@atomist/sdm/lib/pack/node/autofix/npmAuditAutofix.js

Atomist Software Delivery Machine SDK

"use strict";
/*
 * Copyright © 2020 Atomist, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
Object.defineProperty(exports, "__esModule", { value: true });
exports.npmAuditAutofix = exports.DefaultNpmAuditOptions = void 0;
const LocalProject_1 = require("@atomist/automation-client/lib/project/local/LocalProject");
const logger_1 = require("@atomist/automation-client/lib/util/logger");
const _ = require("lodash");
const child_process_1 = require("../../../api-helper/misc/child_process");
const commonPushTests_1 = require("../../../api/mapping/support/commonPushTests");
const spawn_1 = require("../npm/spawn");
const Package = "package.json";
exports.DefaultNpmAuditOptions = {
    packageLockOnly: true,
};
/**
 * Autofix to run npm audit fix on a project.
 */
function npmAuditAutofix(options = exports.DefaultNpmAuditOptions) {
    return {
        name: "npm audit",
        pushTest: commonPushTests_1.hasFile(Package),
        transform: async (p, papi) => {
            if (!LocalProject_1.isLocalProject(p)) {
                return p;
            }
            const log = papi.progressLog;
            const cwd = p.baseDir;
            try {
                const args = ["audit", "fix", "--json"];
                if (options.packageLockOnly === true) {
                    args.push("--package-lock-only");
                }
                log.write(`Running 'npm audit --fix' in '${cwd}'`);
                const npmAuditResult = await child_process_1.execPromise("npm", args, Object.assign({ cwd }, spawn_1.DevelopmentEnvOptions));
                log.write(`Completed 'npm audit': ${npmAuditResult.stdout}`);
                const npmAudit = JSON.parse(npmAuditResult.stdout);
                if (_.isEmpty(npmAudit.added) &&
                    _.isEmpty(npmAudit.moved) &&
                    _.isEmpty(npmAudit.removed) &&
                    _.isEmpty(npmAudit.updated)) {
                    await p.revert();
                }
            }
            catch (e) {
                logger_1.logger.warn(`Failed to run npm audit fix: ${e.message}`);
            }
            return p;
        },
    };
}
exports.npmAuditAutofix = npmAuditAutofix;
//# sourceMappingURL=npmAuditAutofix.js.map