diff --git a/__tests__/summary.test.ts b/__tests__/summary.test.ts index 6ea8149..e94813d 100644 --- a/__tests__/summary.test.ts +++ b/__tests__/summary.test.ts @@ -27,7 +27,7 @@ const defaultConfig: ConfigurationOptions = { comment_summary_in_pr: true } -test('prints headline as h2', () => { +test('prints headline as h1', () => { summary.addSummaryToSummary( emptyChanges, emptyInvalidLicenseChanges, @@ -35,7 +35,7 @@ test('prints headline as h2', () => { ) const text = core.summary.stringify() - expect(text).toContain('

Dependency Review

') + expect(text).toContain('

Dependency Review

') }) test('only includes "No vulnerabilities or license issues found"-message if both are configured and nothing was found', () => { @@ -149,7 +149,7 @@ test('addChangeVulnerabilitiesToSummary() - includes all vulnerabilities', () => summary.addChangeVulnerabilitiesToSummary(changes, 'low') const text = core.summary.stringify() - expect(text).toContain('

Vulnerabilities

') + expect(text).toContain('

Vulnerabilities

') expect(text).toContain('lodash') expect(text).toContain('underscore') }) @@ -229,10 +229,10 @@ test('addLicensesToSummary() - includes all license issues', () => { summary.addLicensesToSummary(licenseIssues, defaultConfig) const text = core.summary.stringify() - expect(text).toContain('

License Issues

') - expect(text).toContain('

Incompatible Licenses

') - expect(text).toContain('

Unknown Licenses

') - expect(text).toContain('

Invalid SPDX License Definitions

') + expect(text).toContain('

License Issues

') + expect(text).toContain('

Incompatible Licenses

') + expect(text).toContain('

Unknown Licenses

') + expect(text).toContain('

Invalid SPDX License Definitions

') }) test('addLicensesToSummary() - does not include specific license type sub-section if nothing is found', () => { @@ -245,9 +245,9 @@ test('addLicensesToSummary() - does not include specific license type sub-sectio summary.addLicensesToSummary(licenseIssues, defaultConfig) const text = core.summary.stringify() - expect(text).not.toContain('

Incompatible Licenses

') - expect(text).not.toContain('

Unknown Licenses

') - expect(text).toContain('

Invalid SPDX License Definitions

') + expect(text).not.toContain('

Incompatible Licenses

') + expect(text).not.toContain('

Unknown Licenses

') + expect(text).toContain('

Invalid SPDX License Definitions

') }) test('addLicensesToSummary() - includes list of configured allowed licenses', () => { diff --git a/scripts/create_summary.ts b/scripts/create_summary.ts index 90d391d..f5adcff 100644 --- a/scripts/create_summary.ts +++ b/scripts/create_summary.ts @@ -27,14 +27,12 @@ const createExampleSummaries = async (): Promise => { } const createNonIssueSummary = async (): Promise => { - summary.addSummaryToSummary( + await createSummary( [], {forbidden: [], unresolved: [], unlicensed: []}, - defaultConfig + defaultConfig, + 'non-issue-summary.md' ) - const text = core.summary.stringify() - - await fs.promises.writeFile(path.resolve(tmpDir, 'green-summary.md'), text) } const createFullSummary = async (): Promise => { @@ -61,15 +59,15 @@ const createFullSummary = async (): Promise => { ] } - const text = createSummary(changes, licenses, defaultConfig) - await fs.promises.writeFile(path.resolve(tmpDir, 'full-summary.md'), text) + await createSummary(changes, licenses, defaultConfig, 'full-summary.md') } -function createSummary( +async function createSummary( vulnerabilities: Changes, licenseIssues: InvalidLicenseChanges, - config: ConfigurationOptions -): string { + config: ConfigurationOptions, + fileName: string +): Promise { summary.addSummaryToSummary(vulnerabilities, licenseIssues, config) summary.addChangeVulnerabilitiesToSummary( vulnerabilities, @@ -87,8 +85,10 @@ function createSummary( summary.addScannedDependencies(allChanges) const text = core.summary.stringify() + await fs.promises.writeFile(path.resolve(tmpDir, fileName), text, { + flag: 'w' + }) core.summary.emptyBuffer() - return text } createExampleSummaries() diff --git a/src/summary.ts b/src/summary.ts index 1ce5bc1..031da5d 100644 --- a/src/summary.ts +++ b/src/summary.ts @@ -11,14 +11,14 @@ const icons = { } export function addSummaryToSummary( - addedPackages: Changes, + vulnerableChanges: Changes, invalidLicenseChanges: InvalidLicenseChanges, config: ConfigurationOptions ): void { - core.summary.addHeading('Dependency Review', 2) + core.summary.addHeading('Dependency Review', 1) if ( - addedPackages.length === 0 && + vulnerableChanges.length === 0 && countLicenseIssues(invalidLicenseChanges) === 0 ) { if (!config.license_check) { @@ -39,43 +39,44 @@ export function addSummaryToSummary( .addList([ ...(config.vulnerability_check ? [ - `${checkOrFailIcon(addedPackages.length)} ${ - addedPackages.length + `${checkOrFailIcon(vulnerableChanges.length)} ${ + vulnerableChanges.length } vulnerable package(s)` ] : []), ...(config.license_check ? [ - `${checkOrFailIcon(invalidLicenseChanges.unresolved.length)} ${ - invalidLicenseChanges.unresolved.length - } package(s) with invalid SPDX license definitions`, `${checkOrFailIcon(invalidLicenseChanges.forbidden.length)} ${ invalidLicenseChanges.forbidden.length } package(s) with incompatible licenses`, + `${checkOrFailIcon(invalidLicenseChanges.unresolved.length)} ${ + invalidLicenseChanges.unresolved.length + } package(s) with invalid SPDX license definitions`, `${checkOrWarnIcon(invalidLicenseChanges.unlicensed.length)} ${ invalidLicenseChanges.unlicensed.length } package(s) with unknown licenses.` ] : []) ]) + .addRaw('See the Details below.') } export function addChangeVulnerabilitiesToSummary( - addedPackages: Changes, + vulnerableChanges: Changes, severity: string ): void { - if (addedPackages.length === 0) { + if (vulnerableChanges.length === 0) { return } const rows: SummaryTableRow[] = [] - const manifests = getManifestsSet(addedPackages) + const manifests = getManifestsSet(vulnerableChanges) - core.summary.addHeading('Vulnerabilities', 3) + core.summary.addHeading('Vulnerabilities', 2) for (const manifest of manifests) { - for (const change of addedPackages.filter( + for (const change of vulnerableChanges.filter( pkg => pkg.manifest === manifest )) { let previous_package = '' @@ -103,7 +104,7 @@ export function addChangeVulnerabilitiesToSummary( previous_version = change.version } } - core.summary.addHeading(`${manifest}`, 3).addTable([ + core.summary.addHeading(`${manifest}`, 4).addTable([ [ {data: 'Name', header: true}, {data: 'Version', header: true}, @@ -129,7 +130,7 @@ export function addLicensesToSummary( return } - core.summary.addHeading('License Issues', 3) + core.summary.addHeading('License Issues', 2) if (config.allow_licenses && config.allow_licenses.length > 0) { core.summary.addQuote( @@ -151,21 +152,23 @@ export function addLicensesToSummary( ) printLicenseViolation( - 'Incompatible Licenses', + `Incompatible Licenses`, invalidLicenseChanges.forbidden ) - printLicenseViolation('Unknown Licenses', invalidLicenseChanges.unlicensed) printLicenseViolation( - 'Invalid SPDX License Definitions', + `Invalid SPDX License Definitions`, invalidLicenseChanges.unresolved ) + printLicenseViolation(`Unknown Licenses`, invalidLicenseChanges.unlicensed) + core.summary.addSeparator() } function printLicenseViolation(heading: string, changes: Changes): void { if (changes.length === 0) { return } - core.summary.addHeading(heading, 4).addSeparator() + core.summary.addSeparator() + core.summary.addHeading(heading, 3) const rows: SummaryTableRow[] = [] const manifests = getManifestsSet(changes) @@ -196,9 +199,7 @@ export function addScannedDependencies(changes: Changes): void { const dependencies = groupDependenciesByManifest(changes) const manifests = dependencies.keys() - const summary = core.summary - .addHeading('Scanned Dependencies', 3) - .addHeading(`We scanned ${dependencies.size} manifest files:`, 5) + const summary = core.summary.addHeading('Scanned Manifest Files', 2) for (const manifest of manifests) { const deps = dependencies.get(manifest)