feat: use debug option with snyk-cpp-plugin

Only show fingerprint information when running with debug option.
snyk · Sep 14, 2020 · c363c16 · c363c16
1 parent 2c11ac5
commit c363c16
Show file tree

Hide file tree

Showing 7 changed files with 41 additions and 12 deletions.
diff --git a/package.json b/package.json
@@ -75,7 +75,7 @@
     "proxy-from-env": "^1.0.0",
     "semver": "^6.0.0",
     "snyk-config": "3.1.1",
-    "snyk-cpp-plugin": "1.4.3",
+    "snyk-cpp-plugin": "1.5.0",
     "snyk-docker-plugin": "3.21.0",
     "snyk-go-plugin": "1.16.2",
     "snyk-gradle-plugin": "3.6.3",

diff --git a/src/lib/ecosystems.ts b/src/lib/ecosystems.ts
@@ -50,6 +50,7 @@ export interface EcosystemPlugin {
     scanResults: ScanResult[],
     testResults: TestResult[],
     errors: string[],
+    options: Options,
   ) => Promise<string>;
 }
 
@@ -91,7 +92,12 @@ export async function testEcosystem(
   }
   const emptyResults: ScanResult[] = [];
   const scanResults = emptyResults.concat(...Object.values(scanResultsByPath));
-  const readableResult = await plugin.display(scanResults, testResults, errors);
+  const readableResult = await plugin.display(
+    scanResults,
+    testResults,
+    errors,
+    options,
+  );
 
   return TestCommandResult.createHumanReadableTestCommandResult(
     readableResult,

diff --git a/src/lib/types.ts b/src/lib/types.ts
@@ -73,6 +73,7 @@ export interface Options {
   experimental?: boolean;
   // Used with the Docker plugin only. Allows application scanning.
   'app-vulns'?: boolean;
+  debug?: boolean;
 }
 
 // TODO(kyegupov): catch accessing ['undefined-properties'] via noImplicitAny

diff --git a/test/ecosystems.spec.ts b/test/ecosystems.spec.ts
@@ -58,6 +58,7 @@ describe('ecosystems', () => {
       }
 
       const displayTxt = readFixture('display.txt');
+      const debugDisplayTxt = readFixture('debug-display.txt');
       const errorTxt = readFixture('error.txt');
       const testResult = readJsonFixture(
         'testResults.json',
@@ -106,6 +107,22 @@ describe('ecosystems', () => {
         expect(actual).toEqual(expected);
       });
 
+      it('should return fingerprints when debug option is set', async () => {
+        const mock = jest
+          .spyOn(request, 'makeRequest')
+          .mockResolvedValue(testResult);
+        const expected = TestCommandResult.createHumanReadableTestCommandResult(
+          debugDisplayTxt,
+          stringifyTestResults,
+        );
+        const actual = await ecosystems.testEcosystem('cpp', ['.'], {
+          path: '',
+          debug: true,
+        });
+        expect(mock).toHaveBeenCalled();
+        expect(actual).toEqual(expected);
+      });
+
       it('should throw error when response code is not 200', async () => {
         const error = { code: 401, message: 'Invalid auth token' };
         jest.spyOn(request, 'makeRequest').mockRejectedValue(error);

diff --git a/test/fixtures/cpp-project/debug-display.txt b/test/fixtures/cpp-project/debug-display.txt
@@ -0,0 +1,15 @@
+[97mFingerprints[39m
+52d1b046047db9ea0c581cafd4c68fe5 add.cpp
+aeca71a6e39f99a24ecf4c088eee9cb8 add.h
+ad3365b3370ef6b1c3e778f875055f19 main.cpp
+
+[97mDependencies[39m
+add@1.2.3
+
+[97mIssues[39m
+[93m✗ Cross-site Scripting (XSS) [medium][39m
+  https://snyk.io/vuln/cpp:add:20161130
+  in add@1.2.3
+  fix version 1.2.4
+
+Tested 1 dependency for known issues, found [91m1 issue[39m.
diff --git a/test/fixtures/cpp-project/display.txt b/test/fixtures/cpp-project/display.txt
@@ -1,8 +1,3 @@
-[97mFingerprints[39m
-52d1b046047db9ea0c581cafd4c68fe5 add.cpp
-aeca71a6e39f99a24ecf4c088eee9cb8 add.h
-ad3365b3370ef6b1c3e778f875055f19 main.cpp
-
 [97mDependencies[39m
 add@1.2.3
 

diff --git a/test/fixtures/cpp-project/error.txt b/test/fixtures/cpp-project/error.txt
@@ -1,7 +1,2 @@
-[97mFingerprints[39m
-52d1b046047db9ea0c581cafd4c68fe5 add.cpp
-aeca71a6e39f99a24ecf4c088eee9cb8 add.h
-ad3365b3370ef6b1c3e778f875055f19 main.cpp
-
 [91mErrors[39m
 Could not test dependencies in .