Merge pull request #37 from snyk/chore/prettier

chore: var->const, and prettier
snyk · Feb 14, 2020 · 19ec76a · 19ec76a
2 parents b143a76 + 1e7f331
commit 19ec76a
Show file tree

Hide file tree

Showing 39 changed files with 1,233 additions and 1,027 deletions.
diff --git a/.eslintrc b/.eslintrc
@@ -1,51 +1,17 @@
 {
   "parserOptions": {
-    "ecmaVersion": 2017
+    "ecmaVersion": 2015
   },
   "env": {
     "node": true,
     "es6": true
   },
+  "extends": [
+    "eslint:recommended",
+    "eslint-config-prettier"
+  ],
   "rules": {
-    "array-bracket-spacing": [2, "never"],
-    "block-scoped-var": 2,
-    "brace-style": 2,
-    "camelcase": 1,
-    "comma-dangle": ["error", "always-multiline"],
-    "computed-property-spacing": [2, "never"],
-    "curly": 2,
-    "eol-last": 2,
-    "eqeqeq": [2, "smart"],
-    "guard-for-in": 2,
-    "indent": [
-      2,
-      2,
-      {
-        "SwitchCase": 1
-      }
-    ],
-    "max-depth": [1, 5],
-    "max-len": [1, 120],
-    "max-statements": [1, 100],
-    "new-cap": 0,
-    "no-caller": 2,
-    "no-else-return": 2,
-    "no-extend-native": 2,
-    "no-mixed-spaces-and-tabs": 2,
-    "no-trailing-spaces": 2,
-    "no-undef": 2,
-    "no-unused-vars": 1,
-    "no-use-before-define": [2, "nofunc"],
-    "quotes": [2, "single", "avoid-escape"],
-    "semi": [2, "always"],
-    "keyword-spacing": [2, {"before": true, "after": true}],
-    "space-before-function-paren": [
-      2,
-      {
-        "anonymous": "ignore",
-        "named": "never"
-      }
-    ],
-    "space-unary-ops": 2
+    "no-console": "warn",
+    "no-empty": "warn",
   }
 }
diff --git a/.prettierrc.json b/.prettierrc.json
@@ -0,0 +1,6 @@
+{
+  "arrowParens": "always",
+  "trailingComma": "es5",
+  "singleQuote": true,
+  "htmlWhitespaceSensitivity": "ignore"
+}
diff --git a/README.md b/README.md
@@ -103,9 +103,9 @@ The first example rule (above) is how the policy is stored by default. However,
 Installed via npm: `npm install -S snyk-policy`. Typically loaded and applied to vulnerabilities:
 
 ```js
-var policy = require('snyk-policy');
+const policy = require('snyk-policy');
 
-var vulns = snyk.test('snyk-demo-app@1.0.0'); // assumes snyk is loaded
+const vulns = snyk.test('snyk-demo-app@1.0.0'); // assumes snyk is loaded
 policy.load(process.cwd()).then(rules => {
   console.log(rules.filter(vulns));
 });

diff --git a/lib/add.js b/lib/add.js
@@ -1,9 +1,9 @@
 module.exports = add;
 
-var debug = require('debug')('snyk:policy');
-var emailValidator = require('email-validator');
+const debug = require('debug')('snyk:policy');
+const emailValidator = require('email-validator');
 
-var validReasonTypes = ['not-vulnerable', 'wont-fix', 'temporary-ignore'];
+const validReasonTypes = ['not-vulnerable', 'wont-fix', 'temporary-ignore'];
 
 function add(policy, type, options) {
   if (type !== 'ignore' && type !== 'patch') {
@@ -14,15 +14,17 @@ function add(policy, type, options) {
     throw new Error('policy.add: required option props { id, path }');
   }
 
-  var id = options.id;
-  var path = options.path;
-  var data = Object.keys(options).reduce(function (acc, curr) {
+  const id = options.id;
+  const path = options.path;
+  const data = Object.keys(options).reduce(function(acc, curr) {
     if (curr === 'id' || curr === 'path') {
       return acc;
     }
 
-    if (curr === 'reasonType' &&
-      validReasonTypes.indexOf(options[curr]) === -1) {
+    if (
+      curr === 'reasonType' &&
+      validReasonTypes.indexOf(options[curr]) === -1
+    ) {
       throw new Error('invalid reasonType ' + options[curr]);
     }
 
@@ -49,7 +51,7 @@ function add(policy, type, options) {
     debug('policy.add: path already exists', policy[type][id][path]);
   }
 
-  var rule = {};
+  const rule = {};
   rule[path] = data;
 
   policy[type][id].push(rule);

diff --git a/lib/filter/get-vuln-source.js b/lib/filter/get-vuln-source.js
@@ -2,26 +2,24 @@
 
 module.exports = getVulnSource;
 
-var debug = require('debug')('snyk:policy');
-var resolve = require('snyk-resolve');
-var path = require('path');
-var statSync = require('fs').statSync;
-var { parsePackageString: moduleToObject } = require('snyk-module');
+const debug = require('debug')('snyk:policy');
+const resolve = require('snyk-resolve');
+const path = require('path');
+const statSync = require('fs').statSync;
+let { parsePackageString: moduleToObject } = require('snyk-module');
 
 function getVulnSource(vuln, cwd, live) {
-  var from = vuln.from.slice(1).map(function (pkg) {
+  const from = vuln.from.slice(1).map(function(pkg) {
     return moduleToObject(pkg).name;
   });
 
-  var viaPath = path.resolve(
+  const viaPath = path.resolve(
     cwd || process.cwd(),
     'node_modules',
     from.join('/node_modules/')
   );
 
-  var source = vuln.__filename ?
-    path.dirname(vuln.__filename) :
-    viaPath;
+  let source = vuln.__filename ? path.dirname(vuln.__filename) : viaPath;
 
   // try to stat the directory, if it throws, it doesn't exist...
   try {
@@ -47,4 +45,3 @@ function getVulnSource(vuln, cwd, live) {
 
   return source;
 }
-
diff --git a/lib/filter/ignore.js b/lib/filter/ignore.js
@@ -1,8 +1,8 @@
 module.exports = filterIgnored;
 
-var cloneDeep = require('lodash.clonedeep');
-var debug = require('debug')('snyk:policy');
-var matchToRule = require('../match').matchToRule;
+const cloneDeep = require('lodash.clonedeep');
+const debug = require('debug')('snyk:policy');
+const matchToRule = require('../match').matchToRule;
 
 // given an ignore ruleset (parsed from the .snyk yaml file) and a array of
 // vulnerabilities, return the vulnerabilities that *are not* ignored
@@ -17,67 +17,77 @@ function filterIgnored(ignore, vuln, filtered) {
   }
 
   debug('filtering ignored');
-  var now = (new Date()).toJSON();
+  const now = new Date().toJSON();
 
-  return vuln.map(function (vuln) {
-    if (!ignore[vuln.id]) {
-      return vuln;
-    }
+  return vuln
+    .map(function(vuln) {
+      if (!ignore[vuln.id]) {
+        return vuln;
+      }
 
-    debug('%s has rules', vuln.id);
+      debug('%s has rules', vuln.id);
 
-    // logic: loop through all rules (from `ignore[vuln.id]`), and if *any* dep
-    // paths match our vuln.from dep chain AND the rule hasn't expired, then the
-    // vulnerability is ignored. if none of the rules match, then let we'll
-    // keep it.
+      // logic: loop through all rules (from `ignore[vuln.id]`), and if *any* dep
+      // paths match our vuln.from dep chain AND the rule hasn't expired, then the
+      // vulnerability is ignored. if none of the rules match, then let we'll
+      // keep it.
 
-    // if rules.find, then ignore vuln
-    var appliedRules = ignore[vuln.id].filter(function (rule) {
-      var path = Object.keys(rule)[0]; // this is a string
-      var expires = rule[path].expires;
+      // if rules.find, then ignore vuln
+      const appliedRules = ignore[vuln.id].filter(function(rule) {
+        const path = Object.keys(rule)[0]; // this is a string
+        let expires = rule[path].expires;
 
-      if (expires && expires.toJSON) {
-        expires = expires.toJSON();
-      }
+        if (expires && expires.toJSON) {
+          expires = expires.toJSON();
+        }
 
-      // first check if the path is a match on the rule
-      var pathMatch = matchToRule(vuln, rule);
+        // first check if the path is a match on the rule
+        const pathMatch = matchToRule(vuln, rule);
 
-      if (pathMatch && expires && expires < now) {
-        debug('%s vuln rule has expired (%s)', vuln.id, expires);
-        return false;
-      }
+        if (pathMatch && expires && expires < now) {
+          debug('%s vuln rule has expired (%s)', vuln.id, expires);
+          return false;
+        }
 
-      if (pathMatch && rule[path].disregardIfFixable &&
-        (vuln.isUpgradable || vuln.isPatchable)) {
-        debug('%s vuln is fixable and rule is set to disregard if fixable',
-          vuln.id);
-        return false;
-      }
+        if (
+          pathMatch &&
+          rule[path].disregardIfFixable &&
+          (vuln.isUpgradable || vuln.isPatchable)
+        ) {
+          debug(
+            '%s vuln is fixable and rule is set to disregard if fixable',
+            vuln.id
+          );
+          return false;
+        }
 
-      if (pathMatch) {
-        if (debug.enabled) {
-          debug('ignoring based on path match: %s ~= %s', path,
-            vuln.from.slice(1).join(' > '));
+        if (pathMatch) {
+          if (debug.enabled) {
+            debug(
+              'ignoring based on path match: %s ~= %s',
+              path,
+              vuln.from.slice(1).join(' > ')
+            );
+          }
+          return true;
         }
-        return true;
+
+        return false;
+      });
+
+      if (appliedRules.length) {
+        vuln.filtered = {
+          ignored: appliedRules.map(function(rule) {
+            const path = Object.keys(rule)[0];
+            const ruleData = cloneDeep(rule[path]);
+            ruleData.path = path.split(' > ');
+            return ruleData;
+          }),
+        };
+        filtered.push(vuln);
       }
 
-      return false;
-    });
-
-    if (appliedRules.length) {
-      vuln.filtered = {
-        ignored: appliedRules.map(function (rule) {
-          var path = Object.keys(rule)[0];
-          var ruleData = cloneDeep(rule[path]);
-          ruleData.path = path.split(' > ');
-          return ruleData;
-        }),
-      };
-      filtered.push(vuln);
-    }
-
-    return appliedRules.length ? false : vuln;
-  }).filter(Boolean);
+      return appliedRules.length ? false : vuln;
+    })
+    .filter(Boolean);
 }
diff --git a/lib/filter/index.js b/lib/filter/index.js
@@ -1,9 +1,9 @@
 module.exports = filter;
 
-var debug = require('debug')('snyk:policy');
-var ignore = require('./ignore');
-var patch = require('./patch');
-var notes = require('./notes');
+const debug = require('debug')('snyk:policy');
+const ignore = require('./ignore');
+const patch = require('./patch');
+const notes = require('./notes');
 
 // warning: mutates vulns
 function filter(vulns, policy, root) {
@@ -15,7 +15,7 @@ function filter(vulns, policy, root) {
     return vulns;
   }
 
-  var filtered = {
+  const filtered = {
     ignore: [],
     patch: [],
   };
@@ -36,11 +36,7 @@ function filter(vulns, policy, root) {
   );
 
   if (policy.suggest) {
-    vulns.vulnerabilities = notes(
-      policy.suggest,
-      vulns.vulnerabilities,
-      root
-    );
+    vulns.vulnerabilities = notes(policy.suggest, vulns.vulnerabilities, root);
   }
 
   // if there's no vulns after the ignore process, let's reset the `ok`
@@ -57,14 +53,14 @@ function filter(vulns, policy, root) {
   if (policy.failThreshold && vulns.ok === false) {
     // check what's left and switch the failure flag if there's anything
     // under our threshold
-    var levels = {
+    const levels = {
       high: 3,
       medium: 2,
       low: 1,
     };
-    var level = levels[policy.failThreshold];
+    const level = levels[policy.failThreshold];
     vulns.ok = true;
-    vulns.vulnerabilities.some(function (vuln) {
+    vulns.vulnerabilities.some(function(vuln) {
       if (levels[vuln.severity] >= level) {
         vulns.ok = false;
         return true; // breaks