From cc5f2b2c0477c92fa8463dba1497785c82359281 Mon Sep 17 00:00:00 2001 From: Andrea Brancaleoni Date: Tue, 6 Feb 2024 00:56:15 +0100 Subject: [PATCH] dependabotNudge: filter nudges for available patched versions --- src/dependabotNudge.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/dependabotNudge.js b/src/dependabotNudge.js index 04ae2e47..d0719670 100644 --- a/src/dependabotNudge.js +++ b/src/dependabotNudge.js @@ -111,7 +111,8 @@ export default async function dependabotNudge({ sort: 'updated', state: 'open', severity: Object.keys(Severity).filter(s => Severity[s] >= minlevel) - })).filter(a => !skipHotwords.some(h => a.security_advisory.summary.toLowerCase().includes(h))); + })).filter(a => !skipHotwords.some(h => a.security_advisory.summary.toLowerCase().includes(h))). + filter(a => a.security_vulnerability?.first_patched_version?.identifier); // get property values for this repository const prop = props[repo.name] || {properties: {}};