search

rapid7 / insightappsec-azure-devops-extension

Rapid7 InsightAppSec Extension for Azure DevOps
MIT License
10 stars 7 forks source link

Unexpected identifier exception - Axios package #62

Closed avantida closed 7 months ago

avantida commented 7 months ago

Issues and Contributing

After the latest release (1.2.5), there is an exception related with axios package when we run Rapid7 InsightAppSec task in Azure DevOps.

Exception details:

2024-02-15T10:57:04.2045708Z ##[error]Unhandled: Unexpected identifier 2024-02-15T10:57:04.2063722Z ##[error]E:\agent-02-work_tasks\rapid7-insightappsec_69474fb7-a7c2-49ef-a426-f2e0620284c4\1.2.5\node_modules\axios\index.js:1 import axios from './lib/axios.js'; ^^^^^

SyntaxError: Unexpected identifier at Module._compile (internal/modules/cjs/loader.js:723:23) at Object.Module._extensions..js (internal/modules/cjs/loader.js:789:10) at Module.load (internal/modules/cjs/loader.js:653:32) at tryModuleLoad (internal/modules/cjs/loader.js:593:12) at Function.Module._load (internal/modules/cjs/loader.js:585:3) at Module.require (internal/modules/cjs/loader.js:692:17) at require (internal/modules/cjs/helpers.js:25:18) at Object. (E:\agent-02-work_tasks\rapid7-insightappsec_69474fb7-a7c2-49ef-a426-f2e0620284c4\1.2.5\helpers\insightAppSecApi.js:39:13) at Module._compile (internal/modules/cjs/loader.js:778:30) at Object.Module._extensions..js (internal/modules/cjs/loader.js:789:10)

Expected Behavior

The ADO task should succeed without failure, as it did using version 1.2.4.

Actual Behavior

The ADO task fails with SyntaxError: Unexpected identifier exception

Possible Solution

It might be related with this GH issue: https://github.com/axios/axios/issues/5035

Steps to Reproduce (for bugs)

  1. Make sure version 1.2.5 of the extension is used
  2. Run ADO pipeline with Rapid7 InsightAppSec task
  3. The task fails with mentioned exception image

Your Environment

Other relevant information

paulinachlewinska commented 7 months ago

yup getting the same

andyrooger commented 7 months ago

+1

It fails for me on all our private agents. We don't have any public agent builds to test with.

Does the task manifest need updating? The agents bring in node10 and node16, and it's not going to run on node 10 anymore...

emcanearney-r7 commented 7 months ago

Hi @avantida, @paulinachlewinska , @andyrooger we are able to replicate this our side and are now working on a fix. Will update thread when a new version is available.

emcanearney-r7 commented 7 months ago

A new version of this plugin has been published with the previously working versions - v1.2.6

andyrooger commented 7 months ago

Working again for us. Thanks for the quick turnaround.

avantida commented 7 months ago

Works for us too, thanks!