1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
'use strict'
const Utils = require('../lib/utils')
module.exports = report
function report (data, options) {
let msg = summary(data, options)
if (!Object.keys(data.advisories).length) {
return {
report: msg,
exitCode: 0
}
} else {
msg += '\n run `npm audit fix` to fix them, or `npm audit` for details'
return {
report: msg,
exitCode: 1
}
}
}
module.exports.summary = summary
function summary (data, options) {
const defaults = {
severityThreshold: 'info'
}
const config = Object.assign({}, defaults, options)
function clr (str, clr) { return Utils.color(str, clr, config.withColor) }
function green (str) { return clr(str, 'brightGreen') }
function red (str) { return clr(str, 'brightRed') }
let output = ''
const log = function (value) {
output = output + value + '\n'
}
output += 'found '
if (Object.keys(data.advisories).length === 0) {
log(`${green('0')} vulnerabilities`)
return output
} else {
let total = 0
const sev = []
const keys = Object.keys(data.metadata.vulnerabilities)
for (let key of keys) {
const value = data.metadata.vulnerabilities[key]
total = total + value
if (value > 0) {
sev.push([key, value])
}
}
if (sev.length > 1) {
const severities = sev.map((value) => {
return `${value[1]} ${Utils.severityLabel(value[0], config.withColor).toLowerCase()}`
}).join(', ')
log(`${red(total)} vulnerabilities (${severities})`)
} else {
const vulnCount = sev[0][1]
const vulnLabel = Utils.severityLabel(sev[0][0], config.withColor).toLowerCase()
log(`${vulnCount} ${vulnLabel} severity vulnerabilit${vulnCount === 1 ? 'y' : 'ies'}`)
}
}
return output.trim()
}
|
