Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deps: npm-audit-report@3.0.0 #4606

Merged
merged 1 commit into from Mar 28, 2022
Merged

deps: npm-audit-report@3.0.0 #4606

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion node_modules/npm-audit-report/lib/colors.js
View file
Open in desktop
Expand Up @@ -19,6 +19,6 @@ module.exports = color => {
magenta,
yellow,
white,
severity
severity,
}
}
2 changes: 1 addition & 1 deletion node_modules/npm-audit-report/lib/exit-code.js
View file
Open in desktop
Expand Up @@ -5,7 +5,7 @@ const severities = new Map(Object.entries([
'moderate',
'high',
'critical',
'none'
'none',
]).map(s => s.reverse()))

module.exports = (data, level) =>
Expand Down
12 changes: 7 additions & 5 deletions node_modules/npm-audit-report/lib/index.js
View file
Open in desktop
Expand Up @@ -4,7 +4,7 @@ const reporters = {
install: require('./reporters/install'),
detail: require('./reporters/detail'),
json: require('./reporters/json'),
quiet: require('./reporters/quiet')
quiet: require('./reporters/quiet'),
}

const exitCode = require('./exit-code.js')
Expand All @@ -20,20 +20,22 @@ module.exports = Object.assign((data, options = {}) => {
// CLI defaults this to `null` so the defaulting method above doesn't work
const auditLevel = options.auditLevel || 'low'

if (!data)
if (!data) {
throw Object.assign(
new TypeError('ENOAUDITDATA'),
{
code: 'ENOAUDITDATA',
message: 'missing audit data'
message: 'missing audit data',
}
)
}

if (typeof data.toJSON === 'function')
if (typeof data.toJSON === 'function') {
data = data.toJSON()
}

return {
report: reporters[reporter](data, { color, unicode, indent }),
exitCode: exitCode(data, auditLevel)
exitCode: exitCode(data, auditLevel),
}
}, { reporters })
22 changes: 12 additions & 10 deletions node_modules/npm-audit-report/lib/reporters/detail.js
View file
Open in desktop
Expand Up @@ -6,28 +6,30 @@ const install = require('./install.js')
module.exports = (data, { color }) => {
const summary = install.summary(data, { color })
const none = data.metadata.vulnerabilities.total === 0
return none ? summary : fullReport(data, {color, summary})
return none ? summary : fullReport(data, { color, summary })
}

const fullReport = (data, { color, summary }) => {
const c = colors(color)
const output = [c.white('# npm audit report'), '']

const printed = new Set()
for (const [name, vuln] of Object.entries(data.vulnerabilities)) {
for (const [, vuln] of Object.entries(data.vulnerabilities)) {
// only print starting from the top-level advisories
if (vuln.via.filter(v => typeof v !== 'string').length !== 0)
output.push(printVuln(vuln, c, data.vulnerabilities))
if (vuln.via.filter(v => typeof v !== 'string').length !== 0) {
output.push(printVuln(vuln, c, data.vulnerabilities, printed))
}
}

output.push(summary)

return output.join('\n')
}

const printVuln = (vuln, c, vulnerabilities, printed = new Set(), indent = '') => {
if (printed.has(vuln))
const printVuln = (vuln, c, vulnerabilities, printed, indent = '') => {
if (printed.has(vuln)) {
return null
}

printed.add(vuln)
const output = []
Expand Down Expand Up @@ -59,7 +61,7 @@ const printVuln = (vuln, c, vulnerabilities, printed = new Set(), indent = '') =
`${c.yellow('fix available')} via \`npm audit fix --force\``,
`Will install ${fa.name}@${fa.version}` +
`, which is ${fa.isSemVerMajor ? 'a breaking change' :
'outside the stated dependency range' }`
'outside the stated dependency range'}`
)
}
}
Expand All @@ -70,10 +72,10 @@ const printVuln = (vuln, c, vulnerabilities, printed = new Set(), indent = '') =
}

for (const effect of vuln.effects) {
const vuln = vulnerabilities[effect]
const e = printVuln(vuln, c, vulnerabilities, printed, ' ')
if (e)
const e = printVuln(vulnerabilities[effect], c, vulnerabilities, printed, ' ')
if (e) {
output.push(...e.split('\n'))
}
}

if (indent === '') {
Expand Down
10 changes: 5 additions & 5 deletions node_modules/npm-audit-report/lib/reporters/install.js
View file
Open in desktop
Expand Up @@ -3,7 +3,7 @@ const colors = require('../colors.js')
const calculate = (data, { color }) => {
const c = colors(color)
const output = []
const { metadata: { vulnerabilities }} = data
const { metadata: { vulnerabilities } } = data
const vulnCount = vulnerabilities.total

let someFixable = false
Expand All @@ -14,7 +14,7 @@ const calculate = (data, { color }) => {
if (vulnCount === 0) {
output.push(`found ${c.green('0')} vulnerabilities`)
} else {
for (const [name, vuln] of Object.entries(data.vulnerabilities)) {
for (const [, vuln] of Object.entries(data.vulnerabilities)) {
const { fixAvailable } = vuln
someFixable = someFixable || fixAvailable === true
someUnfixable = someUnfixable || fixAvailable === false
Expand Down Expand Up @@ -45,7 +45,7 @@ const calculate = (data, { color }) => {
if (someFixable) {
output.push('', 'To address ' +
(someForceFixable || someUnfixable ? 'issues that do not require attention'
: 'all issues') + ', run:\n npm audit fix')
: 'all issues') + ', run:\n npm audit fix')
}

if (someForceFixable) {
Expand All @@ -66,10 +66,10 @@ const calculate = (data, { color }) => {
return {
summary,
report: vulnCount > 0 ? `${summary}\n\nRun \`npm audit\` for details.`
: summary
: summary,
}
}

module.exports = Object.assign((data, opt) => calculate(data, opt).report, {
summary: (data, opt) => calculate(data, opt).summary
summary: (data, opt) => calculate(data, opt).summary,
})
27 changes: 19 additions & 8 deletions node_modules/npm-audit-report/package.json
View file
Open in desktop
@@ -1,14 +1,19 @@
{
"name": "npm-audit-report",
"version": "2.1.5",
"version": "3.0.0",
"description": "Given a response from the npm security api, render it into a variety of security reports",
"main": "lib/index.js",
"scripts": {
"test": "tap",
"snap": "tap",
"preversion": "npm test",
"postversion": "npm publish",
"prepublishOnly": "git push origin --follow-tags"
"prepublishOnly": "git push origin --follow-tags",
"lint": "eslint \"**/*.js\"",
"postlint": "template-oss-check",
"template-oss-apply": "template-oss-apply --force",
"lintfix": "npm run lint -- --fix",
"posttest": "npm run lint"
},
"tap": {
"check-coverage": true,
Expand All @@ -20,33 +25,39 @@
"report",
"audit"
],
"author": "Adam Baldwin",
"author": "GitHub Inc.",
"license": "ISC",
"dependencies": {
"chalk": "^4.0.0"
},
"devDependencies": {
"@npmcli/eslint-config": "^3.0.1",
"@npmcli/template-oss": "3.1.2",
"require-inject": "^1.4.4",
"tap": "^14.10.7"
"tap": "^16.0.0"
},
"directories": {
"lib": "lib",
"test": "test"
},
"repository": {
"type": "git",
"url": "git+https://github.com/npm/npm-audit-report.git"
"url": "https://github.com/npm/npm-audit-report.git"
},
"bugs": {
"url": "https://github.com/npm/npm-audit-report/issues"
},
"homepage": "https://github.com/npm/npm-audit-report#readme",
"files": [
"index.js",
"lib",
"bin/",
"lib/",
"reporters"
],
"engines": {
"node": ">=10"
"node": "^12.13.0 || ^14.15.0 || >=16.0.0"
},
"templateOSS": {
"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
"version": "3.1.2"
}
}
16 changes: 8 additions & 8 deletions package-lock.json
View file
Open in desktop
Expand Up @@ -130,7 +130,7 @@
"ms": "^2.1.2",
"node-gyp": "^9.0.0",
"nopt": "^5.0.0",
"npm-audit-report": "^2.1.5",
"npm-audit-report": "^3.0.0",
"npm-install-checks": "^4.0.0",
"npm-package-arg": "^9.0.1",
"npm-pick-manifest": "^7.0.0",
Expand Down Expand Up @@ -5336,15 +5336,15 @@
}
},
"node_modules/npm-audit-report": {
"version": "2.1.5",
"resolved": "https://registry.npmjs.org/npm-audit-report/-/npm-audit-report-2.1.5.tgz",
"integrity": "sha512-YB8qOoEmBhUH1UJgh1xFAv7Jg1d+xoNhsDYiFQlEFThEBui0W1vIz2ZK6FVg4WZjwEdl7uBQlm1jy3MUfyHeEw==",
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/npm-audit-report/-/npm-audit-report-3.0.0.tgz",
"integrity": "sha512-tWQzfbwz1sc4244Bx2BVELw0EmZlCsCF0X93RDcmmwhonCsPMoEviYsi+32R+mdRvOWXolPce9zo64n2xgPESw==",
"inBundle": true,
"dependencies": {
"chalk": "^4.0.0"
},
"engines": {
"node": ">=10"
"node": "^12.13.0 || ^14.15.0 || >=16.0.0"
}
},
"node_modules/npm-bundled": {
Expand Down Expand Up @@ -14835,9 +14835,9 @@
"dev": true
},
"npm-audit-report": {
"version": "2.1.5",
"resolved": "https://registry.npmjs.org/npm-audit-report/-/npm-audit-report-2.1.5.tgz",
"integrity": "sha512-YB8qOoEmBhUH1UJgh1xFAv7Jg1d+xoNhsDYiFQlEFThEBui0W1vIz2ZK6FVg4WZjwEdl7uBQlm1jy3MUfyHeEw==",
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/npm-audit-report/-/npm-audit-report-3.0.0.tgz",
"integrity": "sha512-tWQzfbwz1sc4244Bx2BVELw0EmZlCsCF0X93RDcmmwhonCsPMoEviYsi+32R+mdRvOWXolPce9zo64n2xgPESw==",
"requires": {
"chalk": "^4.0.0"
}
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Open in desktop
Expand Up @@ -98,7 +98,7 @@
"ms": "^2.1.2",
"node-gyp": "^9.0.0",
"nopt": "^5.0.0",
"npm-audit-report": "^2.1.5",
"npm-audit-report": "^3.0.0",
"npm-install-checks": "^4.0.0",
"npm-package-arg": "^9.0.1",
"npm-pick-manifest": "^7.0.0",
Expand Down