diff --git a/__tests__/summary.test.ts b/__tests__/summary.test.ts
index 6ea8149..e94813d 100644
--- a/__tests__/summary.test.ts
+++ b/__tests__/summary.test.ts
@@ -27,7 +27,7 @@ const defaultConfig: ConfigurationOptions = {
comment_summary_in_pr: true
}
-test('prints headline as h2', () => {
+test('prints headline as h1', () => {
summary.addSummaryToSummary(
emptyChanges,
emptyInvalidLicenseChanges,
@@ -35,7 +35,7 @@ test('prints headline as h2', () => {
)
const text = core.summary.stringify()
- expect(text).toContain('
Dependency Review
')
+ expect(text).toContain('Dependency Review
')
})
test('only includes "No vulnerabilities or license issues found"-message if both are configured and nothing was found', () => {
@@ -149,7 +149,7 @@ test('addChangeVulnerabilitiesToSummary() - includes all vulnerabilities', () =>
summary.addChangeVulnerabilitiesToSummary(changes, 'low')
const text = core.summary.stringify()
- expect(text).toContain('Vulnerabilities
')
+ expect(text).toContain('Vulnerabilities
')
expect(text).toContain('lodash')
expect(text).toContain('underscore')
})
@@ -229,10 +229,10 @@ test('addLicensesToSummary() - includes all license issues', () => {
summary.addLicensesToSummary(licenseIssues, defaultConfig)
const text = core.summary.stringify()
- expect(text).toContain('License Issues
')
- expect(text).toContain('Incompatible Licenses
')
- expect(text).toContain('Unknown Licenses
')
- expect(text).toContain('Invalid SPDX License Definitions
')
+ expect(text).toContain('License Issues
')
+ expect(text).toContain('Incompatible Licenses
')
+ expect(text).toContain('Unknown Licenses
')
+ expect(text).toContain('Invalid SPDX License Definitions
')
})
test('addLicensesToSummary() - does not include specific license type sub-section if nothing is found', () => {
@@ -245,9 +245,9 @@ test('addLicensesToSummary() - does not include specific license type sub-sectio
summary.addLicensesToSummary(licenseIssues, defaultConfig)
const text = core.summary.stringify()
- expect(text).not.toContain('Incompatible Licenses
')
- expect(text).not.toContain('Unknown Licenses
')
- expect(text).toContain('Invalid SPDX License Definitions
')
+ expect(text).not.toContain('Incompatible Licenses
')
+ expect(text).not.toContain('Unknown Licenses
')
+ expect(text).toContain('Invalid SPDX License Definitions
')
})
test('addLicensesToSummary() - includes list of configured allowed licenses', () => {
diff --git a/scripts/create_summary.ts b/scripts/create_summary.ts
index 90d391d..f5adcff 100644
--- a/scripts/create_summary.ts
+++ b/scripts/create_summary.ts
@@ -27,14 +27,12 @@ const createExampleSummaries = async (): Promise => {
}
const createNonIssueSummary = async (): Promise => {
- summary.addSummaryToSummary(
+ await createSummary(
[],
{forbidden: [], unresolved: [], unlicensed: []},
- defaultConfig
+ defaultConfig,
+ 'non-issue-summary.md'
)
- const text = core.summary.stringify()
-
- await fs.promises.writeFile(path.resolve(tmpDir, 'green-summary.md'), text)
}
const createFullSummary = async (): Promise => {
@@ -61,15 +59,15 @@ const createFullSummary = async (): Promise => {
]
}
- const text = createSummary(changes, licenses, defaultConfig)
- await fs.promises.writeFile(path.resolve(tmpDir, 'full-summary.md'), text)
+ await createSummary(changes, licenses, defaultConfig, 'full-summary.md')
}
-function createSummary(
+async function createSummary(
vulnerabilities: Changes,
licenseIssues: InvalidLicenseChanges,
- config: ConfigurationOptions
-): string {
+ config: ConfigurationOptions,
+ fileName: string
+): Promise {
summary.addSummaryToSummary(vulnerabilities, licenseIssues, config)
summary.addChangeVulnerabilitiesToSummary(
vulnerabilities,
@@ -87,8 +85,10 @@ function createSummary(
summary.addScannedDependencies(allChanges)
const text = core.summary.stringify()
+ await fs.promises.writeFile(path.resolve(tmpDir, fileName), text, {
+ flag: 'w'
+ })
core.summary.emptyBuffer()
- return text
}
createExampleSummaries()
diff --git a/src/summary.ts b/src/summary.ts
index 1ce5bc1..031da5d 100644
--- a/src/summary.ts
+++ b/src/summary.ts
@@ -11,14 +11,14 @@ const icons = {
}
export function addSummaryToSummary(
- addedPackages: Changes,
+ vulnerableChanges: Changes,
invalidLicenseChanges: InvalidLicenseChanges,
config: ConfigurationOptions
): void {
- core.summary.addHeading('Dependency Review', 2)
+ core.summary.addHeading('Dependency Review', 1)
if (
- addedPackages.length === 0 &&
+ vulnerableChanges.length === 0 &&
countLicenseIssues(invalidLicenseChanges) === 0
) {
if (!config.license_check) {
@@ -39,43 +39,44 @@ export function addSummaryToSummary(
.addList([
...(config.vulnerability_check
? [
- `${checkOrFailIcon(addedPackages.length)} ${
- addedPackages.length
+ `${checkOrFailIcon(vulnerableChanges.length)} ${
+ vulnerableChanges.length
} vulnerable package(s)`
]
: []),
...(config.license_check
? [
- `${checkOrFailIcon(invalidLicenseChanges.unresolved.length)} ${
- invalidLicenseChanges.unresolved.length
- } package(s) with invalid SPDX license definitions`,
`${checkOrFailIcon(invalidLicenseChanges.forbidden.length)} ${
invalidLicenseChanges.forbidden.length
} package(s) with incompatible licenses`,
+ `${checkOrFailIcon(invalidLicenseChanges.unresolved.length)} ${
+ invalidLicenseChanges.unresolved.length
+ } package(s) with invalid SPDX license definitions`,
`${checkOrWarnIcon(invalidLicenseChanges.unlicensed.length)} ${
invalidLicenseChanges.unlicensed.length
} package(s) with unknown licenses.`
]
: [])
])
+ .addRaw('See the Details below.')
}
export function addChangeVulnerabilitiesToSummary(
- addedPackages: Changes,
+ vulnerableChanges: Changes,
severity: string
): void {
- if (addedPackages.length === 0) {
+ if (vulnerableChanges.length === 0) {
return
}
const rows: SummaryTableRow[] = []
- const manifests = getManifestsSet(addedPackages)
+ const manifests = getManifestsSet(vulnerableChanges)
- core.summary.addHeading('Vulnerabilities', 3)
+ core.summary.addHeading('Vulnerabilities', 2)
for (const manifest of manifests) {
- for (const change of addedPackages.filter(
+ for (const change of vulnerableChanges.filter(
pkg => pkg.manifest === manifest
)) {
let previous_package = ''
@@ -103,7 +104,7 @@ export function addChangeVulnerabilitiesToSummary(
previous_version = change.version
}
}
- core.summary.addHeading(`${manifest}`, 3).addTable([
+ core.summary.addHeading(`${manifest}`, 4).addTable([
[
{data: 'Name', header: true},
{data: 'Version', header: true},
@@ -129,7 +130,7 @@ export function addLicensesToSummary(
return
}
- core.summary.addHeading('License Issues', 3)
+ core.summary.addHeading('License Issues', 2)
if (config.allow_licenses && config.allow_licenses.length > 0) {
core.summary.addQuote(
@@ -151,21 +152,23 @@ export function addLicensesToSummary(
)
printLicenseViolation(
- 'Incompatible Licenses',
+ `Incompatible Licenses`,
invalidLicenseChanges.forbidden
)
- printLicenseViolation('Unknown Licenses', invalidLicenseChanges.unlicensed)
printLicenseViolation(
- 'Invalid SPDX License Definitions',
+ `Invalid SPDX License Definitions`,
invalidLicenseChanges.unresolved
)
+ printLicenseViolation(`Unknown Licenses`, invalidLicenseChanges.unlicensed)
+ core.summary.addSeparator()
}
function printLicenseViolation(heading: string, changes: Changes): void {
if (changes.length === 0) {
return
}
- core.summary.addHeading(heading, 4).addSeparator()
+ core.summary.addSeparator()
+ core.summary.addHeading(heading, 3)
const rows: SummaryTableRow[] = []
const manifests = getManifestsSet(changes)
@@ -196,9 +199,7 @@ export function addScannedDependencies(changes: Changes): void {
const dependencies = groupDependenciesByManifest(changes)
const manifests = dependencies.keys()
- const summary = core.summary
- .addHeading('Scanned Dependencies', 3)
- .addHeading(`We scanned ${dependencies.size} manifest files:`, 5)
+ const summary = core.summary.addHeading('Scanned Manifest Files', 2)
for (const manifest of manifests) {
const deps = dependencies.get(manifest)