diff --git a/src/cli/commands/test/set-default-test-options.ts b/src/cli/commands/test/set-default-test-options.ts index 62504a31d0..1987746d11 100644 --- a/src/cli/commands/test/set-default-test-options.ts +++ b/src/cli/commands/test/set-default-test-options.ts @@ -9,15 +9,21 @@ export function setDefaultTestOptions( .toLowerCase(); delete options['show-vulnerable-paths']; + const showVulnPaths = showVulnPathsMapping[svpSupplied] || 'some'; + const maxVulnPaths = + showVulnPaths === 'all' ? undefined : options['max-vulnerable-paths'] ?? defaultMaxVulnPaths; return { ...options, // org fallback to config unless specified org: options.org || config.org, // making `show-vulnerable-paths` 'some' by default. - showVulnPaths: showVulnPathsMapping[svpSupplied] || 'some', + showVulnPaths, + maxVulnPaths, }; } +const defaultMaxVulnPaths = 20; + const showVulnPathsMapping: Record = { false: 'none', none: 'none', diff --git a/src/lib/snyk-test/legacy.ts b/src/lib/snyk-test/legacy.ts index bbd88f80b2..e82b587f44 100644 --- a/src/lib/snyk-test/legacy.ts +++ b/src/lib/snyk-test/legacy.ts @@ -367,7 +367,10 @@ function convertTestDepGraphResultToLegacy( const vulns: AnnotatedIssue[] = []; for (const pkgInfo of values(result.affectedPkgs)) { - for (const vulnPkgPath of depGraph.pkgPathsToRoot(pkgInfo.pkg)) { + const pkgPathsToRoot = depGraph.pkgPathsToRoot(pkgInfo.pkg, { + limit: options.maxVulnPaths, + }); + for (const vulnPkgPath of pkgPathsToRoot) { const legacyFromPath = pkgPathToLegacyPath(vulnPkgPath.reverse()); for (const pkgIssue of values(pkgInfo.issues)) { const vulnPathString = getVulnPathString( diff --git a/src/lib/types.ts b/src/lib/types.ts index 6e40ca59a3..cc93fef924 100644 --- a/src/lib/types.ts +++ b/src/lib/types.ts @@ -16,6 +16,7 @@ export interface TestOptions { traverseNodeModules?: boolean; pruneRepeatedSubdependencies?: boolean; showVulnPaths: ShowVulnPaths; + maxVulnPaths?: number; failOn?: FailOn; initScript?: string; yarnWorkspaces?: boolean;