codacy · andrzej-janczak · Jul 4, 2025 · codacy-production · Jul 4, 2025 · codacy-production
diff --git a/.codacy/codacy.yaml b/.codacy/codacy.yaml
@@ -1,16 +1,13 @@
 runtimes:
-    - dart@3.7.2
     - go@1.22.3
     - java@17.0.10
     - node@22.2.0
     - python@3.11.11
 tools:
-    - codacy-enigma-cli@0.0.1-main.8.49310c3
-    - dartanalyzer@3.7.2
-    - eslint@8.57.0
+    - eslint@9.26.0
     - lizard@1.17.19
-    - pmd@6.55.0
-    - pylint@3.3.6
+    - pmd@7.11.0
+    - pylint@3.3.7
     - revive@1.7.0
     - semgrep@1.78.0
     - trivy@0.59.1
diff --git a/cmd/analyze.go b/cmd/analyze.go
@@ -437,13 +437,6 @@ func validatePaths(paths []string) error {
 	return nil
 }
 
-func validateCloudMode(cliLocalMode bool) error {
-	if cliLocalMode {
-		fmt.Println("Warning: cannot run in cloud mode")
-	}
-	return nil
-}
-
 var analyzeCmd = &cobra.Command{
 	Use:   "analyze",
 	Short: "Analyze code using configured tools",
@@ -465,8 +458,6 @@ Supports API token, provider, and repository flags to automatically fetch tool c
 
 		cliLocalMode := len(initFlags.ApiToken) == 0
 
-		validateCloudMode(cliLocalMode)
-
 		var toolsToRun map[string]*plugins.ToolInfo
 
 		if toolsToAnalyzeParam != "" {

diff --git a/example_1.ts b/example_1.ts
@@ -0,0 +1,60 @@
+// vulneravel.ts
+
+import * as http from 'http';
+import * as url from 'url';
+import * as fs from 'fs';
+import * as mysql from 'mysql';
+
+// 1. Exposição de credenciais
+const db = mysql.createConnection({
+  host: 'localhost',
+  user: 'root',
+  password: 'rootpassword', // Credenciais expostas
+  database: 'test'
+});
+
+http.createServer((req, res) => {
+  const parsedUrl = url.parse(req.url || '', true);
-  const parsedUrl = url.parse(req.url || '', true);
+  const parsedUrl = url.parse(req.url ?? '', true);
-  const parsedUrl = url.parse(req.url || '', true);
+  const parsedUrl = url.parse(req.url ?? '', true);
+  const query = parsedUrl.query;
+
+  // 2. Injeção SQL - FIXED: Use parameterized query
+  const username = query.username;
+  const sql = `SELECT * FROM users WHERE username = ?`;
+  db.query(sql, [username], (err, result) => {
+    if (err) throw err;
+
+    // 3. Exposição de dados sensíveis - FIXED: Filter sensitive fields
+    const safeResult = result.map((user: any) => {
-    const safeResult = result.map((user: any) => {
+    const safeResult = result.map((user: unknown) => {
-    const safeResult = result.map((user: any) => {
+    const safeResult = result.map((user: unknown) => {
+      const { password, ...safeUser } = user;
-      const { password, ...safeUser } = user;
+      const {  ...safeUser } = user;
-      const { password, ...safeUser } = user;
+      const {  ...safeUser } = user;
+      return safeUser;
+    });
+    res.writeHead(200, { 'Content-Type': 'application/json' });
+    res.end(JSON.stringify(safeResult)); // devolve dados sem campos sensíveis
+  });
+
+  // 4. Leitura insegura de ficheiros
+  const file = query.file as string;
+  fs.readFile('./uploads/' + file, 'utf8', (err, data) => {
+    if (!err) {
+      res.write('\n\n' + data); // pode ser usado para leitura arbitrária de ficheiros
+    }
+  });
+
+  // 5. Execução de código arbitrário
+  if (query.runCode) {
+    eval(query.runCode as string); // MUITO perigoso
+  }
+
+}).listen(8080);
+
+// 6. Dependência desatualizada (suponha que mysql está vulnerável)
+
+// 7. Falta de HTTPS (http em vez de https)
+
+// 8. Nenhuma validação de entrada em nenhuma parte
+
+// 9. Stack traces revelados com throw err
+
+// 10. Não existe autenticação nem controlo de acessos
+
+console.log('Servidor inseguro a correr em http://localhost:8080');
diff --git a/out.txt b/out.txt
@@ -0,0 +1,146 @@
+Warning: cannot run in cloud mode
+{
+  "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
+  "runs": [
+    {
+      "invocations": [
+        {
+          "executionSuccessful": true,
+          "toolExecutionNotifications": []
+        }
+      ],
+      "results": [],
+      "tool": {
+        "driver": {
+          "name": "Semgrep OSS",
+          "rules": null,
+          "semanticVersion": "1.78.0"
+        }
+      }
+    },
+    {
+      "columnKind": "utf16CodeUnits",
+      "originalUriBaseIds": {
+        "ROOTPATH": {
+          "uri": "file:///Users/czak/GIT/codacy/codacy-cli-v2/example_1.ts/"
+        }
+      },
+      "results": [],
+      "tool": {
+        "driver": {
+          "fullName": "Trivy Vulnerability Scanner",
+          "informationUri": "https://github.com/aquasecurity/trivy",
+          "name": "Trivy",
+          "rules": null,
+          "version": "0.59.1"
+        }
+      }
+    },
+    {
+      "artifacts": [
+        {
+          "location": {
+            "uri": "file:///Users/czak/GIT/codacy/codacy-cli-v2/example_1.ts"
+          }
+        }
+      ],
+      "invocations": [
+        {
+          "executionSuccessful": true,
+          "toolConfigurationNotifications": [
+            {
+              "descriptor": {
+                "id": "ESL0999"
+              },
+              "level": "warning",
+              "locations": [
+                {
+                  "physicalLocation": {
+                    "artifactLocation": {
+                      "index": 0,
+                      "uri": "file:///Users/czak/GIT/codacy/codacy-cli-v2/example_1.ts"
+                    }
+                  }
+                }
+              ],
+              "message": {
+                "text": "File ignored because no matching configuration was supplied."
+              }
+            }
+          ]
+        }
+      ],
+      "results": [],
+      "tool": {
+        "driver": {
+          "informationUri": "https://eslint.org",
+          "name": "ESLint",
+          "rules": null,
+          "version": "9.26.0"
+        }
+      }
+    },
+    {
+      "results": [
+        {
+          "level": "error",
+          "locations": [
+            {
+              "physicalLocation": {
+                "artifactLocation": {
+                  "uri": "example_1.ts"
+                },
+                "region": {
+                  "startColumn": 1,
+                  "startLine": 1
+                }
+              }
+            }
+          ],
+          "message": {
+            "text": "Parsing failed: 'invalid syntax (example_1, line 1)'"
+          },
+          "ruleId": "syntax-error"
+        }
+      ],
+      "tool": {
+        "driver": {
+          "informationUri": "https://pylint.org",
+          "name": "Pylint",
+          "rules": null,
+          "version": "3.3.6"
+        }
+      }
+    },
+    {
+      "results": [
+        {
+          "locations": [
+            {
+              "physicalLocation": {
+                "artifactLocation": {
+                  "uri": "example_1.ts"
+                },
+                "region": {
+                  "startColumn": 1,
+                  "startLine": 3
+                }
+              }
+            }
+          ],
+          "message": {
+            "text": "invalid file example_1.ts: example_1.ts:3:1: expected 'package', found 'import' (and 4 more errors)"
+          }
+        }
+      ],
+      "tool": {
+        "driver": {
+          "informationUri": "https://github.com/mgechev/revive",
+          "name": "revive",
+          "rules": null
+        }
+      }
+    }
+  ],
+  "version": "2.1.0"
+}
diff --git a/req.txt b/req.txt
diff --git a/vul.ts b/vul.ts
@@ -0,0 +1,20 @@
+
+
+  // 5. Execução de código arbitrário
+  if (query.runCode) {
+    eval(query.runCode as string); // MUITO perigoso
+  }
+
+}).listen(8080);
+
+// 6. Dependência desatualizada (suponha que mysql está vulnerável)
+
+// 7. Falta de HTTPS (http em vez de https)
+
+// 8. Nenhuma validação de entrada em nenhuma parte
+
+// 9. Stack traces revelados com throw err
+
+// 10. Não existe autenticação nem controlo de acessos
+
+console.log('Servidor inseguro a correr em http://localhost:8080');