UNPKG

@nodesecure/vulnera

Version:

NodeSecure vulnerabilities strategies

68 lines 2.34 kB
// Import Node.js Dependencies import path from "node:path"; import { readFile } from "node:fs/promises"; // Import Third-Party Dependencies import * as httpie from "@myunisoft/httpie"; // Import Internal Dependencies import { VULN_MODE, SNYK_ORG, SNYK_TOKEN } from "../constants.js"; import { standardizeVulnsPayload } from "../formats/standard/index.js"; // CONSTANTS const kSnykApiUrl = `https://snyk.io/api/v1/test/npm?org=${SNYK_ORG}`; export function SnykStrategy() { return { strategy: VULN_MODE.SNYK, hydratePayloadDependencies }; } async function hydratePayloadDependencies(dependencies, options) { const { path } = options; if (!path) { throw new Error("path argument is required for <snyk> strategy"); } try { const { targetFile, additionalFile } = await getNpmManifestFiles(path); const body = { files: { ...(additionalFile ? { additional: [{ contents: additionalFile }] } : {}), target: { contents: targetFile } } }; const { data } = await httpie.post(kSnykApiUrl, { headers: { Authorization: `token ${SNYK_TOKEN}` }, body }); extractSnykVulnerabilities(dependencies, data, options); } catch { } } async function getNpmManifestFiles(projectPath) { const targetFile = await readFile(path.join(projectPath, "package.json"), { encoding: "base64" }); let additionalFile; try { additionalFile = await readFile(path.join(projectPath, "package-lock.json"), { encoding: "base64" }); } catch { } return { targetFile, additionalFile }; } function extractSnykVulnerabilities(dependencies, snykAudit, options) { const { ok, issues } = snykAudit; const { useStandardFormat } = options; const formatVulnerabilities = standardizeVulnsPayload(useStandardFormat); if (!ok) { const vulnerabilities = formatVulnerabilities(VULN_MODE.SNYK, issues.vulnerabilities); for (const vuln of vulnerabilities) { const dependency = dependencies.get(vuln.package); if (dependency) { dependency.vulnerabilities.push(vuln); } } } } //# sourceMappingURL=snyk.js.map