github-mirrors/odc-analyzer
1
0
Fork 0
mirror of https://github.com/ysoftdevs/odc-analyzer.git synced 2026-01-15 08:14:02 +01:00
Code Issues 2 Packages Projects Releases Wiki Activity
Files
ffabc8a4e55584580079ce13aa4170017360eedb
odc-analyzer/app/views/dependencyList.scala.html
Šesták Vít 2d0651cfc7 Minor hashes refactoring
2017-06-19 13:09:17 +02:00

69 lines
3.4 KiB
HTML
Raw Blame History

@(idPrefix: String, list: Seq[GroupedDependency], selectorOption: Option[String], expandByDefault: Boolean = true, addButtons: Boolean = true)
@cpeHtmlId(cpe: String) = @{
cpe.getBytes("utf-8").mkString("-")
}
<table class="table table-condensed dependencies-table">
<thead>
<tr>
<th>Severity</th>
<th>Identifiers</th>
<th class="vulns">Vulns</th>
<th class="actions"></th>
</tr>
</thead>
@for(dep <- list; depPrefix = s"$idPrefix-${dep.hashes.serialized}"){
<tr>
<td class="severity">
@for(s <- dep.maxCvssScore) {
<span class="score-vulnerability">@s</span>
<span class="computation-details">
<span class="score-projects">affects @dep.projects.size @if(dep.projects.size>1){projects}else{project}</span>
</span>
}
</td>
<td class="identifiers">
@libraryIdentificationList(dep, Some(cpe => s"$idPrefix-${dep.hashes.serialized}-suppression-cpe-${cpeHtmlId(cpe)}"), addLink = false, addButtons = addButtons)
</td>
<td class="vulns">@for(s <- dep.maxCvssScore) {@dep.vulnerabilities.size}</td>
<td class="actions">
<button data-toggle="collapse" data-target="#@depPrefix-details" class="btn btn-info collapsed expandable expandable-right"></button>
</td>
</tr>
<tr data-wrapper="<td colspan='4'></td>" id="@depPrefix-details" class="details collapse" data-lazyload-url="@routes.Statistics.dependencyDetails(
depPrefix = depPrefix,
depId = dep.hashes,
selectorOption = selectorOption
)"></tr>
}
</table>
<script type="text/javascript">
$(function () {
$(".severity .score-vulnerability")
.attr("title", "score of highest-rated vulnerability")
.addClass("explained")
.tooltip({ placement: "top" });
var identifierTypes = {
"cpe": "Common Platform Enumeration (CPE)",
"maven": "Maven",
"file": "File name"
};
var identifierTypesDetails = {
"cpe": "This identifier is used in National Vulnerability Database, so it is important for proper matching of vulnerabilities. A mismatched CPE identifier can directly cause wrongly matched vulnerabilities.",
"file": "This identifier is shown only if there is no identifier with high or highest confidence."
};
function escapeHtml(s) {
return document.createElement("div").appendChild(document.createTextNode(s)).parentNode.innerHTML;
}
$(".identifiers .identifier").each(function(i, obj){
var $obj = $(obj);
var identifierType = $obj.attr("data-type");
var confidence = $obj.attr("data-confidence");
var identifierTypeFriendlyName = identifierTypes[identifierType] || identifierType;
var identifiedDetails = identifierTypesDetails[identifierType];
var title = "<b>"+escapeHtml(identifierTypeFriendlyName)+ "</b> identifier matched with <b>"+escapeHtml(confidence)+"</b> confidence. "+(identifiedDetails ? ("<hr>"+identifiedDetails) :"");
$obj.addClass("explained").attr("title", title).tooltip({placement: "right", html: true});
});
});
</script>
Reference in New Issue View Git Blame Copy Permalink