Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(secret-scan): Failing lint issues #507

Merged
merged 1 commit into from
Oct 23, 2024
Merged

chore(secret-scan): Failing lint issues #507

merged 1 commit into from
Oct 23, 2024

Conversation

somya-05
Copy link
Contributor

@somya-05 somya-05 commented Oct 21, 2024
edited by codiumai-pr-agent-free bot
Loading

User description

Description

Fix all the errors during the lint scan.

Fixes #505

Dependencies

None

Future Improvements

Work on all the lint issues while developing the code

Mentions

@rajdip-b

Screenshots of relevant screens

N/A

Developer's checklist

  • My PR follows the style guidelines of this project
  • I have performed a self-check on my work

If changes are made in the code:

  • I have followed the coding guidelines
  • My changes in code generate no new warnings
  • My changes are breaking another fix/feature of the project
  • I have added test cases to show that my feature works
  • I have added relevant screenshots in my PR
  • There are no UI/UX issues

Documentation Update

  • This PR requires an update to the documentation at docs.keyshade.xyz
  • I have made the necessary updates to the documentation, or no documentation changes are required.

PR Type

Bug fix

Description

  • Fixed various linting issues across multiple files in the secret-scan package.
  • Corrected regex patterns to adhere to linting standards.
  • Improved comment formatting for better readability.

Changes walkthrough 📝

Relevant files
Bug fix
12 files
authress.ts
Fix linting issues in Authress regex comments                       

packages/secret-scan/src/rules/authress.ts

  • Fixed indentation in comments.
  • Improved readability of the Authress API key regex comment.
    		•  +3/-3     
    beamer.ts
    Fix linting issue in Beamer regex pattern                               

    packages/secret-scan/src/rules/beamer.ts

    • Corrected regex pattern to fix linting issue.
    		 +1/-1     
    bitbucket.ts
    Fix linting issue in Bitbucket regex pattern                         

    packages/secret-scan/src/rules/bitbucket.ts

    • Corrected regex pattern to fix linting issue.
    		 +1/-1     
    cloudflare.ts
    Fix linting issue in Cloudflare regex pattern                       

    packages/secret-scan/src/rules/cloudflare.ts

    • Corrected regex pattern to fix linting issue.
    		 +1/-1     
    coinbase.ts
    Fix linting issue in Coinbase regex pattern                           

    packages/secret-scan/src/rules/coinbase.ts

    • Corrected regex pattern to fix linting issue.
    		 +1/-1     
    contentful.ts
    Fix linting issue in Contentful regex pattern                       

    packages/secret-scan/src/rules/contentful.ts

    • Corrected regex pattern to fix linting issue.
    		 +1/-1     
    definednetworking.ts
    Fix linting issue in Defined Networking regex pattern       

    packages/secret-scan/src/rules/definednetworking.ts

    • Corrected regex pattern to fix linting issue.
    		 +1/-1     
    dropbox.ts
    Fix linting issues in Dropbox regex patterns                         

    packages/secret-scan/src/rules/dropbox.ts

  • Fixed indentation in comments.
  • Corrected regex pattern to fix linting issue.
    		•  +3/-3     
    huggingface.ts
    Fix linting issue in Huggingface regex pattern                     

    packages/secret-scan/src/rules/huggingface.ts

    • Corrected regex pattern to fix linting issue.
    		 +1/-1     
    ip_public.ts
    Fix linting issue in IP Public regex pattern                         

    packages/secret-scan/src/rules/ip_public.ts

    • Corrected regex pattern to fix linting issue.
    		 +1/-1     
    planetscale.ts
    Fix linting issue in Planetscale regex patterns                   

    packages/secret-scan/src/rules/planetscale.ts

    • Corrected regex pattern to fix linting issue.
    		 +3/-3     
    sidekiq.ts
    Fix linting issue in Sidekiq regex patterns                           

    packages/secret-scan/src/rules/sidekiq.ts

    • Corrected regex pattern to fix linting issue.
    		 +1/-1     

    💡 PR-Agent usage: Comment /help "your question" on any pull request to receive relevant information

    @codiumai-pr-agent-free CodiumAI PR-Agent (Free)
    Copy link
    Contributor

    PR Reviewer Guide 🔍

    Here are some key observations to aid the review process:

    🎫 Ticket compliance analysis ✅

    505 - Fully compliant

    Fully compliant requirements:

    • Fix linting failures in the secret-scan package
    • Ensure pnpm lint runs without errors
    ⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪
    🧪 No relevant tests
    🔒 No security concerns identified
    ⚡ Recommended focus areas for review

    Regex Modification
    The regex pattern for Huggingface Organization Access Token has been modified. Verify if the new pattern correctly matches all valid tokens without false positives.

    Regex Complexity
    The regex pattern for public IP addresses is complex. Ensure it correctly identifies all public IP addresses without false positives or negatives.

    @codiumai-pr-agent-free CodiumAI PR-Agent (Free)
    Copy link
    Contributor

    PR Code Suggestions ✨

    Explore these optional code suggestions:

    CategorySuggestion                                                                                                                                    Score
    Maintainability
    Use named capture groups in complex regex patterns to improve readability and maintainability

    Consider using a named capture group for the IP address pattern. This can make the
    regex more readable and easier to maintain, especially when extracting matches.

    packages/secret-scan/src/rules/ip_public.ts [7]

    -/(?<![\w.])((?!(192\.168\.|127\.|10\.|172\.(?:1[6-9]|2[0-9]|3[01])))(?:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\.){3}(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?::\d{1,5})?)(?![\w.])/
+/(?<![\w.])(?<ip>(?!(192\.168\.|127\.|10\.|172\.(?:1[6-9]|2[0-9]|3[01])))(?:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])\.){3}(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?::\d{1,5})?)(?![\w.])/
    • Apply this suggestion
    Suggestion importance[1-10]: 6

    Why: Named capture groups can significantly enhance readability and maintainability, especially in complex regex patterns like this one. This suggestion is beneficial for future code maintenance.

    		6
    Performance
    Use non-capturing groups in regex patterns to potentially improve performance

    Consider using a non-capturing group for the character set in the regex pattern.
    This can slightly improve performance, especially if the regex is used frequently.

    packages/secret-scan/src/rules/beamer.ts [7]

    -/b_[a-z0-9=_-]{44}/i
+/b_(?:[a-z0-9=_-]{44})/i
    • Apply this suggestion
    Suggestion importance[1-10]: 5

    Why: The suggestion to use non-capturing groups can slightly improve performance, but the impact is minimal given the simplicity of the regex pattern. It is a valid enhancement but not critical.

    		5
    Enhancement
    Use non-capturing groups in regex patterns to improve readability and potentially enhance performance

    Consider using a non-capturing group for the character classes in the regex pattern.
    This can improve readability and slightly enhance performance.

    packages/secret-scan/src/rules/huggingface.ts [10]

    -/(?:^|[\\'"` >=:(,)])(api_org_[a-zA-Z]{34})(?:$|[\\'"` <),])/
+/(?:^|[\\'"` >=:(,)])(?:api_org_[a-zA-Z]{34})(?:$|[\\'"` <),])/
    • Apply this suggestion
    Suggestion importance[1-10]: 5

    Why: Using non-capturing groups can improve readability and performance slightly. However, the improvement is marginal, and the regex is already quite readable.

    		5
    Best practice
    Use template literals for complex regex patterns to enhance readability and maintainability

    Consider using template literals for the regex pattern to improve readability and
    maintainability, especially for complex patterns with many escape characters.

    packages/secret-scan/src/rules/sidekiq.ts [10]

    -/\bhttps?:\/\/([a-f0-9]{8}:[a-f0-9]{8})@(gems\.contribsys\.com|enterprise\.contribsys\.com)(?:[/|#|?|:]|$)/i
+new RegExp(`\\bhttps?://([a-f0-9]{8}:[a-f0-9]{8})@(gems\\.contribsys\\.com|enterprise\\.contribsys\\.com)(?:[/|#|?|:]|$)`, 'i')
    • Apply this suggestion
    Suggestion importance[1-10]: 4

    Why: While using template literals can improve readability, the current regex pattern is not overly complex. The suggestion is valid but offers limited improvement in this context.

    		4

    💡 Need additional feedback ? start a PR chat

    @rajdip-b rajdip-b changed the title fix: failing lint issues chore(secret-scan): Failing lint issues Oct 23, 2024
    @rajdip-b rajdip-b merged commit 48f45df into keyshade-xyz:develop Oct 23, 2024
    4 checks passed
    @rajdip-b rajdip-b added the hacktoberfest-accepted Your PR has this = Congrats! label Oct 23, 2024
    rajdip-b pushed a commit to anudeeps352/keyshade that referenced this pull request Oct 24, 2024
    @somya-05 @rajdip-b
    chore(secret-scan): Failing lint issues (keyshade-xyz#507)
    242353c
    rajdip-b pushed a commit that referenced this pull request Oct 24, 2024
    @semantic-release-bot
    chore(release): 2.6.0 [skip ci]
    58d912f 
    ## [2.6.0](v2.5.0...v2.6.0) (2024-10-24)

### 🚀 Features

* **api:**  Add icon and remove description field from workspace ([#435](#435)) ([a99c0db](a99c0db))
* **api-client:** Added workspace-membership and related tests ([#452](#452)) ([6a1c091](6a1c091))
* **api-client:** Create controller for User module ([#484](#484)) ([f9d8e83](f9d8e83))
* **api:** Add prod env schema in env file ([#436](#436)) ([21c3004](21c3004))
* **api:** Add resend otp implementation ([#445](#445)) ([4dc6aa1](4dc6aa1))
* **api:** Fetch total count of environments, [secure]s and variables in project ([#434](#434)) ([0c9e50a](0c9e50a))
* **api:** Replace `projectId` with `name` and `slug` in workspace-role response.  ([#432](#432)) ([af06071](af06071))
* **cli:** Add functionality to operate on Secrets ([#504](#504)) ([1b4bf2f](1b4bf2f))
* **cli:** Add project command ([#451](#451)) ([70448e1](70448e1))
* **cli:** Add workspace operations ([#441](#441)) ([ed38d22](ed38d22))
* **cli:** implement commands to get, list, update, and delete, workspace roles ([#469](#469)) ([957ea8d](957ea8d))
* **cli:** Implemented pagination support ([#453](#453)) ([feb1806](feb1806))
* **cli:** Secret scan ([#438](#438)) ([85cb8ab](85cb8ab))
* **cli:** Update environment command outputs ([f4af874](f4af874))
* **platform:** Clearing email field after waitlisting the user email ([#481](#481)) ([256d659](256d659))
* Remove project IDs from workspace role export data and update tests ([#448](#448)) ([8fdb328](8fdb328))
* **web:** Configured extra check for waitlisted users already in the list and created toast message for them ([#492](#492)) ([2ddd0ef](2ddd0ef))
* **web:** show the toast only when email add successfully ([#490](#490)) ([783c411](783c411))

### 🐛 Bug Fixes

* **api,api-client:** Add environmentSlug in multiple places across the variable module ([#468](#468)) ([d970aff](d970aff))
* **api:** Replace the id with slug in the global-search service ([#455](#455)) ([74804b1](74804b1))
* **platform:** Fixed duplicate Google Logo UI fix  ([#450](#450)) ([fb0d6f7](fb0d6f7))
* resolve footer website name cut-off or overlap issue ([#444](#444)) ([fe03ba2](fe03ba2))
* **web:** Horizontal Scrolling issue on the website ([#440](#440)) ([655177b](655177b))

### 📚 Documentation

* Add documentation for environment in CLI ([#462](#462)) ([dad7394](dad7394))
* Add documentation for project in CLI ([#466](#466)) ([341fb32](341fb32))
* Add documentation for scan in CLI ([#461](#461)) ([72281e6](72281e6))
* Add documentation for workspace command ([#464](#464)) ([4aad8a2](4aad8a2))
* Add instructions for resetting the local Prisma database ([#495](#495)) ([#501](#501)) ([b07ea17](b07ea17))
* Added docker support documentation ([#465](#465)) ([bc04be4](bc04be4))
* Added documentation for running the platform ([#473](#473)) ([8b8386b](8b8386b))
* Added missing mappings to pages ([5de9fd8](5de9fd8))
* Fix Documentation Hyperlink and update expired Discord invite link ([#496](#496)) ([5a10e39](5a10e39))
* Updated CLI docs ([#460](#460)) ([c7e0f13](c7e0f13))

### 🔧 Miscellaneous Chores

* Add more logging to Sentry init ([#470](#470)) ([de4925d](de4925d))
* **api:** Optimise API docker image size ([#360](#360)) ([ea40dc1](ea40dc1))
* **api:** Updated lockfile ([a968e78](a968e78))
* **CI:** Add [secure] scan validation ([f441262](f441262))
* **cli:** Update controller invocation in environment commands ([#477](#477)) ([596bd1a](596bd1a))
* Minor changes to variables ([fe01ca6](fe01ca6))
* **[secure]-scan:** Failing lint issues ([#507](#507)) ([48f45df](48f45df))
* **[secure]-scan:** Formatted files ([5884833](5884833))
* Update .env.example ([70ad4f7](70ad4f7))
* Updated scripts ([9eb76a7](9eb76a7))
* **web:** email validation ([#487](#487)) ([e8e737a](e8e737a))
    @rajdip-b
    Copy link
    Member

    🎉 This PR is included in version 2.6.0 🎉

    The release is available on GitHub release

    Your semantic-release bot 📦🚀

    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Reviewers

    @rajdip-b rajdip-b rajdip-b approved these changes

    Assignees
    No one assigned
    Labels
    Bug fix hacktoberfest-accepted Your PR has this = Congrats! released Review effort [1-5]: 2
    Projects
    None yet
    Milestone
    No milestone
    Development

    Successfully merging this pull request may close these issues.

    SECRET-SCAN: Lints are failing
    2 participants
    @somya-05 @rajdip-b