1 | #!/user/bin/node
|
2 | const Common = require('./common.js');
|
3 | const Files = require('./file.js');
|
4 | const Transport = require('./transport.js');
|
5 | const Report = require('./report.js')
|
6 |
|
7 | const ArgumentParser = require('argparse').ArgumentParser;
|
8 |
|
9 |
|
10 | const parser = new ArgumentParser({
|
11 | version: '1.0.4',
|
12 | addHelp:true,
|
13 | description: 'NPM security plugin'
|
14 | });
|
15 | parser.addArgument(
|
16 | [ '-t', '--token' ],
|
17 | {
|
18 | help: 'Token used to identify report provider.'
|
19 | }
|
20 | );
|
21 | parser.addArgument(
|
22 | [ '-o', '--output_path' ],
|
23 | {
|
24 | help: 'Output file absolute path [optional]'
|
25 | }
|
26 | );
|
27 | parser.addArgument(
|
28 | [ '-p', '--port' ],
|
29 | {
|
30 | help: 'Port to be used to transport report to reshift (443 by default) [optional]'
|
31 | }
|
32 | );
|
33 | parser.addArgument(
|
34 | [ '-u', '--host' ],
|
35 | {
|
36 | help: 'Host to be used to transport report to (\'reshift.softwaresecured.com\' by default) [optional]'
|
37 | }
|
38 | );
|
39 | const args = parser.parseArgs();
|
40 |
|
41 |
|
42 |
|
43 |
|
44 |
|
45 |
|
46 |
|
47 |
|
48 |
|
49 |
|
50 | function main(token, isSend = true){
|
51 | if (args['token'] == null){
|
52 | console.log('INFO - System exit since no token provided.');
|
53 | console.log('INFO - Use \'-h\' argument to see help.')
|
54 | return null;
|
55 | }
|
56 |
|
57 | var root_path = Files.correctRoot(Files.getCWD());
|
58 | var root_json = {};
|
59 |
|
60 | Files.walkDir(root_path, root_json);
|
61 | console.log("INFO - Verifying npm.")
|
62 |
|
63 | var npm_ver = Common.get_npm(root_path);
|
64 | var ver_list = npm_ver.split('.')
|
65 | if ((ver_list[0] + ver_list[1]) < 51){
|
66 | console.log('INFO - System exit since npm version too low(below 5.2.0), please check your npm (local package will override global one).');
|
67 | console.log('INFO - Local npm version:' + npm_ver)
|
68 | return null;
|
69 | };
|
70 |
|
71 | var token = args['token'];
|
72 | var start = new Date().getUTCDate();
|
73 |
|
74 | console.log("INFO - Creating dependency report.")
|
75 | var data = Report.runAudit(root_path);
|
76 |
|
77 | if (data == null){
|
78 | console.log('INFO - System exit since no project found.');
|
79 | return null;
|
80 | };
|
81 |
|
82 | result = Report.createReport(data, start, root_path, root_json);
|
83 | if (JSON.stringify(result).includes('Not Committed Yet')){
|
84 | console.log('INFO - System exit since you have uncommitted contents.');
|
85 | return null;
|
86 | }
|
87 |
|
88 | var end = new Date().getUTCDate();
|
89 | result['Date']['End'] = end;
|
90 |
|
91 |
|
92 |
|
93 |
|
94 |
|
95 |
|
96 |
|
97 |
|
98 |
|
99 | };
|
100 |
|
101 |
|
102 | main(null, false);
|