Fix HTML template and display the gosec version

This commit is contained in:
Matthieu MOREL 2021-05-21 11:14:43 +02:00 committed by GitHub
parent c3f25b8ab3
commit e72f54ed40
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 29 additions and 28 deletions

View file

@ -304,10 +304,10 @@ var _ = Describe("Formatter", func() {
error := map[string][]gosec.Error{} error := map[string][]gosec.Error{}
buf := new(bytes.Buffer) buf := new(bytes.Buffer)
reportInfo := gosec.NewReportInfo([]*gosec.Issue{&issue}, &gosec.Metrics{NumFiles: 0, NumLines: 0, NumNosec: 0, NumFound: 0}, error) reportInfo := gosec.NewReportInfo([]*gosec.Issue{&issue}, &gosec.Metrics{NumFiles: 0, NumLines: 0, NumNosec: 0, NumFound: 0}, error).WithVersion("v2.7.0")
err := CreateReport(buf, "xml", false, []string{}, reportInfo) err := CreateReport(buf, "xml", false, []string{}, reportInfo)
Expect(err).ShouldNot(HaveOccurred()) Expect(err).ShouldNot(HaveOccurred())
pattern := "Results:\n\n\n[/home/src/project/test.go:1] - %s (CWE-%s): test (Confidence: HIGH, Severity: HIGH)\n > 1: testcode\n\n\n\nSummary:\n Files: 0\n Lines: 0\n Nosec: 0\n Issues: 0\n\n" pattern := "Results:\n\n\n[/home/src/project/test.go:1] - %s (CWE-%s): test (Confidence: HIGH, Severity: HIGH)\n > 1: testcode\n\n\n\nSummary:\n Gosec : v2.7.0\n Files : 0\n Lines : 0\n Nosec : 0\n Issues : 0\n\n"
expect := fmt.Sprintf(pattern, rule, cwe.ID) expect := fmt.Sprintf(pattern, rule, cwe.ID)
Expect(buf.String()).To(Equal(expect)) Expect(buf.String()).To(Equal(expect))
} }

View file

@ -19,7 +19,7 @@ const templateContent = `
<html lang="en"> <html lang="en">
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<title>Go AST Scanner</title> <title>Golang Security Checker</title>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bulma/0.2.1/css/bulma.min.css" integrity="sha256-DRcOKg8NK1KkSkcymcGmxOtS/lAn0lHWJXRa15gMHHk=" crossorigin="anonymous"/> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bulma/0.2.1/css/bulma.min.css" integrity="sha256-DRcOKg8NK1KkSkcymcGmxOtS/lAn0lHWJXRa15gMHHk=" crossorigin="anonymous"/>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/react/15.3.2/react.min.js" integrity="sha256-cLWs9L+cjZg8CjGHMpJqUgKKouPlmoMP/0wIdPtaPGs=" crossorigin="anonymous"></script> <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/react/15.3.2/react.min.js" integrity="sha256-cLWs9L+cjZg8CjGHMpJqUgKKouPlmoMP/0wIdPtaPGs=" crossorigin="anonymous"></script>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/react/15.3.2/react-dom.min.js" integrity="sha256-JIW8lNqN2EtqC6ggNZYnAdKMJXRQfkPMvdRt+b0/Jxc=" crossorigin="anonymous"></script> <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/react/15.3.2/react-dom.min.js" integrity="sha256-JIW8lNqN2EtqC6ggNZYnAdKMJXRQfkPMvdRt+b0/Jxc=" crossorigin="anonymous"></script>
@ -89,9 +89,7 @@ const templateContent = `
</p> </p>
<figure className="highlight"> <figure className="highlight">
<pre> <pre>
<code className="golang hljs"> <code className="go">{ this.props.data.code }</code>
{ this.props.data.code }
</code>
</pre> </pre>
</figure> </figure>
</div> </div>
@ -103,7 +101,7 @@ const templateContent = `
render: function() { render: function() {
return ( return (
<p className="help"> <p className="help">
Scanned { this.props.data.Stats.files.toLocaleString() } files Gosec {this.props.data.GosecVersion} scanned { this.props.data.Stats.files.toLocaleString() } files
with { this.props.data.Stats.lines.toLocaleString() } lines of code. with { this.props.data.Stats.lines.toLocaleString() } lines of code.
{ this.props.data.Stats.nosec ? '\n' + this.props.data.Stats.nosec.toLocaleString() + ' false positives (nosec) have been waived.' : ''} { this.props.data.Stats.nosec ? '\n' + this.props.data.Stats.nosec.toLocaleString() + ' false positives (nosec) have been waived.' : ''}
</p> </p>
@ -170,7 +168,6 @@ const templateContent = `
); );
} }
}); });
var LevelSelector = React.createClass({ var LevelSelector = React.createClass({
handleChange: function(level) { handleChange: function(level) {
return function(e) { return function(e) {
@ -183,14 +180,18 @@ const templateContent = `
}.bind(this); }.bind(this);
}, },
render: function() { render: function() {
var highDisabled = !this.props.available.includes("HIGH");
var mediumDisabled = !this.props.available.includes("MEDIUM");
var lowDisabled = !this.props.available.includes("LOW");
var on = "", off = "disabled";
var HIGH = "HIGH", MEDIUM = "MEDIUM", LOW = "LOW"; var HIGH = "HIGH", MEDIUM = "MEDIUM", LOW = "LOW";
var highDisabled = !this.props.available.includes(HIGH);
var mediumDisabled = !this.props.available.includes(MEDIUM);
var lowDisabled = !this.props.available.includes(LOW);
var on = "", off = "disabled";
var baseClassName = "label checkbox ";
var highClassName = baseClassName + (highDisabled ? off : on);
var mediumClassName = baseClassName + (mediumDisabled ? off : on);
var lowClassName = baseClassName + (lowDisabled ? off : on);
return ( return (
<span> <span>
<label className="label checkbox { (highDisabled ? off : on )}"> <label className={ highClassName }>
<input <input
type="checkbox" type="checkbox"
checked={ this.props.selected.includes(HIGH) } checked={ this.props.selected.includes(HIGH) }
@ -198,7 +199,7 @@ const templateContent = `
onChange={ this.handleChange(HIGH) }/> onChange={ this.handleChange(HIGH) }/>
High High
</label> </label>
<label className="label checkbox {( mediumDisabled ? off : on )}"> <label className={mediumClassName}>
<input <input
type="checkbox" type="checkbox"
checked={ this.props.selected.includes(MEDIUM) } checked={ this.props.selected.includes(MEDIUM) }
@ -206,7 +207,7 @@ const templateContent = `
onChange={ this.handleChange(MEDIUM) }/> onChange={ this.handleChange(MEDIUM) }/>
Medium Medium
</label> </label>
<label className="label checkbox {( lowDisabled ? off : on )}"> <label className={lowClassName}>
<input <input
type="checkbox" type="checkbox"
checked={ this.props.selected.includes(LOW) } checked={ this.props.selected.includes(LOW) }
@ -218,7 +219,6 @@ const templateContent = `
); );
} }
}); });
var Navigation = React.createClass({ var Navigation = React.createClass({
updateSeverity: function(vals) { updateSeverity: function(vals) {
this.props.onSeverity(vals); this.props.onSeverity(vals);
@ -276,12 +276,14 @@ const templateContent = `
</strong> </strong>
</div> </div>
<div className="panel-block"> <div className="panel-block">
<select onChange={ this.updateIssueType }> <div className="select">
<option value="all" selected={ !this.props.issueType }> <select onChange={ this.updateIssueType }>
(all) <option value="all" selected={ !this.props.issueType }>
</option> (all)
{ issueTypes } </option>
</select> { issueTypes }
</select>
</div>
</div> </div>
</nav> </nav>
); );
@ -353,11 +355,9 @@ const templateContent = `
.filter(function(item, pos, ary) { .filter(function(item, pos, ary) {
return !pos || item != ary[pos - 1]; return !pos || item != ary[pos - 1];
}); });
if (this.state.issueType && !allTypes.includes(this.state.issueType)) { if (this.state.issueType && !allTypes.includes(this.state.issueType)) {
this.setState({issueType: null}); this.setState({issueType: null});
} }
this.setState({allIssueTypes: allTypes}); this.setState({allIssueTypes: allTypes});
}, },
render: function() { render: function() {

View file

@ -13,10 +13,11 @@ Golang errors in file: [{{ $filePath }}]:
{{ end }} {{ end }}
{{ notice "Summary:" }} {{ notice "Summary:" }}
Files: {{.Stats.NumFiles}} Gosec : {{.GosecVersion}}
Lines: {{.Stats.NumLines}} Files : {{.Stats.NumFiles}}
Nosec: {{.Stats.NumNosec}} Lines : {{.Stats.NumLines}}
Issues: {{ if eq .Stats.NumFound 0 }} Nosec : {{.Stats.NumNosec}}
Issues : {{ if eq .Stats.NumFound 0 }}
{{- success .Stats.NumFound }} {{- success .Stats.NumFound }}
{{- else }} {{- else }}
{{- danger .Stats.NumFound }} {{- danger .Stats.NumFound }}