diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 25dda40..6ba2513 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -41,16 +41,16 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout repository - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8 # v2.21.5 + uses: github/codeql-action/init@0b21cf2492b6b02c465a3e5d7c473717ad7721ba # v3.23.1 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8 # v2.21.5 + uses: github/codeql-action/autobuild@0b21cf2492b6b02c465a3e5d7c473717ad7721ba # v3.23.1 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,6 +73,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8 # v2.21.5 + uses: github/codeql-action/analyze@0b21cf2492b6b02c465a3e5d7c473717ad7721ba # v3.23.1 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml index a4084f0..51e6d58 100644 --- a/.github/workflows/node.js.yml +++ b/.github/workflows/node.js.yml @@ -17,13 +17,13 @@ jobs: fail-fast: false steps: - name: Harden Runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v2.6.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1 + uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 with: node-version: ${{ matrix.node-version }} - name: Install dependencies @@ -34,6 +34,6 @@ jobs: run: npm run lint - name: Build project run: npm run build - - uses: NodeSecure/ci-action@e3ac9c03585752e979622279106a161e94d5717b # v1 + - uses: NodeSecure/ci-action@177c57fe32c75cafabe87f6e4515d277cc37ae6c # v1.4.1 with: warnings: off diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 6d1233a..4c28225 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -32,17 +32,17 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: "Checkout code" - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0 + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 with: results_file: results.sarif results_format: sarif @@ -64,7 +64,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 + uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: SARIF file path: results.sarif @@ -72,6 +72,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8 # v2.1.27 + uses: github/codeql-action/upload-sarif@0b21cf2492b6b02c465a3e5d7c473717ad7721ba # v3.23.1 with: sarif_file: results.sarif diff --git a/.mocharc.json b/.mocharc.json deleted file mode 100644 index b5a2bff..0000000 --- a/.mocharc.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "extension": ["ts"], - "node-option": ["experimental-specifier-resolution=node", "loader=ts-node/esm", "no-warnings"], - "spec": ["**/*.spec.ts"], - "timeout": 5000 -} \ No newline at end of file diff --git a/LICENSE b/LICENSE index ae177e5..f56b57c 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2021 NodeSecure +Copyright (c) 2021- 2024 NodeSecure Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 34321f4..322073e 100644 --- a/README.md +++ b/README.md @@ -308,7 +308,7 @@ only the "Console" reporter is available. ## Requirements -- [Node.js](https://nodejs.org/en/) v16 or higher +- [Node.js](https://nodejs.org/en/) v18 or higher ## Contributors ✨ diff --git a/package.json b/package.json index 9fc1411..9fb2565 100644 --- a/package.json +++ b/package.json @@ -15,7 +15,7 @@ } }, "engines": { - "node": ">=16.0.0" + "node": ">=18.0.0" }, "files": [ "dist" @@ -56,45 +56,44 @@ "prepublishOnly": "npm run test && npm run build", "start": "node dist/bin/cli.js", "build": "rimraf ./dist && tsc --project tsconfig.build.json", - "test": "cross-env NODE_ENV=test mocha --parallel", + "test": "glob -c \"tsx --test\" \"./src/**/*.spec.ts\"", "lint": "eslint ." }, "devDependencies": { - "@nodesecure/eslint-config": "^1.3.0", - "@types/chai": "^4.3.0", - "@types/lodash.set": "^4.3.6", - "@types/mocha": "^10.0.1", - "@types/mock-fs": "^4.13.1", - "@types/node": "^20.2.5", - "@types/pluralize": "^0.0.30", - "@types/sade": "^1.7.4", - "chai": "^4.3.4", + "@nodesecure/eslint-config": "^1.9.0", + "@types/lodash.set": "^4.3.9", + "@types/mock-fs": "^4.13.4", + "@types/node": "^20.11.5", + "@types/pluralize": "^0.0.33", + "@types/sade": "^1.7.8", "cross-env": "^7.0.3", - "eslint": "^8.4.1", - "eslint-config-prettier": "^9.0.0", - "eslint-import-resolver-typescript": "^3.5.3", - "eslint-plugin-prettier": "^4.0.0", - "mocha": "^10.2.0", - "mock-fs": "^5.1.2", - "prettier": "^2.5.1", - "rimraf": "^5.0.0", - "ts-node": "^10.8.1", + "eslint": "^8.56.0", + "eslint-config-prettier": "^9.1.0", + "eslint-import-resolver-typescript": "^3.6.1", + "eslint-plugin-prettier": "^5.1.3", + "mock-fs": "^5.2.0", + "prettier": "^3.2.4", + "rimraf": "^5.0.5", + "ts-node": "^10.9.2", "typescript": "^5.0.4" }, "dependencies": { - "@nodesecure/i18n": "^3.2.0", - "@nodesecure/js-x-ray": "^6.0.1", - "@nodesecure/rc": "^1.2.1", - "@nodesecure/scanner": "^4.0.0", + "@nodesecure/i18n": "^3.5.0", + "@nodesecure/js-x-ray": "^6.3.0", + "@nodesecure/rc": "^1.5.0", + "@nodesecure/scanner": "^5.3.0", "@nodesecure/vulnera": "^1.8.0", + "@openally/result": "^1.2.0", "@slimio/async-cli-spinner": "^0.5.2", - "ajv": "^8.11.2", + "ajv": "^8.12.0", + "glob": "^10.3.10", "kleur": "^4.1.5", "lodash.set": "^4.3.2", "pluralize": "^8.0.0", - "pretty-ms": "^8.0.0", + "pretty-ms": "^9.0.0", "sade": "^1.8.1", "table": "^6.8.1", - "ts-pattern": "^5.0.1" + "ts-pattern": "^5.0.6", + "tsx": "^4.7.0" } } diff --git a/src/analysis/interpretation/interpret.spec.ts b/src/analysis/interpretation/interpret.spec.ts index c429a4b..0b53c98 100644 --- a/src/analysis/interpretation/interpret.spec.ts +++ b/src/analysis/interpretation/interpret.spec.ts @@ -1,8 +1,11 @@ +// Import Node.js Dependencies +import assert from "node:assert"; +import { describe, it } from "node:test"; + // Import Third-party Dependencies import * as JSXRay from "@nodesecure/js-x-ray"; import { Scanner } from "@nodesecure/scanner"; import { Strategy } from "@nodesecure/vuln"; -import { expect } from "chai"; // Import Internal Dependencies import { @@ -63,7 +66,7 @@ describe("Pipeline check workflow", () => { kDefaultRuntimeConfiguration ); - expect(status).equals(pipeline.status.FAILURE); + assert.equal(status, pipeline.status.FAILURE); }); }); @@ -128,8 +131,8 @@ describe("Pipeline check workflow", () => { kDefaultRuntimeConfiguration ); - expect(status).equals(pipeline.status.FAILURE); - expect(data).to.deep.equal({ + assert.equal(status, pipeline.status.FAILURE); + assert.deepEqual(data, { warnings: [], dependencies: { vulnerabilities: [], @@ -215,7 +218,7 @@ describe("Pipeline check workflow", () => { }); expectNsciPipelineToBeSuccessful(status); - expect(data).to.deep.equal({ + assert.deepEqual(data, { warnings: [], dependencies: { vulnerabilities: [], @@ -272,7 +275,7 @@ describe("Pipeline check workflow", () => { } as Warnings }); - expect(status).equals(pipeline.status.FAILURE); + assert.equal(status, pipeline.status.FAILURE); expectNsciPayloadToHaveWarnings(data.dependencies.warnings, [ { @@ -411,7 +414,7 @@ describe("Pipeline check workflow", () => { kDefaultRuntimeConfiguration ); - expect(data.dependencies.vulnerabilities.length).to.equal(0); + assert.equal(data.dependencies.vulnerabilities.length, 0); }); describe("When providing default runtime configuration", () => { @@ -441,7 +444,7 @@ describe("Pipeline check workflow", () => { kDefaultRuntimeConfiguration ); - expect(status).equals(pipeline.status.FAILURE); + assert.equal(status, pipeline.status.FAILURE); }); }); }); @@ -460,7 +463,7 @@ describe("Pipeline check workflow", () => { ignorePatterns }); - expect(data.dependencies.warnings).to.deep.equal([]); + assert.deepEqual(data.dependencies.warnings, []); expectNsciPipelineToBeSuccessful(status); }); @@ -477,7 +480,7 @@ describe("Pipeline check workflow", () => { ignorePatterns }); - expect(data.dependencies.warnings.length).to.above(0); + assert.ok(data.dependencies.warnings.length > 0); expectNsciPipelineToFail(status); }); }); @@ -510,7 +513,7 @@ describe("Pipeline check workflow", () => { }); expectNsciPipelineToBeSuccessful(status); - expect(data).to.deep.equal({ + assert.deepEqual(data, { warnings: [], dependencies: { vulnerabilities: [], @@ -548,7 +551,7 @@ describe("Pipeline check workflow", () => { }); expectNsciPipelineToFail(status); - expect(data.dependencies.vulnerabilities[0]).to.deep.equal({ + assert.deepEqual(data.dependencies.vulnerabilities[0], { origin: "npm", package: "express", title: "Vuln...", @@ -595,8 +598,8 @@ describe("Pipeline check workflow", () => { }); expectNsciPipelineToFail(status); - expect(data.dependencies.vulnerabilities.length).to.equal(1); - expect(data.dependencies.vulnerabilities[0]).to.deep.equal({ + assert.equal(data.dependencies.vulnerabilities.length, 1); + assert.deepEqual(data.dependencies.vulnerabilities[0], { origin: "npm", package: "express", title: "Express vuln that should not be ignored", @@ -684,11 +687,11 @@ function makePartialScannerDependencies( } function expectNsciPipelineToBeSuccessful(status: pipeline.Status): void { - expect(status).equals(pipeline.status.SUCCESS); + assert.equal(status, pipeline.status.SUCCESS); } function expectNsciPipelineToFail(status: pipeline.Status): void { - expect(status).equals(pipeline.status.FAILURE); + assert.equal(status, pipeline.status.FAILURE); } function expectNsciPayloadToHaveWarnings( @@ -717,5 +720,5 @@ function expectNsciPayloadToHaveWarnings( }; }); - expect(payloadWarnings).to.deep.equal(warnings); + assert.deepEqual(payloadWarnings, warnings); } diff --git a/src/analysis/interpretation/interpret.ts b/src/analysis/interpretation/interpret.ts index 2ee4149..0153466 100644 --- a/src/analysis/interpretation/interpret.ts +++ b/src/analysis/interpretation/interpret.ts @@ -93,15 +93,18 @@ function excludeIgnoredDependenciesWarnings( return dependenciesWarnings; } - return dependenciesWarnings.filter(function excludeIgnorableWarnings( - dependencyWarnings - ) { - function hasWarnings(warn: Warning): boolean { - return ignorePatterns.warnings.has(warn.kind, dependencyWarnings.package); - } + return dependenciesWarnings.filter( + function excludeIgnorableWarnings(dependencyWarnings) { + function hasWarnings(warn: Warning): boolean { + return ignorePatterns.warnings.has( + warn.kind, + dependencyWarnings.package + ); + } - return !dependencyWarnings.warnings.find(hasWarnings); - }); + return !dependencyWarnings.warnings.find(hasWarnings); + } + ); } /** diff --git a/src/configuration/environment/index.spec.ts b/src/configuration/environment/index.spec.ts index 20f07c2..7154590 100644 --- a/src/configuration/environment/index.spec.ts +++ b/src/configuration/environment/index.spec.ts @@ -2,11 +2,10 @@ /* eslint-disable max-nested-callbacks */ // Import Node.js Dependencies -import fs from "fs"; -import path from "path"; - -// Import Third-party Dependencies -import { expect } from "chai"; +import assert from "node:assert"; +import fs from "node:fs"; +import path from "node:path"; +import { after, before, describe, it } from "node:test"; // Import Internal Dependencies import { Nsci } from "../standard/index.js"; @@ -58,48 +57,50 @@ function createFixturesFolder(): void { } function deleteFixturesFolder(): void { - fs.rmdirSync(kFixturesFolder, { recursive: true }); + fs.rmSync(kFixturesFolder, { recursive: true }); } -before(() => createFixturesFolder()); -after(() => deleteFixturesFolder()); - describe("Environment data collection", () => { + before(async () => createFixturesFolder()); + after(async () => deleteFixturesFolder()); + describe("When traversing the environment", () => { describe("When dealing with one single lockfile", () => { it("should find the yarn lockfile at the given location", async () => { - expect( + assert.deepEqual( ( await analyzeEnvironmentContext({ ...Nsci.defaultNsciRuntimeConfiguration, rootDir: getFixtureFolderPath(kFixtureEnvironment.yarn.folderName) }) - ).lockFile - ).to.deep.equal({ - current: "yarn.lock", - multiple: false - }); + ).lockFile, + { + current: "yarn.lock", + multiple: false + } + ); }); it("should find the shrinkwrap at the given location", async () => { - expect( + assert.deepEqual( await analyzeEnvironmentContext({ ...Nsci.defaultNsciRuntimeConfiguration, rootDir: getFixtureFolderPath( kFixtureEnvironment.shrinkwrap.folderName ) - }) - ).to.deep.equal({ - lockFile: { - current: "npm-shrinkwrap.json", - multiple: false - }, - compatibleStrategy: "NPM_AUDIT" - }); + }), + { + lockFile: { + current: "npm-shrinkwrap.json", + multiple: false + }, + compatibleStrategy: "NPM_AUDIT" + } + ); }); it("should find the package-lock lockfile at the given location", async () => { - expect( + assert.deepEqual( ( await analyzeEnvironmentContext({ ...Nsci.defaultNsciRuntimeConfiguration, @@ -107,15 +108,16 @@ describe("Environment data collection", () => { kFixtureEnvironment.packageLock.folderName ) }) - ).lockFile - ).to.deep.equal({ - current: "package-lock.json", - multiple: false - }); + ).lockFile, + { + current: "package-lock.json", + multiple: false + } + ); }); it("should fallback to 'none' when no lockfile is found at the given location", async () => { - expect( + assert.deepEqual( ( await analyzeEnvironmentContext({ ...Nsci.defaultNsciRuntimeConfiguration, @@ -123,65 +125,69 @@ describe("Environment data collection", () => { kFixtureEnvironment.noLockFile.folderName ) }) - ).lockFile - ).to.deep.equal({ - current: "none", - multiple: false - }); + ).lockFile, + { + current: "none", + multiple: false + } + ); }); }); describe("When dealing with multiple lockfiles", () => { it("should keep the package-lock file", async () => { - expect( + assert.deepEqual( await analyzeEnvironmentContext({ ...Nsci.defaultNsciRuntimeConfiguration, rootDir: getFixtureFolderPath( kFixtureEnvironment.multipleLockFiles.folderName ) - }) - ).to.deep.equal({ - lockFile: { - current: "package-lock.json", - multiple: true - }, - compatibleStrategy: "NPM_AUDIT" - }); + }), + { + lockFile: { + current: "package-lock.json", + multiple: true + }, + compatibleStrategy: "NPM_AUDIT" + } + ); }); }); describe("When providing a strategy not compatible with the environment", () => { describe("When the lockfile is missing or incompatible with the environment", () => { it("should fallback to 'SONATYPE' strategy", async () => { - expect( + assert.deepEqual( await analyzeEnvironmentContext({ ...Nsci.defaultNsciRuntimeConfiguration, strategy: "NPM_AUDIT", rootDir: getFixtureFolderPath(kFixtureEnvironment.yarn.folderName) - }) - ).to.deep.equal({ - lockFile: { - current: "yarn.lock", - multiple: false - }, - compatibleStrategy: "SONATYPE" - }); - - expect( + }), + { + lockFile: { + current: "yarn.lock", + multiple: false + }, + compatibleStrategy: "SONATYPE" + } + ); + + assert.deepEqual( await analyzeEnvironmentContext({ ...Nsci.defaultNsciRuntimeConfiguration, strategy: "NPM_AUDIT", rootDir: getFixtureFolderPath( kFixtureEnvironment.noLockFile.folderName ) - }) - ).to.deep.equal({ - lockFile: { - current: "none", - multiple: false - }, - compatibleStrategy: "SONATYPE" - }); + }), + { + lockFile: { + current: "none", + multiple: false + }, + compatibleStrategy: "SONATYPE" + } + ); }); }); }); @@ -189,37 +195,39 @@ describe("Environment data collection", () => { describe("When providing a strategy compatible with every environment", () => { it("should not fallback to any strategy", async () => { const SAME_NODE_STRATEGY = "SECURITY_WG"; - expect( + assert.deepEqual( await analyzeEnvironmentContext({ ...Nsci.defaultNsciRuntimeConfiguration, strategy: SAME_NODE_STRATEGY, rootDir: getFixtureFolderPath( kFixtureEnvironment.shrinkwrap.folderName ) - }) - ).to.deep.equal({ - lockFile: { - current: "npm-shrinkwrap.json", - multiple: false - }, - compatibleStrategy: SAME_NODE_STRATEGY - }); + }), + { + lockFile: { + current: "npm-shrinkwrap.json", + multiple: false + }, + compatibleStrategy: SAME_NODE_STRATEGY + } + ); const SAME_NONE_STRATEGY = "NONE"; - expect( + assert.deepEqual( await analyzeEnvironmentContext({ ...Nsci.defaultNsciRuntimeConfiguration, strategy: SAME_NONE_STRATEGY, rootDir: getFixtureFolderPath(kFixtureEnvironment.yarn.folderName) - }) - ).to.deep.equal({ - lockFile: { - current: "yarn.lock", - multiple: false - }, - compatibleStrategy: SAME_NONE_STRATEGY - }); + }), + { + lockFile: { + current: "yarn.lock", + multiple: false + }, + compatibleStrategy: SAME_NONE_STRATEGY + } + ); }); }); }); diff --git a/src/configuration/external/nodesecure/index.spec.ts b/src/configuration/external/nodesecure/index.spec.ts index 0322e3f..c80fde6 100644 --- a/src/configuration/external/nodesecure/index.spec.ts +++ b/src/configuration/external/nodesecure/index.spec.ts @@ -1,5 +1,8 @@ +// Import Node.js Dependencies +import assert from "node:assert"; +import { describe, it } from "node:test"; + // Third-party Dependencies -import { expect } from "chai"; import mock from "mock-fs"; // Internal Dependencies @@ -13,7 +16,7 @@ describe("getIgnoreFile", () => { it("should return empty object if file doen't exist", async () => { const result = await getIgnoreFile(); - expect(result).deep.equal(kDefaultIgnoreFileContent); + assert.deepEqual(result, kDefaultIgnoreFileContent); }); it("should return empty object if file format is invalid", async () => { @@ -22,7 +25,7 @@ describe("getIgnoreFile", () => { const result = await getIgnoreFile(); - expect(result).deep.equal(kDefaultIgnoreFileContent); + assert.deepEqual(result, kDefaultIgnoreFileContent); mock.restore(); }); @@ -36,8 +39,8 @@ describe("getIgnoreFile", () => { const result = await getIgnoreFile(); - expect(result).to.be.an.instanceof(IgnorePatterns); - expect(result).not.to.deep.equal({}); + assert.ok(result instanceof IgnorePatterns); + assert.notDeepEqual(result, {}); mock.restore(); }); @@ -51,7 +54,7 @@ describe("getIgnoreFile", () => { const { warnings } = await getIgnoreFile(); - expect(warnings).to.be.an.instanceof(IgnoreWarningsPatterns); + assert.ok(warnings instanceof IgnoreWarningsPatterns); mock.restore(); }); @@ -65,8 +68,8 @@ describe("getIgnoreFile", () => { const result = await getIgnoreFile(); - expect(result.warnings.has("unsafe-regex", "negotiator")).to.equal(true); - expect(result.warnings.has("unsafe-regex", "express")).to.equal(false); + assert.equal(result.warnings.has("unsafe-regex", "negotiator"), true); + assert.equal(result.warnings.has("unsafe-regex", "express"), false); mock.restore(); }); }); diff --git a/src/configuration/external/nodesecure/index.ts b/src/configuration/external/nodesecure/index.ts index 22ab1b5..e925e3f 100644 --- a/src/configuration/external/nodesecure/index.ts +++ b/src/configuration/external/nodesecure/index.ts @@ -4,8 +4,8 @@ import { join } from "path"; // Import Third-party Dependencies import { RC as NodeSecureRuntimeConfig, read } from "@nodesecure/rc"; +import type { Result } from "@openally/result"; import { match } from "ts-pattern"; -import type { Result } from "ts-results"; // Import Internal Dependencies import { consolePrinter } from "../../../../lib/console-printer/index.js"; diff --git a/src/configuration/external/standardize.spec.ts b/src/configuration/external/standardize.spec.ts index 9214913..4b75930 100644 --- a/src/configuration/external/standardize.spec.ts +++ b/src/configuration/external/standardize.spec.ts @@ -1,6 +1,10 @@ +// Import Node.js Dependencies +import assert from "node:assert"; +import path from "node:path"; +import { describe, it } from "node:test"; + // Import Third-party Dependencies import { RC as NodeSecureRuntimeConfig } from "@nodesecure/rc"; -import { expect } from "chai"; // Import Internal Dependencies import { IgnorePatterns } from "../../configuration/external/nodesecure/ignore-file"; @@ -26,7 +30,7 @@ describe("Standardize CLI/API configuration to Nsci runtime configuration", () = }; const finalConfig = { - rootDir: `${cwd}/src`, + rootDir: path.join(cwd, "src"), strategy: "NPM_AUDIT", reporters: ["console", "html"], vulnerabilitySeverity: "all", @@ -34,11 +38,12 @@ describe("Standardize CLI/API configuration to Nsci runtime configuration", () = ignorePatterns: IgnorePatterns.default() }; - expect( + assert.deepEqual( standardizeExternalConfiguration( externalOptions as ExternalRuntimeConfiguration - ) - ).to.deep.equal(finalConfig); + ), + finalConfig + ); }); }); @@ -92,11 +97,12 @@ describe("Standardize CLI/API configuration to Nsci runtime configuration", () = partialOrInvalidConfigThatShouldFallbackToDefaultRC.forEach( // eslint-disable-next-line max-nested-callbacks (partialConfig) => { - expect( + assert.deepEqual( standardizeExternalConfiguration( partialConfig as ExternalRuntimeConfiguration - ) - ).to.deep.equal(Nsci.defaultNsciRuntimeConfiguration); + ), + Nsci.defaultNsciRuntimeConfiguration + ); } ); }); @@ -124,7 +130,7 @@ it("should standardize NodeSecure runtime configuration to Nsci runtime configur standardizeAllApisOptions(partialCfg) ); - expect(standardizedCfg).to.deep.equal({ + assert.deepEqual(standardizedCfg, { reporters: ["console"], rootDir: process.cwd(), strategy: "SNYK", diff --git a/src/configuration/manage.spec.ts b/src/configuration/manage.spec.ts index 4b18b01..bd63654 100644 --- a/src/configuration/manage.spec.ts +++ b/src/configuration/manage.spec.ts @@ -1,10 +1,11 @@ // Import Node.js Dependencies -import { unlinkSync } from "fs"; -import path from "path"; +import assert from "node:assert"; +import { unlinkSync } from "node:fs"; +import path from "node:path"; +import { describe, it } from "node:test"; // Import Third-party Dependencies import { write } from "@nodesecure/rc"; -import { expect } from "chai"; // Import Internal Dependencies import { @@ -23,14 +24,11 @@ describe("When managing the runtime configuration", () => { const optionsFromCliOrApi: ApiConfig | CliConfig = {} as unknown as ApiConfig; - const { configMode, runtimeConfig } = await selectRuntimeConfig( - optionsFromCliOrApi - ); + const { configMode, runtimeConfig } = + await selectRuntimeConfig(optionsFromCliOrApi); - expect(configMode).to.deep.equal("raw"); - expect(runtimeConfig).to.deep.equal( - Nsci.defaultNsciRuntimeConfiguration - ); + assert.deepEqual(configMode, "raw"); + assert.deepEqual(runtimeConfig, Nsci.defaultNsciRuntimeConfiguration); }); }); describe("When providing options from the CLI or API", () => { @@ -43,12 +41,11 @@ describe("When managing the runtime configuration", () => { reporters: ["html"] }; - const { configMode, runtimeConfig } = await selectRuntimeConfig( - optionsFromCliOrApi - ); + const { configMode, runtimeConfig } = + await selectRuntimeConfig(optionsFromCliOrApi); - expect(configMode).to.deep.equal("raw"); - expect(runtimeConfig).to.deep.equal({ + assert.deepEqual(configMode, "raw"); + assert.deepEqual(runtimeConfig, { /** * Spreading default Nsci config just for being explicit with the * expected behavior which is starting from the default Nsci config @@ -97,12 +94,11 @@ describe("When managing the runtime configuration", () => { partialUpdate: true }); - const { configMode, runtimeConfig } = await selectRuntimeConfig( - optionsFromCliOrApi - ); + const { configMode, runtimeConfig } = + await selectRuntimeConfig(optionsFromCliOrApi); - expect(configMode).to.deep.equal("file"); - expect(runtimeConfig).to.deep.equal({ + assert.deepEqual(configMode, "file"); + assert.deepEqual(runtimeConfig, { // Starting from the default config ...Nsci.defaultNsciRuntimeConfiguration, /** diff --git a/src/reporting/reporters/post-pipeline/console/dependency-warnings.ts b/src/reporting/reporters/post-pipeline/console/dependency-warnings.ts index 9c66d15..4530b76 100644 --- a/src/reporting/reporters/post-pipeline/console/dependency-warnings.ts +++ b/src/reporting/reporters/post-pipeline/console/dependency-warnings.ts @@ -50,7 +50,7 @@ function collectDependencyWarningsConsoleMessages( ).message; warningLocation = consolePrinter.font.info( - `${warning.location.flatMap((location) => location.join(":"))}` + `${warning.location!.flatMap((location) => location.join(":"))}` ).message; } @@ -201,7 +201,8 @@ export function buildDependenciesWarningsOutcomeMessage( .otherwise(() => buildOutcomeStatsConsoleMessage( allWarnings, - // eslint-disable-next-line no-nested-ternary + /* eslint-disable no-nested-ternary */ + /* eslint-disable prettier/prettier */ warningsWithError > 0 ? Nsci.warnings.ERROR : allWarnings > 0 diff --git a/src/reporting/reporters/post-pipeline/console/outcome.ts b/src/reporting/reporters/post-pipeline/console/outcome.ts index 3db0a7c..ceb8d02 100644 --- a/src/reporting/reporters/post-pipeline/console/outcome.ts +++ b/src/reporting/reporters/post-pipeline/console/outcome.ts @@ -66,7 +66,9 @@ export function printPipelineOutcome( .bold() .print(); } else { - consolePrinter.font.highlightedError("✖ [FAILURE] Pipeline failed").print(); + consolePrinter.font + .highlightedError("✖ [FAILURE] Pipeline failed") + .print(); } consolePrinter.util.emptyLine();