Skip to content

Commit

Permalink
Merge branch 'master' of github.com:soprasteria/sonar-report
Browse files Browse the repository at this point in the history
  • Loading branch information
Konstantin Sidorenko committed Apr 25, 2024
2 parents 96972c5 + cef68b1 commit af6d33e
Show file tree
Hide file tree
Showing 7 changed files with 84 additions and 107 deletions.
2 changes: 1 addition & 1 deletion .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
node_modules/
sonar-report.html
coverage.lcov
coverage.lcov
9 changes: 3 additions & 6 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,16 +66,13 @@ xdg-open samples/sonar-report_sonar-report.html
Summary of the Detected Vulnerabilities
Severity: BLOCKER
Severity: HIGH
Number of Issues: 0
Severity: CRITICAL
Severity: MEDIUM
Number of Issues: 0
Severity: MAJOR
Number of Issues: 0
Severity: MINOR
Severity: LOW
Number of Issues: 0
```

Expand Down
45 changes: 22 additions & 23 deletions index.ejs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,9 @@
<dt>Project Name/URL</dt>
<dd>
<a href="<%= sonarBaseURL %>/dashboard?id=<%= sonarComponent %>" target="_blank"><%= projectName %></a>
<a href="<%= sonarBaseURL %>/dashboard?id=<%= sonarComponent %>" target="_blank">
<%= projectName %>
</a>
</dd>
<dt>Application</dt>
Expand Down Expand Up @@ -77,7 +79,8 @@
</dl>
<%if (qualityGateStatus) { %>
<h2>Quality Gate Status: <%= qualityGateStatus.projectStatus.status %> since <%= qualityGateStatusPeriodDate %></h2>
<h2>Quality Gate Status: <%= qualityGateStatus.projectStatus.status %> since <%= qualityGateStatusPeriodDate %>
</h2>
<table>
<thead>
Expand Down Expand Up @@ -119,31 +122,24 @@
</thead>
<tbody>
<tr>
<td class="sevBLOCKER"></td>
<td>BLOCKER</td>
<td>
<%= summary.blocker %>
</td>
</tr>
<tr>
<td class="sevCRITICAL"></td>
<td>CRITICAL</td>
<td class="sevHIGH"></td>
<td>HIGH</td>
<td>
<%= summary.critical %>
<%= summary.high %>
</td>
</tr>
<tr>
<td class="sevMAJOR"></td>
<td>MAJOR</td>
<td class="sevMEDIUM"></td>
<td>MEDIUM</td>
<td>
<%= summary.major %>
<%= summary.medium %>
</td>
</tr>
<tr>
<td class="sevMINOR"></td>
<td>MINOR</td>
<td class="sevLOW"></td>
<td>LOW</td>
<td>
<%= summary.minor %>
<%= summary.low %>
</td>
</tr>
</tbody>
Expand Down Expand Up @@ -178,7 +174,11 @@
<%= issues[i].rule %>
</a></td>
<td>
<% if(issues[i].severity == "BLOCKER"){ %>
HIGH
<% } else{ %>
<%= issues[i].severity %>
<% } %>
</td>
<td class="component">
<%= issues[i].component %>
Expand Down Expand Up @@ -238,15 +238,14 @@
var ctx = canvas.getContext("2d");
var data = [
<%= summary.blocker %>,
<%= summary.critical %>,
<%= summary.major %>,
<%= summary.minor %>
<%= summary.high %>,
<%= summary.medium %>,
<%= summary.low %>
];
var total = data.reduce(function(sum, n) {
return sum + n;
})
var colors = ['#2c3e50', '#d43223', '#f39c12', '#319ddb'];
var colors = ['#d43223', '#f39c12', '#319ddb'];
for (var i = 0, lastend = 0; i < data.length; i++) {
ctx.fillStyle = colors[i];
Expand Down
45 changes: 22 additions & 23 deletions index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -163,35 +163,33 @@ const generateReport = async (options) => {

const issueLink = options.linkIssues
? (data, issue) => (c) =>
`<a href="${data.sonarBaseURL}/project/issues?${
data.branch ? "branch=" + encodeURIComponent(data.branch) + "&" : ""
}id=${encodeURIComponent(
data.sonarComponent
)}&issues=${encodeURIComponent(issue.key)}&open=${encodeURIComponent(
issue.key
)}">${c}</a>`
`<a href="${data.sonarBaseURL}/project/issues?${data.branch ? "branch=" + encodeURIComponent(data.branch) + "&" : ""
}id=${encodeURIComponent(
data.sonarComponent
)}&issues=${encodeURIComponent(issue.key)}&open=${encodeURIComponent(
issue.key
)}">${c}</a>`
: (data, issue) => (c) => c;

const hotspotLink = options.linkIssues
? (data, hotspot) => (c) =>
`<a href="${data.sonarBaseURL}/security_hotspots?${
data.branch ? "branch=" + encodeURIComponent(data.branch) + "&" : ""
}id=${encodeURIComponent(
data.sonarComponent
)}&hotspots=${encodeURIComponent(hotspot.key)}">${c}</a>`
`<a href="${data.sonarBaseURL}/security_hotspots?${data.branch ? "branch=" + encodeURIComponent(data.branch) + "&" : ""
}id=${encodeURIComponent(
data.sonarComponent
)}&hotspots=${encodeURIComponent(hotspot.key)}">${c}</a>`
: () => (c) => c;

let severity = new Map();
severity.set("MINOR", 0);
severity.set("MAJOR", 1);
severity.set("CRITICAL", 2);
severity.set("BLOCKER", 3);
let hotspotSeverities = { HIGH: "CRITICAL", MEDIUM: "MAJOR", LOW: "MINOR" };
let hotspotSeverities = { HIGH: "HIGH", MEDIUM: "MEDIUM", LOW: "LOW" };

let properties = [];
try {
properties = getProperties(readFileSync(options.sonarPropertiesFile));
} catch (e) {}
} catch (e) { }

const data = {
date: new Date().toLocaleDateString("en-us", {
Expand Down Expand Up @@ -513,6 +511,7 @@ const generateReport = async (options) => {
};
})
);

} catch (error) {
logError("getting issues", error);
return null;
Expand Down Expand Up @@ -558,13 +557,15 @@ const generateReport = async (options) => {
);
const hotspot = JSON.parse(response.body);
hSeverity = hotspotSeverities[hotspot.rule.vulnerabilityProbability];

if (hSeverity === undefined) {
hSeverity = "MAJOR";
hSeverity = "MEDIUM";
console.error(
"Unknown hotspot severity: %s",
hotspot.vulnerabilityProbability
);
}

data.issues.push({
rule: hotspot.rule.key,
severity: hSeverity,
Expand All @@ -589,12 +590,10 @@ const generateReport = async (options) => {
});

data.summary = {
blocker: data.issues.filter((issue) => issue.severity === "BLOCKER")
.length,
critical: data.issues.filter((issue) => issue.severity === "CRITICAL")
high: data.issues.filter((issue) => (issue.severity === "HIGH" || issue.severity === "BLOCKER"))
.length,
major: data.issues.filter((issue) => issue.severity === "MAJOR").length,
minor: data.issues.filter((issue) => issue.severity === "MINOR").length,
medium: data.issues.filter((issue) => issue.severity === "MEDIUM").length,
low: data.issues.filter((issue) => issue.severity === "LOW").length,
};
}

Expand All @@ -615,9 +614,9 @@ const generateReport = async (options) => {
// https://stackoverflow.com/questions/29085197/how-do-you-json-stringify-an-es6-map
if (key === "rules") {
return Array.from(value).reduce((obj, [key, value]) => {
obj[key] = value;
return obj;
}, {});
obj[key] = value;
return obj;
}, {});
} else {
return value
}
Expand Down
44 changes: 17 additions & 27 deletions samples/sonar-report_sonar-report.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@
max-width: 100%
}

li + li {
li+li {
margin-top: 3px
}

Expand Down Expand Up @@ -116,7 +116,7 @@
width: 100%
}

table + table {
table+table {
margin-top: 1em
}

Expand Down Expand Up @@ -155,19 +155,15 @@
background-color: #d4333f
}

.sevBLOCKER {
background-color: #2c3e50
}

.sevCRITICAL {
.sevHIGH {
background-color: #d43223
}

.sevMAJOR {
.sevMEDIUM {
background-color: #f39c12
}

.sevMINOR {
.sevLOW {
background-color: #319ddb
}

Expand All @@ -176,10 +172,9 @@
}

.rulestable {
table-layout: fixed; word-wrap: break-word
table-layout: fixed;
word-wrap: break-word
}


</style>
</head>

Expand All @@ -204,7 +199,9 @@ <h1>SonarQube Vulnerability Report</h1>

<dt>Project Name/URL</dt>
<dd>
<a href="https://sonarcloud.io/dashboard?id=soprasteria_sonar-report" target="_blank">Sonar Report</a>
<a href="https://sonarcloud.io/dashboard?id=soprasteria_sonar-report" target="_blank">
Sonar Report
</a>
</dd>

<dt>Application</dt>
Expand Down Expand Up @@ -246,29 +243,22 @@ <h2>Summary of the Detected Vulnerabilities
</thead>
<tbody>
<tr>
<td class="sevBLOCKER"></td>
<td>BLOCKER</td>
<td>
0
</td>
</tr>
<tr>
<td class="sevCRITICAL"></td>
<td>CRITICAL</td>
<td class="sevHIGH"></td>
<td>HIGH</td>
<td>
0
</td>
</tr>
<tr>
<td class="sevMAJOR"></td>
<td>MAJOR</td>
<td class="sevMEDIUM"></td>
<td>MEDIUM</td>
<td>
0
</td>
</tr>
<tr>
<td class="sevMINOR"></td>
<td>MINOR</td>
<td class="sevLOW"></td>
<td>LOW</td>
<td>
0
</td>
Expand Down Expand Up @@ -42300,7 +42290,7 @@ <h2>See</h2>
</td>
<td>
<details>
<p>This rule is deprecated; use <a href='/organizations/sopra-steria/rules?open=plsql%3AS5547&rule_key=plsql%3AS5547'>S5547</a> instead.</p>
<p>This rule is deprecated; use <a href='/organizations/inditex-sonarcloud/rules?open=plsql%3AS5547&rule_key=plsql%3AS5547'>S5547</a> instead.</p>
<h2>Why is this an issue?</h2>
<p>According to the US National Institute of Standards and Technology (NIST), the Data Encryption Standard (DES) is no longer considered secure:</p>
<blockquote>
Expand Down
20 changes: 8 additions & 12 deletions style.css
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ img {
max-width: 100%
}

li + li {
li+li {
margin-top: 3px
}

Expand Down Expand Up @@ -105,7 +105,7 @@ table {
width: 100%
}

table + table {
table+table {
margin-top: 1em
}

Expand Down Expand Up @@ -144,19 +144,15 @@ canvas {
background-color: #d4333f
}

.sevBLOCKER {
background-color: #2c3e50
}

.sevCRITICAL {
.sevHIGH {
background-color: #d43223
}

.sevMAJOR {
.sevMEDIUM {
background-color: #f39c12
}

.sevMINOR {
.sevLOW {
background-color: #319ddb
}

Expand All @@ -165,6 +161,6 @@ canvas {
}

.rulestable {
table-layout: fixed; word-wrap: break-word
}

table-layout: fixed;
word-wrap: break-word
}
Loading

0 comments on commit af6d33e

Please sign in to comment.