@@ -107,39 +107,44 @@ async function getCoreIndex () {
107107 }
108108}
109109
110- function getVulnerabilityList (currentVersion, data, systemEnvironment) {
110+ const checkPlatform = platform => {
111+ const availablePlatforms = ['aix', 'darwin', 'freebsd', 'linux', 'openbsd', 'sunos', 'win32', 'android']
112+ if (platform && !availablePlatforms.includes(platform)) {
113+ throw new Error(`platform ${platform} is not valid. Please use ${availablePlatforms.join(',')}.`)
114+ }
115+ }
116+ const isSystemAffected = (platform, affectedEnvironments) => {
117+ // No platform specified (legacy mode)
118+ if (!platform || !Array.isArray(affectedEnvironments)) {
119+ return true
120+ }
121+ // If the environment is matching or all the environments are affected
122+ if (affectedEnvironments.includes(platform) || affectedEnvironments.includes('all')) {
123+ return true
124+ }
125+ // Default to false
126+ return false
127+ }
128+
129+ function getVulnerabilityList (currentVersion, data, platform) {
111130 const list = []
112131 for (const key in data) {
113132 const vuln = data[key]
133+
114134 if (
115135 (
116136 satisfies(currentVersion, vuln.vulnerable) &&
117137 !satisfies(currentVersion, vuln.patched)
118- ) && (
119- (!systemEnvironment || !Array.isArray(vuln.affectedEnvironments)) ||
120- vuln.affectedEnvironments.includes(systemEnvironment) ||
121- vuln.affectedEnvironments.includes('all')
122- )
138+ ) && isSystemAffected(platform, vuln.affectedEnvironments)
123139 ) {
124140 list.push(`${bold(vuln.cve)}: ${vuln.overview}\n${bold('Patched versions')}: ${vuln.patched}`)
125141 }
126142 }
127143 return list
128144}
129145
130- const getSystemEnvironment = (platform) => {
131- switch (platform) {
132- case 'darwin':
133- return 'osx'
134- case 'win32':
135- return 'win'
136- default:
137- return 'linux'
138- }
139- }
140-
141146async function main (currentVersion, platform) {
142- const systemEnvironment = getSystemEnvironment (platform)
147+ checkPlatform (platform)
143148 const isEOL = await isNodeEOL(currentVersion)
144149 if (isEOL) {
145150 console.error(danger)
@@ -148,7 +153,7 @@ async function main (currentVersion, platform) {
148153 }
149154
150155 const coreIndex = await getCoreIndex()
151- const list = getVulnerabilityList(currentVersion, coreIndex, systemEnvironment )
156+ const list = getVulnerabilityList(currentVersion, coreIndex, platform )
152157 if (list.length) {
153158 console.error(danger)
154159 console.error(vulnerableWarning + '\n')
@@ -181,14 +186,15 @@ async function isNodeEOL (version) {
181186 return now > end
182187}
183188
184- async function isNodeVulnerable (version, systemEnvironment) {
189+ async function isNodeVulnerable (version, platform) {
190+ checkPlatform(platform)
185191 const isEOL = await isNodeEOL(version)
186192 if (isEOL) {
187193 return true
188194 }
189195
190196 const coreIndex = await getCoreIndex()
191- const list = getVulnerabilityList(version, coreIndex, systemEnvironment )
197+ const list = getVulnerabilityList(version, coreIndex, platform )
192198 return list.length > 0
193199}
194200
@@ -41540,10 +41546,6 @@ async function run () {
4154041546 const nodeVersion = core.getInput('node-version', { required: true })
4154141547 const platform = core.getInput('platform', { required: false })
4154241548
41543- if (platform && !['linux', 'win', 'osx'].includes(platform)) {
41544- core.setFailed(`platform ${platform} is not valid. Please use linux, win or osx.`)
41545- }
41546-
4154741549 core.info(`Checking Node.js version ${nodeVersion} with platform ${platform}...`)
4154841550 const isVulnerable = await isNodeVulnerable(nodeVersion, platform)
4154941551 if (isVulnerable) {
0 commit comments