celogeek/yarn-audit-sonar
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update format to use clean code

Browse Source
This commit is contained in:
Celogeek 2024-04-02 19:01:15 +02:00
parent 117ba1cfa7
commit a5c88c92c9
Signed by: celogeek
SSH Key Fingerprint: SHA256:DEDfxIK2nUWXbslbRkww3zsauDjhWHlTXar+ak4lDJ4
1 changed files with 35 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
index.js
View File

@ -43,16 +43,17 @@ function yarnLockRange(yarnLock, moduleName, version) {
const yarnLock = parseYarnLock(); const yarnLock = parseYarnLock();
const severities = { const severities = {
info: 'INFO', info: 'LOW',
low: 'MINOR', low: 'LOW',
moderate: 'MINOR', moderate: 'MEDIUM',
high: 'CRITICAL', high: 'MEDIUM',
critical: 'BLOCKER', critical: 'HIGH',
}; };
const resolvedIds = new Set(); const resolvedIds = new Set();
const stats = {}; const stats = {};
let firstLine = true; const rules = []
const issues = []
function processRow(row) { function processRow(row) {
if (!row) return; if (!row) return;
@ -60,43 +61,57 @@ function processRow(row) {
if (type !== 'auditAdvisory') return; if (type !== 'auditAdvisory') return;
const {advisory, resolution} = data; const {advisory, resolution} = data;
if (resolvedIds.has(resolution.id)) return; if (resolvedIds.has(resolution.id)) return;
resolvedIds.add(resolution.id);
const [mainVersion, ...otherVersions] = new Set(advisory.findings.map((f) => f.version)); const [mainVersion, ...otherVersions] = new Set(advisory.findings.map((f) => f.version));
rules.push({
id: resolution.id.toString(),
name: advisory.github_advisory_id || advisory.npm_advisory_id || `rule_${resolution.id.toString()}`,
description: `<h1>${advisory.module_name} ${advisory.vulnerable_versions}</h1>
<h2>${advisory.title || ''}</h2>
if (!firstLine) { Overview:
process.stdout.write(','); <pre>
} else { ${advisory.overview || ''}
firstLine = false; </pre>
}
process.stdout.write(JSON.stringify({ References:
engineId: 'yarn-audit', <pre>
${advisory.references || ''}
</pre>
`,
cleanCodeAttribute: "TRUSTWORTHY",
engineId: "pnpm-audit",
impacts: [{
softwareQuality: "SECURITY",
severity: severities[advisory.severity],
}]
})
issues.push({
ruleId: resolution.id.toString(), ruleId: resolution.id.toString(),
severity: severities[advisory.severity] || 'INFO',
type: 'VULNERABILITY',
efforMinutes: 0, efforMinutes: 0,
primaryLocation: { primaryLocation: {
'message': advisory.overview, 'message': advisory.title,
'filePath': 'yarn.lock', 'filePath': 'yarn.lock',
'textRange': yarnLockRange(yarnLock, advisory.module_name, mainVersion), 'textRange': yarnLockRange(yarnLock, advisory.module_name, mainVersion),
}, },
secondaryLocations: otherVersions.map((version) => { secondaryLocations: otherVersions.map((version) => {
return { return {
'message': advisory.overview, 'message': advisory.title,
'filePath': 'yarn.lock', 'filePath': 'yarn.lock',
'textRange': yarnLockRange(yarnLock, advisory.module_name, version), 'textRange': yarnLockRange(yarnLock, advisory.module_name, version),
}; };
}), }),
})); });
stats[advisory.severity] = (stats[advisory.severity] || 0) + 1; stats[advisory.severity] = (stats[advisory.severity] || 0) + 1;
} }
process.stdout.write('{"issues":[');
process process
.stdin .stdin
.pipe(split()) .pipe(split())
.on('data', processRow) .on('data', processRow)
.on('end', () => { .on('end', () => {
process.stdout.write(']}\n'); console.log(JSON.stringify({rules, issues}))
const out = []; const out = [];
let total = 0; let total = 0;
for(const [k,v] of Object.entries(stats)) { for(const [k,v] of Object.entries(stats)) {