Merge pull request #2630 from snyk/feat/no-markdown

feat: added a new option: --no-markdown for sarif output
snyk · Jan 27, 2022 · e6ff4b4 · e6ff4b4
2 parents 8b44449 + 0075634
commit e6ff4b4
Show file tree

Hide file tree

Showing 4 changed files with 49 additions and 1 deletion.
diff --git a/help/cli-commands/code.md b/help/cli-commands/code.md
@@ -53,6 +53,10 @@ Print results in JSON format.
 
 Return results in SARIF format.
 
+## `--no-markdown`
+
+Removes the `markdown` field from the `result.message` object. Should be used when using `--sarif`.
+
 ### `--severity-threshold=low|medium|high|critical`
 
 Report only vulnerabilities at the specified level or higher. Note that the Snyk Code configuration issues do not currently use the `critical` severity level.
diff --git a/src/lib/plugins/sast/index.ts b/src/lib/plugins/sast/index.ts
@@ -40,9 +40,13 @@ export const codePlugin: EcosystemPlugin = {
       }
       const numOfIssues = sarifTypedResult!.runs?.[0].results?.length || 0;
       analytics.add('sast-issues-found', numOfIssues);
-
       if (options.sarif || options.json) {
         if (numOfIssues > 0) {
+          if (options['no-markdown']) {
+            sarifTypedResult.runs?.[0].results?.forEach(({ message }) => {
+              delete message.markdown;
+            });
+          }
           hasIssues(jsonStringifyLargeObject(sarifTypedResult));
         }
         return { readableResult: jsonStringifyLargeObject(sarifTypedResult) };

diff --git a/src/lib/types.ts b/src/lib/types.ts
@@ -91,6 +91,7 @@ export interface Options {
   'target-reference'?: string;
   'exclude-base-image-vulns'?: boolean;
   supportUnmanagedVulnDB?: boolean;
+  'no-markdown'?: boolean;
 }
 
 // TODO(kyegupov): catch accessing ['undefined-properties'] via noImplicitAny

diff --git a/test/jest/unit/snyk-code/snyk-code-test.spec.ts b/test/jest/unit/snyk-code/snyk-code-test.spec.ts
@@ -331,6 +331,45 @@ describe('Test snyk code', () => {
     }
   });
 
+  it('succeed testing with correct exit code - with sarif output and no markdown', async () => {
+    const sampleSarif = loadJson(
+      path.join(
+        __dirname,
+        '/../../../fixtures/sast/sample-analyze-folders-response.json',
+      ),
+    );
+    const options: ArgsOptions = {
+      path: '',
+      traverseNodeModules: false,
+      showVulnPaths: 'none',
+      code: true,
+      sarif: true,
+      _: [],
+      _doubleDashArgs: [],
+      'no-markdown': true,
+    };
+
+    analyzeFoldersMock.mockResolvedValue(sampleSarif);
+    isSastEnabledForOrgSpy.mockResolvedValueOnce({
+      sastEnabled: true,
+      localCodeEngine: {
+        enabled: false,
+      },
+    });
+    trackUsageSpy.mockResolvedValue({});
+
+    try {
+      await snykTest('some/path', options);
+    } catch (error) {
+      const errMessage = error.message.trim();
+      expect(error.code).toBe('VULNS');
+      const output = JSON.parse(errMessage);
+      expect(Object.keys(output.runs[0].results[0].message)).not.toContain(
+        'markdown',
+      );
+    }
+  });
+
   it('succeed testing with correct exit code - and analytics added', async () => {
     const analyticSend = jest.spyOn(analytics, 'add');