initial commit

Author: MoodyReaper

.commitlintrc.json

@@ -0,0 +1,3 @@
+{
+  "extends": ["@commitlint/config-conventional"]
+}

.cspell-dict.txt

@@ -0,0 +1,19 @@
+abatilo
+bufio
+commitlint
+dorny
+dtolnay
+eamodio
+gomod
+gruntfuggly
+Hocevar
+liveshare
+markdownlint
+oderwat
+runtimes
+scrollback
+tamasfe
+vadimcn
+venv
+virtualenvs
+vuln

.cspell.json

@@ -0,0 +1,13 @@
+{
+  "$schema": "https://raw.githubusercontent.com/streetsidesoftware/cspell/main/cspell.schema.json",
+  "version": "0.2",
+  "dictionaryDefinitions": [
+    {
+      "name": "project-dict",
+      "path": "./.cspell-dict.txt",
+      "addWords": true
+    }
+  ],
+  "dictionaries": ["project-dict"],
+  "ignorePaths": ["./.cspell-dict.txt"]
+}

.editorconfig

@@ -0,0 +1,11 @@
+# https://editorconfig.org
+
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_style = space
+indent_size = 2
+insert_final_newline = true
+trim_trailing_whitespace = true

.gitattributes

@@ -0,0 +1,3 @@
+# https://git-scm.com/docs/gitattributes
+
+* text=auto

.github/dependabot.yml

@@ -0,0 +1,44 @@
+version: 2
+
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
+      day: monday
+    open-pull-requests-limit: 5
+
+  # Maintain dependencies for Go
+  - package-ecosystem: gomod
+    directory: /go
+    schedule:
+      interval: weekly
+      day: monday
+    open-pull-requests-limit: 5
+
+  # Maintain dependencies for Python
+  - package-ecosystem: pip
+    directory: /python
+    schedule:
+      interval: weekly
+      day: monday
+    open-pull-requests-limit: 5
+
+  # Maintain dependencies for Rust
+  - package-ecosystem: cargo
+    directory: /rust
+    schedule:
+      interval: weekly
+      day: monday
+    open-pull-requests-limit: 5
+
+  # Maintain dependencies for TypeScript
+  - package-ecosystem: npm
+    directory: /typescript
+    schedule:
+      interval: weekly
+      day: monday
+    open-pull-requests-limit: 5
+    ignore:
+      - dependency-name: '@types/node'

.github/workflows/pull-request-or-push-to-master.yaml

@@ -0,0 +1,154 @@
+name: Pull Request or Push to master
+
+on:
+  pull_request: {}
+  push:
+    branches: [master]
+  workflow_dispatch: {}
+
+concurrency:
+  group: ${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+permissions: {}
+
+jobs:
+  trunk_check:
+    name: Trunk Check
+    runs-on: ubuntu-latest
+    permissions:
+      checks: write # For Trunk to post annotations
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - name: Trunk Check
+        uses: trunk-io/trunk-action@b61eb5749343e65e59ef104575a328b59f7285df # v1.1.4
+
+  detect_changes:
+    name: Detect Changes
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    outputs:
+      go: ${{ steps.filter.outputs.go }}
+      python: ${{ steps.filter.outputs.python }}
+      rust: ${{ steps.filter.outputs.rust }}
+      typescript: ${{ steps.filter.outputs.typescript }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1
+        id: filter
+        with:
+          filters: |
+            go:
+              - 'go/**'
+            python:
+              - 'python/**'
+            rust:
+              - 'rust/**'
+            typescript:
+              - 'typescript/**'
+
+  go_build_check:
+    name: Go Build Check
+    needs: detect_changes
+    if: ${{ needs.detect_changes.outputs.go == 'true' }}
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    defaults:
+      run:
+        working-directory: go
+    steps:
+      - name: Checkout
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - name: Setup Go
+        uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
+        with:
+          go-version: 1.20.5
+      - name: Run build check
+        run: go build -o bin/ src/main.go
+      - name: Run execution check
+        run: go run src/main.go
+        timeout-minutes: 1
+
+  python_build_check:
+    name: Python Build Check
+    needs: detect_changes
+    if: ${{ needs.detect_changes.outputs.python == 'true' }}
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    defaults:
+      run:
+        working-directory: python
+    steps:
+      - name: Checkout
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - name: Setup Python
+        uses: actions/setup-python@bd6b4b6205c4dbad673328db7b31b7fab9e241c0 # v4.6.1
+        with:
+          python-version: 3.11.4
+      - name: Setup Poetry
+        uses: abatilo/actions-poetry@192395c0d10c082a7c62294ab5d9a9de40e48974 # v2.3.0
+        with:
+          poetry-version: 1.5.1
+      - name: Install package dependencies
+        run: poetry install
+      - name: Run build check
+        run: poetry build
+      - name: Run execution check
+        run: poetry run python src/main.py
+        timeout-minutes: 1
+
+  rust_build_check:
+    name: Rust Build Check
+    needs: detect_changes
+    if: ${{ needs.detect_changes.outputs.rust == 'true' }}
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    defaults:
+      run:
+        working-directory: rust
+    steps:
+      - name: Checkout
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - name: Setup Rust
+        uses: dtolnay/rust-toolchain@0e66bd3e6b38ec0ad5312288c83e47c143e6b09e
+        with:
+          toolchain: 1.70.0
+      - name: Run build check
+        run: cargo build --locked --verbose
+      - name: Run execution check
+        run: cargo run
+        timeout-minutes: 1
+
+  typescript_build_check:
+    name: TypeScript Build Check
+    needs: detect_changes
+    if: ${{ needs.detect_changes.outputs.typescript == 'true' }}
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    defaults:
+      run:
+        working-directory: typescript
+    steps:
+      - name: Checkout
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - name: Setup NodeJS
+        uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3.7.0
+        with:
+          node-version: 20.3.1
+      - name: Install package dependencies
+        run: npm ci
+      - name: Run lint check
+        run: npm run lint
+      - name: Run build check
+        run: npm run dist:build
+      - name: Run execution check
+        run: npm start
+        timeout-minutes: 1

.gitignore

@@ -0,0 +1,5 @@
+{
+  "printWidth": 100,
+  "proseWrap": "always",
+  "singleQuote": true
+}

.prettierrc.json

@@ -0,0 +1,4 @@
+golang 1.20.5
+python 3.11.4
+rust 1.70.0
+nodejs 20.3.1

.tool-versions

@@ -0,0 +1,8 @@
+*out
+*logs
+*actions
+*notifications
+plugins
+user_trunk.yaml
+user.yaml
+shims

.trunk/.gitignore

@@ -0,0 +1,2 @@
+[settings]
+profile=black

.trunk/configs/.isort.cfg

@@ -0,0 +1,10 @@
+# Autoformatter friendly markdownlint config (all formatting rules disabled)
+default: true
+blank_lines: false
+bullet: false
+html: false
+indentation: false
+line_length: false
+spaces: false
+url: false
+whitespace: false

.trunk/configs/.markdownlint.yaml

@@ -0,0 +1 @@
+edition = "2021"

.trunk/configs/.rustfmt.toml

@@ -0,0 +1,11 @@
+# Minimal yamllint config with no formatting rules enabled (prettier handles those)
+rules:
+  quoted-strings:
+    required: only-when-needed
+    extra-allowed: ['{|}']
+  empty-values:
+    forbid-in-block-mappings: true
+    forbid-in-flow-mappings: true
+  key-duplicates: {}
+  octal-values:
+    forbid-implicit-octal: true

.trunk/configs/.yamllint.yaml

@@ -0,0 +1,91 @@
+#  Copyright 2021 Praetorian Security, Inc.
+
+#  Licensed under the Apache License, Version 2.0 (the License);
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+
+#       http://www.apache.org/licenses/LICENSE-2.0
+
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an AS IS BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+# GoKart analyzers configuration
+
+# Uncomment analyzers section below to create a new vulnerability type
+
+# analyzers:
+#   # Each entry specifies a vulnerability type.
+
+#   # Name of the vulnerability:
+#   Test Sink:
+#     # Description of this vulnerability
+#     doc: Writing data to Printf()
+#     # Message displayed when this vulnerability is found
+#     message: Test Sink reachable by user input
+#     # List of vulnerable functions used to identify this vulnerability
+#     vuln_calls:
+#       # Package name
+#       log:
+#         # Function name
+#         - Printf
+
+# Each entry specifies a source that should be considered untrusted
+# If the package already exists in the sources section, add the variable/function/type underneath
+# Each package can contain multiple vulnerable sources.
+sources:
+  # Sources that are defined in Go documentation as a variable go here (note: these variables will have an SSA type of Global).
+  variables:
+    os:
+      - Args
+  # Sources that are defined in Go documentation as a function go here.
+  functions:
+    flag:
+      - Arg
+      - Args
+    os:
+      - Environ
+      - File
+    crypto/tls:
+      - LoadX509KeyPair
+      - X509KeyPair
+    os/user:
+      - Lookup
+      - LookupId
+      - Current
+    crypto/x509:
+      - Subjects
+    io:
+      - ReadAtLeast
+      - ReadFull
+    database/sql:
+      - Query
+      - QueryRow
+    bytes:
+      - String
+      - ReadBytes
+      - ReadByte
+    bufio:
+      - Text
+      - Bytes
+      - ReadString
+      - ReadSlice
+      - ReadRune
+      - ReadLine
+      - ReadBytes
+      - ReadByte
+    archive/tar:
+      - Next
+      - FileInfo
+      - Header
+    net/url:
+      - ParseQuery
+      - ParseUriRequest
+      - Parse
+      - Query
+  # Sources that are defined in Go documentation as a type go here (note: adding types will consider all functions that use that type to be tainted).
+  types:
+    net/http:
+      - Request

.trunk/configs/analyzers.yml

@@ -0,0 +1,5 @@
+# Generic, formatter-friendly config.
+select = ["B", "D3", "D4", "E", "F"]
+
+# Never enforce `E501` (line length violations). This should be handled by formatters.
+ignore = ["E501"]