Permalink
Browse files

fix: Undefined base image

This patch updates the conditions in which docker file instructions are
shown in remediation advice; currently they are shown even the file is
not used, resulting in some strange "undefined" messages.
  • Loading branch information...
robcresswell committed Jan 9, 2019
1 parent bc82842 commit 962810abd641d46c303b9ceb54ef0caac82cf5cf
Showing with 13 additions and 3 deletions.
  1. +13 −3 src/cli/commands/test.js
@@ -358,9 +358,7 @@ function formatIssues(vuln, options) {
? createRemediationText(vuln, packageManager)
: '',
fixedIn: options.docker ? createFixedInText(vulnerableRange, version) : '',
dockerfilePackage: options.docker && vuln.dockerfileInstruction
? `\n Introduced in your Dockerfile by '${ vuln.dockerfileInstruction }'`
: `\n Introduced by your base image (${ vuln.dockerBaseImage })`,
dockerfilePackage: options.docker ? dockerfileInstructionText(vuln) : '',
};

return (
@@ -377,6 +375,18 @@ function formatIssues(vuln, options) {
);
}

function dockerfileInstructionText(vuln) {
if (vuln.dockerfileInstruction) {
return `\n Introduced in your Dockerfile by '${ vuln.dockerfileInstruction }'`;
}

if (vuln.dockerBaseImage) {
return `\n Introduced by your base image (${ vuln.dockerBaseImage })`;
}

return '';
}

function createFixedInText(versionRangeList, pkgVersion) {
let fixedVersion = '';
let fixedVersionCandidate = '';

0 comments on commit 962810a

Please sign in to comment.