first

safekiso-server/node_modules/snyk/dist/lib/snyk-test/assemble-payloads.d.ts

@@ -0,0 +1,5 @@
+import { Ecosystem, ScanResult } from '../ecosystems/types';
+import { Options, PolicyOptions, TestOptions } from '../types';
+import { Payload } from './types';
+export declare function assembleEcosystemPayloads(ecosystem: Ecosystem, options: Options & TestOptions & PolicyOptions): Promise<Payload[]>;
+export declare function constructProjectName(sr: ScanResult): string;

safekiso-server/node_modules/snyk/dist/lib/snyk-test/common.d.ts

@@ -0,0 +1,34 @@
+/// <reference types="node" />
+import { Writable } from 'stream';
+import { DepGraphData } from '@snyk/dep-graph';
+import { Options } from '../types';
+export declare function assembleQueryString(options: any): {
+    org: string;
+    severityThreshold?: boolean | undefined;
+    ignorePolicy?: boolean | undefined;
+} | null;
+export declare enum SEVERITY {
+    LOW = "low",
+    MEDIUM = "medium",
+    HIGH = "high",
+    CRITICAL = "critical"
+}
+export declare const SEVERITIES: Array<{
+    verboseName: SEVERITY;
+    value: number;
+}>;
+export declare function colorTextBySeverity(severity: string, textToColor: string): string;
+export declare enum FAIL_ON {
+    all = "all",
+    upgradable = "upgradable",
+    patchable = "patchable"
+}
+export type FailOn = 'all' | 'upgradable' | 'patchable';
+export declare const RETRY_ATTEMPTS = 3;
+export declare const RETRY_DELAY = 500;
+/**
+ * printDepGraph writes the given dep-graph and target name to the destination
+ * stream as expected by the `depgraph` CLI workflow.
+ */
+export declare function printDepGraph(depGraph: DepGraphData, targetName: string, destination: Writable): Promise<void>;
+export declare function shouldPrintDepGraph(opts: Options): boolean;

safekiso-server/node_modules/snyk/dist/lib/snyk-test/iac-test-result.d.ts

@@ -0,0 +1,73 @@
+import { BasicResultData, SEVERITY, TestDepGraphMeta } from './legacy';
+export interface AnnotatedIacIssue {
+    id: string;
+    publicId: string;
+    title: string;
+    description?: string;
+    severity: SEVERITY | 'none';
+    isIgnored: boolean;
+    cloudConfigPath: string[];
+    type?: string;
+    subType: string;
+    policyEngineType?: string;
+    references: string[];
+    path?: string[];
+    documentation?: string;
+    isGeneratedByCustomRule?: boolean;
+    issue: string;
+    impact: string;
+    resolve: string;
+    remediation?: Partial<Record<'terraform' | 'cloudformation' | 'arm' | 'kubernetes', string>>;
+    msg: string;
+    compliance?: string[][];
+    name?: string;
+    from?: string[];
+    lineNumber?: number;
+    iacDescription: {
+        issue: string;
+        impact: string;
+        resolve: string;
+    };
+}
+type FILTERED_OUT_FIELDS = 'cloudConfigPath' | 'name' | 'from';
+export interface IacTestResponse extends BasicResultData {
+    path: string;
+    code?: number;
+    targetFile: string;
+    projectName: string;
+    displayTargetFile: string;
+    foundProjectCount: number;
+    meta: TestDepGraphMeta;
+    result: {
+        cloudConfigResults: AnnotatedIacIssue[];
+        projectType: string;
+    };
+}
+declare const IAC_ISSUES_KEY = "infrastructureAsCodeIssues";
+export declare function mapIacTestResult(iacTest: IacTestResponse): MappedIacTestResponse | IacTestError;
+export declare function mapIacTestError(error: Error): {
+    ok: boolean;
+    code: number | undefined;
+    error: string;
+    path: any;
+};
+/**
+ * The following types represent manipulations to the data structure returned from Registry's `test-iac`.
+ * These manipulations are being done prior to outputing as JSON, for renaming fields only.
+ * The types above, IacTestResult & AnnotatedIacIssue, represent how the response from Registry actually is.
+ * These were introduced in order to prevent cascading complex changes caused by changing Registry's `test-iac` response.
+ */
+export interface IacTestError {
+    ok: boolean;
+    error: string;
+    path: string;
+}
+export interface MappedIacTestResponse extends Omit<IacTestResponse, 'result'> {
+    [IAC_ISSUES_KEY]: MappedAnnotatedIacIssue[];
+    projectType: string;
+}
+export interface MappedAnnotatedIacIssue extends Omit<AnnotatedIacIssue, FILTERED_OUT_FIELDS> {
+    path: string[];
+}
+export declare function mapIacIssue(iacIssue: AnnotatedIacIssue): MappedAnnotatedIacIssue;
+export {};

safekiso-server/node_modules/snyk/dist/lib/snyk-test/index.d.ts

@@ -0,0 +1,2 @@
+export = test;
+declare function test(root: any, options: any, callback: any): Promise<import("./legacy").TestResult | import("./legacy").TestResult[]>;

safekiso-server/node_modules/snyk/dist/lib/snyk-test/legacy.d.ts

@@ -0,0 +1,291 @@
+import * as depGraphLib from '@snyk/dep-graph';
+import { DepsFilePaths, ScanResult, FileSignaturesDetails } from '../ecosystems/types';
+import { SupportedPackageManagers } from '../package-managers';
+import { Options, SupportedProjectTypes, TestOptions } from '../types';
+import { AppliedPolicyRules } from '../formatters/types';
+interface Pkg {
+    name: string;
+    version?: string;
+}
+export interface Patch {
+    version: string;
+    id: string;
+    urls: string[];
+    modificationTime: string;
+}
+export declare enum SEVERITY {
+    LOW = "low",
+    MEDIUM = "medium",
+    HIGH = "high",
+    CRITICAL = "critical"
+}
+export interface VulnMetaData {
+    id: string;
+    title: string;
+    description: string;
+    type: 'license' | 'vuln';
+    name: string;
+    info: string;
+    severity: SEVERITY;
+    severityValue: number;
+    isNew: boolean;
+    version: string;
+    packageManager: SupportedPackageManagers | 'upstream';
+}
+export interface GroupedVuln {
+    list: AnnotatedIssue[];
+    metadata: VulnMetaData;
+    isIgnored: boolean;
+    title: string;
+    note: string | false;
+    severity: SEVERITY;
+    originalSeverity?: SEVERITY;
+    isNew: boolean;
+    name: string;
+    version: string;
+    isFixable: boolean;
+    fixedIn: string[];
+    legalInstructionsArray?: LegalInstruction[];
+    appliedPolicyRules?: AppliedPolicyRules;
+}
+export interface LegalInstruction {
+    licenseName: string;
+    legalContent: string;
+}
+export interface IssueData {
+    id: string;
+    packageName: string;
+    version: string;
+    moduleName?: string;
+    below: string;
+    semver: {
+        vulnerable: string | string[];
+        vulnerableHashes?: string[];
+        vulnerableByDistro?: {
+            [distroNameAndVersion: string]: string[];
+        };
+    };
+    patches: Patch[];
+    isNew: boolean;
+    description: string;
+    title: string;
+    severity: SEVERITY;
+    fixedIn: string[];
+    legalInstructions?: string;
+    packageManager?: SupportedProjectTypes;
+    from?: string[];
+    name?: string;
+}
+export interface IssueDataUnmanaged extends IssueData {
+    upgradePath?: (string | boolean)[];
+    isPatchable?: boolean;
+}
+export type CallPath = string[];
+interface AnnotatedIssue extends IssueData {
+    credit: string[];
+    name: string;
+    version: string;
+    from: string[];
+    upgradePath: Array<string | boolean>;
+    isUpgradable: boolean;
+    isPatchable: boolean;
+    severity: SEVERITY;
+    originalSeverity?: SEVERITY;
+    cvssScore?: number;
+    lineNumber?: number;
+    bundled?: any;
+    shrinkwrap?: any;
+    __filename?: string;
+    parentDepType: string;
+    type?: 'license';
+    title: string;
+    patch?: any;
+    note?: string | false;
+    publicationTime?: string;
+    identifiers?: {
+        [name: string]: string[];
+    };
+}
+export interface DockerIssue {
+    nearestFixedInVersion?: string;
+    dockerfileInstruction?: any;
+    dockerBaseImage?: any;
+}
+export interface IgnoreSettings {
+    adminOnly: boolean;
+    reasonRequired: boolean;
+    disregardFilesystemIgnores: boolean;
+}
+export interface BasicResultData {
+    ok: boolean;
+    payloadType?: string;
+    org: string;
+    isPrivate: boolean;
+    summary: string;
+    packageManager?: SupportedProjectTypes;
+    severityThreshold?: string;
+    platform?: string;
+}
+export interface LegacyVulnApiResult extends BasicResultData {
+    vulnerabilities: AnnotatedIssue[];
+    dependencyCount: number;
+    policy: string;
+    licensesPolicy: object | null;
+    ignoreSettings: IgnoreSettings | null;
+    docker?: {
+        baseImage?: any;
+        binariesVulns?: unknown;
+        baseImageRemediation?: BaseImageRemediation;
+    };
+    projectId?: string;
+    filesystemPolicy?: boolean;
+    uniqueCount?: any;
+    remediation?: RemediationChanges;
+    depGraph?: depGraphLib.DepGraphData;
+    depTree?: depGraphLib.legacy.DepTree;
+}
+export interface BaseImageRemediation {
+    code: string;
+    advice: BaseImageRemediationAdvice[];
+    message?: string;
+}
+export interface BaseImageRemediationAdvice {
+    message: string;
+    bold?: boolean;
+    color?: string;
+}
+export interface TestResult extends LegacyVulnApiResult {
+    targetFile?: string;
+    projectName?: string;
+    targetFilePath?: string;
+    displayTargetFile?: string;
+    foundProjectCount?: number;
+    scanResult?: ScanResult;
+    hasUnknownVersions?: boolean;
+    path?: string;
+}
+interface UpgradePathItem {
+    name: string;
+    version: string;
+    newVersion?: string;
+    isDropped?: boolean;
+}
+interface UpgradePath {
+    path: UpgradePathItem[];
+}
+interface FixInfo {
+    upgradePaths: UpgradePath[];
+    isPatchable: boolean;
+    nearestFixedInVersion?: string;
+}
+export interface AffectedPackages {
+    [pkgId: string]: {
+        pkg: Pkg;
+        issues: {
+            [issueId: string]: Issue;
+        };
+    };
+}
+interface TestDepGraphResult {
+    issuesData: {
+        [issueId: string]: IssueData;
+    };
+    affectedPkgs: AffectedPackages;
+    docker: {
+        binariesVulns?: TestDepGraphResult;
+        baseImage?: any;
+    };
+    remediation?: RemediationChanges;
+}
+export interface Issue {
+    pkgName: string;
+    pkgVersion?: string;
+    issueId: string;
+    fixInfo: FixInfo;
+}
+export interface TestDependenciesResult {
+    issuesData: {
+        [issueId: string]: IssueDataUnmanaged;
+    };
+    issues: Issue[];
+    docker?: {
+        baseImage: string;
+        baseImageRemediation: BaseImageRemediation;
+        binariesVulns: TestDepGraphResult;
+    };
+    remediation?: RemediationChanges;
+    depsFilePaths?: DepsFilePaths;
+    depGraphData: depGraphLib.DepGraphData;
+    fileSignaturesDetails: FileSignaturesDetails;
+    vulnerabilities: IssueData[];
+    path: string;
+    dependencyCount: number;
+    packageManager: SupportedProjectTypes;
+}
+export interface TestDepGraphMeta {
+    isPublic: boolean;
+    isLicensesEnabled: boolean;
+    licensesPolicy?: {
+        severities: {
+            [type: string]: string;
+        };
+    };
+    projectId?: string;
+    ignoreSettings?: IgnoreSettings;
+    policy: string;
+    org: string;
+}
+export interface TestDepGraphResponse {
+    result: TestDepGraphResult;
+    meta: TestDepGraphMeta;
+}
+export interface TestDependenciesResponse {
+    result: TestDependenciesResult;
+    meta: TestDepGraphMeta;
+}
+export interface Ignores {
+    [path: string]: {
+        paths: string[][];
+        meta: {
+            days?: number;
+            reason?: string;
+        };
+    };
+}
+export interface PatchObject {
+    [name: string]: {
+        patched: string;
+    };
+}
+export interface Upgrade {
+    upgradeTo: string;
+}
+export interface UpgradeVulns extends Upgrade {
+    vulns: string[];
+}
+export interface UpgradeRemediation extends UpgradeVulns {
+    upgrades: string[];
+}
+export interface PatchRemediation {
+    paths: PatchObject[];
+}
+export interface DependencyUpdates {
+    [from: string]: UpgradeRemediation;
+}
+export interface PinRemediation extends UpgradeVulns {
+    isTransitive: boolean;
+}
+export interface DependencyPins {
+    [name: string]: PinRemediation;
+}
+export interface RemediationChanges {
+    unresolved: IssueData[];
+    upgrade: DependencyUpdates;
+    patch: {
+        [name: string]: PatchRemediation;
+    };
+    ignore: unknown;
+    pin: DependencyPins;
+}
+declare function convertTestDepGraphResultToLegacy(res: TestDepGraphResponse, depGraph: depGraphLib.DepGraph, packageManager: SupportedProjectTypes | undefined, options: Options & TestOptions): Promise<LegacyVulnApiResult>;
+export { convertTestDepGraphResultToLegacy, AnnotatedIssue };

safekiso-server/node_modules/snyk/dist/lib/snyk-test/run-test.d.ts

@@ -0,0 +1,3 @@
+import { TestResult } from './legacy';
+import { Options, SupportedProjectTypes, TestOptions } from '../types';
+export declare function runTest(projectType: SupportedProjectTypes | undefined, root: string, options: Options & TestOptions, featureFlags?: Set<string>): Promise<TestResult[]>;

safekiso-server/node_modules/snyk/dist/lib/snyk-test/types.d.ts

@@ -0,0 +1,38 @@
+import * as depGraphLib from '@snyk/dep-graph';
+import { ScanResult } from '../ecosystems/types';
+import { GitTarget, ContainerTarget } from '../project-metadata/types';
+import { DepTree } from '../types';
+export interface PayloadBody {
+    depGraph?: depGraphLib.DepGraph;
+    callGraph?: any;
+    policy?: string;
+    targetFile?: string;
+    targetFileRelativePath?: string;
+    targetReference?: string;
+    projectNameOverride?: string;
+    hasDevDependencies?: boolean;
+    originalProjectName?: string;
+    foundProjectCount?: number;
+    docker?: any;
+    displayTargetFile?: string;
+    target?: GitTarget | ContainerTarget | null;
+}
+export interface TestDependenciesRequest {
+    scanResult: ScanResult;
+}
+export interface DepTreeFromResolveDeps extends DepTree {
+    numDependencies: number;
+    pluck: any;
+}
+export interface Payload {
+    method: string;
+    url: string;
+    json: boolean;
+    headers: {
+        'x-is-ci': boolean;
+        authorization: string;
+    };
+    body?: PayloadBody | TestDependenciesRequest;
+    qs?: object | null;
+    modules?: DepTreeFromResolveDeps;
+}