GSoC Week 8: Where's the problem ?
SinghHrmn
Published: 07/23/2020
What I did this week?
I have been working on adding the tutorial on how to customise the HTML Reports. I have added a argument which will get the directory path from the user. I have also handled the hidden div problem from the plotly.js So now we don't need to reload the window on window resize. The performance has improved significantly for the reports.
What is coming up next?
In our weekly meeting we discussed on adding the application path to the Report as well as other machine readable output like json. Because some of our users generate HTML from json. So now we'll also be storing the product path inside the output.
Have I got stuck anywhere?
There are no blocking issues for me at this moment.
View Blog Post
GSoC Week 7: Templates Tutorial
SinghHrmn
Published: 07/16/2020
What I did this week?
I researched for the HTML Report design that is good looking and more feature rich. I have been working on and developing it. The new HTML Report will have support for Triage stuff. So that the user can quickly navigate to CVEs with specified remarks. I have also added a footer with useful links like our github, community IRC, and instructions on how to raise an issue.
What is coming up next?
As discussed in our weekly meeting and as specified in issue #808 we want to let the user specify his own HTML templates if for any reason they want to update that. So to support this I'll write a complete Tutorial on How to add your own templates? and what are the things the user must handel in their Templates.
Have I got stuck anywhere?
For now I was working on my research and design so I good to go.
View Blog Post
GSoC Week 6: Begin the Phase 2
SinghHrmn
Published: 07/09/2020
What I did this week?
As mentioned I worked on refactoring output_engine due to its increasing size. It will now be easy to maintain although I have not sumbitted a PR because I need the latest PR by Niraj to work and I'm waiting to get that merged. As soon as that gets merged I'll file a 2 PRs one refactoring output_engine and other adding the exact path to the extracted files. That issue was also on our priority list. But I have not added that in our HTML and we are just storing that for now and it will be covered in the future updates.
What is coming up next?
For now I'll be researching on my future goals and I'll work to update the HTML reports according to the Triage stuff and according to the new Paths that the user might want to see in their HTML reports. New HTML design will contain changes acccording to the new Triage stuff that Niraj kamdar has added Like New Found, Mitigated, Ignored etc.
Have I got stuck anywhere?
I'm stuck because I need the latest PR by Niraj to get merged in order to work Although I have started and completed my work on top of the Niraj's Latest PR but That PR might need some changes and I'll need to incorporate those changes in my PR too.
View Blog Post
GSoC Week 5: Priority Matters
SinghHrmn
Published: 06/29/2020
What I did this week?
Instead of working on HTML output tests I worked on normalizing the package name and the module name because they were creating confusion so I prioritized that. I also added Vendor field in Console, CSV and JSON. So now we'll get output as Vendor, Product, Version, CVE Number, Severity. That will help distinguish between products that have same name but different vendors. Also I found that our console output is failing on windows, thanks to Niraj-Kamdar who was working on improving windows tests. So I also fixed that issue but as the issue was related to rich so I contacted the developer of rich because this issue can be faced by others. So he worked and released rich version 3.0.0 which he thinks can solve our error. Though I have not tested that But I think that will solve our problem in a very efficient way. Thanks to the developer of rich.
What is coming up next?
As things are changing fast I hope to work on the last week leftovers. But I guess I'll need to work on improving the filepath description in the logs to be more precise and hierarchical manner. And we also need to store that to produce the list of affected files somehow and show that in HTML Reports if necessary.
Have I got stuck anywhere?
There were some priority changes so I had to change my plans. But there were no problems encountered this week so far.
View Blog Post
GSoC Week 4: import rich:
SinghHrmn
Published: 06/22/2020
What I did this week?
I worked on adding color to the console as well as log. I'm using rich library for that. The reason why I choose this library is that rich supports cross platform implementaion and it's ability to detect terminal and adjust acoordingly is awesome. It supports mainly every terminal and even remove color codes if it detects that the output is not console. Now we can generate colored output for the console.
What is coming up next?
As the size of OutputEngine is growing and we have many different implementations inside a single file. I'll work to refactor the code so that it is more maintainable. Also I will work to add tests for the HTML output. Currently I'm learning different ways in which I can test the HTML output.
Have I got stuck anywhere?
This week I was lucky and haven't met with any unneccessary blockages.
View Blog Post