feat: add scan warnings in scan result

Author: iseki0

cmd/murphy/internal/binscan/cmd.go

@@ -152,7 +152,7 @@ func binScan(ctx context.Context, scanPath string) error {
 	}
 	cv.DisplayReportUrl(ctx, *result)
 	cv.DisplayStatusClear(ctx)
-	cv.DisplayScanResultSummary(ctx, result.RelyNum, result.LeakNum, len(result.VulnInfoMap))
+	cv.DisplayScanResultSummary(ctx, result.RelyNum, result.LeakNum, len(result.VulnInfoMap), result.ScanWarnings)
 
 	return nil
 }

cmd/murphy/internal/cv/view.go

@@ -6,7 +6,10 @@ import (
 	"github.com/muesli/termenv"
 	"github.com/murphysecurity/murphysec/infra/ui"
 	"github.com/murphysecurity/murphysec/model"
+	"github.com/repeale/fp-go"
+	"github.com/samber/lo"
 	"strconv"
+	"strings"
 )
 
 func DisplayInitializeFailed(ctx context.Context, e error) {
@@ -94,9 +97,12 @@ func DisplayStatusClear(ctx context.Context) {
 	ui.Use(ctx).ClearStatus()
 }
 
-func DisplayScanResultSummary(ctx context.Context, totalDep int, totalVulnDep int, totalVuln int) {
+func DisplayScanResultSummary(ctx context.Context, totalDep int, totalVulnDep int, totalVuln int, warnings []model.ScanWarning) {
 	var u = ui.Use(ctx)
 	u.Display(ui.MsgNotice, fmt.Sprint("项目扫描完成，依赖数：", ui.Term.String(strconv.Itoa(totalDep)).Foreground(termenv.ANSIBrightCyan), "，缺陷组件数：", ui.Term.String(strconv.Itoa(totalVulnDep)).Foreground(termenv.ANSIBrightRed), "，漏洞数", ui.Term.String(strconv.Itoa(totalVuln)).Foreground(termenv.ANSIBrightRed)))
+	if len(warnings) > 0 {
+		u.Display(ui.MsgNotice, "扫描过程中出现了一些警告："+strings.Join(lo.Uniq(fp.Map(func(it model.ScanWarning) string { return it.Kind })(warnings)), ", "))
+	}
 }
 func DisplayUploading(ctx context.Context) {
 	ui.Use(ctx).UpdateStatus(ui.StatusRunning, "正在上传...")

cmd/murphy/internal/cv/view_test.go

@@ -0,0 +1,13 @@
+package cv
+
+import (
+	"context"
+	"github.com/murphysecurity/murphysec/infra/ui"
+	"github.com/murphysecurity/murphysec/model"
+	"testing"
+)
+
+func TestDisplayScanResultSummary(t *testing.T) {
+	var ctx = ui.With(context.TODO(), ui.CLI)
+	DisplayScanResultSummary(ctx, 10, 5, 3, []model.ScanWarning{{Kind: "test_foo"}, {Kind: "bar"}})
+}

cmd/murphy/internal/scan/scan.go

@@ -116,7 +116,7 @@ func postScanHook(ctx context.Context) (a any, e error) {
 	}
 	cv.DisplayReportUrl(ctx, *result)
 	cv.DisplayStatusClear(ctx)
-	cv.DisplayScanResultSummary(ctx, result.RelyNum, result.LeakNum, len(result.VulnInfoMap))
+	cv.DisplayScanResultSummary(ctx, result.RelyNum, result.LeakNum, len(result.VulnInfoMap), result.ScanWarnings)
 	return
 }
 

model/idea_output.go

@@ -4,6 +4,8 @@ import (
 	"encoding/json"
 	"github.com/murphysecurity/fix-tools/fix"
 	"github.com/murphysecurity/murphysec/utils"
+	"github.com/repeale/fp-go"
+	"github.com/samber/lo"
 	"time"
 )
 
@@ -34,6 +36,11 @@ type PluginOutput struct {
 	HitProjectRule    json.RawMessage        `json:"hit_project_rule,omitempty"`
 	ShareURL          string                 `json:"share_url,omitempty"`
 	DetailURL         string                 `json:"detail_url,omitempty"`
+	ScanWarningCodes  []string               `json:"scan_warning_codes,omitempty"`
+}
+
+type ScanWarning struct {
+	Kind string
 }
 
 type PluginComp struct {
@@ -107,6 +114,7 @@ func GetIDEAOutput(task *ScanTask) PluginOutput {
 		HitProjectRule:    r.HitProjectRule,
 		ShareURL:          r.ShareURL,
 		DetailURL:         r.DetailURL,
+		ScanWarningCodes:  lo.Uniq(fp.Map(func(it ScanWarning) string { return it.Kind })(r.ScanWarnings)),
 	}
 
 	var vulnListMapper = func(effects []ScanResultCompEffect) (rs []PluginVulnDetailInfo) {

model/result.go

@@ -37,6 +37,7 @@ type ScanResultResponse struct {
 	DetailURL        string                             `json:"detail_url"`
 	AllowAction      int                                `json:"allow_action"`
 	ExpireDay        int                                `json:"expire_day"`
+	ScanWarnings     []ScanWarning                      `json:"scan_warnings"`
 }
 
 type ScanResultCompInfo struct {