npm-auditor-ci
Version:
A wrapper for 'npm audit' which can be used in CI.
148 lines (116 loc) • 4.42 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", {
value: true
});
exports.default = void 0;
var child = _interopRequireWildcard(require("child_process"));
var _lodash = _interopRequireDefault(require("lodash"));
var _console = _interopRequireDefault(require("console.table"));
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
function _getRequireWildcardCache() { if (typeof WeakMap !== "function") return null; var cache = new WeakMap(); _getRequireWildcardCache = function () { return cache; }; return cache; }
function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
class Auditor {
constructor(arg, options) {
this.opts = {};
this.severities = ['critical', 'high', 'moderate', 'low'];
this.opts = options;
}
buildCmdLine() {
return `npm audit --json --registry='${this.opts.registry}'`;
}
static exitWithCode(exitCode) {
process.exit(exitCode);
}
mapSeverities(data) {
return this.severities.map(level => {
let advisoryData = _lodash.default.filter(data.advisories, {
severity: level
});
if (this.opts.ignoreDev) {
advisoryData = _lodash.default.reject(advisoryData, item => {
return _lodash.default.filter(item.findings, {
dev: false
}).length <= 0;
});
}
return {
level,
advisories: advisoryData
};
});
}
filterAndCombineByThreshold(data, threshold) {
let severityIndex = this.severities.indexOf(threshold) + 1;
let combinedAdvisories = [];
_lodash.default.times(severityIndex, index => {
combinedAdvisories = combinedAdvisories.concat(data[index].advisories);
});
return combinedAdvisories;
}
processJSON(data) {
data = this.mapSeverities(data);
data = this.filterAndCombineByThreshold(data, this.opts.threshold);
if (data.length > 0) {
return {
code: 1,
data
};
}
return {
code: 0,
data: []
};
}
static findActionForModuleName(modulePaths, data) {
let paths = [];
paths = modulePaths.map(item => {
let rootPathName = item.split('>')[0];
let actionItem = _lodash.default.find(data.actions, {
module: rootPathName
});
if (actionItem !== undefined) {
return actionItem.action + ' ' + rootPathName + ' ' + actionItem.target;
}
return rootPathName;
});
return _lodash.default.uniq(paths).join(', ');
}
static formatExitDataForAdvisory(data) {
const tableData = data.map(item => {
return {
name: item.module_name,
action: Auditor.findActionForModuleName(item.findings[0].paths, data),
version: item.findings[0].version,
severity: item.severity,
title: item.title,
url: item.url
};
});
return tableData;
}
run() {
child.exec(this.buildCmdLine(), (err, stdout, stderr) => {
let data = '';
try {
data = JSON.parse(stdout);
} catch (ex) {
console.log('npm-auditor-ci encountered an unexpected error.');
console.log('error:', err);
console.log('stderr:', stderr);
Auditor.exitWithCode(255);
}
const exitData = this.processJSON(data);
if (this.opts.json) {
console.log(JSON.stringify(exitData.data));
} else {
console.log('npm-auditor-ci found %d advisories.', exitData.data.length);
if (exitData.code === 1) {
console.log(_console.default.getTable(Auditor.formatExitDataForAdvisory(exitData.data)));
}
}
Auditor.exitWithCode(exitData.code);
});
}
}
var _default = Auditor;
exports.default = _default;