Closed eternaldrift closed 4 years ago
remg427
commented
4 years ago Hello, Thank you for using TA thehive This is really odd because I have used Splunk Add-on builder and all files mentioned in warnings come from AOB build in past previous versions built same way were approved for Cloud deployment I see only warnings was any failed checks?
eternaldrift
commented
4 years ago Thanks, I will double check with Splunk support what version they tested and get back to you.
eternaldrift
commented
4 years ago Hi,
I requested vetting of v1.1.1 instead and it also failed. Explanations from Splunk below.
4819 v1.1.1 "TA_thehive_CE"
Review fails vetting and cannot be installed.
Failed and warning manual checks Splunk Packaging Toolkit (SLIM) validation This group uses slim to extend the cloud checks for improved auto-vetting. [warning] Find non-standard config files and notify app developers to confirm that 1. those files are safe to install. 2. those files are partitioned to the expected instances. Custom config file bin/lib/aob_py2/cloudconnectlib/splunktalib/setting.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use the
targetWorkloadsattribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. File: bin/lib/aob_py2/cloudconnectlib/splunktalib/setting.conf Custom config file bin/lib/aob_py3/cloudconnectlib/splunktalib/setting.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use thetargetWorkloadsattribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. File: bin/lib/aob_py3/cloudconnectlib/splunktalib/setting.conf Custom config file default/logging.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use thetargetWorkloadsattribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. File: default/logging.conf Custom config file default/ta_thehive_ce_settings.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use thetargetWorkloadsattribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. File: default/ta_thehive_ce_settings.conf Deprecated features from Splunk Enterprise 6.5 The following features should not be supported in Splunk 6.5 or later. For more, see Deprecated features and Changes for Splunk App developers. [warning] Checks that views are not importing splunkjs/mvc/headerview or splunkjs/mvc/footerrview. These are replaced by LayoutView in Splunk 6.5. LayoutView is not backwards compatible to Splunk 6.4 or earlier. Only use LayoutView if you are only targeting Splunk 6.5 or above. As of Splunk 6.5, this functionality is deprecated and should be removed in future app versions. Match: splunkjs/mvc/headerview File: appserver/static/js/build/configuration_page.js Line Number: 1 As of Splunk 6.5, this functionality is deprecated and should be removed in future app versions. Match: splunkjs/mvc/headerview File: appserver/static/js/build/inputs_page.js Line Number: 1 As of Splunk 6.5, this functionality is deprecated and should be removed in future app versions. Match: splunkjs/mvc/headerview File: appserver/static/js/build/common.js Line Number: 91 Deprecated features from Splunk Enterprise 8.0 The following features should not be supported in Splunk 8.0.0 or later. For more, see Deprecated features and Changes for Splunk App developers. [warning] Check for the existence of Python code block in Mako templates, which must be upgraded to be Python 3-compatible for the Splunk Enterprise 8.0. Update Mako templates to be Python 3-compatible. Splunk Web, which Mako templates depend on, will support only Python 3.7. If you've finished your update, please disregard this message. File: appserver/templates/base.html [warning] Check for the existence of Python scripts, which must be upgraded to be cross-compatible with Python 2 and 3 for Splunk Enterprise 8.0. 1355 Python files found. Update these Python scripts to be cross-compatible with Python 2 and 3 for Splunk Enterprise 8.0. See https://docs.splunk.com/Documentation/Splunk/latest/Python3Migration/AboutMigration for more information. If you've finished your update, please disregard this message. Directory structure standards Ensure that the directories and files in the app adhere to hierarchy standards. [warning] Check splunklib dependency should not be placed under app's bin folder. Please refer to https://dev.splunk.com/view/SP-CAAAER3 and https://dev.splunk.com/view/SP-CAAAEU2 for more details/examples. splunklib is found underbinfolder, this may cause some dependency management errors with other apps, and it is not recommended. Please follow examples in Splunk documentation to include splunklib. You can find more details here: https://dev.splunk.com/view/SP-CAAAEU2 and https://dev.splunk.com/view/SP-CAAAER3 splunklib is found underbinfolder, this may cause some dependency management errors with other apps, and it is not recommended. Please follow examples in Splunk documentation to include splunklib. You can find more details here: https://dev.splunk.com/view/SP-CAAAEU2 and https://dev.splunk.com/view/SP-CAAAER3 Python file standards [warning] Check for the use of threading, and multiprocesses. Threading or process must be used with discretion and not negatively affect the Splunk installation as a whole. The following line contains questionable usagemultiprocessing.Process.startin loop. Use threading and multiprocessing with discretion. File: bin/lib/aob_py3/lib2to3/refactor.py Line Number: 700 The following line contains questionable usagemultiprocessing.Process.startin loop. Use threading and multiprocessing with discretion. File: bin/lib/aob_py2/lib2to3/refactor.py Line Number: 719 The following line contains subprocess.check_call usage. Use threading and multiprocessing with discretion. File: bin/lib/aob_py3/lib2to3/tests/test_parser.py Line Number: 87 The following line contains subprocess.check_call usage. Use threading and multiprocessing with discretion. File: bin/lib/aob_py2/lib2to3/tests/test_parser.py Line Number: 86 The following line contains questionable usagemultiprocessing.Process.startin loop. Use threading and multiprocessing with discretion. File: bin/lib/aob_py2/concurrent/futures/process.py Line Number: 325 Bias language (static checks) [warning] Check that the app does not include any bias words. Bias language is found in the app. # https://github.com/TheHive-Project/TheHiveDocs/tree/<<>... (bin/modalert_thehive_ce_alert_helper.py:130) [master]. File: modalert_thehive_ce_alert_helper.py Line Number: 130 Bias language is found in the app. # https://github.com/remg427/TA-thehive-ce/blob/<< >>/TA_t... (bin/hive_common.py:65) [master]. File: hive_common.py Line Number: 65 Bias language is found in the app. ent['<< >>'] (bin/lib/splunklib/client.py:839) [whitelist]. File: client.py Line Number: 839 Bias language is found in the app. ent.<< >> (bin/lib/splunklib/client.py:856) [whitelist]. File: client.py Line Number: 856 Bias language is found in the app. Code taken from werzeug BSD license at https://github.com/pallets... (bin/lib/aob_py2/solnlib/packages/schematics/util.py:133) [master]. File: util.py Line Number: 133 Bias language is found in the app. Code taken from werzeug BSD license at https://github.com/pallets... (bin/lib/aob_py2/solnlib/packages/schematics/util.py:82) [master]. File: util.py Line Number: 82 Bias language is found in the app. def << >>(name, value, seq): (bin/lib/aob_py2/solnlib/packages/schematics/role.py:81) [whitelist]. File: role.py Line Number: 81 Bias language is found in the app. def << >>(name, value, seq): (bin/lib/aob_py2/solnlib/packages/schematics/role.py:99) [blacklist]. File: role.py Line Number: 99 Bias language is found in the app. Implements the behavior of a << >> by requesting a fiel... (bin/lib/aob_py2/solnlib/packages/schematics/role.py:101) [blacklist]. File: role.py Line Number: 101 Bias language is found in the app. Implements the behavior of a << >> by requesting a fiel... (bin/lib/aob_py2/solnlib/packages/schematics/role.py:83) [whitelist]. File: role.py Line Number: 83 Bias language is found in the app. # reraise code taken from werzeug BSD license at https://github.c... (bin/lib/aob_py2/solnlib/packages/schematics/compat.py:35) [master]. File: compat.py Line Number: 35 Bias language is found in the app. # reraise code taken from werzeug BSD license at https://github.c... (bin/lib/aob_py2/solnlib/packages/schematics/compat.py:28) [master]. File: compat.py Line Number: 28 Bias language is found in the app. A << >> is a list of fields explicitly named that are a... (bin/lib/aob_py2/solnlib/packages/schematics/transforms.py:317) [whitelist]. File: transforms.py Line Number: 317 Bias language is found in the app. A << >> is a list of fields explicitly named that are n... (bin/lib/aob_py2/solnlib/packages/schematics/transforms.py:327) [blacklist]. File: transforms.py Line Number: 327 Bias language is found in the app. def << >>(field_list): (bin/lib/aob_py2/solnlib/packages/schematics/transforms.py:312) [whitelist]. File: transforms.py Line Number: 312 Bias language is found in the app. allowance of all fields instead of a using an empty << ... (bin/lib/aob_py2/solnlib/packages/schematics/transforms.py:307) [blacklist]. File: transforms.py Line Number: 307 Bias language is found in the app. Returns a function that operates as a << field_list): (bin/lib/aob_py2/solnlib/packages/schematics/transforms.py:322) [blacklist]. File: transforms.py Line Number: 322 Bias language is found in the app. return Role(Role.<<>> for the pro... (bin/lib/aob_py2/solnlib/packages/schematics/transforms.py:324) [blacklist]. File: transforms.py Line Number: 324 Bias language is found in the app. def << >>( >>, field_list) (bin/lib/aob_py2/solnlib/packages/schematics/transforms.py:319) [whitelist]. File: transforms.py Line Number: 319 Bias language is found in the app. return Role(Role.<< >>, field_list) (bin/lib/aob_py2/solnlib/packages/schematics/transforms.py:329) [blacklist]. File: transforms.py Line Number: 329 Bias language is found in the app. Returns a function that operates as a << >> for the pro... (bin/lib/aob_py2/solnlib/packages/schematics/transforms.py:314) [whitelist]. File: transforms.py Line Number: 314 Bias language is found in the app. ent['<< >>'] (bin/lib/aob_py2/solnlib/packages/splunklib/client.py:832) [whitelist]. File: client.py Line Number: 832 Bias language is found in the app. ent.<< >> (bin/lib/aob_py2/solnlib/packages/splunklib/client.py:849) [whitelist]. File: client.py Line Number: 849 Bias language is found in the app. # status_forcelist and a the given method is in the << ... (bin/lib/aob_py2/urllib3/util/retry.py:414) [whitelist]. File: retry.py Line Number: 414 Bias language is found in the app. it is included on the method << >>. (bin/lib/aob_py2/urllib3/util/retry.py:319) [whitelist]. File: retry.py Line Number: 319 Bias language is found in the app. for key in ("apps", "<< >>-apps", "master-apps"): (bin/lib/aob_py2/splunktaucclib/rest_handler/util.py:23) [slave]. File: util.py Line Number: 23 Bias language is found in the app. for key in ("apps", "slave-apps", "<< >>-apps"): (bin/lib/aob_py2/splunktaucclib/rest_handler/util.py:23) [master]. File: util.py Line Number: 23 Bias language is found in the app. for key in ("apps", "slave-apps", "<< >>-apps"): (bin/lib/aob_py2/cloudconnectlib/splunktalib/common/util.py:57) [master]. File: util.py Line Number: 57 Bias language is found in the app. for key in ("apps", "<< >>-apps", "master-apps"): (bin/lib/aob_py2/cloudconnectlib/splunktalib/common/util.py:57) [slave]. File: util.py Line Number: 57 Bias language is found in the app. ent['<< >>'] (bin/lib/aob_py2/splunklib/client.py:839) [whitelist]. File: client.py Line Number: 839 Bias language is found in the app. ent.<< >> (bin/lib/aob_py2/splunklib/client.py:856) [whitelist]. File: client.py Line Number: 856 Bias language is found in the app. https://github.com/mitsuhiko/jinja2/blob/<< >>/LICENSE) (bin/lib/aob_py2/future/utils/init.py:44) [master]. File: init.py Line Number: 44 Bias language is found in the app. ### https://github.com/kkxue/Py2ChainMap/blob/<< >>/py2... (bin/lib/aob_py2/future/backports/misc.py:731) [master]. File: misc.py Line Number: 731 Bias language is found in the app. debuglog.info('lex: ==== << >> REGEXS FOLLOW ====') (bin/lib/aob_py2/ply/lex.py:966) [MASTER]. File: lex.py Line Number: 966 Bias language is found in the app. # module, it may be necessary to break the << >> regex int... (bin/lib/aob_py2/ply/lex.py:491) [master]. File: lex.py Line Number: 491 Bias language is found in the app. self.lexstatere = {} # Dictionary mapping lexer states t... (bin/lib/aob_py2/ply/lex.py:122) [master]. File: lex.py Line Number: 122 Bias language is found in the app. # form the << >> regular expression. Given limitations in... (bin/lib/aob_py2/ply/lex.py:490) [master]. File: lex.py Line Number: 490 Bias language is found in the app. # Build the << >> regular expressions (bin/lib/aob_py2/ply/lex.py:963) [master]. File: lex.py Line Number: 963 Bias language is found in the app. # Build the << >> regular expressions (bin/lib/aob_py2/ply/lex.py:945) [master]. File: lex.py Line Number: 945 Bias language is found in the app. self.lexre = None # << >> regular expression. ... (bin/lib/aob_py2/ply/lex.py:117) [Master]. File: lex.py Line Number: 117 Bias language is found in the app. Code taken from werzeug BSD license at https://github.com/pallets... (bin/lib/aob_py3/solnlib/packages/schematics/util.py:133) [master]. File: util.py Line Number: 133 Bias language is found in the app. Code taken from werzeug BSD license at https://github.com/pallets... (bin/lib/aob_py3/solnlib/packages/schematics/util.py:82) [master]. File: util.py Line Number: 82 Bias language is found in the app. def << >>(name, value, seq): (bin/lib/aob_py3/solnlib/packages/schematics/role.py:81) [whitelist]. File: role.py Line Number: 81 Bias language is found in the app. def << >>(name, value, seq): (bin/lib/aob_py3/solnlib/packages/schematics/role.py:99) [blacklist]. File: role.py Line Number: 99 Bias language is found in the app. Implements the behavior of a << >> by requesting a fiel... (bin/lib/aob_py3/solnlib/packages/schematics/role.py:101) [blacklist]. File: role.py Line Number: 101 Bias language is found in the app. Implements the behavior of a << >> by requesting a fiel... (bin/lib/aob_py3/solnlib/packages/schematics/role.py:83) [whitelist]. File: role.py Line Number: 83 Bias language is found in the app. # reraise code taken from werzeug BSD license at https://github.c... (bin/lib/aob_py3/solnlib/packages/schematics/compat.py:35) [master]. File: compat.py Line Number: 35 Bias language is found in the app. # reraise code taken from werzeug BSD license at https://github.c... (bin/lib/aob_py3/solnlib/packages/schematics/compat.py:28) [master]. File: compat.py Line Number: 28 Bias language is found in the app. A << >> is a list of fields explicitly named that are a... (bin/lib/aob_py3/solnlib/packages/schematics/transforms.py:317) [whitelist]. File: transforms.py Line Number: 317 Bias language is found in the app. A << >> is a list of fields explicitly named that are n... (bin/lib/aob_py3/solnlib/packages/schematics/transforms.py:327) [blacklist]. File: transforms.py Line Number: 327 Bias language is found in the app. def << >>(field_list): (bin/lib/aob_py3/solnlib/packages/schematics/transforms.py:312) [whitelist]. File: transforms.py Line Number: 312 Bias language is found in the app. allowance of all fields instead of a using an empty << ... (bin/lib/aob_py3/solnlib/packages/schematics/transforms.py:307) [blacklist]. File: transforms.py Line Number: 307 Bias language is found in the app. Returns a function that operates as a << field_list): (bin/lib/aob_py3/solnlib/packages/schematics/transforms.py:322) [blacklist]. File: transforms.py Line Number: 322 Bias language is found in the app. return Role(Role.<<>> for the pro... (bin/lib/aob_py3/solnlib/packages/schematics/transforms.py:324) [blacklist]. File: transforms.py Line Number: 324 Bias language is found in the app. def << >>( >>, field_list) (bin/lib/aob_py3/solnlib/packages/schematics/transforms.py:319) [whitelist]. File: transforms.py Line Number: 319 Bias language is found in the app. return Role(Role.<< >>, field_list) (bin/lib/aob_py3/solnlib/packages/schematics/transforms.py:329) [blacklist]. File: transforms.py Line Number: 329 Bias language is found in the app. Returns a function that operates as a << >> for the pro... (bin/lib/aob_py3/solnlib/packages/schematics/transforms.py:314) [whitelist]. File: transforms.py Line Number: 314 Bias language is found in the app. ent['<< >>'] (bin/lib/aob_py3/solnlib/packages/splunklib/client.py:832) [whitelist]. File: client.py Line Number: 832 Bias language is found in the app. ent.<< >> (bin/lib/aob_py3/solnlib/packages/splunklib/client.py:849) [whitelist]. File: client.py Line Number: 849 Bias language is found in the app. # status_forcelist and a the given method is in the << ... (bin/lib/aob_py3/urllib3/util/retry.py:414) [whitelist]. File: retry.py Line Number: 414 Bias language is found in the app. it is included on the method << >>. (bin/lib/aob_py3/urllib3/util/retry.py:319) [whitelist]. File: retry.py Line Number: 319 Bias language is found in the app. for key in ("apps", "<< >>-apps", "master-apps"): (bin/lib/aob_py3/splunktaucclib/rest_handler/util.py:23) [slave]. File: util.py Line Number: 23 Bias language is found in the app. for key in ("apps", "slave-apps", "<< >>-apps"): (bin/lib/aob_py3/splunktaucclib/rest_handler/util.py:23) [master]. File: util.py Line Number: 23 Bias language is found in the app. for key in ("apps", "slave-apps", "<< >>-apps"): (bin/lib/aob_py3/cloudconnectlib/splunktalib/common/util.py:57) [master]. File: util.py Line Number: 57 Bias language is found in the app. for key in ("apps", "<< >>-apps", "master-apps"): (bin/lib/aob_py3/cloudconnectlib/splunktalib/common/util.py:57) [slave]. File: util.py Line Number: 57 Bias language is found in the app. https://github.com/mitsuhiko/jinja2/blob/<< >>/LICENSE) (bin/lib/aob_py3/future/utils/init.py:44) [master]. File: init.py Line Number: 44 Bias language is found in the app. ### https://github.com/kkxue/Py2ChainMap/blob/<< >>/py2... (bin/lib/aob_py3/future/backports/misc.py:731) [master]. File: misc.py Line Number: 731 Bias language is found in the app. webpackJsonp([0],{0:function(t,e,n){var a,i;a=[n("shim/jquery"),n... (appserver/static/js/build/configuration_page.js:1) [Master]. File: configuration_page.js Line Number: 1 Bias language is found in the app. webpackJsonp([2],{0:function(e,t,n){var i,s;i=[n("shim/jquery"),n... (appserver/static/js/build/inputs_page.js:1) [Master]. File: inputs_page.js Line Number: 1 Bias language is found in the app. this.propagateChangeColumn(e,t,n)},this),this.on("addColumn",func... (appserver/static/js/build/common.js:120) [blacklist]. File: common.js Line Number: 120 Bias language is found in the app. t.isArray(s)||t.isObject(s)?(a=JSON.stringify(s),h.set(e,a,{silen... (appserver/static/js/build/common.js:24) [blackList]. File: common.js Line Number: 24 Bias language is found in the app. label:e.content.name||e.name,hasSubNodes:e.content.hasSubNodes,lo... (appserver/static/js/build/common.js:180) [whitelist]. File: common.js Line Number: 180 Bias language is found in the app. n("contrib/moment").defineLocale("fr",{months:"janvier_fvrier_ma... (appserver/static/js/build/common.js:177) [Master]. File: common.js Line Number: 177 Bias language is found in the app. value:l})},this).join(n)},shouldUseWhere:function(){return this.r... (appserver/static/js/build/common.js:121) [blacklist]. File: common.js Line Number: 121 Bias language is found in the app. sourceRoot:"webpack://"}]),t.locals={view:"view------dev---9j4mx"... (appserver/static/js/build/common.js:18) [Master]. File: common.js Line Number: 18 Bias language is found in the app. this.children.helpMenu.render().replaceAll(this.$("[data-role=hel... (appserver/static/js/build/common.js:125) [Master]. File: common.js Line Number: 125 Bias language is found in the app. url:I.fullpath(t.model.appLocal.url+"/"+encodeURIComponent(t.mode... (appserver/static/js/build/common.js:90) [Master]. File: common.js Line Number: 90 Bias language is found in the app. sourceRoot:"webpack://"}]),t.locals={view:"view------dev---tHjjE"... (appserver/static/js/build/common.js:11) [Master]. File: common.js Line Number: 11 Bias language is found in the app. i.snakeCase=$a,i.some=function(e,t,n){var i=ta(e)?b:gn;return n&&... (appserver/static/js/build/common.js:22) [blackList]. File: common.js Line Number: 22 Bias language is found in the app. };if(void 0===t&&(t=re.ajaxSettings&&re.ajaxSettings.traditional)... (appserver/static/js/build/common.js:119) [blacklist]. File: common.js Line Number: 119 Bias language is found in the app. t.pipesCount-=1,1===t.pipesCount&&(t.pipes=t.pipes[0]),e.emit("un... (appserver/static/js/build/common.js:16) [Master]. File: common.js Line Number: 16 Bias language is found in the app. namespace:"search"});if(!i&&n){var a=this.collection.sections.get... (appserver/static/js/build/common.js:126) [Master]. File: common.js Line Number: 126 Bias language is found in the app. success:null}),h=e.Deferred();return i=o?this.saveJob(e.extend(!0... (appserver/static/js/build/common.js:86) [Master]. File: common.js Line Number: 86 Bias language is found in the app. apps:this.collection.apps},model:{application:this.model.applicat... (appserver/static/js/build/common.js:87) [Master]. File: common.js Line Number: 87 Bias language is found in the app. String.fromCodePoint||!function(){var e=String.fromCharCode,t=Mat... (appserver/static/js/build/common.js:89) [Master]. File: common.js Line Number: 89 Bias language is found in the app. sourceRoot:"webpack://"}]),t.locals={view:"view------dev---2Bywg ... (appserver/static/js/build/common.js:17) [Master]. File: common.js Line Number: 17 Bias language is found in the app. url:I.fullpath(t.model.appLocal.url+"/"+encodeURIComponent(t.mode... (appserver/static/js/build/common.js:90) [master]. File: common.js Line Number: 90 Bias language is found in the app. a:["href"]};return{clean:u,isBadUrl:r,_stripComments:s,_cleanAttr... (appserver/static/js/build/common.js:184) [Master]. File: common.js Line Number: 184 Bias language is found in the app. E["is"+e]=function(t){return p.call(t)=="[object "+e+"]"}}),E.isA... (appserver/static/js/build/common.js:124) [Master]. File: common.js Line Number: 124 Bias language is found in the app. t.isArray(s)||t.isObject(s)?(a=JSON.stringify(s),h.set(e,a,{silen... (appserver/static/js/build/common.js:24) [whiteList]. File: common.js Line Number: 24 Bias language is found in the app. E["is"+e]=function(t){return p.call(t)=="[object "+e+"]"}}),E.isA... (appserver/static/js/build/common.js:124) [_slave]. File: common.js Line Number: 124 Bias language is found in the app. this.$("label").removeClass("disabled"),this.$(".btn").removeClas... (appserver/static/js/build/common.js:178) [Master]. File: common.js Line Number: 178 Bias language is found in the app. callback:t,context:n,ctx:n||this}),this},once:function(e,t,i){if(... (appserver/static/js/build/common.js:91) [Master]. File: common.js Line Number: 91 Bias language is found in the app. })})}}.apply(t,i),!(void 0!==r&&(e.exports=r))},"util/ajax_no_cac... (appserver/static/js/build/common.js:123) [Master]. File: common.js Line Number: 123 Bias language is found in the app. },getModelAttributes:function(){var e=[];return t.each(this.child... (appserver/static/js/build/common.js:179) [Master]. File: common.js Line Number: 179 Bias language is found in the app. },getEditorValueAtIndex:function(e){var n,i,r=this.editorValues.a... (appserver/static/js/build/common.js:122) [blacklist]. File: common.js Line Number: 122 Bias language is found in the app. this.propagateChangeColumn(e,t,n)},this),this.on("addColumn",func... (appserver/static/js/build/common.js:120) [whitelist]. File: common.js Line Number: 120 Bias language is found in the app. sourceRoot:"webpack://"}]),t.locals={carousel:"carousel------dev-... (appserver/static/js/build/common.js:19) [Master]. File: common.js Line Number: 19 Bias language is found in the app. value:l})},this).join(n)},shouldUseWhere:function(){return this.r... (appserver/static/js/build/common.js:121) [whitelist]. File: common.js Line Number: 121 Suppressed 28 warning messages Malware, viruses, malicious content, user security standards (static checks) [warning] Check that no sensitive hostnames/IPs are stored in the app. PRIVATE IP 192.0.2.16 is found in bin/lib/aob_py2/httplib2/iri2uri.py:87 File: bin/lib/aob_py2/httplib2/iri2uri.py Line Number: 87 If you wish to make changes to the app, you can find documentation and utilities to assist you here: http://dev.splunk.com/view/appinspect/SP-CAAAE9U We look forward to working with you in the future to develop and install Apps that will further improve your Splunk Cloud experience.?If you have any immediate questions or concerns, please let me know.
remg427
commented
4 years ago Hello, again there are only warnings about files which are not part of my development but provided by Splunk Add-on builder. I did the appinspect checks with cloud tag and got a success for this package. I don't understand why they don't want to validate when there are only warnings on files not managed by me.
In my code I check that only https is allowed, no credentials in clear even in logs,
{
"request_id": "df020a2d-1621-478a-9ac3-dbfbed50b1bc",
"cloc": " 100 files\r 200 files\r 300 files\r 400 files\r 500 files\r 600 files\r 700 files\r 800 files\r 900 files\r 1000 files\r 1100 files\r 1200 files\r 1300 files\r 1376 text files.\nclassified 1374 files\rDuplicate file check 1374 files (827 known unique)\rUnique: 100 files \rUnique: 200 files \rUnique: 300 files \rUnique: 400 files \rUnique: 500 files \rUnique: 600 files \rUnique: 700 files \rUnique: 800 files \r 864 unique files. \nCounting: 100\rCounting: 200\rCounting: 300\rCounting: 400\rCounting: 500\rCounting: 600\rCounting: 700\rCounting: 800\r 588 files ignored.\n\ngithub.com/AlDanial/cloc v 1.82 T=2.20 s (377.1 files/s, 101936.8 lines/s)\n-------------------------------------------------------------------------------\nLanguage files blank comment code\n-------------------------------------------------------------------------------\nPython 813 33544 50194 127249\nCSS 4 1775 1703 8382\nJSON 4 0 0 1105\nHTML 2 13 5 205\nJavaScript 4 0 82 106\nXML 3 0 0 13\n-------------------------------------------------------------------------------\nSUM: 830 35332 51984 137060\n-------------------------------------------------------------------------------\n",
"reports": [
{
"app_author": "remg427@gmail.com",
"app_description": "TA TheHive Cloud Edition (it provides action to create alerts in thehive)",
"app_hash": "56d522c9cf7e5bf02a0278a4d22ffcff",
"app_name": "TheHive CE",
"app_version": "1.1.1",
"metrics": {
"start_time": "2020-10-02T19:01:58.929917",
"end_time": "2020-10-02T19:03:50.677691",
"execution_time": 111.747774
},
"run_parameters": {
"api_request_id": "7e5b55ee-04e1-11eb-8a6c-02420a000041",
"splunkbase_id": "unknown",
"version": null,
"splunk_version": null,
"stack_id": "unknown",
"api_timestamp": "2020-10-02T19:00:11.695747",
"included_tags": [
"cloud"
],
"package_location": "7e5b55ee-04e1-11eb-8a6c-02420a000041-TA_thehive_ce.tar.gz",
"appinspect_version": "2.3.1",
"excluded_tags": []
},
"summary": {
"error": 0,
"failure": 0,
"skipped": 0,
"manual_check": 14,
"not_applicable": 56,
"warning": 8,
"success": 133
}
}
],
"summary": {
"error": 0,
"failure": 0,
"skipped": 0,
"manual_check": 14,
"not_applicable": 56,
"warning": 8,
"success": 133
},
"metrics": {
"start_time": "2020-10-02T19:00:13.776343",
"end_time": "2020-10-02T19:03:50.678378",
"execution_time": 216.902035
},
"run_parameters": {
"api_request_id": "7e5b55ee-04e1-11eb-8a6c-02420a000041",
"splunkbase_id": "unknown",
"version": null,
"splunk_version": null,
"stack_id": "unknown",
"api_timestamp": "2020-10-02T19:00:11.695747",
"included_tags": [
"cloud"
],
"package_location": "7e5b55ee-04e1-11eb-8a6c-02420a000041-TA_thehive_ce.tar.gz",
"appinspect_version": "2.3.1",
"excluded_tags": []
},
"links": [
{
"rel": "self",
"href": "/v1/app/report/df020a2d-1621-478a-9ac3-dbfbed50b1bc"
},
{
"rel": "summary",
"href": "/v1/app/report/df020a2d-1621-478a-9ac3-dbfbed50b1bc/summary"
},
{
"rel": "tags",
"href": "/v1/app/report/df020a2d-1621-478a-9ac3-dbfbed50b1bc/tags"
}
]
}Thanks and sorry for the trouble. I'll get back to them. I was able to upgrade directly to 1.1.1 directly in Splunk Cloud so I don't really have an issue anymore but that Splunk's support cannot vet the apps properly for Splunk Cloud really sucks. I'll keep following up and make sure they vet the app properly.
remg427
commented
4 years ago Thanks. For next version I'll try to remove lib of the addon builder which are not needed
-- Sent with K-9 Mail.
eternaldrift
commented
4 years ago I heard back from Splunk and according to them, you need to remove the addon builder libs otherwise it'll be inspected too. For that reason the current version will not pass the vetting for Splunk Cloud.
remg427
commented
4 years ago Hi, I have just published 1.1.2 keeping strict minimum for library packages. It has been validated via appinspect with tag cloud. The badge iappinspect is available on splunkbase. There are still 5 wafrnings and a few manual checks but 1.0.3 was approved for cloud deployment and it was not so sanitised. I hope it will pass the vetting process that is a bit different from what I can check using appinspect API.
4819 v1.1.0 "TA_thehive_CE"
Review fails vetting and cannot be installed.
Failed and warning manual checks
Splunk Packaging Toolkit (SLIM) validation This group uses slim to extend the cloud checks for improved auto-vetting.
[warning] Find non-standard config files and notify app developers to confirm that 1. those files are safe to install. 2. those files are partitioned to the expected instances.
Custom config file default/logging.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use the
targetWorkloadsattribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. File: default/logging.confCustom config file default/ta_thehive_ce_settings.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use the
targetWorkloadsattribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. File: default/ta_thehive_ce_settings.confCustom config file lib/aob_py2/cloudconnectlib/splunktalib/setting.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use the
targetWorkloadsattribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. File: lib/aob_py2/cloudconnectlib/splunktalib/setting.confCustom config file lib/aob_py3/cloudconnectlib/splunktalib/setting.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use the
targetWorkloadsattribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. File: lib/aob_py3/cloudconnectlib/splunktalib/setting.confDeprecated features from Splunk Enterprise 6.5 The following features should not be supported in Splunk 6.5 or later. For more, see Deprecated features and Changes for Splunk App developers.
[warning] Checks that views are not importing splunkjs/mvc/headerview or splunkjs/mvc/footerrview. These are replaced by LayoutView in Splunk 6.5. LayoutView is not backwards compatible to Splunk 6.4 or earlier. Only use LayoutView if you are only targeting Splunk 6.5 or above.
Deprecated features from Splunk Enterprise 8.0 The following features should not be supported in Splunk 8.0.0 or later. For more, see Deprecated features and Changes for Splunk App developers.
[warning] Check for the existence of Python code block in Mako templates, which must be upgraded to be Python 3-compatible for the Splunk Enterprise 8.0.
[warning] Check for the existence of Python scripts, which must be upgraded to be cross-compatible with Python 2 and 3 for Splunk Enterprise 8.0.
Python file standards
[warning] Check for the use of threading, and multiprocesses. Threading or process must be used with discretion and not negatively affect the Splunk installation as a whole.
multiprocessing.Process.startin loop. Use threading and multiprocessing with discretion. File: lib/aob_py2/lib2to3/refactor.py Line Number: 719multiprocessing.Process.startin loop. Use threading and multiprocessing with discretion. File: lib/aob_py3/lib2to3/refactor.py Line Number: 700multiprocessing.Process.startin loop. Use threading and multiprocessing with discretion. File: lib/aob_py2/concurrent/futures/process.py Line Number: 325Malware, viruses, malicious content, user security standards (static checks)
[warning] Check that no sensitive hostnames/IPs are stored in the app.