Add severity to output

hypothesis · Oct 29, 2023 · ac7eacf · ac7eacf
1 parent 2bcd311
commit ac7eacf
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 5 deletions.
diff --git a/src/dependabot_alerts/cli.py b/src/dependabot_alerts/cli.py
@@ -31,13 +31,13 @@ def cli(argv=None):
         )
         for alert in alerts:
             print(
-                f"- <{alert.html_url}|{alert.repo_full_name} {alert.ghsa_id}>, ({len(alert.duplicates) + 1} alerts): `{alert.package}` {alert.summary}"
+                f"- <{alert.html_url}|{alert.repo_full_name} {alert.ghsa_id}>, ({len(alert.duplicates) + 1} alerts): severity {alert.severity} `{alert.package}` {alert.summary}"
             )
         print(
             "\nMessage generated by the `alerts.yml` workflow <https://github.com/hypothesis/dependabot-alerts/blob/main/.github/workflows/alert.yml|in dependabot-alerts>"
         )
     elif alerts:
         for alert in alerts:
             print(
-                f"{alert.repo_full_name}, {alert.ghsa_id} ({len(alert.duplicates) + 1} alerts): {alert.package} {alert.summary} {alert.html_url}"
+                f"{alert.repo_full_name}, {alert.ghsa_id} ({len(alert.duplicates) + 1} alerts): severity:{alert.severity} {alert.package} {alert.summary} {alert.html_url}"
             )
diff --git a/src/dependabot_alerts/core.py b/src/dependabot_alerts/core.py
@@ -6,13 +6,14 @@
 
 
 @dataclass(frozen=True)
-class Alert:
+class Alert:  # pylint:disable=too-many-instance-attributes
     repo_full_name: str | None
     ghsa_id: str | None
     html_url: str | None = field(compare=False)
     package: str | None = field(compare=False)
     manifest_path: str | None = field(compare=False)
     summary: str | None = field(compare=False)
+    severity: str | None = field(compare=False)
     duplicates: list[Alert] = field(compare=False, default_factory=list)
 
     @classmethod
@@ -24,6 +25,7 @@ def make(cls, alert_dict):
             package=alert_dict["dependency"]["package"]["name"],
             manifest_path=alert_dict["dependency"]["manifest_path"],
             summary=alert_dict["security_advisory"]["summary"],
+            severity=alert_dict["security_advisory"]["severity"],
         )
 
 

diff --git a/tests/conftest.py b/tests/conftest.py
@@ -22,6 +22,7 @@ class Meta:
     package = factory.Sequence(lambda n: f"package-{n}")
     manifest_path = factory.Sequence(lambda n: f"manifest_path-{n}")
     summary = factory.Sequence(lambda n: f"summary-{n}")
+    severity = "high"
     duplicates = factory.LazyFunction(list)
 
 
@@ -41,6 +42,7 @@ def post(obj, *_args, **_kwargs):  # pylint:disable=no-self-argument
         package = obj.pop("package")
         manifest_path = obj.pop("manifest_path")
         summary = obj.pop("summary")
+        severity = obj.pop("severity")
         del obj["duplicates"]
 
         # Serialise a dict in the format returned by the GitHub API.
@@ -51,4 +53,8 @@ def post(obj, *_args, **_kwargs):  # pylint:disable=no-self-argument
             },
             "manifest_path": manifest_path,
         }
-        obj["security_advisory"] = {"ghsa_id": ghsa_id, "summary": summary}
+        obj["security_advisory"] = {
+            "ghsa_id": ghsa_id,
+            "summary": summary,
+            "severity": severity,
+        }
diff --git a/tests/unit/dependabot_alerts/cli_test.py b/tests/unit/dependabot_alerts/cli_test.py
@@ -14,7 +14,7 @@ def test_it(GitHub, github, subprocess, capsys):
     assert captured.out == "\n".join(
         [
             *[
-                f"{alert.repo_full_name}, {alert.ghsa_id} ({len(alert.duplicates) + 1} alerts): {alert.package} {alert.summary} {alert.html_url}"
+                f"{alert.repo_full_name}, {alert.ghsa_id} ({len(alert.duplicates) + 1} alerts): severity:{alert.severity} {alert.package} {alert.summary} {alert.html_url}"
                 for alert in github.alerts.return_value
             ],
             "",