# Vulnerability Notifications Attempt to update npm packages marked by github as vulnerable --- --- ## 1) Program Procedure: Hello World Print "Hello World" and exit [./code_modules/hello-world](code_modules/hello-world) --- ### 1.1) Procedure Task: Screen Printer Call the screen printer [./code_modules/hello-world/code_modules/screen-printer](code_modules/hello-world/code_modules/screen-printer) - **Modules**: - **Name**: [path](https://nodejs.org/api/path.html) - **Parameters**: {text: 'hello world'} --- #### 1.1.1) Task Action: Print Text output the text to nearest screen [./code_modules/hello-world/code_modules/screen-printer/code_modules/print-text](code_modules/hello-world/code_modules/screen-printer/code_modules/print-text) - **Modules**: - **Name**: [path](https://nodejs.org/api/path.html) --- ## 2) Program Procedure: Fix Vulnerabilities Attempt to fix npm-packages. [./code_modules/fix-vulnerabilities](code_modules/fix-vulnerabilities) --- ### 2.1) Procedure Task: Verify Github Access via curl Use a github access token to pull in notification data. [./code_modules/fix-vulnerabilities/code_modules/verify-github-access-via-curl](code_modules/fix-vulnerabilities/code_modules/verify-github-access-via-curl) - **Parameters**: {cache: '3 hours'} - **Dependencies**: - **Name**: [request](https://www.npmjs.com/package/request), **Version**: ^2.88.0 --- ### 2.2) Procedure Task: Verify Github Access via git Test if the computer is authorized to push to github [./code_modules/fix-vulnerabilities/code_modules/verify-github-access-via-git](code_modules/fix-vulnerabilities/code_modules/verify-github-access-via-git) - **Dependencies**: - **Name**: [shelljs](https://www.npmjs.com/package/shelljs), **Version**: ^0.8.3 - **Modules**: - **Name**: [path](https://nodejs.org/api/path.html) - **Name**: [fs](https://nodejs.org/api/fs.html) --- ### 2.3) Procedure Task: Get Active Notifications Get all active github notifications as JSON [./code_modules/fix-vulnerabilities/code_modules/get-active-notifications](code_modules/fix-vulnerabilities/code_modules/get-active-notifications) --- #### 2.3.1) Task Action: Get github notifications Connect to github using token and get JSON data [./code_modules/fix-vulnerabilities/code_modules/get-active-notifications/code_modules/get-github-notifications](code_modules/fix-vulnerabilities/code_modules/get-active-notifications/code_modules/get-github-notifications) - **Dependencies**: - **Name**: [request](https://www.npmjs.com/package/request), **Version**: ^2.88.0 --- #### 2.3.2) Task Action: Cleanup Notifications Remove unimportant information from github response [./code_modules/fix-vulnerabilities/code_modules/get-active-notifications/code_modules/cleanup-notifications](code_modules/fix-vulnerabilities/code_modules/get-active-notifications/code_modules/cleanup-notifications) --- ### 2.4) Procedure Task: Select Vulnerable Repositories Skip unrelated notifications [./code_modules/fix-vulnerabilities/code_modules/select-vulnerable-repositories](code_modules/fix-vulnerabilities/code_modules/select-vulnerable-repositories) --- ### 2.5) Procedure Task: Select Npm Repositories Select repositories in npm format only [./code_modules/fix-vulnerabilities/code_modules/select-npm-repositories](code_modules/fix-vulnerabilities/code_modules/select-npm-repositories) - **Modules**: - **Name**: [path](https://nodejs.org/api/path.html) - **Name**: [fs](https://nodejs.org/api/fs.html) --- ### 2.6) Procedure Task: Clone selected repositories via git all updates are performed on the local system via standard utilities [./code_modules/fix-vulnerabilities/code_modules/clone-selected-repositories-via-git](code_modules/fix-vulnerabilities/code_modules/clone-selected-repositories-via-git) - **Dependencies**: - **Name**: [shelljs](https://www.npmjs.com/package/shelljs), **Version**: ^0.8.3 --- ### 2.7) Procedure Task: Run npm update Update NPM Package using npm-update [./code_modules/fix-vulnerabilities/code_modules/run-npm-update](code_modules/fix-vulnerabilities/code_modules/run-npm-update) - **Dependencies**: - **Name**: [npm](https://www.npmjs.com/package/npm), **Version**: ^6.10.1 - **Modules**: - **Name**: [path](https://nodejs.org/api/path.html) - **Name**: [fs](https://nodejs.org/api/fs.html) --- ### 2.8) Procedure Task: Update NPM License Update license field [./code_modules/fix-vulnerabilities/code_modules/update-npm-license](code_modules/fix-vulnerabilities/code_modules/update-npm-license) --- #### 2.8.1) Task Action: Set npm license Apply new license to the license field in package.json [./code_modules/fix-vulnerabilities/code_modules/update-npm-license/code_modules/set-npm-license](code_modules/fix-vulnerabilities/code_modules/update-npm-license/code_modules/set-npm-license) - **Parameters**: (license='GPLv3', bork = true) - **Dependencies**: - **Name**: [npm](https://www.npmjs.com/package/npm), **Version**: ^6.10.1 - **Modules**: - **Name**: [path](https://nodejs.org/api/path.html) - **Name**: [fs](https://nodejs.org/api/fs.html) --- ### 2.9) Procedure Task: Run standard npm update Ensure all packages are up to date [./code_modules/fix-vulnerabilities/code_modules/run-standard-npm-update](code_modules/fix-vulnerabilities/code_modules/run-standard-npm-update) - **Dependencies**: - **Name**: [npm](https://www.npmjs.com/package/npm), **Version**: ^6.10.1 --- ### 2.10) Procedure Task: Npm Audit and Fix Perform NPM Audit using npm [./code_modules/fix-vulnerabilities/code_modules/npm-audit-and-fix](code_modules/fix-vulnerabilities/code_modules/npm-audit-and-fix) - **Dependencies**: - **Name**: [npm](https://www.npmjs.com/package/npm), **Version**: ^6.10.1 --- ### 2.11) Procedure Task: Publish Package Update to npmjs save data to npm [./code_modules/fix-vulnerabilities/code_modules/publish-package-update-to-npmjs](code_modules/fix-vulnerabilities/code_modules/publish-package-update-to-npmjs) - **Dependencies**: - **Name**: [npm](https://www.npmjs.com/package/npm), **Version**: ^6.10.1 --- ### 2.12) Procedure Task: Publish Code Updates to github save data to github [./code_modules/fix-vulnerabilities/code_modules/publish-code-updates-to-github](code_modules/fix-vulnerabilities/code_modules/publish-code-updates-to-github) - **Dependencies**: - **Name**: [shelljs](https://www.npmjs.com/package/shelljs), **Version**: ^0.8.3