-
Notifications
You must be signed in to change notification settings - Fork 76
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for code suppression fields #192
base: main
Are you sure you want to change the base?
Conversation
279d5dc
to
8a1a007
Compare
ignoredOn: suppression.properties?.ignoredOn, | ||
ignoredBy: suppression.properties?.ignoredBy, | ||
}; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
issue: We should add explicit fallback values here for each of the optional values. This would be particularly useful for the ignoredBy property which is an object we use in templates. For example:
ignoredBy: suppression.properties?.ignoredBy || {
name: 'unknown',
email: '?'
}
Alternatively we could return null for ignoredBy and then the templates should guard against this scenario by gating each ignoredBy.propertyName
lookup with a #if suppression.ignoredBy
src/lib/snyk-to-html.ts
Outdated
OrderedIssuesArray.forEach(project => { | ||
project.vulnerabilities = project.vulnerabilities.map(vuln => { | ||
if (vuln.suppressions && vuln.suppressions.length > 0) { | ||
vuln.suppression = processSuppression(vuln.suppressions[0]); | ||
} | ||
return vuln; | ||
}).sort((a, b) => { | ||
if (a.suppression && !b.suppression) return 1; | ||
if (!a.suppression && b.suppression) return -1; | ||
return 0; | ||
}); | ||
}); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
suggestion: We only need to perform this sort option if one or more of the project vulnerabilities had suppression data. So we could skip this step if hasSuppressedVulns = false
within the forEach loop.
OrderedIssuesArray.forEach(project => { | |
project.vulnerabilities = project.vulnerabilities.map(vuln => { | |
if (vuln.suppressions && vuln.suppressions.length > 0) { | |
vuln.suppression = processSuppression(vuln.suppressions[0]); | |
} | |
return vuln; | |
}).sort((a, b) => { | |
if (a.suppression && !b.suppression) return 1; | |
if (!a.suppression && b.suppression) return -1; | |
return 0; | |
}); | |
}); | |
OrderedIssuesArray.forEach(project => { | |
let hasSuppressedVulns = false; | |
const projectVulns = project.vulnerabilities.map(vuln => { | |
if (vuln.suppressions && vuln.suppressions.length > 0) { | |
hasSuppressedVulns = true; | |
vuln.suppression = processSuppression(vuln.suppressions[0]); | |
} | |
return vuln; | |
}); | |
if (!hasSuppressedVulns) { | |
project.vulnerabilities = projectVulns; | |
return; // Early return if no suppressions | |
} | |
// Sort only if necessary | |
projectVulns.sort((a, b) => { | |
if (a.suppression && !b.suppression) return 1; | |
if (!a.suppression && b.suppression) return -1; | |
return 0; | |
}); | |
project.vulnerabilities = projectVulns; | |
}); |
@@ -36,6 +36,43 @@ | |||
<h2 class="card__panel__heading"><span class="heading-char">✓</span> Fix Analysis</h2> | |||
<div class="card__panel__markdown">{{{markdown ruleiddesc.help.markdown}}}</div> | |||
</div> | |||
{{#if suppression}} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
praise: This gating is good and will ensure our other customers do not get the information.
(report) => { | ||
t.contains( | ||
report, | ||
'<div class="suppression-card">', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
suggestion: To better protect ourselves from introducing a regression we could add a guard assertion to one of our existing test cases to check that the output doesNotHave
<div class="suppression-card">
in the output.
color: #333; | ||
} | ||
|
||
.user-initial { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
question: Should this be namespaced under .suppression-card
?
This changes the issue count, adds a card for suppressions, and also moves any suppressed issues to the end of the list.
@thisislawatts I thought I had pushed these changes a week ago.. I think this addresses everything we talked about |
This changes the issue count, adds a card for suppressions, and also moves any suppressed issues to the end of the list.
What this does
Customer with code consistent ignores and who are using snyk-to-html want to see the fact they have ignored things be reflected in the snyk-to-html output. This PR does three things:
Notes for the reviewer
Instructions on how to run this locally, background context, what to review, questions…
More information
Screenshots
Visuals that may help the reviewer
unified-ignores.html.zip