DS will exit with status code 0 (OK) even if issues are found

Summary

DS analysis will exit with status code 0 (OK) even if it finds vulnerability issues.

Steps to reproduce

1. Create a new Node project
2. Add any vulnerable library to the package.json (tinycolor2@1.4.1 for example)
3. Run dependency scanning

What is the current bug behavior?

The DS job will succeed and the build/deploy will be done.

What is the expected correct behavior?

The DS job should fail if issues are found, preventing the build/deploy process from continuing.

Output of checks

This bug happens on GitLab.com

Possible fixes

Current workaround:

Add this line to the DS scripts tag: - exit $(jq '.vulnerabilities | length' gl-dependency-scanning-report.json)