@nodesecure/vulnera
Version:
NodeSecure vulnerabilities strategies
47 lines • 1.94 kB
TypeScript
import { STANDARD_VULN_MAPPERS } from "./mappers.ts";
import type { Kind } from "../../constants.ts";
export type Severity = "info" | "low" | "medium" | "high" | "critical";
export interface StandardPatch {
id: string;
comments: string[];
modificationTime: string;
urls: string[];
version: string;
}
export interface StandardVulnerability {
/** Unique identifier for the vulnerability **/
id?: string;
/** Vulnerability origin, either Sonatype, GitHub or OSV **/
origin: Exclude<Kind, "none">;
/** Package associated with the vulnerability **/
package: string;
/** Vulnerability title **/
title: string;
/** Vulnerability description **/
description?: string;
/** Vulnerability link references on origin's website **/
url?: string;
/** Vulnerability severity levels given the strategy **/
severity?: Severity;
/** Common Vulnerabilities and Exposures dictionary */
cves?: string[];
/**
* Common Vulnerability Scoring System (CVSS) provides a way to capture the
* principal characteristics of a vulnerability, and produce a numerical score reflecting its severity,
* as well as a textual representation of that score.
* **/
cvssVector?: string;
/** CVSS Score **/
cvssScore?: number;
/** The range of vulnerable versions provided when too many versions are vulnerables */
vulnerableRanges: string[];
/** The set of versions that are vulnerable **/
vulnerableVersions: string[];
/** The set of versions that are patched **/
patchedVersions?: string;
/** Overview of available patches to get rid of listed vulnerabilities **/
patches?: StandardPatch[];
}
export type StandardizeKind = keyof typeof STANDARD_VULN_MAPPERS;
export declare function standardVulnerabilityMapper(strategy: StandardizeKind | string, vulnerabilities: any[]): StandardVulnerability[];
//# sourceMappingURL=index.d.ts.map