cmd/govulncheck: HTML table transposed
Make HTML output look more like text output.
Change-Id: I79466326325f2304389b181df1d35b75743e4b20
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/395555
Trust: Jonathan Amsterdam <jba@google.com>
Run-TryBot: Jonathan Amsterdam <jba@google.com>
Reviewed-by: Julie Qiu <julie@golang.org>
diff --git a/cmd/govulncheck/html.go b/cmd/govulncheck/html.go
index 70a4105..a4b382d 100644
--- a/cmd/govulncheck/html.go
+++ b/cmd/govulncheck/html.go
@@ -16,58 +16,51 @@
)
func html(w io.Writer, r *vulncheck.Result, callStacks map[*vulncheck.Vuln][]vulncheck.CallStack, moduleVersions map[string]string, topPackages map[string]bool, vulnGroups [][]*vulncheck.Vuln) error {
- tmpl, err := template.New("").Funcs(template.FuncMap{
+ tmpl, err := template.New("govulncheck").Funcs(template.FuncMap{
"funcName": funcName,
}).Parse(templateSource)
if err != nil {
return err
}
- type vuln struct {
- PkgPath string
- CurrentVersion string
- FixedVersion string
- Reference string
- Details string
- }
-
type callstack struct {
Summary string
Stack vulncheck.CallStack
}
- type callstacks struct {
- ID string // osv.Entry ID
- Stacks []callstack
+ type vuln struct {
+ ID string
+ PkgPath string
+ CurrentVersion string
+ FixedVersion string
+ Reference string
+ Details string
+ Stacks []callstack
}
- data := struct {
- Vulns []vuln
- CallStacks []callstacks
- }{}
-
+ var vulns []*vuln
for _, vg := range vulnGroups {
v0 := vg[0]
- data.Vulns = append(data.Vulns, vuln{
+ vn := &vuln{
+ ID: v0.OSV.ID,
PkgPath: v0.PkgPath,
CurrentVersion: moduleVersions[v0.ModPath],
FixedVersion: "v" + latestFixed(v0.OSV.Affected),
Reference: fmt.Sprintf("https://pkg.go.dev/vuln/%s", v0.OSV.ID),
Details: v0.OSV.Details,
- })
+ }
// Keep first call stack for each vuln.
- stacks := callstacks{ID: v0.OSV.ID}
for _, v := range vg {
if css := callStacks[v]; len(css) > 0 {
- stacks.Stacks = append(stacks.Stacks, callstack{
+ vn.Stacks = append(vn.Stacks, callstack{
Summary: summarizeCallStack(css[0], topPackages, v.PkgPath),
Stack: css[0],
})
}
}
- data.CallStacks = append(data.CallStacks, stacks)
+ vulns = append(vulns, vn)
}
- return tmpl.Execute(w, data)
+ return tmpl.Execute(w, vulns)
}
var templateSource = `
@@ -75,35 +68,36 @@
<html lang="en">
<meta charset="utf-8">
<title>govulncheck Results</title>
+<style>
+body {
+ font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu,
+ 'Helvetica Neue', Arial, sans-serif;
+}
+list-style-type: none;
+</style>
+
<body>
- {{with .Vulns}}
- <h2>Vulnerabilities</h2>
- <table>
- <tr><th>Package</th><th>Your Version</th><th>Fixed Version</th><th>Reference</th><th>Details</th><tr>
- {{range .Vulns}}
- <tr>
- <td>{[.PkgPath}}</td>
- <td>{{.CurrentVersion}}</td>
- <td>{{.FixedVersion}}</td>
- <td>{{.Reference}}</td>
- <td>{{.Details}}</td>
- </tr>
- {{end}}
- </table>
+ {{range .}}
+ <h2>{{.ID}}</h2>
+ <table>
+ <tr><td>Package</td><td>{{.PkgPath}}</td></tr>
+ <tr><td>Your version</td><td>{{.CurrentVersion}}</td></tr>
+ <tr><td>Fixed version</td><td>{{.FixedVersion}}</td></tr>
+ <tr><td>Reference</td><td>{{.Reference}}</td></tr>
+ <tr><td>Description</td><td>{{.Details}}</td></tr>
+ </table>
- <h2>Call Stacks</h2>
- {{range .CallStacks}}
- <h3>.ID</h3>
- {{range .Stacks}}
- <details>
- <summary>{{.Summary}}</summary>
- {{range .Stack}}
- <p>{{.Function | funcName}}</p>
- {{end}}
- </details>
- {{end}}
- {{end}}
+ {{range .Stacks}}
+ <details>
+ <summary>{{.Summary}}</summary>
+ <ul>
+ {{range .Stack}}
+ <li>{{.Function | funcName}}</li>
+ {{end}}
+ </ul>
+ </details>
+ {{end}}
{{else}}
No vulnerabilities found.
{{end}}
diff --git a/cmd/govulncheck/main.go b/cmd/govulncheck/main.go
index 05327d8..c1d8a71 100644
--- a/cmd/govulncheck/main.go
+++ b/cmd/govulncheck/main.go
@@ -47,9 +47,9 @@
Usage:
- govulncheck [-json] [-all] [-tests] [-tags] {package pattern...}
+ govulncheck [flags] {package pattern...}
- govulncheck {binary path}
+ govulncheck [flags] {binary path}
Flags: