misc(snyk): only keep vuln data for detectable libs (#6919)

GoogleChrome · Jan 3, 2019 · d3b95b2 · d3b95b2
1 parent 4f16a6a
commit d3b95b2
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 576 deletions.
diff --git a/lighthouse-core/scripts/cleanup-vuln-snapshot.js b/lighthouse-core/scripts/cleanup-vuln-snapshot.js
@@ -11,6 +11,9 @@
 
 const {readFileSync, writeFileSync} = require('fs');
 const prettyJSONStringify = require('pretty-json-stringify');
+const libDetectorSource = readFileSync(require.resolve('js-library-detector/library/libraries.js'),
+  'utf8'
+);
 
 const filename = process.argv[2];
 if (!filename) throw new Error('No filename provided.');
@@ -28,6 +31,26 @@ writeFileSync(filename, output, 'utf8');
  */
 function cleanAndFormat(vulnString) {
   const snapshot = /** @type {!SnykDB} */ (JSON.parse(vulnString));
+  // Hack to deal with non-node-friendly code.
+  const librariesDefinition = eval(`
+    (() => {
+      ${libDetectorSource}
+      return d41d8cd98f00b204e9800998ecf8427e_LibraryDetectorTests;
+    })()
+  `);
+
+  // Identify all npm package names that can be detected.
+  const detectableLibs = Object.values(librariesDefinition)
+    .map(lib => lib.npm)
+    .filter(Boolean);
+
+  // Remove any entries that aren't detectable.
+  for (const npmPkgName of Object.keys(snapshot.npm)) {
+    if (!detectableLibs.includes(npmPkgName)) {
+      delete snapshot.npm[npmPkgName];
+    }
+  }
+
   for (const libEntries of Object.values(snapshot.npm)) {
     libEntries.forEach((entry, i) => {
       const pruned = {