Merge pull request AmazeeLabs#3 from AmazeeLabs/clamav

Adding clamav scan policy, phpunit tests and some composer packages

.gitignore

@@ -1,3 +1,8 @@
-/vendor/
-*.html
-.idea/
+.DS_Store
+vendor
+.idea
+composer.lock
+*.phar
+.build
+
+drupal-web

Policy/clamscan.policy.yml

@@ -0,0 +1,15 @@
+title: "ClamScan policy"
+class: \Drutiny\algm\Audit\ClamAVScan
+name: ClamAV:ClamAVScan
+description: |
+  Runs Clamscan antivirus and reports infected files.
+success: |
+  Success: There have been no infected files found.
+failure: |
+  Warning: Infected files have been found:
+    Number of infected: {{ report.infected_files_count }}
+parameters:
+  scan_directory:
+    default: .
+    type: string
+    description: The directory of that will be recursively scanned.

Profiles/ALGMbasicaudit.profile.yml → Profiles/algm_basic_audit.profile.yml

@@ -3,7 +3,7 @@ description: 'A basic audit for ALGM'
 policies:
     'Drupal-8:CssAggregation': { severity: 2 }
     'Drupal:moduleUpdates': { severity: 2 }
-    'algm:FileSystemAnalysis': { }
+    'algm:FileSystemAnalysis': { severity: 3 }
 content:
     - { heading: Purpose, body: "This report is designed to provide some feedback on the overall health of\nthe web application by performing some deep dive analysis. The items\nsurfaced in the report can help improve performance and stability.\n" }
     - { heading: 'Reporting period', body: "Period | Date time\n------ | ---------\nStart | {{reporting_period_start}}\nEnd | {{reporting_period_end}}\n" }

Profiles/clamscan.profile.yml

@@ -0,0 +1,6 @@
+title: 'ALGM Clamscan'
+description: 'Run a ClamAV scan over the files in this repo.'
+policies:
+    'ClamAV:ClamAVScan': { }
+format:
+    html: { template: page, content: [{ heading: Purpose, body: "This report is designed to provide some feedback on the overall health of\nthe web application by performing some deep dive analysis. The items\nsurfaced in the report can help improve performance and stability.\n" }, { heading: 'Reporting period', body: "Period | Date time\n------ | ---------\nStart | {{reporting_period_start}}\nEnd | {{reporting_period_end}}\n" }, { heading: Recommendations, body: "<ul>\n{{# remediations }}\n  <li>{{{ . }}}</li>\n{{/ remediations }}\n</ul>\n" }, { heading: Findings, body: "{{{ severity_stats }}}\n### Issue Summary\n{{{ summary_table }}}\n\n{{#failures}}\n  ### Issues\n  {{# output_failure }}\n    {{{.}}}\n  {{/ output_failure }}\n{{/failures}}\n\n{{#warnings}}\n  ### Warnings\n  {{# output_warning }}\n    {{{.}}}\n  {{/ output_warning }}\n{{/warnings}}\n" }, { heading: Appendix, body: "{{#notices}}\n  ### Appendix - Analysis\n\n  The various appendices provides more detailed data regarding the health of\n  the site.\n\n  {{# output_notice }}\n    {{{.}}}\n  {{/ output_notice }}\n{{/notices}}\n\n{{#errors}}\n  ### Appendix - Errors\n\n  During the production of this report, not all report policies were able to\n  be carried out due to errors encounted.\n\n  {{#output_error}}\n    {{{.}}}\n  {{/output_error}}\n{{/errors}}\n\n### Appendix - Summary\nThe below table describes all audit and analysis work completed for the\nproduction of this report and their associated outcomes.\n\n{{{ appendix_table }}}\n\n{{#passes}}\n### Appendix - Successful Assessments\n{{# output_success }}\n  {{{.}}}\n{{/ output_success }}\n{{/passes}}\n" }] }

README.md

@@ -1,18 +1,13 @@
-# ALGM Drutiny Profiles
+# ALGM Drutiny Plugin
 
-This package provides a list of standard policy collections run against ALGM sites.
+This plugin provides a list of standard policy collections that can be used by Drutiny.
 
-## Installation
-
-Inside your Drutiny installation you can simply
-`composer require bomoko/algm_drutiny_profile`
 
-This will then install the various profiles which you will see when running a
-`drutiny profile:list`
+## Installation
 
 
 ## Development and testing
 
-Inside the package there is a Drupal installation where you can test 
-your policies against. Please follow the 
+Inside the package there is a Drupal installation where you can test
+your policies against. Please follow the
 [drupal-web/README.md](drupal-web/README.md) file.

composer.json

@@ -1,7 +1,8 @@
 {
-    "name": "bomoko/algm_drutiny_profile",
-    "description": "Basic profile for ALGM drutiny audits",
+    "name": "amazeelabs/algm_drutiny_plugin",
+    "description": "Core ALGM plugin library that contains the policies and profiles we use to run our Drutiny audits",
     "type": "library",
+    "keywords": ["drutiny", "audit", "performance", "security", "accessibility", "algm"],
     "license": "MIT",
     "authors": [
         {
@@ -17,13 +18,21 @@
             "email": "[email protected]"
         }
     ],
-    "minimum-stability": "stable",
+    "minimum-stability": "dev",
+    "prefer-stable": true,
     "require": {
-        "drutiny/plugin-drupal-8": "^2.0"
+        "drutiny/plugin-drupal-8": "^2.3",
+        "drutiny/plugin-drupal-7": "^2.3"
     },
     "autoload": {
         "psr-4": {
-            "Drutiny\\algm\\": "src/"
+            "Drutiny\\algm\\": "src/",
+            "DrutinyTests\\algm\\": "tests/src/"
         }
+    },
+    "require-dev": {
+        "drutiny/drutiny": "^2.4",
+        "phpunit/phpunit": "^9.2",
+        "squizlabs/php_codesniffer": "^3.5"
     }
 }