diff --git a/index.js b/index.js
index b1b5777..5328454 100644
--- a/index.js
+++ b/index.js
@@ -29,13 +29,12 @@ const packageLockJson = JSON.parse(rawDataPackageLock);
let tableOutput = [];
let htmlOutput = '';
-// Check direct package dep
+
vulnJson.packages.forEach(vulnPackage => {
console.log("Package: " + vulnPackage.name + ' (' + vulnPackage.version + ")");
for (var packageName in packageLockJson.packages) {
- // Check if direct package is vuln
if (packageName.includes(vulnPackage.name)) {
var isVuln = packageLockJson.packages[packageName].version == vulnPackage.version ? "[VULNERABLE] " : "[OK] ";
var sameMajor = cleanVersion(packageLockJson.packages[packageName].version).split('.')[0] == vulnPackage.version.split('.')[0];
@@ -51,7 +50,6 @@ vulnJson.packages.forEach(vulnPackage => {
}
- // Check if dependencies are vuln
for (var dependencyName in packageLockJson.packages[packageName].dependencies) {
if (dependencyName.includes(vulnPackage.name)) {
var isVuln = packageLockJson.packages[packageName].dependencies[dependencyName] == vulnPackage.version ? "[VULNERABLE] " : "[OK] ";
@@ -69,7 +67,6 @@ vulnJson.packages.forEach(vulnPackage => {
}
}
- // Check if dev-Dependencies are vuln
for (var dependencyName in packageLockJson.packages[packageName].devDependencies) {
if (dependencyName.includes(vulnPackage.name)) {
var isVuln = packageLockJson.packages[packageName].devDependencies[dependencyName] == vulnPackage.version ? "[VULNERABLE] " : "[OK] ";
@@ -88,7 +85,6 @@ vulnJson.packages.forEach(vulnPackage => {
}
}
- //console.table(tableOutput);
htmlOutput += "" + vulnPackage.name + "
"
htmlOutput += tableify(tableOutput)
tableOutput = [];