mirror of
https://github.com/kremalicious/metamask-extension.git
synced 2024-11-22 09:57:02 +01:00
70 lines
2.5 KiB
Diff
70 lines
2.5 KiB
Diff
|
# Improved yarn audit is patched to work with yarn version 2+. The primary need
|
||
|
# is to retool the script to first use yarn's new audit command and parameters
|
||
|
# as well as to change the process for how it reads the result due to an update
|
||
|
# in returned shape of audit command's data.
|
||
|
diff --git a/bin/improved-yarn-audit b/bin/improved-yarn-audit
|
||
|
index 52df548151aa28289565e3335b2cd7a92fa38325..7e058df6a4a159596df72c9475a36b747580cd98 100755
|
||
|
--- a/bin/improved-yarn-audit
|
||
|
+++ b/bin/improved-yarn-audit
|
||
|
@@ -15,6 +15,7 @@ const { tmpdir } = require("os")
|
||
|
const path = require("path")
|
||
|
const { env, exit, platform } = require("process")
|
||
|
const { createInterface } = require("readline")
|
||
|
+const { Stream } = require("stream")
|
||
|
|
||
|
const GITHUB_ADVISORY_CODE = "GHSA"
|
||
|
|
||
|
@@ -250,7 +251,15 @@ async function iterateOverAuditResults(action) {
|
||
|
const auditResultsFileStream = getAuditResultsFileStream("r")
|
||
|
const iterator = createInterface(auditResultsFileStream)
|
||
|
|
||
|
- iterator.on("line", action)
|
||
|
+ iterator.on("line", async (result) => {
|
||
|
+ const parsed = parseAuditJson(result);
|
||
|
+ const advisories = Stream.Readable.from(
|
||
|
+ Object.values(parsed.advisories).map(advisory => JSON.stringify(advisory))
|
||
|
+ );
|
||
|
+ for await (const data of advisories) {
|
||
|
+ action(data);
|
||
|
+ }
|
||
|
+ });
|
||
|
|
||
|
await new Promise((resolve) => iterator.on("close", resolve))
|
||
|
|
||
|
@@ -305,10 +314,10 @@ async function streamYarnAuditOutput(auditParams, auditResultsFileStream) {
|
||
|
}
|
||
|
|
||
|
async function invokeYarnAudit() {
|
||
|
- const auditParams = ["audit", "--json", `--level=${minSeverityName}`]
|
||
|
+ const auditParams = ["npm", "audit", "--recursive", "--json", `--severity=${minSeverityName}`]
|
||
|
|
||
|
if (ignoreDevDependencies) {
|
||
|
- auditParams.push("--groups=dependencies")
|
||
|
+ auditParams.push("--environment=production")
|
||
|
}
|
||
|
|
||
|
cleanupAuditResultsFile()
|
||
|
@@ -420,17 +429,17 @@ async function runAuditReport() {
|
||
|
let devDependencyAdvisories = []
|
||
|
let devDependencyAdvisoryIds = []
|
||
|
|
||
|
- await iterateOverAuditResults((resultJson) => {
|
||
|
- const potentialResult = parseAuditJson(resultJson)
|
||
|
+ await iterateOverAuditResults((resultJsonString) => {
|
||
|
+ const potentialResult = parseAuditJson(resultJsonString);
|
||
|
|
||
|
if (
|
||
|
- typeof potentialResult.type !== "string" ||
|
||
|
- potentialResult.type !== "auditAdvisory"
|
||
|
+ typeof potentialResult.github_advisory_id !== "string"
|
||
|
) {
|
||
|
return
|
||
|
}
|
||
|
|
||
|
- const result = potentialResult.data.advisory
|
||
|
+
|
||
|
+ const result = potentialResult;
|
||
|
|
||
|
allAdvisories.push(result)
|
||
|
|