Merge pull request #5 from secureCodeBox/develop

Develop

.travis.yml

@@ -4,7 +4,7 @@ jobs:
           script: npm test
           language: node_js
           node_js:
-              - '8'
+              - '10'
         - stage: build docker image
           services:
               - docker

Dockerfile

@@ -19,6 +19,8 @@ RUN npm install --production
 
 COPY . /src
 
+HEALTHCHECK --interval=30s --timeout=5s --start-period=120s --retries=3 CMD node healthcheck.js || exit 1
+
 RUN ls -l
 
 RUN addgroup --system sslyze_group && adduser --system --ingroup sslyze_group sslyze_user 

README.md

@@ -1,4 +1,4 @@
-![Build Status](https://travis-ci.com/secureCodeBox/scanner-infrastructure-sslyze.svg?token=Hpx3VekB3dxuZX1bYFME&branch=develop)
+[![Build Status](https://travis-ci.com/secureCodeBox/scanner-infrastructure-sslyze.svg?branch=develop)](https://travis-ci.com/secureCodeBox/scanner-infrastructure-sslyze)
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 [![Known Vulnerabilities](https://snyk.io/test/github/secureCodeBox/scanner-infrastructure-sslyze/badge.svg)](https://snyk.io/test/github/secureCodeBox/scanner-infrastructure-sslyze)
 [![GitHub release](https://img.shields.io/github/release/secureCodeBox/scanner-infrastructure-sslyze.svg)](https://github.com/secureCodeBox/scanner-infrastructure-sslyze/releases/latest)

healthcheck.js

@@ -0,0 +1,12 @@
+try {
+
+	require('http').request('http://localhost:8080/status', response => {
+
+		// exit with error for any non 2xx status code
+		process.exit(response.statusCode >= 300 ? 1 : 0);
+
+	}).end();
+
+} catch (err) {
+	process.exit(1);
+}

package.json

@@ -17,8 +17,8 @@
         "url": "git@github.com:secureCodeBox/scanner-infrastructure-sslyze.git"
     },
     "dependencies": {
-        "@securecodebox/scanner-scaffolding": "^2.1.3",
-        "lodash": "^4.17.10",
+        "@securecodebox/scanner-scaffolding": "^2.2.0",
+        "lodash": "^4.17.11",
         "node-sslyze": "file:lib/node-sslyze",
         "sprintf-js": "^1.1.1",
         "uuid": "^3.3.2"

src/__snapshots__/sslyze.test.js.snap

@@ -315,7 +315,7 @@ Object {
       "name": "TLSv1 supported",
       "osi_layer": "PRESENTATION",
       "reference": null,
-      "severity": "INFORMATIONAL",
+      "severity": "LOW",
     },
     Object {
       "attributes": Object {
@@ -781,7 +781,7 @@ Object {
       "name": "TLSv1 supported",
       "osi_layer": "PRESENTATION",
       "reference": null,
-      "severity": "INFORMATIONAL",
+      "severity": "LOW",
     },
     Object {
       "attributes": Object {
@@ -1257,7 +1257,7 @@ Object {
       "name": "TLSv1 supported",
       "osi_layer": "PRESENTATION",
       "reference": null,
-      "severity": "INFORMATIONAL",
+      "severity": "LOW",
     },
     Object {
       "attributes": Object {
@@ -1735,7 +1735,7 @@ Object {
       "name": "TLSv1 supported",
       "osi_layer": "PRESENTATION",
       "reference": null,
-      "severity": "INFORMATIONAL",
+      "severity": "LOW",
     },
     Object {
       "attributes": Object {

src/sslyze.js

@@ -299,7 +299,7 @@ const FindingPrototypes = Object.freeze({
         name: 'TLSv1 supported',
         description: 'The server supports at least one cipher suite using the TLSv1 protocol.',
         osi_layer: OsiLayer.PRESENTATION,
-        severity: Severity.INFORMATIONAL,
+        severity: Severity.LOW,
         category: FindingCategory.TLSV1,
     },
     TLSV1_ERROR: {

src/sslyze.test.js

@@ -778,7 +778,7 @@ describe('sslyze', () => {
                     'The server supports at least one cipher suite using the TLSv1 protocol.',
                 category: 'TLSv1',
                 osi_layer: 'PRESENTATION',
-                severity: 'INFORMATIONAL',
+                severity: 'LOW',
                 reference: null,
                 hint: null,
                 location: 'https://www.yahoo.com:443',