adopt pretty-json-stringify w/ types

GoogleChrome · May 18, 2018 · d4df09d · brendankenny · May 18, 2018 · d4df09d
1 parent 8134866
commit d4df09d
Show file tree

Hide file tree

Showing 3 changed files with 53 additions and 26 deletions.
diff --git a/lighthouse-core/scripts/cleanup-vuln-snapshot.js b/lighthouse-core/scripts/cleanup-vuln-snapshot.js
@@ -10,6 +10,7 @@
 /** @fileoverview Read in the snyk snapshot, remove whatever we don't need, write it back */
 
 const {readFileSync, writeFileSync} = require('fs');
+const prettyJSONStringify = require('pretty-json-stringify');
 
 const filename = process.argv[2];
 if (!filename) throw new Error('No filename provided.');
@@ -19,12 +20,14 @@ const output = cleanAndFormat(data);
 JSON.parse(output); // make sure it's parseable
 writeFileSync(filename, output, 'utf8');
 
+/** @typedef {import('../audits/dobetterweb/no-vulnerable-libraries.js').SnykDB} SnykDB */
+
 /**
  * @param {string} vulnString
  * @return {string}
  */
 function cleanAndFormat(vulnString) {
-  const snapshot = JSON.parse(vulnString);
+  const snapshot = /** @type {!SnykDB} */ (JSON.parse(vulnString));
   for (const libEntries of Object.values(snapshot.npm)) {
     libEntries.forEach((entry, i) => {
       const pruned = {
@@ -33,13 +36,17 @@ function cleanAndFormat(vulnString) {
         semver: {vulnerable: entry.semver.vulnerable},
       };
 
-      libEntries[i] = `SUPERHACKB${JSON.stringify(pruned)}SUPERHACKN`;
+      libEntries[i] = pruned;
     });
   }
 
-  const out = JSON.stringify(snapshot, null, 2);
-  return out.replace(/"SUPERHACKB(.*?)SUPERHACKN"/g, function(_, s) {
-    const orig = JSON.parse(JSON.parse(`"${s}"`));
-    return JSON.stringify(orig);
+  // Normal pretty JSON-stringify has too many newlines. This strikes the right signal:noise ratio
+  return prettyJSONStringify(snapshot, {
+    tab: '  ',
+    spaceBeforeColon: '',
+    spaceAfterColon: '',
+    spaceAfterComma: '',
+    spaceInsideObject: '',
+    shouldExpand: (_, level) => level < 3,
   });
 }
diff --git a/third-party/snyk/snapshot.json b/third-party/snyk/snapshot.json
@@ -1,6 +1,6 @@
 {
-  "npm": {
-    "angular": [
+  "npm":{
+    "angular":[
       {"id":"npm:angular:20130621","severity":"medium","semver":{"vulnerable":["<=1.1.5"]}},
       {"id":"npm:angular:20130622","severity":"medium","semver":{"vulnerable":["<1.2.0 >=1.0.0"]}},
       {"id":"npm:angular:20130625","severity":"high","semver":{"vulnerable":["<1.1.5"]}},
@@ -22,80 +22,80 @@
       {"id":"npm:angular:20171018","severity":"medium","semver":{"vulnerable":["<1.6.7"]}},
       {"id":"npm:angular:20180202","severity":"medium","semver":{"vulnerable":["<1.6.9"]}}
     ],
-    "backbone": [
+    "backbone":[
       {"id":"npm:backbone:20110701","severity":"medium","semver":{"vulnerable":["<0.5.0"]}},
       {"id":"npm:backbone:20160523","severity":"medium","semver":{"vulnerable":["<= 0.3.3"]}}
     ],
-    "bootstrap": [
+    "bootstrap":[
       {"id":"npm:bootstrap:20120510","severity":"medium","semver":{"vulnerable":["<2.1.0"]}},
       {"id":"npm:bootstrap:20160627","severity":"medium","semver":{"vulnerable":["<3.4.0 || >=4.0.0-alpha <4.0.0-beta.2"]}}
     ],
-    "dojo": [
+    "dojo":[
       {"id":"npm:dojo:20090409","severity":"medium","semver":{"vulnerable":["<1.1"]}},
       {"id":"npm:dojo:20100614","severity":"high","semver":{"vulnerable":[">=0.4 <0.4.4 || >=1.0 <1.0.3 || >=1.1 <1.1.2 || >=1.2 <1.2.4 || >=1.3 <1.3.3 || >=1.4 <1.4.2"]}},
       {"id":"npm:dojo:20100614-6","severity":"medium","semver":{"vulnerable":["<1.4.2"]}},
       {"id":"npm:dojo:20160523","severity":"medium","semver":{"vulnerable":["<= 1.0.0"]}}
     ],
-    "foundation-sites": [
+    "foundation-sites":[
       {"id":"npm:foundation-sites:20120717","severity":"medium","semver":{"vulnerable":["<3.0.6 >=3.0.0"]}},
       {"id":"npm:foundation-sites:20150619","severity":"medium","semver":{"vulnerable":["<5.5.3"]}},
       {"id":"npm:foundation-sites:20170802","severity":"medium","semver":{"vulnerable":["<6.0.0"]}}
     ],
-    "handlebars": [
+    "handlebars":[
       {"id":"npm:handlebars:20110425","severity":"medium","semver":{"vulnerable":["<=1.0.0-beta.3"]}},
       {"id":"npm:handlebars:20151207","severity":"medium","semver":{"vulnerable":["<4.0.0"]}}
     ],
-    "highcharts": [
+    "highcharts":[
       {"id":"npm:highcharts:20180225","severity":"low","semver":{"vulnerable":["<=6.0.7"]}}
     ],
-    "jquery": [
+    "jquery":[
       {"id":"npm:jquery:20110606","severity":"medium","semver":{"vulnerable":["<1.6.3"]}},
       {"id":"npm:jquery:20120206","severity":"medium","semver":{"vulnerable":["<1.9.0 >=1.7.1"]}},
       {"id":"npm:jquery:20140902","severity":"medium","semver":{"vulnerable":["<=1.5.1 >=1.4.2"]}},
       {"id":"npm:jquery:20150627","severity":"medium","semver":{"vulnerable":["<3.0.0-beta1 >1.12.3 || <1.12.0 >=1.4.0"]}},
       {"id":"npm:jquery:20160529","severity":"low","semver":{"vulnerable":["=3.0.0-rc.1"]}}
     ],
-    "jquery-mobile": [
+    "jquery-mobile":[
       {"id":"npm:jquery-mobile:20120802","severity":"medium","semver":{"vulnerable":["<1.2.0"]}}
     ],
-    "jquery-ui": [
+    "jquery-ui":[
       {"id":"npm:jquery-ui:20100903","severity":"medium","semver":{"vulnerable":["<1.10.0"]}},
       {"id":"npm:jquery-ui:20121127","severity":"medium","semver":{"vulnerable":["<1.10.0"]}},
       {"id":"npm:jquery-ui:20160721","severity":"high","semver":{"vulnerable":["<=1.11.4"]}}
     ],
-    "knockout": [
+    "knockout":[
       {"id":"npm:knockout:20130701","severity":"medium","semver":{"vulnerable":["<3.0.0 >=2.1.0-pre"]}},
       {"id":"npm:knockout:20180213","severity":"medium","semver":{"vulnerable":["<3.5.0-beta"]}}
     ],
-    "lodash": [
+    "lodash":[
       {"id":"npm:lodash:20180130","severity":"low","semver":{"vulnerable":["<4.17.5"]}}
     ],
-    "moment": [
+    "moment":[
       {"id":"npm:moment:20160126","severity":"low","semver":{"vulnerable":["<=2.11.1"]}},
       {"id":"npm:moment:20161019","severity":"medium","semver":{"vulnerable":["<2.15.2"]}},
       {"id":"npm:moment:20170905","severity":"low","semver":{"vulnerable":["<2.19.3"]}}
     ],
-    "mustache": [
+    "mustache":[
       {"id":"npm:mustache:20110814","severity":"medium","semver":{"vulnerable":["< 0.3.1"]}},
       {"id":"npm:mustache:20151207","severity":"medium","semver":{"vulnerable":["<2.2.1"]}}
     ],
-    "react": [
+    "react":[
       {"id":"npm:react:20131217","severity":"medium","semver":{"vulnerable":[">=0.5.0 <0.5.2 || >=0.4.0 <0.4.2"]}},
       {"id":"npm:react:20150318","severity":"high","semver":{"vulnerable":["<0.14.0"]}}
     ],
-    "riot": [
+    "riot":[
       {"id":"npm:riot:20131114","severity":"medium","semver":{"vulnerable":["<0.9.6"]}}
     ],
-    "socket.io": [
+    "socket.io":[
       {"id":"npm:socket.io:20120323","severity":"medium","semver":{"vulnerable":["<0.9.7"]}},
       {"id":"npm:socket.io:20120417","severity":"medium","semver":{"vulnerable":["<0.9.6"]}}
     ],
-    "vue": [
+    "vue":[
       {"id":"npm:vue:20170401","severity":"medium","semver":{"vulnerable":["<2.3.0-beta.1"]}},
       {"id":"npm:vue:20170829","severity":"medium","semver":{"vulnerable":["<2.4.3"]}},
       {"id":"npm:vue:20180222","severity":"low","semver":{"vulnerable":["<=2.5.14"]}}
     ],
-    "yui": [
+    "yui":[
       {"id":"npm:yui:20101025","severity":"medium","semver":{"vulnerable":["<2.8.2 >=2.4.0"]}},
       {"id":"npm:yui:20120428","severity":"medium","semver":{"vulnerable":["<3.5.1 >=3.5.0-PR1"]}},
       {"id":"npm:yui:20121030","severity":"medium","semver":{"vulnerable":["<3.0.0 >=2.4.0"]}},

diff --git a/typings/pretty-json-stringify/index.d.ts b/typings/pretty-json-stringify/index.d.ts
@@ -0,0 +1,20 @@
+/**
+ * @license Copyright 2018 Google Inc. All Rights Reserved.
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+ * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
+ */
+
+declare module 'pretty-json-stringify' {
+  interface Params {
+    tab?: string;
+    spaceBeforeColon?: string;
+    spaceAfterColon?: string;
+    spaceAfterComma?: string;
+    spaceInsideObject?: string;
+    spaceInsideArray?: string;
+    shouldExpand?(obj: Object, level: number, index: string): Boolean;
+  }
+
+  function stringify(object: Object, params: Params): string;
+  export = stringify;
+}