Skip to content

Commit 6849a2c

Browse files
lili2311lili2311
committed
feat: show vulnerable module in actionable remediation
1 parent 64e248e commit 6849a2c

File tree

1 file changed

+20
-5
lines changed

1 file changed

+20
-5
lines changed

src/cli/commands/test/formatters/remediation-based-format-issues.ts

Lines changed: 20 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
import * as _ from 'lodash';
22
import chalk from 'chalk';
3+
import * as config from '../../../../lib/config';
34
import { TestOptions } from '../../../../lib/types';
45
import { RemediationResult, PatchRemediation,
56
DependencyUpdates, IssueData, SEVERITY, GroupedVuln } from '../../../../lib/snyk-test/legacy';
@@ -73,7 +74,12 @@ function constructPatchesText(
7374
const packageAtVersion = `${basicVulnInfo[id].name}@${basicVulnInfo[id].version}`;
7475
const patchedText = `\n Patch available for ${chalk.bold.whiteBright(packageAtVersion)}\n`;
7576
const thisPatchFixes =
76-
formatIssue(id, basicVulnInfo[id].title, basicVulnInfo[id].severity, basicVulnInfo[id].isNew);
77+
formatIssue(
78+
id,
79+
basicVulnInfo[id].title,
80+
basicVulnInfo[id].severity,
81+
basicVulnInfo[id].isNew,
82+
`${basicVulnInfo[id].name}@${basicVulnInfo[id].version}`);
7783
patchedTextArray.push(patchedText + thisPatchFixes);
7884
}
7985

@@ -100,7 +106,10 @@ function constructUpgradesText(
100106
const thisUpgradeFixes = vulnIds
101107
.map((id) => formatIssue(
102108
id,
103-
basicVulnInfo[id].title, basicVulnInfo[id].severity, basicVulnInfo[id].isNew))
109+
basicVulnInfo[id].title,
110+
basicVulnInfo[id].severity,
111+
basicVulnInfo[id].isNew,
112+
`${basicVulnInfo[id].name}@${basicVulnInfo[id].version}`))
104113
.join('\n');
105114
upgradeTextArray.push(upgradeText + thisUpgradeFixes);
106115
}
@@ -114,7 +123,7 @@ function constructUnfixableText(unresolved: IssueData[]) {
114123
const unfixableIssuesTextArray = [chalk.bold.white('\nIssues with no direct upgrade or patch:')];
115124
for (const issue of unresolved) {
116125
const extraInfo = issue.fixedIn
117-
? `\n This issue was fixed in versions: ${issue.fixedIn.join(', ')}`
126+
? `\n This issue was fixed in versions: ${chalk.bold(issue.fixedIn.join(', '))}`
118127
: '\n No upgrade or patch available';
119128
const packageNameAtVersion = chalk.bold.whiteBright(`\n ${issue.packageName}@${issue.version}\n`);
120129
unfixableIssuesTextArray
@@ -124,7 +133,12 @@ function constructUnfixableText(unresolved: IssueData[]) {
124133
return unfixableIssuesTextArray;
125134
}
126135

127-
function formatIssue(id: string, title: string, severity: SEVERITY, isNew: boolean): string {
136+
function formatIssue(
137+
id: string,
138+
title: string,
139+
severity: SEVERITY,
140+
isNew: boolean,
141+
vulnerableModule?: string): string {
128142
const severitiesColourMapping = {
129143
low: {
130144
colorFunc(text) {
@@ -143,10 +157,11 @@ function formatIssue(id: string, title: string, severity: SEVERITY, isNew: boole
143157
},
144158
};
145159
const newBadge = isNew ? ' (new)' : '';
160+
const name = vulnerableModule ? ` in ${chalk.bold(vulnerableModule)}` : '';
146161

147162
return severitiesColourMapping[severity].colorFunc(
148163
` ✗ ${chalk.bold(title)}${newBadge} [${titleCaseText(severity)} Severity]`,
149-
) + `[${id}]`;
164+
) + `[${config.ROOT}/vuln/${id}]` + name;
150165
}
151166

152167
function titleCaseText(text) {

0 commit comments

Comments
 (0)