Skip to content

Normalize schema #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 13 commits into
base: main
Choose a base branch
from
Open

Normalize schema #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
6682e2d
codejedi365-normalize-schema > add gitlab-schema as dependency
codejedi365 May 14, 2021
64c3f54
codejedi365-normalize-schema > delete undefined field value
codejedi365 May 14, 2021
815111f
codejedi365-normalize-schema > change from devdep to dep
codejedi365 May 15, 2021
30562cb
codejedi365-normalize-schema > Correct the use of schema
codejedi365 May 15, 2021
ca12275
codejedi365-normalize-schema > Update expected results snapshots
codejedi365 May 15, 2021
336b8c5
codejedi365-normalize-schema > add webpack as dep
codejedi365 May 16, 2021
66fc329
codejedi365-normalize-schema > add webpack.config!
codejedi365 May 16, 2021
d3e7e8f
Merge branch 'origin/codejedi365-update-pkg-conf' into codejedi365-no…
codejedi365 May 16, 2021
56fcd69
codejedi365-normalize-schema > set pkg run-scripts for webpack
codejedi365 May 16, 2021
3cb0c54
codejedi365-normalize-schema > redefine quiet test run
codejedi365 May 16, 2021
06152eb
codejedi365-normalize-schema > delete prepare script
codejedi365 May 16, 2021
7351700
Merge branch 'main' of https://github.com/elpete/gitlab-npm-audit-par…
codejedi365 May 20, 2021
a730521
codejedi365-normalize-schema > +npm ignore for dist/ publish
codejedi365 May 20, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
gl-dependency-scanning-report.json
node_modules
dist/
Empty file added .npmignore
View file
Open in desktop
Empty file.
14 changes: 9 additions & 5 deletions lib/convert.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
var capitalize = require("./utils").capitalize;
var getCWEId = require("./utils").getCWEId;
var gitlabSchema = require("schema-merge/dist/dependency-scanning-report-format.json");

var convert = function (json) {
return JSON.stringify(convertReportForType(JSON.parse(json)), null, " ");
Expand All @@ -21,7 +22,9 @@ function getReportType(parsedData) {

function convertV2Report(parsedData) {
let report = {};
report.version = "2.0";
// The version of the schema to which the JSON report conforms.
report.version = gitlabSchema.self.version;
report.schema = `https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/raw/v${gitlabSchema.self.version}/dist/dependency-scanning-report-format.json`
report.vulnerabilities = [];
report.remediations = [];

Expand All @@ -45,7 +48,7 @@ function convertV2Report(parsedData) {
confidence: "High",
scanner: {
id: "npm_audit_advisories",
name: "NPM Audit",
name: `NPM Audit v${getReportType(parsedData)}`
},
location: {
file: "package-lock.json",
Expand Down Expand Up @@ -86,7 +89,9 @@ function convertV2Report(parsedData) {

function convertV1Report(parsedData) {
let report = {};
report.version = "1.0";
// The version of the schema to which the JSON report conforms.
report.version = gitlabSchema.self.version;
report.schema = `https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/raw/v${gitlabSchema.self.version}/dist/dependency-scanning-report-format.json`
report.vulnerabilities = [];
report.remediations = [];

Expand All @@ -108,7 +113,7 @@ function convertV1Report(parsedData) {
confidence: "High",
scanner: {
id: "npm_audit_advisories",
name: "NPM Audit",
name: `NPM Audit v${getReportType(parsedData)}`
},
location: {
file: "package.json",
Expand All @@ -134,7 +139,6 @@ function convertV1Report(parsedData) {
},
],
solution: advisory.recommendation,
instances: advisory.findings[0].paths.map((value) => ({ method: value })),
links: [
{
url: `https://npmjs.com/advisories/${advisory.id}`,
Expand Down
Loading