Add new view command for reports

Author: Pelle Wessman

lib/commands/info/index.js

@@ -7,8 +7,8 @@ import { ErrorWithCause } from 'pony-cause'
 
 import { ChalkOrMarkdown } from '../../utils/chalk-markdown.js'
 import { AuthError, InputError } from '../../utils/errors.js'
+import { getSeveritySummary } from '../../utils/format-issues.js'
 import { printFlagList } from '../../utils/formatting.js'
-import { stringJoinWithSeparateFinalSeparator } from '../../utils/misc.js'
 import { setupSdk } from '../../utils/sdk.js'
 
 const description = 'Look up info regarding a package'
@@ -87,7 +87,7 @@ const run = async (argv, importMeta, { parentName }) => {
 
   const spinner = ora(`Looking up data for version ${pkgVersion} of ${pkgName}`).start()
 
-  /** @type {Awaited<ReturnType<import('@socketsecurity/sdk').SocketSdk["getIssuesByNPMPackage"]>>} */
+  /** @type {Awaited<ReturnType<typeof socketSdk.getIssuesByNPMPackage>>} */
   let result
 
   try {
@@ -106,34 +106,12 @@ const run = async (argv, importMeta, { parentName }) => {
     process.exit(1)
   }
 
-  const data = result.data
-
-  /** @typedef {(typeof data)[number]["value"] extends infer U | undefined ? U : never} SocketSdkIssue */
-  /** @type {Record<SocketSdkIssue["severity"], number>} */
-  const severityCount = { low: 0, middle: 0, high: 0, critical: 0 }
-  for (const issue of data) {
-    const value = issue.value
-
-    if (!value) {
-      continue
-    }
-
-    if (severityCount[value.severity] !== undefined) {
-      severityCount[value.severity] += 1
-    }
-  }
-
-  const issueSummary = stringJoinWithSeparateFinalSeparator([
-    severityCount.critical ? severityCount.critical + ' critical' : undefined,
-    severityCount.high ? severityCount.high + ' high' : undefined,
-    severityCount.middle ? severityCount.middle + ' middle' : undefined,
-    severityCount.low ? severityCount.low + ' low' : undefined,
-  ])
+  const issueSummary = getSeveritySummary(result.data)
 
   spinner.succeed(`Found ${issueSummary || 'no'} issues for version ${pkgVersion} of ${pkgName}`)
 
   if (outputJson) {
-    console.log(JSON.stringify(data, undefined, 2))
+    console.log(JSON.stringify(result.data, undefined, 2))
     return
   }
 

lib/commands/report/index.js

@@ -1,5 +1,6 @@
 import { meowWithSubcommands } from '../../utils/meow-with-subcommands.js'
 import { create } from './create.js'
+import { view } from './view.js'
 
 const description = 'Project report related commands'
 
@@ -10,6 +11,7 @@ export const report = {
     await meowWithSubcommands(
       {
         create,
+        view,
       },
       {
         argv,

lib/commands/report/view.js

@@ -0,0 +1,144 @@
+/* eslint-disable no-console */
+
+import chalk from 'chalk'
+import meow from 'meow'
+import ora from 'ora'
+
+import { handleApiCall, handleUnsuccessfulApiResponse } from '../../utils/api-helpers.js'
+import { ChalkOrMarkdown } from '../../utils/chalk-markdown.js'
+import { InputError } from '../../utils/errors.js'
+import { getSeveritySummary } from '../../utils/format-issues.js'
+import { printFlagList } from '../../utils/formatting.js'
+import { setupSdk } from '../../utils/sdk.js'
+
+/** @type {import('../../utils/meow-with-subcommands').CliSubcommand} */
+export const view = {
+  description: 'View a project report',
+  async run (argv, importMeta, { parentName }) {
+    const name = parentName + ' view'
+
+    const input = setupCommand(name, view.description, argv, importMeta)
+    const result = input && await fetchReportData(input.reportId)
+
+    if (result) {
+      formatReportDataOutput(result.data, { name, ...input })
+    }
+  }
+}
+
+// Internal functions
+
+/**
+ * @param {string} name
+ * @param {string} description
+ * @param {readonly string[]} argv
+ * @param {ImportMeta} importMeta
+ * @returns {void|{ outputJson: boolean, outputMarkdown: boolean, reportId: string }}
+ */
+function setupCommand (name, description, argv, importMeta) {
+  // FIXME: Add examples
+  const cli = meow(`
+    Usage
+      $ ${name} <report-identifier>
+
+    Options
+      ${printFlagList({
+        '--json': 'Output result as json',
+        '--markdown': 'Output result as markdown',
+      }, 6)}
+  `, {
+    argv,
+    description,
+    importMeta,
+    flags: {
+      debug: {
+        type: 'boolean',
+        alias: 'd',
+        default: false,
+      },
+      json: {
+        type: 'boolean',
+        alias: 'j',
+        default: false,
+      },
+      markdown: {
+        type: 'boolean',
+        alias: 'm',
+        default: false,
+      },
+    }
+  })
+
+  // Extract the input
+
+  const {
+    json: outputJson,
+    markdown: outputMarkdown,
+  } = cli.flags
+
+  const [reportId, ...extraInput] = cli.input
+
+  if (!reportId) {
+    cli.showHelp()
+    return
+  }
+
+  // Validate the input
+
+  if (extraInput.length) {
+    throw new InputError(`Can only handle a single report ID at a time, but got ${cli.input.length} report ID:s: ${cli.input.join(', ')}`)
+  }
+
+  return {
+    outputJson,
+    outputMarkdown,
+    reportId,
+  }
+}
+
+/**
+ * @param {string} reportId
+ * @returns {Promise<void|import('@socketsecurity/sdk').SocketSdkReturnType<'getReport'>>}
+ */
+async function fetchReportData (reportId) {
+  // Do the API call
+
+  const socketSdk = await setupSdk()
+  const spinner = ora(`Fetching report with ID ${reportId}`).start()
+  const result = await handleApiCall(socketSdk.getReport(reportId), spinner, 'fetching report')
+
+  if (result.success === false) {
+    return handleUnsuccessfulApiResponse(result, spinner)
+  }
+
+  // Conclude the status of the API call
+
+  const issueSummary = getSeveritySummary(result.data.issues)
+  spinner.succeed(`Report contains ${issueSummary || 'no'} issues`)
+
+  return result
+}
+
+/**
+ * @param {import('@socketsecurity/sdk').SocketSdkReturnType<'getReport'>["data"]} data
+ * @param {{ name: string, outputJson: boolean, outputMarkdown: boolean, reportId: string }} context
+ * @returns {void}
+ */
+function formatReportDataOutput (data, { name, outputJson, outputMarkdown, reportId }) {
+  // If JSON, output and return...
+
+  if (outputJson) {
+    console.log(JSON.stringify(data, undefined, 2))
+    return
+  }
+
+  // ...else do the CLI / Markdown output dance
+
+  const format = new ChalkOrMarkdown(!!outputMarkdown)
+  const url = `https://socket.dev/npm/reports/${encodeURIComponent(reportId)}`
+
+  console.log('\nDetailed info on socket.dev: ' + format.hyperlink(reportId, url, { fallbackToUrl: true }))
+  if (!outputMarkdown) {
+    console.log(chalk.dim('\nOr rerun', chalk.italic(name), 'using the', chalk.italic('--json'), 'flag to get full JSON output'))
+  }
+}

lib/utils/api-helpers.js

@@ -0,0 +1,43 @@
+import chalk from 'chalk'
+import { ErrorWithCause } from 'pony-cause'
+
+import { AuthError } from './errors.js'
+
+/**
+ * @template T
+ * @param {import('@socketsecurity/sdk').SocketSdkErrorType<T>} result
+ * @param {import('ora').Ora} spinner
+ * @returns {void}
+ */
+export function handleUnsuccessfulApiResponse (result, spinner) {
+  const resultError = 'error' in result && result.error && typeof result.error === 'object' ? result.error : {}
+  const message = 'message' in resultError && typeof resultError.message === 'string' ? resultError.message : 'No error message returned'
+
+  if (result.status === 401 || result.status === 403) {
+    spinner.stop()
+    throw new AuthError(message)
+  }
+  spinner.fail(chalk.white.bgRed('API returned an error:') + ' ' + message)
+  process.exit(1)
+}
+
+/**
+ * @template T
+ * @param {Promise<T>} value
+ * @param {import('ora').Ora} spinner
+ * @param {string} description
+ * @returns {Promise<T>}
+ */
+export async function handleApiCall (value, spinner, description) {
+  /** @type {T} */
+  let result
+
+  try {
+    result = await value
+  } catch (cause) {
+    spinner.fail()
+    throw new ErrorWithCause(`Failed ${description}`, { cause })
+  }
+
+  return result
+}

lib/utils/format-issues.js

@@ -0,0 +1,44 @@
+/** @typedef {import('@socketsecurity/sdk').SocketSdkReturnType<'getIssuesByNPMPackage'>['data']} SocketIssueList */
+/** @typedef {SocketIssueList[number]['value'] extends infer U | undefined ? U : never} SocketIssue */
+
+import { stringJoinWithSeparateFinalSeparator } from './misc.js'
+
+/**
+ * @param {SocketIssueList} issues
+ * @returns {Record<SocketIssue['severity'], number>}
+ */
+function getSeverityCount (issues) {
+  /** @type {Record<SocketIssue['severity'], number>} */
+  const severityCount = { low: 0, middle: 0, high: 0, critical: 0 }
+
+  for (const issue of issues) {
+    const value = issue.value
+
+    if (!value) {
+      continue
+    }
+
+    if (severityCount[value.severity] !== undefined) {
+      severityCount[value.severity] += 1
+    }
+  }
+
+  return severityCount
+}
+
+/**
+ * @param {SocketIssueList} issues
+ * @returns {string}
+ */
+export function getSeveritySummary (issues) {
+  const severityCount = getSeverityCount(issues)
+
+  const issueSummary = stringJoinWithSeparateFinalSeparator([
+    severityCount.critical ? severityCount.critical + ' critical' : undefined,
+    severityCount.high ? severityCount.high + ' high' : undefined,
+    severityCount.middle ? severityCount.middle + ' middle' : undefined,
+    severityCount.low ? severityCount.low + ' low' : undefined,
+  ])
+
+  return issueSummary
+}