From ecd6a2a7158eb5b9c09b5b98d74659e338748bfd Mon Sep 17 00:00:00 2001 From: Gabriel Kohen Date: Mon, 30 Jan 2023 16:15:31 -0500 Subject: [PATCH 1/2] Make sure security vulnerabilities that did not fail the run show as warning Note: We might want to get the severely for license and operation issues too so we can distinct between policy rules violations that will fail the action(CRITICAL and BLOCKER) and those who not --- src/detect/reporting.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/detect/reporting.ts b/src/detect/reporting.ts index 5f67a1b..c5fae05 100644 --- a/src/detect/reporting.ts +++ b/src/detect/reporting.ts @@ -23,8 +23,8 @@ export async function createRapidScanReportString(policyViolations: IRapidScanRe function createComponentRow(component: IComponentReport): string { const violatedPolicies = component.violatedPolicies.join('
') const componentInViolation = component?.href ? `[${component.name}](${component.href})` : component.name - const componentLicenses = component.licenses.map(license => `${license.violatesPolicy ? ':x:   ' : ''}[${license.name}](${license.href})`).join('
') - const vulnerabilities = component.vulnerabilities.map(vulnerability => `${vulnerability.violatesPolicy ? ':x:   ' : ''}[${vulnerability.name}](${vulnerability.href})${vulnerability.cvssScore && vulnerability.severity ? ` ${vulnerability.severity}: CVSS ${vulnerability.cvssScore}` : ''}`).join('
') + const componentLicenses = component.licenses.map(license => `${license.violatesPolicy ? (':x:   ') : ''}[${license.name}](${license.href})`).join('
') + const vulnerabilities = component.vulnerabilities.map(vulnerability => `${vulnerability.violatesPolicy ? (['BLOCKER', 'CRITICAL'].includes(vulnerability.severity) ? ':x:' : ':warning:')) + '   ' : ''}[${vulnerability.name}](${vulnerability.href})${vulnerability.cvssScore && vulnerability.severity ? ` ${vulnerability.severity}: CVSS ${vulnerability.cvssScore}` : ''}`).join('
') const shortTermString = component.shortTermUpgrade ? `[${component.shortTermUpgrade.name}](${component.shortTermUpgrade.href}) (${component.shortTermUpgrade.vulnerabilityCount} known vulnerabilities)` : '' const longTermString = component.longTermUpgrade ? `[${component.longTermUpgrade.name}](${component.longTermUpgrade.href}) (${component.longTermUpgrade.vulnerabilityCount} known vulnerabilities)` : '' From 003187d509f676611c09a5bee00ba9bd847c146f Mon Sep 17 00:00:00 2001 From: Gabriel Kohen Date: Mon, 30 Jan 2023 16:24:05 -0500 Subject: [PATCH 2/2] Revert un-needed change --- src/detect/reporting.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/detect/reporting.ts b/src/detect/reporting.ts index c5fae05..f242ac0 100644 --- a/src/detect/reporting.ts +++ b/src/detect/reporting.ts @@ -23,7 +23,7 @@ export async function createRapidScanReportString(policyViolations: IRapidScanRe function createComponentRow(component: IComponentReport): string { const violatedPolicies = component.violatedPolicies.join('
') const componentInViolation = component?.href ? `[${component.name}](${component.href})` : component.name - const componentLicenses = component.licenses.map(license => `${license.violatesPolicy ? (':x:   ') : ''}[${license.name}](${license.href})`).join('
') + const componentLicenses = component.licenses.map(license => `${license.violatesPolicy ? ':x:   ' : ''}[${license.name}](${license.href})`).join('
') const vulnerabilities = component.vulnerabilities.map(vulnerability => `${vulnerability.violatesPolicy ? (['BLOCKER', 'CRITICAL'].includes(vulnerability.severity) ? ':x:' : ':warning:')) + '   ' : ''}[${vulnerability.name}](${vulnerability.href})${vulnerability.cvssScore && vulnerability.severity ? ` ${vulnerability.severity}: CVSS ${vulnerability.cvssScore}` : ''}`).join('
') const shortTermString = component.shortTermUpgrade ? `[${component.shortTermUpgrade.name}](${component.shortTermUpgrade.href}) (${component.shortTermUpgrade.vulnerabilityCount} known vulnerabilities)` : '' const longTermString = component.longTermUpgrade ? `[${component.longTermUpgrade.name}](${component.longTermUpgrade.href}) (${component.longTermUpgrade.vulnerabilityCount} known vulnerabilities)` : ''