vulnerability-notifications
v2.5.0
Published
Attempt to update npm packages marked by github as vulnerable
Downloads
8
Maintainers
Readme
Vulnerability Notifications
Attempt to update npm packages marked by github as vulnerable
1) Program Procedure: Hello World
Print "Hello World" and exit
1.1) Procedure Task: Screen Printer
Call the screen printer
./code_modules/hello-world/code_modules/screen-printer
- Modules:
- Name: path
- Parameters: {text: 'hello world'}
1.1.1) Task Action: Print Text
output the text to nearest screen
./code_modules/hello-world/code_modules/screen-printer/code_modules/print-text
- Modules:
- Name: path
2) Program Procedure: Fix Vulnerabilities
Attempt to fix npm-packages.
./code_modules/fix-vulnerabilities
2.1) Procedure Task: Verify Github Access via curl
Use a github access token to pull in notification data.
./code_modules/fix-vulnerabilities/code_modules/verify-github-access-via-curl
- Parameters: {cache: '3 hours'}
- Dependencies:
- Name: request, Version: ^2.88.0
2.2) Procedure Task: Verify Github Access via git
Test if the computer is authorized to push to github
./code_modules/fix-vulnerabilities/code_modules/verify-github-access-via-git
2.3) Procedure Task: Get Active Notifications
Get all active github notifications as JSON
./code_modules/fix-vulnerabilities/code_modules/get-active-notifications
2.3.1) Task Action: Get github notifications
Connect to github using token and get JSON data
- Dependencies:
- Name: request, Version: ^2.88.0
2.3.2) Task Action: Cleanup Notifications
Remove unimportant information from github response
2.4) Procedure Task: Select Vulnerable Repositories
Skip unrelated notifications
./code_modules/fix-vulnerabilities/code_modules/select-vulnerable-repositories
2.5) Procedure Task: Select Npm Repositories
Select repositories in npm format only
./code_modules/fix-vulnerabilities/code_modules/select-npm-repositories
2.6) Procedure Task: Clone selected repositories via git
all updates are performed on the local system via standard utilities
./code_modules/fix-vulnerabilities/code_modules/clone-selected-repositories-via-git
- Dependencies:
- Name: shelljs, Version: ^0.8.3
2.7) Procedure Task: Run npm update
Update NPM Package using npm-update
./code_modules/fix-vulnerabilities/code_modules/run-npm-update
2.8) Procedure Task: Update NPM License
Update license field
./code_modules/fix-vulnerabilities/code_modules/update-npm-license
2.8.1) Task Action: Set npm license
Apply new license to the license field in package.json
./code_modules/fix-vulnerabilities/code_modules/update-npm-license/code_modules/set-npm-license
- Parameters: (license='GPLv3', bork = true)
- Dependencies:
- Name: npm, Version: ^6.10.1
- Modules:
2.9) Procedure Task: Run standard npm update
Ensure all packages are up to date
./code_modules/fix-vulnerabilities/code_modules/run-standard-npm-update
- Dependencies:
- Name: npm, Version: ^6.10.1
2.10) Procedure Task: Npm Audit and Fix
Perform NPM Audit using npm
./code_modules/fix-vulnerabilities/code_modules/npm-audit-and-fix
- Dependencies:
- Name: npm, Version: ^6.10.1
2.11) Procedure Task: Publish Package Update to npmjs
save data to npm
./code_modules/fix-vulnerabilities/code_modules/publish-package-update-to-npmjs
- Dependencies:
- Name: npm, Version: ^6.10.1
2.12) Procedure Task: Publish Code Updates to github
save data to github
./code_modules/fix-vulnerabilities/code_modules/publish-code-updates-to-github
- Dependencies:
- Name: shelljs, Version: ^0.8.3