wip

SocketDev · Dec 15, 2024 · bfb9afb · bfb9afb
1 parent b5fa690
commit bfb9afb
Show file tree

Hide file tree

Showing 6 changed files with 343 additions and 89 deletions.
diff --git a/src/commands/action/core/classes.ts b/src/commands/action/core/classes.ts
@@ -221,7 +221,7 @@ export class FullScanParams {
   commitMessage?: string
   commitHash?: string
   pullRequest?: number
-  committer?: string
+  committers?: string
   makeDefaultBranch?: boolean
   setAsPendingHead?: boolean
 

diff --git a/src/commands/action/core/git_interface.ts b/src/commands/action/core/git_interface.ts
@@ -0,0 +1,92 @@
+import simpleGit, { SimpleGit, DefaultLogFields } from 'simple-git'
+
+export interface GitInfo {
+  path: string
+  head: string
+  repoName: string
+  branch: string
+  author: string
+  commitSHA: string
+  commitMessage: string
+  committer: string
+  showFiles: string[]
+  changedFiles: string[]
+}
+
+export async function gitInfo(path: string): Promise<GitInfo> {
+  const repo = simpleGit(path)
+
+  let head: string
+  let commit: DefaultLogFields | null = null
+  let repoName: string = ''
+  let branch: string = ''
+  let author: string = ''
+  let commitSHA: string = ''
+  let commitMessage: string = ''
+  let committer: string = ''
+  const showFiles: string[] = []
+  const changedFiles: string[] = []
+
+  // Get the HEAD reference
+  head = await repo.revparse(['HEAD'])
+
+  // Get the latest commit log
+  const logEntry = await repo.log({ n: 1 })
+  commit = logEntry.latest
+
+  // Extract the repository name from the origin remote URL
+  const remotes = await repo.getRemotes(true)
+  const originRemote = remotes.find(remote => remote.name === 'origin')
+
+  if (originRemote) {
+    const url = originRemote.refs.fetch
+    repoName = url.split('/').pop()?.replace('.git', '') || ''
+  }
+
+  // Get the current branch
+  try {
+    const branches = await repo.branchLocal()
+    branch = decodeURIComponent(branches.current)
+  } catch (error) {
+    console.error('Failed to get branch information:', error)
+  }
+
+  // Populate commit details
+  if (commit) {
+    author = commit.author_name || ''
+    commitSHA = commit.hash || ''
+    commitMessage = commit.message || ''
+    committer = commit.author_email || ''
+  }
+
+  // List files changed in the latest commit
+  if (commitSHA) {
+    const changedFilesOutput = await repo.raw([
+      'show',
+      '--name-only',
+      '--format=%n',
+      commitSHA
+    ])
+
+    changedFilesOutput
+      .split('\n')
+      .filter(item => item.trim() !== '')
+      .forEach(item => {
+        showFiles.push(item)
+        changedFiles.push(`${path}/${item}`)
+      })
+  }
+
+  return {
+    path,
+    head,
+    repoName,
+    branch,
+    author,
+    commitSHA: commitSHA,
+    commitMessage,
+    committer,
+    showFiles,
+    changedFiles
+  }
+}
diff --git a/src/commands/action/core/github.ts b/src/commands/action/core/github.ts
@@ -88,7 +88,7 @@ export class GitHub {
     }
   }
 
-  static checkEventType(): string | null {
+  checkEventType(): string | null {
     switch (env['GITHUB_EVENT_NAME']?.toLowerCase()) {
       case 'push':
         return env['PR_NUMBER'] ? 'diff' : 'main'
@@ -112,7 +112,7 @@ export class GitHub {
     }
   }
 
-  static async addSocketComments(
+  async addSocketComments(
     securityComment: string,
     overviewComment: string,
     comments: Record<string, Comment>,
@@ -132,7 +132,7 @@ export class GitHub {
         )
       } else {
         debug('Posting new Dependency Overview comment')
-        await GitHub.postComment(overviewComment)
+        await this.postComment(overviewComment)
       }
     }
 
@@ -146,19 +146,19 @@ export class GitHub {
         )
       } else {
         debug('Posting new Security Issue comment')
-        await GitHub.postComment(securityComment)
+        await this.postComment(securityComment)
       }
     }
   }
 
-  static async postComment(body: string): Promise<void> {
+  async postComment(body: string): Promise<void> {
     const repo = env['GITHUB_REPOSITORY']?.split('/')[1]
     const path = `repos/${env['GITHUB_REPOSITORY_OWNER']}/${repo}/issues/${env['PR_NUMBER']}/comments`
     const payload = JSON.stringify({ body })
     await fetch(path, { body: payload, method: 'POST', headers })
   }
 
-  static async updateComment(body: string, commentId: string): Promise<void> {
+  async updateComment(body: string, commentId: string): Promise<void> {
     const repo = env['GITHUB_REPOSITORY']?.split('/')[1]
     const path = `repos/${env['GITHUB_REPOSITORY_OWNER']}/${repo}/issues/comments/${commentId}`
     const payload = JSON.stringify({ body })
@@ -174,7 +174,7 @@ export class GitHub {
     file.close()
   }
 
-  static async getCommentsForPr(
+  async getCommentsForPR(
     repo: string,
     pr: string
   ): Promise<Record<string, Comment | Comment[]>> {
@@ -196,14 +196,35 @@ export class GitHub {
     return Comments.checkForSocketComments(comments)
   }
 
-  static async postReaction(commentId: number): Promise<void> {
+  removeCommentAlerts(comments: Record<string, Comment>): void {
+    const securityAlert = comments['security']
+
+    if (securityAlert) {
+      const newBody = Comments.processSecurityComment(securityAlert, comments)
+      this.handleIgnoreReactions(comments)
+      this.updateComment(newBody, String(securityAlert.id))
+    }
+  }
+
+  handleIgnoreReactions(comments: Record<string, Comment[]>): void {
+    if (comments['ignore']) {
+      for (const comment of comments['ignore']) {
+        if (comment.body.includes('SocketSecurity ignore')) {
+          if (!this.commentReactionExists(comment.id)) {
+            this.postReaction(comment.id)
+          }
+        }
+      }
+    }
+  }
+  async postReaction(commentId: number): Promise<void> {
     const repo = env['GITHUB_REPOSITORY']?.split('/')[1]
     const path = `repos/${env['GITHUB_REPOSITORY_OWNER']}/${repo}/issues/comments/${commentId}/reactions`
     const payload = JSON.stringify({ content: '+1' })
     await fetch(path, { body: payload, method: 'POST', headers })
   }
 
-  static async commentReactionExists(commentId: number): Promise<boolean> {
+  async commentReactionExists(commentId: number): Promise<boolean> {
     const repo = env['GITHUB_REPOSITORY']?.split('/')[1]
     const path = `repos/${env['GITHUB_REPOSITORY_OWNER']}/${repo}/issues/comments/${commentId}/reactions`
     try {

diff --git a/src/commands/action/core/scm_comments.ts b/src/commands/action/core/scm_comments.ts
@@ -172,8 +172,8 @@ export function processSecurityComment(
 
 export function checkForSocketComments(
   comments: Record<string, Comment>
-): Record<string, Comment | Comment[]> {
-  const socketComments: Record<string, Comment | Comment[]> = {}
+): Record<string, Comment> {
+  const socketComments: Record<string, Comment> = {}
 
   for (const [commentId, comment] of Object.entries(comments)) {
     if (comment.body?.includes('socket-security-comment-actions')) {

diff --git a/src/commands/action/git.ts b/src/commands/action/git.ts