Skip to content

Commit

Permalink
Merge pull request DanBeard#3 from mattdicarlo/master
Browse files Browse the repository at this point in the history 
US2200, TA7190: Added best-effort patch availability to report.
  • Loading branch information
@robgura
robgura authored Oct 26, 2018
2 parents 6343ef6 + bc80a9d commit df24713
Show file tree
Hide file tree
Showing 2 changed files with 37 additions and 18 deletions.
16 changes: 16 additions & 0 deletions cli.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,22 @@ def _main():
except Exception:
data['description'] = ''

try:
# If there's only one refence, look for a patch indicator.
refs = ii['refs']['ref']
if '@patch' in refs and refs['@patch'] in [1, '1']:
data['patch_available'] = True
except Exception:
pass

# If there is more than one reference, this will be a list
try:
for rr in ii['refs']['ref']:
if '@patch' in rr and rr['@patch'] in [1, '1']:
data['patch_available'] = True
except Exception:
pass

if data['id'] in ignore_source:
data['ignored'] = True
data['mitigation'] = ignore_source[data['id']]
Expand Down
39 changes: 21 additions & 18 deletions templates/output.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,13 +33,10 @@
background-color: #d7d9f2;
}

.col-id {
min-width: 150px;
}

.col-package {
min-width: 120px;
}
.col-id { min-width: 150px; }
.col-package { min-width: 120px; }
.td-patch { text-align: center; }
.td-numeric { text-align: right; }

caption {
padding: 10px;
Expand All @@ -65,14 +62,16 @@
<th class="col-id" scope="col">ID</th>
<th class="col-package" scope="col">Package</th>
<th scope="col">Description</th>
<th scope="col">Patch Avail.</th>
<th scope="col">Severity</th>
</tr>
{% for vuln in high_vulns %}
<tr>
<th scope="row"><a href="{{ vuln.link }}">{{ vuln.id }}</a></th>
<td>{{ vuln.package }}</td>
<th class="col-id" scope="row"><a href="{{ vuln.link }}">{{ vuln.id }}</a></th>
<td class="col-package">{{ vuln.package }}</td>
<td>{{ vuln.description }}</td>
<td>{{ vuln.severity }}</td>
<td class="td-patch">{{ '&#10004;'|safe if vuln.patch_available else '' }}</td>
<td class="td-numeric">{{ vuln.severity }}</td>
</tr>
{% endfor %}
</table>
Expand All @@ -86,38 +85,42 @@
<th class="col-id" scope="col">ID</th>
<th class="col-package" scope="col">Package</th>
<th scope="col">Description</th>
<th scope="col">Patch Avail.</th>
<th scope="col">Severity</th>
</tr>
{% for vuln in low_vulns %}
<tr>
<th scope="row"><a href="{{ vuln.link }}">{{ vuln.id }}</a></th>
<td>{{ vuln.package }}</td>
<th class="col-id" scope="row"><a href="{{ vuln.link }}">{{ vuln.id }}</a></th>
<td class="col-package">{{ vuln.package }}</td>
<td>{{ vuln.description }}</td>
<td>{{ vuln.severity }}</td>
<td class="td-patch">{{ '&#10004;'|safe if vuln.patch_available else '' }}</td>
<td class="td-numeric">{{ vuln.severity }}</td>
</tr>
{% endfor %}
</table>
<hr/>
{% endif %}

{% if ignored_vulns|length > 0 %}
<p class="header">Ignored ({{ ignored_vulns|length }})</p>
<p class="description">Vulnerabilities that have been marked as ignored.</p>
<p class="header">Evaluated ({{ ignored_vulns|length }})</p>
<p class="description">Vulnerabilities that have been evaluated and do not require patching at this time.</p>
<table>
<tr>
<th class="col-id" scope="col">ID</th>
<th class="col-package" scope="col">Package</th>
<th scope="col">Description</th>
<th scope="col">Mitigation</th>
<th scope="col">Patch Avail.</th>
<th scope="col">Severity</th>
</tr>
{% for vuln in ignored_vulns %}
<tr>
<th scope="row"><a href="{{ vuln.link }}">{{ vuln.id }}</a></th>
<td>{{ vuln.package }}</td>
<th class="col-id" scope="row"><a href="{{ vuln.link }}">{{ vuln.id }}</a></th>
<td class="col-package">{{ vuln.package }}</td>
<td>{{ vuln.description }}</td>
<td>{{ vuln.mitigation }}</td>
<td>{{ vuln.severity }}</td>
<td class="td-patch">{{ '&#10004;'|safe if vuln.patch_available else '' }}</td>
<td class="td-numeric">{{ vuln.severity }}</td>
</tr>
{% endfor %}
</table>
Expand Down

0 comments on commit df24713

Please sign in to comment.