fix(core): update

2018-12-24 02:13:04 +01:00 · 2018-12-24 02:13:04 +01:00 · 524b405773
commit 524b405773
parent 0d19c1c68d
4 changed files with 31 additions and 4 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -34,6 +34,28 @@ snyk:
  - docker
  - notpriv

+sast:
+  stage: security
+  image: docker:stable
+  variables:
+    DOCKER_DRIVER: overlay2
+  allow_failure: true
+  services:
+    - docker:stable-dind
+  script:
+    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run
+        --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
+        --volume "$PWD:/code"
+        --volume /var/run/docker.sock:/var/run/docker.sock
+        "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
+  artifacts:
+    reports:
+      sast: gl-sast-report.json
+  tags:
+  - docker
+  - priv
+
 # ====================
 # test stage
 # ====================
--- a/package.json
+++ b/package.json
@ -55,4 +55,4 @@
    "smartsocket": "^1.1.19",
    "through2": "^3.0.0"
  }
-}
+}
--- a/ts/mod_git/index.ts
+++ b/ts/mod_git/index.ts
@ -28,11 +28,14 @@ export let mirror = async () => {
  const githubToken = process.env.NPMCI_GIT_GITHUBTOKEN;
  const githubUser = process.env.NPMCI_GIT_GITHUBGROUP || repo.user;
  const githubRepo = process.env.NPMCI_GIT_GITHUB || repo.repo;
-  if(
+  if (
    configObject.projectInfo.npm.packageJson.private === true ||
    configObject.npmAccessLevel === 'private'
  ) {
-    logger.log('warn', `refusing to mirror due to private property use a private mirror location instead`);
+    logger.log(
+      'warn',
+      `refusing to mirror due to private property use a private mirror location instead`
+    );
    return;
  }
  if (githubToken) {
--- a/ts/mod_npm/index.ts
+++ b/ts/mod_npm/index.ts
@ -42,7 +42,9 @@ const prepare = async () => {
  await plugins.smartparam.forEachMinimatch(process.env, 'NPMCI_TOKEN_NPM*', npmEnvArg => {
    const npmRegistryUrl = npmEnvArg.split('|')[0];
    const npmToken = npmEnvArg.split('|')[1];
-    npmrcFileString += `//${npmRegistryUrl}/:_authToken="${plugins.smartstring.base64.decode(npmToken)}"\n`;
+    npmrcFileString += `//${npmRegistryUrl}/:_authToken="${plugins.smartstring.base64.decode(
+      npmToken
+    )}"\n`;
  });
  logger.log('info', `setting default npm registry to ${config.npmRegistryUrl}`);
  npmrcFileString += `registry=https://${config.npmRegistryUrl}\n`;