MVP-318: Vuln Report Fixes (#140)

bcgov · Jul 10, 2024 · 7fd84b6 · 7fd84b6
2 parents 0e08126 + 0feaaf7
commit 7fd84b6
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 5 deletions.
diff --git a/.github/helpers/npm-audit/create-report.cjs b/.github/helpers/npm-audit/create-report.cjs
@@ -199,7 +199,7 @@ const escapeForGitHubActions = (str) =>
     else if (highestSeverity === 'moderate') highestSeverityColor = yellow; // Moderate
 
     // Output summary.
-    if (total ? total === 0 : metadata.vulnerabilities === 0) {
+    if ((total && total === 0) || metadata.vulnerabilities === 0) {
       results[dirPath] += `${line(noVulnerabilities)}`;
     } else {
       // Output highest severity.

diff --git a/.github/helpers/npm-audit/run-npm-audit.cjs b/.github/helpers/npm-audit/run-npm-audit.cjs
@@ -27,10 +27,13 @@ const parseDetails = (auditData) => {
     };
   });
 
-  const highestSeverity = vulnerabilities.reduce((max, vuln) => {
-    const severities = ['low', 'moderate', 'high', 'critical'];
-    return severities.indexOf(vuln.severity) > severities.indexOf(max) ? vuln.severity : max;
-  }, 'low');
+  const highestSeverity =
+    vulnerabilities.length === 0
+      ? null
+      : vulnerabilities.reduce((max, vuln) => {
+          const severities = ['low', 'moderate', 'high', 'critical'];
+          return severities.indexOf(vuln.severity) > severities.indexOf(max) ? vuln.severity : max;
+        }, 'low');
 
   return {
     vulnerabilities,