Release v1.2.0

svartalf · svartalf · commit 35b7b53b1e25 · 2020-05-07T11:00:43.000+03:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,11 +5,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [1.2.0]
+## [1.2.0] - 2020-05-07
 
 ### Fixed
 
--  Do not fail check if no critical vulnerabilities were found when executed for a fork repository (closes #104)
+- Compatibility with latest `cargo-audit == 0.12` JSON output (#115) 
+- Do not fail check if no critical vulnerabilities were found when executed for a fork repository (closes #104)
 
 ## [1.1.0]
 
diff --git a/dist/index.js b/dist/index.js
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
     "name": "rust-audit-check",
-    "version": "1.1.0",
+    "version": "1.2.0",
     "private": false,
     "description": "Security audit for security vulnerabilities",
     "main": "lib/main.js",
diff --git a/src/interfaces.ts b/src/interfaces.ts
@@ -8,7 +8,7 @@ export interface Report {
     database: DatabaseInfo;
     lockfile: LockfileInfo;
     vulnerabilities: VulnerabilitiesInfo;
-    warnings: Warning[];
+    warnings: Warning[] | { [key: string]: Warning[] };
 }
 
 export interface DatabaseInfo {
@@ -47,23 +47,7 @@ export interface Package {
 }
 
 export interface Warning {
-    kind: Kind;
-    package: Package;
-}
-
-// TypeScript types system is weird :(
-export interface Kind {
-    unmaintained?: KindUnmaintained;
-    informational?: KindInformational;
-    yanked?: KindYanked;
-}
-
-export interface KindUnmaintained {
-    advisory: Advisory;
-}
-
-export interface KindInformational {
+    kind: 'unmaintained' | 'informational' | 'yanked' | string;
     advisory: Advisory;
+    package: Package;
 }
-
-export interface KindYanked {} // eslint-disable-line @typescript-eslint/no-empty-interface
diff --git a/src/main.ts b/src/main.ts
@@ -53,10 +53,22 @@ export async function run(actionInput: input.Input): Promise<void> {
         shouldReport = true;
     }
 
-    if (report.warnings.length === 0) {
+    // In `cargo-audit < 0.12` report contained an array of `Warning`.
+    // In `cargo-audit >= 0.12` it is a JSON object,
+    // where key is a warning type, and value is an array of `Warning` of that type.
+    let warnings: Array<interfaces.Warning> = [];
+    if (Array.isArray(report.warnings)) {
+        warnings = report.warnings;
+    } else {
+        for (const items of Object.values(report.warnings)) {
+            warnings = warnings.concat(items);
+        }
+    }
+
+    if (warnings.length === 0) {
         core.info('No warnings were found');
     } else {
-        core.warning(`${report.warnings.length} warnings found!`);
+        core.warning(`${warnings.length} warnings found!`);
         shouldReport = true;
     }
 
@@ -72,12 +84,12 @@ export async function run(actionInput: input.Input): Promise<void> {
         core.debug(
             'Action was triggered on a schedule event, creating an Issues report',
         );
-        await reporter.reportIssues(client, advisories, report.warnings);
+        await reporter.reportIssues(client, advisories, warnings);
     } else {
         core.debug(
             `Action was triggered on a ${github.context.eventName} event, creating a Check report`,
         );
-        await reporter.reportCheck(client, advisories, report.warnings);
+        await reporter.reportCheck(client, advisories, warnings);
     }
 }
 
diff --git a/src/reporter.ts b/src/reporter.ts
@@ -26,26 +26,32 @@ function makeReport(
 ): string {
     const preparedWarnings: Array<templates.ReportWarning> = [];
     for (const warning of warnings) {
-        // TODO: Is there any better way?
-        if ('unmaintained' in warning.kind) {
-            preparedWarnings.push({
-                advisory: warning.kind.unmaintained!.advisory, // eslint-disable-line @typescript-eslint/no-non-null-assertion
-                package: warning.package,
-            });
-        } else if ('informational' in warning.kind) {
-            preparedWarnings.push({
-                advisory: warning.kind.informational!.advisory, // eslint-disable-line @typescript-eslint/no-non-null-assertion
-                package: warning.package,
-            });
-        } else if ('yanked' in warning.kind) {
-            preparedWarnings.push({
-                package: warning.package,
-            });
-        } else {
-            core.warning(
-                `Unknown warning kind ${warning.kind} found, please, file a bug`,
-            );
-            continue;
+        switch (warning.kind) {
+            case 'unmaintained':
+                preparedWarnings.push({
+                    advisory: warning.advisory,
+                    package: warning.package,
+                });
+                break;
+
+            case 'informational':
+                preparedWarnings.push({
+                    advisory: warning.advisory,
+                    package: warning.package,
+                });
+                break;
+
+            case 'yanked':
+                preparedWarnings.push({
+                    package: warning.package,
+                });
+                break;
+
+            default:
+                core.warning(
+                    `Unknown warning kind ${warning.kind} found, please, file a bug`,
+                );
+                break;
         }
     }
 
@@ -85,11 +91,15 @@ function getStats(
     }
 
     for (const warning of warnings) {
-        if (warning.kind.unmaintained) {
-            unmaintained += 1;
-        } else {
-            // Both yanked and informational types of kind
-            other += 1;
+        switch (warning.kind) {
+            case 'unmaintained':
+                unmaintained += 1;
+                break;
+
+            default:
+                // Both yanked and informational types of kind
+                other += 1;
+                break;
         }
     }
 
@@ -243,20 +253,21 @@ export async function reportIssues(
 
     for (const warning of warnings) {
         let advisory: interfaces.Advisory;
-        if ('unmaintained' in warning.kind) {
-            advisory = warning.kind.unmaintained!.advisory; // eslint-disable-line @typescript-eslint/no-non-null-assertion
-        } else if ('informational' in warning.kind) {
-            advisory = warning.kind.informational!.advisory; // eslint-disable-line @typescript-eslint/no-non-null-assertion
-        } else if ('yanked' in warning.kind) {
-            core.warning(
-                `Crate ${warning.package.name} was yanked, but no issue will be reported about it`,
-            );
-            continue;
-        } else {
-            core.warning(
-                `Unknown warning kind ${warning.kind} found, please, file a bug`,
-            );
-            continue;
+        switch (warning.kind) {
+            case 'unmaintained':
+            case 'informational':
+                advisory = warning.advisory;
+                break;
+            case 'yanked':
+                core.warning(
+                    `Crate ${warning.package.name} was yanked, but no issue will be reported about it`,
+                );
+                continue;
+            default:
+                core.warning(
+                    `Unknown warning kind ${warning.kind} found, please, file a bug`,
+                );
+                continue;
         }
 
         const reported = await alreadyReported(client, advisory.id);

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "rust-audit-check",`
`3`		`- "version": "1.1.0",`
	`3`	`+ "version": "1.2.0",`
`4`	`4`	`"private": false,`
`5`	`5`	`"description": "Security audit for security vulnerabilities",`
`6`	`6`	`"main": "lib/main.js",`