diff --git a/scanpullrequest/scanpullrequest.go b/scanpullrequest/scanpullrequest.go
index a869fdbd4..1fcc49829 100644
--- a/scanpullrequest/scanpullrequest.go
+++ b/scanpullrequest/scanpullrequest.go
@@ -206,6 +206,7 @@ func auditPullRequest(repoConfig *utils.Repository, client vcsclient.VcsClient,
applicableIssues = append(applicableIssues, filterNotApplicableResults(sourceScanResults.ApplicabilityScanResults)...)
iacIssues = append(iacIssues, sourceScanResults.IacScanResults...)
secretsIssues = append(secretsIssues, sourceScanResults.SecretsScanResults...)
+ sastIssues = append(sastIssues, sourceScanResults.SastScanResults...)
continue
}
diff --git a/utils/outputwriter/outputwriter.go b/utils/outputwriter/outputwriter.go
index 9c3d79876..dc886d8e0 100644
--- a/utils/outputwriter/outputwriter.go
+++ b/utils/outputwriter/outputwriter.go
@@ -14,7 +14,7 @@ import (
const (
FrogbotTitlePrefix = "[🐸 Frogbot]"
CommentGeneratedByFrogbot = "[JFrog Frogbot](https://github.com/jfrog/frogbot#readme)"
- ReviewCommentGeneratedByFrogbot = "[[🐸 JFrog Frogbot]](https://github.com/jfrog/frogbot#readme)"
+ ReviewCommentGeneratedByFrogbot = "[🐸 JFrog Frogbot](https://github.com/jfrog/frogbot#readme)"
vulnerabilitiesTableHeader = "\n| SEVERITY | DIRECT DEPENDENCIES | IMPACTED DEPENDENCY | FIXED VERSIONS |\n| :---------------------: | :----------------------------------: | :-----------------------------------: | :---------------------------------: |"
vulnerabilitiesTableHeaderWithContextualAnalysis = "| SEVERITY | CONTEXTUAL ANALYSIS | DIRECT DEPENDENCIES | IMPACTED DEPENDENCY | FIXED VERSIONS |\n| :---------------------: | :----------------------------------: | :----------------------------------: | :-----------------------------------: | :---------------------------------: |"
iacTableHeader = "\n| SEVERITY | FILE | LINE:COLUMN | FINDING |\n| :---------------------: | :----------------------------------: | :-----------------------------------: | :---------------------------------: |"
@@ -104,7 +104,7 @@ type OutputWriter interface {
IacContent(iacRows []formats.SourceCodeRow) string
Footer() string
Separator() string
- FormattedSeverity(severity, applicability string) string
+ FormattedSeverity(severity, applicability string, addName bool) string
IsFrogbotResultComment(comment string) bool
SetJasOutputFlags(entitled, showCaColumn bool)
VcsProvider() vcsutils.VcsProvider
@@ -114,6 +114,7 @@ type OutputWriter interface {
ApplicableCveReviewContent(severity, finding, fullDetails, cveDetails, remediation string) string
IacReviewContent(severity, finding, fullDetails string) string
SastReviewContent(severity, finding, fullDetails string, codeFlows []*sarif.CodeFlow) string
+ ReviewFooter() string
}
func GetCompatibleOutputWriter(provider vcsutils.VcsProvider) OutputWriter {
@@ -196,7 +197,7 @@ func getVulnerabilitiesTableContent(vulnerabilities []formats.VulnerabilityOrVio
func getIacTableContent(iacRows []formats.SourceCodeRow, writer OutputWriter) string {
var tableContent string
for _, iac := range iacRows {
- tableContent += fmt.Sprintf("\n| %s | %s | %s | %s |", writer.FormattedSeverity(iac.Severity, string(xrayutils.Applicable)), iac.File, iac.LineColumn, iac.Snippet)
+ tableContent += fmt.Sprintf("\n| %s | %s | %s | %s |", writer.FormattedSeverity(iac.Severity, string(xrayutils.Applicable), true), iac.File, iac.LineColumn, iac.Snippet)
}
return tableContent
}
@@ -209,6 +210,12 @@ func MarkAsQuote(s string) string {
return fmt.Sprintf("`%s`", s)
}
+func GetJasMarkdownDescription(severity, finding string) string {
+ headerRow := "| Severity | Finding |\n"
+ separatorRow := "| :---: | :---: |\n"
+ return headerRow + separatorRow + fmt.Sprintf("| %s | %s |", severity, finding)
+}
+
func GetAggregatedPullRequestTitle(tech coreutils.Technology) string {
if tech.ToString() == "" {
return FrogbotTitlePrefix + " Update dependencies"
diff --git a/utils/outputwriter/simplifiedoutput.go b/utils/outputwriter/simplifiedoutput.go
index 013afc6af..acfe06f74 100644
--- a/utils/outputwriter/simplifiedoutput.go
+++ b/utils/outputwriter/simplifiedoutput.go
@@ -22,7 +22,7 @@ type SimplifiedOutput struct {
}
func (smo *SimplifiedOutput) VulnerabilitiesTableRow(vulnerability formats.VulnerabilityOrViolationRow) string {
- row := fmt.Sprintf("| %s | ", smo.FormattedSeverity(vulnerability.Severity, vulnerability.Applicable))
+ row := fmt.Sprintf("| %s | ", smo.FormattedSeverity(vulnerability.Severity, vulnerability.Applicable, true))
directsRowFmt := directDependencyRow
if smo.showCaColumn {
row += vulnerability.Applicable + " |"
@@ -129,7 +129,7 @@ Finding: %s
%s
`,
- smo.FormattedSeverity(severity, "Applicable"),
+ smo.FormattedSeverity(severity, "Applicable", false),
finding,
fullDetails,
cveDetails)
@@ -146,7 +146,7 @@ Finding: %s
%s
`,
- smo.FormattedSeverity(severity, "Applicable"),
+ smo.FormattedSeverity(severity, "Applicable", false),
finding,
fullDetails)
}
@@ -169,7 +169,7 @@ Finding: %s
#### Vulnerable data flows
`,
- smo.FormattedSeverity(severity, "Applicable"),
+ smo.FormattedSeverity(severity, "Applicable", false),
finding,
fullDetails,
))
@@ -230,11 +230,21 @@ func (smo *SimplifiedOutput) Footer() string {
return fmt.Sprintf("\n\n%s", CommentGeneratedByFrogbot)
}
+func (smo *SimplifiedOutput) ReviewFooter() string {
+ return fmt.Sprintf(`
+
+---
+
+%s
+
+`, ReviewCommentGeneratedByFrogbot)
+}
+
func (smo *SimplifiedOutput) Separator() string {
return ", "
}
-func (smo *SimplifiedOutput) FormattedSeverity(severity, _ string) string {
+func (smo *SimplifiedOutput) FormattedSeverity(severity, _ string, _ bool) string {
return severity
}
diff --git a/utils/outputwriter/standardoutput.go b/utils/outputwriter/standardoutput.go
index 64a94772a..2213c7ae2 100644
--- a/utils/outputwriter/standardoutput.go
+++ b/utils/outputwriter/standardoutput.go
@@ -22,7 +22,7 @@ func (so *StandardOutput) VulnerabilitiesTableRow(vulnerability formats.Vulnerab
directDependencies.WriteString(fmt.Sprintf("%s:%s%s", dependency.Name, dependency.Version, so.Separator()))
}
- row := fmt.Sprintf("| %s | ", so.FormattedSeverity(vulnerability.Severity, vulnerability.Applicable))
+ row := fmt.Sprintf("| %s | ", so.FormattedSeverity(vulnerability.Severity, vulnerability.Applicable, true))
if so.showCaColumn {
row += vulnerability.Applicable + " | "
}
@@ -130,15 +130,14 @@ func (so *StandardOutput) ApplicableCveReviewContent(severity, finding, fullDeta
return fmt.Sprintf(`
### 📦🔍 Applicable dependency CVE Vulnerability
-Severity: %s
-
-Finding: %s
+%s
#### 👇 Details
Description
+
%s
CVE details
+
%s
Remediation
+
%s
Full description
+
%s