fix: improve usability

nodejs · Apr 14, 2024 · 1ad27f8 · 1ad27f8
1 parent c4b2288
commit 1ad27f8
Showing 1 changed file with 24 additions and 7 deletions.
diff --git a/lib/prepare_security.js b/lib/prepare_security.js
@@ -12,8 +12,10 @@ import {
   commitAndPushVulnerabilitiesJSON,
   getSummary,
   validateDate,
-  promptDependencies
+  promptDependencies,
+  getSupportedVersions
 } from './security-release/security-release.js';
+import _ from 'lodash';
 
 export default class SecurityReleaseSteward {
   repository = NEXT_SECURITY_RELEASE_REPOSITORY;
@@ -55,7 +57,8 @@ export default class SecurityReleaseSteward {
 
     // choose the reports to include in the security release
     const reports = await release.chooseReports(cli);
-    const deps = await release.getDependencyUpdates({ cli });
+    const depUpdates = await release.getDependencyUpdates({ cli });
+    const deps = _.groupBy(depUpdates, 'name');
 
     // create the vulnerabilities.json file in the security-release repo
     const filePath = await release.createVulnerabilitiesJSON(reports, deps, { cli });
@@ -265,14 +268,17 @@ class PrepareSecurityRelease {
 
   async getDependencyUpdates({ cli }) {
     const deps = [];
-
+    cli.log('\n');
+    cli.separator('Dependency Updates');
     const updates = await cli.prompt('Are there dependency updates in this security release?', {
       defaultAnswer: true,
       questionType: 'confirm'
     });
 
     if (!updates) return deps;
 
+    const supportedVersions = await getSupportedVersions();
+
     let asking = true;
     while (asking) {
       const dep = await promptDependencies(cli);
@@ -281,16 +287,27 @@ class PrepareSecurityRelease {
         break;
       }
 
+      const name = await cli.prompt('What is the name of the dependency that has been updated?', {
+        defaultAnswer: '',
+        questionType: 'input'
+      });
+
+      const versions = await cli.prompt('Which release line does this dependency update affect?', {
+        defaultAnswer: supportedVersions,
+        questionType: 'input'
+      });
+
       try {
         const prUrl = dep.replace('https://github.com/', 'https://api.github.com/repos/').replace('pull', 'pulls');
         const res = await this.req.getPullRequest(prUrl);
-        const { html_url, url, title, labels } = res;
+        const { html_url, title } = res;
         deps.push({
-          html_url,
-          url,
+          name,
+          url: html_url,
           title,
-          labels
+          affectedVersions: versions.split(',').map((v) => v.replace('v', '').trim())
         });
+        cli.separator();
       } catch (error) {
         this.cli.error('Invalid PR url. Please provide a valid PR url.');
         this.cli.error(error);