Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(output): add HTML output format #1258

Merged
merged 23 commits into from
Oct 9, 2024
Merged

feat(output): add HTML output format #1258

merged 23 commits into from
Oct 9, 2024

Conversation

hogo6002
Copy link
Contributor

@hogo6002 hogo6002 commented Sep 18, 2024
edited
Loading

Implement #1274
Add an HTML output format to display results more effectively, particularly for container scanning.
This format retains all the information from the existing table output, including called/uncalled vulnerability details.

New features:

  • Provides a package summary page
  • Groups vulnerabilities by source package and ecosystem. Vulnerabilities from OS images are displayed last by default.
  • Provides a total count of vulnerabilities (excluding uncalled vulnerabilities by default).
  • Surfaces container scanning metrics, such as layer commands.
  • Shows fix version information.
    image
    image
    image

@hogo6002 hogo6002 marked this pull request as draft September 18, 2024 06:27
@codecov-commenter
Copy link

codecov-commenter commented Sep 25, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 68.73065% with 101 lines in your changes missing coverage. Please review.

Project coverage is 68.48%. Comparing base (b14f6c7) to head (96505fb).

Files with missing lines Patch % Lines
internal/output/html.go 77.41% 53 Missing and 10 partials ⚠️
pkg/reporter/html_reporter.go 0.00% 26 Missing ⚠️
internal/utility/severity/severity.go 54.54% 5 Missing ⚠️
cmd/osv-scanner/scan/main.go 0.00% 2 Missing and 1 partial ⚠️
internal/semantic/parse.go 0.00% 2 Missing ⚠️
pkg/reporter/format.go 0.00% 2 Missing ⚠️
Additional details and impacted files 
@@           Coverage Diff            @@
##             main    #1258    +/-   ##
========================================
  Coverage   68.47%   68.48%            
========================================
  Files         175      177     +2     
  Lines       16832    17155   +323     
========================================
+ Hits        11526    11748   +222     
- Misses       4679     4769    +90     
- Partials      627      638    +11

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@hogo6002 hogo6002 requested a review from cuixq September 27, 2024 06:31
@hogo6002 hogo6002 marked this pull request as ready for review September 27, 2024 06:31
another-rex
another-rex reviewed Sep 30, 2024
View reviewed changes
Copy link
Collaborator

@another-rex another-rex left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking good! Did a quick first pass at reviewing this.

internal/output/html/report_template.html Outdated Show resolved Hide resolved
internal/output/html/vuln_table_template.html Outdated Show resolved Hide resolved
internal/output/html/report_template.html Outdated Show resolved Hide resolved
internal/output/html/report_template.html Outdated Show resolved Hide resolved
internal/output/html/package_table_template.html Outdated Show resolved Hide resolved
internal/output/html.go Show resolved Hide resolved
internal/output/html.go Outdated Show resolved Hide resolved
internal/output/html.go Outdated Show resolved Hide resolved
internal/output/html.go Outdated Show resolved Hide resolved
internal/output/html.go Outdated Show resolved Hide resolved
@hogo6002
Copy link
Contributor Author

hogo6002 commented Oct 1, 2024

Added a tooltip for layer command file name and enabled UT

cuixq
cuixq approved these changes Oct 3, 2024
View reviewed changes
Copy link
Contributor

@cuixq cuixq left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

pkg/reporter/format.go Outdated Show resolved Hide resolved
internal/output/html.go Outdated Show resolved Hide resolved
internal/output/html.go Show resolved Hide resolved
another-rex
another-rex reviewed Oct 3, 2024
View reviewed changes
internal/output/html.go Show resolved Hide resolved
internal/output/html.go Outdated Show resolved Hide resolved
internal/output/html.go Show resolved Hide resolved
oliverchang
oliverchang reviewed Oct 3, 2024
View reviewed changes
Copy link
Collaborator

@oliverchang oliverchang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this looks awesome!!!

internal/output/html.go Show resolved Hide resolved
internal/output/html.go Show resolved Hide resolved
internal/output/html.go Outdated Show resolved Hide resolved
another-rex
another-rex reviewed Oct 8, 2024
View reviewed changes
Copy link
Collaborator

@another-rex another-rex left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Last review!

internal/output/html.go Outdated Show resolved Hide resolved
internal/output/html.go Outdated Show resolved Hide resolved
internal/output/html.go Outdated Show resolved Hide resolved
internal/output/html.go Outdated Show resolved Hide resolved
internal/output/html.go Outdated Show resolved Hide resolved
internal/output/html.go Outdated Show resolved Hide resolved
internal/output/html.go Show resolved Hide resolved
internal/output/html.go Outdated Show resolved Hide resolved
internal/output/html.go Outdated Show resolved Hide resolved
another-rex
another-rex approved these changes Oct 9, 2024
View reviewed changes
Copy link
Collaborator

@another-rex another-rex left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, one minor comment

internal/output/html.go Outdated Show resolved Hide resolved
G-Rath
G-Rath reviewed Oct 9, 2024
View reviewed changes
.prettierignore Outdated Show resolved Hide resolved
@hogo6002 hogo6002 merged commit 3702c3b into google:main Oct 9, 2024
13 checks passed
@oliverchang oliverchang mentioned this pull request Oct 9, 2024
Open
@hogo6002 hogo6002 mentioned this pull request Nov 6, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@G-Rath G-Rath G-Rath left review comments

@another-rex another-rex another-rex approved these changes

@cuixq cuixq cuixq approved these changes

@oliverchang oliverchang Awaiting requested review from oliverchang

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@hogo6002 @codecov-commenter @oliverchang @G-Rath @cuixq @another-rex