Add support to environment check

Question

Add support to environment check

Closed this issue 2 years ago · 3 comments

Sometimes a security vulnerability affects only windows or macOS and in order to make this package consistent, a check against the environment should be performed.

Currently, the Node.js Security DB doesn't provide information about the CVE environment, so the steps should be:

Update the Security DB to provide this information
Update this package

Answer 1 · 2023-02-21T10:05:55.000Z

Happy to help if you need an extra hand 😉

Answer 2 · 2023-02-21T11:53:09.000Z

Happy to help if you need an extra hand wink

That would be awesome, @UlisesGascon

Answer 3 · 2023-03-17T13:21:43.000Z

Next steps:

Add affectedEnvironments to the Nodejs Core Vuln model. See: nodejs/security-wg#912
Update the vuln DB to include for the core reported vulnerabilities. See: nodejs/security-wg#914
Add business logic to check against the os.platform(). See: #12