@nodesecure/vulnera
Version:
NodeSecure vulnerabilities strategies
27 lines • 1.2 kB
TypeScript
import Arborist from "@npmcli/arborist";
import { type AuditAdvisory } from "@pnpm/audit";
import type { ExtendedStrategy } from "./types/api.ts";
export type NpmAuditAdvisory = Omit<Arborist.Advisory, "id"> & {
/** Same as source (but seems deprecated now) **/
id?: string | number;
/** Publicly-known vulnerabilities have identification numbers, known as Common Vulnerabilities and Exposures (CVEs) */
cwe?: string[];
/** The Common Vulnerability Scoring System (CVSS) is a method used to supply a qualitative measure of severity. CVSS is not a measure of risk. */
cvss?: {
score: number;
vectorString: string;
};
};
export type PnpmAuditAdvisory = Omit<AuditAdvisory, "cwe"> & {
github_advisory_id: string;
npm_advisory_id: null | number;
cwe: string | string[];
cvss: {
score: number;
vectorString: string;
};
};
export type GithubVulnerability = PnpmAuditAdvisory | NpmAuditAdvisory;
export type GithubAdvisoryStrategyDefinition = ExtendedStrategy<"github-advisory", GithubVulnerability>;
export declare function GitHubAdvisoryStrategy(): GithubAdvisoryStrategyDefinition;
//# sourceMappingURL=github-advisory.d.ts.map