Merge pull request #153 from cr-alan/v1.x

added severity and labels

Author: xendk

README.md

@@ -29,6 +29,7 @@ It has some required and some optional settings, which are passed to the action
 - `JIRA_PROJECT`: The project key for the Jira project where issues should be created, eg `TEST` or `ABC`. (**REQUIRED**)
 - `JIRA_ISSUE_TYPE`: Type of issue to create, e.g. `Security`. Defaults to `Bug`. (*Optional*)
 - `JIRA_WATCHERS`: Jira users to add as watchers to tickets. Separate multiple watchers with comma (no spaces).
+- `JIRA_ISSUE_LABELS`: Jira labels to add to tickets. Separate multiple labels with comma (no spaces).
 - `JIRA_RESTRICTED_COMMENT_ROLE`: A comment with restricted visibility
   to this role is posted with info about who was added as watchers to
   the issue. Defaults to `Developers`. (*Optional*)

src/SecurityAlertIssue.php

@@ -34,6 +34,11 @@ class SecurityAlertIssue extends JiraSecurityIssue
      */
     protected string $id;
 
+    /**
+     * @var string
+     */
+    protected string $severity;
+
     /**
      * phpcs:disable SlevomatCodingStandard.TypeHints.DisallowMixedTypeHint.DisallowedMixedTypeHint
      *
@@ -47,6 +52,7 @@ public function __construct(array $data)
         $this->vulnerableVersionRange = $data['securityVulnerability']['vulnerableVersionRange'];
         $this->manifestPath = \pathinfo($data['vulnerableManifestPath'], \PATHINFO_DIRNAME);
         $this->id = $data['securityVulnerability']['advisory']['ghsaId'];
+        $this->severity = $data['securityVulnerability']['severity'];
 
         $references = [];
 
@@ -87,8 +93,16 @@ public function __construct(array $data)
 
         $this->setKeyLabel($githubRepo);
         $this->setKeyLabel($this->uniqueId());
-        $this->setTitle("{$this->package} ({$safeVersion})");
+        $this->setTitle("{$this->package} ({$safeVersion}) - {$this->severity}");
         $this->setBody($body);
+
+        $labels = \getenv('JIRA_ISSUE_LABELS');
+
+        if ($labels) {
+            foreach (\explode(',', $labels) as $label) {
+                $this->setKeyLabel($label);
+            }
+        }
     }
 
     /**