snyk-policy
Advanced tools
Comparing version 1.15.0 to 1.16.0
{ | ||
"arrowParens": "always", | ||
"trailingComma": "es5", | ||
"singleQuote": true, | ||
"htmlWhitespaceSensitivity": "ignore" | ||
} |
@@ -19,3 +19,3 @@ module.exports = add; | ||
const path = options.path; | ||
const data = Object.keys(options).reduce(function(acc, curr) { | ||
const data = Object.keys(options).reduce(function (acc, curr) { | ||
if (curr === 'id' || curr === 'path') { | ||
@@ -22,0 +22,0 @@ return acc; |
@@ -12,3 +12,3 @@ // FIXME move to ext module | ||
function getVulnSource(vuln, cwd, live) { | ||
const from = vuln.from.slice(1).map(function(pkg) { | ||
const from = vuln.from.slice(1).map(function (pkg) { | ||
return moduleToObject(pkg).name; | ||
@@ -15,0 +15,0 @@ }); |
@@ -23,3 +23,3 @@ module.exports = filterIgnored; | ||
return vuln | ||
.map(function(vuln) { | ||
.map(function (vuln) { | ||
if (!ignore[vuln.id]) { | ||
@@ -37,3 +37,3 @@ return vuln; | ||
// if rules.find, then ignore vuln | ||
const appliedRules = ignore[vuln.id].filter(function(rule) { | ||
const appliedRules = ignore[vuln.id].filter(function (rule) { | ||
const path = Object.keys(rule)[0]; // this is a string | ||
@@ -82,3 +82,3 @@ let expires = rule[path].expires; | ||
vuln.filtered = { | ||
ignored: appliedRules.map(function(rule) { | ||
ignored: appliedRules.map(function (rule) { | ||
const path = Object.keys(rule)[0]; | ||
@@ -85,0 +85,0 @@ const ruleData = cloneDeep(rule[path]); |
@@ -63,3 +63,3 @@ module.exports = filter; | ||
vulns.ok = true; | ||
vulns.vulnerabilities.some(function(vuln) { | ||
vulns.vulnerabilities.some(function (vuln) { | ||
if (levels[vuln.severity] >= level) { | ||
@@ -66,0 +66,0 @@ vulns.ok = false; |
@@ -13,3 +13,3 @@ module.exports = attachNotes; | ||
return vuln.map(function(vuln) { | ||
return vuln.map(function (vuln) { | ||
if (!notes[vuln.id]) { | ||
@@ -22,3 +22,3 @@ return vuln; | ||
// if rules.some, then add note to the vuln | ||
notes[vuln.id].forEach(function(rule) { | ||
notes[vuln.id].forEach(function (rule) { | ||
const path = Object.keys(rule)[0]; // this is a string | ||
@@ -25,0 +25,0 @@ let expires = rule[path].expires; |
@@ -22,3 +22,3 @@ module.exports = filterPatched; | ||
return vulns | ||
.map(function(vuln) { | ||
.map(function (vuln) { | ||
if (!patched[vuln.id]) { | ||
@@ -37,3 +37,3 @@ return vuln; | ||
const vulnRules = patched[vuln.id] | ||
.map(function(rule) { | ||
.map(function (rule) { | ||
// first check if the path is a match on the rule | ||
@@ -57,3 +57,3 @@ const pathMatch = matchToRule(vuln, rule); | ||
// run through the potential rules to check if there's a patch flag in place | ||
const appliedRules = vulnRules.filter(function() { | ||
const appliedRules = vulnRules.filter(function () { | ||
// the target directory where our module name will live | ||
@@ -85,3 +85,3 @@ if (skipVerifyPatch) { | ||
vuln.filtered = { | ||
patches: appliedRules.map(function(rule) { | ||
patches: appliedRules.map(function (rule) { | ||
const path = Object.keys(rule)[0]; | ||
@@ -88,0 +88,0 @@ const ruleData = cloneDeep(rule[path]) || {}; |
@@ -32,3 +32,3 @@ const fs = require('then-fs'); | ||
function attachMethods(policy) { | ||
policy.filter = function(vulns, root) { | ||
policy.filter = function (vulns, root) { | ||
return filter(vulns, policy, root || path.dirname(policy.__filename)); | ||
@@ -46,3 +46,3 @@ }; | ||
function loadFromText(text) { | ||
return new Promise(function(resolve) { | ||
return new Promise(function (resolve) { | ||
const policy = parse.import(text); | ||
@@ -91,3 +91,3 @@ const now = Date.now(); | ||
const promise = new Promise(function(resolve) { | ||
const promise = new Promise(function (resolve) { | ||
if (ignorePolicy) { | ||
@@ -99,3 +99,3 @@ return resolve(parse.import()); | ||
return resolve( | ||
mergePolicies(root, options).then(function(res) { | ||
mergePolicies(root, options).then(function (res) { | ||
if (debug.enabled) { | ||
@@ -115,3 +115,3 @@ debug('final policy:'); | ||
promise, | ||
fs.stat(filename).catch(function() { | ||
fs.stat(filename).catch(function () { | ||
return {}; | ||
@@ -122,3 +122,3 @@ }), | ||
return Promise.all(promises) | ||
.catch(function(error) { | ||
.catch(function (error) { | ||
if (options.loose && error.code === 'ENOENT') { | ||
@@ -131,3 +131,3 @@ debug('ENOENT on file, but running loose'); | ||
}) | ||
.then(function(res) { | ||
.then(function (res) { | ||
const policy = res[0]; | ||
@@ -153,6 +153,6 @@ | ||
return Promise.all( | ||
policyDirs.map(function(dir) { | ||
policyDirs.map(function (dir) { | ||
return load(dir, options); | ||
}) | ||
).then(function(policies) { | ||
).then(function (policies) { | ||
// firstly extend the paths in the ignore and patch | ||
@@ -164,9 +164,9 @@ const rootPolicy = policies[0]; | ||
others | ||
.filter(function(policy) { | ||
.filter(function (policy) { | ||
return policy.__filename; // filter out non loaded policies | ||
}) | ||
.map(function(policy) { | ||
.map(function (policy) { | ||
const filename = path.dirname(policy.__filename) + '/package.json'; | ||
return tryRequire(filename).then(function(pkg) { | ||
return tryRequire(filename).then(function (pkg) { | ||
const full = pkg.name + '@' + pkg.version; | ||
@@ -178,3 +178,3 @@ | ||
}) | ||
).then(function() { | ||
).then(function () { | ||
return rootPolicy; | ||
@@ -191,5 +191,5 @@ }); | ||
Object.keys(policy[type]).forEach(function(id) { | ||
Object.keys(policy[type]).forEach(function (id) { | ||
// convert the path from `module@version` to `parent > module@version` | ||
policy[type][id] = policy[type][id].map(function(path) { | ||
policy[type][id] = policy[type][id].map(function (path) { | ||
// this is because our policy file format favours "readable" yaml, | ||
@@ -222,3 +222,3 @@ // instead of easy to use object structures. | ||
if (!spinner) { | ||
spinner = function(res) { | ||
spinner = function (res) { | ||
return Promise.resolve(res); | ||
@@ -230,6 +230,6 @@ }; | ||
return spinner(lbl) | ||
.then(function() { | ||
.then(function () { | ||
return parse.export(object); | ||
}) | ||
.then(function(yaml) { | ||
.then(function (yaml) { | ||
return fs.writeFile(filename, yaml); | ||
@@ -243,8 +243,8 @@ }) | ||
load(process.argv[2]) | ||
.then(function(res) { | ||
.then(function (res) { | ||
console.log(JSON.stringify(res, '', 2)); | ||
}) | ||
.catch(function(e) { | ||
.catch(function (e) { | ||
console.log(e.stack); | ||
}); | ||
} |
@@ -24,3 +24,3 @@ module.exports = { | ||
let offset = 0; | ||
const res = parts.every(function(pkg, i) { | ||
const res = parts.every(function (pkg, i) { | ||
debugPolicy('for %s...(against %s)', pkg, from[i + offset]); | ||
@@ -110,3 +110,3 @@ let fromPkg = from[i + offset] ? moduleToObject(from[i + offset]) : {}; | ||
function matchToRule(vuln, rule) { | ||
return Object.keys(rule).some(function(path) { | ||
return Object.keys(rule).some(function (path) { | ||
return matchToSingleRule(vuln, path); | ||
@@ -137,6 +137,6 @@ }); | ||
['ignore', 'patch'].forEach(function(key) { | ||
Object.keys(policy[key] || []).forEach(function(p) { | ||
['ignore', 'patch'].forEach(function (key) { | ||
Object.keys(policy[key] || []).forEach(function (p) { | ||
if (p === vuln.id) { | ||
policy[key][p].forEach(function(rule) { | ||
policy[key][p].forEach(function (rule) { | ||
if (matchToRule(vuln, rule)) { | ||
@@ -149,3 +149,3 @@ found = { | ||
const rootRule = Object.keys(rule).pop(); | ||
Object.keys(rule[rootRule]).forEach(function(key) { | ||
Object.keys(rule[rootRule]).forEach(function (key) { | ||
found[key] = rule[rootRule][key]; | ||
@@ -152,0 +152,0 @@ }); |
@@ -17,3 +17,3 @@ module.exports = addComments; | ||
Object.keys(inlineComments).forEach(function(key) { | ||
Object.keys(inlineComments).forEach(function (key) { | ||
const position = lines.indexOf(key + ':'); | ||
@@ -20,0 +20,0 @@ if (position !== -1) { |
@@ -8,6 +8,6 @@ module.exports = demunge; | ||
const res = ['ignore', 'patch'].reduce(function(acc, type) { | ||
const res = ['ignore', 'patch'].reduce(function (acc, type) { | ||
acc[type] = policy[type] | ||
? Object.keys(policy[type]).map(function(id) { | ||
const paths = policy[type][id].map(function(pathObj) { | ||
? Object.keys(policy[type]).map(function (id) { | ||
const paths = policy[type][id].map(function (pathObj) { | ||
const path = Object.keys(pathObj).pop(); | ||
@@ -14,0 +14,0 @@ const res = { |
@@ -46,3 +46,3 @@ const path = require('path'); | ||
// remove any private information on the policy | ||
Object.keys(data).map(function(key) { | ||
Object.keys(data).map(function (key) { | ||
if (key.indexOf('__') === 0) { | ||
@@ -49,0 +49,0 @@ delete data[key]; |
@@ -12,3 +12,3 @@ // eventually we'll have v2 which will point to latestParser, and v1 will | ||
Object.keys(policy.patch).forEach(function(id) { | ||
Object.keys(policy.patch).forEach(function (id) { | ||
if (!Array.isArray(policy.patch[id])) { | ||
@@ -38,3 +38,3 @@ delete policy.patch[id]; | ||
// alpha format, and we'll throw | ||
Object.keys(ignore).forEach(function(id) { | ||
Object.keys(ignore).forEach(function (id) { | ||
if (!Array.isArray(ignore[id])) { | ||
@@ -52,3 +52,3 @@ const error = new Error('old, unsupported .snyk format detected'); | ||
if (fix) { | ||
fix.forEach(function(item) { | ||
fix.forEach(function (item) { | ||
const o = {}; | ||
@@ -63,4 +63,4 @@ o[item.key] = item.rule; | ||
const move = []; | ||
Object.keys(policy).forEach(function(id) { | ||
policy[id].forEach(function(rule) { | ||
Object.keys(policy).forEach(function (id) { | ||
policy[id].forEach(function (rule) { | ||
const keys = Object.keys(rule); | ||
@@ -75,3 +75,3 @@ keys.shift(); // drop the first | ||
// the additional keys into their own position in the policy | ||
keys.forEach(function(key) { | ||
keys.forEach(function (key) { | ||
move.push({ | ||
@@ -100,3 +100,3 @@ id: id, | ||
'fail_threshhold', | ||
].some(function(key) { | ||
].some(function (key) { | ||
// if we have the value, set it and return it - which will exit loop | ||
@@ -103,0 +103,0 @@ return (threshold = policy[key] || null); // jshint ignore:line |
@@ -21,2 +21,3 @@ { | ||
"eslint-config-prettier": "^5.0.0", | ||
"prettier": "^2.0.5", | ||
"proxyquire": "^2.1.0", | ||
@@ -32,3 +33,2 @@ "sinon": "^4.0.0", | ||
"lodash.clonedeep": "^4.5.0", | ||
"prettier": "^1.19.1", | ||
"semver": "^6.0.0", | ||
@@ -44,3 +44,3 @@ "snyk-module": "^3.0.0", | ||
}, | ||
"version": "1.15.0" | ||
"version": "1.16.0" | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
41988
9
7
906
- Removedprettier@^1.19.1
- Removedprettier@1.19.1(transitive)