Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

jf ver 2.71 Security Violations table not displaying correctly for ANSI colorized output #224

Open
lweitzel01 opened this issue Nov 5, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@lweitzel01
Copy link

Describe the bug

After upgrading from jf cli 2.63.2 to 2.71.0, the jf build-scan is no longer displaying the Security Violations and License Compliance Violations table in the console output

Current behavior

The Security Violations table is now showing extra special characters that are throwing the cells out of alignment and making it hard to read.

Here is the table from the old version of jf:
Security Violations
┌──────────┬───────────────────────────┬─────────┬───────────────────────────┬──────────┬──────────┬───────┬────────────────┐
│ SEVERITY │ DIRECT │ DIRECT │ IMPACTED │ IMPACTED │ FIXED │ TYPE │ CVE │
│ │ PACKAGE │ PACKAGE │ PACKAGE │ PACKAGE │ VERSIONS │ │ │
│ │ │ VERSION │ NAME │ VERSION │ │ │ │
├──────────┼───────────────────────────┼─────────┼───────────────────────────┼──────────┼──────────┼───────┼────────────────┤
│ Critical │ jpetstore-1.06-20241018.1 │ │ com.thoughtworks.xstream: │ 1.3.1 │ [1.4.16] │ Maven │ CVE-2021-21345 │
│ │ 53626-1.war │ │ xstream │ │ │ │ │
│ │ │ │ │ │ │ │ │
└──────────┴───────────────────────────┴─────────┴───────────────────────────┴──────────┴──────────┴───────┴────────────────┘

AND here is the new table with version 2.71

Security Violations
┌────────────┬───────────────────────────┬────────────┬───────────────────────────┬────────────┬──────────┬───────┬────────────────┐
│ SEVERITY │ DIRECT │ DIRECT │ IMPACTED │ IMPACTED │ FIXED │ TYPE │ CVE │
│ │ DEPENDENCY │ DEPENDENCY │ DEPENDENCY │ DEPENDENCY │ VERSIONS │ │ │
│ │ │ VERSION │ NAME │ VERSION │ │ │ │
├────────────┼───────────────────────────┼────────────┼───────────────────────────┼────────────┼──────────┼───────┼────────────────┤
│ �[101;97m💀Critical�[0m │ jpetstore-1.06-20241018.1 │ │ com.thoughtworks.xstream: │ 1.3.1 │ [1.4.16] │ Maven │ CVE-2021-21345 │
│ │ 53626-1.war │ │ xstream │ │ │ │ │
│ │ │ │ │ │ │ │ │
└────────────┴───────────────────────────┴────────────┴───────────────────────────┴────────────┴──────────┴───────┴────────────────┘

Reproduction steps

Upload artifact to artifactory and run jf build-scan to wait for scan to complete

Expected behavior

Expected Security Violations and License Compliance Violations table to display indicating violations to user

JFrog CLI-Security version

??

JFrog CLI version (if applicable)

2.71.0

Operating system type and version

Windows 2019

JFrog Xray version

3.102.3

@lweitzel01 lweitzel01 added the bug Something isn't working label Nov 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

1 participant