Skip to content

Commit

Permalink
Fix RetireJS
Browse files Browse the repository at this point in the history 
It was scanning from pwd, not the source dir
  • Loading branch information
@safejulian
safejulian committed Dec 4, 2024
1 parent 85aa649 commit 3080768
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions tools.d/retirejs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ source=$1

tmpdir=$(mktemp -d)

retire --exitwith 0 --outputformat json --outputpath "${tmpdir}/report.json" "${source}" 1>&2
retire --exitwith 0 --outputformat json --outputpath "${tmpdir}/report.json" --path "${source}" 1>&2

# Iterate over files and their vulnerabilities to produce a CSV
jq --raw-output '.data[] | .file as $file | .results[] | .vulnerabilities[] | ["vulnerable-js-file", .severity, .identifiers.CVE[0] + " -" + .identifiers.summary, $file, 0, 0] | @csv' < "${tmpdir}/report.json" > "${tmpdir}/findings.csv"
Expand All @@ -16,4 +16,4 @@ brew_prefix=$(brew --prefix)
PATH="${brew_prefix}/opt/statica/libexec:.:$PATH" csv2sarif "retirejs" "$(retire --version)" "${tmpdir}/findings.csv"

# Clean up
rm -rf "${tmpdir}"
rm -rf "${tmpdir}"

0 comments on commit 3080768

Please sign in to comment.