Skip to content

Commit

Permalink
feat: reword 'vulnerability/ies' to 'issue/s'
Browse files Browse the repository at this point in the history
  • Loading branch information
@aviadatsnyk
aviadatsnyk committed Apr 9, 2017
1 parent 9409919 commit 2666868
Show file tree
Hide file tree
Showing 6 changed files with 50 additions and 22 deletions.
7 changes: 4 additions & 3 deletions cli/commands/monitor.js
View file
Expand Up @@ -49,15 +49,16 @@ function monitor(path, options) {
var manageUrl = url.format(endpoint);

endpoint.pathname = leader + '/monitor/' + res.id;
var issues = res.licensesPolicy ? 'issues' : 'vulnerabilities';
return (packageManager === 'yarn' ?
'A yarn.lock file was detected - continuing as a Yarn project.\n\n' :
'\n\n') +
'Captured a snapshot of this project\'s dependencies.\n' +
'Explore this snapshot at ' + monitorUrl + '\n\n' +
(res.isMonitored ?
'Notifications about newly disclosed vulnerabilities\n' +
'related to these dependencies will be emailed to you.\n\n' :
chalk.bold.red('Project is inactive, so notifications are turned ' +
'Notifications about newly disclosed ' + issues + ' related\n' +
'to these dependencies will be emailed to you.\n\n' :
chalk.bold.red('Project is inactive, so notifications are turned ' +
'off.\nActivate this project here: ' + manageUrl + '\n\n')) +
(res.trialStarted ?
chalk.yellow('You\'re over the free plan usage limit, \n' +
Expand Down
18 changes: 12 additions & 6 deletions cli/commands/protect/prompts.js
View file
Expand Up @@ -485,7 +485,7 @@ function generatePrompt(vulns, policy, prefix) {
var review = {
value: 'review',
short: 'Review',
name: 'Review vulnerabilities separately',
name: 'Review issues separately',
};

var choices = [];
Expand All @@ -511,12 +511,15 @@ function generatePrompt(vulns, policy, prefix) {
infoLink += '/package/npm/' + group.affected.name + '/' +
group.affected.version;
var joiningText = group.patch ? 'in' : 'via';
messageIntro = fmt('%s vulnerabilities introduced %s %s',
group.count,joiningText, group.affected.full);
var issues = vuln.type === 'license' ? 'issues' : 'vulnerabilities';
messageIntro = fmt(
'%s %s introduced %s %s',
group.count, issues, joiningText, group.affected.full);
} else {
infoLink += '/vuln/' + vuln.id;
messageIntro = fmt('%s severity vuln found in %s, introduced via',
severity, vulnIn, from);
messageIntro = fmt(
'%s severity %s found in %s, introduced via',
severity, vuln.type === 'license' ? 'issue' : 'vuln', vulnIn, from);
messageIntro += '\n- desc: ' + vuln.title;
fromText = (from !== vuln.from.slice(1).join(' > ') ?
'- from: ' + vuln.from.slice(1).join(' > ') : '');
Expand Down Expand Up @@ -760,9 +763,12 @@ function generatePrompt(vulns, policy, prefix) {
if (rule && rule.type === 'ignore') {
defaultAnswer = rule.reason;
}
var issue = curr.choices[0].value.vuln &&
curr.choices[0].value.vuln.type === 'license' ?
'issue' : 'vulnerability';
acc.push({
name: curr.name + '-reason',
message: '[audit] Reason for ignoring vulnerability?',
message: '[audit] Reason for ignoring ' + issue + '?',
default: defaultAnswer,
when: function (answers) {
if (!answers[curr.name]) {
Expand Down
16 changes: 14 additions & 2 deletions cli/commands/protect/wizard.js
View file
Expand Up @@ -123,16 +123,28 @@ function processWizardFlow(options) {
}).then(function () {
return snyk.test(cwd, options).then(function (res) {
var packageFile = path.resolve(cwd, 'package.json');

var licenseIssues = res.vulnerabilities.filter(function (issue) {
return issue.type === 'license';
});
if (licenseIssues) {
console.log('\nLicense issues are not supported by the wizard, ' +
'use `snyk ignore`\n');
}
res.vulnerabilities = res.vulnerabilities.filter(function (vuln) {
return vuln.type !== 'license';
});
if (!res.ok) {
var vulns = res.vulnerabilities;
var paths = vulns.length === 1 ? 'path' : 'paths';
var ies = vulns.length === 1 ? 'y' : 'ies';
var uniqueCount = _.uniq(vulns.map(function (vuln) {
return vuln.id;
})).length;
// echo out the deps + vulns found
console.log('Tested %s dependencies for known vulnerabilities, %s',
res.dependencyCount,
chalk.bold.red('found ' +
res.uniqueCount +
uniqueCount +
' vulnerabilit' + ies +
', ' + vulns.length +
' vulnerable ' +
Expand Down
21 changes: 15 additions & 6 deletions cli/commands/test.js
View file
Expand Up @@ -98,7 +98,8 @@ function test(path, options) {
} else {
summary += path;
}
summary += ' for known vulnerabilities';
var issues = res.licensesPolicy ? 'issues' : 'vulnerabilities';
summary += ' for known ' + issues;

if (res.ok && res.vulnerabilities.length === 0) {
summary = chalk.green('✓ ' + summary + ', no vulnerable paths found.');
Expand All @@ -114,9 +115,11 @@ function test(path, options) {
var vulnLength = res.vulnerabilities.length;
var count = 'found ' + res.uniqueCount;
if (res.uniqueCount === 1) {
count += ' vulnerability, ';
var issue = res.licensesPolicy ? 'issue' : 'vulnerability';
count += ' ' + issue + ', ';
} else {
count += ' vulnerabilities, ';
var issues = res.licensesPolicy ? 'issues' : 'vulnerabilities';
count += ' ' + issues + ', ';
}
count += vulnLength + ' vulnerable ';

Expand All @@ -137,7 +140,8 @@ function test(path, options) {
var res = '';
var name = vuln.name + '@' + vuln.version;
var severity = vuln.severity[0].toUpperCase() + vuln.severity.slice(1);
res += chalk.red('✗ ' + severity + ' severity vulnerability found on ' +
var issue = vuln.type === 'license' ? 'issue' : 'vulnerability';
res += chalk.red('✗ ' + severity + ' severity ' + issue + ' found on ' +
name + '\n');
res += '- desc: ' + vuln.title + '\n';
res += '- info: ' + config.ROOT + '/vuln/' + vuln.id + '\n';
Expand Down Expand Up @@ -197,8 +201,13 @@ function test(path, options) {
}
res += chalk.bold(fix);
} else {
res += chalk.magenta('Fix: None available. Consider removing this' +
' dependency.');
if (vuln.type === 'license') {
// do not display fix (there isn't any), remove newline
res = res.slice(0, -1);
} else {
res += chalk.magenta(
'Fix: None available. Consider removing this dependency.');
}
}
return res;
}).join(sep) + sep + summary;
Expand Down
4 changes: 2 additions & 2 deletions lib/display-policy.js
View file
Expand Up @@ -18,7 +18,7 @@ function display(policy) {
if (p.patch.length && p.ignore.length) {
res += '\n\n------------------------\n';
}
res += p.ignore.map(displayRule('Ignore vulnerability')).join('\n');
res += p.ignore.map(displayRule('Ignore')).join('\n');

resolve(res);
});
Expand All @@ -35,4 +35,4 @@ function displayRule(title) {
'\nExpires: ' + p.expires.toUTCString() + '\n': '') + '\n';
}).join('').replace(/\s*$/, ''));
};
}
}
6 changes: 3 additions & 3 deletions test/fixtures/snyk-config-no-version/expected
View file
Expand Up @@ -20,7 +20,7 @@ handlebars@4.0.3 > uglify-js@2.4.24

------------------------

#1 Ignore vulnerability https://snyk.io/vuln/npm:tar:20151103 in the following paths:
#1 Ignore https://snyk.io/vuln/npm:tar:20151103 in the following paths:
spm-client@0.4.3 > tar@1.0.3
Reason: Something better than a turnip
Expires: Sun, 20 Dec 2015 16:37:39 GMT
Expand All @@ -33,12 +33,12 @@ babel@5.8.29 > chokidar@1.2.0 > fsevents@1.0.2 > node-pre-gyp@0.6.12 > tar-pack@
Reason: Oranges
Expires: Sun, 20 Dec 2015 16:37:39 GMT

#2 Ignore vulnerability https://snyk.io/vuln/npm:uglify-js:20150824 in the following paths:
#2 Ignore https://snyk.io/vuln/npm:uglify-js:20150824 in the following paths:
tap@0.7.1 > runforcover@0.0.2 > bunker@0.1.2 > burrito@0.2.12 > uglify-js@1.1.1
Reason: Fruits
Expires: Sun, 20 Dec 2015 16:37:39 GMT

#3 Ignore vulnerability https://snyk.io/vuln/npm:uglify-js:20151024 in the following paths:
#3 Ignore https://snyk.io/vuln/npm:uglify-js:20151024 in the following paths:
tap@0.7.1 > runforcover@0.0.2 > bunker@0.1.2 > burrito@0.2.12 > uglify-js@1.1.1
Reason: Stuff
Expires: Sun, 20 Dec 2015 16:37:39 GMT

0 comments on commit 2666868

Please sign in to comment.