Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: create getVulnerabilities function #33

Merged
merged 4 commits into from
May 30, 2022
Merged

feat: create getVulnerabilities function #33

merged 4 commits into from
May 30, 2022

Conversation

Mathieuka
Copy link
Contributor

@Mathieuka Mathieuka commented May 18, 2022
edited
Loading

Issue: #28

The purpose is to start decoupling the package with Scanner

  • For NPM strategy we have implemented the getVulnerabilities function who return the vulnerabilities from arborist package.

  • All others strategies (security-wg, snyk, sonatype) have the function getVulnerabilities but not implemented.

  • Add tests.

  • Add Documentation.

@Mathieuka Mathieuka force-pushed the decoupling-with-scanner branch 2 times, most recently from 555ab7d to 271e926 Compare May 18, 2022 15:16
@Mathieuka Mathieuka changed the title feat(npm-audit): pass a path to hydratePayloadDependencies function feat: create getVulnerabilities function May 18, 2022
@Mathieuka Mathieuka changed the title feat: create getVulnerabilities function feat(all strategies): create getVulnerabilities function May 18, 2022
@Mathieuka Mathieuka changed the title feat(all strategies): create getVulnerabilities function feat: create getVulnerabilities function May 18, 2022
antoine-coulon
antoine-coulon reviewed May 18, 2022
View reviewed changes
Copy link
Member

@antoine-coulon antoine-coulon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am aware this is still a WIP but here are my first thoughts about the work already done :) I'll be happy to do another review

src/strategies/npm-audit.js Outdated Show resolved Hide resolved
src/strategies/npm-audit.js Outdated Show resolved Hide resolved
src/strategies/npm-audit.js Outdated Show resolved Hide resolved
src/strategies/security-wg.js Outdated Show resolved Hide resolved
src/strategies/security-wg.js Outdated Show resolved Hide resolved
src/strategies/snyk.js Outdated Show resolved Hide resolved
src/strategies/sonatype.js Outdated Show resolved Hide resolved
src/strategies/sonatype.js Outdated Show resolved Hide resolved
types/strategy.d.ts Outdated Show resolved Hide resolved
types/strategy.d.ts Outdated Show resolved Hide resolved
fraxken
fraxken reviewed May 21, 2022
View reviewed changes
src/strategies/npm-audit.js Outdated Show resolved Hide resolved
types/strategy.d.ts Outdated Show resolved Hide resolved
@fraxken
Copy link
Member

fraxken commented May 26, 2022

Seems globally ok to me, however the update to Defintion break other types. I guess you also need to check api.d.ts and update it like this:

declare function setStrategy<T>(name?: Strategy.Kind, options?: Strategy.Options): Promise<Strategy.Definition<T>>;
declare function getStrategy<T>(): Promise<Strategy.Definition<T>>;

fraxken
fraxken approved these changes May 28, 2022
View reviewed changes
Copy link
Member

@fraxken fraxken left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Kawacrepe
Kawacrepe approved these changes May 28, 2022
View reviewed changes
Copy link
Member

@Kawacrepe Kawacrepe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lgtm!

@fraxken fraxken merged commit 6d4a623 into NodeSecure:main May 30, 2022
@fraxken
Copy link
Member

fraxken commented May 30, 2022

@all-contributors please add @Mathieuka for code

@allcontributors allcontributors bot mentioned this pull request May 30, 2022
Merged
@allcontributors
Copy link
Contributor

@fraxken

I've put up a pull request to add @Mathieuka! 🎉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Kawacrepe Kawacrepe Kawacrepe approved these changes

@fraxken fraxken fraxken approved these changes

@antoine-coulon antoine-coulon Awaiting requested review from antoine-coulon

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Mathieuka @fraxken @Kawacrepe @antoine-coulon