diff --git a/composer.lock b/composer.lock index 4d97177..367859a 100644 --- a/composer.lock +++ b/composer.lock @@ -1169,17 +1169,17 @@ "time": "2019-03-08T08:55:37+00:00" }, { - "name": "reload/jira-security-issue", + "name": "HotelEngine/jira-security-issue", "version": "v1.0.29", "source": { "type": "git", - "url": "https://github.com/reload/jira-security-issue.git", - "reference": "3fc2125956288e7dab2e9d40fbaef6de99f9352e" + "url": "https://github.com/HotelEngine/jira-security-issue.git", + "reference": "3d10a379e09f3fd42ea8ec7782adaf08aed42426" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/reload/jira-security-issue/zipball/3fc2125956288e7dab2e9d40fbaef6de99f9352e", - "reference": "3fc2125956288e7dab2e9d40fbaef6de99f9352e", + "url": "https://api.github.com/repos/HotelEngine/jira-security-issue/zipball/3d10a379e09f3fd42ea8ec7782adaf08aed42426", + "reference": "3d10a379e09f3fd42ea8ec7782adaf08aed42426", "shasum": "" }, "require": { @@ -1207,8 +1207,8 @@ ], "description": "Create Jira issues if it doesn't exist", "support": { - "issues": "https://github.com/reload/jira-security-issue/issues", - "source": "https://github.com/reload/jira-security-issue/tree/v1.0.29" + "issues": "https://github.com/HotelEngine/jira-security-issue/issues", + "source": "https://github.com/HotelEngine/jira-security-issue/tree/v1.0.29" }, "time": "2022-12-05T05:14:53+00:00" }, diff --git a/src/SecurityAlertIssue.php b/src/SecurityAlertIssue.php index daed50c..50925b2 100644 --- a/src/SecurityAlertIssue.php +++ b/src/SecurityAlertIssue.php @@ -38,6 +38,16 @@ class SecurityAlertIssue extends JiraSecurityIssue */ protected string $severity; + /** + * @var int + */ + protected int $alertNumber; + + /** + * @var string + */ + protected string $advisorySummary; + /** * phpcs:disable SlevomatCodingStandard.TypeHints.DisallowMixedTypeHint.DisallowedMixedTypeHint * @@ -52,6 +62,8 @@ public function __construct(array $data) $this->manifestPath = \pathinfo($data['vulnerableManifestPath'], \PATHINFO_DIRNAME); $this->id = $data['securityVulnerability']['advisory']['ghsaId']; $this->severity = $data['securityVulnerability']['severity']; + $this->alertNumber = $data['number']; + $this->advisorySummary = $data['securityVulnerability']['advisory']['summary']; $references = []; @@ -66,10 +78,14 @@ public function __construct(array $data) $advisory_description = \wordwrap($data['securityVulnerability']['advisory']['description'] ?? '', 100); $ecosystem = $data['securityVulnerability']['package']['ecosystem'] ?? ''; $githubRepo = \getenv('GITHUB_REPOSITORY') ?: ''; + list($repoOwner, $repoName) = explode('/', $githubRepo); $safeVersion = $this->safeVersion ?? 'no fix'; + $alertNumber = $this->alertNumber; + $advisorySummary = $this->advisorySummary; $body = <<package} ($ecosystem) - Vulnerable version: {$this->vulnerableVersionRange} - Secure version: {$safeVersion} @@ -92,7 +108,7 @@ public function __construct(array $data) $this->setKeyLabel($githubRepo); $this->setKeyLabel($this->uniqueId()); - $this->setTitle("{$this->package} ({$safeVersion}) - {$this->severity}"); + $this->setTitle("{$repoName} | Dependabot: {$advisorySummary}"); $this->setBody($body); $labels = \getenv('JIRA_ISSUE_LABELS'); diff --git a/src/SyncCommand.php b/src/SyncCommand.php index 00072d1..809658a 100644 --- a/src/SyncCommand.php +++ b/src/SyncCommand.php @@ -176,6 +176,7 @@ protected function fetchAlertData(): array vulnerableManifestFilename vulnerableManifestPath vulnerableRequirements + number } } }