From f6dc22a5a396dac0acdb16a203487ba649433bb5 Mon Sep 17 00:00:00 2001 From: fraxken Date: Mon, 5 Aug 2024 02:11:18 +0200 Subject: [PATCH] chore: update dependencies --- package.json | 14 +++++++------- src/analysis/extraction/extract.ts | 4 ++-- src/analysis/interpretation/checkable.ts | 3 +-- src/analysis/interpretation/interpret.spec.ts | 8 +++++--- src/analysis/interpretation/interpret.ts | 4 ++-- src/analysis/interpretation/vulnerabilities.ts | 4 ++-- src/analysis/interpretation/warnings.ts | 5 ++--- src/analysis/types/index.ts | 1 + src/reporting/reporters/internal/scanner.ts | 8 ++++---- .../post-pipeline/console/global-warnings.ts | 3 +-- src/reporting/run.ts | 7 +++---- 11 files changed, 30 insertions(+), 31 deletions(-) diff --git a/package.json b/package.json index 9fb2565..bba5499 100644 --- a/package.json +++ b/package.json @@ -63,7 +63,7 @@ "@nodesecure/eslint-config": "^1.9.0", "@types/lodash.set": "^4.3.9", "@types/mock-fs": "^4.13.4", - "@types/node": "^20.11.5", + "@types/node": "^22.1.0", "@types/pluralize": "^0.0.33", "@types/sade": "^1.7.8", "cross-env": "^7.0.3", @@ -73,20 +73,20 @@ "eslint-plugin-prettier": "^5.1.3", "mock-fs": "^5.2.0", "prettier": "^3.2.4", - "rimraf": "^5.0.5", + "rimraf": "^6.0.1", "ts-node": "^10.9.2", "typescript": "^5.0.4" }, "dependencies": { - "@nodesecure/i18n": "^3.5.0", - "@nodesecure/js-x-ray": "^6.3.0", - "@nodesecure/rc": "^1.5.0", - "@nodesecure/scanner": "^5.3.0", + "@nodesecure/i18n": "^4.0.1", + "@nodesecure/js-x-ray": "^7.3.0", + "@nodesecure/rc": "^3.0.0", + "@nodesecure/scanner": "^6.0.1", "@nodesecure/vulnera": "^1.8.0", "@openally/result": "^1.2.0", "@slimio/async-cli-spinner": "^0.5.2", "ajv": "^8.12.0", - "glob": "^10.3.10", + "glob": "^11.0.0", "kleur": "^4.1.5", "lodash.set": "^4.3.2", "pluralize": "^8.0.0", diff --git a/src/analysis/extraction/extract.ts b/src/analysis/extraction/extract.ts index a089a2f..d695e66 100644 --- a/src/analysis/extraction/extract.ts +++ b/src/analysis/extraction/extract.ts @@ -1,12 +1,12 @@ // Import Third-party Dependencies -import { Scanner } from "@nodesecure/scanner"; +import * as Scanner from "@nodesecure/scanner"; import { Strategy } from "@nodesecure/vuln"; // Import Internal Dependencies import type { DependencyWarning } from "../types"; export interface CompactedScannerPayload { - warnings: Scanner.GlobalWarning[]; + warnings: string[]; dependencies: { warnings: DependencyWarning[]; vulnerabilities: WorkableVulnerability[]; diff --git a/src/analysis/interpretation/checkable.ts b/src/analysis/interpretation/checkable.ts index c7918c1..6a58022 100644 --- a/src/analysis/interpretation/checkable.ts +++ b/src/analysis/interpretation/checkable.ts @@ -1,5 +1,4 @@ // Import Third-party Dependencies -import { Scanner } from "@nodesecure/scanner"; import { Strategy } from "@nodesecure/vuln"; // Import Internal Dependencies @@ -17,7 +16,7 @@ export type CheckableFunction = { export type PipelineCheckFunctions = Array< () => CheckableFunction< - Scanner.GlobalWarning | DependencyWarning | Strategy.StandardVulnerability + string | DependencyWarning | Strategy.StandardVulnerability > >; diff --git a/src/analysis/interpretation/interpret.spec.ts b/src/analysis/interpretation/interpret.spec.ts index 0b53c98..f7cd009 100644 --- a/src/analysis/interpretation/interpret.spec.ts +++ b/src/analysis/interpretation/interpret.spec.ts @@ -4,7 +4,7 @@ import { describe, it } from "node:test"; // Import Third-party Dependencies import * as JSXRay from "@nodesecure/js-x-ray"; -import { Scanner } from "@nodesecure/scanner"; +import * as Scanner from "@nodesecure/scanner"; import { Strategy } from "@nodesecure/vuln"; // Import Internal Dependencies @@ -35,7 +35,9 @@ const kDefaultScannerPayload: Scanner.Payload = { rootDependencyName: "pkg", warnings: [], dependencies: {}, - flaggedAuthors: [], + highlighted: { + contacts: [] + }, scannerVersion: "1.0.0", vulnerabilityStrategy: "npm" }; @@ -58,7 +60,7 @@ describe("Pipeline check workflow", () => { it("should make the pipeline fail", () => { const scannerPayload: Scanner.Payload = { ...kDefaultScannerPayload, - warnings: [["warning1"], ["warning2"]] + warnings: ["warning1", "warning2"] }; const { status } = runPayloadInterpreter( diff --git a/src/analysis/interpretation/interpret.ts b/src/analysis/interpretation/interpret.ts index 0153466..7c0c059 100644 --- a/src/analysis/interpretation/interpret.ts +++ b/src/analysis/interpretation/interpret.ts @@ -1,6 +1,6 @@ // Import Third-party Dependencies import type { Warning } from "@nodesecure/js-x-ray"; -import type { Scanner } from "@nodesecure/scanner"; +import * as Scanner from "@nodesecure/scanner"; import set from "lodash.set"; // Import Internal Dependencies @@ -29,7 +29,7 @@ import { } from "./warnings.js"; export interface InterpretedScannerPayload { - warnings: Scanner.GlobalWarning; + warnings: string[]; dependencies: { warnings: DependencyWarningWithMode[]; vulnerabilities: WorkableVulnerability[]; diff --git a/src/analysis/interpretation/vulnerabilities.ts b/src/analysis/interpretation/vulnerabilities.ts index 0f4e668..3ad54e7 100644 --- a/src/analysis/interpretation/vulnerabilities.ts +++ b/src/analysis/interpretation/vulnerabilities.ts @@ -14,12 +14,12 @@ const kSeverities = { low: 1, info: 0, all: 0 -}; +} as const; const kDefaultSeverity = 0; function fromSeverityToNumber( - severity: Maybe + severity: Maybe<"info" | "low" | "medium" | "high" | "critical" | "all"> ): number { if (severity !== undefined) { return kSeverities[severity]; diff --git a/src/analysis/interpretation/warnings.ts b/src/analysis/interpretation/warnings.ts index 06fb1c4..b3ecbfb 100644 --- a/src/analysis/interpretation/warnings.ts +++ b/src/analysis/interpretation/warnings.ts @@ -1,6 +1,5 @@ // Import Third-party Dependencies import { Warning } from "@nodesecure/js-x-ray"; -import type { Scanner } from "@nodesecure/scanner"; import { match } from "ts-pattern"; // Import Internal Dependencies @@ -11,8 +10,8 @@ import type { DependencyWarning } from "../types"; import { fromBooleanToCheckResult, CheckableFunction } from "./checkable.js"; export function checkGlobalWarnings( - warnings: Scanner.GlobalWarning[] -): CheckableFunction { + warnings: string[] +): CheckableFunction { return { result: fromBooleanToCheckResult(warnings.length > 0), data: { diff --git a/src/analysis/types/index.ts b/src/analysis/types/index.ts index 1719a3b..80f1c0b 100644 --- a/src/analysis/types/index.ts +++ b/src/analysis/types/index.ts @@ -1,3 +1,4 @@ +// Import Third-party Dependencies import { Warning } from "@nodesecure/js-x-ray"; export type DependencyWarning = { diff --git a/src/reporting/reporters/internal/scanner.ts b/src/reporting/reporters/internal/scanner.ts index b717af7..b9e86ab 100644 --- a/src/reporting/reporters/internal/scanner.ts +++ b/src/reporting/reporters/internal/scanner.ts @@ -1,5 +1,5 @@ // Import Third-party Dependencies -import { Logger, Scanner, ScannerLoggerEvents } from "@nodesecure/scanner"; +import { Logger, Payload, ScannerLoggerEvents } from "@nodesecure/scanner"; import Spinner from "@slimio/async-cli-spinner"; import pluralize from "pluralize"; import ms from "pretty-ms"; @@ -72,7 +72,7 @@ export function reportScannerLoggerEvents(logger: Logger): void { }); } -function reportScannerDependencies(payload: Scanner.Payload): void { +function reportScannerDependencies(payload: Payload): void { const { dependencies } = payload; const numberOfDeps = Object.keys(dependencies).length; consolePrinter.util @@ -89,10 +89,10 @@ function reportScannerDependencies(payload: Scanner.Payload): void { function reportScannerAnalysis(_payload: unknown): (log: Logger) => Generator { return function* report( logger: Logger - ): Generator { + ): Generator { while (true) { reportScannerLoggerEvents(logger); - reportScannerDependencies((yield) as Scanner.Payload); + reportScannerDependencies((yield) as Payload); } }; } diff --git a/src/reporting/reporters/post-pipeline/console/global-warnings.ts b/src/reporting/reporters/post-pipeline/console/global-warnings.ts index 7637ef0..4897988 100644 --- a/src/reporting/reporters/post-pipeline/console/global-warnings.ts +++ b/src/reporting/reporters/post-pipeline/console/global-warnings.ts @@ -1,5 +1,4 @@ // Import Third-party Dependencies -import { Scanner } from "@nodesecure/scanner"; import pluralize from "pluralize"; // Import Internal Dependencies @@ -11,7 +10,7 @@ import { Nsci } from "../../../../configuration/index.js"; import { buildOutcomeStatsConsoleMessage } from "./util.js"; -export function reportGlobalWarnings(warnings: Scanner.GlobalWarning): void { +export function reportGlobalWarnings(warnings: string[]): void { if (warnings.length > 0) { consolePrinter.font .error( diff --git a/src/reporting/run.ts b/src/reporting/run.ts index 8e7623f..540a059 100644 --- a/src/reporting/run.ts +++ b/src/reporting/run.ts @@ -1,6 +1,5 @@ // Import Third-party Dependencies -import * as scanner from "@nodesecure/scanner"; -import type { Scanner } from "@nodesecure/scanner"; +import * as Scanner from "@nodesecure/scanner"; import * as vuln from "@nodesecure/vuln"; // Import Internal Dependencies @@ -35,13 +34,13 @@ async function runScannerAnalysis( * data for reporting to the Generator. */ const initScannerReporter = scannerReporter.report(void 0); - const logger = new scanner.Logger(); + const logger = new Scanner.Logger(); const sequentialReporterWithLogger = initScannerReporter(logger); // First step of the reporting sequentialReporterWithLogger.next(); - const payload = await scanner.cwd( + const payload = await Scanner.cwd( runtimeConfig.rootDir, { vulnerabilityStrategy: strategy