New release with AWS Lambda support, v3.0.0

[radekk]

Description

This PR introduces a support for the AWS Lambda as well as removes Webtask support (because this platform is not longer publicly available/maintained).

List of changes:

• Support for AWS Lambda
• Deprecating Webtask support
• Refactoring and adding a new documentation to make it easier to understand how does this tool work
• Adding new unit tests to cover AWS Lambda use-cases
• Separate build files for lambda and cli mode
• General refactoring of code

Testing

All of the new scenarios and use-cases were added to our unit tests to ensure it doesn't introduce any breaking changes to existing functionality.

  Scenario: Run tool in AWS Lambda mode (Pull Request processing)
    Lambda handler
      ✓ should error on missing ENV variable (GITHUB_TOKEN)
      ✓ should error on missing ENV variable (JWT_SECRET) (53ms)
      ✓ should error on missing Event object from API Gateway (48ms)
      ✓ should process a payload body that is a string (106ms)
      ✓ should process a payload body that is an object (53ms)
      ✓ should error on invalid JSON input for a payload body (51ms)
    Reporting a false positive
      ✓ should error on invalid report id (58ms)
      ✓ should respond with a success message if there are no errors (81ms)
      ✓ should respond with a failure message on errors (133ms)
    View report
      ✓ should return a report without any findings (133ms)
      ✓ should return a report with findings (227ms)
    Processing a PR
      ✓ should fail on PR action not supported in the config file (135ms)
      ✓ should succeed on PR with allowed action (71ms)

  Scenario: Run tool in CLI mode to detect secrets
    ✓ should print error message when no parameters were provided (312ms)
    ✓ should print error message when no parameters were provided - JSON response (305ms)
    ✓ should not detect secrets in empty directories (315ms)
    ✓ should not detect secrets in empty directories - JSON response (325ms)
    ✓ should not detect secrets in unsupported file formats (334ms)
    ✓ should not detect secrets in unsupported file formats - JSON response (334ms)
    ✓ should return an error when directory does not exist (322ms)
    ✓ should return an error when directory does not exist - JSON response (321ms)
    ✓ should detect secrets in supported files (437ms)
    ✓ should detect secrets in supported files - JSON response (406ms)

  Issues
    ✓ [Issue #007] Should not fail on JSON with "toString" key
    ✓ [Issue #010] Should detect [name="foobar"]:enabled as a valid CSS selector

  Pre filter -> Authentication URLs
    ✓ should skip all valid URLs without the authentication params
    ✓ should parse all valid URLs with the authentication params
    ✓ should skip URL when there is only an empty string
    ✓ should skip valid URL where auth params were set to empty values
    ✓ should not detect random secrets as URLs or URLs with auth params

  Pre filter -> CSS selectors
    ✓ should detect all valid CSS selectors
    ✓ should not detect random secrets as CSS selectors

  Pre filter -> Dictionary words
    ✓ should allow all strings that do not contain real words
    camelCase
      ✓ should skip "thisIsTotallyASetOfRealWords" because it contains real words
      ✓ should skip "ThisHasSomeThwnflWords" because it contains real words
      ✓ should skip "GenerateHTMLParser" because it contains real words
      ✓ should skip "set123ofStuff" because it contains real words
    separators
      ✓ should skip "totally-a-real-set-of-words" because it contains real words
      ✓ should skip "contains-myspyled-wurds-too" because it contains real words
      ✓ should skip "the-numbers-123-are-great" because it contains real words
      ✓ should skip "underscore_can_be_used" because it contains real words
      ✓ should skip "mixing_separators_for_fun-and-profit" because it contains real words
      ✓ should skip "UPPER-CASE-PHRASE" because it contains real words
      ✓ should skip "mixing.separators,for.fun-and-profits" because it contains real words
      ✓ should skip "totally.a.real.set.of.words" because it contains real words
      ✓ should skip "totally,a,real,set,of,words" because it contains real words
    mixed
      ✓ should skip "some-words-are-camelCased-but-some-areNot" because it contains real words
      ✓ should skip "CapitalLettersCanDoSome-WeirdStuff" because it contains real words
    singleWords
      ✓ should skip "hello" because it contains real words
      ✓ should skip "Test" because it contains real words

  Pre filter -> E-mail addresses
    ✓ should detect all valid e-mail addresses
    ✓ should not detect random secrets as e-mail addresses

  Pre filter -> Local paths
    ✓ should detect all valid local paths
    ✓ should not detect random secrets as local paths

  Pre filter -> Min length
    ✓ should allow string with the exact length as min. string length setting
    ✓ should skip string shorter than min. string length setting
    ✓ should allow string longer than min. string length setting

  Pre filter -> Multiple words
    ✓ should skip all strings with multiple words
    ✓ should allow all strings with single words
    ✓ should not detect random secrets as multiple words

  Pre filter -> Object key identifiers
    ✓ should skip all strings that look like object keys
    ✓ should allow strings that does not look like object keys
    ✓ should not detect random secrets as multiple words

  Pre filter -> Skip prefixes
    ✓ should skip all words with defined prefixes at the beginning
    ✓ should allow all words without defined prefixes at the beginning
    ✓ should allow all words with prefixes at the end
    ✓ should not detect random secrets as words with prefixes

  Pre filter -> Whitelist
    String is in whitelist
      ✓ should skip "foobar"
      ✓ should skip "foo"
      ✓ should skip "bar"
      ✓ should skip "test"
    String is not in whitelist
      ✓ should not skip "hello"
      ✓ should not skip "test-code"
      ✓ should not skip "hello-foobar"
      ✓ should not skip "foo_bar"
      ✓ should not skip "bar-bar"
      ✓ should not skip "?foobar"
      ✓ should not skip "FOO"

  Render -> Obfuscate strings
    ✓ should obfuscate a string to not reveal its full content

  79 passing (5s)

• [x] This change adds test coverage for new/changed/fixed functionality

Checklist

• [x] I have added documentation for new/changed functionality in this PR or in auth0.com/docs
• [x] All active GitHub checks for tests, formatting, and security are passing
• [x] The correct base branch is being used, if not master

[radekk]

Needed to force push in order to sign all of my commits. Accidentally git commit locally didn't auto-sign them.