Support JSON Output #104
Support JSON Output #104
Conversation
| ): void { | ||
| outputJson: boolean, | ||
| exceptionsReport: string[][], | ||
| ): void => { |
There was a problem hiding this comment.
is there a reason functions dont use a single object argument? This could be neater but I noticed all other functions provide individual args like this?
| @@ -17,7 +17,7 @@ | |||
| }, | |||
| "scripts": { | |||
| "preaudit": "npm run build", | |||
| "audit": "node lib audit -x 1064843,1067245", | |||
| "audit": "node lib audit -j -x 1064843,1067245", | |||
| printSecurityReport(report, columnsToInclude); | ||
| } | ||
| if (outputJson) { | ||
| printJsonOutput(result, exceptionsReport); |
There was a problem hiding this comment.
with json output we only print the json, any other logs should be suppressed so the output can be parsed as json
There was a problem hiding this comment.
some args made not optional to be more explicit and avoid forgetting setting something
| @@ -155,4 +155,6 @@ describe('Events handling', () => { | |||
| consoleWarnStub.restore(); | |||
| consoleInfoStub.restore(); | |||
| }); | |||
|
|
|||
| // todo add json output tests | |||
There was a problem hiding this comment.
tests tbc, looking for feedback on the approach before investing time in tests
| @@ -16,6 +16,8 @@ describe('Print utils', () => { | |||
| it('exception table visual', () => { | |||
| printExceptionReport(EXCEPTION_TABLE_DATA); | |||
| }); | |||
|
|
|||
| // todo add json output tests | |||
There was a problem hiding this comment.
tests tbc, looking for feedback on the approach before investing time in tests
| @@ -542,6 +542,8 @@ describe('Vulnerability utils', () => { | |||
| consoleStub.restore(); | |||
| }); | |||
| }); | |||
|
|
|||
| // todo add json output tests | |||
There was a problem hiding this comment.
tests tbc, looking for feedback on the approach before investing time in tests
|
@jeemok Hello, i've made this PR to resolve #82 however I have not created the tests as I would like feedback on the approach before I invest time into testing. Please let me know if this looks ok or if you think there is a better way. Also, here is an example of the json output: {
"failed": false,
"unhandledVulnerabilityIds": [
"1100563"
],
"vulnerabilitiesReport": [
{
"id": "1100563",
"module": "cross-spawn",
"title": "Regular Expression Denial of Service (ReDoS) in cross-spawn",
"paths": "cross-spawn",
"severity": "high",
"url": "https://github.com/advisories/GHSA-3xgq-45jj-v275",
"isExcepted": "n"
},
{
"id": "1099561",
"module": "path-to-regexp",
"title": "path-to-regexp outputs backtracking regular expressions",
"paths": "path-to-regexp",
"severity": "high",
"url": "https://github.com/advisories/GHSA-9wv6-86v2-598j",
"isExcepted": "y"
}
],
"exceptionsReport": [
{
"id": "1064843",
"status": "active",
"expiry": "",
"notes": ""
},
{
"id": "106724",
"status": "active",
"expiry": "",
"notes": ""
},
{
"id": "1099561",
"status": "active",
"expiry": "",
"notes": ""
}
],
"unusedExceptionIds": [
"1064843",
"106724"
]
} |
Resolves #82