diff --git a/package-lock.json b/package-lock.json index 3949027..683553d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1435,9 +1435,9 @@ } }, "node_modules/@snyk/docker-registry-v2-client": { - "version": "2.2.2", - "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.2.2.tgz", - "integrity": "sha512-JkkpVZ8WIWWquazoSTSFlMhYOwt+tk+EMSwOxfu/C/wtaESADCORJBe52z0fAnc+xt3eVUVrM+7prJCIJeSrMg==", + "version": "2.2.4", + "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.2.4.tgz", + "integrity": "sha512-7JoxHCYAjJQBOEa11Sdb1scjtq/K4HVDlcE10pNFKbmcUn5Gcm/VDJ2RMEbG2oBdmHTTJMJ5RopIiNMSFd669w==", "dependencies": { "needle": "^2.5.0", "parse-link-header": "^1.0.1", @@ -3564,9 +3564,9 @@ } }, "node_modules/caniuse-lite": { - "version": "1.0.30001244", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001244.tgz", - "integrity": "sha512-Wb4UFZPkPoJoKKVfELPWytRzpemjP/s0pe22NriANru1NoI+5bGNxzKtk7edYL8rmCWTfQO8eRiF0pn1Dqzx7Q==", + "version": "1.0.30001245", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001245.tgz", + "integrity": "sha512-768fM9j1PKXpOCKws6eTo3RHmvTUsG9UrpT4WoREFeZgJBTi4/X9g565azS/rVUGtqb8nt7FjLeF5u4kukERnA==", "dev": true, "funding": { "type": "opencollective", @@ -4474,9 +4474,9 @@ } }, "node_modules/electron-to-chromium": { - "version": "1.3.774", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.774.tgz", - "integrity": "sha512-Fggh17Q1yyv1uMzq8Qn1Ci58P50qcRXMXd2MBcB9sxo6rJxjUutWcNw8uCm3gFWMdcblBO6mDT5HzX/RVRRECA==", + "version": "1.3.778", + "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.778.tgz", + "integrity": "sha512-Lw04qJaPtWdq0d7qKHJTgkam+FhFi3hm/scf1EyqJWdjO3ZIGUJhNmZJRXWb7yb/bRYXQyVGSpa9RqVpjjWMQw==", "dev": true }, "node_modules/elfy": { @@ -11488,9 +11488,9 @@ } }, "node_modules/snyk": { - "version": "1.660.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.660.0.tgz", - "integrity": "sha512-6XHBUddLUjWDuC4901qeZsB3OBLVzqqUbdmcS2dpY3jYafk85J6UrXDRss43/h8ZrlPu7t3BMWbfegDb/1P++Q==", + "version": "1.662.0", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.662.0.tgz", + "integrity": "sha512-sVSFIZ5cxhKoe2Gr3KD3LHKuTlCzVgA0KPa/2NhwyHFVQoSmoVirqntUt4V3taiEOFAk+F++cQ9jAcx2Qlc8nA==", "dependencies": { "@open-policy-agent/opa-wasm": "^1.2.0", "@snyk/cli-interface": "2.11.0", @@ -11722,9 +11722,9 @@ "integrity": "sha512-N82ooyxVNm6h1riLCoyS9e3fuJ3AMG2zIZs2Gd1ATcSFjSA23Q0fzjjZeh0jbJvWVDZ0cJT8yaNNaaXHzueNjg==" }, "node_modules/snyk-delta": { - "version": "1.4.9", - "resolved": "https://registry.npmjs.org/snyk-delta/-/snyk-delta-1.4.9.tgz", - "integrity": "sha512-tq34Rd04Izcne5AwTd+EYWiq8ueYsvwMWW1aAhTvqH1mP9ONxh8mjlNfhEppHrc8LQw2Kh1xxEMsJcPE2mRBQw==", + "version": "1.4.10", + "resolved": "https://registry.npmjs.org/snyk-delta/-/snyk-delta-1.4.10.tgz", + "integrity": "sha512-hNefsgbAGcIAFI/8g5kxykCypMSmtQzuxwgcapWjAGsiSXIYMo/WBSm250PBTwivlHpIwem/JeI4rqL1cBCDrw==", "dependencies": { "@snyk/configstore": "^3.2.0-rc1", "@snyk/dep-graph": "^1.18.1", @@ -15773,9 +15773,9 @@ } }, "@snyk/docker-registry-v2-client": { - "version": "2.2.2", - "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.2.2.tgz", - "integrity": "sha512-JkkpVZ8WIWWquazoSTSFlMhYOwt+tk+EMSwOxfu/C/wtaESADCORJBe52z0fAnc+xt3eVUVrM+7prJCIJeSrMg==", + "version": "2.2.4", + "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.2.4.tgz", + "integrity": "sha512-7JoxHCYAjJQBOEa11Sdb1scjtq/K4HVDlcE10pNFKbmcUn5Gcm/VDJ2RMEbG2oBdmHTTJMJ5RopIiNMSFd669w==", "requires": { "needle": "^2.5.0", "parse-link-header": "^1.0.1", @@ -17431,9 +17431,9 @@ "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==" }, "caniuse-lite": { - "version": "1.0.30001244", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001244.tgz", - "integrity": "sha512-Wb4UFZPkPoJoKKVfELPWytRzpemjP/s0pe22NriANru1NoI+5bGNxzKtk7edYL8rmCWTfQO8eRiF0pn1Dqzx7Q==", + "version": "1.0.30001245", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001245.tgz", + "integrity": "sha512-768fM9j1PKXpOCKws6eTo3RHmvTUsG9UrpT4WoREFeZgJBTi4/X9g565azS/rVUGtqb8nt7FjLeF5u4kukERnA==", "dev": true }, "capture-exit": { @@ -18142,9 +18142,9 @@ } }, "electron-to-chromium": { - "version": "1.3.774", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.774.tgz", - "integrity": "sha512-Fggh17Q1yyv1uMzq8Qn1Ci58P50qcRXMXd2MBcB9sxo6rJxjUutWcNw8uCm3gFWMdcblBO6mDT5HzX/RVRRECA==", + "version": "1.3.778", + "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.778.tgz", + "integrity": "sha512-Lw04qJaPtWdq0d7qKHJTgkam+FhFi3hm/scf1EyqJWdjO3ZIGUJhNmZJRXWb7yb/bRYXQyVGSpa9RqVpjjWMQw==", "dev": true }, "elfy": { @@ -23565,9 +23565,9 @@ } }, "snyk": { - "version": "1.660.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.660.0.tgz", - "integrity": "sha512-6XHBUddLUjWDuC4901qeZsB3OBLVzqqUbdmcS2dpY3jYafk85J6UrXDRss43/h8ZrlPu7t3BMWbfegDb/1P++Q==", + "version": "1.662.0", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.662.0.tgz", + "integrity": "sha512-sVSFIZ5cxhKoe2Gr3KD3LHKuTlCzVgA0KPa/2NhwyHFVQoSmoVirqntUt4V3taiEOFAk+F++cQ9jAcx2Qlc8nA==", "requires": { "@open-policy-agent/opa-wasm": "^1.2.0", "@snyk/cli-interface": "2.11.0", @@ -23809,9 +23809,9 @@ } }, "snyk-delta": { - "version": "1.4.9", - "resolved": "https://registry.npmjs.org/snyk-delta/-/snyk-delta-1.4.9.tgz", - "integrity": "sha512-tq34Rd04Izcne5AwTd+EYWiq8ueYsvwMWW1aAhTvqH1mP9ONxh8mjlNfhEppHrc8LQw2Kh1xxEMsJcPE2mRBQw==", + "version": "1.4.10", + "resolved": "https://registry.npmjs.org/snyk-delta/-/snyk-delta-1.4.10.tgz", + "integrity": "sha512-hNefsgbAGcIAFI/8g5kxykCypMSmtQzuxwgcapWjAGsiSXIYMo/WBSm250PBTwivlHpIwem/JeI4rqL1cBCDrw==", "requires": { "@snyk/configstore": "^3.2.0-rc1", "@snyk/dep-graph": "^1.18.1", diff --git a/src/lib/index.ts b/src/lib/index.ts index f881c74..163935e 100644 --- a/src/lib/index.ts +++ b/src/lib/index.ts @@ -98,11 +98,14 @@ const main = async () => { shouldCommentPr = true; } - if((snykDeltaResults.passIfNoBaseline && snykDeltaResults.noBaseline) === true && snykDeltaResults.result === 0 - && (snykDeltaResults.newVulns || snykDeltaResults.newLicenseIssues)) + if((snykDeltaResults.passIfNoBaseline && snykDeltaResults.noBaseline) === true && snykDeltaResults.result === 0) { - shouldCommentPr = true; - noBaseline = true + if (((snykDeltaResults.newVulns) && (snykDeltaResults.newVulns.length > 0)) || + ((snykDeltaResults.newLicenseIssues) && (snykDeltaResults.newLicenseIssues.length > 0))) + { + shouldCommentPr = true; + noBaseline = true + } } const ghCommitStatusUpdateResponse = await sendCommitStatus( diff --git a/test/fixtures/snyktest-gomod-unmonitored.json b/test/fixtures/snyktest-gomod-unmonitored.json new file mode 100644 index 0000000..094fddb --- /dev/null +++ b/test/fixtures/snyktest-gomod-unmonitored.json @@ -0,0 +1,103 @@ +{ + "vulnerabilities": [], + "ok": true, + "dependencyCount": 8, + "policy": "# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.\nversion: v1.16.0\nignore: {}\npatch: {}\n", + "isPrivate": true, + "org": "playground", + "licensesPolicy": { + "severities": {}, + "orgLicenseRules": { + "AGPL-1.0": { + "licenseType": "AGPL-1.0", + "severity": "high", + "instructions": "" + }, + "AGPL-3.0": { + "licenseType": "AGPL-3.0", + "severity": "high", + "instructions": "" + }, + "Artistic-1.0": { + "licenseType": "Artistic-1.0", + "severity": "medium", + "instructions": "" + }, + "Artistic-2.0": { + "licenseType": "Artistic-2.0", + "severity": "medium", + "instructions": "" + }, + "CDDL-1.0": { + "licenseType": "CDDL-1.0", + "severity": "medium", + "instructions": "" + }, + "CPOL-1.02": { + "licenseType": "CPOL-1.02", + "severity": "high", + "instructions": "" + }, + "EPL-1.0": { + "licenseType": "EPL-1.0", + "severity": "medium", + "instructions": "" + }, + "GPL-2.0": { + "licenseType": "GPL-2.0", + "severity": "high", + "instructions": "" + }, + "GPL-3.0": { + "licenseType": "GPL-3.0", + "severity": "high", + "instructions": "" + }, + "LGPL-2.0": { + "licenseType": "LGPL-2.0", + "severity": "medium", + "instructions": "" + }, + "LGPL-2.1": { + "licenseType": "LGPL-2.1", + "severity": "medium", + "instructions": "" + }, + "LGPL-3.0": { + "licenseType": "LGPL-3.0", + "severity": "medium", + "instructions": "" + }, + "MPL-1.1": { + "licenseType": "MPL-1.1", + "severity": "medium", + "instructions": "" + }, + "MPL-2.0": { + "licenseType": "MPL-2.0", + "severity": "medium", + "instructions": "" + }, + "MS-RL": { + "licenseType": "MS-RL", + "severity": "medium", + "instructions": "" + }, + "SimPL-2.0": { + "licenseType": "SimPL-2.0", + "severity": "high", + "instructions": "" + } + } + }, + "packageManager": "gomodules", + "ignoreSettings": null, + "summary": "No known vulnerabilities", + "filesystemPolicy": false, + "uniqueCount": 0, + "targetFile": "go.mod", + "projectName": "ira-tickets-for-new-vulns", + "foundProjectCount": 1, + "displayTargetFile": "go.mod", + "path": "/home/antoine/Documents/SnykTSDev/jira-tickets-for-new-vulns/snyk-tech-services/ira-tickets-for-new-vulns" + } \ No newline at end of file diff --git a/test/lib/index.test.ts b/test/lib/index.test.ts index 854c739..cd91d6a 100644 --- a/test/lib/index.test.ts +++ b/test/lib/index.test.ts @@ -320,6 +320,34 @@ describe('Testing behaviors without issue', () => { }, ]); }); + + test('[snyk-delta module] Is it working with unmonitored project and no vuln?', async () => { + process.argv = [ + '', + '', + path.resolve(__dirname, '..') + + '/fixtures/snyktest-gomod-unmonitored.json', + '123', + '123', + '123', + '123', + '123', + 'setPassIfNoBaselineFlag', + ]; + const response = await main(); + expect(response).toEqual([ + { + status: { + context: 'Snyk Prevent (playground - go.mod)', + description: 'No new issue found', + state: 'success', + // eslint-disable-next-line + target_url: 'https://app.snyk.io/org/playground/projects', + }, + prComment: {}, + }, + ]); + }); }); describe('Testing behaviors with issue(s)', () => {