chore: prettier

.eslintrc

@@ -1,51 +1,17 @@
 {
   "parserOptions": {
-    "ecmaVersion": 2017
+    "ecmaVersion": 2015
   },
   "env": {
     "node": true,
     "es6": true
   },
+  "extends": [
+    "eslint:recommended",
+    "eslint-config-prettier"
+  ],
   "rules": {
-    "array-bracket-spacing": [2, "never"],
-    "block-scoped-var": 2,
-    "brace-style": 2,
-    "camelcase": 1,
-    "comma-dangle": ["error", "always-multiline"],
-    "computed-property-spacing": [2, "never"],
-    "curly": 2,
-    "eol-last": 2,
-    "eqeqeq": [2, "smart"],
-    "guard-for-in": 2,
-    "indent": [
-      2,
-      2,
-      {
-        "SwitchCase": 1
-      }
-    ],
-    "max-depth": [1, 5],
-    "max-len": [1, 120],
-    "max-statements": [1, 100],
-    "new-cap": 0,
-    "no-caller": 2,
-    "no-else-return": 2,
-    "no-extend-native": 2,
-    "no-mixed-spaces-and-tabs": 2,
-    "no-trailing-spaces": 2,
-    "no-undef": 2,
-    "no-unused-vars": 1,
-    "no-use-before-define": [2, "nofunc"],
-    "quotes": [2, "single", "avoid-escape"],
-    "semi": [2, "always"],
-    "keyword-spacing": [2, {"before": true, "after": true}],
-    "space-before-function-paren": [
-      2,
-      {
-        "anonymous": "ignore",
-        "named": "never"
-      }
-    ],
-    "space-unary-ops": 2
+    "no-console": "warn",
+    "no-empty": "warn",
   }
 }

.prettierrc.json

@@ -0,0 +1,6 @@
+{
+  "arrowParens": "always",
+  "trailingComma": "es5",
+  "singleQuote": true,
+  "htmlWhitespaceSensitivity": "ignore"
+}

lib/add.js

@@ -16,13 +16,15 @@ function add(policy, type, options) {
 
   const id = options.id;
   const path = options.path;
-  const data = Object.keys(options).reduce(function (acc, curr) {
+  const data = Object.keys(options).reduce(function(acc, curr) {
     if (curr === 'id' || curr === 'path') {
       return acc;
     }
 
-    if (curr === 'reasonType' &&
-      validReasonTypes.indexOf(options[curr]) === -1) {
+    if (
+      curr === 'reasonType' &&
+      validReasonTypes.indexOf(options[curr]) === -1
+    ) {
       throw new Error('invalid reasonType ' + options[curr]);
     }
 

lib/filter/get-vuln-source.js

@@ -6,10 +6,10 @@ const debug = require('debug')('snyk:policy');
 const resolve = require('snyk-resolve');
 const path = require('path');
 const statSync = require('fs').statSync;
-let {parsePackageString: moduleToObject} = require('snyk-module');
+let { parsePackageString: moduleToObject } = require('snyk-module');
 
 function getVulnSource(vuln, cwd, live) {
-  const from = vuln.from.slice(1).map(function (pkg) {
+  const from = vuln.from.slice(1).map(function(pkg) {
     return moduleToObject(pkg).name;
   });
 
@@ -19,9 +19,7 @@ function getVulnSource(vuln, cwd, live) {
     from.join('/node_modules/')
   );
 
-  let source = vuln.__filename ?
-    path.dirname(vuln.__filename) :
-    viaPath;
+  let source = vuln.__filename ? path.dirname(vuln.__filename) : viaPath;
 
   // try to stat the directory, if it throws, it doesn't exist...
   try {
@@ -47,4 +45,3 @@ function getVulnSource(vuln, cwd, live) {
 
   return source;
 }
-

lib/filter/ignore.js

@@ -17,67 +17,77 @@ function filterIgnored(ignore, vuln, filtered) {
   }
 
   debug('filtering ignored');
-  const now = (new Date()).toJSON();
+  const now = new Date().toJSON();
 
-  return vuln.map(function (vuln) {
-    if (!ignore[vuln.id]) {
-      return vuln;
-    }
+  return vuln
+    .map(function(vuln) {
+      if (!ignore[vuln.id]) {
+        return vuln;
+      }
 
-    debug('%s has rules', vuln.id);
+      debug('%s has rules', vuln.id);
 
-    // logic: loop through all rules (from `ignore[vuln.id]`), and if *any* dep
-    // paths match our vuln.from dep chain AND the rule hasn't expired, then the
-    // vulnerability is ignored. if none of the rules match, then let we'll
-    // keep it.
+      // logic: loop through all rules (from `ignore[vuln.id]`), and if *any* dep
+      // paths match our vuln.from dep chain AND the rule hasn't expired, then the
+      // vulnerability is ignored. if none of the rules match, then let we'll
+      // keep it.
 
-    // if rules.find, then ignore vuln
-    const appliedRules = ignore[vuln.id].filter(function (rule) {
-      const path = Object.keys(rule)[0]; // this is a string
-      let expires = rule[path].expires;
+      // if rules.find, then ignore vuln
+      const appliedRules = ignore[vuln.id].filter(function(rule) {
+        const path = Object.keys(rule)[0]; // this is a string
+        let expires = rule[path].expires;
 
-      if (expires && expires.toJSON) {
-        expires = expires.toJSON();
-      }
+        if (expires && expires.toJSON) {
+          expires = expires.toJSON();
+        }
 
-      // first check if the path is a match on the rule
-      const pathMatch = matchToRule(vuln, rule);
+        // first check if the path is a match on the rule
+        const pathMatch = matchToRule(vuln, rule);
 
-      if (pathMatch && expires && expires < now) {
-        debug('%s vuln rule has expired (%s)', vuln.id, expires);
-        return false;
-      }
+        if (pathMatch && expires && expires < now) {
+          debug('%s vuln rule has expired (%s)', vuln.id, expires);
+          return false;
+        }
 
-      if (pathMatch && rule[path].disregardIfFixable &&
-        (vuln.isUpgradable || vuln.isPatchable)) {
-        debug('%s vuln is fixable and rule is set to disregard if fixable',
-          vuln.id);
-        return false;
-      }
+        if (
+          pathMatch &&
+          rule[path].disregardIfFixable &&
+          (vuln.isUpgradable || vuln.isPatchable)
+        ) {
+          debug(
+            '%s vuln is fixable and rule is set to disregard if fixable',
+            vuln.id
+          );
+          return false;
+        }
 
-      if (pathMatch) {
-        if (debug.enabled) {
-          debug('ignoring based on path match: %s ~= %s', path,
-            vuln.from.slice(1).join(' > '));
+        if (pathMatch) {
+          if (debug.enabled) {
+            debug(
+              'ignoring based on path match: %s ~= %s',
+              path,
+              vuln.from.slice(1).join(' > ')
+            );
+          }
+          return true;
         }
-        return true;
+
+        return false;
+      });
+
+      if (appliedRules.length) {
+        vuln.filtered = {
+          ignored: appliedRules.map(function(rule) {
+            const path = Object.keys(rule)[0];
+            const ruleData = cloneDeep(rule[path]);
+            ruleData.path = path.split(' > ');
+            return ruleData;
+          }),
+        };
+        filtered.push(vuln);
       }
 
-      return false;
-    });
-
-    if (appliedRules.length) {
-      vuln.filtered = {
-        ignored: appliedRules.map(function (rule) {
-          const path = Object.keys(rule)[0];
-          const ruleData = cloneDeep(rule[path]);
-          ruleData.path = path.split(' > ');
-          return ruleData;
-        }),
-      };
-      filtered.push(vuln);
-    }
-
-    return appliedRules.length ? false : vuln;
-  }).filter(Boolean);
+      return appliedRules.length ? false : vuln;
+    })
+    .filter(Boolean);
 }

lib/filter/index.js

@@ -36,11 +36,7 @@ function filter(vulns, policy, root) {
   );
 
   if (policy.suggest) {
-    vulns.vulnerabilities = notes(
-      policy.suggest,
-      vulns.vulnerabilities,
-      root
-    );
+    vulns.vulnerabilities = notes(policy.suggest, vulns.vulnerabilities, root);
   }
 
   // if there's no vulns after the ignore process, let's reset the `ok`
@@ -64,7 +60,7 @@ function filter(vulns, policy, root) {
     };
     const level = levels[policy.failThreshold];
     vulns.ok = true;
-    vulns.vulnerabilities.some(function (vuln) {
+    vulns.vulnerabilities.some(function(vuln) {
       if (levels[vuln.severity] >= level) {
         vulns.ok = false;
         return true; // breaks

lib/filter/notes.js

@@ -8,17 +8,17 @@ function attachNotes(notes, vuln) {
     return vuln;
   }
   debug('attaching notes');
-  const now = (new Date()).toJSON();
+  const now = new Date().toJSON();
 
-  return vuln.map(function (vuln) {
+  return vuln.map(function(vuln) {
     if (!notes[vuln.id]) {
       return vuln;
     }
 
     debug('%s has rules', vuln.id);
 
     // if rules.some, then add note to the vuln
-    notes[vuln.id].forEach(function (rule) {
+    notes[vuln.id].forEach(function(rule) {
       const path = Object.keys(rule)[0]; // this is a string
       let expires = rule[path].expires;
 
@@ -34,22 +34,33 @@ function attachNotes(notes, vuln) {
         return false;
       }
 
-      if (pathMatch && rule[path].disregardIfFixable &&
-        (vuln.upgradePath.length || vuln.patches.length)) {
-        debug('%s vuln is fixable and rule is set to disregard if fixable',
-          vuln.id);
+      if (
+        pathMatch &&
+        rule[path].disregardIfFixable &&
+        (vuln.upgradePath.length || vuln.patches.length)
+      ) {
+        debug(
+          '%s vuln is fixable and rule is set to disregard if fixable',
+          vuln.id
+        );
         return false;
       }
 
       if (pathMatch) {
         // strip any control characters in the 3rd party reason file
         const reason = rule[path].reason.replace('/[\x00-\x1F\x7F-\x9F]/u', '');
         if (debug.enabled) {
-          debug('adding note based on path match: %s ~= %s', path,
-            vuln.from.slice(1).join(' > '));
+          debug(
+            'adding note based on path match: %s ~= %s',
+            path,
+            vuln.from.slice(1).join(' > ')
+          );
         }
-        vuln.note = 'Snyk policy in ' + rule[path].from +
-          ' suggests ignoring this issue, with reason: ' + reason;
+        vuln.note =
+          'Snyk policy in ' +
+          rule[path].from +
+          ' suggests ignoring this issue, with reason: ' +
+          reason;
       }
 
       return false;