add-security-linter-results-to-workflow-summary #254

Jannis-Mittenzwei · 2024-10-02T14:32:58Z

closes #248

exasol/toolbox/tools/security.py

Nicoretti · 2024-10-04T06:37:14Z

exasol/toolbox/tools/security.py

+def issues_to_markdown(issues: Iterable[Issue]) -> str:
+    markdown_str = ""
+    markdown_str += "# Security\n\n"
+    markdown_str += "|File|Cve|Cwe|Details|\n"
+    markdown_str += "|---|:-:|:-:|---|\n"
+    for issue in issues:
+        row = "|" + issue.coordinates + "|"
+        row += issue.cve + "|"
+        row += issue.cwe + "|"
+        for element in issue.references:
+            row += element + " ,<br>"
+        markdown_str += row[:-5] + "|\n"
+    return markdown_str


Suggested change

def issues_to_markdown(issues: Iterable[Issue]) -> str:

markdown_str = ""

markdown_str += "# Security\n\n"

markdown_str += "|File|Cve|Cwe|Details|\n"

markdown_str += "|---|:-:|:-:|---|\n"

for issue in issues:

row = "|" + issue.coordinates + "|"

row += issue.cve + "|"

row += issue.cwe + "|"

for element in issue.references:

row += element + " ,<br>"

markdown_str += row[:-5] + "|\n"

return markdown_str

from inspect import cleandoc

def issues_to_markdown(issues: Iterable[Issue]) -> str:

template = cleandoc("""

{header}

{rows}

""")

def _header():

header = ""

markdown_str += "# Security\n\n"

header += "|File|Cve|Cwe|Details|\n"

header += "|---|:-:|:-:|---|\n"

return header

def _row(issue):

row = "|" + issue.coordinates + "|"

row += issue.cve + "|"

row += issue.cwe + "|"

for element in issue.references:

row += element + " ,<br>"

row += row[:-5] + "|"

return row

return template.format(

header=_header()

rows = "\n".jon(_entry(i) for i in issues)

)

Additionally if you make use of "".join() you can safe yourself the head egg with removing the bits from the last line here:

for element in issue.references: row += element + " ,<br>" row += row[:-5] + "|"

Similar to what is done in the new return statement for rows

Nicoretti · 2024-10-04T06:41:08Z

exasol/toolbox/tools/security.py

+            description=issue["issue_text"],
+            coordinates=issue["filename"].replace(
+                str(PROJECT_CONFIG.root) + "/", ""
+                ) + ":" + str(issue["line_number"]) + ":" + str(issue["col_offset"]) + ":",


f'{issue["line_number"]}' has the same effect as str(issue["line_number"])

Nicoretti · 2024-10-04T06:44:27Z

exasol/toolbox/tools/security.py

+                str(PROJECT_CONFIG.root) + "/", ""
+                ) + ":" + str(issue["line_number"]) + ":" + str(issue["col_offset"]) + ":",


Suggested change

str(PROJECT_CONFIG.root) + "/", ""

) + ":" + str(issue["line_number"]) + ":" + str(issue["col_offset"]) + ":",

f'{PROJECT_CONFIG.root}/, ""') + f':{issue["line_number"]}:{issue["col_offset"]}:',

.github/workflows/report.yml

Jannis-Mittenzwei temporarily deployed to manual-approval October 2, 2024 14:33 — with GitHub Actions Inactive

add to tbx security pretty print for markdown

8a3555b

Jannis-Mittenzwei temporarily deployed to manual-approval October 2, 2024 14:40 — with GitHub Actions Inactive

Jannis-Mittenzwei changed the title ~~add to tbx security pretty print for markdown~~ add-security-linter-results-to-workflow-summary Oct 2, 2024

fix

4803fed

Jannis-Mittenzwei temporarily deployed to manual-approval October 2, 2024 14:43 — with GitHub Actions Inactive

fix

6af66e1

Nicoretti reviewed Oct 4, 2024

View reviewed changes

Jannis-Mittenzwei temporarily deployed to manual-approval October 8, 2024 09:47 — with GitHub Actions Inactive

resolve conversation

e4d6bd4

Jannis-Mittenzwei temporarily deployed to manual-approval October 8, 2024 09:53 — with GitHub Actions Inactive

fix

43cdbbb

Jannis-Mittenzwei temporarily deployed to manual-approval October 8, 2024 09:56 — with GitHub Actions Inactive

fix

65f14ef

Jannis-Mittenzwei temporarily deployed to manual-approval October 8, 2024 13:44 — with GitHub Actions Inactive

add prysk test for pprint

bb22ac0

Jannis-Mittenzwei deployed to manual-approval October 8, 2024 13:52 — with GitHub Actions Active

add prysk test for pprint

3292796

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

add-security-linter-results-to-workflow-summary #254

add-security-linter-results-to-workflow-summary #254

Jannis-Mittenzwei commented Oct 2, 2024

Nicoretti Oct 4, 2024

Nicoretti Oct 4, 2024

Nicoretti Oct 4, 2024

Nicoretti Oct 4, 2024

		str(PROJECT_CONFIG.root) + "/", ""
		) + ":" + str(issue["line_number"]) + ":" + str(issue["col_offset"]) + ":",

	str(PROJECT_CONFIG.root) + "/", ""
	) + ":" + str(issue["line_number"]) + ":" + str(issue["col_offset"]) + ":",
	f'{PROJECT_CONFIG.root}/, ""') + f':{issue["line_number"]}:{issue["col_offset"]}:',

add-security-linter-results-to-workflow-summary #254

Are you sure you want to change the base?

add-security-linter-results-to-workflow-summary #254

Conversation

Jannis-Mittenzwei commented Oct 2, 2024

Nicoretti Oct 4, 2024

Choose a reason for hiding this comment

Nicoretti Oct 4, 2024

Choose a reason for hiding this comment

Nicoretti Oct 4, 2024

Choose a reason for hiding this comment

Nicoretti Oct 4, 2024

Choose a reason for hiding this comment