Adds Severity Field for Licenses Violations for Pull Request Scans (#672

)
jfrog · Apr 9, 2024 · 1098871 · 1098871
1 parent 00489de
commit 1098871
Show file tree

Hide file tree

Showing 5 changed files with 17 additions and 9 deletions.
diff --git a/images/violated-licenses.png b/images/violated-licenses.png
diff --git a/testdata/messages/summarycomment/license/license_violation_simplified.md b/testdata/messages/summarycomment/license/license_violation_simplified.md
@@ -4,7 +4,7 @@
 ## ⚖️ Violated Licenses
 
 ---
-| LICENSE                | DIRECT DEPENDENCIES                  | IMPACTED DEPENDENCY                  |
-| :---------------------: | :-----------------------------------: | :-----------------------------------: |
-| License1 | Comp1 1.0 | Dep1 2.0 |
-| License2 | root 1.0.0, minimatch 1.2.3 | Dep2 3.0 |
+| SEVERITY                | LICENSE                  | DIRECT DEPENDENCIES                  | IMPACTED DEPENDENCY                  |
+| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
+| High | License1 | Comp1 1.0 | Dep1 2.0 |
+| High | License2 | root 1.0.0, minimatch 1.2.3 | Dep2 3.0 |
diff --git a/testdata/messages/summarycomment/license/license_violation_standard.md b/testdata/messages/summarycomment/license/license_violation_standard.md
@@ -2,9 +2,9 @@
 ## ⚖️ Violated Licenses
 <div align='center'>
 
-| LICENSE                | DIRECT DEPENDENCIES                  | IMPACTED DEPENDENCY                  |
-| :---------------------: | :-----------------------------------: | :-----------------------------------: |
-| License1 | Comp1 1.0 | Dep1 2.0 |
-| License2 | root 1.0.0<br>minimatch 1.2.3 | Dep2 3.0 |
+| SEVERITY                | LICENSE                  | DIRECT DEPENDENCIES                  | IMPACTED DEPENDENCY                  |
+| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
+| High | License1 | Comp1 1.0 | Dep1 2.0 |
+| High | License2 | root 1.0.0<br>minimatch 1.2.3 | Dep2 3.0 |
 
 </div>
diff --git a/utils/outputwriter/outputcontent.go b/utils/outputwriter/outputcontent.go
@@ -273,9 +273,10 @@ func LicensesContent(licenses []formats.LicenseRow, writer OutputWriter) string
 	var contentBuilder strings.Builder
 	WriteContent(&contentBuilder, writer.MarkAsTitle("⚖️ Violated Licenses", 2))
 	// Content
-	table := NewMarkdownTable("LICENSE", "DIRECT DEPENDENCIES", "IMPACTED DEPENDENCY").SetDelimiter(writer.Separator())
+	table := NewMarkdownTable("SEVERITY", "LICENSE", "DIRECT DEPENDENCIES", "IMPACTED DEPENDENCY").SetDelimiter(writer.Separator())
 	for _, license := range licenses {
 		table.AddRowWithCellData(
+			NewCellData(license.Severity),
 			NewCellData(license.LicenseKey),
 			getDirectDependenciesCellData("%s %s", license.Components),
 			NewCellData(fmt.Sprintf("%s %s", license.ImpactedDependencyName, license.ImpactedDependencyVersion)),

diff --git a/utils/outputwriter/outputcontent_test.go b/utils/outputwriter/outputcontent_test.go
@@ -435,9 +435,13 @@ func TestLicensesContent(t *testing.T) {
 				{
 					LicenseKey: "License1",
 					ImpactedDependencyDetails: formats.ImpactedDependencyDetails{
+
 						Components:                []formats.ComponentRow{{Name: "Comp1", Version: "1.0"}},
 						ImpactedDependencyName:    "Dep1",
 						ImpactedDependencyVersion: "2.0",
+						SeverityDetails: formats.SeverityDetails{
+							Severity: "High",
+						},
 					},
 				},
 				{
@@ -455,6 +459,9 @@ func TestLicensesContent(t *testing.T) {
 						},
 						ImpactedDependencyName:    "Dep2",
 						ImpactedDependencyVersion: "3.0",
+						SeverityDetails: formats.SeverityDetails{
+							Severity: "High",
+						},
 					},
 				},
 			},