How to use snyk-policy - 7 common examples

To help you get started, we’ve selected a few snyk-policy examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github snyk / snyk / src / cli / commands / ignore.ts View on Github external
options.expiry = new Date(options.expiry);
      if (options.expiry.getTime() !== options.expiry.getTime()) {
        debug('No/invalid expiry given, using the default 30 days');
        options.expiry = new Date(Date.now() + 30 * 24 * 60 * 60 * 1000);
      }
      if (!options.reason) {
        options.reason = 'None Given';
      }

      debug(
        'changing policy: ignore "%s", for all paths, reason: "%s", until: %o',
        options.id,
        options.reason,
        options.expiry,
      );
      return policy
        .load(options['policy-path'])
        .catch((error) => {
          if (error.code === 'ENOENT') {
            // file does not exist - create it
            return policy.create();
          }
          throw Error('policyFile');
        })
        .then(function ignoreIssue(pol) {
          pol.ignore[options.id] = [
            {
              '*': {
                reason: options.reason,
                expires: options.expiry,
              },
            },
github snyk / snyk / src / cli / commands / ignore.ts View on Github external
.catch((error) => {
          if (error.code === 'ENOENT') {
            // file does not exist - create it
            return policy.create();
          }
          throw Error('policyFile');
        })
        .then(function ignoreIssue(pol) {
github snyk / snyk / src / cli / commands / policy.ts View on Github external
async function displayPolicy(path?: string): Promise {
  try {
    const loadedPolicy = (await policy.load(path || process.cwd())) as Promise<
      string
    >;
    return await display(loadedPolicy);
  } catch (error) {
    let adaptedError: CustomError;
    if (error.code === 'ENOENT') {
      adaptedError = new PolicyNotFoundError();
    } else {
      adaptedError = new FailedToLoadPolicyError();
      adaptedError.innerError = error;
    }
    throw adaptedError;
  }
}
github snyk / snyk / src / cli / commands / policy.js View on Github external
function displayPolicy(path) {
  return policy.load(path || process.cwd())
    .then(display)
    .catch((e) => {
      let error;
      if (e.code === 'ENOENT') {
        error = new errors.PolicyNotFoundError();
      } else {
        error = new errors.FailedToLoadPolicyError();
        error.innerError = e;
      }
      throw error;
    });
}
github snyk / snyk / src / lib / display-policy.ts View on Github external
export async function display(policy) {
  const p = demunge(policy, config.ROOT);
  let res =
    chalk.bold(
      'Current Snyk policy, read from ' + policy.__filename + ' file',
    ) + '\n';
  res += 'Modified: ' + policy.__modified + '\n';
  res += 'Created:  ' + policy.__created + '\n';

  res += p.patch.map(displayRule('Patch vulnerability')).join('\n');
  if (p.patch.length && p.ignore.length) {
    res += '\n\n------------------------\n';
  }
  res += p.ignore.map(displayRule('Ignore')).join('\n');

  return Promise.resolve(res);
}
github snyk / snyk / src / cli / commands / protect / prompts.ts View on Github external
prompts = prompts.reduce((acc: Prompt[], curr) => {
    acc.push(curr);
    const rule = snykPolicy.getByVuln(policy, curr.choices![0].value.vuln);
    let defaultAnswer = 'None given';
    if (rule && rule.type === 'ignore') {
      defaultAnswer = rule.reason;
    }
    const issue =
      curr.choices![0].value.vuln &&
      curr.choices![0].value.vuln.type === 'license'
        ? 'issue'
        : 'vulnerability';
    acc.push({
      name: curr.name + '-reason',
      message: '[audit] Reason for ignoring ' + issue + '?',
      default: defaultAnswer,
      when(answers) {
        if (!answers[curr.name]) {
          return false;
github snyk / snyk / src / cli / commands / ignore.ts View on Github external
.then(function ignoreIssue(pol) {
          pol.ignore[options.id] = [
            {
              '*': {
                reason: options.reason,
                expires: options.expiry,
              },
            },
          ];
          policy.save(pol, options['policy-path']);
        });
    });

snyk-policy

Snyk's policy parser and matching logic

Apache-2.0
Latest version published 9 months ago

Package Health Score

71 / 100
Full package analysis