From 962810abd641d46c303b9ceb54ef0caac82cf5cf Mon Sep 17 00:00:00 2001
From: Rob Cresswell <robcresswell@users.noreply.github.com>
Date: Wed, 9 Jan 2019 17:10:11 +0000
Subject: [PATCH] fix: Undefined base image

This patch updates the conditions in which docker file instructions are
shown in remediation advice; currently they are shown even the file is
not used, resulting in some strange "undefined" messages.
---
 src/cli/commands/test.js | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/cli/commands/test.js b/src/cli/commands/test.js
index 0dc8729573..daadc15ad6 100644
--- a/src/cli/commands/test.js
+++ b/src/cli/commands/test.js
@@ -358,9 +358,7 @@ function formatIssues(vuln, options) {
       ? createRemediationText(vuln, packageManager)
       : '',
     fixedIn: options.docker ? createFixedInText(vulnerableRange, version) : '',
-    dockerfilePackage: options.docker && vuln.dockerfileInstruction
-      ? `\n  Introduced in your Dockerfile by '${ vuln.dockerfileInstruction }'`
-      : `\n  Introduced by your base image (${ vuln.dockerBaseImage })`,
+    dockerfilePackage: options.docker ? dockerfileInstructionText(vuln) : '',
   };
 
   return (
@@ -377,6 +375,18 @@ function formatIssues(vuln, options) {
   );
 }
 
+function dockerfileInstructionText(vuln) {
+  if (vuln.dockerfileInstruction) {
+    return `\n  Introduced in your Dockerfile by '${ vuln.dockerfileInstruction }'`;
+  }
+
+  if (vuln.dockerBaseImage) {
+    return `\n  Introduced by your base image (${ vuln.dockerBaseImage })`;
+  }
+
+  return '';
+}
+
 function createFixedInText(versionRangeList, pkgVersion) {
   let fixedVersion = '';
   let fixedVersionCandidate = '';