From 3e79647ac26711ec725b2a70a59bb2153ccf394f Mon Sep 17 00:00:00 2001 From: fiqare-secmotic Date: Mon, 16 Dec 2019 11:28:33 +0100 Subject: [PATCH 1/9] Rule 2: Unused function parameters should be removed --- lib/bindings/HTTPBindings.js | 6 +++--- lib/bindings/MQTTBinding.js | 2 +- lib/commonBindings.js | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/bindings/HTTPBindings.js b/lib/bindings/HTTPBindings.js index 89bf31b7..25d294de 100644 --- a/lib/bindings/HTTPBindings.js +++ b/lib/bindings/HTTPBindings.js @@ -44,7 +44,7 @@ var http = require('http'), }, transport = 'HTTP'; -function handleError(error, req, res, next) { +function handleError(error, req, res) { var code = 500; config.getLogger().debug(context, 'Error [%s] handing request: %s', error.name, error.message); @@ -135,7 +135,7 @@ function checkMandatoryParams(queryPayload) { * This middleware checks whether there is any polling command pending to be sent to the device. If there is some, * add the command information to the return payload. Otherwise it returns an empty payload. */ -function returnCommands(req, res, next) { +function returnCommands(req, res) { function updateCommandStatus(device, commandList) { var updates, cleanCommands; @@ -159,7 +159,7 @@ function returnCommands(req, res, next) { updates = commandList.map(createCommandUpdate); cleanCommands = commandList.map(cleanCommand); - async.parallel(updates.concat(cleanCommands), function(error, results) { + async.parallel(updates.concat(cleanCommands), function(error) { if (error) { // prettier-ignore config.getLogger().error( diff --git a/lib/bindings/MQTTBinding.js b/lib/bindings/MQTTBinding.js index 1b81840f..645c9512 100644 --- a/lib/bindings/MQTTBinding.js +++ b/lib/bindings/MQTTBinding.js @@ -278,7 +278,7 @@ function start(callback) { } }); mqttClient.on('message', commonBindings.mqttMessageHandler); - mqttClient.on('connect', function(ack) { + mqttClient.on('connect', function() { config.getLogger().info(context, 'MQTT Client connected'); recreateSubscriptions(); }); diff --git a/lib/commonBindings.js b/lib/commonBindings.js index 7bebe31f..d182c69f 100644 --- a/lib/commonBindings.js +++ b/lib/commonBindings.js @@ -115,7 +115,7 @@ function manageConfigurationRequest(apiKey, deviceId, device, objMessage) { * @param {Number} index Index of the group in the array. * @return {Array} Updated array of functions. */ -function processMeasureGroup(device, apikey, previous, current, index) { +function processMeasureGroup(device, apikey, previous, current) { var values = []; if (current.command) { From 85f7388cbcb83f4dd1b8a7e50c3e06e407eb7199 Mon Sep 17 00:00:00 2001 From: fiqare-secmotic Date: Mon, 16 Dec 2019 11:31:37 +0100 Subject: [PATCH 2/9] Rule 4: if.. else if constructs should end with else clauses --- lib/iotaUtils.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/iotaUtils.js b/lib/iotaUtils.js index eb0afe49..ac439acd 100644 --- a/lib/iotaUtils.js +++ b/lib/iotaUtils.js @@ -154,6 +154,8 @@ function mergeDeviceWithConfiguration(deviceData, configuration, callback) { deviceData[fields[i]] = configuration[confField]; } else if (!deviceData[fields[i]] && (!configuration || !configuration[confField])) { deviceData[fields[i]] = defaults[i]; + } else { + config.getLogger().error(context, 'There is no possible merge'); } if (deviceData[fields[i]] && ['active', 'lazy', 'commands'].indexOf(fields[i]) >= 0) { From da9359c7580df1b6d8a6c0cb9e8fba7076555d9b Mon Sep 17 00:00:00 2001 From: Secmotic <47213502+fiqare-secmotic@users.noreply.github.com> Date: Thu, 9 Jan 2020 09:03:06 +0100 Subject: [PATCH 3/9] Update lib/iotaUtils.js MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-Authored-By: Fermín Galán Márquez --- lib/iotaUtils.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/iotaUtils.js b/lib/iotaUtils.js index ac439acd..f2c5d6c2 100644 --- a/lib/iotaUtils.js +++ b/lib/iotaUtils.js @@ -155,7 +155,7 @@ function mergeDeviceWithConfiguration(deviceData, configuration, callback) { } else if (!deviceData[fields[i]] && (!configuration || !configuration[confField])) { deviceData[fields[i]] = defaults[i]; } else { - config.getLogger().error(context, 'There is no possible merge'); + config.getLogger().debug(context, 'at field %d configuration merging logic did not merge anything', i); } if (deviceData[fields[i]] && ['active', 'lazy', 'commands'].indexOf(fields[i]) >= 0) { From a2e11f62c9516932f9f4e42afc7a52b915322831 Mon Sep 17 00:00:00 2001 From: fiqare-secmotic Date: Mon, 20 Jan 2020 14:22:36 +0100 Subject: [PATCH 4/9] fiqare secmotic rules imporved --- lib/bindings/HTTPBindings.js | 6 ++++-- lib/iotaUtils.js | 4 +++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/lib/bindings/HTTPBindings.js b/lib/bindings/HTTPBindings.js index 25d294de..7df7c9fa 100644 --- a/lib/bindings/HTTPBindings.js +++ b/lib/bindings/HTTPBindings.js @@ -44,7 +44,7 @@ var http = require('http'), }, transport = 'HTTP'; -function handleError(error, req, res) { +function handleError(error, req, res, next) { var code = 500; config.getLogger().debug(context, 'Error [%s] handing request: %s', error.name, error.message); @@ -57,6 +57,7 @@ function handleError(error, req, res) { name: error.name, message: error.message }); + next(); } function parseData(req, res, next) { @@ -135,7 +136,7 @@ function checkMandatoryParams(queryPayload) { * This middleware checks whether there is any polling command pending to be sent to the device. If there is some, * add the command information to the return payload. Otherwise it returns an empty payload. */ -function returnCommands(req, res) { +function returnCommands(req, res, next) { function updateCommandStatus(device, commandList) { var updates, cleanCommands; @@ -203,6 +204,7 @@ function returnCommands(req, res) { } else { res.status(200).send(''); } + next(); } function handleIncomingMeasure(req, res, next) { diff --git a/lib/iotaUtils.js b/lib/iotaUtils.js index f2c5d6c2..b875ad13 100644 --- a/lib/iotaUtils.js +++ b/lib/iotaUtils.js @@ -155,7 +155,9 @@ function mergeDeviceWithConfiguration(deviceData, configuration, callback) { } else if (!deviceData[fields[i]] && (!configuration || !configuration[confField])) { deviceData[fields[i]] = defaults[i]; } else { - config.getLogger().debug(context, 'at field %d configuration merging logic did not merge anything', i); + config + .getLogger() + .debug(context, 'at field "' + fields[i] + '" configuration merging logic did not merge anything', i); } if (deviceData[fields[i]] && ['active', 'lazy', 'commands'].indexOf(fields[i]) >= 0) { From 46f612613435e5dd755a5c273ed4fc0974ada2f6 Mon Sep 17 00:00:00 2001 From: fiqare-secmotic Date: Mon, 20 Jan 2020 14:27:41 +0100 Subject: [PATCH 5/9] change branch master to fiqare-secmotic-rules for travis --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 06c77ef8..ed0b2ef7 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,7 +9,7 @@ addons: branches: only: - - master + - fiqare-secmotic-rules services: - rabbitmq From 2e0a51d05618b88c1d4c670fcf0d35710df2cfba Mon Sep 17 00:00:00 2001 From: fiqare-secmotic Date: Mon, 20 Jan 2020 14:33:21 +0100 Subject: [PATCH 6/9] updated to previous version --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index ed0b2ef7..06c77ef8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,7 +9,7 @@ addons: branches: only: - - fiqare-secmotic-rules + - master services: - rabbitmq From 662a45864574e93727ea7e72501236688c2d9d33 Mon Sep 17 00:00:00 2001 From: fiqare-secmotic Date: Mon, 20 Jan 2020 14:47:34 +0100 Subject: [PATCH 7/9] JavaDoc entry removed --- lib/commonBindings.js | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/commonBindings.js b/lib/commonBindings.js index d182c69f..bd8b0376 100644 --- a/lib/commonBindings.js +++ b/lib/commonBindings.js @@ -112,7 +112,6 @@ function manageConfigurationRequest(apiKey, deviceId, device, objMessage) { * @param {String} apikey APIKey of the service the device belongs to. * @param {Array} previous Array of prepared functions that send information to the Context Broker. * @param {Object} current Information sent by the device. - * @param {Number} index Index of the group in the array. * @return {Array} Updated array of functions. */ function processMeasureGroup(device, apikey, previous, current) { From 9dfbdcb16e08ba11ae9b11dac785a6be24469bf6 Mon Sep 17 00:00:00 2001 From: fiqare-secmotic Date: Tue, 21 Jan 2020 10:20:23 +0100 Subject: [PATCH 8/9] Variable reset "results" and function "debug()" improved --- lib/bindings/HTTPBindings.js | 2 +- lib/iotaUtils.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/bindings/HTTPBindings.js b/lib/bindings/HTTPBindings.js index 7df7c9fa..e4813f3b 100644 --- a/lib/bindings/HTTPBindings.js +++ b/lib/bindings/HTTPBindings.js @@ -160,7 +160,7 @@ function returnCommands(req, res, next) { updates = commandList.map(createCommandUpdate); cleanCommands = commandList.map(cleanCommand); - async.parallel(updates.concat(cleanCommands), function(error) { + async.parallel(updates.concat(cleanCommands), function(error, results) { if (error) { // prettier-ignore config.getLogger().error( diff --git a/lib/iotaUtils.js b/lib/iotaUtils.js index b875ad13..103ea72f 100644 --- a/lib/iotaUtils.js +++ b/lib/iotaUtils.js @@ -157,7 +157,7 @@ function mergeDeviceWithConfiguration(deviceData, configuration, callback) { } else { config .getLogger() - .debug(context, 'at field "' + fields[i] + '" configuration merging logic did not merge anything', i); + .debug(context, 'at field "' + fields[i] + '" configuration merging logic did not merge anything'); } if (deviceData[fields[i]] && ['active', 'lazy', 'commands'].indexOf(fields[i]) >= 0) { From 484e833100ab2fee19a4e8ecaf07628e43286918 Mon Sep 17 00:00:00 2001 From: fiqare-secmotic Date: Tue, 21 Jan 2020 14:41:38 +0100 Subject: [PATCH 9/9] new entry for CHANGES_NEXT_RELEASE --- CHANGES_NEXT_RELEASE | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGES_NEXT_RELEASE b/CHANGES_NEXT_RELEASE index 019fca48..71bef0b4 100644 --- a/CHANGES_NEXT_RELEASE +++ b/CHANGES_NEXT_RELEASE @@ -1,2 +1,3 @@ - Add: check response obj before use it handling http commands - Upgrade NodeJS version from 8.16.1 to 10.17.0 in Dockerfile due to Node 8 End-of-Life +- Hardening: software quality improvement based on ISO25010 recommendations \ No newline at end of file