@mongodb-js/sbom-tools 0.2.0 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands/generate-third-party-notices.d.ts.map +1 -1
- package/dist/commands/generate-third-party-notices.js +1 -0
- package/dist/commands/generate-third-party-notices.js.map +1 -1
- package/dist/commands/generate-vulnerability-report.d.ts +3 -2
- package/dist/commands/generate-vulnerability-report.d.ts.map +1 -1
- package/dist/commands/generate-vulnerability-report.js +5 -10
- package/dist/commands/generate-vulnerability-report.js.map +1 -1
- package/dist/commands/scan-node-js.d.ts.map +1 -1
- package/dist/commands/scan-node-js.js +28 -23
- package/dist/commands/scan-node-js.js.map +1 -1
- package/dist/commands/severity.d.ts +7 -0
- package/dist/commands/severity.d.ts.map +1 -0
- package/dist/commands/severity.js +31 -0
- package/dist/commands/severity.js.map +1 -0
- package/dist/webpack-dependencies-plugin.d.ts +3 -0
- package/dist/webpack-dependencies-plugin.d.ts.map +1 -1
- package/dist/webpack-dependencies-plugin.js +6 -1
- package/dist/webpack-dependencies-plugin.js.map +1 -1
- package/package.json +3 -2
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generate-third-party-notices.d.ts","sourceRoot":"","sources":["../../src/commands/generate-third-party-notices.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"generate-third-party-notices.d.ts","sourceRoot":"","sources":["../../src/commands/generate-third-party-notices.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AA6LnD,wBAAgB,uBAAuB,CACrC,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,OAAO,EAAE,GAClB,MAAM,CAuDR;AAyCD,wBAAsB,uBAAuB,CAAC,EAC5C,WAAW,EACX,eAAe,EACf,UAAU,GACX,EAAE;IACD,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,GAAG,OAAO,CAAC,IAAI,CAAC,CAQhB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generate-third-party-notices.js","sourceRoot":"","sources":["../../src/commands/generate-third-party-notices.ts"],"names":[],"mappings":";;;;;;AAAA,oDAA4B;AAC5B,oEAA2C;AAC3C,sDAA6B;AAC7B,2BAAoC;AAGpC,oEAA+D;AAC/D,8DAAqC;AAsBrC,MAAM,gBAAgB,GAAG;IACvB,KAAK;IACL,cAAc;IACd,cAAc;IACd,cAAc;IACd,YAAY;IACZ,KAAK;IACL,WAAW;IACX,OAAO;IACP,SAAS;IACT,WAAW;CACZ,CAAC;AAEF,SAAS,cAAc,CACrB,eAAyB,EACzB,eAAgC;IAEhC,MAAM,aAAa,GAAG,IAAI,GAAG,EAAE,CAAC;IAChC,MAAM,oBAAoB,GAAG,CAC3B,YAA6C,EAC7C,EAAE;QACF,KAAK,MAAM,WAAW,IAAI,YAAY,EAAE;YACtC,MAAM,WAAW,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;YAC9C,aAAa,CAAC,GAAG,CAAC,GAAG,WAAW,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC,CAAC;YAE3D,IAAI,WAAW,CAAC,YAAY,EAAE;gBAC5B,oBAAoB,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;aAChD;SACF;IACH,CAAC,CAAC;IAEF,oBAAoB,CAAC,eAAe,CAAC,YAAY,CAAC,CAAC;IAEnD,KAAK,MAAM,WAAW,IAAI,eAAe,EAAE;QACzC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE;YACnC,MAAM,IAAI,KAAK,CACb,gBAAgB,WAAW,+FAA+F,CAC3H,CAAC;SACH;KACF;AACH,CAAC;AAED,KAAK,UAAU,eAAe;IAG5B,MAAM,mBAAmB,GAAG,MAAM,IAAA,iBAAM,EAAC,mBAAmB,CAAC,CAAC;IAE9D,IAAI,mBAAmB,EAAE;QACvB,MAAM,WAAW,GAAoB,IAAI,CAAC,KAAK,CAC7C,MAAM,aAAE,CAAC,QAAQ,CAAC,mBAAmB,EAAE,OAAO,CAAC,CAChD,CAAC;QAEF,IAAI,WAAW,CAAC,eAAe,KAAK,CAAC,EAAE;YACrC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;SAC7D;QAED,OAAO,EAAE,IAAI,EAAE,mBAAmB,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC;KAC5D;AACH,CAAC;AAGD,SAAS,EAAE,CAAC,GAAY;IACtB,OAAO,gBAAM;SACV,UAAU,CAAC,QAAQ,CAAC;SACpB,MAAM,CAAC,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;SACpC,MAAM,CAAC,KAAK,CAAC,CAAC;AACnB,CAAC;AAED,SAAS,wBAAwB,CAAC,OAAkC;IAClE,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;QAC/B,OAAO,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC;KAC3B;IAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;QAC/B,OAAO,OAAO,CAAC;KAChB;IAED,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,WAAW,CAAC,GAAY;;IAC/B,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAA,GAAG,CAAC,QAAQ,mCAAI,EAAE,CAAC;SACtD,MAAM,CAAC,OAAO,CAAC;SACf,GAAG,CAAC,wBAAwB,CAAC,CAAC;AACnC,CAAC;AAGD,SAAS,WAAW,CAAC,GAAY;IAC/B,MAAM,QAAQ,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAElC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE;QACpB,OAAO,EAAE,CAAC;KACX;IAED,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QACzB,OAAO,QAAQ,CAAC,CAAC,CAAC,CAAC;KACpB;IAED,OAAO,GAAG,GAAG,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC;AAC3D,CAAC;AAED,SAAS,MAAM,CAAC,KAAa,EAAE,KAAa;IAC1C,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;AACjD,CAAC;AAED,SAAS,eAAe,CAAC,GAAY;IACnC,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,EAAE;QAC9C,MAAM,IAAI,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAC9B,IAAI;YACF,OAAO,IAAA,wBAAa,EAAC,cAAc,EAAE,IAAI,CAAC,CAAC;SAC5C;QAAC,OAAO,KAAK,EAAE;YACd,OAAO,cAAc,KAAK,IAAI,CAAC;SAChC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,mBAAmB,CAAC,WAAwC;;IACnE,IAAI,CAAC,CAAA,MAAA,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,QAAQ,0CAAG,EAAE,EAAE,UAAU,0CAAE,MAAM,CAAA,EAAE;QACnD,OAAO,EAAE,CAAC;KACX;IAED,MAAM,MAAM,GAAG,qBAAU,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,OAAO,EAAE,YAAY,CAAC,EAAE;QAC7D,QAAQ,EAAE,OAAO;KAClB,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC,KAAK,EAAE;QAChB,OAAO,CAAC,KAAK,CAAC,0BAA0B,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;QACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC3C,OAAO,QAAQ,CAAC,GAAG,CACjB,CAAC,GAAsC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CACzE,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,UAAkB;;IAC1C,MAAM,WAAW,GAAG,MAAM,eAAe,EAAE,CAAC;IAC5C,MAAM,gBAAgB,GAAG,mBAAmB,CAAC,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,OAAO,CAAC,CAAC;IAEnE,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,aAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAE1E,IAAI,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,OAAO,EAAE;QACxB,cAAc,CACZ;YACE,GAAG,CAAC,MAAA,cAAc,CAAC,eAAe,mCAAI,EAAE,CAAC;YACzC,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,cAAc,CAAC,gBAAgB,mCAAI,EAAE,CAAC;SACtD,EACD,WAAW,CAAC,OAAO,CACpB,CAAC;KACH;IAED,OAAO,OAAO,CAAC,OAAO,CAAC;QACrB,WAAW,EAAE,CAAC,GAAG,CAAC,MAAA,cAAc,CAAC,WAAW,mCAAI,EAAE,CAAC,CAAC;QACpD,eAAe,EAAE;YACf,GAAG,CAAC,MAAA,cAAc,CAAC,eAAe,mCAAI,EAAE,CAAC;YACzC,GAAG,CAAC,gBAAgB,aAAhB,gBAAgB,cAAhB,gBAAgB,GAAI,EAAE,CAAC;SAC5B;QACD,gBAAgB,EAAE,EAAE,GAAG,CAAC,MAAA,cAAc,CAAC,gBAAgB,mCAAI,EAAE,CAAC,EAAE;KACjE,CAAC,CAAC;AACL,CAAC;AAID,SAAgB,uBAAuB,CACrC,WAAmB,EACnB,QAAmB;;IAEnB,IAAI,MAAM,GAAG;kEACmD,WAAW;+CAC9B,IAAI,IAAI,EAAE,CAAC,YAAY,EAAE;;;;;;EAMtE,QAAQ;SACP,GAAG,CACF,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,GAAG,CAAC,IAAI,MAAM,EAAE,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,OAAO,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE,CAC7E;SACA,IAAI,CAAC,IAAI,CAAC;;;CAGZ,CAAC;IAEA,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE;QAC1B,MAAM,IAAI,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,iBAAiB,GAAG,GAAG,CAAC,OAAO;YACnC,CAAC,CAAC,GAAG,CAAC,IAAI;YACV,CAAC,CAAC,IAAI,GAAG,CAAC,IAAI,mCAAmC,GAAG,CAAC,IAAI,GAAG,CAAC;QAC/D,MAAM,IAAI;SACL,EAAE,CAAC,GAAG,CAAC;MACV,iBAAiB,aAAa,GAAG,CAAC,OAAO;CAC9C,CAAC;QACE,IAAI,GAAG,CAAC,WAAW,EAAE;YACnB,MAAM,IAAI,KAAK,GAAG,CAAC,WAAW,MAAM,CAAC;SACtC;QAED,MAAM,IAAI,iBAAiB,IAAI,MAAM,CAAC;QAEtC,IAAI,MAAA,GAAG,CAAC,YAAY,0CAAE,MAAM,EAAE;YAC5B,MAAM,IAAI,kBAAkB,CAAC;YAC7B,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,YAAY,EAAE;gBACnC,MAAM,IAAI,KAAK,IAAI,CAAC,QAAQ,QAAQ,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC;aACnE;SACF;QAED,IAAI,MAAA,GAAG,CAAC,YAAY,0CAAE,MAAM,EAAE;YAC5B,MAAM,IAAI,YAAY,CAAC;YACvB,KAAK,MAAM,MAAM,IAAI,GAAG,CAAC,YAAY,EAAE;gBACrC,MAAM,IAAI,GACR,OAAO,MAAM,KAAK,QAAQ;oBACxB,CAAC,CAAC,MAAM;oBACR,CAAC,CAAC,MAAM,CAAC,IAAI;wBACX,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,MAAM,CAAC,KAAK,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC;wBACpD,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAC7C,MAAM,IAAI,KAAK,IAAI,IAAI,CAAC;aACzB;YACD,MAAM,IAAI,IAAI,CAAC;SAChB;KACF;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AA1DD,0DA0DC;AAED,SAAS,gBAAgB,CAAC,QAAmB;IAC3C,MAAM,eAAe,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC;IAExE,IAAI,eAAe,CAAC,MAAM,EAAE;QAC1B,OAAO,CAAC,KAAK,CACX,4BAA4B,eAAe,CAAC,MAAM,oBAAoB,CACvE,CAAC;QAEF,KAAK,MAAM,GAAG,IAAI,eAAe,EAAE;YACjC,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,GAAG,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;SAChE;QAED,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;AACH,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,eAAyB,EACzB,MAAc;IAEd,OAAO,CAAC,MAAM,IAAA,2CAAmB,EAAU,eAAe,CAAC,CAAC;SACzD,MAAM,CACL,CAAC,GAAG,EAAE,EAAE,CACN,CAAC,CAAC,MAAM,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CACvC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,GAAG,GAAG,CAAC,CAC/B,CACJ;SACA,MAAM,CACL,CAAC,GAAG,EAAE,EAAE,CACN,CAAC,CAAC,MAAM,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC,CACzE;SACA,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;;QAAC,OAAA,CAAC;YACb,GAAG,GAAG;YACN,OAAO,EACL,MAAA,CAAC,MAAM,CAAC,gBAAgB,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC,mCAC7D,GAAG,CAAC,OAAO;SACd,CAAC,CAAA;KAAA,CAAC,CAAC;AACR,CAAC;AAEM,KAAK,UAAU,uBAAuB,CAAC,EAC5C,WAAW,EACX,eAAe,EACf,UAAU,GAKX;IACC,MAAM,MAAM,GAAW,MAAM,UAAU,CAAC,UAAU,aAAV,UAAU,cAAV,UAAU,GAAI,eAAe,CAAC,CAAC;IACvE,MAAM,QAAQ,GAAc,MAAM,YAAY,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAExE,gBAAgB,CAAC,QAAQ,CAAC,CAAC;IAE3B,MAAM,QAAQ,GAAG,uBAAuB,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAChE,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACzB,CAAC;AAhBD,0DAgBC"}
|
|
1
|
+
{"version":3,"file":"generate-third-party-notices.js","sourceRoot":"","sources":["../../src/commands/generate-third-party-notices.ts"],"names":[],"mappings":";;;;;;AAAA,oDAA4B;AAC5B,oEAA2C;AAC3C,sDAA6B;AAC7B,2BAAoC;AAGpC,oEAA+D;AAC/D,8DAAqC;AAsBrC,MAAM,gBAAgB,GAAG;IACvB,KAAK;IACL,MAAM;IACN,cAAc;IACd,cAAc;IACd,cAAc;IACd,YAAY;IACZ,KAAK;IACL,WAAW;IACX,OAAO;IACP,SAAS;IACT,WAAW;CACZ,CAAC;AAEF,SAAS,cAAc,CACrB,eAAyB,EACzB,eAAgC;IAEhC,MAAM,aAAa,GAAG,IAAI,GAAG,EAAE,CAAC;IAChC,MAAM,oBAAoB,GAAG,CAC3B,YAA6C,EAC7C,EAAE;QACF,KAAK,MAAM,WAAW,IAAI,YAAY,EAAE;YACtC,MAAM,WAAW,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;YAC9C,aAAa,CAAC,GAAG,CAAC,GAAG,WAAW,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC,CAAC;YAE3D,IAAI,WAAW,CAAC,YAAY,EAAE;gBAC5B,oBAAoB,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;aAChD;SACF;IACH,CAAC,CAAC;IAEF,oBAAoB,CAAC,eAAe,CAAC,YAAY,CAAC,CAAC;IAEnD,KAAK,MAAM,WAAW,IAAI,eAAe,EAAE;QACzC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE;YACnC,MAAM,IAAI,KAAK,CACb,gBAAgB,WAAW,+FAA+F,CAC3H,CAAC;SACH;KACF;AACH,CAAC;AAED,KAAK,UAAU,eAAe;IAG5B,MAAM,mBAAmB,GAAG,MAAM,IAAA,iBAAM,EAAC,mBAAmB,CAAC,CAAC;IAE9D,IAAI,mBAAmB,EAAE;QACvB,MAAM,WAAW,GAAoB,IAAI,CAAC,KAAK,CAC7C,MAAM,aAAE,CAAC,QAAQ,CAAC,mBAAmB,EAAE,OAAO,CAAC,CAChD,CAAC;QAEF,IAAI,WAAW,CAAC,eAAe,KAAK,CAAC,EAAE;YACrC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;SAC7D;QAED,OAAO,EAAE,IAAI,EAAE,mBAAmB,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC;KAC5D;AACH,CAAC;AAGD,SAAS,EAAE,CAAC,GAAY;IACtB,OAAO,gBAAM;SACV,UAAU,CAAC,QAAQ,CAAC;SACpB,MAAM,CAAC,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;SACpC,MAAM,CAAC,KAAK,CAAC,CAAC;AACnB,CAAC;AAED,SAAS,wBAAwB,CAAC,OAAkC;IAClE,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;QAC/B,OAAO,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC;KAC3B;IAED,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;QAC/B,OAAO,OAAO,CAAC;KAChB;IAED,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,WAAW,CAAC,GAAY;;IAC/B,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAA,GAAG,CAAC,QAAQ,mCAAI,EAAE,CAAC;SACtD,MAAM,CAAC,OAAO,CAAC;SACf,GAAG,CAAC,wBAAwB,CAAC,CAAC;AACnC,CAAC;AAGD,SAAS,WAAW,CAAC,GAAY;IAC/B,MAAM,QAAQ,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAElC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE;QACpB,OAAO,EAAE,CAAC;KACX;IAED,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QACzB,OAAO,QAAQ,CAAC,CAAC,CAAC,CAAC;KACpB;IAED,OAAO,GAAG,GAAG,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC;AAC3D,CAAC;AAED,SAAS,MAAM,CAAC,KAAa,EAAE,KAAa;IAC1C,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;AACjD,CAAC;AAED,SAAS,eAAe,CAAC,GAAY;IACnC,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,EAAE;QAC9C,MAAM,IAAI,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAC9B,IAAI;YACF,OAAO,IAAA,wBAAa,EAAC,cAAc,EAAE,IAAI,CAAC,CAAC;SAC5C;QAAC,OAAO,KAAK,EAAE;YACd,OAAO,cAAc,KAAK,IAAI,CAAC;SAChC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,mBAAmB,CAAC,WAAwC;;IACnE,IAAI,CAAC,CAAA,MAAA,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,QAAQ,0CAAG,EAAE,EAAE,UAAU,0CAAE,MAAM,CAAA,EAAE;QACnD,OAAO,EAAE,CAAC;KACX;IAED,MAAM,MAAM,GAAG,qBAAU,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,OAAO,EAAE,YAAY,CAAC,EAAE;QAC7D,QAAQ,EAAE,OAAO;KAClB,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC,KAAK,EAAE;QAChB,OAAO,CAAC,KAAK,CAAC,0BAA0B,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;QACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC3C,OAAO,QAAQ,CAAC,GAAG,CACjB,CAAC,GAAsC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CACzE,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,UAAkB;;IAC1C,MAAM,WAAW,GAAG,MAAM,eAAe,EAAE,CAAC;IAC5C,MAAM,gBAAgB,GAAG,mBAAmB,CAAC,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,OAAO,CAAC,CAAC;IAEnE,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,aAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAE1E,IAAI,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,OAAO,EAAE;QACxB,cAAc,CACZ;YACE,GAAG,CAAC,MAAA,cAAc,CAAC,eAAe,mCAAI,EAAE,CAAC;YACzC,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,cAAc,CAAC,gBAAgB,mCAAI,EAAE,CAAC;SACtD,EACD,WAAW,CAAC,OAAO,CACpB,CAAC;KACH;IAED,OAAO,OAAO,CAAC,OAAO,CAAC;QACrB,WAAW,EAAE,CAAC,GAAG,CAAC,MAAA,cAAc,CAAC,WAAW,mCAAI,EAAE,CAAC,CAAC;QACpD,eAAe,EAAE;YACf,GAAG,CAAC,MAAA,cAAc,CAAC,eAAe,mCAAI,EAAE,CAAC;YACzC,GAAG,CAAC,gBAAgB,aAAhB,gBAAgB,cAAhB,gBAAgB,GAAI,EAAE,CAAC;SAC5B;QACD,gBAAgB,EAAE,EAAE,GAAG,CAAC,MAAA,cAAc,CAAC,gBAAgB,mCAAI,EAAE,CAAC,EAAE;KACjE,CAAC,CAAC;AACL,CAAC;AAID,SAAgB,uBAAuB,CACrC,WAAmB,EACnB,QAAmB;;IAEnB,IAAI,MAAM,GAAG;kEACmD,WAAW;+CAC9B,IAAI,IAAI,EAAE,CAAC,YAAY,EAAE;;;;;;EAMtE,QAAQ;SACP,GAAG,CACF,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,GAAG,CAAC,IAAI,MAAM,EAAE,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,OAAO,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE,CAC7E;SACA,IAAI,CAAC,IAAI,CAAC;;;CAGZ,CAAC;IAEA,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE;QAC1B,MAAM,IAAI,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,iBAAiB,GAAG,GAAG,CAAC,OAAO;YACnC,CAAC,CAAC,GAAG,CAAC,IAAI;YACV,CAAC,CAAC,IAAI,GAAG,CAAC,IAAI,mCAAmC,GAAG,CAAC,IAAI,GAAG,CAAC;QAC/D,MAAM,IAAI;SACL,EAAE,CAAC,GAAG,CAAC;MACV,iBAAiB,aAAa,GAAG,CAAC,OAAO;CAC9C,CAAC;QACE,IAAI,GAAG,CAAC,WAAW,EAAE;YACnB,MAAM,IAAI,KAAK,GAAG,CAAC,WAAW,MAAM,CAAC;SACtC;QAED,MAAM,IAAI,iBAAiB,IAAI,MAAM,CAAC;QAEtC,IAAI,MAAA,GAAG,CAAC,YAAY,0CAAE,MAAM,EAAE;YAC5B,MAAM,IAAI,kBAAkB,CAAC;YAC7B,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,YAAY,EAAE;gBACnC,MAAM,IAAI,KAAK,IAAI,CAAC,QAAQ,QAAQ,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC;aACnE;SACF;QAED,IAAI,MAAA,GAAG,CAAC,YAAY,0CAAE,MAAM,EAAE;YAC5B,MAAM,IAAI,YAAY,CAAC;YACvB,KAAK,MAAM,MAAM,IAAI,GAAG,CAAC,YAAY,EAAE;gBACrC,MAAM,IAAI,GACR,OAAO,MAAM,KAAK,QAAQ;oBACxB,CAAC,CAAC,MAAM;oBACR,CAAC,CAAC,MAAM,CAAC,IAAI;wBACX,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,MAAM,CAAC,KAAK,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC;wBACpD,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAC7C,MAAM,IAAI,KAAK,IAAI,IAAI,CAAC;aACzB;YACD,MAAM,IAAI,IAAI,CAAC;SAChB;KACF;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AA1DD,0DA0DC;AAED,SAAS,gBAAgB,CAAC,QAAmB;IAC3C,MAAM,eAAe,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC;IAExE,IAAI,eAAe,CAAC,MAAM,EAAE;QAC1B,OAAO,CAAC,KAAK,CACX,4BAA4B,eAAe,CAAC,MAAM,oBAAoB,CACvE,CAAC;QAEF,KAAK,MAAM,GAAG,IAAI,eAAe,EAAE;YACjC,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,GAAG,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;SAChE;QAED,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;AACH,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,eAAyB,EACzB,MAAc;IAEd,OAAO,CAAC,MAAM,IAAA,2CAAmB,EAAU,eAAe,CAAC,CAAC;SACzD,MAAM,CACL,CAAC,GAAG,EAAE,EAAE,CACN,CAAC,CAAC,MAAM,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CACvC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,GAAG,GAAG,CAAC,CAC/B,CACJ;SACA,MAAM,CACL,CAAC,GAAG,EAAE,EAAE,CACN,CAAC,CAAC,MAAM,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC,CACzE;SACA,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;;QAAC,OAAA,CAAC;YACb,GAAG,GAAG;YACN,OAAO,EACL,MAAA,CAAC,MAAM,CAAC,gBAAgB,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC,mCAC7D,GAAG,CAAC,OAAO;SACd,CAAC,CAAA;KAAA,CAAC,CAAC;AACR,CAAC;AAEM,KAAK,UAAU,uBAAuB,CAAC,EAC5C,WAAW,EACX,eAAe,EACf,UAAU,GAKX;IACC,MAAM,MAAM,GAAW,MAAM,UAAU,CAAC,UAAU,aAAV,UAAU,cAAV,UAAU,GAAI,eAAe,CAAC,CAAC;IACvE,MAAM,QAAQ,GAAc,MAAM,YAAY,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAExE,gBAAgB,CAAC,QAAQ,CAAC,CAAC;IAE3B,MAAM,QAAQ,GAAG,uBAAuB,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAChE,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACzB,CAAC;AAhBD,0DAgBC"}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import type { KnownSeverity } from './severity';
|
|
1
2
|
export declare function loadReports(files: string[]): Promise<SnykTestProjectResult[]>;
|
|
2
3
|
declare type SnykTestProjectResult = {
|
|
3
4
|
vulnerabilities: SnykVulnerability[];
|
|
@@ -8,7 +9,7 @@ declare type SnykVulnerability = {
|
|
|
8
9
|
name: string;
|
|
9
10
|
version: string;
|
|
10
11
|
cvssScore: number;
|
|
11
|
-
severity:
|
|
12
|
+
severity: KnownSeverity;
|
|
12
13
|
id: string;
|
|
13
14
|
url: string;
|
|
14
15
|
title: string;
|
|
@@ -17,7 +18,7 @@ declare type SnykVulnerability = {
|
|
|
17
18
|
export declare function generateVulnerabilityReport(options: {
|
|
18
19
|
dependencyFiles: string[];
|
|
19
20
|
snykReports: string[];
|
|
20
|
-
failOn:
|
|
21
|
+
failOn: KnownSeverity;
|
|
21
22
|
}): Promise<void>;
|
|
22
23
|
export {};
|
|
23
24
|
//# sourceMappingURL=generate-vulnerability-report.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generate-vulnerability-report.d.ts","sourceRoot":"","sources":["../../src/commands/generate-vulnerability-report.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"generate-vulnerability-report.d.ts","sourceRoot":"","sources":["../../src/commands/generate-vulnerability-report.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAGhD,wBAAsB,WAAW,CAC/B,KAAK,EAAE,MAAM,EAAE,GACd,OAAO,CAAC,qBAAqB,EAAE,CAAC,CAUlC;AAED,aAAK,qBAAqB,GAAG;IAC3B,eAAe,EAAE,iBAAiB,EAAE,CAAC;CACtC,CAAC;AAEF,aAAK,iBAAiB,GAAG;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,aAAa,CAAC;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,EAAE,CAAC;CACnB,CAAC;AAoHF,wBAAsB,2BAA2B,CAAC,OAAO,EAAE;IACzD,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,MAAM,EAAE,aAAa,CAAC;CACvB,GAAG,OAAO,CAAC,IAAI,CAAC,CAiBhB"}
|
|
@@ -9,6 +9,7 @@ const snykPolicy = require('snyk-policy');
|
|
|
9
9
|
const lodash_1 = __importDefault(require("lodash"));
|
|
10
10
|
const chalk_1 = __importDefault(require("chalk"));
|
|
11
11
|
const load_dependency_files_1 = require("../load-dependency-files");
|
|
12
|
+
const severity_1 = require("./severity");
|
|
12
13
|
async function loadReports(files) {
|
|
13
14
|
return (await Promise.all(files.map(async (fileName) => JSON.parse(await fs_1.promises.readFile(fileName, 'utf-8'))))).flat();
|
|
14
15
|
}
|
|
@@ -69,19 +70,13 @@ function printTable(title, vulnerabilities) {
|
|
|
69
70
|
console.info(`| ${vuln.name} | ${vuln.id} | ${severity} | ${vuln.fixedIn} | ${ignored} |`);
|
|
70
71
|
}
|
|
71
72
|
}
|
|
72
|
-
const SEVERITY_TO_SCORE = {
|
|
73
|
-
low: 0,
|
|
74
|
-
medium: 4,
|
|
75
|
-
high: 7,
|
|
76
|
-
critical: 9,
|
|
77
|
-
};
|
|
78
73
|
function fail(failOn, bundleVulnerabilities) {
|
|
79
|
-
var _a;
|
|
80
|
-
const minScore =
|
|
74
|
+
var _a, _b;
|
|
75
|
+
const minScore = (_a = (0, severity_1.severityToScore)(failOn)) !== null && _a !== void 0 ? _a : 0;
|
|
81
76
|
for (const vuln of bundleVulnerabilities) {
|
|
82
|
-
if (vuln.score >= minScore &&
|
|
77
|
+
if ((vuln.score === undefined || vuln.score >= minScore) &&
|
|
83
78
|
vuln.fixedIn &&
|
|
84
|
-
((
|
|
79
|
+
((_b = vuln.policy) === null || _b === void 0 ? void 0 : _b.type) !== 'ignore') {
|
|
85
80
|
console.error(chalk_1.default.red(`Vulnerabilities check failed: found vulnerabilies >= "${failOn}"`));
|
|
86
81
|
process.exit(1);
|
|
87
82
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generate-vulnerability-report.js","sourceRoot":"","sources":["../../src/commands/generate-vulnerability-report.ts"],"names":[],"mappings":";;;;;;AAAA,2BAAoC;AAGpC,MAAM,UAAU,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;AAC1C,oDAAuB;AACvB,kDAA0B;AAE1B,oEAA+D;
|
|
1
|
+
{"version":3,"file":"generate-vulnerability-report.js","sourceRoot":"","sources":["../../src/commands/generate-vulnerability-report.ts"],"names":[],"mappings":";;;;;;AAAA,2BAAoC;AAGpC,MAAM,UAAU,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;AAC1C,oDAAuB;AACvB,kDAA0B;AAE1B,oEAA+D;AAE/D,yCAA6C;AAEtC,KAAK,UAAU,WAAW,CAC/B,KAAe;IAIf,OAAO,CACL,MAAM,OAAO,CAAC,GAAG,CACf,KAAK,CAAC,GAAG,CAAC,KAAK,EAAE,QAAQ,EAAE,EAAE,CAC3B,IAAI,CAAC,KAAK,CAAC,MAAM,aAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CACjD,CACF,CACF,CAAC,IAAI,EAAE,CAAC;AACX,CAAC;AAZD,kCAYC;AAqCD,KAAK,UAAU,wBAAwB,CACrC,eAAwC,EACxC,YAA0B;IAE1B,MAAM,KAAK,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IACnD,MAAM,oBAAoB,GAAwB,EAAE,CAAC;IAErD,eAAe,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,EAAE;QACxC,aAAa,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;YAC7C,YAAY,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;gBAC3B,IACE,IAAI,CAAC,UAAU,KAAK,GAAG,CAAC,IAAI;oBAC5B,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC,EAChD;oBACA,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;iBACjC;YACH,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,MAAM,qBAAqB,GAAG,IAAI,GAAG,EAAE,CAAC;IAExC,oBAAoB,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;QACpC,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,EAAE,EAAE,CAAC;QACtD,MAAM,MAAM,GAAG,GAAG,CAAC;QAEnB,IAAI,qBAAqB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;YAClC,MAAM,YAAY,GAAG,qBAAqB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACpD,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE;gBAC1C,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;aACnC;SACF;aAAM;YACL,qBAAqB,CAAC,GAAG,CAAC,GAAG,EAAE;gBAC7B,IAAI,EAAE,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE;gBACpC,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,KAAK,EAAE,IAAI,CAAC,SAAS;gBACrB,QAAQ,EAAE,GAAG,IAAI,CAAC,QAAQ;qBACvB,MAAM,CAAC,CAAC,CAAC;qBACT,WAAW,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE;gBAC3C,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;gBAChC,OAAO,EAAE,CAAC,MAAM,CAAC;gBACjB,MAAM,EAAE,UAAU,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC;aAC1C,CAAC,CAAC;SACJ;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,qBAAqB,GAAG,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAC3E,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CACvC,CAAC;IAEF,OAAO,qBAAqB,CAAC;AAC/B,CAAC;AAED,SAAS,UAAU,CAAC,KAAa,EAAE,eAAgC;;IACjE,OAAO,CAAC,IAAI,CAAC,MAAM,KAAK,KAAK,eAAe,CAAC,MAAM,mBAAmB,CAAC,CAAC;IACxE,OAAO,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;IAC3E,OAAO,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;IAE3E,MAAM,WAAW,GAAG,gBAAC,CAAC,OAAO,CAC3B,eAAe,EACf,CAAC,OAAO,EAAE,MAAM,CAAC,EACjB,CAAC,MAAM,EAAE,KAAK,CAAC,CAChB,CAAC;IACF,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE;QAC9B,MAAM,QAAQ,GAAG,GAAG,IAAI,CAAC,KAAK,KAAK,IAAI,CAAC,QAAQ,GAAG,CAAC;QACpD,MAAM,OAAO,GACX,CAAA,MAAA,IAAI,CAAC,MAAM,0CAAE,IAAI,MAAK,QAAQ;YAC5B,CAAC,CAAC,MAAA,IAAI,CAAC,MAAM,0CAAE,MAAM;YACrB,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO;gBACf,CAAC,CAAC,+BAA+B;gBACjC,CAAC,CAAC,GAAG,CAAC;QAEV,OAAO,CAAC,IAAI,CACV,KAAK,IAAI,CAAC,IAAI,MAAM,IAAI,CAAC,EAAE,MAAM,QAAQ,MAAM,IAAI,CAAC,OAAO,MAAM,OAAO,IAAI,CAC7E,CAAC;KACH;AACH,CAAC;AAED,SAAS,IAAI,CAAC,MAAqB,EAAE,qBAAsC;;IACzE,MAAM,QAAQ,GAAG,MAAA,IAAA,0BAAe,EAAC,MAAM,CAAC,mCAAI,CAAC,CAAC;IAC9C,KAAK,MAAM,IAAI,IAAI,qBAAqB,EAAE;QACxC,IACE,CAAC,IAAI,CAAC,KAAK,KAAK,SAAS,IAAI,IAAI,CAAC,KAAK,IAAI,QAAQ,CAAC;YACpD,IAAI,CAAC,OAAO;YACZ,CAAA,MAAA,IAAI,CAAC,MAAM,0CAAE,IAAI,MAAK,QAAQ,EAC9B;YACA,OAAO,CAAC,KAAK,CACX,eAAK,CAAC,GAAG,CACP,yDAAyD,MAAM,GAAG,CACnE,CACF,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;SACjB;KACF;AACH,CAAC;AAEM,KAAK,UAAU,2BAA2B,CAAC,OAIjD;IACC,MAAM,sBAAsB,GAAG,MAAM,IAAA,2CAAmB,EACtD,OAAO,CAAC,eAAe,CACxB,CAAC;IAEF,MAAM,cAAc,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IAE9D,MAAM,qBAAqB,GAAG,MAAM,wBAAwB,CAC1D,cAAc,EACd,sBAAsB,CACvB,CAAC;IAEF,UAAU,CAAC,aAAa,EAAE,qBAAqB,CAAC,CAAC;IAEjD,IAAI,OAAO,CAAC,MAAM,EAAE;QAClB,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,qBAAqB,CAAC,CAAC;KAC7C;AACH,CAAC;AArBD,kEAqBC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scan-node-js.d.ts","sourceRoot":"","sources":["../../src/commands/scan-node-js.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"scan-node-js.d.ts","sourceRoot":"","sources":["../../src/commands/scan-node-js.ts"],"names":[],"mappings":"AAsJA,wBAAsB,UAAU,CAAC,EAAE,OAAO,EAAE,EAAE;IAAE,OAAO,EAAE,MAAM,CAAA;CAAE,iBAoBhE"}
|
|
@@ -7,28 +7,10 @@ exports.scanNodeJs = void 0;
|
|
|
7
7
|
const node_fetch_1 = __importDefault(require("node-fetch"));
|
|
8
8
|
const semver_1 = __importDefault(require("semver"));
|
|
9
9
|
const nv_1 = __importDefault(require("@pkgjs/nv"));
|
|
10
|
-
|
|
11
|
-
if (score >= 9) {
|
|
12
|
-
return 'critical';
|
|
13
|
-
}
|
|
14
|
-
if (score >= 7) {
|
|
15
|
-
return 'high';
|
|
16
|
-
}
|
|
17
|
-
if (score >= 4) {
|
|
18
|
-
return 'medium';
|
|
19
|
-
}
|
|
20
|
-
return 'low';
|
|
21
|
-
}
|
|
10
|
+
const severity_1 = require("./severity");
|
|
22
11
|
async function formatVuln(id, nodeVuln, nodeVersion) {
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
const cves = await Promise.all(nodeVuln.cve.map((cve) => (0, node_fetch_1.default)(`https://cve.circl.lu/api/cve/${cve}`).then((res) => res.json())));
|
|
26
|
-
const allCvss = cves.map((cve) => cve.cvss);
|
|
27
|
-
score = Math.max(...allCvss);
|
|
28
|
-
}
|
|
29
|
-
catch (e) {
|
|
30
|
-
console.error(e);
|
|
31
|
-
}
|
|
12
|
+
const score = await fetchScore(`NSWG-COR-${id}`, nodeVuln);
|
|
13
|
+
const severity = (0, severity_1.scoreToSeverity)(score);
|
|
32
14
|
return {
|
|
33
15
|
id: `NSWG-COR-${id}`,
|
|
34
16
|
title: `Node.js core vulnerability #${id}`,
|
|
@@ -45,7 +27,7 @@ async function formatVuln(id, nodeVuln, nodeVersion) {
|
|
|
45
27
|
triageAdvice: null,
|
|
46
28
|
},
|
|
47
29
|
language: 'js',
|
|
48
|
-
severity:
|
|
30
|
+
severity: severity,
|
|
49
31
|
cvssScore: score,
|
|
50
32
|
functions: [],
|
|
51
33
|
moduleName: '.node.js',
|
|
@@ -71,7 +53,7 @@ async function formatVuln(id, nodeVuln, nodeVersion) {
|
|
|
71
53
|
publicationTime: '-',
|
|
72
54
|
modificationTime: '-',
|
|
73
55
|
socialTrendAlert: false,
|
|
74
|
-
severityWithCritical:
|
|
56
|
+
severityWithCritical: severity,
|
|
75
57
|
from: [`.node.js@${nodeVersion}`],
|
|
76
58
|
upgradePath: [],
|
|
77
59
|
isUpgradable: true,
|
|
@@ -80,6 +62,29 @@ async function formatVuln(id, nodeVuln, nodeVersion) {
|
|
|
80
62
|
version: nodeVersion,
|
|
81
63
|
};
|
|
82
64
|
}
|
|
65
|
+
async function fetchScore(vulnId, nodeVuln) {
|
|
66
|
+
const cves = await Promise.all(nodeVuln.cve.map((cve) => (0, node_fetch_1.default)(`https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=${cve}`).then((res) => res.ok
|
|
67
|
+
? res.json()
|
|
68
|
+
: Promise.reject(`Fetch ${cve} failed! status: ${res.status}`)))).catch((e) => {
|
|
69
|
+
console.error(`Error fetching score for ${vulnId}: ${e.message}`);
|
|
70
|
+
return [];
|
|
71
|
+
});
|
|
72
|
+
const getBestCvssMetricScore = (cvssMetrics) => {
|
|
73
|
+
var _a, _b, _c, _d, _e;
|
|
74
|
+
return ((_c = (_b = (_a = cvssMetrics.find((m) => m.type === 'Primary')) === null || _a === void 0 ? void 0 : _a.cvssData) === null || _b === void 0 ? void 0 : _b.baseScore) !== null && _c !== void 0 ? _c : (_e = (_d = cvssMetrics.find((m) => m.type === 'Secondary')) === null || _d === void 0 ? void 0 : _d.cvssData) === null || _e === void 0 ? void 0 : _e.baseScore);
|
|
75
|
+
};
|
|
76
|
+
const allCvss = cves.map((cve) => {
|
|
77
|
+
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p;
|
|
78
|
+
return (_k = (_e = getBestCvssMetricScore((_d = (_c = (_b = (_a = cve === null || cve === void 0 ? void 0 : cve.vulnerabilities[0]) === null || _a === void 0 ? void 0 : _a.cve) === null || _b === void 0 ? void 0 : _b.metrics) === null || _c === void 0 ? void 0 : _c.cvssMetricV31) !== null && _d !== void 0 ? _d : [])) !== null && _e !== void 0 ? _e : getBestCvssMetricScore((_j = (_h = (_g = (_f = cve === null || cve === void 0 ? void 0 : cve.vulnerabilities[0]) === null || _f === void 0 ? void 0 : _f.cve) === null || _g === void 0 ? void 0 : _g.metrics) === null || _h === void 0 ? void 0 : _h.cvssMetricV30) !== null && _j !== void 0 ? _j : [])) !== null && _k !== void 0 ? _k : getBestCvssMetricScore((_p = (_o = (_m = (_l = cve === null || cve === void 0 ? void 0 : cve.vulnerabilities[0]) === null || _l === void 0 ? void 0 : _l.cve) === null || _m === void 0 ? void 0 : _m.metrics) === null || _o === void 0 ? void 0 : _o.cvssMetricV2) !== null && _p !== void 0 ? _p : []);
|
|
79
|
+
});
|
|
80
|
+
const knownCvss = [];
|
|
81
|
+
for (const cvss of allCvss) {
|
|
82
|
+
if (typeof cvss === 'number') {
|
|
83
|
+
knownCvss.push(cvss);
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
return knownCvss.length ? Math.max(...knownCvss) : undefined;
|
|
87
|
+
}
|
|
83
88
|
async function downloadCoreDb() {
|
|
84
89
|
const url = 'https://raw.githubusercontent.com/nodejs/security-wg/main/vuln/core/index.json';
|
|
85
90
|
const response = await (0, node_fetch_1.default)(url);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scan-node-js.js","sourceRoot":"","sources":["../../src/commands/scan-node-js.ts"],"names":[],"mappings":";;;;;;AAAA,4DAA+B;AAC/B,oDAA4B;AAC5B,mDAA2B;
|
|
1
|
+
{"version":3,"file":"scan-node-js.js","sourceRoot":"","sources":["../../src/commands/scan-node-js.ts"],"names":[],"mappings":";;;;;;AAAA,4DAA+B;AAC/B,oDAA4B;AAC5B,mDAA2B;AAC3B,yCAA6C;AAY7C,KAAK,UAAU,UAAU,CACvB,EAAU,EACV,QAAkB,EAClB,WAAmB;IAEnB,MAAM,KAAK,GAAG,MAAM,UAAU,CAAC,YAAY,EAAE,EAAE,EAAE,QAAQ,CAAC,CAAC;IAC3D,MAAM,QAAQ,GAAG,IAAA,0BAAe,EAAC,KAAK,CAAC,CAAC;IACxC,OAAO;QACL,EAAE,EAAE,YAAY,EAAE,EAAE;QACpB,KAAK,EAAE,+BAA+B,EAAE,EAAE;QAC1C,MAAM,EAAE,GAAG;QACX,MAAM,EAAE,CAAC,GAAG,CAAC;QACb,MAAM,EAAE;YACN,UAAU,EAAE,QAAQ,CAAC,UAAU;SAChC;QACD,OAAO,EAAE,GAAG;QACZ,OAAO,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC3B,OAAO,EAAE,EAAE;QACX,OAAO,EAAE,CAAC,QAAQ,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC;QAC/C,QAAQ,EAAE;YACR,YAAY,EAAE,IAAI;SACnB;QACD,QAAQ,EAAE,IAAI;QACd,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,KAAK;QAChB,SAAS,EAAE,EAAE;QACb,UAAU,EAAE,UAAU;QACtB,UAAU,EAAE;YACV;gBACE,GAAG,EAAE,QAAQ,CAAC,GAAG;gBACjB,KAAK,EAAE,KAAK;aACb;SACF;QACD,WAAW,EAAE,EAAE;QACf,WAAW,EAAE,QAAQ,CAAC,QAAQ;QAC9B,WAAW,EAAE,IAAI;QACjB,WAAW,EAAE;YACX,GAAG,EAAE,QAAQ,CAAC,GAAG;SAClB;QACD,WAAW,EAAE,UAAU;QACvB,WAAW,EAAE,IAAI;QACjB,YAAY,EAAE,GAAG;QACjB,aAAa,EAAE,EAAE;QACjB,cAAc,EAAE,EAAE;QAClB,cAAc,EAAE,GAAG;QACnB,cAAc,EAAE,KAAK;QACrB,eAAe,EAAE,GAAG;QACpB,gBAAgB,EAAE,GAAG;QACrB,gBAAgB,EAAE,KAAK;QACvB,oBAAoB,EAAE,QAAQ;QAC9B,IAAI,EAAE,CAAC,YAAY,WAAW,EAAE,CAAC;QACjC,WAAW,EAAE,EAAE;QACf,YAAY,EAAE,IAAI;QAClB,WAAW,EAAE,KAAK;QAClB,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,WAAW;KACrB,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,MAAc,EAAE,QAAkB;IAC1D,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,GAAG,CAC5B,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CACvB,IAAA,oBAAK,EACH,0DAA0D,GAAG,EAAE,CAChE,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CACb,GAAG,CAAC,EAAE;QACJ,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE;QACZ,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,GAAG,oBAAoB,GAAG,CAAC,MAAM,EAAE,CAAC,CACjE,CACF,CACF,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;QACZ,OAAO,CAAC,KAAK,CACX,4BAA4B,MAAM,KAAM,CAAW,CAAC,OAAO,EAAE,CAC9D,CAAC;QAEF,OAAO,EAAE,CAAC;IACZ,CAAC,CAAC,CAAC;IAEH,MAAM,sBAAsB,GAAG,CAC7B,WAGG,EACH,EAAE;;QACF,OAAO,CACL,MAAA,MAAA,MAAA,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,0CAAE,QAAQ,0CAAE,SAAS,mCAClE,MAAA,MAAA,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,WAAW,CAAC,0CAAE,QAAQ,0CAAE,SAAS,CACrE,CAAC;IACJ,CAAC,CAAC;IAEF,MAAM,OAAO,GAA2B,IAAI,CAAC,GAAG,CAC9C,CAAC,GAAG,EAAE,EAAE;;QACN,OAAA,MAAA,MAAA,sBAAsB,CACpB,MAAA,MAAA,MAAA,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,eAAe,CAAC,CAAC,CAAC,0CAAE,GAAG,0CAAE,OAAO,0CAAE,aAAa,mCAAI,EAAE,CAC3D,mCACD,sBAAsB,CACpB,MAAA,MAAA,MAAA,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,eAAe,CAAC,CAAC,CAAC,0CAAE,GAAG,0CAAE,OAAO,0CAAE,aAAa,mCAAI,EAAE,CAC3D,mCACD,sBAAsB,CACpB,MAAA,MAAA,MAAA,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,eAAe,CAAC,CAAC,CAAC,0CAAE,GAAG,0CAAE,OAAO,0CAAE,YAAY,mCAAI,EAAE,CAC1D,CAAA;KAAA,CACJ,CAAC;IAEF,MAAM,SAAS,GAAa,EAAE,CAAC;IAE/B,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE;QAC1B,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;YAC5B,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;SACtB;KACF;IAED,OAAO,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;AAC/D,CAAC;AAED,KAAK,UAAU,cAAc;IAC3B,MAAM,GAAG,GACP,gFAAgF,CAAC;IAEnF,MAAM,QAAQ,GAAG,MAAM,IAAA,oBAAK,EAAC,GAAG,CAAC,CAAC;IAElC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,oBAAoB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;KACxD;IAED,OAAO,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;AAC/B,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,OAAe;IACxC,MAAM,SAAS,GAAG,CAAC,MAAM,IAAA,YAAE,EAAC,WAAW,CAAC,CAAC;SACtC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,KAAK,IAAI,CAAC;SAC1B,IAAI,CAAC,MAAM,CAAC,CAAC;IAEhB,OAAO,gBAAM,CAAC,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;AAC9C,CAAC;AAEM,KAAK,UAAU,UAAU,CAAC,EAAE,OAAO,EAAuB;IAC/D,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC,EAAE;QACjC,MAAM,IAAI,KAAK,CAAC,mBAAmB,OAAO,4BAA4B,CAAC,CAAC;KACzE;IAED,MAAM,UAAU,GAAG,MAAM,cAAc,EAAE,CAAC;IAE1C,MAAM,UAAU,GAAG,EAAE,CAAC;IAEtB,KAAK,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE;QACnD,IACE,gBAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC;YAC1C,IAAI,CAAC,OAAO;YACZ,CAAC,gBAAM,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,EACxC;YACA,UAAU,CAAC,IAAI,CAAC,MAAM,UAAU,CAAC,EAAE,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC;SACtD;KACF;IAED,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,eAAe,EAAE,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AACxE,CAAC;AApBD,gCAoBC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
export declare type KnownSeverity = 'low' | 'medium' | 'high' | 'critical';
|
|
2
|
+
export declare type Severity = KnownSeverity | 'unknown';
|
|
3
|
+
declare type Score = number | undefined;
|
|
4
|
+
export declare function severityToScore(severity: Severity): Score;
|
|
5
|
+
export declare function scoreToSeverity(score: number | undefined): Severity;
|
|
6
|
+
export {};
|
|
7
|
+
//# sourceMappingURL=severity.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"severity.d.ts","sourceRoot":"","sources":["../../src/commands/severity.ts"],"names":[],"mappings":"AAAA,oBAAY,aAAa,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AACnE,oBAAY,QAAQ,GAAG,aAAa,GAAG,SAAS,CAAC;AAEjD,aAAK,KAAK,GAAG,MAAM,GAAG,SAAS,CAAC;AAUhC,wBAAgB,eAAe,CAAC,QAAQ,EAAE,QAAQ,GAAG,KAAK,CAEzD;AAED,wBAAgB,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,QAAQ,CAenE"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.scoreToSeverity = exports.severityToScore = void 0;
|
|
4
|
+
const SEVERITY_TO_SCORE = {
|
|
5
|
+
low: 0,
|
|
6
|
+
medium: 4,
|
|
7
|
+
high: 7,
|
|
8
|
+
critical: 9,
|
|
9
|
+
unknown: undefined,
|
|
10
|
+
};
|
|
11
|
+
function severityToScore(severity) {
|
|
12
|
+
return SEVERITY_TO_SCORE[severity];
|
|
13
|
+
}
|
|
14
|
+
exports.severityToScore = severityToScore;
|
|
15
|
+
function scoreToSeverity(score) {
|
|
16
|
+
if (score === undefined) {
|
|
17
|
+
return 'unknown';
|
|
18
|
+
}
|
|
19
|
+
if (score >= 9) {
|
|
20
|
+
return 'critical';
|
|
21
|
+
}
|
|
22
|
+
if (score >= 7) {
|
|
23
|
+
return 'high';
|
|
24
|
+
}
|
|
25
|
+
if (score >= 4) {
|
|
26
|
+
return 'medium';
|
|
27
|
+
}
|
|
28
|
+
return 'low';
|
|
29
|
+
}
|
|
30
|
+
exports.scoreToSeverity = scoreToSeverity;
|
|
31
|
+
//# sourceMappingURL=severity.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"severity.js","sourceRoot":"","sources":["../../src/commands/severity.ts"],"names":[],"mappings":";;;AAKA,MAAM,iBAAiB,GAA4B;IACjD,GAAG,EAAE,CAAC;IACN,MAAM,EAAE,CAAC;IACT,IAAI,EAAE,CAAC;IACP,QAAQ,EAAE,CAAC;IACX,OAAO,EAAE,SAAS;CACnB,CAAC;AAEF,SAAgB,eAAe,CAAC,QAAkB;IAChD,OAAO,iBAAiB,CAAC,QAAQ,CAAC,CAAC;AACrC,CAAC;AAFD,0CAEC;AAED,SAAgB,eAAe,CAAC,KAAyB;IACvD,IAAI,KAAK,KAAK,SAAS,EAAE;QACvB,OAAO,SAAS,CAAC;KAClB;IAED,IAAI,KAAK,IAAI,CAAC,EAAE;QACd,OAAO,UAAU,CAAC;KACnB;IACD,IAAI,KAAK,IAAI,CAAC,EAAE;QACd,OAAO,MAAM,CAAC;KACf;IACD,IAAI,KAAK,IAAI,CAAC,EAAE;QACd,OAAO,QAAQ,CAAC;KACjB;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAfD,0CAeC"}
|
|
@@ -3,6 +3,7 @@ declare type WebpackDependenciesPluginOptions = {
|
|
|
3
3
|
outputFilename?: string;
|
|
4
4
|
includePackages?: string[];
|
|
5
5
|
includeExternalProductionDependencies?: boolean;
|
|
6
|
+
excludeModules?: string[];
|
|
6
7
|
};
|
|
7
8
|
export declare class WebpackDependenciesPlugin implements WebpackPluginInstance {
|
|
8
9
|
private options;
|
|
@@ -10,7 +11,9 @@ export declare class WebpackDependenciesPlugin implements WebpackPluginInstance
|
|
|
10
11
|
outputPath: string;
|
|
11
12
|
includePackages: string[];
|
|
12
13
|
resolvedModules: Set<string>;
|
|
14
|
+
excludedModules: string[];
|
|
13
15
|
constructor(options?: WebpackDependenciesPluginOptions);
|
|
16
|
+
private isExcluded;
|
|
14
17
|
private handleTap;
|
|
15
18
|
apply(compiler: Compiler): void;
|
|
16
19
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"webpack-dependencies-plugin.d.ts","sourceRoot":"","sources":["../src/webpack-dependencies-plugin.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAe,QAAQ,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"webpack-dependencies-plugin.d.ts","sourceRoot":"","sources":["../src/webpack-dependencies-plugin.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAe,QAAQ,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAC;AAa5E,aAAK,gCAAgC,GAAG;IACtC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,qCAAqC,CAAC,EAAE,OAAO,CAAC;IAChD,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;CAC3B,CAAC;AAMF,qBAAa,yBAA0B,YAAW,qBAAqB;IAOzD,OAAO,CAAC,OAAO;IAN3B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAe;IAC1C,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,MAAM,EAAE,CAAM;IAC/B,eAAe,cAAqB;IACpC,eAAe,EAAE,MAAM,EAAE,CAAC;gBAEN,OAAO,GAAE,gCAAqC;IAYlE,OAAO,CAAC,UAAU;IAMlB,OAAO,CAAC,SAAS,CAkBf;IAEF,KAAK,CAAC,QAAQ,EAAE,QAAQ,GAAG,IAAI;CAyBhC;AAED,eAAe,yBAAyB,CAAC"}
|
|
@@ -7,6 +7,7 @@ exports.WebpackDependenciesPlugin = void 0;
|
|
|
7
7
|
const path_1 = __importDefault(require("path"));
|
|
8
8
|
const fs_1 = require("fs");
|
|
9
9
|
const lodash_1 = __importDefault(require("lodash"));
|
|
10
|
+
const minimatch_1 = require("minimatch");
|
|
10
11
|
const production_deps_1 = require("./production-deps");
|
|
11
12
|
const get_package_info_1 = require("./get-package-info");
|
|
12
13
|
const PLUGIN_NAME = 'WebpackDependenciesPlugin';
|
|
@@ -21,7 +22,7 @@ class WebpackDependenciesPlugin {
|
|
|
21
22
|
const resource = module.resource;
|
|
22
23
|
if (resource) {
|
|
23
24
|
const modulePath = resource;
|
|
24
|
-
if (typeof modulePath === 'string') {
|
|
25
|
+
if (typeof modulePath === 'string' && !this.isExcluded(modulePath)) {
|
|
25
26
|
this.resolvedModules.add(modulePath);
|
|
26
27
|
}
|
|
27
28
|
}
|
|
@@ -39,8 +40,12 @@ class WebpackDependenciesPlugin {
|
|
|
39
40
|
: []),
|
|
40
41
|
...(options.includePackages || []).map(production_deps_1.findPackageLocation),
|
|
41
42
|
];
|
|
43
|
+
this.excludedModules = options.excludeModules || [];
|
|
42
44
|
this.outputPath = options.outputFilename || 'dependencies.json';
|
|
43
45
|
}
|
|
46
|
+
isExcluded(modulePath) {
|
|
47
|
+
return this.excludedModules.some((excludedModulePattern) => (0, minimatch_1.minimatch)(modulePath, excludedModulePattern));
|
|
48
|
+
}
|
|
44
49
|
apply(compiler) {
|
|
45
50
|
compiler.hooks.shutdown.tapPromise(PLUGIN_NAME, async () => {
|
|
46
51
|
const dependencyList = await Promise.all(Array.from(this.resolvedModules).map(get_package_info_1.getPackageInfo));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"webpack-dependencies-plugin.js","sourceRoot":"","sources":["../src/webpack-dependencies-plugin.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AACxB,2BAAoC;AAEpC,oDAAuB;AAEvB,uDAG2B;AAC3B,yDAAoD;AAEpD,MAAM,WAAW,GAAG,2BAA2B,CAAC;
|
|
1
|
+
{"version":3,"file":"webpack-dependencies-plugin.js","sourceRoot":"","sources":["../src/webpack-dependencies-plugin.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AACxB,2BAAoC;AAEpC,oDAAuB;AAEvB,yCAAsC;AAEtC,uDAG2B;AAC3B,yDAAoD;AAEpD,MAAM,WAAW,GAAG,2BAA2B,CAAC;AAahD,MAAa,yBAAyB;IAOpC,YAAoB,UAA4C,EAAE;QAA9C,YAAO,GAAP,OAAO,CAAuC;QANjD,eAAU,GAAG,WAAW,CAAC;QAE1C,oBAAe,GAAa,EAAE,CAAC;QAC/B,oBAAe,GAAG,IAAI,GAAG,EAAU,CAAC;QAqB5B,cAAS,GAAG,CAAC,WAAwB,EAAE,EAAE;YAC/C,KAAK,MAAM,MAAM,IAAI,WAAW,CAAC,OAAO,EAAE;gBACxC,MAAM,QAAQ,GAAI,MAAyB,CAAC,QAAQ,CAAC;gBACrD,IAAI,QAAQ,EAAE;oBACZ,MAAM,UAAU,GAAG,QAAQ,CAAC;oBAC5B,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE;wBAClE,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;qBACtC;iBACF;aACF;YAED,KAAK,MAAM,mBAAmB,IAAI,IAAI,CAAC,eAAe,EAAE;gBACtD,MAAM,eAAe,GAAG,cAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,cAAc,CAAC,CAAC;gBAEvE,IAAI,eAAe,EAAE;oBACnB,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;iBAC3C;aACF;QACH,CAAC,CAAC;QAnCA,IAAI,CAAC,eAAe,GAAG;YACrB,GAAG,CAAC,OAAO,CAAC,qCAAqC;gBAC/C,CAAC,CAAC,IAAA,8CAA4B,GAAE;gBAChC,CAAC,CAAC,EAAE,CAAC;YACP,GAAG,CAAC,OAAO,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,qCAAmB,CAAC;SAC5D,CAAC;QAEF,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,cAAc,IAAI,EAAE,CAAC;QACpD,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,cAAc,IAAI,mBAAmB,CAAC;IAClE,CAAC;IAEO,UAAU,CAAC,UAAkB;QACnC,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,qBAAqB,EAAE,EAAE,CACzD,IAAA,qBAAS,EAAC,UAAU,EAAE,qBAAqB,CAAC,CAC7C,CAAC;IACJ,CAAC;IAsBD,KAAK,CAAC,QAAkB;QACtB,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,WAAW,EAAE,KAAK,IAAI,EAAE;YACzD,MAAM,cAAc,GAAG,MAAM,OAAO,CAAC,GAAG,CACtC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,GAAG,CAAC,iCAAc,CAAC,CACrD,CAAC;YAEF,MAAM,UAAU,GAAG,gBAAC,CAAC,MAAM,CACzB,cAAc,EACd,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC,GAAG,IAAI,IAAI,OAAO,EAAE,CAC5C,CAAC;YAEF,MAAM,UAAU,GAAG,gBAAC,CAAC,MAAM,CACzB,UAAU,EACV,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC,GAAG,IAAI,IAAI,OAAO,EAAE,CAC5C,CAAC;YAEF,MAAM,aAAE,CAAC,KAAK,CAAC,cAAI,CAAC,OAAO,CAAC,cAAI,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE;gBAC1D,SAAS,EAAE,IAAI;aAChB,CAAC,CAAC;YAEH,MAAM,aAAE,CAAC,SAAS,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3E,CAAC,CAAC,CAAC;QAEH,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IACvD,CAAC;CACF;AAtED,8DAsEC;AAED,kBAAe,yBAAyB,CAAC"}
|
package/package.json
CHANGED
|
@@ -16,7 +16,7 @@
|
|
|
16
16
|
"email": "compass@mongodb.com"
|
|
17
17
|
},
|
|
18
18
|
"homepage": "https://github.com/mongodb-js/devtools-shared",
|
|
19
|
-
"version": "0.2.
|
|
19
|
+
"version": "0.2.2",
|
|
20
20
|
"repository": {
|
|
21
21
|
"type": "git",
|
|
22
22
|
"url": "https://github.com/mongodb-js/devtools-shared.git"
|
|
@@ -78,11 +78,12 @@
|
|
|
78
78
|
"cross-spawn": "^7.0.3",
|
|
79
79
|
"find-up": "^4.1.0",
|
|
80
80
|
"lodash": "^4.17.21",
|
|
81
|
+
"minimatch": "^9.0.0",
|
|
81
82
|
"node-fetch": "^2.6.7",
|
|
82
83
|
"semver": "^7.5.0",
|
|
83
84
|
"snyk-policy": "^2.0.4",
|
|
84
85
|
"spdx-satisfies": "^5.0.1",
|
|
85
86
|
"webpack": "^5.82.0"
|
|
86
87
|
},
|
|
87
|
-
"gitHead": "
|
|
88
|
+
"gitHead": "a9fd88c959fc72cfc745e9c84d8509b8ecfea731"
|
|
88
89
|
}
|