private void PopulateVulns(NuGetPackageViewModel.NuGetPackage item, List <Classes.ComponentVulnerability.Item> items)
{
item.PackageStatus = NuGetPackageViewModel.PackageStatus.Vulnerable;
var highVulns = 0;
var mediumVulns = 0;
var lowVulns = 0;
foreach (var vuln in items)
{
var vulnLink = vuln._meta.href;
switch (vuln.severity)
{
case "HIGH":
highVulns++;
break;
case "MEDIUM":
mediumVulns++;
break;
default:
lowVulns++;
break;
}
}
if (highVulns > 0)
{
item.NumHighVulns = highVulns.ToString();
item.HighVulnsTooltip = (highVulns == 1) ? highVulns.ToString() + " High " + Properties.Resources.SeverityTooltipSingle : highVulns.ToString() + " High " + Properties.Resources.SeverityTooltip;
}
else
{
item.NumHighVulns = null;
}
if (mediumVulns > 0)
{
item.NumMediumVulns = mediumVulns.ToString();
item.MediumVulnsTooltip = (mediumVulns == 1) ? mediumVulns.ToString() + " Medium " + Properties.Resources.SeverityTooltipSingle : mediumVulns.ToString() + " Medium " + Properties.Resources.SeverityTooltip;
}
else
{
item.NumMediumVulns = null;
}
if (lowVulns > 0)
{
item.NumLowVulns = lowVulns.ToString();
item.LowVulnsTooltip = (lowVulns == 1) ? lowVulns.ToString() + " Low " + Properties.Resources.SeverityTooltipSingle : lowVulns.ToString() + " Low " + Properties.Resources.SeverityTooltip;
}
else
{
item.NumLowVulns = null;
}
}
private void PopulateLicenses(NuGetPackageViewModel.NuGetPackage item, Classes.ComponentVersion.RootObject componentVersion)
{
var licenseList = new List <string>();
if (componentVersion.license.licenses.Count == 0)
{
licenseList.Add(componentVersion.license.licenseDisplay);
}
foreach (var license in componentVersion.license.licenses)
{
licenseList.Add(license.name);
}
var licenses = string.Join(",", licenseList);
item.License = licenses;
}
private void ProcessItem(NuGetPackageViewModel.NuGetPackage item, RestSharp.RestClient client, Boolean hubLessThanFour)
{
var externalId = $"{item.Forge}|{item.Package}|{item.Version}";
//Get Component
var getComponentResponse = API.Component.GetComponent(externalId, client);
var component = getComponentResponse.Data;
if (component == null)
{
return;
}
//Get Component Version
if ((component.items?.Count == 1) &&
(component.items[0].version != null))
{
var versionId = component.items[0].version.Substring(component.items[0].version.LastIndexOf("/") + 1);
if (hubLessThanFour)
{
item.HubLink = _package.HubServerUrl + "/#versions/id:" + versionId + "/view:overview";
}
else
{
item.HubLink = _package.HubServerUrl + "/ui/versions/id:" + versionId + "/view:overview";
}
var getComponentVersionResponse =
API.ComponentVersion.GetComponentVersion(getComponentResponse, _package.HubServerUrl,
client);
var componentVersion = getComponentVersionResponse.Data;
PopulateLicenses(item, componentVersion);
var vulnHref = GetSecurityRiskUrl(componentVersion);
if (vulnHref == null)
{
return;
}
var getVulnerabilitiesResponse =
API.ComponentVulnerability.GetVulnerabilities(getComponentVersionResponse,
_package.HubServerUrl, client, vulnHref);
var componentVulnerability = getVulnerabilitiesResponse.Data;
if (componentVulnerability.totalCount != 0)
{
PopulateVulns(item, componentVulnerability.items);
}
else
{
item.PackageStatus = NuGetPackageViewModel.PackageStatus.Secure;
}
}
else
{
item.PackageStatus = NuGetPackageViewModel.PackageStatus.NotFound;
}
}
