From 99c069702ca7f18de641af34eea5c75e4df99b25 Mon Sep 17 00:00:00 2001 From: Mok Date: Tue, 22 Mar 2022 00:02:54 +0800 Subject: [PATCH] Added handling for empty strings --- src/utils/vulnerability.ts | 22 ++++++++++++---------- test/utils/vulnerability.test.ts | 17 +++++++++++++++++ 2 files changed, 29 insertions(+), 10 deletions(-) diff --git a/src/utils/vulnerability.ts b/src/utils/vulnerability.ts index e17f658..4d82be6 100644 --- a/src/utils/vulnerability.ts +++ b/src/utils/vulnerability.ts @@ -349,19 +349,21 @@ export function processExceptions(nsprc: NsprcFile, cmdExceptions: string[] = [] * @param {Array} unusedExceptionModules List of unused exception module names */ export function handleUnusedExceptions(unusedExceptionIds: string[], unusedExceptionModules: string[]): void { + const cleanedUnusedExceptionIds = unusedExceptionIds.filter(Boolean); + const cleanedUnusedExceptionModules = unusedExceptionModules.filter(Boolean); const message = [ - unusedExceptionIds.length && + cleanedUnusedExceptionIds.length && `${ - unusedExceptionIds.length - } of the excluded vulnerabilities did not match any of the found vulnerabilities: ${unusedExceptionIds.join(', ')}.`, - unusedExceptionIds.length && - `${unusedExceptionIds.length > 1 ? 'They' : 'It'} can be removed from the .nsprc file or --exclude -x flags.`, - unusedExceptionModules.length && + cleanedUnusedExceptionIds.length + } of the excluded vulnerabilities did not match any of the found vulnerabilities: ${cleanedUnusedExceptionIds.join(', ')}.`, + cleanedUnusedExceptionIds.length && + `${cleanedUnusedExceptionIds.length > 1 ? 'They' : 'It'} can be removed from the .nsprc file or --exclude -x flags.`, + cleanedUnusedExceptionModules.length && `${ - unusedExceptionModules.length - } of the ignored modules did not match any of the found vulnerabilities: ${unusedExceptionModules.join(', ')}.`, - unusedExceptionModules.length && - `${unusedExceptionModules.length > 1 ? 'They' : 'It'} can be removed from the --module-ignore -m flags.`, + cleanedUnusedExceptionModules.length + } of the ignored modules did not match any of the found vulnerabilities: ${cleanedUnusedExceptionModules.join(', ')}.`, + cleanedUnusedExceptionModules.length && + `${cleanedUnusedExceptionModules.length > 1 ? 'They' : 'It'} can be removed from the --module-ignore -m flags.`, ] .filter(Boolean) .join(' '); diff --git a/test/utils/vulnerability.test.ts b/test/utils/vulnerability.test.ts index c206791..a6cc2a4 100644 --- a/test/utils/vulnerability.test.ts +++ b/test/utils/vulnerability.test.ts @@ -502,6 +502,23 @@ describe('Vulnerability utils', () => { consoleStub.restore(); }); + it('should not console log on empty or falsy array', () => { + const consoleStub = sinon.stub(console, 'warn'); + expect(consoleStub.called).to.equal(false); + + let unusedExceptionIds: any[] = []; + let unusedExceptionModules: any[] = []; + handleUnusedExceptions(unusedExceptionIds, unusedExceptionModules); + expect(consoleStub.called).to.equal(false); + + unusedExceptionIds = ['', undefined, null]; + unusedExceptionModules = ['', undefined, null]; + handleUnusedExceptions(unusedExceptionIds, unusedExceptionModules); + expect(consoleStub.called).to.equal(false); + + consoleStub.restore(); + }); + it('should be able to console log multiple unused exceptions message correctly', () => { const consoleStub = sinon.stub(console, 'warn'); const unusedExceptionIds = ['1567', 'GHSA-ff7x-qrg7-qggm', 'CWE-471'];