@@ -18,46 +18,48 @@ def get_findings(self, file, test):
1818 findings = []
1919 data = json .load (file )
2020
21- if not isinstance (data , dict ) or "results " not in data :
21+ if not isinstance (data , dict ) or "matches " not in data :
2222 return findings
2323
24- for result in data ["results " ]:
25- image = result .get ("image " , "Unknown Image" )
26- matches = result .get ("Matches " , {})
27- artifact = result . get ( "artifact" , {})
28- distro = result .get ("distro" , {})
24+ for match in data ["matches " ]:
25+ cycle = match .get ("Cycle " , {} )
26+ artifact = match .get ("artifact " , {})
27+
28+ title = f" { cycle .get ('ProductName' , 'Unknown Product' ) } EOL Information"
2929
30- title = f"{ matches .get ('ProductName' , 'Unknown Product' )}
3130 description_lines = [
32- f"**Image:** { image } ,
33- f"**Product Name:** { matches .get ('ProductName' , 'N/A' )} ,
34- f"**Release Cycle:** { matches .get ('ReleaseCycle' , 'N/A' )} ,
35- f"**EOL Date:** { matches .get ('Eol' , 'N/A' )} ,
36- f"**Latest Release Date:** { matches .get ('LatestReleaseDate' , 'N/A' )} ,
37- f"**Release Date:** { matches .get ('ReleaseDate' , 'N/A' )} ,
31+ f"**Product Name:** { cycle .get ('ProductName' , 'N/A' )} ,
32+ f"**Release Cycle:** { cycle .get ('ReleaseCycle' , 'N/A' )} ,
33+ f"**EOL Date:** { cycle .get ('Eol' , 'N/A' )} ,
34+ f"**Latest Release Date:** { cycle .get ('LatestReleaseDate' , 'N/A' )} ,
35+ f"**Release Date:** { cycle .get ('ReleaseDate' , 'N/A' )} ,
3836 f"**Artifact Name:** { artifact .get ('name' , 'N/A' )} ,
3937 f"**Artifact Version:** { artifact .get ('version' , 'N/A' )} ,
4038 f"**Artifact Type:** { artifact .get ('type' , 'N/A' )} ,
41- f"**Licenses:** { ', ' .join (artifact .get ('licenses' , []))} ,
39+ f"**Licenses:** { ', ' .join (artifact .get ('licenses' , [])) if artifact . get ( 'licenses' ) else 'N/A' } ,
4240 f"**Package URL:** { artifact .get ('purl' , 'N/A' )} ,
43- f"**Distro Name:** { distro .get ('name' , 'N/A' )} ,
44- f"**Distro Version:** { distro .get ('version' , 'N/A' )} ,
41+ f"**CPEs:** { ', ' .join (artifact .get ('cpes' , [])) if artifact .get ('cpes' ) else 'N/A' } ,
4542 ]
4643
4744 locations = artifact .get ("locations" , [])
48- location_info = []
49- for loc in locations :
50- path = loc .get ("path" , "" )
51- layer_id = loc .get ("layerID" , "" )
52- location_info .append (f"Path: { path } { layer_id } )
53- if location_info :
45+ if locations :
46+ location_info = [
47+ f"Path: { loc .get ('path' , '' )} { loc .get ('layerID' , '' )}
48+ for loc in locations
49+ ]
5450 description_lines .append ("**Locations:**\n " + "\n " .join (location_info ))
5551
52+ metadata = artifact .get ("metadata" , {})
53+ if isinstance (metadata , dict ) and "files" in metadata :
54+ file_paths = [f .get ("path" , "" ) for f in metadata ["files" ] if "path" in f ]
55+ if file_paths :
56+ description_lines .append ("**Files:**\n " + "\n " .join (file_paths ))
57+
5658 description = "\n " .join (description_lines )
5759
5860 # Determine severity based on EOL date
5961 severity = "Info"
60- eol_str = matches .get ("Eol" , "" )
62+ eol_str = cycle .get ("Eol" , "" )
6163 try :
6264 eol_date = datetime .strptime (eol_str , "%Y-%m-%d" )
6365 now = datetime .now ()
@@ -84,7 +86,8 @@ def get_findings(self, file, test):
8486 static_finding = True ,
8587 dynamic_finding = False ,
8688 nb_occurences = 1 ,
87- references = matches .get ("ProductPermalink" , "" ),
89+ cwe = 672 ,
90+ references = cycle .get ("ProductPermalink" , "" ),
8891 )
8992
9093 findings .append (finding )
0 commit comments