Skip to content

Commit

Permalink
fix(v2): Consume response for Registered Users (#137)
Browse files Browse the repository at this point in the history
  • Loading branch information
@dvandra
dvandra authored Sep 10, 2020
1 parent 93722e6 commit e5a126c
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 9 deletions.
16 changes: 8 additions & 8 deletions src/consumers.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,16 +85,16 @@ class AnalysisConsumer implements IConsumer
{
binding: IBindingDescriptor;
changeToBinding: IBindingDescriptor;
registrationLinkBinding : IBindingDescriptor;
messageBinding : IBindingDescriptor;
vulnerabilityCountBinding : IBindingDescriptor;
advisoryCountBinding : IBindingDescriptor;
exploitCountBinding : IBindingDescriptor;
item: any;
changeTo: string = null;
registrationLink: string = null;
message: string = null;
vulnerabilityCount: number = 0;
advisoryCount: number = 0;
exploitCount: number = 0;
constructor(public config: any){}
consume(data: any): boolean {
if (this.binding != null) {
Expand All @@ -105,9 +105,6 @@ class AnalysisConsumer implements IConsumer
if (this.changeToBinding != null) {
this.changeTo = bind_object(data, this.changeToBinding);
}
if (this.registrationLinkBinding != null) {
this.registrationLink = bind_object(data, this.registrationLinkBinding);
}
if (this.messageBinding != null) {
this.message = bind_object(data, this.messageBinding);
}
Expand All @@ -117,6 +114,9 @@ class AnalysisConsumer implements IConsumer
if (this.advisoryCountBinding != null) {
this.advisoryCount = bind_object(data, this.advisoryCountBinding);
}
if (this.exploitCountBinding != null) {
this.exploitCount = bind_object(data, this.exploitCountBinding);
}
return this.item != null;
}
};
Expand Down Expand Up @@ -151,14 +151,14 @@ class SecurityEngine extends AnalysisConsumer implements DiagnosticProducer
this.binding = {path: ['vulnerability']};
/* recommendation to use a different version */
this.changeToBinding = {path: ['recommended_versions']};
/* snyk registration link */
this.registrationLinkBinding = {path: ['registration_link']};
/* Diagnostic message */
this.messageBinding = {path: ['message']};
/* Publicly known Security Vulnerability count */
this.vulnerabilityCountBinding = {path: ['known_security_vulnerability_count']};
/* Private Security Advisory count */
this.advisoryCountBinding = {path: ['security_advisory_count']};
/* Exloitable vulnerability count */
this.exploitCountBinding = {path: ['exploitable_vulnerabilities_count']};
}

produce(ctx: any): Diagnostic[] {
Expand All @@ -180,7 +180,7 @@ class SecurityEngine extends AnalysisConsumer implements DiagnosticProducer
};

// TODO: this can be done lazily
if (this.changeTo && this.vulnerabilityCount > 0) {
if (this.changeTo) {
let codeAction: CodeAction = {
title: "Switch to recommended version " + this.changeTo,
diagnostics: [diagnostic],
Expand Down
5 changes: 4 additions & 1 deletion src/server.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,7 +178,8 @@ const getCAmsg = (deps, diagnostics, totalCount): string => {
const knownVulnMsg = !totalCount.vulnerabilityCount || `${totalCount.vulnerabilityCount} Known Security ${vulStr(totalCount.vulnerabilityCount)}`;
const advisoryMsg = !totalCount.advisoryCount || `${totalCount.advisoryCount} Security ${advStr(totalCount.advisoryCount)}`;
let summaryMsg = [knownVulnMsg, advisoryMsg].filter(x => x !== true).join(' and ');
summaryMsg += (totalCount.vulnerabilityCount > 0) ? " along with quick fixes" : "";
summaryMsg += (totalCount.exploitCount > 0) ? ` with ${totalCount.exploitCount} Exploitable ${vulStr(totalCount.exploitCount)}` : "";
summaryMsg += ((totalCount.vulnerabilityCount + totalCount.advisoryCount) > 0) ? " along with quick fixes" : "";
msg += summaryMsg ? ('flagged ' + summaryMsg) : 'No potential security vulnerabilities found';
} else {
msg += `No potential security vulnerabilities found`;
Expand Down Expand Up @@ -225,6 +226,7 @@ class TotalCount
{
vulnerabilityCount: number = 0;
advisoryCount: number = 0;
exploitCount: number = 0;
};

/* Runs DiagnosticPileline to consume response and generate Diagnostic[] */
Expand All @@ -237,6 +239,7 @@ function runPipeline(response, diagnostics, diagnosticFilePath, dependencyMap, t
const secEng = item as SecurityEngine;
totalCount.vulnerabilityCount += secEng.vulnerabilityCount;
totalCount.advisoryCount += secEng.advisoryCount;
totalCount.exploitCount += secEng.exploitCount;
}
connection.sendDiagnostics({ uri: diagnosticFilePath, diagnostics: diagnostics });
})
Expand Down

0 comments on commit e5a126c

Please sign in to comment.