-
Notifications
You must be signed in to change notification settings - Fork 41
Expand file tree
/
Copy pathget-diff-scan.ts
More file actions
146 lines (130 loc) · 3.62 KB
/
get-diff-scan.ts
File metadata and controls
146 lines (130 loc) · 3.62 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
import fs from 'node:fs'
import util from 'node:util'
import colors from 'yoctocolors-cjs'
import { logger } from '@socketsecurity/registry/lib/logger'
import { SocketSdkReturnType } from '@socketsecurity/sdk'
import constants from '../../constants'
import { handleAPIError, handleApiCall, queryAPI } from '../../utils/api'
import { AuthError } from '../../utils/errors'
import { getDefaultToken } from '../../utils/sdk'
export async function getDiffScan({
after,
before,
depth,
file,
orgSlug,
outputJson
}: {
after: string
before: string
depth: number
file: string
orgSlug: string
outputJson: boolean
}): Promise<void> {
const apiToken = getDefaultToken()
if (!apiToken) {
throw new AuthError(
'User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.'
)
}
await getDiffScanWithToken({
after,
before,
depth,
file,
orgSlug,
outputJson,
apiToken
})
}
export async function getDiffScanWithToken({
after,
apiToken,
before,
depth,
file,
orgSlug,
outputJson
}: {
after: string
apiToken: string
depth: number
before: string
file: string
orgSlug: string
outputJson: boolean
}): Promise<void> {
// Lazily access constants.spinner.
const { spinner } = constants
spinner.start('Getting diff scan...')
const response = await queryAPI(
`orgs/${orgSlug}/full-scans/diff?before=${encodeURIComponent(before)}&after=${encodeURIComponent(after)}`,
apiToken
)
if (!response.ok) {
const err = await handleAPIError(response.status)
spinner.errorAndStop(
`${colors.bgRed(colors.white(response.statusText))}: ${err}`
)
return
}
const result = await handleApiCall(
(await response.json()) as Promise<
SocketSdkReturnType<'GetOrgDiffScan'>['data']
>,
'Deserializing json'
)
spinner.stop()
const dashboardUrl = (result as any)?.['diff_report_url']
const dashboardMessage = dashboardUrl
? `\n View this diff scan in the Socket dashboard: ${colors.cyan(dashboardUrl)}`
: ''
// When forcing json, or dumping to file, serialize to string such that it
// won't get truncated. The only way to dump the full raw JSON to stdout is
// to use `--json --file -` (the dash is a standard notation for stdout)
if (outputJson || file) {
let json
try {
json = JSON.stringify(result, null, 2)
} catch (e) {
// Most likely caused by a circular reference (or OOM)
logger.error('There was a problem converting the data to JSON')
process.exitCode = 1
return
}
if (file && file !== '-') {
logger.log(`Writing json to \`${file}\``)
fs.writeFile(file, JSON.stringify(result, null, 2), err => {
if (err) {
logger.error(`Writing to \`${file}\` failed...`)
logger.error(err)
} else {
logger.log(`Data successfully written to \`${file}\``)
}
logger.error(dashboardMessage)
})
} else {
// TODO: expose different method for writing to stderr when simply dodging stdout
logger.error(`\n Diff scan result: \n`)
logger.log(json)
logger.error(dashboardMessage)
}
return
}
// In this case neither the --json nor the --file flag was passed
// Dump the JSON to CLI and let NodeJS deal with truncation
logger.log('Diff scan result:')
logger.log(
util.inspect(result, {
showHidden: false,
depth: depth > 0 ? depth : null,
colors: true,
maxArrayLength: null
})
)
logger.log(
`\n 📝 To display the detailed report in the terminal, use the --json flag \n`
)
logger.log(dashboardMessage)
}