Further fix unsound and notice reporting (#10) (#11)

rustsec · Apr 4, 2023 · dd51754 · dd51754
1 parent 7cb7a4e
commit dd51754
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,18 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.4.1] - 2023-04-04
+
+### Fixed
+
+- Corrected reporting on `unsound` and `notice` informationals
+
+## [1.4.0] - 2023-04-04
+
+### Fixed
+
+- Reflect change to enable warning on `unsound` and `notice` informationals
+
 ## [1.3.2] - 2023-03-13
 
 ### Changed

diff --git a/dist/index.js b/dist/index.js
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
     "name": "rust-audit-check",
-    "version": "1.3.2",
+    "version": "1.4.1",
     "private": false,
     "description": "Security audit for security vulnerabilities",
     "main": "lib/main.js",

diff --git a/src/reporter.ts b/src/reporter.ts
@@ -15,6 +15,7 @@ interface Stats {
     critical: number;
     notices: number;
     unmaintained: number;
+    unsound: number;
     other: number;
 }
 
@@ -89,6 +90,7 @@ function getStats(
     let critical = 0;
     let notices = 0;
     let unmaintained = 0;
+    let unsound = 0;
     let other = 0;
     for (const vulnerability of vulnerabilities) {
         switch (vulnerability.advisory.informational) {
@@ -98,6 +100,9 @@ function getStats(
             case 'unmaintained':
                 unmaintained += 1;
                 break;
+            case 'unsound':
+                unsound += 1;
+                break;
             case null:
                 critical += 1;
                 break;
@@ -113,6 +118,10 @@ function getStats(
                 unmaintained += 1;
                 break;
 
+            case 'unsound':
+                unsound += 1;
+                break;
+
             default:
                 // Both yanked and informational types of kind
                 other += 1;
@@ -124,6 +133,7 @@ function getStats(
         critical: critical,
         notices: notices,
         unmaintained: unmaintained,
+        unsound: unsound,
         other: other,
     };
 }
@@ -132,15 +142,17 @@ function getSummary(stats: Stats): string {
     const blocks: string[] = [];
 
     if (stats.critical > 0) {
-        // TODO: Plural
-        blocks.push(`${stats.critical} advisory(ies)`);
+        blocks.push(`${stats.critical} advisories`);
     }
     if (stats.notices > 0) {
         blocks.push(`${stats.notices} notice${plural(stats.notices)}`);
     }
     if (stats.unmaintained > 0) {
         blocks.push(`${stats.unmaintained} unmaintained`);
     }
+    if (stats.unsound > 0) {
+        blocks.push(`${stats.unsound} unsound`);
+    }
     if (stats.other > 0) {
         blocks.push(`${stats.other} other`);
     }
@@ -275,6 +287,8 @@ export async function reportIssues(
     for (const warning of warnings) {
         let advisory: interfaces.Advisory;
         switch (warning.kind) {
+            case 'unsound':
+            case 'notice':
             case 'unmaintained':
             case 'informational':
                 advisory = warning.advisory;