feat(cli): Add option to exit with non-zero code if there are vulnera…

…bilities
eventOneHQ · Oct 22, 2020 · 15fb781 · 15fb781
2 parents 067125b + e412b63
commit 15fb781
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -49,6 +49,11 @@ You can also fully customize the generated report by providing `--template` opti
 npm audit --json | npm-audit-html --template ./my-awesome-template.hbs
 ```
 
+If you'd like the generator to exit with non-zero exit code when vulnerabilities are found, you can add the `--fatal-exit-code` option:
+```bash
+npm audit --json | npm-audit-html --fatal-exit-code
+```
+
 ## ✍️ Authors <a name = "authors"></a>
 
 - [@nprail](https://github.com/nprail) - Maintainer

diff --git a/index.js b/index.js
@@ -21,6 +21,7 @@ program
     'template theme `dark` or `light` (defaults to `light`)'
   )
   .option('-t, --template [handlebars file]', 'handlebars template file')
+  .option('--fatal-exit-code', 'exit with code 1 if vulnerabilities were found')
   .action(async (cmd, env) => {
     try {
       let data
@@ -33,7 +34,7 @@ program
         return process.exit(1)
       }
 
-      await genReport(data, cmd.output, cmd.template, cmd.theme)
+      await genReport(data, cmd.output, cmd.template, cmd.theme, cmd.fatalExitCode)
     } catch (err) {
       console.error('Failed to parse NPM Audit JSON!')
       return process.exit(1)
@@ -44,7 +45,8 @@ const genReport = async (
   data,
   output = 'npm-audit.html',
   template,
-  theme = 'light'
+  theme = 'light',
+  fatalExitCode = false
 ) => {
   try {
     if (!data) {
@@ -54,9 +56,17 @@ const genReport = async (
 
     const templateFile = template || path.join(__dirname, '/templates/template.hbs')
 
-    await reporter(data, templateFile, output, theme)
+    const modifiedData = await reporter(data, templateFile, output, theme)
+    if (modifiedData.metadata.vulnerabilities.total > 0) {
+      console.log(`Vulnerability snapshot saved at ${output}`)
+      if (fatalExitCode) {
+        process.exit(1)
+      }
+      process.exit(0)
+    }
 
-    console.log(`Vulnerability snapshot saved at ${output}`)
+    console.log('No vulnerabilities found')
+    console.log(`Vulnerability snapshot save at ${output}`)
     process.exit(0)
   } catch (err) {
     console.log('An error occurred!')

diff --git a/lib/reporter.js b/lib/reporter.js
@@ -90,6 +90,7 @@ module.exports = async (data, templateFile, outputFile, theme) => {
     modifiedData.theme = theme
     const report = await generateTemplate(modifiedData, templateFile)
     await writeReport(report, outputFile)
+    return modifiedData
   } catch (err) {
     console.log(err)
   }