feat: auto detect snyk test

Adding auto detect logic to snyk test. Auto detecting npm and ruby in same directory to begin with. Added tests, moved mono-repo-project test fixture to acceptance test workspace. Propagate target file and project name to display meta Throwing if docker and all-project options used together
Mattlk13 · Dec 24, 2019 · 6c1db27 · 6c1db27
1 parent 74a6c33
commit 6c1db27
Show file tree

Hide file tree

Showing 95 changed files with 717 additions and 6,000 deletions.
diff --git a/src/cli/args.ts b/src/cli/args.ts
@@ -180,6 +180,7 @@ export function args(rawArgv: string[]): Args {
     'skip-unresolved',
     'scan-all-unmanaged',
     'fail-on',
+    'all-projects',
   ]) {
     if (argv[dashedArg]) {
       const camelCased = dashToCamelCase(dashedArg);

diff --git a/src/cli/commands/test/index.ts b/src/cli/commands/test/index.ts
@@ -16,9 +16,13 @@ import {
   SEVERITY,
   GroupedVuln,
   VulnMetaData,
+  TestResult,
 } from '../../../lib/snyk-test/legacy';
 import { formatIssues } from './formatters/legacy-format-issue';
-import { WIZARD_SUPPORTED_PACKAGE_MANAGERS } from '../../../lib/package-managers';
+import {
+  WIZARD_SUPPORTED_PACKAGE_MANAGERS,
+  SupportedPackageManagers,
+} from '../../../lib/package-managers';
 import {
   formatIssuesWithRemediation,
   getSeverityValue,
@@ -86,7 +90,7 @@ async function test(...args: MethodArgs): Promise<string> {
     let res;
 
     try {
-      res = (await snyk.test(path, testOpts)) as LegacyVulnApiResult;
+      res = await snyk.test(path, testOpts);
     } catch (error) {
       // Possible error cases:
       // - the test found some vulns. `error.message` is a
@@ -349,10 +353,11 @@ function summariseErrorResults(errorResults) {
   return '';
 }
 
-function displayResult(res, options: Options & TestOptions) {
+function displayResult(res: TestResult, options: Options & TestOptions) {
   const meta = metaForDisplay(res, options);
   const dockerAdvice = dockerRemediationForDisplay(res);
-  const packageManager = options.packageManager;
+  const packageManager =
+    (res.packageManager as SupportedPackageManagers) || options.packageManager;
   const localPackageTest = isLocalFolder(options.path);
   const prefix = chalk.bold.white('\nTesting ' + options.path + '...\n\n');
 
@@ -569,23 +574,23 @@ function rightPadWithSpaces(s, desiredLength) {
 
 function metaForDisplay(res, options) {
   const padToLength = 19; // chars to align
-  const packageManager = options.packageManager || res.packageManager;
+  const packageManager = res.packageManager || options.packageManager;
+  const targetFile = res.targetFile || options.file;
   const openSource = res.isPrivate ? 'no' : 'yes';
   const meta = [
     chalk.bold(rightPadWithSpaces('Organization: ', padToLength)) + res.org,
     chalk.bold(rightPadWithSpaces('Package manager: ', padToLength)) +
       packageManager,
   ];
-  if (options.file) {
+  if (targetFile) {
     meta.push(
-      chalk.bold(rightPadWithSpaces('Target file: ', padToLength)) +
-        options.file,
+      chalk.bold(rightPadWithSpaces('Target file: ', padToLength)) + targetFile,
     );
   }
-  if (options.projectName) {
+  if (res.projectName) {
     meta.push(
       chalk.bold(rightPadWithSpaces('Project name: ', padToLength)) +
-        options.projectName,
+        res.projectName,
     );
   }
   if (options.docker) {

diff --git a/src/cli/index.ts b/src/cli/index.ts
@@ -157,6 +157,19 @@ async function main() {
         'scan-all-unmanaged',
       ]);
     }
+
+    if (
+      (args.options['project-name'] ||
+        args.options.file ||
+        args.options.packageManager ||
+        args.options.docker) &&
+      args.options.allProjects
+    ) {
+      throw new UnsupportedOptionCombinationError([
+        'project-name or file or package-manager or docker',
+        'all-projects',
+      ]);
+    }
     if (
       args.options.file &&
       typeof args.options.file === 'string' &&

diff --git a/src/lib/detect.ts b/src/lib/detect.ts
@@ -31,6 +31,14 @@ const DETECTABLE_FILES: string[] = [
   'Podfile.lock',
 ];
 
+export const AUTO_DETECTABLE_FILES: string[] = [
+  'package-lock.json',
+  'yarn.lock',
+  'package.json',
+  'Gemfile',
+  'Gemfile.lock',
+];
+
 // when file is specified with --file, we look it up here
 const DETECTABLE_PACKAGE_MANAGERS: {
   [name: string]: SupportedPackageManagers;
@@ -73,7 +81,7 @@ export function isPathToPackageFile(path) {
   return false;
 }
 
-export function detectPackageManager(root, options) {
+export function detectPackageManager(root: string, options) {
   // If user specified a package manager let's use it.
   if (options.packageManager) {
     return options.packageManager;
@@ -142,7 +150,9 @@ export function detectPackageFile(root) {
   debug('no package file found in ' + root);
 }
 
-export function detectPackageManagerFromFile(file) {
+export function detectPackageManagerFromFile(
+  file: string,
+): SupportedPackageManagers {
   let key = pathLib.basename(file);
 
   // TODO: fix this to use glob matching instead

diff --git a/src/lib/module-info/index.ts b/src/lib/module-info/index.ts
@@ -10,7 +10,7 @@ export function ModuleInfo(plugin, policy) {
       root,
       targetFile,
       options,
-    ): Promise<pluginApi.SinglePackageResult> {
+    ): Promise<pluginApi.SinglePackageResult | pluginApi.MultiProjectResult> {
       const pluginOptions = _.merge(
         {
           args: options._doubleDashArgs,

diff --git a/src/lib/plugins/index.ts b/src/lib/plugins/index.ts
@@ -14,7 +14,7 @@ import { SupportedPackageManagers } from '../package-managers';
 import { UnsupportedPackageManagerError } from '../errors';
 
 export function loadPlugin(
-  packageManager: SupportedPackageManagers,
+  packageManager: SupportedPackageManagers | undefined,
   options: types.Options = {},
 ): types.Plugin {
   if (options.docker) {

diff --git a/src/lib/snyk-test/index.js b/src/lib/snyk-test/index.js
@@ -6,15 +6,14 @@ const chalk = require('chalk');
 const pm = require('../package-managers');
 const { UnsupportedPackageManagerError } = require('../errors');
 
-function test(root, options, callback) {
+async function test(root, options, callback) {
   if (typeof options === 'function') {
     callback = options;
     options = {};
   }
   if (!options) {
     options = {};
   }
-
   const promise = executeTest(root, options);
   if (callback) {
     promise

diff --git a/src/lib/snyk-test/legacy.ts b/src/lib/snyk-test/legacy.ts
@@ -128,6 +128,10 @@ export interface LegacyVulnApiResult {
   remediation?: RemediationChanges;
 }
 
+export interface TestResult extends LegacyVulnApiResult {
+  targetFile?: string;
+}
+
 interface UpgradePathItem {
   name: string;
   version: string;