move to private methods and pre-build severities

workspaces/arborist/lib/vuln.js

@@ -16,48 +16,42 @@ const semverOpt = { loose: true, includePrerelease: true }
 
 const localeCompare = require('@isaacs/string-locale-compare')('en')
 const npa = require('npm-package-arg')
-const _range = Symbol('_range')
-const _simpleRange = Symbol('_simpleRange')
-const _fixAvailable = Symbol('_fixAvailable')
 
 const severities = new Map([
-  ['info', 0],
-  ['low', 1],
-  ['moderate', 2],
-  ['high', 3],
-  ['critical', 4],
-  [null, -1],
+  ['info', 0], [0, 'info'],
+  ['low', 1], [1, 'low'],
+  ['moderate', 2], [2, 'moderate'],
+  ['high', 3], [3, 'high'],
+  ['critical', 4], [4, 'critical'],
+  [null, -1], [-1, null],
 ])
 
-for (const [name, val] of severities.entries()) {
-  severities.set(val, name)
-}
-
 class Vuln {
+  #range = null
+  #simpleRange = null
+  // assume a fix is available unless it hits a top node
+  // that locks it in place, setting this false or {isSemVerMajor, version}.
+  #fixAvailable = true
+
   constructor ({ name, advisory }) {
     this.name = name
     this.via = new Set()
     this.advisories = new Set()
     this.severity = null
     this.effects = new Set()
     this.topNodes = new Set()
-    this[_range] = null
-    this[_simpleRange] = null
     this.nodes = new Set()
-    // assume a fix is available unless it hits a top node
-    // that locks it in place, setting this false or {isSemVerMajor, version}.
-    this[_fixAvailable] = true
     this.addAdvisory(advisory)
     this.packument = advisory.packument
     this.versions = advisory.versions
   }
 
   get fixAvailable () {
-    return this[_fixAvailable]
+    return this.#fixAvailable
   }
 
   set fixAvailable (f) {
-    this[_fixAvailable] = f
+    this.#fixAvailable = f
     // if there's a fix available for this at the top level, it means that
     // it will also fix the vulns that led to it being there.  to get there,
     // we set the vias to the most "strict" of fix availables.
@@ -131,7 +125,7 @@ class Vuln {
       effects: [...this.effects].map(v => v.name).sort(localeCompare),
       range: this.simpleRange,
       nodes: [...this.nodes].map(n => n.location).sort(localeCompare),
-      fixAvailable: this[_fixAvailable],
+      fixAvailable: this.#fixAvailable,
     }
   }
 
@@ -151,8 +145,8 @@ class Vuln {
     this.advisories.delete(advisory)
     // make sure we have the max severity of all the vulns causing this one
     this.severity = null
-    this[_range] = null
-    this[_simpleRange] = null
+    this.#range = null
+    this.#simpleRange = null
     // refresh severity
     for (const advisory of this.advisories) {
       this.addAdvisory(advisory)
@@ -170,27 +164,30 @@ class Vuln {
   addAdvisory (advisory) {
     this.advisories.add(advisory)
     const sev = severities.get(advisory.severity)
-    this[_range] = null
-    this[_simpleRange] = null
+    this.#range = null
+    this.#simpleRange = null
     if (sev > severities.get(this.severity)) {
       this.severity = advisory.severity
     }
   }
 
   get range () {
-    return this[_range] ||
-      (this[_range] = [...this.advisories].map(v => v.range).join(' || '))
+    if (!this.#range) {
+      this.#range = [...this.advisories].map(v => v.range).join(' || ')
+    }
+    return this.#range
   }
 
   get simpleRange () {
-    if (this[_simpleRange] && this[_simpleRange] === this[_range]) {
-      return this[_simpleRange]
+    if (this.#simpleRange && this.#simpleRange === this.#range) {
+      return this.#simpleRange
     }
 
     const versions = [...this.advisories][0].versions
     const range = this.range
-    const simple = simplifyRange(versions, range, semverOpt)
-    return this[_simpleRange] = this[_range] = simple
+    this.#simpleRange = simplifyRange(versions, range, semverOpt)
+    this.#range = this.#simpleRange
+    return this.#simpleRange
   }
 
   isVulnerable (node) {