feat: adds support for critical severity [APOLLO-91]

snyk · May 10, 2021 · 886017e · 886017e
1 parent da933ee
commit 886017e
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 2 deletions.
diff --git a/src/lib/vuln.ts b/src/lib/vuln.ts
@@ -1,7 +1,7 @@
 import * as _ from '@snyk/lodash';
 import { PatchRemediation, UpgradeRemediation, Vuln } from './types';
 
-export const severityMap = { low: 0, medium: 1, high: 2 };
+export const severityMap = { low: 0, medium: 1, high: 2, critical: 3 };
 
 function getVuln(id, vulnerabilities: any): Vuln {
   const vuln = vulnerabilities.find((v) => v.id === id);

diff --git a/test/vuln.test.ts b/test/vuln.test.ts
@@ -86,6 +86,11 @@ test('getSeverityScore with data length 1', async (t) => {
 test('getSeverityScore with multiple vulns', async (t) => {
   // Arrange
   const vulnerabilities = [
+    {
+      id: 'npm:adm-zip:20180415',
+      severity: 'critical',
+      title: 'Arbitrary File Write via Archive Extraction (Zip Slip)',
+    },
     {
       id: 'npm:adm-zip:20180415',
       severity: 'high',
@@ -102,7 +107,7 @@ test('getSeverityScore with multiple vulns', async (t) => {
       title: 'Arbitrary File Write via Archive Extraction (Zip Slip)',
     },
   ];
-  const expected = 6;
+  const expected = 10;
   // Act
   const result = getSeverityScore(vulnerabilities);
   // Assert