99import java .util .LinkedHashMap ;
1010import java .util .List ;
1111import java .util .Map ;
12- import java .util .Optional ;
12+ import java .util .Objects ;
1313import java .util .stream .Collectors ;
1414
1515import static com .checkmarx .intellij .Utils .escapeHtml ;
2222 */
2323public class ProblemDescription {
2424
25- private static final int MAX_LINE_LENGTH = 120 ;
2625 private static final Map <String , String > DESCRIPTION_ICON = new LinkedHashMap <>();
2726
2827 private static final String DIV = "<div>" ;
29- private static final String DIV_BR = "</div><br>" ;
3028 private static final String COUNT = "COUNT" ;
3129 private static final String PACKAGE = "Package" ;
3230 private static final String DEV_ASSIST = "DevAssist" ;
31+ private static final String TITLE_FONT_FAMILY = "font-family: menlo;" ;
32+ private static final String TITLE_FONT_SIZE = "font-size:11px;" ;
33+ private static final String SECONDARY_COLOUR = "color:#ADADAD;" ;
3334
3435 public ProblemDescription () {
3536 initIconsMap ();
@@ -75,7 +76,7 @@ public static void reloadIcons() {
7576 public String formatDescription (ScanIssue scanIssue ) {
7677
7778 StringBuilder descBuilder = new StringBuilder ();
78- descBuilder .append ("<html><body><div style='display:flex;flex-direction:row;align-items:center;gap:10px ;'>" )
79+ descBuilder .append ("<html><body><div style='; display:flex;flex-direction:row;align-items:center;gap:5px ;'>" )
7980 .append (DIV ).append ("<table style='border-collapse:collapse;'><tr><td style='padding:0;'>" )
8081 .append (DESCRIPTION_ICON .get (DEV_ASSIST )).append ("</td></tr></table></div>" );
8182 switch (scanIssue .getScanEngine ()) {
@@ -102,11 +103,7 @@ public String formatDescription(ScanIssue scanIssue) {
102103 * including its severity, vulnerabilities, and related details
103104 */
104105 private void buildOSSDescription (StringBuilder descBuilder , ScanIssue scanIssue ) {
105- if (scanIssue .getSeverity ().equalsIgnoreCase (SeverityLevel .MALICIOUS .getSeverity ())) {
106- buildMaliciousPackageMessage (descBuilder , scanIssue );
107- return ;
108- }
109- buildPackageHeader (descBuilder , scanIssue );
106+ buildPackageMessage (descBuilder , scanIssue );
110107 buildVulnerabilitySection (descBuilder , scanIssue );
111108 }
112109
@@ -160,50 +157,23 @@ private void buildDefaultDescription(StringBuilder descBuilder, ScanIssue scanIs
160157 * @param descBuilder the StringBuilder to which the formatted package header information will be appended
161158 * @param scanIssue the ScanIssue object containing details about the issue such as severity, title, and package version
162159 */
163- private void buildPackageHeader (StringBuilder descBuilder , ScanIssue scanIssue ) {
164- descBuilder .append ("<table style='border-collapse:collapse;'><tr><td colspan=\" 3\" style='padding:0;'><p style='font-size: 10px; margin:0;'>" )
165- .append (scanIssue .getSeverity ()).append ("-" ).append (Constants .RealTimeConstants .RISK_PACKAGE )
166- .append (" : " ).append (scanIssue .getTitle ()).append ("@" ).append (scanIssue .getPackageVersion ()).append ("</p></td></tr>" );
167-
168- descBuilder .append ("<tr><td style='padding:0;vertical-align:middle;'>" ).append (getIcon (PACKAGE )).append ("</td>" )
169- .append ("<td style='padding:0 4px 0 4px;vertical-align:middle;'><b>" ).append (scanIssue .getTitle ()).append ("@" )
170- .append (scanIssue .getPackageVersion ()).append ("</b></td><td style='padding:0;vertical-align:middle;'> - " )
171- .append (scanIssue .getSeverity ()).append (" " )
172- .append (Constants .RealTimeConstants .SEVERITY_PACKAGE )
160+ private void buildPackageMessage (StringBuilder descBuilder , ScanIssue scanIssue ) {
161+ String secondaryText = Constants .RealTimeConstants .SEVERITY_PACKAGE ;
162+ String icon = getIcon (PACKAGE );
163+ if (scanIssue .getSeverity ().equalsIgnoreCase (SeverityLevel .MALICIOUS .getSeverity ())) {
164+ secondaryText = PACKAGE ;
165+ icon = getIcon (scanIssue .getSeverity ());
166+ }
167+ descBuilder .append ("<table style='border-collapse:collapse;'><tr><td style='padding:0;vertical-align:middle;'>" )
168+ .append (icon ).append ("</td>" )
169+ .append ("<td style='" ).append (TITLE_FONT_FAMILY ).append (TITLE_FONT_SIZE )
170+ .append ("padding:0 2px 0 2px;vertical-align:middle;'><b>" ).append (scanIssue .getTitle ()).append ("@" )
171+ .append (scanIssue .getPackageVersion ()).append ("</b></td>" )
172+ .append ("<td style='padding:0;vertical-align:middle;" ).append (SECONDARY_COLOUR ).append ("'> - " )
173+ .append (scanIssue .getSeverity ()).append (" " ).append (secondaryText )
173174 .append ("</td></tr></table>" );
174175 }
175176
176- /**
177- * Builds a malicious package message and appends it to the provided StringBuilder.
178- * This method formats details about a detected malicious package based on its
179- * severity, title, and package version, and includes a corresponding icon representing
180- * the severity of the issue.
181- *
182- * @param descBuilder the StringBuilder to which the formatted malicious package message will be appended
183- * @param scanIssue the ScanIssue object containing details about the malicious package, such as its severity,
184- * title, and package version
185- */
186- private void buildMaliciousPackageMessage (StringBuilder descBuilder , ScanIssue scanIssue ) {
187- descBuilder .append ("<table style='border-collapse:collapse;'><tr><td colspan=\" 3\" style='padding:0;'>" );
188- buildMaliciousPackageHeader (descBuilder , scanIssue );
189- descBuilder .append ("</td></tr><tr><td>" ).append (getIcon (scanIssue .getSeverity ())).append ("</td>" )
190- .append ("<td><span><b>" ).append (scanIssue .getTitle ()).append ("@" ).append (scanIssue .getPackageVersion ()).append ("</b></span>" )
191- .append ("<span> - " ).append (scanIssue .getSeverity ()).append (" " ).append (PACKAGE )
192- .append ("</span><td></tr></table>" );
193- }
194-
195- /**
196- * Builds the malicious package header section of a scan issue description and appends it to the provided StringBuilder.
197- *
198- * @param descBuilder the StringBuilder to which the formatted malicious package header will be appended
199- * @param scanIssue he ScanIssue object containing details about the malicious package
200- */
201- private void buildMaliciousPackageHeader (StringBuilder descBuilder , ScanIssue scanIssue ) {
202- descBuilder .append ("<p style='font-size: 10px; margin:0;'>" ).append (scanIssue .getSeverity ())
203- .append (" " ).append (Constants .RealTimeConstants .PACKAGE_DETECTED ).append (" : " )
204- .append (scanIssue .getTitle ()).append ("@" ).append (scanIssue .getPackageVersion ()).append ("</p>" );
205- }
206-
207177 /**
208178 * Builds the vulnerability section of a scan issue description and appends it to the provided StringBuilder.
209179 * This method processes the list of vulnerabilities associated with the scan issue, categorizes them by severity,
@@ -214,29 +184,20 @@ private void buildMaliciousPackageHeader(StringBuilder descBuilder, ScanIssue sc
214184 */
215185 private void buildVulnerabilitySection (StringBuilder descBuilder , ScanIssue scanIssue ) {
216186 List <Vulnerability > vulnerabilityList = scanIssue .getVulnerabilities ();
217- if (vulnerabilityList != null && !vulnerabilityList .isEmpty ()) {
218- descBuilder .append (DIV );
219- buildVulnerabilityIconWithCountMessage (descBuilder , vulnerabilityList );
220- descBuilder .append ("<p style='margin-left: 5px; margin-top:4px; margin-bottom:0;'>" );
221- findVulnerabilityBySeverity (vulnerabilityList , scanIssue .getSeverity ())
222- .ifPresent (vulnerability ->
223- descBuilder .append (escapeHtml (vulnerability .getDescription ()))
224- );
225- descBuilder .append (DIV_BR ).append ("<p>" );
187+ if (Objects .isNull (vulnerabilityList ) || vulnerabilityList .isEmpty ()) {
188+ return ;
226189 }
227- }
228-
229- /**
230- * Finds a vulnerability matching the specified severity level.
231- *
232- * @param vulnerabilityList the list of vulnerabilities to search
233- * @param severity the severity level to match
234- * @return an Optional containing the matching vulnerability, or empty if not found
235- */
236- private Optional <Vulnerability > findVulnerabilityBySeverity (List <Vulnerability > vulnerabilityList , String severity ) {
237- return vulnerabilityList .stream ()
238- .filter (vulnerability -> vulnerability .getSeverity ().equalsIgnoreCase (severity ))
239- .findFirst ();
190+ descBuilder .append (DIV ).append ("<table style='display:inline-table;vertical-align:middle;border-collapse:collapse;'><tr>" );
191+ Map <String , Long > vulnerabilityCount = getVulnerabilityCount (vulnerabilityList );
192+ DESCRIPTION_ICON .forEach ((severity , iconPath ) -> {
193+ Long count = vulnerabilityCount .get (severity );
194+ if (count != null && count > 0 ) {
195+ descBuilder .append ("<td style='padding:0;'>" ).append (getIcon (getSeverityCountIconKey (severity ))).append ("</td>" )
196+ .append ("<td style='font-size:9px;color:#ADADAD;vertical-align:middle;padding:0 4px 0 1px;'>" )
197+ .append (count ).append ("</td>" );
198+ }
199+ });
200+ descBuilder .append ("</tr></table></div>" );
240201 }
241202
242203 /**
@@ -253,33 +214,6 @@ private Map<String, Long> getVulnerabilityCount(List<Vulnerability> vulnerabilit
253214 .collect (Collectors .groupingBy (severity -> severity , Collectors .counting ()));
254215 }
255216
256- /**
257- * Builds a message representing the count of vulnerabilities categorized by severity level
258- * and appends it to the provided description builder. This method uses severity icons
259- * and corresponding counts formatted in a specific style.
260- *
261- * @param descBuilder the StringBuilder to which the formatted vulnerability count message will be appended
262- * @param vulnerabilityList the list of vulnerabilities to be processed for counting and categorizing by severity level
263- */
264- private void buildVulnerabilityIconWithCountMessage (StringBuilder descBuilder , List <Vulnerability > vulnerabilityList ) {
265- if (vulnerabilityList .isEmpty ()) {
266- return ;
267- }
268- descBuilder .append ("<table style='display:inline-table;vertical-align:middle;border-collapse:collapse;'><tr>" );
269- Map <String , Long > vulnerabilityCount = getVulnerabilityCount (vulnerabilityList );
270- DESCRIPTION_ICON .forEach ((severity , iconPath ) -> {
271- Long count = vulnerabilityCount .get (severity );
272- if (count != null && count > 0 ) {
273- descBuilder .append ("<td style='padding:0;'>" ).append (getIcon (getSeverityCountIconKey (severity ))).append ("</td>" )
274- .append ("<td style='vertical-align:middle;padding:0 6px 0 2px;'>" )
275- .append (count ).append ("</td>" );
276-
277-
278- }
279- });
280- descBuilder .append ("</tr></table>" );
281- }
282-
283217 /**
284218 * Generates an HTML image element based on the provided icon name.
285219 *
@@ -291,16 +225,6 @@ private static String getImage(String iconPath) {
291225 return iconPath .isEmpty () ? "" : "<img src='" + DevAssistUtils .themeBasedPNGIconForHtmlImage (iconPath ) + "'/>" ;
292226 }
293227
294- /**
295- * Wraps the provided text at the word boundary.
296- *
297- * @param text the text to be wrapped
298- * @return the wrapped text
299- */
300- private String wrapText (String text ) {
301- return text .length () < MAX_LINE_LENGTH ? text : DevAssistUtils .wrapTextAtWord (text , MAX_LINE_LENGTH );
302- }
303-
304228 /**
305229 * Returns the key for the icon representing the specified severity with a count suffix.
306230 *
0 commit comments