Adjusts headlines and formatting for license issues

This commit is contained in:
David Losert
2023-02-28 12:28:20 +00:00
committed by GitHub
parent 6315b3822f
commit 1090cda9d5
3 changed files with 44 additions and 43 deletions
+10 -10
View File
@@ -27,7 +27,7 @@ const defaultConfig: ConfigurationOptions = {
comment_summary_in_pr: true
}
test('prints headline as h2', () => {
test('prints headline as h1', () => {
summary.addSummaryToSummary(
emptyChanges,
emptyInvalidLicenseChanges,
@@ -35,7 +35,7 @@ test('prints headline as h2', () => {
)
const text = core.summary.stringify()
expect(text).toContain('<h2>Dependency Review</h2>')
expect(text).toContain('<h1>Dependency Review</h1>')
})
test('only includes "No vulnerabilities or license issues found"-message if both are configured and nothing was found', () => {
@@ -149,7 +149,7 @@ test('addChangeVulnerabilitiesToSummary() - includes all vulnerabilities', () =>
summary.addChangeVulnerabilitiesToSummary(changes, 'low')
const text = core.summary.stringify()
expect(text).toContain('<h3>Vulnerabilities</h3>')
expect(text).toContain('<h2>Vulnerabilities</h2>')
expect(text).toContain('lodash')
expect(text).toContain('underscore')
})
@@ -229,10 +229,10 @@ test('addLicensesToSummary() - includes all license issues', () => {
summary.addLicensesToSummary(licenseIssues, defaultConfig)
const text = core.summary.stringify()
expect(text).toContain('<h3>License Issues</h3>')
expect(text).toContain('<h4>Incompatible Licenses</h4>')
expect(text).toContain('<h4>Unknown Licenses</h4>')
expect(text).toContain('<h4>Invalid SPDX License Definitions</h4>')
expect(text).toContain('<h2>License Issues</h2>')
expect(text).toContain('<h3>Incompatible Licenses</h3>')
expect(text).toContain('<h3>Unknown Licenses</h3>')
expect(text).toContain('<h3>Invalid SPDX License Definitions</h3>')
})
test('addLicensesToSummary() - does not include specific license type sub-section if nothing is found', () => {
@@ -245,9 +245,9 @@ test('addLicensesToSummary() - does not include specific license type sub-sectio
summary.addLicensesToSummary(licenseIssues, defaultConfig)
const text = core.summary.stringify()
expect(text).not.toContain('<h4>Incompatible Licenses</h4>')
expect(text).not.toContain('<h4>Unknown Licenses</h4>')
expect(text).toContain('<h4>Invalid SPDX License Definitions</h4>')
expect(text).not.toContain('<h3>Incompatible Licenses</h3>')
expect(text).not.toContain('<h3>Unknown Licenses</h3>')
expect(text).toContain('<h3>Invalid SPDX License Definitions</h3>')
})
test('addLicensesToSummary() - includes list of configured allowed licenses', () => {
+11 -11
View File
@@ -27,14 +27,12 @@ const createExampleSummaries = async (): Promise<void> => {
}
const createNonIssueSummary = async (): Promise<void> => {
summary.addSummaryToSummary(
await createSummary(
[],
{forbidden: [], unresolved: [], unlicensed: []},
defaultConfig
defaultConfig,
'non-issue-summary.md'
)
const text = core.summary.stringify()
await fs.promises.writeFile(path.resolve(tmpDir, 'green-summary.md'), text)
}
const createFullSummary = async (): Promise<void> => {
@@ -61,15 +59,15 @@ const createFullSummary = async (): Promise<void> => {
]
}
const text = createSummary(changes, licenses, defaultConfig)
await fs.promises.writeFile(path.resolve(tmpDir, 'full-summary.md'), text)
await createSummary(changes, licenses, defaultConfig, 'full-summary.md')
}
function createSummary(
async function createSummary(
vulnerabilities: Changes,
licenseIssues: InvalidLicenseChanges,
config: ConfigurationOptions
): string {
config: ConfigurationOptions,
fileName: string
): Promise<void> {
summary.addSummaryToSummary(vulnerabilities, licenseIssues, config)
summary.addChangeVulnerabilitiesToSummary(
vulnerabilities,
@@ -87,8 +85,10 @@ function createSummary(
summary.addScannedDependencies(allChanges)
const text = core.summary.stringify()
await fs.promises.writeFile(path.resolve(tmpDir, fileName), text, {
flag: 'w'
})
core.summary.emptyBuffer()
return text
}
createExampleSummaries()
+23 -22
View File
@@ -11,14 +11,14 @@ const icons = {
}
export function addSummaryToSummary(
addedPackages: Changes,
vulnerableChanges: Changes,
invalidLicenseChanges: InvalidLicenseChanges,
config: ConfigurationOptions
): void {
core.summary.addHeading('Dependency Review', 2)
core.summary.addHeading('Dependency Review', 1)
if (
addedPackages.length === 0 &&
vulnerableChanges.length === 0 &&
countLicenseIssues(invalidLicenseChanges) === 0
) {
if (!config.license_check) {
@@ -39,43 +39,44 @@ export function addSummaryToSummary(
.addList([
...(config.vulnerability_check
? [
`${checkOrFailIcon(addedPackages.length)} ${
addedPackages.length
`${checkOrFailIcon(vulnerableChanges.length)} ${
vulnerableChanges.length
} vulnerable package(s)`
]
: []),
...(config.license_check
? [
`${checkOrFailIcon(invalidLicenseChanges.unresolved.length)} ${
invalidLicenseChanges.unresolved.length
} package(s) with invalid SPDX license definitions`,
`${checkOrFailIcon(invalidLicenseChanges.forbidden.length)} ${
invalidLicenseChanges.forbidden.length
} package(s) with incompatible licenses`,
`${checkOrFailIcon(invalidLicenseChanges.unresolved.length)} ${
invalidLicenseChanges.unresolved.length
} package(s) with invalid SPDX license definitions`,
`${checkOrWarnIcon(invalidLicenseChanges.unlicensed.length)} ${
invalidLicenseChanges.unlicensed.length
} package(s) with unknown licenses.`
]
: [])
])
.addRaw('See the Details below.')
}
export function addChangeVulnerabilitiesToSummary(
addedPackages: Changes,
vulnerableChanges: Changes,
severity: string
): void {
if (addedPackages.length === 0) {
if (vulnerableChanges.length === 0) {
return
}
const rows: SummaryTableRow[] = []
const manifests = getManifestsSet(addedPackages)
const manifests = getManifestsSet(vulnerableChanges)
core.summary.addHeading('Vulnerabilities', 3)
core.summary.addHeading('Vulnerabilities', 2)
for (const manifest of manifests) {
for (const change of addedPackages.filter(
for (const change of vulnerableChanges.filter(
pkg => pkg.manifest === manifest
)) {
let previous_package = ''
@@ -103,7 +104,7 @@ export function addChangeVulnerabilitiesToSummary(
previous_version = change.version
}
}
core.summary.addHeading(`<em>${manifest}</em>`, 3).addTable([
core.summary.addHeading(`<em>${manifest}</em>`, 4).addTable([
[
{data: 'Name', header: true},
{data: 'Version', header: true},
@@ -129,7 +130,7 @@ export function addLicensesToSummary(
return
}
core.summary.addHeading('License Issues', 3)
core.summary.addHeading('License Issues', 2)
if (config.allow_licenses && config.allow_licenses.length > 0) {
core.summary.addQuote(
@@ -151,21 +152,23 @@ export function addLicensesToSummary(
)
printLicenseViolation(
'Incompatible Licenses',
`Incompatible Licenses`,
invalidLicenseChanges.forbidden
)
printLicenseViolation('Unknown Licenses', invalidLicenseChanges.unlicensed)
printLicenseViolation(
'Invalid SPDX License Definitions',
`Invalid SPDX License Definitions`,
invalidLicenseChanges.unresolved
)
printLicenseViolation(`Unknown Licenses`, invalidLicenseChanges.unlicensed)
core.summary.addSeparator()
}
function printLicenseViolation(heading: string, changes: Changes): void {
if (changes.length === 0) {
return
}
core.summary.addHeading(heading, 4).addSeparator()
core.summary.addSeparator()
core.summary.addHeading(heading, 3)
const rows: SummaryTableRow[] = []
const manifests = getManifestsSet(changes)
@@ -196,9 +199,7 @@ export function addScannedDependencies(changes: Changes): void {
const dependencies = groupDependenciesByManifest(changes)
const manifests = dependencies.keys()
const summary = core.summary
.addHeading('Scanned Dependencies', 3)
.addHeading(`We scanned ${dependencies.size} manifest files:`, 5)
const summary = core.summary.addHeading('Scanned Manifest Files', 2)
for (const manifest of manifests) {
const deps = dependencies.get(manifest)