resc-3.0.0

🎉 Migration to Vue3 (and more)

Full re-implementation of the front-end with TypeScript and using Composition API on Vue3.

• Vue2 ➡️ Vue3
• Option API ➡️ Composition API (in Vue)
• JavaScript ➡️ TypeScript
• Vue CLI with Webpack ➡️ Vite bundler
• Jest testing framework ➡️ Vitest testing framework
• BootstrapVue (Bootstrap 4) ➡️ BootstrapVueNext (Bootstrap 5).

🙈 Ignore Finding

It is possible to ignore some blocker findings (e.g. false positive) by providing
a resc-ignore.dsv file. The bockers will be downgraded to a warning level and marked as ignored. Such file has the following structure:

# This is a comment
finding_path|finding_rule|finding_line_number|expiration_date
finding_path_2|finding_rule_2|finding_line_number_2

• finding_path contains the path to the file with the blocking finding.
• finding_rule contains the name of the blocking rule.
• finding_line_number contains the line number of the finding.
• expiration_date is optional, contains the date in ISO 8601 format until which this ignore rule should be considered valid.

For example, if we want to ignore the finding in file /etc/passwd for rule root_value_found on line 1 until April 1st 2024 at 23:59 the following line should be used.

/etc/passwd|root_value_found|1|2024-04-01T23:59:00

To ignore this finding ad vitam aeternam:

/etc/passwd|root_value_found|1

🏆 Third party library maintenance

Update most third party libraries to the latest versions.

🐛 Multiple Bug Fixes & 📦 other minor stuff

• [#2498511] unit tests for endpoints with caching enabled by @amrityamrout in #168
• [#2632286] Fix 500 error coming due to redis permission issue while writing the dump.rdp file for snapshots by @amrityamrout in #169
• [#2614899] Remove reference to specific releases from the readme by @amrityamrout in #170
• [#2634148] Update SQLAlchemy and FastAPI by @Peter-v-d-Spek in #171
• added badge to the readme by @Usman2ABN in #167
• added openssf badge by @Usman2ABN in #172
• [#2651740] Fix scan generation by @ajaikuruppath in #174
• [#2665277] Adjust code changes with respect to latest azuredevops package v7.1.0b3 by @amrityamrout in #175
• [#2674113] Resolve scan directory bug by @Peter-v-d-Spek in #176
• [#2672644] Improve resc-backend pipeline execution time, updated test dependencies for resc-backend, resc-vcs-scraper, resc-vcs-scanner and resc-helm-wizard by @amrityamrout in #177
• added roadmap file with few milestone by @Usman2ABN in #178
• Sonarcloud pipelines and badge by @Usman2ABN in #179
• [#2688349] Created Threat model for RESC by @amrityamrout in #180
• removing unused files by @ildyria in #183
• Add support for ignore rules by @ildyria in #184
• [#2743740] readme cleanup by @amrityamrout in #182
• Fix null path ignore by @ildyria in #190
• [#2856872] Fix CVE-2023-46233 in crypto-js package in resc-frontend by @amrityamrout in #192
• Added condition to skip SonarCloud if PR is created externally by @Usman2ABN in #189
• Urgent fix unblock blockers whitelisting by @ildyria in #193
• Update gitleaks version to 8.18.0 by @ildyria in #194
• Use build to build the sdist and wheel files. by @mbyrnepr2 in #195
• Migrate from vuex to pinia + frontend 2.0.1 by @ildyria in #198
• Added Licences file to each module by @Usman2ABN in #199
• [#2911614] Updated dependencies by @ajaikuruppath in #202
• Using build to build the sdist and wheel files by @Usman2ABN in #200
• Updated gitleaks to 8.18.1 by @Usman2ABN in #203
• Sorting rule pack version by @Usman2ABN in #205
• Adjusted sonarcloud step to execute on pr and main branch by @Usman2ABN in #206
• Add OpenSSF Score card by @BVabn in #207
• Metrix-bug-fix by @Usman2ABN in #208
• Migrate front-end to Vue3 by @ildyria in #209

New Contributors

• @ildyria made their first contribution in #183
• @BVabn made their first contribution in #207

Full Changelog: resc-2.0.0...resc-3.0.0