feat: adding manifest file to vuln card if scanning multi-project

src/lib/snyk-to-html.ts

@@ -256,15 +256,34 @@ async function generateCodeTemplate(
 }
 
 function mergeData(dataArray: any[]): any {
-  const vulnsArrays = dataArray.map(project => project.vulnerabilities || []);
+  const vulnsArrays = dataArray.map((project) => {
+    if (!project.vulnerabilities) {
+      return [];
+    }
+
+    // Add project data to each of the vulnerabilities to display more
+    // details on each vulnerability card, in order to properly distinguish
+    // from which project a vuln is connected, in case of displaying multiple
+    // projects.
+    const vulns = project.vulnerabilities.map((vuln) => ({
+      ...vuln,
+      displayTargetFile: project.displayTargetFile,
+      path: project.path
+    }));
+    return vulns;
+  });
   const aggregateVulnerabilities = [].concat(...vulnsArrays);
 
   const totalUniqueCount =
     dataArray.reduce((acc, item) => acc + item.vulnerabilities.length || 0, 0);
   const totalDepCount =
     dataArray.reduce((acc, item) => acc + item.dependencyCount || 0, 0);
 
-  const paths = dataArray.map(project => ({ path: project.path, packageManager: project.packageManager }));
+  const paths = dataArray.map(project => ({
+    path: project.path,
+    packageManager: project.packageManager,
+    displayTargetFile: project.displayTargetFile,
+  }));
 
   return {
     vulnerabilities: aggregateVulnerabilities,
@@ -325,7 +344,7 @@ async function processCodeData(
   const dataArray = Array.isArray(data) ? data : [data];
 
   const OrderedIssuesArray = await processSourceCode(dataArray);
-  
+
   const totalIssues = dataArray[0].runs[0].results.length;
   const processedData = {
     projects: OrderedIssuesArray,

tap-snapshots/test-snyk-to-html.test.ts-TAP.test.js

@@ -2176,7 +2176,8 @@ exports[`test/snyk-to-html.test.ts TAP template output displays vulns in descend
               <div class="source-panel">
                 <span>Scanned the following paths:</span>
                 <ul>
-                  <li class="paths">./java-goof (maven)</li><li class="paths">./goof (npm)</li>
+                    <li class="paths">./java-goof (maven)</li>
+                    <li class="paths">./goof (npm)</li>
                 </ul>
               </div>
     

template/test-report.header.hbs

@@ -24,15 +24,25 @@
           <div class="source-panel">
             <span>Scanned the following paths:</span>
             <ul>
-              {{#each paths}}<li class="paths">{{path}} ({{packageManager}})</li>{{/each}}
+            {{#each paths}}
+              {{#if_not_eq packageManager "nuget"}}
+                <li class="paths">{{path}} ({{packageManager}})</li>
+              {{else}}
+                <li class="paths">{{path}}/{{displayTargetFile}} ({{packageManager}})</li>
+              {{/if_not_eq}}
+            {{/each}}
             </ul>
           </div>
           {{/if}}
           {{#if path}}
           <div class="source-panel">
             <span>Scanned the following path:</span>
             <ul>
+            {{#if_not_eq packageManager "nuget"}}
               <li class="paths">{{path}} ({{packageManager}})</li>
+            {{else}}
+              <li class="paths">{{path}}/{{dislpayTargetFile}} ({{packageManager}})</li>
+            {{/if_not_eq}}
             </ul>
           </div>
           {{/if}}

template/test-report.vuln-card.hbs

@@ -9,6 +9,11 @@
         <hr/>
 
         <ul class="card__meta">
+            {{#if list.[0].displayTargetFile }}
+            <li class="card__meta__item">
+                Manifest file: {{list.[0].path}} <span class="list-paths__item__arrow">›</span> {{list.[0].displayTargetFile}}
+            </li>
+            {{/if}}
             <li class="card__meta__item">
                 Package Manager: {{metadata.packageManager}}
             </li>