vulnerability-notifications

v2.5.0

Published

4 years ago

Attempt to update npm packages marked by github as vulnerable

Downloads

0High
0Medium
0Low

fantasyui.com

fantasyui-com vulnerability notifications update npm packages

Vulnerability Notifications

Attempt to update npm packages marked by github as vulnerable

1) Program Procedure: Hello World

Print "Hello World" and exit

./code_modules/hello-world

1.1) Procedure Task: Screen Printer

Call the screen printer

./code_modules/hello-world/code_modules/screen-printer

Modules:
- Name: path
Parameters: {text: 'hello world'}

1.1.1) Task Action: Print Text

output the text to nearest screen

./code_modules/hello-world/code_modules/screen-printer/code_modules/print-text

Modules:
- Name: path

2) Program Procedure: Fix Vulnerabilities

Attempt to fix npm-packages.

./code_modules/fix-vulnerabilities

2.1) Procedure Task: Verify Github Access via curl

Use a github access token to pull in notification data.

./code_modules/fix-vulnerabilities/code_modules/verify-github-access-via-curl

Parameters: {cache: '3 hours'}
Dependencies:
- Name: request, Version: ^2.88.0

2.2) Procedure Task: Verify Github Access via git

Test if the computer is authorized to push to github

./code_modules/fix-vulnerabilities/code_modules/verify-github-access-via-git

Dependencies:
- Name: shelljs, Version: ^0.8.3
Modules:
- Name: path
- Name: fs

2.3) Procedure Task: Get Active Notifications

Get all active github notifications as JSON

./code_modules/fix-vulnerabilities/code_modules/get-active-notifications

2.3.1) Task Action: Get github notifications

Connect to github using token and get JSON data

./code_modules/fix-vulnerabilities/code_modules/get-active-notifications/code_modules/get-github-notifications

Dependencies:
- Name: request, Version: ^2.88.0

2.3.2) Task Action: Cleanup Notifications

Remove unimportant information from github response

./code_modules/fix-vulnerabilities/code_modules/get-active-notifications/code_modules/cleanup-notifications

2.4) Procedure Task: Select Vulnerable Repositories

Skip unrelated notifications

./code_modules/fix-vulnerabilities/code_modules/select-vulnerable-repositories

2.5) Procedure Task: Select Npm Repositories

Select repositories in npm format only

./code_modules/fix-vulnerabilities/code_modules/select-npm-repositories

Modules:
- Name: path
- Name: fs

2.6) Procedure Task: Clone selected repositories via git

all updates are performed on the local system via standard utilities

./code_modules/fix-vulnerabilities/code_modules/clone-selected-repositories-via-git

Dependencies:
- Name: shelljs, Version: ^0.8.3

2.7) Procedure Task: Run npm update

Update NPM Package using npm-update

./code_modules/fix-vulnerabilities/code_modules/run-npm-update

Dependencies:
- Name: npm, Version: ^6.10.1
Modules:
- Name: path
- Name: fs

2.8) Procedure Task: Update NPM License

Update license field

./code_modules/fix-vulnerabilities/code_modules/update-npm-license

2.8.1) Task Action: Set npm license

Apply new license to the license field in package.json

./code_modules/fix-vulnerabilities/code_modules/update-npm-license/code_modules/set-npm-license

Parameters: (license='GPLv3', bork = true)
Dependencies:
- Name: npm, Version: ^6.10.1
Modules:
- Name: path
- Name: fs

2.9) Procedure Task: Run standard npm update

Ensure all packages are up to date

./code_modules/fix-vulnerabilities/code_modules/run-standard-npm-update

Dependencies:
- Name: npm, Version: ^6.10.1

2.10) Procedure Task: Npm Audit and Fix

Perform NPM Audit using npm

./code_modules/fix-vulnerabilities/code_modules/npm-audit-and-fix

Dependencies:
- Name: npm, Version: ^6.10.1

2.11) Procedure Task: Publish Package Update to npmjs

save data to npm

./code_modules/fix-vulnerabilities/code_modules/publish-package-update-to-npmjs

Dependencies:
- Name: npm, Version: ^6.10.1

2.12) Procedure Task: Publish Code Updates to github

save data to github

./code_modules/fix-vulnerabilities/code_modules/publish-code-updates-to-github

Dependencies:
- Name: shelljs, Version: ^0.8.3

Published

Vulnerabilities

Links

Maintainers

Keywords

Readme

Vulnerability Notifications

Attempt to update npm packages marked by github as vulnerable

1) Program Procedure: Hello World

1.1) Procedure Task: Screen Printer

1.1.1) Task Action: Print Text

2) Program Procedure: Fix Vulnerabilities

2.1) Procedure Task: Verify Github Access via curl

2.2) Procedure Task: Verify Github Access via git

2.3) Procedure Task: Get Active Notifications

2.3.1) Task Action: Get github notifications

2.3.2) Task Action: Cleanup Notifications

2.4) Procedure Task: Select Vulnerable Repositories

2.5) Procedure Task: Select Npm Repositories

2.6) Procedure Task: Clone selected repositories via git

2.7) Procedure Task: Run npm update

2.8) Procedure Task: Update NPM License

2.8.1) Task Action: Set npm license

2.9) Procedure Task: Run standard npm update

2.10) Procedure Task: Npm Audit and Fix

2.11) Procedure Task: Publish Package Update to npmjs

2.12) Procedure Task: Publish Code Updates to github