mirror of
https://github.com/ysoftdevs/odc-analyzer.git
synced 2026-01-15 08:14:02 +01:00
54 lines
3.8 KiB
HTML
54 lines
3.8 KiB
HTML
@import services.SingleLibraryScanResult
|
|
@(isDbOld: Boolean, singleLibraryScanResult: SingleLibraryScanResult)(implicit header: DefaultRequest, mainTemplateData: MainTemplateData)
|
|
@import singleLibraryScanResult.{transitiveDependencies, includesTransitive, mainDependencies, limitations, profilesOption}
|
|
@requiresAttention = @{limitations.exists(_.requiresAttention)}
|
|
@for((profiles, _) <- profilesOption){
|
|
<h2>Profiles</h2>
|
|
@if(profiles.size > 1) {
|
|
<p>This scan provider results for multiple profiles. By default, all results all shown, but you can filter it.</p>
|
|
<div class="btn-group" role="group">
|
|
<button type="button" class="btn btn-default" onclick="LibraryAdvisorUI.filterByProfile(this)">All profiles</button>
|
|
@for(profile <- profiles) {
|
|
<button type="button" class="btn btn-default" onclick="LibraryAdvisorUI.filterByProfile(this)" data-profileclass="@profileClass(profile)">@profile</button>
|
|
}
|
|
</div>
|
|
}else{
|
|
All results belong to profile <strong>@profiles.head</strong>.
|
|
}
|
|
}
|
|
<h2>Overall result</h2>
|
|
@vulnerableTransitive = @{transitiveDependencies.exists(_.isVulnerable)}
|
|
@vulnerableMain = @{mainDependencies.exists(_.isVulnerable)}
|
|
@if(isDbOld){
|
|
<div class="alert alert-warning">The vulnerability database seems to be outdated. Result might be thus inaccurate. Contact the administrator, please.</div>
|
|
}
|
|
@for(limitation <- limitations){
|
|
<div class="alert alert-@limitation.severity"><strong>Limitation: </strong>@limitation.message</div>
|
|
}
|
|
@(vulnerableMain, vulnerableTransitive) match {
|
|
case (false, false) => {
|
|
<div class="alert alert-@if(requiresAttention){warning}else{success}">
|
|
No vulnerability has been found in the library@if(includesTransitive){ or in its transitive dependencies}.
|
|
@if(requiresAttention){However, take care of the limitations above, please.}
|
|
</div>
|
|
}
|
|
case (false, true) => {<div class="alert alert-warning">While there is no vulnerability found in the library itself, but scan has identified some issues in its transitive dependencies. Maybe you should evict some dependency with a fixed version. @vulnerabilityAdvice()</div>}
|
|
case (true, false) => {<div class="alert alert-danger">There is a vulnerability found in the main dependency. Transitive dependencies are OK. Please consider using a patched version or consider impact of the vulnerabilities. @vulnerabilityAdvice()</div>}
|
|
case (true, true) => {<div class="alert alert-danger">There is a vulnerability found in both the main dependency and transitive dependencies. Please consider using a patched version or consider impact of the vulnerabilities. @vulnerabilityAdvice()</div>}
|
|
}
|
|
<h2>The library itself</h2>
|
|
@dependencyList("main", mainDependencies, None, expand = _.isVulnerable, addButtons = false, lazyLoad = false, showAffectedProjects = false, expandVulnerabilities = true, vulnerabilitySearch = false, profilesOption = profilesOption)
|
|
@if(includesTransitive) {
|
|
<h2>Transitive dependencies</h2>
|
|
@if(transitiveDependencies.nonEmpty) {
|
|
@if(vulnerableTransitive){
|
|
<div class="alert alert-info">Those vulnerabilities are primarily sorted by highest-rated known vulnerability. Transitive dependencies without a known vulnerability are at the end of the list.</div>
|
|
}else{
|
|
<div class="alert alert-info">There is no known vulnerability in transitive dependencies. They are listed just for your information.</div>
|
|
}
|
|
@dependencyList("transitive", transitiveDependencies.sorted(severityOrdering), None, expand = _.isVulnerable, addButtons = false, lazyLoad = false, showAffectedProjects = false, expandVulnerabilities = true, vulnerabilitySearch = true, profilesOption = profilesOption)
|
|
}else{
|
|
This library has no transitive dependencies.
|
|
}
|
|
}
|