Generate snippet message only in case of bad packages are found

Author: ptelang

src/codegate/pipeline/extract_snippets/output.py

@@ -49,16 +49,20 @@ async def _snippet_comment(self, snippet: CodeSnippet, secrets: PipelineSensitiv
             base_url=secrets.api_base,
         )
 
+        # Check if any of the snippet libraries is a bad package
         storage_engine = StorageEngine()
         libobjects = await storage_engine.search_by_property("name", snippet.libraries)
         logger.info(f"Found {len(libobjects)} libraries in the storage engine")
 
-        libraries_text = ""
+        # If no bad packages are found, just return empty comment
+        if len(libobjects) == 0:
+            return ""
+
+        # Otherwise, generate codegate warning message
         warnings = []
 
-        # Use snippet.libraries to generate a CSV list of libraries
-        if snippet.libraries:
-            libraries_text = ", ".join([f"`{lib}`" for lib in snippet.libraries])
+        # Use libobjects to generate a CSV list of bad libraries
+        libobjects_text = ", ".join([f"`{lib.properties["name"]}`" for lib in libobjects])
 
         for lib in libobjects:
             lib_name = lib.properties["name"]
@@ -70,12 +74,10 @@ async def _snippet_comment(self, snippet: CodeSnippet, secrets: PipelineSensitiv
                 f"- More information: [{lib_url}]({lib_url})\n"
             )
 
-        comment = ""
-        if libraries_text != "":
-            comment += f"\n\nCodegate detected the following libraries: {libraries_text}\n"
-
-        if warnings:
-            comment += "\n### 🚨 Warnings\n" + "\n".join(warnings) + "\n"
+        # Add a codegate warning for the bad packages found in the snippet
+        comment = f"\n\nWarning: CodeGate detected one or more potentially malicious or \
+archived packages: {libobjects_text}\n"
+        comment += "\n### 🚨 Warnings\n" + "\n".join(warnings) + "\n"
 
         return comment