cleanup

Author: typicode

src/commands/action/core/classes.ts

@@ -1,3 +1,4 @@
+// https://github.com/SocketDev/socket-python-cli/blob/6d4fc56faee68d3a4764f1f80f84710635bdaf05/socketsecurity/core/classes.py
 import { components } from '@socketsecurity/sdk/types/api'
 
 type IntroducedBy = [string, string][]

src/commands/action/core/github.ts

@@ -1,3 +1,4 @@
+// https://github.com/SocketDev/socket-python-cli/blob/6d4fc56faee68d3a4764f1f80f84710635bdaf05/socketsecurity/core/github.py
 import { Octokit } from '@octokit/rest'
 import { Comment } from './classes'
 import { SCMComments, SocketComments } from './scm_comments'
@@ -29,9 +30,12 @@ export class GitHub {
         return this.prNumber ? 'diff' : 'main'
 
       case 'pull_request':
-        // Provided by github.event.action, add this code below to GitHub action
-        //  if: github.event_name == 'pull_request'
-        //  run: echo "EVENT_ACTION=${{ github.event.action }}" >> $GITHUB_ENV
+        // This env variable needs to be set in the GitHub action.
+        // Add this code below to GitHub action:
+        // - steps:
+        //   - name: Get PR State
+        //     if: github.event_name == 'pull_request'
+        //     run: echo "EVENT_ACTION=${{ github.event.action }}" >> $GITHUB_ENV
         const eventAction = process.env['EVENT_ACTION']
 
         if (!eventAction) {
@@ -82,7 +86,6 @@ export class GitHub {
   }: {
     commentId: number
   }): Promise<boolean> {
-    // Fetch reactions for the specified comment
     const { data } = await this.octokit.reactions.listForIssueComment({
       owner: this.owner,
       repo: this.repo,

src/commands/action/core/index.ts

@@ -1,3 +1,4 @@
+// https://github.com/SocketDev/socket-python-cli/blob/6d4fc56faee68d3a4764f1f80f84710635bdaf05/socketsecurity/core/__init__.py
 import { SocketSdk } from '@socketsecurity/sdk'
 import { Diff, FullScan, Issue, Package, Purl } from './classes'
 import type { components, operations } from '@socketsecurity/sdk/types/api.d.ts'
@@ -27,7 +28,6 @@ export class Core {
     this.files = []
   }
 
-  // OK
   async getSbomData({
     fullScanId
   }: {
@@ -54,15 +54,14 @@ export class Core {
     return sbomArtifacts
   }
 
-  // OK
   async createFullScan({
     params
   }: {
     params: Omit<operations['CreateOrgFullScan']['parameters']['query'], 'repo'>
   }): Promise<FullScan> {
     const orgFullScanResponse = await this.socket.createOrgFullScan(
       this.owner,
-      // pull_request is of type number but URLSearchParams will convert it to a string
+      // Ignoring because pull_request is of type number but URLSearchParams will convert it to a string
       // @ts-ignore
       new URLSearchParams({ repo: this.repo, ...params }),
       this.files
@@ -80,7 +79,6 @@ export class Core {
     return fullScan
   }
 
-  // OK
   getSourceData({
     pkg,
     packages
@@ -114,7 +112,6 @@ export class Core {
     return introducedBy
   }
 
-  // OK
   createPurl({
     packageId,
     packages
@@ -140,7 +137,6 @@ export class Core {
     return { purl, pkg }
   }
 
-  // OK
   async createIssueAlerts({
     pkg,
     alerts,
@@ -212,7 +208,6 @@ export class Core {
     return alerts
   }
 
-  // OK
   compareIssueAlerts({
     newScanAlerts,
     headScanAlerts,
@@ -260,7 +255,6 @@ export class Core {
     return alerts
   }
 
-  // OK
   checkAlertCapabilities({
     pkg,
     capabilities,
@@ -299,7 +293,6 @@ export class Core {
     return capabilities
   }
 
-  // OK
   compareCapabilities({
     newPackages,
     headPackages
@@ -336,7 +329,6 @@ export class Core {
     return capabilities
   }
 
-  // OK
   addCapabilitiesToPurl(diff: Diff): Diff {
     const newPackages: Purl[] = []
 
@@ -463,7 +455,6 @@ export class Core {
     return pkg
   }
 
-  // OK
   createSbomDict(
     sbomArtifacts: Awaited<ReturnType<typeof this.getSbomData>>
   ): Record<string, Package> {

src/commands/action/core/messages.ts

@@ -1,12 +1,12 @@
+// https://github.com/SocketDev/socket-python-cli/blob/6d4fc56faee68d3a4764f1f80f84710635bdaf05/socketsecurity/core/messages.py
 import { Diff, Issue, Purl } from './classes'
 
 export class Messages {
-  // OK
-  createSecurityCommentJSON({ diff }: { diff: Diff }) {
+  static createSecurityCommentJSON({ diff }: { diff: Diff }) {
     let scanFailed = false
 
     if (diff.newAlerts.length === 0) {
-      // TODO: unreachable code
+      // FIXME: unreachable code
       for (const alert of diff.newAlerts) {
         if (alert.error) {
           scanFailed = true
@@ -31,13 +31,11 @@ export class Messages {
     return output
   }
 
-  // OK
   static createPurlLink(purl: Purl): string {
     const packageUrl = `[${purl.purl}](${purl.url})`
     return packageUrl
   }
 
-  // OK
   static createAddedTable(diff: Diff): string {
     const overviewTable = [
       'Package',
@@ -72,7 +70,6 @@ export class Messages {
     return md
   }
 
-  // OK
   static createRemoveLine(diff: Diff): string {
     const removedLine = ['Removed packages:']
     for (const removed of diff.removedPackages) {
@@ -82,7 +79,6 @@ export class Messages {
     return removedLine.join(', ')
   }
 
-  // OK
   static dependencyOverviewTemplate(diff: Diff): string {
     let md = ''
     md += '<!-- socket-overview-comment-actions -->\n'
@@ -96,7 +92,6 @@ export class Messages {
     return md
   }
 
-  // OK
   static createSources(alert: Issue): [string, string] {
     const sources: string[] = []
     const manifests: string[] = []
@@ -117,7 +112,6 @@ export class Messages {
     return [manifestStr, sourcesStr]
   }
 
-  // OK
   static createSecurityAlertTable(diff: Diff): {
     ignoreCommands: string[]
     nextSteps: Record<string, string[]>
@@ -165,7 +159,6 @@ export class Messages {
     return { ignoreCommands, nextSteps, mdTable: md }
   }
 
-  // OK
   static createNextSteps(nextSteps: Record<string, string[]>): string {
     let md = ''
     for (const step in nextSteps) {
@@ -180,7 +173,6 @@ export class Messages {
     return md
   }
 
-  // OK
   static createDeeperLook(): string {
     let md = ''
     md += '<details>\n'
@@ -191,7 +183,6 @@ export class Messages {
     return md
   }
 
-  // OK
   static createRemovePackage(): string {
     let md = ''
     md += '<details>\n'
@@ -202,7 +193,6 @@ export class Messages {
     return md
   }
 
-  // OK
   static createAcceptableRisk(ignoreCommands: string[]): string {
     let md = ''
     md += '<details>\n'
@@ -218,7 +208,6 @@ export class Messages {
     return md
   }
 
-  // OK
   static securityCommentTemplate(diff: Diff): string {
     let md = ''
     md += '<!-- socket-security-comment-actions -->\n'

src/commands/action/core/scm_comments.ts

@@ -1,3 +1,4 @@
+// https://github.com/SocketDev/socket-python-cli/blob/6d4fc56faee68d3a4764f1f80f84710635bdaf05/socketsecurity/core/scm_comments.py
 import { Comment, Issue } from './classes'
 
 export type SocketComments = {

src/commands/action/index.ts

@@ -1,15 +1,16 @@
+// https://github.com/SocketDev/socket-python-cli/blob/6d4fc56faee68d3a4764f1f80f84710635bdaf05/socketsecurity/socketcli.py
 import { parseArgs } from 'util'
 import { CliSubcommand } from '../../utils/meow-with-subcommands'
 import simpleGit from 'simple-git'
 import { SocketSdk } from '@socketsecurity/sdk'
 import micromatch from 'micromatch'
-import { getDefaultKey } from '../../utils/sdk'
+import { getDefaultToken } from '../../utils/sdk'
 import { Core } from './core'
 import { GitHub } from './core/github'
 import { SCMComments } from './core/scm_comments'
 import { Messages } from './core/messages'
 
-const socket = new SocketSdk(getDefaultKey()!)
+const socket = new SocketSdk(getDefaultToken()!)
 
 export const action: CliSubcommand = {
   description: 'Socket action command',
@@ -71,11 +72,8 @@ export const action: CliSubcommand = {
       const securityComment = Messages.securityCommentTemplate(diff)
       let newSecurityComment = true
       let newOverviewComment = true
-      // TODO: overviewComment is never undefined or empty string
-      let updateOldSecurityComment =
-        securityComment === '' || comments.security !== undefined
-      let updateOldOverviewComment =
-        overviewComment === '' || comments.overview !== undefined
+      let updateOldSecurityComment = comments.security !== undefined
+      let updateOldOverviewComment = comments.overview !== undefined
       if (diff.newAlerts.length === 0) {
         if (!updateOldSecurityComment) {
           newSecurityComment = false