Merge pull request #486 from AikidoSec/rm-preserve-symlinks

Remove --preserve-symlinks

.github/workflows/benchmark.yml

@@ -42,14 +42,14 @@ jobs:
       - run: make install
       - run: make build
       - name: Run NoSQL Injection Benchmark
-        run: cd benchmarks/nosql-injection && AIKIDO_CI=true node --preserve-symlinks benchmark.js
+        run: cd benchmarks/nosql-injection && AIKIDO_CI=true node benchmark.js
       - name: Run SQL Injection Benchmark
-        run: cd benchmarks/sql-injection && node --preserve-symlinks benchmark.js
+        run: cd benchmarks/sql-injection && node benchmark.js
       - name: Run shell injection Benchmark
-        run: cd benchmarks/shell-injection && node --preserve-symlinks benchmark.js
+        run: cd benchmarks/shell-injection && node benchmark.js
       - name: Run Hono with Postgres Benchmark
-        run: cd benchmarks/hono-pg && node --preserve-symlinks benchmark.js
+        run: cd benchmarks/hono-pg && node benchmark.js
       - name: Run API Discovery Benchmark
-        run: cd benchmarks/api-discovery && node --preserve-symlinks benchmark.js
+        run: cd benchmarks/api-discovery && node benchmark.js
       - name: Run Express Benchmark
-        run: cd benchmarks/express && node --preserve-symlinks benchmark.js
+        run: cd benchmarks/express && node benchmark.js

Makefile

@@ -10,51 +10,51 @@ containers:
 
 .PHONY: express-mongodb
 express-mongodb:
-	cd sample-apps/express-mongodb && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js
+	cd sample-apps/express-mongodb && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js
 
 .PHONY: express-mongoose
 express-mongoose:
-	cd sample-apps/express-mongoose && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js
+	cd sample-apps/express-mongoose && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js
 
 .PHONY: express-postgres
 express-postgres:
-	cd sample-apps/express-postgres && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js
+	cd sample-apps/express-postgres && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js
 
 .PHONY: express-mysql
 express-mysql:
-	cd sample-apps/express-mysql && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js
+	cd sample-apps/express-mysql && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js
 
 .PHONY: express-mysql2
 express-mysql2:
-	cd sample-apps/express-mysql2 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js
+	cd sample-apps/express-mysql2 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js
 
 .PHONY: express-mariadb
 express-mariadb:
-	cd sample-apps/express-mariadb && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js
+	cd sample-apps/express-mariadb && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js
 
 .PHONY: express-path-traversal
 express-path-traversal:
-	cd sample-apps/express-path-traversal && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js
+	cd sample-apps/express-path-traversal && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js
 
 .PHONY: express-graphql
 express-graphql:
-	cd sample-apps/express-graphql && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js
+	cd sample-apps/express-graphql && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js
 
 .PHONY: hono-xml
 hono-xml:
-	cd sample-apps/hono-xml && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js
+	cd sample-apps/hono-xml && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js
 
 .PHONY: hono-sqlite3
 hono-sqlite3:
-	cd sample-apps/hono-sqlite3 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js
+	cd sample-apps/hono-sqlite3 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js
 
 .PHONY: hapi-postgres
 hapi-postgres:
-	cd sample-apps/hapi-postgres && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js
+	cd sample-apps/hapi-postgres && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js
 
 .PHONY: micro
 micro:
-	cd sample-apps/micro && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks --require @aikidosec/firewall ./node_modules/.bin/micro
+	cd sample-apps/micro && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --require @aikidosec/firewall ./node_modules/.bin/micro
 
 .PHONY: lambda-mongodb-nosql-injection
 lambda-mongodb-nosql-injection:
@@ -66,19 +66,19 @@ lambda-mongodb-safe:
 
 .PHONY: nestjs-sentry
 nestjs-sentry:
-	cd sample-apps/nestjs-sentry && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true NODE_OPTIONS=--preserve-symlinks npm run start
+	cd sample-apps/nestjs-sentry && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true NODE_OPTIONS=npm run start
 
 .PHONY: nestjs-fastify
 nestjs-fastify:
-	cd sample-apps/nestjs-fastify && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true NODE_OPTIONS=--preserve-symlinks npm run start
+	cd sample-apps/nestjs-fastify && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true NODE_OPTIONS=npm run start
 
 .PHONY: fastify-mysql2
 fastify-mysql2:
-	cd sample-apps/fastify-mysql2 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js
+	cd sample-apps/fastify-mysql2 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js
 
 .PHONY: koa-sqlite3
 koa-sqlite3:
-	cd sample-apps/koa-sqlite3 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js
+	cd sample-apps/koa-sqlite3 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js
 
 .PHONY: fastify-clickhouse
 fastify-clickhouse:
@@ -145,9 +145,9 @@ end2end:
 	cd end2end && npm run test
 
 benchmark: build
-	cd benchmarks/nosql-injection && AIKIDO_CI=true node --preserve-symlinks benchmark.js
-	cd benchmarks/shell-injection && node --preserve-symlinks benchmark.js
-	cd benchmarks/sql-injection && node --preserve-symlinks benchmark.js
-	cd benchmarks/hono-pg && node --preserve-symlinks benchmark.js
-	cd benchmarks/api-discovery && node --preserve-symlinks benchmark.js
-	cd benchmarks/express && node --preserve-symlinks benchmark.js
+	cd benchmarks/nosql-injection && AIKIDO_CI=true node benchmark.js
+	cd benchmarks/shell-injection && node benchmark.js
+	cd benchmarks/sql-injection && node benchmark.js
+	cd benchmarks/hono-pg && node benchmark.js
+	cd benchmarks/api-discovery && node benchmark.js
+	cd benchmarks/express && node benchmark.js

benchmarks/hono-pg/benchmark.js

@@ -16,7 +16,7 @@ async function startServer(firewallEnabled) {
     };
   }
 
-  const server = spawn("node", ["--preserve-symlinks", "server.js", "4000"], {
+  const server = spawn("node", ["server.js", "4000"], {
     env,
     cwd: join(__dirname, "app"),
   });

end2end/tests/big-payloads.test.js

@@ -11,7 +11,7 @@ const pathToApp = resolve(
 );
 
 t.test("it does not crash if many attacks with big payloads", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], {
+  const server = spawn(`node`, [pathToApp, "4000"], {
     env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" },
   });
 

end2end/tests/express-graphql.test.js

@@ -72,7 +72,7 @@ t.test("it blocks in blocking mode", (t) => {
 });
 
 t.test("it does not block in dry mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], {
+  const server = spawn(`node`, [pathToApp, "4001"], {
     env: { ...process.env, AIKIDO_DEBUG: "true" },
   });
 

end2end/tests/express-mariadb.test.js

@@ -10,7 +10,7 @@ const pathToApp = resolve(
 );
 
 t.test("it blocks in blocking mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], {
+  const server = spawn(`node`, [pathToApp, "4000"], {
     env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" },
   });
 
@@ -62,7 +62,7 @@ t.test("it blocks in blocking mode", (t) => {
 });
 
 t.test("it does not block in dry mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], {
+  const server = spawn(`node`, [pathToApp, "4001"], {
     env: { ...process.env, AIKIDO_DEBUG: "true" },
   });
 

end2end/tests/express-mongodb.shell-injection.test.js

@@ -10,7 +10,7 @@ const pathToApp = resolve(
 );
 
 t.test("it blocks in blocking mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], {
+  const server = spawn(`node`, [pathToApp, "4000"], {
     env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCK: "true" },
   });
 
@@ -73,7 +73,7 @@ t.test("it blocks in blocking mode", (t) => {
 });
 
 t.test("it does not block in dry mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], {
+  const server = spawn(`node`, [pathToApp, "4001"], {
     env: { ...process.env, AIKIDO_DEBUG: "true" },
   });
 

end2end/tests/express-mongodb.ssrf.test.js

@@ -51,7 +51,7 @@ t.beforeEach(async () => {
 });
 
 t.test("it blocks in blocking mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], {
+  const server = spawn(`node`, [pathToApp, "4000"], {
     env: {
       ...process.env,
       AIKIDO_DEBUG: "true",
@@ -129,7 +129,7 @@ t.test("it blocks in blocking mode", (t) => {
 });
 
 t.test("it does not block in dry mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], {
+  const server = spawn(`node`, [pathToApp, "4001"], {
     env: {
       ...process.env,
       AIKIDO_DEBUG: "true",

end2end/tests/express-mongodb.test.js

@@ -12,7 +12,7 @@ const pathToApp = resolve(
 t.setTimeout(60000);
 
 t.test("it blocks in blocking mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], {
+  const server = spawn(`node`, [pathToApp, "4000"], {
     env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" },
   });
 
@@ -65,7 +65,7 @@ t.test("it blocks in blocking mode", (t) => {
 });
 
 t.test("it does not block in dry mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], {
+  const server = spawn(`node`, [pathToApp, "4001"], {
     env: { ...process.env, AIKIDO_DEBUG: "true" },
   });
 
@@ -117,7 +117,6 @@ t.test("it blocks in blocking mode (with open telemetry enabled)", (t) => {
   const server = spawn(
     `node`,
     [
-      "--preserve-symlinks",
       "--require",
       "@opentelemetry/auto-instrumentations-node/register",
       pathToApp,
@@ -186,7 +185,6 @@ t.test("it does not block in dry mode (with open telemetry enabled)", (t) => {
   const server = spawn(
     `node`,
     [
-      "--preserve-symlinks",
       "--require",
       "@opentelemetry/auto-instrumentations-node/register",
       pathToApp,

end2end/tests/express-mongoose.test.js

@@ -10,7 +10,7 @@ const pathToApp = resolve(
 );
 
 t.test("it blocks in blocking mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], {
+  const server = spawn(`node`, [pathToApp, "4000"], {
     env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" },
   });
 
@@ -59,7 +59,7 @@ t.test("it blocks in blocking mode", (t) => {
 });
 
 t.test("it does not block in dry mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], {
+  const server = spawn(`node`, [pathToApp, "4001"], {
     env: { ...process.env, AIKIDO_DEBUG: "true" },
   });
 

end2end/tests/express-mysql.test.js

@@ -10,7 +10,7 @@ const pathToApp = resolve(
 );
 
 t.test("it blocks in blocking mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], {
+  const server = spawn(`node`, [pathToApp, "4000"], {
     env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" },
   });
 
@@ -80,7 +80,7 @@ t.test("it blocks in blocking mode", (t) => {
 });
 
 t.test("it does not block in dry mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], {
+  const server = spawn(`node`, [pathToApp, "4001"], {
     env: { ...process.env, AIKIDO_DEBUG: "true" },
   });
 

end2end/tests/express-mysql2.test.js

@@ -10,7 +10,7 @@ const pathToApp = resolve(
 );
 
 t.test("it blocks in blocking mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], {
+  const server = spawn(`node`, [pathToApp, "4000"], {
     env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" },
   });
 
@@ -69,7 +69,7 @@ t.test("it blocks in blocking mode", (t) => {
 });
 
 t.test("it does not block in dry mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], {
+  const server = spawn(`node`, [pathToApp, "4001"], {
     env: { ...process.env, AIKIDO_DEBUG: "true" },
   });
 

end2end/tests/express-path-traversal.test.js

@@ -10,7 +10,7 @@ const pathToApp = resolve(
 );
 
 t.test("it blocks in blocking mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], {
+  const server = spawn(`node`, [pathToApp, "4000"], {
     env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" },
   });
 
@@ -65,7 +65,7 @@ t.test("it blocks in blocking mode", (t) => {
 });
 
 t.test("it does not block in dry mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], {
+  const server = spawn(`node`, [pathToApp, "4001"], {
     env: { ...process.env, AIKIDO_DEBUG: "true" },
   });
 

end2end/tests/express-postgres.test.js

@@ -19,7 +19,7 @@ t.before(() => {
 
 entrypoints.forEach((entrypoint) => {
   t.test(`it blocks in blocking mode (${entrypoint})`, (t) => {
-    const server = spawn(`node`, ["--preserve-symlinks", entrypoint, "4000"], {
+    const server = spawn(`node`, [entrypoint, "4000"], {
       env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" },
       cwd: directory,
     });
@@ -88,7 +88,7 @@ entrypoints.forEach((entrypoint) => {
   });
 
   t.test(`it does not block in dry mode (${entrypoint})`, (t) => {
-    const server = spawn(`node`, ["--preserve-symlinks", entrypoint, "4001"], {
+    const server = spawn(`node`, [entrypoint, "4001"], {
       env: { ...process.env, AIKIDO_DEBUG: "true" },
       cwd: directory,
     });
@@ -160,7 +160,7 @@ entrypoints.forEach((entrypoint) => {
 t.test("it blocks in blocking mode (with dd-trace)", (t) => {
   const server = spawn(
     `node`,
-    ["--preserve-symlinks", "--require", "dd-trace/init", "app.js", "4002"],
+    ["--require", "dd-trace/init", "app.js", "4002"],
     {
       env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" },
       cwd: directory,

end2end/tests/fastify-mysql2.test.js

@@ -10,7 +10,7 @@ const pathToApp = resolve(
 );
 
 t.test("it blocks in blocking mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], {
+  const server = spawn(`node`, [pathToApp, "4000"], {
     env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" },
   });
 

end2end/tests/hapi-postgres.test.js

@@ -10,7 +10,7 @@ const pathToApp = resolve(
 );
 
 t.test("it blocks in blocking mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], {
+  const server = spawn(`node`, [pathToApp, "4000"], {
     env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" },
   });
 
@@ -62,7 +62,7 @@ t.test("it blocks in blocking mode", (t) => {
 });
 
 t.test("it does not block in dry mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], {
+  const server = spawn(`node`, [pathToApp, "4001"], {
     env: { ...process.env, AIKIDO_DEBUG: "true" },
   });
 

end2end/tests/hono-mongodb.test.js

@@ -12,7 +12,7 @@ const pathToApp = resolve(
 t.setTimeout(60000);
 
 t.test("it blocks in blocking mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], {
+  const server = spawn(`node`, [pathToApp, "4000"], {
     env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" },
   });
 
@@ -67,7 +67,7 @@ t.test("it blocks in blocking mode", (t) => {
 });
 
 t.test("it does not block in dry mode", (t) => {
-  const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], {
+  const server = spawn(`node`, [pathToApp, "4001"], {
     env: { ...process.env, AIKIDO_DEBUG: "true" },
   });