@vltpkg/query 0.0.0-2 → 0.0.0-20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +39 -82
- package/dist/esm/attribute.d.ts.map +1 -1
- package/dist/esm/attribute.js +8 -13
- package/dist/esm/attribute.js.map +1 -1
- package/dist/esm/combinator.d.ts.map +1 -1
- package/dist/esm/combinator.js +5 -2
- package/dist/esm/combinator.js.map +1 -1
- package/dist/esm/id.d.ts.map +1 -1
- package/dist/esm/id.js +23 -7
- package/dist/esm/id.js.map +1 -1
- package/dist/esm/index.d.ts +35 -3
- package/dist/esm/index.d.ts.map +1 -1
- package/dist/esm/index.js +280 -16
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/parser.d.ts +15 -0
- package/dist/esm/parser.d.ts.map +1 -0
- package/dist/esm/parser.js +93 -0
- package/dist/esm/parser.js.map +1 -0
- package/dist/esm/pseudo/abandoned.d.ts +7 -0
- package/dist/esm/pseudo/abandoned.d.ts.map +1 -0
- package/dist/esm/pseudo/abandoned.js +6 -0
- package/dist/esm/pseudo/abandoned.js.map +1 -0
- package/dist/esm/pseudo/attr.d.ts +2 -1
- package/dist/esm/pseudo/attr.d.ts.map +1 -1
- package/dist/esm/pseudo/attr.js +10 -2
- package/dist/esm/pseudo/attr.js.map +1 -1
- package/dist/esm/pseudo/confused.d.ts +9 -0
- package/dist/esm/pseudo/confused.d.ts.map +1 -0
- package/dist/esm/pseudo/confused.js +19 -0
- package/dist/esm/pseudo/confused.js.map +1 -0
- package/dist/esm/pseudo/cve.d.ts +13 -0
- package/dist/esm/pseudo/cve.d.ts.map +1 -0
- package/dist/esm/pseudo/cve.js +44 -0
- package/dist/esm/pseudo/cve.js.map +1 -0
- package/dist/esm/pseudo/cwe.d.ts +13 -0
- package/dist/esm/pseudo/cwe.d.ts.map +1 -0
- package/dist/esm/pseudo/cwe.js +43 -0
- package/dist/esm/pseudo/cwe.js.map +1 -0
- package/dist/esm/pseudo/debug.d.ts +7 -0
- package/dist/esm/pseudo/debug.d.ts.map +1 -0
- package/dist/esm/pseudo/debug.js +6 -0
- package/dist/esm/pseudo/debug.js.map +1 -0
- package/dist/esm/pseudo/deprecated.d.ts +7 -0
- package/dist/esm/pseudo/deprecated.d.ts.map +1 -0
- package/dist/esm/pseudo/deprecated.js +6 -0
- package/dist/esm/pseudo/deprecated.js.map +1 -0
- package/dist/esm/pseudo/dev.d.ts +6 -0
- package/dist/esm/pseudo/dev.d.ts.map +1 -0
- package/dist/esm/pseudo/dev.js +15 -0
- package/dist/esm/pseudo/dev.js.map +1 -0
- package/dist/esm/pseudo/dynamic.d.ts +7 -0
- package/dist/esm/pseudo/dynamic.d.ts.map +1 -0
- package/dist/esm/pseudo/dynamic.js +6 -0
- package/dist/esm/pseudo/dynamic.js.map +1 -0
- package/dist/esm/pseudo/empty.d.ts +7 -0
- package/dist/esm/pseudo/empty.d.ts.map +1 -0
- package/dist/esm/pseudo/empty.js +14 -0
- package/dist/esm/pseudo/empty.js.map +1 -0
- package/dist/esm/pseudo/entropic.d.ts +7 -0
- package/dist/esm/pseudo/entropic.d.ts.map +1 -0
- package/dist/esm/pseudo/entropic.js +6 -0
- package/dist/esm/pseudo/entropic.js.map +1 -0
- package/dist/esm/pseudo/env.d.ts +7 -0
- package/dist/esm/pseudo/env.d.ts.map +1 -0
- package/dist/esm/pseudo/env.js +6 -0
- package/dist/esm/pseudo/env.js.map +1 -0
- package/dist/esm/pseudo/eval.d.ts +7 -0
- package/dist/esm/pseudo/eval.d.ts.map +1 -0
- package/dist/esm/pseudo/eval.js +6 -0
- package/dist/esm/pseudo/eval.js.map +1 -0
- package/dist/esm/pseudo/fs.d.ts +7 -0
- package/dist/esm/pseudo/fs.d.ts.map +1 -0
- package/dist/esm/pseudo/fs.js +6 -0
- package/dist/esm/pseudo/fs.js.map +1 -0
- package/dist/esm/pseudo/helpers.d.ts +25 -1
- package/dist/esm/pseudo/helpers.d.ts.map +1 -1
- package/dist/esm/pseudo/helpers.js +53 -0
- package/dist/esm/pseudo/helpers.js.map +1 -1
- package/dist/esm/pseudo/license.d.ts +13 -0
- package/dist/esm/pseudo/license.d.ts.map +1 -0
- package/dist/esm/pseudo/license.js +58 -0
- package/dist/esm/pseudo/license.js.map +1 -0
- package/dist/esm/pseudo/link.d.ts +9 -0
- package/dist/esm/pseudo/link.d.ts.map +1 -0
- package/dist/esm/pseudo/link.js +25 -0
- package/dist/esm/pseudo/link.js.map +1 -0
- package/dist/esm/pseudo/malware.d.ts +15 -0
- package/dist/esm/pseudo/malware.d.ts.map +1 -0
- package/dist/esm/pseudo/malware.js +165 -0
- package/dist/esm/pseudo/malware.js.map +1 -0
- package/dist/esm/pseudo/minified.d.ts +7 -0
- package/dist/esm/pseudo/minified.d.ts.map +1 -0
- package/dist/esm/pseudo/minified.js +6 -0
- package/dist/esm/pseudo/minified.js.map +1 -0
- package/dist/esm/pseudo/missing.d.ts +8 -0
- package/dist/esm/pseudo/missing.d.ts.map +1 -0
- package/dist/esm/pseudo/missing.js +15 -0
- package/dist/esm/pseudo/missing.js.map +1 -0
- package/dist/esm/pseudo/native.d.ts +7 -0
- package/dist/esm/pseudo/native.d.ts.map +1 -0
- package/dist/esm/pseudo/native.js +6 -0
- package/dist/esm/pseudo/native.js.map +1 -0
- package/dist/esm/pseudo/network.d.ts +7 -0
- package/dist/esm/pseudo/network.d.ts.map +1 -0
- package/dist/esm/pseudo/network.js +6 -0
- package/dist/esm/pseudo/network.js.map +1 -0
- package/dist/esm/pseudo/obfuscated.d.ts +7 -0
- package/dist/esm/pseudo/obfuscated.d.ts.map +1 -0
- package/dist/esm/pseudo/obfuscated.js +6 -0
- package/dist/esm/pseudo/obfuscated.js.map +1 -0
- package/dist/esm/pseudo/optional.d.ts +6 -0
- package/dist/esm/pseudo/optional.d.ts.map +1 -0
- package/dist/esm/pseudo/optional.js +15 -0
- package/dist/esm/pseudo/optional.js.map +1 -0
- package/dist/esm/pseudo/outdated.d.ts +3 -2
- package/dist/esm/pseudo/outdated.d.ts.map +1 -1
- package/dist/esm/pseudo/outdated.js +42 -31
- package/dist/esm/pseudo/outdated.js.map +1 -1
- package/dist/esm/pseudo/overridden.d.ts +8 -0
- package/dist/esm/pseudo/overridden.d.ts.map +1 -0
- package/dist/esm/pseudo/overridden.js +17 -0
- package/dist/esm/pseudo/overridden.js.map +1 -0
- package/dist/esm/pseudo/path.d.ts +19 -0
- package/dist/esm/pseudo/path.d.ts.map +1 -0
- package/dist/esm/pseudo/path.js +113 -0
- package/dist/esm/pseudo/path.js.map +1 -0
- package/dist/esm/pseudo/peer.d.ts +6 -0
- package/dist/esm/pseudo/peer.d.ts.map +1 -0
- package/dist/esm/pseudo/peer.js +15 -0
- package/dist/esm/pseudo/peer.js.map +1 -0
- package/dist/esm/pseudo/prerelease.d.ts +18 -0
- package/dist/esm/pseudo/prerelease.d.ts.map +1 -0
- package/dist/esm/pseudo/prerelease.js +41 -0
- package/dist/esm/pseudo/prerelease.js.map +1 -0
- package/dist/esm/pseudo/private.d.ts +7 -0
- package/dist/esm/pseudo/private.d.ts.map +1 -0
- package/dist/esm/pseudo/private.js +16 -0
- package/dist/esm/pseudo/private.js.map +1 -0
- package/dist/esm/pseudo/prod.d.ts +6 -0
- package/dist/esm/pseudo/prod.d.ts.map +1 -0
- package/dist/esm/pseudo/prod.js +15 -0
- package/dist/esm/pseudo/prod.js.map +1 -0
- package/dist/esm/pseudo/published.d.ts +41 -0
- package/dist/esm/pseudo/published.d.ts.map +1 -0
- package/dist/esm/pseudo/published.js +158 -0
- package/dist/esm/pseudo/published.js.map +1 -0
- package/dist/esm/pseudo/root.d.ts +8 -0
- package/dist/esm/pseudo/root.d.ts.map +1 -0
- package/dist/esm/pseudo/root.js +22 -0
- package/dist/esm/pseudo/root.js.map +1 -0
- package/dist/esm/pseudo/scanned.d.ts +9 -0
- package/dist/esm/pseudo/scanned.d.ts.map +1 -0
- package/dist/esm/pseudo/scanned.js +17 -0
- package/dist/esm/pseudo/scanned.js.map +1 -0
- package/dist/esm/pseudo/score.d.ts +16 -0
- package/dist/esm/pseudo/score.d.ts.map +1 -0
- package/dist/esm/pseudo/score.js +119 -0
- package/dist/esm/pseudo/score.js.map +1 -0
- package/dist/esm/pseudo/scripts.d.ts +7 -0
- package/dist/esm/pseudo/scripts.d.ts.map +1 -0
- package/dist/esm/pseudo/scripts.js +6 -0
- package/dist/esm/pseudo/scripts.js.map +1 -0
- package/dist/esm/pseudo/semver.d.ts +2 -1
- package/dist/esm/pseudo/semver.d.ts.map +1 -1
- package/dist/esm/pseudo/semver.js +11 -24
- package/dist/esm/pseudo/semver.js.map +1 -1
- package/dist/esm/pseudo/severity.d.ts +15 -0
- package/dist/esm/pseudo/severity.d.ts.map +1 -0
- package/dist/esm/pseudo/severity.js +160 -0
- package/dist/esm/pseudo/severity.js.map +1 -0
- package/dist/esm/pseudo/shell.d.ts +7 -0
- package/dist/esm/pseudo/shell.d.ts.map +1 -0
- package/dist/esm/pseudo/shell.js +6 -0
- package/dist/esm/pseudo/shell.js.map +1 -0
- package/dist/esm/pseudo/shrinkwrap.d.ts +7 -0
- package/dist/esm/pseudo/shrinkwrap.d.ts.map +1 -0
- package/dist/esm/pseudo/shrinkwrap.js +6 -0
- package/dist/esm/pseudo/shrinkwrap.js.map +1 -0
- package/dist/esm/pseudo/squat.d.ts +15 -0
- package/dist/esm/pseudo/squat.d.ts.map +1 -0
- package/dist/esm/pseudo/squat.js +161 -0
- package/dist/esm/pseudo/squat.js.map +1 -0
- package/dist/esm/pseudo/suspicious.d.ts +7 -0
- package/dist/esm/pseudo/suspicious.d.ts.map +1 -0
- package/dist/esm/pseudo/suspicious.js +6 -0
- package/dist/esm/pseudo/suspicious.js.map +1 -0
- package/dist/esm/pseudo/tracker.d.ts +7 -0
- package/dist/esm/pseudo/tracker.d.ts.map +1 -0
- package/dist/esm/pseudo/tracker.js +6 -0
- package/dist/esm/pseudo/tracker.js.map +1 -0
- package/dist/esm/pseudo/trivial.d.ts +7 -0
- package/dist/esm/pseudo/trivial.d.ts.map +1 -0
- package/dist/esm/pseudo/trivial.js +6 -0
- package/dist/esm/pseudo/trivial.js.map +1 -0
- package/dist/esm/pseudo/type.d.ts +8 -0
- package/dist/esm/pseudo/type.d.ts.map +1 -0
- package/dist/esm/pseudo/type.js +22 -0
- package/dist/esm/pseudo/type.js.map +1 -0
- package/dist/esm/pseudo/undesirable.d.ts +7 -0
- package/dist/esm/pseudo/undesirable.d.ts.map +1 -0
- package/dist/esm/pseudo/undesirable.js +6 -0
- package/dist/esm/pseudo/undesirable.js.map +1 -0
- package/dist/esm/pseudo/unknown.d.ts +7 -0
- package/dist/esm/pseudo/unknown.d.ts.map +1 -0
- package/dist/esm/pseudo/unknown.js +6 -0
- package/dist/esm/pseudo/unknown.js.map +1 -0
- package/dist/esm/pseudo/unmaintained.d.ts +7 -0
- package/dist/esm/pseudo/unmaintained.d.ts.map +1 -0
- package/dist/esm/pseudo/unmaintained.js +6 -0
- package/dist/esm/pseudo/unmaintained.js.map +1 -0
- package/dist/esm/pseudo/unpopular.d.ts +7 -0
- package/dist/esm/pseudo/unpopular.d.ts.map +1 -0
- package/dist/esm/pseudo/unpopular.js +6 -0
- package/dist/esm/pseudo/unpopular.js.map +1 -0
- package/dist/esm/pseudo/unstable.d.ts +7 -0
- package/dist/esm/pseudo/unstable.d.ts.map +1 -0
- package/dist/esm/pseudo/unstable.js +6 -0
- package/dist/esm/pseudo/unstable.js.map +1 -0
- package/dist/esm/pseudo/workspace.d.ts +6 -0
- package/dist/esm/pseudo/workspace.d.ts.map +1 -0
- package/dist/esm/pseudo/workspace.js +18 -0
- package/dist/esm/pseudo/workspace.js.map +1 -0
- package/dist/esm/pseudo.d.ts.map +1 -1
- package/dist/esm/pseudo.js +141 -106
- package/dist/esm/pseudo.js.map +1 -1
- package/dist/esm/types.d.ts +86 -23
- package/dist/esm/types.d.ts.map +1 -1
- package/dist/esm/types.js +1 -106
- package/dist/esm/types.js.map +1 -1
- package/package.json +19 -15
- package/dist/esm/class.d.ts +0 -6
- package/dist/esm/class.d.ts.map +0 -1
- package/dist/esm/class.js +0 -128
- package/dist/esm/class.js.map +0 -1
|
@@ -0,0 +1,160 @@
|
|
|
1
|
+
import { error } from '@vltpkg/error-cause';
|
|
2
|
+
import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from '@vltpkg/dss-parser';
|
|
3
|
+
import { assertSecurityArchive, removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
|
|
4
|
+
const kindsMap = new Map([
|
|
5
|
+
['critical', 'criticalCVE'],
|
|
6
|
+
['high', 'cve'],
|
|
7
|
+
['medium', 'potentialVulnerability'],
|
|
8
|
+
['low', 'mildCVE'],
|
|
9
|
+
['0', 'criticalCVE'],
|
|
10
|
+
['1', 'cve'],
|
|
11
|
+
['2', 'potentialVulnerability'],
|
|
12
|
+
['3', 'mildCVE'],
|
|
13
|
+
]);
|
|
14
|
+
// Map numerical values to their respective kinds for comparison operations
|
|
15
|
+
const kindLevelMap = new Map([
|
|
16
|
+
['critical', 0],
|
|
17
|
+
['high', 1],
|
|
18
|
+
['medium', 2],
|
|
19
|
+
['low', 3],
|
|
20
|
+
['0', 0],
|
|
21
|
+
['1', 1],
|
|
22
|
+
['2', 2],
|
|
23
|
+
['3', 3],
|
|
24
|
+
]);
|
|
25
|
+
const kinds = new Set(kindsMap.keys());
|
|
26
|
+
export const isSeverityKind = (value) => kinds.has(value);
|
|
27
|
+
export const asSeverityKind = (value) => {
|
|
28
|
+
if (!isSeverityKind(value)) {
|
|
29
|
+
throw error('Expected a valid severity kind', {
|
|
30
|
+
found: value,
|
|
31
|
+
validOptions: Array.from(kinds),
|
|
32
|
+
});
|
|
33
|
+
}
|
|
34
|
+
return value;
|
|
35
|
+
};
|
|
36
|
+
export const parseInternals = (nodes) => {
|
|
37
|
+
let kind;
|
|
38
|
+
let comparator;
|
|
39
|
+
if (nodes.length === 0) {
|
|
40
|
+
throw error('Missing severity kind parameter');
|
|
41
|
+
}
|
|
42
|
+
let kindValue = '';
|
|
43
|
+
if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
|
|
44
|
+
kindValue = removeQuotes(asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])
|
|
45
|
+
.value);
|
|
46
|
+
}
|
|
47
|
+
else if (isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
|
|
48
|
+
kindValue = asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value;
|
|
49
|
+
}
|
|
50
|
+
// Extract comparator if present
|
|
51
|
+
if (kindValue.startsWith('>=')) {
|
|
52
|
+
comparator = '>=';
|
|
53
|
+
kindValue = kindValue.substring(2);
|
|
54
|
+
}
|
|
55
|
+
else if (kindValue.startsWith('<=')) {
|
|
56
|
+
comparator = '<=';
|
|
57
|
+
kindValue = kindValue.substring(2);
|
|
58
|
+
}
|
|
59
|
+
else if (kindValue.startsWith('>')) {
|
|
60
|
+
comparator = '>';
|
|
61
|
+
kindValue = kindValue.substring(1);
|
|
62
|
+
}
|
|
63
|
+
else if (kindValue.startsWith('<')) {
|
|
64
|
+
comparator = '<';
|
|
65
|
+
kindValue = kindValue.substring(1);
|
|
66
|
+
}
|
|
67
|
+
// Parse kind value
|
|
68
|
+
if (kindValue) {
|
|
69
|
+
if (isSeverityKind(kindValue)) {
|
|
70
|
+
kind = kindValue;
|
|
71
|
+
}
|
|
72
|
+
else {
|
|
73
|
+
throw error('Expected a valid severity kind or number between 0-3', {
|
|
74
|
+
found: kindValue,
|
|
75
|
+
});
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
return { kind, comparator };
|
|
79
|
+
};
|
|
80
|
+
export const severity = async (state) => {
|
|
81
|
+
assertSecurityArchive(state, 'severity');
|
|
82
|
+
let internals;
|
|
83
|
+
try {
|
|
84
|
+
internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
|
|
85
|
+
}
|
|
86
|
+
catch (err) {
|
|
87
|
+
throw error('Failed to parse :severity selector', { cause: err });
|
|
88
|
+
}
|
|
89
|
+
const { kind, comparator } = internals;
|
|
90
|
+
for (const node of state.partial.nodes) {
|
|
91
|
+
const report = state.securityArchive.get(node.id);
|
|
92
|
+
// Always exclude nodes that don't have security data or alerts
|
|
93
|
+
if (!report?.alerts || report.alerts.length === 0) {
|
|
94
|
+
removeNode(state, node);
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
for (const node of state.partial.nodes) {
|
|
98
|
+
const report = state.securityArchive.get(node.id);
|
|
99
|
+
let exclude = true;
|
|
100
|
+
if (report) {
|
|
101
|
+
if (comparator) {
|
|
102
|
+
// retrieve the value to compare against
|
|
103
|
+
const kindLevel = kindLevelMap.get(kind);
|
|
104
|
+
// the kindLevel value has already been validated at this point
|
|
105
|
+
// and thus can never return an undefined/falsy value but ts doesn't
|
|
106
|
+
// know about that, so we have the extra check here
|
|
107
|
+
/* c8 ignore next - impossible */
|
|
108
|
+
if (!kindLevel)
|
|
109
|
+
break;
|
|
110
|
+
// Check each alert to find any that match our comparison criteria
|
|
111
|
+
for (const alert of report.alerts) {
|
|
112
|
+
// Get the numerical value of the alert type
|
|
113
|
+
const alertType = alert.type;
|
|
114
|
+
// retrieve a key to the current alert level to be compared against
|
|
115
|
+
const currentAlertLevelKey = [...kindsMap.entries()].find(([_, alertValue]) => alertValue === alertType)?.[0];
|
|
116
|
+
// perform the comparison based on the user-provided kindLevel
|
|
117
|
+
if (currentAlertLevelKey) {
|
|
118
|
+
const currentAlertLevel = kindLevelMap.get(currentAlertLevelKey);
|
|
119
|
+
/* c8 ignore next - impossible but ts doesn't know */
|
|
120
|
+
if (currentAlertLevel == null)
|
|
121
|
+
continue;
|
|
122
|
+
switch (comparator) {
|
|
123
|
+
case '>':
|
|
124
|
+
if (currentAlertLevel > kindLevel) {
|
|
125
|
+
exclude = false;
|
|
126
|
+
}
|
|
127
|
+
break;
|
|
128
|
+
case '<':
|
|
129
|
+
if (currentAlertLevel < kindLevel) {
|
|
130
|
+
exclude = false;
|
|
131
|
+
}
|
|
132
|
+
break;
|
|
133
|
+
case '>=':
|
|
134
|
+
if (currentAlertLevel >= kindLevel) {
|
|
135
|
+
exclude = false;
|
|
136
|
+
}
|
|
137
|
+
break;
|
|
138
|
+
case '<=':
|
|
139
|
+
if (currentAlertLevel <= kindLevel) {
|
|
140
|
+
exclude = false;
|
|
141
|
+
}
|
|
142
|
+
break;
|
|
143
|
+
}
|
|
144
|
+
}
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
else {
|
|
148
|
+
// Original exact match behavior
|
|
149
|
+
const alertName = kindsMap.get(kind);
|
|
150
|
+
exclude = !report.alerts.some(alert => alert.type === alertName);
|
|
151
|
+
}
|
|
152
|
+
}
|
|
153
|
+
if (exclude) {
|
|
154
|
+
removeNode(state, node);
|
|
155
|
+
}
|
|
156
|
+
}
|
|
157
|
+
removeDanglingEdges(state);
|
|
158
|
+
return state;
|
|
159
|
+
};
|
|
160
|
+
//# sourceMappingURL=severity.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"severity.js","sourceRoot":"","sources":["../../../src/pseudo/severity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EACL,qBAAqB,EACrB,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AAwBrB,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAoC;IAC1D,CAAC,UAAU,EAAE,aAAa,CAAC;IAC3B,CAAC,MAAM,EAAE,KAAK,CAAC;IACf,CAAC,QAAQ,EAAE,wBAAwB,CAAC;IACpC,CAAC,KAAK,EAAE,SAAS,CAAC;IAClB,CAAC,GAAG,EAAE,aAAa,CAAC;IACpB,CAAC,GAAG,EAAE,KAAK,CAAC;IACZ,CAAC,GAAG,EAAE,wBAAwB,CAAC;IAC/B,CAAC,GAAG,EAAE,SAAS,CAAC;CACjB,CAAC,CAAA;AAEF,2EAA2E;AAC3E,MAAM,YAAY,GAAG,IAAI,GAAG,CAAwB;IAClD,CAAC,UAAU,EAAE,CAAC,CAAC;IACf,CAAC,MAAM,EAAE,CAAC,CAAC;IACX,CAAC,QAAQ,EAAE,CAAC,CAAC;IACb,CAAC,KAAK,EAAE,CAAC,CAAC;IACV,CAAC,GAAG,EAAE,CAAC,CAAC;IACR,CAAC,GAAG,EAAE,CAAC,CAAC;IACR,CAAC,GAAG,EAAE,CAAC,CAAC;IACR,CAAC,GAAG,EAAE,CAAC,CAAC;CACT,CAAC,CAAA;AAEF,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAA;AAEtC,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAc,EACU,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAsB,CAAC,CAAA;AAE9D,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,KAAc,EAAiB,EAAE;IAC9D,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,EAAE,CAAC;QAC3B,MAAM,KAAK,CAAC,gCAAgC,EAAE;YAC5C,KAAK,EAAE,KAAK;YACZ,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SAChC,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EAIpB,EAAE;IACF,IAAI,IAAmB,CAAA;IACvB,IAAI,UAA8B,CAAA;IAElC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,KAAK,CAAC,iCAAiC,CAAC,CAAA;IAChD,CAAC;IAED,IAAI,SAAS,GAAG,EAAE,CAAA;IAClB,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,SAAS,GAAG,YAAY,CACtB,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,SAAS,GAAG,SAAS,CACnB,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAC7C,CAAC,KAAK,CAAA;IACT,CAAC;IAED,gCAAgC;IAChC,IAAI,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,UAAU,GAAG,IAAI,CAAA;QACjB,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;IACpC,CAAC;SAAM,IAAI,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACtC,UAAU,GAAG,IAAI,CAAA;QACjB,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;IACpC,CAAC;SAAM,IAAI,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrC,UAAU,GAAG,GAAG,CAAA;QAChB,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;IACpC,CAAC;SAAM,IAAI,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrC,UAAU,GAAG,GAAG,CAAA;QAChB,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;IACpC,CAAC;IAED,mBAAmB;IACnB,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;YAC9B,IAAI,GAAG,SAAS,CAAA;QAClB,CAAC;aAAM,CAAC;YACN,MAAM,KAAK,CACT,sDAAsD,EACtD;gBACE,KAAK,EAAE,SAAS;aACjB,CACF,CAAA;QACH,CAAC;IACH,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,CAAA;AAC7B,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,QAAQ,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACnD,qBAAqB,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;IAExC,IAAI,SAAS,CAAA;IACb,IAAI,CAAC;QACH,SAAS,GAAG,cAAc,CACxB,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAC/C,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,oCAAoC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;IACnE,CAAC;IAED,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,SAAS,CAAA;IAEtC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjD,+DAA+D;QAC/D,IAAI,CAAC,MAAM,EAAE,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClD,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjD,IAAI,OAAO,GAAG,IAAI,CAAA;QAElB,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,UAAU,EAAE,CAAC;gBACf,wCAAwC;gBACxC,MAAM,SAAS,GAAG,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;gBACxC,+DAA+D;gBAC/D,oEAAoE;gBACpE,mDAAmD;gBACnD,iCAAiC;gBACjC,IAAI,CAAC,SAAS;oBAAE,MAAK;gBAErB,kEAAkE;gBAClE,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;oBAClC,4CAA4C;oBAC5C,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAA;oBAE5B,mEAAmE;oBACnE,MAAM,oBAAoB,GAAG,CAAC,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CACvD,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,EAAE,EAAE,CAAC,UAAU,KAAK,SAAS,CAC9C,EAAE,CAAC,CAAC,CAAC,CAAA;oBAEN,8DAA8D;oBAC9D,IAAI,oBAAoB,EAAE,CAAC;wBACzB,MAAM,iBAAiB,GAAG,YAAY,CAAC,GAAG,CACxC,oBAAoB,CACrB,CAAA;wBACD,qDAAqD;wBACrD,IAAI,iBAAiB,IAAI,IAAI;4BAAE,SAAQ;wBAEvC,QAAQ,UAAU,EAAE,CAAC;4BACnB,KAAK,GAAG;gCACN,IAAI,iBAAiB,GAAG,SAAS,EAAE,CAAC;oCAClC,OAAO,GAAG,KAAK,CAAA;gCACjB,CAAC;gCACD,MAAK;4BACP,KAAK,GAAG;gCACN,IAAI,iBAAiB,GAAG,SAAS,EAAE,CAAC;oCAClC,OAAO,GAAG,KAAK,CAAA;gCACjB,CAAC;gCACD,MAAK;4BACP,KAAK,IAAI;gCACP,IAAI,iBAAiB,IAAI,SAAS,EAAE,CAAC;oCACnC,OAAO,GAAG,KAAK,CAAA;gCACjB,CAAC;gCACD,MAAK;4BACP,KAAK,IAAI;gCACP,IAAI,iBAAiB,IAAI,SAAS,EAAE,CAAC;oCACnC,OAAO,GAAG,KAAK,CAAA;gCACjB,CAAC;gCACD,MAAK;wBACT,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,gCAAgC;gBAChC,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;gBACpC,OAAO,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAC3B,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,SAAS,CAClC,CAAA;YACH,CAAC;QACH,CAAC;QAED,IAAI,OAAO,EAAE,CAAC;YACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport {\n asPostcssNodeWithChildren,\n asStringNode,\n asTagNode,\n isStringNode,\n isTagNode,\n} from '@vltpkg/dss-parser'\nimport {\n assertSecurityArchive,\n removeDanglingEdges,\n removeNode,\n removeQuotes,\n} from './helpers.ts'\nimport type { ParserState } from '../types.ts'\nimport type { PostcssNode } from '@vltpkg/dss-parser'\n\nexport type SeverityKinds =\n | '0'\n | '1'\n | '2'\n | '3'\n | 'critical'\n | 'high'\n | 'medium'\n | 'low'\n | undefined\n\nexport type SeverityAlertTypes =\n | 'criticalCVE'\n | 'cve'\n | 'potentialVulnerability'\n | 'mildCVE'\n | undefined\n\nexport type SeverityComparator = '>' | '<' | '>=' | '<=' | undefined\n\nconst kindsMap = new Map<SeverityKinds, SeverityAlertTypes>([\n ['critical', 'criticalCVE'],\n ['high', 'cve'],\n ['medium', 'potentialVulnerability'],\n ['low', 'mildCVE'],\n ['0', 'criticalCVE'],\n ['1', 'cve'],\n ['2', 'potentialVulnerability'],\n ['3', 'mildCVE'],\n])\n\n// Map numerical values to their respective kinds for comparison operations\nconst kindLevelMap = new Map<SeverityKinds, number>([\n ['critical', 0],\n ['high', 1],\n ['medium', 2],\n ['low', 3],\n ['0', 0],\n ['1', 1],\n ['2', 2],\n ['3', 3],\n])\n\nconst kinds = new Set(kindsMap.keys())\n\nexport const isSeverityKind = (\n value?: string,\n): value is SeverityKinds => kinds.has(value as SeverityKinds)\n\nexport const asSeverityKind = (value?: string): SeverityKinds => {\n if (!isSeverityKind(value)) {\n throw error('Expected a valid severity kind', {\n found: value,\n validOptions: Array.from(kinds),\n })\n }\n return value\n}\n\nexport const parseInternals = (\n nodes: PostcssNode[],\n): {\n kind: SeverityKinds\n comparator: SeverityComparator\n} => {\n let kind: SeverityKinds\n let comparator: SeverityComparator\n\n if (nodes.length === 0) {\n throw error('Missing severity kind parameter')\n }\n\n let kindValue = ''\n if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {\n kindValue = removeQuotes(\n asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n .value,\n )\n } else if (\n isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n ) {\n kindValue = asTagNode(\n asPostcssNodeWithChildren(nodes[0]).nodes[0],\n ).value\n }\n\n // Extract comparator if present\n if (kindValue.startsWith('>=')) {\n comparator = '>='\n kindValue = kindValue.substring(2)\n } else if (kindValue.startsWith('<=')) {\n comparator = '<='\n kindValue = kindValue.substring(2)\n } else if (kindValue.startsWith('>')) {\n comparator = '>'\n kindValue = kindValue.substring(1)\n } else if (kindValue.startsWith('<')) {\n comparator = '<'\n kindValue = kindValue.substring(1)\n }\n\n // Parse kind value\n if (kindValue) {\n if (isSeverityKind(kindValue)) {\n kind = kindValue\n } else {\n throw error(\n 'Expected a valid severity kind or number between 0-3',\n {\n found: kindValue,\n },\n )\n }\n }\n\n return { kind, comparator }\n}\n\nexport const severity = async (state: ParserState) => {\n assertSecurityArchive(state, 'severity')\n\n let internals\n try {\n internals = parseInternals(\n asPostcssNodeWithChildren(state.current).nodes,\n )\n } catch (err) {\n throw error('Failed to parse :severity selector', { cause: err })\n }\n\n const { kind, comparator } = internals\n\n for (const node of state.partial.nodes) {\n const report = state.securityArchive.get(node.id)\n // Always exclude nodes that don't have security data or alerts\n if (!report?.alerts || report.alerts.length === 0) {\n removeNode(state, node)\n }\n }\n\n for (const node of state.partial.nodes) {\n const report = state.securityArchive.get(node.id)\n let exclude = true\n\n if (report) {\n if (comparator) {\n // retrieve the value to compare against\n const kindLevel = kindLevelMap.get(kind)\n // the kindLevel value has already been validated at this point\n // and thus can never return an undefined/falsy value but ts doesn't\n // know about that, so we have the extra check here\n /* c8 ignore next - impossible */\n if (!kindLevel) break\n\n // Check each alert to find any that match our comparison criteria\n for (const alert of report.alerts) {\n // Get the numerical value of the alert type\n const alertType = alert.type\n\n // retrieve a key to the current alert level to be compared against\n const currentAlertLevelKey = [...kindsMap.entries()].find(\n ([_, alertValue]) => alertValue === alertType,\n )?.[0]\n\n // perform the comparison based on the user-provided kindLevel\n if (currentAlertLevelKey) {\n const currentAlertLevel = kindLevelMap.get(\n currentAlertLevelKey,\n )\n /* c8 ignore next - impossible but ts doesn't know */\n if (currentAlertLevel == null) continue\n\n switch (comparator) {\n case '>':\n if (currentAlertLevel > kindLevel) {\n exclude = false\n }\n break\n case '<':\n if (currentAlertLevel < kindLevel) {\n exclude = false\n }\n break\n case '>=':\n if (currentAlertLevel >= kindLevel) {\n exclude = false\n }\n break\n case '<=':\n if (currentAlertLevel <= kindLevel) {\n exclude = false\n }\n break\n }\n }\n }\n } else {\n // Original exact match behavior\n const alertName = kindsMap.get(kind)\n exclude = !report.alerts.some(\n alert => alert.type === alertName,\n )\n }\n }\n\n if (exclude) {\n removeNode(state, node)\n }\n }\n\n removeDanglingEdges(state)\n\n return state\n}\n"]}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Filters out any node that does not have a **shellAccess** report alert.
|
|
3
|
+
*/
|
|
4
|
+
export declare const shell: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
7
|
+
//# sourceMappingURL=shell.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"shell.d.ts","sourceRoot":"","sources":["../../../src/pseudo/shell.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,KAAK;;EAGjB,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"shell.js","sourceRoot":"","sources":["../../../src/pseudo/shell.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,4BAA4B,EAAE,MAAM,cAAc,CAAA;AAE3D;;GAEG;AACH,MAAM,CAAC,MAAM,KAAK,GAAG,4BAA4B,CAC/C,OAAO,EACP,aAAa,CACd,CAAA","sourcesContent":["import { createSecuritySelectorFilter } from './helpers.ts'\n\n/**\n * Filters out any node that does not have a **shellAccess** report alert.\n */\nexport const shell = createSecuritySelectorFilter(\n 'shell',\n 'shellAccess',\n)\n"]}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Filters out any node that does not have a **shrinkwrap** report alert.
|
|
3
|
+
*/
|
|
4
|
+
export declare const shrinkwrap: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
7
|
+
//# sourceMappingURL=shrinkwrap.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"shrinkwrap.d.ts","sourceRoot":"","sources":["../../../src/pseudo/shrinkwrap.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,UAAU;;EAGtB,CAAA"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { createSecuritySelectorFilter } from "./helpers.js";
|
|
2
|
+
/**
|
|
3
|
+
* Filters out any node that does not have a **shrinkwrap** report alert.
|
|
4
|
+
*/
|
|
5
|
+
export const shrinkwrap = createSecuritySelectorFilter('shrinkwrap', 'shrinkwrap');
|
|
6
|
+
//# sourceMappingURL=shrinkwrap.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"shrinkwrap.js","sourceRoot":"","sources":["../../../src/pseudo/shrinkwrap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,4BAA4B,EAAE,MAAM,cAAc,CAAA;AAE3D;;GAEG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,4BAA4B,CACpD,YAAY,EACZ,YAAY,CACb,CAAA","sourcesContent":["import { createSecuritySelectorFilter } from './helpers.ts'\n\n/**\n * Filters out any node that does not have a **shrinkwrap** report alert.\n */\nexport const shrinkwrap = createSecuritySelectorFilter(\n 'shrinkwrap',\n 'shrinkwrap',\n)\n"]}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import type { ParserState } from '../types.ts';
|
|
2
|
+
import type { PostcssNode } from '@vltpkg/dss-parser';
|
|
3
|
+
export type SquatKinds = '0' | '2' | 'critical' | 'medium' | undefined;
|
|
4
|
+
export type SquatAlertTypes = 'didYouMean' | 'gptDidYouMean' | undefined;
|
|
5
|
+
export type SquatComparator = '>' | '<' | '>=' | '<=' | undefined;
|
|
6
|
+
export declare const isSquatKind: (value?: string) => value is SquatKinds;
|
|
7
|
+
export declare const asSquatKind: (value?: string) => SquatKinds;
|
|
8
|
+
export declare const parseInternals: (nodes: PostcssNode[]) => {
|
|
9
|
+
kind: SquatKinds;
|
|
10
|
+
comparator: SquatComparator;
|
|
11
|
+
};
|
|
12
|
+
export declare const squat: (state: ParserState) => Promise<ParserState & {
|
|
13
|
+
securityArchive: NonNullable<ParserState["securityArchive"]>;
|
|
14
|
+
}>;
|
|
15
|
+
//# sourceMappingURL=squat.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"squat.d.ts","sourceRoot":"","sources":["../../../src/pseudo/squat.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAC9C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAErD,MAAM,MAAM,UAAU,GAAG,GAAG,GAAG,GAAG,GAAG,UAAU,GAAG,QAAQ,GAAG,SAAS,CAAA;AAEtE,MAAM,MAAM,eAAe,GACvB,YAAY,GACZ,eAAe,GACf,SAAS,CAAA;AAEb,MAAM,MAAM,eAAe,GAAG,GAAG,GAAG,GAAG,GAAG,IAAI,GAAG,IAAI,GAAG,SAAS,CAAA;AAoBjE,eAAO,MAAM,WAAW,WAAY,MAAM,KAAG,KAAK,IAAI,UACtB,CAAA;AAEhC,eAAO,MAAM,WAAW,WAAY,MAAM,KAAG,UAQ5C,CAAA;AAED,eAAO,MAAM,cAAc,UAClB,WAAW,EAAE,KACnB;IACD,IAAI,EAAE,UAAU,CAAA;IAChB,UAAU,EAAE,eAAe,CAAA;CA+C5B,CAAA;AAED,eAAO,MAAM,KAAK,UAAiB,WAAW;;EAuG7C,CAAA"}
|
|
@@ -0,0 +1,161 @@
|
|
|
1
|
+
import { error } from '@vltpkg/error-cause';
|
|
2
|
+
import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from '@vltpkg/dss-parser';
|
|
3
|
+
import { assertSecurityArchive, removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
|
|
4
|
+
const kindsMap = new Map([
|
|
5
|
+
['critical', 'didYouMean'],
|
|
6
|
+
['medium', 'gptDidYouMean'],
|
|
7
|
+
['0', 'didYouMean'],
|
|
8
|
+
['2', 'gptDidYouMean'],
|
|
9
|
+
[undefined, undefined],
|
|
10
|
+
]);
|
|
11
|
+
// Map numerical values to their respective kinds for comparison operations
|
|
12
|
+
const kindLevelMap = new Map([
|
|
13
|
+
['critical', 0],
|
|
14
|
+
['medium', 2],
|
|
15
|
+
['0', 0],
|
|
16
|
+
['2', 2],
|
|
17
|
+
]);
|
|
18
|
+
const kinds = new Set(kindsMap.keys());
|
|
19
|
+
export const isSquatKind = (value) => kinds.has(value);
|
|
20
|
+
export const asSquatKind = (value) => {
|
|
21
|
+
if (!isSquatKind(value)) {
|
|
22
|
+
throw error('Expected a valid squat kind', {
|
|
23
|
+
found: value,
|
|
24
|
+
validOptions: Array.from(kinds),
|
|
25
|
+
});
|
|
26
|
+
}
|
|
27
|
+
return value;
|
|
28
|
+
};
|
|
29
|
+
export const parseInternals = (nodes) => {
|
|
30
|
+
let kind;
|
|
31
|
+
let comparator;
|
|
32
|
+
let kindValue = '';
|
|
33
|
+
if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
|
|
34
|
+
kindValue = removeQuotes(asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])
|
|
35
|
+
.value);
|
|
36
|
+
}
|
|
37
|
+
else if (isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
|
|
38
|
+
kindValue = asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value;
|
|
39
|
+
}
|
|
40
|
+
// Extract comparator if present
|
|
41
|
+
if (kindValue.startsWith('>=')) {
|
|
42
|
+
comparator = '>=';
|
|
43
|
+
kindValue = kindValue.substring(2);
|
|
44
|
+
}
|
|
45
|
+
else if (kindValue.startsWith('<=')) {
|
|
46
|
+
comparator = '<=';
|
|
47
|
+
kindValue = kindValue.substring(2);
|
|
48
|
+
}
|
|
49
|
+
else if (kindValue.startsWith('>')) {
|
|
50
|
+
comparator = '>';
|
|
51
|
+
kindValue = kindValue.substring(1);
|
|
52
|
+
}
|
|
53
|
+
else if (kindValue.startsWith('<')) {
|
|
54
|
+
comparator = '<';
|
|
55
|
+
kindValue = kindValue.substring(1);
|
|
56
|
+
}
|
|
57
|
+
// Parse kind value
|
|
58
|
+
if (kindValue) {
|
|
59
|
+
if (isSquatKind(kindValue)) {
|
|
60
|
+
kind = kindValue;
|
|
61
|
+
}
|
|
62
|
+
else {
|
|
63
|
+
throw error('Expected a valid squat kind for comparison', {
|
|
64
|
+
found: kindValue,
|
|
65
|
+
validOptions: Array.from(kinds),
|
|
66
|
+
});
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
return { kind, comparator };
|
|
70
|
+
};
|
|
71
|
+
export const squat = async (state) => {
|
|
72
|
+
assertSecurityArchive(state, 'squat');
|
|
73
|
+
let internals;
|
|
74
|
+
try {
|
|
75
|
+
internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
|
|
76
|
+
}
|
|
77
|
+
catch (err) {
|
|
78
|
+
throw error('Failed to parse :squat selector', { cause: err });
|
|
79
|
+
}
|
|
80
|
+
const { kind, comparator } = internals;
|
|
81
|
+
// First pass: Remove nodes without security data
|
|
82
|
+
for (const node of state.partial.nodes) {
|
|
83
|
+
const report = state.securityArchive.get(node.id);
|
|
84
|
+
// Always exclude nodes that don't have security data or alerts
|
|
85
|
+
if (!report?.alerts || report.alerts.length === 0) {
|
|
86
|
+
removeNode(state, node);
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
// Second pass: Apply comparison filtering
|
|
90
|
+
for (const node of state.partial.nodes) {
|
|
91
|
+
const report = state.securityArchive.get(node.id);
|
|
92
|
+
// Skip if report is undefined
|
|
93
|
+
// (should never happen since we filtered above)
|
|
94
|
+
/* c8 ignore next - impossible */
|
|
95
|
+
if (!report)
|
|
96
|
+
continue;
|
|
97
|
+
// At this point we know report exists and has alerts
|
|
98
|
+
let exclude = true;
|
|
99
|
+
if (comparator) {
|
|
100
|
+
// Get the value to compare against
|
|
101
|
+
const kindLevel = kindLevelMap.get(kind);
|
|
102
|
+
/* c8 ignore next - impossible */
|
|
103
|
+
if (kindLevel === undefined)
|
|
104
|
+
break;
|
|
105
|
+
// For each alert, check if it matches the comparison criteria
|
|
106
|
+
let matchesComparison = false;
|
|
107
|
+
for (const alert of report.alerts) {
|
|
108
|
+
// Get the alert type
|
|
109
|
+
const alertType = alert.type;
|
|
110
|
+
// Find the corresponding kind for this alert type
|
|
111
|
+
const alertLevelKey = [...kindsMap.entries()].find(([_, value]) => value === alertType)?.[0];
|
|
112
|
+
if (alertLevelKey) {
|
|
113
|
+
// Get the numeric level for this alert
|
|
114
|
+
const alertLevel = kindLevelMap.get(alertLevelKey);
|
|
115
|
+
/* c8 ignore next - impossible */
|
|
116
|
+
if (alertLevel === undefined)
|
|
117
|
+
continue;
|
|
118
|
+
// Apply the comparison based on the comparator
|
|
119
|
+
switch (comparator) {
|
|
120
|
+
case '>':
|
|
121
|
+
if (alertLevel > kindLevel) {
|
|
122
|
+
matchesComparison = true;
|
|
123
|
+
}
|
|
124
|
+
break;
|
|
125
|
+
case '<':
|
|
126
|
+
if (alertLevel < kindLevel) {
|
|
127
|
+
matchesComparison = true;
|
|
128
|
+
}
|
|
129
|
+
break;
|
|
130
|
+
case '>=':
|
|
131
|
+
if (alertLevel >= kindLevel) {
|
|
132
|
+
matchesComparison = true;
|
|
133
|
+
}
|
|
134
|
+
break;
|
|
135
|
+
case '<=':
|
|
136
|
+
if (alertLevel <= kindLevel) {
|
|
137
|
+
matchesComparison = true;
|
|
138
|
+
}
|
|
139
|
+
break;
|
|
140
|
+
}
|
|
141
|
+
// If we found a match, we can stop checking other alerts
|
|
142
|
+
if (matchesComparison)
|
|
143
|
+
break;
|
|
144
|
+
}
|
|
145
|
+
}
|
|
146
|
+
// Exclude the node if it doesn't match the comparison
|
|
147
|
+
exclude = !matchesComparison;
|
|
148
|
+
}
|
|
149
|
+
else {
|
|
150
|
+
// Original exact match behavior
|
|
151
|
+
const alertName = kindsMap.get(kind);
|
|
152
|
+
exclude = !report.alerts.some(alert => alert.type === alertName);
|
|
153
|
+
}
|
|
154
|
+
if (exclude) {
|
|
155
|
+
removeNode(state, node);
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
removeDanglingEdges(state);
|
|
159
|
+
return state;
|
|
160
|
+
};
|
|
161
|
+
//# sourceMappingURL=squat.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"squat.js","sourceRoot":"","sources":["../../../src/pseudo/squat.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EACL,qBAAqB,EACrB,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AAarB,MAAM,QAAQ,GAAG,IAAI,GAAG,CAA8B;IACpD,CAAC,UAAU,EAAE,YAAY,CAAC;IAC1B,CAAC,QAAQ,EAAE,eAAe,CAAC;IAC3B,CAAC,GAAG,EAAE,YAAY,CAAC;IACnB,CAAC,GAAG,EAAE,eAAe,CAAC;IACtB,CAAC,SAAS,EAAE,SAAS,CAAC;CACvB,CAAC,CAAA;AAEF,2EAA2E;AAC3E,MAAM,YAAY,GAAG,IAAI,GAAG,CAAqB;IAC/C,CAAC,UAAU,EAAE,CAAC,CAAC;IACf,CAAC,QAAQ,EAAE,CAAC,CAAC;IACb,CAAC,GAAG,EAAE,CAAC,CAAC;IACR,CAAC,GAAG,EAAE,CAAC,CAAC;CACT,CAAC,CAAA;AAEF,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAA;AAEtC,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,KAAc,EAAuB,EAAE,CACjE,KAAK,CAAC,GAAG,CAAC,KAAmB,CAAC,CAAA;AAEhC,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,KAAc,EAAc,EAAE;IACxD,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;QACxB,MAAM,KAAK,CAAC,6BAA6B,EAAE;YACzC,KAAK,EAAE,KAAK;YACZ,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SAChC,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EAIpB,EAAE;IACF,IAAI,IAAgB,CAAA;IACpB,IAAI,UAA2B,CAAA;IAE/B,IAAI,SAAS,GAAG,EAAE,CAAA;IAClB,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,SAAS,GAAG,YAAY,CACtB,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,SAAS,GAAG,SAAS,CACnB,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAC7C,CAAC,KAAK,CAAA;IACT,CAAC;IAED,gCAAgC;IAChC,IAAI,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,UAAU,GAAG,IAAI,CAAA;QACjB,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;IACpC,CAAC;SAAM,IAAI,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACtC,UAAU,GAAG,IAAI,CAAA;QACjB,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;IACpC,CAAC;SAAM,IAAI,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrC,UAAU,GAAG,GAAG,CAAA;QAChB,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;IACpC,CAAC;SAAM,IAAI,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrC,UAAU,GAAG,GAAG,CAAA;QAChB,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;IACpC,CAAC;IAED,mBAAmB;IACnB,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,WAAW,CAAC,SAAS,CAAC,EAAE,CAAC;YAC3B,IAAI,GAAG,SAAS,CAAA;QAClB,CAAC;aAAM,CAAC;YACN,MAAM,KAAK,CAAC,4CAA4C,EAAE;gBACxD,KAAK,EAAE,SAAS;gBAChB,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;aAChC,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,CAAA;AAC7B,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,KAAK,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAChD,qBAAqB,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;IAErC,IAAI,SAAS,CAAA;IACb,IAAI,CAAC;QACH,SAAS,GAAG,cAAc,CACxB,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAC/C,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,iCAAiC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;IAChE,CAAC;IAED,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,SAAS,CAAA;IAEtC,iDAAiD;IACjD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjD,+DAA+D;QAC/D,IAAI,CAAC,MAAM,EAAE,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClD,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,0CAA0C;IAC1C,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QAEjD,8BAA8B;QAC9B,gDAAgD;QAChD,iCAAiC;QACjC,IAAI,CAAC,MAAM;YAAE,SAAQ;QAErB,qDAAqD;QACrD,IAAI,OAAO,GAAG,IAAI,CAAA;QAElB,IAAI,UAAU,EAAE,CAAC;YACf,mCAAmC;YACnC,MAAM,SAAS,GAAG,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YACxC,iCAAiC;YACjC,IAAI,SAAS,KAAK,SAAS;gBAAE,MAAK;YAElC,8DAA8D;YAC9D,IAAI,iBAAiB,GAAG,KAAK,CAAA;YAC7B,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;gBAClC,qBAAqB;gBACrB,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAA;gBAE5B,kDAAkD;gBAClD,MAAM,aAAa,GAAG,CAAC,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAChD,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,KAAK,KAAK,SAAS,CACpC,EAAE,CAAC,CAAC,CAAC,CAAA;gBAEN,IAAI,aAAa,EAAE,CAAC;oBAClB,uCAAuC;oBACvC,MAAM,UAAU,GAAG,YAAY,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;oBAClD,iCAAiC;oBACjC,IAAI,UAAU,KAAK,SAAS;wBAAE,SAAQ;oBAEtC,+CAA+C;oBAC/C,QAAQ,UAAU,EAAE,CAAC;wBACnB,KAAK,GAAG;4BACN,IAAI,UAAU,GAAG,SAAS,EAAE,CAAC;gCAC3B,iBAAiB,GAAG,IAAI,CAAA;4BAC1B,CAAC;4BACD,MAAK;wBACP,KAAK,GAAG;4BACN,IAAI,UAAU,GAAG,SAAS,EAAE,CAAC;gCAC3B,iBAAiB,GAAG,IAAI,CAAA;4BAC1B,CAAC;4BACD,MAAK;wBACP,KAAK,IAAI;4BACP,IAAI,UAAU,IAAI,SAAS,EAAE,CAAC;gCAC5B,iBAAiB,GAAG,IAAI,CAAA;4BAC1B,CAAC;4BACD,MAAK;wBACP,KAAK,IAAI;4BACP,IAAI,UAAU,IAAI,SAAS,EAAE,CAAC;gCAC5B,iBAAiB,GAAG,IAAI,CAAA;4BAC1B,CAAC;4BACD,MAAK;oBACT,CAAC;oBAED,yDAAyD;oBACzD,IAAI,iBAAiB;wBAAE,MAAK;gBAC9B,CAAC;YACH,CAAC;YAED,sDAAsD;YACtD,OAAO,GAAG,CAAC,iBAAiB,CAAA;QAC9B,CAAC;aAAM,CAAC;YACN,gCAAgC;YAChC,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YACpC,OAAO,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,SAAS,CAAC,CAAA;QAClE,CAAC;QAED,IAAI,OAAO,EAAE,CAAC;YACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport {\n asPostcssNodeWithChildren,\n asStringNode,\n asTagNode,\n isStringNode,\n isTagNode,\n} from '@vltpkg/dss-parser'\nimport {\n assertSecurityArchive,\n removeDanglingEdges,\n removeNode,\n removeQuotes,\n} from './helpers.ts'\nimport type { ParserState } from '../types.ts'\nimport type { PostcssNode } from '@vltpkg/dss-parser'\n\nexport type SquatKinds = '0' | '2' | 'critical' | 'medium' | undefined\n\nexport type SquatAlertTypes =\n | 'didYouMean'\n | 'gptDidYouMean'\n | undefined\n\nexport type SquatComparator = '>' | '<' | '>=' | '<=' | undefined\n\nconst kindsMap = new Map<SquatKinds, SquatAlertTypes>([\n ['critical', 'didYouMean'],\n ['medium', 'gptDidYouMean'],\n ['0', 'didYouMean'],\n ['2', 'gptDidYouMean'],\n [undefined, undefined],\n])\n\n// Map numerical values to their respective kinds for comparison operations\nconst kindLevelMap = new Map<SquatKinds, number>([\n ['critical', 0],\n ['medium', 2],\n ['0', 0],\n ['2', 2],\n])\n\nconst kinds = new Set(kindsMap.keys())\n\nexport const isSquatKind = (value?: string): value is SquatKinds =>\n kinds.has(value as SquatKinds)\n\nexport const asSquatKind = (value?: string): SquatKinds => {\n if (!isSquatKind(value)) {\n throw error('Expected a valid squat kind', {\n found: value,\n validOptions: Array.from(kinds),\n })\n }\n return value\n}\n\nexport const parseInternals = (\n nodes: PostcssNode[],\n): {\n kind: SquatKinds\n comparator: SquatComparator\n} => {\n let kind: SquatKinds\n let comparator: SquatComparator\n\n let kindValue = ''\n if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {\n kindValue = removeQuotes(\n asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n .value,\n )\n } else if (\n isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n ) {\n kindValue = asTagNode(\n asPostcssNodeWithChildren(nodes[0]).nodes[0],\n ).value\n }\n\n // Extract comparator if present\n if (kindValue.startsWith('>=')) {\n comparator = '>='\n kindValue = kindValue.substring(2)\n } else if (kindValue.startsWith('<=')) {\n comparator = '<='\n kindValue = kindValue.substring(2)\n } else if (kindValue.startsWith('>')) {\n comparator = '>'\n kindValue = kindValue.substring(1)\n } else if (kindValue.startsWith('<')) {\n comparator = '<'\n kindValue = kindValue.substring(1)\n }\n\n // Parse kind value\n if (kindValue) {\n if (isSquatKind(kindValue)) {\n kind = kindValue\n } else {\n throw error('Expected a valid squat kind for comparison', {\n found: kindValue,\n validOptions: Array.from(kinds),\n })\n }\n }\n\n return { kind, comparator }\n}\n\nexport const squat = async (state: ParserState) => {\n assertSecurityArchive(state, 'squat')\n\n let internals\n try {\n internals = parseInternals(\n asPostcssNodeWithChildren(state.current).nodes,\n )\n } catch (err) {\n throw error('Failed to parse :squat selector', { cause: err })\n }\n\n const { kind, comparator } = internals\n\n // First pass: Remove nodes without security data\n for (const node of state.partial.nodes) {\n const report = state.securityArchive.get(node.id)\n // Always exclude nodes that don't have security data or alerts\n if (!report?.alerts || report.alerts.length === 0) {\n removeNode(state, node)\n }\n }\n\n // Second pass: Apply comparison filtering\n for (const node of state.partial.nodes) {\n const report = state.securityArchive.get(node.id)\n\n // Skip if report is undefined\n // (should never happen since we filtered above)\n /* c8 ignore next - impossible */\n if (!report) continue\n\n // At this point we know report exists and has alerts\n let exclude = true\n\n if (comparator) {\n // Get the value to compare against\n const kindLevel = kindLevelMap.get(kind)\n /* c8 ignore next - impossible */\n if (kindLevel === undefined) break\n\n // For each alert, check if it matches the comparison criteria\n let matchesComparison = false\n for (const alert of report.alerts) {\n // Get the alert type\n const alertType = alert.type\n\n // Find the corresponding kind for this alert type\n const alertLevelKey = [...kindsMap.entries()].find(\n ([_, value]) => value === alertType,\n )?.[0]\n\n if (alertLevelKey) {\n // Get the numeric level for this alert\n const alertLevel = kindLevelMap.get(alertLevelKey)\n /* c8 ignore next - impossible */\n if (alertLevel === undefined) continue\n\n // Apply the comparison based on the comparator\n switch (comparator) {\n case '>':\n if (alertLevel > kindLevel) {\n matchesComparison = true\n }\n break\n case '<':\n if (alertLevel < kindLevel) {\n matchesComparison = true\n }\n break\n case '>=':\n if (alertLevel >= kindLevel) {\n matchesComparison = true\n }\n break\n case '<=':\n if (alertLevel <= kindLevel) {\n matchesComparison = true\n }\n break\n }\n\n // If we found a match, we can stop checking other alerts\n if (matchesComparison) break\n }\n }\n\n // Exclude the node if it doesn't match the comparison\n exclude = !matchesComparison\n } else {\n // Original exact match behavior\n const alertName = kindsMap.get(kind)\n exclude = !report.alerts.some(alert => alert.type === alertName)\n }\n\n if (exclude) {\n removeNode(state, node)\n }\n }\n\n removeDanglingEdges(state)\n\n return state\n}\n"]}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Filters out any node that does not have a **suspiciousStarActivity** report alert.
|
|
3
|
+
*/
|
|
4
|
+
export declare const suspicious: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
7
|
+
//# sourceMappingURL=suspicious.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"suspicious.d.ts","sourceRoot":"","sources":["../../../src/pseudo/suspicious.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,UAAU;;EAGtB,CAAA"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { createSecuritySelectorFilter } from "./helpers.js";
|
|
2
|
+
/**
|
|
3
|
+
* Filters out any node that does not have a **suspiciousStarActivity** report alert.
|
|
4
|
+
*/
|
|
5
|
+
export const suspicious = createSecuritySelectorFilter('suspicious', 'suspiciousStarActivity');
|
|
6
|
+
//# sourceMappingURL=suspicious.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"suspicious.js","sourceRoot":"","sources":["../../../src/pseudo/suspicious.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,4BAA4B,EAAE,MAAM,cAAc,CAAA;AAE3D;;GAEG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,4BAA4B,CACpD,YAAY,EACZ,wBAAwB,CACzB,CAAA","sourcesContent":["import { createSecuritySelectorFilter } from './helpers.ts'\n\n/**\n * Filters out any node that does not have a **suspiciousStarActivity** report alert.\n */\nexport const suspicious = createSecuritySelectorFilter(\n 'suspicious',\n 'suspiciousStarActivity',\n)\n"]}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Filters out any node that does not have a **telemetry** report alert.
|
|
3
|
+
*/
|
|
4
|
+
export declare const tracker: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
7
|
+
//# sourceMappingURL=tracker.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tracker.d.ts","sourceRoot":"","sources":["../../../src/pseudo/tracker.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,OAAO;;EAGnB,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tracker.js","sourceRoot":"","sources":["../../../src/pseudo/tracker.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,4BAA4B,EAAE,MAAM,cAAc,CAAA;AAE3D;;GAEG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,4BAA4B,CACjD,SAAS,EACT,WAAW,CACZ,CAAA","sourcesContent":["import { createSecuritySelectorFilter } from './helpers.ts'\n\n/**\n * Filters out any node that does not have a **telemetry** report alert.\n */\nexport const tracker = createSecuritySelectorFilter(\n 'tracker',\n 'telemetry',\n)\n"]}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Filters out any node that does not have a **trivialPackage** report alert.
|
|
3
|
+
*/
|
|
4
|
+
export declare const trivial: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
7
|
+
//# sourceMappingURL=trivial.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"trivial.d.ts","sourceRoot":"","sources":["../../../src/pseudo/trivial.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,OAAO;;EAGnB,CAAA"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { createSecuritySelectorFilter } from "./helpers.js";
|
|
2
|
+
/**
|
|
3
|
+
* Filters out any node that does not have a **trivialPackage** report alert.
|
|
4
|
+
*/
|
|
5
|
+
export const trivial = createSecuritySelectorFilter('trivial', 'trivialPackage');
|
|
6
|
+
//# sourceMappingURL=trivial.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"trivial.js","sourceRoot":"","sources":["../../../src/pseudo/trivial.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,4BAA4B,EAAE,MAAM,cAAc,CAAA;AAE3D;;GAEG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,4BAA4B,CACjD,SAAS,EACT,gBAAgB,CACjB,CAAA","sourcesContent":["import { createSecuritySelectorFilter } from './helpers.ts'\n\n/**\n * Filters out any node that does not have a **trivialPackage** report alert.\n */\nexport const trivial = createSecuritySelectorFilter(\n 'trivial',\n 'trivialPackage',\n)\n"]}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import type { ParserState } from '../types.ts';
|
|
2
|
+
/**
|
|
3
|
+
* :type(str) Pseudo-Element will match only nodes that are of
|
|
4
|
+
* the same type as the value used. The type is determined by the
|
|
5
|
+
* first part of the dependency ID.
|
|
6
|
+
*/
|
|
7
|
+
export declare const type: (state: ParserState) => Promise<ParserState>;
|
|
8
|
+
//# sourceMappingURL=type.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"type.d.ts","sourceRoot":"","sources":["../../../src/pseudo/type.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAE9C;;;;GAIG;AACH,eAAO,MAAM,IAAI,UAAiB,WAAW,yBAY5C,CAAA"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
import { splitDepID } from '@vltpkg/dep-id/browser';
|
|
2
|
+
import { asPostcssNodeWithChildren, asTagNode, } from '@vltpkg/dss-parser';
|
|
3
|
+
import { removeDanglingEdges, removeNode } from "./helpers.js";
|
|
4
|
+
/**
|
|
5
|
+
* :type(str) Pseudo-Element will match only nodes that are of
|
|
6
|
+
* the same type as the value used. The type is determined by the
|
|
7
|
+
* first part of the dependency ID.
|
|
8
|
+
*/
|
|
9
|
+
export const type = async (state) => {
|
|
10
|
+
const type = asPostcssNodeWithChildren(state.current);
|
|
11
|
+
const selector = asPostcssNodeWithChildren(type.nodes[0]);
|
|
12
|
+
const name = asTagNode(selector.nodes[0]).value;
|
|
13
|
+
for (const node of state.partial.nodes) {
|
|
14
|
+
const nodeType = splitDepID(node.id)[0];
|
|
15
|
+
if (nodeType !== name) {
|
|
16
|
+
removeNode(state, node);
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
removeDanglingEdges(state);
|
|
20
|
+
return state;
|
|
21
|
+
};
|
|
22
|
+
//# sourceMappingURL=type.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"type.js","sourceRoot":"","sources":["../../../src/pseudo/type.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACnD,OAAO,EACL,yBAAyB,EACzB,SAAS,GACV,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EAAE,mBAAmB,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AAG9D;;;;GAIG;AACH,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC/C,MAAM,IAAI,GAAG,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;IACrD,MAAM,QAAQ,GAAG,yBAAyB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;IACzD,MAAM,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAC/C,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;QACvC,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;YACtB,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IACD,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAC1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { splitDepID } from '@vltpkg/dep-id/browser'\nimport {\n asPostcssNodeWithChildren,\n asTagNode,\n} from '@vltpkg/dss-parser'\nimport { removeDanglingEdges, removeNode } from './helpers.ts'\nimport type { ParserState } from '../types.ts'\n\n/**\n * :type(str) Pseudo-Element will match only nodes that are of\n * the same type as the value used. The type is determined by the\n * first part of the dependency ID.\n */\nexport const type = async (state: ParserState) => {\n const type = asPostcssNodeWithChildren(state.current)\n const selector = asPostcssNodeWithChildren(type.nodes[0])\n const name = asTagNode(selector.nodes[0]).value\n for (const node of state.partial.nodes) {\n const nodeType = splitDepID(node.id)[0]\n if (nodeType !== name) {\n removeNode(state, node)\n }\n }\n removeDanglingEdges(state)\n return state\n}\n"]}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Filters out any node that does not have a **troll** report alert.
|
|
3
|
+
*/
|
|
4
|
+
export declare const undesirable: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
7
|
+
//# sourceMappingURL=undesirable.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"undesirable.d.ts","sourceRoot":"","sources":["../../../src/pseudo/undesirable.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,WAAW;;EAGvB,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"undesirable.js","sourceRoot":"","sources":["../../../src/pseudo/undesirable.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,4BAA4B,EAAE,MAAM,cAAc,CAAA;AAE3D;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,4BAA4B,CACrD,aAAa,EACb,OAAO,CACR,CAAA","sourcesContent":["import { createSecuritySelectorFilter } from './helpers.ts'\n\n/**\n * Filters out any node that does not have a **troll** report alert.\n */\nexport const undesirable = createSecuritySelectorFilter(\n 'undesirable',\n 'troll',\n)\n"]}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Filters out any node that does not have a **newAuthor** report alert.
|
|
3
|
+
*/
|
|
4
|
+
export declare const unknown: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
7
|
+
//# sourceMappingURL=unknown.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"unknown.d.ts","sourceRoot":"","sources":["../../../src/pseudo/unknown.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,OAAO;;EAGnB,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"unknown.js","sourceRoot":"","sources":["../../../src/pseudo/unknown.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,4BAA4B,EAAE,MAAM,cAAc,CAAA;AAE3D;;GAEG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,4BAA4B,CACjD,SAAS,EACT,WAAW,CACZ,CAAA","sourcesContent":["import { createSecuritySelectorFilter } from './helpers.ts'\n\n/**\n * Filters out any node that does not have a **newAuthor** report alert.\n */\nexport const unknown = createSecuritySelectorFilter(\n 'unknown',\n 'newAuthor',\n)\n"]}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Filters out any node that does not have a **unmaintained** report alert.
|
|
3
|
+
*/
|
|
4
|
+
export declare const unmaintained: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
7
|
+
//# sourceMappingURL=unmaintained.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"unmaintained.d.ts","sourceRoot":"","sources":["../../../src/pseudo/unmaintained.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,YAAY;;EAGxB,CAAA"}
|