|
| 1 | +<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_script_only_check"> |
| 2 | + <scan_script_only_check action="INSERT_OR_UPDATE"> |
| 3 | + <active>true</active> |
| 4 | + <category>manageability</category> |
| 5 | + <description>The gs.info() statement can be used to write information to the system log. It is generally used when debugging. Using gs.info() statements will pollute the system log. Prior to promoting artifacts to a production instance, debugging statement should - in most cases - be removed.</description> |
| 6 | + <documentation_url/> |
| 7 | + <finding_type>scan_finding</finding_type> |
| 8 | + <name>Check gs.log</name> |
| 9 | + <priority>3</priority> |
| 10 | + <resolution_details>This script validates gs.log() statement present in Business rules, client scripts and script includes</resolution_details> |
| 11 | + <run_condition/> |
| 12 | + <score_max>100</score_max> |
| 13 | + <score_min>0</score_min> |
| 14 | + <score_scale>1</score_scale> |
| 15 | + <script><![CDATA[(function(finding, current) { |
| 16 | +
|
| 17 | + var pattern = /gs\.log\s*\(/;//gs.log() pattern |
| 18 | +
|
| 19 | + var grBr = new GlideRecord('sys_script'); //Business rule |
| 20 | + grBr.addActiveQuery(); |
| 21 | + grBr.query(); |
| 22 | + while (grBr.next()) { |
| 23 | + var scriptContent = grBr.getValue('script'); |
| 24 | + if (pattern.test(scriptContent)) { |
| 25 | + finding.increment(); |
| 26 | + } |
| 27 | +
|
| 28 | + } |
| 29 | +
|
| 30 | + var grCl = new GlideRecord('sys_script_client'); //Client script |
| 31 | + grCl.addActiveQuery(); |
| 32 | + grCl.query(); |
| 33 | + while (grCl.next()) { |
| 34 | + var scriptContent1 = grCl.getValue('script'); |
| 35 | + if (pattern.test(scriptContent1)) { |
| 36 | + finding.increment(); |
| 37 | + } |
| 38 | +
|
| 39 | + } |
| 40 | +
|
| 41 | + var grSi = new GlideRecord('sys_script_include'); //Script Include |
| 42 | + grSi.addActiveQuery(); |
| 43 | + grSi.query(); |
| 44 | + while (grSi.next()) { |
| 45 | + var scriptContent2 = grSi.getValue('script'); |
| 46 | + if (pattern.test(scriptContent2)) { |
| 47 | + finding.increment(); |
| 48 | + } |
| 49 | +
|
| 50 | + } |
| 51 | +
|
| 52 | +})(finding, current);]]></script> |
| 53 | + <short_description>Scripts should not contain gs.info statements</short_description> |
| 54 | + <sys_class_name>scan_script_only_check</sys_class_name> |
| 55 | + <sys_created_by>admin</sys_created_by> |
| 56 | + <sys_created_on>2024-10-14 18:41:51</sys_created_on> |
| 57 | + <sys_id>ad6c55385355521000b51901a0490ec4</sys_id> |
| 58 | + <sys_mod_count>0</sys_mod_count> |
| 59 | + <sys_name>Check gs.log</sys_name> |
| 60 | + <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package> |
| 61 | + <sys_policy/> |
| 62 | + <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope> |
| 63 | + <sys_update_name>scan_script_only_check_ad6c55385355521000b51901a0490ec4</sys_update_name> |
| 64 | + <sys_updated_by>admin</sys_updated_by> |
| 65 | + <sys_updated_on>2024-10-14 18:41:51</sys_updated_on> |
| 66 | + </scan_script_only_check> |
| 67 | + <sys_translated_text action="delete_multiple" query="documentkey=ad6c55385355521000b51901a0490ec4"/> |
| 68 | + <sys_es_latest_script action="INSERT_OR_UPDATE"> |
| 69 | + <id>ad6c55385355521000b51901a0490ec4</id> |
| 70 | + <sys_created_by>admin</sys_created_by> |
| 71 | + <sys_created_on>2024-10-14 18:41:51</sys_created_on> |
| 72 | + <sys_id>28ad95385355521000b51901a0490e07</sys_id> |
| 73 | + <sys_mod_count>0</sys_mod_count> |
| 74 | + <sys_updated_by>admin</sys_updated_by> |
| 75 | + <sys_updated_on>2024-10-14 18:41:51</sys_updated_on> |
| 76 | + <table>scan_script_only_check</table> |
| 77 | + <use_es_latest>true</use_es_latest> |
| 78 | + </sys_es_latest_script> |
| 79 | +</record_update> |
0 commit comments