Adjusted sorting

2026-03-20 08:15:19 +01:00 · 2017-05-23 15:45:31 +02:00
parent ef1d434871
commit 70f263baaa
5 changed files with 18 additions and 27 deletions
--- a/app/views/statistics/vulnerabilities.scala.html
+++ b/app/views/statistics/vulnerabilities.scala.html
@@ -15,24 +15,25 @@
        They are affecting @statistics.vulnerabilitiesToDependencies.flatMap(_._2.flatMap(_.projects)).toSet.size projects.
    }else{
        Showing only project matching the selected filter.
-        <div class="alert alert-warning">When a filter is applied, YSVSS might differ, as it is computed over a subset of subprojects. As a result, order of vulnerabilities might differ from their order at all-projects view.</div>
+        <div class="alert alert-warning">When a filter is applied, number of affected project might differ, as it is computed over a subset of subprojects. As a result, order of vulnerabilities might slightly differ from their order at all-projects view.</div>
    }
    <div class="help">
-        Vulnerabilities are sorted by number of affected projects multiplied by their severity. If the score is the same, then they are sorted by severity. If even this matches, they are sorted by name (which is related to vulnerability age).
+        Vulnerabilities are sorted by severity. If the severity is the same, they are sorted by number of affected projects. If even this matches, they are sorted by name (which is related to vulnerability age).
    </div>
    @for((vulnerability, dependencies) <- statistics.vulnerabilitiesToDependencies.toSeq.sortBy{case (vuln, deps) =>
        (
-            vuln.ysvssScore(deps).map(-_),  // total score
-            vuln.cvssScore.map(-_),         // CVSS score
-            vuln.name                       // make it deterministic
+            vuln.cvssScore.map(-_),                 // CVSS score
+            -deps.flatMap(_.projects).toSet.size,   // number of affected projects
+            vuln.name                               // make it deterministic
        )
    }){
        <h2><a href="@routes.Statistics.vulnerability(vulnerability.name, projectsWithSelection.selectorString)">@vulnerability.name</a>
            <span class="severity">
-                (<span class="explained" title="vulnerability CVSS score">@(vulnerability.cvss.score.getOrElse{"?"})</span> ×
-                    <span class="explained" title="number of affected projects">@dependencies.flatMap(_.projects).toSet.size</span> =
-                    <span class="explained score" title="total score">@(vulnerability.ysvssScore(dependencies).fold{"?"}{d => f"$d%2.2f"})</span>
-                )</span>
+                CVSS <span class="explained" title="vulnerability score based on Common Vulnerability Scoring System 2.0">@(vulnerability.cvss.score.getOrElse{"?"})</span>,
+                    @defining(dependencies.flatMap(_.projects).toSet.size){ numProjects =>
+                        affecting @numProjects @if(numProjects>1){projects}else{project}
+                    }
+                </span>
        </h2>
        <p>@vulnerability.description</p>
        @* <p>@dependencies.map(_.identifiers)</p> *@