snyk-policy - npm Package Compare versions

Comparing version 2.0.7 to 2.0.8

dist/lib/add-exclude.js

@@ -12,7 +12,8 @@ "use strict";
 function addExclude(policy, pattern, group = 'global', options = {}) {
+    var _a, _b;
     if (!isPatternGroupValid(group)) {
         throw new Error('invalid file pattern-group');
     }
-    policy.exclude = policy.exclude ?? {};
-    let patterns = policy.exclude[group] ?? [];
+    policy.exclude = (_a = policy.exclude) !== null && _a !== void 0 ? _a : {};
+    let patterns = (_b = policy.exclude[group]) !== null && _b !== void 0 ? _b : [];
     // Remove duplicates
@@ -19,0 +20,0 @@ patterns = patterns.filter((p) => typeof p === 'string' ? p !== pattern : !p[pattern]);

dist/lib/filter/get-vuln-source.js

@@ -45,2 +45,3 @@ "use strict";
 function getVulnSource(vuln, cwd, live) {
+    var _a;
     const from = vuln.from.slice(1).map((pkg) => (0, snyk_module_1.parsePackageString)(pkg).name);
@@ -59,3 +60,3 @@ const viaPath = path.resolve(cwd || process.cwd(), 'node_modules', from.join('/node_modules/'));
         try {
-            source = snyk_resolve_1.default.sync(from.slice(-1)?.pop(), viaPath);
+            source = snyk_resolve_1.default.sync((_a = from.slice(-1)) === null || _a === void 0 ? void 0 : _a.pop(), viaPath);
         }
@@ -62,0 +63,0 @@ catch (e) {

dist/lib/filter/index.js

@@ -24,4 +24,6 @@ "use strict";
     }
+    // converts vulns to filtered vulns
+    const filteredVulns = vulns;
     if (vulns.ok) {
-        return vulns;
+        return filteredVulns;
     }
@@ -32,4 +34,2 @@ const filtered = {
     };
-    // converts vulns to filtered vulns
-    const filteredVulns = vulns;
     // strip the ignored modules from the results
@@ -61,3 +61,3 @@ filteredVulns.vulnerabilities = (0, ignore_1.default)(policy.ignore, filteredVulns.vulnerabilities, filtered.ignore, matchStrategy);
         filteredVulns.vulnerabilities.some((vuln) => {
-            if (levels[vuln.severity] >= level) {
+            if (vuln.severity && levels[vuln.severity] >= level) {
                 filteredVulns.ok = false;
@@ -64,0 +64,0 @@ return true; // breaks

dist/lib/filter/notes.js

@@ -32,2 +32,3 @@ "use strict";
         notes[vuln.id].forEach((rule) => {
+            var _a, _b, _c;
             const path = Object.keys(rule)[0]; // this is a string
@@ -46,3 +47,3 @@ let expires = rule[path].expires;
                 rule[path].disregardIfFixable &&
-                (vuln.upgradePath.length || vuln.patches.length)) {
+                (((_a = vuln.upgradePath) === null || _a === void 0 ? void 0 : _a.length) || ((_b = vuln.patches) === null || _b === void 0 ? void 0 : _b.length))) {
                 debug('%s vuln is fixable and rule is set to disregard if fixable', vuln.id);
@@ -53,3 +54,3 @@ return false;
                 // strip any control characters in the 3rd party reason file
-                const reason = rule[path].reason?.replace('/[\x00-\x1F\x7F-\x9F]/u', '');
+                const reason = (_c = rule[path].reason) === null || _c === void 0 ? void 0 : _c.replace('/[\x00-\x1F\x7F-\x9F]/u', '');
                 if (debug.enabled) {
@@ -56,0 +57,0 @@ debug('adding note based on path match: %s ~= %s', path, vuln.from.slice(1).join(' > '));

dist/lib/index.js

@@ -157,3 +157,3 @@ "use strict";
         .catch((error) => {
-        if (options?.loose && error.code === 'ENOENT') {
+        if ((options === null || options === void 0 ? void 0 : options.loose) && error.code === 'ENOENT') {
             debug('ENOENT on file, but running loose');
@@ -168,3 +168,3 @@ return [parse.import(), {}];
         policy.__created = res[1].birthtime || res[1].ctime;
-        if (options?.loose && !policy.__modified) {
+        if ((options === null || options === void 0 ? void 0 : options.loose) && !policy.__modified) {
             policy.__filename = null;
@@ -171,0 +171,0 @@ }

dist/lib/parser/v1.js

@@ -64,10 +64,11 @@ "use strict";
 function validate(ruleSet) {
+    var _a;
     // replace nulls with empty arrays and empty rules with empty objects
     for (const [id, pathObjs] of Object.entries(ruleSet)) {
         // default ruleset entries to []
-        ruleSet[id] = pathObjs ?? [];
+        ruleSet[id] = pathObjs !== null && pathObjs !== void 0 ? pathObjs : [];
         for (const pathObj of ruleSet[id]) {
             for (const path in pathObj) {
                 // default empty rules to {}
-                pathObj[path] = pathObj[path] ?? {};
+                pathObj[path] = (_a = pathObj[path]) !== null && _a !== void 0 ? _a : {};
             }
@@ -74,0 +75,0 @@ }

dist/lib/types.js

@@ -5,3 +5,2 @@ "use strict";
 class PolicyError extends Error {
-    code;
     constructor(message, code) {
@@ -8,0 +7,0 @@ super(message);

dist/package.json

 {
     "name": "snyk-policy",
-    "version": "2.0.7",
+    "version": "2.0.8",
     "description": "Snyk's policy parser and matching logic",
@@ -5,0 +5,0 @@ "files": [

package.json

 {
   "name": "snyk-policy",
-  "version": "2.0.7",
+  "version": "2.0.8",
   "description": "Snyk's policy parser and matching logic",
@@ -5,0 +5,0 @@ "files": [

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

67600

increased by0.79%

Lines of code

1349

increased by0.22%

No dependency changes