Skip to content

Commit

Permalink
feat: OS CLI output - actionable focus on upgrade
Browse files Browse the repository at this point in the history 
Improve snyk-open-source CLI output as follows:
- Moving actionable content closer to the users’ visual focus
  (moving issues to fix by upgrading lower in the output)
  • Loading branch information
@florindumitrascu
florindumitrascu committed Jul 27, 2022
1 parent 225e490 commit 1417fe3
Show file tree
Hide file tree
Showing 3 changed files with 66 additions and 65 deletions.
23 changes: 12 additions & 11 deletions src/lib/formatters/remediation-based-format-issues.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,39 +115,40 @@ export function formatIssuesWithRemediation(
options,
);
}
if (upgradeTextArray.length > 0) {
results.push(upgradeTextArray.join('\n'));
}

const patchedTextArray = constructPatchesText(
remediationInfo.patch,
basicVulnInfo,
options,
);

if (patchedTextArray.length > 0) {
results.push(patchedTextArray.join('\n'));
}

const unfixableIssuesTextArray = constructUnfixableText(
remediationInfo.unresolved,
basicVulnInfo,
options,
);

if (unfixableIssuesTextArray.length > 0) {
results.push(unfixableIssuesTextArray.join('\n'));
}

const licenseIssuesTextArray = constructLicenseText(
basicLicenseInfo,
options,
);

if (unfixableIssuesTextArray.length > 0) {
results.push(unfixableIssuesTextArray.join('\n'));
}

if (licenseIssuesTextArray.length > 0) {
results.push(licenseIssuesTextArray.join('\n'));
}

if (patchedTextArray.length > 0) {
results.push(patchedTextArray.join('\n'));
}

if (upgradeTextArray.length > 0) {
results.push(upgradeTextArray.join('\n'));
}

return results;
}

Expand Down
60 changes: 30 additions & 30 deletions test/jest/unit/lib/formatters/__snapshots__/remediation-based-format-issues.spec.ts.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,14 @@
exports[`with license issues 1`] = `
"
License issues:
✗ Unknown license [High Severity][URL] in [email protected]
introduced by:
[email protected]
Legal instructions:
○ for LGPL-3.0 license: I am legal license instruction
Issues to fix by upgrading:
Upgrade [email protected] to [email protected] to fix
Expand Down Expand Up @@ -36,32 +44,24 @@ Issues to fix by upgrading:
introduced by:
[email protected]
[email protected] > [email protected]
[email protected] > [email protected]
License issues:
✗ Unknown license [High Severity][URL] in [email protected]
introduced by:
[email protected]
Legal instructions:
○ for LGPL-3.0 license: I am legal license instruction"
[email protected] > [email protected]"
`;

exports[`with pins & unfixable & showVulnsPaths = all 1`] = `
"
Issues with no direct upgrade or patch:
✗ Directory Traversal [Low Severity][URL] in [email protected]
introduced by:
[email protected]
This issue was fixed in versions: 2.2.18, 3.0.12, 3.1.6
Issues to fix by upgrading dependencies:
Upgrade [email protected] to [email protected] to fix
✗ Content Spoofing [Medium Severity][URL] in [email protected]
introduced by:
[email protected]
Issues with no direct upgrade or patch:
✗ Directory Traversal [Low Severity][URL] in [email protected]
introduced by:
[email protected]
This issue was fixed in versions: 2.2.18, 3.0.12, 3.1.6"
[email protected]"
`;

exports[`with reachable info 1`] = `
Expand All @@ -78,21 +78,28 @@ Issues to fix by upgrading:
exports[`with showVulnPaths = some 1`] = `
"
Issues with no direct upgrade or patch:
✗ Directory Traversal [Low Severity][URL] in [email protected]
introduced by [email protected]
This issue was fixed in versions: 2.2.18, 3.0.12, 3.1.6
Issues to fix by upgrading dependencies:
Upgrade [email protected] to [email protected] to fix
✗ Content Spoofing [Medium Severity][URL] in [email protected]
introduced by [email protected]
Issues with no direct upgrade or patch:
✗ Directory Traversal [Low Severity][URL] in [email protected]
introduced by [email protected]
This issue was fixed in versions: 2.2.18, 3.0.12, 3.1.6"
introduced by [email protected]"
`;

exports[`with upgrades & patches 1`] = `
"
Patchable issues:
Patch available for [email protected]
✗ Insecure Randomness [Low Severity (originally Medium)][URL] in [email protected]
introduced by:
[email protected]
Issues to fix by upgrading:
Upgrade [email protected] to [email protected] to fix
Expand All @@ -104,12 +111,5 @@ Issues to fix by upgrading:
[email protected]
✗ Denial of Service (DoS) [Low Severity (originally Medium)][URL] in [email protected]
introduced by:
[email protected]
Patchable issues:
Patch available for [email protected]
✗ Insecure Randomness [Low Severity (originally Medium)][URL] in [email protected]
introduced by:
[email protected]"
[email protected]"
`;
48 changes: 24 additions & 24 deletions test/jest/unit/lib/formatters/test/__snapshots__/display-result.spec.ts.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -233,19 +233,19 @@ Testing src...
Tested 2 dependencies for known issues, found 32 issues, 2 vulnerable paths.
Issues to fix by upgrading dependencies:
Upgrade [email protected] to [email protected] to fix
✗ Content Spoofing [Medium Severity][URL] in [email protected]
Issues with no direct upgrade or patch:
✗ Directory Traversal [Low Severity][URL] in [email protected]
introduced by:
[email protected]
This issue was fixed in versions: 2.2.18, 3.0.12, 3.1.6
Issues with no direct upgrade or patch:
✗ Directory Traversal [Low Severity][URL] in [email protected]
Issues to fix by upgrading dependencies:
Upgrade [email protected] to [email protected] to fix
✗ Content Spoofing [Medium Severity][URL] in [email protected]
introduced by:
[email protected]
This issue was fixed in versions: 2.2.18, 3.0.12, 3.1.6
Expand All @@ -270,6 +270,14 @@ Testing src...
Tested 2 dependencies for known vulnerabilities, found 4 vulnerabilities, 4 vulnerable paths.
Patchable issues:
Patch available for [email protected]
✗ Insecure Randomness [Low Severity (originally Medium)][URL] in [email protected]
introduced by:
[email protected]
Issues to fix by upgrading:
Upgrade [email protected] to [email protected] to fix
Expand All @@ -284,14 +292,6 @@ Issues to fix by upgrading:
[email protected]
Patchable issues:
Patch available for [email protected]
✗ Insecure Randomness [Low Severity (originally Medium)][URL] in [email protected]
introduced by:
[email protected]
Organization: another-org
Package manager: npm
Expand All @@ -310,6 +310,15 @@ Testing src...
Tested 3 dependencies for known issues, found 6 issues, 8 vulnerable paths.
License issues:
✗ Unknown license [High Severity][URL] in [email protected]
introduced by:
[email protected]
Legal instructions:
○ for LGPL-3.0 license: I am legal license instruction
Issues to fix by upgrading:
Upgrade [email protected] to [email protected] to fix
Expand Down Expand Up @@ -346,15 +355,6 @@ Issues to fix by upgrading:
[email protected] > [email protected]
License issues:
✗ Unknown license [High Severity][URL] in [email protected]
introduced by:
[email protected]
Legal instructions:
○ for LGPL-3.0 license: I am legal license instruction
Organization: lili2311
Package manager: rubygems
Expand Down

0 comments on commit 1417fe3

Please sign in to comment.