Documentation
¶
Overview ¶
audits package checks for audit issues and automatically files bugs.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewNpmProjectAudit ¶
func NewNpmProjectAudit(ctx context.Context, projectName, repoURL, gitBranch, packageFilesDir, workDir string, httpClient *http.Client, dbClient types.NpmDB, issueTrackerConfig *config.IssueTrackerConfig, auditDevDependencies bool) (types.ProjectAudit, error)
NewNpmProjectAudit periodically downloads package.json/package-lock.json from gitiles and runs audit on it.
Types ¶
type NpmProjectAudit ¶
type NpmProjectAudit struct {
// contains filtered or unexported fields
}
NpmProjectAudit implements the types.ProjectAudit interface.
func (*NpmProjectAudit) StartAudit ¶
func (a *NpmProjectAudit) StartAudit(ctx context.Context, pollInterval time.Duration)
StartAudit runs `npm audit` on the project's package.json/package-lock.json files. If there are any high severity issues reported then the following algorithm will be used: * Check in the DB to see if an audit issue has been filed. * If issue has not been filed:
- File a new issue and add it to the DB.
* Else if issue has been filed:
- Check to see if the issue has been closed.
- If issue is closed:
- Check to see if the issue is closed more than fileAuditIssueAfterThreshold duration ago.
- If it is older then file a new issue and add it to the DB.
- Else do nothing.
- Else if issue is still open then do nothing.
StartAudit implements the types.ProjectAudit interface.
Source Files
Click to show internal directories.
Click to hide internal directories.