feat(githubaction): fail with error 2 if vulnerabilities are detected

Enables the (calling) github action be marked 'fail' when vulnerabilities are found.
mattorb · Feb 3, 2020 · 5127705 · 5127705
1 parent 7db3ca9
commit 5127705
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 1 deletion.
diff --git a/bin/is-website-vulnerable.js b/bin/is-website-vulnerable.js
@@ -52,7 +52,8 @@ function getLighthouseOptions() {
       : new RenderConsole(results, argv.jsLib)
     renderer.print()
 
-    process.exit(0)
+    if (audit.hasVulnerabilities(results)) process.exit(2)
+    else process.exit(0)
   } catch (error) {
     console.error(`\nError: ${error.message}\n`)
     console.error('Usage:\n  is-website-vulnerable https://www.google.com\n\n')

diff --git a/src/Audit.js b/src/Audit.js
@@ -23,6 +23,20 @@ module.exports = class Audit {
     }
   }
 
+  hasVulnerabilities(scanResult) {
+    const vulnerableAudit = scanResult.lhr.audits['no-vulnerable-libraries']
+
+    if (
+      vulnerableAudit.details &&
+      vulnerableAudit.details.items &&
+      vulnerableAudit.details.items.length > 0
+    ) {
+      return true
+    }
+
+    return false
+  }
+
   async scanUrl(url, options = { lighthouseOpts: {}, chromeOpts: {} }, progress = false) {
     const optflags = options.lighthouseOpts
     const chromePath = (options.chromeOpts || {}).chromePath