Socket
Socket
Sign inDemoInstall

@enterprise-cmcs/macpro-security-hub-sync

Package Overview
Dependencies
Maintainers
0
Versions
35
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@enterprise-cmcs/macpro-security-hub-sync - npm Package Compare versions

Comparing version 1.13.0 to 1.14.0

2

dist/libs/jira-lib.d.ts
import { IssueObject } from "jira-client";
import { LabelConfig } from "macpro-security-hub-sync";
export declare class Jira {

@@ -10,2 +11,3 @@ private readonly jira;

private static formatLabelQuery;
createSearchLabels(identifyingLabels: string[], config: LabelConfig[]): string[];
getAllSecurityHubIssuesInJiraProject(identifyingLabels: string[]): Promise<IssueObject[]>;

@@ -12,0 +14,0 @@ getPriorityIdsInDescendingOrder(): Promise<string[]>;

@@ -129,8 +129,39 @@ "use strict";

}
createSearchLabels(identifyingLabels, config) {
const labels = [];
const fields = ["accountId", "region", "identify"];
const values = [...identifyingLabels, "security-hub"];
config.forEach(({ labelField: field, labelDelimiter: delim, labelPrefix: prefix }) => {
const delimiter = delim ?? "";
const labelPrefix = prefix ?? "";
if (fields.includes(field)) {
const index = fields.indexOf(field);
if (index >= 0) {
labels.push(`${labelPrefix}${delimiter}${values[index]
?.trim()
.replace(/ /g, "")}`);
}
}
});
return labels;
}
async getAllSecurityHubIssuesInJiraProject(identifyingLabels) {
const labelQueries = [...identifyingLabels, "security-hub"].map((label) => Jira.formatLabelQuery(label));
const labelQueries = [...identifyingLabels, "security-hub"]
.map((label) => Jira.formatLabelQuery(label))
.join(" AND ");
let finalLabelQuery = labelQueries;
if (process.env.LABELS_CONFIG) {
const config = JSON.parse(process.env.LABELS_CONFIG);
const configLabels = this.createSearchLabels(identifyingLabels, config);
const searchQuery = configLabels
.map((label) => Jira.formatLabelQuery(label))
.join(" AND ");
if (searchQuery) {
finalLabelQuery = `(${finalLabelQuery}) OR (${searchQuery})`;
}
}
const projectQuery = `project = '${process.env.JIRA_PROJECT}'`;
const statusQuery = `status not in ('${this.jiraClosedStatuses.join("','" // wrap each closed status in single quotes
)}')`;
const fullQuery = [...labelQueries, projectQuery, statusQuery].join(" AND ");
const fullQuery = [finalLabelQuery, projectQuery, statusQuery].join(" AND ");
// We want to do everything possible to prevent matching tickets that we shouldn't

@@ -137,0 +168,0 @@ if (!fullQuery.includes(Jira.formatLabelQuery("security-hub"))) {

2

dist/macpro-security-hub-sync.d.ts

@@ -16,3 +16,3 @@ import { Resource, SecurityHubFinding } from "./libs";

}
interface LabelConfig {
export interface LabelConfig {
labelField: string;

@@ -19,0 +19,0 @@ labelPrefix?: string;

@@ -7,3 +7,3 @@ {

},
"version": "1.13.0",
"version": "1.14.0",
"description": "NPM module to create Jira issues for all findings in Security Hub for the current AWS account..",

@@ -10,0 +10,0 @@ "main": "./dist/index.js",

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc