Added jetbrains_plugins table #8623
Conversation
| "Linux,Darwin,Windows:gflags" | ||
| "Linux,Darwin,Windows:glog" | ||
| "Linux,Darwin,Windows:googletest" | ||
| "Linux,Darwin,Windows:zlib" |
There was a problem hiding this comment.
This is a change to note. libarchive now needs to be compiled with zlib in order to extract the jar files. See the libraries/cmake/source/libarchive/CMakeLists.txt file for details. This means that zlib now needs to be compiled prior to libarchive.
| return std::make_unique<PluginAttributes>(parsePluginXml(xml_content)); | ||
| } | ||
|
|
||
| /* |
There was a problem hiding this comment.
f538480 to
573fb4d
Compare
| ) | ||
| target_link_libraries(thirdparty_libarchive PRIVATE | ||
| zlibstatic | ||
| ) |
There was a problem hiding this comment.
Is this the right way to compile with zlib?
| std::vector<char> content; | ||
| }; | ||
|
|
||
| FileData extractSpecificFileFromArchive(const std::string& archive_file_path, |
There was a problem hiding this comment.
Wonder if this should be in some common util location, it's a very generic method.
c5d4c54 to
292cba1
Compare
| }; | ||
|
|
||
| // Function to extract the contents of a specific tag | ||
| std::string getContentFromTag(const std::string& xml, |
There was a problem hiding this comment.
This is a duplicate of getTagContent from https://github.com/osquery/osquery/blob/master/osquery/tables/system/windows/programs.cpp#L43C13-L43C26
I don't want to make it part of this PR, but I feel like I should extract some of this simple XML parsing logic into some sort of shared util.
https://github.com/osquery/osquery/blob/master/osquery/tables/system/windows/programs.cpp#L23-L67
There was a problem hiding this comment.
Caught by this:
https://github.com/osquery/osquery/actions/runs/15562331436/job/43817632273
osquery_tables_system_systemtable.lib(programs.cpp.obj) : error LNK2005: "class std::basic_string<char, ... > osquery::tables::getTagContent(...)" is already defined.
ca7c738 to
3c0c57a
Compare
| QueryData results; | ||
|
|
||
| auto users = usersFromContext(context); | ||
| for (const auto& user : users) { |
There was a problem hiding this comment.
Another thing to note here, jetbrains plugins are installed at a user level.
lucasmrod
left a comment
There was a problem hiding this comment.
LGTM!
Left some questions/comments.
a762135 to
c86bb40
Compare
| deinitUsersAndGroupsServices(true, false); | ||
| Dispatcher::instance().resetStopping(); | ||
| } | ||
| #endif |
There was a problem hiding this comment.
Not having this block was making the windows test fail. I see that usersFromContext(context) fails without it.
80: E20250611 01:13:27.886477 7396 registry_factory.cpp:188] table registry users plugin caused exception: no state
80: E20250611 01:13:27.886477 7396 virtual_table.cpp:1052] Exception while executing table jetbrains_plugins: no state
e7b2b71 to
55db4dd
Compare
55db4dd to
4b56279
Compare
|
The path was incorrect on windows. It is now fixed and returning correct results. |
|
The linux paths were incorrect. 🤦 Tested and corrected. |
|
Just for completeness a screenshot from my mac |
fleetdm/fleet#20644
fleetdm/fleet#27914
This adds the
jetbrains_pluginstable. It contains a list of plugins installed on the system under a jetbrains product. Currently supported jetbrains productsCLion, DataGrip, GoLand, IntelliJIdea, IntelliJIdeaCommunityEdition, PhpStorm, PyCharm, PyCharmCommunityEdition, ReSharper, Rider, RubyMine, RustRover, WebStorm
An important thing to note about this table is in order to get some of the details about each plugin we must go through the jar files in the lib directory of the plugin and scan for a "plugin.xml" file. This requires zlib and libarchive.
Here is a sample output