Recomendación de CVSS - Githubissues

jllanosg commented 1 month ago

Descripción

Agrega los cambios necesarios a la interfaz para la recomendación de CVSS.
Agrega los cambios necesarios para levantar el modelo de CVSS y agrega el endpoint al backend para que haga conección con la API de este.

Motivación y Contexto

HU20 - Recomendación de CVSS
Aumenta la velocidad de trabajo del usuario

¿Cómo ha sido probado?

Se agregó la url de descarga del modelo de CVSS al .env de la raíz del proyecto (ver .env.example)
Se levantó la app con el docker compose.
En la vista de creación y edición de vulnerabilidades, se puede presionar el botón de recomendar CVSS, que tras unos segundos resalta con una estrella la recomendación del modelo. (El modelo demora y puede generar timeout, depende de la descripción entregada).
En las mismas vistas, al presionar el botón de limpiar, limpia la recomendación.
Aparece un error al intentar recomendar sin una descripción.

Capturas de pantalla (si es apropiado):

Tipos de cambios

[ ] Bugfix (cambio que no interrumpe el funcionamiento y que soluciona un problema)
[x] New feature (cambio que no interrumpe el funcionamiento y que añade funcionalidad)
[ ] Breaking change (corrección o funcionalidad que podría causar que la funcionalidad existente cambie)

Lista de verificación:

[x] Mi código sigue el estilo de código de este proyecto.
[ ] Mi cambio requiere una modificación en la documentación.
[ ] He actualizado la documentación en consecuencia.
[x] Requiere nuevos tests.

Summary by CodeRabbit

Nuevas Funciones
- Se ha añadido una nueva variable de entorno CVSS_MODEL_URL para descargar un modelo CVSS.
- Se ha implementado un nuevo endpoint /cvss en la API para procesar descripciones de vulnerabilidades y generar recomendaciones de CVSS.
- Se ha introducido la funcionalidad de recomendaciones de CVSS en los componentes AddVulnerability y EditVulnerability.
- Se ha añadido un nuevo método para enviar solicitudes de descripción de CVSS al backend.
Mejoras en la Interfaz de Usuario
- Nuevas cadenas de localización para recomendaciones de CVSS y mensajes de error.
- Actualizaciones en el componente CVSSCalculator para manejar recomendaciones y resaltar opciones recomendadas.
- Se han añadido propiedades para resaltar botones en los componentes de métricas.
Correcciones de Errores
- Se han implementado validaciones para asegurar que las descripciones de vulnerabilidades no estén vacías.

coderabbitai[bot] commented 1 month ago

📝 Walkthrough

## Walkthrough El pull request introduce varias modificaciones en el código, incluyendo la adición de una nueva variable de entorno `CVSS_MODEL_URL` en el archivo `.env.example`, la modificación del archivo `.gitignore` para ignorar el directorio `cwe_api/utils`, y la implementación de nuevas funcionalidades relacionadas con el CVSS en varios archivos, incluyendo la creación de nuevas rutas en el backend y la adición de un nuevo archivo para inferir cadenas CVSS. También se actualizan varios componentes en el frontend para manejar recomendaciones de CVSS. ## Changes | Archivo | Resumen de cambios | |--------------------------------------------|----------------------------------------------------------------------------------------------------------------------------| | `.env.example` | Se añade la variable `CVSS_MODEL_URL` para descargar un modelo CVSS. | | `.gitignore` | Se añade `cwe_api/utils` a la lista de archivos ignorados. | | `backend/src/app.js` | Se añade la importación de rutas para CVSS: `require('./routes/cvss')(app);`. | | `backend/src/routes/cvss.js` | Se crea un nuevo manejador de rutas para el endpoint POST `/api/cvss`, que valida parámetros y maneja errores. | | `cwe_api/Dockerfile` | Se añade el argumento `CVSS_MODEL_URL` y lógica para descargar un modelo si no existe el directorio `utils`. | | `cwe_api/cvss_inferencer.py` | Se crea un nuevo archivo que implementa un modelo BERT para inferir cadenas CVSS a partir de descripciones de vulnerabilidades. | | `cwe_api/main.py` | Se añade un nuevo endpoint POST `/cvss` que procesa datos de vulnerabilidad utilizando `cvss_inferencer`. | | `cwe_api/requirements.txt` | Se añaden las dependencias `torch` y `scikit-learn==1.4.2`. | | `docker-compose.yml` | Se añade `CVSS_MODEL_URL` en los argumentos de construcción del servicio `auditforge-cwe-api`. | | `frontend/src/i18n/en-US/index.ts` | Se añaden nuevas cadenas de localización relacionadas con recomendaciones de CVSS. | | `frontend/src/routes/vulnerabilities/add/addVulnerability.tsx` | Se añade la función `handleCvssRecomendation` para validar descripciones. | | `frontend/src/routes/vulnerabilities/components/CVSSCalculator.tsx` | Se añaden nuevos estados y funciones para manejar recomendaciones de CVSS. | | `frontend/src/routes/vulnerabilities/components/metricButton.tsx` | Se añade la propiedad `isHighlighted` para resaltar botones. | | `frontend/src/routes/vulnerabilities/components/metricGroup.tsx` | Se añade la propiedad opcional `highlightedOption` para resaltar opciones. | | `frontend/src/routes/vulnerabilities/edit/editVulnerability.tsx` | Se añade la función `handleCvssRecomendation` para validar descripciones. | | `frontend/src/services/vulnerabilities.ts` | Se añade la función `postDescriptionCVSS` para enviar solicitudes POST al endpoint CVSS. | ## Possibly related PRs - **#100**: Este PR introduce un nuevo entorno variable en el archivo `.env.example`, que está directamente relacionado con la adición de la variable `CVSS_MODEL_URL` en el PR principal. - **#137**: Este PR mejora la funcionalidad relacionada con las recomendaciones de CWE, que conecta con la adición de `CVSS_MODEL_URL` en el contexto de la evaluación de vulnerabilidades y recomendaciones en el PR principal. - **#143**: Este PR introduce una función de panel que puede utilizar el modelo CVSS de manera indirecta, ya que se relaciona con la funcionalidad general de gestión y visualización de datos de auditoría, que es relevante en el contexto del PR principal. ## Suggested reviewers - massi-ponce - caverav - jllanosg - Sealra

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

- [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code)

🪧 Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): > ‼️ **IMPORTANT** > Auto-reply has been disabled for this repository in the CodeRabbit settings. The CodeRabbit bot will not respond to your replies unless it is explicitly tagged. - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` - `@coderabbitai help me debug CodeRabbit configuration file.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (Invoked using PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger an incremental review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai full review` to do a full review from scratch and review all the files again. - `@coderabbitai summary` to regenerate the summary of the PR. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai configuration` to show the current CodeRabbit configuration for the repository. - `@coderabbitai help` to get help. ### Other keywords and placeholders - Add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. - Add `@coderabbitai summary` to generate the high-level summary at a specific location in the PR description. - Add `@coderabbitai` anywhere in the PR title to generate the title automatically. ### CodeRabbit Configuration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](http://discord.gg/coderabbit) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.

Icksir commented 1 month ago

Tengo este error de buildeo

caverav commented 1 month ago

Me tira 500 al intentar obtener la recomendación

massi-ponce commented 1 month ago

Me tira 500 al intentar obtener la recomendación

A mí también. Y en la recomendación de CWE igual.

caverav commented 1 month ago

Tengo este error de buildeo

Same

massi-ponce commented 4 weeks ago

Tiré un podman-compose -f docker-compose.yml up --build -d y me dio el siguiente log:

['podman', '--version', '']
using podman version: 4.3.1
** excluding:  set()
podman build -t auditforge-cwe-api -f ./cwe_api/Dockerfile --build-arg CWE_MODEL_URL=https://drive.usercontent.google.com/download?id=1OtRNObv-Il2B5nDnpzMSGj_yBJAlskuS&export=download&confirm=``` --build-arg CVSS_MODEL_URL=https://drive.usercontent.google.com/download?id=1nS1lQpVVJ431wUyVSs5_Srega6QVPyc8&export=download&confirm= ./cwe_api
STEP 1/11: FROM python:3.12-slim
STEP 2/11: WORKDIR /app
--> 4efead52c47
STEP 3/11: COPY . .
--> 06f10e8a007
STEP 4/11: ARG CWE_MODEL_URL
--> d916f3274d1
STEP 5/11: ARG CVSS_MODEL_URL
--> a20193297a6
STEP 6/11: RUN set -e     && apt-get update -y     && apt-get install -y --no-install-recommends        wget        unzip     && apt-get clean     && rm -rf /var/lib/apt/lists/*     || { echo "Error: Fallo en la instalación de paquetes"; exit 1; }
Get:1 http://deb.debian.org/debian bookworm InRelease [151 kB]
Get:2 http://deb.debian.org/debian bookworm-updates InRelease [55.4 kB]
Get:3 http://deb.debian.org/debian-security bookworm-security InRelease [48.0 kB]
Get:4 http://deb.debian.org/debian bookworm/main amd64 Packages [8787 kB]
Get:5 http://deb.debian.org/debian bookworm-updates/main amd64 Packages [2468 B]
Get:6 http://deb.debian.org/debian-security bookworm-security/main amd64 Packages [188 kB]
Fetched 9232 kB in 3s (2881 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
The following additional packages will be installed:
  libpsl5
Suggested packages:
  zip
Recommended packages:
  publicsuffix
The following NEW packages will be installed:
  libpsl5 unzip wget
0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
Need to get 1209 kB of archives.
After this operation, 4178 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bookworm/main amd64 libpsl5 amd64 0.21.2-1 [58.7 kB]
Get:2 http://deb.debian.org/debian bookworm/main amd64 wget amd64 1.21.3-1+b2 [984 kB]
Get:3 http://deb.debian.org/debian bookworm/main amd64 unzip amd64 6.0-28 [166 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 1209 kB in 1s (1166 kB/s)
Selecting previously unselected package libpsl5:amd64.
(Reading database ... 6695 files and directories currently installed.)
Preparing to unpack .../libpsl5_0.21.2-1_amd64.deb ...
Unpacking libpsl5:amd64 (0.21.2-1) ...
Selecting previously unselected package wget.
Preparing to unpack .../wget_1.21.3-1+b2_amd64.deb ...
Unpacking wget (1.21.3-1+b2) ...
Selecting previously unselected package unzip.
Preparing to unpack .../unzip_6.0-28_amd64.deb ...
Unpacking unzip (6.0-28) ...
Setting up libpsl5:amd64 (0.21.2-1) ...
Setting up wget (1.21.3-1+b2) ...
Setting up unzip (6.0-28) ...
Processing triggers for libc-bin (2.36-9+deb12u8) ...
--> a0bf1bc9f27
STEP 7/11: RUN pip install --no-cache-dir torchvision==0.17.0+cpu torchaudio==2.2.0+cpu --index-url https://download.pytorch.org/whl/cpu     && pip install --no-cache-dir -r requirements.txt
Looking in indexes: https://download.pytorch.org/whl/cpu
Collecting torchvision==0.17.0+cpu
  Downloading https://download.pytorch.org/whl/cpu/torchvision-0.17.0%2Bcpu-cp312-cp312-linux_x86_64.whl (1.6 MB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1.6/1.6 MB 13.7 MB/s eta 0:00:00
Collecting torchaudio==2.2.0+cpu
  Downloading https://download.pytorch.org/whl/cpu/torchaudio-2.2.0%2Bcpu-cp312-cp312-linux_x86_64.whl (1.7 MB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1.7/1.7 MB 23.2 MB/s eta 0:00:00
Collecting numpy (from torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/numpy-1.26.3-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (18.0 MB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 18.0/18.0 MB 24.2 MB/s eta 0:00:00
Collecting requests (from torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/requests-2.28.1-py3-none-any.whl (62 kB)
Collecting torch==2.2.0 (from torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/cpu/torch-2.2.0%2Bcpu-cp312-cp312-linux_x86_64.whl (186.7 MB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 186.7/186.7 MB 15.8 MB/s eta 0:00:00
Collecting pillow!=8.3.*,>=5.3.0 (from torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/pillow-10.2.0-cp312-cp312-manylinux_2_28_x86_64.whl (4.5 MB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 4.5/4.5 MB 33.1 MB/s eta 0:00:00
Collecting filelock (from torch==2.2.0->torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/filelock-3.13.1-py3-none-any.whl (11 kB)
Collecting typing-extensions>=4.8.0 (from torch==2.2.0->torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/typing_extensions-4.9.0-py3-none-any.whl (32 kB)
Collecting sympy (from torch==2.2.0->torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/sympy-1.12-py3-none-any.whl (5.7 MB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 5.7/5.7 MB 32.2 MB/s eta 0:00:00
Collecting networkx (from torch==2.2.0->torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/networkx-3.2.1-py3-none-any.whl (1.6 MB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1.6/1.6 MB 26.6 MB/s eta 0:00:00
Collecting jinja2 (from torch==2.2.0->torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/Jinja2-3.1.3-py3-none-any.whl (133 kB)
Collecting fsspec (from torch==2.2.0->torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/fsspec-2024.2.0-py3-none-any.whl (170 kB)
Collecting charset-normalizer<3,>=2 (from requests->torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/charset_normalizer-2.1.1-py3-none-any.whl (39 kB)
Collecting idna<4,>=2.5 (from requests->torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/idna-3.4-py3-none-any.whl (61 kB)
Collecting urllib3<1.27,>=1.21.1 (from requests->torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/urllib3-1.26.13-py2.py3-none-any.whl (140 kB)
Collecting certifi>=2017.4.17 (from requests->torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/certifi-2022.12.7-py3-none-any.whl (155 kB)
Collecting MarkupSafe>=2.0 (from jinja2->torch==2.2.0->torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/MarkupSafe-2.1.5-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (28 kB)
Collecting mpmath>=0.19 (from sympy->torch==2.2.0->torchvision==0.17.0+cpu)
  Downloading https://download.pytorch.org/whl/mpmath-1.3.0-py3-none-any.whl (536 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 536.2/536.2 kB 32.5 MB/s eta 0:00:00
Installing collected packages: mpmath, urllib3, typing-extensions, sympy, pillow, numpy, networkx, MarkupSafe, idna, fsspec, filelock, charset-normalizer, certifi, requests, jinja2, torch, torchvision, torchaudio
Successfully installed MarkupSafe-2.1.5 certifi-2022.12.7 charset-normalizer-2.1.1 filelock-3.13.1 fsspec-2024.2.0 idna-3.4 jinja2-3.1.3 mpmath-1.3.0 networkx-3.2.1 numpy-1.26.3 pillow-10.2.0 requests-2.28.1 sympy-1.12 torch-2.2.0+cpu torchaudio-2.2.0+cpu torchvision-0.17.0+cpu typing-extensions-4.9.0 urllib3-1.26.13
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager, possibly rendering your system unusable.It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv. Use the --root-user-action option if you know what you are doing and want to suppress this warning.
Collecting fastapi==0.115.0 (from -r requirements.txt (line 1))
  Downloading fastapi-0.115.0-py3-none-any.whl.metadata (27 kB)
Collecting uvicorn==0.31.0 (from -r requirements.txt (line 2))
  Downloading uvicorn-0.31.0-py3-none-any.whl.metadata (6.6 kB)
Collecting transformers==4.41.2 (from -r requirements.txt (line 3))
  Downloading transformers-4.41.2-py3-none-any.whl.metadata (43 kB)
Requirement already satisfied: torch in /usr/local/lib/python3.12/site-packages (from -r requirements.txt (line 4)) (2.2.0+cpu)
Collecting scikit-learn==1.4.2 (from -r requirements.txt (line 5))
  Downloading scikit_learn-1.4.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (11 kB)
Collecting starlette<0.39.0,>=0.37.2 (from fastapi==0.115.0->-r requirements.txt (line 1))
  Downloading starlette-0.38.6-py3-none-any.whl.metadata (6.0 kB)
Collecting pydantic!=1.8,!=1.8.1,!=2.0.0,!=2.0.1,!=2.1.0,<3.0.0,>=1.7.4 (from fastapi==0.115.0->-r requirements.txt (line 1))
  Downloading pydantic-2.9.2-py3-none-any.whl.metadata (149 kB)
Requirement already satisfied: typing-extensions>=4.8.0 in /usr/local/lib/python3.12/site-packages (from fastapi==0.115.0->-r requirements.txt (line 1)) (4.9.0)
Collecting click>=7.0 (from uvicorn==0.31.0->-r requirements.txt (line 2))
  Downloading click-8.1.7-py3-none-any.whl.metadata (3.0 kB)
Collecting h11>=0.8 (from uvicorn==0.31.0->-r requirements.txt (line 2))
  Downloading h11-0.14.0-py3-none-any.whl.metadata (8.2 kB)
Requirement already satisfied: filelock in /usr/local/lib/python3.12/site-packages (from transformers==4.41.2->-r requirements.txt (line 3)) (3.13.1)
Collecting huggingface-hub<1.0,>=0.23.0 (from transformers==4.41.2->-r requirements.txt (line 3))
  Downloading huggingface_hub-0.25.2-py3-none-any.whl.metadata (13 kB)
Requirement already satisfied: numpy>=1.17 in /usr/local/lib/python3.12/site-packages (from transformers==4.41.2->-r requirements.txt (line 3)) (1.26.3)
Collecting packaging>=20.0 (from transformers==4.41.2->-r requirements.txt (line 3))
  Downloading packaging-24.1-py3-none-any.whl.metadata (3.2 kB)
Collecting pyyaml>=5.1 (from transformers==4.41.2->-r requirements.txt (line 3))
  Downloading PyYAML-6.0.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (2.1 kB)
Collecting regex!=2019.12.17 (from transformers==4.41.2->-r requirements.txt (line 3))
  Downloading regex-2024.9.11-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (40 kB)
Requirement already satisfied: requests in /usr/local/lib/python3.12/site-packages (from transformers==4.41.2->-r requirements.txt (line 3)) (2.28.1)
Collecting tokenizers<0.20,>=0.19 (from transformers==4.41.2->-r requirements.txt (line 3))
  Downloading tokenizers-0.19.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (6.7 kB)
Collecting safetensors>=0.4.1 (from transformers==4.41.2->-r requirements.txt (line 3))
  Downloading safetensors-0.4.5-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (3.8 kB)
Collecting tqdm>=4.27 (from transformers==4.41.2->-r requirements.txt (line 3))
  Downloading tqdm-4.66.5-py3-none-any.whl.metadata (57 kB)
Collecting scipy>=1.6.0 (from scikit-learn==1.4.2->-r requirements.txt (line 5))
  Downloading scipy-1.14.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (60 kB)
Collecting joblib>=1.2.0 (from scikit-learn==1.4.2->-r requirements.txt (line 5))
  Downloading joblib-1.4.2-py3-none-any.whl.metadata (5.4 kB)
Collecting threadpoolctl>=2.0.0 (from scikit-learn==1.4.2->-r requirements.txt (line 5))
  Downloading threadpoolctl-3.5.0-py3-none-any.whl.metadata (13 kB)
Requirement already satisfied: sympy in /usr/local/lib/python3.12/site-packages (from torch->-r requirements.txt (line 4)) (1.12)
Requirement already satisfied: networkx in /usr/local/lib/python3.12/site-packages (from torch->-r requirements.txt (line 4)) (3.2.1)
Requirement already satisfied: jinja2 in /usr/local/lib/python3.12/site-packages (from torch->-r requirements.txt (line 4)) (3.1.3)
Requirement already satisfied: fsspec in /usr/local/lib/python3.12/site-packages (from torch->-r requirements.txt (line 4)) (2024.2.0)
Collecting annotated-types>=0.6.0 (from pydantic!=1.8,!=1.8.1,!=2.0.0,!=2.0.1,!=2.1.0,<3.0.0,>=1.7.4->fastapi==0.115.0->-r requirements.txt (line 1))
  Downloading annotated_types-0.7.0-py3-none-any.whl.metadata (15 kB)
Collecting pydantic-core==2.23.4 (from pydantic!=1.8,!=1.8.1,!=2.0.0,!=2.0.1,!=2.1.0,<3.0.0,>=1.7.4->fastapi==0.115.0->-r requirements.txt (line 1))
  Downloading pydantic_core-2.23.4-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (6.6 kB)
Collecting anyio<5,>=3.4.0 (from starlette<0.39.0,>=0.37.2->fastapi==0.115.0->-r requirements.txt (line 1))
  Downloading anyio-4.6.2.post1-py3-none-any.whl.metadata (4.7 kB)
Requirement already satisfied: MarkupSafe>=2.0 in /usr/local/lib/python3.12/site-packages (from jinja2->torch->-r requirements.txt (line 4)) (2.1.5)
Requirement already satisfied: charset-normalizer<3,>=2 in /usr/local/lib/python3.12/site-packages (from requests->transformers==4.41.2->-r requirements.txt (line 3)) (2.1.1)
Requirement already satisfied: idna<4,>=2.5 in /usr/local/lib/python3.12/site-packages (from requests->transformers==4.41.2->-r requirements.txt (line 3)) (3.4)
Requirement already satisfied: urllib3<1.27,>=1.21.1 in /usr/local/lib/python3.12/site-packages (from requests->transformers==4.41.2->-r requirements.txt (line 3)) (1.26.13)
Requirement already satisfied: certifi>=2017.4.17 in /usr/local/lib/python3.12/site-packages (from requests->transformers==4.41.2->-r requirements.txt (line 3)) (2022.12.7)
Requirement already satisfied: mpmath>=0.19 in /usr/local/lib/python3.12/site-packages (from sympy->torch->-r requirements.txt (line 4)) (1.3.0)
Collecting sniffio>=1.1 (from anyio<5,>=3.4.0->starlette<0.39.0,>=0.37.2->fastapi==0.115.0->-r requirements.txt (line 1))
  Downloading sniffio-1.3.1-py3-none-any.whl.metadata (3.9 kB)
Downloading fastapi-0.115.0-py3-none-any.whl (94 kB)
Downloading uvicorn-0.31.0-py3-none-any.whl (63 kB)
Downloading transformers-4.41.2-py3-none-any.whl (9.1 MB)
   ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 9.1/9.1 MB 6.9 MB/s eta 0:00:00
Downloading scikit_learn-1.4.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (12.2 MB)
   ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 12.2/12.2 MB 3.3 MB/s eta 0:00:00
Downloading click-8.1.7-py3-none-any.whl (97 kB)
Downloading h11-0.14.0-py3-none-any.whl (58 kB)
Downloading huggingface_hub-0.25.2-py3-none-any.whl (436 kB)
Downloading joblib-1.4.2-py3-none-any.whl (301 kB)
Downloading packaging-24.1-py3-none-any.whl (53 kB)
Downloading pydantic-2.9.2-py3-none-any.whl (434 kB)
Downloading pydantic_core-2.23.4-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (2.1 MB)
   ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 2.1/2.1 MB 12.6 MB/s eta 0:00:00
Downloading PyYAML-6.0.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (767 kB)
   ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 767.5/767.5 kB 16.5 MB/s eta 0:00:00
Downloading regex-2024.9.11-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (797 kB)
   ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 797.0/797.0 kB 17.5 MB/s eta 0:00:00
Downloading safetensors-0.4.5-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (434 kB)
Downloading scipy-1.14.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (40.8 MB)
   ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 40.8/40.8 MB 15.5 MB/s eta 0:00:00
Downloading starlette-0.38.6-py3-none-any.whl (71 kB)
Downloading threadpoolctl-3.5.0-py3-none-any.whl (18 kB)
Downloading tokenizers-0.19.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.6 MB)
   ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 3.6/3.6 MB 15.5 MB/s eta 0:00:00
Downloading tqdm-4.66.5-py3-none-any.whl (78 kB)
Downloading annotated_types-0.7.0-py3-none-any.whl (13 kB)
Downloading anyio-4.6.2.post1-py3-none-any.whl (90 kB)
Downloading sniffio-1.3.1-py3-none-any.whl (10 kB)
Installing collected packages: tqdm, threadpoolctl, sniffio, scipy, safetensors, regex, pyyaml, pydantic-core, packaging, joblib, h11, click, annotated-types, uvicorn, scikit-learn, pydantic, huggingface-hub, anyio, tokenizers, starlette, transformers, fastapi
Successfully installed annotated-types-0.7.0 anyio-4.6.2.post1 click-8.1.7 fastapi-0.115.0 h11-0.14.0 huggingface-hub-0.25.2 joblib-1.4.2 packaging-24.1 pydantic-2.9.2 pydantic-core-2.23.4 pyyaml-6.0.2 regex-2024.9.11 safetensors-0.4.5 scikit-learn-1.4.2 scipy-1.14.1 sniffio-1.3.1 starlette-0.38.6 threadpoolctl-3.5.0 tokenizers-0.19.1 tqdm-4.66.5 transformers-4.41.2 uvicorn-0.31.0
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager, possibly rendering your system unusable.It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv. Use the --root-user-action option if you know what you are doing and want to suppress this warning.
--> a6f3d6b02dd
STEP 8/11: RUN if [ ! -d modelo_cwe ]; then       echo "modelo_cwe not found. Downloading it...";       wget --progress=bar:force "$CWE_MODEL_URL" -O modelo_cwe.zip       && unzip modelo_cwe.zip && rm modelo_cwe.zip       || { echo "Failed to download or unzip model"; exit 1; }     fi
--> 32ccea4712d
STEP 9/11: RUN if [ ! -d utils ]; then     echo "utils folder (cvss model) not found. Downloading it...";     if wget --progress=bar:force "$CVSS_MODEL_URL" -O modelo_cvss.zip &&       unzip modelo_cvss.zip && rm modelo_cvss.zip; then       echo "CVSS model downloaded and extracted successfully";     else       echo "Failed to download or unzip CVSS model";       exit 1;     fi; fi
utils folder (cvss model) not found. Downloading it...
--2024-10-14 16:05:55--  https://drive.usercontent.google.com/download?id=1nS1lQpVVJ431wUyVSs5_Srega6QVPyc8&export=download&confirm=
Resolving drive.usercontent.google.com (drive.usercontent.google.com)... 172.217.192.132, 2800:3f0:4003:c02::84
Connecting to drive.usercontent.google.com (drive.usercontent.google.com)|172.217.192.132|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 657590811 (627M) [application/octet-stream]
Saving to: ‘modelo_cvss.zip’

modelo_cvss.zip     100%[===================>] 627.13M  18.6MB/s    in 37s     

2024-10-14 16:06:34 (17.1 MB/s) - ‘modelo_cvss.zip’ saved [657590811/657590811]

Archive:  modelo_cvss.zip
   creating: utils/
  inflating: utils/encoder_privilegesRequired.pickle  
  inflating: utils/encoder_userInteraction.pickle  
  inflating: utils/num_labels.pickle  
  inflating: utils/encoder_confidentialityImpact.pickle  
  inflating: utils/encoder_scope.pickle  
  inflating: utils/encoder_baseSeverity.pickle  
  inflating: utils/encoder_attackVector.pickle  
  inflating: utils/cvss.pth          
  inflating: utils/encoder_integrityImpact.pickle  
  inflating: utils/encoder_availabilityImpact.pickle  
  inflating: utils/encoder_attackComplexity.pickle  
replace inferencer.py? [y]es, [n]o, [A]ll, [N]one, [r]ename:  NULL
(EOF or read error, treating as "[N]one" ...)
Failed to download or unzip CVSS model
Error: building at STEP "RUN if [ ! -d utils ]; then     echo "utils folder (cvss model) not found. Downloading it...";     if wget --progress=bar:force "$CVSS_MODEL_URL" -O modelo_cvss.zip &&       unzip modelo_cvss.zip && rm modelo_cvss.zip; then       echo "CVSS model downloaded and extracted successfully";     else       echo "Failed to download or unzip CVSS model";       exit 1;     fi; fi": while running runtime: exit status 1
exit code: 1
podman build -t auditforge-backend -f ./backend/Dockerfile ./backend
STEP 1/11: FROM node:lts-alpine
STEP 2/11: RUN mkdir -p /app
--> Using cache c71fcf436b98ec70126f0f1862681766a7ecbc932ade50b8fea0ad60186f47eb
--> c71fcf436b9
STEP 3/11: WORKDIR /app
--> Using cache d1007d69540fce8a033582009248f7ea1155ef8002fc4103d6c0c9ee1e424f21
--> d1007d69540
STEP 4/11: COPY package*.json ./
--> 3067501954f
STEP 5/11: RUN apk --no-cache add --virtual builds-deps build-base python3 git libreoffice ttf-liberation
fetch https://dl-cdn.alpinelinux.org/alpine/v3.20/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.20/community/x86_64/APKINDEX.tar.gz
(1/256) Installing jansson (2.14-r4)
(2/256) Installing zstd-libs (1.5.6-r0)
(3/256) Installing binutils (2.42-r0)
(4/256) Installing libmagic (5.45-r1)
(5/256) Installing file (5.45-r1)
(6/256) Installing libgomp (13.2.1_git20240309-r0)
(7/256) Installing libatomic (13.2.1_git20240309-r0)
(8/256) Installing gmp (6.3.0-r1)
(9/256) Installing isl26 (0.26-r1)
(10/256) Installing mpfr4 (4.2.1-r0)
(11/256) Installing mpc1 (1.3.1-r1)
(12/256) Installing gcc (13.2.1_git20240309-r0)
(13/256) Installing libstdc++-dev (13.2.1_git20240309-r0)
(14/256) Installing musl-dev (1.2.5-r0)
(15/256) Installing g++ (13.2.1_git20240309-r0)
(16/256) Installing make (4.4.1-r2)
(17/256) Installing fortify-headers (1.1-r3)
(18/256) Installing patch (2.7.6-r10)
(19/256) Installing build-base (0.5-r3)
(20/256) Installing libbz2 (1.0.8-r6)
(21/256) Installing libexpat (2.6.3-r0)
(22/256) Installing libffi (3.4.6-r0)
(23/256) Installing gdbm (1.23-r1)
(24/256) Installing xz-libs (5.6.2-r0)
(25/256) Installing mpdecimal (4.0.0-r0)
(26/256) Installing ncurses-terminfo-base (6.4_p20240420-r1)
(27/256) Installing libncursesw (6.4_p20240420-r1)
(28/256) Installing libpanelw (6.4_p20240420-r1)
(29/256) Installing readline (8.2.10-r0)
(30/256) Installing sqlite-libs (3.45.3-r1)
(31/256) Installing python3 (3.12.7-r0)
(32/256) Installing python3-pycache-pyc0 (3.12.7-r0)
(33/256) Installing pyc (3.12.7-r0)
(34/256) Installing python3-pyc (3.12.7-r0)
(35/256) Installing ca-certificates (20240705-r0)
(36/256) Installing brotli-libs (1.1.0-r2)
(37/256) Installing c-ares (1.33.1-r0)
(38/256) Installing libunistring (1.2-r0)
(39/256) Installing libidn2 (2.3.7-r0)
(40/256) Installing nghttp2-libs (1.62.1-r0)
(41/256) Installing libpsl (0.21.5-r1)
(42/256) Installing libcurl (8.10.1-r0)
(43/256) Installing pcre2 (10.43-r0)
(44/256) Installing git (2.45.2-r0)
(45/256) Installing git-init-template (2.45.2-r0)
(46/256) Installing libreoffice-lang-en_us (7.6.7.2-r0)
(47/256) Installing libice (1.1.1-r6)
(48/256) Installing libuuid (2.40.1-r1)
(49/256) Installing libsm (1.2.4-r4)
(50/256) Installing libxau (1.0.11-r4)
(51/256) Installing libmd (1.1.0-r0)
(52/256) Installing libbsd (0.12.2-r0)
(53/256) Installing libxdmcp (1.1.5-r1)
(54/256) Installing libxcb (1.16.1-r0)
(55/256) Installing libx11 (1.8.9-r1)
(56/256) Installing libxext (1.3.6-r2)
(57/256) Installing libxinerama (1.1.5-r4)
(58/256) Installing libxrender (0.9.11-r5)
(59/256) Installing libxrandr (1.5.4-r1)
(60/256) Installing zxing-cpp (2.2.1-r0)
(61/256) Installing boost1.84-thread (1.84.0-r1)
(62/256) Installing icu-data-en (74.2-r0)
Executing icu-data-en-74.2-r0.post-install
*
* If you need ICU with non-English locales and legacy charset support, install
* package icu-data-full.
*
(63/256) Installing icu-libs (74.2-r0)
(64/256) Installing boost1.84-locale (1.84.0-r1)
(65/256) Installing box2d (2.4.1-r2)
(66/256) Installing libpng (1.6.44-r0)
(67/256) Installing freetype (2.13.2-r0)
(68/256) Installing fontconfig (2.15.0-r1)
(69/256) Installing pixman (0.43.2-r0)
(70/256) Installing cairo (1.18.0-r0)
(71/256) Installing lcms2 (2.16-r0)
(72/256) Installing librevenge (0.0.5-r2)
(73/256) Installing libcdr (0.1.7-r13)
(74/256) Installing clucene (2.3.3.4-r22)
(75/256) Installing clucene-contribs (2.3.3.4-r22)
(76/256) Installing dbus-libs (1.14.10-r1)
(77/256) Installing libintl (0.22.5-r0)
(78/256) Installing avahi-libs (0.8-r17)
(79/256) Installing nettle (3.9.1-r0)
(80/256) Installing libtasn1 (4.19.0-r2)
(81/256) Installing p11-kit (0.25.3-r0)
(82/256) Installing gnutls (3.8.5-r0)
(83/256) Installing cups-libs (2.4.9-r1)
(84/256) Installing libepoxy (1.5.10-r1)
(85/256) Installing libgpg-error (1.49-r0)
(86/256) Installing libgcrypt (1.10.3-r0)
(87/256) Installing libxml2 (2.12.7-r0)
(88/256) Installing libxslt (1.1.39-r1)
(89/256) Installing libexttextcat (3.4.6-r0)
(90/256) Installing libfreehand (0.1.2-r11)
(91/256) Installing pkgconf (2.2.0-r0)
(92/256) Installing libeconf (0.6.3-r0)
(93/256) Installing libblkid (2.40.1-r1)
(94/256) Installing libmount (2.40.1-r1)
(95/256) Installing glib (2.80.5-r0)
(96/256) Installing shared-mime-info (2.4-r0)
(97/256) Installing hicolor-icon-theme (0.17-r2)
(98/256) Installing libjpeg-turbo (3.0.3-r0)
(99/256) Installing libsharpyuv (1.3.2-r0)
(100/256) Installing libwebp (1.3.2-r0)
(101/256) Installing tiff (4.6.0t-r0)
(102/256) Installing gdk-pixbuf (2.42.12-r0)
(103/256) Installing gtk-update-icon-cache (3.24.43-r0)
(104/256) Installing libxcomposite (0.4.6-r5)
(105/256) Installing libxfixes (6.0.1-r4)
(106/256) Installing libxcursor (1.2.2-r1)
(107/256) Installing libxdamage (1.1.6-r5)
(108/256) Installing libxi (1.8.1-r4)
(109/256) Installing libatk-1.0 (2.52.0-r0)
(110/256) Installing libxtst (1.2.4-r6)
(111/256) Installing at-spi2-core (2.52.0-r0)
(112/256) Installing libatk-bridge-2.0 (2.52.0-r0)
(113/256) Installing cairo-gobject (1.18.0-r0)
(114/256) Installing fribidi (1.0.15-r0)
(115/256) Installing graphite2 (1.3.14-r6)
(116/256) Installing harfbuzz (8.5.0-r0)
(117/256) Installing libxft (2.3.8-r3)
(118/256) Installing pango (1.52.2-r0)
(119/256) Installing wayland-libs-client (1.22.0-r4)
(120/256) Installing wayland-libs-cursor (1.22.0-r4)
(121/256) Installing wayland-libs-egl (1.22.0-r4)
(122/256) Installing xkeyboard-config (2.41-r0)
(123/256) Installing libxkbcommon (1.7.0-r0)
(124/256) Installing gtk+3.0 (3.24.43-r0)
(125/256) Installing libassuan (2.5.7-r0)
(126/256) Installing pinentry (1.3.0-r0)
Executing pinentry-1.3.0-r0.post-install
(127/256) Installing gnupg-gpgconf (2.4.5-r0)
(128/256) Installing libksba (1.6.6-r0)
(129/256) Installing libsasl (2.1.28-r6)
(130/256) Installing libldap (2.6.8-r0)
(131/256) Installing npth (1.6-r4)
(132/256) Installing gnupg-dirmngr (2.4.5-r0)
(133/256) Installing gnupg-keyboxd (2.4.5-r0)
(134/256) Installing gpg (2.4.5-r0)
(135/256) Installing gpg-agent (2.4.5-r0)
(136/256) Installing gpgsm (2.4.5-r0)
(137/256) Installing gpgme (1.23.2-r1)
(138/256) Installing gpgmepp (1.23.2-r1)
(139/256) Installing mesa (24.0.9-r1)
(140/256) Installing hwdata-pci (0.382-r0)
(141/256) Installing libpciaccess (0.18.1-r0)
(142/256) Installing libdrm (2.4.120-r0)
(143/256) Installing wayland-libs-server (1.22.0-r4)
(144/256) Installing mesa-gbm (24.0.9-r1)
(145/256) Installing mesa-glapi (24.0.9-r1)
(146/256) Installing libxshmfence (1.3.2-r6)
(147/256) Installing mesa-egl (24.0.9-r1)
(148/256) Installing libxxf86vm (1.1.5-r6)
(149/256) Installing mesa-gl (24.0.9-r1)
(150/256) Installing libxv (1.0.12-r5)
(151/256) Installing alsa-lib (1.2.11-r0)
(152/256) Installing cdparanoia-libs (10.2-r14)
(153/256) Installing graphene (1.10.8-r4)
(154/256) Installing gstreamer (1.24.3-r0)
(155/256) Installing libogg (1.3.5-r5)
(156/256) Installing opus (1.5.2-r0)
(157/256) Installing orc (0.4.39-r0)
(158/256) Installing libtheora (1.1.1-r18)
(159/256) Installing libvorbis (1.3.7-r2)
(160/256) Installing gst-plugins-base (1.24.3-r0)
(161/256) Installing tzdata (2024b-r0)
(162/256) Installing iso-codes (4.16.0-r0)
(163/256) Installing openexr-libiex (3.1.13-r1)
(164/256) Installing imath (3.1.12-r0)
(165/256) Installing openexr-libilmthread (3.1.13-r1)
(166/256) Installing openexr-libopenexr (3.1.13-r1)
(167/256) Installing soundtouch (2.3.3-r0)
(168/256) Installing aom-libs (3.9.1-r0)
(169/256) Installing libunibreak (6.1-r0)
(170/256) Installing libass (0.17.2-r0)
(171/256) Installing libraw1394 (2.1.2-r5)
(172/256) Installing libusb (1.0.27-r0)
(173/256) Installing libdc1394 (2.2.7-r0)
(174/256) Installing libde265 (1.0.15-r0)
(175/256) Installing tslib (1.23-r0)
(176/256) Installing directfb (1.7.7-r8)
(177/256) Installing faac (1.30-r5)
(178/256) Installing fdk-aac (2.0.2-r4)
(179/256) Installing flite (2.2-r2)
(180/256) Installing libfreeaptx (0.1.1-r1)
(181/256) Installing gsm (1.0.22-r3)
(182/256) Installing eudev-libs (3.2.14-r2)
(183/256) Installing libgudev (238-r0)
(184/256) Installing libldac (2.0.2.3-r1)
(185/256) Installing libmodplug (0.8.9.0-r3)
(186/256) Installing neon (0.33.0-r0)
(187/256) Installing libnice (0.1.22-r0)
(188/256) Installing openal-soft-libs (1.23.1-r0)
(189/256) Installing openh264 (2.4.1-r0)
(190/256) Installing openjpeg (2.5.2-r0)
(191/256) Installing librsvg (2.58.0-r0)
(192/256) Installing librtmp (2.4_git20190330-r4)
(193/256) Installing sbc (2.0-r2)
(194/256) Installing libflac (1.4.3-r1)
(195/256) Installing libsndfile (1.2.2-r0)
(196/256) Installing spandsp (0.0.6-r5)
(197/256) Installing libsrtp (2.5.0-r1)
(198/256) Installing libva (2.21.0-r0)
(199/256) Installing vo-aacenc (0.1.3-r3)
(200/256) Installing vo-amrwbenc (0.1.3-r3)
(201/256) Installing libwebpmux (1.3.2-r0)
(202/256) Installing libzbar (0.23.93-r1)
(203/256) Installing gst-plugins-bad (1.24.3-r0)
(204/256) Installing vulkan-loader (1.3.261.1-r0)
(205/256) Installing gtk4.0 (4.14.4-r0)
(206/256) Installing harfbuzz-icu (8.5.0-r0)
(207/256) Installing libhunspell (1.7.2-r4)
(208/256) Installing hyphen (2.8.8-r3)
(209/256) Installing liblangtag (0.6.7-r0)
(210/256) Installing mariadb-connector-c (3.3.10-r0)
(211/256) Installing libmspub (0.1.4-r21)
(212/256) Installing libmwaw (0.3.22-r0)
(213/256) Installing mythes (1.2.4-r3)
(214/256) Installing nspr (4.35-r4)
(215/256) Installing nss (3.104-r0)
(216/256) Installing libnumbertext (1.0.11-r1)
(217/256) Installing libodfgen (0.1.8-r8)
(218/256) Installing boost1.84-iostreams (1.84.0-r1)
(219/256) Installing boost1.84-program_options (1.84.0-r1)
(220/256) Installing libixion (0.19.0-r1)
(221/256) Installing liborcus (0.19.1-r1)
(222/256) Installing libpagemaker (0.0.4-r9)
(223/256) Installing libqxp (0.0.2-r10)
(224/256) Installing yajl (2.1.0-r9)
(225/256) Installing raptor2 (2.0.16-r1)
(226/256) Installing rasqal (0.9.33-r3)
(227/256) Installing redland (1.0.17-r3)
(228/256) Installing libstaroffice (0.0.7-r8)
(229/256) Installing libvisio (0.1.7-r10)
(230/256) Installing libwpd (0.10.3-r1)
(231/256) Installing libwpg (0.3.4-r0)
(232/256) Installing libltdl (2.4.7-r3)
(233/256) Installing xmlsec (1.3.5-r0)
(234/256) Installing xmlsec-nss (1.3.5-r0)
(235/256) Installing libzmf (0.0.2-r19)
(236/256) Installing libreoffice-common (7.6.7.2-r0)
(237/256) Installing libreoffice-base (7.6.7.2-r0)
(238/256) Installing libetonyek (0.1.10-r10)
(239/256) Installing libwps (0.4.14-r0)
(240/256) Installing libreoffice-calc (7.6.7.2-r0)
(241/256) Installing poppler (24.02.0-r1)
(242/256) Installing libreoffice-draw (7.6.7.2-r0)
(243/256) Installing libreoffice-impress (7.6.7.2-r0)
(244/256) Installing libreoffice-math (7.6.7.2-r0)
(245/256) Installing libpq (16.3-r0)
(246/256) Installing libreoffice-connector-postgres (7.6.7.2-r0)
(247/256) Installing libabw (0.1.3-r3)
(248/256) Installing libe-book (0.1.3-r24)
(249/256) Installing libepubgen (0.1.1-r2)
(250/256) Installing libreoffice-writer (7.6.7.2-r0)
(251/256) Installing libreoffice (7.6.7.2-r0)
(252/256) Installing libreoffice-gtk (7.6.7.2-r0)
(253/256) Installing font-liberation (2.1.5-r2)
(254/256) Installing font-liberation-sans-narrow (1.07.6-r2)
(255/256) Installing ttf-liberation (2.1.5-r2)
(256/256) Installing builds-deps (20241014.160653)
Executing busybox-1.36.1-r29.trigger
Executing ca-certificates-20240705-r0.trigger
Executing fontconfig-2.15.0-r1.trigger
Executing glib-2.80.5-r0.trigger
Executing shared-mime-info-2.4-r0.trigger
Executing gdk-pixbuf-2.42.12-r0.trigger
Executing gtk-update-icon-cache-3.24.43-r0.trigger
Executing gtk+3.0-3.24.43-r0.trigger
OK: 853 MiB in 272 packages
--> ef7ea328d61
STEP 6/11: RUN npm install
npm warn deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm warn deprecated xmldom@0.1.31: Deprecated due to CVE-2021-21366 resolved in 0.5.0
npm warn deprecated npmlog@5.0.1: This package is no longer supported.
npm warn deprecated gauge@3.0.2: This package is no longer supported.
npm warn deprecated are-we-there-yet@2.0.0: This package is no longer supported.

added 708 packages, and audited 766 packages in 24s

55 packages are looking for funding
  run `npm fund` for details

13 vulnerabilities (4 low, 3 moderate, 5 high, 1 critical)

To address issues that do not require attention, run:
  npm audit fix

Some issues need review, and may require choosing
a different dependency.

Run `npm audit` for details.
npm notice
npm notice New minor version of npm available! 10.7.0 -> 10.9.0
npm notice Changelog: https://github.com/npm/cli/releases/tag/v10.9.0
npm notice To update run: npm install -g npm@10.9.0
npm notice
--> c660d68baab
STEP 7/11: COPY . .
--> c9ff5d23fe5
STEP 8/11: EXPOSE 4242
--> 433a8a4dbf0
STEP 9/11: ENV NODE_ENV prod
--> 15463f66244
STEP 10/11: ENV NODE_ICU_DATA=node_modules/full-icu
--> ae48a332823
STEP 11/11: ENTRYPOINT ["npm", "start"]
COMMIT auditforge-backend
--> 583f6cff1f1
Successfully tagged localhost/auditforge-backend:latest
583f6cff1f17a40bc6f700e3d20145c37a59fa03d33d5bf0a85c2d9fa5b2180c
exit code: 0
podman build -t auditforge-frontend -f ./frontend/Dockerfile ./frontend
[1/2] STEP 1/7: FROM node:20.15.0-alpine AS build
[1/2] STEP 2/7: WORKDIR /app
--> 35e864bcc39
[1/2] STEP 3/7: COPY package*.json ./
--> 39ace04d438
[1/2] STEP 4/7: RUN npm install
npm warn deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm warn deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm warn deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm warn deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm warn deprecated @humanwhocodes/config-array@0.11.14: Use @eslint/config-array instead

added 602 packages, and audited 603 packages in 12s

165 packages are looking for funding
  run `npm fund` for details

3 vulnerabilities (2 moderate, 1 high)

To address all issues, run:
  npm audit fix

Run `npm audit` for details.
npm notice
npm notice New minor version of npm available! 10.7.0 -> 10.9.0
npm notice Changelog: https://github.com/npm/cli/releases/tag/v10.9.0
npm notice To update run: npm install -g npm@10.9.0
npm notice
--> 1092f0260e3
[1/2] STEP 5/7: COPY . .
--> 87e6a1c85c4
[1/2] STEP 6/7: COPY .env .
--> 9dee1083501
[1/2] STEP 7/7: RUN npm run build

> frontend@0.0.0 build
> tsc -b && vite build

vite v5.3.4 building for production...
transforming...
✓ 4845 modules transformed.
rendering chunks...
computing gzip size...
dist/index.html                     0.86 kB │ gzip:   0.46 kB
dist/assets/index-Df7kjh8-.css     63.41 kB │ gzip:  11.25 kB
dist/assets/index-CaokIAaE.js   1,843.74 kB │ gzip: 499.57 kB

(!) Some chunks are larger than 500 kB after minification. Consider:
- Using dynamic import() to code-split the application
- Use build.rollupOptions.output.manualChunks to improve chunking: https://rollupjs.org/configuration-options/#output-manualchunks
- Adjust chunk size limit for this warning via build.chunkSizeWarningLimit.
✓ built in 13.35s
--> 899a366f8ef
[2/2] STEP 1/7: FROM nginx:stable-alpine
[2/2] STEP 2/7: COPY .docker/nginx.conf /etc/nginx/conf.d/default.conf
--> fbdb792c405
[2/2] STEP 3/7: RUN mkdir -p /etc/nginx/ssl
--> a399ea81855
[2/2] STEP 4/7: COPY ssl/server* /etc/nginx/ssl/
--> 99544948e5e
[2/2] STEP 5/7: COPY --from=build /app/dist/ /usr/share/nginx/html
--> 5650e51a479
[2/2] STEP 6/7: EXPOSE 80
--> 97f8495664f
[2/2] STEP 7/7: CMD ["nginx", "-g", "daemon off;"]
[2/2] COMMIT auditforge-frontend
--> 56f8f0911e5
Successfully tagged localhost/auditforge-frontend:latest
56f8f0911e5d35b5217b9b9e505691ab0ba77f496d014ace65b639dc2f8f984e
exit code: 0
['podman', 'network', 'exists', 'auditforge_backend']
podman run --name=mongo-auditforge -d --label io.podman.compose.config-hash=123 --label io.podman.compose.project=auditforge --label io.podman.compose.version=0.0.1 --label com.docker.compose.project=auditforge --label com.docker.compose.project.working_dir=/home/massi/Documentos/auditforge --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=mongodb -e MONGO_DB:auditforge -v /home/massi/Documentos/auditforge/backend/mongo-data:/data/db --net auditforge_backend --network-alias mongodb -p 127.0.0.1:27017:27017 --restart always mongo:4.2.15
e8e0e4a1fec2f1259116e149c235c9a397ee992a6029a4d1c9c825b3cb7b0aa1
exit code: 0
['podman', 'network', 'exists', 'auditforge_cwe-api-network']
podman run --name=auditforge-cwe-api -d --label io.podman.compose.config-hash=123 --label io.podman.compose.project=auditforge --label io.podman.compose.version=0.0.1 --label com.docker.compose.project=auditforge --label com.docker.compose.project.working_dir=/home/massi/Documentos/auditforge --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=auditforge-cwe-api --net auditforge_cwe-api-network --network-alias auditforge-cwe-api --restart always auditforge-cwe-api
Resolving "auditforge-cwe-api" using unqualified-search registries (/etc/containers/registries.conf)
Trying to pull docker.io/library/auditforge-cwe-api:latest...
Error: initializing source docker://auditforge-cwe-api:latest: reading manifest latest in docker.io/library/auditforge-cwe-api: errors:
denied: requested access to the resource is denied
unauthorized: authentication required

exit code: 125
podman start auditforge-cwe-api
Error: no container with name or ID "auditforge-cwe-api" found: no such container
exit code: 125
['podman', 'network', 'exists', 'auditforge_backend']
['podman', 'network', 'exists', 'auditforge_cwe-api-network']
podman run --name=auditforge-backend -d --label io.podman.compose.config-hash=123 --label io.podman.compose.project=auditforge --label io.podman.compose.version=0.0.1 --label com.docker.compose.project=auditforge --label com.docker.compose.project.working_dir=/home/massi/Documentos/auditforge --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=auditforge-backend -v /home/massi/Documentos/auditforge/backend/report-templates:/app/report-templates -v /home/massi/Documentos/auditforge/backend/src/config:/app/src/config --net auditforge_cwe-api-network,auditforge_backend --network-alias auditforge-backend -p 4242:4242 --restart always auditforge-backend
be1a18de2af6a481628418990f622366d614f002f135df16be5dd3c989b81b62
exit code: 0
['podman', 'network', 'exists', 'auditforge_backend']
podman run --name=auditforge-frontend -d --label io.podman.compose.config-hash=123 --label io.podman.compose.project=auditforge --label io.podman.compose.version=0.0.1 --label com.docker.compose.project=auditforge --label com.docker.compose.project.working_dir=/home/massi/Documentos/auditforge --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=auditforge-frontend --net auditforge_backend --network-alias auditforge-frontend -p 8443:8443 --restart always auditforge-frontend
344034f03b16eac542569e0cd8da1cdc22de2f5be14272d1a1c27c6977afd074
exit code: 0

caverav commented 4 weeks ago

Corriendo un compose con --build me tira esto en los logs al intentar obtener una recomendación de CVSS:

[auditforge-backend]  | (node:12) Warning: Setting the NODE_TLS_REJECT_UNAUTHORIZED environment variable to '0' makes TLS connections and HTTPS requests insecure by disabling certificate verification.
[auditforge-backend]  | (Use `node --trace-warnings ...` to show where the warning was created)
[auditforge-frontend] | 2024/10/15 22:37:08 [notice] 1#1: signal 28 (SIGWINCH) received
[auditforge-frontend] | 2024/10/15 22:37:18 [notice] 1#1: signal 28 (SIGWINCH) received
[auditforge-backend]  | DOMException [AbortError]: This operation was aborted
[auditforge-backend]  |     at node:internal/deps/undici/undici:12502:13
[auditforge-backend]  |     at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
[auditforge-backend]  |     at async /app/src/routes/cvss.js:34:26
[auditforge-frontend] | 10.89.4.17 - - [15/Oct/2024:22:37:23 +0000] "POST /api/cvss HTTP/1.1" 500 46 "http://localhost:5173/" "Mozilla/5.0 (X11; Linux x86_64; rv:129.0) Gecko/20100101 Firefox/129.0" "-"
[auditforge-frontend] | 10.89.4.17 - - [15/Oct/2024:22:37:43 +0000] "OPTIONS /api/cvss HTTP/1.1" 200 13 "http://localhost:5173/" "Mozilla/5.0 (X11; Linux x86_64; rv:129.0) Gecko/20100101 Firefox/129.0" "-"
[auditforge-backend]  | TypeError: fetch failed
[auditforge-backend]  |     at node:internal/deps/undici/undici:12502:13
[auditforge-backend]  |     at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
[auditforge-backend]  |     at async /app/src/routes/cvss.js:34:26 {
[auditforge-backend]  |   [cause]: ConnectTimeoutError: Connect Timeout Error
[auditforge-backend]  |       at onConnectTimeout (node:internal/deps/undici/undici:6635:28)
[auditforge-backend]  |       at node:internal/deps/undici/undici:6587:50
[auditforge-backend]  |       at Immediate._onImmediate (node:internal/deps/undici/undici:6619:13)
[auditforge-backend]  |       at process.processImmediate (node:internal/timers:478:21) {
[auditforge-backend]  |     code: 'UND_ERR_CONNECT_TIMEOUT'
[auditforge-backend]  |   }
[auditforge-backend]  | }

caverav / auditforge

Recomendación de CVSS #144