fix(urls): Replace hardcoded URL to advisory with a URL from audit response (#34)

melkikh · zkat · commit e2fe95bb87de · 2018-12-18T14:29:53.000-08:00
diff --git a/reporters/detail.js b/reporters/detail.js
@@ -117,7 +117,7 @@ const report = function (data, options) {
               {'Package': advisory.module_name},
               {'Dependency of': `${resolution.path.split('>')[0]} ${resolution.dev ? '[dev]' : ''}`},
               {'Path': `${resolution.path.split('>').join(Utils.color(' > ', 'grey', config.withColor))}`},
-              {'More info': `https://nodesecurity.io/advisories/${advisory.id}`}
+              {'More info': advisory.url || `https://www.npmjs.com/advisories/${advisory.id}`}
             )
 
             log(table.toString() + '\n\n')
@@ -160,7 +160,7 @@ const report = function (data, options) {
               {'Patched in': patchedIn},
               {'Dependency of': `${resolution.path.split('>')[0]} ${resolution.dev ? '[dev]' : ''}`},
               {'Path': `${resolution.path.split('>').join(Utils.color(' > ', 'grey', config.withColor))}`},
-              {'More info': `https://nodesecurity.io/advisories/${advisory.id}`}
+              {'More info': advisory.url || `https://www.npmjs.com/advisories/${advisory.id}`}
             )
             log(table.toString())
           })
diff --git a/reporters/parseable.js b/reporters/parseable.js
@@ -32,7 +32,7 @@ const report = function (data, options) {
             l.sevLevel = advisory.severity
             l.severity = advisory.title
             l.package = advisory.module_name
-            l.moreInfo = `https://nodesecurity.io/advisories/${advisory.id}`
+            l.moreInfo = advisory.url || `https://www.npmjs.com/advisories/${advisory.id}`
             l.path = resolution.path
 
             accumulator[advisory.severity] += [action.action, l.package, l.sevLevel, l.recommendation, l.severity, l.moreInfo, l.path, l.breaking]
@@ -47,7 +47,7 @@ const report = function (data, options) {
             l.sevLevel = advisory.severity
             l.severity = advisory.title
             l.package = advisory.module_name
-            l.moreInfo = `https://nodesecurity.io/advisories/${advisory.id}`
+            l.moreInfo = advisory.url || `https://www.npmjs.com/advisories/${advisory.id}`
             l.patchedIn = advisory.patched_versions.replace(' ', '') === '<0.0.0' ? 'No patch available' : advisory.patched_versions
             l.path = resolution.path
 
diff --git a/test/fixtures/some-same-action.json b/test/fixtures/some-same-action.json
@@ -64,7 +64,7 @@
         "exploitability": 5,
         "affected_components": ""
       },
-      "url": "https://nodesecurity.io/advisories/146"
+      "url": "https://www.npmjs.com/advisories/146"
     },
     "534": {
       "findings": [
@@ -106,7 +106,7 @@
         "exploitability": 5,
         "affected_components": ""
       },
-      "url": "https://nodesecurity.io/advisories/534"
+      "url": "https://www.npmjs.com/advisories/534"
     }
   },
   "muted": [],
diff --git a/test/fixtures/some-vulns-critical.json b/test/fixtures/some-vulns-critical.json
@@ -57,7 +57,7 @@
         "exploitability": 5,
         "affected_components": ""
       },
-      "url": "https://nodesecurity.io/advisories/146"
+      "url": "https://www.npmjs.com/advisories/146"
     }
   },
   "muted": [],

Original file line number	Diff line number	Diff line change
`@@ -57,7 +57,7 @@`
`57`	`57`	`"exploitability": 5,`
`58`	`58`	`"affected_components": ""`
`59`	`59`	`},`
`60`		`- "url": "https://nodesecurity.io/advisories/146"`
	`60`	`+ "url": "https://www.npmjs.com/advisories/146"`
`61`	`61`	`}`
`62`	`62`	`},`
`63`	`63`	`"muted": [],`