From b8a5e18b681e92f4b77b8ee47a992fce56896e66 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20M=C3=A9nard?= Date: Sun, 18 May 2025 02:49:50 -0400 Subject: [PATCH] Update URL to Frogbot documentation * Replace the old gitbook based documentation with a link to JFrog's official docs for Frogbot. * This saves users a click as the old URL would bring them to a page noting that the docs had a new home. --- README.md | 6 +++--- .../integration/test_proj_pip_with_vulnerability.md | 4 ++-- .../test_proj_with_vulnerability_simplified.md | 2 +- .../test_proj_with_vulnerability_standard.md | 4 ++-- .../reviewcomment/review_comment_simplified.md | 2 +- .../reviewcomment/review_comment_standard.md | 2 +- .../summarycomment/structure/fix_mr_entitled.md | 4 ++-- .../summarycomment/structure/fix_mr_not_entitled.md | 4 ++-- .../summarycomment/structure/fix_pr_entitled.md | 4 ++-- .../summarycomment/structure/fix_pr_not_entitled.md | 4 ++-- .../structure/fix_simplified_entitled.md | 2 +- .../structure/fix_simplified_not_entitled.md | 2 +- .../structure/summary_comment_issues_mr_entitled.md | 4 ++-- .../summary_comment_issues_mr_entitled_with_title.md | 4 ++-- .../summary_comment_issues_mr_not_entitled.md | 4 ++-- .../structure/summary_comment_issues_pr_entitled.md | 4 ++-- .../summary_comment_issues_pr_not_entitled.md | 4 ++-- ...mary_comment_issues_pr_not_entitled_with_title.md | 4 ++-- .../summary_comment_issues_simplified_entitled.md | 2 +- ..._comment_issues_simplified_entitled_with_title.md | 2 +- ...summary_comment_issues_simplified_not_entitled.md | 2 +- .../summary_comment_no_issues_mr_entitled.md | 4 ++-- .../summary_comment_no_issues_mr_not_entitled.md | 4 ++-- .../summary_comment_no_issues_pr_entitled.md | 4 ++-- ...mmary_comment_no_issues_pr_entitled_with_title.md | 4 ++-- .../summary_comment_no_issues_pr_not_entitled.md | 4 ++-- ...y_comment_no_issues_pr_not_entitled_with_title.md | 4 ++-- .../summary_comment_no_issues_simplified_entitled.md | 2 +- ...mary_comment_no_issues_simplified_not_entitled.md | 2 +- ...t_no_issues_simplified_not_entitled_with_title.md | 2 +- testdata/scanpullrequest/commits.json | 2 +- testdata/scanpullrequest/expected_response.md | 4 ++-- .../scanpullrequest/expected_response_multi_dir.md | 4 ++-- utils/email_test.go | 4 ++-- utils/outputwriter/icons_test.go | 12 ++++++------ utils/outputwriter/outputcontent.go | 2 +- utils/outputwriter/outputwriter.go | 2 +- utils/outputwriter/standardoutput_test.go | 12 ++++++------ 38 files changed, 71 insertions(+), 71 deletions(-) diff --git a/README.md b/README.md index 9019e98a2..1dd07258b 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ [![Frogbot](images/frogbot-intro.png)](#readme) -[![Scanned by Frogbot](https://raw.github.com/jfrog/frogbot/master/images/frogbot-badge.svg)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![Scanned by Frogbot](https://raw.github.com/jfrog/frogbot/master/images/frogbot-badge.svg)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot) [![Go Report Card](https://goreportcard.com/badge/github.com/jfrog/frogbot)](https://goreportcard.com/report/github.com/jfrog/frogbot) | Branch | Status | @@ -32,7 +32,7 @@ JFrog Frogbot is a Git bot that scans your Git repositories for security vulnera - **Infrastructure as Code scans (IaC)**: Scan Infrastructure as Code (Terraform) files for early detection of cloud and infrastructure misconfigurations. ## 🏁 Getting started -Read the [Frogbot Documentation](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) to get started. +Read the [Frogbot Documentation](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot) to get started. ## 📛 Adding the Frogbot badge @@ -42,7 +42,7 @@ You can show people that your repository is scanned by Frogbot by adding a badge You can add this badge by copying the following markdown snippet and pasting it into your repository's README.md file. ``` -[![Scanned by Frogbot](https://raw.github.com/jfrog/frogbot/master/images/frogbot-badge.svg)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![Scanned by Frogbot](https://raw.github.com/jfrog/frogbot/master/images/frogbot-badge.svg)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot) ``` ## 🔥 Reporting issues diff --git a/testdata/messages/integration/test_proj_pip_with_vulnerability.md b/testdata/messages/integration/test_proj_pip_with_vulnerability.md index 03c9b00cf..2141e6f37 100644 --- a/testdata/messages/integration/test_proj_pip_with_vulnerability.md +++ b/testdata/messages/integration/test_proj_pip_with_vulnerability.md @@ -4,7 +4,7 @@
-[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -93,6 +93,6 @@ With - ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/integration/test_proj_with_vulnerability_simplified.md b/testdata/messages/integration/test_proj_with_vulnerability_simplified.md index bbec4b096..bcca1e664 100644 --- a/testdata/messages/integration/test_proj_with_vulnerability_simplified.md +++ b/testdata/messages/integration/test_proj_with_vulnerability_simplified.md @@ -82,4 +82,4 @@ Add the `Object.freeze(Object.prototype);` directive once at the beginning of yo --- -[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) \ No newline at end of file +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot) \ No newline at end of file diff --git a/testdata/messages/integration/test_proj_with_vulnerability_standard.md b/testdata/messages/integration/test_proj_with_vulnerability_standard.md index 836075a91..aed3405b3 100644 --- a/testdata/messages/integration/test_proj_with_vulnerability_standard.md +++ b/testdata/messages/integration/test_proj_with_vulnerability_standard.md @@ -4,7 +4,7 @@
-[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -74,6 +74,6 @@ Add the `Object.freeze(Object.prototype);` directive once at the beginning of yo ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/reviewcomment/review_comment_simplified.md b/testdata/messages/reviewcomment/review_comment_simplified.md index 513c4d995..9466a2e2d 100644 --- a/testdata/messages/reviewcomment/review_comment_simplified.md +++ b/testdata/messages/reviewcomment/review_comment_simplified.md @@ -8,4 +8,4 @@ some review content ``` --- -[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) \ No newline at end of file +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot) \ No newline at end of file diff --git a/testdata/messages/reviewcomment/review_comment_standard.md b/testdata/messages/reviewcomment/review_comment_standard.md index 3fc6abc67..a4ee014d4 100644 --- a/testdata/messages/reviewcomment/review_comment_standard.md +++ b/testdata/messages/reviewcomment/review_comment_standard.md @@ -10,6 +10,6 @@ some review content ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/fix_mr_entitled.md b/testdata/messages/summarycomment/structure/fix_mr_entitled.md index 4f93287c4..7f7bc430b 100644 --- a/testdata/messages/summarycomment/structure/fix_mr_entitled.md +++ b/testdata/messages/summarycomment/structure/fix_mr_entitled.md @@ -4,7 +4,7 @@
-[![🚨 This automated merge request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerMR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![🚨 This automated merge request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerMR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -17,6 +17,6 @@ some content ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/fix_mr_not_entitled.md b/testdata/messages/summarycomment/structure/fix_mr_not_entitled.md index a9209d088..2c0be8353 100644 --- a/testdata/messages/summarycomment/structure/fix_mr_not_entitled.md +++ b/testdata/messages/summarycomment/structure/fix_mr_not_entitled.md @@ -4,7 +4,7 @@
-[![🚨 This automated merge request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerMR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![🚨 This automated merge request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerMR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -25,6 +25,6 @@ some content ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/fix_pr_entitled.md b/testdata/messages/summarycomment/structure/fix_pr_entitled.md index 360de25f0..aad96ab09 100644 --- a/testdata/messages/summarycomment/structure/fix_pr_entitled.md +++ b/testdata/messages/summarycomment/structure/fix_pr_entitled.md @@ -4,7 +4,7 @@
-[![🚨 This automated pull request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![🚨 This automated pull request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -17,6 +17,6 @@ some content ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/fix_pr_not_entitled.md b/testdata/messages/summarycomment/structure/fix_pr_not_entitled.md index 5c733d825..0dd4efd0d 100644 --- a/testdata/messages/summarycomment/structure/fix_pr_not_entitled.md +++ b/testdata/messages/summarycomment/structure/fix_pr_not_entitled.md @@ -4,7 +4,7 @@
-[![🚨 This automated pull request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![🚨 This automated pull request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -25,6 +25,6 @@ some content ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/fix_simplified_entitled.md b/testdata/messages/summarycomment/structure/fix_simplified_entitled.md index 082b43be1..a09e28f7c 100644 --- a/testdata/messages/summarycomment/structure/fix_simplified_entitled.md +++ b/testdata/messages/summarycomment/structure/fix_simplified_entitled.md @@ -10,4 +10,4 @@ some content --- -[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) \ No newline at end of file +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot) \ No newline at end of file diff --git a/testdata/messages/summarycomment/structure/fix_simplified_not_entitled.md b/testdata/messages/summarycomment/structure/fix_simplified_not_entitled.md index e646ce1a1..40c73a178 100644 --- a/testdata/messages/summarycomment/structure/fix_simplified_not_entitled.md +++ b/testdata/messages/summarycomment/structure/fix_simplified_not_entitled.md @@ -13,4 +13,4 @@ Note: **Frogbot** also supports **Contextual Analysis, Secret Detection, IaC and SAST Vulnerabilities Scanning**. This features are included as part of the [JFrog Advanced Security](https://jfrog.com/advanced-security) package, which isn't enabled on your system. --- -[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) \ No newline at end of file +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot) \ No newline at end of file diff --git a/testdata/messages/summarycomment/structure/summary_comment_issues_mr_entitled.md b/testdata/messages/summarycomment/structure/summary_comment_issues_mr_entitled.md index 4ece8f06f..0c5b624da 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_issues_mr_entitled.md +++ b/testdata/messages/summarycomment/structure/summary_comment_issues_mr_entitled.md @@ -4,7 +4,7 @@
-[![🚨 Frogbot scanned this merge request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerMR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![🚨 Frogbot scanned this merge request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerMR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -17,6 +17,6 @@ some content ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/summary_comment_issues_mr_entitled_with_title.md b/testdata/messages/summarycomment/structure/summary_comment_issues_mr_entitled_with_title.md index 3f275e7f6..b9093a16f 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_issues_mr_entitled_with_title.md +++ b/testdata/messages/summarycomment/structure/summary_comment_issues_mr_entitled_with_title.md @@ -4,7 +4,7 @@
-[![🚨 Frogbot scanned this merge request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerMR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![🚨 Frogbot scanned this merge request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerMR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -18,6 +18,6 @@ some content ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/summary_comment_issues_mr_not_entitled.md b/testdata/messages/summarycomment/structure/summary_comment_issues_mr_not_entitled.md index 1854bf32b..e430bc4b1 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_issues_mr_not_entitled.md +++ b/testdata/messages/summarycomment/structure/summary_comment_issues_mr_not_entitled.md @@ -4,7 +4,7 @@
-[![🚨 Frogbot scanned this merge request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerMR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![🚨 Frogbot scanned this merge request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerMR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -25,6 +25,6 @@ some content ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/summary_comment_issues_pr_entitled.md b/testdata/messages/summarycomment/structure/summary_comment_issues_pr_entitled.md index 2411d242e..a55ffa998 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_issues_pr_entitled.md +++ b/testdata/messages/summarycomment/structure/summary_comment_issues_pr_entitled.md @@ -4,7 +4,7 @@
-[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -17,6 +17,6 @@ some content ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/summary_comment_issues_pr_not_entitled.md b/testdata/messages/summarycomment/structure/summary_comment_issues_pr_not_entitled.md index 8de14eb5b..4d78cd82c 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_issues_pr_not_entitled.md +++ b/testdata/messages/summarycomment/structure/summary_comment_issues_pr_not_entitled.md @@ -4,7 +4,7 @@
-[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -25,6 +25,6 @@ some content ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/summary_comment_issues_pr_not_entitled_with_title.md b/testdata/messages/summarycomment/structure/summary_comment_issues_pr_not_entitled_with_title.md index 428ee98d1..a7220b36f 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_issues_pr_not_entitled_with_title.md +++ b/testdata/messages/summarycomment/structure/summary_comment_issues_pr_not_entitled_with_title.md @@ -4,7 +4,7 @@
-[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -26,6 +26,6 @@ some content ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/summary_comment_issues_simplified_entitled.md b/testdata/messages/summarycomment/structure/summary_comment_issues_simplified_entitled.md index 4d26a43e2..165cd00cf 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_issues_simplified_entitled.md +++ b/testdata/messages/summarycomment/structure/summary_comment_issues_simplified_entitled.md @@ -10,4 +10,4 @@ some content --- -[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) \ No newline at end of file +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot) \ No newline at end of file diff --git a/testdata/messages/summarycomment/structure/summary_comment_issues_simplified_entitled_with_title.md b/testdata/messages/summarycomment/structure/summary_comment_issues_simplified_entitled_with_title.md index fa0719360..c440bed05 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_issues_simplified_entitled_with_title.md +++ b/testdata/messages/summarycomment/structure/summary_comment_issues_simplified_entitled_with_title.md @@ -15,4 +15,4 @@ some content --- -[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) \ No newline at end of file +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot) \ No newline at end of file diff --git a/testdata/messages/summarycomment/structure/summary_comment_issues_simplified_not_entitled.md b/testdata/messages/summarycomment/structure/summary_comment_issues_simplified_not_entitled.md index 94fad5000..0cc48aa4e 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_issues_simplified_not_entitled.md +++ b/testdata/messages/summarycomment/structure/summary_comment_issues_simplified_not_entitled.md @@ -13,4 +13,4 @@ Note: **Frogbot** also supports **Contextual Analysis, Secret Detection, IaC and SAST Vulnerabilities Scanning**. This features are included as part of the [JFrog Advanced Security](https://jfrog.com/advanced-security) package, which isn't enabled on your system. --- -[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) \ No newline at end of file +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot) \ No newline at end of file diff --git a/testdata/messages/summarycomment/structure/summary_comment_no_issues_mr_entitled.md b/testdata/messages/summarycomment/structure/summary_comment_no_issues_mr_entitled.md index 6d260d671..3ad276a24 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_no_issues_mr_entitled.md +++ b/testdata/messages/summarycomment/structure/summary_comment_no_issues_mr_entitled.md @@ -4,7 +4,7 @@
-[![👍 Frogbot scanned this merge request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerMR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![👍 Frogbot scanned this merge request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerMR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -13,6 +13,6 @@ ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/summary_comment_no_issues_mr_not_entitled.md b/testdata/messages/summarycomment/structure/summary_comment_no_issues_mr_not_entitled.md index 269ca7943..a66fcab97 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_no_issues_mr_not_entitled.md +++ b/testdata/messages/summarycomment/structure/summary_comment_no_issues_mr_not_entitled.md @@ -4,7 +4,7 @@
-[![👍 Frogbot scanned this merge request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerMR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![👍 Frogbot scanned this merge request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerMR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -21,6 +21,6 @@ ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_entitled.md b/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_entitled.md index 5e2393170..744e210c5 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_entitled.md +++ b/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_entitled.md @@ -4,7 +4,7 @@
-[![👍 Frogbot scanned this pull request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![👍 Frogbot scanned this pull request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -13,6 +13,6 @@ ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_entitled_with_title.md b/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_entitled_with_title.md index 27f671a77..a72690fa2 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_entitled_with_title.md +++ b/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_entitled_with_title.md @@ -4,7 +4,7 @@
-[![👍 Frogbot scanned this pull request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![👍 Frogbot scanned this pull request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -14,6 +14,6 @@ ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_not_entitled.md b/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_not_entitled.md index 225fea261..fc223bbdf 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_not_entitled.md +++ b/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_not_entitled.md @@ -4,7 +4,7 @@
-[![👍 Frogbot scanned this pull request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![👍 Frogbot scanned this pull request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -21,6 +21,6 @@ ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_not_entitled_with_title.md b/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_not_entitled_with_title.md index 62a6afc04..de8469664 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_not_entitled_with_title.md +++ b/testdata/messages/summarycomment/structure/summary_comment_no_issues_pr_not_entitled_with_title.md @@ -4,7 +4,7 @@
-[![👍 Frogbot scanned this pull request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![👍 Frogbot scanned this pull request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -22,6 +22,6 @@ ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/messages/summarycomment/structure/summary_comment_no_issues_simplified_entitled.md b/testdata/messages/summarycomment/structure/summary_comment_no_issues_simplified_entitled.md index effde9470..36428cb09 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_no_issues_simplified_entitled.md +++ b/testdata/messages/summarycomment/structure/summary_comment_no_issues_simplified_entitled.md @@ -6,4 +6,4 @@ --- -[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) \ No newline at end of file +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot) \ No newline at end of file diff --git a/testdata/messages/summarycomment/structure/summary_comment_no_issues_simplified_not_entitled.md b/testdata/messages/summarycomment/structure/summary_comment_no_issues_simplified_not_entitled.md index 6340da3d1..2ad1bd821 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_no_issues_simplified_not_entitled.md +++ b/testdata/messages/summarycomment/structure/summary_comment_no_issues_simplified_not_entitled.md @@ -9,4 +9,4 @@ Note: **Frogbot** also supports **Contextual Analysis, Secret Detection, IaC and SAST Vulnerabilities Scanning**. This features are included as part of the [JFrog Advanced Security](https://jfrog.com/advanced-security) package, which isn't enabled on your system. --- -[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) \ No newline at end of file +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot) \ No newline at end of file diff --git a/testdata/messages/summarycomment/structure/summary_comment_no_issues_simplified_not_entitled_with_title.md b/testdata/messages/summarycomment/structure/summary_comment_no_issues_simplified_not_entitled_with_title.md index 6039ac225..e84b15144 100644 --- a/testdata/messages/summarycomment/structure/summary_comment_no_issues_simplified_not_entitled_with_title.md +++ b/testdata/messages/summarycomment/structure/summary_comment_no_issues_simplified_not_entitled_with_title.md @@ -14,4 +14,4 @@ Note: **Frogbot** also supports **Contextual Analysis, Secret Detection, IaC and SAST Vulnerabilities Scanning**. This features are included as part of the [JFrog Advanced Security](https://jfrog.com/advanced-security) package, which isn't enabled on your system. --- -[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) \ No newline at end of file +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot) \ No newline at end of file diff --git a/testdata/scanpullrequest/commits.json b/testdata/scanpullrequest/commits.json index a8fcd786f..d394c02c3 100755 --- a/testdata/scanpullrequest/commits.json +++ b/testdata/scanpullrequest/commits.json @@ -27,7 +27,7 @@ { "id": 1419499611, "type": null, - "body": "\u003cdetails\u003e\n\u003csummary\u003e\u003ch4\u003elodash 4.17.0\u003ch4\u003e\u003c/summary\u003e\n\n## Vulnerability Details\n\n- **Severity:** 👌 High\n- **Contextual Analysis:** Not Applicable\n- **Package Name:** lodash\n- **Current Version:** 4.17.19\n- **Upgrade to Version:** 4.17.20\n- **CVEs:** CVE-2020-8203\n\n**Description:**\n\n[lodash](https://lodash.com/) is a JavaScript library which provides utility functions for common programming tasks.\n\nJavaScript frontend and Node.js-based backend applications that merge or zip objects using the lodash functions `mergeWith`, `merge` and `zipObjectDeep` are vulnerable to [prototype pollution](https://medium.com/node-modules/what-is-prototype-pollution-and-why-is-it-such-a-big-deal-2dd8d89a93c) if one or more of the objects it receives as arguments are obtained from user input. \nAn attacker controlling this input given to the vulnerable functions can inject properties to JavaScript special objects such as [Object.prototype](https://developer.mozilla.org/en-US/docs/Learn/JavaScript/Objects/Object_prototypes) from which all JavaScript objects inherit properties and methods. Any change on `Object.prototype` properties will then propagate through the prototype chain inheritance to all of the objects in a JavaScript application. This in turn would allow an attacker to add new properties or modify existing properties which will have application specific implications that could lead to DoS (denial of service), authentication bypass, privilege escalation and even RCE (remote code execution) in [some cases](https://youtu.be/LUsiFV3dsK8?t=1152). \nAs an example for privilege escalation, consider a JavaScript application that has a `user` object which has a Boolean property of `user.isAdmin` which is used to decide which actions the user may take. If an attacker can modify or add the `isAdmin` property through prototype pollution, it can escalate the privileges of its own user to those of an admin. \nAs exploitation is usually application specific, successful exploitation is much more likely if an attacker have access to the JavaScript application code. As such, frontend applications are more vulnerable to this vulnerability than Node.js backend applications.\n\n**Remediation:**\n##### Deployment mitigations\n\nAs general guidelines against prototype pollution, first consider not merging objects originating from user input or using a Map structure instead of an object. If merging objects is needed, look into creating objects without a prototype with `Object.create(null)` or into freezing `Object.prototype` with `Object.freeze()`. Finally, it is always best to perform input validation with a a [JSON schema validator](https://github.com/ajv-validator/ajv), which could mitigate this issue entirely in many cases.\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003ch4\u003eprotobufjs 6.11.12\u003ch4\u003e\u003c/summary\u003e\n\n## Vulnerability Details\n\n- **Severity:** 🔥 High\n- **Contextual Analysis:** Applicable\n- **Package Name:** protobufjs\n- **Current Version:** 6.11.2\n- **Upgrade to Version:** 6.11.3\n- **CVEs:** CVE-2022-25878\n\n**Description:**\n\n[Protocol Buffers](https://developers.google.com/protocol-buffers) or \"protobufs\" are a language-neutral, platform-neutral, extensible way of serializing structured data. [protobuf.js](https://www.npmjs.com/package/protobufjs) is a JavaScript library that allows creating and consuming protobufs.\n\nMultiple prototype pollution vulnerabilities were detected in the `protobuf.js` library. Namely these can occur when:\n1. `util.setProperty` receives untrusted input in arguments 2 \u0026 3 -\n```js\nprotobuf.util.setProperty({}, \"__proto__.someprop\", \"somevalue\");\n```\n\n2. `ReflectionObject.setParsedOption` receives untrusted input in arguments 2 \u0026 3\n```js\nlet obj = new protobuf.ReflectionObject(\"Test\")\nobj.setParsedOption({}, \"somevalue\", \"__proto__.someprop\");\n```\n\n3. `parse` receives untrusted input (an untrusted `.proto` definition) -\n```js\nlet p = `option (foo).__proto__.someprop= \"somevalue\";` \nprotobuf.parse(p)\n```\n\n4. `load` receives an untrusted `.proto` file -\n```js\nprotobuf.load(\"/path/to/untrusted.proto\", function(err, root) { ... });\n```\n\n**Remediation:**\n##### Development mitigations\n\nAdd the `Object.freeze(Object.prototype);` directive once at the beginning of your main JS source code file (ex. `index.js`), preferably after all your `require` directives. This will prevent any changes to the prototype object, thus completely negating prototype pollution attacks.\n\n\n\u003c/details\u003e\n\n---\n[![](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/vulnerabilitiesBanner.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)\n\n[What is Frogbot?](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)", + "body": "\u003cdetails\u003e\n\u003csummary\u003e\u003ch4\u003elodash 4.17.0\u003ch4\u003e\u003c/summary\u003e\n\n## Vulnerability Details\n\n- **Severity:** 👌 High\n- **Contextual Analysis:** Not Applicable\n- **Package Name:** lodash\n- **Current Version:** 4.17.19\n- **Upgrade to Version:** 4.17.20\n- **CVEs:** CVE-2020-8203\n\n**Description:**\n\n[lodash](https://lodash.com/) is a JavaScript library which provides utility functions for common programming tasks.\n\nJavaScript frontend and Node.js-based backend applications that merge or zip objects using the lodash functions `mergeWith`, `merge` and `zipObjectDeep` are vulnerable to [prototype pollution](https://medium.com/node-modules/what-is-prototype-pollution-and-why-is-it-such-a-big-deal-2dd8d89a93c) if one or more of the objects it receives as arguments are obtained from user input. \nAn attacker controlling this input given to the vulnerable functions can inject properties to JavaScript special objects such as [Object.prototype](https://developer.mozilla.org/en-US/docs/Learn/JavaScript/Objects/Object_prototypes) from which all JavaScript objects inherit properties and methods. Any change on `Object.prototype` properties will then propagate through the prototype chain inheritance to all of the objects in a JavaScript application. This in turn would allow an attacker to add new properties or modify existing properties which will have application specific implications that could lead to DoS (denial of service), authentication bypass, privilege escalation and even RCE (remote code execution) in [some cases](https://youtu.be/LUsiFV3dsK8?t=1152). \nAs an example for privilege escalation, consider a JavaScript application that has a `user` object which has a Boolean property of `user.isAdmin` which is used to decide which actions the user may take. If an attacker can modify or add the `isAdmin` property through prototype pollution, it can escalate the privileges of its own user to those of an admin. \nAs exploitation is usually application specific, successful exploitation is much more likely if an attacker have access to the JavaScript application code. As such, frontend applications are more vulnerable to this vulnerability than Node.js backend applications.\n\n**Remediation:**\n##### Deployment mitigations\n\nAs general guidelines against prototype pollution, first consider not merging objects originating from user input or using a Map structure instead of an object. If merging objects is needed, look into creating objects without a prototype with `Object.create(null)` or into freezing `Object.prototype` with `Object.freeze()`. Finally, it is always best to perform input validation with a a [JSON schema validator](https://github.com/ajv-validator/ajv), which could mitigate this issue entirely in many cases.\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003ch4\u003eprotobufjs 6.11.12\u003ch4\u003e\u003c/summary\u003e\n\n## Vulnerability Details\n\n- **Severity:** 🔥 High\n- **Contextual Analysis:** Applicable\n- **Package Name:** protobufjs\n- **Current Version:** 6.11.2\n- **Upgrade to Version:** 6.11.3\n- **CVEs:** CVE-2022-25878\n\n**Description:**\n\n[Protocol Buffers](https://developers.google.com/protocol-buffers) or \"protobufs\" are a language-neutral, platform-neutral, extensible way of serializing structured data. [protobuf.js](https://www.npmjs.com/package/protobufjs) is a JavaScript library that allows creating and consuming protobufs.\n\nMultiple prototype pollution vulnerabilities were detected in the `protobuf.js` library. Namely these can occur when:\n1. `util.setProperty` receives untrusted input in arguments 2 \u0026 3 -\n```js\nprotobuf.util.setProperty({}, \"__proto__.someprop\", \"somevalue\");\n```\n\n2. `ReflectionObject.setParsedOption` receives untrusted input in arguments 2 \u0026 3\n```js\nlet obj = new protobuf.ReflectionObject(\"Test\")\nobj.setParsedOption({}, \"somevalue\", \"__proto__.someprop\");\n```\n\n3. `parse` receives untrusted input (an untrusted `.proto` definition) -\n```js\nlet p = `option (foo).__proto__.someprop= \"somevalue\";` \nprotobuf.parse(p)\n```\n\n4. `load` receives an untrusted `.proto` file -\n```js\nprotobuf.load(\"/path/to/untrusted.proto\", function(err, root) { ... });\n```\n\n**Remediation:**\n##### Development mitigations\n\nAdd the `Object.freeze(Object.prototype);` directive once at the beginning of your main JS source code file (ex. `index.js`), preferably after all your `require` directives. This will prevent any changes to the prototype object, thus completely negating prototype pollution attacks.\n\n\n\u003c/details\u003e\n\n---\n[![](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/vulnerabilitiesBanner.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)\n\n[What is Frogbot?](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)", "attachment": null, "author": { "id": 13377328, diff --git a/testdata/scanpullrequest/expected_response.md b/testdata/scanpullrequest/expected_response.md index 836075a91..aed3405b3 100644 --- a/testdata/scanpullrequest/expected_response.md +++ b/testdata/scanpullrequest/expected_response.md @@ -4,7 +4,7 @@
-[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -74,6 +74,6 @@ Add the `Object.freeze(Object.prototype);` directive once at the beginning of yo ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/testdata/scanpullrequest/expected_response_multi_dir.md b/testdata/scanpullrequest/expected_response_multi_dir.md index e83ab7d5d..ee4dd5588 100644 --- a/testdata/scanpullrequest/expected_response_multi_dir.md +++ b/testdata/scanpullrequest/expected_response_multi_dir.md @@ -4,7 +4,7 @@
-[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
@@ -108,6 +108,6 @@ With - ---
-[🐸 JFrog Frogbot](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) +[🐸 JFrog Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
diff --git a/utils/email_test.go b/utils/email_test.go index 3522e3ede..0fb7380d2 100644 --- a/utils/email_test.go +++ b/utils/email_test.go @@ -25,12 +25,12 @@ func TestGetSecretsEmailContent(t *testing.T) { File: "/server-conf.json", StartLine: 15, StartColumn: 20, Snippet: "pass*****"}}, } // Test for results including the "Pull Request" keyword - expected := "\n\n\n\n Frogbot Secret Detection\n \n\n\n\t
\n\t\tThe following potential exposed secrets in your pull request have been detected by Frogbot\n\t\t
\n\t\t\n \n \n \n \n \n \n \n \n \n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n \n
FILELINE:COLUMNSECRET
/config.yaml 12:30 pass*****
/server-conf.json 15:20 pass*****
\n\t\t
\n\t\tNOTE: If you'd like Frogbot to ignore the lines with the potential secrets, add a comment that includes the jfrog-ignore keyword above the lines with the secrets.\t\n\t\t
\n\t
\n\n" + expected := "\n\n\n\n Frogbot Secret Detection\n \n\n\n\t
\n\t\tThe following potential exposed secrets in your pull request have been detected by Frogbot\n\t\t
\n\t\t\n \n \n \n \n \n \n \n \n \n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n \n
FILELINE:COLUMNSECRET
/config.yaml 12:30 pass*****
/server-conf.json 15:20 pass*****
\n\t\t
\n\t\tNOTE: If you'd like Frogbot to ignore the lines with the potential secrets, add a comment that includes the jfrog-ignore keyword above the lines with the secrets.\t\n\t\t
\n\t
\n\n" actualContent := getSecretsEmailContent(secrets, vcsutils.GitHub, "https://github.com/owner/repo/pullrequest/1") assert.Equal(t, expected, actualContent) // Test for results including the "Merge Request" keyword - expected = "\n\n\n\n Frogbot Secret Detection\n \n\n\n\t
\n\t\tThe following potential exposed secrets in your merge request have been detected by Frogbot\n\t\t
\n\t\t\n \n \n \n \n \n \n \n \n \n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n \n
FILELINE:COLUMNSECRET
/config.yaml 12:30 pass*****
/server-conf.json 15:20 pass*****
\n\t\t
\n\t\tNOTE: If you'd like Frogbot to ignore the lines with the potential secrets, add a comment that includes the jfrog-ignore keyword above the lines with the secrets.\t\n\t\t
\n\t
\n\n" + expected = "\n\n\n\n Frogbot Secret Detection\n \n\n\n\t
\n\t\tThe following potential exposed secrets in your merge request have been detected by Frogbot\n\t\t
\n\t\t\n \n \n \n \n \n \n \n \n \n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\n \n
FILELINE:COLUMNSECRET
/config.yaml 12:30 pass*****
/server-conf.json 15:20 pass*****
\n\t\t
\n\t\tNOTE: If you'd like Frogbot to ignore the lines with the potential secrets, add a comment that includes the jfrog-ignore keyword above the lines with the secrets.\t\n\t\t
\n\t
\n\n" actualContent = getSecretsEmailContent(secrets, vcsutils.GitLab, "https://github.com/owner/repo/pullrequest/1") assert.Equal(t, expected, actualContent) } diff --git a/utils/outputwriter/icons_test.go b/utils/outputwriter/icons_test.go index 51434832a..95784a7b3 100644 --- a/utils/outputwriter/icons_test.go +++ b/utils/outputwriter/icons_test.go @@ -31,12 +31,12 @@ func TestGetSeverityTagNotApplicable(t *testing.T) { } func TestGetVulnerabilitiesBanners(t *testing.T) { - assert.Equal(t, "
\n\n[![👍 Frogbot scanned this pull request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)\n\n
\n", GetBanner(NoVulnerabilityPrBannerSource)) - assert.Equal(t, "
\n\n[![👍 Frogbot scanned this merge request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerMR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)\n\n
\n", GetBanner(NoVulnerabilityMrBannerSource)) - assert.Equal(t, "
\n\n[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)\n\n
\n", GetBanner(VulnerabilitiesPrBannerSource)) - assert.Equal(t, "
\n\n[![🚨 Frogbot scanned this merge request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerMR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)\n\n
\n", GetBanner(VulnerabilitiesMrBannerSource)) - assert.Equal(t, "
\n\n[![🚨 This automated pull request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)\n\n
\n", GetBanner(VulnerabilitiesFixPrBannerSource)) - assert.Equal(t, "
\n\n[![🚨 This automated merge request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerMR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)\n\n
\n", GetBanner(VulnerabilitiesFixMrBannerSource)) + assert.Equal(t, "
\n\n[![👍 Frogbot scanned this pull request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)\n\n
\n", GetBanner(NoVulnerabilityPrBannerSource)) + assert.Equal(t, "
\n\n[![👍 Frogbot scanned this merge request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerMR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)\n\n
\n", GetBanner(NoVulnerabilityMrBannerSource)) + assert.Equal(t, "
\n\n[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)\n\n
\n", GetBanner(VulnerabilitiesPrBannerSource)) + assert.Equal(t, "
\n\n[![🚨 Frogbot scanned this merge request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerMR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)\n\n
\n", GetBanner(VulnerabilitiesMrBannerSource)) + assert.Equal(t, "
\n\n[![🚨 This automated pull request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)\n\n
\n", GetBanner(VulnerabilitiesFixPrBannerSource)) + assert.Equal(t, "
\n\n[![🚨 This automated merge request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerMR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)\n\n
\n", GetBanner(VulnerabilitiesFixMrBannerSource)) } func TestGetSimplifiedTitle(t *testing.T) { diff --git a/utils/outputwriter/outputcontent.go b/utils/outputwriter/outputcontent.go index f68e8b69a..753a9ff2d 100644 --- a/utils/outputwriter/outputcontent.go +++ b/utils/outputwriter/outputcontent.go @@ -18,7 +18,7 @@ import ( const ( FrogbotTitlePrefix = "[🐸 Frogbot]" FrogbotRepoUrl = "https://github.com/jfrog/frogbot" - FrogbotDocumentationUrl = "https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot" + FrogbotDocumentationUrl = "https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot" JfrogSupportUrl = "https://jfrog.com/support/" ReviewCommentId = "FrogbotReviewComment" diff --git a/utils/outputwriter/outputwriter.go b/utils/outputwriter/outputwriter.go index d9c81f792..e12e80e24 100644 --- a/utils/outputwriter/outputwriter.go +++ b/utils/outputwriter/outputwriter.go @@ -58,7 +58,7 @@ const (
- The following potential exposed secrets in your %s have been detected by Frogbot + The following potential exposed secrets in your %s have been detected by Frogbot
diff --git a/utils/outputwriter/standardoutput_test.go b/utils/outputwriter/standardoutput_test.go index f3f235901..49a85455a 100644 --- a/utils/outputwriter/standardoutput_test.go +++ b/utils/outputwriter/standardoutput_test.go @@ -102,32 +102,32 @@ func TestStandardImage(t *testing.T) { { name: "no vulnerability pr banner", source: NoVulnerabilityPrBannerSource, - expectedOutput: "
\n\n[![👍 Frogbot scanned this pull request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)\n\n
\n", + expectedOutput: "
\n\n[![👍 Frogbot scanned this pull request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)\n\n
\n", }, { name: "vulnerabilities pr banner", source: VulnerabilitiesPrBannerSource, - expectedOutput: "
\n\n[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)\n\n
\n", + expectedOutput: "
\n\n[![🚨 Frogbot scanned this pull request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)\n\n
\n", }, { name: "no vulnerability mr banner", source: NoVulnerabilityMrBannerSource, - expectedOutput: "
\n\n[![👍 Frogbot scanned this merge request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerMR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)\n\n
\n", + expectedOutput: "
\n\n[![👍 Frogbot scanned this merge request and did not find any new security issues.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerMR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)\n\n
\n", }, { name: "vulnerabilities mr banner", source: VulnerabilitiesMrBannerSource, - expectedOutput: "
\n\n[![🚨 Frogbot scanned this merge request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerMR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)\n\n
\n", + expectedOutput: "
\n\n[![🚨 Frogbot scanned this merge request and found the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesBannerMR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)\n\n
\n", }, { name: "vulnerabilities fix pr banner", source: VulnerabilitiesFixPrBannerSource, - expectedOutput: "
\n\n[![🚨 This automated pull request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)\n\n
\n", + expectedOutput: "
\n\n[![🚨 This automated pull request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerPR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)\n\n
\n", }, { name: "vulnerabilities fix mr banner", source: VulnerabilitiesFixMrBannerSource, - expectedOutput: "
\n\n[![🚨 This automated merge request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerMR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot)\n\n
\n", + expectedOutput: "
\n\n[![🚨 This automated merge request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerMR.png)](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)\n\n
\n", }, } for _, tc := range testCases {