1 | #!/usr/bin/env node
|
2 |
|
3 | const program = require('commander');
|
4 |
|
5 | const { bailWithError, generateReport, parseAdvisory } = require('./lib/reporter');
|
6 | const pkg = require('./package.json');
|
7 |
|
8 | program
|
9 | .version(pkg.version)
|
10 | .option('-o, --output [output]', 'output file')
|
11 | .option('-t, --template [ejs file]', 'ejs template file')
|
12 | .option('--fatal-exit-code', 'exit with code 1 if vulnerabilities were found')
|
13 | .parse();
|
14 |
|
15 | console.log('Checking audit logs...');
|
16 |
|
17 | let summary = {};
|
18 | const options = program.opts();
|
19 | const vulnerabilities = new Map();
|
20 |
|
21 | let text = '';
|
22 | process.stdin.on('readable', function () {
|
23 | try {
|
24 | const chunk = this.read();
|
25 |
|
26 | if (chunk !== null) {
|
27 | text += chunk;
|
28 |
|
29 | const lines = text.split('\n');
|
30 |
|
31 | if (lines.length > 1) {
|
32 | text = lines.splice(-1, 1)[0];
|
33 |
|
34 | lines.forEach((line) => {
|
35 | const tick = JSON.parse(line);
|
36 |
|
37 | if (tick.type === 'auditAdvisory') {
|
38 | const newVulnerabilities = parseAdvisory(tick);
|
39 |
|
40 | newVulnerabilities.forEach((newVulnerability) => {
|
41 | const key = newVulnerability.key;
|
42 |
|
43 | if (!vulnerabilities.has(key)) {
|
44 | vulnerabilities.set(key, newVulnerability);
|
45 | }
|
46 | });
|
47 | }
|
48 |
|
49 | if (tick.type === 'auditSummary') {
|
50 | summary = tick.data;
|
51 | }
|
52 | });
|
53 | }
|
54 | }
|
55 | } catch (error) {
|
56 | bailWithError('Failed to parse YARN Audit JSON!', error, options.fatalExitCode);
|
57 | }
|
58 | });
|
59 |
|
60 | process.stdin.on('end', function () {
|
61 | try {
|
62 | generateReport(Array.from(vulnerabilities.values()), summary, options);
|
63 | } catch (error) {
|
64 | bailWithError(
|
65 | `Failed to generate report! Please report this issue to ${pkg.bugs.url}`,
|
66 | error,
|
67 | options.fatalExitCode
|
68 | );
|
69 | }
|
70 | });
|