fix: reinstate injecting remediation hints into snyk-test response

snyk · May 9, 2019 · c6527e8 · c6527e8
1 parent 7ae9199
commit c6527e8
Showing 1 changed file with 27 additions and 26 deletions.
diff --git a/src/lib/snyk-test/nodejs/index.ts b/src/lib/snyk-test/nodejs/index.ts
@@ -60,6 +60,33 @@ async function runTest(packageManager: string, root: string, options): Promise<o
         options.severityThreshold);
     }
 
+    // For Node.js: inject additional information (for remediation etc.) into the response.
+    if (payload.modules) {
+      res.dependencyCount = payload.modules.numDependencies;
+      if (res.vulnerabilities) {
+        res.vulnerabilities.forEach((vuln) => {
+          if (payload.modules && payload.modules.pluck) {
+            const plucked = payload.modules.pluck(vuln.from, vuln.name, vuln.version);
+            vuln.__filename = plucked.__filename;
+            vuln.shrinkwrap = plucked.shrinkwrap;
+            vuln.bundled = plucked.bundled;
+
+            // this is an edgecase when we're testing the directly vuln pkg
+            if (vuln.from.length === 1) {
+              return;
+            }
+
+            const parentPkg = moduleToObject(vuln.from[1]);
+            const parent = payload.modules.pluck(vuln.from.slice(0, 2),
+              parentPkg.name,
+              parentPkg.version);
+            vuln.parentDepType = parent.depType;
+          }
+        });
+      }
+    }
+
+
     analytics.add('vulns-pre-policy', res.vulnerabilities.length);
 
     res.filesystemPolicy = !!payloadPolicy;
@@ -235,32 +262,6 @@ async function sendPayload(payload: Payload): Promise<any> {
 
       body.filesystemPolicy = filesystemPolicy;
 
-      // This branch is valid for node modules flow only
-      if (payload.modules) {
-        body.dependencyCount = payload.modules.numDependencies;
-        if (body.vulnerabilities) {
-          body.vulnerabilities.forEach((vuln) => {
-            if (payload.modules && payload.modules.pluck) {
-              const plucked = payload.modules.pluck(vuln.from, vuln.name, vuln.version);
-              vuln.__filename = plucked.__filename;
-              vuln.shrinkwrap = plucked.shrinkwrap;
-              vuln.bundled = plucked.bundled;
-
-              // this is an edgecase when we're testing the directly vuln pkg
-              if (vuln.from.length === 1) {
-                return;
-              }
-
-              const parentPkg = moduleToObject(vuln.from[1]);
-              const parent = payload.modules.pluck(vuln.from.slice(0, 2),
-                parentPkg.name,
-                parentPkg.version);
-              vuln.parentDepType = parent.depType;
-            }
-          });
-        }
-      }
-
       resolve(body);
     });
   });