm-fimbul-wotan-native \ - npm-typescript-native \ - " - -inherit sca-description -inherit native - -SCA_TOOL_DESCRIPTION = "wotan" diff --git a/test/lang_metaoe.txt b/test/lang_metaoe.txt index b0bafba728..e69de29bb2 100644 --- a/test/lang_metaoe.txt +++ b/test/lang_metaoe.txt @@ -1 +0,0 @@ -wotan \ No newline at end of file