src/main.ts

import * as core from '@actions/core'
import * as github from '@actions/github'
import Octokit, {IssuesCreateResponse} from '@octokit/rest'
import {Audit} from './audit'
import {IssueOption} from './interface'
import * as issue from './issue'
import * as pr from './pr'

export async function run(): Promise<void> {
  try {
    // run `npm audit`
    const audit = new Audit()
    audit.run()
    core.info(audit.stdout)

    if (audit.foundVulnerability()) {
      // vulnerabilities are found

      // get GitHub information
      const ctx = JSON.parse(core.getInput('github_context'))
      const token: string = core.getInput('github_token', {required: true})
      const client: Octokit = new github.GitHub(token)

      if (ctx.event_name === 'pull_request') {
        await pr.createComment(
          token,
          github.context.repo.owner,
          github.context.repo.repo,
          ctx.event.number,
          audit.strippedStdout()
        )
        core.setFailed('This repo has some vulnerabilities')
        return
      } else {
        core.debug('open an issue')
        // remove control characters and create a code block
        const issueBody = audit.strippedStdout()
        const option: IssueOption = issue.getIssueOption(issueBody)
        const {
          data: createdIssue
        }: Octokit.Response<IssuesCreateResponse> = await client.issues.create({
          ...github.context.repo,
          ...option
        })
        core.debug(`#${createdIssue.number}`)
        core.setFailed('This repo has some vulnerabilities')
      }
    }
  } catch (error) {
    core.setFailed(error.message)
  }
}

run()
Initial commit 2019-12-08 19:17:13 +09:00			`import * as core from '@actions/core'`
Open a GitHub Issue if vulnerabilities are found (#8) * Get GitHub access token from input * install npm package * fix TypeScript error to successfully build ref: https://github.com/actions/toolkit/issues/199 * npm i strip-ansi to remove control characters * create an issue * use template literal to pass lint * npm run format; npm run lint * use inputs.issue_title as issue title * document inputs.issue_title * add inputs.issue_title 2019-12-09 08:51:14 +09:00			`import * as github from '@actions/github'`
			`import Octokit, {IssuesCreateResponse} from '@octokit/rest'`
Set Issue labels by inputs & add unit test (#12) * Set Issue labels by inputs * Add unit test 2019-12-09 12:43:13 +09:00			`import {Audit} from './audit'`
Creates an issue even if inputs.issue_labels is not given (#21) * Creates an issue even if inputs.issue_labels is not given * 1.0.0 * Use v1.0.0 in example, daily scan 2019-12-09 22:49:41 +09:00			`import {IssueOption} from './interface'`
use GitHub context to branch processing (#22) 2019-12-13 12:18:28 +09:00			`import * as issue from './issue'`
			`import * as pr from './pr'`
Initial commit 2019-12-08 19:17:13 +09:00
use GitHub context to branch processing (#22) 2019-12-13 12:18:28 +09:00			`export async function run(): Promise<void> {`
Initial commit 2019-12-08 19:17:13 +09:00			`try {`
use GitHub context to branch processing (#22) 2019-12-13 12:18:28 +09:00			// run `npm audit`
Set Issue labels by inputs & add unit test (#12) * Set Issue labels by inputs * Add unit test 2019-12-09 12:43:13 +09:00			`const audit = new Audit()`
			`audit.run()`
			`core.info(audit.stdout)`
setup repo & run `npm audit` (#1) 2019-12-08 22:10:35 +09:00
use GitHub context to branch processing (#22) 2019-12-13 12:18:28 +09:00			`if (audit.foundVulnerability()) {`
			`// vulnerabilities are found`
setup repo & run `npm audit` (#1) 2019-12-08 22:10:35 +09:00
use GitHub context to branch processing (#22) 2019-12-13 12:18:28 +09:00			`// get GitHub information`
			`const ctx = JSON.parse(core.getInput('github_context'))`
			`const token: string = core.getInput('github_token', {required: true})`
			`const client: Octokit = new github.GitHub(token)`
Open a GitHub Issue if vulnerabilities are found (#8) * Get GitHub access token from input * install npm package * fix TypeScript error to successfully build ref: https://github.com/actions/toolkit/issues/199 * npm i strip-ansi to remove control characters * create an issue * use template literal to pass lint * npm run format; npm run lint * use inputs.issue_title as issue title * document inputs.issue_title * add inputs.issue_title 2019-12-09 08:51:14 +09:00
use GitHub context to branch processing (#22) 2019-12-13 12:18:28 +09:00			`if (ctx.event_name === 'pull_request') {`
			`await pr.createComment(`
			`token,`
			`github.context.repo.owner,`
			`github.context.repo.repo,`
			`ctx.event.number,`
			`audit.strippedStdout()`
			`)`
			`core.setFailed('This repo has some vulnerabilities')`
			`return`
			`} else {`
			`core.debug('open an issue')`
			`// remove control characters and create a code block`
			`const issueBody = audit.strippedStdout()`
			`const option: IssueOption = issue.getIssueOption(issueBody)`
			`const {`
			`data: createdIssue`
			`}: Octokit.Response<IssuesCreateResponse> = await client.issues.create({`
			`...github.context.repo,`
			`...option`
			`})`
			core.debug(`#${createdIssue.number}`)
Action fails always if vulnerabilities are found (#35) 2020-01-09 18:59:40 +09:00			`core.setFailed('This repo has some vulnerabilities')`
use GitHub context to branch processing (#22) 2019-12-13 12:18:28 +09:00			`}`
			`}`
Initial commit 2019-12-08 19:17:13 +09:00			`} catch (error) {`
			`core.setFailed(error.message)`
			`}`
			`}`

			`run()`