feat: adding google malware detection #36
Conversation
jsdevel
commented
Aug 28, 2022
•
jsdevel
commented
- Test ipfs malware sample from google with lookup and evaluate.
jsdevel
force-pushed
the
adding-google-malware-detection
branch
from
0fe2ded
to
1b9c179
Compare
jsdevel
changed the title
jsdevel
changed the title
jsdevel
force-pushed
the
adding-google-malware-detection
branch
from
1b9c179
to
e6f4227
Compare
There was a problem hiding this comment.
Thanks for the first iteration @jsdevel
Let's please create a package from the start as previously talked and specified in https://hackmd.io/Y1vEmm9qTBmQU9Wzc3PY2w. Once we hook up tests, KV to store results / KV Locker it will be a bunch of logic that should be isolated. Also, we will want the logs for metrics + trigger badbits mail
For the package, we want a worker quite similar to this one with:
- wrangler.toml
- index.js
- cors.js
- error-handler.js
- env.js
jsdevel
force-pushed
the
adding-google-malware-detection
branch
2 times, most recently
from
9f4a736
to
c3dd17c
Compare
There was a problem hiding this comment.
Thanks for the new iteration. Glad things are shaping up. A couple of general comments I could not have a place to add in review:
- github actions workflow for cid verifier package (can be based on edge-gateway
- CI is having a bad time, looks like pnpm lockfile should be commited? perhaps run on root dir pnpm clean && pnpm i
Also, this is first set of comments and I did not get into the actual code for CID verification. Just all the boilerplate around
i saw that error. i checked in the pnpm lock file. i think locally i'm using a later version of pnpm and that's causing it. |
jsdevel
force-pushed
the
adding-google-malware-detection
branch
16 times, most recently
from
de4735a
to
57a0953
Compare
jsdevel
force-pushed
the
adding-google-malware-detection
branch
from
57a0953
to
cc9b4f3
Compare
jsdevel
force-pushed
the
adding-google-malware-detection
branch
from
cf8bef9
to
5412487
Compare
i'll add a README once the approach is finalized |
| export interface EnvInput { | ||
| ENV: string; | ||
| DEBUG: string; | ||
| GOOGLE_EVALUATE_SAFE_CONFIDENCE_LEVELS: Array<string>; |
There was a problem hiding this comment.
i had this in case there were other levels we'd want to configure other than SAFE
packages/cid-verifier/src/index.js
Outdated
| .get('/verification', withCorsHeaders(verificationGet)) | ||
| .post('/verification', withCorsHeaders(verificationPost)) |
There was a problem hiding this comment.
we can go over this in our call
jsdevel
force-pushed
the
adding-google-malware-detection
branch
2 times, most recently
from
8833a3f
to
3960f33
Compare
| export interface EnvInput { | ||
| ENV: string; | ||
| DEBUG: string; | ||
| GOOGLE_EVALUATE_SAFE_CONFIDENCE_LEVELS: Array<string>; |
There was a problem hiding this comment.
Ok, I got it thanks, this also needs to go to docs. And added in wrangler toml for other environments
jsdevel
force-pushed
the
adding-google-malware-detection
branch
2 times, most recently
from
bd6d31c
to
7d51262
Compare
* Moving DENYLIST logic to cid-verifier from edge-gateway
jsdevel
force-pushed
the
adding-google-malware-detection
branch
from
7d51262
to
65a107e
Compare
| @@ -101,3 +101,10 @@ test('Gets content with other base encodings', async (t) => { | |||
| await response.waitUntil() | |||
| t.is(await response.text(), 'Hello dot.storage! 😎') | |||
| }) | |||
|
|
|||
| test('Sends HTML files to cid-verifier', async (t) => { | |||
There was a problem hiding this comment.
@vasco-santos i'm having trouble getting this to work. can you take a look?
vasco-santos
force-pushed
the
adding-google-malware-detection
branch
from
6114aa7
to
f3c6b84
Compare
