-
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path03-export-tables-dependencies.ps1
54 lines (52 loc) · 2.05 KB
/
03-export-tables-dependencies.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
$cacheFile = "report.json"
$report = (Get-Content -raw -Path $cacheFile) | ConvertFrom-Json -AsHashtable
# Find all extensions that rely on a vulnerable task-lib
$totalvulnerabilitiescount = 0
$tasklibvulnerabilitiescount = 0
$vulnerabletasks = 0
$tasklibvulnerableTasks = 0
foreach ($extension in $report.extensions)
{
$vulnerable = $false
$tasklibvulnerable = $false
foreach ($task in $extension.tasks)
{
foreach ($version in $task.versions) {
if ($null -ne $version.jsTasklibVersion) {
if ($version.vulnerableDependencies)
{
foreach ($dependency in $version.vulnerableDependencies)
{
foreach ($vulnerability in $dependency.vulnerabilities)
{
foreach ($source in $vulnerability.from)
{
if (($source -like "vsts-task-lib@*") `
-or ($source -like "vso-task-lib@*") `
-or ($source -like "azure-pipelines-task-lib@*") `
-or ($source -like "azure-pipelines-tool-lib@*"))
{
$tasklibvulnerabilitiescount = $tasklibvulnerabilitiescount + 1
$tasklibvulnerable = $true
break;
}
}
$totalvulnerabilitiescount = $totalvulnerabilitiescount + 1
$vulnerable = $true
}
}
}
}
}
}
if ($vulnerable)
{
$vulnerabletasks = $vulnerabletasks + 1
}
if ($tasklibvulnerable)
{
$tasklibvulnerableTasks = $tasklibvulnerableTasks + 1
}
}
write-host "$tasklibvulnerabilitiescount / $totalvulnerabilitiescount"
write-host "$tasklibvulnerableTasks / $vulnerabletasks"