diff options
Diffstat (limited to 'deps/npm/lib/audit.js')
-rw-r--r-- | deps/npm/lib/audit.js | 65 |
1 files changed, 47 insertions, 18 deletions
diff --git a/deps/npm/lib/audit.js b/deps/npm/lib/audit.js index 06852610e6..2cabef9d27 100644 --- a/deps/npm/lib/audit.js +++ b/deps/npm/lib/audit.js @@ -3,17 +3,37 @@ const Bluebird = require('bluebird') const audit = require('./install/audit.js') +const figgyPudding = require('figgy-pudding') const fs = require('graceful-fs') const Installer = require('./install.js').Installer const lockVerify = require('lock-verify') const log = require('npmlog') -const npa = require('npm-package-arg') +const npa = require('libnpm/parse-arg') const npm = require('./npm.js') +const npmConfig = require('./config/figgy-config.js') const output = require('./utils/output.js') const parseJson = require('json-parse-better-errors') const readFile = Bluebird.promisify(fs.readFile) +const AuditConfig = figgyPudding({ + also: {}, + 'audit-level': {}, + deepArgs: 'deep-args', + 'deep-args': {}, + dev: {}, + force: {}, + 'dry-run': {}, + global: {}, + json: {}, + only: {}, + parseable: {}, + prod: {}, + production: {}, + registry: {}, + runId: {} +}) + module.exports = auditCmd const usage = require('./utils/usage') @@ -110,12 +130,12 @@ function maybeReadFile (name) { }) } -function filterEnv (action) { - const includeDev = npm.config.get('dev') || - (!/^prod(uction)?$/.test(npm.config.get('only')) && !npm.config.get('production')) || - /^dev(elopment)?$/.test(npm.config.get('only')) || - /^dev(elopment)?$/.test(npm.config.get('also')) - const includeProd = !/^dev(elopment)?$/.test(npm.config.get('only')) +function filterEnv (action, opts) { + const includeDev = opts.dev || + (!/^prod(uction)?$/.test(opts.only) && !opts.production) || + /^dev(elopment)?$/.test(opts.only) || + /^dev(elopment)?$/.test(opts.also) + const includeProd = !/^dev(elopment)?$/.test(opts.only) const resolves = action.resolves.filter(({dev}) => { return (dev && includeDev) || (!dev && includeProd) }) @@ -125,7 +145,8 @@ function filterEnv (action) { } function auditCmd (args, cb) { - if (npm.config.get('global')) { + const opts = AuditConfig(npmConfig()) + if (opts.global) { const err = new Error('`npm audit` does not support testing globals') err.code = 'EAUDITGLOBAL' throw err @@ -168,8 +189,16 @@ function auditCmd (args, cb) { }).then((auditReport) => { return audit.submitForFullReport(auditReport) }).catch((err) => { - if (err.statusCode === 404 || err.statusCode >= 500) { - const ne = new Error(`Your configured registry (${npm.config.get('registry')}) does not support audit requests.`) + if (err.statusCode >= 400) { + let msg + if (err.statusCode === 401) { + msg = `Either your login credentials are invalid or your registry (${opts.registry}) does not support audit.` + } else if (err.statusCode === 404) { + msg = `Your configured registry (${opts.registry}) does not support audit requests.` + } else { + msg = `Your configured registry (${opts.registry}) does not support audit requests, or the audit endpoint is temporarily unavailable.` + } + const ne = new Error(msg) ne.code = 'ENOAUDIT' ne.wrapped = err throw ne @@ -178,7 +207,7 @@ function auditCmd (args, cb) { }).then((auditResult) => { if (args[0] === 'fix') { const actions = (auditResult.actions || []).reduce((acc, action) => { - action = filterEnv(action) + action = filterEnv(action, opts) if (!action) { return acc } if (action.isMajor) { acc.major.add(`${action.module}@${action.target}`) @@ -215,7 +244,7 @@ function auditCmd (args, cb) { review: new Set() }) return Bluebird.try(() => { - const installMajor = npm.config.get('force') + const installMajor = opts.force const installCount = actions.install.size + (installMajor ? actions.major.size : 0) + actions.update.size const vulnFixCount = new Set([...actions.installFixes, ...actions.updateFixes, ...(installMajor ? actions.majorFixes : [])]).size const metavuln = auditResult.metadata.vulnerabilities @@ -230,16 +259,16 @@ function auditCmd (args, cb) { return Bluebird.fromNode(cb => { new Auditor( npm.prefix, - !!npm.config.get('dry-run'), + !!opts['dry-run'], [...actions.install, ...(installMajor ? actions.major : [])], - { + opts.concat({ runId: auditResult.runId, deepArgs: [...actions.update].map(u => u.split('>')) - } + }).toJSON() ).run(cb) }).then(() => { const numScanned = auditResult.metadata.totalDependencies - if (!npm.config.get('json') && !npm.config.get('parseable')) { + if (!opts.json && !opts.parseable) { output(`fixed ${vulnFixCount} of ${total} vulnerabilit${total === 1 ? 'y' : 'ies'} in ${numScanned} scanned package${numScanned === 1 ? '' : 's'}`) if (actions.review.size) { output(` ${actions.review.size} vulnerabilit${actions.review.size === 1 ? 'y' : 'ies'} required manual review and could not be updated`) @@ -258,12 +287,12 @@ function auditCmd (args, cb) { }) } else { const levels = ['low', 'moderate', 'high', 'critical'] - const minLevel = levels.indexOf(npm.config.get('audit-level')) + const minLevel = levels.indexOf(opts['audit-level']) const vulns = levels.reduce((count, level, i) => { return i < minLevel ? count : count + (auditResult.metadata.vulnerabilities[level] || 0) }, 0) if (vulns > 0) process.exitCode = 1 - if (npm.config.get('parseable')) { + if (opts.parseable) { return audit.printParseableReport(auditResult) } else { return audit.printFullReport(auditResult) |