|
1 | | -// TODO: Figure out how to make API async-safe. |
2 | | -// TODO: Always use String in API, since &str can't easily cross JS boundary. |
3 | | -// TODO: Auto-generate interface types? |
4 | | -// TODO: Auto-generate the entire file? |
5 | | -// TODO: Document methods. |
6 | | - |
7 | 1 | export class PhylumApi { |
| 2 | + /// Analyze dependencies in a lockfile. |
| 3 | + /// |
| 4 | + /// Returns the Job ID, which can later be queried with `getJobStatus`. |
| 5 | + /// |
| 6 | + /// This expects a `.phylum_project` file to be present if the `project` |
| 7 | + /// parameter is undefined. |
8 | 8 | static async analyze(lockfile: string, project?: string, group?: string): string { |
9 | 9 | return await Deno.core.opAsync('analyze', lockfile, project, group); |
10 | 10 | } |
11 | 11 |
|
12 | | - static async getUserInfo(): UserInfo { |
| 12 | + /// Get info about the logged in user. |
| 13 | + static async getUserInfo(): object { |
13 | 14 | return await Deno.core.opAsync('get_user_info'); |
14 | 15 | } |
15 | 16 |
|
| 17 | + /// Get the current short-lived API access token. |
16 | 18 | static async getAccessToken(): string { |
17 | 19 | return await Deno.core.opAsync('get_access_token'); |
18 | 20 | } |
19 | 21 |
|
| 22 | + /// Get the long-lived user refresh token. |
20 | 23 | static async getRefreshToken(): string { |
21 | 24 | return await Deno.core.opAsync('get_refresh_token'); |
22 | 25 | } |
23 | 26 |
|
24 | | - static async getJobStatus(jobId?: string): JobStatusResponse { |
| 27 | + /// Get job results. |
| 28 | + static async getJobStatus(jobId?: string): object { |
25 | 29 | return await Deno.core.opAsync('get_job_status', jobId); |
26 | 30 | } |
27 | 31 |
|
28 | | - static async getProjectDetails(projectName?: string): ProjectDetailsResponse { |
| 32 | + /// Get project info. |
| 33 | + /// |
| 34 | + /// This expects a `.phylum_project` file to be present if the `project` |
| 35 | + /// parameter is undefined. |
| 36 | + static async getProjectDetails(projectName?: string): object { |
29 | 37 | return await Deno.core.opAsync('get_project_details', projectName); |
30 | 38 | } |
31 | 39 |
|
32 | | - static async getPackageDetails(name: string, version: string, packageType: string): Package { |
| 40 | + /// Get analysis results for a single package. |
| 41 | + /// |
| 42 | + /// This will not start a new package analysis, but only retrieve previous |
| 43 | + /// analysis results. |
| 44 | + static async getPackageDetails(name: string, version: string, packageType: string): object { |
33 | 45 | return await Deno.core.opAsync('get_package_details', name, version, packageType); |
34 | 46 | } |
35 | 47 | } |
36 | | - |
37 | | -export interface UserInfo { |
38 | | - email: string; |
39 | | - sub?: string; |
40 | | - name?: string; |
41 | | - given_name?: string; |
42 | | - family_name?: string; |
43 | | - preferred_username?: string; |
44 | | - email_verified?: boolean; |
45 | | -} |
46 | | - |
47 | | -export interface JobStatus { |
48 | | - /// The id of the job processing the top level package |
49 | | - job_id: string; |
50 | | - /// The language ecosystem |
51 | | - ecosystem: string; |
52 | | - /// The id of the user submitting the job |
53 | | - user_id: string; |
54 | | - /// The user email |
55 | | - user_email: string; |
56 | | - /// The time the job started in epoch seconds |
57 | | - created_at: number; |
58 | | - /// The job status |
59 | | - status: string; |
60 | | - /// The current score |
61 | | - score: number; |
62 | | - /// Whether the job passed the thresholds |
63 | | - pass: boolean; |
64 | | - /// The threshold pass status message |
65 | | - msg: string; |
66 | | - /// The action to take if the job fails |
67 | | - action: string; |
68 | | - /// Dependencies that have not completed processing |
69 | | - num_incomplete: number; |
70 | | - /// The last time the job metadata was updated |
71 | | - last_updated: number; |
72 | | - /// The id of the project associated with this job |
73 | | - project: string; |
74 | | - /// The project name |
75 | | - project_name: string; |
76 | | - /// A label associated with this job, most often a branch name |
77 | | - label?: string; |
78 | | - /// The currently configured threshholds for this job. If the scores fall |
79 | | - /// below these thresholds, then the client should undertake the action |
80 | | - /// spelled out by the action field. |
81 | | - thresholds: ProjectThresholds; |
82 | | - /// The packages that are a part of this job |
83 | | - packages: [PackageStatus]; |
84 | | -} |
85 | | - |
86 | | -export interface ProjectThresholds { |
87 | | - author: number; |
88 | | - engineering: number; |
89 | | - license: number; |
90 | | - malicious: number; |
91 | | - total: number; |
92 | | - vulnerability: number; |
93 | | -} |
94 | | - |
95 | | -export interface PackageStatus { |
96 | | - name: string; |
97 | | - version: string; |
98 | | - status: string; |
99 | | - last_updated: number; |
100 | | - license?: string; |
101 | | - package_score: number; |
102 | | - num_dependencies: number; |
103 | | - num_vulnerabilities: number; |
104 | | - /// The package_type, npm, etc. |
105 | | - type: string; |
106 | | - riskVectors: Map<string, number>; |
107 | | - dependencies: Map<string, string>; |
108 | | - issues: [Issue]; |
109 | | -} |
110 | | - |
111 | | -export interface Issue { |
112 | | - tag?: string; |
113 | | - id?: string; |
114 | | - title: string; |
115 | | - description: string; |
116 | | - severity: string; |
117 | | - domain: string; |
118 | | -} |
119 | | - |
120 | | -// pub struct ProjectDetailsResponse { |
121 | | -// /// The project name |
122 | | -// pub name: String, |
123 | | -// /// The project id |
124 | | -// pub id: String, |
125 | | -// /// The project ecosystem / package type |
126 | | -// pub ecosystem: String, |
127 | | -// /// The configured risk cutoff thresholds for the project |
128 | | -// pub thresholds: ProjectThresholds, |
129 | | -// /// Most recent analysis job runs |
130 | | -// pub jobs: Vec<JobDescriptor>, |
131 | | -// } |
132 | | - |
133 | | -// pub struct JobDescriptor { |
134 | | -// pub job_id: JobId, |
135 | | -// pub project: String, |
136 | | -// pub label: String, |
137 | | -// pub num_dependencies: u32, |
138 | | -// pub score: f64, |
139 | | -// pub packages: Vec<PackageDescriptor>, |
140 | | -// pub pass: bool, |
141 | | -// pub msg: String, |
142 | | -// pub date: String, |
143 | | -// pub ecosystem: String, |
144 | | -// #[serde(default)] |
145 | | -// pub num_incomplete: u32, |
146 | | -// } |
147 | | - |
148 | | -// pub struct PackageDescriptor { |
149 | | -// pub name: String, |
150 | | -// pub version: String, |
151 | | -// #[serde(rename = "type")] |
152 | | -// pub package_type: PackageType, |
153 | | -// } |
154 | | - |
155 | | -// pub struct Package { |
156 | | -// pub id: String, |
157 | | -// pub name: String, |
158 | | -// pub version: String, |
159 | | -// pub registry: String, |
160 | | -// pub published_date: Option<String>, |
161 | | -// pub latest_version: Option<String>, |
162 | | -// pub versions: Vec<ScoredVersion>, |
163 | | -// pub description: Option<String>, |
164 | | -// pub license: Option<String>, |
165 | | -// pub dep_specs: Vec<PackageSpecifier>, |
166 | | -// pub dependencies: Option<Vec<Package>>, |
167 | | -// pub download_count: u32, |
168 | | -// pub risk_scores: RiskScores, |
169 | | -// pub total_risk_score_dynamics: Option<Vec<ScoreDynamicsPoint>>, |
170 | | -// pub issues_details: Vec<Issue>, |
171 | | -// pub issues: Vec<IssuesListItem>, |
172 | | -// pub authors: Vec<Author>, |
173 | | -// pub developer_responsiveness: Option<DeveloperResponsiveness>, |
174 | | -// pub issue_impacts: IssueImpacts, |
175 | | -// pub complete: bool, |
176 | | -// } |
0 commit comments