fix: enabling exit codes for general cli o/p and updating field names (#43)

* fix: enabling exit codes for general cli o/p

* fix

* fix

* fix

* tests

Author: Deepak Sharma

analyses/summary/helper_test.go

@@ -42,7 +42,7 @@ func TestGetResultSummary(t *testing.T) {
 		TotalScannedDependencies:           1,
 		TotalScannedTransitiveDependencies: 0,
 		TotalVulnerabilities:               1,
-		CommonlyKnownVulnerabilities:       1,
+		PubliclyAvailableVulnerabilities:   1,
 		VulnerabilitiesUniqueToSynk:        0,
 		DirectVulnerableDependencies:       1,
 		CriticalVulnerabilities:            0,

analyses/summary/helpers.go

@@ -32,7 +32,7 @@ func getResultSummary(analysedResult driver.GetResponseType) *StackSummary {
 		TotalScannedTransitiveDependencies: data.TotalTransitives,
 		TotalVulnerabilities:               data.PublicVul + data.PrivateVul,
 		DirectVulnerableDependencies:       data.DirectVulnerableDependencies,
-		CommonlyKnownVulnerabilities:       data.PublicVul,
+		PubliclyAvailableVulnerabilities:   data.PublicVul,
 		VulnerabilitiesUniqueToSynk:        data.PrivateVul,
 		CriticalVulnerabilities:            data.Severities.Critical,
 		HighVulnerabilities:                data.Severities.High,
@@ -110,7 +110,7 @@ func outputSummaryPlain(result *StackSummary, verboseMsg bool) {
 		white("Total Scanned Transitive Dependencies: "), white(result.TotalScannedTransitiveDependencies), "\n",
 		white("Direct Vulnerable Dependencies: "), white(result.DirectVulnerableDependencies), "\n",
 		white("Total Vulnerabilities: "), white(result.TotalVulnerabilities), "\n",
-		white("Commonly Known Vulnerabilities: "), white(result.CommonlyKnownVulnerabilities), "\n",
+		white("Publicly Available Vulnerabilities: "), white(result.PubliclyAvailableVulnerabilities), "\n",
 		white("Vulnerabilities Unique to Snyk: "), white(result.VulnerabilitiesUniqueToSynk), "\n",
 		red("Critical Vulnerabilities: "), red(result.CriticalVulnerabilities), "\n",
 		magenta("High Vulnerabilities: "), magenta(result.HighVulnerabilities), "\n",

analyses/summary/types.go

@@ -12,8 +12,8 @@ type SeverityType struct {
 type StackSummary struct {
 	TotalScannedDependencies           int    `json:"total_scanned_dependencies"`
 	TotalScannedTransitiveDependencies int    `json:"total_scanned_transitives"`
-	TotalVulnerabilities               int    `json:"total_vulnerabilites"`
-	CommonlyKnownVulnerabilities       int    `json:"commonly_known_vulnerabilites"`
+	TotalVulnerabilities               int    `json:"total_vulnerabilities"`
+	PubliclyAvailableVulnerabilities   int    `json:"publicly_available_vulnerabilities"`
 	VulnerabilitiesUniqueToSynk        int    `json:"vulnerabilities_unique_to_synk"`
 	DirectVulnerableDependencies       int    `json:"direct_vulnerable_dependencies"`
 	LowVulnerabilities                 int    `json:"low_vulnerabilities"`

analyses/verbose/helper.go

@@ -3,10 +3,11 @@ package verbose
 import (
 	"encoding/json"
 	"fmt"
-	"github.com/fabric8-analytics/cli-tools/utils"
 	"os"
 	"sort"
 
+	"github.com/fabric8-analytics/cli-tools/utils"
+
 	"github.com/fatih/color"
 	"github.com/rs/zerolog/log"
 
@@ -50,11 +51,11 @@ func processVulnerabilities(analysedDeps []driver.AnalysedDepsType) ProcessVulne
 	processedData := &ProcessVulnerabilities{}
 	for _, dep := range analysedDeps {
 		dependency := getDependencyData(dep)
-		dependency.CommonlyKnownVulnerabilities = getVulnerabilities(dep.PublicVulnerabilities)
+		dependency.PubliclyAvailableVulnerabilities = getVulnerabilities(dep.PublicVulnerabilities)
 		dependency.VulnerabilitiesUniqueToSynk = getVulnerabilities(dep.PrivateVulnerabilities)
 		for _, trans := range dep.VulnerableDependencies {
 			transitive := getDependencyData(trans)
-			transitive.CommonlyKnownVulnerabilities = getVulnerabilities(trans.PublicVulnerabilities)
+			transitive.PubliclyAvailableVulnerabilities = getVulnerabilities(trans.PublicVulnerabilities)
 			transitive.VulnerabilitiesUniqueToSynk = getVulnerabilities(trans.PrivateVulnerabilities)
 			dependency.VulnerableTransitives = append(dependency.VulnerableTransitives, transitive)
 			processedData.Severities = getSeverity(trans.PublicVulnerabilities, processedData.Severities)
@@ -154,13 +155,13 @@ func outputVulDeps(deps []DependenciesType) {
 	for _, dep := range deps {
 		pkgName := fmt.Sprintf("%s@%s", cusColor.White(dep.Name), cusColor.White(dep.Version))
 
-		if len(dep.CommonlyKnownVulnerabilities)+len(dep.VulnerabilitiesUniqueToSynk) > 0 {
+		if len(dep.PubliclyAvailableVulnerabilities)+len(dep.VulnerabilitiesUniqueToSynk) > 0 {
 			fmt.Fprint(os.Stdout,
 				fmt.Sprintf("\n\tUpgrade %s ", pkgName),
 				fmt.Sprintf("to %s@%s\n", cusColor.White(dep.Name), cusColor.White(dep.RecommendedVersion)),
 			)
-			dep.CommonlyKnownVulnerabilities = append(dep.CommonlyKnownVulnerabilities, dep.VulnerabilitiesUniqueToSynk...)
-			outputVulType(dep.CommonlyKnownVulnerabilities, pkgName, pkgName)
+			dep.PubliclyAvailableVulnerabilities = append(dep.PubliclyAvailableVulnerabilities, dep.VulnerabilitiesUniqueToSynk...)
+			outputVulType(dep.PubliclyAvailableVulnerabilities, pkgName, pkgName)
 		}
 		if len(dep.VulnerableTransitives) > 0 {
 			fmt.Fprint(os.Stdout,
@@ -172,8 +173,8 @@ func outputVulDeps(deps []DependenciesType) {
 				fmt.Fprint(os.Stdout,
 					fmt.Sprintf("\t \u2712 %s->%s\n", pkgName, transName),
 				)
-				trans.CommonlyKnownVulnerabilities = append(trans.CommonlyKnownVulnerabilities, trans.VulnerabilitiesUniqueToSynk...)
-				outputVulType(trans.CommonlyKnownVulnerabilities, transName, pkgName)
+				trans.PubliclyAvailableVulnerabilities = append(trans.PubliclyAvailableVulnerabilities, trans.VulnerabilitiesUniqueToSynk...)
+				outputVulType(trans.PubliclyAvailableVulnerabilities, transName, pkgName)
 			}
 		}
 	}

analyses/verbose/testdata/verbosedata.json

@@ -7,7 +7,7 @@
 				"version": "1.1"
 			}],
 			"latest_version": "7.1.2",
-			"commonly_known_vulnerabilities": [
+			"publicly_available_vulnerabilities": [
 				{"id": "ABC-PYTHON-CODECOV-12345", "severity": "medium", "title": "Command Injection1"},
 				{"id": "ABC-PYTHON-CODECOV-67890", "severity": "medium", "title": "Command Injection2"},
 				{"id": "ABC-PYTHON-CODECOV-abcde", "severity": "high", "title": "Command Injection3"}

analyses/verbose/types.go

@@ -24,14 +24,14 @@ type VulnerabilityType struct {
 
 // DependenciesType verbose output
 type DependenciesType struct {
-	Name                         string              `json:"name"`
-	Version                      string              `json:"version"`
-	Transitives                  []DependenciesType  `json:"transitives"`
-	LatestVersion                string              `json:"latest_version"`
-	RecommendedVersion           string              `json:"recommended_version"`
-	CommonlyKnownVulnerabilities []VulnerabilityType `json:"commonly_known_vulnerabilities"`
-	VulnerabilitiesUniqueToSynk  []VulnerabilityType `json:"vulnerabilities_unique_with_snyk"`
-	VulnerableTransitives        []DependenciesType  `json:"vulnerable_transitives"`
+	Name                             string              `json:"name"`
+	Version                          string              `json:"version"`
+	Transitives                      []DependenciesType  `json:"transitives"`
+	LatestVersion                    string              `json:"latest_version"`
+	RecommendedVersion               string              `json:"recommended_version"`
+	PubliclyAvailableVulnerabilities []VulnerabilityType `json:"publicly_available_vulnerabilities"`
+	VulnerabilitiesUniqueToSynk      []VulnerabilityType `json:"vulnerabilities_unique_with_snyk"`
+	VulnerableTransitives            []DependenciesType  `json:"vulnerable_transitives"`
 }
 
 // SeverityType is Possible Types of Severities from Server

cmd/analyse.go

@@ -77,7 +77,7 @@ func runAnalyse(cmd *cobra.Command, args []string) {
 		fmt.Fprintln(os.Stdout, "Analysing your Dependency Stack! Please wait...")
 	}
 	hasVul := sa.StackAnalyses(requestParams, jsonOut, verboseOut)
-	if hasVul && jsonOut {
+	if hasVul {
 		// Stack has vulnerability, exit with 2 code
 		os.Exit(2)
 	}