Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

deps: npm-audit-report@3.0.0 #4606

Merged
merged 1 commit into from
Mar 28, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion node_modules/npm-audit-report/lib/colors.js
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,6 @@ module.exports = color => {
magenta,
yellow,
white,
severity
severity,
}
}
2 changes: 1 addition & 1 deletion node_modules/npm-audit-report/lib/exit-code.js
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ const severities = new Map(Object.entries([
'moderate',
'high',
'critical',
'none'
'none',
]).map(s => s.reverse()))

module.exports = (data, level) =>
Expand Down
12 changes: 7 additions & 5 deletions node_modules/npm-audit-report/lib/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ const reporters = {
install: require('./reporters/install'),
detail: require('./reporters/detail'),
json: require('./reporters/json'),
quiet: require('./reporters/quiet')
quiet: require('./reporters/quiet'),
}

const exitCode = require('./exit-code.js')
Expand All @@ -20,20 +20,22 @@ module.exports = Object.assign((data, options = {}) => {
// CLI defaults this to `null` so the defaulting method above doesn't work
const auditLevel = options.auditLevel || 'low'

if (!data)
if (!data) {
throw Object.assign(
new TypeError('ENOAUDITDATA'),
{
code: 'ENOAUDITDATA',
message: 'missing audit data'
message: 'missing audit data',
}
)
}

if (typeof data.toJSON === 'function')
if (typeof data.toJSON === 'function') {
data = data.toJSON()
}

return {
report: reporters[reporter](data, { color, unicode, indent }),
exitCode: exitCode(data, auditLevel)
exitCode: exitCode(data, auditLevel),
}
}, { reporters })
22 changes: 12 additions & 10 deletions node_modules/npm-audit-report/lib/reporters/detail.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,28 +6,30 @@ const install = require('./install.js')
module.exports = (data, { color }) => {
const summary = install.summary(data, { color })
const none = data.metadata.vulnerabilities.total === 0
return none ? summary : fullReport(data, {color, summary})
return none ? summary : fullReport(data, { color, summary })
}

const fullReport = (data, { color, summary }) => {
const c = colors(color)
const output = [c.white('# npm audit report'), '']

const printed = new Set()
for (const [name, vuln] of Object.entries(data.vulnerabilities)) {
for (const [, vuln] of Object.entries(data.vulnerabilities)) {
// only print starting from the top-level advisories
if (vuln.via.filter(v => typeof v !== 'string').length !== 0)
output.push(printVuln(vuln, c, data.vulnerabilities))
if (vuln.via.filter(v => typeof v !== 'string').length !== 0) {
output.push(printVuln(vuln, c, data.vulnerabilities, printed))
}
}

output.push(summary)

return output.join('\n')
}

const printVuln = (vuln, c, vulnerabilities, printed = new Set(), indent = '') => {
if (printed.has(vuln))
const printVuln = (vuln, c, vulnerabilities, printed, indent = '') => {
if (printed.has(vuln)) {
return null
}

printed.add(vuln)
const output = []
Expand Down Expand Up @@ -59,7 +61,7 @@ const printVuln = (vuln, c, vulnerabilities, printed = new Set(), indent = '') =
`${c.yellow('fix available')} via \`npm audit fix --force\``,
`Will install ${fa.name}@${fa.version}` +
`, which is ${fa.isSemVerMajor ? 'a breaking change' :
'outside the stated dependency range' }`
'outside the stated dependency range'}`
)
}
}
Expand All @@ -70,10 +72,10 @@ const printVuln = (vuln, c, vulnerabilities, printed = new Set(), indent = '') =
}

for (const effect of vuln.effects) {
const vuln = vulnerabilities[effect]
const e = printVuln(vuln, c, vulnerabilities, printed, ' ')
if (e)
const e = printVuln(vulnerabilities[effect], c, vulnerabilities, printed, ' ')
if (e) {
output.push(...e.split('\n'))
}
}

if (indent === '') {
Expand Down
10 changes: 5 additions & 5 deletions node_modules/npm-audit-report/lib/reporters/install.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ const colors = require('../colors.js')
const calculate = (data, { color }) => {
const c = colors(color)
const output = []
const { metadata: { vulnerabilities }} = data
const { metadata: { vulnerabilities } } = data
const vulnCount = vulnerabilities.total

let someFixable = false
Expand All @@ -14,7 +14,7 @@ const calculate = (data, { color }) => {
if (vulnCount === 0) {
output.push(`found ${c.green('0')} vulnerabilities`)
} else {
for (const [name, vuln] of Object.entries(data.vulnerabilities)) {
for (const [, vuln] of Object.entries(data.vulnerabilities)) {
const { fixAvailable } = vuln
someFixable = someFixable || fixAvailable === true
someUnfixable = someUnfixable || fixAvailable === false
Expand Down Expand Up @@ -45,7 +45,7 @@ const calculate = (data, { color }) => {
if (someFixable) {
output.push('', 'To address ' +
(someForceFixable || someUnfixable ? 'issues that do not require attention'
: 'all issues') + ', run:\n npm audit fix')
: 'all issues') + ', run:\n npm audit fix')
}

if (someForceFixable) {
Expand All @@ -66,10 +66,10 @@ const calculate = (data, { color }) => {
return {
summary,
report: vulnCount > 0 ? `${summary}\n\nRun \`npm audit\` for details.`
: summary
: summary,
}
}

module.exports = Object.assign((data, opt) => calculate(data, opt).report, {
summary: (data, opt) => calculate(data, opt).summary
summary: (data, opt) => calculate(data, opt).summary,
})
27 changes: 19 additions & 8 deletions node_modules/npm-audit-report/package.json
Original file line number Diff line number Diff line change
@@ -1,14 +1,19 @@
{
"name": "npm-audit-report",
"version": "2.1.5",
"version": "3.0.0",
"description": "Given a response from the npm security api, render it into a variety of security reports",
"main": "lib/index.js",
"scripts": {
"test": "tap",
"snap": "tap",
"preversion": "npm test",
"postversion": "npm publish",
"prepublishOnly": "git push origin --follow-tags"
"prepublishOnly": "git push origin --follow-tags",
"lint": "eslint \"**/*.js\"",
"postlint": "template-oss-check",
"template-oss-apply": "template-oss-apply --force",
"lintfix": "npm run lint -- --fix",
"posttest": "npm run lint"
},
"tap": {
"check-coverage": true,
Expand All @@ -20,33 +25,39 @@
"report",
"audit"
],
"author": "Adam Baldwin",
"author": "GitHub Inc.",
"license": "ISC",
"dependencies": {
"chalk": "^4.0.0"
},
"devDependencies": {
"@npmcli/eslint-config": "^3.0.1",
"@npmcli/template-oss": "3.1.2",
"require-inject": "^1.4.4",
"tap": "^14.10.7"
"tap": "^16.0.0"
},
"directories": {
"lib": "lib",
"test": "test"
},
"repository": {
"type": "git",
"url": "git+https://github.com/npm/npm-audit-report.git"
"url": "https://github.com/npm/npm-audit-report.git"
},
"bugs": {
"url": "https://github.com/npm/npm-audit-report/issues"
},
"homepage": "https://github.com/npm/npm-audit-report#readme",
"files": [
"index.js",
"lib",
"bin/",
"lib/",
"reporters"
],
"engines": {
"node": ">=10"
"node": "^12.13.0 || ^14.15.0 || >=16.0.0"
},
"templateOSS": {
"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
"version": "3.1.2"
}
}
16 changes: 8 additions & 8 deletions package-lock.json
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@
"ms": "^2.1.2",
"node-gyp": "^9.0.0",
"nopt": "^5.0.0",
"npm-audit-report": "^2.1.5",
"npm-audit-report": "^3.0.0",
"npm-install-checks": "^4.0.0",
"npm-package-arg": "^9.0.1",
"npm-pick-manifest": "^7.0.0",
Expand Down Expand Up @@ -5336,15 +5336,15 @@
}
},
"node_modules/npm-audit-report": {
"version": "2.1.5",
"resolved": "https://registry.npmjs.org/npm-audit-report/-/npm-audit-report-2.1.5.tgz",
"integrity": "sha512-YB8qOoEmBhUH1UJgh1xFAv7Jg1d+xoNhsDYiFQlEFThEBui0W1vIz2ZK6FVg4WZjwEdl7uBQlm1jy3MUfyHeEw==",
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/npm-audit-report/-/npm-audit-report-3.0.0.tgz",
"integrity": "sha512-tWQzfbwz1sc4244Bx2BVELw0EmZlCsCF0X93RDcmmwhonCsPMoEviYsi+32R+mdRvOWXolPce9zo64n2xgPESw==",
"inBundle": true,
"dependencies": {
"chalk": "^4.0.0"
},
"engines": {
"node": ">=10"
"node": "^12.13.0 || ^14.15.0 || >=16.0.0"
}
},
"node_modules/npm-bundled": {
Expand Down Expand Up @@ -14835,9 +14835,9 @@
"dev": true
},
"npm-audit-report": {
"version": "2.1.5",
"resolved": "https://registry.npmjs.org/npm-audit-report/-/npm-audit-report-2.1.5.tgz",
"integrity": "sha512-YB8qOoEmBhUH1UJgh1xFAv7Jg1d+xoNhsDYiFQlEFThEBui0W1vIz2ZK6FVg4WZjwEdl7uBQlm1jy3MUfyHeEw==",
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/npm-audit-report/-/npm-audit-report-3.0.0.tgz",
"integrity": "sha512-tWQzfbwz1sc4244Bx2BVELw0EmZlCsCF0X93RDcmmwhonCsPMoEviYsi+32R+mdRvOWXolPce9zo64n2xgPESw==",
"requires": {
"chalk": "^4.0.0"
}
Expand Down
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@
"ms": "^2.1.2",
"node-gyp": "^9.0.0",
"nopt": "^5.0.0",
"npm-audit-report": "^2.1.5",
"npm-audit-report": "^3.0.0",
"npm-install-checks": "^4.0.0",
"npm-package-arg": "^9.0.1",
"npm-pick-manifest": "^7.0.0",
Expand Down