feat: cleaner code, tests, travis.yml

.gitignore

@@ -1,2 +1,5 @@
-node_modules
-data
+data
+/.nyc_output/
+/node_modules/
+.DS_Store
+npm-debug.log

.jscsrc

@@ -0,0 +1,14 @@
+{
+  "preset": "node-style-guide",
+  "requireCapitalizedComments": null,
+  "requireEarlyReturn": true,
+  "requireSpacesInAnonymousFunctionExpression": {
+    "beforeOpeningCurlyBrace": true,
+    "beforeOpeningRoundBrace": true
+  },
+  "disallowSpacesInNamedFunctionExpression": {
+    "beforeOpeningRoundBrace": true
+  },
+  "excludeFiles": ["node_modules/**"],
+  "disallowSpacesInFunction": null
+}

.jshintrc

@@ -0,0 +1,16 @@
+{
+  "browser": false,
+  "camelcase": true,
+  "curly": true,
+  "devel": true,
+  "eqeqeq": true,
+  "forin": true,
+  "indent": 2,
+  "noarg": true,
+  "node": true,
+  "quotmark": "single",
+  "undef": true,
+  "strict": false,
+  "unused": true
+}
+

.snyk

@@ -1,5 +1,5 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.7.0
+version: v1.7.1
 # ignores vulnerabilities until expiry date; change duration by modifying expiry date
 ignore:
   'npm:ms:20170412':
@@ -49,4 +49,4 @@ ignore:
 patch:
   'npm:marked:20170112':
     - marked:
-        patched: '2017-05-16T18:12:58.587Z'
+        patched: '2017-05-18T09:25:23.798Z'

.travis.yml

@@ -0,0 +1,21 @@
+sudo: false
+language: node_js
+cache:
+  directories:
+    - node_modules
+notifications:
+  email: false
+matrix:
+  include:
+    - node_js: "6"
+    - node_js: "4"
+    - node_js: "0.12"
+script:
+  - npm test
+before_script:
+  - npm prune
+after_success:
+  - npm run semantic-release
+branches:
+  only:
+    - master

index.js

@@ -0,0 +1,41 @@
+var fs = require('fs');
+var snykToHtml = require('./lib/snyk-to-html.js');
+var argv = require('minimist')(process.argv.slice(2));
+
+var template, source, output;
+
+if (argv.t) { // template
+  template = argv.t; // grab the next item
+  if (typeof template === 'boolean') {
+    template = __dirname + '/template/test-report.hbs';
+  }
+} else {
+  template = __dirname + '/template/test-report.hbs';
+}
+if (argv.i) { // input source
+  source = argv.i; // grab the next item
+  if (typeof source === 'boolean') {
+    source = undefined;
+  }
+}
+if (argv.o) { // output destination
+  output = argv.o; // grab the next item
+  if (typeof output === 'boolean') {
+    output = undefined;
+  }
+}
+
+snykToHtml.run(source, template, onReportOutput);
+
+function onReportOutput(report) {
+  if (output) {
+    fs.writeFile(output, report, function (err) {
+      if (err) {
+        return console.log(err);
+      }
+      console.log('Vulnerability snapshot saved at ' + output);
+    });
+  } else {
+    console.log(report);
+  }
+}

lib/snyk-to-html.js

@@ -0,0 +1,156 @@
+#!/usr/bin/env node
+
+var fs = require('fs');
+var Handlebars = require('handlebars');
+var marked = require('marked');
+var moment = require('moment');
+var severityMap = {low: 0, medium: 1, high: 2};
+
+module.exports = {run: run };
+
+function metadataForVuln(vuln) {
+  return {
+    id: vuln.id,
+    title: vuln.title,
+    name: vuln.name,
+    info: vuln.info,
+    severity: vuln.severity,
+    severityValue: severityMap[vuln.severity],
+    description: vuln.description,
+  };
+}
+
+function groupVulns(vulns) {
+  var result = {};
+  if (!vulns || typeof vulns.length === 'undefined') {
+    return result;
+  }
+  for (var i = 0; i < vulns.length; i++) {
+    if (!result[vulns[i].id]) {
+      result[vulns[i].id] = {};
+      result[vulns[i].id].list = [];
+      result[vulns[i].id].metadata = metadataForVuln(vulns[i]);
+    }
+    result[vulns[i].id].list.push(vulns[i]);
+  }
+  return result;
+}
+
+function generateTemplate(data, template) {
+  data.vulnerabilities = groupVulns(data.vulnerabilities);
+  var htmlTemplate = fs.readFileSync(template, 'utf8');
+  return Handlebars.compile(htmlTemplate)(data);
+}
+
+function onDataCallback(data, template, reportCallback) {
+  try {
+    data = JSON.parse(data);
+  } catch (error) {
+    console.log('Error: Invalid input JSON format, aborting process.');
+    return;
+  }
+  var report = generateTemplate(data, template);
+  reportCallback(report);
+}
+
+function readInputFromFile(source, template, reportCallback) {
+  fs.readFile(source, 'utf8', function (err, data) {
+    if (err) {
+      throw err;
+    }
+    onDataCallback(data, template, reportCallback);
+  });
+}
+
+function readInputFromStdin(template, reportCallback) {
+  var data = '';
+  process.stdin.setEncoding('utf8');
+  process.stdin.on('readable', function () {
+    var chunk = process.stdin.read();
+    if (chunk !== null) {
+      data += chunk;
+    }
+  });
+  process.stdin.on('end', function () {
+    onDataCallback(data, template, reportCallback);
+  });
+}
+
+function run(source, template, reportCallback) {
+  try {
+    if (source) {
+      readInputFromFile(source, template, reportCallback);
+    } else {
+      readInputFromStdin(template, reportCallback);
+    }
+  } catch (error) {
+    console.log('out');
+  }
+}
+
+// handlebar helpers
+Handlebars.registerHelper('markdown', function (source) {
+  return marked(source);
+});
+
+Handlebars.registerHelper('moment', function (date, format) {
+  return moment.utc(date).format(format);
+});
+
+Handlebars.registerHelper('isDoubleArray', function (data, options) {
+  return Array.isArray(data[0]) ? options.fn(data) : options.inverse(data);
+});
+
+Handlebars.registerHelper('if_eq', function (a, b, opts) {
+  return (a === b) ? opts.fn(this) : opts.inverse(this);
+});
+
+Handlebars.registerHelper('count', function (data) {
+  return data && data.length;
+});
+
+Handlebars.registerHelper('dump', function (data, spacer) {
+  return JSON.stringify(data, null, spacer || null);
+});
+
+Handlebars.registerHelper('if_any', function () { // important: not an arrow fn
+  var args = [].slice.call(arguments);
+  var opts = args.pop();
+
+  return args.some(function (v) {return !!v;}) ?
+    opts.fn(this) :
+    opts.inverse(this);
+});
+
+Handlebars.registerHelper('ifCond', function (v1, operator, v2, options) {
+  switch (operator) {
+    case '==': {
+      return (v1 == v2) ? options.fn(this) // jshint ignore:line
+                        : options.inverse(this);
+    }
+    case '===': {
+      return (v1 === v2) ? options.fn(this) : options.inverse(this);
+    }
+    case '<': {
+      return (v1 < v2) ? options.fn(this) : options.inverse(this);
+    }
+    case '<=': {
+      return (v1 <= v2) ? options.fn(this) : options.inverse(this);
+    }
+    case '>': {
+      return (v1 > v2) ? options.fn(this) : options.inverse(this);
+    }
+    case '>=': {
+      return (v1 >= v2) ? options.fn(this) : options.inverse(this);
+    }
+    case '&&': {
+      return (v1 && v2) ? options.fn(this) : options.inverse(this);
+    }
+    case '||': {
+      return (v1 || v2) ? options.fn(this) : options.inverse(this);
+    }
+    default: {
+      return options.inverse(this);
+    }
+  }
+});

package.json

@@ -1,13 +1,15 @@
 {
   "name": "snyk-to-html",
-  "version": "1.2.0",
-  "description": "",
+  "description": "Convert JSON output from `snyk test --json` into a static HTML report",
   "main": "index.js",
   "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1",
+    "tap": "COVERALLS_REPO_TOKEN=0 tap --timeout=180 --cov --coverage-report=text-summary test/*.test.js",
+    "test": "snyk test && npm run lint && npm run tap",
+    "lint": "jscs index.js -v && jscs `find ./lib -name '*.js'` -v",
     "report": "node hbs.js > output/test-report.html && open output/test-report.html",
     "snyk-protect": "snyk protect",
-    "prepublish": "npm run snyk-protect"
+    "prepublish": "npm run snyk-protect",
+    "semantic-release": "semantic-release pre && npm publish && semantic-release post"
   },
   "author": "",
   "license": "ISC",
@@ -19,7 +21,17 @@
     "minimist": "^1.2.0"
   },
   "bin": {
-    "snyk-to-html": "./snyk-to-html.js"
+    "snyk-to-html": "./index.js"
   },
-  "snyk": true
+  "snyk": true,
+  "devDependencies": {
+    "jscs": "^3.0.7",
+    "semantic-release": "^6.3.6",
+    "tap": "^10.3.2",
+    "tap-only": "0.0.5"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/snyk/snyk-to-html.git"
+  }
 }