From ac98c01897f3a638dd5eaa2a84adb03fc55ea739 Mon Sep 17 00:00:00 2001
From: ChristopherThiedeVireq <Christopher.Thiede@Vireq.com>
Date: Tue, 19 Jul 2022 17:29:06 +0200
Subject: [PATCH] include only packages with vulnerabilities

---
 Src/NuGetDefense.Lib/VulnerabilityReporter.cs | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/Src/NuGetDefense.Lib/VulnerabilityReporter.cs b/Src/NuGetDefense.Lib/VulnerabilityReporter.cs
index 361db397..47e505d0 100644
--- a/Src/NuGetDefense.Lib/VulnerabilityReporter.cs
+++ b/Src/NuGetDefense.Lib/VulnerabilityReporter.cs
@@ -30,14 +30,18 @@ public void BuildVulnerabilityReport(
         {
             if (distinctPackages.All(x => !string.Equals(x.PackageUrl, package.PackageUrl, StringComparison.CurrentCultureIgnoreCase)))
             {
-                distinctPackages.Add(package);              }
+                distinctPackages.Add(package);
+            }
         }
 
         Report = new VulnerabilityReport
         {
             VulnerabilitiesCount = vulnerabilityDictionary.Sum(x => x.Value.Count),
             Packages = distinctPackages.OrderBy(x => x.Id).ThenBy(x => x.Version)
-                .Where(p => p.LineNumber != null && vulnerabilityDictionary.ContainsKey(p.PackageUrl.ToLower()))
+                .Where(p => p.LineNumber != null 
+                            && vulnerabilityDictionary.ContainsKey(p.PackageUrl.ToLower())
+                            && vulnerabilityDictionary[p.PackageUrl.ToLower()].Any()
+                            )
                 .Select(p => new VulnerableNuGetPackage
                 {
                     Id = p.Id,