UNPKG

@huddly/device-api-usb

Version:

Huddly SDK device api which uses node-usb wrapper responsible for handling the transport layer of the communication and discovering the physical device/camera

developer.huddly.com

Huddly/device-api-usb

63 lines (58 loc) 2.17 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
const chalk = require('chalk'); const { execSync } = require('child_process'); /** * Any whitelisted advisories that should be ignored during the * vulnerability check should be added here. Make sure the * "github_advisory_id" is provided as the whitelist value. These * values can be found when running `npm audit --json` under the * "advisories" sub key. * * Ex: "GHSA-jg8v-48h5-wgxg" */ const ADVISORY_WHITELIST = []; /** * Runs `npm audit` and checks the output for vulnerabilities. Currently * any detected vulnerabilities with severety "moderate" and over are * considered as issues that need to be taken care of. */ function checkForVulnerabilities() { try { const stdout = execSync('npm audit --production --json || true'); const vulnerabilityReportJson = JSON.parse(stdout.toString()); const vulnerabilityData = vulnerabilityReportJson['advisories'] || {}; let shouldFail = false; let skippedChecks = 0; Object.keys(vulnerabilityData).forEach((advisoryKey) => { let advisory = vulnerabilityData[advisoryKey]; if (['moderate', 'high', 'critical'].includes(advisory['severity'])) { if (!ADVISORY_WHITELIST.includes(advisory['github_advisory_id'])) { console.log( chalk.redBright( `Security vulnerability found on "${advisory['module_name']}" with [${advisory['severity']}] severity!` ) ); shouldFail = true; } else { skippedChecks += 1; } } }); if (shouldFail) { console.log(chalk.redBright(`\nPlease make sure to fix the above vulnerabilities!`)); console.log(chalk.blueBright('Try `npm audit --fix` for potential fixes.\n')); process.exit(1); } else { console.log(chalk.greenBright('No dependency vulnerabilities found!')); if (skippedChecks > 0) { console.log( chalk.yellowBright(`!!NOTE!! ${skippedChecks} whitelisted advisories detected.`) ); } } } catch (e) { console.error('Unable to parse npm audit output!'); console.error(e.stdout.toString()); process.exit(1); } } checkForVulnerabilities();