fix: ensure vulnerabilities key is always available (#536)

Trivy will omit the array of vulnerabilities if none were found. We do want to display the result anyway, so we add the key if it is missing. Co-authored-by: Nya <[email protected]>
dbsystel · Jan 7, 2025 · c71c2e5 · c71c2e5
1 parent ad15982
commit c71c2e5
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/src/components/DataInput.vue b/src/components/DataInput.vue
@@ -159,6 +159,10 @@ const extractTargetsFromReport = (parsedReport: Version1OrVersion2) => {
     // validate report format
     if (
       !vulnerabilityTargets.every((i) => {
+        /* Trivy omits the Vulnerabilities array if there are no vulnerabilities,
+         * so we add it as an empty array to allow showing it in the UI report as empty. */
+        i.Vulnerabilities = i.Vulnerabilities || []
+
         const targetValid =
           i.Target && i.Vulnerabilities && Array.isArray(i.Vulnerabilities)
         const vulnerabilitiesValid = i.Vulnerabilities?.every((v) => {