snyk-cpp-plugin 2.16.6 → 2.17.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/display/index.js +1 -1
- package/dist/display/index.js.map +1 -1
- package/dist/find.d.ts +3 -2
- package/dist/find.js +14 -5
- package/dist/find.js.map +1 -1
- package/dist/scan.d.ts +4 -1
- package/dist/scan.js +31 -11
- package/dist/scan.js.map +1 -1
- package/dist/types.d.ts +6 -1
- package/dist/utils/dotsnyk/index.d.ts +21 -0
- package/dist/utils/dotsnyk/index.js +35 -0
- package/dist/utils/dotsnyk/index.js.map +1 -0
- package/dist/utils/dotsnyk/invariants.d.ts +1 -0
- package/dist/utils/dotsnyk/invariants.js +5 -0
- package/dist/utils/dotsnyk/invariants.js.map +1 -0
- package/dist/utils/dotsnyk/types.d.ts +6 -0
- package/dist/utils/dotsnyk/types.js +3 -0
- package/dist/utils/dotsnyk/types.js.map +1 -0
- package/dist/utils/error.js +1 -0
- package/dist/utils/error.js.map +1 -1
- package/package.json +3 -2
package/dist/display/index.js
CHANGED
|
@@ -42,7 +42,7 @@ async function display(scanResults, testResults, errors, options) {
|
|
|
42
42
|
error_1.exitWith(error_1.ExitCode.VulnerabilitiesFound, output, testResults);
|
|
43
43
|
}
|
|
44
44
|
if (!hasDependencies) {
|
|
45
|
-
error_1.exitWith(error_1.ExitCode.NoSupportedFiles, `${output}\nCould not detect supported target files in ${options === null || options === void 0 ? void 0 : options.path}
|
|
45
|
+
error_1.exitWith(error_1.ExitCode.NoSupportedFiles, `${output}\nCould not detect supported target files in ${options === null || options === void 0 ? void 0 : options.path}\nPlease see our documentation for supported languages and target files: ${chalk.underline('https://snyk.co/udVgQ')} and make sure you are in the right directory.`);
|
|
46
46
|
}
|
|
47
47
|
return output;
|
|
48
48
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/display/index.ts"],"names":[],"mappings":";;;AAAA,+BAA+B;AAC/B,oCAAiC;AACjC,+CAAiD;AAEjD,uCAImB;AACnB,0CAAoD;AAE7C,KAAK,UAAU,OAAO,CAC3B,WAAyB,EACzB,WAAyB,EACzB,MAAgB,EAChB,OAAiB;IAEjB,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE;QACrB,gBAAQ,CAAC,gBAAQ,CAAC,KAAK,EAAE,uBAAa,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;KAC5D;IAED,IAAI,MAAM,GAAa,EAAE,CAAC;IAE1B,IAAI,eAAe,GAAG,KAAK,CAAC;IAC5B,IAAI,kBAAkB,GAAG,KAAK,CAAC;IAE/B,IAAI;QACF,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,EAAE;YACjB,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,OAAO,CAAC,IAAI,OAAO,CAAC,CAAC;YAClE,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;SAChC;QAED,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAE;YAClB,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,2BAAiB,CAAC,WAAW,CAAC,CAAC,CAAC;SACxD;QAED,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE;YACpC,MAAM,QAAQ,GAAG,0BAAc,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;YACzD,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,GAAG,+BAAqB,CAClD,OAAO,EACP,QAAQ,EACR,UAAU,CACX,CAAC;YAEF,IAAI,UAAU,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE;gBAC3C,eAAe,GAAG,IAAI,CAAC;aACxB;YAED,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE;gBAChC,kBAAkB,GAAG,IAAI,CAAC;aAC3B;YAED,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;SAC9C;KACF;IAAC,OAAO,KAAK,EAAE;QACd,aAAK,CAAC,KAAK,CAAC,OAAO,IAAI,iCAAiC,KAAK,EAAE,CAAC,CAAC;QACjE,gBAAQ,CAAC,gBAAQ,CAAC,KAAK,EAAE,2BAA2B,CAAC,CAAC;KACvD;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEjC,IAAI,kBAAkB,EAAE;QACtB,gBAAQ,CAAC,gBAAQ,CAAC,oBAAoB,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC;KAC9D;IAED,IAAI,CAAC,eAAe,EAAE;QACpB,gBAAQ,CACN,gBAAQ,CAAC,gBAAgB,EACzB,GAAG,MAAM,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../lib/display/index.ts"],"names":[],"mappings":";;;AAAA,+BAA+B;AAC/B,oCAAiC;AACjC,+CAAiD;AAEjD,uCAImB;AACnB,0CAAoD;AAE7C,KAAK,UAAU,OAAO,CAC3B,WAAyB,EACzB,WAAyB,EACzB,MAAgB,EAChB,OAAiB;IAEjB,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE;QACrB,gBAAQ,CAAC,gBAAQ,CAAC,KAAK,EAAE,uBAAa,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;KAC5D;IAED,IAAI,MAAM,GAAa,EAAE,CAAC;IAE1B,IAAI,eAAe,GAAG,KAAK,CAAC;IAC5B,IAAI,kBAAkB,GAAG,KAAK,CAAC;IAE/B,IAAI;QACF,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,EAAE;YACjB,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,OAAO,CAAC,IAAI,OAAO,CAAC,CAAC;YAClE,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;SAChC;QAED,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAE;YAClB,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,2BAAiB,CAAC,WAAW,CAAC,CAAC,CAAC;SACxD;QAED,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE;YACpC,MAAM,QAAQ,GAAG,0BAAc,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;YACzD,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,GAAG,+BAAqB,CAClD,OAAO,EACP,QAAQ,EACR,UAAU,CACX,CAAC;YAEF,IAAI,UAAU,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE;gBAC3C,eAAe,GAAG,IAAI,CAAC;aACxB;YAED,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE;gBAChC,kBAAkB,GAAG,IAAI,CAAC;aAC3B;YAED,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;SAC9C;KACF;IAAC,OAAO,KAAK,EAAE;QACd,aAAK,CAAC,KAAK,CAAC,OAAO,IAAI,iCAAiC,KAAK,EAAE,CAAC,CAAC;QACjE,gBAAQ,CAAC,gBAAQ,CAAC,KAAK,EAAE,2BAA2B,CAAC,CAAC;KACvD;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEjC,IAAI,kBAAkB,EAAE;QACtB,gBAAQ,CAAC,gBAAQ,CAAC,oBAAoB,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC;KAC9D;IAED,IAAI,CAAC,eAAe,EAAE;QACpB,gBAAQ,CACN,gBAAQ,CAAC,gBAAgB,EACzB,GAAG,MAAM,gDACP,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IACX,4EAA4E,KAAK,CAAC,SAAS,CACzF,uBAAuB,CACxB,gDAAgD,CAClD,CAAC;KACH;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAlED,0BAkEC"}
|
package/dist/find.d.ts
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
2
|
import { promises } from 'fs';
|
|
3
|
-
import { FilePath } from './types';
|
|
3
|
+
import { FilePath, Path } from './types';
|
|
4
|
+
import { Glob } from './utils/dotsnyk/types';
|
|
4
5
|
export declare const readdir: typeof promises.readdir, lstat: typeof promises.lstat;
|
|
5
|
-
export declare function find(src:
|
|
6
|
+
export declare function find(src: Path, excludePatterns?: readonly Glob[]): Promise<[FilePath[], FilePath[]]>;
|
package/dist/find.js
CHANGED
|
@@ -6,11 +6,12 @@ const path_1 = require("path");
|
|
|
6
6
|
const common_1 = require("./common");
|
|
7
7
|
const debug_1 = require("./debug");
|
|
8
8
|
const extract_1 = require("./extract");
|
|
9
|
+
const minimatch = require("minimatch");
|
|
9
10
|
exports.readdir = fs_1.promises.readdir, exports.lstat = fs_1.promises.lstat;
|
|
10
|
-
async function find(src) {
|
|
11
|
+
async function find(src, excludePatterns = []) {
|
|
11
12
|
const fileResults = [];
|
|
12
13
|
const archiveResults = [];
|
|
13
|
-
|
|
14
|
+
const handler = async (path, stats) => {
|
|
14
15
|
if (!common_1.isSupportedSize(stats.size)) {
|
|
15
16
|
return;
|
|
16
17
|
}
|
|
@@ -19,12 +20,20 @@ async function find(src) {
|
|
|
19
20
|
return;
|
|
20
21
|
}
|
|
21
22
|
fileResults.push(path);
|
|
22
|
-
}
|
|
23
|
+
};
|
|
24
|
+
const isExcluded = (path) => {
|
|
25
|
+
path = common_1.isWindowsOS() ? path.split(path_1.sep).join(path_1.posix.sep) : path;
|
|
26
|
+
return !!excludePatterns.find((pattern) => minimatch(path, pattern));
|
|
27
|
+
};
|
|
28
|
+
await traverse(src, handler, isExcluded);
|
|
23
29
|
return [fileResults, archiveResults];
|
|
24
30
|
}
|
|
25
31
|
exports.find = find;
|
|
26
|
-
async function traverse(src, handle) {
|
|
32
|
+
async function traverse(src, handle, isExcluded) {
|
|
27
33
|
try {
|
|
34
|
+
if (isExcluded(src)) {
|
|
35
|
+
return;
|
|
36
|
+
}
|
|
28
37
|
const stats = await exports.lstat(src);
|
|
29
38
|
if (stats.isSymbolicLink()) {
|
|
30
39
|
return;
|
|
@@ -37,7 +46,7 @@ async function traverse(src, handle) {
|
|
|
37
46
|
const entries = await exports.readdir(src);
|
|
38
47
|
for (const entry of entries) {
|
|
39
48
|
const absolute = path_1.join(src, entry);
|
|
40
|
-
await traverse(absolute, handle);
|
|
49
|
+
await traverse(absolute, handle, isExcluded);
|
|
41
50
|
}
|
|
42
51
|
}
|
|
43
52
|
}
|
package/dist/find.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"find.js","sourceRoot":"","sources":["../lib/find.ts"],"names":[],"mappings":";;;AAAA,2BAAqC;AACrC,+
|
|
1
|
+
{"version":3,"file":"find.js","sourceRoot":"","sources":["../lib/find.ts"],"names":[],"mappings":";;;AAAA,2BAAqC;AACrC,+BAAwC;AACxC,qCAAwD;AACxD,mCAAgC;AAEhC,uCAAsC;AACtC,uCAAuC;AAGxB,eAAO,GAAY,aAAQ,UAAlB,aAAK,GAAK,aAAQ,OAAC;AAMpC,KAAK,UAAU,IAAI,CACxB,GAAS,EACT,kBAAmC,EAAE;IAErC,MAAM,WAAW,GAAe,EAAE,CAAC;IACnC,MAAM,cAAc,GAAe,EAAE,CAAC;IAEtC,MAAM,OAAO,GAAG,KAAK,EAAE,IAAc,EAAE,KAAY,EAAE,EAAE;QACrD,IAAI,CAAC,wBAAe,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE;YAChC,OAAO;SACR;QAED,IAAI,mBAAS,CAAC,IAAI,CAAC,EAAE;YACnB,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1B,OAAO;SACR;QAED,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzB,CAAC,CAAC;IAEF,MAAM,UAAU,GAAoB,CAAC,IAAI,EAAE,EAAE;QAC3C,IAAI,GAAG,oBAAW,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,UAAG,CAAC,CAAC,IAAI,CAAC,YAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC9D,OAAO,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC;IACvE,CAAC,CAAC;IAEF,MAAM,QAAQ,CAAC,GAAG,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;IAEzC,OAAO,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;AACvC,CAAC;AA5BD,oBA4BC;AAED,KAAK,UAAU,QAAQ,CACrB,GAAS,EACT,MAAmB,EACnB,UAA2B;IAE3B,IAAI;QACF,IAAI,UAAU,CAAC,GAAG,CAAC,EAAE;YACnB,OAAO;SACR;QAED,MAAM,KAAK,GAAG,MAAM,aAAK,CAAC,GAAG,CAAC,CAAC;QAE/B,IAAI,KAAK,CAAC,cAAc,EAAE,EAAE;YAC1B,OAAO;SACR;QAED,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE;YAClB,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACnB,OAAO;SACR;QAED,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE;YACvB,MAAM,OAAO,GAAG,MAAM,eAAO,CAAC,GAAG,CAAC,CAAC;YAEnC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE;gBAC3B,MAAM,QAAQ,GAAG,WAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;gBAElC,MAAM,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;aAC9C;SACF;KACF;IAAC,OAAO,KAAK,EAAE;QACd,aAAK,CAAC,KAAK,CAAC,OAAO,IAAI,sBAAsB,GAAG,KAAK,KAAK,EAAE,CAAC,CAAC;KAC/D;AACH,CAAC"}
|
package/dist/scan.d.ts
CHANGED
|
@@ -1,2 +1,5 @@
|
|
|
1
|
-
import { Options, PluginResponse } from './types';
|
|
1
|
+
import { Options, Path, PluginResponse, SignatureResult } from './types';
|
|
2
|
+
import { Glob } from './utils/dotsnyk/types';
|
|
3
|
+
export declare function toRelativePaths(basedir: Path, signatures: readonly SignatureResult[], extractionWorkspace?: Path): void;
|
|
2
4
|
export declare function scan(options: Options): Promise<PluginResponse>;
|
|
5
|
+
export declare function getExcludedPatterns(projectRoot: Path, policyFilePath?: string): Glob[];
|
package/dist/scan.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.scan = void 0;
|
|
3
|
+
exports.getExcludedPatterns = exports.scan = exports.toRelativePaths = void 0;
|
|
4
4
|
const fs = require("fs");
|
|
5
5
|
const path = require("path");
|
|
6
6
|
const path_1 = require("path");
|
|
@@ -12,6 +12,17 @@ const git_1 = require("./git");
|
|
|
12
12
|
const extract_1 = require("./extract");
|
|
13
13
|
const fs_1 = require("./utils/fs");
|
|
14
14
|
const common_1 = require("./common");
|
|
15
|
+
const dotSnyk = require("./utils/dotsnyk");
|
|
16
|
+
const invariants_1 = require("./utils/dotsnyk/invariants");
|
|
17
|
+
function toRelativePaths(basedir, signatures, extractionWorkspace) {
|
|
18
|
+
signatures.forEach((s) => {
|
|
19
|
+
const src = extractionWorkspace && s.path.includes(extractionWorkspace)
|
|
20
|
+
? extractionWorkspace
|
|
21
|
+
: basedir;
|
|
22
|
+
s.path = path.relative(src, s.path);
|
|
23
|
+
});
|
|
24
|
+
}
|
|
25
|
+
exports.toRelativePaths = toRelativePaths;
|
|
15
26
|
async function scan(options) {
|
|
16
27
|
try {
|
|
17
28
|
debug_1.debug.enabled = !!(options === null || options === void 0 ? void 0 : options.debug);
|
|
@@ -27,13 +38,15 @@ async function scan(options) {
|
|
|
27
38
|
throw `'${options.path}' does not exist.`;
|
|
28
39
|
}
|
|
29
40
|
const start = Date.now();
|
|
30
|
-
const
|
|
31
|
-
|
|
41
|
+
const projectRoot = options.path;
|
|
42
|
+
const excludedPatterns = getExcludedPatterns(projectRoot, options['policy-path']);
|
|
43
|
+
const [filePaths, archivePaths] = await find_1.find(projectRoot, excludedPatterns);
|
|
44
|
+
let extractionWorkspace = undefined;
|
|
32
45
|
if (0 < extractionDepthLimit && 0 < archivePaths.length) {
|
|
33
46
|
const temporaryDir = await fs_1.createTemporaryDir();
|
|
34
47
|
extractionWorkspace = path_1.join(temporaryDir, common_1.DECOMPRESSING_WORKSPACE_DIR);
|
|
35
48
|
await extract_1.extract(archivePaths, temporaryDir, extractionDepthLimit);
|
|
36
|
-
const [newFilePaths, newArchivePaths] = await find_1.find(extractionWorkspace);
|
|
49
|
+
const [newFilePaths, newArchivePaths] = await find_1.find(extractionWorkspace, excludedPatterns);
|
|
37
50
|
filePaths.push(...newFilePaths, ...newArchivePaths);
|
|
38
51
|
}
|
|
39
52
|
else {
|
|
@@ -41,12 +54,7 @@ async function scan(options) {
|
|
|
41
54
|
}
|
|
42
55
|
debug_1.debug('%d files found \n', filePaths.length);
|
|
43
56
|
const signatures = await signatures_1.computeSignaturesConcurrently(filePaths);
|
|
44
|
-
|
|
45
|
-
const src = extractionWorkspace && s.path.includes(extractionWorkspace)
|
|
46
|
-
? extractionWorkspace
|
|
47
|
-
: options.path;
|
|
48
|
-
s.path = path.relative(src, s.path);
|
|
49
|
-
});
|
|
57
|
+
toRelativePaths(projectRoot, signatures, extractionWorkspace);
|
|
50
58
|
const end = Date.now();
|
|
51
59
|
const totalMilliseconds = end - start;
|
|
52
60
|
const totalFileSignatures = signatures.length;
|
|
@@ -66,7 +74,7 @@ async function scan(options) {
|
|
|
66
74
|
const target = await git_1.getTarget();
|
|
67
75
|
debug_1.debug('target %o \n', target);
|
|
68
76
|
const gitInfo = hosted_git_info_1.fromUrl(target.remoteUrl);
|
|
69
|
-
const name = options.projectName || (gitInfo === null || gitInfo === void 0 ? void 0 : gitInfo.project) || path.basename(
|
|
77
|
+
const name = options.projectName || (gitInfo === null || gitInfo === void 0 ? void 0 : gitInfo.project) || path.basename(projectRoot);
|
|
70
78
|
debug_1.debug('name %o \n', name);
|
|
71
79
|
const scanResults = [
|
|
72
80
|
{
|
|
@@ -88,4 +96,16 @@ async function scan(options) {
|
|
|
88
96
|
}
|
|
89
97
|
}
|
|
90
98
|
exports.scan = scan;
|
|
99
|
+
function getExcludedPatterns(projectRoot, policyFilePath = path_1.join(projectRoot, invariants_1.DEFAULT_SNYK_POLICY_FILE)) {
|
|
100
|
+
var _a;
|
|
101
|
+
if (!dotSnyk.exists(policyFilePath)) {
|
|
102
|
+
return [];
|
|
103
|
+
}
|
|
104
|
+
const config = dotSnyk.parse(policyFilePath);
|
|
105
|
+
return [
|
|
106
|
+
policyFilePath,
|
|
107
|
+
...dotSnyk.toAbsolutePaths(projectRoot, (_a = config === null || config === void 0 ? void 0 : config.exclude) === null || _a === void 0 ? void 0 : _a.unmanaged),
|
|
108
|
+
];
|
|
109
|
+
}
|
|
110
|
+
exports.getExcludedPatterns = getExcludedPatterns;
|
|
91
111
|
//# sourceMappingURL=scan.js.map
|
package/dist/scan.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scan.js","sourceRoot":"","sources":["../lib/scan.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AACzB,6BAA6B;AAC7B,+BAA4B;
|
|
1
|
+
{"version":3,"file":"scan.js","sourceRoot":"","sources":["../lib/scan.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AACzB,6BAA6B;AAC7B,+BAA4B;AAY5B,mCAAgC;AAChC,iCAA8B;AAC9B,qDAA0C;AAC1C,6CAA6D;AAC7D,+BAAkC;AAClC,uCAAoC;AACpC,mCAAgD;AAChD,qCAAuD;AACvD,2CAA2C;AAE3C,2DAAsE;AAEtE,SAAgB,eAAe,CAC7B,OAAa,EACb,UAAsC,EACtC,mBAA0B;IAE1B,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QACvB,MAAM,GAAG,GACP,mBAAmB,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,mBAAmB,CAAC;YACzD,CAAC,CAAC,mBAAmB;YACrB,CAAC,CAAC,OAAO,CAAC;QAEd,CAAC,CAAC,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;AACL,CAAC;AAbD,0CAaC;AAEM,KAAK,UAAU,IAAI,CAAC,OAAgB;IACzC,IAAI;QACF,aAAK,CAAC,OAAO,GAAG,CAAC,EAAC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAA,CAAC;QACjC,aAAK,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAChC,MAAM,oBAAoB,GAAG,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAEvD,IAAI,oBAAoB,GAAG,CAAC,EAAE;YAC5B,MAAM,oEAAoE,CAAC;SAC5E;QAED,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE;YACjB,MAAM,oCAAoC,CAAC;SAC5C;QAED,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;YAChC,MAAM,IAAI,OAAO,CAAC,IAAI,mBAAmB,CAAC;SAC3C;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEzB,MAAM,WAAW,GAAS,OAAO,CAAC,IAAI,CAAC;QAEvC,MAAM,gBAAgB,GAAW,mBAAmB,CAClD,WAAW,EACX,OAAO,CAAC,aAAa,CAAC,CACvB,CAAC;QACF,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,MAAM,WAAI,CAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC;QAE5E,IAAI,mBAAmB,GAAyB,SAAS,CAAC;QAE1D,IAAI,CAAC,GAAG,oBAAoB,IAAI,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE;YACvD,MAAM,YAAY,GAAG,MAAM,uBAAkB,EAAE,CAAC;YAChD,mBAAmB,GAAG,WAAI,CAAC,YAAY,EAAE,oCAA2B,CAAC,CAAC;YAEtE,MAAM,iBAAO,CAAC,YAAY,EAAE,YAAY,EAAE,oBAAoB,CAAC,CAAC;YAChE,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,GAAG,MAAM,WAAI,CAChD,mBAAmB,EACnB,gBAAgB,CACjB,CAAC;YAEF,SAAS,CAAC,IAAI,CAAC,GAAG,YAAY,EAAE,GAAG,eAAe,CAAC,CAAC;SACrD;aAAM;YACL,SAAS,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;SACjC;QAED,aAAK,CAAC,mBAAmB,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;QAE7C,MAAM,UAAU,GAAsB,MAAM,0CAA6B,CACvE,SAAS,CACV,CAAC;QAEF,eAAe,CAAC,WAAW,EAAE,UAAU,EAAE,mBAAmB,CAAC,CAAC;QAE9D,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,MAAM,iBAAiB,GAAG,GAAG,GAAG,KAAK,CAAC;QACtC,MAAM,mBAAmB,GAAG,UAAU,CAAC,MAAM,CAAC;QAC9C,MAAM,2CAA2C,GAAG,IAAI,CAAC,KAAK,CAC5D,iBAAiB,GAAG,IAAI,CACzB,CAAC;QAEF,aAAK,CAAC,yBAAyB,mBAAmB,KAAK,CAAC,CAAC;QACzD,aAAK,CACH,uDAAuD,2CAA2C,MAAM,CACzG,CAAC;QAEF,MAAM,KAAK,GAAY,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC;QAEtE,MAAM,SAAS,GAAgB;YAC7B;gBACE,IAAI,EAAE,gCAAgC;gBACtC,IAAI,EAAE;oBACJ,mBAAmB;oBACnB,2CAA2C;iBAC5C;aACF;SACF,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,eAAS,EAAE,CAAC;QACjC,aAAK,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QAC9B,MAAM,OAAO,GAAG,yBAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC1C,MAAM,IAAI,GACR,OAAO,CAAC,WAAW,KAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,CAAA,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QACxE,aAAK,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;QAC1B,MAAM,WAAW,GAAiB;YAChC;gBACE,KAAK;gBACL,QAAQ,EAAE;oBACR,IAAI,EAAE,KAAK;iBACZ;gBACD,IAAI;gBACJ,MAAM;gBACN,SAAS;aACV;SACF,CAAC;QAEF,OAAO;YACL,WAAW;SACZ,CAAC;KACH;IAAC,OAAO,KAAK,EAAE;QACd,MAAM,IAAI,KAAK,CAAC,iCAAiC,KAAK,EAAE,CAAC,CAAC;KAC3D;AACH,CAAC;AAtGD,oBAsGC;AAED,SAAgB,mBAAmB,CACjC,WAAiB,EACjB,iBAAyB,WAAI,CAAC,WAAW,EAAE,qCAAwB,CAAC;;IAEpE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE;QACnC,OAAO,EAAE,CAAC;KACX;IAED,MAAM,MAAM,GAAkB,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;IAE5D,OAAO;QACL,cAAc;QACd,GAAG,OAAO,CAAC,eAAe,CAAC,WAAW,QAAE,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,OAAO,0CAAE,SAAS,CAAC;KACpE,CAAC;AACJ,CAAC;AAdD,kDAcC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -44,6 +44,7 @@ export interface Options {
|
|
|
44
44
|
'print-deps'?: boolean;
|
|
45
45
|
'print-dep-paths'?: boolean;
|
|
46
46
|
'max-depth'?: number;
|
|
47
|
+
'policy-path'?: string;
|
|
47
48
|
}
|
|
48
49
|
export interface Issue {
|
|
49
50
|
pkgName: string;
|
|
@@ -83,4 +84,8 @@ export interface FullFileHash {
|
|
|
83
84
|
data: string;
|
|
84
85
|
}
|
|
85
86
|
export declare type FileContent = Buffer;
|
|
86
|
-
export declare type
|
|
87
|
+
export declare type Path = string;
|
|
88
|
+
export declare type FilePath = Path;
|
|
89
|
+
export interface Predicate<T> {
|
|
90
|
+
(_: T): boolean;
|
|
91
|
+
}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import { Config } from './types';
|
|
2
|
+
import { Path } from '../../types';
|
|
3
|
+
/**
|
|
4
|
+
* Checks if the snyk policy file exists in the provided path
|
|
5
|
+
* @param {string} policyPath - the path of the policy file.
|
|
6
|
+
* @returns {[boolean, Object]} - snyk policy file is present or not and the error in case of failure
|
|
7
|
+
*/
|
|
8
|
+
export declare function exists(policyPath: string): boolean;
|
|
9
|
+
/**
|
|
10
|
+
* Parses the snyk policy file content
|
|
11
|
+
* @param {string} policyPath - the path of the policy file.
|
|
12
|
+
* @returns {Object} - the content of the policy file
|
|
13
|
+
*/
|
|
14
|
+
export declare function parse(policyPath: string): Config;
|
|
15
|
+
/**
|
|
16
|
+
* Resolves an array of paths relative to the basedir
|
|
17
|
+
* @param {string} basedir - the basedir used for resolving the paths
|
|
18
|
+
* @param {Array} paths - the paths to be resolved
|
|
19
|
+
* @returns {Array} - the resolved paths
|
|
20
|
+
*/
|
|
21
|
+
export declare function toAbsolutePaths(basedir: string, paths?: readonly string[]): Path[];
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.toAbsolutePaths = exports.parse = exports.exists = void 0;
|
|
4
|
+
const fs_1 = require("fs");
|
|
5
|
+
const yaml_1 = require("yaml");
|
|
6
|
+
const path_1 = require("path");
|
|
7
|
+
/**
|
|
8
|
+
* Checks if the snyk policy file exists in the provided path
|
|
9
|
+
* @param {string} policyPath - the path of the policy file.
|
|
10
|
+
* @returns {[boolean, Object]} - snyk policy file is present or not and the error in case of failure
|
|
11
|
+
*/
|
|
12
|
+
function exists(policyPath) {
|
|
13
|
+
return fs_1.existsSync(policyPath);
|
|
14
|
+
}
|
|
15
|
+
exports.exists = exists;
|
|
16
|
+
/**
|
|
17
|
+
* Parses the snyk policy file content
|
|
18
|
+
* @param {string} policyPath - the path of the policy file.
|
|
19
|
+
* @returns {Object} - the content of the policy file
|
|
20
|
+
*/
|
|
21
|
+
function parse(policyPath) {
|
|
22
|
+
return yaml_1.parse(fs_1.readFileSync(policyPath, 'utf-8'));
|
|
23
|
+
}
|
|
24
|
+
exports.parse = parse;
|
|
25
|
+
/**
|
|
26
|
+
* Resolves an array of paths relative to the basedir
|
|
27
|
+
* @param {string} basedir - the basedir used for resolving the paths
|
|
28
|
+
* @param {Array} paths - the paths to be resolved
|
|
29
|
+
* @returns {Array} - the resolved paths
|
|
30
|
+
*/
|
|
31
|
+
function toAbsolutePaths(basedir, paths = []) {
|
|
32
|
+
return paths.map((p) => path_1.resolve(basedir, p));
|
|
33
|
+
}
|
|
34
|
+
exports.toAbsolutePaths = toAbsolutePaths;
|
|
35
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../lib/utils/dotsnyk/index.ts"],"names":[],"mappings":";;;AAAA,2BAA8C;AAC9C,+BAA0C;AAG1C,+BAA+B;AAE/B;;;;GAIG;AACH,SAAgB,MAAM,CAAC,UAAkB;IACvC,OAAO,eAAU,CAAC,UAAU,CAAC,CAAC;AAChC,CAAC;AAFD,wBAEC;AAED;;;;GAIG;AACH,SAAgB,KAAK,CAAC,UAAkB;IACtC,OAAO,YAAS,CAAC,iBAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;AACtD,CAAC;AAFD,sBAEC;AAED;;;;;GAKG;AACH,SAAgB,eAAe,CAC7B,OAAe,EACf,QAA2B,EAAE;IAE7B,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAO,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;AAC/C,CAAC;AALD,0CAKC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare const DEFAULT_SNYK_POLICY_FILE = ".snyk";
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"invariants.js","sourceRoot":"","sources":["../../../lib/utils/dotsnyk/invariants.ts"],"names":[],"mappings":";;;AAAa,QAAA,wBAAwB,GAAG,OAAO,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../lib/utils/dotsnyk/types.ts"],"names":[],"mappings":""}
|
package/dist/utils/error.js
CHANGED
|
@@ -10,6 +10,7 @@ var ExitCode;
|
|
|
10
10
|
function exitWith(exitCode, message, testResults = []) {
|
|
11
11
|
const err = new Error();
|
|
12
12
|
err.message = message;
|
|
13
|
+
err.userMessage = message;
|
|
13
14
|
err.code = exitCode.valueOf();
|
|
14
15
|
if (0 < testResults.length) {
|
|
15
16
|
const jsonData = testResults.length === 1 ? testResults[0] : testResults;
|
package/dist/utils/error.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"error.js","sourceRoot":"","sources":["../../lib/utils/error.ts"],"names":[],"mappings":";;;AAEA,IAAY,QAIX;AAJD,WAAY,QAAQ;IAClB,0CAA8B,CAAA;IAC9B,yCAAS,CAAA;IACT,+DAAoB,CAAA;AACtB,CAAC,EAJW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAInB;AAED,SAAgB,QAAQ,CACtB,QAAkB,EAClB,OAAe,EACf,cAA4B,EAAE;IAE9B,MAAM,GAAG,GAAG,IAAI,KAAK,EAAS,CAAC;IAC/B,GAAG,CAAC,OAAO,GAAG,OAAO,CAAC;IACtB,GAAG,CAAC,IAAI,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC;IAE9B,IAAI,CAAC,GAAG,WAAW,CAAC,MAAM,EAAE;QAC1B,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;QACzE,GAAG,CAAC,sBAAsB,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;KACvD;IAED,MAAM,GAAG,CAAC;AACZ,CAAC;
|
|
1
|
+
{"version":3,"file":"error.js","sourceRoot":"","sources":["../../lib/utils/error.ts"],"names":[],"mappings":";;;AAEA,IAAY,QAIX;AAJD,WAAY,QAAQ;IAClB,0CAA8B,CAAA;IAC9B,yCAAS,CAAA;IACT,+DAAoB,CAAA;AACtB,CAAC,EAJW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAInB;AAED,SAAgB,QAAQ,CACtB,QAAkB,EAClB,OAAe,EACf,cAA4B,EAAE;IAE9B,MAAM,GAAG,GAAG,IAAI,KAAK,EAAS,CAAC;IAC/B,GAAG,CAAC,OAAO,GAAG,OAAO,CAAC;IACtB,GAAG,CAAC,WAAW,GAAG,OAAO,CAAC;IAC1B,GAAG,CAAC,IAAI,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC;IAE9B,IAAI,CAAC,GAAG,WAAW,CAAC,MAAM,EAAE;QAC1B,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;QACzE,GAAG,CAAC,sBAAsB,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;KACvD;IAED,MAAM,GAAG,CAAC;AACZ,CAAC;AAhBD,4BAgBC"}
|
package/package.json
CHANGED
|
@@ -30,6 +30,7 @@
|
|
|
30
30
|
},
|
|
31
31
|
"dependencies": {
|
|
32
32
|
"@snyk/dep-graph": "^1.19.3",
|
|
33
|
+
"@types/minimatch": "^3.0.5",
|
|
33
34
|
"@types/uuid": "^8.3.4",
|
|
34
35
|
"adm-zip": "^0.5.9",
|
|
35
36
|
"chalk": "^4.1.0",
|
|
@@ -38,7 +39,7 @@
|
|
|
38
39
|
"p-map": "^4.0.0",
|
|
39
40
|
"tar": "^6.1.11",
|
|
40
41
|
"tslib": "^2.0.0",
|
|
41
|
-
"
|
|
42
|
+
"yaml": "^1.10.2"
|
|
42
43
|
},
|
|
43
44
|
"devDependencies": {
|
|
44
45
|
"@types/debug": "^4.1.5",
|
|
@@ -57,5 +58,5 @@
|
|
|
57
58
|
"tsc-watch": "^4.2.9",
|
|
58
59
|
"typescript": "^3.9.7"
|
|
59
60
|
},
|
|
60
|
-
"version": "2.
|
|
61
|
+
"version": "2.17.1"
|
|
61
62
|
}
|