better-npm-audit/src/handlers/handleFinish.js

Reshape into a better npm audit for the community and encourage more people to include security audit into their process.

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
var print_1 = require("../utils/print");
var vulnerability_1 = require("../utils/vulnerability");
/**
 * Process and analyze the NPM audit JSON
 * @param  {String} jsonBuffer        NPM audit stringified JSON payload
 * @param  {Number} auditLevel        The level of vulnerabilities we care about
 * @param  {Array} exceptionIds       List of vulnerability IDs to exclude
 * @param  {Array} exceptionModules   List of vulnerable modules to ignore in audit results
 */
function handleFinish(jsonBuffer, auditLevel, exceptionIds, exceptionModules) {
    var _a = vulnerability_1.processAuditJson(jsonBuffer, auditLevel, exceptionIds, exceptionModules), unhandledIds = _a.unhandledIds, report = _a.report, failed = _a.failed, unusedExceptionIds = _a.unusedExceptionIds, unusedExceptionModules = _a.unusedExceptionModules;
    // If unable to process the audit JSON
    if (failed) {
        console.error('Unable to process the JSON buffer string.');
        // Exit failed
        process.exit(1);
        return;
    }
    // Print the security report
    if (report.length) {
        print_1.printSecurityReport(report);
    }
    // Handle unused exceptions
    vulnerability_1.handleUnusedExceptions(unusedExceptionIds, unusedExceptionModules);
    // Display the found unhandled vulnerabilities
    if (unhandledIds.length) {
        console.error(unhandledIds.length + " vulnerabilities found. Node security advisories: " + unhandledIds.join(', '));
        // Exit failed
        process.exit(1);
    }
    else {
        // Happy happy, joy joy
        console.info('🤝  All good!');
        process.exit(0);
    }
}
exports.default = handleFinish;