1 files changed, 14 insertions, 11 deletions

diff --git a/deps/npm/node_modules/npm-audit-report/reporters/parseable.js b/deps/npm/node_modules/npm-audit-report/reporters/parseable.js
index 3633597729..1d46ef2271 100644
--- a/deps/npm/node_modules/npm-audit-report/reporters/parseable.js
+++ b/deps/npm/node_modules/npm-audit-report/reporters/parseable.js
@@ -11,6 +11,7 @@ const report = function (data, options) {
 
   const actions = function (data, config) {
     let accumulator = {
+      critical: '',
       high: '',
       moderate: '',
       low: ''
@@ -25,16 +26,18 @@ const report = function (data, options) {
           l.recommendation = recommendation.cmd
           l.breaking = recommendation.isBreaking ? 'Y' : 'N'
 
-          // TODO: Verify: The advisory seems to repeat and be the same for all the 'resolves'. Is it true?
-          const advisory = data.advisories[action.resolves[0].id]
-          l.sevLevel = advisory.severity
-          l.severity = advisory.title
-          l.package = advisory.module_name
-          l.moreInfo = `https://nodesecurity.io/advisories/${advisory.id}`
-          l.path = action.resolves[0].path
+          action.resolves.forEach((resolution) => {
+            const advisory = data.advisories[resolution.id]
+
+            l.sevLevel = advisory.severity
+            l.severity = advisory.title
+            l.package = advisory.module_name
+            l.moreInfo = advisory.url || `https://www.npmjs.com/advisories/${advisory.id}`
+            l.path = resolution.path
 
-          accumulator[advisory.severity] += [action.action, l.package, l.sevLevel, l.recommendation, l.severity, l.moreInfo, l.path, l.breaking]
-            .join('\t') + '\n'
+            accumulator[advisory.severity] += [action.action, l.package, l.sevLevel, l.recommendation, l.severity, l.moreInfo, l.path, l.breaking]
+              .join('\t') + '\n'
+          }) // forEach resolves
         }
 
         if (action.action === 'review') {
@@ -44,7 +47,7 @@ const report = function (data, options) {
             l.sevLevel = advisory.severity
             l.severity = advisory.title
             l.package = advisory.module_name
-            l.moreInfo = `https://nodesecurity.io/advisories/${advisory.id}`
+            l.moreInfo = advisory.url || `https://www.npmjs.com/advisories/${advisory.id}`
             l.patchedIn = advisory.patched_versions.replace(' ', '') === '<0.0.0' ? 'No patch available' : advisory.patched_versions
             l.path = resolution.path
 
@@ -53,7 +56,7 @@ const report = function (data, options) {
         } // is review
       }) // forEach actions
     }
-    return accumulator['high'] + accumulator['moderate'] + accumulator['low']
+    return accumulator['critical'] + accumulator['high'] + accumulator['moderate'] + accumulator['low']
   }
 
   const exitCode = function (metadata) {