try adding 3 sections

This commit is contained in:
Federico Builes
2022-09-26 12:21:24 +02:00
parent 2a646668d9
commit 8a20ddbf25
3 changed files with 108 additions and 84 deletions

82
dist/index.js generated vendored
View File

@@ -206,7 +206,6 @@ const git_refs_1 = __nccwpck_require__(1086);
function run() {
return __awaiter(this, void 0, void 0, function* () {
try {
let failed = false;
const config = (0, config_1.readConfig)();
const refs = (0, git_refs_1.getRefs)(config, github.context);
const changes = yield dependencyGraph.compare({
@@ -229,26 +228,11 @@ function run() {
change.vulnerabilities.length > 0);
const [licenseErrors, unknownLicenses] = (0, licenses_1.getDeniedLicenseChanges)(filteredChanges, licenses);
summary.addSummaryToSummary(addedChanges, licenseErrors, unknownLicenses);
if (addedChanges.length > 0) {
for (const change of addedChanges) {
printChangeVulnerabilities(change);
}
failed = true;
}
summary.addChangeVulnerabilitiesToSummary(addedChanges, minSeverity || '');
if (licenseErrors.length > 0) {
printLicensesError(licenseErrors);
core.setFailed('Dependency review detected incompatible licenses.');
}
printNullLicenses(unknownLicenses);
summary.addLicensesToSummary(licenseErrors, unknownLicenses, config);
printVulnerabilitiesBlock(addedChanges, minSeverity || 'low');
printLicensesBlock(licenseErrors, unknownLicenses);
printScannedDependencies(changes);
if (failed) {
core.setFailed('Dependency review detected vulnerable packages.');
}
else {
core.info(`Dependency review did not detect any vulnerable packages with severity level "${minSeverity}" or higher.`);
}
}
catch (error) {
if (error instanceof request_error_1.RequestError && error.status === 404) {
@@ -271,6 +255,23 @@ function run() {
}
});
}
function printVulnerabilitiesBlock(addedChanges, minSeverity) {
let failed = false;
core.group('Vulnerabilities', () => __awaiter(this, void 0, void 0, function* () {
if (addedChanges.length > 0) {
for (const change of addedChanges) {
printChangeVulnerabilities(change);
}
failed = true;
}
if (failed) {
core.setFailed('Dependency review detected vulnerable packages.');
}
else {
core.info(`Dependency review did not detect any vulnerable packages with severity level "${minSeverity}" or higher.`);
}
}));
}
function printChangeVulnerabilities(change) {
for (const vuln of change.vulnerabilities) {
core.info(`${ansi_styles_1.default.bold.open}${change.manifest} » ${change.name}@${change.version}${ansi_styles_1.default.bold.close} ${vuln.advisory_summary} ${renderSeverity(vuln.severity)}`);
@@ -301,24 +302,6 @@ function renderScannedDependency(change) {
}[changeType];
return `${ansi_styles_1.default.color[color].open}${icon} ${change.manifest}@${change.version}${ansi_styles_1.default.color[color].close}`;
}
function printLicensesError(changes) {
if (changes.length === 0) {
return;
}
core.info('\nThe following dependencies have incompatible licenses:\n');
for (const change of changes) {
core.info(`${ansi_styles_1.default.bold.open}${change.manifest} » ${change.name}@${change.version}${ansi_styles_1.default.bold.close} License: ${ansi_styles_1.default.color.red.open}${change.license}${ansi_styles_1.default.color.red.close}`);
}
}
function printNullLicenses(changes) {
if (changes.length === 0) {
return;
}
core.info('\nWe could not detect a license for the following dependencies:\n');
for (const change of changes) {
core.info(`${ansi_styles_1.default.bold.open}${change.manifest} » ${change.name}@${change.version}${ansi_styles_1.default.bold.close}`);
}
}
function printScannedDependencies(changes) {
core.group('Dependency changes', () => __awaiter(this, void 0, void 0, function* () {
// group changes by manifest
@@ -337,6 +320,33 @@ function printScannedDependencies(changes) {
}
}));
}
function printLicensesBlock(licenseErrors, unknownLicenses) {
core.group('Licenses', () => __awaiter(this, void 0, void 0, function* () {
if (licenseErrors.length > 0) {
printLicensesError(licenseErrors);
core.setFailed('Dependency review detected incompatible licenses.');
}
printNullLicenses(unknownLicenses);
}));
}
function printLicensesError(changes) {
if (changes.length === 0) {
return;
}
core.info('\nThe following dependencies have incompatible licenses:\n');
for (const change of changes) {
core.info(`${ansi_styles_1.default.bold.open}${change.manifest} » ${change.name}@${change.version}${ansi_styles_1.default.bold.close} License: ${ansi_styles_1.default.color.red.open}${change.license}${ansi_styles_1.default.color.red.close}`);
}
}
function printNullLicenses(changes) {
if (changes.length === 0) {
return;
}
core.info('\nWe could not detect a license for the following dependencies:\n');
for (const change of changes) {
core.info(`${ansi_styles_1.default.bold.open}${change.manifest} » ${change.name}@${change.version}${ansi_styles_1.default.bold.close}`);
}
}
run();

2
dist/index.js.map generated vendored

File diff suppressed because one or more lines are too long

View File

@@ -16,7 +16,6 @@ import {getRefs} from './git-refs'
async function run(): Promise<void> {
try {
let failed = false
const config = readConfig()
const refs = getRefs(config, github.context)
@@ -61,34 +60,13 @@ async function run(): Promise<void> {
)
summary.addSummaryToSummary(addedChanges, licenseErrors, unknownLicenses)
if (addedChanges.length > 0) {
for (const change of addedChanges) {
printChangeVulnerabilities(change)
}
failed = true
}
summary.addChangeVulnerabilitiesToSummary(addedChanges, minSeverity || '')
if (licenseErrors.length > 0) {
printLicensesError(licenseErrors)
core.setFailed('Dependency review detected incompatible licenses.')
}
printNullLicenses(unknownLicenses)
summary.addLicensesToSummary(licenseErrors, unknownLicenses, config)
printScannedDependencies(changes)
printVulnerabilitiesBlock(addedChanges, minSeverity || 'low')
printLicensesBlock(licenseErrors, unknownLicenses)
if (failed) {
core.setFailed('Dependency review detected vulnerable packages.')
} else {
core.info(
`Dependency review did not detect any vulnerable packages with severity level "${minSeverity}" or higher.`
)
}
printScannedDependencies(changes)
} catch (error) {
if (error instanceof RequestError && error.status === 404) {
core.setFailed(
@@ -110,6 +88,29 @@ async function run(): Promise<void> {
}
}
function printVulnerabilitiesBlock(
addedChanges: Change[],
minSeverity: Severity
): void {
let failed = false
core.group('Vulnerabilities', async () => {
if (addedChanges.length > 0) {
for (const change of addedChanges) {
printChangeVulnerabilities(change)
}
failed = true
}
if (failed) {
core.setFailed('Dependency review detected vulnerable packages.')
} else {
core.info(
`Dependency review did not detect any vulnerable packages with severity level "${minSeverity}" or higher.`
)
}
})
}
function printChangeVulnerabilities(change: Change): void {
for (const vuln of change.vulnerabilities) {
core.info(
@@ -161,6 +162,41 @@ function renderScannedDependency(change: Change): string {
return `${styles.color[color].open}${icon} ${change.manifest}@${change.version}${styles.color[color].close}`
}
function printScannedDependencies(changes: Change[]): void {
core.group('Dependency changes', async () => {
// group changes by manifest
const dependencies: Record<string, Change[]> = {}
for (const change of changes) {
if (dependencies[change.manifest] === undefined) {
dependencies[change.manifest] = []
}
dependencies[change.manifest].push(change)
}
for (const [manifestName, manifestChanges] of Object.entries(
dependencies
)) {
core.info(`File: ${styles.bold.open}${manifestName}${styles.bold.close}`)
for (const change of manifestChanges) {
core.info(`${renderScannedDependency(change)}`)
}
}
})
}
function printLicensesBlock(
licenseErrors: Change[],
unknownLicenses: Change[]
): void {
core.group('Licenses', async () => {
if (licenseErrors.length > 0) {
printLicensesError(licenseErrors)
core.setFailed('Dependency review detected incompatible licenses.')
}
printNullLicenses(unknownLicenses)
})
}
function printLicensesError(changes: Change[]): void {
if (changes.length === 0) {
return
@@ -187,26 +223,4 @@ function printNullLicenses(changes: Change[]): void {
}
}
function printScannedDependencies(changes: Change[]): void {
core.group('Dependency changes', async () => {
// group changes by manifest
const dependencies: Record<string, Change[]> = {}
for (const change of changes) {
if (dependencies[change.manifest] === undefined) {
dependencies[change.manifest] = []
}
dependencies[change.manifest].push(change)
}
for (const [manifestName, manifestChanges] of Object.entries(
dependencies
)) {
core.info(`File: ${styles.bold.open}${manifestName}${styles.bold.close}`)
for (const change of manifestChanges) {
core.info(`${renderScannedDependency(change)}`)
}
}
})
}
run()