mirror of
https://github.com/ysoftdevs/odc-analyzer.git
synced 2026-02-21 18:08:24 +01:00
Added suppressed vulnerabilities to statistics
This commit is contained in:
@@ -83,6 +83,7 @@ final case class GroupedDependency(dependencies: Map[Dependency, Set[ReportInfo]
|
||||
def mavenIdentifiers = identifiers.filter(_.identifierType == "maven")
|
||||
def cpeIdentifiers = identifiers.filter(_.identifierType == "cpe")
|
||||
def vulnerabilities: Set[Vulnerability] = dependencies.keySet.flatMap(_.vulnerabilities)
|
||||
def suppressedVulnerabilities: Set[Vulnerability] = dependencies.keySet.flatMap(_.suppressedVulnerabilities)
|
||||
def plainLibraryIdentifiers: Set[PlainLibraryIdentifier] = identifiers.flatMap(_.toLibraryIdentifierOption)
|
||||
def hasCpe: Boolean = cpeIdentifiers.nonEmpty
|
||||
}
|
||||
|
||||
@@ -123,6 +123,7 @@ object DependencyCheckReportsParser{
|
||||
lazy val groupedDependenciesByPlainLibraryIdentifier: Map[PlainLibraryIdentifier, Set[GroupedDependency]] =
|
||||
groupedDependencies.toSet.flatMap((grDep: GroupedDependency) => grDep.plainLibraryIdentifiers.map(_ -> grDep)).groupBy(_._1).mapValues(_.map(_._2)).map(identity)
|
||||
lazy val vulnerableDependencies = groupedDependencies.filter(_.vulnerabilities.nonEmpty)
|
||||
lazy val suppressedOnlyDependencies = groupedDependencies.filter(gd => gd.vulnerabilities.isEmpty && gd.suppressedIdentifiers.nonEmpty)
|
||||
|
||||
private val ProjectSelectorPattern = """^project:(.*)$""".r
|
||||
private val TeamSelectorPattern = """^team:(.*)$""".r
|
||||
|
||||
@@ -202,6 +202,7 @@ class Statistics @Inject() (
|
||||
Future.successful(Ok(views.html.statistics.vulnerableLibraries(
|
||||
projectsWithSelection = selection.projectsWithSelection,
|
||||
vulnerableDependencies = reports.vulnerableDependencies,
|
||||
dependenciesWithSuppressedVulnerabilitiesOnlyCount = reports.suppressedOnlyDependencies.size,
|
||||
allDependenciesCount = reports.groupedDependencies.size,
|
||||
reports = reports
|
||||
)))
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
projectsWithSelection: ProjectsWithSelection,
|
||||
vulnerableDependencies: Seq[GroupedDependency],
|
||||
allDependenciesCount: Int,
|
||||
dependenciesWithSuppressedVulnerabilitiesOnlyCount: Int,
|
||||
reports: DependencyCheckReportsParser.Result
|
||||
)(implicit header: DefaultRequest)
|
||||
|
||||
@@ -17,7 +18,9 @@
|
||||
<script type="text/javascript">
|
||||
$(document).ready(function(){
|
||||
var data = [
|
||||
['Vulnerable', (@(vulnerableDependencies.size))], ['No known vulnerability', (@(allDependenciesCount - vulnerableDependencies.size))]
|
||||
['Vulnerable', (@(vulnerableDependencies.size))],
|
||||
['Suppressed vulnerabilities only', (@(dependenciesWithSuppressedVulnerabilitiesOnlyCount))],
|
||||
['No known vulnerability', (@(allDependenciesCount - vulnerableDependencies.size - dependenciesWithSuppressedVulnerabilitiesOnlyCount))]
|
||||
];
|
||||
var plot1 = jQuery.jqplot ('vulnerable-dependencies-chart', [data], {
|
||||
seriesDefaults: {
|
||||
@@ -29,7 +32,7 @@ $(document).ready(function(){
|
||||
showDataLabels: true,
|
||||
dataLabels: 'value',
|
||||
startAngle: -90,
|
||||
seriesColors: ['red', 'green'],
|
||||
seriesColors: ['red', 'yellow', 'green'],
|
||||
legendOptions: {
|
||||
textColor: 'white'
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user