From 8da75984052b551df50d0d7042d5b2f1723eabd1 Mon Sep 17 00:00:00 2001
From: baldarn <lorenzo.farnararo@gmail.com>
Date: Mon, 11 Mar 2024 18:39:21 +0100
Subject: [PATCH 1/6] add ignore file flow

---
 lib/mix_audit/cli.ex       |  1 +
 lib/mix_audit/cli/audit.ex | 17 +++++++++++++++++
 lib/mix_audit/cli/help.ex  |  1 +
 3 files changed, 19 insertions(+)

diff --git a/lib/mix_audit/cli.ex b/lib/mix_audit/cli.ex
index 4349a50..a525c65 100644
--- a/lib/mix_audit/cli.ex
+++ b/lib/mix_audit/cli.ex
@@ -5,6 +5,7 @@ defmodule MixAudit.CLI do
         switches: [
           ignore_advisory_ids: :string,
           ignore_package_names: :string,
+          ignore_file: :string,
           version: :boolean,
           help: :boolean,
           format: :string,
diff --git a/lib/mix_audit/cli/audit.ex b/lib/mix_audit/cli/audit.ex
index aeaaf46..ac86a20 100644
--- a/lib/mix_audit/cli/audit.ex
+++ b/lib/mix_audit/cli/audit.ex
@@ -5,11 +5,13 @@ defmodule MixAudit.CLI.Audit do
     format = Keyword.get(opts, :format)
     ignored_advisory_ids = ignored_advisory_ids(opts)
     ignored_package_names = ignored_package_names(opts)
+    ignored_ids_from_file = ignored_ids_from_file(opts)
 
     # Synchronize and get security advisories
     advisories =
       MixAudit.Repo.advisories()
       |> Enum.reject(&(&1.id in ignored_advisory_ids))
+      |> Enum.reject(&(&1.id in ignored_ids_from_file))
       |> Enum.group_by(& &1.package)
 
     # Get project dependencies
@@ -45,4 +47,19 @@ defmodule MixAudit.CLI.Audit do
     |> String.split(",")
     |> Enum.map(&String.trim/1)
   end
+
+  defp ignored_ids_from_file(opts) do
+    opts
+    |> Keyword.get(:ignore_file, ".mix-audit-skips")
+    |> File.read()
+    |> case do
+      {:ok, content} ->
+        content
+        |> String.split("\n")
+        |> Enum.reject(fn line -> String.starts_with?(line, "#") or line == "" end)
+
+      _ ->
+        []
+    end
+  end
 end
diff --git a/lib/mix_audit/cli/help.ex b/lib/mix_audit/cli/help.ex
index 3df4059..892de6a 100644
--- a/lib/mix_audit/cli/help.ex
+++ b/lib/mix_audit/cli/help.ex
@@ -9,6 +9,7 @@ defmodule MixAudit.CLI.Help do
     IO.puts("--format                The format of the report to generate (human, json)")
     IO.puts("--ignore-advisory-ids   A comma-separated list of advisory IDs to ignore")
     IO.puts("--ignore-package-names  A comma-separated list of package names to ignore")
+    IO.puts("--ignore-file           Path of the ignore file (default .mix-audit-skips)")
     IO.puts("")
     System.halt(0)
   end

From c1cc7c6a0c371dfbc8051ed15df8e1e4882643f8 Mon Sep 17 00:00:00 2001
From: lorenzo farnararo <2814802+baldarn@users.noreply.github.com>
Date: Tue, 12 Mar 2024 08:42:21 +0100
Subject: [PATCH 2/6] Update lib/mix_audit/cli/audit.ex

Co-authored-by: Stefano Gessa <stefano@gessa.net>
---
 lib/mix_audit/cli/audit.ex | 13 +++----------
 1 file changed, 3 insertions(+), 10 deletions(-)

diff --git a/lib/mix_audit/cli/audit.ex b/lib/mix_audit/cli/audit.ex
index ac86a20..1af9875 100644
--- a/lib/mix_audit/cli/audit.ex
+++ b/lib/mix_audit/cli/audit.ex
@@ -51,15 +51,8 @@ defmodule MixAudit.CLI.Audit do
   defp ignored_ids_from_file(opts) do
     opts
     |> Keyword.get(:ignore_file, ".mix-audit-skips")
-    |> File.read()
-    |> case do
-      {:ok, content} ->
-        content
-        |> String.split("\n")
-        |> Enum.reject(fn line -> String.starts_with?(line, "#") or line == "" end)
-
-      _ ->
-        []
-    end
+    |> File.read!()
+    |> String.split("\n")
+    |> Enum.reject(fn line -> String.starts_with?(line, "#") || String.trim(line) == "" end)
   end
 end

From cf984586f2601c7756f78da44ee4b514999e1a76 Mon Sep 17 00:00:00 2001
From: baldarn <lorenzo.farnararo@gmail.com>
Date: Tue, 12 Mar 2024 08:52:15 +0100
Subject: [PATCH 3/6] add docs and removed verbose print in cli

---
 README.md                 | 1 +
 lib/mix_audit/cli/help.ex | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index cc797e2..557765a 100644
--- a/README.md
+++ b/README.md
@@ -58,6 +58,7 @@ $ mix deps.audit
 | `--format`               | String | `"human"`           | The format of the report to generate (`"json"` or `"human"`) |
 | `--ignore-advisory-ids`  | String | `""`                | Comma-separated list of advisory IDs to ignore               |
 | `--ignore-package-names` | String | `""`                | Comma-separated list of package names to ignore              |
+| `--ignore-file`          | String | `.mix-audit-skips`  | Path of the ignore file                                      |
 
 ## Example
 
diff --git a/lib/mix_audit/cli/help.ex b/lib/mix_audit/cli/help.ex
index 892de6a..53d9bed 100644
--- a/lib/mix_audit/cli/help.ex
+++ b/lib/mix_audit/cli/help.ex
@@ -9,7 +9,7 @@ defmodule MixAudit.CLI.Help do
     IO.puts("--format                The format of the report to generate (human, json)")
     IO.puts("--ignore-advisory-ids   A comma-separated list of advisory IDs to ignore")
     IO.puts("--ignore-package-names  A comma-separated list of package names to ignore")
-    IO.puts("--ignore-file           Path of the ignore file (default .mix-audit-skips)")
+    IO.puts("--ignore-file           Path of the ignore file")
     IO.puts("")
     System.halt(0)
   end

From a92312ef2d1735432580881df53672b8a3c0c407 Mon Sep 17 00:00:00 2001
From: baldarn <lorenzo.farnararo@gmail.com>
Date: Fri, 15 Mar 2024 08:59:51 +0100
Subject: [PATCH 4/6] ignored ids from file works only if the file is defined

---
 README.md                  |  2 +-
 lib/mix_audit/cli/audit.ex | 16 ++++++++++------
 2 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 557765a..6d2e5b6 100644
--- a/README.md
+++ b/README.md
@@ -58,7 +58,7 @@ $ mix deps.audit
 | `--format`               | String | `"human"`           | The format of the report to generate (`"json"` or `"human"`) |
 | `--ignore-advisory-ids`  | String | `""`                | Comma-separated list of advisory IDs to ignore               |
 | `--ignore-package-names` | String | `""`                | Comma-separated list of package names to ignore              |
-| `--ignore-file`          | String | `.mix-audit-skips`  | Path of the ignore file                                      |
+| `--ignore-file`          | String | `""`                | Path of the ignore file                                      |
 
 ## Example
 
diff --git a/lib/mix_audit/cli/audit.ex b/lib/mix_audit/cli/audit.ex
index 1af9875..08b64b4 100644
--- a/lib/mix_audit/cli/audit.ex
+++ b/lib/mix_audit/cli/audit.ex
@@ -48,11 +48,15 @@ defmodule MixAudit.CLI.Audit do
     |> Enum.map(&String.trim/1)
   end
 
-  defp ignored_ids_from_file(opts) do
-    opts
-    |> Keyword.get(:ignore_file, ".mix-audit-skips")
-    |> File.read!()
-    |> String.split("\n")
-    |> Enum.reject(fn line -> String.starts_with?(line, "#") || String.trim(line) == "" end)
+  def ignored_ids_from_file(opts) do
+    case Keyword.get(opts, :ignore_file) do
+      nil ->
+        []
+
+      ignore_file ->
+        File.read!(ignore_file)
+        |> String.split("\n")
+        |> Enum.reject(fn line -> String.starts_with?(line, "#") || String.trim(line) == "" end)
+    end
   end
 end

From 44b0ea06fd73846e52169dbac8eba89da710c1d1 Mon Sep 17 00:00:00 2001
From: baldarn <lorenzo.farnararo@gmail.com>
Date: Fri, 15 Mar 2024 09:09:05 +0100
Subject: [PATCH 5/6] better syntax

---
 lib/mix_audit/cli/audit.ex | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/mix_audit/cli/audit.ex b/lib/mix_audit/cli/audit.ex
index 08b64b4..b723380 100644
--- a/lib/mix_audit/cli/audit.ex
+++ b/lib/mix_audit/cli/audit.ex
@@ -54,7 +54,8 @@ defmodule MixAudit.CLI.Audit do
         []
 
       ignore_file ->
-        File.read!(ignore_file)
+        ignore_file
+        |> File.read!()
         |> String.split("\n")
         |> Enum.reject(fn line -> String.starts_with?(line, "#") || String.trim(line) == "" end)
     end

From d611fd6e4d6eebf7a9ac4588a831965d8de475e2 Mon Sep 17 00:00:00 2001
From: Stefano Gessa <stefano@gessa.net>
Date: Fri, 15 Mar 2024 15:24:25 +0700
Subject: [PATCH 6/6] Fix credo

---
 lib/mix_audit/cli/audit.ex | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/lib/mix_audit/cli/audit.ex b/lib/mix_audit/cli/audit.ex
index b723380..4d76ff5 100644
--- a/lib/mix_audit/cli/audit.ex
+++ b/lib/mix_audit/cli/audit.ex
@@ -5,13 +5,11 @@ defmodule MixAudit.CLI.Audit do
     format = Keyword.get(opts, :format)
     ignored_advisory_ids = ignored_advisory_ids(opts)
     ignored_package_names = ignored_package_names(opts)
-    ignored_ids_from_file = ignored_ids_from_file(opts)
 
     # Synchronize and get security advisories
     advisories =
       MixAudit.Repo.advisories()
       |> Enum.reject(&(&1.id in ignored_advisory_ids))
-      |> Enum.reject(&(&1.id in ignored_ids_from_file))
       |> Enum.group_by(& &1.package)
 
     # Get project dependencies
@@ -35,20 +33,20 @@ defmodule MixAudit.CLI.Audit do
   end
 
   defp ignored_advisory_ids(opts) do
-    opts
-    |> Keyword.get(:ignore_advisory_ids, "")
-    |> String.split(",")
-    |> Enum.map(&String.trim/1)
+    ignored_ids_from_cli = ignored_advisory_ids_from_cli(opts)
+    ignored_ids_from_file = ignored_advisory_ids_from_file(opts)
+
+    Enum.uniq(ignored_ids_from_cli ++ ignored_ids_from_file)
   end
 
-  defp ignored_package_names(opts) do
+  defp ignored_advisory_ids_from_cli(opts) do
     opts
-    |> Keyword.get(:ignore_package_names, "")
+    |> Keyword.get(:ignore_advisory_ids, "")
     |> String.split(",")
     |> Enum.map(&String.trim/1)
   end
 
-  def ignored_ids_from_file(opts) do
+  def ignored_advisory_ids_from_file(opts) do
     case Keyword.get(opts, :ignore_file) do
       nil ->
         []
@@ -60,4 +58,11 @@ defmodule MixAudit.CLI.Audit do
         |> Enum.reject(fn line -> String.starts_with?(line, "#") || String.trim(line) == "" end)
     end
   end
+
+  defp ignored_package_names(opts) do
+    opts
+    |> Keyword.get(:ignore_package_names, "")
+    |> String.split(",")
+    |> Enum.map(&String.trim/1)
+  end
 end