feat(core): Security audit (#5034)

* ✨ Implement security audit * ⚡ Use logger * 🧪 Fix test * ⚡ Switch logger with stdout * 🎨 Set new logo * ⚡ Fill out Public API schema * ✏️ Fix typo * ⚡ Break dependency cycle * ⚡ Add security settings values * 🧪 Test security settings * ⚡ Add publicly accessible instance warning * ⚡ Add metric to CLI command * ✏️ Fix typo * 🔥 Remove unneeded path alias * 📘 Add type import * 🔥 Remove inferrable output type * ⚡ Set description at correct level * ⚡ Rename constant for consistency * ⚡ Sort URLs * ⚡ Rename local var * ⚡ Shorten name * ✏️ Improve phrasing * ⚡ Improve naming * ⚡ Fix casing * ✏️ Add docline * ✏️ Relocate comment * ⚡ Add singular/plurals * 🔥 Remove unneeded await * ✏️ Improve test description * ⚡ Optimize with sets * ⚡ Adjust post master merge * ✏️ Improve naming * ⚡ Adjust in spy * 🧪 Fix outdated instance test * 🧪 Make diagnostics check consistent * ⚡ Refactor `getAllExistingCreds` * ⚡ Create helper `getNodeTypes` * 🐛 Fix `InternalHooksManager` call * 🚚 Rename `execution` to `nodes` risk * ⚡ Add options to CLI command * ⚡ Make days configurable * :revert: Undo changes to `BaseCommand` * ⚡ Improve CLI command UX * ⚡ Change no-report return value Empty array to trigger empty state on FE. * ⚡ Add empty check to `reportInstanceRisk` * 🧪 Extend Jest `expect` * 📘 Augment `jest.Matchers` * 🧪 Set extend as setup file * 🔧 Override lint rule for `.d.ts` * ⚡ Use new matcher * ⚡ Update check * 📘 Improve typings * ⚡ Adjust instance risk check * ✏️ Rename `execution` → `nodes` in Public API schema * ✏️ Add clarifying comment * ✏️ Fix typo * ⚡ Validate categories in CLI command * ✏️ Improve naming * ✏️ Make audit reference consistent * 📘 Fix typing * ⚡ Use `finally` in CLI command
2025-12-20 11:22:15 +00:00 · 2023-01-05 13:28:40 +01:00
parent 59004fe7bb
commit d548161632
34 changed files with 2335 additions and 18 deletions
--- a/packages/cli/src/PublicApi/v1/handlers/audit/audit.handler.ts
+++ b/packages/cli/src/PublicApi/v1/handlers/audit/audit.handler.ts
@@ -0,0 +1,22 @@
+import { authorize } from '@/PublicApi/v1/shared/middlewares/global.middleware';
+import { audit } from '@/audit';
+import type { Response } from 'express';
+import type { AuditRequest } from '@/PublicApi/types';
+
+export = {
+	generateAudit: [
+		authorize(['owner']),
+		async (req: AuditRequest.Generate, res: Response): Promise<Response> => {
+			try {
+				const result = await audit(
+					req.body?.additionalOptions?.categories,
+					req.body?.additionalOptions?.daysAbandonedWorkflow,
+				);
+
+				return res.json(result);
+			} catch (error) {
+				return res.status(500).json(error);
+			}
+		},
+	],
+};