UNPKG

npm-audit-guard

Version:

CLI tool for npm security audit with blacklist functionality and progress bar

github.com/KOeker/npm-audit-guard

KOeker/npm-audit-guard

103 lines 4.44 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
"use strict"; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.ResultFormatter = void 0; const chalk_1 = __importDefault(require("chalk")); class ResultFormatter { formatResults(auditResult, blacklist) { const grouped = { critical: [], high: [], moderate: [], low: [], }; const ignored = []; const blacklistWarnings = []; const blacklistSet = new Set(blacklist.map((pkg) => pkg.toLowerCase())); for (const [packageName, vulnerability] of Object.entries(auditResult.vulnerabilities)) { const isBlacklisted = blacklistSet.has(packageName.toLowerCase()); if (isBlacklisted) { ignored.push({ name: packageName, severity: vulnerability.severity, }); } else { const vulnEntry = { name: packageName, range: vulnerability.range, }; switch (vulnerability.severity) { case 'critical': grouped.critical.push(vulnEntry); break; case 'high': grouped.high.push(vulnEntry); break; case 'moderate': grouped.moderate.push(vulnEntry); break; case 'low': grouped.low.push(vulnEntry); break; } } } for (const blacklistedPkg of blacklist) { const found = Object.keys(auditResult.vulnerabilities).some((pkg) => pkg.toLowerCase() === blacklistedPkg.toLowerCase()); if (!found) { blacklistWarnings.push(`Warning: Blacklisted package "${blacklistedPkg}" not found in audit results`); } } const totalCount = grouped.critical.length + grouped.high.length + grouped.moderate.length + grouped.low.length; return { grouped, ignored, blacklistWarnings, totalCount, }; } printResults(results) { console.log('\n' + chalk_1.default.bold('=== Security Audit Results ===\n')); this.printSeverityGroup('Critical', results.grouped.critical, chalk_1.default.red); this.printSeverityGroup('High', results.grouped.high, chalk_1.default.yellow); this.printSeverityGroup('Moderate', results.grouped.moderate, chalk_1.default.blue); this.printSeverityGroup('Low', results.grouped.low, chalk_1.default.gray); if (results.ignored.length > 0) { console.log(chalk_1.default.cyan.bold('\nIgnored (Blacklisted):')); for (const pkg of results.ignored) { console.log(chalk_1.default.cyan(` - ${pkg.name} (${pkg.severity})`)); } } if (results.blacklistWarnings.length > 0) { console.log(''); for (const warning of results.blacklistWarnings) { console.log(chalk_1.default.yellow(warning)); } } console.log(chalk_1.default.bold('\n=== Summary ===')); console.log(`Total vulnerabilities found: ${results.totalCount > 0 ? chalk_1.default.red(results.totalCount) : chalk_1.default.green(results.totalCount)}`); console.log(`Ignored (blacklisted): ${results.ignored.length}`); if (results.totalCount === 0) { console.log(chalk_1.default.green('\n✓ No vulnerabilities found!')); } else { console.log(chalk_1.default.red(`\n✗ ${results.totalCount} vulnerabilit${results.totalCount === 1 ? 'y' : 'ies'} require${results.totalCount === 1 ? 's' : ''} attention!`)); } } printSeverityGroup(severityLabel, vulnerabilities, colorFn) { if (vulnerabilities.length > 0) { console.log(colorFn.bold(`\n${severityLabel}:`)); for (const vuln of vulnerabilities) { console.log(colorFn(` - ${vuln.name} (${vuln.range})`)); } } } } exports.ResultFormatter = ResultFormatter; //# sourceMappingURL=formatter.js.map