Bump ws from 8.11.0 to 8.17.1 in /ui

CHANGELOG.md

@@ -1,6 +1,30 @@
 # Changelog
 Changes to the project will be tracked in this file via the date of change.
 
+## 2024-05-30
+- **Improved Project Structure**: Strelka UI backend now runs as a package.
+- **Enhanced Metadata**: Structured client metadata added to Strelka events.
+- **Encryption Status Indicators**: Added icons and tooltips for decryption success/failure in `seven_zip`, `rar`, and `encrypted_zip` scanners.
+- **Mimetype/YARA Accuracy**: Refactored handling to show all mimetypes and YARA hits.
+- **Edge Styling Enhancements**: Conditional edge styling and interactive highlights.
+- **Scan Source Edge Addition**: Added source scan information for parent-child relationships.
+- **Tooltips for Checkboxes**: Descriptive tooltips added for checkboxes.
+- **Human Readable Text Option**: Toggle view for `string_text` between human-readable form and array form.
+- **Background for Image**: Added a visual background stage for images.
+
+## 2024-03-29
+- Adding unencrypted VirusTotal submission support
+- Update dependency (Black)
+
+## 2024-03-20
+- Dependency updates
+
+## 2024-03-04
+- Adding TLSH Card support
+
+## 2024-02-02
+- Adding QR Card support
+
 ## 2024-01-17
 - Bug fix for Visual Basic card where page fails to load if data does not exist for a section.
 

Dockerfile

@@ -2,6 +2,10 @@ FROM node:16-slim AS UI_BUILDER
 # We are using a multi-stage build as we require node for 
 # building react. 
 
+# Copy package.json and package-lock.json into the builder.
+# Copying just these files first allows us to take advantage
+# of cached Docker layers.
+
 # Define UI build arguments.
 ARG REACT_APP_SEARCH_NAME
 ARG REACT_APP_SEARCH_URL
@@ -10,9 +14,6 @@ ARG REACT_APP_SEARCH_URL
 ENV REACT_APP_SEARCH_NAME=$REACT_APP_SEARCH_NAME
 ENV REACT_APP_SEARCH_URL=$REACT_APP_SEARCH_URL
 
-# Copy package.json and package-lock.json into the builder.
-# Copying just these files first allows us to take advantage 
-# of cached Docker layers.
 WORKDIR /usr/src/app
 COPY ./ui/package.json ./ui/yarn.lock ./
 
@@ -24,43 +25,46 @@ COPY ./ui .
 # Build the js app for production
 RUN yarn run build
 
-# Since we are serving it all from python, switch over to 
+# Since we are serving it all from python, switch over to
 # a more appropriate base image.
 FROM python:3.9-slim
 
-RUN apt-get -y update && apt-get -y upgrade 
-RUN apt-get install -y build-essential libpq-dev
-
-# Copy over just the Python backend app code.
-WORKDIR /app
-ENV ENV=production
+RUN apt-get -y update && apt-get -y upgrade
+RUN apt-get install -y build-essential libpq-dev libmagic1
 
 # Set Runtime Variables
 ENV PYTHONDONTWRITEBYTECODE=1
 ENV PYTHONUNBUFFERED=1
-ENV PYTHONPATH /app
 
 # Install Poetry globally and copy project files
 RUN python3 -m pip install -U pip setuptools && \
     python3 -m pip install poetry && \
     rm -rf /root/.cache/pip
 
 # Set the working directory and copy the project files
-COPY ./app/pyproject.toml ./app/poetry.lock ./
+WORKDIR /app
 
 # Use Poetry to install the project dependencies globally
 # This step is after the COPY step because it is more likely to change,
 # and therefore should not be included in earlier layers that can be cached.
+
+COPY ./app/pyproject.toml ./app/poetry.lock ./
+
 RUN poetry config virtualenvs.create false && \
-    poetry install --no-dev && \
+    poetry install --no-root --no-dev && \
     rm -rf /root/.cache/pypoetry
 
-WORKDIR /app
+# Copy the other project files
 COPY ./app .
 
-# Copy the production UI assets into the new base image.  
-COPY --from=UI_BUILDER /usr/src/app/build/ ./react-app/
+# Use Poetry to install the local package strelka-ui
+RUN poetry install --only-root && \
+    rm -rf /root/.cache/pypoetry
+
+# Copy the production UI assets into the new base image.
+COPY --from=UI_BUILDER /usr/src/app/build/ ./strelka_ui/react-app/
 
+# Run App
 COPY entrypoint.sh .
 RUN chmod +x entrypoint.sh
 ENTRYPOINT ["./entrypoint.sh"]

LICENSE.md

@@ -1,4 +1,4 @@
-Copyright (c) 2022 Target Brands, Inc.
+Copyright (c) 2024 Target Brands, Inc.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

app/pyproject.toml

@@ -1,66 +1,65 @@
 [tool.poetry]
 name = "strelka-ui"
-version = "0.1.0"
+version = "2.43"
 description = "Strelka's File Submission Portal"
 authors = [
     "Paul Hutelmyer <[email protected]>",
 ]
 
 [tool.poetry.dependencies]
-python = "^3.8"
+Alembic = "1.6.2"
+Astroid = "2.9.2"
+Attrs = "21.4.0"
+Black = "24.3.0"
+Certifi = "2023.7.22"
+Chardet = "4.0.0"
+Click = "8.0.0"
+Cffi = "1.14.5"
+Cryptography = "42.0.4"
 Flask = "^2.2"
 Flask-Caching = "1.10.1"
 Flask-Cors = "3.0.10"
 Flask-Expects-Json = "1.7.0"
 Flask-Migrate = "2.7.0"
 Flask-Script = "2.0.6"
 Flask-SQLAlchemy = "2.5.1"
-Paste = "3.5.2"
-Alembic = "1.6.2"
-SQLAlchemy = "1.4.15"
-SQLAlchemy-JSON = "0.4.0"
-Psycopg2-Binary = "2.9.4"
-grpcio = "1.53.0"
-grpcio-tools = "1.41.0"
-Cryptography = "41.0.6"
-PyJWT = "2.4.0"
-PyOpenSSL = "20.0.1"
-Click = "8.0.0"
+Grpcio = "1.53.2"
+Grpcio-tools = "1.41.0"
 Isort = "5.10.1"
-Mypy-Extensions = "0.4.3"
-Pylint = "2.12.2"
-Pylint-Flask = "0.6"
-Pylint-Flask-SQLAlchemy = "0.2.0"
-Pylint-Plugin-Utils = "0.7"
-Python-Dotenv = "0.17.1"
-Waitress = "2.1.2"
-Astroid = "2.9.2"
-Attrs = "21.4.0"
-Black = "21.12b0"
-Certifi = "2023.7.22"
-Cffi = "1.14.5"
-Chardet = "4.0.0"
 Jsonschema = "4.3.3"
-Lazy-Object-Proxy = "1.7.1"
 Ldap3 = "2.9.1"
+Lazy-Object-Proxy = "1.7.1"
 Mako = "1.2.2"
 MarkupSafe = "^2.0.0"
 Mccabe = "0.6.1"
+Mypy-Extensions = "0.4.3"
 Pathspec = "0.9.0"
+Paste = "3.5.2"
 Platformdirs = "2.4.1"
 Protobuf = "3.18.3"
+Psycopg2-Binary = "2.9.9"
 Pyasn1 = "0.4.8"
+PyJWT = "2.4.0"
+PyOpenSSL = "20.0.1"
 Pycparser = "2.20"
 Pyrsistent = "0.18.0"
+python = "^3.8"
+Python-Dotenv = "0.17.1"
 Python-Dateutil = "2.8.1"
+rarfile = "^4.2"
 Requests = "2.31.0"
 Six = "1.16.0"
+SQLAlchemy = "1.4.15"
+SQLAlchemy-JSON = "0.4.0"
 Toml = "0.10.2"
 Tomli = "1.2.3"
 Typing-Extensions = "4.0.1"
 Urllib3 = "1.26.18"
+Waitress = "2.1.2"
 Wrapt = "1.13.3"
-vt-py = "0.17.5"
+vt-py = "0.18.0"
+py7zr = "^0.21.0"
+python-magic = "^0.4.27"
 
 [tool.poetry.dev-dependencies]
 

app/app.py → app/strelka_ui/__main__.py

@@ -14,11 +14,10 @@
 from paste.translogger import TransLogger
 from waitress import serve
 
-from blueprints.auth import auth
-from blueprints.strelka import strelka
-from blueprints.ui import ui
-from models import db
-
+from strelka_ui.blueprints.auth import auth
+from strelka_ui.blueprints.strelka import strelka
+from strelka_ui.blueprints.ui import ui
+from strelka_ui.models import db
 
 def create_app() -> Flask:
     """Start and serve app assets and API endpoints"""
@@ -32,9 +31,9 @@ def create_app() -> Flask:
     app.logger.info("Serving app static assets from %s", ui_folder)
 
     if app.config["ENV"] == "production":
-        app.config.from_object("config.config.ProductionConfig")
+        app.config.from_object("strelka_ui.config.config.ProductionConfig")
     else:
-        app.config.from_object("config.config.DevelopmentConfig")
+        app.config.from_object("strelka_ui.config.config.DevelopmentConfig")
 
     app.logger.info(
         "Using %s configuration",
@@ -60,9 +59,13 @@ def create_app() -> Flask:
 if __name__ == "__main__":
     logging.basicConfig(stream=sys.stdout, level=logging.INFO)
 
+    # Suppress thread wait warnings for Waitress
+    waitress_logger = logging.getLogger("waitress.queue")
+    waitress_logger.setLevel(logging.ERROR)
+
     main_app: Flask = create_app()
 
     serve(TransLogger(main_app, setup_console_handler=False), host="0.0.0.0", port=8080)
 
     # uncomment below for local flask app development with hot reloading
-    main_app.run(host="0.0.0.0", port=80, threaded=True)
+    # main_app.run(host="0.0.0.0", port=80, threaded=True)

app/blueprints/auth.py → app/strelka_ui/blueprints/auth.py

@@ -8,9 +8,9 @@
 from flask import Blueprint, current_app, jsonify, request, session
 from jsonschema import ValidationError, validate
 
-from database import db
-from models import ApiKey, User
-from services.auth import auth_required, check_credentials
+from strelka_ui.database import db
+from strelka_ui.models import ApiKey, User
+from strelka_ui.services.auth import auth_required, check_credentials
 
 auth = Blueprint("auth", __name__, url_prefix="/auth")