Skip to content

Commit

Permalink
Test
Browse files Browse the repository at this point in the history
  • Loading branch information
BradyMitch committed Jul 10, 2024
1 parent 6b0d862 commit 9058b5c
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 19 deletions.
5 changes: 0 additions & 5 deletions .github/helpers/npm-audit/find-indirect-vulnerable-deps.cjs
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
const fs = require("fs");
const path = require("path");
const { execSync } = require("child_process");

// Runs runNpmAudit and adds parent dependencies if they can be found in the package-lock.json
const findIndirectVulnerableDependencies = async (
Expand All @@ -10,10 +9,6 @@ const findIndirectVulnerableDependencies = async (
try {
const { vulnerabilities } = auditResult;

execSync("npm i", {
cwd: path.resolve(__dirname, `../../../${directoryPath}`),
});

if (vulnerabilities.length === 0) {
// No vulnerabilities found
return { ...auditResult, parentDependencies: {} };
Expand Down
28 changes: 18 additions & 10 deletions .github/helpers/npm-audit/parse-npm-vulnerabilities.cjs
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
const enhanceVulnerabilityList = require('./enhance-vulnerability-list.cjs');
const findIndirectVulnerableDependencies = require('./find-indirect-vulnerable-deps.cjs');
const runNpmAudit = require('./run-npm-audit.cjs');
const enhanceVulnerabilityList = require("./enhance-vulnerability-list.cjs");
const findIndirectVulnerableDependencies = require("./find-indirect-vulnerable-deps.cjs");
const runNpmAudit = require("./run-npm-audit.cjs");
const { execSync } = require("child_process");

// Requires semver dependency to run.

const LOCAL_TEST = false;
const TEST_DIR_PATHS = ['.'];
const TEST_DIR_PATHS = ["."];

/**
* THIS FILE DOES NOT REQUIRE ANY EDITING.
Expand All @@ -19,25 +20,32 @@ const TEST_DIR_PATHS = ['.'];
*/

// Get directory paths from env.
const directoryPaths = LOCAL_TEST ? TEST_DIR_PATHS : JSON.parse(process.env.directoryPaths);
const directoryPaths = LOCAL_TEST
? TEST_DIR_PATHS
: JSON.parse(process.env.directoryPaths);

// Save results to json.
let results = {};

(async () => {
// Create an array of promises for each dirPath.
const promises = directoryPaths.map(async (dirPath) => {
execSync("npm i", {
cwd: path.resolve(__dirname, `../../../${dirPath}`),
});

try {
const auditResult = await runNpmAudit(dirPath);
const auditResultWithParentDeps = await findIndirectVulnerableDependencies(
auditResult,
dirPath,
const auditResultWithParentDeps =
await findIndirectVulnerableDependencies(auditResult, dirPath);
const summary = await enhanceVulnerabilityList(
auditResultWithParentDeps,
dirPath
);
const summary = await enhanceVulnerabilityList(auditResultWithParentDeps, dirPath);

results[dirPath] = summary;
} catch (error) {
console.error('Error enhancing vulnerabilities:', error);
console.error("Error enhancing vulnerabilities:", error);
}
});

Expand Down
4 changes: 0 additions & 4 deletions .github/helpers/npm-audit/run-npm-audit.cjs
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
const { execSync } = require("child_process");
const path = require("path");

const parseDetails = (auditData) => {
Expand Down Expand Up @@ -53,9 +52,6 @@ const parseDetails = (auditData) => {
// Runs 'npm audit --json' command and returns a modified output.
const runNpmAudit = async (directoryPath) => {
try {
execSync("npm i", {
cwd: path.resolve(__dirname, `../../../${directoryPath}`),
});
const stdout = execSync("npm audit --json", {
encoding: "utf-8",
stdio: ["pipe", "pipe", "ignore"],
Expand Down

0 comments on commit 9058b5c

Please sign in to comment.