Added a new Instance scan for GlideLdap checks (#105)

Irston · admin · web-flow · commit 3f048deeb9c8 · 2023-10-31T14:08:06.000-04:00
* New Instance check added

* Update README.md

---------

Co-authored-by: admin &lt;admin@example.com&gt;
diff --git a/README.md b/README.md
@@ -143,6 +143,9 @@ It can cause except issue with manageability also some performance impact - to v
 For the dashboard there should be an active owner who can administer/customize/adjust dashboards.
 During the time it can be a situation that person is no longer active in the system. It can be discovered and fixed with new person.
 
+### Unsupported API GlideLDAP
+GlideLDAP API usage is unsupported by ServiceNow and hence should be avoided, rather use LDAP Server Data Sources to pull data from LDAP via MID Server or directly through an internet facing LDAP.
+
 
 ## Category: Upgradability
 
diff --git a/ca8467c41b9abc10ce0f62c3b24bcbaa/checksum.txt b/ca8467c41b9abc10ce0f62c3b24bcbaa/checksum.txt
@@ -1 +1 @@
-GF0lQ9SGJoPx1xR7TJlkxu3xF8cgZdC5XHfIIJ81gzVoCwFcLjFpuXMC9xyhmLD3WoqZ108UHPc4W5YV0Z--WxubE2cUG5MtKjr-GGHxnf6j0GDYiaS3ErdQSncQZIDRKSX5fy6G-SwJEpmx_fK049HK-Uo1yEUkEtdYQtLwv-CbLGXQFWJjsMw0IX__YLQr35YrclcaqeGw-mmW4Bf_akpqMpqGaWJWX5ZmptZnecy8zcHcFRrtSAH3tproAPojJCl8uGuOy4hG_HRYO0DughnvW6Na0sgsQtcNLatkQEZzvzwM_bfQHRCUQbY-rQEeSdi88HqOdSGQ91EN65F6RMf1qmrCkSvdNvlTuSowk90RS8Uw1v-fFHlY6hEpbz76DJ1HxdlahUPthoKzQbfNCX6qz_Bal9COTnvcBKJK-Ml_hAnZjEENb7wfVwbKo9gChGkPTQXKdvcH-0fVpSB2OT9coMwaPrCyd_FPhmK4gt1sELwn53BjCZUKBouNRoW4rdoV-K6KF4gaeRCDoe7zamubLcO6W1hP9Wegvfh-zEtPKpjH_7T8tJWxp4_ZwCmzry6KJXWZKYR1DUBRhAFAAHf2KxIuvKYTAYVnXGeCLJf_JDVi5i6n9LRAiitEQfwKBpSQTDOZ1mju6sZqcCMS04xoZIaCcKymhonkJ4RKLD4
+zKXVYjmTYdaUi17DjcgoXWtXX_r6CHPBtrSKlLiqj8Eq7u0uljxaXTgwGGgfBb0bZPqDwv3KpiZ5TBgbcB174pIXaw35AnbNe5iXTbargQQgyhTbcg6_oynarqVoW0VaTfI3XajNJZN2mF889Yz-Mcz5YRB7hK80971bWOcMDhb2QnLAXf7U98k4apomHB45owe2g5XuAoqk4zLwGwgV5sl2wcFfhClAfzuL7jhaxwvd37aEx4BCqjLpkKLRcYT5twtMoJbKAJUAz4ry9UwcbCuSK2GS03-2rsSjeNVqh3NBWNFbtBo3I22SJwVEIpg2PQCHYb5f2ztmHLWknivKaVCzE5A1n6VhVKdST14FKs-F6vtsffOko_MgzgN_by3L0mNy8PcWM9S18_B4pLn9wyREtG3i0UIBOXbpmlCWPXKCwEN7CNYYef09UcCgawGqVRPusHj0O7J7tCbs4241UyfS7om4ch3QD2qMro-TlQjdna_S-5ApnBg8rIb8HapfWJOhGril_TMmtYROGcK3suw1kZuJUEiG5NrhH8e0AM1fXAdF6Aed7z0kEH8UF308F_-SqJs5g3dlRa6uAcmZccZsGCCK4-CEWRtpct38F3ly5i1fPkrb9keSSAJ6-ojhemXulA2jWe1eu5I66bGsPbeMIW807BK4B7h2jOLnYXw
diff --git a/ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_column_type_check_c5493fd897523110839d76021153afb8.xml b/ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_column_type_check_c5493fd897523110839d76021153afb8.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_column_type_check">
+    <scan_column_type_check action="INSERT_OR_UPDATE">
+        <active>true</active>
+        <category>manageability</category>
+        <column_type>script</column_type>
+        <description>GlideLDAP API is Unsupported and should be avoided to query the LDAP server</description>
+        <documentation_url>https://support.servicenow.com/kb?id=kb_article_view&amp;sysparm_article=KB0961314</documentation_url>
+        <finding_type>scan_finding</finding_type>
+        <name>Unsupported API :  GlideLDAP</name>
+        <priority>3</priority>
+        <resolution_details>GlideLDAP API usage is unsupported by ServiceNow and hence should be avoided, rather use LDAP Server Data Sources to pull data from LDAP via MID Server or directly through an internet facing LDAP</resolution_details>
+        <run_condition/>
+        <score_max>100</score_max>
+        <score_min>0</score_min>
+        <score_scale>1</score_scale>
+        <script><![CDATA[(function(engine) {
+    //avoid the skip tables
+    var skip_tables = "sys_script_execution_history";
+    if (skip_tables.indexOf(engine.current.getTableName()) > -1)
+        return;
+
+    //check glide ldap usage at least once
+    var search_regex = /new\s*GlideLDAP\s*\(/;
+    if (!search_regex.test(engine.columnValue))
+        return;
+
+    //remove code comments
+    var code_comments_regex = /\/\*[\s\S]*?\*\/|([^:]|^)\/\/.*$/gm;
+    var commentsRemovedValue = engine.columnValue.replace(code_comments_regex, '');
+
+    //raise finding if no comments found or usage found in commentsRemovedValue
+    if (commentsRemovedValue.length == engine.columnValue.length || search_regex.test(commentsRemovedValue))
+        engine.finding.increment();
+
+})(engine);]]></script>
+        <short_description>GlideLDAP API is Unsupported and should be avoided to query the LDAP server</short_description>
+        <sys_class_name>scan_column_type_check</sys_class_name>
+        <sys_created_by>admin</sys_created_by>
+        <sys_created_on>2023-10-31 17:25:20</sys_created_on>
+        <sys_id>c5493fd897523110839d76021153afb8</sys_id>
+        <sys_mod_count>0</sys_mod_count>
+        <sys_name>Unsupported API :  GlideLDAP</sys_name>
+        <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
+        <sys_policy/>
+        <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
+        <sys_update_name>scan_column_type_check_c5493fd897523110839d76021153afb8</sys_update_name>
+        <sys_updated_by>admin</sys_updated_by>
+        <sys_updated_on>2023-10-31 17:25:20</sys_updated_on>
+    </scan_column_type_check>
+</record_update>

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		-GF0lQ9SGJoPx1xR7TJlkxu3xF8cgZdC5XHfIIJ81gzVoCwFcLjFpuXMC9xyhmLD3WoqZ108UHPc4W5YV0Z--WxubE2cUG5MtKjr-GGHxnf6j0GDYiaS3ErdQSncQZIDRKSX5fy6G-SwJEpmx_fK049HK-Uo1yEUkEtdYQtLwv-CbLGXQFWJjsMw0IX__YLQr35YrclcaqeGw-mmW4Bf_akpqMpqGaWJWX5ZmptZnecy8zcHcFRrtSAH3tproAPojJCl8uGuOy4hG_HRYO0DughnvW6Na0sgsQtcNLatkQEZzvzwM_bfQHRCUQbY-rQEeSdi88HqOdSGQ91EN65F6RMf1qmrCkSvdNvlTuSowk90RS8Uw1v-fFHlY6hEpbz76DJ1HxdlahUPthoKzQbfNCX6qz_Bal9COTnvcBKJK-Ml_hAnZjEENb7wfVwbKo9gChGkPTQXKdvcH-0fVpSB2OT9coMwaPrCyd_FPhmK4gt1sELwn53BjCZUKBouNRoW4rdoV-K6KF4gaeRCDoe7zamubLcO6W1hP9Wegvfh-zEtPKpjH_7T8tJWxp4_ZwCmzry6KJXWZKYR1DUBRhAFAAHf2KxIuvKYTAYVnXGeCLJf_JDVi5i6n9LRAiitEQfwKBpSQTDOZ1mju6sZqcCMS04xoZIaCcKymhonkJ4RKLD4
	`1`	+zKXVYjmTYdaUi17DjcgoXWtXX_r6CHPBtrSKlLiqj8Eq7u0uljxaXTgwGGgfBb0bZPqDwv3KpiZ5TBgbcB174pIXaw35AnbNe5iXTbargQQgyhTbcg6_oynarqVoW0VaTfI3XajNJZN2mF889Yz-Mcz5YRB7hK80971bWOcMDhb2QnLAXf7U98k4apomHB45owe2g5XuAoqk4zLwGwgV5sl2wcFfhClAfzuL7jhaxwvd37aEx4BCqjLpkKLRcYT5twtMoJbKAJUAz4ry9UwcbCuSK2GS03-2rsSjeNVqh3NBWNFbtBo3I22SJwVEIpg2PQCHYb5f2ztmHLWknivKaVCzE5A1n6VhVKdST14FKs-F6vtsffOko_MgzgN_by3L0mNy8PcWM9S18_B4pLn9wyREtG3i0UIBOXbpmlCWPXKCwEN7CNYYef09UcCgawGqVRPusHj0O7J7tCbs4241UyfS7om4ch3QD2qMro-TlQjdna_S-5ApnBg8rIb8HapfWJOhGril_TMmtYROGcK3suw1kZuJUEiG5NrhH8e0AM1fXAdF6Aed7z0kEH8UF308F_-SqJs5g3dlRa6uAcmZccZsGCCK4-CEWRtpct38F3ly5i1fPkrb9keSSAJ6-ojhemXulA2jWe1eu5I66bGsPbeMIW807BK4B7h2jOLnYXw