diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml index bdf7e7177..6f5160126 100644 --- a/.github/workflows/benchmark.yml +++ b/.github/workflows/benchmark.yml @@ -42,14 +42,14 @@ jobs: - run: make install - run: make build - name: Run NoSQL Injection Benchmark - run: cd benchmarks/nosql-injection && AIKIDO_CI=true node --preserve-symlinks benchmark.js + run: cd benchmarks/nosql-injection && AIKIDO_CI=true node benchmark.js - name: Run SQL Injection Benchmark - run: cd benchmarks/sql-injection && node --preserve-symlinks benchmark.js + run: cd benchmarks/sql-injection && node benchmark.js - name: Run shell injection Benchmark - run: cd benchmarks/shell-injection && node --preserve-symlinks benchmark.js + run: cd benchmarks/shell-injection && node benchmark.js - name: Run Hono with Postgres Benchmark - run: cd benchmarks/hono-pg && node --preserve-symlinks benchmark.js + run: cd benchmarks/hono-pg && node benchmark.js - name: Run API Discovery Benchmark - run: cd benchmarks/api-discovery && node --preserve-symlinks benchmark.js + run: cd benchmarks/api-discovery && node benchmark.js - name: Run Express Benchmark - run: cd benchmarks/express && node --preserve-symlinks benchmark.js + run: cd benchmarks/express && node benchmark.js diff --git a/Makefile b/Makefile index 81e184eb0..48743f616 100644 --- a/Makefile +++ b/Makefile @@ -10,51 +10,51 @@ containers: .PHONY: express-mongodb express-mongodb: - cd sample-apps/express-mongodb && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js + cd sample-apps/express-mongodb && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js .PHONY: express-mongoose express-mongoose: - cd sample-apps/express-mongoose && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js + cd sample-apps/express-mongoose && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js .PHONY: express-postgres express-postgres: - cd sample-apps/express-postgres && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js + cd sample-apps/express-postgres && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js .PHONY: express-mysql express-mysql: - cd sample-apps/express-mysql && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js + cd sample-apps/express-mysql && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js .PHONY: express-mysql2 express-mysql2: - cd sample-apps/express-mysql2 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js + cd sample-apps/express-mysql2 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js .PHONY: express-mariadb express-mariadb: - cd sample-apps/express-mariadb && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js + cd sample-apps/express-mariadb && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js .PHONY: express-path-traversal express-path-traversal: - cd sample-apps/express-path-traversal && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js + cd sample-apps/express-path-traversal && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js .PHONY: express-graphql express-graphql: - cd sample-apps/express-graphql && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js + cd sample-apps/express-graphql && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js .PHONY: hono-xml hono-xml: - cd sample-apps/hono-xml && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js + cd sample-apps/hono-xml && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js .PHONY: hono-sqlite3 hono-sqlite3: - cd sample-apps/hono-sqlite3 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js + cd sample-apps/hono-sqlite3 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js .PHONY: hapi-postgres hapi-postgres: - cd sample-apps/hapi-postgres && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js + cd sample-apps/hapi-postgres && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js .PHONY: micro micro: - cd sample-apps/micro && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks --require @aikidosec/firewall ./node_modules/.bin/micro + cd sample-apps/micro && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --require @aikidosec/firewall ./node_modules/.bin/micro .PHONY: lambda-mongodb-nosql-injection lambda-mongodb-nosql-injection: @@ -66,19 +66,19 @@ lambda-mongodb-safe: .PHONY: nestjs-sentry nestjs-sentry: - cd sample-apps/nestjs-sentry && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true NODE_OPTIONS=--preserve-symlinks npm run start + cd sample-apps/nestjs-sentry && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true NODE_OPTIONS=npm run start .PHONY: nestjs-fastify nestjs-fastify: - cd sample-apps/nestjs-fastify && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true NODE_OPTIONS=--preserve-symlinks npm run start + cd sample-apps/nestjs-fastify && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true NODE_OPTIONS=npm run start .PHONY: fastify-mysql2 fastify-mysql2: - cd sample-apps/fastify-mysql2 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js + cd sample-apps/fastify-mysql2 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js .PHONY: koa-sqlite3 koa-sqlite3: - cd sample-apps/koa-sqlite3 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node --preserve-symlinks app.js + cd sample-apps/koa-sqlite3 && AIKIDO_DEBUG=true AIKIDO_BLOCKING=true node app.js .PHONY: fastify-clickhouse fastify-clickhouse: @@ -145,9 +145,9 @@ end2end: cd end2end && npm run test benchmark: build - cd benchmarks/nosql-injection && AIKIDO_CI=true node --preserve-symlinks benchmark.js - cd benchmarks/shell-injection && node --preserve-symlinks benchmark.js - cd benchmarks/sql-injection && node --preserve-symlinks benchmark.js - cd benchmarks/hono-pg && node --preserve-symlinks benchmark.js - cd benchmarks/api-discovery && node --preserve-symlinks benchmark.js - cd benchmarks/express && node --preserve-symlinks benchmark.js + cd benchmarks/nosql-injection && AIKIDO_CI=true node benchmark.js + cd benchmarks/shell-injection && node benchmark.js + cd benchmarks/sql-injection && node benchmark.js + cd benchmarks/hono-pg && node benchmark.js + cd benchmarks/api-discovery && node benchmark.js + cd benchmarks/express && node benchmark.js diff --git a/benchmarks/hono-pg/benchmark.js b/benchmarks/hono-pg/benchmark.js index 9eaca474a..e3341383f 100644 --- a/benchmarks/hono-pg/benchmark.js +++ b/benchmarks/hono-pg/benchmark.js @@ -16,7 +16,7 @@ async function startServer(firewallEnabled) { }; } - const server = spawn("node", ["--preserve-symlinks", "server.js", "4000"], { + const server = spawn("node", ["server.js", "4000"], { env, cwd: join(__dirname, "app"), }); diff --git a/end2end/tests/big-payloads.test.js b/end2end/tests/big-payloads.test.js index 35fe63306..2295241db 100644 --- a/end2end/tests/big-payloads.test.js +++ b/end2end/tests/big-payloads.test.js @@ -11,7 +11,7 @@ const pathToApp = resolve( ); t.test("it does not crash if many attacks with big payloads", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], { + const server = spawn(`node`, [pathToApp, "4000"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, }); diff --git a/end2end/tests/express-graphql.test.js b/end2end/tests/express-graphql.test.js index a146577f2..810f32617 100644 --- a/end2end/tests/express-graphql.test.js +++ b/end2end/tests/express-graphql.test.js @@ -72,7 +72,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], { + const server = spawn(`node`, [pathToApp, "4001"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, }); diff --git a/end2end/tests/express-mariadb.test.js b/end2end/tests/express-mariadb.test.js index 02eec40c6..46b963f5b 100644 --- a/end2end/tests/express-mariadb.test.js +++ b/end2end/tests/express-mariadb.test.js @@ -10,7 +10,7 @@ const pathToApp = resolve( ); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], { + const server = spawn(`node`, [pathToApp, "4000"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, }); @@ -62,7 +62,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], { + const server = spawn(`node`, [pathToApp, "4001"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, }); diff --git a/end2end/tests/express-mongodb.shell-injection.test.js b/end2end/tests/express-mongodb.shell-injection.test.js index 7209b3d34..4ff18d0d8 100644 --- a/end2end/tests/express-mongodb.shell-injection.test.js +++ b/end2end/tests/express-mongodb.shell-injection.test.js @@ -10,7 +10,7 @@ const pathToApp = resolve( ); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], { + const server = spawn(`node`, [pathToApp, "4000"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCK: "true" }, }); @@ -73,7 +73,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], { + const server = spawn(`node`, [pathToApp, "4001"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, }); diff --git a/end2end/tests/express-mongodb.ssrf.test.js b/end2end/tests/express-mongodb.ssrf.test.js index 2255875b6..0c1c38d6c 100644 --- a/end2end/tests/express-mongodb.ssrf.test.js +++ b/end2end/tests/express-mongodb.ssrf.test.js @@ -51,7 +51,7 @@ t.beforeEach(async () => { }); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], { + const server = spawn(`node`, [pathToApp, "4000"], { env: { ...process.env, AIKIDO_DEBUG: "true", @@ -129,7 +129,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], { + const server = spawn(`node`, [pathToApp, "4001"], { env: { ...process.env, AIKIDO_DEBUG: "true", diff --git a/end2end/tests/express-mongodb.test.js b/end2end/tests/express-mongodb.test.js index cd94d02f2..70c309fda 100644 --- a/end2end/tests/express-mongodb.test.js +++ b/end2end/tests/express-mongodb.test.js @@ -12,7 +12,7 @@ const pathToApp = resolve( t.setTimeout(60000); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], { + const server = spawn(`node`, [pathToApp, "4000"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, }); @@ -65,7 +65,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], { + const server = spawn(`node`, [pathToApp, "4001"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, }); @@ -117,7 +117,6 @@ t.test("it blocks in blocking mode (with open telemetry enabled)", (t) => { const server = spawn( `node`, [ - "--preserve-symlinks", "--require", "@opentelemetry/auto-instrumentations-node/register", pathToApp, @@ -186,7 +185,6 @@ t.test("it does not block in dry mode (with open telemetry enabled)", (t) => { const server = spawn( `node`, [ - "--preserve-symlinks", "--require", "@opentelemetry/auto-instrumentations-node/register", pathToApp, diff --git a/end2end/tests/express-mongoose.test.js b/end2end/tests/express-mongoose.test.js index 3abe88025..4ea1d06fc 100644 --- a/end2end/tests/express-mongoose.test.js +++ b/end2end/tests/express-mongoose.test.js @@ -10,7 +10,7 @@ const pathToApp = resolve( ); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], { + const server = spawn(`node`, [pathToApp, "4000"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, }); @@ -59,7 +59,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], { + const server = spawn(`node`, [pathToApp, "4001"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, }); diff --git a/end2end/tests/express-mysql.test.js b/end2end/tests/express-mysql.test.js index 863c9a31d..ec69f29a3 100644 --- a/end2end/tests/express-mysql.test.js +++ b/end2end/tests/express-mysql.test.js @@ -10,7 +10,7 @@ const pathToApp = resolve( ); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], { + const server = spawn(`node`, [pathToApp, "4000"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, }); @@ -80,7 +80,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], { + const server = spawn(`node`, [pathToApp, "4001"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, }); diff --git a/end2end/tests/express-mysql2.test.js b/end2end/tests/express-mysql2.test.js index c9b35588a..2ee30b11c 100644 --- a/end2end/tests/express-mysql2.test.js +++ b/end2end/tests/express-mysql2.test.js @@ -10,7 +10,7 @@ const pathToApp = resolve( ); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], { + const server = spawn(`node`, [pathToApp, "4000"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, }); @@ -69,7 +69,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], { + const server = spawn(`node`, [pathToApp, "4001"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, }); diff --git a/end2end/tests/express-path-traversal.test.js b/end2end/tests/express-path-traversal.test.js index 1654fecca..520667fdc 100644 --- a/end2end/tests/express-path-traversal.test.js +++ b/end2end/tests/express-path-traversal.test.js @@ -10,7 +10,7 @@ const pathToApp = resolve( ); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], { + const server = spawn(`node`, [pathToApp, "4000"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, }); @@ -65,7 +65,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], { + const server = spawn(`node`, [pathToApp, "4001"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, }); diff --git a/end2end/tests/express-postgres.test.js b/end2end/tests/express-postgres.test.js index aff04b9d0..241b1acaf 100644 --- a/end2end/tests/express-postgres.test.js +++ b/end2end/tests/express-postgres.test.js @@ -19,7 +19,7 @@ t.before(() => { entrypoints.forEach((entrypoint) => { t.test(`it blocks in blocking mode (${entrypoint})`, (t) => { - const server = spawn(`node`, ["--preserve-symlinks", entrypoint, "4000"], { + const server = spawn(`node`, [entrypoint, "4000"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, cwd: directory, }); @@ -88,7 +88,7 @@ entrypoints.forEach((entrypoint) => { }); t.test(`it does not block in dry mode (${entrypoint})`, (t) => { - const server = spawn(`node`, ["--preserve-symlinks", entrypoint, "4001"], { + const server = spawn(`node`, [entrypoint, "4001"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, cwd: directory, }); @@ -160,7 +160,7 @@ entrypoints.forEach((entrypoint) => { t.test("it blocks in blocking mode (with dd-trace)", (t) => { const server = spawn( `node`, - ["--preserve-symlinks", "--require", "dd-trace/init", "app.js", "4002"], + ["--require", "dd-trace/init", "app.js", "4002"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, cwd: directory, diff --git a/end2end/tests/fastify-mysql2.test.js b/end2end/tests/fastify-mysql2.test.js index acbeaed9e..a036febb9 100644 --- a/end2end/tests/fastify-mysql2.test.js +++ b/end2end/tests/fastify-mysql2.test.js @@ -10,7 +10,7 @@ const pathToApp = resolve( ); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], { + const server = spawn(`node`, [pathToApp, "4000"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, }); diff --git a/end2end/tests/hapi-postgres.test.js b/end2end/tests/hapi-postgres.test.js index 2b30757e9..5c32288c4 100644 --- a/end2end/tests/hapi-postgres.test.js +++ b/end2end/tests/hapi-postgres.test.js @@ -10,7 +10,7 @@ const pathToApp = resolve( ); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], { + const server = spawn(`node`, [pathToApp, "4000"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, }); @@ -62,7 +62,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], { + const server = spawn(`node`, [pathToApp, "4001"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, }); diff --git a/end2end/tests/hono-mongodb.test.js b/end2end/tests/hono-mongodb.test.js index 5b813ea6d..aaf87b07a 100644 --- a/end2end/tests/hono-mongodb.test.js +++ b/end2end/tests/hono-mongodb.test.js @@ -12,7 +12,7 @@ const pathToApp = resolve( t.setTimeout(60000); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4000"], { + const server = spawn(`node`, [pathToApp, "4000"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, }); @@ -67,7 +67,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4001"], { + const server = spawn(`node`, [pathToApp, "4001"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, }); diff --git a/end2end/tests/hono-sqlite3.test.js b/end2end/tests/hono-sqlite3.test.js index a428124fd..16485a46a 100644 --- a/end2end/tests/hono-sqlite3.test.js +++ b/end2end/tests/hono-sqlite3.test.js @@ -10,7 +10,7 @@ const pathToApp = resolve( ); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4002"], { + const server = spawn(`node`, [pathToApp, "4002"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, }); @@ -69,7 +69,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4003"], { + const server = spawn(`node`, [pathToApp, "4003"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, }); diff --git a/end2end/tests/hono-xml-geo-blocking.test.js b/end2end/tests/hono-xml-geo-blocking.test.js index 94bbeceeb..a523e7a07 100644 --- a/end2end/tests/hono-xml-geo-blocking.test.js +++ b/end2end/tests/hono-xml-geo-blocking.test.js @@ -32,7 +32,7 @@ t.beforeEach(async () => { }); t.test("it blocks geo restricted IPs", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4002"], { + const server = spawn(`node`, [pathToApp, "4002"], { env: { ...process.env, AIKIDO_DEBUG: "true", diff --git a/end2end/tests/hono-xml-rate-limiting.test.js b/end2end/tests/hono-xml-rate-limiting.test.js index f9f75a1a1..a5f8ca8ee 100644 --- a/end2end/tests/hono-xml-rate-limiting.test.js +++ b/end2end/tests/hono-xml-rate-limiting.test.js @@ -43,7 +43,7 @@ t.beforeEach(async () => { }); t.test("it rate limits requests", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4002"], { + const server = spawn(`node`, [pathToApp, "4002"], { env: { ...process.env, AIKIDO_DEBUG: "true", @@ -103,7 +103,7 @@ t.test("it rate limits requests", (t) => { }); t.test("user rate limiting works", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4003"], { + const server = spawn(`node`, [pathToApp, "4003"], { env: { ...process.env, AIKIDO_DEBUG: "true", diff --git a/end2end/tests/hono-xml.test.js b/end2end/tests/hono-xml.test.js index 20334bf20..95039486d 100644 --- a/end2end/tests/hono-xml.test.js +++ b/end2end/tests/hono-xml.test.js @@ -6,7 +6,7 @@ const timeout = require("../timeout"); const pathToApp = resolve(__dirname, "../../sample-apps/hono-xml", "app.js"); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4002"], { + const server = spawn(`node`, [pathToApp, "4002"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, }); @@ -100,7 +100,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4003"], { + const server = spawn(`node`, [pathToApp, "4003"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, }); diff --git a/end2end/tests/http2.test.js b/end2end/tests/http2.test.js index bec6291f3..9b7f1b5e1 100644 --- a/end2end/tests/http2.test.js +++ b/end2end/tests/http2.test.js @@ -9,7 +9,7 @@ const pathToApp = resolve(__dirname, "../../sample-apps/http2", "index.js"); process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"; t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4002"], { + const server = spawn(`node`, [pathToApp, "4002"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, }); @@ -56,7 +56,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4003"], { + const server = spawn(`node`, [pathToApp, "4003"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, }); diff --git a/end2end/tests/koa-sqlite3.test.js b/end2end/tests/koa-sqlite3.test.js index df9ba5b53..ef2e8554b 100644 --- a/end2end/tests/koa-sqlite3.test.js +++ b/end2end/tests/koa-sqlite3.test.js @@ -6,7 +6,7 @@ const timeout = require("../timeout"); const pathToApp = resolve(__dirname, "../../sample-apps/koa-sqlite3", "app.js"); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4002"], { + const server = spawn(`node`, [pathToApp, "4002"], { env: { ...process.env, AIKIDO_DEBUG: "true", AIKIDO_BLOCKING: "true" }, }); @@ -65,7 +65,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", pathToApp, "4003"], { + const server = spawn(`node`, [pathToApp, "4003"], { env: { ...process.env, AIKIDO_DEBUG: "true" }, }); diff --git a/end2end/tests/lambda-mongodb.test.js b/end2end/tests/lambda-mongodb.test.js index bfe00787c..23aded65e 100644 --- a/end2end/tests/lambda-mongodb.test.js +++ b/end2end/tests/lambda-mongodb.test.js @@ -18,7 +18,7 @@ t.before(async () => { t.test("it does not block by default", async (t) => { const { stdout, stderr } = await execAsync( - "npx --node-options='--no-deprecation --preserve-symlinks' --loglevel=error serverless@3.38.0 invoke local --function login --path payloads/nosql-injection-request.json", + "npx --node-options='--no-deprecation' --loglevel=error serverless@3.38.0 invoke local --function login --path payloads/nosql-injection-request.json", { cwd: directory, } @@ -39,7 +39,7 @@ t.test("it does not block by default", async (t) => { t.test("it blocks when AIKIDO_BLOCKING is true", async (t) => { const { stdout, stderr } = await execAsync( - "npx --node-options='--no-deprecation --preserve-symlinks' --loglevel=error serverless@3.38.0 invoke local -e AIKIDO_BLOCKING=true --function login --path payloads/nosql-injection-request.json", + "npx --node-options='--no-deprecation' --loglevel=error serverless@3.38.0 invoke local -e AIKIDO_BLOCKING=true --function login --path payloads/nosql-injection-request.json", { cwd: directory, } @@ -53,7 +53,7 @@ t.test( "it does not block safe requests when AIKIDO_BLOCKING is true", async (t) => { const { stdout, stderr } = await execAsync( - "npx --node-options='--no-deprecation --preserve-symlinks' --loglevel=error serverless@3.38.0 invoke local -e AIKIDO_BLOCKING=true --function login --path payloads/safe-request.json", + "npx --node-options='--no-deprecation' --loglevel=error serverless@3.38.0 invoke local -e AIKIDO_BLOCKING=true --function login --path payloads/safe-request.json", { cwd: directory, } diff --git a/end2end/tests/nestjs-fastify-reate-limiting.test.js b/end2end/tests/nestjs-fastify-reate-limiting.test.js index 6f8c649b0..4b1cc95e7 100644 --- a/end2end/tests/nestjs-fastify-reate-limiting.test.js +++ b/end2end/tests/nestjs-fastify-reate-limiting.test.js @@ -53,7 +53,7 @@ t.beforeEach(async () => { }); t.test("it rate limits requests", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", "dist/main"], { + const server = spawn(`node`, ["dist/main"], { cwd: pathToApp, env: { ...process.env, @@ -115,7 +115,7 @@ t.test("it rate limits requests", (t) => { }); t.test("user rate limiting works", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", "dist/main"], { + const server = spawn(`node`, ["dist/main"], { cwd: pathToApp, env: { ...process.env, diff --git a/end2end/tests/nestjs-fastify.test.js b/end2end/tests/nestjs-fastify.test.js index 1fba4eb0b..cc4efe065 100644 --- a/end2end/tests/nestjs-fastify.test.js +++ b/end2end/tests/nestjs-fastify.test.js @@ -16,7 +16,7 @@ t.before(() => { }); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", "dist/main"], { + const server = spawn(`node`, ["dist/main"], { env: { ...process.env, AIKIDO_DEBUG: "true", @@ -76,7 +76,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in non-blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", "dist/main"], { + const server = spawn(`node`, ["dist/main"], { env: { ...process.env, AIKIDO_DEBUG: "true", diff --git a/end2end/tests/nestjs-sentry.test.js b/end2end/tests/nestjs-sentry.test.js index 1db24e1b2..3771d60e9 100644 --- a/end2end/tests/nestjs-sentry.test.js +++ b/end2end/tests/nestjs-sentry.test.js @@ -16,7 +16,7 @@ t.before(() => { }); t.test("it blocks in blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", "dist/main"], { + const server = spawn(`node`, ["dist/main"], { env: { ...process.env, AIKIDO_DEBUG: "true", @@ -80,7 +80,7 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in non-blocking mode", (t) => { - const server = spawn(`node`, ["--preserve-symlinks", "dist/main"], { + const server = spawn(`node`, ["dist/main"], { env: { ...process.env, AIKIDO_DEBUG: "true", diff --git a/end2end/tests/nextjs-standalone.test.js b/end2end/tests/nextjs-standalone.test.js index edbcfdfba..a75b92bf1 100644 --- a/end2end/tests/nextjs-standalone.test.js +++ b/end2end/tests/nextjs-standalone.test.js @@ -37,19 +37,15 @@ t.before(() => { }); t.test("it blocks in blocking mode", (t) => { - const server = spawn( - `node`, - ["--preserve-symlinks", "-r", "@aikidosec/firewall", "server.js"], - { - env: { - ...process.env, - AIKIDO_DEBUG: "true", - AIKIDO_BLOCK: "true", - PORT: 4000, - }, - cwd: join(pathToApp, ".next/standalone"), - } - ); + const server = spawn(`node`, ["-r", "@aikidosec/firewall", "server.js"], { + env: { + ...process.env, + AIKIDO_DEBUG: "true", + AIKIDO_BLOCK: "true", + PORT: 4000, + }, + cwd: join(pathToApp, ".next/standalone"), + }); server.on("close", () => { t.end(); @@ -119,18 +115,14 @@ t.test("it blocks in blocking mode", (t) => { }); t.test("it does not block in dry mode", (t) => { - const server = spawn( - `node`, - ["--preserve-symlinks", "-r", "@aikidosec/firewall", "server.js"], - { - env: { - ...process.env, - AIKIDO_DEBUG: "true", - PORT: 4001, - }, - cwd: join(pathToApp, ".next/standalone"), - } - ); + const server = spawn(`node`, ["-r", "@aikidosec/firewall", "server.js"], { + env: { + ...process.env, + AIKIDO_DEBUG: "true", + PORT: 4001, + }, + cwd: join(pathToApp, ".next/standalone"), + }); server.on("close", () => { t.end(); diff --git a/sample-apps/nextjs-standalone/package.json b/sample-apps/nextjs-standalone/package.json index 946a7ac1b..1e2eec37c 100644 --- a/sample-apps/nextjs-standalone/package.json +++ b/sample-apps/nextjs-standalone/package.json @@ -3,9 +3,9 @@ "version": "0.1.0", "private": true, "scripts": { - "dev": "AIKIDO_BLOCKING=true AIKIDO_DEBUG=true NODE_OPTIONS='-r @aikidosec/firewall --preserve-symlinks' next dev -p 4000", + "dev": "AIKIDO_BLOCKING=true AIKIDO_DEBUG=true NODE_OPTIONS='-r @aikidosec/firewall' next dev -p 4000", "build": "next build", - "start": "AIKIDO_BLOCKING=true AIKIDO_DEBUG=true NODE_OPTIONS='-r @aikidosec/firewall --preserve-symlinks' next start -p 4000", + "start": "AIKIDO_BLOCKING=true AIKIDO_DEBUG=true NODE_OPTIONS='-r @aikidosec/firewall' next start -p 4000", "lint": "next lint" }, "dependencies": {