Skip to content

Commit

Permalink
fix(plugin-js-packages): omit unspecified direct dependency
Browse files Browse the repository at this point in the history
  • Loading branch information
@Tlacenka
Tlacenka committed Apr 30, 2024
1 parent 901403a commit 820c350
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 2 deletions.
3 changes: 2 additions & 1 deletion packages/plugin-js-packages/src/lib/runner/audit/transform.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,8 @@ export function vulnerabilitiesToIssues(
? '**all** versions'
: `versions **${detail.versionRange}**`;
const directDependency =
typeof detail.directDependency === 'string'
typeof detail.directDependency === 'string' &&
detail.directDependency !== ''
? `\`${detail.directDependency}\``
: '';
const depHierarchy =
Expand Down
20 changes: 19 additions & 1 deletion packages/plugin-js-packages/src/lib/runner/audit/transform.unit.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -279,12 +279,30 @@ describe('vulnerabilitiesToIssues', () => {
).toEqual<Issue[]>([
expect.objectContaining({
message: expect.stringContaining(
"`cypress`' dependency `@cypress/request`",
"`cypress`' dependency `@cypress/request` has",
),
}),
]);
});

it('should omit direct dependency when not provided', () => {
expect(
vulnerabilitiesToIssues(
[
{
name: 'semver',
directDependency: '',
},
] as Vulnerability[],
defaultAuditLevelMapping,
),
).toEqual<Issue[]>([
expect.objectContaining({
message: expect.stringContaining('`semver` dependency has'),
}),
]);
});

it('should correctly map vulnerability level to issue severity', () => {
expect(
vulnerabilitiesToIssues(
Expand Down

0 comments on commit 820c350

Please sign in to comment.