feat: snyk protect upgrade notification for test command

packages/snyk-protect/README.md

@@ -67,6 +67,12 @@ If you already have Snyk Protect set up, you can migrate to `@snyk/protect` by a
  }
 ```
 
+We have also created the [@snyk/cli-protect-upgrade](https://www.npmjs.com/package/@snyk/cli-protect-upgrade) npx script which you can use to update your project automatically. To use it, `cd` to the location containing the package.json to be updated and run:
+
+```
+npx @snyk/cli-protect-upgrade
+```
+
 ---
 
 Made with 💜 by Snyk

src/cli/commands/test/index.ts

@@ -1,4 +1,5 @@
 import * as Debug from 'debug';
+import { EOL } from 'os';
 const cloneDeep = require('lodash.clonedeep');
 const assign = require('lodash.assign');
 import chalk from 'chalk';
@@ -32,6 +33,12 @@ import { setDefaultTestOptions } from './set-default-test-options';
 import { processCommandArgs } from '../process-command-args';
 import { formatTestError } from './format-test-error';
 import { displayResult } from '../../../lib/formatters/test/display-result';
+import * as analytics from '../../../lib/analytics';
+
+import {
+  getPackageJsonPathsContainingSnykDependency,
+  getProtectUpgradeWarningForPaths,
+} from '../../../lib/protect-update-notification';
 
 const debug = Debug('snyk-test');
 const SEPARATOR = '\n-------------------------------------------------------\n';
@@ -46,6 +53,16 @@ export default async function test(
   validateTestOptions(options);
   validateCredentials(options);
 
+  const packageJsonPathsWithSnykDepForProtect: string[] = getPackageJsonPathsContainingSnykDependency(
+    options.file,
+    paths,
+  );
+
+  analytics.add(
+    'upgradable-snyk-protect-paths',
+    packageJsonPathsWithSnykDepForProtect.length,
+  );
+
   // Handles no image arg provided to the container command until
   // a validation interface is implemented in the docker plugin.
   if (options.docker && paths.length === 0) {
@@ -255,6 +272,11 @@ export default async function test(
       if (!fail) {
         // return here to prevent throwing failure
         response += chalk.bold.green(summaryMessage);
+        response += EOL + EOL;
+        response += getProtectUpgradeWarningForPaths(
+          packageJsonPathsWithSnykDepForProtect,
+        );
+
         return TestCommandResult.createHumanReadableTestCommandResult(
           response,
           stringifiedJsonData,
@@ -277,6 +299,11 @@ export default async function test(
   }
 
   response += chalk.bold.green(summaryMessage);
+  response += EOL + EOL;
+  response += getProtectUpgradeWarningForPaths(
+    packageJsonPathsWithSnykDepForProtect,
+  );
+
   return TestCommandResult.createHumanReadableTestCommandResult(
     response,
     stringifiedJsonData,

src/lib/protect-update-notification.ts

@@ -0,0 +1,116 @@
+import { EOL } from 'os';
+import * as theme from './theme';
+import * as fs from 'fs';
+import * as path from 'path';
+import * as createDebug from 'debug';
+
+const debug = createDebug('snyk-protect-update-notification');
+
+export function getProtectUpgradeWarningForPaths(
+  packageJsonPaths: string[],
+): string {
+  try {
+    if (packageJsonPaths?.length > 0) {
+      let message = theme.color.status.warn(
+        `${theme.icon.WARNING} WARNING: It looks like you have the \`snyk\` dependency in the \`package.json\` file(s) at the following path(s):` +
+          EOL,
+      );
+
+      packageJsonPaths.forEach((p) => {
+        message += theme.color.status.warn(`  - ${p}` + EOL);
+      });
+
+      const githubReadmeUrlShort = 'https://snyk.co/ud1cR'; // https://github.com/snyk/snyk/tree/master/packages/snyk-protect#migrating-from-snyk-protect-to-snykprotect
+
+      message += theme.color.status.warn(
+        `For more information and migration instructions, see ${githubReadmeUrlShort}` +
+          EOL,
+      );
+
+      return message;
+    } else {
+      return '';
+    }
+  } catch (e) {
+    debug('Error in getProtectUpgradeWarningForPaths()', e);
+    return '';
+  }
+}
+
+export function packageJsonFileExistsInDirectory(
+  directoryPath: string,
+): boolean {
+  try {
+    const packageJsonPath = path.resolve(directoryPath, 'package.json');
+    const fileExists = fs.existsSync(packageJsonPath);
+    return fileExists;
+  } catch (e) {
+    debug('Error in packageJsonFileExistsInDirectory()', e);
+    return false;
+  }
+}
+
+export function checkPackageJsonForSnykDependency(
+  packageJsonPath: string,
+): boolean {
+  try {
+    const fileExists = fs.existsSync(packageJsonPath);
+    if (fileExists) {
+      const packageJson = fs.readFileSync(packageJsonPath, 'utf8');
+      const packageJsonObject = JSON.parse(packageJson);
+      const snykDependency = packageJsonObject.dependencies['snyk'];
+      if (snykDependency) {
+        return true;
+      }
+    }
+  } catch (e) {
+    debug('Error in checkPackageJsonForSnykDependency()', e);
+  }
+  return false;
+}
+
+export function getPackageJsonPathsContainingSnykDependency(
+  fileOption: string | undefined,
+  paths: string[],
+): string[] {
+  const packageJsonPathsWithSnykDepForProtect: string[] = [];
+
+  try {
+    if (fileOption) {
+      if (
+        fileOption.endsWith('package.json') ||
+        fileOption.endsWith('package-lock.json')
+      ) {
+        const directoryWithPackageJson = path.dirname(fileOption);
+        if (packageJsonFileExistsInDirectory(directoryWithPackageJson)) {
+          const packageJsonPath = path.resolve(
+            directoryWithPackageJson,
+            'package.json',
+          );
+          const packageJsonContainsSnykDep = checkPackageJsonForSnykDependency(
+            packageJsonPath,
+          );
+          if (packageJsonContainsSnykDep) {
+            packageJsonPathsWithSnykDepForProtect.push(packageJsonPath);
+          }
+        }
+      }
+    } else {
+      paths.forEach((testPath) => {
+        if (packageJsonFileExistsInDirectory(testPath)) {
+          const packageJsonPath = path.resolve(testPath, 'package.json');
+          const packageJsonContainsSnykDep = checkPackageJsonForSnykDependency(
+            packageJsonPath,
+          );
+          if (packageJsonContainsSnykDep) {
+            packageJsonPathsWithSnykDepForProtect.push(packageJsonPath);
+          }
+        }
+      });
+    }
+  } catch (e) {
+    debug('Error in getPackageJsonPathsContainingSnykDependency()', e);
+  }
+
+  return packageJsonPathsWithSnykDepForProtect;
+}

src/lib/theme.ts

@@ -11,6 +11,7 @@ export const icon = {
 export const color = {
   status: {
     error: (text: string) => chalk.red(text),
+    warn: (text: string) => chalk.yellow(text),
     success: (text: string) => chalk.green(text),
   },
   severity: {

test/fixtures/protect-update-notification/no-package-json/placeholder.txt

@@ -0,0 +1 @@
+placeholder file so that the `no-package-json` folder which contains this file exists for testing

test/fixtures/protect-update-notification/with-package-json-with-snyk-dep-2/package.json

@@ -0,0 +1,11 @@
+{
+  "name": "test",
+  "version": "1.0.0",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "dependencies": {
+    "snyk": "^1.773.0"
+  }
+}

test/fixtures/protect-update-notification/with-package-json-with-snyk-dep/package.json

@@ -0,0 +1,12 @@
+{
+  "name": "test",
+  "version": "1.0.0",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "dependencies": {
+    "snyk": "^1.773.0"
+  }
+}
+

test/fixtures/protect-update-notification/with-package-json-without-snyk-dep/package.json

@@ -0,0 +1,10 @@
+{
+  "name": "test",
+  "version": "1.0.0",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "dependencies": {
+  }
+}