From 468ec6307bacfb254e56ffc60963540625f2cc26 Mon Sep 17 00:00:00 2001 From: Liliana Kastilio Date: Sun, 22 Sep 2019 16:02:37 +0100 Subject: [PATCH 1/2] feat: convert nodejs to use multi format --- src/lib/plugins/nodejs-plugin/index.ts | 11 +++++++---- src/lib/plugins/rubygems/index.ts | 1 + 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/src/lib/plugins/nodejs-plugin/index.ts b/src/lib/plugins/nodejs-plugin/index.ts index c850e4fdc1..d48b64a634 100644 --- a/src/lib/plugins/nodejs-plugin/index.ts +++ b/src/lib/plugins/nodejs-plugin/index.ts @@ -2,12 +2,13 @@ import * as modulesParser from './npm-modules-parser'; import * as lockParser from './npm-lock-parser'; import * as types from '../types'; import { MissingTargetFileError } from '../../errors/missing-targetfile-error'; +import { MultiProjectResult } from '@snyk/cli-interface/legacy/plugin'; export async function inspect( root: string, targetFile: string, options: types.Options = {}, -): Promise { +): Promise { if (!targetFile) { throw MissingTargetFileError(root); } @@ -16,13 +17,15 @@ export async function inspect( targetFile.endsWith('yarn.lock'); const getLockFileDeps = isLockFileBased && !options.traverseNodeModules; + const depTree: any = getLockFileDeps + ? await lockParser.parse(root, targetFile, options) + : await modulesParser.parse(root, targetFile, options); + return { plugin: { name: 'snyk-nodejs-lockfile-parser', runtime: process.version, }, - package: getLockFileDeps - ? await lockParser.parse(root, targetFile, options) - : await modulesParser.parse(root, targetFile, options), + scannedProjects: [{ depTree }], }; } diff --git a/src/lib/plugins/rubygems/index.ts b/src/lib/plugins/rubygems/index.ts index fe0d2e3401..7dbbda7530 100644 --- a/src/lib/plugins/rubygems/index.ts +++ b/src/lib/plugins/rubygems/index.ts @@ -24,6 +24,7 @@ export async function inspect( name: 'bundled:rubygems', runtime: 'unknown', }, + // TODO: must be a depTree! package: { name: specs.packageName, targetFile: specs.targetFile, From fb436997c6631fc649d0ab0082b177d1d4f2cc46 Mon Sep 17 00:00:00 2001 From: Liliana Kastilio Date: Sun, 22 Sep 2019 16:31:18 +0100 Subject: [PATCH 2/2] feat: rename sub project to project name --- src/cli/commands/monitor.ts | 32 +++++++++++++------------- src/cli/commands/test/index.ts | 10 ++++---- src/lib/snyk-test/run-test.ts | 2 +- src/lib/types.ts | 2 +- test/acceptance/cli.acceptance.test.ts | 15 ++++++++---- 5 files changed, 33 insertions(+), 28 deletions(-) diff --git a/src/cli/commands/monitor.ts b/src/cli/commands/monitor.ts index 286a7fc965..519da9c83c 100644 --- a/src/cli/commands/monitor.ts +++ b/src/cli/commands/monitor.ts @@ -28,7 +28,7 @@ interface GoodResult { ok: true; data: string; path: string; - subProjectName?: string; + projectName?: string; } interface BadResult { @@ -166,10 +166,10 @@ async function monitor(...args0: MethodArgs): Promise { // SinglePackageResult is a legacy format understood by Registry, so we have to convert // a MultiProjectResult to an array of these. - let perSubProjectResults: pluginApi.SinglePackageResult[] = []; + let perProjectResult: pluginApi.SinglePackageResult[] = []; let advertiseSubprojectsCount: number | null = null; if (pluginApi.isMultiResult(inspectResult)) { - perSubProjectResults = inspectResult.scannedProjects.map( + perProjectResult = inspectResult.scannedProjects.map( (scannedProject) => ({ plugin: inspectResult.plugin, package: scannedProject.depTree, @@ -185,15 +185,15 @@ async function monitor(...args0: MethodArgs): Promise { advertiseSubprojectsCount = inspectResult.plugin.meta.allSubProjectNames.length; } - perSubProjectResults = [inspectResult]; + perProjectResult = [inspectResult]; } // Post the project dependencies to the Registry - for (const subProjDeps of perSubProjectResults) { - maybePrintDeps(options, subProjDeps.package); + for (const projectDeps of perProjectResult) { + maybePrintDeps(options, projectDeps.package); const res = await promiseOrCleanup( - snykMonitor(path, meta, subProjDeps, targetFile), + snykMonitor(path, meta, projectDeps, targetFile), spinner.clear(postingMonitorSpinnerLabel), ); @@ -209,18 +209,18 @@ async function monitor(...args0: MethodArgs): Promise { const manageUrl = url.format(endpoint); endpoint.pathname = leader + '/monitor/' + res.id; - const subProjectName = pluginApi.isMultiResult(inspectResult) - ? subProjDeps.package.name + const projectName = pluginApi.isMultiResult(inspectResult) + ? projectDeps.package.name : undefined; const monOutput = formatMonitorOutput( packageManager, res, manageUrl, options, - subProjectName, + projectName, advertiseSubprojectsCount, ); - results.push({ ok: true, data: monOutput, path, subProjectName }); + results.push({ ok: true, data: monOutput, path, projectName }); } // push a good result } catch (err) { @@ -233,8 +233,8 @@ async function monitor(...args0: MethodArgs): Promise { let dataToSend = results.map((result) => { if (result.ok) { const jsonData = JSON.parse(result.data); - if (result.subProjectName) { - jsonData.subProjectName = result.subProjectName; + if (result.projectName) { + jsonData.projectName = result.projectName; } return jsonData; } @@ -282,12 +282,12 @@ function formatMonitorOutput( res: MonitorResult, manageUrl, options, - subProjectName?: string, + projectName?: string, advertiseSubprojectsCount?: number | null, ) { const issues = res.licensesPolicy ? 'issues' : 'vulnerabilities'; - const humanReadableName = subProjectName - ? `${res.path} (${subProjectName})` + const humanReadableName = projectName + ? `${res.path} (${projectName})` : res.path; const strOutput = chalk.bold.white('\nMonitoring ' + humanReadableName + '...\n\n') + diff --git a/src/cli/commands/test/index.ts b/src/cli/commands/test/index.ts index caae1480d8..11b126611e 100644 --- a/src/cli/commands/test/index.ts +++ b/src/cli/commands/test/index.ts @@ -112,12 +112,12 @@ async function test(...args: MethodArgs): Promise { results.push(_.assign(resArray[i], { path })); // currently testOpts are identical for each test result returned even if it's for multiple projects. // we want to return the project names, so will need to be crafty in a way that makes sense. - if (!testOpts.subProjectNames) { + if (!testOpts.projectNames) { resultOptions.push(testOpts); } else { resultOptions.push( _.assign(_.cloneDeep(testOpts), { - subProjectName: testOpts.subProjectNames[i], + projectName: testOpts.projectNames[i], }), ); } @@ -478,10 +478,10 @@ function metaForDisplay(res, options) { options.file, ); } - if (options.subProjectName) { + if (options.projectName) { meta.push( - chalk.bold(rightPadWithSpaces('Sub project: ', padToLength)) + - options.subProjectName, + chalk.bold(rightPadWithSpaces('Project name: ', padToLength)) + + options.projectName, ); } if (options.docker) { diff --git a/src/lib/snyk-test/run-test.ts b/src/lib/snyk-test/run-test.ts index 670c61dc50..45996db111 100644 --- a/src/lib/snyk-test/run-test.ts +++ b/src/lib/snyk-test/run-test.ts @@ -296,7 +296,7 @@ async function getDepsFromPlugin( // We are using "options" to store some information returned from plugin that we need to use later, // but don't want to send to Registry in the Payload. // TODO(kyegupov): decouple inspect and payload so that we don't need this hack - (options as any).subProjectNames = inspectRes.scannedProjects.map( + (options as any).projectNames = inspectRes.scannedProjects.map( (scannedProject) => scannedProject.depTree.name, ); return inspectRes; diff --git a/src/lib/types.ts b/src/lib/types.ts index f04020d257..8014be8764 100644 --- a/src/lib/types.ts +++ b/src/lib/types.ts @@ -51,7 +51,7 @@ export interface Options { 'show-vulnerable-paths'?: string; packageManager: SupportedPackageManagers; advertiseSubprojectsCount?: number; - subProjectNames?: string[]; + projectNames?: string[]; severityThreshold?: SEVERITY; dev?: boolean; 'print-deps'?: boolean; diff --git a/test/acceptance/cli.acceptance.test.ts b/test/acceptance/cli.acceptance.test.ts index 22ae8025ca..584f6108a9 100644 --- a/test/acceptance/cli.acceptance.test.ts +++ b/test/acceptance/cli.acceptance.test.ts @@ -756,8 +756,8 @@ test('`test gradle-app --all-sub-projects` returns correct multi tree meta', asy t.match(meta[0], /Organization:\s+test-org/, 'organization displayed'); t.match(meta[1], /Package manager:\s+gradle/, 'package manager displayed'); t.match(meta[2], /Target file:\s+build.gradle/, 'target file displayed'); - t.match(meta[3], /Sub project:\s+tree/, 'subproject displayed'); - t.includes(meta[3], `tree${i}`, 'subproject displayed'); + t.match(meta[3], /Project name:\s+tree/, 'sub-project displayed'); + t.includes(meta[3], `tree${i}`, 'sub-project displayed'); t.match(meta[4], /Open source:\s+no/, 'open source displayed'); t.match(meta[5], /Project path:\s+gradle-app/, 'path displayed'); t.notMatch( @@ -782,9 +782,14 @@ test('`test npm-package-policy` returns correct meta', async (t) => { t.match(meta[0], /Organization:\s+test-org/, 'organization displayed'); t.match(meta[1], /Package manager:\s+npm/, 'package manager displayed'); t.match(meta[2], /Target file:\s+package.json/, 'target file displayed'); - t.match(meta[3], /Open source:\s+no/, 'open source displayed'); - t.match(meta[4], /Project path:\s+npm-package-policy/, 'path displayed'); - t.match(meta[5], /Local Snyk policy:\s+found/, 'local policy displayed'); + t.match( + meta[3], + /Project name:\s+custom-policy-location-package/, + 'project name displayed', + ); + t.match(meta[4], /Open source:\s+no/, 'open source displayed'); + t.match(meta[5], /Project path:\s+npm-package-policy/, 'path displayed'); + t.match(meta[6], /Local Snyk policy:\s+found/, 'local policy displayed'); }); test('`test ruby-gem-no-lockfile --file=ruby-gem.gemspec`', async (t) => {