snyk-cpp-plugin 2.15.1 → 2.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/common.d.ts +5 -0
- package/dist/common.js +7 -1
- package/dist/common.js.map +1 -1
- package/dist/display/display.js +5 -7
- package/dist/display/display.js.map +1 -1
- package/dist/display/index.js +23 -6
- package/dist/display/index.js.map +1 -1
- package/dist/extract.d.ts +6 -0
- package/dist/extract.js +77 -0
- package/dist/extract.js.map +1 -0
- package/dist/find.d.ts +4 -3
- package/dist/find.js +17 -14
- package/dist/find.js.map +1 -1
- package/dist/hash.d.ts +1 -1
- package/dist/hash.js +3 -3
- package/dist/hash.js.map +1 -1
- package/dist/scan.js +30 -12
- package/dist/scan.js.map +1 -1
- package/dist/signatures.d.ts +1 -1
- package/dist/signatures.js +6 -5
- package/dist/signatures.js.map +1 -1
- package/dist/types.d.ts +1 -0
- package/dist/utils/error.d.ts +6 -0
- package/dist/utils/error.js +17 -0
- package/dist/utils/error.js.map +1 -0
- package/dist/utils/fs.d.ts +2 -0
- package/dist/utils/fs.js +12 -0
- package/dist/utils/fs.js.map +1 -0
- package/package.json +3 -1
package/dist/common.d.ts
CHANGED
|
@@ -1,2 +1,7 @@
|
|
|
1
1
|
export declare const isWindowsOS: () => boolean;
|
|
2
2
|
export declare const MAX_SUPPORTED_FILE_SIZE: number;
|
|
3
|
+
export declare const HASHING_CONCURRENCY_LEVEL: number;
|
|
4
|
+
export declare const DECOMPRESSING_CONCURRENCY_LEVEL: number;
|
|
5
|
+
export declare const DEFAULT_DECOMPRESSING_DEPTH = 1;
|
|
6
|
+
export declare const EXTRACTED_DIR_SUFFIX = ".extracted";
|
|
7
|
+
export declare const isSupportedSize: (size: number) => boolean;
|
package/dist/common.js
CHANGED
|
@@ -1,9 +1,15 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.MAX_SUPPORTED_FILE_SIZE = exports.isWindowsOS = void 0;
|
|
3
|
+
exports.isSupportedSize = exports.EXTRACTED_DIR_SUFFIX = exports.DEFAULT_DECOMPRESSING_DEPTH = exports.DECOMPRESSING_CONCURRENCY_LEVEL = exports.HASHING_CONCURRENCY_LEVEL = exports.MAX_SUPPORTED_FILE_SIZE = exports.isWindowsOS = void 0;
|
|
4
|
+
const os = require("os");
|
|
4
5
|
const osName = require('os-name');
|
|
5
6
|
exports.isWindowsOS = () => osName()
|
|
6
7
|
.toLowerCase()
|
|
7
8
|
.indexOf('windows') === 0;
|
|
8
9
|
exports.MAX_SUPPORTED_FILE_SIZE = 2 * 1024 * 1024 * 1024 - 1;
|
|
10
|
+
exports.HASHING_CONCURRENCY_LEVEL = os.cpus().length;
|
|
11
|
+
exports.DECOMPRESSING_CONCURRENCY_LEVEL = os.cpus().length * 8;
|
|
12
|
+
exports.DEFAULT_DECOMPRESSING_DEPTH = 1;
|
|
13
|
+
exports.EXTRACTED_DIR_SUFFIX = '.extracted';
|
|
14
|
+
exports.isSupportedSize = (size) => 0 < size && size < exports.MAX_SUPPORTED_FILE_SIZE;
|
|
9
15
|
//# sourceMappingURL=common.js.map
|
package/dist/common.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"common.js","sourceRoot":"","sources":["../lib/common.ts"],"names":[],"mappings":";;;AAAA,MAAM,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;AAErB,QAAA,WAAW,GAAG,GAAY,EAAE,CACvC,MAAM,EAAE;KACL,WAAW,EAAE;KACb,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;AAEjB,QAAA,uBAAuB,GAAW,CAAC,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,GAAG,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"common.js","sourceRoot":"","sources":["../lib/common.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AAEzB,MAAM,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;AAErB,QAAA,WAAW,GAAG,GAAY,EAAE,CACvC,MAAM,EAAE;KACL,WAAW,EAAE;KACb,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;AAEjB,QAAA,uBAAuB,GAAW,CAAC,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,GAAG,CAAC,CAAC;AAE7D,QAAA,yBAAyB,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC;AAE7C,QAAA,+BAA+B,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC;AAEvD,QAAA,2BAA2B,GAAG,CAAC,CAAC;AAEhC,QAAA,oBAAoB,GAAG,YAAY,CAAC;AAEpC,QAAA,eAAe,GAAG,CAAC,IAAY,EAAW,EAAE,CACvD,CAAC,GAAG,IAAI,IAAI,IAAI,GAAG,+BAAuB,CAAC"}
|
package/dist/display/display.js
CHANGED
|
@@ -30,7 +30,7 @@ function findDependencyLines(depGraph, options, depsFilePaths, fileSignaturesDet
|
|
|
30
30
|
else if (displayDeps) {
|
|
31
31
|
return displayDependencies(depGraph, fileSignaturesDetails);
|
|
32
32
|
}
|
|
33
|
-
return [
|
|
33
|
+
return [];
|
|
34
34
|
}
|
|
35
35
|
function selectDisplayStrategy(options, depGraph, testResult) {
|
|
36
36
|
const { depsFilePaths, issues, issuesData, fileSignaturesDetails, } = testResult;
|
|
@@ -49,7 +49,7 @@ function displayDependencies(depGraph, fileSignaturesDetails, depsFilePaths = {}
|
|
|
49
49
|
}
|
|
50
50
|
result.push(chalk.whiteBright('\nDependencies:\n'));
|
|
51
51
|
for (const { name, version } of dependencies) {
|
|
52
|
-
const dependencyId = `${name}@${version}
|
|
52
|
+
const dependencyId = `${name}@${version}`;
|
|
53
53
|
result.push(`\n${common_1.leftPad(dependencyId, 2)}`);
|
|
54
54
|
if (fileSignaturesDetails && ((_a = fileSignaturesDetails[dependencyId]) === null || _a === void 0 ? void 0 : _a.confidence)) {
|
|
55
55
|
result.push(common_1.leftPad(`confidence: ${fileSignaturesDetails[dependencyId].confidence.toFixed(3)}`, 2));
|
|
@@ -108,11 +108,9 @@ function displayIssues(depGraph, issues, issuesData, supportUnmanagedVulnDB = fa
|
|
|
108
108
|
? chalk.redBright(issuesCount)
|
|
109
109
|
: chalk.greenBright(issuesCount);
|
|
110
110
|
const identifiedUnmanagedDeps = `Tested ${dependenciesCountMsg} for known issues, found ${issuesFound}.\n`;
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
: failedToIdentifyUnmanagedDeps;
|
|
115
|
-
result.push(endlineMsg);
|
|
111
|
+
if ((dependencies === null || dependencies === void 0 ? void 0 : dependencies.length) > 0) {
|
|
112
|
+
result.push(identifiedUnmanagedDeps);
|
|
113
|
+
}
|
|
116
114
|
return result;
|
|
117
115
|
}
|
|
118
116
|
exports.displayIssues = displayIssues;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"display.js","sourceRoot":"","sources":["../../lib/display/display.ts"],"names":[],"mappings":";;;AAAA,+BAA+B;AAW/B,qCAAmE;AACnE,4CAA0C;AAE1C,SAAgB,iBAAiB,CAAC,WAAyB;IACzD,MAAM,MAAM,GAAa,CAAC,KAAK,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC;IAC3D,KAAK,MAAM,EAAE,KAAK,GAAG,EAAE,EAAE,IAAI,WAAW,EAAE;QACxC,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,EAAE,IAAI,KAAK,EAAE;YACjC,KAAK,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,IAAI,EAAE;gBACvC,IAAI,IAAI,KAAI,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,MAAM,CAAA,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE;oBACpD,MAAM,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;iBAC9C;aACF;SACF;KACF;IACD,IAAI,MAAM,CAAC,MAAM,EAAE;QACjB,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;KACjB;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAfD,8CAeC;AAED,SAAS,mBAAmB,CAC1B,QAAkB,EAClB,OAA4B,EAC5B,aAA6B,EAC7B,qBAA6C;IAE7C,MAAM,oBAAoB,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC,iBAAiB,CAAC,CAAC,IAAI,KAAK,CAAC;IAC9E,MAAM,WAAW,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC,YAAY,CAAC,CAAC,IAAI,KAAK,CAAC;IAEhE,IAAI,oBAAoB,EAAE;QACxB,OAAO,mBAAmB,CAAC,QAAQ,EAAE,qBAAqB,EAAE,aAAa,CAAC,CAAC;KAC5E;SAAM,IAAI,WAAW,EAAE;QACtB,OAAO,mBAAmB,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC;KAC7D;IAED,OAAO,
|
|
1
|
+
{"version":3,"file":"display.js","sourceRoot":"","sources":["../../lib/display/display.ts"],"names":[],"mappings":";;;AAAA,+BAA+B;AAW/B,qCAAmE;AACnE,4CAA0C;AAE1C,SAAgB,iBAAiB,CAAC,WAAyB;IACzD,MAAM,MAAM,GAAa,CAAC,KAAK,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC;IAC3D,KAAK,MAAM,EAAE,KAAK,GAAG,EAAE,EAAE,IAAI,WAAW,EAAE;QACxC,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,EAAE,IAAI,KAAK,EAAE;YACjC,KAAK,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,IAAI,EAAE;gBACvC,IAAI,IAAI,KAAI,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,MAAM,CAAA,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE;oBACpD,MAAM,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;iBAC9C;aACF;SACF;KACF;IACD,IAAI,MAAM,CAAC,MAAM,EAAE;QACjB,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;KACjB;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAfD,8CAeC;AAED,SAAS,mBAAmB,CAC1B,QAAkB,EAClB,OAA4B,EAC5B,aAA6B,EAC7B,qBAA6C;IAE7C,MAAM,oBAAoB,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC,iBAAiB,CAAC,CAAC,IAAI,KAAK,CAAC;IAC9E,MAAM,WAAW,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC,YAAY,CAAC,CAAC,IAAI,KAAK,CAAC;IAEhE,IAAI,oBAAoB,EAAE;QACxB,OAAO,mBAAmB,CAAC,QAAQ,EAAE,qBAAqB,EAAE,aAAa,CAAC,CAAC;KAC5E;SAAM,IAAI,WAAW,EAAE;QACtB,OAAO,mBAAmB,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC;KAC7D;IAED,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAgB,qBAAqB,CACnC,OAA4B,EAC5B,QAAkB,EAClB,UAAsB;IAEtB,MAAM,EACJ,aAAa,EACb,MAAM,EACN,UAAU,EACV,qBAAqB,GACtB,GAAG,UAAU,CAAC;IACf,MAAM,iBAAiB,GAAG,mBAAmB,CAC3C,QAAQ,EACR,OAAO,EACP,aAAa,EACb,qBAAqB,CACtB,CAAC;IACF,MAAM,aAAa,GAAG,aAAa,CACjC,QAAQ,EACR,MAAM,EACN,UAAU,EACV,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,sBAAsB,CAChC,CAAC;IACF,OAAO,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC;AAC5C,CAAC;AAxBD,sDAwBC;AAED,SAAgB,mBAAmB,CACjC,QAAkB,EAClB,qBAA6C,EAC7C,gBAA+B,EAAE;;IAEjC,IAAI,MAAM,GAAa,EAAE,CAAC;IAC1B,MAAM,YAAY,GAAG,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,UAAU,EAAE,CAAC;IAC5C,MAAM,eAAe,GAAG,CAAA,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,MAAM,IAAG,CAAC,CAAC;IAEjD,IAAI,CAAC,eAAe,EAAE;QACpB,OAAO,MAAM,CAAC;KACf;IAED,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAAC,CAAC;IACpD,KAAK,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,YAAY,EAAE;QAC5C,MAAM,YAAY,GAAG,GAAG,IAAI,IAAI,OAAO,EAAE,CAAC;QAC1C,MAAM,CAAC,IAAI,CAAC,KAAK,gBAAO,CAAC,YAAY,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;QAE7C,IACE,qBAAqB,WACrB,qBAAqB,CAAC,YAAY,CAAC,0CAAE,UAAU,CAAA,EAC/C;YACA,MAAM,CAAC,IAAI,CACT,gBAAO,CACL,eAAe,qBAAqB,CAAC,YAAY,CAAC,CAAC,UAAU,CAAC,OAAO,CACnE,CAAC,CACF,EAAE,EACH,CAAC,CACF,CACF,CAAC;SACH;QAED,IAAI,CAAC,gBAAO,CAAC,aAAa,CAAC,EAAE;YAC3B,MAAM,0BAA0B,GAAG,oBAAoB,CACrD,aAAa,EACb,YAAY,CACb,CAAC;YACF,MAAM,GAAG,CAAC,GAAG,MAAM,EAAE,GAAG,0BAA0B,CAAC,CAAC;SACrD;KACF;IAED,IAAI,MAAM,CAAC,MAAM,EAAE;QACjB,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;KACjB;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AA7CD,kDA6CC;AAED,SAAS,oBAAoB,CAC3B,aAA4B,EAC5B,YAAoB;IAEpB,MAAM,yBAAyB,GAAG,CAAC,CAAC;IACpC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,CAAC,IAAI,CAAC,GAAG,gBAAO,CAAC,iBAAiB,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;IAChD,MAAM,kBAAkB,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC,KAAK,CAC1D,CAAC,EACD,yBAAyB,CAC1B,CAAC;IAEF,KAAK,MAAM,iBAAiB,IAAI,kBAAkB,EAAE;QAClD,MAAM,CAAC,IAAI,CAAC,gBAAO,CAAC,KAAK,iBAAiB,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;KACnD;IAED,IAAI,aAAa,CAAC,YAAY,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;QAC1C,MAAM,CAAC,IAAI,CACT,gBAAO,CACL,WAAW,aAAa,CAAC,YAAY,CAAC,CAAC,MAAM;YAC3C,yBAAyB,aAAa,EACxC,CAAC,CACF,CACF,CAAC;KACH;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAgB,aAAa,CAC3B,QAAkB,EAClB,MAAe,EACf,UAAsB,EACtB,sBAAsB,GAAG,KAAK;IAE9B,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,YAAY,GAAG,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,UAAU,EAAE,CAAC;IAC5C,MAAM,oBAAoB,GACxB,CAAA,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,MAAM,KAAI,CAAC;QACvB,CAAC,CAAC,cAAc;QAChB,CAAC,CAAC,GAAG,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,MAAM,eAAe,CAAC;IAE7C,MAAM,WAAW,GACf,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,SAAS,CAAC;IAE7D,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;IAEpC,IAAI,SAAS,EAAE;QACb,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,CAAC;QAC1C,KAAK,MAAM,EACT,OAAO,EAAE,IAAI,EACb,UAAU,EAAE,OAAO,EACnB,OAAO,EAAE,MAAM,GAChB,IAAI,MAAM,EAAE;YACX,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;YAC/C,MAAM,KAAK,GAAG,2BAAkB,CAAC,QAAQ,CAAC,CAAC;YAC3C,MAAM,gBAAgB,GAAG,KAAK,CAAC,SAAS,mBAAU,CAAC,QAAQ,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC;YAC1E,MAAM,cAAc,GAAG,sBAAsB;gBAC3C,CAAC,CAAC,iCAAiC,MAAM,EAAE;gBAC3C,CAAC,CAAC,oCAAoC,MAAM,EAAE,CAAC;YACjD,MAAM,iBAAiB,GAAG,gBAAO,CAC/B,uBAAuB,IAAI,IAAI,OAAO,EAAE,CACzC,CAAC;YACF,MAAM,OAAO,GAAG,gBAAO,CAAC,QAAQ,cAAc,EAAE,CAAC,CAAC;YAClD,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAC9B,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YAC/B,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;SACtB;QACD,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;KACjB;IAED,MAAM,WAAW,GAAG,SAAS;QAC3B,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,WAAW,CAAC;QAC9B,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;IAEnC,MAAM,uBAAuB,GAAG,UAAU,oBAAoB,4BAA4B,WAAW,KAAK,CAAC;IAC3G,IAAI,CAAA,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,MAAM,IAAG,CAAC,EAAE;QAC5B,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;KACtC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AApDD,sCAoDC;AAED,SAAgB,aAAa,CAAC,MAAgB;IAC5C,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,MAAM,CAAC,MAAM,EAAE;QACjB,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;KACxC;IACD,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE;QAC1B,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;KACpB;IACD,IAAI,MAAM,CAAC,MAAM,EAAE;QACjB,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;KACjB;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAZD,sCAYC"}
|
package/dist/display/index.js
CHANGED
|
@@ -5,9 +5,15 @@ const chalk = require("chalk");
|
|
|
5
5
|
const debug_1 = require("../debug");
|
|
6
6
|
const dep_graph_1 = require("@snyk/dep-graph");
|
|
7
7
|
const display_1 = require("./display");
|
|
8
|
+
const error_1 = require("../utils/error");
|
|
8
9
|
async function display(scanResults, testResults, errors, options) {
|
|
10
|
+
if (errors.length > 0) {
|
|
11
|
+
error_1.exitWith(error_1.ExitCode.Error, display_1.displayErrors(errors).join('\n'));
|
|
12
|
+
}
|
|
13
|
+
const result = [];
|
|
14
|
+
let hasDependencies = false;
|
|
15
|
+
let hasVulnerabilities = false;
|
|
9
16
|
try {
|
|
10
|
-
const result = [];
|
|
11
17
|
if (options === null || options === void 0 ? void 0 : options.path) {
|
|
12
18
|
const prefix = chalk.bold.white(`\nTesting ${options.path}...\n`);
|
|
13
19
|
result.push(prefix);
|
|
@@ -19,16 +25,27 @@ async function display(scanResults, testResults, errors, options) {
|
|
|
19
25
|
for (const testResult of testResults) {
|
|
20
26
|
const depGraph = dep_graph_1.createFromJSON(testResult.depGraphData);
|
|
21
27
|
const [dependencySection, issuesSection] = display_1.selectDisplayStrategy(options, depGraph, testResult);
|
|
28
|
+
if (testResult.depGraphData.pkgs.length > 1) {
|
|
29
|
+
hasDependencies = true;
|
|
30
|
+
}
|
|
31
|
+
if (testResult.issues.length > 0) {
|
|
32
|
+
hasVulnerabilities = true;
|
|
33
|
+
}
|
|
22
34
|
result.push(...dependencySection, ...issuesSection);
|
|
23
35
|
}
|
|
24
|
-
const errorLines = display_1.displayErrors(errors);
|
|
25
|
-
result.push(...errorLines);
|
|
26
|
-
return result.join('\n');
|
|
27
36
|
}
|
|
28
37
|
catch (error) {
|
|
29
|
-
debug_1.debug(error.message ||
|
|
30
|
-
|
|
38
|
+
debug_1.debug(error.message || `Error displaying the results: ${error}`);
|
|
39
|
+
error_1.exitWith(error_1.ExitCode.Error, 'Error displaying results.');
|
|
40
|
+
}
|
|
41
|
+
if (hasVulnerabilities) {
|
|
42
|
+
error_1.exitWith(error_1.ExitCode.VulnerabilitiesFound, result.join('\n'));
|
|
43
|
+
}
|
|
44
|
+
if (!hasDependencies) {
|
|
45
|
+
result.push(`Could not detect supported target files in ${options === null || options === void 0 ? void 0 : options.path}`);
|
|
46
|
+
error_1.exitWith(error_1.ExitCode.NoSupportedFiles, result.join('\n'));
|
|
31
47
|
}
|
|
48
|
+
return result.join('\n');
|
|
32
49
|
}
|
|
33
50
|
exports.display = display;
|
|
34
51
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/display/index.ts"],"names":[],"mappings":";;;AAAA,+BAA+B;AAC/B,oCAAiC;AACjC,+CAAiD;AAEjD,uCAImB;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/display/index.ts"],"names":[],"mappings":";;;AAAA,+BAA+B;AAC/B,oCAAiC;AACjC,+CAAiD;AAEjD,uCAImB;AACnB,0CAAoD;AAE7C,KAAK,UAAU,OAAO,CAC3B,WAAyB,EACzB,WAAyB,EACzB,MAAgB,EAChB,OAAiB;IAEjB,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE;QACrB,gBAAQ,CAAC,gBAAQ,CAAC,KAAK,EAAE,uBAAa,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;KAC5D;IAED,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,eAAe,GAAG,KAAK,CAAC;IAC5B,IAAI,kBAAkB,GAAG,KAAK,CAAC;IAE/B,IAAI;QACF,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,EAAE;YACjB,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,OAAO,CAAC,IAAI,OAAO,CAAC,CAAC;YAClE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;SACrB;QAED,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAE;YAClB,MAAM,cAAc,GAAG,2BAAiB,CAAC,WAAW,CAAC,CAAC;YACtD,MAAM,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,CAAC;SAChC;QAED,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE;YACpC,MAAM,QAAQ,GAAG,0BAAc,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;YACzD,MAAM,CAAC,iBAAiB,EAAE,aAAa,CAAC,GAAG,+BAAqB,CAC9D,OAAO,EACP,QAAQ,EACR,UAAU,CACX,CAAC;YAEF,IAAI,UAAU,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE;gBAC3C,eAAe,GAAG,IAAI,CAAC;aACxB;YAED,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE;gBAChC,kBAAkB,GAAG,IAAI,CAAC;aAC3B;YAED,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,EAAE,GAAG,aAAa,CAAC,CAAC;SACrD;KACF;IAAC,OAAO,KAAK,EAAE;QACd,aAAK,CAAC,KAAK,CAAC,OAAO,IAAI,iCAAiC,KAAK,EAAE,CAAC,CAAC;QACjE,gBAAQ,CAAC,gBAAQ,CAAC,KAAK,EAAE,2BAA2B,CAAC,CAAC;KACvD;IAED,IAAI,kBAAkB,EAAE;QACtB,gBAAQ,CAAC,gBAAQ,CAAC,oBAAoB,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;KAC5D;IAED,IAAI,CAAC,eAAe,EAAE;QACpB,MAAM,CAAC,IAAI,CAAC,8CAA8C,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,EAAE,CAAC,CAAC;QAC3E,gBAAQ,CAAC,gBAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;KACxD;IAED,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC3B,CAAC;AA1DD,0BA0DC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { FilePath } from './types';
|
|
2
|
+
export declare function extract(archives: readonly FilePath[], temporaryDir: FilePath, depthLimit: number, depth?: number): Promise<void>;
|
|
3
|
+
export declare function isTar(path: FilePath): boolean;
|
|
4
|
+
export declare function isZip(path: FilePath): boolean;
|
|
5
|
+
export declare function isArchive(path: FilePath): boolean;
|
|
6
|
+
export declare function filterArchives(paths: readonly FilePath[]): FilePath[];
|
package/dist/extract.js
ADDED
|
@@ -0,0 +1,77 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.filterArchives = exports.isArchive = exports.isZip = exports.isTar = exports.extract = void 0;
|
|
4
|
+
const fs_1 = require("fs");
|
|
5
|
+
const path_1 = require("path");
|
|
6
|
+
const common_1 = require("./common");
|
|
7
|
+
const debug_1 = require("./debug");
|
|
8
|
+
const pMap = require('p-map');
|
|
9
|
+
const AdmZip = require('adm-zip');
|
|
10
|
+
const tar = require('tar');
|
|
11
|
+
const { mkdir } = fs_1.promises;
|
|
12
|
+
const zipFormats = ['.zip', '.zipx'];
|
|
13
|
+
const tarFormats = ['.tar', '.gz', '.tgz'];
|
|
14
|
+
async function handleExtraction(path, temporaryDir, childArchiveHandler) {
|
|
15
|
+
const extractionTarget = path_1.join(temporaryDir, path.includes(temporaryDir)
|
|
16
|
+
? path_1.relative(temporaryDir, `${path}${common_1.EXTRACTED_DIR_SUFFIX}`)
|
|
17
|
+
: path_1.basename(path));
|
|
18
|
+
await mkdir(extractionTarget, { recursive: true });
|
|
19
|
+
if (isTar(path)) {
|
|
20
|
+
await tar.x({
|
|
21
|
+
file: path,
|
|
22
|
+
cwd: extractionTarget,
|
|
23
|
+
sync: true,
|
|
24
|
+
onentry: (entry) => {
|
|
25
|
+
const childAbsolutePath = path_1.join(extractionTarget, entry.path);
|
|
26
|
+
if (isArchive(childAbsolutePath)) {
|
|
27
|
+
childArchiveHandler(childAbsolutePath);
|
|
28
|
+
}
|
|
29
|
+
},
|
|
30
|
+
});
|
|
31
|
+
}
|
|
32
|
+
else if (isZip(path)) {
|
|
33
|
+
const zip = new AdmZip(path);
|
|
34
|
+
await pMap(zip.getEntries(), (entry) => {
|
|
35
|
+
const childAbsolutePath = path_1.join(extractionTarget, entry.entryName);
|
|
36
|
+
zip.extractEntryTo(entry.entryName, extractionTarget, true, true);
|
|
37
|
+
if (isArchive(childAbsolutePath)) {
|
|
38
|
+
childArchiveHandler(childAbsolutePath);
|
|
39
|
+
}
|
|
40
|
+
}, { concurrency: common_1.DECOMPRESSING_CONCURRENCY_LEVEL });
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
async function extract(archives, temporaryDir, depthLimit, depth = 0) {
|
|
44
|
+
if (depth >= depthLimit) {
|
|
45
|
+
return;
|
|
46
|
+
}
|
|
47
|
+
const childArchives = [];
|
|
48
|
+
for (const archive of archives) {
|
|
49
|
+
try {
|
|
50
|
+
await handleExtraction(archive, temporaryDir, (childArchive) => childArchives.push(childArchive));
|
|
51
|
+
}
|
|
52
|
+
catch (err) {
|
|
53
|
+
debug_1.debug(`Could not extract archive: ${archive} ${err}`);
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
if (childArchives.length > 0) {
|
|
57
|
+
await extract(childArchives, temporaryDir, depthLimit, depth + 1);
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
exports.extract = extract;
|
|
61
|
+
function isTar(path) {
|
|
62
|
+
return tarFormats.includes(path_1.extname(path));
|
|
63
|
+
}
|
|
64
|
+
exports.isTar = isTar;
|
|
65
|
+
function isZip(path) {
|
|
66
|
+
return zipFormats.includes(path_1.extname(path));
|
|
67
|
+
}
|
|
68
|
+
exports.isZip = isZip;
|
|
69
|
+
function isArchive(path) {
|
|
70
|
+
return isTar(path) || isZip(path);
|
|
71
|
+
}
|
|
72
|
+
exports.isArchive = isArchive;
|
|
73
|
+
function filterArchives(paths) {
|
|
74
|
+
return paths.filter((path) => isArchive(path));
|
|
75
|
+
}
|
|
76
|
+
exports.filterArchives = filterArchives;
|
|
77
|
+
//# sourceMappingURL=extract.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"extract.js","sourceRoot":"","sources":["../lib/extract.ts"],"names":[],"mappings":";;;AAAA,2BAA8B;AAC9B,+BAAyD;AAEzD,qCAGkB;AAClB,mCAAgC;AAEhC,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;AAC9B,MAAM,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;AAE3B,MAAM,EAAE,KAAK,EAAE,GAAG,aAAQ,CAAC;AAE3B,MAAM,UAAU,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AACrC,MAAM,UAAU,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;AAM3C,KAAK,UAAU,gBAAgB,CAC7B,IAAc,EACd,YAAsB,EACtB,mBAAsC;IAEtC,MAAM,gBAAgB,GAAa,WAAI,CACrC,YAAY,EACZ,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC;QACzB,CAAC,CAAC,eAAQ,CAAC,YAAY,EAAE,GAAG,IAAI,GAAG,6BAAoB,EAAE,CAAC;QAC1D,CAAC,CAAC,eAAQ,CAAC,IAAI,CAAC,CACnB,CAAC;IAEF,MAAM,KAAK,CAAC,gBAAgB,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEnD,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACf,MAAM,GAAG,CAAC,CAAC,CAAC;YACV,IAAI,EAAE,IAAI;YACV,GAAG,EAAE,gBAAgB;YACrB,IAAI,EAAE,IAAI;YACV,OAAO,EAAE,CAAC,KAAU,EAAE,EAAE;gBACtB,MAAM,iBAAiB,GAAG,WAAI,CAAC,gBAAgB,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;gBAE7D,IAAI,SAAS,CAAC,iBAAiB,CAAC,EAAE;oBAChC,mBAAmB,CAAC,iBAAiB,CAAC,CAAC;iBACxC;YACH,CAAC;SACF,CAAC,CAAC;KACJ;SAAM,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;QACtB,MAAM,GAAG,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC;QAC7B,MAAM,IAAI,CACR,GAAG,CAAC,UAAU,EAAE,EAChB,CAAC,KAAU,EAAE,EAAE;YACb,MAAM,iBAAiB,GAAG,WAAI,CAAC,gBAAgB,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;YAClE,GAAG,CAAC,cAAc,CAAC,KAAK,CAAC,SAAS,EAAE,gBAAgB,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;YAElE,IAAI,SAAS,CAAC,iBAAiB,CAAC,EAAE;gBAChC,mBAAmB,CAAC,iBAAiB,CAAC,CAAC;aACxC;QACH,CAAC,EACD,EAAE,WAAW,EAAE,wCAA+B,EAAE,CACjD,CAAC;KACH;AACH,CAAC;AAEM,KAAK,UAAU,OAAO,CAC3B,QAA6B,EAC7B,YAAsB,EACtB,UAAkB,EAClB,KAAK,GAAG,CAAC;IAET,IAAI,KAAK,IAAI,UAAU,EAAE;QACvB,OAAO;KACR;IAED,MAAM,aAAa,GAAe,EAAE,CAAC;IAErC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE;QAC9B,IAAI;YACF,MAAM,gBAAgB,CAAC,OAAO,EAAE,YAAY,EAAE,CAAC,YAAsB,EAAE,EAAE,CACvE,aAAa,CAAC,IAAI,CAAC,YAAY,CAAC,CACjC,CAAC;SACH;QAAC,OAAO,GAAG,EAAE;YACZ,aAAK,CAAC,8BAA8B,OAAO,IAAI,GAAG,EAAE,CAAC,CAAC;SACvD;KACF;IAED,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE;QAC5B,MAAM,OAAO,CAAC,aAAa,EAAE,YAAY,EAAE,UAAU,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;KACnE;AACH,CAAC;AAzBD,0BAyBC;AAED,SAAgB,KAAK,CAAC,IAAc;IAClC,OAAO,UAAU,CAAC,QAAQ,CAAC,cAAO,CAAC,IAAI,CAAC,CAAC,CAAC;AAC5C,CAAC;AAFD,sBAEC;AAED,SAAgB,KAAK,CAAC,IAAc;IAClC,OAAO,UAAU,CAAC,QAAQ,CAAC,cAAO,CAAC,IAAI,CAAC,CAAC,CAAC;AAC5C,CAAC;AAFD,sBAEC;AAED,SAAgB,SAAS,CAAC,IAAc;IACtC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;AACpC,CAAC;AAFD,8BAEC;AAED,SAAgB,cAAc,CAAC,KAA0B;IACvD,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;AACjD,CAAC;AAFD,wCAEC"}
|
package/dist/find.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
|
-
import
|
|
3
|
-
|
|
4
|
-
export declare
|
|
2
|
+
import { promises } from 'fs';
|
|
3
|
+
import { FilePath } from './types';
|
|
4
|
+
export declare const readdir: typeof promises.readdir, lstat: typeof promises.lstat;
|
|
5
|
+
export declare function find(src: string): Promise<FilePath[]>;
|
package/dist/find.js
CHANGED
|
@@ -1,35 +1,38 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.find = exports.
|
|
4
|
-
const
|
|
3
|
+
exports.find = exports.lstat = exports.readdir = void 0;
|
|
4
|
+
const fs_1 = require("fs");
|
|
5
5
|
const path_1 = require("path");
|
|
6
|
-
const util_1 = require("util");
|
|
7
6
|
const common_1 = require("./common");
|
|
8
7
|
const debug_1 = require("./debug");
|
|
9
|
-
|
|
10
|
-
exports.stat = util_1.promisify(fs.stat);
|
|
8
|
+
exports.readdir = fs_1.promises.readdir, exports.lstat = fs_1.promises.lstat;
|
|
11
9
|
async function find(src) {
|
|
12
10
|
const result = [];
|
|
13
|
-
await traverse(src, (
|
|
14
|
-
if (!
|
|
11
|
+
await traverse(src, async (path, stats) => {
|
|
12
|
+
if (!common_1.isSupportedSize(stats.size)) {
|
|
15
13
|
return;
|
|
16
14
|
}
|
|
17
|
-
result.push(
|
|
15
|
+
result.push(path);
|
|
18
16
|
});
|
|
19
17
|
return result;
|
|
20
18
|
}
|
|
21
19
|
exports.find = find;
|
|
22
20
|
async function traverse(src, handle) {
|
|
23
21
|
try {
|
|
24
|
-
const stats = await exports.
|
|
25
|
-
if (
|
|
22
|
+
const stats = await exports.lstat(src);
|
|
23
|
+
if (stats.isSymbolicLink()) {
|
|
24
|
+
return;
|
|
25
|
+
}
|
|
26
|
+
if (stats.isFile()) {
|
|
26
27
|
handle(src, stats);
|
|
27
28
|
return;
|
|
28
29
|
}
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
const
|
|
32
|
-
|
|
30
|
+
if (stats.isDirectory()) {
|
|
31
|
+
const entries = await exports.readdir(src);
|
|
32
|
+
for (const entry of entries) {
|
|
33
|
+
const absolute = path_1.join(src, entry);
|
|
34
|
+
await traverse(absolute, handle);
|
|
35
|
+
}
|
|
33
36
|
}
|
|
34
37
|
}
|
|
35
38
|
catch (error) {
|
package/dist/find.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"find.js","sourceRoot":"","sources":["../lib/find.ts"],"names":[],"mappings":";;;AAAA,
|
|
1
|
+
{"version":3,"file":"find.js","sourceRoot":"","sources":["../lib/find.ts"],"names":[],"mappings":";;;AAAA,2BAAqC;AACrC,+BAA4B;AAC5B,qCAA2C;AAC3C,mCAAgC;AAGjB,eAAO,GAAY,aAAQ,UAAlB,aAAK,GAAK,aAAQ,OAAC;AAMpC,KAAK,UAAU,IAAI,CAAC,GAAW;IACpC,MAAM,MAAM,GAAe,EAAE,CAAC;IAE9B,MAAM,QAAQ,CAAC,GAAG,EAAE,KAAK,EAAE,IAAc,EAAE,KAAY,EAAE,EAAE;QACzD,IAAI,CAAC,wBAAe,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE;YAChC,OAAO;SACR;QAED,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpB,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC;AAZD,oBAYC;AAED,KAAK,UAAU,QAAQ,CAAC,GAAW,EAAE,MAAmB;IACtD,IAAI;QACF,MAAM,KAAK,GAAG,MAAM,aAAK,CAAC,GAAG,CAAC,CAAC;QAE/B,IAAI,KAAK,CAAC,cAAc,EAAE,EAAE;YAC1B,OAAO;SACR;QAED,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE;YAClB,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACnB,OAAO;SACR;QAED,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE;YACvB,MAAM,OAAO,GAAG,MAAM,eAAO,CAAC,GAAG,CAAC,CAAC;YAEnC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE;gBAC3B,MAAM,QAAQ,GAAG,WAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;gBAElC,MAAM,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;aAClC;SACF;KACF;IAAC,OAAO,KAAK,EAAE;QACd,aAAK,CAAC,KAAK,CAAC,OAAO,IAAI,sBAAsB,GAAG,KAAK,KAAK,EAAE,CAAC,CAAC;KAC/D;AACH,CAAC"}
|
package/dist/hash.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
import { FileContent, FilePath, FullFileHash, SignatureResult } from './types';
|
|
2
|
-
export declare function
|
|
2
|
+
export declare function computeHash(path: FilePath, content: FileContent): Promise<SignatureResult>;
|
|
3
3
|
export declare function computeSingleHash(content: FileContent): Promise<FullFileHash>;
|
|
4
4
|
export declare function computeUHash(content: FileContent): Promise<FullFileHash>;
|
package/dist/hash.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.computeUHash = exports.computeSingleHash = exports.
|
|
3
|
+
exports.computeUHash = exports.computeSingleHash = exports.computeHash = void 0;
|
|
4
4
|
const crypto = require("crypto");
|
|
5
5
|
const binary_1 = require("./utils/binary");
|
|
6
6
|
const format_1 = require("./utils/format");
|
|
@@ -15,7 +15,7 @@ var HashAlgorithm;
|
|
|
15
15
|
HashAlgorithm["OTHER"] = "other";
|
|
16
16
|
})(HashAlgorithm || (HashAlgorithm = {}));
|
|
17
17
|
const usedHashAlgorithm = HashAlgorithm.MD5;
|
|
18
|
-
async function
|
|
18
|
+
async function computeHash(path, content) {
|
|
19
19
|
const hashes = await Promise.all([
|
|
20
20
|
computeSingleHash(content),
|
|
21
21
|
computeUHash(content),
|
|
@@ -26,7 +26,7 @@ async function getHashSignature(path, content) {
|
|
|
26
26
|
hashes_ffm: hashes,
|
|
27
27
|
};
|
|
28
28
|
}
|
|
29
|
-
exports.
|
|
29
|
+
exports.computeHash = computeHash;
|
|
30
30
|
async function computeSingleHash(content) {
|
|
31
31
|
const hash = crypto.createHash(usedHashAlgorithm).update(content);
|
|
32
32
|
const base64Digest = hash.digest(DigestFormat.BASE64).replace(/=/g, '');
|
package/dist/hash.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hash.js","sourceRoot":"","sources":["../lib/hash.ts"],"names":[],"mappings":";;;AAAA,iCAAiC;AAEjC,2CAA0C;AAC1C,2CAAmD;AAEnD,IAAK,YAGJ;AAHD,WAAK,YAAY;IACf,iCAAiB,CAAA;IACjB,2BAAW,CAAA;AACb,CAAC,EAHI,YAAY,KAAZ,YAAY,QAGhB;AAED,IAAK,aAGJ;AAHD,WAAK,aAAa;IAChB,4BAAW,CAAA;IACX,gCAAe,CAAA;AACjB,CAAC,EAHI,aAAa,KAAb,aAAa,QAGjB;AAED,MAAM,iBAAiB,GAAkB,aAAa,CAAC,GAAG,CAAC;AAEpD,KAAK,UAAU,
|
|
1
|
+
{"version":3,"file":"hash.js","sourceRoot":"","sources":["../lib/hash.ts"],"names":[],"mappings":";;;AAAA,iCAAiC;AAEjC,2CAA0C;AAC1C,2CAAmD;AAEnD,IAAK,YAGJ;AAHD,WAAK,YAAY;IACf,iCAAiB,CAAA;IACjB,2BAAW,CAAA;AACb,CAAC,EAHI,YAAY,KAAZ,YAAY,QAGhB;AAED,IAAK,aAGJ;AAHD,WAAK,aAAa;IAChB,4BAAW,CAAA;IACX,gCAAe,CAAA;AACjB,CAAC,EAHI,aAAa,KAAb,aAAa,QAGjB;AAED,MAAM,iBAAiB,GAAkB,aAAa,CAAC,GAAG,CAAC;AAEpD,KAAK,UAAU,WAAW,CAC/B,IAAc,EACd,OAAoB;IAEpB,MAAM,MAAM,GAAmB,MAAM,OAAO,CAAC,GAAG,CAAC;QAC/C,iBAAiB,CAAC,OAAO,CAAC;QAC1B,YAAY,CAAC,OAAO,CAAC;KACtB,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,IAAI;QACV,IAAI,EAAE,OAAO,CAAC,MAAM;QACpB,UAAU,EAAE,MAAM;KACnB,CAAC;AACJ,CAAC;AAdD,kCAcC;AAEM,KAAK,UAAU,iBAAiB,CACrC,OAAoB;IAEpB,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAClE,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAExE,OAAO;QACL,IAAI,EAAE,YAAY;QAClB,MAAM,EAAE,CAAC;KACV,CAAC;AACJ,CAAC;AAVD,8CAUC;AAEM,KAAK,UAAU,YAAY,CAChC,OAAoB;IAEpB,MAAM,IAAI,GAAG,iBAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,0BAAiB,CAAC,OAAO,CAAC,CAAC;IAEtE,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC/D,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAE7D,OAAO;QACL,IAAI,EAAE,SAAS;QACf,MAAM,EAAE,CAAC;KACV,CAAC;AACJ,CAAC;AAZD,oCAYC"}
|
package/dist/scan.js
CHANGED
|
@@ -8,10 +8,19 @@ const find_1 = require("./find");
|
|
|
8
8
|
const hosted_git_info_1 = require("hosted-git-info");
|
|
9
9
|
const signatures_1 = require("./signatures");
|
|
10
10
|
const git_1 = require("./git");
|
|
11
|
+
const extract_1 = require("./extract");
|
|
12
|
+
const common_1 = require("./common");
|
|
13
|
+
const fs_1 = require("./utils/fs");
|
|
11
14
|
async function scan(options) {
|
|
12
15
|
try {
|
|
13
16
|
debug_1.debug.enabled = !!(options === null || options === void 0 ? void 0 : options.debug);
|
|
14
17
|
debug_1.debug('options %o \n', options);
|
|
18
|
+
const extractionDepthLimit = options['--max-depth'] !== undefined
|
|
19
|
+
? options['--max-depth']
|
|
20
|
+
: common_1.DEFAULT_DECOMPRESSING_DEPTH;
|
|
21
|
+
if (extractionDepthLimit < 0) {
|
|
22
|
+
throw 'invalid options: --max-depth should be a positive number.';
|
|
23
|
+
}
|
|
15
24
|
if (!options.path) {
|
|
16
25
|
throw 'invalid options: no path provided.';
|
|
17
26
|
}
|
|
@@ -19,24 +28,33 @@ async function scan(options) {
|
|
|
19
28
|
throw `'${options.path}' does not exist.`;
|
|
20
29
|
}
|
|
21
30
|
const start = Date.now();
|
|
22
|
-
const
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
31
|
+
const paths = await find_1.find(options.path);
|
|
32
|
+
const archives = extract_1.filterArchives(paths);
|
|
33
|
+
let temporaryDir = null;
|
|
34
|
+
if (archives.length > 0) {
|
|
35
|
+
temporaryDir = await fs_1.createTemporaryDir();
|
|
36
|
+
await extract_1.extract(archives, temporaryDir, extractionDepthLimit);
|
|
37
|
+
paths.push(...(await find_1.find(temporaryDir)));
|
|
38
|
+
}
|
|
39
|
+
debug_1.debug('%d files found \n', paths.length);
|
|
40
|
+
const signatures = await signatures_1.computeSignaturesConcurrently(paths);
|
|
41
|
+
signatures.forEach((s) => {
|
|
42
|
+
if (temporaryDir && s.path.includes(temporaryDir)) {
|
|
43
|
+
s.path = path
|
|
44
|
+
.relative(temporaryDir, s.path)
|
|
45
|
+
.replace(new RegExp(common_1.EXTRACTED_DIR_SUFFIX, 'g'), '');
|
|
46
|
+
}
|
|
47
|
+
else {
|
|
48
|
+
s.path = path.relative(options.path, s.path);
|
|
49
|
+
}
|
|
30
50
|
});
|
|
31
51
|
const end = Date.now();
|
|
32
52
|
const totalMilliseconds = end - start;
|
|
33
|
-
const totalFileSignatures =
|
|
53
|
+
const totalFileSignatures = signatures.length;
|
|
34
54
|
const totalSecondsElapsedToGenerateFileSignatures = Math.floor(totalMilliseconds / 1000);
|
|
35
55
|
debug_1.debug(`total fileSignatures: ${totalFileSignatures} \n`);
|
|
36
56
|
debug_1.debug(`elapsed time in seconds to generate fileSignatures: ${totalSecondsElapsedToGenerateFileSignatures}s \n`);
|
|
37
|
-
const facts = [
|
|
38
|
-
{ type: 'fileSignatures', data: filteredSignatures },
|
|
39
|
-
];
|
|
57
|
+
const facts = [{ type: 'fileSignatures', data: signatures }];
|
|
40
58
|
const analytics = [
|
|
41
59
|
{
|
|
42
60
|
name: 'fileSignaturesAnalyticsContext',
|
package/dist/scan.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scan.js","sourceRoot":"","sources":["../lib/scan.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AACzB,6BAA6B;
|
|
1
|
+
{"version":3,"file":"scan.js","sourceRoot":"","sources":["../lib/scan.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AACzB,6BAA6B;AAW7B,mCAAgC;AAChC,iCAA8B;AAC9B,qDAA0C;AAC1C,6CAA6D;AAC7D,+BAAkC;AAClC,uCAAoD;AACpD,qCAA6E;AAC7E,mCAAgD;AAEzC,KAAK,UAAU,IAAI,CAAC,OAAgB;IACzC,IAAI;QACF,aAAK,CAAC,OAAO,GAAG,CAAC,EAAC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAA,CAAC;QACjC,aAAK,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAChC,MAAM,oBAAoB,GACxB,OAAO,CAAC,aAAa,CAAC,KAAK,SAAS;YAClC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC;YACxB,CAAC,CAAC,oCAA2B,CAAC;QAElC,IAAI,oBAAoB,GAAG,CAAC,EAAE;YAC5B,MAAM,2DAA2D,CAAC;SACnE;QAED,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE;YACjB,MAAM,oCAAoC,CAAC;SAC5C;QAED,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;YAChC,MAAM,IAAI,OAAO,CAAC,IAAI,mBAAmB,CAAC;SAC3C;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEzB,MAAM,KAAK,GAAe,MAAM,WAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACnD,MAAM,QAAQ,GAAe,wBAAc,CAAC,KAAK,CAAC,CAAC;QAEnD,IAAI,YAAY,GAAoB,IAAI,CAAC;QAEzC,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;YACvB,YAAY,GAAG,MAAM,uBAAkB,EAAE,CAAC;YAE1C,MAAM,iBAAO,CAAC,QAAQ,EAAE,YAAY,EAAE,oBAAoB,CAAC,CAAC;YAC5D,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,WAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;SAC3C;QAED,aAAK,CAAC,mBAAmB,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;QAEzC,MAAM,UAAU,GAAsB,MAAM,0CAA6B,CACvE,KAAK,CACN,CAAC;QAEF,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;YACvB,IAAI,YAAY,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE;gBACjD,CAAC,CAAC,IAAI,GAAG,IAAI;qBACV,QAAQ,CAAC,YAAY,EAAE,CAAC,CAAC,IAAI,CAAC;qBAC9B,OAAO,CAAC,IAAI,MAAM,CAAC,6BAAoB,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;aACvD;iBAAM;gBACL,CAAC,CAAC,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;aAC9C;QACH,CAAC,CAAC,CAAC;QAEH,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,MAAM,iBAAiB,GAAG,GAAG,GAAG,KAAK,CAAC;QACtC,MAAM,mBAAmB,GAAG,UAAU,CAAC,MAAM,CAAC;QAC9C,MAAM,2CAA2C,GAAG,IAAI,CAAC,KAAK,CAC5D,iBAAiB,GAAG,IAAI,CACzB,CAAC;QAEF,aAAK,CAAC,yBAAyB,mBAAmB,KAAK,CAAC,CAAC;QACzD,aAAK,CACH,uDAAuD,2CAA2C,MAAM,CACzG,CAAC;QAEF,MAAM,KAAK,GAAY,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC;QAEtE,MAAM,SAAS,GAAgB;YAC7B;gBACE,IAAI,EAAE,gCAAgC;gBACtC,IAAI,EAAE;oBACJ,mBAAmB;oBACnB,2CAA2C;iBAC5C;aACF;SACF,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,eAAS,EAAE,CAAC;QACjC,aAAK,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QAC9B,MAAM,OAAO,GAAG,yBAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC1C,MAAM,IAAI,GACR,OAAO,CAAC,WAAW,KAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,CAAA,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACzE,aAAK,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;QAC1B,MAAM,WAAW,GAAiB;YAChC;gBACE,KAAK;gBACL,QAAQ,EAAE;oBACR,IAAI,EAAE,KAAK;iBACZ;gBACD,IAAI;gBACJ,MAAM;gBACN,SAAS;aACV;SACF,CAAC;QAEF,OAAO;YACL,WAAW;SACZ,CAAC;KACH;IAAC,OAAO,KAAK,EAAE;QACd,MAAM,IAAI,KAAK,CAAC,iCAAiC,KAAK,EAAE,CAAC,CAAC;KAC3D;AACH,CAAC;AApGD,oBAoGC"}
|
package/dist/signatures.d.ts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
1
|
import { FilePath, SignatureResult } from './types';
|
|
2
|
-
export declare function
|
|
2
|
+
export declare function computeSignaturesConcurrently(paths: FilePath[]): Promise<SignatureResult[]>;
|
package/dist/signatures.js
CHANGED
|
@@ -1,15 +1,16 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.computeSignaturesConcurrently = void 0;
|
|
4
4
|
const fs_1 = require("fs");
|
|
5
5
|
const hash_1 = require("./hash");
|
|
6
|
+
const common_1 = require("./common");
|
|
6
7
|
const pMap = require("p-map");
|
|
7
8
|
const { readFile } = fs_1.promises;
|
|
8
|
-
async function
|
|
9
|
+
async function computeSignaturesConcurrently(paths) {
|
|
9
10
|
return pMap(paths, async (path) => {
|
|
10
11
|
const content = await readFile(path);
|
|
11
|
-
return
|
|
12
|
-
}, { concurrency:
|
|
12
|
+
return await hash_1.computeHash(path, content);
|
|
13
|
+
}, { concurrency: common_1.HASHING_CONCURRENCY_LEVEL });
|
|
13
14
|
}
|
|
14
|
-
exports.
|
|
15
|
+
exports.computeSignaturesConcurrently = computeSignaturesConcurrently;
|
|
15
16
|
//# sourceMappingURL=signatures.js.map
|
package/dist/signatures.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signatures.js","sourceRoot":"","sources":["../lib/signatures.ts"],"names":[],"mappings":";;;AAAA,2BAA8B;AAE9B,
|
|
1
|
+
{"version":3,"file":"signatures.js","sourceRoot":"","sources":["../lib/signatures.ts"],"names":[],"mappings":";;;AAAA,2BAA8B;AAE9B,iCAAqC;AACrC,qCAAqD;AAErD,8BAA+B;AAE/B,MAAM,EAAE,QAAQ,EAAE,GAAG,aAAQ,CAAC;AAEvB,KAAK,UAAU,6BAA6B,CACjD,KAAiB;IAEjB,OAAO,IAAI,CACT,KAAK,EACL,KAAK,EAAE,IAAc,EAAE,EAAE;QACvB,MAAM,OAAO,GAAgB,MAAM,QAAQ,CAAC,IAAI,CAAC,CAAC;QAClD,OAAO,MAAM,kBAAW,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IAC1C,CAAC,EACD,EAAE,WAAW,EAAE,kCAAyB,EAAE,CAC3C,CAAC;AACJ,CAAC;AAXD,sEAWC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.exitWith = exports.ExitCode = void 0;
|
|
4
|
+
var ExitCode;
|
|
5
|
+
(function (ExitCode) {
|
|
6
|
+
ExitCode["VulnerabilitiesFound"] = "VULNS";
|
|
7
|
+
ExitCode[ExitCode["Error"] = 2] = "Error";
|
|
8
|
+
ExitCode[ExitCode["NoSupportedFiles"] = 3] = "NoSupportedFiles";
|
|
9
|
+
})(ExitCode = exports.ExitCode || (exports.ExitCode = {}));
|
|
10
|
+
function exitWith(exitCode, message) {
|
|
11
|
+
const err = new Error();
|
|
12
|
+
err.message = message;
|
|
13
|
+
err.code = exitCode.valueOf();
|
|
14
|
+
throw err;
|
|
15
|
+
}
|
|
16
|
+
exports.exitWith = exitWith;
|
|
17
|
+
//# sourceMappingURL=error.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"error.js","sourceRoot":"","sources":["../../lib/utils/error.ts"],"names":[],"mappings":";;;AAAA,IAAY,QAIX;AAJD,WAAY,QAAQ;IAClB,0CAA8B,CAAA;IAC9B,yCAAS,CAAA;IACT,+DAAoB,CAAA;AACtB,CAAC,EAJW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAInB;AAED,SAAgB,QAAQ,CAAC,QAAkB,EAAE,OAAe;IAC1D,MAAM,GAAG,GAAG,IAAI,KAAK,EAAS,CAAC;IAC/B,GAAG,CAAC,OAAO,GAAG,OAAO,CAAC;IACtB,GAAG,CAAC,IAAI,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC;IAE9B,MAAM,GAAG,CAAC;AACZ,CAAC;AAND,4BAMC"}
|
package/dist/utils/fs.js
ADDED
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.createTemporaryDir = void 0;
|
|
4
|
+
const os = require("os");
|
|
5
|
+
const fs_1 = require("fs");
|
|
6
|
+
const path_1 = require("path");
|
|
7
|
+
const { mkdtemp } = fs_1.promises;
|
|
8
|
+
async function createTemporaryDir() {
|
|
9
|
+
return await mkdtemp(path_1.join(os.tmpdir(), 'snyk'));
|
|
10
|
+
}
|
|
11
|
+
exports.createTemporaryDir = createTemporaryDir;
|
|
12
|
+
//# sourceMappingURL=fs.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"fs.js","sourceRoot":"","sources":["../../lib/utils/fs.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AAEzB,2BAA8B;AAC9B,+BAA4B;AAG5B,MAAM,EAAE,OAAO,EAAE,GAAG,aAAQ,CAAC;AAEtB,KAAK,UAAU,kBAAkB;IACtC,OAAO,MAAM,OAAO,CAAC,WAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;AAClD,CAAC;AAFD,gDAEC"}
|
package/package.json
CHANGED
|
@@ -30,10 +30,12 @@
|
|
|
30
30
|
},
|
|
31
31
|
"dependencies": {
|
|
32
32
|
"@snyk/dep-graph": "^1.19.3",
|
|
33
|
+
"adm-zip": "^0.5.9",
|
|
33
34
|
"chalk": "^4.1.0",
|
|
34
35
|
"debug": "^4.1.1",
|
|
35
36
|
"hosted-git-info": "^3.0.7",
|
|
36
37
|
"p-map": "^4.0.0",
|
|
38
|
+
"tar": "^6.1.11",
|
|
37
39
|
"tslib": "^2.0.0"
|
|
38
40
|
},
|
|
39
41
|
"devDependencies": {
|
|
@@ -53,5 +55,5 @@
|
|
|
53
55
|
"tsc-watch": "^4.2.9",
|
|
54
56
|
"typescript": "^3.9.7"
|
|
55
57
|
},
|
|
56
|
-
"version": "2.
|
|
58
|
+
"version": "2.16.0"
|
|
57
59
|
}
|