From 4589467e062cc2176ddf1eb77fec00161ec81325 Mon Sep 17 00:00:00 2001
From: secustor <sebastian@poxhofer.at>
Date: Tue, 16 May 2023 18:35:24 +0200
Subject: [PATCH] chore: reword vulnerability text and reference
 osvVulnerabilityAlerts

---
 lib/workers/repository/dependency-dashboard.spec.ts |  8 +++++---
 lib/workers/repository/dependency-dashboard.ts      | 10 +++++++++-
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/lib/workers/repository/dependency-dashboard.spec.ts b/lib/workers/repository/dependency-dashboard.spec.ts
index fb4a842ea293fe..5c24ca5d9981df 100644
--- a/lib/workers/repository/dependency-dashboard.spec.ts
+++ b/lib/workers/repository/dependency-dashboard.spec.ts
@@ -1052,7 +1052,7 @@ describe('workers/repository/dependency-dashboard', () => {
       );
     });
 
-    it('return all vulnerabilities if set to all', async () => {
+    it('return all vulnerabilities if set to all and disabled osvVulnerabilities', async () => {
       const fetchVulnerabilitiesMock = jest.fn();
       createVulnerabilitiesMock.mockResolvedValueOnce({
         fetchVulnerabilities: fetchVulnerabilitiesMock,
@@ -1085,12 +1085,13 @@ describe('workers/repository/dependency-dashboard', () => {
         {
           ...config,
           dependencyDashboardOSVVulnerabilitySummary: 'all',
+          osvVulnerabilityAlerts: true,
         },
         packageFiles
       );
       expect(result.trimEnd()).toBe(codeBlock`## Vulnerabilities
 
-\`1\` of a total of \`2\` CVEs have no fixes in this repository.
+\`1\`/\`2\` CVEs have Renovate fixes.
 <details><summary>npm</summary>
 <blockquote>
 
@@ -1156,7 +1157,8 @@ describe('workers/repository/dependency-dashboard', () => {
       );
       expect(result.trimEnd()).toBe(codeBlock`## Vulnerabilities
 
-\`1\` of a total of \`2\` CVEs have no fixes in this repository.
+\`1\`/\`2\` CVEs have possible Renovate fixes.
+See [\`osvVulnerabilityAlerts\`](https://docs.renovatebot.com/configuration-options/#osvvulnerabilityalerts) to allow Renovate to supply fixes.
 <details><summary>npm</summary>
 <blockquote>
 
diff --git a/lib/workers/repository/dependency-dashboard.ts b/lib/workers/repository/dependency-dashboard.ts
index ffe0a797e11a6e..f6dd792547feb8 100644
--- a/lib/workers/repository/dependency-dashboard.ts
+++ b/lib/workers/repository/dependency-dashboard.ts
@@ -489,8 +489,16 @@ export async function getDashboardMarkdownVulnerabilities(
   const unresolvedVulnerabilities = vulnerabilities.filter((value) =>
     is.nullOrUndefined(value.fixedVersion)
   );
+  const resolvedVulnerabilitiesLength =
+    vulnerabilities.length - unresolvedVulnerabilities.length;
 
-  result += `\`${unresolvedVulnerabilities.length}\` of a total of \`${vulnerabilities.length}\` CVEs have no fixes in this repository.\n`;
+  result += `\`${resolvedVulnerabilitiesLength}\`/\`${vulnerabilities.length}\``;
+  if (is.truthy(config.osvVulnerabilityAlerts)) {
+    result += ' CVEs have Renovate fixes.\n';
+  } else {
+    result +=
+      ' CVEs have possible Renovate fixes.\nSee [`osvVulnerabilityAlerts`](https://docs.renovatebot.com/configuration-options/#osvvulnerabilityalerts) to allow Renovate to supply fixes.\n';
+  }
 
   let renderedVulnerabilities: Vulnerability[];
   switch (config.dependencyDashboardOSVVulnerabilitySummary) {