🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

gulp-nsp

Package Overview
Dependencies
Maintainers
5
Versions
16
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

gulp-nsp - npm Package Compare versions

Comparing version

2.4.2
to
3.0.0

2

gulpfile.js

@@ -9,5 +9,5 @@ 'use strict';

GulpNSP({
shrinkwrap: __dirname + '/npm-shrinkwrap.json',
packagelock: __dirname + '/package-lock.json',
package: __dirname + '/package.json'
}, cb);
});

119

index.js
'use strict';
var GulpUtil = require('gulp-util');
var Nsp = require('nsp');
var Preprocessor = require('nsp/lib/preprocessor');
var Reporter = require('nsp/reporters');
var PluginError = require('plugin-error');
var Log = require('fancy-log');
var PLUGIN_NAME = require('./package.json').name;
var Os = require('os');
var Fs = require('fs');
var Path = require('path');
var internals = {};
internals.wrapReporter = function (name, fn, ...args) {
var output = '';
return new Promise((resolve, reject) => {
try {
return resolve(fn(...args, {
log: function (...segments) {
output += segments.join(' ') + '\n';
},
error: function (...segments) {
output += segments.join(' ') + '\n';
}
}));
}
catch (err) {
return reject(err);
}
}).catch((err) => {
output += `Error in reporter: ${name}\n`;
output += err.stack + '\n';
}).then(() => {
return output;
});
};
var rsGulp = function (params, callback) {
var payload = {};
var formatter = Nsp.formatters.default;
var payload = Nsp.sanitizeParameters(params);
var reporter = Reporter.load(payload.reporter);
if (params.package) {
payload.package = params.package;
}
return Promise.resolve().then(() => {
if (params.shrinkwrap) {
payload.shrinkwrap = params.shrinkwrap;
}
const preprocessor = Preprocessor.load(payload.preprocessor);
return preprocessor.hasOwnProperty('check') ? preprocessor.check(payload) : Promise.resolve(payload);
}).then((args) => {
// Enable builds behind the HTTP_PROXY
if (params.proxy) {
payload.proxy = params.proxy;
}
return Nsp.check(args);
}).then((result) => {
if (params.output) {
if (Nsp.formatters.hasOwnProperty(params.output)) {
formatter = Nsp.formatters[params.output];
var maxCvss;
if (payload.filter ||
payload.threshold) {
maxCvss = Math.max(...result.data.map((item) => item.cvss_score));
}
else {
GulpUtil.log('Invalid formatter specified in options. Must be one of ' + Object.keys(Nsp.formatters).join(', ') + '\nUsing default formatter');
if (payload.filter &&
result.data.length) {
result.data = result.data.filter((item) => item.cvss_score > args.filter);
}
}
Nsp.check(payload, function (err, data) {
var buildReport;
if (reporter.hasOwnProperty('check') &&
reporter.check.hasOwnProperty('success')) {
var output = formatter(err, data);
var pluginErr = new GulpUtil.PluginError(PLUGIN_NAME, output);
buildReport = internals.wrapReporter(payload.reporter, reporter.check.success, result, payload);
}
else {
buildReport = internals.wrapReporter(payload.reporter, reporter.success, result, payload);
}
if (err) {
if (params.stopOnError === false) {
GulpUtil.log(output);
return buildReport.then((output) => {
if (params.stopOnError === false || result.data && result.data.length === 0) {
Log(output.trim());
return callback();
}
return callback(pluginErr);
}
if (params.stopOnError === false || data && data.length === 0) {
GulpUtil.log(output);
return callback();
if (result.data.length > 0) {
var pluginErr = new PluginError(PLUGIN_NAME, output);
return callback(pluginErr);
}
})
}).catch((err) => {
var buildReport;
if (reporter.hasOwnProperty('check') &&
reporter.check.hasOwnProperty('error')) {
buildReport = internals.wrapReporter(payload.reporter, reporter.check.error, err, payload);
}
else {
buildReport = internals.wrapReporter(payload.reporter, reporter.error, err, payload);
}
if (data.length > 0) {
return buildReport.then((output) => {
var pluginErr = new PluginError(PLUGIN_NAME, output);
return callback(pluginErr);
}
})
});
};
module.exports = rsGulp;

11

package.json
{
"name": "gulp-nsp",
"version": "2.4.2",
"version": "3.0.0",
"description": "A gulp module that runs Node Security check",

@@ -8,3 +8,2 @@ "main": "index.js",

"lint": "eslint .",
"shrinkwrap": "npm shrinkwrap && shrinkydink",
"test": "gulp nsp"

@@ -29,4 +28,5 @@ },

"dependencies": {
"gulp-util": "^3.0.6",
"nsp": "^2.0.0"
"fancy-log": "^1.3.2",
"nsp": "^3.2.0",
"plugin-error": "^1.0.1"
},

@@ -37,6 +37,5 @@ "devDependencies": {

"eslint-plugin-hapi": "^1.2.2",
"gulp": "^3.9.0",
"shrinkydink": "^1.0.0"
"gulp": "^3.9.0"
},
"license": "Apache-2.0"
}
.npmignore
npm-shrinkwrap.json
.drone.yml

Sorry, the diff of this file is not supported yet