/**
 * @fileOverview  This file provides a wrapper for the `nsp` (node security)
 *                utility to allow us to check for security issues in packages
 *                at commit time.
 *                This wrapper is needed because nsp DOES NOT take the path
 *                to the package.json, but instead looks for the package.json
 *                in the current working directory.  `arc lint`, however,
 *                passes the path to the file, and doesn't change the cwd.
 *                So this wrapper ensures that nsp is run in the correct dir,
 *                allowing us to test all package.json files that are committed.
 */
const path = require('path');
const execFileSync = require('child_process').execFileSync;

/**
 * Get the file to lint from the command line.  The command line is always
 * argv[0] - node exe
 * argv[1] - this script
 * argv[2] - the file passed on the command line
 */
if (process.argv.length !== 3) {
    throw new Error('Must pass exactly 1 file on the command line');
}

const filename = process.argv[2];
const pathname = path.dirname(filename);
const cwd = process.cwd();
const nspPath = path.resolve(cwd, 'node_modules', '.bin', 'nsp.cmd');

/**
 * Exec nsp in the correct working directory
 */
const nsp = execFileSync(
    nspPath,
    ['check', '--output', 'summary', '--warn-only'],
    {
        cwd: pathname,
        maxBuffer: 1000000
    }
);
process.stdout.write(nsp);