search

lunasec-io / lunasec

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
https://www.lunasec.io/
Other
1.44k stars 164 forks source link

Langchain Chat #1156

Closed breadchris closed 1 year ago

breadchris commented 1 year ago

Langchain is hooked up to the vulnbot where you can do @vulnbot What is log4shell? and it will run.

factoidforrest commented 1 year ago

please do not squash merge this when you merge, do a classic merge please. that way there wont be history issues if i base stuff from this

github-actions[bot] commented 1 year ago

Hasura Semantic Diff

Hasura config files have changed. This comment shows which fields have changed ignoring formatting.

Click to expand! ``` (root level) + one list entry added: - "!include vulnerability_code_snippet.yaml" (root level) + two map entries added: table: name: code_snippet schema: vulnerability object_relationships: - name: reference using: foreign_key_constraint_on: reference_id - name: vulnerabilityByVulnerability using: foreign_key_constraint_on: vulnerability lunatrace-custom.permissions - three list entries removed: - role: user definition: schema: | scalar JSON scalar UUID type AuthenticatedRepoCloneUrlOutput { url: String } type Mutation { presignManifestUpload(project_id: UUID!): PresignedUrlResponse } type PresignedUrlResponse { bucket: String! headers: JSON! key: String! url: String! } type Query { authenticatedRepoCloneUrl(repoGithubId: Int!): AuthenticatedRepoCloneUrlOutput fakeQueryToHackHasuraBeingABuggyMess: String sbomUrl(buildId: UUID!): String } type SbomUploadUrlOutput { error: Boolean! uploadUrl: UploadUrl } type UploadUrl { headers: JSON! url: String! } - role: service definition: schema: | scalar JSON scalar UUID type AuthenticatedRepoCloneUrlOutput { url: String } type Mutation { presignManifestUpload(project_id: UUID!): PresignedUrlResponse } type PresignedUrlResponse { bucket: String! headers: JSON! key: String! url: String! } type Query { authenticatedRepoCloneUrl(repoGithubId: Int!): AuthenticatedRepoCloneUrlOutput fakeQueryToHackHasuraBeingABuggyMess: String presignSbomUpload(orgId: UUID!, buildId: UUID!): SbomUploadUrlOutput sbomUrl(buildId: UUID!): String } type SbomUploadUrlOutput { error: Boolean! uploadUrl: UploadUrl } type UploadUrl { headers: JSON! url: String! } input SbomUploadUrlInput { orgId: UUID! projectId: UUID! } - role: cli definition: schema: | scalar JSON scalar UUID type Query { presignSbomUpload(orgId: UUID!, buildId: UUID!): SbomUploadUrlOutput } type SbomUploadUrlOutput { error: Boolean! uploadUrl: UploadUrl } type UploadUrl { headers: JSON! url: String! } + three list entries added: - role: user definition: schema: | type AuthenticatedRepoCloneUrlOutput { url: String } scalar JSON type Mutation { presignManifestUpload(project_id: UUID!): PresignedUrlResponse } type PresignedUrlResponse { bucket: String! headers: JSON! key: String! url: String! } type Query { authenticatedRepoCloneUrl(repoGithubId: Int!): AuthenticatedRepoCloneUrlOutput fakeQueryToHackHasuraBeingABuggyMess: String sbomUrl(buildId: UUID!): String } type SbomUploadUrlOutput { error: Boolean! uploadUrl: UploadUrl } scalar UUID type UploadUrl { headers: JSON! url: String! } - role: service definition: schema: | type AuthenticatedRepoCloneUrlOutput { url: String } scalar JSON type Mutation { presignManifestUpload(project_id: UUID!): PresignedUrlResponse } type PresignedUrlResponse { bucket: String! headers: JSON! key: String! url: String! } type Query { authenticatedRepoCloneUrl(repoGithubId: Int!): AuthenticatedRepoCloneUrlOutput fakeQueryToHackHasuraBeingABuggyMess: String presignSbomUpload(orgId: UUID!, buildId: UUID!): SbomUploadUrlOutput sbomUrl(buildId: UUID!): String } input SbomUploadUrlInput { orgId: UUID! projectId: UUID! } type SbomUploadUrlOutput { error: Boolean! uploadUrl: UploadUrl } scalar UUID type UploadUrl { headers: JSON! url: String! } - role: cli definition: schema: | scalar JSON type Query { presignSbomUpload(orgId: UUID!, buildId: UUID!): SbomUploadUrlOutput } type SbomUploadUrlOutput { error: Boolean! uploadUrl: UploadUrl } scalar UUID type UploadUrl { headers: JSON! url: String! } diff --git a/lunatrace/bsl/hasura/migrations/lunatrace/1679066158985_add_ml_tables/down.sql b/lunatrace/bsl/hasura/migrations/lunatrace/1679066158985_add_ml_tables/down.sql new file mode 100644 index 00000000..95bc63f6 --- /dev/null +++ b/lunatrace/bsl/hasura/migrations/lunatrace/1679066158985_add_ml_tables/down.sql @@ -0,0 +1,8 @@ + +DROP TABLE vulnerability.code_snippet; + +-- Add a generated summary to the reference to make it easier for the LLM to choose what to read +ALTER TABLE vulnerability.reference_content DROP COLUMN summary; + +ALTER TABLE package.package DROP COLUMN readme_text; +ALTER TABLE package.package DROP COLUMN use_case_summary; diff --git a/lunatrace/bsl/hasura/migrations/lunatrace/1679066158985_add_ml_tables/up.sql b/lunatrace/bsl/hasura/migrations/lunatrace/1679066158985_add_ml_tables/up.sql new file mode 100644 index 00000000..3da634d5 --- /dev/null +++ b/lunatrace/bsl/hasura/migrations/lunatrace/1679066158985_add_ml_tables/up.sql @@ -0,0 +1,23 @@ + +CREATE TABLE vulnerability.code_snippet +( + id uuid DEFAULT public.gen_random_uuid() NOT NULL PRIMARY KEY, + created_at TIMESTAMPTZ DEFAULT CURRENT_TIMESTAMP NOT NULL, + -- Reference may be null because we may have pulled code from a non-web source such as vuln-db + reference_id uuid NULL references vulnerability.reference, + -- Include url since reference might be null but its still nice to be able to point a source like a vuln-db link for non-scraped content + source_url text NOT NULL, + -- Messed up and forgot the ID part of this name..its not the end of the world though so leaving it + vulnerability uuid NOT NULL references vulnerability.vulnerability, + code text NOT NULL, + score integer NOT NULL, + summary text NOT NULL, + type text NOT NULL, + language text NOT NULL +); + +-- Add a generated summary to the reference to make it easier for the LLM to choose what to read +ALTER TABLE vulnerability.reference_content ADD COLUMN summary text NULL; + +ALTER TABLE package.package ADD COLUMN readme_text text NULL; +ALTER TABLE package.package ADD COLUMN use_case_summary text NULL; diff --git a/lunatrace/bsl/hasura/migrations/lunatrace/1679503926339_make-code-snippet-text-unique/down.sql b/lunatrace/bsl/hasura/migrations/lunatrace/1679503926339_make-code-snippet-text-unique/down.sql new file mode 100644 index 00000000..71ac7ef4 --- /dev/null +++ b/lunatrace/bsl/hasura/migrations/lunatrace/1679503926339_make-code-snippet-text-unique/down.sql @@ -0,0 +1 @@ +DROP INDEX vulnerability.code_snippet_unq_idx; diff --git a/lunatrace/bsl/hasura/migrations/lunatrace/1679503926339_make-code-snippet-text-unique/up.sql b/lunatrace/bsl/hasura/migrations/lunatrace/1679503926339_make-code-snippet-text-unique/up.sql new file mode 100644 index 00000000..45596063 --- /dev/null +++ b/lunatrace/bsl/hasura/migrations/lunatrace/1679503926339_make-code-snippet-text-unique/up.sql @@ -0,0 +1,2 @@ + +CREATE UNIQUE INDEX code_snippet_unq_idx ON vulnerability.code_snippet (vulnerability, code); ```