Dont show remediation if not exists (#486)

jfrog · Sep 12, 2023 · 1ea8ab5 · 1ea8ab5
1 parent 29324f6
commit 1ea8ab5
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 20 deletions.
diff --git a/utils/outputwriter/outputwriter.go b/utils/outputwriter/outputwriter.go
@@ -213,7 +213,7 @@ func MarkAsCodeSnippet(snippet string) string {
 
 func GetJasMarkdownDescription(severity, finding string) string {
 	headerRow := "| Severity | Finding |\n"
-	separatorRow := "| :---: | :---: |\n"
+	separatorRow := "| :--------------: | :---: |\n"
 	return headerRow + separatorRow + fmt.Sprintf("| %s | %s |", severity, finding)
 }
 
@@ -224,7 +224,7 @@ Found issue with the following snippet
 at %s (line %d)
 `,
 		MarkAsCodeSnippet(location.Snippet),
-		location.File,
+		MarkAsQuote(location.File),
 		location.StartLine)
 }
 

diff --git a/utils/outputwriter/simplifiedoutput.go b/utils/outputwriter/simplifiedoutput.go
@@ -111,8 +111,9 @@ func (smo *SimplifiedOutput) VulnerabilitiesContent(vulnerabilities []formats.Vu
 }
 
 func (smo *SimplifiedOutput) ApplicableCveReviewContent(severity, finding, fullDetails, cveDetails, remediation string) string {
-	return fmt.Sprintf(`
-### 📦🔍 Applicable dependency CVE Vulnerability
+	var contentBuilder strings.Builder
+	contentBuilder.WriteString(fmt.Sprintf(`
+### 📦🔍 Contextual Analysis CVE Vulnerability
 	
 %s
 
@@ -124,15 +125,21 @@ func (smo *SimplifiedOutput) ApplicableCveReviewContent(severity, finding, fullD
 
 %s
 
-#### Remediation
-
-%s
-
 `,
 		GetJasMarkdownDescription(smo.FormattedSeverity(severity, "Applicable", false), finding),
 		fullDetails,
-		cveDetails,
-		remediation)
+		cveDetails))
+
+	if len(remediation) > 0 {
+		contentBuilder.WriteString(fmt.Sprintf(`
+#### Remediation
+	
+%s	
+
+`,
+			remediation))
+	}
+	return contentBuilder.String()
 }
 
 func (smo *SimplifiedOutput) IacReviewContent(severity, finding, fullDetails string) string {
@@ -177,11 +184,11 @@ func (smo *SimplifiedOutput) SastReviewContent(severity, finding, fullDetails st
 ---
 Vulnerable data flow analysis result:
 `)
-			for i, location := range flow {
+			for _, location := range flow {
 				contentBuilder.WriteString(fmt.Sprintf(`
-	%d. %s (at %s line %d)
+%s %s (at %s line %d)
 `,
-					i+1,
+					"↘️",
 					MarkAsQuote(location.Snippet),
 					location.File,
 					location.StartLine,

diff --git a/utils/outputwriter/standardoutput.go b/utils/outputwriter/standardoutput.go
@@ -125,10 +125,11 @@ func (so *StandardOutput) VulnerabilitiesContent(vulnerabilities []formats.Vulne
 }
 
 func (so *StandardOutput) ApplicableCveReviewContent(severity, finding, fullDetails, cveDetails, remediation string) string {
-	return fmt.Sprintf(`
+	var contentBuilder strings.Builder
+	contentBuilder.WriteString(fmt.Sprintf(`
 <div align="center"> 
 
-### 📦🔍 Applicable dependency CVE Vulnerability
+### 📦🔍 Contextual Analysis CVE Vulnerability
 
 %s
 
@@ -150,6 +151,12 @@ func (so *StandardOutput) ApplicableCveReviewContent(severity, finding, fullDeta
 
 </details>
 
+`,
+		GetJasMarkdownDescription(so.FormattedSeverity(severity, "Applicable", false), finding),
+		fullDetails,
+		cveDetails))
+
+	contentBuilder.WriteString(fmt.Sprintf(`
 <details>
 <summary> <b>Remediation</b> </summary>
 <br>
@@ -159,10 +166,8 @@ func (so *StandardOutput) ApplicableCveReviewContent(severity, finding, fullDeta
 </details>
 
 `,
-		GetJasMarkdownDescription(so.FormattedSeverity(severity, "Applicable", false), finding),
-		fullDetails,
-		cveDetails,
-		remediation)
+		remediation))
+	return contentBuilder.String()
 }
 
 func (so *StandardOutput) IacReviewContent(severity, finding, fullDetails string) string {
@@ -228,7 +233,7 @@ func (so *StandardOutput) SastReviewContent(severity, finding, fullDetails strin
 `)
 			for _, location := range flow {
 				contentBuilder.WriteString(fmt.Sprintf(`
-%s. %s (at %s line %d)
+%s %s (at %s line %d)
 `,
 					"↘️",
 					MarkAsQuote(location.Snippet),