FilesExpand file tree

 v5.0.0

/

parser-utils.js

Copy path

BlameMore file actions

BlameMore file actions

Latest commit

 

History

History

History

81 lines (72 loc) · 2.08 KB

 v5.0.0

/

parser-utils.js

Top

File metadata and controls

• Code
• Blame

81 lines (72 loc) · 2.08 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

// SPDX-FileCopyrightText: the secureCodeBox authors

//

// SPDX-License-Identifier: Apache-2.0

import { readFile } from "node:fs/promises";

import { randomUUID } from "node:crypto";

import addFormats from "ajv-formats";

import { get } from "jsonpointer";

import Ajv from "ajv-draft-04";

const ajv = new Ajv();

addFormats(ajv);

export async function validate(findings) {

const jsonSchemaString = await readFile(

import.meta.dirname + "/findings-schema.json",

"utf8",

);

const jsonSchema = JSON.parse(jsonSchemaString);

const validator = ajv.compile(jsonSchema);

const valid = validator(findings);

if (!valid) {

const errorMessage = generateErrorMessage(validator.errors, findings);

throw new Error(errorMessage);

}

}

export function addScanMetadata(findings, scan) {

const scanMetadata = {

created_at: scan.metadata.creationTimestamp,

name: scan.metadata.name,

namespace: scan.metadata.namespace,

scan_type: scan.spec.scanType,

};

return findings.map((finding) => ({

...finding,

scan: scanMetadata,

}));

}

export function addIdsAndDates(findings) {

return findings.map((finding) => {

return {

...finding,

id: randomUUID(),

parsed_at: new Date().toISOString(),

};

});

}

// used for tests to validate if the parser sets all required fields correctly. Adds sample IDs and Dates to the findings which would normally be set by the parser-sdk.

export async function validateParser(findings) {

const sampleScan = {

metadata: {

creationTimestamp: new Date().toISOString(),

name: "sample-scan-name",

namespace: "sample-namespace",

},

spec: {

scanType: "sample-scan-type",

},

};

// add sample IDs and Dates only if the findings Array is not empty

const extendedData = addScanMetadata(addIdsAndDates(findings), sampleScan);

return validate(extendedData);

}

function generateErrorMessage(errors, findings) {

return JSON.stringify(

errors.map((error) => {

return {

...error,

invalidValue: get(findings, error.instancePath),

};

}),

null,

2,

);

}