Add alert URLs to output

hypothesis · Oct 29, 2023 · 2bcd311 · 2bcd311
1 parent 16778a8
commit 2bcd311
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 10 deletions.
diff --git a/src/dependabot_alerts/cli.py b/src/dependabot_alerts/cli.py
@@ -31,13 +31,13 @@ def cli(argv=None):
         )
         for alert in alerts:
             print(
-                f"- <{alert.repo_html_url}/security/dependabot/|{alert.repo_full_name}>, `{alert.ghsa_id}` ({len(alert.duplicates) + 1}) alerts): `{alert.package}` {alert.summary}"
+                f"- <{alert.html_url}|{alert.repo_full_name} {alert.ghsa_id}>, ({len(alert.duplicates) + 1} alerts): `{alert.package}` {alert.summary}"
             )
         print(
             "\nMessage generated by the `alerts.yml` workflow <https://github.com/hypothesis/dependabot-alerts/blob/main/.github/workflows/alert.yml|in dependabot-alerts>"
         )
     elif alerts:
         for alert in alerts:
             print(
-                f"{alert.repo_full_name}, {alert.ghsa_id} ({len(alert.duplicates) + 1} alerts): {alert.package} {alert.summary}"
+                f"{alert.repo_full_name}, {alert.ghsa_id} ({len(alert.duplicates) + 1} alerts): {alert.package} {alert.summary} {alert.html_url}"
             )
diff --git a/src/dependabot_alerts/core.py b/src/dependabot_alerts/core.py
@@ -8,8 +8,8 @@
 @dataclass(frozen=True)
 class Alert:
     repo_full_name: str | None
-    repo_html_url: str | None = field(compare=False, repr=False)
     ghsa_id: str | None
+    html_url: str | None = field(compare=False)
     package: str | None = field(compare=False)
     manifest_path: str | None = field(compare=False)
     summary: str | None = field(compare=False)
@@ -19,8 +19,8 @@ class Alert:
     def make(cls, alert_dict):
         return cls(
             repo_full_name=alert_dict["repository"]["full_name"],
-            repo_html_url=alert_dict["repository"]["html_url"],
             ghsa_id=alert_dict["security_advisory"]["ghsa_id"],
+            html_url=alert_dict["html_url"],
             package=alert_dict["dependency"]["package"]["name"],
             manifest_path=alert_dict["dependency"]["manifest_path"],
             summary=alert_dict["security_advisory"]["summary"],

diff --git a/tests/conftest.py b/tests/conftest.py
@@ -15,10 +15,10 @@ class Meta:
     organization = factory.Sequence(lambda n: f"organization-{n}")
     repo = factory.Sequence(lambda n: f"repo-{n}")
     repo_full_name = factory.LazyAttribute(lambda o: f"{o.organization}/{o.repo}")
-    repo_html_url = factory.LazyAttribute(
-        lambda o: f"https://github.com/hypothesis/{o.organization}/{o.repo}"
-    )
     ghsa_id = factory.Sequence(lambda n: f"GHSA-{n}")
+    html_url = factory.LazyAttributeSequence(
+        lambda o, n: f"https://github.com/{o.organization}/{o.repo}/security/dependabot/{n}"
+    )
     package = factory.Sequence(lambda n: f"package-{n}")
     manifest_path = factory.Sequence(lambda n: f"manifest_path-{n}")
     summary = factory.Sequence(lambda n: f"summary-{n}")
@@ -37,15 +37,14 @@ def post(obj, *_args, **_kwargs):  # pylint:disable=no-self-argument
         """Transform the generated dict into the format returned by the GitHub API."""
         # pylint:disable=no-member
         repo_full_name = obj.pop("repo_full_name")
-        repo_html_url = obj.pop("repo_html_url")
         ghsa_id = obj.pop("ghsa_id")
         package = obj.pop("package")
         manifest_path = obj.pop("manifest_path")
         summary = obj.pop("summary")
         del obj["duplicates"]
 
         # Serialise a dict in the format returned by the GitHub API.
-        obj["repository"] = {"full_name": repo_full_name, "html_url": repo_html_url}
+        obj["repository"] = {"full_name": repo_full_name}
         obj["dependency"] = {
             "package": {
                 "name": package,

diff --git a/tests/unit/dependabot_alerts/cli_test.py b/tests/unit/dependabot_alerts/cli_test.py
@@ -14,7 +14,7 @@ def test_it(GitHub, github, subprocess, capsys):
     assert captured.out == "\n".join(
         [
             *[
-                f"{alert.repo_full_name}, {alert.ghsa_id} ({len(alert.duplicates) + 1} alerts): {alert.package} {alert.summary}"
+                f"{alert.repo_full_name}, {alert.ghsa_id} ({len(alert.duplicates) + 1} alerts): {alert.package} {alert.summary} {alert.html_url}"
                 for alert in github.alerts.return_value
             ],
             "",