Compare commits
No commits in common. "main" and "v1.0.0" have entirely different histories.
55
index.js
55
index.js
@ -43,17 +43,16 @@ function yarnLockRange(yarnLock, moduleName, version) {
|
||||
const yarnLock = parseYarnLock();
|
||||
|
||||
const severities = {
|
||||
info: 'LOW',
|
||||
low: 'LOW',
|
||||
moderate: 'MEDIUM',
|
||||
high: 'MEDIUM',
|
||||
critical: 'HIGH',
|
||||
info: 'INFO',
|
||||
low: 'MINOR',
|
||||
moderate: 'MINOR',
|
||||
high: 'CRITICAL',
|
||||
critical: 'BLOCKER',
|
||||
};
|
||||
|
||||
const resolvedIds = new Set();
|
||||
const stats = {};
|
||||
const rules = []
|
||||
const issues = []
|
||||
let firstLine = true;
|
||||
|
||||
function processRow(row) {
|
||||
if (!row) return;
|
||||
@ -61,57 +60,43 @@ function processRow(row) {
|
||||
if (type !== 'auditAdvisory') return;
|
||||
const {advisory, resolution} = data;
|
||||
if (resolvedIds.has(resolution.id)) return;
|
||||
resolvedIds.add(resolution.id);
|
||||
|
||||
const [mainVersion, ...otherVersions] = new Set(advisory.findings.map((f) => f.version));
|
||||
rules.push({
|
||||
id: resolution.id.toString(),
|
||||
name: advisory.github_advisory_id || advisory.npm_advisory_id || `rule_${resolution.id.toString()}`,
|
||||
description: `<h1>${advisory.module_name} ${advisory.vulnerable_versions}</h1>
|
||||
<h2>${advisory.title || ''}</h2>
|
||||
|
||||
Overview:
|
||||
<pre>
|
||||
${advisory.overview || ''}
|
||||
</pre>
|
||||
|
||||
References:
|
||||
<pre>
|
||||
${advisory.references || ''}
|
||||
</pre>
|
||||
`,
|
||||
cleanCodeAttribute: "TRUSTWORTHY",
|
||||
engineId: "yarn-audit",
|
||||
impacts: [{
|
||||
softwareQuality: "SECURITY",
|
||||
severity: severities[advisory.severity],
|
||||
}]
|
||||
})
|
||||
issues.push({
|
||||
if (!firstLine) {
|
||||
process.stdout.write(',');
|
||||
} else {
|
||||
firstLine = false;
|
||||
}
|
||||
process.stdout.write(JSON.stringify({
|
||||
engineId: 'yarn-audit',
|
||||
ruleId: resolution.id.toString(),
|
||||
severity: severities[advisory.severity] || 'INFO',
|
||||
type: 'VULNERABILITY',
|
||||
efforMinutes: 0,
|
||||
primaryLocation: {
|
||||
'message': advisory.title,
|
||||
'message': advisory.overview,
|
||||
'filePath': 'yarn.lock',
|
||||
'textRange': yarnLockRange(yarnLock, advisory.module_name, mainVersion),
|
||||
},
|
||||
secondaryLocations: otherVersions.map((version) => {
|
||||
return {
|
||||
'message': advisory.title,
|
||||
'message': advisory.overview,
|
||||
'filePath': 'yarn.lock',
|
||||
'textRange': yarnLockRange(yarnLock, advisory.module_name, version),
|
||||
};
|
||||
}),
|
||||
});
|
||||
}));
|
||||
stats[advisory.severity] = (stats[advisory.severity] || 0) + 1;
|
||||
}
|
||||
|
||||
process.stdout.write('{"issues":[');
|
||||
process
|
||||
.stdin
|
||||
.pipe(split())
|
||||
.on('data', processRow)
|
||||
.on('end', () => {
|
||||
console.log(JSON.stringify({rules, issues}))
|
||||
process.stdout.write(']}\n');
|
||||
const out = [];
|
||||
let total = 0;
|
||||
for(const [k,v] of Object.entries(stats)) {
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "yarn-audit-sonar",
|
||||
"version": "1.1.1",
|
||||
"version": "1.0.0",
|
||||
"description": "Convert YARN audit to Sonar compatible format",
|
||||
"main": "index.js",
|
||||
"scripts": {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user