Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Protect: Update Threats Data Format and Integrate ThreatsDataViews #39767

Closed
wants to merge 2 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
338 changes: 41 additions & 297 deletions pnpm-lock.yaml

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
Significance: patch
Type: changed
Comment: Minor adjustments to the ThreatsDataViews component.


2 changes: 1 addition & 1 deletion projects/js-packages/components/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
"@wordpress/components": "28.9.0",
"@wordpress/compose": "7.9.0",
"@wordpress/data": "10.9.0",
"@wordpress/dataviews": "4.6.0",
"@wordpress/dataviews": "4.7.0",
"@wordpress/date": "5.9.0",
"@wordpress/element": "6.9.0",
"@wordpress/i18n": "5.9.0",
Expand Down
4 changes: 4 additions & 0 deletions projects/js-packages/scan/changelog/add-types-and-utils
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
Significance: minor
Type: added

Add threat types and scan utility functions
1 change: 1 addition & 0 deletions projects/js-packages/scan/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,7 @@
"@wordpress/api-fetch": "7.9.0",
"@wordpress/element": "6.9.0",
"@wordpress/i18n": "5.9.0",
"@wordpress/icons": "10.9.0",
"@wordpress/url": "4.9.0",
"debug": "4.3.4",
"react": "^18.2.0",
Expand Down
Empty file.
23 changes: 23 additions & 0 deletions projects/js-packages/scan/src/types/fixers.ts
Original file line number Diff line number Diff line change
Expand Up @@ -15,3 +15,26 @@ export type ThreatFixStatusSuccess = {
};

export type ThreatFixStatus = ThreatFixStatusError | ThreatFixStatusSuccess;

/**
* Fixers Status
*
* Overall status of all fixers.
*/
type FixersStatusBase = {
ok: boolean; // Discriminator for overall success
};

export type FixersStatusError = FixersStatusBase & {
ok: false;
error: string;
};

export type FixersStatusSuccess = FixersStatusBase & {
ok: true;
threats: {
[ key: number ]: ThreatFixStatus;
};
};

export type FixersStatus = FixersStatusSuccess | FixersStatusError;
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { Threat } from './threats';
import { type Threat } from '..';

export type ExtensionStatus = {
/** The name of the extension. */
Expand Down Expand Up @@ -39,14 +39,8 @@ export type ScanStatus = {
/** The time the last scan was checked, in YYYY-MM-DD HH:MM:SS format. */
lastChecked: string | null;

/** The number of plugin threats found in the latest status. */
numPluginsThreats: number;

/** The number of theme threats found in the latest status. */
numThemesThreats: number;

/** The total number of threats found in the latest status. */
numThreats: number;
/** The security threats identified in the latest scan. */
threats: Threat[];

/** Whether there was an error in the scan results. */
error: boolean | null;
Expand All @@ -56,26 +50,4 @@ export type ScanStatus = {

/** The error message. */
errorMessage: string | null;

/** WordPress Core Status */
core: {
checked: boolean;
name: string;
slug: string;
threats: Threat[];
type: 'core';
version: string;
} | null;

/** Plugins Status */
plugins: ExtensionStatus[];

/** Themes Status */
themes: ExtensionStatus[];

/** File Threats */
files: Threat[];

/** Database Threats */
database: Threat[];
};
40 changes: 39 additions & 1 deletion projects/js-packages/scan/src/utils/index.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import { Threat, ThreatFixStatus, FIXER_IS_STALE_THRESHOLD } from '..';
import { code, color, plugins, shield, wordpress } from '@wordpress/icons';
import { type Threat, type ThreatFixStatus, FIXER_IS_STALE_THRESHOLD } from '..';

export const getThreatType = ( threat: Threat ) => {
if ( threat.signature === 'Vulnerable.WP.Core' ) {
Expand All @@ -14,6 +15,43 @@ export const getThreatType = ( threat: Threat ) => {
return null;
};

export const getThreatSubtitle = ( threat: Threat ) => {
const type = getThreatType( threat );

switch ( type ) {
case 'plugin':
case 'theme':
return `${ threat.extension?.name } (${ threat.extension?.version })`;
case 'core':
return 'WordPress Core';
case 'file':
// Trim leading slash
if ( threat.filename.startsWith( '/' ) ) {
return threat.filename.slice( 1 );
}
return threat.filename;
default:
return '';
}
};

export const getThreatIcon = ( threat: Threat ) => {
const type = getThreatType( threat );

switch ( type ) {
case 'plugin':
return plugins;
case 'theme':
return color;
case 'core':
return wordpress;
case 'file':
return code;
default:
return shield;
}
};

export const fixerTimestampIsStale = ( lastUpdatedTimestamp: string ) => {
const now = new Date();
const lastUpdated = new Date( lastUpdatedTimestamp );
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,28 +24,14 @@ export const ScanAndThreatStatus = () => {
const {
protect: { scanData },
} = getMyJetpackWindowInitialState();
const { plugins, themes, num_threats: numThreats = 0 } = scanData || {};
const numThreats = scanData.threats.length;

const criticalScanThreatCount = useMemo( () => {
const { core, database, files, num_plugins_threats, num_themes_threats } = scanData || {};
const pluginsThreats = num_plugins_threats
? plugins.reduce( ( accum, plugin ) => accum.concat( plugin.threats ), [] )
: [];
const themesThreats = num_themes_threats
? themes.reduce( ( accum, theme ) => accum.concat( theme.threats ), [] )
: [];
const allThreats = [
...pluginsThreats,
...themesThreats,
...( core?.threats ?? [] ),
...database,
...files,
];
return allThreats.reduce(
return scanData.threats.reduce(
( accum, threat ) => ( threat.severity >= 5 ? ( accum += 1 ) : accum ),
0
);
}, [ plugins, themes, scanData ] );
}, [ scanData.threats ] );

if ( isPluginActive && isSiteConnected ) {
if ( hasProtectPaidPlan ) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,10 @@ export const useLastScanText = () => {
themes,
protect: { scanData },
} = getMyJetpackWindowInitialState();
const {
plugins: fromScanPlugins,
themes: fromScanThemes,
last_checked: lastScanTime = null,
} = scanData || {};
const { last_checked: lastScanTime = null } = scanData || {};

const pluginsCount = fromScanPlugins.length || Object.keys( plugins ).length;
const themesCount = fromScanThemes.length || Object.keys( themes ).length;
const pluginsCount = Object.keys( plugins ).length;
const themesCount = Object.keys( themes ).length;

const timeSinceLastScan = lastScanTime ? timeSince( Date.parse( lastScanTime ) ) : false;

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,19 +35,15 @@ export function useProtectTooltipCopy(): TooltipContent {
themes,
protect: { scanData, wafConfig: wafData },
} = getMyJetpackWindowInitialState();
const {
plugins: fromScanPlugins,
themes: fromScanThemes,
num_threats: numThreats = 0,
} = scanData || {};
const numThreats = scanData.threats.length;
const {
jetpack_waf_automatic_rules: isAutoFirewallEnabled,
blocked_logins: blockedLoginsCount,
brute_force_protection: hasBruteForceProtection,
} = wafData || {};

const pluginsCount = fromScanPlugins.length || Object.keys( plugins ).length;
const themesCount = fromScanThemes.length || Object.keys( themes ).length;
const pluginsCount = Object.keys( plugins ).length;
const themesCount = Object.keys( themes ).length;

const settingsLink = useMemo( () => {
if ( isProtectPluginActive ) {
Expand Down
5 changes: 5 additions & 0 deletions projects/packages/my-jetpack/changelog/protect-status-compat
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
Significance: patch
Type: changed
Comment: Package compatibility updates, no functional changes.


24 changes: 7 additions & 17 deletions projects/packages/my-jetpack/global.d.ts
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,12 @@ type ThreatItem = {
fixed_in: string;
description: string | null;
source: string | null;
extension: {
slug: string;
name: string;
version: string;
type: 'plugin' | 'theme' | 'core';
};
// Scan API properties (paid plan)
context: string | null;
filename: string | null;
Expand All @@ -58,15 +64,6 @@ type ThreatItem = {
status: number | null;
};

type ScanItem = {
checked: boolean;
name: string;
slug: string;
threats: ThreatItem[];
type: string;
version: string;
};

interface Window {
myJetpackInitialState?: {
siteSuffix: string;
Expand Down Expand Up @@ -212,22 +209,15 @@ interface Window {
};
protect: {
scanData: {
core: ScanItem;
threats: ThreatItem[];
current_progress?: string;
data_source: string;
database: string[];
error: boolean;
error_code?: string;
error_message?: string;
files: string[];
has_unchecked_items: boolean;
last_checked: string;
num_plugins_threats: number;
num_themes_threats: number;
num_threats: number;
plugins: ScanItem[];
status: string;
themes: ScanItem[];
};
wafConfig: {
automatic_rules_available: boolean;
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
Significance: major
Type: changed

Changed the formatting of threat data.
37 changes: 0 additions & 37 deletions projects/packages/protect-models/src/class-extension-model.php
Original file line number Diff line number Diff line change
Expand Up @@ -33,13 +33,6 @@ class Extension_Model {
*/
public $version;

/**
* A collection of threats related to this version of the extension.
*
* @var array<Threat_Model>
*/
public $threats = array();

/**
* Whether the extension has been checked for threats.
*
Expand Down Expand Up @@ -77,34 +70,4 @@ public function __construct( $extension = array() ) {
}
}
}

/**
* Set Threats
*
* @param array<Threat_Model|array|object> $threats An array of threat data to add to the extension.
*/
public function set_threats( $threats ) {
if ( ! is_array( $threats ) ) {
$this->threats = array();
return;
}

// convert each provided threat item into an instance of Threat_Model
$threats = array_map(
function ( $threat ) {
if ( is_a( $threat, 'Threat_Model' ) ) {
return $threat;
}

if ( is_object( $threat ) ) {
$threat = (array) $threat;
}

return new Threat_Model( $threat );
},
$threats
);

$this->threats = $threats;
}
}
Loading
Loading