It's a bit of a wall of text right now, but we need to show them somewhere so we can fix them.
63 lines
2.5 KiB
HTML
63 lines
2.5 KiB
HTML
{% extends "layout.html" %}
|
|
{% block title %}Security {% endblock %}
|
|
{% block inner_content %}
|
|
|
|
<div class="card mb-3">
|
|
<div class="card-header">
|
|
<h4 class="card-title">Security</h4>
|
|
<h6 class="card-subtitle mb-2 text-muted">{{ vulnerable|length }} packages with known potential vulnerabilities</h6>
|
|
</div>
|
|
<div class="card-body overflow-auto">
|
|
|
|
<p class="text-muted">{{ known|length }} out of {{ sources|length }}
|
|
packages contain enough metadata for vulnerability scanning. For more
|
|
information see <a href="https://www.msys2.org/dev/vulnerabilities">the
|
|
vulnerability reporting documentation</a>.</p>
|
|
|
|
<table class="table table-hover table-sm" style="table-layout: fixed; width:100%;">
|
|
<colgroup>
|
|
<col style="width: 50%">
|
|
<col style="width: 25%">
|
|
<col style="width: 25%">
|
|
<col style="width: 1.5em">
|
|
</colgroup>
|
|
<thead>
|
|
<tr>
|
|
<th>Base Package</th>
|
|
<th>Version</th>
|
|
<th>Upstream Version</th>
|
|
<th></th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
{% for s in vulnerable|sort(attribute='worst_active_vulnerability.severity.sort_key', reverse = True) %}
|
|
<tr>
|
|
<td><a href="{{ url_for('base', base_name=s.name) }}">{{ s.name }}</a></td>
|
|
<td class="text-version">{{ s.version }}{% if s.version != s.git_version %} <span class="text-muted small align-text-bottom ps-1">({{ s.git_version }} in git)</span>{% endif %}</td>
|
|
<td class="text-version">{{ s.upstream_version if s.is_outdated_in_git else '' }}</td>
|
|
<td class="mytooltip-onclick">
|
|
<span role="button" class="text-{{vulnerability_color(s.worst_active_vulnerability)}}">⚠</span>
|
|
<template class="mytooltip-content">
|
|
<ul class="list-unstyled">
|
|
{% for vuln in s.all_vulnerabilities %}
|
|
<li {% if vuln.ignored %}style="text-decoration: line-through"{% endif %}><a href="{{ vuln.url }}">{{ vuln.id }}</a> <span class="opacity-75 text-{{vulnerability_color(vuln)}}">({{ vuln.severity }})</span></li>
|
|
{% endfor %}
|
|
</ul>
|
|
</template>
|
|
</td>
|
|
</tr>
|
|
{% endfor %}
|
|
</tbody>
|
|
</table>
|
|
|
|
<h6>{{ unknown|length }} packages are missing metadata for vulnerability scanning:</h6>
|
|
{% for s in unknown %}
|
|
<a href="{{ url_for('base', base_name=s.name) }}">{{ s.realname }}</a>
|
|
{{ ", " if not loop.last else '' }}
|
|
{% endfor %}
|
|
|
|
</div>
|
|
</div>
|
|
|
|
{% endblock %}
|