Merge pull request nowsecure#4 from pandasauce/main

Fix Linux builds && Node version && add Windows support
cosdon · Aug 21, 2024 · 6a26466 · 6a26466
2 parents ae867f0 + 762f2c2
commit 6a26466
Show file tree

Hide file tree

Showing 10 changed files with 69 additions and 28 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -29,16 +29,17 @@ jobs:
           fi
       - uses: actions/setup-node@v3
         with:
-          node-version: '16'
+          node-version: '20'
       - run: | 
+          sudo apt update && sudo apt install p7zip-full nsis
           CLI_VERSION=${{ steps.set-version.outputs.version }} node cli/.ci/set-package-vars.js
           CI_CD_BUILD=1 cli/.ci/package.sh
       - name: Archive artifacts
         uses: actions/upload-artifact@v3
         with:
           name: Linux
           path: |
-            cli/dist/deb
+            cli/tmp/artifacts
 
   build-on-macos:
     name: Build, sign and notarize .pkg files for Mac
@@ -58,7 +59,7 @@ jobs:
           fi
       - uses: actions/setup-node@v3
         with:
-          node-version: '16'
+          node-version: '20'
       - name: Install the Apple certificate and provisioning profile
         env:
           BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}

diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,13 @@
+FROM ubuntu:22.04
+
+RUN DEBIAN_FRONTEND=noninteractive apt update && \
+    DEBIAN_FRONTEND=noninteractive apt install -y --no-install-recommends \
+    apt-utils build-essential ca-certificates curl git p7zip-full p7zip nsis sudo
+
+RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash && \
+    export NVM_DIR="$HOME/.nvm" && \
+    [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" && \
+    [ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion" && \
+    nvm install 20 && \
+    npm install -g yarn
+RUN git config --global --add safe.directory /build
diff --git a/cli/.ci/package.sh b/cli/.ci/package.sh
@@ -51,7 +51,11 @@ copy_lib sarif
 if [[ "$OS" == 'Darwin' ]]; then
   yarn package-macos
 else
+  mkdir -p tmp/artifacts
   yarn package-deb
+  cp dist/deb/* tmp/artifacts/
+  yarn package-win
+  cp dist/win32/* tmp/artifacts/
 fi
 
 if [ -n "${LINKED}" ]; then

diff --git a/cli/README.md b/cli/README.md
@@ -22,7 +22,7 @@ $ npm install -g @nowsecure/platform-cli
 $ ns-cli COMMAND
 running command...
 $ ns-cli (--version)
-@nowsecure/platform-cli/1.0.0 darwin-x64 node-v16.19.1
+@nowsecure/platform-cli/1.1.0 linux-x64 node-v20.16.0
 $ ns-cli --help [COMMAND]
 USAGE
   $ ns-cli COMMAND
@@ -86,7 +86,7 @@ DESCRIPTION
   Commands to manipulate applications for analysis
 ```
 
-_See code: [dist/commands/app/index.ts](https://github.com/cosdon/nowsecure-cli/blob/v1.0.0/dist/commands/app/index.ts)_
+_See code: [dist/commands/app/index.ts](https://github.com/nowsecure/nowsecure-cli/blob/v1.1.0/dist/commands/app/index.ts)_
 
 ## `ns-cli app archive [PLATFORM] [PACKAGENAME]`
 
@@ -340,9 +340,9 @@ ARGUMENTS
 
 FLAGS
   -g, --group=<value>           Group name
-  -t, --analysis-type=<option>  The type of analysis to perform
+  -t, --analysis-type=<option>  The type of analysis to perform.
                                 <options: full|static|dependencies>
-  -v, --set-version=<value>     Set the version of the uploaded binary
+  -v, --set-version=<value>     Set the version of the uploaded binary.
   --group-ref=<value>           Group reference
 
 GLOBAL FLAGS
@@ -354,11 +354,33 @@ GLOBAL FLAGS
   --token=<value>        Platform API token
   --ui=<value>           URL of the UI server
 
-DESCRIPTION
-  Upload and analyze an application binary
-
 EXAMPLES
   $ ns-cli app process my_application.apk
+
+FLAG DESCRIPTIONS
+  -t, --analysis-type=full|static|dependencies  The type of analysis to perform.
+
+    "static": Perform a static analysis only.
+    "dependencies": Analyze the application's library dependencies.
+    "full": Run a complete assessment including dynamic analysis.
+
+    If the flag is not specified a full analysis will be run.
+
+    Static-only and dependency-only analyses do not attempt to decrypt encrypted binaries as
+    these analyses are intended to provide a rapid result for e.g. a CI/CD pipeline. An encrypted
+    binary will fail to analyze.
+
+    Please note:
+    The assessment status on NowSecure Platform UI does not reflect successful completion of
+    static-only or dependencies-only analysis. The labels in the UI will be "Partial Results"
+    and "Failed Dynamic Analysis" due to the lack of a dynamic analysis.
+
+  -v, --set-version=<value>  Set the version of the uploaded binary.
+
+    Attached a custom version string to the uploaded build,
+    overriding the version string contained in the package file.
+
+    The custom string will be displayed in the "Version" column of the application list in Platform.
 ```
 
 ## `ns-cli app update [PLATFORM] [PACKAGENAME] [STDIN]`
@@ -483,7 +505,7 @@ DESCRIPTION
   Commands to retrieve assessment data
 ```
 
-_See code: [dist/commands/assessment/index.ts](https://github.com/cosdon/nowsecure-cli/blob/v1.0.0/dist/commands/assessment/index.ts)_
+_See code: [dist/commands/assessment/index.ts](https://github.com/nowsecure/nowsecure-cli/blob/v1.1.0/dist/commands/assessment/index.ts)_
 
 ## `ns-cli assessment cancel ASSESSMENT`
 
@@ -813,7 +835,7 @@ FLAGS
   --ui=<value>           URL of the UI server
 ```
 
-_See code: [dist/commands/configure/index.ts](https://github.com/cosdon/nowsecure-cli/blob/v1.0.0/dist/commands/configure/index.ts)_
+_See code: [dist/commands/configure/index.ts](https://github.com/nowsecure/nowsecure-cli/blob/v1.1.0/dist/commands/configure/index.ts)_
 
 ## `ns-cli help [COMMANDS]`
 
@@ -847,7 +869,7 @@ DESCRIPTION
   Commands for the user's organization
 ```
 
-_See code: [dist/commands/organization/index.ts](https://github.com/cosdon/nowsecure-cli/blob/v1.0.0/dist/commands/organization/index.ts)_
+_See code: [dist/commands/organization/index.ts](https://github.com/nowsecure/nowsecure-cli/blob/v1.1.0/dist/commands/organization/index.ts)_
 
 ## `ns-cli organization groups`
 
@@ -1244,7 +1266,7 @@ DESCRIPTION
   Commands for users & accounts
 ```
 
-_See code: [dist/commands/user/index.ts](https://github.com/cosdon/nowsecure-cli/blob/v1.0.0/dist/commands/user/index.ts)_
+_See code: [dist/commands/user/index.ts](https://github.com/nowsecure/nowsecure-cli/blob/v1.1.0/dist/commands/user/index.ts)_
 
 ## `ns-cli user account`
 

diff --git a/cli/package.json b/cli/package.json
@@ -6,10 +6,10 @@
   "bin": {
     "ns-cli": "./bin/run"
   },
-  "homepage": "https://github.com/cosdon/nowsecure-cli",
+  "homepage": "https://github.com/nowsecure/nowsecure-cli",
   "license": "MIT",
   "main": "dist/index.js",
-  "repository": "cosdon/nowsecure-cli",
+  "repository": "nowsecure/nowsecure-cli",
   "files": [
     "/bin",
     "/dist",
@@ -91,17 +91,18 @@
     "prepack": "yarn build && oclif manifest && oclif readme",
     "package-macos": "oclif pack macos",
     "package-deb": "oclif pack deb",
+    "package-win": "oclif pack win",
     "make-package": ".ci/package.sh",
     "test": "mocha --forbid-only \"test/**/*.test.ts\"",
     "version": "oclif readme && git add README.md",
     "link-deps": "yarn link @nowsecure/platform-lib @nowsecure/sarif @nowsecure/github-snapshot"
   },
   "engines": {
-    "node": ">=16.0.0"
+    "node": ">=20.0.0"
   },
-  "bugs": "https://github.com/cosdon/nowsecure-cli/issues",
+  "bugs": "https://github.com/nowsecure/nowsecure-cli/issues",
   "keywords": [
     "oclif"
   ],
   "types": "dist/index.d.ts"
-}
+}
diff --git a/cli/src/commands/configure/index.ts b/cli/src/commands/configure/index.ts
@@ -6,12 +6,12 @@ import { checkJWT, CliConfigFile, ConfigInput } from "../../utils";
 import inquirer, { DistinctQuestion } from "inquirer";
 
 function configPath(input: string | undefined) {
-  input = (input || "").trim() || "~/.nsclirc";
+  input = (input || "").trim() || path.join(os.homedir(), ".nsclirc");
   if (input === "~") {
     return os.homedir();
   }
   if (input.startsWith("~" + path.sep)) {
-    return os.homedir + input.substring(1);
+    return path.join(os.homedir(), input.substring(2));
   }
   return input;
 }

diff --git a/github-snapshot/package.json b/github-snapshot/package.json
@@ -15,7 +15,7 @@
     "test": "jest"
   },
   "engines": {
-    "node": ">=16"
+    "node": ">=20"
   },
   "files": [
     "/lib"
@@ -39,4 +39,4 @@
   "dependencies": {
     "@nowsecure/platform-lib": "file:../lib"
   }
-}
+}
diff --git a/lib/package.json b/lib/package.json
@@ -19,7 +19,7 @@
     "makedocs": "docs/makedocs.sh"
   },
   "engines": {
-    "node": ">=16"
+    "node": ">=20"
   },
   "files": [
     "/lib"
@@ -57,4 +57,4 @@
     "graphql-tag": "^2.12.6",
     "lodash": "4.17.21"
   }
-}
+}
diff --git a/package.json b/package.json
@@ -31,6 +31,6 @@
     "make-package": "yarn run deps:dev && yarn run link && yarn run clean && yarn --cwd cli run link-deps && yarn --cwd cli run make-package"
   },
   "engines": {
-    "node": ">=16"
+    "node": ">=20"
   }
 }
diff --git a/sarif/package.json b/sarif/package.json
@@ -15,7 +15,7 @@
     "test": "jest"
   },
   "engines": {
-    "node": ">=16"
+    "node": ">=20"
   },
   "files": [
     "/lib"
@@ -39,4 +39,4 @@
     "@nowsecure/platform-lib": "file:../lib",
     "ripgrep-js": "3.0.0"
   }
-}
+}