HTML report generator for prospector, semgrep, and GitLab SAST static analyzer tools.
Project description
prospector-html
HTML and JSON report generator from prospector and semgrep static analyzer tools JSON output. Handy when using with GitLab CI.
Synopsis
prospector
pip3 install prospector
pip3 install prospector2html
cd <python-project-sources-dir>
prospector --no-style-warnings --strictness medium --output-format json > prospector_report.json
prospector-html --input prospector_report.json
cat prospector-html-report.html
semgrep
pip3 install prospector2html
cd <project-sources-dir>
docker run --rm -v "${PWD}:/src" returntocorp/semgrep:latest semgrep scan --json --output semgrep-native-report.json --config=auto
prospector-html --input semgrep-native-report --output filtered-report.html --filter semgrep
cat filtered-report.html
GitLab CI SAST
pip3 install prospector2html
cd <project-sources-dir>
docker run --rm -v "${PWD}:/src" returntocorp/semgrep:latest semgrep ci --gitlab-sast --output gl-sast-report.json --config=auto
prospector-html --input gl-sast-report.json --output filtered-report.json --json --filter gitlab-sast
cat filtered-report.json
Message filtering
Sometimes it is necessary to filter analyzer results by content of the message,
rather than filter-out the whole error class by it's suppression.
For example prospector would always complains at usage of _meta member in Django projects.
In this case one could fileter such messages by specifing it in prospector-html config file.
.prospector-html.yaml by default. See details in the source of sample config or use following example:
# cat .prospector-html.yaml
filter:
message:
# Filter by exact match
- "Message to filter"
- Oter message to filter
message_re:
# Regexps to filter
- 'Exactly one space required after comma.*'
- 'Exactly one space required before assignment.*'
TODO
- ???.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file prospector2html-2.0.0.tar.gz.
File metadata
- Download URL: prospector2html-2.0.0.tar.gz
- Upload date:
- Size: 5.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.0 CPython/3.9.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2b30bc688c96386bf9ab29b198b4e77aff1ef0614d4acc577f10529710dd5828
|
|
| MD5 |
ca4546d0f5e462bc585985c4ed3a0762
|
|
| BLAKE2b-256 |
0565b01d8afba7bcf74c1beb6a7edae4f316d24088865fcb6776a3dad807a909
|
File details
Details for the file prospector2html-2.0.0-py3-none-any.whl.
File metadata
- Download URL: prospector2html-2.0.0-py3-none-any.whl
- Upload date:
- Size: 6.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.0 CPython/3.9.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c17b76bf1780d74e5f0260f73da045cf6ee44e59931d051b42624308a1abed46
|
|
| MD5 |
f5766fbdca93139b6ba0dcb979f1f790
|
|
| BLAKE2b-256 |
e9072877a6717f9ab9c7fb6adf88b53029865b6acc0d18ab3091d1e08db78b61
|
