Handle dependencies with an empty manifest field

This happens sometimes with snapshots. We just want them to be displayed properly in the HTML output.
2023-03-24 19:07:22 +00:00
parent 0c01e947d6
commit 7e1f7be1f6
4 changed files with 65 additions and 4 deletions
--- a/tests/summary.test.ts
+++ b/tests/summary.test.ts
@@ -27,6 +27,45 @@ const defaultConfig: ConfigurationOptions = {
  comment_summary_in_pr: true
 }

+const changesWithEmptyManifests: Changes = [
+  {
+    change_type: 'added',
+    manifest: '',
+    ecosystem: 'unknown',
+    name: 'castore',
+    version: '0.1.17',
+    package_url: 'pkg:hex/castore@0.1.17',
+    license: null,
+    source_repository_url: null,
+    scope: 'runtime',
+    vulnerabilities: []
+  },
+  {
+    change_type: 'added',
+    manifest: '',
+    ecosystem: 'unknown',
+    name: 'connection',
+    version: '1.1.0',
+    package_url: 'pkg:hex/connection@1.1.0',
+    license: null,
+    source_repository_url: null,
+    scope: 'runtime',
+    vulnerabilities: []
+  },
+  {
+    change_type: 'added',
+    manifest: 'python/dist-info/METADATA',
+    ecosystem: 'pip',
+    name: 'pygments',
+    version: '2.6.1',
+    package_url: 'pkg:pypi/pygments@2.6.1',
+    license: 'BSD-2-Clause',
+    source_repository_url: 'https://github.com/pygments/pygments',
+    scope: 'runtime',
+    vulnerabilities: []
+  }
+]
+
 test('prints headline as h1', () => {
  summary.addSummaryToSummary(
    emptyChanges,
@@ -65,6 +104,22 @@ test('only includes "No license issues found"-message if "vulnerability_check" i
  expect(text).toContain('✅ No license issues found.')
 })

+test('groups dependencies with empty manifest paths together', () => {
+  summary.addSummaryToSummary(
+    changesWithEmptyManifests,
+    emptyInvalidLicenseChanges,
+    defaultConfig
+  )
+  summary.addScannedDependencies(changesWithEmptyManifests)
+  const text = core.summary.stringify()
+
+  expect(text).toContain('<summary> </summary>')
+  expect(text).toContain('castore')
+  expect(text).toContain('connection')
+  expect(text).toContain('<summary>python/dist-info/METADATA</summary>')
+  expect(text).toContain('pygments')
+})
+
 test('does not include status section if nothing was found', () => {
  summary.addSummaryToSummary(
    emptyChanges,
--- a/dist/index.js
+++ b/dist/index.js
@@ -976,7 +976,9 @@ function groupDependenciesByManifest(changes) {
    var _a;
    const dependencies = new Map();
    for (const change of changes) {
-        const manifestName = change.manifest;
+        // If the manifest is null or empty, use a space as the key to avoid
+        // breaking the HTML rendering later
+        const manifestName = change.manifest || ' ';
        if (dependencies.get(manifestName) === undefined) {
            dependencies.set(manifestName, []);
        }
@@ -45233,7 +45235,9 @@ function groupDependenciesByManifest(changes) {
    var _a;
    const dependencies = new Map();
    for (const change of changes) {
-        const manifestName = change.manifest;
+        // If the manifest is null or empty, use a space as the key to avoid
+        // breaking the HTML rendering later
+        const manifestName = change.manifest || ' ';
        if (dependencies.get(manifestName) === undefined) {
            dependencies.set(manifestName, []);
        }
--- a/dist/index.js.map
+++ b/dist/index.js.map
--- a/src/utils.ts
+++ b/src/utils.ts
@@ -8,7 +8,9 @@ export function groupDependenciesByManifest(
 ): Map<string, Changes> {
  const dependencies: Map<string, Changes> = new Map()
  for (const change of changes) {
-    const manifestName = change.manifest
+    // If the manifest is null or empty, use a space as the key to avoid
+    // breaking the HTML rendering later
+    const manifestName = change.manifest || ' '

    if (dependencies.get(manifestName) === undefined) {
      dependencies.set(manifestName, [])