From 66dbcb98d20163bd197f5233f8fe8a786fe79f4b Mon Sep 17 00:00:00 2001 From: Jeremy Long Date: Sun, 4 Jun 2017 20:51:27 -0400 Subject: [PATCH] updated report to support changes in PR #714 --- .../main/resources/templates/jsonReport.vsl | 31 ++++++++++++------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/dependency-check-core/src/main/resources/templates/jsonReport.vsl b/dependency-check-core/src/main/resources/templates/jsonReport.vsl index f5851146d..92939dc4c 100644 --- a/dependency-check-core/src/main/resources/templates/jsonReport.vsl +++ b/dependency-check-core/src/main/resources/templates/jsonReport.vsl @@ -17,7 +17,10 @@ #if($artifactID)"artifactID":"$enc.json($artifactID)",#end #if($version)"version":"$enc.json($version)",#end "reportDate": "$scanDateXML", - "credits": "This report contains data retrieved from the National Vulnerability Database: http://nvd.nist.gov" + "credits": { + "NVD": "This report contains data retrieved from the National Vulnerability Database: http://nvd.nist.gov", + "NSP": "This report may contain data retrieved from the Node Security Platform: https://nodesecurity.io" + } }, "dependencies": [ #foreach($dependency in $dependencies)#if($foreach.count > 1),#end{ @@ -31,20 +34,24 @@ ,"relatedDependencies": [ #foreach($related in $dependency.getRelatedDependencies()) #if($foreach.count > 1),#end { "filePath": "$enc.json($related.FilePath)", - "sha1": "$enc.json($related.Sha1sum)", - "md5": "$enc.json($related.Md5sum)"#if($related.getIdentifiers()),#end + "sha1": "#if($related.Sha1sum)$enc.json($related.Sha1sum)#end", + "md5": "#if($related.Md5sum)$enc.json($related.Md5sum)#end"#if($related.getIdentifiers()), "identifiers": [ #foreach($id in $related.getIdentifiers()) #if ($id.type=="maven") { "type": "$enc.json($id.type)", "name": "$id.value" - #if( $id.url ),"url": "$enc.json($id.url)"#end + #if ($id.url),"url": "$enc.json($id.url)"#end #if ($id.notes),"notes": "$enc.json($id.notes)"#end } #end + #if ($id.type=="npm") + ,"id":"$enc.json($id.value)" + ,"description":"$enc.json($id.description)" + #end #end - ] + ]#end } #end ] @@ -112,12 +119,14 @@ #foreach($vuln in $dependency.getVulnerabilities())#if($foreach.count > 1),#end { "name": "$enc.json($vuln.name)", "cvssScore": "$vuln.cvssScore", - "cvssAccessVector": "$enc.json($vuln.cvssAccessVector)", - "cvssAccessComplexity": "$enc.json($vuln.cvssAccessComplexity)", - "cvssAuthenticationr": "$enc.json($vuln.cvssAuthentication)", - "cvssConfidentialImpact": "$enc.json($vuln.cvssConfidentialityImpact)", - "cvssIntegrityImpact": "$enc.json($vuln.cvssIntegrityImpact)", - "cvssAvailabilityImpact": "$enc.json($vuln.cvssAvailabilityImpact)", + #if ($vuln.getSource().name().equals("NVD")) + "cvssAccessVector": "$enc.json($vuln.cvssAccessVector)", + "cvssAccessComplexity": "$enc.json($vuln.cvssAccessComplexity)", + "cvssAuthenticationr": "$enc.json($vuln.cvssAuthentication)", + "cvssConfidentialImpact": "$enc.json($vuln.cvssConfidentialityImpact)", + "cvssIntegrityImpact": "$enc.json($vuln.cvssIntegrityImpact)", + "cvssAvailabilityImpact": "$enc.json($vuln.cvssAvailabilityImpact)", + #end #if ($vuln.cvssScore<4.0)"severity": "Low", #elseif ($vuln.cvssScore>=7.0)"severity": "High", #else "severity": "Medium",#end