Skip to content

Commit

Permalink
VCS: more user-friendly reporting
Browse files Browse the repository at this point in the history
  • Loading branch information
@kazet
kazet committed Nov 3, 2023
1 parent 0aafeba commit 664b69c
Show file tree
Hide file tree
Showing 4 changed files with 31 additions and 4 deletions.
8 changes: 4 additions & 4 deletions artemis/reporting/modules/vcs/reporter.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ def _create_reports_svn(task_result: Dict[str, Any], language: Language) -> List
return [
Report(
top_level_target=get_top_level_target(task_result),
target=repo_url,
target=db_url,
report_type=VCSReporter.EXPOSED_VERSION_CONTROL_FOLDER_WITH_CREDENTIALS,
additional_data={
"config_url": db_url,
Expand Down Expand Up @@ -98,7 +98,7 @@ def _create_reports_svn(task_result: Dict[str, Any], language: Language) -> List
return [
Report(
top_level_target=get_top_level_target(task_result),
target=repo_url,
target=db_url,
report_type=VCSReporter.EXPOSED_VERSION_CONTROL_FOLDER,
additional_data={"config_url": db_url},
timestamp=task_result["created_at"],
Expand Down Expand Up @@ -148,7 +148,7 @@ def _create_reports_git(task_result: Dict[str, Any], language: Language) -> List
return [
Report(
top_level_target=get_top_level_target(task_result),
target=repo_url,
target=config_url,
report_type=VCSReporter.EXPOSED_VERSION_CONTROL_FOLDER_WITH_CREDENTIALS,
additional_data={
"config_url": repo_url,
Expand All @@ -161,7 +161,7 @@ def _create_reports_git(task_result: Dict[str, Any], language: Language) -> List

report = Report(
top_level_target=get_top_level_target(task_result),
target=repo_url,
target=config_url,
report_type=VCSReporter.EXPOSED_VERSION_CONTROL_FOLDER,
additional_data={"config_url": config_url},
timestamp=task_result["created_at"],
Expand Down
7 changes: 7 additions & 0 deletions artemis/reporting/modules/vcs/template_exposed_version_control_folder.jinja2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,5 +17,12 @@
Such data shouldn't be publicly available.
{% endtrans %}
</p>
<p>
{% trans trimmed %}
Even if directory listing in a folder is not enabled, a repository may be cloned by an attacker.
We recommend making the whole version control folders (not only the example files listed above)
inaccessible for external usera.
{% endtrans %}
</p>
</li>
{% endif %}
8 changes: 8 additions & 0 deletions artemis/reporting/modules/vcs/translations/en_US/LC_MESSAGES/messages.po
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,14 @@ msgid ""
"gain unauthorized access. Such data shouldn't be publicly available."
msgstr ""

#: artemis/reporting/modules/vcs/template_exposed_version_control_folder.jinja2:21
msgid ""
"Even if directory listing in a folder is not enabled, a repository may be"
" cloned by an attacker. We recommend making the whole version control "
"folders (not only the example files listed above) inaccessible for "
"external usera."
msgstr ""

#: artemis/reporting/modules/vcs/template_exposed_version_control_folder_with_credentials.jinja2:3
msgid ""
"The following addresses contain version control system data together with"
Expand Down
12 changes: 12 additions & 0 deletions artemis/reporting/modules/vcs/translations/pl_PL/LC_MESSAGES/messages.po
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,18 @@ msgstr ""
"hasła czy klucze API - również uzyskanie nieuprawnionego dostępu. "
"Rekomendujemy, aby tego typu dane nie były dostępne publicznie."

#: artemis/reporting/modules/vcs/template_exposed_version_control_folder.jinja2:21
msgid ""
"Even if directory listing in a folder is not enabled, a repository may be"
" cloned by an attacker. We recommend making the whole version control "
"folders (not only the example files listed above) inaccessible for "
"external usera."
msgstr ""
"Nawet, jeśli w katalogu .git czy .svn serwer nie wyświetla listy plików, "
"pobranie repozytorium przez atakującego jest możliwe. Rekomendujemy, aby "
"całe te foldery nie były dostępne, nie tylko przykładowe pliki "
"repozytorium podane powyżej."

#: artemis/reporting/modules/vcs/template_exposed_version_control_folder_with_credentials.jinja2:3
msgid ""
"The following addresses contain version control system data together with"
Expand Down

0 comments on commit 664b69c

Please sign in to comment.