%global _empty_manifest_terminate_build 0
Name:		python-njsscan
Version:	0.3.4
Release:	1
Summary:	njsscan is a SAST tool that can find insecure code patterns in your Node.js applications.
License:	GNU Lesser General Public License v3 or later (LGPLv3+)
URL:		https://github.com/ajinabraham/njsscan
Source0:	https://mirrors.nju.edu.cn/pypi/web/packages/14/94/7071b5f3a6620651602d0d71e2b5706abeb4039e1ea446d7e9d090bf52ef/njsscan-0.3.4.tar.gz
BuildArch:	noarch

Requires:	python3-colorama
Requires:	python3-libsast
Requires:	python3-sarif-om
Requires:	python3-jschema-to-python
Requires:	python3-tabulate

%description
- nodejs-extensions:
  - .js
  template-extensions:
  - .new
  - .hbs
  - ''
  ignore-filenames:
  - skip.js
  ignore-paths:
  - __MACOSX
  - skip_dir
  - node_modules
  ignore-extensions:
  - .jsx
  ignore-rules:
  - regex_injection_dos
  - pug_jade_template
  severity-filter:
  - WARNING
  - ERROR
```
## Suppress Findings
You can suppress findings from javascript source files by adding the comment `// njsscan-ignore: rule_id1, rule_id2` to the line that trigger the findings.
Example:
```javascript
app.get('/some/redirect', function (req, res) {
    var target = req.param("target");
    res.redirect(target); // njsscan-ignore: express_open_redirect
});
```
## CI/CD Integrations
You can enable njsscan in your CI/CD or DevSecOps pipelines.
#### Github Action
Add the following to the file `.github/workflows/njsscan.yml`.
```yaml
name: njsscan
on:
  push:
    branches: [ master, main ]
  pull_request:
    branches: [ master, main ]
jobs:
  njsscan:
    runs-on: ubuntu-latest
    name: njsscan check
    steps:
    - name: Checkout the code
      uses: actions/checkout@v2
    - name: nodejsscan scan
      id: njsscan
      uses: ajinabraham/njsscan-action@master
      with:
        args: '.'
```
Example: [dvna with njsscan github action](https://github.com/ajinabraham/dvna/actions?query=workflow%3Anjsscan)
#### Github Code Scanning Integration
Add the following to the file `.github/workflows/njsscan_sarif.yml`.
```yaml
name: njsscan sarif
on:
  push:
    branches: [ master, main ]
  pull_request:
    branches: [ master, main ]
jobs:
  njsscan:
    runs-on: ubuntu-latest
    name: njsscan code scanning
    steps:
    - name: Checkout the code
      uses: actions/checkout@v2
    - name: nodejsscan scan
      id: njsscan
      uses: ajinabraham/njsscan-action@master
      with:
        args: '. --sarif --output results.sarif || true'
    - name: Upload njsscan report
      uses: github/codeql-action/upload-sarif@v1
      with:
        sarif_file: results.sarif
```
![nodejsscan web ui](https://user-images.githubusercontent.com/4301109/99230041-cfe29500-27bc-11eb-8baa-d5b30e21348d.png)
#### Gitlab CI/CD
Add the following to the file `.gitlab-ci.yml`.
```yaml
stages:
    - test
njsscan:
    image: python
    before_script:
        - pip3 install --upgrade njsscan
    script:
        - njsscan .
```
Example: [dvna with njsscan gitlab](https://gitlab.com/ajinabraham/dvna/-/jobs/602110439)
#### Travis CI
Add the following to the file `.travis.yml`.
```yaml
language: python
install:
    - pip3 install --upgrade njsscan
script:
    - njsscan .
```
#### Circle CI
Add the following to the file `.circleci/config.yaml`
```yaml
version: 2.1
jobs:
  njsscan:
    docker:
      - image: cimg/python:3.9.6
    steps:
      - checkout
      - run:
          name: Install njsscan
          command: pip install --upgrade njsscan
      - run:
           name: njsscan check
           command: njsscan .
```
## Docker
### Prebuilt image from [DockerHub](https://hub.docker.com/r/opensecurity/njsscan)
```bash
docker pull opensecurity/njsscan
docker run -v /path-to-source-dir:/src opensecurity/njsscan /src
```
### Build Locally
```
docker build -t njsscan .
docker run -v /path-to-source-dir:/src njsscan /src
```

%package -n python3-njsscan
Summary:	njsscan is a SAST tool that can find insecure code patterns in your Node.js applications.
Provides:	python-njsscan
BuildRequires:	python3-devel
BuildRequires:	python3-setuptools
BuildRequires:	python3-pip
%description -n python3-njsscan
- nodejs-extensions:
  - .js
  template-extensions:
  - .new
  - .hbs
  - ''
  ignore-filenames:
  - skip.js
  ignore-paths:
  - __MACOSX
  - skip_dir
  - node_modules
  ignore-extensions:
  - .jsx
  ignore-rules:
  - regex_injection_dos
  - pug_jade_template
  severity-filter:
  - WARNING
  - ERROR
```
## Suppress Findings
You can suppress findings from javascript source files by adding the comment `// njsscan-ignore: rule_id1, rule_id2` to the line that trigger the findings.
Example:
```javascript
app.get('/some/redirect', function (req, res) {
    var target = req.param("target");
    res.redirect(target); // njsscan-ignore: express_open_redirect
});
```
## CI/CD Integrations
You can enable njsscan in your CI/CD or DevSecOps pipelines.
#### Github Action
Add the following to the file `.github/workflows/njsscan.yml`.
```yaml
name: njsscan
on:
  push:
    branches: [ master, main ]
  pull_request:
    branches: [ master, main ]
jobs:
  njsscan:
    runs-on: ubuntu-latest
    name: njsscan check
    steps:
    - name: Checkout the code
      uses: actions/checkout@v2
    - name: nodejsscan scan
      id: njsscan
      uses: ajinabraham/njsscan-action@master
      with:
        args: '.'
```
Example: [dvna with njsscan github action](https://github.com/ajinabraham/dvna/actions?query=workflow%3Anjsscan)
#### Github Code Scanning Integration
Add the following to the file `.github/workflows/njsscan_sarif.yml`.
```yaml
name: njsscan sarif
on:
  push:
    branches: [ master, main ]
  pull_request:
    branches: [ master, main ]
jobs:
  njsscan:
    runs-on: ubuntu-latest
    name: njsscan code scanning
    steps:
    - name: Checkout the code
      uses: actions/checkout@v2
    - name: nodejsscan scan
      id: njsscan
      uses: ajinabraham/njsscan-action@master
      with:
        args: '. --sarif --output results.sarif || true'
    - name: Upload njsscan report
      uses: github/codeql-action/upload-sarif@v1
      with:
        sarif_file: results.sarif
```
![nodejsscan web ui](https://user-images.githubusercontent.com/4301109/99230041-cfe29500-27bc-11eb-8baa-d5b30e21348d.png)
#### Gitlab CI/CD
Add the following to the file `.gitlab-ci.yml`.
```yaml
stages:
    - test
njsscan:
    image: python
    before_script:
        - pip3 install --upgrade njsscan
    script:
        - njsscan .
```
Example: [dvna with njsscan gitlab](https://gitlab.com/ajinabraham/dvna/-/jobs/602110439)
#### Travis CI
Add the following to the file `.travis.yml`.
```yaml
language: python
install:
    - pip3 install --upgrade njsscan
script:
    - njsscan .
```
#### Circle CI
Add the following to the file `.circleci/config.yaml`
```yaml
version: 2.1
jobs:
  njsscan:
    docker:
      - image: cimg/python:3.9.6
    steps:
      - checkout
      - run:
          name: Install njsscan
          command: pip install --upgrade njsscan
      - run:
           name: njsscan check
           command: njsscan .
```
## Docker
### Prebuilt image from [DockerHub](https://hub.docker.com/r/opensecurity/njsscan)
```bash
docker pull opensecurity/njsscan
docker run -v /path-to-source-dir:/src opensecurity/njsscan /src
```
### Build Locally
```
docker build -t njsscan .
docker run -v /path-to-source-dir:/src njsscan /src
```

%package help
Summary:	Development documents and examples for njsscan
Provides:	python3-njsscan-doc
%description help
- nodejs-extensions:
  - .js
  template-extensions:
  - .new
  - .hbs
  - ''
  ignore-filenames:
  - skip.js
  ignore-paths:
  - __MACOSX
  - skip_dir
  - node_modules
  ignore-extensions:
  - .jsx
  ignore-rules:
  - regex_injection_dos
  - pug_jade_template
  severity-filter:
  - WARNING
  - ERROR
```
## Suppress Findings
You can suppress findings from javascript source files by adding the comment `// njsscan-ignore: rule_id1, rule_id2` to the line that trigger the findings.
Example:
```javascript
app.get('/some/redirect', function (req, res) {
    var target = req.param("target");
    res.redirect(target); // njsscan-ignore: express_open_redirect
});
```
## CI/CD Integrations
You can enable njsscan in your CI/CD or DevSecOps pipelines.
#### Github Action
Add the following to the file `.github/workflows/njsscan.yml`.
```yaml
name: njsscan
on:
  push:
    branches: [ master, main ]
  pull_request:
    branches: [ master, main ]
jobs:
  njsscan:
    runs-on: ubuntu-latest
    name: njsscan check
    steps:
    - name: Checkout the code
      uses: actions/checkout@v2
    - name: nodejsscan scan
      id: njsscan
      uses: ajinabraham/njsscan-action@master
      with:
        args: '.'
```
Example: [dvna with njsscan github action](https://github.com/ajinabraham/dvna/actions?query=workflow%3Anjsscan)
#### Github Code Scanning Integration
Add the following to the file `.github/workflows/njsscan_sarif.yml`.
```yaml
name: njsscan sarif
on:
  push:
    branches: [ master, main ]
  pull_request:
    branches: [ master, main ]
jobs:
  njsscan:
    runs-on: ubuntu-latest
    name: njsscan code scanning
    steps:
    - name: Checkout the code
      uses: actions/checkout@v2
    - name: nodejsscan scan
      id: njsscan
      uses: ajinabraham/njsscan-action@master
      with:
        args: '. --sarif --output results.sarif || true'
    - name: Upload njsscan report
      uses: github/codeql-action/upload-sarif@v1
      with:
        sarif_file: results.sarif
```
![nodejsscan web ui](https://user-images.githubusercontent.com/4301109/99230041-cfe29500-27bc-11eb-8baa-d5b30e21348d.png)
#### Gitlab CI/CD
Add the following to the file `.gitlab-ci.yml`.
```yaml
stages:
    - test
njsscan:
    image: python
    before_script:
        - pip3 install --upgrade njsscan
    script:
        - njsscan .
```
Example: [dvna with njsscan gitlab](https://gitlab.com/ajinabraham/dvna/-/jobs/602110439)
#### Travis CI
Add the following to the file `.travis.yml`.
```yaml
language: python
install:
    - pip3 install --upgrade njsscan
script:
    - njsscan .
```
#### Circle CI
Add the following to the file `.circleci/config.yaml`
```yaml
version: 2.1
jobs:
  njsscan:
    docker:
      - image: cimg/python:3.9.6
    steps:
      - checkout
      - run:
          name: Install njsscan
          command: pip install --upgrade njsscan
      - run:
           name: njsscan check
           command: njsscan .
```
## Docker
### Prebuilt image from [DockerHub](https://hub.docker.com/r/opensecurity/njsscan)
```bash
docker pull opensecurity/njsscan
docker run -v /path-to-source-dir:/src opensecurity/njsscan /src
```
### Build Locally
```
docker build -t njsscan .
docker run -v /path-to-source-dir:/src njsscan /src
```

%prep
%autosetup -n njsscan-0.3.4

%build
%py3_build

%install
%py3_install
install -d -m755 %{buildroot}/%{_pkgdocdir}
if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
pushd %{buildroot}
if [ -d usr/lib ]; then
	find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst
fi
if [ -d usr/lib64 ]; then
	find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst
fi
if [ -d usr/bin ]; then
	find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst
fi
if [ -d usr/sbin ]; then
	find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst
fi
touch doclist.lst
if [ -d usr/share/man ]; then
	find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst
fi
popd
mv %{buildroot}/filelist.lst .
mv %{buildroot}/doclist.lst .

%files -n python3-njsscan -f filelist.lst
%dir %{python3_sitelib}/*

%files help -f doclist.lst
%{_docdir}/*

%changelog
* Tue Apr 11 2023 Python_Bot <Python_Bot@openeuler.org> - 0.3.4-1
- Package Spec generated