AttackSurfaceAnalyzer icon indicating copy to clipboard operation
AttackSurfaceAnalyzer copied to clipboard

Published 20 hours ago verified publisher icon microsoft

rename "filename" option from the AnalysisFile parameter on the Verify Command

Open mayrdhs opened this issue 3 years ago • 4 comments
trafficstars

Hi, I don't know if it's the same for ASA 2.2 but the parameter "--analysesfile" doesn't work in ASA 2.3 anymore. It's listed in the wiki at verifying custom rules and also at using custom rules. Using "--filename path/to/file.json" works just fine for both functions. Therefore I assume the parameter "--analysesfile" is outdated or did I miss something?

mayrdhs avatar Mar 10 '22 13:03 mayrdhs

It looks like the argument is AnalysesFile for the collect commands but filename for the verify command. This is definitely incongruous, but the "filename" parameter there is specifying the analysis file. I think you are doing the correct thing.

I'll think about how best to address this discrepancy and update the docs/program appropriately.

https://github.com/microsoft/AttackSurfaceAnalyzer/blob/f7ecd6db7a88dd53209f86270f1349923fafe7b4/Lib/Objects/CommandOptions.cs#L226

gfs avatar Mar 10 '22 20:03 gfs

My ideal solution to this would be to remove the "filename" parameter and use "analysisfile" to match the rest of the commands. However, I don't want to change the interface up on people who have been using the program itself and may be accustomed to how it currently works. Accordingly, I opted to update the wiki for now. I will keep this issue in mind to potentially remove the filename tag in a future release that already has more significant changes to the API.

gfs avatar Mar 10 '22 23:03 gfs

I rechecked this and found only asa export-collect --filename customRules.json to be working. asa export-collect --analysesfile customRules.json doesn't work (anymore). Is there a command which uses the "--analysisfile" parameter at the moment?

I think "analysisfile" would be a better naming than just "filename" so I like your suggestion.

mayrdhs avatar Mar 11 '22 06:03 mayrdhs

It looks like you are correct. I have a PR with this change (its only a single line) but I will be adding a few more things to it before merging - probably next week. I think changing the behavior of the commands here would count as SemVer relevant so I'd like to fit in some other improvements as well.

gfs avatar Mar 11 '22 08:03 gfs