fix: static analysis findings (#341)

* fix: reset eslintrc

* feat: log points for when different linters run to make it easier to know where you're at

* chore: resolve error level SCA findings

* chore: clean up SCA warning level findings

* chore: update community edition with a newly minted .golangci-lint.json

.golangci.json

@@ -21,23 +21,17 @@
         "path": "cache_test\\.go",
         "text": "SA1026:"
       },
-      {
-        "path": "empty\\.go",
-        "text": "SA5010:"
-      },
       {
         "path": "foldr_test\\.go",
         "text": "SA4000:"
       },
       {
         "path": ".go",
-        "text": "((neo4j(.+)(NewDriver|Result))|Id|jwt\\.StandardClaims|database.Database|(.+)Deprecated) is deprecated"
+        "text": "((neo4j(.+)(NewDriver|Result))|Id|database.Database|(.+)Deprecated) is deprecated"
       },
       {
-        "path": "(.+)_test\\.go",
-        "linters": [
-          "errcheck"
-        ]
+        "path": "expected_ingest.go",
+        "text": "ST1022:"
       }
     ]
   },
@@ -54,7 +48,7 @@
     "default-severity": "error",
     "rules": [
       {
-        "text": "(ST\\d{4}|S\\d{4})",
+        "text": "(ST\\d{4}|S\\d{4}|SA1019)",
         "severity": "warning"
       }
     ]

cmd/api/src/analysis/ad/adcs_integration_test.go

@@ -384,14 +384,13 @@ func TestEnrollOnBehalfOf(t *testing.T) {
 	}, func(harness integration.HarnessDetails, db graph.Database) {
 		certTemplates, err := ad2.FetchNodesByKind(context.Background(), db, ad.CertTemplate)
 		v1Templates := make([]*graph.Node, 0)
-		v2Templates := make([]*graph.Node, 0)
 		for _, template := range certTemplates {
 			if version, err := template.Properties.Get(ad.SchemaVersion.String()).Float64(); err != nil {
 				continue
 			} else if version == 1 {
 				v1Templates = append(v1Templates, template)
 			} else if version >= 2 {
-				v2Templates = append(v2Templates, template)
+				continue
 			}
 		}
 
@@ -430,16 +429,13 @@ func TestEnrollOnBehalfOf(t *testing.T) {
 		return nil
 	}, func(harness integration.HarnessDetails, db graph.Database) {
 		certTemplates, err := ad2.FetchNodesByKind(context.Background(), db, ad.CertTemplate)
-		// TODO: v1Templates are never used in any assertions and should either have assertions added or be removed from the test entirely
-		//v1Templates := make([]*graph.Node, 0)
 		v2Templates := make([]*graph.Node, 0)
 
 		for _, template := range certTemplates {
 			if version, err := template.Properties.Get(ad.SchemaVersion.String()).Float64(); err != nil {
 				continue
 			} else if version == 1 {
 				continue
-				//v1Templates = append(v1Templates, template)
 			} else if version >= 2 {
 				v2Templates = append(v2Templates, template)
 			}

cmd/api/src/api/middleware/compression.go

@@ -30,7 +30,7 @@ import (
 	"github.com/specterops/bloodhound/src/api"
 )
 
-var unsupportedEncodingError = errors.New("content encoding is not supported")
+var errUnsupportedEncoding = errors.New("content encoding is not supported")
 
 type GzipResponseWriter struct {
 	http.ResponseWriter
@@ -66,7 +66,7 @@ func CompressionMiddleware(next http.Handler) http.Handler {
 				if err != nil {
 					errMsg := fmt.Sprintf("failed to create reader for %s encoding: %v", encoding, err)
 					log.Warnf(errMsg)
-					if errors.Is(err, unsupportedEncodingError) {
+					if errors.Is(err, errUnsupportedEncoding) {
 						api.WriteErrorResponse(request.Context(), api.BuildErrorResponse(http.StatusUnsupportedMediaType, fmt.Sprintf("Error trying to read request: %s", errMsg), request), responseWriter)
 					} else {
 						api.WriteErrorResponse(request.Context(), api.BuildErrorResponse(http.StatusBadRequest, fmt.Sprintf("Error trying to read request: %s", errMsg), request), responseWriter)
@@ -107,7 +107,7 @@ func wrapBody(encoding string, body io.ReadCloser) (io.ReadCloser, error) {
 		newBody, err = zlib.NewReader(body)
 	default:
 		log.Infof("unsupported encoding detected: %s", encoding)
-		err = unsupportedEncodingError
+		err = errUnsupportedEncoding
 	}
 	return newBody, err
 }

cmd/api/src/bootstrap/util.go

@@ -19,16 +19,16 @@ package bootstrap
 import (
 	"context"
 	"fmt"
+	"os"
+
 	"github.com/specterops/bloodhound/dawgs"
 	"github.com/specterops/bloodhound/dawgs/drivers/neo4j"
-	_ "github.com/specterops/bloodhound/dawgs/drivers/neo4j"
 	"github.com/specterops/bloodhound/dawgs/drivers/pg"
 	"github.com/specterops/bloodhound/dawgs/graph"
 	"github.com/specterops/bloodhound/dawgs/util/size"
 	"github.com/specterops/bloodhound/log"
 	"github.com/specterops/bloodhound/src/api/tools"
 	"github.com/specterops/bloodhound/src/config"
-	"os"
 )
 
 func ensureDirectory(path string) error {

cmd/api/src/cmd/dawgs-harness/main.go

@@ -20,17 +20,18 @@ import (
 	"context"
 	"flag"
 	"fmt"
-	"github.com/specterops/bloodhound/dawgs/drivers/neo4j"
-	"github.com/specterops/bloodhound/dawgs/drivers/pg"
-	"github.com/specterops/bloodhound/dawgs/util/size"
-	schema "github.com/specterops/bloodhound/graphschema"
 	_ "net/http/pprof"
 	"os"
 	"os/signal"
 	"runtime/pprof"
 	"syscall"
 	"time"
 
+	"github.com/specterops/bloodhound/dawgs/drivers/neo4j"
+	"github.com/specterops/bloodhound/dawgs/drivers/pg"
+	"github.com/specterops/bloodhound/dawgs/util/size"
+	schema "github.com/specterops/bloodhound/graphschema"
+
 	"github.com/jedib0t/go-pretty/v6/table"
 	"github.com/specterops/bloodhound/dawgs"
 	"github.com/specterops/bloodhound/dawgs/graph"
@@ -71,7 +72,7 @@ func RunTestSuite(ctx context.Context, connectionStr, driverName string) tests.T
 func newContext() context.Context {
 	var (
 		ctx, done = context.WithCancel(context.Background())
-		sigchnl   = make(chan os.Signal)
+		sigchnl   = make(chan os.Signal, 1)
 	)
 
 	signal.Notify(sigchnl)

cmd/ui/.eslintrc.cjs

@@ -28,6 +28,5 @@ module.exports = {
         '@typescript-eslint/no-explicit-any': 'off',
         '@typescript-eslint/no-inferrable-types': 'off',
         '@typescript-eslint/no-empty-function': 'off',
-        'prefer-const': 'warn',
     },
 };

cmd/ui/src/views/Home/Home.tsx

@@ -22,7 +22,3 @@ const Home: React.FC = () => {
 };
 
 export default Home;
-
-// TODO: Remove before merge to fix linter messages
-let arr = [].reduce(function(prev: never, curr: never, idx: number, arr: never[]) {})
-

packages/go/dawgs/graph/mapper.go

@@ -85,8 +85,6 @@ func castNumericSlice[R numeric, T any](src []T) ([]R, error) {
 }
 
 func AsNumericSlice[T numeric](rawValue any) ([]T, error) {
-	var numericSlice []T
-
 	switch typedValue := rawValue.(type) {
 	case []any:
 		return castNumericSlice[T](typedValue)
@@ -117,8 +115,6 @@ func AsNumericSlice[T numeric](rawValue any) ([]T, error) {
 	default:
 		return nil, fmt.Errorf("unable to convert raw value %T as a numeric slice", rawValue)
 	}
-
-	return numericSlice, nil
 }
 
 func AsKinds(rawValue any) (Kinds, error) {

packages/go/stbernard/analyzers/golang/golang.go

@@ -70,13 +70,17 @@ func Run(cwd string, modPaths []string, env []string) ([]codeclimate.Entry, erro
 	cmd.Stdout = &outb
 	cmd.Args = append(cmd.Args, args...)
 
+	log.Infof("Running golangci-lint")
+
 	err := cmd.Run()
 	if _, ok := err.(*exec.ExitError); ok {
 		err = ErrNonZeroExit
 	} else if err != nil {
 		return result, fmt.Errorf("unexpected failure: %w", err)
 	}
 
+	log.Infof("Completed golangci-lint")
+
 	if err := json.NewDecoder(&outb).Decode(&result); err != nil {
 		return result, fmt.Errorf("failed to decode output: %w", err)
 	}

packages/go/stbernard/analyzers/js/js.go

@@ -23,6 +23,7 @@ import (
 	"fmt"
 	"os/exec"
 
+	"github.com/specterops/bloodhound/log"
 	"github.com/specterops/bloodhound/packages/go/stbernard/analyzers/codeclimate"
 )
 
@@ -51,6 +52,8 @@ func Run(jsPaths []string, env []string) ([]codeclimate.Entry, error) {
 		result          = make([]codeclimate.Entry, 0, len(jsPaths))
 	)
 
+	log.Infof("Running eslint")
+
 	for _, path := range jsPaths {
 		entries, err := runEslint(path, env)
 		if errors.Is(err, ErrNonZeroExit) {
@@ -61,6 +64,8 @@ func Run(jsPaths []string, env []string) ([]codeclimate.Entry, error) {
 		result = append(result, entries...)
 	}
 
+	log.Infof("Completed eslint")
+
 	return result, exitError
 }