Merge pull request #195 from SocketDev/cg/addThreatFeedCommand

Add threat feed command

Author: charliegerard

.dep-stats.json

@@ -27,7 +27,7 @@
     "bundle-name": "^4.1.0",
     "camelcase": "^8.0.0",
     "chalk": "^5.3.0",
-    "cli-cursor": "^4.0.0",
+    "cli-cursor": "^5.0.0",
     "configstore": "^7.0.0",
     "default-browser": "^5.2.1",
     "default-browser-id": "^5.0.0",
@@ -56,7 +56,9 @@
     "latest-version": "^9.0.0",
     "log-symbols": "^6.0.0",
     "meow": "^13.2.0",
+    "mimic-function": "^5.0.0",
     "npm-run-path": "^5.2.0",
+    "onetime": "^5.1.0",
     "open": "^10.1.0",
     "ora": "^8.0.1",
     "package-json": "^10.0.0",
@@ -66,11 +68,11 @@
     "pretty-ms": "^9.0.0",
     "pupa": "^3.1.0",
     "registry-url": "^6.0.1",
-    "restore-cursor": "^4.0.0",
+    "restore-cursor": "^5.0.0",
     "run-applescript": "^7.0.0",
     "semver-diff": "^4.0.0",
     "slash": "^5.1.0",
-    "stdin-discarder": "^0.2.1",
+    "stdin-discarder": "^0.2.2",
     "string-width": "^7.0.0",
     "strip-ansi": "^7.1.0",
     "strip-final-newline": "^4.0.0",
@@ -98,7 +100,7 @@
     "cli-spinners": "^2.9.2",
     "cross-spawn": "^7.0.3",
     "dot-prop": "^9.0.0",
-    "eastasianwidth": "^0.2.0",
+    "eastasianwidth": "^0.3.0",
     "emoji-regex": "^10.3.0",
     "fast-glob": "^3.3.2",
     "graceful-fs": "^4.2.6",
@@ -127,7 +129,7 @@
     "cli-spinners": "^2.9.2",
     "cross-spawn": "^7.0.3",
     "dot-prop": "^9.0.0",
-    "eastasianwidth": "^0.2.0",
+    "eastasianwidth": "^0.3.0",
     "emoji-regex": "^10.3.0",
     "fast-glob": "^3.3.2",
     "graceful-fs": "^4.2.6",

src/commands/diff-scan/get.ts

@@ -11,7 +11,7 @@ import { getDefaultKey } from '../../utils/sdk'
 import type { CliSubcommand } from '../../utils/meow-with-subcommands'
 import type { Ora } from 'ora'
 import { AuthError } from '../../utils/errors'
-import { handleAPIError, queryAPI } from '../../utils/api-helpers'
+import { handleAPIError, queryOrgsAPI } from '../../utils/api-helpers'
 
 export const get: CliSubcommand = {
   description: 'Get a diff scan for an organization',
@@ -142,7 +142,7 @@ async function getDiffScan(
   spinner: Ora, 
   apiKey: string,
 ): Promise<void> {
-  const response = await queryAPI(`${orgSlug}/full-scans/diff?before=${before}&after=${after}&preview`, apiKey)
+  const response = await queryOrgsAPI(`${orgSlug}/full-scans/diff?before=${before}&after=${after}&preview`, apiKey)
   const data = await response.json();
 
   if(!response.ok){

src/commands/index.ts

@@ -15,3 +15,4 @@ export * from './repos'
 export * from './dependencies'
 export * from './analytics'
 export * from './diff-scan'
+export * from './threat-feed'

src/commands/threat-feed.ts

@@ -0,0 +1,207 @@
+/* Not a fan of adding the no-check, mainly doing it because 
+  the types associated with the blessed packages 
+  create some type errors 
+*/
+// @ts-nocheck
+// @ts-ignore
+import blessed from 'blessed'
+// @ts-ignore
+import contrib from 'blessed-contrib'
+import meow from 'meow'
+import ora from 'ora'
+
+import { outputFlags } from '../flags'
+import { printFlagList } from '../utils/formatting'
+import { getDefaultKey } from '../utils/sdk'
+
+import type { CliSubcommand } from '../utils/meow-with-subcommands'
+import type { Ora } from 'ora'
+import { AuthError } from '../utils/errors'
+import { queryAPI } from '../utils/api-helpers'
+
+export const threatFeed: CliSubcommand = {
+  description: 'Look up the threat feed',
+  async run(argv, importMeta, { parentName }) {
+    const name = parentName + ' threat-feed'
+
+    const input = setupCommand(name, threatFeed.description, argv, importMeta)
+    if (input) {
+      const apiKey = getDefaultKey()
+      if(!apiKey){
+        throw new AuthError("User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.")
+      }
+      const spinner = ora(`Looking up the threat feed \n`).start()
+      await fetchThreatFeed(input, spinner, apiKey)
+    }
+  }
+}
+
+const threatFeedFlags = {
+  perPage: {
+    type: 'number',
+    shortFlag: 'pp',
+    default: 30,
+    description: 'Number of items per page'
+  },
+  page: {
+    type: 'string',
+    shortFlag: 'p',
+    default: '1',
+    description: 'Page token'
+  },
+  direction: {
+    type: 'string',
+    shortFlag: 'd',
+    default: 'desc',
+    description: 'Order asc or desc by the createdAt attribute.'
+  },
+  filter: {
+    type: 'string',
+    shortFlag: 'f',
+    default: 'mal',
+    description: 'Filter what type of threats to return'
+  }
+}
+
+// Internal functions
+
+type CommandContext = {
+  outputJson: boolean
+  outputMarkdown: boolean
+  per_page: number
+  page: string
+  direction: string
+  filter: string
+}
+
+function setupCommand(
+  name: string,
+  description: string,
+  argv: readonly string[],
+  importMeta: ImportMeta
+): CommandContext | undefined {
+  const flags: { [key: string]: any } = {
+    ...threatFeedFlags,
+    ...outputFlags
+  }
+
+  const cli = meow(
+    `
+    Usage
+      $ ${name}
+
+    Options
+      ${printFlagList(flags, 6)}
+
+    Examples
+      $ ${name}
+      $ ${name} --perPage=5 --page=2 --direction=asc --filter=joke
+  `,
+    {
+      argv,
+      description,
+      importMeta,
+      flags
+    }
+  )
+
+  const {
+    json: outputJson,
+    markdown: outputMarkdown,
+    perPage: per_page,
+    page,
+    direction,
+    filter
+  } = cli.flags
+
+  return <CommandContext>{
+    outputJson,
+    outputMarkdown,
+    per_page,
+    page,
+    direction,
+    filter
+  }
+}
+
+type ThreatResult =     {
+  createdAt: string
+  description: string
+  id: number,
+  locationHtmlUrl: string
+  packageHtmlUrl: string
+  purl: string
+  removedAt: string
+  threatType: string
+}
+
+async function fetchThreatFeed(
+  { per_page, page, direction, filter, outputJson }: CommandContext,
+  spinner: Ora,
+  apiKey: string
+): Promise<void> {
+  const formattedQueryParams = formatQueryParams({ per_page, page, direction, filter }).join('&')
+  
+  const response = await queryAPI(`threat-feed?${formattedQueryParams}`, apiKey)
+  const data: {results: ThreatResult[], nextPage: string} = await response.json();
+
+  spinner.stop()
+
+  if(outputJson){
+    return console.log(data)
+  }
+
+  const screen = blessed.screen()
+
+  var table = contrib.table({ 
+    keys: 'true', 
+    fg: 'white', 
+    selectedFg: 'white', 
+    selectedBg: 'magenta',
+    interactive: 'true', 
+    label: 'Threat feed', 
+    width: '100%', 
+    height: '100%', 
+    border: {
+      type: "line", 
+      fg: "cyan"
+    }, 
+    columnSpacing: 3, //in chars 
+    columnWidth: [9, 30, 10, 17, 13, 100] /*in chars*/ 
+  })
+
+  // allow control the table with the keyboard
+  table.focus()
+
+  screen.append(table)
+  
+  const formattedOutput = formatResults(data.results)
+
+  table.setData({ headers: ['Ecosystem', 'Name', 'Version', 'Threat type', 'Detected at', 'Details'], data: formattedOutput })
+
+  screen.render()
+
+  screen.key(['escape', 'q', 'C-c'], () => process.exit(0))
+}
+
+const formatResults = (data: ThreatResult[]) => {
+  return data.map(d => {
+    const ecosystem = d.purl.split('pkg:')[1].split('/')[0]
+    const name = d.purl.split('/')[1].split('@')[0]
+    const version = d.purl.split('@')[1]
+
+    const timeStart = new Date(d.createdAt);
+    const timeEnd = new Date()
+
+    const diff = getHourDiff(timeStart, timeEnd)
+    const hourDiff = diff > 0 ? `${diff} hours ago` : `${getMinDiff(timeStart, timeEnd)} minutes ago`
+  
+    return [ecosystem, decodeURIComponent(name), version, d.threatType, hourDiff, d.locationHtmlUrl]
+  })
+}
+
+const formatQueryParams = (params: any) => Object.entries(params).map(entry => `${entry[0]}=${entry[1]}`)
+
+const getHourDiff = (start, end) => Math.floor((end - start) / 3600000)
+
+const getMinDiff = (start, end) => Math.floor((end - start) / 60000)

src/utils/api-helpers.ts

@@ -56,11 +56,20 @@ export async function handleAPIError(code: number) {
 
 const API_V0_URL = 'https://api.socket.dev/v0'
 
-export async function queryAPI(path: string, apiKey: string) {
+export async function queryOrgsAPI(path: string, apiKey: string) {
   return await fetch(`${API_V0_URL}/orgs/${path}`, {
     method: 'GET', 
     headers: {
       'Authorization': 'Basic ' + btoa(`${apiKey}:${apiKey}`)
     }
   });
+}
+
+export async function queryAPI(path: string, apiKey: string) {
+  return await fetch(`${API_V0_URL}/${path}`, {
+    method: 'GET', 
+    headers: {
+      'Authorization': 'Basic ' + btoa(`${apiKey}:${apiKey}`)
+    }
+  });
 }