scanner-cli
scanner-cli copied to clipboard
hawkeyesec
Scan Hawkeye with Hawkeye
Description
Do a self scan
Fixes #128
Type of change
- [x] New feature (non-breaking change which adds functionality)
Toolchain
- [x] Other
How Has This Been Tested?
Just run ./bin/hawkeye scan in hawkeyesec/scanner-cli project root
Test Configuration:
- Toolchain: nodejs v11.6.0
- SDK (incl. version):
- OS version: MacOS
Checklist:
- [x] My code follows the style guidelines of this project
- [x] I have performed a self-review of my own code
- [x] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [ ] I have added tests that prove my fix is effective or that my feature works
- [x] New and existing unit tests pass locally with my changes
Now it's failing:
module level code offender description mitigation
---------------- ------ ----------------------------- ---------- ------------------------------------------------ ---------------------------------------
node-npmoutdated medium node-npmoutdated-semver-2 semver Module is one or more minor versions out of date Upgrade to v6.2.0 (Current: v6.1.1)
node-npmoutdated medium node-npmoutdated-superagent-2 superagent Module is one or more minor versions out of date Upgrade to v5.1.0 (Current: v5.0.5)
node-npmoutdated low node-npmoutdated-lodash-3 lodash Module is one or more patch versions out of date Upgrade to v4.17.14 (Current: v4.17.11)
Need to figure out what would be the proper fix. Ideas?
Look like it would be nice to have minimal level per module configuration...
I will change this a bit in the sense that I'll have the check run as a nightly cron job, instead of every build. I do recommend this to teams, so it makes sense to have it here as well :)
For this, I'll modify the setup for the nightly OWASP update build to listen to another env variable so that they don't clash.
