@nodesecure/vulnera
Version:
NodeSecure vulnerabilities strategies
68 lines • 2.34 kB
JavaScript
// Import Node.js Dependencies
import path from "node:path";
import { readFile } from "node:fs/promises";
// Import Third-Party Dependencies
import * as httpie from "@myunisoft/httpie";
// Import Internal Dependencies
import { VULN_MODE, SNYK_ORG, SNYK_TOKEN } from "../constants.js";
import { standardizeVulnsPayload } from "../formats/standard/index.js";
// CONSTANTS
const kSnykApiUrl = `https://snyk.io/api/v1/test/npm?org=${SNYK_ORG}`;
export function SnykStrategy() {
return {
strategy: VULN_MODE.SNYK,
hydratePayloadDependencies
};
}
async function hydratePayloadDependencies(dependencies, options) {
const { path } = options;
if (!path) {
throw new Error("path argument is required for <snyk> strategy");
}
try {
const { targetFile, additionalFile } = await getNpmManifestFiles(path);
const body = {
files: {
...(additionalFile ? { additional: [{ contents: additionalFile }] } : {}),
target: {
contents: targetFile
}
}
};
const { data } = await httpie.post(kSnykApiUrl, {
headers: {
Authorization: `token ${SNYK_TOKEN}`
},
body
});
extractSnykVulnerabilities(dependencies, data, options);
}
catch { }
}
async function getNpmManifestFiles(projectPath) {
const targetFile = await readFile(path.join(projectPath, "package.json"), { encoding: "base64" });
let additionalFile;
try {
additionalFile = await readFile(path.join(projectPath, "package-lock.json"), { encoding: "base64" });
}
catch { }
return {
targetFile,
additionalFile
};
}
function extractSnykVulnerabilities(dependencies, snykAudit, options) {
const { ok, issues } = snykAudit;
const { useStandardFormat } = options;
const formatVulnerabilities = standardizeVulnsPayload(useStandardFormat);
if (!ok) {
const vulnerabilities = formatVulnerabilities(VULN_MODE.SNYK, issues.vulnerabilities);
for (const vuln of vulnerabilities) {
const dependency = dependencies.get(vuln.package);
if (dependency) {
dependency.vulnerabilities.push(vuln);
}
}
}
}
//# sourceMappingURL=snyk.js.map