@openrewrite/recipes-nodejs 0.37.0-20260106-083133 → 0.37.0-20260106-170728
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/security/dependency-vulnerability-check.d.ts +8 -54
- package/dist/security/dependency-vulnerability-check.d.ts.map +1 -1
- package/dist/security/dependency-vulnerability-check.js +176 -287
- package/dist/security/dependency-vulnerability-check.js.map +1 -1
- package/dist/security/index.d.ts +3 -0
- package/dist/security/index.d.ts.map +1 -1
- package/dist/security/index.js +3 -0
- package/dist/security/index.js.map +1 -1
- package/dist/security/npm-utils.d.ts +8 -2
- package/dist/security/npm-utils.d.ts.map +1 -1
- package/dist/security/npm-utils.js +114 -14
- package/dist/security/npm-utils.js.map +1 -1
- package/dist/security/override-utils.d.ts +23 -0
- package/dist/security/override-utils.d.ts.map +1 -0
- package/dist/security/override-utils.js +169 -0
- package/dist/security/override-utils.js.map +1 -0
- package/dist/security/remove-redundant-overrides.d.ts +1 -10
- package/dist/security/remove-redundant-overrides.d.ts.map +1 -1
- package/dist/security/remove-redundant-overrides.js +4 -152
- package/dist/security/remove-redundant-overrides.js.map +1 -1
- package/dist/security/types.d.ts +42 -0
- package/dist/security/types.d.ts.map +1 -0
- package/dist/security/types.js +7 -0
- package/dist/security/types.js.map +1 -0
- package/dist/security/version-utils.d.ts +13 -0
- package/dist/security/version-utils.d.ts.map +1 -0
- package/dist/security/version-utils.js +173 -0
- package/dist/security/version-utils.js.map +1 -0
- package/package.json +1 -1
- package/src/security/dependency-vulnerability-check.ts +300 -525
- package/src/security/index.ts +3 -0
- package/src/security/npm-utils.ts +172 -37
- package/src/security/override-utils.ts +253 -0
- package/src/security/remove-redundant-overrides.ts +9 -211
- package/src/security/types.ts +115 -0
- package/src/security/version-utils.ts +198 -0
|
@@ -1,45 +1,8 @@
|
|
|
1
1
|
import { ExecutionContext, ScanningRecipe, TreeVisitor } from "@openrewrite/rewrite";
|
|
2
|
-
import { DependencyRecipeAccumulator, DependencyScope
|
|
3
|
-
import { Severity,
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
interface PathSegment {
|
|
7
|
-
name: string;
|
|
8
|
-
version: string;
|
|
9
|
-
}
|
|
10
|
-
interface VulnerableDependency {
|
|
11
|
-
resolved: ResolvedDependency;
|
|
12
|
-
vulnerability: Vulnerability;
|
|
13
|
-
depth: number;
|
|
14
|
-
isDirect: boolean;
|
|
15
|
-
scope?: DependencyScope;
|
|
16
|
-
path: PathSegment[];
|
|
17
|
-
}
|
|
18
|
-
interface VulnerabilityFix {
|
|
19
|
-
packageName: string;
|
|
20
|
-
newVersion: string;
|
|
21
|
-
isTransitive: boolean;
|
|
22
|
-
cves: string[];
|
|
23
|
-
cveSummaries: Map<string, string>;
|
|
24
|
-
scope?: DependencyScope;
|
|
25
|
-
originalMajorVersion?: number;
|
|
26
|
-
directDepInfo?: {
|
|
27
|
-
name: string;
|
|
28
|
-
version: string;
|
|
29
|
-
scope: DependencyScope;
|
|
30
|
-
};
|
|
31
|
-
fixViaDirectUpgrade?: {
|
|
32
|
-
directDepName: string;
|
|
33
|
-
directDepVersion: string;
|
|
34
|
-
directDepScope: DependencyScope;
|
|
35
|
-
};
|
|
36
|
-
}
|
|
37
|
-
interface ProjectUpdateInfo {
|
|
38
|
-
packageJsonPath: string;
|
|
39
|
-
originalPackageJson: string;
|
|
40
|
-
packageManager: PackageManager;
|
|
41
|
-
configFiles?: Record<string, string>;
|
|
42
|
-
}
|
|
2
|
+
import { DependencyRecipeAccumulator, DependencyScope } from "@openrewrite/rewrite/javascript";
|
|
3
|
+
import { Severity, VulnerabilityDatabase } from "./vulnerability";
|
|
4
|
+
import { UpgradeDelta } from "./version-utils";
|
|
5
|
+
import { TransitiveFixStrategy, VulnerableDependency, VulnerabilityFix, ProjectUpdateInfo } from "./types";
|
|
43
6
|
interface Accumulator extends DependencyRecipeAccumulator<ProjectUpdateInfo> {
|
|
44
7
|
db: VulnerabilityDatabase;
|
|
45
8
|
vulnerableByProject: Map<string, VulnerableDependency[]>;
|
|
@@ -57,6 +20,7 @@ export declare class DependencyVulnerabilityCheck extends ScanningRecipe<Accumul
|
|
|
57
20
|
private readonly vulnerabilityReport;
|
|
58
21
|
scope?: DependencyScope;
|
|
59
22
|
transitiveFixStrategy?: TransitiveFixStrategy;
|
|
23
|
+
preferDirectUpgrade?: boolean;
|
|
60
24
|
maximumUpgradeDelta?: UpgradeDelta;
|
|
61
25
|
minimumSeverity?: Severity;
|
|
62
26
|
cvePattern?: string;
|
|
@@ -66,6 +30,7 @@ export declare class DependencyVulnerabilityCheck extends ScanningRecipe<Accumul
|
|
|
66
30
|
constructor(options?: {
|
|
67
31
|
scope?: DependencyScope;
|
|
68
32
|
transitiveFixStrategy?: TransitiveFixStrategy;
|
|
33
|
+
preferDirectUpgrade?: boolean;
|
|
69
34
|
maximumUpgradeDelta?: UpgradeDelta;
|
|
70
35
|
minimumSeverity?: string;
|
|
71
36
|
cvePattern?: string;
|
|
@@ -73,26 +38,20 @@ export declare class DependencyVulnerabilityCheck extends ScanningRecipe<Accumul
|
|
|
73
38
|
addOverrideComments?: boolean;
|
|
74
39
|
});
|
|
75
40
|
private shouldScanTransitives;
|
|
76
|
-
private shouldFixTransitives;
|
|
77
41
|
private shouldVerifyTransitiveFixes;
|
|
78
42
|
private filterRemainingTransitiveFixes;
|
|
79
43
|
private isVersionStillVulnerable;
|
|
80
44
|
initialValue(_ctx: ExecutionContext): Accumulator;
|
|
81
45
|
private isReportOnly;
|
|
82
46
|
private matchesCvePattern;
|
|
83
|
-
private isVersionAffected;
|
|
84
|
-
private isUpgradeableWithinDelta;
|
|
85
|
-
private getUpgradeVersion;
|
|
86
|
-
private getVersionPrefixForDelta;
|
|
87
47
|
private renderPath;
|
|
48
|
+
private findAllDirectDepsForTransitive;
|
|
49
|
+
private hasTransitiveInTree;
|
|
88
50
|
private findVulnerabilities;
|
|
89
51
|
private findPreventiveFixes;
|
|
90
52
|
private isUpgradeWithinDelta;
|
|
91
|
-
private extractMinimumVersion;
|
|
92
53
|
private findHighestSafeVersion;
|
|
93
|
-
private isVersionWithinDelta;
|
|
94
54
|
private computeFixes;
|
|
95
|
-
private tryFindDirectDepUpgrade;
|
|
96
55
|
private tryDirectUpgradesForTransitives;
|
|
97
56
|
scanner(acc: Accumulator): Promise<TreeVisitor<any, ExecutionContext>>;
|
|
98
57
|
editorWithData(acc: Accumulator): Promise<TreeVisitor<any, ExecutionContext>>;
|
|
@@ -103,10 +62,5 @@ export declare class DependencyVulnerabilityCheck extends ScanningRecipe<Accumul
|
|
|
103
62
|
private generateOverrideComment;
|
|
104
63
|
private addOverrideCommentsToPackageJson;
|
|
105
64
|
}
|
|
106
|
-
export declare function extractVersionPrefix(versionString: string): {
|
|
107
|
-
prefix: string;
|
|
108
|
-
version: string;
|
|
109
|
-
};
|
|
110
|
-
export declare function applyVersionPrefix(originalVersion: string, newVersion: string): string;
|
|
111
65
|
export {};
|
|
112
66
|
//# sourceMappingURL=dependency-vulnerability-check.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dependency-vulnerability-check.d.ts","sourceRoot":"","sources":["../../src/security/dependency-vulnerability-check.ts"],"names":[],"mappings":"AAMA,OAAO,EAGH,gBAAgB,EAGhB,cAAc,EAGd,WAAW,EACd,MAAM,sBAAsB,CAAC;AAI9B,OAAO,EAGH,2BAA2B,EAC3B,eAAe,
|
|
1
|
+
{"version":3,"file":"dependency-vulnerability-check.d.ts","sourceRoot":"","sources":["../../src/security/dependency-vulnerability-check.ts"],"names":[],"mappings":"AAMA,OAAO,EAGH,gBAAgB,EAGhB,cAAc,EAGd,WAAW,EACd,MAAM,sBAAsB,CAAC;AAI9B,OAAO,EAGH,2BAA2B,EAC3B,eAAe,EAYlB,MAAM,iCAAiC,CAAC;AAGzC,OAAO,EAAgB,QAAQ,EAAkC,qBAAqB,EAAC,MAAM,iBAAiB,CAAC;AAO/G,OAAO,EACH,YAAY,EAOf,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAEH,qBAAqB,EAErB,oBAAoB,EACpB,gBAAgB,EAChB,iBAAiB,EACpB,MAAM,SAAS,CAAC;AA0HjB,UAAU,WAAY,SAAQ,2BAA2B,CAAC,iBAAiB,CAAC;IAExE,EAAE,EAAE,qBAAqB,CAAC;IAE1B,mBAAmB,EAAE,GAAG,CAAC,MAAM,EAAE,oBAAoB,EAAE,CAAC,CAAC;IAEzD,cAAc,EAAE,GAAG,CAAC,MAAM,EAAE,gBAAgB,EAAE,CAAC,CAAC;IAEhD,iBAAiB,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAEvC,sBAAsB,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAE5C,cAAc,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAEtC,+BAA+B,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAErD,0BAA0B,EAAE,OAAO,CAAC;CACvC;AAgBD,qBAAa,4BAA6B,SAAQ,cAAc,CAAC,WAAW,CAAC;IACzE,QAAQ,CAAC,IAAI,yDAAyD;IACtE,QAAQ,CAAC,WAAW,8CAA8C;IAClE,QAAQ,CAAC,WAAW,SAI8D;IAElF,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAKlC;IAUF,KAAK,CAAC,EAAE,eAAe,CAAC;IAaxB,qBAAqB,CAAC,EAAE,qBAAqB,CAAC;IAW9C,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAa9B,mBAAmB,CAAC,EAAE,YAAY,CAAC;IAWnC,eAAe,CAAC,EAAE,QAAQ,CAAC;IAW3B,UAAU,CAAC,EAAE,MAAM,CAAC;IAYpB,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAU9B,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAG9B,OAAO,CAAC,eAAe,CAAC,CAAS;gBAErB,OAAO,CAAC,EAAE;QAClB,KAAK,CAAC,EAAE,eAAe,CAAC;QACxB,qBAAqB,CAAC,EAAE,qBAAqB,CAAC;QAC9C,mBAAmB,CAAC,EAAE,OAAO,CAAC;QAC9B,mBAAmB,CAAC,EAAE,YAAY,CAAC;QACnC,eAAe,CAAC,EAAE,MAAM,CAAC;QACzB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,mBAAmB,CAAC,EAAE,OAAO,CAAC;QAC9B,mBAAmB,CAAC,EAAE,OAAO,CAAC;KACjC;IAyBD,OAAO,CAAC,qBAAqB;IAY7B,OAAO,CAAC,2BAA2B;IAanC,OAAO,CAAC,8BAA8B;IAqDtC,OAAO,CAAC,wBAAwB;IAevB,YAAY,CAAC,IAAI,EAAE,gBAAgB,GAAG,WAAW;IAgB1D,OAAO,CAAC,YAAY;IAOpB,OAAO,CAAC,iBAAiB;IAWzB,OAAO,CAAC,UAAU;IAgBlB,OAAO,CAAC,8BAA8B;IA0BtC,OAAO,CAAC,mBAAmB;IA2B3B,OAAO,CAAC,mBAAmB;IA0E3B,OAAO,CAAC,mBAAmB;IAgF3B,OAAO,CAAC,oBAAoB;IAkB5B,OAAO,CAAC,sBAAsB;YAiEhB,YAAY;YAuKZ,+BAA+B;IAoG9B,OAAO,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;IAoLtE,cAAc,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;YAwY9E,wBAAwB;YA4HxB,iCAAiC;IAgK/C,OAAO,CAAC,mCAAmC;IA6B3C,OAAO,CAAC,yBAAyB;IAyKjC,OAAO,CAAC,uBAAuB;IA8B/B,OAAO,CAAC,gCAAgC;CAmC3C"}
|