#!/usr/bin/env node /** * Classifies npm advisory findings into report-only findings and hard blockers. */ export type VulnerabilityAdvisory = { id: string; severity: string; title: string; url: string; vulnerable_versions: string; }; export type VulnerabilityFinding = VulnerabilityAdvisory & { malware: boolean; packageName: string; production: boolean; }; export function classifyVulnerabilityFindings({ allAdvisories, productionAdvisories, }: { allAdvisories: Record; productionAdvisories: Record; }): { blockers: VulnerabilityFinding[]; findings: VulnerabilityFinding[]; }; /** * Runs the dependency vulnerability gate against pnpm-lock.yaml. */ export function runDependencyVulnerabilityGate({ rootDir, fetchImpl, }?: { rootDir?: string | undefined; fetchImpl?: typeof fetch | undefined; }): Promise<{ blockers: VulnerabilityFinding[]; findings: VulnerabilityFinding[]; generatedAt: string; policy: { blocks: string[]; reports: string[]; vulnerabilityExceptions: boolean; }; graphs: { all: { packages: number; packageVersions: unknown; }; production: { packages: number; packageVersions: unknown; }; }; }>; /** * Renders the dependency vulnerability gate report as Markdown. */ export function renderDependencyVulnerabilityGateMarkdownReport(report: unknown): string; export function main(argv?: string[]): Promise<1 | 0>;