agentsqripts
Version:
Comprehensive static code analysis toolkit for identifying technical debt, security vulnerabilities, performance issues, and code quality problems
31 lines (27 loc) • 943 B
JavaScript
/**
* @file Security fix prioritizer
* @description Prioritizes security fixes based on severity and impact
*/
/**
* Prioritizes security fixes based on severity and impact
* @param {Array<Object>} vulnerabilities - List of vulnerabilities
* @returns {Array<Object>} Prioritized list of fixes
*/
function prioritizeSecurityFixes(vulnerabilities) {
const { getFixAction } = require('./fixActionProvider');
const { getEffortEstimate } = require('./effortEstimator');
const priorityOrder = { CRITICAL: 4, HIGH: 3, MEDIUM: 2, LOW: 1 };
return vulnerabilities
.sort((a, b) => priorityOrder[b.severity] - priorityOrder[a.severity])
.map((vuln, index) => ({
priority: index + 1,
vulnerability: vuln.name,
severity: vuln.severity,
line: vuln.line,
action: getFixAction(vuln),
estimatedEffort: getEffortEstimate(vuln.severity)
}));
}
module.exports = {
prioritizeSecurityFixes
};