Merge pull request #177 from snyk-tech-services/develop

release changes
snyk-tech-services · Nov 8, 2023 · d823428 · d823428
2 parents 3a933a2 + 13fe2d8
commit d823428
Show file tree

Hide file tree

Showing 7 changed files with 44 additions and 39 deletions.
diff --git a/.snyk b/.snyk
@@ -1,5 +1,5 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
-version: v1.19.0
+version: v1.25.0
 # ignores vulnerabilities until expiry date; change duration by modifying expiry date
 ignore:
   SNYK-JS-AXIOS-1579269:
@@ -9,6 +9,11 @@ ignore:
     - snyk-api-ts-client > snyk-request-manager > axios:
         reason: None given
         expires: '2021-10-03T13:14:14.049Z'
+  SNYK-JS-AXIOS-6032459:
+    - '*':
+        reason: Not applicable to this lib and tool
+        expires: 2024-01-10T00:00:00.000Z
+        created: 2023-11-08T22:43:00.182Z
 # patches apply the minimum changes required to fix a vulnerability
 patch:
   SNYK-JS-LODASH-450202:

diff --git a/src/lib/snyk/displayOutput.ts b/src/lib/snyk/displayOutput.ts
@@ -46,7 +46,7 @@ const displayNewVulns = (
       case 'high':
         console.log(
           chalk.bold.red(
-            `  ${index + 1}/${newVulns.length}: ${vuln.title} [${_.capitalize(
+            `  ${index + 1}/${newVulns.length}: ${vuln.id}:${vuln.title} [${_.capitalize(
               vuln.severity,
             )} Severity]`,
           ),
@@ -55,7 +55,7 @@ const displayNewVulns = (
       case 'medium':
         console.log(
           chalk.bold.yellow(
-            `  ${index + 1}/${newVulns.length}: ${vuln.title} [${_.capitalize(
+            `  ${index + 1}/${newVulns.length}: ${vuln.id}:${vuln.title} [${_.capitalize(
               vuln.severity,
             )} Severity]`,
           ),
@@ -64,7 +64,7 @@ const displayNewVulns = (
       case 'low':
         console.log(
           chalk.bold.blue(
-            `  ${index + 1}/${newVulns.length}: ${vuln.title} [${_.capitalize(
+            `  ${index + 1}/${newVulns.length}: ${vuln.id}:${vuln.title} [${_.capitalize(
               vuln.severity,
             )} Severity]`,
           ),
@@ -73,7 +73,7 @@ const displayNewVulns = (
       default:
         console.log(
           chalk.bold(
-            `  ${index + 1}/${newVulns.length}: ${vuln.title} [${_.capitalize(
+            `  ${index + 1}/${newVulns.length}: ${vuln.id}:${vuln.title} [${_.capitalize(
               vuln.severity,
             )} Severity]`,
           ),

diff --git a/test/lib/index-inline-no-baseline.test.ts b/test/lib/index-inline-no-baseline.test.ts
@@ -113,7 +113,7 @@ describe('Test End 2 End - Inline mode - no baseline', () => {
     const expectedOutput = [
       'New issue introduced !',
       'Security Vulnerability',
-      '  1/1: Regular Expression Denial of Service (ReDoS) [High Severity]',
+      '  1/1: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity]',
       '    Via: @snyk/[email protected] => [email protected]',
       '    Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
       '    Fixable by upgrade:  @snyk/[email protected]=>[email protected]',

diff --git a/test/lib/index-inline-with-project-coordinates.test.ts b/test/lib/index-inline-with-project-coordinates.test.ts
@@ -132,7 +132,7 @@ describe('Test End 2 End - Inline mode with project coordinates', () => {
     const expectedOutput = [
       'New issue introduced !',
       'Security Vulnerability:',
-      '  1/1: Prototype Pollution [Medium Severity]',
+      '  1/1: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
       '    Via: [email protected] => [email protected] => [email protected]',
       '    Fixed in: dot-prop 5.1.1',
       '    Fixable by upgrade:  [email protected]',

diff --git a/test/lib/index-inline.test.ts b/test/lib/index-inline.test.ts
@@ -258,7 +258,7 @@ describe('Test End 2 End - Inline mode', () => {
     const expectedOutput = [
       'New issue introduced !',
       'Security Vulnerability:',
-      '  1/1: Prototype Pollution [Medium Severity]',
+      '  1/1: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
       '    Via: [email protected] => [email protected] => [email protected]',
       '    Fixed in: dot-prop 5.1.1',
       '    Fixable by upgrade:  [email protected]',
@@ -287,7 +287,7 @@ describe('Test End 2 End - Inline mode', () => {
     const expectedOutput = [
       'New issue introduced !',
       'Security Vulnerability:',
-      '  1/1: Prototype Pollution [Medium Severity]',
+      '  1/1: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
       '    Via: [email protected] => [email protected] => [email protected]',
       '    Fixed in: dot-prop 5.1.1',
       '    Fixable by upgrade:  [email protected]',
@@ -369,7 +369,7 @@ describe('Test End 2 End - Inline mode', () => {
     const expectedOutput = [
       'New issue introduced !',
       'Security Vulnerability:',
-      '  1/1: Regular Expression Denial of Service (ReDoS) [High Severity]',
+      '  1/1: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity]',
       '    Via: @snyk/[email protected] => [email protected]',
       '    Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
       '    Fixable by upgrade:  @snyk/[email protected]=>[email protected]',
@@ -447,7 +447,7 @@ describe('Test End 2 End - Inline mode', () => {
     const expectedOutput = [
       'New issue introduced !',
       'Security Vulnerability:',
-      '  1/1: Prototype Pollution [Medium Severity]',
+      '  1/1: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
       '    Via: [email protected] => [email protected] => [email protected]',
       '    Fixed in: dot-prop 5.1.1',
       '    Fixable by upgrade:  [email protected]',

diff --git a/test/lib/index-standalone.test.ts b/test/lib/index-standalone.test.ts
@@ -209,10 +209,10 @@ describe('Test End 2 End - Standalone mode', () => {
       //'\n                                uuuuuuuuuuuuuuuuuuuu\n                              u" uuuuuuuuuuuuuuuuuu "u\n                            u" u$$$$$$$$$$$$$$$$$$$$u "u\n                          u" u$$$$$$$$$$$$$$$$$$$$$$$$u "u\n                        u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n                      u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n                    u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n                    $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n                    $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n                    $ $$$" ... "$...  ...$" ... "$$$  ... "$$$ $\n                    $ $$$u `"$$$$$$$  $$$  $$$$$  $$  $$$  $$$ $\n                    $ $$$$$$uu "$$$$  $$$  $$$$$  $$  """ u$$$ $\n                    $ $$$""$$$  $$$$  $$$u "$$$" u$$  $$$$$$$$ $\n                    $ $$$$....,$$$$$..$$$$$....,$$$$..$$$$$$$$ $\n                    $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n                    "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n                      "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n                        "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n                          "u "$$$$$$$$$$$$$$$$$$$$$$$$" u"\n                            "u "$$$$$$$$$$$$$$$$$$$$" u"\n                              "u """""""""""""""""" u"\n                                """"""""""""""""""""\n                    ',
       'New issues introduced !',
       'Security Vulnerabilities:',
-      '1/2: Prototype Pollution [Medium Severity]',
+      '1/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
       '    Via: [email protected] => [email protected] => [email protected]',
       '\n',
-      '2/2: Prototype Pollution [Medium Severity]',
+      '2/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
       '    Via: [email protected] => [email protected] => [email protected] => [email protected]',
       '\n',
     ];
@@ -304,10 +304,10 @@ describe('Test End 2 End - Standalone mode', () => {
       //'\n                                uuuuuuuuuuuuuuuuuuuu\n                              u" uuuuuuuuuuuuuuuuuu "u\n                            u" u$$$$$$$$$$$$$$$$$$$$u "u\n                          u" u$$$$$$$$$$$$$$$$$$$$$$$$u "u\n                        u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n                      u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n                    u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n                    $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n                    $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n                    $ $$$" ... "$...  ...$" ... "$$$  ... "$$$ $\n                    $ $$$u `"$$$$$$$  $$$  $$$$$  $$  $$$  $$$ $\n                    $ $$$$$$uu "$$$$  $$$  $$$$$  $$  """ u$$$ $\n                    $ $$$""$$$  $$$$  $$$u "$$$" u$$  $$$$$$$$ $\n                    $ $$$$....,$$$$$..$$$$$....,$$$$..$$$$$$$$ $\n                    $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n                    "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n                      "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n                        "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n                          "u "$$$$$$$$$$$$$$$$$$$$$$$$" u"\n                            "u "$$$$$$$$$$$$$$$$$$$$" u"\n                              "u """""""""""""""""" u"\n                                """"""""""""""""""""\n                    ',
       'New issues introduced !',
       'Security Vulnerabilities:',
-      '1/2: Prototype Pollution [Medium Severity]',
+      '1/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
       '    Via: [email protected] => [email protected] => [email protected]',
       '\n',
-      '2/2: Prototype Pollution [Medium Severity]',
+      '2/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
       '    Via: [email protected] => [email protected] => [email protected] => [email protected]',
       '\n',
     ];
@@ -401,10 +401,10 @@ describe('Test End 2 End - Standalone mode', () => {
       //'\n                                uuuuuuuuuuuuuuuuuuuu\n                              u" uuuuuuuuuuuuuuuuuu "u\n                            u" u$$$$$$$$$$$$$$$$$$$$u "u\n                          u" u$$$$$$$$$$$$$$$$$$$$$$$$u "u\n                        u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n                      u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n                    u" u$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$u "u\n                    $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n                    $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n                    $ $$$" ... "$...  ...$" ... "$$$  ... "$$$ $\n                    $ $$$u `"$$$$$$$  $$$  $$$$$  $$  $$$  $$$ $\n                    $ $$$$$$uu "$$$$  $$$  $$$$$  $$  """ u$$$ $\n                    $ $$$""$$$  $$$$  $$$u "$$$" u$$  $$$$$$$$ $\n                    $ $$$$....,$$$$$..$$$$$....,$$$$..$$$$$$$$ $\n                    $ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $\n                    "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n                      "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n                        "u "$$$$$$$$$$$$$$$$$$$$$$$$$$$$" u"\n                          "u "$$$$$$$$$$$$$$$$$$$$$$$$" u"\n                            "u "$$$$$$$$$$$$$$$$$$$$" u"\n                              "u """""""""""""""""" u"\n                                """"""""""""""""""""\n                    ',
       'New issues introduced !',
       'Security Vulnerabilities:',
-      '1/2: Prototype Pollution [Medium Severity]',
+      '1/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
       '    Via: [email protected] => [email protected] => [email protected]',
       '\n',
-      '2/2: Prototype Pollution [Medium Severity]',
+      '2/2: SNYK-JS-DOTPROP-543489:Prototype Pollution [Medium Severity]',
       '    Via: [email protected] => [email protected] => [email protected] => [email protected]',
       '\n',
     ];

diff --git a/test/lib/snyk/issues.test.ts b/test/lib/snyk/issues.test.ts
@@ -368,7 +368,7 @@ describe('Test issues functions', () => {
       const expectedOutput = [
         'New issue introduced !',
         'Security Vulnerability:',
-        '1/1: Regular Expression Denial of Service (ReDoS) [High Severity]',
+        '1/1: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity]',
         'Via: [email protected] => @snyk/[email protected] => [email protected]',
         'Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
         'Fixable by upgrade:  @snyk/[email protected]=>[email protected]',
@@ -405,43 +405,43 @@ describe('Test issues functions', () => {
       const expectedOutput = [
         'New issues introduced !',
         'Security Vulnerabilities:',
-        '1/10: Regular Expression Denial of Service (ReDoS) [Medium Severity]',
+        '1/10: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [Medium Severity]',
         'Via: [email protected] => [email protected] => @snyk/[email protected] => [email protected]',
         'Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
         'Fixable by upgrade:  @snyk/[email protected]=>[email protected]',
-        '2/10: Regular Expression Denial of Service (ReDoS) [Low Severity]',
+        '2/10: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [Low Severity]',
         'Via: [email protected] => [email protected] => @snyk/[email protected] => [email protected]',
         'Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
         'Fixable by upgrade:  @snyk/[email protected]=>[email protected]',
-        '3/10: Regular Expression Denial of Service (ReDoS) [High Severity]',
+        '3/10: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity]',
         'Via: [email protected] => [email protected] => @snyk/[email protected] => [email protected]',
         'Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
         'Fixable by upgrade:  @snyk/[email protected]=>[email protected]',
-        '4/10: Regular Expression Denial of Service (ReDoS) [High Severity]',
+        '4/10: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity]',
         'Via: [email protected] => [email protected] => @snyk/[email protected] => [email protected]',
         'Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
         'Fixable by upgrade:  @snyk/[email protected]=>[email protected]',
-        '5/10: Regular Expression Denial of Service (ReDoS) [High Severity]',
+        '5/10: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity]',
         'Via: [email protected] => [email protected] => @snyk/[email protected] => [email protected]',
         'Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
         'Fixable by upgrade:  @snyk/[email protected]=>[email protected]',
-        '6/10: Regular Expression Denial of Service (ReDoS) [High Severity]',
+        '6/10: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity]',
         'Via: [email protected] => [email protected] => @snyk/[email protected] => [email protected]',
         'Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
         'Fixable by upgrade:  @snyk/[email protected]=>[email protected]',
-        '7/10: Regular Expression Denial of Service (ReDoS) [High Severity]',
+        '7/10: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity]',
         'Via: [email protected] => [email protected] => @snyk/[email protected] => [email protected]',
         'Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
         'Fixable by upgrade:  @snyk/[email protected]=>[email protected]',
-        '8/10: Regular Expression Denial of Service (ReDoS) [High Severity]',
+        '8/10: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity]',
         'Via: [email protected] => [email protected] => @snyk/[email protected] => [email protected]',
         'Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
         'Fixable by upgrade:  @snyk/[email protected]=>[email protected]',
-        '9/10: Regular Expression Denial of Service (ReDoS) [High Severity]',
+        '9/10: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity]',
         'Via: [email protected] => [email protected] => @snyk/[email protected] => [email protected]',
         'Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
         'Fixable by upgrade:  @snyk/[email protected]=>[email protected]',
-        '10/10: Regular Expression Denial of Service (ReDoS) [High Severity]',
+        '10/10: SNYK-JS-ACORN-559469:Regular Expression Denial of Service (ReDoS) [High Severity]',
         'Via: [email protected] => [email protected] => @snyk/[email protected] => [email protected]',
         'Fixed in: acorn 5.7.4, 6.4.1, 7.1.1',
         'Fixable by upgrade:  @snyk/[email protected]=>[email protected]',
@@ -484,7 +484,7 @@ describe('Test issues functions', () => {
       const expectedOutput = [
         'New issue introduced !',
         'Security Vulnerability:',
-        '1/1: Denial of Service (DoS) [Medium Severity]',
+        '1/1: npm:ejs:20161130-1:Denial of Service (DoS) [Medium Severity]',
         'Via: [email protected] => [email protected] => [email protected]',
       ];
 
@@ -519,25 +519,25 @@ describe('Test issues functions', () => {
       const expectedOutput = [
         'New issues introduced !',
         'Security Vulnerabilities:',
-        '1/10: Denial of Service (DoS) [Medium Severity]',
+        '1/10: npm:ejs:20161130-1:Denial of Service (DoS) [Medium Severity]',
         'Via: [email protected] => [email protected] => [email protected]',
-        '2/10: Denial of Service (DoS) [Medium Severity]',
+        '2/10: npm:ejs:20161130-1:Denial of Service (DoS) [Medium Severity]',
         'Via: [email protected] => [email protected] => [email protected]',
-        '3/10: Denial of Service (DoS) [Medium Severity]',
+        '3/10: npm:ejs:20161130-1:Denial of Service (DoS) [Medium Severity]',
         'Via: [email protected] => [email protected] => [email protected]',
-        '4/10: Denial of Service (DoS) [Medium Severity]',
+        '4/10: npm:ejs:20161130-1:Denial of Service (DoS) [Medium Severity]',
         'Via: [email protected] => [email protected] => [email protected]',
-        '5/10: Denial of Service (DoS) [Medium Severity]',
+        '5/10: npm:ejs:20161130-1:Denial of Service (DoS) [Medium Severity]',
         'Via: [email protected] => [email protected] => [email protected]',
-        '6/10: Denial of Service (DoS) [Medium Severity]',
+        '6/10: npm:ejs:20161130-1:Denial of Service (DoS) [Medium Severity]',
         'Via: [email protected] => [email protected] => [email protected]',
-        '7/10: Denial of Service (DoS) [Medium Severity]',
+        '7/10: npm:ejs:20161130-1:Denial of Service (DoS) [Medium Severity]',
         'Via: [email protected] => [email protected] => [email protected]',
-        '8/10: Denial of Service (DoS) [Medium Severity]',
+        '8/10: npm:ejs:20161130-1:Denial of Service (DoS) [Medium Severity]',
         'Via: [email protected] => [email protected] => [email protected]',
-        '9/10: Denial of Service (DoS) [Medium Severity]',
+        '9/10: npm:ejs:20161130-1:Denial of Service (DoS) [Medium Severity]',
         'Via: [email protected] => [email protected] => [email protected]',
-        '10/10: Denial of Service (DoS) [Medium Severity]',
+        '10/10: npm:ejs:20161130-1:Denial of Service (DoS) [Medium Severity]',
         'Via: [email protected] => [email protected] => [email protected]',
       ];