-
Notifications
You must be signed in to change notification settings - Fork 134
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add publisher agreement compliance check #954
Conversation
...in/java/org/eclipse/openvsx/migration/CheckPotentiallyMaliciousExtensionVersionsService.java
Show resolved
Hide resolved
...in/java/org/eclipse/openvsx/migration/CheckPotentiallyMaliciousExtensionVersionsService.java
Show resolved
Hide resolved
server/src/main/java/org/eclipse/openvsx/migration/PotentiallyMaliciousJobRequestHandler.java
Show resolved
Hide resolved
} | ||
|
||
@Override | ||
@Job(name = "Check published extensions for maliciously compressed vsix files", retries = 3) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
... for potentially malicious ...
public void run(MigrationJobRequest jobRequest) throws Exception { | ||
var download = migrations.getResource(jobRequest); | ||
var extVersion = download.getExtension(); | ||
logger.info("Checking extension version for malicious content: {}", NamingUtil.toLogFormat(extVersion)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
... for potentially malicious vsix file: ...
return; | ||
} | ||
|
||
logger.info("Checking vsix file for malicious metadata: {}", download.getName()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
... for potentially malicious ...
@@ -204,6 +204,11 @@ public void publishAsync(FileResource download, TempFile extensionFile, Extensio | |||
service.storeDownload(download, extensionFile); | |||
service.persistResource(download); | |||
try(var processor = new ExtensionProcessor(extensionFile, ObservationRegistry.NOOP)) { | |||
extVersion.setPotentiallyMalicious(processor.isPotentiallyMalicious()); | |||
if (extVersion.isPotentiallyMalicious()) { | |||
throw new ErrorResultException("The extension version is potentially malicious and cannot be published: " + NamingUtil.toLogFormat(extVersion)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This runs asynchronous in the background. The publisher won't receive the exception.
Log and return would be good enough:
logger.warn("Extension version is potentially malicious: {}", NamingUtil.toLogFormat(extVersion));
return;
@@ -495,6 +495,11 @@ public Streamable<MigrationItem> findNotMigratedSha256Checksums() { | |||
return findNotMigratedItems("V1_35__FileResource_Generate_Sha256_Checksum.sql"); | |||
} | |||
|
|||
public Streamable<MigrationItem> findNotMigratedPotentiallyMalicious() { | |||
return findNotMigratedItems("V1_46__ExtensionVersion_PotentiallyMalicious.sql"); | |||
// return migrationItemRepo.findByMigrationScriptAndMigrationScheduledFalseOrderById("V1_46__ExtensionVersion_PotentiallyMalicious.sql"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove line
@@ -203,6 +203,7 @@ public List<ExtensionJson> getOwnExtensions() { | |||
var json = latest.toExtensionJson(); | |||
json.preview = latest.isPreview(); | |||
json.active = latest.getExtension().isActive(); | |||
json.potentiallyMalicious = latest.isPotentiallyMalicious(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is going to be used in the webui?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not planned yet, therefore I removed it again. We can add it back if there ever is a plan to show it in the webui.
@@ -275,6 +275,7 @@ public UserPublishInfoJson getUserPublishInfo(String provider, String loginName) | |||
var json = latest.toExtensionJson(); | |||
json.preview = latest.isPreview(); | |||
json.active = latest.getExtension().isActive(); | |||
json.potentiallyMalicious = latest.isPotentiallyMalicious(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is going to be used in the webui?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not planned yet, therefore I removed it again. We can add it back if there ever is a plan to show it in the webui.
I believe I addressed all comments. Should I change anything else, @amvanbaren ? |
...in/java/org/eclipse/openvsx/migration/CheckPotentiallyMaliciousExtensionVersionsService.java
Show resolved
Hide resolved
server/src/main/java/org/eclipse/openvsx/migration/PotentiallyMaliciousJobRequestHandler.java
Show resolved
Hide resolved
@@ -194,7 +194,7 @@ private String checkBundledExtension(String bundledExtension) { | |||
|
|||
@Async | |||
@Retryable | |||
public void publishAsync(FileResource download, TempFile extensionFile, ExtensionService extensionService) { | |||
public void publishAsync(FileResource download, TempFile extensionFile, ExtensionService extensionService) throws ErrorResultException { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It no longer throws an ErrorResultException
@@ -72,6 +72,9 @@ public static ExtensionJson error(String message) { | |||
@Schema(hidden = true) | |||
public Boolean active; | |||
|
|||
@Schema(description = "The value 'true' means that the extension contains potentially malicious content.") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this used?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No, not yet => also removed for now. We can reintroduce this if needed.
This commit enforces that only extension versions compliant with the publisher agreement can be published. Already existing extensions versions are checked as part of a migration job. Contributed on behalf of STMicroelectronics Signed-off-by: Olaf Lessenich <olessenich@eclipsesource.com>
Thanks for your help and the feedback @amvanbaren! |
This commit enforces that only extension versions compliant with the publisher agreement can be published.
Already existing extensions versions are checked as part of a migration job.
Contributed on behalf of STMicroelectronics