From a3d5ef4318d204a5c456cf9709daee5975a92fab Mon Sep 17 00:00:00 2001 From: Ronan Jouchet Date: Thu, 30 Jun 2022 10:17:54 -0400 Subject: [PATCH 1/3] Support requireReason Depends on https://github.com/naugtur/audit-resolve-core/pull/5 . See https://github.com/naugtur/npm-audit-resolver/issues/23 . --- index.d.ts | 2 +- src/check/auditChecker.js | 6 ++++++ src/views/package.js | 4 +++- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/index.d.ts b/index.d.ts index 25de7ff..baeabd9 100644 --- a/index.d.ts +++ b/index.d.ts @@ -15,7 +15,7 @@ interface Vuln { } interface VulnResolution extends Vuln { - resolutions: Arry<{ + resolutions: Array<{ path: string, resolution: any }> diff --git a/src/check/auditChecker.js b/src/check/auditChecker.js index a1bf990..840b192 100644 --- a/src/check/auditChecker.js +++ b/src/check/auditChecker.js @@ -20,6 +20,12 @@ module.exports = { if (resolution === RESOLUTIONS.NONE) { unresolved = true } + if (resolution === RESOLUTIONS.REASON_MISSING) { + unresolved = true + } + if (resolution === RESOLUTIONS.REASON_MISMATCH) { + unresolved = true + } } else { unresolved = true } diff --git a/src/views/package.js b/src/views/package.js index 918f31a..52da5d2 100644 --- a/src/views/package.js +++ b/src/views/package.js @@ -9,7 +9,9 @@ const severityNumber = { } reportMessages = { - [RESOLUTIONS.EXPIRED]: "! decision to ignore expired" + [RESOLUTIONS.EXPIRED]: "! decision to ignore expired", + [RESOLUTIONS.REASON_MISSING]: "! 'reason' field missing", + [RESOLUTIONS.REASON_MISMATCH]: "! 'reason' field doesn't respect regex specified in audit-resolve file / rules.requiresReasonMatch" } function reportResolution(resolution) { From 4b526ac27a9505eeaec13499ae8bab4e518859e4 Mon Sep 17 00:00:00 2001 From: Ronan Jouchet Date: Fri, 8 Jul 2022 17:42:24 -0400 Subject: [PATCH 2/3] separate validations from resolutions --- index.d.ts | 8 +++++++- src/check/auditChecker.js | 29 +++++++++++------------------ src/views/package.js | 15 +++++++++++---- 3 files changed, 29 insertions(+), 23 deletions(-) diff --git a/index.d.ts b/index.d.ts index baeabd9..1939679 100644 --- a/index.d.ts +++ b/index.d.ts @@ -14,9 +14,15 @@ interface Vuln { paths: Array } +enum VulnResolutionValidationError { + REASON_MISSING = 'reasonMissing', + REASON_MISMATCH = 'reasonMismatch', +}; + interface VulnResolution extends Vuln { resolutions: Array<{ path: string, - resolution: any + resolution: any, + validationError: VulnResolutionValidationError | undefined }> } \ No newline at end of file diff --git a/src/check/auditChecker.js b/src/check/auditChecker.js index 840b192..b21c552 100644 --- a/src/check/auditChecker.js +++ b/src/check/auditChecker.js @@ -1,18 +1,17 @@ -const { getResolution, RESOLUTIONS } = require('audit-resolve-core'); +const { getResolution, getValidationError, RESOLUTIONS, VALIDATIONS } = require('audit-resolve-core'); module.exports = { /** - * - * * @param {Array} audit - * @returns {Array { + return audit.map(vuln => { let unresolved = false; - item.resolutions = item.paths.map(path => { - const resolution = getResolution({ id: item.id, path }) + let validationError = undefined; + vuln.resolutions = vuln.paths.map(path => { + const resolution = getResolution({ id: vuln.id, path }) if (resolution) { if (resolution === RESOLUTIONS.EXPIRED) { unresolved = true @@ -20,21 +19,15 @@ module.exports = { if (resolution === RESOLUTIONS.NONE) { unresolved = true } - if (resolution === RESOLUTIONS.REASON_MISSING) { - unresolved = true - } - if (resolution === RESOLUTIONS.REASON_MISMATCH) { - unresolved = true - } + validationError = getValidationError({ id: vuln.id, path }); } else { unresolved = true } - return { path, resolution } - + return { path, resolution, validationError } }) - if (unresolved) { - return item + if (unresolved || validationError) { + return vuln } - }).filter(a => a); + }).filter(vuln => vuln); } } \ No newline at end of file diff --git a/src/views/package.js b/src/views/package.js index 52da5d2..33b155f 100644 --- a/src/views/package.js +++ b/src/views/package.js @@ -1,4 +1,4 @@ -const { RESOLUTIONS } = require('audit-resolve-core'); +const { RESOLUTIONS, VALIDATIONS } = require('audit-resolve-core'); const safePrint = require('util').promisify(process.stdout.write.bind(process.stdout)) const severityNumber = { @@ -10,13 +10,17 @@ const severityNumber = { reportMessages = { [RESOLUTIONS.EXPIRED]: "! decision to ignore expired", - [RESOLUTIONS.REASON_MISSING]: "! 'reason' field missing", - [RESOLUTIONS.REASON_MISMATCH]: "! 'reason' field doesn't respect regex specified in audit-resolve file / rules.requiresReasonMatch" +} + +validationMessages = { + [VALIDATIONS.REASON_MISSING]: "'reason' field missing", + [VALIDATIONS.REASON_MISMATCH]: "'reason' field doesn't respect regex specified in audit-resolve file / rules.requiresReasonMatch" } function reportResolution(resolution) { return reportMessages[resolution] || "" } + const view = { /** * @@ -28,7 +32,10 @@ const view = { `--------------------------------------------------` ); console.log(`[${issue.severity}] ${issue.name}: ${issue.title} (${issue.id})`); - console.log(issue.resolutions.map(({ path, resolution }) => ` ${path} ${reportResolution(resolution)}`).join("\n")); + console.log(issue.resolutions.map(({ path, resolution, validationError }) => { + const validationErrorMsg = validationError ? (`\n Invalid resolution: ${validationMessages[validationError]}` || '') : '' + return ` ${path} ${reportResolution(resolution)}${validationErrorMsg}` + }).join("\n")); }, printOhnoes() { console.log( From 9e552b8444e8076f1f7db86f18e4a3a9a3469a78 Mon Sep 17 00:00:00 2001 From: Ronan Jouchet Date: Fri, 8 Jul 2022 17:45:34 -0400 Subject: [PATCH 3/3] cleanup --- src/check/auditChecker.js | 2 +- src/views/package.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/check/auditChecker.js b/src/check/auditChecker.js index b21c552..145f3df 100644 --- a/src/check/auditChecker.js +++ b/src/check/auditChecker.js @@ -30,4 +30,4 @@ module.exports = { } }).filter(vuln => vuln); } -} \ No newline at end of file +} diff --git a/src/views/package.js b/src/views/package.js index 33b155f..0d8b6bc 100644 --- a/src/views/package.js +++ b/src/views/package.js @@ -9,7 +9,7 @@ const severityNumber = { } reportMessages = { - [RESOLUTIONS.EXPIRED]: "! decision to ignore expired", + [RESOLUTIONS.EXPIRED]: "! decision to ignore expired" } validationMessages = {