try adding 3 sections
This commit is contained in:
82
dist/index.js
generated
vendored
82
dist/index.js
generated
vendored
@@ -206,7 +206,6 @@ const git_refs_1 = __nccwpck_require__(1086);
|
||||
function run() {
|
||||
return __awaiter(this, void 0, void 0, function* () {
|
||||
try {
|
||||
let failed = false;
|
||||
const config = (0, config_1.readConfig)();
|
||||
const refs = (0, git_refs_1.getRefs)(config, github.context);
|
||||
const changes = yield dependencyGraph.compare({
|
||||
@@ -229,26 +228,11 @@ function run() {
|
||||
change.vulnerabilities.length > 0);
|
||||
const [licenseErrors, unknownLicenses] = (0, licenses_1.getDeniedLicenseChanges)(filteredChanges, licenses);
|
||||
summary.addSummaryToSummary(addedChanges, licenseErrors, unknownLicenses);
|
||||
if (addedChanges.length > 0) {
|
||||
for (const change of addedChanges) {
|
||||
printChangeVulnerabilities(change);
|
||||
}
|
||||
failed = true;
|
||||
}
|
||||
summary.addChangeVulnerabilitiesToSummary(addedChanges, minSeverity || '');
|
||||
if (licenseErrors.length > 0) {
|
||||
printLicensesError(licenseErrors);
|
||||
core.setFailed('Dependency review detected incompatible licenses.');
|
||||
}
|
||||
printNullLicenses(unknownLicenses);
|
||||
summary.addLicensesToSummary(licenseErrors, unknownLicenses, config);
|
||||
printVulnerabilitiesBlock(addedChanges, minSeverity || 'low');
|
||||
printLicensesBlock(licenseErrors, unknownLicenses);
|
||||
printScannedDependencies(changes);
|
||||
if (failed) {
|
||||
core.setFailed('Dependency review detected vulnerable packages.');
|
||||
}
|
||||
else {
|
||||
core.info(`Dependency review did not detect any vulnerable packages with severity level "${minSeverity}" or higher.`);
|
||||
}
|
||||
}
|
||||
catch (error) {
|
||||
if (error instanceof request_error_1.RequestError && error.status === 404) {
|
||||
@@ -271,6 +255,23 @@ function run() {
|
||||
}
|
||||
});
|
||||
}
|
||||
function printVulnerabilitiesBlock(addedChanges, minSeverity) {
|
||||
let failed = false;
|
||||
core.group('Vulnerabilities', () => __awaiter(this, void 0, void 0, function* () {
|
||||
if (addedChanges.length > 0) {
|
||||
for (const change of addedChanges) {
|
||||
printChangeVulnerabilities(change);
|
||||
}
|
||||
failed = true;
|
||||
}
|
||||
if (failed) {
|
||||
core.setFailed('Dependency review detected vulnerable packages.');
|
||||
}
|
||||
else {
|
||||
core.info(`Dependency review did not detect any vulnerable packages with severity level "${minSeverity}" or higher.`);
|
||||
}
|
||||
}));
|
||||
}
|
||||
function printChangeVulnerabilities(change) {
|
||||
for (const vuln of change.vulnerabilities) {
|
||||
core.info(`${ansi_styles_1.default.bold.open}${change.manifest} » ${change.name}@${change.version}${ansi_styles_1.default.bold.close} – ${vuln.advisory_summary} ${renderSeverity(vuln.severity)}`);
|
||||
@@ -301,24 +302,6 @@ function renderScannedDependency(change) {
|
||||
}[changeType];
|
||||
return `${ansi_styles_1.default.color[color].open}${icon} ${change.manifest}@${change.version}${ansi_styles_1.default.color[color].close}`;
|
||||
}
|
||||
function printLicensesError(changes) {
|
||||
if (changes.length === 0) {
|
||||
return;
|
||||
}
|
||||
core.info('\nThe following dependencies have incompatible licenses:\n');
|
||||
for (const change of changes) {
|
||||
core.info(`${ansi_styles_1.default.bold.open}${change.manifest} » ${change.name}@${change.version}${ansi_styles_1.default.bold.close} – License: ${ansi_styles_1.default.color.red.open}${change.license}${ansi_styles_1.default.color.red.close}`);
|
||||
}
|
||||
}
|
||||
function printNullLicenses(changes) {
|
||||
if (changes.length === 0) {
|
||||
return;
|
||||
}
|
||||
core.info('\nWe could not detect a license for the following dependencies:\n');
|
||||
for (const change of changes) {
|
||||
core.info(`${ansi_styles_1.default.bold.open}${change.manifest} » ${change.name}@${change.version}${ansi_styles_1.default.bold.close}`);
|
||||
}
|
||||
}
|
||||
function printScannedDependencies(changes) {
|
||||
core.group('Dependency changes', () => __awaiter(this, void 0, void 0, function* () {
|
||||
// group changes by manifest
|
||||
@@ -337,6 +320,33 @@ function printScannedDependencies(changes) {
|
||||
}
|
||||
}));
|
||||
}
|
||||
function printLicensesBlock(licenseErrors, unknownLicenses) {
|
||||
core.group('Licenses', () => __awaiter(this, void 0, void 0, function* () {
|
||||
if (licenseErrors.length > 0) {
|
||||
printLicensesError(licenseErrors);
|
||||
core.setFailed('Dependency review detected incompatible licenses.');
|
||||
}
|
||||
printNullLicenses(unknownLicenses);
|
||||
}));
|
||||
}
|
||||
function printLicensesError(changes) {
|
||||
if (changes.length === 0) {
|
||||
return;
|
||||
}
|
||||
core.info('\nThe following dependencies have incompatible licenses:\n');
|
||||
for (const change of changes) {
|
||||
core.info(`${ansi_styles_1.default.bold.open}${change.manifest} » ${change.name}@${change.version}${ansi_styles_1.default.bold.close} – License: ${ansi_styles_1.default.color.red.open}${change.license}${ansi_styles_1.default.color.red.close}`);
|
||||
}
|
||||
}
|
||||
function printNullLicenses(changes) {
|
||||
if (changes.length === 0) {
|
||||
return;
|
||||
}
|
||||
core.info('\nWe could not detect a license for the following dependencies:\n');
|
||||
for (const change of changes) {
|
||||
core.info(`${ansi_styles_1.default.bold.open}${change.manifest} » ${change.name}@${change.version}${ansi_styles_1.default.bold.close}`);
|
||||
}
|
||||
}
|
||||
run();
|
||||
|
||||
|
||||
|
||||
2
dist/index.js.map
generated
vendored
2
dist/index.js.map
generated
vendored
File diff suppressed because one or more lines are too long
108
src/main.ts
108
src/main.ts
@@ -16,7 +16,6 @@ import {getRefs} from './git-refs'
|
||||
|
||||
async function run(): Promise<void> {
|
||||
try {
|
||||
let failed = false
|
||||
const config = readConfig()
|
||||
const refs = getRefs(config, github.context)
|
||||
|
||||
@@ -61,34 +60,13 @@ async function run(): Promise<void> {
|
||||
)
|
||||
|
||||
summary.addSummaryToSummary(addedChanges, licenseErrors, unknownLicenses)
|
||||
|
||||
if (addedChanges.length > 0) {
|
||||
for (const change of addedChanges) {
|
||||
printChangeVulnerabilities(change)
|
||||
}
|
||||
failed = true
|
||||
}
|
||||
|
||||
summary.addChangeVulnerabilitiesToSummary(addedChanges, minSeverity || '')
|
||||
|
||||
if (licenseErrors.length > 0) {
|
||||
printLicensesError(licenseErrors)
|
||||
core.setFailed('Dependency review detected incompatible licenses.')
|
||||
}
|
||||
|
||||
printNullLicenses(unknownLicenses)
|
||||
|
||||
summary.addLicensesToSummary(licenseErrors, unknownLicenses, config)
|
||||
|
||||
printScannedDependencies(changes)
|
||||
printVulnerabilitiesBlock(addedChanges, minSeverity || 'low')
|
||||
printLicensesBlock(licenseErrors, unknownLicenses)
|
||||
|
||||
if (failed) {
|
||||
core.setFailed('Dependency review detected vulnerable packages.')
|
||||
} else {
|
||||
core.info(
|
||||
`Dependency review did not detect any vulnerable packages with severity level "${minSeverity}" or higher.`
|
||||
)
|
||||
}
|
||||
printScannedDependencies(changes)
|
||||
} catch (error) {
|
||||
if (error instanceof RequestError && error.status === 404) {
|
||||
core.setFailed(
|
||||
@@ -110,6 +88,29 @@ async function run(): Promise<void> {
|
||||
}
|
||||
}
|
||||
|
||||
function printVulnerabilitiesBlock(
|
||||
addedChanges: Change[],
|
||||
minSeverity: Severity
|
||||
): void {
|
||||
let failed = false
|
||||
core.group('Vulnerabilities', async () => {
|
||||
if (addedChanges.length > 0) {
|
||||
for (const change of addedChanges) {
|
||||
printChangeVulnerabilities(change)
|
||||
}
|
||||
failed = true
|
||||
}
|
||||
|
||||
if (failed) {
|
||||
core.setFailed('Dependency review detected vulnerable packages.')
|
||||
} else {
|
||||
core.info(
|
||||
`Dependency review did not detect any vulnerable packages with severity level "${minSeverity}" or higher.`
|
||||
)
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
function printChangeVulnerabilities(change: Change): void {
|
||||
for (const vuln of change.vulnerabilities) {
|
||||
core.info(
|
||||
@@ -161,6 +162,41 @@ function renderScannedDependency(change: Change): string {
|
||||
return `${styles.color[color].open}${icon} ${change.manifest}@${change.version}${styles.color[color].close}`
|
||||
}
|
||||
|
||||
function printScannedDependencies(changes: Change[]): void {
|
||||
core.group('Dependency changes', async () => {
|
||||
// group changes by manifest
|
||||
const dependencies: Record<string, Change[]> = {}
|
||||
for (const change of changes) {
|
||||
if (dependencies[change.manifest] === undefined) {
|
||||
dependencies[change.manifest] = []
|
||||
}
|
||||
dependencies[change.manifest].push(change)
|
||||
}
|
||||
|
||||
for (const [manifestName, manifestChanges] of Object.entries(
|
||||
dependencies
|
||||
)) {
|
||||
core.info(`File: ${styles.bold.open}${manifestName}${styles.bold.close}`)
|
||||
for (const change of manifestChanges) {
|
||||
core.info(`${renderScannedDependency(change)}`)
|
||||
}
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
function printLicensesBlock(
|
||||
licenseErrors: Change[],
|
||||
unknownLicenses: Change[]
|
||||
): void {
|
||||
core.group('Licenses', async () => {
|
||||
if (licenseErrors.length > 0) {
|
||||
printLicensesError(licenseErrors)
|
||||
core.setFailed('Dependency review detected incompatible licenses.')
|
||||
}
|
||||
printNullLicenses(unknownLicenses)
|
||||
})
|
||||
}
|
||||
|
||||
function printLicensesError(changes: Change[]): void {
|
||||
if (changes.length === 0) {
|
||||
return
|
||||
@@ -187,26 +223,4 @@ function printNullLicenses(changes: Change[]): void {
|
||||
}
|
||||
}
|
||||
|
||||
function printScannedDependencies(changes: Change[]): void {
|
||||
core.group('Dependency changes', async () => {
|
||||
// group changes by manifest
|
||||
const dependencies: Record<string, Change[]> = {}
|
||||
for (const change of changes) {
|
||||
if (dependencies[change.manifest] === undefined) {
|
||||
dependencies[change.manifest] = []
|
||||
}
|
||||
dependencies[change.manifest].push(change)
|
||||
}
|
||||
|
||||
for (const [manifestName, manifestChanges] of Object.entries(
|
||||
dependencies
|
||||
)) {
|
||||
core.info(`File: ${styles.bold.open}${manifestName}${styles.bold.close}`)
|
||||
for (const change of manifestChanges) {
|
||||
core.info(`${renderScannedDependency(change)}`)
|
||||
}
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
run()
|
||||
|
||||
Reference in New Issue
Block a user