Open
Conversation
hulkoba
force-pushed
the
merge-metric-views-contrib
branch
from
8b29150 to
9c151cf
Compare
Yocto gathers the amount of CVEs per branch at the top of their metrics view. However, the presentation of this information is not descriptive enough and it’s spread across several files. This change adds collapsible, nested lists to show all cve information. Show current CVE count per release, parse txt files with CVE lists to group them by project and display their total CVE count. Inline this data on the matrics-page in details elements so there’s no need to navigate away. The current output includes the count of cve's and the cve-urls. No data is lost here, it looks like: CVE counts by recipes: linux-yocto: 134 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0524 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0656 ... bluez5: 2 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3563 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3637 ...
the two html files, index.html and index-full.html, got merged so we only need the json file with the complete set of data.
hulkoba
force-pushed
the
merge-metric-views-contrib
branch
from
9c151cf to
731caae
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
M10: Metrics view: CVEs per branch section and M11: Unify metrics views
metrics PR neighbourhoodie/yocto-metrics#4
Local setup
Generate chart data
First, we have to generate the necessary data for the charts.
For this, we have to go to the yocto-autobuilder-helper repo and generate chart data.
Patch metrics data
Make sure to add your local path to the
yocto-metricsrepo.CVE chart data
Next, you'll need to generate CVE chart data by running the following.
Again please note to add your local path to the
yocto-metricsrepo.CVE report data
The following is for generating CVE report data.
The branch names and data are listed here.
For example
View chart
Once the chart data is created you can run the chart html files in the
yocto-metricsrepo as follows:Screenshots
Dark theme