fix: handle 'none' severity in getSeverityValue, drop duplicate assignment in handleError

[immanuwell]

What

Two small bugs fixed:

1. getSeverityValue crashes on 'none' severity

The function signature accepts SEVERITY | 'none', but 'none' isn't in the SEVERITIES array. The ! non-null assertion turns that missing entry into a runtime TypeError.

Reproduce:

getSeverityValue('none') // TypeError: Cannot read properties of undefined (reading 'value')

IaC code already treats 'none' as a real severity value (see results-formatter.ts filtering violatedPolicy.severity !== 'none'), so this path is reachable. Fix: swap !.value for ?.value ?? 0 — returns 0 for 'none', which fits naturally below low (1).

2. Duplicate assignment in handleError

error.userMessage = error.nestedUserMessage || error.userMessage appears twice in a row (lines 99 and 102), no mutation between them. Second line is dead code, introduced as a copy-paste leftover.

Changes

• src/lib/formatters/get-severity-value.ts: replace unsafe non-null assertion with optional chaining + nullish coalescing
• src/cli/main.ts: remove duplicate userMessage assignment
• test/jest/unit/lib/formatters/get-severity-value.spec.ts: add test case for 'none' input

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.