Merge pull request snyk#413 from snyk/uj/refactor-exclude-base-image-…

…vulns

fix: Move exclude-base... option to docker plugin

package.json

@@ -68,7 +68,7 @@
     "recursive-readdir": "^2.2.2",
     "semver": "^5.6.0",
     "snyk-config": "2.2.1",
-    "snyk-docker-plugin": "1.22.0",
+    "snyk-docker-plugin": "1.22.1",
     "snyk-go-plugin": "1.6.1",
     "snyk-gradle-plugin": "2.4.2",
     "snyk-module": "1.9.1",

src/lib/snyk-test/run-test.ts

@@ -67,10 +67,6 @@ async function runTest(packageManager: string, root: string, options): Promise<o
       });
     }
 
-    if (options.docker && options.file && options['exclude-base-image-vulns']) {
-      res.vulnerabilities = res.vulnerabilities.filter((vuln) => (vuln.dockerfileInstruction));
-    }
-
     res.uniqueCount = countUniqueVulns(res.vulnerabilities);
 
     return res;

test/acceptance/cli.acceptance.test.ts

@@ -1594,26 +1594,6 @@ test('`test foo:latest --docker --file=Dockerfile remediation advice`', async (t
   }
 });
 
-test('`test foo:latest --docker --file=Dockerfile --exclude-base-image-vulns`', async (t) => {
-  stubDockerPluginResponse('./fixtures/docker/plugin-multiple-deps', t);
-  const vulns = require('./fixtures/docker/find-result-remediation.json');
-  server.setNextResponse(vulns);
-
-  try {
-    await cli.test('foo:latest', {
-      docker: true,
-      org: 'explicit-org',
-      file: 'Dockerfile',
-      'exclude-base-image-vulns': true,
-    });
-    t.fail('should have found vuln');
-
-  } catch (err) {
-    t.notMatch(err.message, /introduced by your base image/i, 'should exclude base image vulns');
-    t.match(err.message, /introduced in your dockerfile/i, 'should include vulns introduced by dockerfile');
-  }
-});
-
 test('`test foo:latest --docker` doesnt collect policy from cwd', async (t) => {
   chdirWorkspaces('npm-package-policy');
   const spyPlugin = stubDockerPluginResponse({