From f741b901e6d7cfead956573d18d417d878203101 Mon Sep 17 00:00:00 2001 From: Kaspar Lyngsie Date: Tue, 5 Dec 2023 14:20:06 +0100 Subject: [PATCH] feat: adding manifest file to vuln card if scanning multi-project --- src/lib/snyk-to-html.ts | 25 ++++++++++++++++--- .../test-snyk-to-html.test.ts-TAP.test.js | 3 ++- template/test-report.header.hbs | 12 ++++++++- template/test-report.vuln-card.hbs | 5 ++++ 4 files changed, 40 insertions(+), 5 deletions(-) diff --git a/src/lib/snyk-to-html.ts b/src/lib/snyk-to-html.ts index 5ebe3a4..2b525b2 100755 --- a/src/lib/snyk-to-html.ts +++ b/src/lib/snyk-to-html.ts @@ -256,7 +256,22 @@ async function generateCodeTemplate( } function mergeData(dataArray: any[]): any { - const vulnsArrays = dataArray.map(project => project.vulnerabilities || []); + const vulnsArrays = dataArray.map((project) => { + if (!project.vulnerabilities) { + return []; + } + + // Add project data to each of the vulnerabilities to display more + // details on each vulnerability card, in order to properly distinguish + // from which project a vuln is connected, in case of displaying multiple + // projects. + const vulns = project.vulnerabilities.map((vuln) => ({ + ...vuln, + displayTargetFile: project.displayTargetFile, + path: project.path + })); + return vulns; + }); const aggregateVulnerabilities = [].concat(...vulnsArrays); const totalUniqueCount = @@ -264,7 +279,11 @@ function mergeData(dataArray: any[]): any { const totalDepCount = dataArray.reduce((acc, item) => acc + item.dependencyCount || 0, 0); - const paths = dataArray.map(project => ({ path: project.path, packageManager: project.packageManager })); + const paths = dataArray.map(project => ({ + path: project.path, + packageManager: project.packageManager, + displayTargetFile: project.displayTargetFile, + })); return { vulnerabilities: aggregateVulnerabilities, @@ -325,7 +344,7 @@ async function processCodeData( const dataArray = Array.isArray(data) ? data : [data]; const OrderedIssuesArray = await processSourceCode(dataArray); - + const totalIssues = dataArray[0].runs[0].results.length; const processedData = { projects: OrderedIssuesArray, diff --git a/tap-snapshots/test-snyk-to-html.test.ts-TAP.test.js b/tap-snapshots/test-snyk-to-html.test.ts-TAP.test.js index b3d0fef..d54f974 100644 --- a/tap-snapshots/test-snyk-to-html.test.ts-TAP.test.js +++ b/tap-snapshots/test-snyk-to-html.test.ts-TAP.test.js @@ -2176,7 +2176,8 @@ exports[`test/snyk-to-html.test.ts TAP template output displays vulns in descend
Scanned the following paths:
diff --git a/template/test-report.header.hbs b/template/test-report.header.hbs index 26bc5cc..ed0e841 100644 --- a/template/test-report.header.hbs +++ b/template/test-report.header.hbs @@ -24,7 +24,13 @@
Scanned the following paths:
{{/if}} @@ -32,7 +38,11 @@
Scanned the following path:
{{/if}} diff --git a/template/test-report.vuln-card.hbs b/template/test-report.vuln-card.hbs index 0c28f02..e3b46e0 100644 --- a/template/test-report.vuln-card.hbs +++ b/template/test-report.vuln-card.hbs @@ -9,6 +9,11 @@