Merge pull request #55 from snyk-tech-services/develop

Release changes

package.json

@@ -55,7 +55,7 @@
     "jest": "^25.1.0",
     "nock": "^13.0.2",
     "prettier": "^1.19.1",
-    "snyk": "^1.685.0",
+    "snyk": "^1.760.0",
     "ts-jest": "^25.1.0",
     "ts-node": "8.6.2",
     "tsc-watch": "^4.1.0",

src/lib/github/prComments.ts

@@ -152,7 +152,7 @@ export const createPrComment = async (
 
 export const deletePrComment = async (
   ghDetails: ghDetails
-) : Promise<void> => {
+) : Promise<ghPrCommentsStatus> => {
 
   const baseUrl = process.env.GH_API || 'https://api.github.com';
   const commentUrl = `/repos/${ghDetails.orgName}/${ghDetails.repoName}/issues/${ghDetails.prNumber}/comments`;
@@ -191,5 +191,5 @@ export const deletePrComment = async (
       url);
   });
 
-  return 
+  return ghResponse.data as ghPrCommentsStatus
 }

src/lib/index.ts

@@ -3,7 +3,7 @@ import 'source-map-support/register';
 import { getDelta, SnykDeltaOutput } from 'snyk-delta';
 import { sendCommitStatus } from './github/commitStatus';
 import { createPrComment, deletePrComment } from './github/prComments';
-import { ghActivity, ghDetails } from './github/types';
+import { ghActivity, ghDetails, ghPrCommentsStatus } from './github/types';
 import { snykProjectDetails } from './types';
 import * as fs from 'fs';
 import * as debugLib from 'debug';
@@ -120,17 +120,20 @@ const main = async () => {
             noBaseline,
           );
 
+          let ghPrCommentsCreateResponse: ghPrCommentsStatus
+          const allProjectPost = (i > 0) ? true : false
+
           if (ghPRNumber)
           {
-            if (snykDeltaResults.result === 0 && !keepHistory) {
+            if (snykDeltaResults.result === 0 && !keepHistory && !allProjectPost) {
               debug('Deleting comments on PR')
-              await deletePrComment(githubDetails)
+              ghPrCommentsCreateResponse = await deletePrComment(githubDetails)
             }
           }
 
           debug(`shouldCommentPr = ${shouldCommentPr}`)
 
-          const ghPrCommentsCreateResponse = shouldCommentPr 
+          ghPrCommentsCreateResponse = shouldCommentPr 
             ? await createPrComment(snykDeltaResults, githubDetails, keepHistory)
             : {};
 

test/lib/index.test.ts

@@ -489,6 +489,87 @@ New Issues Introduced!
 
   test('[snyk-delta module] Is it working with --all-projects with PR number and mixed results', async () => {
     // 2 projects, 1 without new issue and 1 with a new issue so we can verify that one commit status fails while the other one passes
+
+    process.env.SNYK_DEBUG = 'true';
+    const logConsoleStream = fs.createWriteStream('./logConsoleFile.log', {
+      flags: 'a',
+    });
+    process.stderr._write = function(chunk, encoding, callback) {
+      logConsoleStream.write(chunk, encoding, callback);
+    };
+
+    process.argv = [
+      '',
+      '',
+      path.resolve(__dirname, '..') +
+        '/fixtures/snyktest-all-projects-with-one-more-vuln-for-one-project-only.json',
+      '123',
+      '123',
+      '123',
+      '123',
+      '123',
+    ];
+    const response = await main();
+
+    delete process.env.SNYK_DEBUG;
+    process.stderr.unpipe;
+
+    try {
+      const data = fs.readFileSync('./logConsoleFile.log', 'utf8');
+      expect(data.includes('Deleting comments on PR')).toEqual(false);
+    } catch (err) {
+      console.error(err);
+    }
+
+    expect(response).toEqual([
+      {
+        status: {
+          context: 'Snyk Prevent (playground - package-lock.json)',
+          description: 'No new issue found',
+          state: 'success',
+          // eslint-disable-next-line
+          target_url:
+            'https://app.snyk.io/org/playground/project/09235fa4-c241-42c6-8c63-c053bd272789',
+        },
+        prComment: {},
+      },
+      {
+        status: {
+          context: 'Snyk Prevent (playground - subfolder/package-lock.json)',
+          description: 'New issue(s) found',
+          state: 'failure',
+          // eslint-disable-next-line
+          target_url:
+            'https://app.snyk.io/org/playground/project/09235fa4-c241-42c6-8c63-c053bd272790',
+        },
+        /* eslint-disable no-useless-escape */
+        prComment: {
+          body: `### ******* Vulnerabilities report for commit number 123 *******
+New Issue Introduced!
+## Security
+1 issue found 
+* 1/1: Regular Expression Denial of Service (ReDoS) [High Severity]
+\t+ Via:   [email protected] => [email protected] => @snyk/[email protected] => [email protected]
+\t+ Fixed in: acorn, 5.7.4, 6.4.1, 7.1.1
+\t+ Fixable by upgrade: @snyk/[email protected]=>[email protected]
+`,
+        },
+        /* eslint-enable no-useless-escape */
+      },
+    ]);
+  });
+
+  test('[snyk-delta module] Is it working with --all-projects with PR number and mixed results and keepHistory', async () => {
+    // 2 projects, 1 without new issue and 1 with a new issue so we can verify that one commit status fails while the other one passes
+
+    process.env.SNYK_DEBUG = 'true';
+    const logConsoleStream = fs.createWriteStream('./logConsoleFile.log', {
+      flags: 'a',
+    });
+    process.stderr._write = function(chunk, encoding, callback) {
+      logConsoleStream.write(chunk, encoding, callback);
+    };
+
     process.argv = [
       '',
       '',
@@ -499,8 +580,20 @@ New Issues Introduced!
       '123',
       '123',
       '123',
+      'keepHistory',
     ];
     const response = await main();
+
+    delete process.env.SNYK_DEBUG;
+    process.stderr.unpipe;
+
+    try {
+      const data = fs.readFileSync('./logConsoleFile.log', 'utf8');
+      expect(data.includes('Deleting comments on PR')).toEqual(false);
+    } catch (err) {
+      console.error(err);
+    }
+
     expect(response).toEqual([
       {
         status: {