import { startCase } from "lodash"; import PropTypes from "prop-types"; import vulnerabilityInterface from "./vulnerability"; export default PropTypes.shape({ type: PropTypes.string, name: PropTypes.string, version: PropTypes.string, source: PropTypes.string, id: PropTypes.number, vulnerabilities: PropTypes.arrayOf(vulnerabilityInterface), }); export interface ISoftwareResponse { counts_updated_at: string; software: ISoftware[]; } export interface ISoftwareCountResponse { count: number; } export interface IGetSoftwareByIdResponse { software: ISoftware; } // TODO: old software interface. replaced with ISoftwareVersion // check to see if we still need this. export interface ISoftware { id: number; name: string; // e.g., "Figma.app" version: string; // e.g., "2.1.11" bundle_identifier?: string | null; // e.g., "com.figma.Desktop" source: string; // e.g., "apps" generated_cpe: string; vulnerabilities: ISoftwareVulnerability[] | null; hosts_count?: number; last_opened_at?: string | null; // e.g., "2021-08-18T15:11:35Z” installed_paths?: string[]; } export type IVulnerabilitySoftware = Omit & { resolved_in_version: string; }; export interface ISoftwareTitleVersion { id: number; version: string; vulnerabilities: string[] | null; // TODO: does this return null or is it omitted? hosts_count?: number; } export interface ISoftwareTitle { id: number; name: string; versions_count: number; source: string; hosts_count: number; versions: ISoftwareTitleVersion[] | null; browser: string; } export interface ISoftwareVulnerability { cve: string; details_link: string; cvss_score?: number | null; epss_probability?: number | null; cisa_known_exploit?: boolean | null; cve_published?: string | null; cve_description?: string | null; resolved_in_version?: string | null; created_at?: string | null; } export interface ISoftwareVersion { id: number; name: string; // e.g., "Figma.app" version: string; // e.g., "2.1.11" bundle_identifier?: string; // e.g., "com.figma.Desktop" source: string; // e.g., "apps" browser: string; // e.g., "chrome" release: string; // TODO: on software/verions/:id? vendor: string; arch: string; // e.g., "x86_64" // TODO: on software/verions/:id? generated_cpe: string; vulnerabilities: ISoftwareVulnerability[] | null; hosts_count?: number; } export const SOURCE_TYPE_CONVERSION: Record = { apt_sources: "Package (APT)", deb_packages: "Package (deb)", portage_packages: "Package (Portage)", rpm_packages: "Package (RPM)", yum_sources: "Package (YUM)", npm_packages: "Package (NPM)", atom_packages: "Package (Atom)", // Atom packages were removed from software inventory. Mapping is maintained for backwards compatibility. (2023-12-04) python_packages: "Package (Python)", apps: "Application (macOS)", chrome_extensions: "Browser plugin", // chrome_extensions can include any chrome-based browser (e.g., edge), so we rely instead on the `browser` field computed by Fleet server and fallback to this value if it is not present. firefox_addons: "Browser plugin (Firefox)", safari_extensions: "Browser plugin (Safari)", homebrew_packages: "Package (Homebrew)", programs: "Program (Windows)", ie_extensions: "Browser plugin (IE)", chocolatey_packages: "Package (Chocolatey)", pkg_packages: "Package (pkg)", vscode_extensions: "IDE extension (VS Code)", } as const; const BROWSER_TYPE_CONVERSION: Record = { chrome: "Chrome", chromium: "Chromium", opera: "Opera", yandex: "Yandex", brave: "Brave", edge: "Edge", edge_beta: "Edge Beta", } as const; export const formatSoftwareType = ({ source, browser, }: { source: string; browser: string; }) => { let type = SOURCE_TYPE_CONVERSION[source] || "Unknown"; if (browser) { type = `Browser plugin (${ BROWSER_TYPE_CONVERSION[browser] || startCase(browser) })`; } return type; };