fix(snyk): use new api

.eslintrc.json

@@ -19,7 +19,6 @@
     ],
     "@typescript-eslint/no-require-imports": "error",
     "@typescript-eslint/array-type": "error",
-    "@typescript-eslint/await-thenable": "error",
     "@typescript-eslint/ban-ts-comment": "error",
     "camelcase": "off",
     "@typescript-eslint/consistent-type-assertions": "error",
@@ -37,21 +36,15 @@
     "@typescript-eslint/no-misused-new": "error",
     "@typescript-eslint/no-namespace": "error",
     "@typescript-eslint/no-non-null-assertion": "warn",
-    "@typescript-eslint/no-unnecessary-qualifier": "error",
-    "@typescript-eslint/no-unnecessary-type-assertion": "error",
-    "@typescript-eslint/no-useless-constructor": "error",
     "@typescript-eslint/no-var-requires": "error",
     "@typescript-eslint/prefer-for-of": "warn",
     "@typescript-eslint/prefer-function-type": "warn",
     "@typescript-eslint/prefer-includes": "error",
     "@typescript-eslint/prefer-string-starts-ends-with": "error",
-    "@typescript-eslint/promise-function-async": "error",
     "@typescript-eslint/require-array-sort-compare": "error",
-    "@typescript-eslint/restrict-plus-operands": "error",
     "semi": "off",
     "@typescript-eslint/semi": ["error", "never"],
     "@typescript-eslint/type-annotation-spacing": "error",
-    "@typescript-eslint/unbound-method": "error",
     "no-shadow": "off",
     "no-console": "warn"
   },

CONTRIBUTING.md

@@ -1,15 +1,15 @@
-# Contributing to backport action
+# Contributing to infra-report action
 
 I welcome contributions for feature requests and bug reports, as well as for docs and code changes.
 
 ## Feature requests and bug reports
 
 If you would want to see something added or changed, or encountered a bug.
-Please open an [issue on GitHub](https://github.com/korthout/backport-action/issues).
+Please open an [issue on GitHub](https://github.com/misiekhardcore/infra-report-action/issues).
 
 ## Docs changes
 
-Saw a typo or want to make other changes to the [README](https://korthout.github.io/backport-action/blob/main/README.md)?
+Saw a typo or want to make other changes to the [README](https://github.com/misiekhardcore/infra-report-action/blob/main/README.md)?
 Feel free to open a pull request with your changes.
 
 ## Code changes
@@ -68,6 +68,6 @@ npm run all
 The distribution is hosted in this repository under `dist`.
 Simply build and package the distribution and commit the changes to publish a new snapshot version.
 
-To release a version, run the [Release](https://github.com/korthout/backport-action/actions/workflows/release.yml) workflow from the branch that should be released.
+To release a version, run the [Release](https://github.com/misiekhardcore/infra-report-action/actions/workflows/release.yml) workflow from the branch that should be released.
 This sets the release version and tags the release commit.
 It also creates/moves the major and minor tags (e.g. `v1` and `v1.2`) to the latest corresponding release as [officially recommended](https://github.com/actions/toolkit/blob/master/docs/action-versioning.md).

README.md

@@ -76,8 +76,12 @@ The struture of this file is the following:
   snyk: {
     // Optional custom title to override the default one
     title?: string;
+    // Version of the snyk API to use, defaults to '2023-05-29'
+    apiVersion?: string
+    // Snyk organization ID
+    organizationId: string;
     // Snyk organization name
-    organization: string;
+    organizationName: string;
     // Which vulnerability levels should be counted and displayed in the report (defaults to ["critical", "high"])
     vulnLevels?: ('critical' | 'high' | 'medium' | 'low')[];
     // A list of CVEs to ignore
@@ -146,7 +150,9 @@ The struture of this file is the following:
   },
   "snyk": {
     "title": "some title to override the default",
-    "organization": "org",
+    "apiVersion": "2023-05029",
+    "organizationId": "org-id",
+    "organizationName": "org",
     "vulnLevels": ["critical", "high", "medium", "low"],
     "ignoredCVEs": ["CVE-123-4567"],
     "ignoredCWEs": ["CWE-890"],

__tests__/snyk.test.ts

@@ -8,26 +8,34 @@ import {
 const serverities = ['critical', 'high', 'medium', 'low']
 jest.mock('../src/services', () => ({
   fetchSnykProjects: jest.fn().mockImplementation(() => ({
-    projects: [
+    data: [
       {
         id: 1,
-        name: 'version1project1',
-        origin: 'origin'
+        attributes: {
+          name: 'version1project1',
+          origin: 'origin'
+        }
       },
       {
         id: 2,
-        name: 'version1project2',
-        origin: 'origin'
+        attributes: {
+          name: 'version1project2',
+          origin: 'origin'
+        }
       },
       {
         id: 3,
-        name: 'version2project1',
-        origin: 'origin'
+        attributes: {
+          name: 'version2project1',
+          origin: 'origin'
+        }
       },
       {
         id: 4,
-        name: 'version2project2',
-        origin: 'origin'
+        attributes: {
+          name: 'version2project2',
+          origin: 'origin'
+        }
       }
     ]
   })),
@@ -57,7 +65,8 @@ describe('SnykService', () => {
   const token = 'token'
   const config: Pick<Config, 'snyk'> = {
     snyk: {
-      organization: 'org',
+      organizationId: 'org',
+      organizationName: 'org',
       projects: [
         {
           origin: 'github',
@@ -85,25 +94,32 @@ describe('SnykService', () => {
     )
   })
 
-  test('should throw an error if organization is missing in config', () => {
+  test('should throw an error if organizationId is missing in config', () => {
     expect(() => new SnykService(token, {snyk: {}} as Config)).toThrow(
-      'Snyk: organization is missing'
+      'Snyk: organizationId is missing'
     )
   })
 
+  test('should throw an error if organizationName is missing in config', () => {
+    expect(
+      () => new SnykService(token, {snyk: {organizationId: 'org'}} as Config)
+    ).toThrow('Snyk: organizationName is missing')
+  })
+
   test('should throw an error if workflows are missing in config', () => {
     expect(
       () =>
         new SnykService(token, {
-          snyk: {organization: 'org'}
+          snyk: {organizationId: 'org', organizationName: 'org'}
         } as Config)
     ).toThrow('Snyk: no projects were passed to be checked')
 
     expect(
       () =>
         new SnykService(token, {
           snyk: {
-            organization: 'org',
+            organizationId: 'org',
+            organizationName: 'org',
             projects: []
           } as Config['snyk']
         } as Config)
@@ -115,17 +131,17 @@ describe('SnykService', () => {
     const result = await service.getResult()
     expect(result).toEqual({
       messages: [
-        '<https://app.snyk.io/org/org/reporting?context%5Bpage%5D=issues-detail&project_target=project1&project_origin=github&target_ref=version1&issue_status=Open&issue_by=Severity&table_issues_detail_cols=SCORE%257CCVE%257CCWE%257CPROJECT%257CEXPLOIT%2520MATURITY%257CAUTO%2520FIXABLE%257CINTRODUCED&table_issues_detail_sort=%2520FIRST_INTRODUCED%2520DESC&issue_severity=Critical%257CHigh|version1: 2 Critical, 0 High>',
-        '<https://app.snyk.io/org/org/reporting?context%5Bpage%5D=issues-detail&project_target=project1&project_origin=github&target_ref=version2&issue_status=Open&issue_by=Severity&table_issues_detail_cols=SCORE%257CCVE%257CCWE%257CPROJECT%257CEXPLOIT%2520MATURITY%257CAUTO%2520FIXABLE%257CINTRODUCED&table_issues_detail_sort=%2520FIRST_INTRODUCED%2520DESC&issue_severity=Critical%257CHigh|version2: 0 Critical, 0 High>',
-        '<https://app.snyk.io/org/org/reporting?context%5Bpage%5D=issues-detail&project_target=project2&project_origin=github&target_ref=version1&issue_status=Open&issue_by=Severity&table_issues_detail_cols=SCORE%257CCVE%257CCWE%257CPROJECT%257CEXPLOIT%2520MATURITY%257CAUTO%2520FIXABLE%257CINTRODUCED&table_issues_detail_sort=%2520FIRST_INTRODUCED%2520DESC&issue_severity=Critical%257CHigh|version1: 0 Critical, 1 High>'
+        '<https://app.snyk.io/org/org/reporting?context[page]=issues-detail&project_target=project1&project_origin=github&target_ref=["version1"]&v=1&issue_status=Open&issue_by=Severity&issue_severity=["Critical","High"]|version1: 2 Critical, 0 High>',
+        '<https://app.snyk.io/org/org/reporting?context[page]=issues-detail&project_target=project1&project_origin=github&target_ref=["version2"]&v=1&issue_status=Open&issue_by=Severity&issue_severity=["Critical","High"]|version2: 0 Critical, 0 High>',
+        '<https://app.snyk.io/org/org/reporting?context[page]=issues-detail&project_target=project2&project_origin=github&target_ref=["version1"]&v=1&issue_status=Open&issue_by=Severity&issue_severity=["Critical","High"]|version1: 0 Critical, 1 High>'
       ],
       title: ':snyk: *Snyk status:*'
     })
   })
 
   test('should not give results if it didnt find projects', async () => {
     ;(fetchSnykProjects as jest.Mock).mockReturnValueOnce({
-      projects: []
+      data: []
     })
     const service = new SnykService(token, config as Config)
     const result = await service.getResult()
@@ -145,10 +161,9 @@ describe('SnykService', () => {
 
   test('should exclude vulnerabilities by cves', async () => {
     ;(fetchSnykProjects as jest.Mock).mockReturnValueOnce({
-      projects: [
+      data: [
         {
-          name: 'project1version1',
-          origin: 'origin'
+          attributes: {name: 'project1version1', origin: 'origin'}
         }
       ]
     })
@@ -175,18 +190,17 @@ describe('SnykService', () => {
     const result = await service.getResult()
     expect(result).toEqual({
       messages: [
-        '<https://app.snyk.io/org/org/reporting?context%5Bpage%5D=issues-detail&project_target=project1&project_origin=github&target_ref=version1&issue_status=Open&issue_by=Severity&table_issues_detail_cols=SCORE%257CCVE%257CCWE%257CPROJECT%257CEXPLOIT%2520MATURITY%257CAUTO%2520FIXABLE%257CINTRODUCED&table_issues_detail_sort=%2520FIRST_INTRODUCED%2520DESC&issue_severity=Critical%257CHigh|version1: 0 Critical, 1 High>'
+        '<https://app.snyk.io/org/org/reporting?context[page]=issues-detail&project_target=project1&project_origin=github&target_ref=["version1"]&v=1&issue_status=Open&issue_by=Severity&issue_severity=["Critical","High"]|version1: 0 Critical, 1 High>'
       ],
       title: ':snyk: *Snyk status:*'
     })
   })
 
   test('should exclude vulnerabilities by cwes', async () => {
     ;(fetchSnykProjects as jest.Mock).mockReturnValueOnce({
-      projects: [
+      data: [
         {
-          name: 'project1version1',
-          origin: 'origin'
+          attributes: {name: 'project1version1', origin: 'origin'}
         }
       ]
     })
@@ -213,18 +227,17 @@ describe('SnykService', () => {
     const result = await service.getResult()
     expect(result).toEqual({
       messages: [
-        '<https://app.snyk.io/org/org/reporting?context%5Bpage%5D=issues-detail&project_target=project1&project_origin=github&target_ref=version1&issue_status=Open&issue_by=Severity&table_issues_detail_cols=SCORE%257CCVE%257CCWE%257CPROJECT%257CEXPLOIT%2520MATURITY%257CAUTO%2520FIXABLE%257CINTRODUCED&table_issues_detail_sort=%2520FIRST_INTRODUCED%2520DESC&issue_severity=Critical%257CHigh|version1: 0 Critical, 1 High>'
+        '<https://app.snyk.io/org/org/reporting?context[page]=issues-detail&project_target=project1&project_origin=github&target_ref=["version1"]&v=1&issue_status=Open&issue_by=Severity&issue_severity=["Critical","High"]|version1: 0 Critical, 1 High>'
       ],
       title: ':snyk: *Snyk status:*'
     })
   })
 
   test('should exclude vulnerabilities by name', async () => {
     ;(fetchSnykProjects as jest.Mock).mockReturnValueOnce({
-      projects: [
+      data: [
         {
-          name: 'project1version1',
-          origin: 'origin'
+          attributes: {name: 'project1version1', origin: 'origin'}
         }
       ]
     })
@@ -251,7 +264,7 @@ describe('SnykService', () => {
     const result = await service.getResult()
     expect(result).toEqual({
       messages: [
-        '<https://app.snyk.io/org/org/reporting?context%5Bpage%5D=issues-detail&project_target=project1&project_origin=github&target_ref=version1&issue_status=Open&issue_by=Severity&table_issues_detail_cols=SCORE%257CCVE%257CCWE%257CPROJECT%257CEXPLOIT%2520MATURITY%257CAUTO%2520FIXABLE%257CINTRODUCED&table_issues_detail_sort=%2520FIRST_INTRODUCED%2520DESC&issue_severity=Critical%257CHigh|version1: 0 Critical, 1 High>'
+        '<https://app.snyk.io/org/org/reporting?context[page]=issues-detail&project_target=project1&project_origin=github&target_ref=["version1"]&v=1&issue_status=Open&issue_by=Severity&issue_severity=["Critical","High"]|version1: 0 Critical, 1 High>'
       ],
       title: ':snyk: *Snyk status:*'
     })