diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
new file mode 100644
index 0000000..90a1f93
--- /dev/null
+++ b/.github/workflows/trivy.yaml
@@ -0,0 +1,29 @@
+# This is a basic workflow to help you get started with Actions
+
+name: Trivy Scan
+
+# Controls when the action will run. Triggers the workflow on push or pull request
+# events but only for the master branch
+on:
+ pull_request:
+ branches: [master]
+ types: [opened, synchronize, reopened]
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+ # This workflow contains a single job called "trivy"
+ trivy:
+ # The type of runner that the job will run on
+ runs-on: [self-hosted, linux, codebuild]
+
+ # Steps represent a sequence of tasks that will be executed as part of the job
+ steps:
+ # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+ - uses: actions/checkout@v3
+
+ - name: Run Trivy vulnerability scanner in repo mode
+ uses: aquasecurity/trivy-action@0.28.0
+ with:
+ scan-type: "fs"
+ scan-ref: "${{ github.workspace }}"
+ trivy-config: "${{ github.workspace }}/trivy.yml"
diff --git a/README.md b/README.md
index c308b2a..044c74d 100644
--- a/README.md
+++ b/README.md
@@ -9,9 +9,6 @@
-
-
-
diff --git a/src/providers/push/pubnub/pubnub.provider.ts b/src/providers/push/pubnub/pubnub.provider.ts
index 1a5ea9e..816ed5d 100644
--- a/src/providers/push/pubnub/pubnub.provider.ts
+++ b/src/providers/push/pubnub/pubnub.provider.ts
@@ -23,14 +23,11 @@ export class PubNubProvider implements Provider {
pubnubService: Pubnub;
getGeneralMessageObject(message: PubNubMessage) {
- const commonDataNotification: MessageConfig = Object.assign(
- {
- title: message.subject ?? '',
- description: message.body,
- body: message.body,
- },
- message.options,
- );
+ const commonDataNotification: MessageConfig = {
+ title: message.subject ?? '',
+ description: message.body,
+ ...message.options,
+ };
const pnFcm = {
data: {
...commonDataNotification,
diff --git a/src/providers/sms/twilio/twilio.provider.ts b/src/providers/sms/twilio/twilio.provider.ts
index 2dd27a7..f0f84ec 100644
--- a/src/providers/sms/twilio/twilio.provider.ts
+++ b/src/providers/sms/twilio/twilio.provider.ts
@@ -39,26 +39,19 @@ export class TwilioProvider implements Provider {
}
const publishes = message.receiver.to.map(async receiver => {
const msg: string = message.body;
+ const isSMS: boolean =
+ receiver.type === TwilioSubscriberType.TextSMSUser;
const twilioMsgObj: TwilioCreateMessageParams = {
body: msg,
- from:
- receiver.type &&
- receiver.type === TwilioSubscriberType.TextSMSUser
- ? String(this.twilioConfig?.smsFrom)
- : String(this.twilioConfig?.waFrom),
- to:
- receiver.type &&
- receiver.type === TwilioSubscriberType.TextSMSUser
- ? `+${receiver.id}`
- : `whatsapp:+${receiver.id}`,
+ from: isSMS
+ ? String(this.twilioConfig?.smsFrom)
+ : String(this.twilioConfig?.waFrom),
+ to: isSMS ? `+${receiver.id}` : `whatsapp:+${receiver.id}`,
+ mediaUrl: message.mediaUrl,
};
// eslint-disable-next-line no-unused-expressions
- message.mediaUrl && (twilioMsgObj.mediaUrl = message.mediaUrl);
-
- // eslint-disable-next-line no-unused-expressions
- receiver.type &&
- receiver.type === TwilioSubscriberType.TextSMSUser &&
+ isSMS &&
this.twilioConfig?.smsStatusCallback &&
(twilioMsgObj.statusCallback =
this.twilioConfig?.smsStatusCallback);
diff --git a/trivy.yml b/trivy.yml
new file mode 100644
index 0000000..d855a42
--- /dev/null
+++ b/trivy.yml
@@ -0,0 +1,16 @@
+format: table
+exit-code: 1
+severity:
+ - HIGH
+ - CRITICAL
+skip-files:
+ - db.env
+security-checks:
+ - vuln
+ - secret
+ - license
+vulnerability:
+ type:
+ - os
+ - library
+ ignore-unfixed: true