customized report generated from blackduck reports that gives 'color coded vulnerabilities', and 'source paths' including 'direct' and 'indirect dependencies' details all in one report
Project description
bdvr, an Customized Blackduck_Vulnerability_report
Use case:
Project stakeholders want to know which files are affected with vulnerabilities after a Blackduck HUB scan.
Drawbacks:
The current blackduck generates multiple reports. To fulfill above requirement once has to refer 2 different reports to really able to trace the source files affected.
Features
- Produces customized report where we can see vulnerability, OSS name, affected source path details all in one report
- Color coded low risk = no color medium risk = Yellow High risk = Red
- Omits all other files which has no vulnerabilities.
Prerequiites:
Go to Your Blackduck Project > Generate 'Create Version detail report' > checkbox Source and Vulnerabilities checked.
How to install
pip install bdvr
Command to run
usage:bdvr [-h] -p P [-o]
options:
-h, --help show this help message and exit
-p P Blackduck report folder is ex: D:\BD_REPORT\PROJECT_DATETIMESTAMP.zip
-o (Optional) To automatically open the file
bdvr -p Blackduck_generated_reports.zip
#To automatically open the file add -o option
bdvr -p Blackduck_generated_reports.zip -o
Dependenceis
Thanks to all authors. As this library uses below modules
pandas = "^1.4.3"
quo = "^2022.8.2"
universal-startfile = "^0.1.3"
Issues
Please send your bugs to dineshr93@gmail.com
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
bdvr-0.2.0.tar.gz
(4.0 kB
view hashes)
Built Distribution
bdvr-0.2.0-py3-none-any.whl
(4.0 kB
view hashes)