From 43d428b3d206f950fda0e4209f984ab8b834893f Mon Sep 17 00:00:00 2001 From: RafaelGSS Date: Tue, 12 Nov 2024 18:27:53 -0300 Subject: [PATCH 1/2] feat: add cveId support to commmit output Fake PR-URL for testing CVE-ID: CVE-2024-22020 PR-URL: https://github.com/nodejs/node/pull/55819 --- commit-to-output.js | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/commit-to-output.js b/commit-to-output.js index 7023ada..f11ab1a 100644 --- a/commit-to-output.js +++ b/commit-to-output.js @@ -39,6 +39,11 @@ export const formatType = { function toStringPlaintext (data) { let s = '' + if (data.cveId) { + const pr = data.pr ? data.prUrl : '' + return ` * ${data.cveId} - ${data.summary.trim()} - ${pr}` + } + s += (data.semver || []).length ? `(${data.semver.join(', ').toUpperCase()}) ` : '' if (data.revert) { @@ -76,6 +81,7 @@ function toStringMarkdown (data) { let s = '' s += `* \\[[\`${data.sha.substr(0, 10)}\`](${data.shaUrl})] - ` s += (data.semver || []).length ? `**(${data.semver.join(', ').toUpperCase()})** ` : '' + s += data.cveId ? `**(${data.cveId})** ` : '' s += data.revert ? '***Revert*** "' : '' s += data.group ? `**${cleanMarkdown(data.group)}**: ` : '' s += cleanMarkdown(data.summary) @@ -92,7 +98,11 @@ function toStringMarkdown (data) { } function toStringMessageOnly (data) { - return ` * ${data.summary.trim()}` + let cveData + if (data.cveId) { + cveData = `${data.cveId} - ` + } + return ` * ${cveData}${data.summary.trim()}` } export function commitToOutput (commit, format, ghId, commitUrl) { @@ -110,6 +120,7 @@ export function commitToOutput (commit, format, ghId, commitUrl) { data.author = (commit.author && commit.author.name) || '' data.pr = prUrlMatch && ((prUrlMatch[1] !== `${ghId.user}/${ghId.repo}` ? prUrlMatch[1] : '') + urlHash) data.prUrl = prUrlMatch && commit.prUrl + data.cveId = commit.cveId if (format === formatType.SIMPLE) { return toStringSimple(data) From f2f235bb05a7240584054c5a8bb12410cb49f7b6 Mon Sep 17 00:00:00 2001 From: RafaelGSS Date: Tue, 12 Nov 2024 18:46:16 -0300 Subject: [PATCH 2/2] test: add cveId tests --- .github/workflows/test-and-release.yml | 2 ++ commit-to-output.js | 10 +++------- package.json | 2 +- test.js | 9 +++++++++ 4 files changed, 15 insertions(+), 8 deletions(-) diff --git a/.github/workflows/test-and-release.yml b/.github/workflows/test-and-release.yml index c98543d..66591fb 100644 --- a/.github/workflows/test-and-release.yml +++ b/.github/workflows/test-and-release.yml @@ -45,6 +45,8 @@ jobs: npm run test:ci release: name: Release + permissions: + contents: write needs: test runs-on: ubuntu-latest if: github.event_name == 'push' && github.ref == 'refs/heads/main' diff --git a/commit-to-output.js b/commit-to-output.js index f11ab1a..dfc5f74 100644 --- a/commit-to-output.js +++ b/commit-to-output.js @@ -39,9 +39,9 @@ export const formatType = { function toStringPlaintext (data) { let s = '' + if (data.cveId) { - const pr = data.pr ? data.prUrl : '' - return ` * ${data.cveId} - ${data.summary.trim()} - ${pr}` + s += `(${data.cveId})` } s += (data.semver || []).length ? `(${data.semver.join(', ').toUpperCase()}) ` : '' @@ -98,11 +98,7 @@ function toStringMarkdown (data) { } function toStringMessageOnly (data) { - let cveData - if (data.cveId) { - cveData = `${data.cveId} - ` - } - return ` * ${cveData}${data.summary.trim()}` + return ` * ${data.cveId ? '(' + data.cveId + ') ' : ''}${data.summary.trim()}` } export function commitToOutput (commit, format, ghId, commitUrl) { diff --git a/package.json b/package.json index f9631f4..e33afce 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "@octokit/graphql": "^7.0.1", "async": "^3.2.4", "chalk": "^5.3.0", - "commit-stream": "^2.1.0", + "commit-stream": "^2.2.0", "debug": "^4.3.4", "ghauth": "^6.0.0", "ghissues": "^1.1.4", diff --git a/test.js b/test.js index 27fe14e..40ee305 100644 --- a/test.js +++ b/test.js @@ -142,3 +142,12 @@ test('test find-matching-prs', (t) => { `) t.end() }) + +test('test group, CVE-ID', (t) => { + const out = exec('--md --start-ref=43d428b3d2 --end-ref=43d428b3d2 --group --filter-release') + t.equal( + out, + `* \\[[\`43d428b3d2\`](https://github.com/nodejs/changelog-maker/commit/43d428b3d2)] - **(CVE-2024-22020)** **feat**: add cveId support to commmit output (RafaelGSS) [nodejs/node#55819](https://github.com/nodejs/node/pull/55819) +`) + t.end() +})