feat: configurable min severity level for charts

sandworm-hq · Feb 5, 2023 · 2950408 · 2950408
1 parent b5467f8
commit 2950408
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 9 deletions.
diff --git a/src/charts/tooltip.js b/src/charts/tooltip.js
@@ -3,7 +3,6 @@
 const getBody = (string) => string.substring(string.indexOf('{') + 1, string.lastIndexOf('}'));
 
 const setupTooltips = () => {
-  const SEVERITIES = ['critical', 'high', 'moderate', 'low'];
   const SEVERITY_ICONS = {
     critical: '🔴',
     high: '🟠',
@@ -20,7 +19,6 @@ const setupTooltips = () => {
   const [offsetX, offsetY, viewBoxWidth, viewBoxHeight] = viewBox.split(',').map(parseFloat);
   const maxX = offsetX + viewBoxWidth;
   const maxY = offsetY + viewBoxHeight;
-  const sortBySeverity = (a, b) => SEVERITIES.indexOf(a.severity) - SEVERITIES.indexOf(b.severity);
   const getHTML = (ancestry, issues, licenseName) => {
     let html =
       '<div style="padding: 2px; background: #777; color: white; margin-bottom: 2px;">Path</div>';
@@ -33,7 +31,7 @@ const setupTooltips = () => {
     if (issues.length) {
       html +=
         '<div style="padding: 2px; background: #777; color: white; margin: 2px 0;">Issues</div>';
-      issues.sort(sortBySeverity).forEach(({title, url, severity = 'critical'}) => {
+      issues.forEach(({title, url, severity = 'critical'}) => {
         html += `<div style="white-space: nowrap; overflow: hidden; text-overflow: ellipsis;">
           ${SEVERITY_ICONS[severity]} ${url ? `<a href="${url}" target="_blank">` : ''}${title}${
           url ? '</a>' : ''

diff --git a/src/index.js b/src/index.js
@@ -6,14 +6,15 @@ const {getReports} = require('./issues/utils');
 const csv = require('./charts/csv');
 
 const getReport = async ({
-  types = ['tree', 'treemap'],
   appPath,
+  dependencyGraph,
   includeDev = false,
   showVersions = false,
+  minDisplayedSeverity = 'high',
   width = 1500,
   maxDepth = 7,
+  types = ['tree', 'treemap'],
   onProgress = () => {},
-  dependencyGraph,
 }) => {
   const errors = [];
 
@@ -51,21 +52,31 @@ const getReport = async ({
   // Get license info and issues
   onProgress({type: 'start', stage: 'licenses'});
   try {
-    licenseUsage = await getLicenseUsage({dependencies: dGraph.prodDependencies});
+    licenseUsage = await getLicenseUsage({
+      dependencies: includeDev ? dGraph.all : dGraph.prodDependencies,
+    });
     licenseIssues = await getLicenseIssues({licenseUsage, packageGraph});
   } catch (error) {
     errors.push(error);
   }
   onProgress({type: 'end', stage: 'licenses'});
 
   // Generate charts
+  const SEVERITIES = ['critical', 'high', 'moderate', 'low'];
+  const sortBySeverity = (a, b) => SEVERITIES.indexOf(a.severity) - SEVERITIES.indexOf(b.severity);
+  const filteredIssues = (dependencyVulnerabilities || [])
+    .concat(rootVulnerabilities || [])
+    .concat(licenseIssues || [])
+    .filter(
+      ({severity}) => SEVERITIES.indexOf(severity) <= SEVERITIES.indexOf(minDisplayedSeverity),
+    )
+    .sort(sortBySeverity);
+
   const options = {
     showVersions,
     width,
     maxDepth,
-    issues: (dependencyVulnerabilities || [])
-      .concat(rootVulnerabilities || [])
-      .concat(licenseIssues || []),
+    issues: filteredIssues,
     includeDev,
     onProgress: (message) => onProgress({type: 'update', stage: 'chart', message}),
   };