"Fossies" - the Fresh Open Source Software Archive

Member "cli-1.1280.1/src/lib/formatters/iac-output/text/formatters.ts" (20 Feb 2024, 6534 Bytes) of package /linux/misc/snyk-cli-1.1280.1.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) TypeScript source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file.

    1 import { FormattedResult } from '../../../../cli/commands/test/iac/local-execution/types';
    2 import { iacRemediationTypes } from '../../../iac/constants';
    3 import { Results, Vulnerability } from '../../../iac/test/v2/scan/results';
    4 import { SEVERITY } from '../../../snyk-test/legacy';
    5 import { IacOutputMeta } from '../../../types';
    6 import {
    7   FormattedOutputResultsBySeverity,
    8   IacTestCounts,
    9   IacTestData,
   10   Issue,
   11 } from './types';
   12 import { countSuppressedIssues } from './utils';
   13 
   14 interface FormatTestDataParams {
   15   oldFormattedResults: FormattedResult[];
   16   iacOutputMeta: IacOutputMeta | undefined;
   17   ignoresCount: number;
   18 }
   19 
   20 export function formatTestData({
   21   oldFormattedResults,
   22   iacOutputMeta: iacTestMeta,
   23   ignoresCount,
   24 }: FormatTestDataParams): IacTestData {
   25   const resultsBySeverity = formatScanResultsNewOutput(oldFormattedResults);
   26 
   27   return {
   28     resultsBySeverity,
   29     metadata: iacTestMeta,
   30     counts: formatTestCounts(resultsBySeverity, {
   31       oldFormattedResults,
   32       ignoresCount,
   33     }),
   34   };
   35 }
   36 
   37 function formatTestCounts(
   38   resultsBySeverity: FormattedOutputResultsBySeverity,
   39   {
   40     oldFormattedResults,
   41     ignoresCount,
   42   }: Pick<FormatTestDataParams, 'ignoresCount' | 'oldFormattedResults'>,
   43 ): IacTestCounts {
   44   const filesWithIssues = oldFormattedResults.filter(
   45     (result) => result.result.cloudConfigResults.length,
   46   ).length;
   47 
   48   const filesWithoutIssues = oldFormattedResults.length - filesWithIssues;
   49 
   50   let totalIssues = 0;
   51 
   52   const issuesCountBySeverity = {} as { [key in SEVERITY]: number };
   53   Object.values(SEVERITY).forEach((severity) => {
   54     issuesCountBySeverity[severity] = resultsBySeverity[severity]?.length || 0;
   55     totalIssues += issuesCountBySeverity[severity];
   56   });
   57 
   58   return {
   59     ignores: ignoresCount,
   60     filesWithIssues,
   61     filesWithoutIssues,
   62     issuesBySeverity: issuesCountBySeverity,
   63     issues: totalIssues,
   64   };
   65 }
   66 
   67 function formatScanResultsNewOutput(
   68   oldFormattedResults: FormattedResult[],
   69 ): FormattedOutputResultsBySeverity {
   70   const newFormattedResults: FormattedOutputResultsBySeverity = {};
   71 
   72   oldFormattedResults.forEach((oldFormattedResult) => {
   73     oldFormattedResult.result.cloudConfigResults.forEach((issue) => {
   74       if (!newFormattedResults[issue.severity]) {
   75         newFormattedResults[issue.severity] = [];
   76       }
   77 
   78       newFormattedResults[issue.severity].push({
   79         issue,
   80         targetFile: oldFormattedResult.targetFile,
   81         projectType: oldFormattedResult.result.projectType,
   82       });
   83     });
   84   });
   85 
   86   return newFormattedResults;
   87 }
   88 
   89 export function formatSnykIacTestTestData(
   90   snykIacTestScanResult: Results | undefined,
   91   projectName: string,
   92   orgName: string,
   93 ): IacTestData {
   94   const resultsBySeverity = formatSnykIacTestScanResultNewOutput(
   95     snykIacTestScanResult,
   96   );
   97 
   98   let totalIssues = 0;
   99 
  100   const issuesCountBySeverity = {} as { [key in SEVERITY]: number };
  101   Object.values(SEVERITY).forEach((severity) => {
  102     issuesCountBySeverity[severity] = resultsBySeverity[severity]?.length || 0;
  103     totalIssues += issuesCountBySeverity[severity];
  104   });
  105 
  106   const allFilesCount = countFiles(snykIacTestScanResult);
  107   const filesWithIssuesCount = countFilesWithIssues(snykIacTestScanResult);
  108   const filesWithoutIssuesCount = allFilesCount - filesWithIssuesCount;
  109   const ignores = snykIacTestScanResult
  110     ? snykIacTestScanResult.metadata.ignoredCount
  111     : 0;
  112 
  113   let contextSuppressedIssueCount: number | undefined;
  114   const suppressedResults =
  115     snykIacTestScanResult?.scanAnalytics?.suppressedResults;
  116   if (suppressedResults) {
  117     contextSuppressedIssueCount = countSuppressedIssues(suppressedResults);
  118   }
  119 
  120   return {
  121     resultsBySeverity,
  122     metadata: { projectName, orgName },
  123     counts: {
  124       ignores,
  125       filesWithIssues: filesWithIssuesCount,
  126       filesWithoutIssues: filesWithoutIssuesCount,
  127       issues: totalIssues,
  128       issuesBySeverity: issuesCountBySeverity,
  129       contextSuppressedIssues: contextSuppressedIssueCount,
  130     },
  131   };
  132 }
  133 
  134 function countFilesWithIssues(results?: Results): number {
  135   if (results && results.vulnerabilities) {
  136     const files = new Set<string>();
  137 
  138     for (const vulnerability of results.vulnerabilities) {
  139       if (vulnerability.resource.file) {
  140         files.add(vulnerability.resource.file);
  141       }
  142     }
  143 
  144     return files.size;
  145   }
  146 
  147   return 0;
  148 }
  149 
  150 function countFiles(results?: Results): number {
  151   if (results && results?.resources) {
  152     const files = new Set<string>();
  153 
  154     for (const resource of results.resources) {
  155       if (resource.file) {
  156         files.add(resource.file);
  157       }
  158     }
  159 
  160     return files.size;
  161   }
  162 
  163   return 0;
  164 }
  165 
  166 function formatSnykIacTestScanResultNewOutput(
  167   snykIacTestScanResult: Results | undefined,
  168 ): FormattedOutputResultsBySeverity {
  169   const resultsBySeverity = {} as FormattedOutputResultsBySeverity;
  170 
  171   if (snykIacTestScanResult?.vulnerabilities) {
  172     snykIacTestScanResult.vulnerabilities.forEach((vulnerability) => {
  173       if (!resultsBySeverity[vulnerability.severity]) {
  174         resultsBySeverity[vulnerability.severity] = [];
  175       }
  176 
  177       resultsBySeverity[vulnerability.severity]!.push({
  178         issue: formatSnykIacTestScanVulnerability(vulnerability),
  179         targetFile: vulnerability.resource.file,
  180         projectType: vulnerability.resource.kind,
  181       });
  182     });
  183   }
  184 
  185   return resultsBySeverity;
  186 }
  187 
  188 function formatSnykIacTestScanVulnerability(
  189   vulnerability: Vulnerability,
  190 ): Issue {
  191   const resolve = extractResolve(vulnerability);
  192 
  193   return {
  194     id: vulnerability.rule.id,
  195     severity: vulnerability.severity,
  196     title: vulnerability.rule.title,
  197     lineNumber: vulnerability.resource.line ?? -1,
  198     cloudConfigPath: formatCloudConfigPath(vulnerability),
  199     issue: vulnerability.rule.title,
  200     impact: vulnerability.rule.description,
  201     resolve,
  202     documentation: vulnerability.rule.documentation,
  203     isGeneratedByCustomRule: vulnerability.rule.isGeneratedByCustomRule,
  204     remediation: {
  205       [iacRemediationTypes[vulnerability.resource.kind]]: resolve,
  206     },
  207   };
  208 }
  209 function extractResolve(vulnerability: Vulnerability): string {
  210   const newLineIdx = vulnerability.remediation.search(/\r?\n|\r/g);
  211   return newLineIdx < 0
  212     ? vulnerability.remediation
  213     : vulnerability.remediation.substring(0, newLineIdx);
  214 }
  215 
  216 function formatCloudConfigPath(vulnerability: Vulnerability): string[] {
  217   const cloudConfigPath = vulnerability.resource.id.split('.');
  218 
  219   if (vulnerability.resource.path) {
  220     cloudConfigPath.push(...vulnerability.resource.path);
  221   }
  222 
  223   return cloudConfigPath;
  224 }