updated report to support changes in PR #714

2026-01-14 07:43:40 +01:00 · 2017-06-04 20:51:27 -04:00
parent 52b2b4794e
commit 66dbcb98d2
1 changed files with 20 additions and 11 deletions
--- a/dependency-check-core/src/main/resources/templates/jsonReport.vsl
+++ b/dependency-check-core/src/main/resources/templates/jsonReport.vsl
@@ -17,7 +17,10 @@
        #if($artifactID)"artifactID":"$enc.json($artifactID)",#end
        #if($version)"version":"$enc.json($version)",#end
        "reportDate": "$scanDateXML",
-        "credits": "This report contains data retrieved from the National Vulnerability Database: http://nvd.nist.gov"
+        "credits": {
+            "NVD": "This report contains data retrieved from the National Vulnerability Database: http://nvd.nist.gov",
+            "NSP": "This report may contain data retrieved from the Node Security Platform: https://nodesecurity.io"
+        }
    },
    "dependencies": [
        #foreach($dependency in $dependencies)#if($foreach.count > 1),#end{
@@ -31,20 +34,24 @@
            ,"relatedDependencies": [
                #foreach($related in $dependency.getRelatedDependencies()) #if($foreach.count > 1),#end {
                    "filePath": "$enc.json($related.FilePath)",
-                    "sha1": "$enc.json($related.Sha1sum)",
-                    "md5": "$enc.json($related.Md5sum)"#if($related.getIdentifiers()),#end
+                    "sha1": "#if($related.Sha1sum)$enc.json($related.Sha1sum)#end",
+                    "md5": "#if($related.Md5sum)$enc.json($related.Md5sum)#end"#if($related.getIdentifiers()),
                    "identifiers": [
                        #foreach($id in $related.getIdentifiers())
                            #if ($id.type=="maven")
                                {
                                    "type": "$enc.json($id.type)",
                                    "name": "$id.value"
-                                    #if( $id.url ),"url": "$enc.json($id.url)"#end
+                                    #if ($id.url),"url": "$enc.json($id.url)"#end
                                    #if ($id.notes),"notes": "$enc.json($id.notes)"#end
                                }
                            #end
+                            #if ($id.type=="npm")
+                                ,"id":"$enc.json($id.value)"
+                                ,"description":"$enc.json($id.description)"
+                            #end
                        #end
-                    ]
+                    ]#end
                }
                #end
            ]
@@ -112,12 +119,14 @@
            #foreach($vuln in $dependency.getVulnerabilities())#if($foreach.count > 1),#end {
                "name": "$enc.json($vuln.name)",
                "cvssScore": "$vuln.cvssScore",
-                "cvssAccessVector": "$enc.json($vuln.cvssAccessVector)",
-                "cvssAccessComplexity": "$enc.json($vuln.cvssAccessComplexity)",
-                "cvssAuthenticationr": "$enc.json($vuln.cvssAuthentication)",
-                "cvssConfidentialImpact": "$enc.json($vuln.cvssConfidentialityImpact)",
-                "cvssIntegrityImpact": "$enc.json($vuln.cvssIntegrityImpact)",
-                "cvssAvailabilityImpact": "$enc.json($vuln.cvssAvailabilityImpact)",
+                #if ($vuln.getSource().name().equals("NVD"))
+                    "cvssAccessVector": "$enc.json($vuln.cvssAccessVector)",
+                    "cvssAccessComplexity": "$enc.json($vuln.cvssAccessComplexity)",
+                    "cvssAuthenticationr": "$enc.json($vuln.cvssAuthentication)",
+                    "cvssConfidentialImpact": "$enc.json($vuln.cvssConfidentialityImpact)",
+                    "cvssIntegrityImpact": "$enc.json($vuln.cvssIntegrityImpact)",
+                    "cvssAvailabilityImpact": "$enc.json($vuln.cvssAvailabilityImpact)",
+                #end
                #if ($vuln.cvssScore<4.0)"severity": "Low",
                #elseif ($vuln.cvssScore>=7.0)"severity": "High",
                #else "severity": "Medium",#end