Module audit

Source
Expand description

This parses the output of npm-audit

npm-audit

Structs§

Advisory
advisory in report version 1
DependencyCounts
The vulnerability and dependency counts returned by npm-audit
Finding
findings in advisory in report version 1
MetadataV1
The vulnerability and dependency counts returned by npm-audit in report version 1
MetadataV2
The vulnerability and dependency counts returned by npm-audit in report version 2
NpmAuditDataV1
audit report version 1
NpmAuditDataV2
audit report version 2
Resolves
Which advisories are resolved by an action
VulnerabilityCountsV1
The vulnerability and dependency counts returned by npm-audit in report version 1
VulnerabilityCountsV2
The vulnerability and dependency counts returned by npm-audit in report version 2
VulnerablePackage
The details for a single vulnerable package

Enums§

Action
Actions to perform to fix security issues
Fix
a single fix
IndicatedUpdateRequirement
What the exit code indicated about required updates
NpmAuditData
This is used to return the data from audit() but not used for parsing since we can not easily tell serde how to decide which to use and the untagged union error messages are not great
Severity
Severity of vulnerabilities
Vulnerability
a single vulnerability

Functions§

audit
main entry point for the npm-audit call
deserialize_module_path
helper to parse module paths
deserialize_module_path_vec
helper to parse Vec of module paths
deserialize_optional_rfc3339
helper to parse updated and deleted in the correct format (default time serde implementation seems to use a different format)
deserialize_rfc3339
helper to parse created in the correct format (default time serde implementation seems to use a different format)
serialize_module_path
helper to serialize module paths
serialize_module_path_vec
helper to serialize Vec of module paths
serialize_optional_rfc3339
helper to serialize updated and deleted in the correct format (default time serde implementation seems to use a different format)
serialize_rfc3339
helper to serialize created in the correct format (default time serde implementation seems to use a different format)