Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@xliic/cicd-core-node

Package Overview
Dependencies
Maintainers
1
Versions
67
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@xliic/cicd-core-node - npm Package Compare versions

Comparing version 5.13.0 to 5.14.0

36

lib/audit.js

@@ -23,2 +23,4 @@ "use strict";

const api_1 = require("./api");
const fs_1 = require("fs");
const util_1 = require("./util");
function audit(inputs) {

@@ -29,5 +31,13 @@ return __awaiter(this, void 0, void 0, function* () {

const platformConfig = yield (0, api_1.getPlatformConfig)(options);
const files = yield runAudit(options, platformConfig);
const filesGrouped = yield runAudit(options, platformConfig);
const files = new Map([
...filesGrouped.discovery.entries(),
...filesGrouped.mapping.entries(),
]);
const failures = getFailures(files);
displayReport(files, options);
if (options.writeJsonReportTo !== undefined &&
options.writeJsonReportTo != "") {
writeReport(filesGrouped, options.writeJsonReportTo, options.rootDir, options.logger);
}
return { files: files, failures };

@@ -83,7 +93,14 @@ }

const discovered = yield (0, discovery_1.auditDiscoveredFiles)(openapiFilenames, options, platformConfig);
const discovery = new Map([...errors, ...discovered]);
if (options.config.mappedFiles) {
const mapped = yield (0, mapping_1.auditMappedFiles)(options, platformConfig);
return new Map([...errors, ...discovered, ...mapped]);
const mapping = yield (0, mapping_1.auditMappedFiles)(options, platformConfig);
return {
discovery,
mapping,
};
}
return new Map([...errors, ...discovered]);
return {
discovery,
mapping: new Map(),
};
});

@@ -125,1 +142,12 @@ }

exports.displayReport = displayReport;
function writeReport(result, reportPath, rootDir, logger) {
const fullReportPath = (0, util_1.getJsonReportPath)(reportPath, rootDir);
const report = (0, util_1.getJsonReport)(result);
try {
(0, fs_1.writeFileSync)(fullReportPath, JSON.stringify(report, null, 4));
logger.info(`JSON report was written to: "${fullReportPath}"`);
}
catch (e) {
throw new error_1.TaskError(`Can't write JSON report to: "${fullReportPath}",\n ${e}`);
}
}

21

lib/types.d.ts

@@ -67,2 +67,5 @@ export declare type Result<R, E> = [R, undefined] | [undefined, E];

export declare type FileAuditMap = Map<string, AuditApi | ApiErrors>;
export declare const AuditModesNames: readonly ["mapping", "discovery"];
export declare type AuditModes = typeof AuditModesNames[number];
export declare type InternalAuditResult = Record<AuditModes, FileAuditMap>;
export interface AuditResult {

@@ -179,2 +182,3 @@ files: FileAuditMap;

defaultCollectionName?: string;
writeJsonReportTo?: string;
}

@@ -212,2 +216,3 @@ export interface ScanInputs extends TaskInputs {

config: AuditConfig;
writeJsonReportTo?: string;
}

@@ -236,2 +241,18 @@ export interface PlatformConfig {

}
export declare type JsonAuditReport = Record<string, JsonReportItemSuccess | JsonReportItemFailure>;
export interface JsonReport {
audit: {
report: JsonAuditReport;
};
}
export interface JsonReportItemSuccess {
success: true;
apiId: string;
mode: AuditModes;
score: number;
}
export interface JsonReportItemFailure {
success: false;
error: string;
}
export {};

3

lib/types.js

@@ -7,3 +7,4 @@ "use strict";

Object.defineProperty(exports, "__esModule", { value: true });
exports.SharingType = void 0;
exports.SharingType = exports.AuditModesNames = void 0;
exports.AuditModesNames = ["mapping", "discovery"];
var SharingType;

@@ -10,0 +11,0 @@ (function (SharingType) {

6

lib/util.d.ts

@@ -1,2 +0,2 @@

import { Logger, PlatformConfig, Reference } from "./types";
import { InternalAuditResult, JsonAuditReport, JsonReport, Logger, PlatformConfig, Reference } from "./types";
export declare function makeSafeName(name: string): string;

@@ -7,1 +7,5 @@ export declare function makeCollectionName(repo: string, reference: Reference, nameTemplate: string, log: Logger): string;

export declare function checkCollectionName(name: string, platformConfig: PlatformConfig, logger: Logger): string | undefined;
export declare function getJsonReportPath(reportPath: string, rootDir: string): string;
export declare function getErrorMessage(errors: any): string;
export declare function getJsonReport(audit: InternalAuditResult): JsonReport;
export declare function getJsonAuditReport(result: InternalAuditResult): JsonAuditReport;

66

lib/util.js
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.checkCollectionName = exports.checkApiName = exports.makeTechnicalCollectionName = exports.makeCollectionName = exports.makeSafeName = void 0;
exports.getJsonAuditReport = exports.getJsonReport = exports.getErrorMessage = exports.getJsonReportPath = exports.checkCollectionName = exports.checkApiName = exports.makeTechnicalCollectionName = exports.makeCollectionName = exports.makeSafeName = void 0;
const fs_1 = require("fs");
const path_1 = require("path");
const url_1 = require("url");
const constants_1 = require("./constants");
const error_1 = require("./error");
const types_1 = require("./types");
function makeSafeName(name) {

@@ -101,1 +105,61 @@ return name

exports.checkCollectionName = checkCollectionName;
function getJsonReportPath(reportPath, rootDir) {
let absolutePath = (0, path_1.resolve)(rootDir, reportPath);
const ext = (0, path_1.extname)(absolutePath);
if (ext === "") {
absolutePath += ".json";
}
else if (ext.toLowerCase() != ".json") {
throw new error_1.TaskError(`Unexpected extension for JSON report file, please use '.json' extension or filename with no extension: "${absolutePath}"`);
}
if ((0, fs_1.existsSync)(absolutePath)) {
throw new error_1.TaskError(`JSON report file "${absolutePath}" already exists`);
}
return absolutePath;
}
exports.getJsonReportPath = getJsonReportPath;
function getErrorMessage(errors) {
const result = [];
for (let key in errors) {
const value = errors[key];
if (value && typeof value == "object") {
result.push(getErrorMessage(value));
}
else {
result.push(value);
}
}
return result.join("\n");
}
exports.getErrorMessage = getErrorMessage;
function getJsonReport(audit) {
return {
audit: {
report: getJsonAuditReport(audit),
},
};
}
exports.getJsonReport = getJsonReport;
function getJsonAuditReport(result) {
const report = {};
for (const mode of types_1.AuditModesNames) {
for (const [file, api] of result[mode]) {
report[file] = getReportItem(api, mode);
}
}
return report;
}
exports.getJsonAuditReport = getJsonAuditReport;
function getReportItem(result, mode) {
return "errors" in result
? {
success: false,
error: getErrorMessage(result.errors),
}
: {
success: true,
apiId: result.id,
mode: mode,
score: result.score,
};
}

2

package.json
{
"name": "@xliic/cicd-core-node",
"version": "5.13.0",
"version": "5.14.0",
"description": "Performs API contract security audit to get a detailed analysis of the possible vulnerabilities and other issues in the API contract.",

@@ -5,0 +5,0 @@ "main": "lib/index.js",

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc