42 lines
1.4 KiB
JavaScript
42 lines
1.4 KiB
JavaScript
|
/**
|
||
|
|
* @fileOverview This file provides a wrapper for the `nsp` (node security)
|
||
|
|
* utility to allow us to check for security issues in packages
|
||
|
|
* at commit time.
|
||
|
|
* This wrapper is needed because nsp DOES NOT take the path
|
||
|
|
* to the package.json, but instead looks for the package.json
|
||
|
|
* in the current working directory. `arc lint`, however,
|
||
|
|
* passes the path to the file, and doesn't change the cwd.
|
||
|
|
* So this wrapper ensures that nsp is run in the correct dir,
|
||
|
|
* allowing us to test all package.json files that are committed.
|
||
|
|
*/
|
||
|
|
const path = require('path');
|
||
|
|
const execFileSync = require('child_process').execFileSync;
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Get the file to lint from the command line. The command line is always
|
||
|
|
* argv[0] - node exe
|
||
|
|
* argv[1] - this script
|
||
|
|
* argv[2] - the file passed on the command line
|
||
|
|
*/
|
||
|
|
if (process.argv.length !== 3) {
|
||
|
|
throw new Error('Must pass exactly 1 file on the command line');
|
||
|
|
}
|
||
|
|
|
||
|
|
const filename = process.argv[2];
|
||
|
|
const pathname = path.dirname(filename);
|
||
|
|
const cwd = process.cwd();
|
||
|
|
const nspPath = path.resolve(cwd, 'node_modules', '.bin', 'nsp.cmd');
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Exec nsp in the correct working directory
|
||
|
|
*/
|
||
|
|
const nsp = execFileSync(
|
||
|
|
nspPath,
|
||
|
|
['check', '--output', 'summary', '--warn-only'],
|
||
|
|
{
|
||
|
|
cwd: pathname,
|
||
|
|
maxBuffer: 1000000
|
||
|
|
}
|
||
|
|
);
|
||
|
|
process.stdout.write(nsp);
|