Adding stack information.

ideacrew · Sep 12, 2024 · e63a310 · e63a310
1 parent 02ff96f
commit e63a310
Show file tree

Hide file tree

Showing 5 changed files with 48 additions and 17 deletions.
diff --git a/STACK.md b/STACK.md
@@ -0,0 +1,21 @@
+# Technology Stack
+
+This document captures the technology used in this project so that developers can make informed decisions about what kind of tools and career development may be offered by learning and working with this project.
+
+It also captures the level of support and adoption it enjoys at IdeaCrew.
+
+1. Javascript Frameworks
+   1. InertiaJS (Evaluation - Candidate Technology)
+   2. React (Evaluation - Candidate Technology)
+   3. Phoenix LiveView (Experimental - Not currently under consideration)
+2. Database Technologies
+   1. SQL (In use - primarily in data analysis at IdeaCrew)
+   2. Postgres BSON (Experimental - Not currently under consideration)
+3. Elixir (Generally Experimental - Not currently under consideration)
+   1. Phoenix (Experimental - Not currently under consideration)
+   2. Ecto (Experimental - Not currently under consideration)
+   3. LiveView (Experimental - Not currently under consideration)
+4. Reporting - WKHTMLTOPDF (Currently used in multiple ideacrew projects)
+5. Infrastructure Tools
+   1. Docker (Official IdeaCrew Solution)
+   2. SBOM, or Software Bills of Material (Evaluation - Candidate technology)
diff --git a/lib/sectory/analysis/analysis_presenter.ex b/lib/sectory/analysis/analysis_presenter.ex
@@ -43,7 +43,7 @@ defmodule Sectory.Analysis.AnalysisPresenter do
     %__MODULE__{
       component_name: Sectory.Sbom.Component.main_component_name(analysis),
       component_version: Sectory.Sbom.Component.main_component_version(analysis),
-      analysis_timestamp: analysis_timestamp(analysis),
+      analysis_timestamp: analysis_timestamp(sbom, analysis),
       analyses: analyses,
       totals: totals,
       all_issue_totals: all_issue_totals,
@@ -97,7 +97,7 @@ defmodule Sectory.Analysis.AnalysisPresenter do
     )
   end
 
-  defp analysis_timestamp(analysis) do
-    Date.utc_today()
+  defp analysis_timestamp(sbom, _analysis) do
+    sbom.updated_at
   end
 end
diff --git a/lib/sectory_web/controllers/sbom_vulnerability_report_html/mitigation_statement.html.heex b/lib/sectory_web/controllers/sbom_vulnerability_report_html/mitigation_statement.html.heex
@@ -1,6 +1,6 @@
 <h2><%= @mitigation.id %></h2>
-<p><strong>Vulnerability Sources:</strong> <%= Enum.join(@mitigation.tools, ", ") %></p>
 <p><strong><%= @mitigation.description %></strong></p>
+<p><strong>Vulnerability Sources:</strong> <%= Enum.join(@mitigation.tools, ", ") %></p>
 <p><strong>Original Severity:</strong> <%= @mitigation.original_severity %></p>
 <p><strong>Adjusted Severity:</strong> <%= @mitigation.severity %></p>
 <p><strong>State:</strong> <%= @mitigation.state %></p>

diff --git a/lib/sectory_web/controllers/sbom_vulnerability_report_html/show.html.heex b/lib/sectory_web/controllers/sbom_vulnerability_report_html/show.html.heex
@@ -1,22 +1,32 @@
 <%= issue_totals %{analysis: @analysis} %>
 
-<section class="major-section">
-<h1>Critical Issues</h1>
-<%= for ci <- critical_issues(@analysis) do %>
-  <%= vulnerability %{vulnerability: ci} %>
+<% critical_issue_set = critical_issues(@analysis) %>
+<%= if Enum.count(critical_issue_set) > 0  do %>
+  <section class="major-section">
+  <h1>Critical Issues</h1>
+  <%= for ci <- critical_issue_set do %>
+    <%= vulnerability %{vulnerability: ci} %>
+  <% end %>
+  </section>
 <% end %>
-</section>
 
-<section class="major-section">
-<h1>High Issues</h1>
-<%= for hi <- high_issues(@analysis) do %>
-  <%= vulnerability %{vulnerability: hi} %>
+<% high_issue_set = high_issues(@analysis) %>
+<%= if Enum.count(high_issue_set) > 0  do %>
+  <section class="major-section">
+  <h1>High Issues</h1>
+  <%= for hi <- high_issue_set do %>
+    <%= vulnerability %{vulnerability: hi} %>
+  <% end %>
+  </section>
 <% end %>
-</section>
 
 <section>
 <h1>Applicable Mitigation Statements</h1>
-<%= for ms <- @analysis.mitigations do %>
-<%= mitigation_statement %{mitigation: ms} %>
+<%= if Enum.count(@analysis.mitigations) > 0 do %>
+  <%= for ms <- @analysis.mitigations do %>
+  <%= mitigation_statement %{mitigation: ms} %>
+  <% end %>
+<%= else %>
+  <p>No mitigation statements provided.</p>
 <% end %>
 </section>
diff --git a/lib/sectory_web/controllers/sbom_vulnerability_report_html/vulnerability.html.heex b/lib/sectory_web/controllers/sbom_vulnerability_report_html/vulnerability.html.heex
@@ -1,8 +1,8 @@
 <section class="vulnerability-section">
 <h2><%= @vulnerability.id %><%= if @vulnerability.potential do %> - POTENTIAL<% end %></h2>
 <p><strong><%= @vulnerability.description %></strong></p>
-<p><strong>Severity:</strong> <%= @vulnerability.severity %></p>
 <p><strong>Sources:</strong> <%= Enum.join(@vulnerability.tools, ", ") %></p>
+<p><strong>Severity:</strong> <%= @vulnerability.severity %></p>
 <%= vulnerability_components %{ components: @vulnerability.components } %>
 <pre class="wrap">
 <%= @vulnerability.detail %>