From dcfcecfea76245c34a0b65997f404b6661dac0d9 Mon Sep 17 00:00:00 2001 From: Chris Farhood Date: Wed, 20 May 2026 00:46:33 +0000 Subject: [PATCH] style: apply Biome formatting to backported files Co-Authored-By: Paperclip --- apps/worker/src/ai/queue-schemas.ts | 127 +++++++++++------- apps/worker/src/services/findings-renderer.ts | 18 +-- apps/worker/src/temporal/activities.ts | 2 +- 3 files changed, 82 insertions(+), 65 deletions(-) diff --git a/apps/worker/src/ai/queue-schemas.ts b/apps/worker/src/ai/queue-schemas.ts index 311cfdd..f29b8a7 100644 --- a/apps/worker/src/ai/queue-schemas.ts +++ b/apps/worker/src/ai/queue-schemas.ts @@ -17,8 +17,7 @@ import type { AgentName } from '../types/agents.js'; // === Common Fields === -const ANALYSIS_NOTES_DESCRIPTION = - 'Plain context for defenders (caveats, scope, what is at risk). Not attack steps.'; +const ANALYSIS_NOTES_DESCRIPTION = 'Plain context for defenders (caveats, scope, what is at risk). Not attack steps.'; function notesField(exploit: boolean) { const f = z.string().optional(); @@ -114,53 +113,83 @@ function toOutputFormat(zodSchema: z.ZodType): JsonSchemaOutputFormat { function buildOutputFormats(exploit: boolean): Partial> { const base = makeBase(exploit); return { - 'injection-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({ - source: z.string().optional(), - combined_sources: z.string().optional(), - path: z.string().optional(), - sink_call: z.string().optional(), - slot_type: z.string().optional(), - sanitization_observed: z.string().optional(), - concat_occurrences: z.string().optional(), - verdict: z.string().optional(), - mismatch_reason: z.string().optional(), - witness_payload: z.string().optional(), - })) })), - 'xss-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({ - source: z.string().optional(), - source_detail: z.string().optional(), - path: z.string().optional(), - sink_function: z.string().optional(), - render_context: z.string().optional(), - encoding_observed: z.string().optional(), - verdict: z.string().optional(), - mismatch_reason: z.string().optional(), - witness_payload: z.string().optional(), - })) })), - 'auth-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({ - source_endpoint: z.string().optional(), - vulnerable_code_location: z.string().optional(), - missing_defense: z.string().optional(), - exploitation_hypothesis: z.string().optional(), - suggested_exploit_technique: z.string().optional(), - })) })), - 'ssrf-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({ - source_endpoint: z.string().optional(), - vulnerable_parameter: z.string().optional(), - vulnerable_code_location: z.string().optional(), - missing_defense: z.string().optional(), - exploitation_hypothesis: z.string().optional(), - suggested_exploit_technique: z.string().optional(), - })) })), - 'authz-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({ - endpoint: z.string().optional(), - vulnerable_code_location: z.string().optional(), - role_context: z.string().optional(), - guard_evidence: z.string().optional(), - side_effect: z.string().optional(), - reason: z.string().optional(), - minimal_witness: z.string().optional(), - })) })), + 'injection-vuln': toOutputFormat( + z.object({ + vulnerabilities: z.array( + base.extend({ + source: z.string().optional(), + combined_sources: z.string().optional(), + path: z.string().optional(), + sink_call: z.string().optional(), + slot_type: z.string().optional(), + sanitization_observed: z.string().optional(), + concat_occurrences: z.string().optional(), + verdict: z.string().optional(), + mismatch_reason: z.string().optional(), + witness_payload: z.string().optional(), + }), + ), + }), + ), + 'xss-vuln': toOutputFormat( + z.object({ + vulnerabilities: z.array( + base.extend({ + source: z.string().optional(), + source_detail: z.string().optional(), + path: z.string().optional(), + sink_function: z.string().optional(), + render_context: z.string().optional(), + encoding_observed: z.string().optional(), + verdict: z.string().optional(), + mismatch_reason: z.string().optional(), + witness_payload: z.string().optional(), + }), + ), + }), + ), + 'auth-vuln': toOutputFormat( + z.object({ + vulnerabilities: z.array( + base.extend({ + source_endpoint: z.string().optional(), + vulnerable_code_location: z.string().optional(), + missing_defense: z.string().optional(), + exploitation_hypothesis: z.string().optional(), + suggested_exploit_technique: z.string().optional(), + }), + ), + }), + ), + 'ssrf-vuln': toOutputFormat( + z.object({ + vulnerabilities: z.array( + base.extend({ + source_endpoint: z.string().optional(), + vulnerable_parameter: z.string().optional(), + vulnerable_code_location: z.string().optional(), + missing_defense: z.string().optional(), + exploitation_hypothesis: z.string().optional(), + suggested_exploit_technique: z.string().optional(), + }), + ), + }), + ), + 'authz-vuln': toOutputFormat( + z.object({ + vulnerabilities: z.array( + base.extend({ + endpoint: z.string().optional(), + vulnerable_code_location: z.string().optional(), + role_context: z.string().optional(), + guard_evidence: z.string().optional(), + side_effect: z.string().optional(), + reason: z.string().optional(), + minimal_witness: z.string().optional(), + }), + ), + }), + ), }; } diff --git a/apps/worker/src/services/findings-renderer.ts b/apps/worker/src/services/findings-renderer.ts index 88189b2..6dfb5cc 100644 --- a/apps/worker/src/services/findings-renderer.ts +++ b/apps/worker/src/services/findings-renderer.ts @@ -17,13 +17,7 @@ */ import { fs, path } from 'zx'; -import type { - AuthFinding, - AuthzFinding, - InjectionFinding, - SsrfFinding, - XssFinding, -} from '../ai/queue-schemas.js'; +import type { AuthFinding, AuthzFinding, InjectionFinding, SsrfFinding, XssFinding } from '../ai/queue-schemas.js'; import { deliverablesDir } from '../paths.js'; import type { ActivityLogger } from '../types/activity-logger.js'; import type { VulnClass } from '../types/config.js'; @@ -125,10 +119,7 @@ function renderInjectionEntry(e: InjectionFinding): string { return buildEntry( e.ID, e.vulnerability_type, - [ - summaryRow('Vulnerable location', location), - summaryRow('Overview', e.mismatch_reason), - ], + [summaryRow('Vulnerable location', location), summaryRow('Overview', e.mismatch_reason)], e.notes, ); } @@ -138,10 +129,7 @@ function renderXssEntry(e: XssFinding): string { return buildEntry( e.ID, e.vulnerability_type, - [ - summaryRow('Vulnerable location', location), - summaryRow('Overview', e.mismatch_reason), - ], + [summaryRow('Vulnerable location', location), summaryRow('Overview', e.mismatch_reason)], e.notes, ); } diff --git a/apps/worker/src/temporal/activities.ts b/apps/worker/src/temporal/activities.ts index 1c1d43b..31dc846 100644 --- a/apps/worker/src/temporal/activities.ts +++ b/apps/worker/src/temporal/activities.ts @@ -28,10 +28,10 @@ import { DEFAULT_DELIVERABLES_SUBDIR, deliverablesDir } from '../paths.js'; import { getContainer, getOrCreateContainer, removeContainer } from '../services/container.js'; import { classifyErrorForTemporal, PentestError } from '../services/error-handling.js'; import { ExploitationCheckerService } from '../services/exploitation-checker.js'; +import { renderFindingsFromQueues } from '../services/findings-renderer.js'; import { executeGitCommandWithRetry } from '../services/git-manager.js'; import { runPreflightChecks } from '../services/preflight.js'; import type { ExploitationDecision, VulnType } from '../services/queue-validation.js'; -import { renderFindingsFromQueues } from '../services/findings-renderer.js'; import { assembleFinalReport, injectModelIntoReport } from '../services/reporting.js'; import { AGENTS } from '../session-manager.js'; import type { AgentName } from '../types/agents.js';