		@@ -7,2 +7,3 @@ #!/usr/bin/env node
		var moment = require('moment');
		var path = require('path');
		var severityMap = {low: 0, medium: 1, high: 2};
		@@ -40,8 +41,50 @@

		function compileTemplate(fileName) {
		const templ = fs.readFileSync(fileName, 'utf8');
		return Handlebars.compile(templ);
		}

		function generateTemplate(data, template) {
		data.vulnerabilities = groupVulns(data.vulnerabilities);
		var htmlTemplate = fs.readFileSync(template, 'utf8');
		return Handlebars.compile(htmlTemplate)(data);
		const cssFile = path.join(
		path.dirname(template),
		'test-report.inline-css.hbs'
		);
		Handlebars.registerPartial('inline-css', compileTemplate(cssFile));
		const htmlTemplate = compileTemplate(template);
		return htmlTemplate(data);
		}

		function mergeData(dataArray) {
		const vulnsArrays = dataArray.map(d => d.vulnerabilities);
		const aggregateVulnerabilities = [].concat.apply([], vulnsArrays);

		const totalUniqueCount =
		dataArray.reduce((acc, item) => acc + item.uniqueCount, 0);
		function fnPathCount(obj) {
		// sample: "85 vulnerable dependency paths"
		const matchResult = (obj.summary \|\| '0').match(/\d+/);
		return matchResult ? parseInt(matchResult.pop()) : 0;
		}
		const totalPathCount =
		dataArray.reduce((acc,item) => acc + fnPathCount(item), 0);
		const totalDepCount =
		dataArray.reduce((acc, item) => acc + item.dependencyCount, 0);

		const paths = dataArray.map(d => d.path);

		return {
		vulnerabilities: aggregateVulnerabilities,
		uniqueCount: totalUniqueCount,
		summary: totalPathCount + ' vulnerable dependency paths',
		dependencyCount: totalDepCount,
		paths,
		};
		}

		function processData(data, template) {
		const mergedData = Array.isArray(data) ? mergeData(data) : data;
		return generateTemplate(mergedData, template);
		}

		function onDataCallback(data, template, reportCallback) {
		@@ -54,3 +97,3 @@ try {
		}
		var report = generateTemplate(data, template);
		const report = processData(data, template);
		reportCallback(report);
		@@ -72,3 +115,3 @@ }
		process.stdin.on('readable', function () {
		var chunk = process.stdin.read();
		const chunk = process.stdin.read();
		if (chunk !== null) {
		@@ -75,0 +118,0 @@ data += chunk;

package.json

		@@ -11,4 +11,3 @@ {
		"snyk-protect": "snyk protect",
		"prepublish": "npm run snyk-protect",
		"semantic-release": "semantic-release pre && npm publish && semantic-release post"
		"prepublish": "npm run snyk-protect"
		},
		@@ -20,5 +19,5 @@ "author": "",
		"marked": "^0.3.6",
		"minimist": "^1.2.0",
		"moment": "^2.18.1",
		"snyk": "^1.52.0",
		"minimist": "^1.2.0"
		"snyk": "^1.97.0"
		},
		@@ -31,3 +30,2 @@ "bin": {
		"jscs": "^3.0.7",
		"semantic-release": "^6.3.6",
		"tap": "^10.3.2",
		@@ -40,3 +38,3 @@ "tap-only": "0.0.5"
		},
		"version": "1.2.4"
		}
		"version": "1.3.0"
		}

test/snyk-to-html.test.js

		@@ -16,2 +16,15 @@ var test = require('tap-only');

		test('multi-report test', function (t) {
		t.plan(5);
		snykToHtml.run(
		__dirname + '/fixtures/multi-test-report.json',
		__dirname + '/../template/test-report.hbs',
		function (report) {
		t.contains(report, '<div class="meta-count"><span>139 vulnerable dependency paths</span></div>');
		t.contains(report, '<h2 class="card__title">Access Restriction Bypass</h2>');
		t.contains(report, '<h2 class="card__title">Regular Expression Denial of Service (ReDoS)<\/h2>');
		t.contains(report, '<h2 class="card__title">Cross-site Scripting (XSS)</h2>');
		t.contains(report, '<h2 class="card__title">Regular Expression Denial of Service (DoS)</h2>');
		});
		});

		@@ -18,0 +31,0 @@ test('empty values test (description and info)', function (t) {

.travis.yml

Sorry, the diff of this file is not supported yet

template/test-report.hbs

Sorry, the diff of this file is not supported yet

snyk-to-html - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics

Dependency changes