snyk · karenyavine · Feb 17, 2021 · Jan 26, 2021 · Feb 9, 2021 · Feb 15, 2021
diff --git a/src/cli/commands/protect/prompts.ts b/src/cli/commands/protect/prompts.ts
@@ -20,6 +20,7 @@ import * as config from '../../../lib/config';
 import * as snykPolicy from 'snyk-policy';
 import chalk from 'chalk';
 import { AnnotatedIssue, SEVERITY } from '../../../lib/snyk-test/legacy';
+import { getLegacySeveritiesColour } from '../../../lib/snyk-test/common';
 import { titleCaseText } from '../test/formatters/legacy-format-issue';
 
 const debug = debugModule('snyk');
@@ -46,24 +47,8 @@ function sort(prop) {
 
 function createSeverityBasedIssueHeading(msg: string, severity: SEVERITY) {
   // Example: ✗ Medium severity vulnerability found in xmldom
-  const severitiesColourMapping = {
-    low: {
-      colorFunc(text) {
-        return chalk.bold.blue(text);
-      },
-    },
-    medium: {
-      colorFunc(text) {
-        return chalk.bold.yellow(text);
-      },
-    },
-    high: {
-      colorFunc(text) {
-        return chalk.bold.red(text);
-      },
-    },
-  };
-  return severitiesColourMapping[severity].colorFunc(msg);
+  const severityColor = getLegacySeveritiesColour(severity);
+  return severityColor.colorFunc(msg);
 }
 
 function sortUpgradePrompts(a, b) {

diff --git a/src/cli/commands/test/formatters/legacy-format-issue.ts b/src/cli/commands/test/formatters/legacy-format-issue.ts
@@ -18,6 +18,7 @@ import {
 import { formatLegalInstructions } from './legal-license-instructions';
 import { getReachabilityText } from './format-reachability';
 import { PATH_SEPARATOR } from '../../constants';
+import { getLegacySeveritiesColour } from '../../../../lib/snyk-test/common';
 
 export function formatIssues(
   vuln: GroupedVuln,
@@ -95,31 +96,15 @@ function createSeverityBasedIssueHeading({
 }: CreateSeverityBasedIssueHeading) {
   // Example: ✗ Medium severity vulnerability found in xmldom
   const vulnTypeText = type === 'license' ? 'issue' : 'vulnerability';
-  const severitiesColourMapping = {
-    low: {
-      colorFunc(text) {
-        return chalk.bold.blue(text);
-      },
-    },
-    medium: {
-      colorFunc(text) {
-        return chalk.bold.yellow(text);
-      },
-    },
-    high: {
-      colorFunc(text) {
-        return chalk.bold.red(text);
-      },
-    },
-  };
+  const severityColor = getLegacySeveritiesColour(severity);
 
   let originalSeverityStr = '';
   if (originalSeverity && originalSeverity !== severity) {
     originalSeverityStr = ` (originally ${titleCaseText(originalSeverity)})`;
   }
 
   return (
-    severitiesColourMapping[severity].colorFunc(
+    severityColor.colorFunc(
       '✗ ' +
         titleCaseText(severity) +
         ` severity${originalSeverityStr} ` +

diff --git a/src/cli/commands/test/formatters/remediation-based-format-issues.ts b/src/cli/commands/test/formatters/remediation-based-format-issues.ts
@@ -14,7 +14,10 @@ import {
   SEVERITY,
   UpgradeRemediation,
 } from '../../../../lib/snyk-test/legacy';
-import { SEVERITIES } from '../../../../lib/snyk-test/common';
+import {
+  SEVERITIES,
+  getSeveritiesColour,
+} from '../../../../lib/snyk-test/common';
 import { formatLegalInstructions } from './legal-license-instructions';
 import {
   formatReachability,
@@ -438,23 +441,8 @@ export function formatIssue(
   reachability?: REACHABILITY,
   sampleReachablePaths?: SampleReachablePaths,
 ): string {
-  const severitiesColourMapping = {
-    low: {
-      colorFunc(text) {
-        return chalk.blueBright(text);
-      },
-    },
-    medium: {
-      colorFunc(text) {
-        return chalk.yellowBright(text);
-      },
-    },
-    high: {
-      colorFunc(text) {
-        return chalk.redBright(text);
-      },
-    },
-  };
+  const severityColor = getSeveritiesColour(severity);
+
   const newBadge = isNew ? ' (new)' : '';
   const name = vulnerableModule ? ` in ${chalk.bold(vulnerableModule)}` : '';
   let legalLicenseInstructionsText;
@@ -507,7 +495,7 @@ export function formatIssue(
   }
 
   return (
-    severitiesColourMapping[severity].colorFunc(
+    severityColor.colorFunc(
       `  ✗ ${chalk.bold(title)}${newBadge} [${titleCaseText(
         severity,
       )} Severity${originalSeverityStr}]`,

diff --git a/src/cli/commands/test/iac-output.ts b/src/cli/commands/test/iac-output.ts
@@ -10,6 +10,7 @@ import { printPath } from './formatters/remediation-based-format-issues';
 import { titleCaseText } from './formatters/legacy-format-issue';
 import * as sarif from 'sarif';
 import { SEVERITY } from '../../../lib/snyk-test/legacy';
+import { getSeveritiesColour } from '../../../lib/snyk-test/common';
 import { IacFileInDirectory } from '../../../lib/types';
 import upperFirst = require('lodash.upperfirst');
 const debug = Debug('iac-output');
@@ -19,23 +20,6 @@ function formatIacIssue(
   isNew: boolean,
   path: string[],
 ): string {
-  const severitiesColourMapping = {
-    low: {
-      colorFunc(text) {
-        return chalk.blueBright(text);
-      },
-    },
-    medium: {
-      colorFunc(text) {
-        return chalk.yellowBright(text);
-      },
-    },
-    high: {
-      colorFunc(text) {
-        return chalk.redBright(text);
-      },
-    },
-  };
   const newBadge = isNew ? ' (new)' : '';
   const name = issue.subType ? ` in ${chalk.bold(issue.subType)}` : '';
 
@@ -48,9 +32,10 @@ function formatIacIssue(
 
   const description = extractOverview(issue.description).trim();
   const descriptionLine = `\n    ${description}\n`;
+  const severityColor = getSeveritiesColour(issue.severity);
 
   return (
-    severitiesColourMapping[issue.severity].colorFunc(
+    severityColor.colorFunc(
       `  ✗ ${chalk.bold(issue.title)}${newBadge} [${titleCaseText(
         issue.severity,
       )} Severity]`,

diff --git a/src/lib/snyk-test/common.ts b/src/lib/snyk-test/common.ts
@@ -1,4 +1,5 @@
 import * as config from '../config';
+import chalk from 'chalk';
 
 export function assembleQueryString(options) {
   const org = options.org || config.org || null;
@@ -24,6 +25,7 @@ export enum SEVERITY {
   LOW = 'low',
   MEDIUM = 'medium',
   HIGH = 'high',
+  CRITICAL = 'critical',
 }
 export const SEVERITIES: Array<{
   verboseName: SEVERITY;
@@ -41,8 +43,72 @@ export const SEVERITIES: Array<{
     verboseName: SEVERITY.HIGH,
     value: 3,
   },
+  {
+    verboseName: SEVERITY.CRITICAL,
+    value: 4,
+  },
 ];
 
+export const severitiesColourMapping = {
+  low: {
+    colorFunc(text) {
+      return chalk.blueBright(text);
+    },
+  },
+  medium: {
+    colorFunc(text) {
+      return chalk.yellowBright(text);
+    },
+  },
+  high: {
+    colorFunc(text) {
+      return chalk.redBright(text);
+    },
+  },
+  critical: {
+    colorFunc(text) {
+      return chalk.magentaBright(text);
+    },
+  },
+};
+
+export const legacySeveritiesColourMapping = {
+  low: {
+    colorFunc(text) {
+      return chalk.bold.blue(text);
+    },
+  },
+  medium: {
+    colorFunc(text) {
+      return chalk.bold.yellow(text);
+    },
+  },
+  high: {
+    colorFunc(text) {
+      return chalk.bold.red(text);
+    },
+  },
+  critical: {
+    colorFunc(text) {
+      return chalk.bold.magenta(text);
+    },
+  },
+};
+
+export const defaultSeverityColor = {
+  colorFunc(text) {
+    return chalk.grey(text);
+  },
+};
+
+export function getSeveritiesColour(severity: string) {
+  return severitiesColourMapping[severity] || defaultSeverityColor;
+}
+
+export function getLegacySeveritiesColour(severity: string) {
+  return legacySeveritiesColourMapping[severity] || defaultSeverityColor;
+}
+
 export enum FAIL_ON {
   all = 'all',
   upgradable = 'upgradable',

diff --git a/src/lib/snyk-test/legacy.ts b/src/lib/snyk-test/legacy.ts
@@ -20,6 +20,7 @@ export enum SEVERITY {
   LOW = 'low',
   MEDIUM = 'medium',
   HIGH = 'high',
+  CRITICAL = 'critical',
 }
 
 export enum REACHABILITY {

diff --git a/test/acceptance/cli-test/cli-test.ruby.spec.ts b/test/acceptance/cli-test/cli-test.ruby.spec.ts
@@ -456,6 +456,81 @@ export const RubyTests: AcceptanceTests = {
       }
     },
 
+    '`test ruby-app-thresholds --severity-threshold=critical': (
+      params,
+      utils,
+    ) => async (t) => {
+      utils.chdirWorkspaces();
+
+      params.server.setNextResponse(
+        getWorkspaceJSON(
+          'ruby-app-thresholds',
+          'test-graph-result-critical-severity.json',
+        ),
+      );
+
+      try {
+        await params.cli.test('ruby-app-thresholds', {
+          severityThreshold: 'critical',
+        });
+        t.fail('should have thrown');
+      } catch (err) {
+        const req = params.server.popRequest();
+        t.is(req.query.severityThreshold, 'critical');
+
+        const res = err.message;
+
+        t.match(
+          res,
+          'Tested 7 dependencies for known vulnerabilities, found 1 vulnerability, 2 vulnerable paths',
+          '1 vuln',
+        );
+      }
+    },
+
+    '`test ruby-app-thresholds --severity-threshold=critical --json`': (
+      params,
+      utils,
+    ) => async (t) => {
+      utils.chdirWorkspaces();
+
+      params.server.setNextResponse(
+        getWorkspaceJSON(
+          'ruby-app-thresholds',
+          'test-graph-result-critical-severity.json',
+        ),
+      );
+
+      try {
+        await params.cli.test('ruby-app-thresholds', {
+          severityThreshold: 'critical',
+          json: true,
+        });
+        t.fail('should have thrown');
+      } catch (err) {
+        const req = params.server.popRequest();
+        t.is(req.query.severityThreshold, 'critical');
+
+        const res = JSON.parse(err.message);
+
+        const expected = getWorkspaceJSON(
+          'ruby-app-thresholds',
+          'test-result-critical-severity.json',
+        );
+
+        t.deepEqual(
+          omit(res, ['vulnerabilities']),
+          omit(expected, ['vulnerabilities']),
+          'metadata is ok',
+        );
+        t.deepEqual(
+          sortBy(res.vulnerabilities, 'id'),
+          sortBy(expected.vulnerabilities, 'id'),
+          'vulns are the same',
+        );
+      }
+    },
+
     '`test ruby-app-policy`': (params, utils) => async (t) => {
       utils.chdirWorkspaces();