const fs = require('fs');
const path = require('path');
const tableify = require('tableify');

// Parse command line arguments
const args = process.argv.slice(2);
if (args.length === 2) {
    vulnPath = path.resolve(args[0]);
    pkgLockPath = path.resolve(args[1]);
} else {

}

function cleanVersion(version) {
    if (version.startsWith('^')) {
        return version.slice(1);
    } else if (version.startsWith('~')) {
        return version.slice(1);
    } else {
        return version;
    }
}

const rawDataVuln = fs.readFileSync(vulnPath, 'utf8');
const rawDataPackageLock = fs.readFileSync(pkgLockPath, 'utf8');

const vulnJson = JSON.parse(rawDataVuln);
const packageLockJson = JSON.parse(rawDataPackageLock);

let tableOutput = [];
let htmlOutput = '<html><head><link rel="stylesheet" type="text/css" href="style.css"></head><body>';

vulnJson.packages.forEach(vulnPackage => {
    console.log("Package: " + vulnPackage.name + ' (' + vulnPackage.version + ")");

    for (var packageName in packageLockJson.packages) {

        if (packageName.includes(vulnPackage.name)) {
            var isVuln = packageLockJson.packages[packageName].version == vulnPackage.version ? "[VULNERABLE] " : "[OK] ";
            var sameMajor = cleanVersion(packageLockJson.packages[packageName].version).split('.')[0] == vulnPackage.version.split('.')[0];
            if (sameMajor) isVuln = "[SAME MAJOR] "

            tableOutput.push({
                type: "Package",
                flag: isVuln,
                package_name: packageName,
                installed_version: packageLockJson.packages[packageName].version,
                vuln_version: vulnPackage.version
            })

        }

        for (var dependencyName in packageLockJson.packages[packageName].dependencies) {
            if (dependencyName.includes(vulnPackage.name)) {
                var isVuln = packageLockJson.packages[packageName].dependencies[dependencyName] == vulnPackage.version ? "[VULNERABLE] " : "[OK] ";
                var sameMajor = cleanVersion(packageLockJson.packages[packageName].dependencies[dependencyName]).split('.')[0] == vulnPackage.version.split('.')[0];
                if (sameMajor) isVuln = "[SAME MAJOR] "
                tableOutput.push({
                    type: "Package Dependency",
                    flag: isVuln,
                    package_name: dependencyName,
                    parent: packageName,
                    installed_version: packageLockJson.packages[packageName].dependencies[dependencyName],
                    vuln_version: vulnPackage.version,
                })

            }
        }

        for (var dependencyName in packageLockJson.packages[packageName].devDependencies) {
            if (dependencyName.includes(vulnPackage.name)) {
                var isVuln = packageLockJson.packages[packageName].devDependencies[dependencyName] == vulnPackage.version ? "[VULNERABLE] " : "[OK] ";
                var sameMajor = cleanVersion(packageLockJson.packages[packageName].devDependencies[dependencyName]).split('.')[0] == vulnPackage.version.split('.')[0];
                if (sameMajor) isVuln = "[SAME MAJOR] "
                tableOutput.push({
                    type: "Package DevDependency",
                    flag: isVuln,
                    package_name: dependencyName,
                    parent: packageName,
                    installed_version: packageLockJson.packages[packageName].devDependencies[dependencyName],
                    vuln_version: vulnPackage.version,
                });

            }
        }
    }

    htmlOutput += "<h4>" + vulnPackage.name + "</h4>"
    htmlOutput += tableify(tableOutput)
    tableOutput = [];
});

fs.writeFileSync("report.html", htmlOutput + "</body></html>");