-
Notifications
You must be signed in to change notification settings - Fork 179
Expand file tree
/
Copy pathhook.js
More file actions
43 lines (39 loc) · 1.12 KB
/
hook.js
File metadata and controls
43 lines (39 loc) · 1.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
// SPDX-FileCopyrightText: the secureCodeBox authors
//
// SPDX-License-Identifier: Apache-2.0
import { isMatch, merge } from "lodash-es";
export async function handle({
getFindings,
updateFindings,
rules = JSON.parse(process.env["RULES"]),
}) {
const findings = await getFindings();
const res = applyRules(rules, findings);
if (res.hasChanged) {
await updateFindings(res.findings);
}
}
/**
* Goes through the Findings and the Finding Post Processing Rules
* and applies the changes to the findings defined in the rules if matching
*/
function applyRules(rules, findings) {
let hasChanged = false;
const newFindings = findings.map((finding) => {
let newFinding = finding;
for (const rule of rules) {
const isRuleMatching = rule.matches.anyOf.some((condition) =>
isMatch(finding, condition),
);
if (isRuleMatching) {
hasChanged = true;
newFinding = postProcessFinding(finding, rule);
}
}
return newFinding;
});
return { hasChanged, findings: newFindings };
}
function postProcessFinding(finding, rule) {
return merge(finding, rule.override);
}