Handle packages which are subject of more than 100 advisories

Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>

Author: TG1999

vulnerabilities/templates/affected_by_advisories.html

@@ -0,0 +1,116 @@
+{% extends "base.html" %}
+{% load humanize %}
+{% load widget_tweaks %}
+{% load static %}
+{% load url_filters %}
+{% load utils %}
+
+{% block content %}
+<div class="is-max-desktop mb-3">
+    <section class="mx-5">
+        <div class="is-flex" style="justify-content: space-between;">
+            <div>
+                {{ page_obj.paginator.count|intcomma }} results
+            </div>
+            {% if is_paginated %}
+                {% include 'includes/pagination.html' with page_obj=page_obj %}
+            {% endif %}
+        </div>
+    </section>
+</div>
+
+<section class="section pt-0">
+    <div class="content">
+        <table class="table is-bordered is-striped is-narrow is-hoverable is-fullwidth">
+                            <thead>
+                                <tr>
+                                    <th style="width: 200px;">Advisory</th>
+                                    <th style="width: 310px;">Source</th>
+                                    <th style="width: 200px;">Date Published</th>
+                                    <th>Summary</th>
+                                    <th style="width: 310px;">Fixed in package version</th>
+                                </tr>
+                            </thead>
+
+                            <tbody>
+                                {% for advisory in page_obj %}
+                                <tr>
+                                    <td>
+                                        <a href="{{advisory.get_absolute_url}}">
+                                            {{advisory.avid }}
+                                        </a>
+                                        <br />
+                                        {% if advisory.alias|length != 0 %}
+                                        Aliases:
+                                        {% endif %}
+                                        <br />
+                                        {% for alias in advisory.alias %}
+                                        {% if alias.url %}
+                                        <a href="{{ alias.url }}" target="_blank">{{ alias }}<i
+                                                class="fa fa-external-link fa_link_custom"></i></a>
+                                        <br />
+                                        {% else %}
+                                        {{ alias }}
+                                        <br />
+                                        {% endif %}
+                                        {% endfor %}
+
+                                        {% if advisory.secondary|length != 0 %}
+                                    <p>Supporting advisories are listed below the primary advisory.</p>
+                                    {% for secondary in advisory.secondary %}
+                                            <a href="{{secondary.get_absolute_url}}">
+                                                {{secondary.avid }}
+                                            </a>
+                                    {% endfor %}
+                                    {% endif %}
+                                    </td>
+                                    <td style="word-wrap: break-word; word-break: break-word;">
+                                        <a href={{advisory.url}} target="_blank">{{advisory.url}}</a>
+                                    </td>
+                                    <td style="word-wrap: break-word; word-break: break-word;">
+                                        {{advisory.date_published}}
+                                    </td>
+                                    <td style="word-wrap: break-word; word-break: break-word;">
+                                        {{ advisory.summary }}
+                                    </td>
+                                    <td style="word-wrap: break-word; word-break: break-all;">
+                                        {% with fixed=fixed_package_details|get_item:advisory.avid %}
+                                            {% if fixed %}
+                                                {% for item in fixed %}
+                                                <section>
+                                                    <a href="/packages/v2/{{ item.pkg.purl|url_quote }}?search={{ item.pkg.purl }}"
+                                                        target="_self">{{ item.pkg.version }}</a>
+                                                    <br/>
+                                                    {% if item.pkg.is_vulnerable %}
+                                                    <span class="{{ item.pkg.is_vulnerable|yesno:'emphasis-vulnerable,emphasis-not-vulnerable' }}">
+                                                        Vulnerable
+                                                    </span>
+                                                    {% else %}
+                                                    <span class="{{ item.pkg.is_vulnerable|yesno:'emphasis-vulnerable,emphasis-not-vulnerable' }}">
+                                                        Not vulnerable
+                                                    </span>
+                                                    {% endif %}
+                                                </section>
+                                                {% endfor %}
+                                            {% else %}
+                                                <span class="emphasis-vulnerable">There are no reported fixed by versions.</span>
+                                            {% endif %}
+                                        {% endwith %}
+                                    </td>
+                                </tr>
+                                {% empty %}
+                                <tr>
+                                    <td colspan="3">
+                                        <span class="emphasis-not-vulnerable">This package is not known to be subject of any advisories.</span>
+                                    </td>
+                                </tr>
+                                {% endfor %}
+                            </tbody>
+                        </table>
+    </div>
+
+{% if is_paginated %}
+    {% include 'includes/pagination.html' with page_obj=page_obj %}
+{% endif %}
+{% endblock %}
+</section>

vulnerabilities/templates/fixing_advisories.html

@@ -0,0 +1,76 @@
+{% extends "base.html" %}
+{% load humanize %}
+{% load widget_tweaks %}
+
+{% block content %}
+<div class="is-max-desktop mb-3">
+    <section class="mx-5">
+        <div class="is-flex" style="justify-content: space-between;">
+            <div>
+                {{ page_obj.paginator.count|intcomma }} results
+            </div>
+            {% if is_paginated %}
+                {% include 'includes/pagination.html' with page_obj=page_obj %}
+            {% endif %}
+        </div>
+    </section>
+</div>
+
+<section class="section pt-0">
+    <div class="content">
+        <table class="table is-bordered is-striped is-narrow is-hoverable is-fullwidth">
+                            <thead>
+                                <tr>
+                                    <th style="width: 200px;">Advisory</th>
+                                    <th style="width: 225px;">Source</th>
+                                    <th style="width: 225px;">Date Published</th>
+                                    <th>Summary</th>
+                                    <th style="width: 225px;">Aliases</th>
+                                </tr>
+                            </thead>
+                            <tbody>
+                                {% for advisory in page_obj %}
+                                <tr>
+                                    <td>
+                                        <a href="{{advisory.get_absolute_url}}">
+                                            {{advisory.avid }}
+                                        </a>
+                                    </td>
+                                    <td>
+                                        <a href={{advisory.url}} target="_blank">{{advisory.url}}</a>
+                                    </td>
+                                    <td>
+                                        {{advisory.date_published}}
+                                    </td>
+                                    <td>
+                                        {{ advisory.summary }}
+                                    </td>
+                                    <td>
+                                        {% for alias in advisory.alias %}
+                                        {% if alias.url %}
+                                        <a href="{{ alias.url }}" target="_blank">{{ alias }}<i
+                                                class="fa fa-external-link fa_link_custom"></i></a>
+                                        <br />
+                                        {% else %}
+                                        {{ alias }}
+                                        <br />
+                                        {% endif %}
+                                        {% endfor %}
+                                    </td>
+                                </tr>
+                                {% empty %}
+                                <tr>
+                                    <td colspan="3">
+                                        This package is not known to fix any advisories.
+                                    </td>
+                                </tr>
+                                {% endfor %}
+                            </tbody>
+                        </table>
+    </div>
+
+{% if is_paginated %}
+    {% include 'includes/pagination.html' with page_obj=page_obj %}
+{% endif %}
+{% endblock %}
+</section>

vulnerabilities/templates/package_details_v2.html

@@ -45,7 +45,7 @@
         <div id="tab-content">
             <div class="tab-div is-active" data-content="essentials">
                 <div class="tab-nested-div mb-1 pb-0">
-                        {% if affected_by_advisories_v2|length != 0 %}
+                        {% if affected_by_advisories_v2|length != 0 or affected_by_advisories_v2_url %}
                         <div class="pl-3 pr-3 mb-5 floating-purl pb-0">
                             {% else %}
                         <div class="pl-3 pr-3 mb-5 floating-purl pb-2">
@@ -82,7 +82,7 @@
                             </tbody>
                         </table>
                     </div>
-                    {% if affected_by_advisories_v2|length != 0 %}
+                    {% if affected_by_advisories_v2|length != 0 or affected_by_advisories_v2_url %}
 
                     <div class="pl-3 pr-3 mb-6 non-vuln pb-0">
                         <table class="table vcio-table width-100-pct">
@@ -128,10 +128,10 @@
                     {% endif %}
 
                     <div class="content ml-3 mr-3 pb-1">
+                        {% if affected_by_advisories_v2|length != 0 %}
                         <div class="has-text-weight-bold ml-1 mb-0 pb-0">
                             Vulnerabilities affecting this package ({{ affected_by_advisories_v2|length }})
                         </div>
-
                         <table class="table is-bordered is-striped is-narrow is-hoverable is-fullwidth">
                             <thead>
                                 <tr>
@@ -218,9 +218,20 @@
                                 {% endfor %}
                             </tbody>
                         </table>
+                        {% elif affected_by_advisories_v2_url %}
+                        <div class="has-text-weight-bold ml-1 mb-0 pb-0">
+                            This package is subject to more than 100 advisories. Please refer to the following
+                            URL for vulnerabilities affecting this package: <a href="{{ affected_by_advisories_v2_url }}" target="_blank"> Advisories </a>
+                        </div>
+                        {% else %}
+                        <div class="has-text-weight-bold ml-1 mb-0 pb-0">
+                            This package is not known to be subject of any advisories.
+                        </div>
+                        {% endif %}
                     </div>
 
                     <div class="content ml-3 mr-3 pb-0 mb-0">
+                        {% if fixing_advisories_v2|length != 0 %}
                         <div class="has-text-weight-bold ml-1 mb-0 pb-0">
                             Vulnerabilities fixed by this package ({{ fixing_advisories_v2|length }})
                         </div>
@@ -285,6 +296,16 @@
                         </table>
 
                         <br />
+                        {% elif fixing_advisories_v2_url %}
+                        <div class="has-text-weight-bold ml-1 mb-0 pb-0">
+                            This package is known to fix more than 100 advisories. Please refer to the following
+                            URL for vulnerabilities fixed by this package: <a href="{{ fixing_advisories_v2_url }}" target="_blank"> Advisories </a>
+                        </div>
+                        {% else %}
+                        <div class="has-text-weight-bold ml-1 mb-0 pb-0">
+                            This package is not known to fix any advisories.
+                        </div>
+                    {% endif %}
                     </div>
                 </div>
             </div>