Test

bcgov · Jul 10, 2024 · 6b0d862 · 6b0d862
1 parent 3f9f096
commit 6b0d862
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 21 deletions.
diff --git a/.github/helpers/npm-audit/find-indirect-vulnerable-deps.cjs b/.github/helpers/npm-audit/find-indirect-vulnerable-deps.cjs
@@ -1,29 +1,40 @@
-const fs = require('fs');
-const path = require('path');
+const fs = require("fs");
+const path = require("path");
+const { execSync } = require("child_process");
 
 // Runs runNpmAudit and adds parent dependencies if they can be found in the package-lock.json
-const findIndirectVulnerableDependencies = async (auditResult, directoryPath) => {
+const findIndirectVulnerableDependencies = async (
+  auditResult,
+  directoryPath
+) => {
   try {
     const { vulnerabilities } = auditResult;
 
+    execSync("npm i", {
+      cwd: path.resolve(__dirname, `../../../${directoryPath}`),
+    });
+
     if (vulnerabilities.length === 0) {
       // No vulnerabilities found
       return { ...auditResult, parentDependencies: {} };
     }
 
-    const packageLockPath = path.join(process.cwd(), path.resolve(__dirname, `../../../${directoryPath}/package-lock.json`));
+    const packageLockPath = path.join(
+      process.cwd(),
+      path.resolve(__dirname, `../../../${directoryPath}/package-lock.json`)
+    );
     if (!fs.existsSync(packageLockPath)) {
-      throw new Error('package-lock.json not found in the current directory.');
+      throw new Error("package-lock.json not found in the current directory.");
     }
 
-    const packageLock = JSON.parse(fs.readFileSync(packageLockPath, 'utf-8'));
+    const packageLock = JSON.parse(fs.readFileSync(packageLockPath, "utf-8"));
     const vulnerableDeps = vulnerabilities
       .filter((vuln) => !vuln.isDirect)
       .map((vuln) => vuln.name);
 
     const parentDependencies = {};
 
-    const cleanDependencyName = (name) => name.replace(/^node_modules\//, '');
+    const cleanDependencyName = (name) => name.replace(/^node_modules\//, "");
 
     const findVulnerableChildren = (dependencies, parentChain = []) => {
       if (!dependencies) return;
@@ -35,11 +46,16 @@ const findIndirectVulnerableDependencies = async (auditResult, directoryPath) =>
           if (!parentDependencies[cleanDepName]) {
             parentDependencies[cleanDepName] = [];
           }
-          parentDependencies[cleanDepName].push(...parentChain.map(cleanDependencyName));
+          parentDependencies[cleanDepName].push(
+            ...parentChain.map(cleanDependencyName)
+          );
         }
 
         if (depData.dependencies) {
-          findVulnerableChildren(depData.dependencies, [...parentChain, cleanDepName]);
+          findVulnerableChildren(depData.dependencies, [
+            ...parentChain,
+            cleanDepName,
+          ]);
         }
       }
     };
@@ -67,7 +83,7 @@ const findIndirectVulnerableDependencies = async (auditResult, directoryPath) =>
       vulnerabilities: updatedVulnerabilities,
     };
   } catch (error) {
-    console.error('Error:', error);
+    console.error("Error:", error);
     throw error;
   }
 };

diff --git a/.github/helpers/npm-audit/temp.cjs b/.github/helpers/npm-audit/temp.cjs
diff --git a/.github/workflows/npm-audit-report.yaml b/.github/workflows/npm-audit-report.yaml
@@ -64,11 +64,6 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v4
 
-      - name: Temp
-        run: |
-          node .github/helpers/npm-audit/temp.cjs > temp.txt
-          cat temp.txt
-
       # Run NodeJS script to check for latest npm dependency versions and capture output.
       - name: Run NPM DEP Check Node.js script
         id: check_versions