Display a folded CVE alert on affected modules

oalders · oalders · commit 35b4bb64cd52 · 2026-02-24T15:47:47.000-05:00
diff --git a/root/base/release.tx b/root/base/release.tx
@@ -232,6 +232,7 @@
 %%  }
 %%  override content -> {
 
+  %%  include inc::cve_banner;
   %%  include inc::notification;
 
   %%  block page_content -> { }
diff --git a/root/inc/cve_banner.tx b/root/inc/cve_banner.tx
@@ -0,0 +1,35 @@
+%%  if $cves && $cves.size() {
+<details class="cve-banner">
+    <summary class="cve-summary">
+        <i class="fa fa-shield" aria-hidden="true"></i>
+        <strong>Security Advisories ([% $cves.size() %])</strong>
+    </summary>
+    <div class="cve-body">
+        %%  for $cves -> $cve {
+        <div class="cve-entry">
+            <div class="cve-header">
+                <strong>
+                %%  if $cve.cves.size() {
+                    [% $cve.cves.join(', ') %]
+                %%  }
+                %%  else {
+                    [% $cve.cpansa_id %]
+                %%  }
+                </strong>
+                %%  if $cve.reported {
+                ([% $cve.reported %])
+                %%  }
+            </div>
+            <p>[% $cve.description %]</p>
+            %%  if $cve.references.size() {
+            <ul class="cve-references">
+                %%  for $cve.references -> $ref {
+                <li><a rel="noopener nofollow" href="[% $ref %]">[% $ref %]</a></li>
+                %%  }
+            </ul>
+            %%  }
+        </div>
+        %%  }
+    </div>
+</details>
+%%  }
diff --git a/root/static/less/notification.less b/root/static/less/notification.less
@@ -48,3 +48,36 @@ label.remove-notification {
 .notify-MODULE_DEPRECATED {
     background: #f8d7da;
 }
+
+.cve-banner {
+    border: 1px solid @alert-danger-border;
+    border-radius: 4px;
+    margin-bottom: 15px;
+}
+
+.cve-summary {
+    display: list-item;
+    background: @alert-danger-bg;
+    color: @alert-danger-text;
+    padding: 8px 12px;
+    cursor: pointer;
+}
+
+.cve-body {
+    padding: 10px 12px;
+}
+
+.cve-entry + .cve-entry {
+    border-top: 1px solid #eee;
+    padding-top: 8px;
+    margin-top: 8px;
+}
+
+ul.cve-references {
+    margin-bottom: 0;
+    list-style: disc;
+}
+
+ul.cve-references a {
+    word-break: break-all;
+}
