70 lines
1.7 KiB
Bash
Executable File
70 lines
1.7 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Load shared libraries
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
source "$SCRIPT_DIR/../lib/init.sh"
|
|
|
|
# Dependency Audit Script
|
|
# Audits dependencies across all projects for security vulnerabilities
|
|
|
|
set -e
|
|
|
|
echo "🔍 Auditing dependencies across all projects..."
|
|
|
|
PROJECTS_DIR="."
|
|
AUDITED=0
|
|
VULNERABILITIES=0
|
|
|
|
audit_project() {
|
|
local project=$1
|
|
|
|
if [ -f "$project/package.json" ]; then
|
|
cd "$project"
|
|
|
|
echo "🔍 Auditing $project..."
|
|
|
|
if command -v npm &> /dev/null; then
|
|
if npm audit --audit-level=moderate 2>/dev/null; then
|
|
echo " ✅ $project - No vulnerabilities"
|
|
else
|
|
echo " ⚠️ $project - Vulnerabilities found"
|
|
((VULNERABILITIES++))
|
|
fi
|
|
((AUDITED++))
|
|
elif command -v pnpm &> /dev/null; then
|
|
if pnpm audit --audit-level=moderate 2>/dev/null; then
|
|
echo " ✅ $project - No vulnerabilities"
|
|
else
|
|
echo " ⚠️ $project - Vulnerabilities found"
|
|
((VULNERABILITIES++))
|
|
fi
|
|
((AUDITED++))
|
|
fi
|
|
|
|
cd ..
|
|
fi
|
|
}
|
|
|
|
echo "📋 Auditing projects..."
|
|
|
|
# Audit all projects with package.json
|
|
for dir in */; do
|
|
if [ -d "$dir" ] && [ "$dir" != "node_modules/" ] && [ "$dir" != ".git/" ] && [ "$dir" != "scripts/" ]; then
|
|
audit_project "$dir"
|
|
fi
|
|
done
|
|
|
|
echo ""
|
|
echo "📊 Audit Summary:"
|
|
echo " ✅ Audited: $AUDITED"
|
|
echo " ⚠️ With vulnerabilities: $VULNERABILITIES"
|
|
|
|
if [ $VULNERABILITIES -gt 0 ]; then
|
|
echo ""
|
|
echo "⚠️ Some projects have vulnerabilities. Run 'npm audit fix' or 'pnpm audit fix' in affected projects."
|
|
exit 1
|
|
fi
|
|
|
|
echo "✅ All dependencies secure!"
|
|
|