diff --git a/test/workers/repository/error.spec.js b/test/workers/repository/error.spec.js
index 0506d51e575e132f73c46c623b7dd36a0abbbc69..cfad0f62c4d63bd977569a16c5d76e5559636f76 100644
--- a/test/workers/repository/error.spec.js
+++ b/test/workers/repository/error.spec.js
@@ -26,6 +26,7 @@ describe('workers/repository/error', () => {
       'rate-limit-exceeded',
       'lockfile-error',
       'platform-failure',
+      'no-vulnerability-alerts',
     ];
     errors.forEach(err => {
       it(`errors ${err}`, async () => {
diff --git a/test/workers/repository/init/vulnerability.spec.js b/test/workers/repository/init/vulnerability.spec.js
index f43c4551a0e7f28fbc6822a771e005ec2b68d77b..b6ca18b0bbea3238c1dc411132f3519f5fca0246 100644
--- a/test/workers/repository/init/vulnerability.spec.js
+++ b/test/workers/repository/init/vulnerability.spec.js
@@ -19,6 +19,13 @@ describe('workers/repository/init/vulnerability', () => {
       platform.getVulnerabilityAlerts.mockReturnValue([]);
       expect(await detectVulnerabilityAlerts(config)).toEqual(config);
     });
+    it('throws if no alerts and vulnerabilityAlertsOnly', async () => {
+      config.vulnerabilityAlertsOnly = true;
+      platform.getVulnerabilityAlerts.mockReturnValue([]);
+      await expect(detectVulnerabilityAlerts(config)).rejects.toThrow(
+        /no-vulnerability-alerts/
+      );
+    });
     it('returns alerts', async () => {
       delete config.vulnerabilityAlerts.enabled;
       platform.getVulnerabilityAlerts.mockReturnValue([