From fb3c3d828d77e5a23f365cd8bea52dc60cf3f21b Mon Sep 17 00:00:00 2001 From: kchason Date: Mon, 25 Mar 2024 15:52:20 -0400 Subject: [PATCH 1/3] Initial switch of libraries --- cmd/docgen/docgen.go | 2 +- go.mod | 6 ++++-- go.sum | 13 ++++++++----- pkg/model/types/severity/severity.go | 6 +++--- pkg/model/types/stringslice/stringslice.go | 10 ++++------ pkg/model/types/userAgent/user_agent.go | 6 +++--- pkg/operators/extractors/extractor_types.go | 6 +++--- pkg/operators/matchers/matchers_types.go | 6 +++--- pkg/protocols/common/generators/attack_types.go | 6 +++--- pkg/protocols/common/variables/variables.go | 8 ++++---- pkg/protocols/dns/dns_types.go | 6 +++--- pkg/protocols/headless/engine/action_types.go | 6 +++--- pkg/protocols/http/http_method_types.go | 6 +++--- pkg/protocols/http/signature.go | 6 +++--- pkg/protocols/network/network_input_types.go | 6 +++--- pkg/templates/types/types.go | 6 +++--- 16 files changed, 54 insertions(+), 51 deletions(-) diff --git a/cmd/docgen/docgen.go b/cmd/docgen/docgen.go index dc0ac71430..4dcef8a013 100644 --- a/cmd/docgen/docgen.go +++ b/cmd/docgen/docgen.go @@ -8,7 +8,7 @@ import ( "regexp" "strings" - "github.com/alecthomas/jsonschema" + "github.com/invopop/jsonschema" "github.com/projectdiscovery/nuclei/v3/pkg/templates" ) diff --git a/go.mod b/go.mod index c0396b1063..8588ff2a36 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,6 @@ go 1.21 require ( github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible - github.com/alecthomas/jsonschema v0.0.0-20211022214203-8b29eab41725 github.com/andygrunwald/go-jira v1.16.0 github.com/antchfx/htmlquery v1.3.0 github.com/bluele/gcache v0.0.2 @@ -12,6 +11,7 @@ require ( github.com/go-rod/rod v0.114.0 github.com/gobwas/ws v1.2.1 github.com/google/go-github v17.0.0+incompatible + github.com/invopop/jsonschema v0.12.0 github.com/itchyny/gojq v0.12.13 github.com/json-iterator/go v1.1.12 github.com/julienschmidt/httprouter v1.3.0 @@ -123,8 +123,10 @@ require ( github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.30 // indirect github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.14.4 // indirect github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect + github.com/bahlo/generic-list-go v0.2.0 // indirect github.com/bits-and-blooms/bitset v1.8.0 // indirect github.com/bits-and-blooms/bloom/v3 v3.5.0 // indirect + github.com/buger/jsonparser v1.1.1 // indirect github.com/bytedance/sonic v1.9.1 // indirect github.com/cenkalti/backoff/v4 v4.2.1 // indirect github.com/cespare/xxhash v1.1.0 // indirect @@ -218,6 +220,7 @@ require ( github.com/tim-ywliu/nested-logrus-formatter v1.3.2 // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect github.com/ugorji/go/codec v1.2.11 // indirect + github.com/wk8/go-ordered-map/v2 v2.1.8 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect @@ -263,7 +266,6 @@ require ( github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-retryablehttp v0.7.2 // indirect github.com/hdm/jarm-go v0.0.7 // indirect - github.com/iancoleman/orderedmap v0.0.0-20190318233801-ac98e3ecb4b0 // indirect github.com/itchyny/timefmt-go v0.1.5 // indirect github.com/klauspost/cpuid/v2 v2.2.5 // indirect github.com/leodido/go-urn v1.2.4 // indirect diff --git a/go.sum b/go.sum index 804f4286b9..dcf62358f4 100644 --- a/go.sum +++ b/go.sum @@ -94,8 +94,6 @@ github.com/akrylysov/pogreb v0.10.2 h1:e6PxmeyEhWyi2AKOBIJzAEi4HkiC+lKyCocRGlnDi github.com/akrylysov/pogreb v0.10.2/go.mod h1:pNs6QmpQ1UlTJKDezuRWmaqkgUE2TuU0YTWyqJZ7+lI= github.com/alecthomas/chroma v0.10.0 h1:7XDcGkCQopCNKjZHfYrNLraA+M7e0fMiJ/Mfikbfjek= github.com/alecthomas/chroma v0.10.0/go.mod h1:jtJATyUxlIORhUOFNA9NZDWGAQ8wpxQQqNSB4rjA/1s= -github.com/alecthomas/jsonschema v0.0.0-20211022214203-8b29eab41725 h1:NjwIgLQlD46o79bheVG4SCdRnnOz4XtgUN1WABX5DLA= -github.com/alecthomas/jsonschema v0.0.0-20211022214203-8b29eab41725/go.mod h1:/n6+1/DWPltRLWL/VKyUxg6tzsl5kHUCcraimt4vr60= github.com/alecthomas/kingpin/v2 v2.3.1/go.mod h1:oYL5vtsvEHZGHxU7DMp32Dvx+qL+ptGn6lWaot2vCNE= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 h1:JYp7IbQjafoB+tBA3gMyHYHrpOtNuDiK/uB5uXxq5wM= @@ -180,6 +178,8 @@ github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiE github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8= github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk= github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4= +github.com/bahlo/generic-list-go v0.2.0 h1:5sz/EEAK+ls5wF+NeqDpk5+iNdMDXrh3z3nPnH1Wvgk= +github.com/bahlo/generic-list-go v0.2.0/go.mod h1:2KvAjgMlE5NNynlg/5iLrrCCZ2+5xWbdbCW3pNTGyYg= github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A= github.com/benbjohnson/clock v1.3.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= @@ -196,6 +196,8 @@ github.com/bsm/ginkgo/v2 v2.9.5 h1:rtVBYPs3+TC5iLUVOis1B9tjLTup7Cj5IfzosKtvTJ0= github.com/bsm/ginkgo/v2 v2.9.5/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c= github.com/bsm/gomega v1.26.0 h1:LhQm+AFcgV2M0WyKroMASzAzCAJVpAxQXv4SaI9a69Y= github.com/bsm/gomega v1.26.0/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0= +github.com/buger/jsonparser v1.1.1 h1:2PnMjfWD7wBILjqQbt530v576A/cAbQvEW9gGIpYMUs= +github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1O2AihPM= github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s= @@ -558,8 +560,6 @@ github.com/hdm/jarm-go v0.0.7 h1:Eq0geenHrBSYuKrdVhrBdMMzOmA+CAMLzN2WrF3eL6A= github.com/hdm/jarm-go v0.0.7/go.mod h1:kinGoS0+Sdn1Rr54OtanET5E5n7AlD6T6CrJAKDjJSQ= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/hudl/fargo v1.3.0/go.mod h1:y3CKSmjA+wD2gak7sUSXTAoopbhU08POFhmITJgmKTg= -github.com/iancoleman/orderedmap v0.0.0-20190318233801-ac98e3ecb4b0 h1:i462o439ZjprVSFSZLZxcsoAe592sZB1rci2Z8j4wdk= -github.com/iancoleman/orderedmap v0.0.0-20190318233801-ac98e3ecb4b0/go.mod h1:N0Wam8K1arqPXNWjMo21EXnBPOPp36vB07FNRdD2geA= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20220319035150-800ac71e25c2/go.mod h1:aYm2/VgdVmcIU8iMfdMvDMsRAQjcfZSKFby6HOFvi/w= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= @@ -567,6 +567,8 @@ github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo= +github.com/invopop/jsonschema v0.12.0 h1:6ovsNSuvn9wEQVOyc72aycBMVQFKz7cPdMJn10CvzRI= +github.com/invopop/jsonschema v0.12.0/go.mod h1:ffZ5Km5SWWRAIN6wbDXItl95euhFz2uON45H2qjYt+0= github.com/invopop/yaml v0.2.0 h1:7zky/qH+O0DwAyoobXUqvVBwgBFRxKoQ/3FjcVpjTMY= github.com/invopop/yaml v0.2.0/go.mod h1:2XuRLgs/ouIrW3XNzuNj7J3Nvu/Dig5MXvbCEdiBN3Q= github.com/itchyny/gojq v0.12.13 h1:IxyYlHYIlspQHHTE0f3cJF0NKDMfajxViuhBLnHd/QU= @@ -996,7 +998,6 @@ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSS github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.3.1-0.20190311161405-34c6fa2dc709/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= @@ -1063,6 +1064,8 @@ github.com/weppos/publicsuffix-go v0.30.0/go.mod h1:kBi8zwYnR0zrbm8RcuN1o9Fzgpnn github.com/weppos/publicsuffix-go v0.30.2-0.20230730094716-a20f9abcc222 h1:h2JizvZl9aIj6za9S5AyrkU+OzIS4CetQthH/ejO+lg= github.com/weppos/publicsuffix-go v0.30.2-0.20230730094716-a20f9abcc222/go.mod h1:s41lQh6dIsDWIC1OWh7ChWJXLH0zkJ9KHZVqA7vHyuQ= github.com/weppos/publicsuffix-go/publicsuffix/generator v0.0.0-20220927085643-dc0d00c92642/go.mod h1:GHfoeIdZLdZmLjMlzBftbTDntahTttUMWjxZwQJhULE= +github.com/wk8/go-ordered-map/v2 v2.1.8 h1:5h/BUHu93oj4gIdvHHHGsScSTMijfx5PeYkE/fJgbpc= +github.com/wk8/go-ordered-map/v2 v2.1.8/go.mod h1:5nJHM5DyteebpVlHnWMV0rPz6Zp7+xBAnxjb1X5vnTw= github.com/xanzy/go-gitlab v0.84.0 h1:PdpCaskQSgcVDsx21c6ikf8Rfyo7SNtFAJwP9PrbCFE= github.com/xanzy/go-gitlab v0.84.0/go.mod h1:5ryv+MnpZStBH8I/77HuQBsMbBGANtVpLWC15qOjWAw= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= diff --git a/pkg/model/types/severity/severity.go b/pkg/model/types/severity/severity.go index c186ec44bb..55b3ab2000 100644 --- a/pkg/model/types/severity/severity.go +++ b/pkg/model/types/severity/severity.go @@ -4,7 +4,7 @@ import ( "encoding/json" "strings" - "github.com/alecthomas/jsonschema" + "github.com/invopop/jsonschema" "github.com/pkg/errors" ) @@ -71,8 +71,8 @@ type Holder struct { Severity Severity `mapping:"true"` } -func (severityHolder Holder) JSONSchemaType() *jsonschema.Type { - gotType := &jsonschema.Type{ +func (severityHolder Holder) JSONSchemaType() *jsonschema.Schema { + gotType := &jsonschema.Schema{ Type: "string", Title: "severity of the template", Description: "Seriousness of the implications of the template", diff --git a/pkg/model/types/stringslice/stringslice.go b/pkg/model/types/stringslice/stringslice.go index 10f19fb757..21df3c9ae0 100644 --- a/pkg/model/types/stringslice/stringslice.go +++ b/pkg/model/types/stringslice/stringslice.go @@ -5,7 +5,7 @@ import ( "fmt" "strings" - "github.com/alecthomas/jsonschema" + "github.com/invopop/jsonschema" "github.com/projectdiscovery/nuclei/v3/pkg/utils" ) @@ -20,11 +20,9 @@ func New(value interface{}) StringSlice { return StringSlice{Value: value} } -func (stringSlice StringSlice) JSONSchemaType() *jsonschema.Type { - gotType := &jsonschema.Type{ - OneOf: []*jsonschema.Type{{Type: "string"}, {Type: "array"}}, - } - return gotType +func (stringSlice StringSlice) JSONSchemaType() *jsonschema.Schema { + schema := jsonschema.Reflect(&stringSlice) + return schema } func (stringSlice *StringSlice) IsEmpty() bool { diff --git a/pkg/model/types/userAgent/user_agent.go b/pkg/model/types/userAgent/user_agent.go index 30173ca2b5..4a187d06a1 100644 --- a/pkg/model/types/userAgent/user_agent.go +++ b/pkg/model/types/userAgent/user_agent.go @@ -4,7 +4,7 @@ import ( "encoding/json" "strings" - "github.com/alecthomas/jsonschema" + "github.com/invopop/jsonschema" "github.com/pkg/errors" ) @@ -61,8 +61,8 @@ type UserAgentHolder struct { Value UserAgent `mapping:"true"` } -func (userAgentHolder UserAgentHolder) JSONSchemaType() *jsonschema.Type { - gotType := &jsonschema.Type{ +func (userAgentHolder UserAgentHolder) JSONSchemaType() *jsonschema.Schema { + gotType := &jsonschema.Schema{ Type: "string", Title: "userAgent for the headless", Description: "userAgent for the headless http request", diff --git a/pkg/operators/extractors/extractor_types.go b/pkg/operators/extractors/extractor_types.go index f2ee89d787..79fa191f8b 100644 --- a/pkg/operators/extractors/extractor_types.go +++ b/pkg/operators/extractors/extractor_types.go @@ -5,7 +5,7 @@ import ( "errors" "strings" - "github.com/alecthomas/jsonschema" + "github.com/invopop/jsonschema" ) // ExtractorType is the type of the extractor specified @@ -72,8 +72,8 @@ type ExtractorTypeHolder struct { ExtractorType ExtractorType `mapping:"true"` } -func (holder ExtractorTypeHolder) JSONSchemaType() *jsonschema.Type { - gotType := &jsonschema.Type{ +func (holder ExtractorTypeHolder) JSONSchemaType() *jsonschema.Schema { + gotType := &jsonschema.Schema{ Type: "string", Title: "type of the extractor", Description: "Type of the extractor", diff --git a/pkg/operators/matchers/matchers_types.go b/pkg/operators/matchers/matchers_types.go index 9c872192a8..5bcbc67628 100644 --- a/pkg/operators/matchers/matchers_types.go +++ b/pkg/operators/matchers/matchers_types.go @@ -5,7 +5,7 @@ import ( "errors" "strings" - "github.com/alecthomas/jsonschema" + "github.com/invopop/jsonschema" ) // MatcherType is the type of the matcher specified @@ -82,8 +82,8 @@ func (t MatcherTypeHolder) String() string { return t.MatcherType.String() } -func (holder MatcherTypeHolder) JSONSchemaType() *jsonschema.Type { - gotType := &jsonschema.Type{ +func (holder MatcherTypeHolder) JSONSchemaType() *jsonschema.Schema { + gotType := &jsonschema.Schema{ Type: "string", Title: "type of the matcher", Description: "Type of the matcher", diff --git a/pkg/protocols/common/generators/attack_types.go b/pkg/protocols/common/generators/attack_types.go index 662a72399f..c0ad882f81 100644 --- a/pkg/protocols/common/generators/attack_types.go +++ b/pkg/protocols/common/generators/attack_types.go @@ -4,7 +4,7 @@ import ( "encoding/json" "strings" - "github.com/alecthomas/jsonschema" + "github.com/invopop/jsonschema" "github.com/pkg/errors" ) @@ -61,8 +61,8 @@ type AttackTypeHolder struct { Value AttackType `mapping:"true"` } -func (holder AttackTypeHolder) JSONSchemaType() *jsonschema.Type { - gotType := &jsonschema.Type{ +func (holder AttackTypeHolder) JSONSchemaType() *jsonschema.Schema { + gotType := &jsonschema.Schema{ Type: "string", Title: "type of the attack", Description: "Type of the attack", diff --git a/pkg/protocols/common/variables/variables.go b/pkg/protocols/common/variables/variables.go index f26df59383..cc8278e0c2 100644 --- a/pkg/protocols/common/variables/variables.go +++ b/pkg/protocols/common/variables/variables.go @@ -4,7 +4,7 @@ import ( "encoding/json" "strings" - "github.com/alecthomas/jsonschema" + "github.com/invopop/jsonschema" "github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/expressions" "github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/generators" "github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/interactsh" @@ -21,12 +21,12 @@ type Variable struct { utils.InsertionOrderedStringMap `yaml:"-" json:"-"` } -func (variables Variable) JSONSchemaType() *jsonschema.Type { - gotType := &jsonschema.Type{ +func (variables Variable) JSONSchemaType() *jsonschema.Schema { + gotType := &jsonschema.Schema{ Type: "object", Title: "variables for the request", Description: "Additional variables for the request", - AdditionalProperties: []byte("true"), + AdditionalProperties: &jsonschema.Schema{}, } return gotType } diff --git a/pkg/protocols/dns/dns_types.go b/pkg/protocols/dns/dns_types.go index 7f1f94ab34..1c90c5836d 100644 --- a/pkg/protocols/dns/dns_types.go +++ b/pkg/protocols/dns/dns_types.go @@ -5,7 +5,7 @@ import ( "errors" "strings" - "github.com/alecthomas/jsonschema" + "github.com/invopop/jsonschema" ) // DNSRequestType is the type of the method specified @@ -92,8 +92,8 @@ func (holder DNSRequestTypeHolder) String() string { return holder.DNSRequestType.String() } -func (holder DNSRequestTypeHolder) JSONSchemaType() *jsonschema.Type { - gotType := &jsonschema.Type{ +func (holder DNSRequestTypeHolder) JSONSchemaType() *jsonschema.Schema { + gotType := &jsonschema.Schema{ Type: "string", Title: "type of DNS request to make", Description: "Type is the type of DNS request to make", diff --git a/pkg/protocols/headless/engine/action_types.go b/pkg/protocols/headless/engine/action_types.go index d39cc0010d..52873e45de 100644 --- a/pkg/protocols/headless/engine/action_types.go +++ b/pkg/protocols/headless/engine/action_types.go @@ -5,7 +5,7 @@ import ( "errors" "strings" - "github.com/alecthomas/jsonschema" + "github.com/invopop/jsonschema" ) // ActionType defines the action type for a browser action @@ -171,8 +171,8 @@ type ActionTypeHolder struct { func (holder ActionTypeHolder) String() string { return holder.ActionType.String() } -func (holder ActionTypeHolder) JSONSchemaType() *jsonschema.Type { - gotType := &jsonschema.Type{ +func (holder ActionTypeHolder) JSONSchemaType() *jsonschema.Schema { + gotType := &jsonschema.Schema{ Type: "string", Title: "action to perform", Description: "Type of actions to perform", diff --git a/pkg/protocols/http/http_method_types.go b/pkg/protocols/http/http_method_types.go index 571446ab7e..9ef78911b0 100644 --- a/pkg/protocols/http/http_method_types.go +++ b/pkg/protocols/http/http_method_types.go @@ -5,7 +5,7 @@ import ( "errors" "strings" - "github.com/alecthomas/jsonschema" + "github.com/invopop/jsonschema" ) // HTTPMethodType is the type of the method specified @@ -89,8 +89,8 @@ func (holder HTTPMethodTypeHolder) String() string { return holder.MethodType.String() } -func (holder HTTPMethodTypeHolder) JSONSchemaType() *jsonschema.Type { - gotType := &jsonschema.Type{ +func (holder HTTPMethodTypeHolder) JSONSchemaType() *jsonschema.Schema { + gotType := &jsonschema.Schema{ Type: "string", Title: "method is the HTTP request method", Description: "Method is the HTTP Request Method", diff --git a/pkg/protocols/http/signature.go b/pkg/protocols/http/signature.go index b8d491712d..c28ecf6827 100644 --- a/pkg/protocols/http/signature.go +++ b/pkg/protocols/http/signature.go @@ -4,7 +4,7 @@ import ( "encoding/json" "strings" - "github.com/alecthomas/jsonschema" + "github.com/invopop/jsonschema" "github.com/pkg/errors" "github.com/projectdiscovery/nuclei/v3/pkg/protocols/http/signer" @@ -51,8 +51,8 @@ type SignatureTypeHolder struct { Value SignatureType } -func (holder SignatureTypeHolder) JSONSchemaType() *jsonschema.Type { - gotType := &jsonschema.Type{ +func (holder SignatureTypeHolder) JSONSchemaType() *jsonschema.Schema { + gotType := &jsonschema.Schema{ Type: "string", Title: "type of the signature", Description: "Type of the signature", diff --git a/pkg/protocols/network/network_input_types.go b/pkg/protocols/network/network_input_types.go index 9180757c9f..e8b294eaab 100644 --- a/pkg/protocols/network/network_input_types.go +++ b/pkg/protocols/network/network_input_types.go @@ -5,7 +5,7 @@ import ( "errors" "strings" - "github.com/alecthomas/jsonschema" + "github.com/invopop/jsonschema" ) // NetworkInputType is the type of the network input specified @@ -66,8 +66,8 @@ func (holder NetworkInputTypeHolder) String() string { return holder.NetworkInputType.String() } -func (holder NetworkInputTypeHolder) JSONSchemaType() *jsonschema.Type { - gotType := &jsonschema.Type{ +func (holder NetworkInputTypeHolder) JSONSchemaType() *jsonschema.Schema { + gotType := &jsonschema.Schema{ Type: "string", Title: "type is the type of input data", Description: "description=Type of input specified in data field", diff --git a/pkg/templates/types/types.go b/pkg/templates/types/types.go index b8987ec322..f1195dc74d 100644 --- a/pkg/templates/types/types.go +++ b/pkg/templates/types/types.go @@ -5,7 +5,7 @@ import ( "fmt" "strings" - "github.com/alecthomas/jsonschema" + "github.com/invopop/jsonschema" "github.com/pkg/errors" "github.com/projectdiscovery/goflags" "github.com/projectdiscovery/nuclei/v3/pkg/model/types/stringslice" @@ -92,8 +92,8 @@ type TypeHolder struct { ProtocolType ProtocolType `mapping:"true"` } -func (holder TypeHolder) JSONSchemaType() *jsonschema.Type { - gotType := &jsonschema.Type{ +func (holder TypeHolder) JSONSchemaType() *jsonschema.Schema { + gotType := &jsonschema.Schema{ Type: "string", Title: "type of the protocol", Description: "Type of the protocol", From 0feb94a717e39f09b3fd5abf0abff70269c94c2f Mon Sep 17 00:00:00 2001 From: kchason Date: Mon, 25 Mar 2024 16:15:28 -0400 Subject: [PATCH 2/3] Remove YAML designated formatters --- cmd/docgen/docgen.go | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/cmd/docgen/docgen.go b/cmd/docgen/docgen.go index 4dcef8a013..c589b98b0e 100644 --- a/cmd/docgen/docgen.go +++ b/cmd/docgen/docgen.go @@ -32,11 +32,7 @@ func main() { } // Generate jsonschema - r := &jsonschema.Reflector{ - PreferYAMLSchema: true, - YAMLEmbeddedStructs: true, - FullyQualifyTypeNames: true, - } + r := &jsonschema.Reflector{} jsonschemaData := r.Reflect(&templates.Template{}) var buf bytes.Buffer From 17d67f66081902ae2a4932a58acf416f3e95e9bb Mon Sep 17 00:00:00 2001 From: Tarun Koyalwar Date: Wed, 27 Mar 2024 23:52:08 +0530 Subject: [PATCH 3/3] minor updates --- pkg/model/model.go | 49 ++++++++++++++++--- pkg/model/types/severity/severity.go | 14 +++--- pkg/model/types/stringslice/stringslice.go | 26 +++++++--- .../types/stringslice/stringslice_raw.go | 4 ++ pkg/templates/templates.go | 16 +++--- 5 files changed, 82 insertions(+), 27 deletions(-) diff --git a/pkg/model/model.go b/pkg/model/model.go index 7fc8c5be53..d4aec3c071 100644 --- a/pkg/model/model.go +++ b/pkg/model/model.go @@ -1,10 +1,22 @@ package model import ( + "github.com/invopop/jsonschema" "github.com/projectdiscovery/nuclei/v3/pkg/model/types/severity" "github.com/projectdiscovery/nuclei/v3/pkg/model/types/stringslice" ) +type schemaMetadata struct { + PropName string + PropType string + Example []interface{} + OneOf []*schemaMetadata +} + +var infoSchemaMetadata = []schemaMetadata{ + {PropName: "author", OneOf: []*schemaMetadata{{PropType: "string", Example: []interface{}{`pdteam`}}, {PropType: "array", Example: []interface{}{`pdteam,mr.robot`}}}}, +} + // Info contains metadata information about a template type Info struct { // description: | @@ -13,14 +25,14 @@ type Info struct { // examples: // - value: "\"bower.json file disclosure\"" // - value: "\"Nagios Default Credentials Check\"" - Name string `json:"name,omitempty" yaml:"name,omitempty" jsonschema:"title=name of the template,description=Name is a short summary of what the template does,example=Nagios Default Credentials Check"` + Name string `json:"name,omitempty" yaml:"name,omitempty" jsonschema:"title=name of the template,description=Name is a short summary of what the template does,type=string,required,example=Nagios Default Credentials Check"` // description: | // Author of the template. // // Multiple values can also be specified separated by commas. // examples: // - value: "\"\"" - Authors stringslice.StringSlice `json:"author,omitempty" yaml:"author,omitempty" jsonschema:"title=author of the template,description=Author is the author of the template,example=username"` + Authors stringslice.StringSlice `json:"author,omitempty" yaml:"author,omitempty" jsonschema:"title=author of the template,description=Author is the author of the template,required,example=username"` // description: | // Any tags for the template. // @@ -38,7 +50,7 @@ type Info struct { // examples: // - value: "\"Bower is a package manager which stores package information in the bower.json file\"" // - value: "\"Subversion ALM for the enterprise before 8.8.2 allows reflected XSS at multiple locations\"" - Description string `json:"description,omitempty" yaml:"description,omitempty" jsonschema:"title=description of the template,description=In-depth explanation on what the template does,example=Bower is a package manager which stores package information in the bower.json file"` + Description string `json:"description,omitempty" yaml:"description,omitempty" jsonschema:"title=description of the template,description=In-depth explanation on what the template does,type=string,example=Bower is a package manager which stores package information in the bower.json file"` // description: | // Impact of the template. // @@ -47,7 +59,7 @@ type Info struct { // examples: // - value: "\"Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized access, data leakage, or data manipulation.\"" // - value: "\"Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.\"" - Impact string `json:"impact,omitempty" yaml:"impact,omitempty" jsonschema:"title=impact of the template,description=In-depth explanation on the impact of the issue found by the template,example=Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized access, data leakage, or data manipulation."` + Impact string `json:"impact,omitempty" yaml:"impact,omitempty" jsonschema:"title=impact of the template,description=In-depth explanation on the impact of the issue found by the template,example=Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized access, data leakage, or data manipulation.,type=string"` // description: | // References for the template. // @@ -66,11 +78,11 @@ type Info struct { // examples: // - value: > // map[string]string{"customField1":"customValue1"} - Metadata map[string]interface{} `json:"metadata,omitempty" yaml:"metadata,omitempty" jsonschema:"title=additional metadata for the template,description=Additional metadata fields for the template"` + Metadata map[string]interface{} `json:"metadata,omitempty" yaml:"metadata,omitempty" jsonschema:"title=additional metadata for the template,description=Additional metadata fields for the template,type=object"` // description: | // Classification contains classification information about the template. - Classification *Classification `json:"classification,omitempty" yaml:"classification,omitempty" jsonschema:"title=classification info for the template,description=Classification information for the template"` + Classification *Classification `json:"classification,omitempty" yaml:"classification,omitempty" jsonschema:"title=classification info for the template,description=Classification information for the template,type=object"` // description: | // Remediation steps for the template. @@ -79,7 +91,30 @@ type Info struct { // // examples: // - value: "\"Change the default administrative username and password of Apache ActiveMQ by editing the file jetty-realm.properties\"" - Remediation string `json:"remediation,omitempty" yaml:"remediation,omitempty" jsonschema:"title=remediation steps for the template,description=In-depth explanation on how to fix the issues found by the template,example=Change the default administrative username and password of Apache ActiveMQ by editing the file jetty-realm.properties"` + Remediation string `json:"remediation,omitempty" yaml:"remediation,omitempty" jsonschema:"title=remediation steps for the template,description=In-depth explanation on how to fix the issues found by the template,example=Change the default administrative username and password of Apache ActiveMQ by editing the file jetty-realm.properties,type=string"` +} + +// JSONSchemaProperty returns the JSON schema property for the Info object. +func (i Info) JSONSchemaExtend(base *jsonschema.Schema) { + // since we are re-using a stringslice and rawStringSlice everywhere, we can extend/edit the schema here + // thus allowing us to add examples, descriptions, etc. to the properties + for _, metadata := range infoSchemaMetadata { + if prop, ok := base.Properties.Get(metadata.PropName); ok { + if len(metadata.OneOf) > 0 { + for _, oneOf := range metadata.OneOf { + prop.OneOf = append(prop.OneOf, &jsonschema.Schema{ + Type: oneOf.PropType, + Examples: oneOf.Example, + }) + } + } else { + if metadata.PropType != "" { + prop.Type = metadata.PropType + } + prop.Examples = []interface{}{metadata.Example} + } + } + } } // Classification contains the vulnerability classification data for a template. diff --git a/pkg/model/types/severity/severity.go b/pkg/model/types/severity/severity.go index 55b3ab2000..611c9721df 100644 --- a/pkg/model/types/severity/severity.go +++ b/pkg/model/types/severity/severity.go @@ -71,16 +71,18 @@ type Holder struct { Severity Severity `mapping:"true"` } -func (severityHolder Holder) JSONSchemaType() *jsonschema.Schema { - gotType := &jsonschema.Schema{ +// Implement a jsonschema for the severity holder +func (severityHolder Holder) JSONSchema() *jsonschema.Schema { + enums := []interface{}{} + for _, severity := range GetSupportedSeverities() { + enums = append(enums, severity.String()) + } + return &jsonschema.Schema{ Type: "string", Title: "severity of the template", Description: "Seriousness of the implications of the template", + Enum: enums, } - for _, severity := range GetSupportedSeverities() { - gotType.Enum = append(gotType.Enum, severity.String()) - } - return gotType } func (severityHolder *Holder) UnmarshalYAML(unmarshal func(interface{}) error) error { diff --git a/pkg/model/types/stringslice/stringslice.go b/pkg/model/types/stringslice/stringslice.go index 21df3c9ae0..290687f6d2 100644 --- a/pkg/model/types/stringslice/stringslice.go +++ b/pkg/model/types/stringslice/stringslice.go @@ -6,23 +6,37 @@ import ( "strings" "github.com/invopop/jsonschema" - "github.com/projectdiscovery/nuclei/v3/pkg/utils" ) +type StringOrSlice string + +func (StringOrSlice) JSONSchema() *jsonschema.Schema { + return &jsonschema.Schema{ + OneOf: []*jsonschema.Schema{ + { + Type: "string", + }, + { + Type: "array", + }, + }, + } +} + // StringSlice represents a single (in-lined) or multiple string value(s). // The unmarshaller does not automatically convert in-lined strings to []string, hence the interface{} type is required. type StringSlice struct { Value interface{} } -func New(value interface{}) StringSlice { - return StringSlice{Value: value} +// Implement alias for stringslice and reuse it everywhere +func (stringSlice StringSlice) JSONSchemaAlias() any { + return StringOrSlice("") } -func (stringSlice StringSlice) JSONSchemaType() *jsonschema.Schema { - schema := jsonschema.Reflect(&stringSlice) - return schema +func New(value interface{}) StringSlice { + return StringSlice{Value: value} } func (stringSlice *StringSlice) IsEmpty() bool { diff --git a/pkg/model/types/stringslice/stringslice_raw.go b/pkg/model/types/stringslice/stringslice_raw.go index 494731ca5c..7d9e470bfa 100644 --- a/pkg/model/types/stringslice/stringslice_raw.go +++ b/pkg/model/types/stringslice/stringslice_raw.go @@ -11,3 +11,7 @@ func NewRawStringSlice(value interface{}) *RawStringSlice { func (rawStringSlice *RawStringSlice) Normalize(value string) string { return value } + +func (rawStringSlice RawStringSlice) JSONSchemaAlias() any { + return StringOrSlice("") +} diff --git a/pkg/templates/templates.go b/pkg/templates/templates.go index bd81d1451b..68f9324a87 100644 --- a/pkg/templates/templates.go +++ b/pkg/templates/templates.go @@ -45,12 +45,12 @@ type Template struct { // examples: // - name: ID Example // value: "\"CVE-2021-19520\"" - ID string `yaml:"id" json:"id" jsonschema:"title=id of the template,description=The Unique ID for the template,example=cve-2021-19520,pattern=^([a-zA-Z0-9]+[-_])*[a-zA-Z0-9]+$"` + ID string `yaml:"id" json:"id" jsonschema:"title=id of the template,description=The Unique ID for the template,required,example=cve-2021-19520,pattern=^([a-zA-Z0-9]+[-_])*[a-zA-Z0-9]+$"` // description: | // Info contains metadata information about the template. // examples: // - value: exampleInfoStructure - Info model.Info `yaml:"info" json:"info" jsonschema:"title=info for the template,description=Info contains metadata for the template"` + Info model.Info `yaml:"info" json:"info" jsonschema:"title=info for the template,description=Info contains metadata for the template,required,type=object"` // description: | // Flow contains the execution flow for the template. // examples: @@ -62,13 +62,13 @@ type Template struct { // http(1) // } // - Flow string `yaml:"flow,omitempty" json:"flow,omitempty" jsonschema:"title=template execution flow in js,description=Flow contains js code which defines how the template should be executed"` + Flow string `yaml:"flow,omitempty" json:"flow,omitempty" jsonschema:"title=template execution flow in js,description=Flow contains js code which defines how the template should be executed,type=string,example='flow: http(0) && http(1)'"` // description: | // Requests contains the http request to make in the template. // WARNING: 'requests' will be deprecated and will be removed in a future release. Please use 'http' instead. // examples: // - value: exampleNormalHTTPRequest - RequestsHTTP []*http.Request `yaml:"requests,omitempty" json:"requests,omitempty" jsonschema:"title=http requests to make,description=HTTP requests to make for the template"` + RequestsHTTP []*http.Request `yaml:"requests,omitempty" json:"requests,omitempty" jsonschema:"title=http requests to make,description=HTTP requests to make for the template,deprecated=true"` // description: | // HTTP contains the http request to make in the template. // examples: @@ -91,7 +91,7 @@ type Template struct { // WARNING: 'network' will be deprecated and will be removed in a future release. Please use 'tcp' instead. // examples: // - value: exampleNormalNetworkRequest - RequestsNetwork []*network.Request `yaml:"network,omitempty" json:"network,omitempty" jsonschema:"title=network requests to make,description=Network requests to make for the template"` + RequestsNetwork []*network.Request `yaml:"network,omitempty" json:"network,omitempty" jsonschema:"title=network requests to make,description=Network requests to make for the template,deprecated=true"` // description: | // TCP contains the network request to make in the template // examples: @@ -134,15 +134,15 @@ type Template struct { // Signature is the request signature method // values: // - "AWS" - Signature http.SignatureTypeHolder `yaml:"signature,omitempty" json:"signature,omitempty" jsonschema:"title=signature is the http request signature method,description=Signature is the HTTP Request signature Method,enum=AWS"` + Signature http.SignatureTypeHolder `yaml:"signature,omitempty" json:"signature,omitempty" jsonschema:"title=signature is the http request signature method,description=Signature is the HTTP Request signature Method,enum=AWS,deprecated=true"` // description: | // Variables contains any variables for the current request. - Variables variables.Variable `yaml:"variables,omitempty" json:"variables,omitempty" jsonschema:"title=variables for the http request,description=Variables contains any variables for the current request"` + Variables variables.Variable `yaml:"variables,omitempty" json:"variables,omitempty" jsonschema:"title=variables for the http request,description=Variables contains any variables for the current request,type=object"` // description: | // Constants contains any scalar constant for the current template - Constants map[string]interface{} `yaml:"constants,omitempty" json:"constants,omitempty" jsonschema:"title=constant for the template,description=constants contains any constant for the template"` + Constants map[string]interface{} `yaml:"constants,omitempty" json:"constants,omitempty" jsonschema:"title=constant for the template,description=constants contains any constant for the template,type=object"` // TotalRequests is the total number of requests for the template. TotalRequests int `yaml:"-" json:"-"`