Updated wording of unused exception warning and prepare for releasing

jeemok · Jun 22, 2021 · 4ba2612 · 4ba2612
1 parent 897795a
commit 4ba2612
Show file tree

Hide file tree

Showing 6 changed files with 22 additions and 10 deletions.
diff --git a/.README/unused_exception.png b/.README/unused_exception.png
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,4 @@
-## Next: 2.0.3-rc
+## 2.0.4 (June 22, 2021)
 
 ### Notable changes
 
@@ -23,7 +23,7 @@
 * Added `.github/FUNDING.yml`
 * Updated `README.md`
 
-## Closed issues
+### Closed issues
 
 * [#20](https://github.com/jeemok/better-npm-audit/issues/20) Provide more output when parsing exceptions file
 * [#27](https://github.com/jeemok/better-npm-audit/issues/27) Hide excepted vulnerabilities from output

diff --git a/index.js b/index.js
@@ -44,9 +44,11 @@ function handleFinish(jsonBuffer, auditLevel, exceptionIds) {
 
   // Display the unused exceptionId's
   if (unusedExceptionIds.length) {
-    // eslint-disable-next-line max-len
-    const message = `${unusedExceptionIds.length} vulnerabilities where excluded but did not result in a vulnerabilities: ${unusedExceptionIds.join(', ')}. They can be removed from the .nsprc file or --exclude -x flags.`;
-    console.warn(message);
+    const messages = [
+      `${unusedExceptionIds.length} of the excluded vulnerabilities did not match any of the found vulnerabilities: ${unusedExceptionIds.join(', ')}.`,
+      `${unusedExceptionIds.length > 1 ? 'They' : 'It'} can be removed from the .nsprc file or --exclude -x flags.`,
+    ];
+    console.warn(messages.join(' '));
   }
 
   // Display the found unhandled vulnerabilities

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,8 +1,8 @@
 {
   "name": "better-npm-audit",
-  "version": "2.0.3-rc",
+  "version": "2.0.4",
   "author": "Jee Mok <jee.ict@hotmail.com>",
-  "description": "Made to allow skipping certain vulnerabilities, and any extra handling that are not supported by the default npm audit in the future.",
+  "description": "Reshape npm audit into the way the community would like, by the community itself, to encourage more people to do security audits.",
   "license": "MIT",
   "repository": {
     "type": "git",

diff --git a/test/index.js b/test/index.js
@@ -91,7 +91,8 @@ describe('Events handling', () => {
     const consoleInfoStub = sinon.stub(console, 'info');
     const jsonBuffer = JSON.stringify(V6_JSON_BUFFER);
     const auditLevel = 'info';
-    const exceptionIds = [975, 976, 985, 1084, 1179, 1213, 1500, 1523, 1555, 2001, 2002];
+
+    let exceptionIds = [975, 976, 985, 1084, 1179, 1213, 1500, 1523, 1555, 2001];
 
     expect(processStub.called).to.equal(false);
     expect(consoleErrorStub.called).to.equal(false);
@@ -107,8 +108,17 @@ describe('Events handling', () => {
 
     expect(consoleInfoStub.called).to.equal(true); // Print security report
     expect(consoleWarnStub.called).to.equal(true);
+
+    // Message for one unused exception
+    // eslint-disable-next-line max-len
+    let message = `1 of the excluded vulnerabilities did not match any of the found vulnerabilities: 2001. It can be removed from the .nsprc file or --exclude -x flags.`;
+    expect(consoleWarnStub.calledWith(message)).to.equal(true);
+
+    // Message for multiple unused exceptions
+    exceptionIds = [975, 976, 985, 1084, 1179, 1213, 1500, 1523, 1555, 2001, 2002];
+    handleFinish(jsonBuffer, auditLevel, exceptionIds);
     // eslint-disable-next-line max-len
-    const message = `2 vulnerabilities where excluded but did not result in a vulnerabilities: 2001, 2002. They can be removed from the .nsprc file or --exclude -x flags.`;
+    message = `2 of the excluded vulnerabilities did not match any of the found vulnerabilities: 2001, 2002. They can be removed from the .nsprc file or --exclude -x flags.`;
     expect(consoleWarnStub.calledWith(message)).to.equal(true);
 
     processStub.restore();