Skip to content

Commit

Permalink
feat: add cvssScore to output
Browse files Browse the repository at this point in the history
  • Loading branch information
@aarlaud
aarlaud committed Nov 8, 2023
1 parent 13fe2d8 commit 4daa5ea
Show file tree
Hide file tree
Showing 8 changed files with 43 additions and 42 deletions.
8 changes: 4 additions & 4 deletions src/lib/snyk/displayOutput.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ const displayNewVulns = (
chalk.bold.red(
` ${index + 1}/${newVulns.length}: ${vuln.id}:${vuln.title} [${_.capitalize(
vuln.severity,
)} Severity]`,
)} Severity][cvssScore: ${vuln.cvssScore || 'NA'}]`,
),
);
break;
Expand All @@ -57,7 +57,7 @@ const displayNewVulns = (
chalk.bold.yellow(
` ${index + 1}/${newVulns.length}: ${vuln.id}:${vuln.title} [${_.capitalize(
vuln.severity,
)} Severity]`,
)} Severity][cvssScore: ${vuln.cvssScore || 'NA'}]`,
),
);
break;
Expand All @@ -66,7 +66,7 @@ const displayNewVulns = (
chalk.bold.blue(
` ${index + 1}/${newVulns.length}: ${vuln.id}:${vuln.title} [${_.capitalize(
vuln.severity,
)} Severity]`,
)} Severity][cvssScore: ${vuln.cvssScore || 'NA'}]`,
),
);
break;
Expand All @@ -75,7 +75,7 @@ const displayNewVulns = (
chalk.bold(
` ${index + 1}/${newVulns.length}: ${vuln.id}:${vuln.title} [${_.capitalize(
vuln.severity,
)} Severity]`,
)} Severity][cvssScore: ${vuln.cvssScore || 'NA'}]`,
),
);
}
Expand Down
1 change: 1 addition & 0 deletions src/lib/types.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,7 @@ export type SnykCliTestOutput = {

export type IssueWithPaths = {
id: string;
cvssScore?: number;
from: Array<string>;
severity: string;
title: string;
Expand Down
2 changes: 1 addition & 1 deletion test/lib/index-inline-no-baseline.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ describe('Test End 2 End - Inline mode - no baseline', () => {
const expectedOutput = [
'New issue introduced !',
'Security Vulnerability',
' 1/1: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity]',
' 1/1: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity][cvssScore: 7.5]',
' Via: @snyk/nodejs-runtime-agent@1.14.0 => acorn@5.7.3',
' Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
' Fixable by upgrade: @snyk/nodejs-runtime-agent@1.14.0=>acorn@5.7.4',
Expand Down
2 changes: 1 addition & 1 deletion test/lib/index-inline-with-project-coordinates.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,7 +132,7 @@ describe('Test End 2 End - Inline mode with project coordinates', () => {
const expectedOutput = [
'New issue introduced !',
'Security Vulnerability:',
' 1/1: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
' 1/1: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity][cvssScore: 6.3]',
' Via: snyk@1.228.3 => configstore@3.1.2 => dot-prop@4.2.0',
' Fixed in: dot-prop 5.1.1',
' Fixable by upgrade: snyk@1.290.1',
Expand Down
10 changes: 5 additions & 5 deletions test/lib/index-inline.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -258,7 +258,7 @@ describe('Test End 2 End - Inline mode', () => {
const expectedOutput = [
'New issue introduced !',
'Security Vulnerability:',
' 1/1: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
' 1/1: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity][cvssScore: 6.3]',
' Via: snyk@1.228.3 => configstore@3.1.2 => dot-prop@4.2.0',
' Fixed in: dot-prop 5.1.1',
' Fixable by upgrade: snyk@1.290.1',
Expand Down Expand Up @@ -287,7 +287,7 @@ describe('Test End 2 End - Inline mode', () => {
const expectedOutput = [
'New issue introduced !',
'Security Vulnerability:',
' 1/1: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
' 1/1: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity][cvssScore: 6.3]',
' Via: snyk@1.228.3 => configstore@3.1.2 => dot-prop@4.2.0',
' Fixed in: dot-prop 5.1.1',
' Fixable by upgrade: snyk@1.290.1',
Expand Down Expand Up @@ -369,7 +369,7 @@ describe('Test End 2 End - Inline mode', () => {
const expectedOutput = [
'New issue introduced !',
'Security Vulnerability:',
' 1/1: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity]',
' 1/1: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity][cvssScore: 7.5]',
' Via: @snyk/nodejs-runtime-agent@1.14.0 => acorn@5.7.3',
' Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
' Fixable by upgrade: @snyk/nodejs-runtime-agent@1.14.0=>acorn@5.7.4',
Expand Down Expand Up @@ -418,7 +418,7 @@ describe('Test End 2 End - Inline mode', () => {
const expectedOutput = [
'New issue introduced !',
'Security Vulnerability:',
' 1/1: Prototype Pollution [Medium Severity]',
' 1/1: Prototype Pollution [Medium Severity][]',
' Via: snyk@1.228.3 => configstore@3.1.2 => dot-prop@4.2.0',
' Fixed in: dot-prop 5.1.1',
' Fixable by upgrade: snyk@1.290.1',
Expand Down Expand Up @@ -447,7 +447,7 @@ describe('Test End 2 End - Inline mode', () => {
const expectedOutput = [
'New issue introduced !',
'Security Vulnerability:',
' 1/1: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
' 1/1: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity][cvssScore: 6.3]',
' Via: snyk@1.228.3 => configstore@3.1.2 => dot-prop@4.2.0',
' Fixed in: dot-prop 5.1.1',
' Fixable by upgrade: snyk@1.290.1',
Expand Down
6 changes: 3 additions & 3 deletions test/lib/index-standalone-no-baseline.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -170,7 +170,7 @@ describe('Test End 2 End - Standalone mode without baseline', () => {
//'\n uuuuuuuuuuuuuuuuuuuu\n u" uuuuuuuuuuuuuuuuuu "u\n u" u$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n $ $$$" ... "$... ...$" ... "$$$ ... "$$$ $\n $ $$$u `"$$$$$$$ $$$ $$$$$ $$ $$$ $$$ $\n $ $$$$$$uu "$$$$ $$$ $$$$$ $$ """ u$$$ $\n $ $$$""$$$ $$$$ $$$u "$$$" u$$ $$$$$$$$ $\n $ $$$$....,$$$$$..$$$$$....,$$$$..$$$$$$$$ $\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$" u"\n "u """""""""""""""""" u"\n """"""""""""""""""""\n ',
'New issue introduced !',
'Security Vulnerability:\n',
'1/1: Denial of Service (DoS) [Medium Severity]',
'1/1: Denial of Service (DoS) [Medium Severity][cvssScore: 6.3]',
' Via: ms@1.0.0 => ejs-locals@1.0.2 => ejs@0.8.8',
'\n',
];
Expand Down Expand Up @@ -236,7 +236,7 @@ describe('Test End 2 End - Standalone mode without baseline', () => {
//'\n uuuuuuuuuuuuuuuuuuuu\n u" uuuuuuuuuuuuuuuuuu "u\n u" u$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n $ $$$" ... "$... ...$" ... "$$$ ... "$$$ $\n $ $$$u `"$$$$$$$ $$$ $$$$$ $$ $$$ $$$ $\n $ $$$$$$uu "$$$$ $$$ $$$$$ $$ """ u$$$ $\n $ $$$""$$$ $$$$ $$$u "$$$" u$$ $$$$$$$$ $\n $ $$$$....,$$$$$..$$$$$....,$$$$..$$$$$$$$ $\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$" u"\n "u """""""""""""""""" u"\n """"""""""""""""""""\n ',
'New issue introduced !',
'Security Vulnerability:\n',
'1/1: Denial of Service (DoS) [Medium Severity]',
'1/1: Denial of Service (DoS) [Medium Severity][cvssScore: 6.3]',
' Via: ms@1.0.0 => ejs-locals@1.0.2 => ejs@0.8.8',
'\n',
];
Expand Down Expand Up @@ -303,7 +303,7 @@ describe('Test End 2 End - Standalone mode without baseline', () => {
//'\n uuuuuuuuuuuuuuuuuuuu\n u" uuuuuuuuuuuuuuuuuu "u\n u" u$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n $ $$$" ... "$... ...$" ... "$$$ ... "$$$ $\n $ $$$u `"$$$$$$$ $$$ $$$$$ $$ $$$ $$$ $\n $ $$$$$$uu "$$$$ $$$ $$$$$ $$ """ u$$$ $\n $ $$$""$$$ $$$$ $$$u "$$$" u$$ $$$$$$$$ $\n $ $$$$....,$$$$$..$$$$$....,$$$$..$$$$$$$$ $\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$" u"\n "u """""""""""""""""" u"\n """"""""""""""""""""\n ',
'New issue introduced !',
'Security Vulnerability:\n',
'1/1: Denial of Service (DoS) [Medium Severity]',
'1/1: Denial of Service (DoS) [Medium Severity][cvssScore: 6.3]',
' Via: ms@1.0.0 => ejs-locals@1.0.2 => ejs@0.8.8',
'\n',
];
Expand Down
12 changes: 6 additions & 6 deletions test/lib/index-standalone.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -209,10 +209,10 @@ describe('Test End 2 End - Standalone mode', () => {
//'\n uuuuuuuuuuuuuuuuuuuu\n u" uuuuuuuuuuuuuuuuuu "u\n u" u$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n $ $$$" ... "$... ...$" ... "$$$ ... "$$$ $\n $ $$$u `"$$$$$$$ $$$ $$$$$ $$ $$$ $$$ $\n $ $$$$$$uu "$$$$ $$$ $$$$$ $$ """ u$$$ $\n $ $$$""$$$ $$$$ $$$u "$$$" u$$ $$$$$$$$ $\n $ $$$$....,$$$$$..$$$$$....,$$$$..$$$$$$$$ $\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$" u"\n "u """""""""""""""""" u"\n """"""""""""""""""""\n ',
'New issues introduced !',
'Security Vulnerabilities:',
'1/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
'1/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity][cvssScore: 6.3]',
' Via: snyk@1.228.3 => configstore@3.1.2 => dot-prop@4.2.0',
'\n',
'2/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
'2/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity][cvssScore: 6.3]',
' Via: snyk@1.228.3 => update-notifier@2.5.0 => configstore@3.1.2 => dot-prop@4.2.0',
'\n',
];
Expand Down Expand Up @@ -304,10 +304,10 @@ describe('Test End 2 End - Standalone mode', () => {
//'\n uuuuuuuuuuuuuuuuuuuu\n u" uuuuuuuuuuuuuuuuuu "u\n u" u$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n $ $$$" ... "$... ...$" ... "$$$ ... "$$$ $\n $ $$$u `"$$$$$$$ $$$ $$$$$ $$ $$$ $$$ $\n $ $$$$$$uu "$$$$ $$$ $$$$$ $$ """ u$$$ $\n $ $$$""$$$ $$$$ $$$u "$$$" u$$ $$$$$$$$ $\n $ $$$$....,$$$$$..$$$$$....,$$$$..$$$$$$$$ $\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$" u"\n "u """""""""""""""""" u"\n """"""""""""""""""""\n ',
'New issues introduced !',
'Security Vulnerabilities:',
'1/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
'1/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity][cvssScore: 6.3]',
' Via: snyk@1.228.3 => configstore@3.1.2 => dot-prop@4.2.0',
'\n',
'2/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
'2/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity][cvssScore: 6.3]',
' Via: snyk@1.228.3 => update-notifier@2.5.0 => configstore@3.1.2 => dot-prop@4.2.0',
'\n',
];
Expand Down Expand Up @@ -401,10 +401,10 @@ describe('Test End 2 End - Standalone mode', () => {
//'\n uuuuuuuuuuuuuuuuuuuu\n u" uuuuuuuuuuuuuuuuuu "u\n u" u$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n $ $$$" ... "$... ...$" ... "$$$ ... "$$$ $\n $ $$$u `"$$$$$$$ $$$ $$$$$ $$ $$$ $$$ $\n $ $$$$$$uu "$$$$ $$$ $$$$$ $$ """ u$$$ $\n $ $$$""$$$ $$$$ $$$u "$$$" u$$ $$$$$$$$ $\n $ $$$$....,$$$$$..$$$$$....,$$$$..$$$$$$$$ $\n $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$$$$$" u"\n "u "$$$$$$$$$$$$$$$$$$$$" u"\n "u """""""""""""""""" u"\n """"""""""""""""""""\n ',
'New issues introduced !',
'Security Vulnerabilities:',
'1/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
'1/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity][cvssScore: 6.3]',
' Via: snyk@1.228.3 => configstore@3.1.2 => dot-prop@4.2.0',
'\n',
'2/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
'2/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity][cvssScore: 6.3]',
' Via: snyk@1.228.3 => update-notifier@2.5.0 => configstore@3.1.2 => dot-prop@4.2.0',
'\n',
];
Expand Down
Loading

0 comments on commit 4daa5ea

Please sign in to comment.