drek/app/util-globify.js

A static-code-analysis tool that can be used to perform security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.

const lodash = require('lodash');

module.exports = function(options, signatures) {

  // format the desired source directories
  const directories = (options['<source-directory>'].length === 1)
    ? options['<source-directory>'][0]
    : '{' + options['<source-directory>'].join(',') + '}';

  // get the file extensions in use
  const extensions = lodash(signatures)
    .map('filetypes')
    .flatten()
    .sort()
    .uniq()
    .value();

  // format and return the glob
  return (extensions.length >= 2)
    ? directories + '/**/**.{' + extensions + '}'
    : directories + '/**/**.' + extensions;
};