Skip to content

feat: add a happy path open source test for 'snyk test' with --risk-score-threshold #6302

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
bsalomon-snyk wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: add a happy path open source test for 'snyk test' with --risk-score-threshold #6302

bsalomon-snyk wants to merge 1 commit into from

Conversation

@bsalomon-snyk
Copy link
Contributor

@bsalomon-snyk bsalomon-snyk commented Nov 13, 2025

Pull Request Submission Checklist

  • Follows CONTRIBUTING guidelines
  • Commit messages
    are release-note ready, emphasizing
    what was changed, not how.
  • Includes detailed description of changes
  • Contains risk assessment (Low | Medium | High)
  • Highlights breaking API changes (if applicable)
  • Links to automated tests covering new functionality
  • Includes manual testing instructions (if necessary)
  • Updates relevant GitBook documentation (PR link: ___)
  • Includes product update to be announced in the next stable release notes

What does this PR do?

Adds a happy path open source test for 'snyk test' with --risk-score-threshold. This feature currently runs only with feature flags set.

Low risk -- affects test only.

Where should the reviewer start?

Note that the two Risk Score feature flags default false for the overall test suite. This test file sets them true in order to trigger the Unified Test API code path, which includes risk score enrichment.

How should this be manually tested?

It can be run from the CLI root with
npx jest --runInBand test/jest/acceptance/snyk-test/risk-score-threshold.spec.ts

What's the product update that needs to be communicated to CLI users?

No impact on application; test only.

Risk assessment (Low | Medium | High)? Low

What are the relevant tickets?

https://snyksec.atlassian.net/browse/DGP-802
https://snyksec.atlassian.net/browse/DGP-1084

@bsalomon-snyk bsalomon-snyk force-pushed the feat/osflows-riskscore-tests branch from 46a4e97 to 4845cbc Compare November 14, 2025 02:57
@emily-lynn-minor emily-lynn-minor force-pushed the feat/osflows-riskscore-tests branch 4 times, most recently from 5a89e6e to 3ceabcd Compare December 9, 2025 22:35
@emily-lynn-minor emily-lynn-minor marked this pull request as ready for review December 9, 2025 22:39
@emily-lynn-minor emily-lynn-minor requested review from a team as code owners December 9, 2025 22:39
@bsalomon-snyk @emily-lynn-minor
feat: [DGP-802] Acceptance tests for Open Source Test with Risk Score
776a1cd 
  - Adds happy path tests with --risk-score-threshold=400, ensuring
    all risk scores returned are >= 400.  There is one test each for human-readable-
    and JSON- outputs.
  - Tests --risk-score-threshold with .snyk local policy, with and without --ignore-policy.
    These check for counts on the separate "Ignored: " lines for vulnerabilities and licenses.
@emily-lynn-minor emily-lynn-minor force-pushed the feat/osflows-riskscore-tests branch from 3ceabcd to 776a1cd Compare December 9, 2025 22:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bsalomon-snyk