• Home
• com.checkmarx
• cx-client-common
• 2020.4.116
• source code
• report.ftl

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.cx.report.report.ftl Maven / Gradle / Ivy

<#macro thresholdTooltip threshold count>
    <#if count gt threshold>
    

        

        
        

            
            
${threshold}
        
    
    




    

        
Checkmarx Report


    <#if buildFailed>
        

            

                

                    
                
            
            

                

                    Checkmarx scan found the following issues:
                
                

                    <#if config.isSastEnabled() && !sast.sastResultsReady>
                        
SAST Scan Failed
                    
                    <#if config.isOsaEnabled() && !dependencyResult.resultReady>
                        
OSA Scan Failed
                    
                    <#if policyViolated>
                        
${policyViolatedCount} ${policyLabel}  Violated
                    
                    <#if config.isSastEnabled() && sast.sastResultsReady && (sastThresholdExceeded || sastNewResultsExceeded) && (config.isOsaEnabled() || config.isAstScaEnabled()) && dependencyResult.resultReady && dependencyThresholdExceeded>
                        
Exceeded CxSAST and CxOSA/CxSCA Vulnerability Thresholds
                    <#elseif config.isSastEnabled() && sast.sastResultsReady && (sastThresholdExceeded || sastNewResultsExceeded)>
                        
Exceeded CxSAST Vulnerability Threshold
                    <#elseif config.isOsaEnabled() && dependencyResult.resultReady && dependencyThresholdExceeded>
                        
Exceeded CxOSA Vulnerability Threshold
                    <#elseif config.isAstScaEnabled() && dependencyResult.resultReady && dependencyThresholdExceeded>
                        
Exceeded CxSCA Vulnerability Threshold
                    <#else>
                        
CxScan Failed
                    
                
            
        
    <#else>
        

            

                

                    
                
            
            

                

                    Checkmarx Scan Passed
                
            
        

    


    
    


        

            


            <#if config.isSastEnabled()>
                

                    

                        
CxSAST Vulnerabilities Status
                        <#if sast.sastResultsReady>
                            

                                

                                    
                                        

                                            
                                        
                                        
Results
                                    
                                

                                <#if sast.sastPDFLink??>
                                    

                                        
                                            

                                                
                                            
                                            

                                                PDF Report
                                            
                                        
                                    
                                
                            
                        <#else>
                            

                                

                                    

                                        
                                    
                                    
SAST scan failed
                                
                            
                        
                    
                    <#if sast.sastResultsReady>
                        
                        

                            

                                <#if sast.hasNewResults()>
                                    

                                        

                                            

                                                

                                                
Recurrent
                                            
                                            

                                                

                                                
New
                                            
                                        
                                    
                                
                            

                            

                                
                                

                                        
                                            

                                                <#if config.sastThresholdsEnabled && config.sastHighThreshold??>
                                                    <@thresholdTooltip threshold=config.sastHighThreshold count=sast.high/>
                                                
                                            
                                            

                                            

                                        

                                    

                                        

                                            

                                                
                                            
                                            
High -
                                            
${sast.high}
                                        
                                        <#if sast.hasNewResults()>
                                            
${sast.newHigh}
                                                New
                                            
                                        
                                    
                                

                                
                                

                                        
                                                

                                                    <#if config.sastThresholdsEnabled && config.sastMediumThreshold??>
                                                        <@thresholdTooltip threshold=config.sastMediumThreshold count=sast.medium/>
                                                    
                                                
                                                

                                                

                                        
                                    

                                        

                                            

                                                
                                            
                                            
Medium -
                                            
${sast.medium}
                                        
                                        <#if sast.hasNewResults()>
                                            
${sast.newMedium} New
                                            
                                        
                                    
                                

                                
                                

                                        
                                            

                                                <#if config.sastThresholdsEnabled && config.sastLowThreshold??>
                                                    <@thresholdTooltip threshold=config.sastLowThreshold count=sast.low/>
                                                
                                            
                                            

                                            

                                        
                                    

                                        

                                            

                                                
                                            
                                            
Low -
                                            
${sast.low}
                                        
                                        <#if sast.hasNewResults()>
                                            
${sast.newLow}
                                                New
                                            
                                        
                                    
                                
                            
                        
                    
                
            

                <#if config.isOsaEnabled()|| config.isAstScaEnabled() >
        

            

                <#if dependencyResult.scannerType=="AST_SCA">
                
CxSCA Vulnerabilities & Libraries
                <#else>
                
Cx${dependencyResult.scannerType} Vulnerabilities & Libraries
                
                <#if dependencyResult.resultReady>
                    

                        

                            
                                

                                    
                                
                                
Results
                            
                        
                    
                <#else>
                    

                        

                            

                                
                            
                            
OSA scan failed
                        
                    
                
            
            <#if dependencyResult.resultReady>
                

                    
                    

                        
Libraries:
                        
                        

                            

                                
${dependencyResult.vulnerableAndOutdated}
                            
                            

                                Vulnerable and Outdated Libraries
                            
                        
                        
                        

                            

                                
${dependencyResult.nonVulnerableLibraries}
                            
                            

                                No Known Vulnerability Libraries
                            
                        
                    
                    
                    

                        

                            
                            

                                            
                                                

                                                    <#if config.osaThresholdsEnabled && config.osaHighThreshold??>
                                                        <@thresholdTooltip threshold=config.osaHighThreshold count=dependencyResult.highVulnerability/>
                                                    
                                                
                                            

                                

                                    

                                        

                                            
                                        
                                        
High -
                                        
${dependencyResult.highVulnerability}
                                    
                                
                            

                            
                            

                                            
                                                

                                                    <#if config.osaThresholdsEnabled && config.osaMediumThreshold??>
                                                        <@thresholdTooltip threshold=config.osaMediumThreshold count=dependencyResult.mediumVulnerability/>
                                                    
                                                
                                            
                                

                                    

                                        

                                            
                                        
                                        
Medium -
                                        
${dependencyResult.mediumVulnerability}
                                    
                                
                            

                            
                            

                                            
                                                

                                                    <#if config.osaThresholdsEnabled && config.osaLowThreshold??>
                                                        <@thresholdTooltip threshold=config.osaLowThreshold count=dependencyResult.lowVulnerability/>
                                                    
                                                
                                            
                                

                                    

                                        

                                            
                                        
                                        
Low -
                                        
${dependencyResult.lowVulnerability}
                                    
                                
                            
                        
                    
                
            
        
        
    


        <#--<#if config.dependencyScannerType == "SCA">
            

                

                    
SCA Vulnerabilities & Libraries
                    <#if sca.scaResultReady>
                        

                            

                                
                                    

                                        
                                    
                                    
Results
                                
                            
                        
                    <#else>
                        

                            

                                

                                    

                

                    

                        

                            
CxSAST
                            
Full Report
                        
                        

                            

                                

                                    
                                        

                                            

                                                
                                            
                                            
Analyze Results
                                        
                                    
                                
                            
                        
                    
                    

                        

                            

                                

                                    
                                
                                

                                    

                                        Start:
                                    
                                    
${sast.scanStartTime}
                                
                            

                            
                            

                                

                                    
                                
                                

                                    

                                        End:
                                    
                                    
${sast.scanEndTime}
                                
                            

                            
                            

                                

                                    
                                
                                

                                    

                                        Files:
                                    
                                    
${sast.filesScanned}
                                
                            

                            
                            

                                

                                    
                                
                                

                                    

                                        Code Lines:
                                    
                                    
${sast.LOC}
                                
                            
                        

                        <#if sast.high gt 0>
                            

                                

                                    

                                        
                                    
                                    
High
                                    
 ${sast.high}
                                
                                
                                    <#list sast.queryList as query>
                                        <#if query.severity == "High">
                                            

                                    

                                        
Vulnerability
                                        
##
                                    

                                                
${query.name}
                                                
${query.result?size}
                                            
                                        
                                    
                                
                            
                        

                        <#if sast.medium gt 0>
                            

                                

                                    

                                        
                                    
                                    
Medium
                                    
${sast.medium}
                                
                                
                                    <#list sast.queryList as query>
                                        <#if query.severity == "Medium">
                                            

                                    

                                        
Vulnerability
                                        
##
                                    

                                                
${query.name}
                                                
${query.result?size}
                                            
                                        
                                    
                                
                            
                        

                        <#if sast.low gt 0>
                            

                                

                                    

                                        
                                    
                                    
Low
                                    
 ${sast.low}
                                
                                
                                    <#list sast.queryList as query>
                                        <#if query.severity == "Low">
                                            

                                    

                                        
Vulnerability
                                        
##
                                    

                                                
${query.name}
                                                
${query.result?size}
                                            
                                        
                                    
                                
                            
                        
                    
                
            
        
    

    <#if ( config.isOsaEnabled() || config.isAstScaEnabled()) && dependencyResult.resultReady>
        <#if dependencyResult.dependencyHighCVEReportTable?size gt 0 || dependencyResult.dependencyMediumCVEReportTable?size gt 0 || dependencyResult.dependencyLowCVEReportTable?size gt 0>
            

                

                    

                        

                        <#if dependencyResult.scannerType=="AST_SCA">
                            
CxSCA
                            <#else>
                                
Cx${dependencyResult.scannerType}
                        
                            
Full Report
                        
                        

                            

                                

                                    
                                        

                                            

                                                
                                            
                                            
Analyze Results
                                        
                                    
                                
                            
                        
                    
                    

                        

                            

                                

                                    
                                
                                

                                    

                                        Start:
                                    
                                    
${dependencyResult.scanStartTime}
                                
                            

                            
                            

                                

                                    
                                
                                

                                    

                                        End:
                                    
                                    
${dependencyResult.scanEndTime}
                                
                            

                            
                            

                                

                                    
                                
                                

                                    

                                        Libraries:
                                    
                                    
${dependencyResult.totalLibraries}
                                
                            
                        
                        <#if dependencyResult.dependencyHighCVEReportTable?size gt 0>
                            

                                

                                    

                                        
                                    
                                    
High
                                    
${dependencyResult.highVulnerability}
                                
                                
                                    <#list dependencyResult.dependencyHighCVEReportTable as cve>
                                        <#if cve.state =="NOT_EXPLOITABLE">
                                        
                                        <#else>
                                        

                                    

                                        
Vulnerability
                                        
Publish Date
                                        
Library
                                    

                                        
                                        
${cve.name}
                                        
${cve.publishDate}
                                        
${cve.libraryName}
                                    
                                    
                                
                            
                        

                        <#if dependencyResult.dependencyMediumCVEReportTable?size gt 0>
                            

                                

                                    

                                        
                                    
                                    
Medium
                                    
${dependencyResult.mediumVulnerability}
                                
                                
                                    <#list dependencyResult.dependencyMediumCVEReportTable as cve>
                                        <#if cve.state =="NOT_EXPLOITABLE">
                                        
                                        <#else>
                                        

                                    

                                        
Vulnerability
                                        
Publish Date
                                        
Library
                                    

                                        
                                        
${cve.name}
                                        
${cve.publishDate}
                                        
${cve.libraryName}
                                    
                                    
                                
                            
                        

                        <#if dependencyResult.dependencyLowCVEReportTable?size gt 0>
                            

                                

                                    

                                        
                                    
                                    
Low
                                    
${dependencyResult.lowVulnerability}
                                
                                
                                    <#list dependencyResult.dependencyLowCVEReportTable as cve>
                                        <#if cve.state =="NOT_EXPLOITABLE">
                                        
                                        <#else>
                                        

                                    

                                        
Vulnerability
                                        
Publish Date
                                        
Library
                                    

                                        
                                        
${cve.name}
                                        
${cve.publishDate}
                                        
${cve.libraryName}
                                    
                                    
                                
                            
                        


                    
                
            
        
    

    <#if (config.isOsaEnabled() || config.isAstScaEnabled()|| config.isSastEnabled()) &&  policyViolated>

        <#if policyViolatedCount gt 0>
        

        

            

                

                    
Policy
                    
Management
                
                

                    

                        

                            
                                

                                    

                                        
                                    
                                    
Analyze Results
                                
                            
                        
                    
                
            
            

            

                

                    

                        
                    
                    
Violated ${policyLabel}
                    
${policyViolatedCount}
                
                
                    <#if sast.sastPolicies?size gt 0>
                        <#list sast.sastPolicies as sastPoliciy>
                            
                        
                    
                    <#if osa.osaPolicies?size gt 0>
                        <#list osa.osaPolicies as osaPolicy>
                            

                    

                        
Policy
                        
Rule
                        
Type
                        
# of Rule Violations
                        
First Detection Date
                    

                                
${sastPoliciy.policyName}
                                
${sastPoliciy.ruleName}
                                
SAST
                                
${sastPoliciy.violations?size}
                                
${sastPoliciy.firstDetectionDate}
                            

                                
${osaPolicy.policyName}
                                
${osaPolicy.ruleName}
                                
OSA
                                
${osaPolicy.violations?size}
                                
${osaPolicy.firstDetectionDate}