the scan is shown correctly and requirements fixed

Author: EL BADOURI Youssef

backend/requirements.txt

@@ -17,3 +17,4 @@ google-api-core
 google-generativeai
 transformers
 torch
+flask_sqlalchemy

frontend/src/components/VulnerabilityScanner/CodeVulnerabilityScanner.jsx

@@ -32,8 +32,10 @@ const CodeVulnerabilityScanner = ({ setResult, isLoading, setIsLoading, userId,
         const errorData = await response.json();
         throw new Error(errorData.error || "Error during code vulnerability scan");
       }
+      
 
       const data = await response.json();
+      console.log(data);
       setResult(data);
       toast.success("Code vulnerability scan completed successfully", {
         position: "top-right",

frontend/src/components/VulnerabilityScanner/ResultDisplay.jsx

@@ -2,109 +2,193 @@ import React, { useState } from "react";
 import { toast } from "react-toastify";
 import { DocumentDuplicateIcon } from "@heroicons/react/24/outline";
 
-const ResultDisplay = ({ result, item_name}) => {
-  const [activeTab, setActiveTab] = useState("vulnerabilities"); // Default tab: Vulnerabilities
+const ResultDisplay = ({ result, item_name }) => {
+  const [activeTab, setActiveTab] = useState("vulnerabilities");
   console.log(result);
 
-  if (!result) return <p className="text-gray-400">Result Not available </p>;
+  if (!result) return <p className="text-gray-400">Result Not available</p>;
 
   const handleCopy = () => {
     navigator.clipboard.writeText(JSON.stringify(result, null, 2)).then(() => {
       toast.success("Result copied", { position: "top-right", autoClose: 2000, theme: "light" });
     });
   };
 
-  const renderResults = (results) => {
-    // Handle array of results (legacy support for multi-repo)
-    if (Array.isArray(results)) {
-      return results.map((item, index) => (
-        <div key={index} className="mb-4">
-          <h3 className="text-lg font-semibold text-gray-100">{item.repo}</h3>
+  // -------- Normalization --------
+  const normalize = (raw) => {
+    // If array: legacy multi-repo
+    if (Array.isArray(raw)) {
+      return raw.map((item) => ({
+        repo: item.repo,
+        ...(item.error
+          ? { error: item.error, vulnerabilities: [], summary: { total: 0 }, files_scanned: [] }
+          : normalize(item.data)),
+      }));
+    }
+
+    // If {repo, data}: single repo wrapper
+    if (raw && raw.repo && raw.data) {
+      const inner = normalize(raw.data);
+      return { repo: raw.repo, ...inner };
+    }
+
+    // If single-file shape { file_path, vulnerabilities }
+    if (raw && raw.file_path) {
+      const vulns = (raw.vulnerabilities || []).map((v) => ({
+        id: v.rule_id || v.id || v.check_id,
+        message: v.message || v.title,
+        severity: (v.severity || "").toUpperCase(),
+        file_path: v.file_path || raw.file_path,
+        line: v.line ?? (Array.isArray(v.file_line_range) ? v.file_line_range[0] : undefined),
+        fix: v.fix || v.recommendation || v.suggestion,
+      }));
+      return {
+        vulnerabilities: vulns,
+        summary: makeSummary(vulns),
+        files_scanned: [raw.file_path],
+      };
+    }
+
+    // If semgrep-like { results: { failed_checks: [...] } } OR directly { failed_checks: [...] }
+    const failedChecks =
+      raw?.results?.failed_checks ||
+      raw?.failed_checks ||
+      raw?.results?.vulnerabilities || // fallback if your backend renames later
+      raw?.vulnerabilities ||
+      [];
+
+    const vulns = failedChecks.map((fc) => ({
+      id: fc.rule_id || fc.id || fc.check_id,
+      message: fc.message || fc.title,
+      severity: (fc.severity || "").toUpperCase(), // e.g., WARNING / LOW / MEDIUM / HIGH
+      file_path: fc.file_path || fc.path || "unknown",
+      line: fc.line ?? (Array.isArray(fc.file_line_range) ? fc.file_line_range[0] : undefined),
+      fix: fc.fix || fc.recommendation || fc.suggestion,
+    }));
+
+    // Files scanned (unique)
+    const files_scanned = Array.from(new Set(vulns.map((v) => v.file_path).filter(Boolean)));
+
+    return {
+      vulnerabilities: vulns,
+      summary: makeSummary(vulns),
+      files_scanned,
+    };
+  };
+
+  const makeSummary = (vulns) => {
+    const s = { total: vulns.length, high: 0, medium: 0, low: 0, warning: 0 };
+    vulns.forEach((v) => {
+      const sev = (v.severity || "").toUpperCase();
+      if (sev === "HIGH" || sev === "CRITICAL") s.high += 1;
+      else if (sev === "MEDIUM") s.medium += 1;
+      else if (sev === "LOW") s.low += 1;
+      else if (sev === "WARNING") s.warning += 1;
+    });
+    return s;
+  };
+
+  const normalized = normalize(result);
+
+  const renderResults = (resultsLike) => {
+    // Array => multi repo
+    if (Array.isArray(resultsLike)) {
+      return resultsLike.map((item, idx) => (
+        <div key={idx} className="mb-4">
+          {item.repo && <h3 className="text-lg font-semibold text-gray-100">{item.repo}</h3>}
           {item.error ? (
-            <p className="text-red-400">Error : {item.error}</p>
+            <p className="text-red-400">Error: {item.error}</p>
           ) : (
-            renderSingleResult(item.data)
+            renderSingleResult(item)
           )}
         </div>
       ));
     }
-
-    // Handle single result from SelectedReposVulnerabilityScanner
-    if (results.repo && results.data) {
-      return (
-        <div className="mb-4">
-          <h3 className="text-lg font-semibold text-gray-100">{results.repo}</h3>
-          {renderSingleResult(results.data)}
-        </div>
-      );
-    }
-
-    // Handle raw vulnerability scan result
-    return renderSingleResult(results);
+    return renderSingleResult(resultsLike);
   };
 
   const renderSingleResult = (data) => {
-    // Handle single file result
-    if (data.file_path) {
-      const groupedVulns = {
-        [data.file_path]: data.vulnerabilities || [],
-      };
-      return renderGroupedResults({ vulnerabilities: data.vulnerabilities, files_scanned: [data.file_path] }, groupedVulns);
-    }
+    const results = data; // already normalized => { vulnerabilities, summary, files_scanned, [repo]? }
 
-    // Handle directory/repo result
-    const results = data.results || data;
-    if (!results.vulnerabilities && !results.summary) {
+    if (!results?.vulnerabilities?.length && !results?.summary?.total) {
       return <p className="text-gray-400">No vulnerabilities found.</p>;
     }
 
-    // Group vulnerabilities by file_path
-    const groupedVulns = {};
-    (results.vulnerabilities || []).forEach((vuln) => {
-      const filePath = vuln.file_path || vuln.path;
-      if (!groupedVulns[filePath]) {
-        groupedVulns[filePath] = [];
-      }
-      groupedVulns[filePath].push(vuln);
+    // Group by file
+    const grouped = {};
+    (results.vulnerabilities || []).forEach((v) => {
+      const fp = v.file_path || "unknown";
+      if (!grouped[fp]) grouped[fp] = [];
+      grouped[fp].push(v);
     });
 
-    return renderGroupedResults(results, groupedVulns);
+    return renderGroupedResults(results, grouped, data.repo);
   };
 
-  const renderGroupedResults = (results, groupedVulns) => {
-    // Extract repository name from repo_url
+  const renderGroupedResults = (results, groupedVulns, repoName) => {
+    // repo url → item name (if you pass repo_url on parent `result`)
     const repoUrl = result?.repo_url;
-    const ItemName = (repoUrl != null )? repoUrl.split("/").slice(-2).join("/")
-        : (item_name ? item_name : "File");
+    const ItemName =
+      repoUrl != null
+        ? repoUrl.split("/").slice(-2).join("/")
+        : repoName || (item_name ? item_name : "File");
+
+    const sevBadge = (sev) => {
+      const s = (sev || "").toUpperCase();
+      const base = "ml-2 px-2 py-1 rounded text-xs";
+      if (s === "HIGH" || s === "CRITICAL") return `${base} bg-red-600`;
+      if (s === "MEDIUM") return `${base} bg-yellow-600`;
+      if (s === "LOW") return `${base} bg-blue-600`;
+      if (s === "WARNING") return `${base} bg-orange-600`;
+      return `${base} bg-gray-600`;
+      };
 
     return (
       <div>
-        {/* Repository Name */}
-        {ItemName !== "File"  && <h3 className="text-lg font-semibold text-gray-100 mb-4">{ItemName}</h3>}
+        {ItemName !== "File" && (
+          <h3 className="text-lg font-semibold text-gray-100 mb-4">{ItemName}</h3>
+        )}
 
         {/* Summary */}
         <div className="mb-4">
-          <p className="text-red-400">Vulnerabilities Found: {results.summary?.total || results.vulnerabilities?.length || 0}</p>
-          {results.summary?.high && <p className="text-red-600">High Severity: {results.summary.high}</p>}
-          {results.summary?.medium && <p className="text-yellow-500">Medium Severity: {results.summary.medium}</p>}
-          {results.summary?.low && <p className="text-blue-400">Low Severity: {results.summary.low}</p>}
-          {results.score !== undefined && <p className="text-gray-100">Security Score: {results.score}%</p>}
+          <p className="text-red-400">
+            Vulnerabilities Found: {results.summary?.total || results.vulnerabilities?.length || 0}
+          </p>
+          {results.summary?.high > 0 && (
+            <p className="text-red-600">High Severity: {results.summary.high}</p>
+          )}
+          {results.summary?.medium > 0 && (
+            <p className="text-yellow-500">Medium Severity: {results.summary.medium}</p>
+          )}
+          {results.summary?.low > 0 && (
+            <p className="text-blue-400">Low Severity: {results.summary.low}</p>
+          )}
+          {results.summary?.warning > 0 && (
+            <p className="text-orange-400">Warnings: {results.summary.warning}</p>
+          )}
+          {results.score !== undefined && (
+            <p className="text-gray-100">Security Score: {results.score}%</p>
+          )}
         </div>
 
         {/* Tabs */}
         <div className="mb-4">
           <div className="flex border-b border-gray-700">
             <button
               className={`px-4 py-2 font-semibold ${
-                activeTab === "vulnerabilities" ? "border-b-2 border-red-500 text-red-400" : "text-gray-400"
+                activeTab === "vulnerabilities"
+                  ? "border-b-2 border-red-500 text-red-400"
+                  : "text-gray-400"
               }`}
               onClick={() => setActiveTab("vulnerabilities")}
             >
               Vulnerabilities
             </button>
             <button
               className={`px-4 py-2 font-semibold ${
-                activeTab === "recommendations" ? "border-b-2 border-red-500 text-red-400" : "text-gray-400"
+                activeTab === "recommendations"
+                  ? "border-b-2 border-red-500 text-red-400"
+                  : "text-gray-400"
               }`}
               onClick={() => setActiveTab("recommendations")}
             >
@@ -123,14 +207,11 @@ const ResultDisplay = ({ result, item_name}) => {
                   <div key={filePath} className="mt-4">
                     <h5 className="text-red-500 font-medium">----------------{filePath}----------------</h5>
                     <ul className="list-disc list-inside text-gray-300">
-                      {vulns.map((vuln, idx) => (
+                      {vulns.map((v, idx) => (
                         <li key={idx}>
-                          <span className="text-red-400">{vuln.rule_id || vuln.id}</span> - {vuln.message || vuln.title} 
-                          {vuln.severity && <span className={`ml-2 px-2 py-1 rounded text-xs ${
-                            vuln.severity === 'HIGH' ? 'bg-red-600' : 
-                            vuln.severity === 'MEDIUM' ? 'bg-yellow-600' : 'bg-blue-600'
-                          }`}>{vuln.severity}</span>}
-                          {vuln.line && <span> (Line: {vuln.line})</span>}
+                          <span className="text-red-400">{v.id}</span> - {v.message}
+                          {v.severity && <span className={sevBadge(v.severity)}>{v.severity}</span>}
+                          {v.line != null && <span> (Line: {v.line})</span>}
                         </li>
                       ))}
                     </ul>
@@ -148,11 +229,11 @@ const ResultDisplay = ({ result, item_name}) => {
                 <div key={filePath} className="mt-4">
                   <h5 className="text-red-700 font-medium">----------------{filePath}----------------</h5>
                   <ul className="list-disc list-inside text-gray-300">
-                    {vulns.map((vuln, idx) => (
+                    {vulns.map((v, idx) => (
                       <li key={idx} className="mb-2">
-                        <span className="text-red-400">{vuln.rule_id || vuln.id}</span> - {vuln.message || vuln.title}
+                        <span className="text-red-400">{v.id}</span> - {v.message}
                         <div className="text-slate-400 mt-1">
-                          Recommendation: {vuln.fix || vuln.recommendation || "Review and fix this vulnerability"}
+                          Recommendation: {v.fix || "Review and fix this vulnerability"}
                         </div>
                       </li>
                     ))}
@@ -181,22 +262,20 @@ const ResultDisplay = ({ result, item_name}) => {
   };
 
   return (
-      <div className="mt-6 w-full max-w-260 relative h-50">
-        <label htmlFor="vulnerability-result" className="text-gray-400 text-sm mb-2 block">
-          Vulnerability Scan Result:
-        </label>
-        <div
-            className="p-4 bg-slate-800 text-red-300 rounded-lg shadow-inner max-h-96 overflow-y-auto font-mono text-sm">
-          {renderResults(result)}
-          <button
-              onClick={handleCopy}
-              className="absolute top-8 right-6 bg-gray-700 text-white px-2 py-1 rounded hover:bg-gray-600"
-          >
-            <DocumentDuplicateIcon className="h-4 w-4"/>
-          </button>
-        </div>
-
+    <div className="mt-6 w-full max-w-260 relative h-50">
+      <label htmlFor="vulnerability-result" className="text-gray-400 text-sm mb-2 block">
+        Vulnerability Scan Result:
+      </label>
+      <div className="p-4 bg-slate-800 text-red-300 rounded-lg shadow-inner max-h-96 overflow-y-auto font-mono text-sm">
+        {renderResults(normalized)}
+        <button
+          onClick={handleCopy}
+          className="absolute top-8 right-6 bg-gray-700 text-white px-2 py-1 rounded hover:bg-gray-600"
+        >
+          <DocumentDuplicateIcon className="h-4 w-4" />
+        </button>
       </div>
+    </div>
   );
 };