-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
33 lines (26 loc) · 1.01 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
const core = require('@actions/core')
const github = require('@actions/github')
try {
// Stringified JSON data
const stringifiedJSON = core.getInput('data')
const data = JSON.parse(stringifiedJSON)
// Start building markdown
let md = '# Composer Security Vulnerability Detected\n'
md = md.concat('New vulnerabilities have been found in composer.lock.\n')
Object.entries(data).forEach(([key, value]) => {
md = md.concat('## ', key, '\n')
md = md.concat('**Version:** ', value.version, '\n\n')
md = md.concat('**Advisories:**\n\n')
Object.entries(value.advisories).forEach(([k, v]) => {
md = md.concat(v.title, '\n\n')
md = md.concat(v.link, '\n\n')
md = md.concat(v.cve, '\n\n')
md = md.concat('\n--------------------------------------------------------------\n')
})
})
core.setOutput('md-data', md)
// Get the JSON webhook payload for the event that triggered the workflow
const payload = JSON.stringify(github.context.payload, undefined, 2)
} catch (error) {
core.setFailed(error.message)
}