feat(web-app-template): Handle scan results excluded due to path includes

nnobelis · nnobelis · commit 1aef4f148405 · 2025-08-22T11:04:06.000+02:00
Signed-off-by: Nicolas Nobelis &lt;nicolas.nobelis@bosch.com&gt;
diff --git a/plugins/reporters/web-app-template/src/components/PackageFindingsTable.jsx b/plugins/reporters/web-app-template/src/components/PackageFindingsTable.jsx
@@ -52,6 +52,7 @@ const PackageFindingsTable = ({ webAppPackage }) => {
                         key: finding.key,
                         path: finding.path,
                         pathExcludes: finding.pathExcludes,
+                        isExcludedByPathIncludes: finding.isExcludedByPathIncludes,
                         pathExcludeReasonsText: Array.from(finding.pathExcludeReasons).join(', '),
                         startLine: finding.startLine,
                         value: finding.value
@@ -124,7 +125,7 @@ const PackageFindingsTable = ({ webAppPackage }) => {
                         <span className="ort-excludes">
                             <Tooltip
                                 placement="right"
-                                title={record.pathExcludeReasonsText}
+                                title={record.isExcludedByPathIncludes? Array.from(webAppPackage.pathIncludeReasons).join(', ') : record.pathExcludeReasonsText}
                             >
                                 <FileExcelOutlined className="ort-excluded" />
                             </Tooltip>
@@ -138,11 +139,19 @@ const PackageFindingsTable = ({ webAppPackage }) => {
         });
 
         expandable = {
-            expandedRowRender: (webAppFinding) => (
-                <PathExcludesTable
-                    excludes={webAppFinding.pathExcludes}
-                />
-            ),
+            expandedRowRender: (webAppFinding) => {
+                if (webAppFinding.isExcludedByPathIncludes) {
+                    return (<PathExcludesTable
+                        excludes={webAppPackage.pathIncludes}
+                        isIncludes={true}
+                    />)
+                } else {
+                    return (<PathExcludesTable
+                        excludes={webAppFinding.pathExcludes}
+                    />)
+                }
+
+            },
             expandIcon: (obj) => {
                 const { expanded, onExpand, record } = obj;
 
diff --git a/plugins/reporters/web-app-template/src/components/PathExcludesTable.jsx b/plugins/reporters/web-app-template/src/components/PathExcludesTable.jsx
@@ -20,12 +20,18 @@
 import { Table } from 'antd';
 
 // Generates the HTML to display webAppPathExclude(s) as a table
-const PathExcludesTable = ({ excludes }) => {
+const PathExcludesTable = ({ excludes, isIncludes = false }) => {
     const columns = [
         {
             dataIndex: 'reason',
             key: 'reason',
-            title: 'Reason'
+            title: 'Reason',
+
+            render: (text) => (
+                <>
+                    {text} {isIncludes && <i>(includes)</i>}
+                </>
+            )
         },
         {
             dataIndex: 'pattern',
diff --git a/plugins/reporters/web-app-template/src/models/WebAppFinding.js b/plugins/reporters/web-app-template/src/models/WebAppFinding.js
@@ -32,9 +32,12 @@ class WebAppFinding {
 
     #pathExcludes;
 
+    #isExcludedByPathIncludes;
+
     #pathExcludeIndexes = new Set();
 
     #pathExcludeReasons;
+    #pathIncludeReasons;
 
     #startLine;
 
@@ -63,11 +66,18 @@ class WebAppFinding {
             }
 
             const pathExcludes = obj.path_excludes || obj.pathExcludes;
+
             if (Array.isArray(pathExcludes) && pathExcludes.length > 0) {
                 this.#pathExcludeIndexes = new Set(pathExcludes);
                 this.#isExcluded = true;
             }
 
+            const isExcludedByPathIncludes = obj.isExcludedByPathIncludes || obj.is_excluded_by_path_includes;
+            if (isExcludedByPathIncludes) {
+                this.#isExcludedByPathIncludes = true;
+                this.#isExcluded = true;
+            }
+
             if (Number.isInteger(obj.start_line) || Number.isInteger(obj.startLine)) {
                 this.#startLine = obj.start_line || obj.startLine;
             }
@@ -155,6 +165,10 @@ class WebAppFinding {
         return this.#pathExcludeReasons;
     }
 
+    get isExcludedByPathIncludes() {
+        return this.#isExcludedByPathIncludes;
+    }
+
     get startLine() {
         return this.#startLine;
     }
diff --git a/plugins/reporters/web-app-template/src/models/WebAppOrtResult.js b/plugins/reporters/web-app-template/src/models/WebAppOrtResult.js
@@ -80,6 +80,10 @@ class WebAppOrtResult {
 
     #pathExcludes = [];
 
+    #pathIncludes = [];
+
+    #pathIncludeReasons;
+
     #paths = [];
 
     #projects = [];
@@ -180,6 +184,14 @@ class WebAppOrtResult {
                 }
             }
 
+            if (obj.path_includes || obj.pathIncludes) {
+                const pathIncludes = obj.path_includes || obj.pathIncludes;
+
+                for (let i = 0, len = pathIncludes.length; i < len; i++) {
+                    this.#pathIncludes.push(new WebAppPathExclude(pathIncludes[i]));
+                }
+            }
+
             if (obj.paths) {
                 const { paths } = obj;
                 for (let i = 0, len = paths.length; i < len; i++) {
@@ -447,6 +459,22 @@ class WebAppOrtResult {
         return this.#pathExcludes;
     }
 
+    get pathIncludes() {
+        return this.#pathIncludes;
+    }
+
+    get pathIncludeReasons() {
+        if (!this.#pathIncludeReasons) {
+            if (Array.isArray(this.#pathIncludes) && this.#pathIncludes.length > 0) {
+                this.#pathIncludeReasons = new Set(this.#pathIncludes.map((value) => value.reason))
+            } else {
+                this.#pathIncludeReasons = new Set();
+            }
+        }
+
+        return this.#pathIncludeReasons;
+    }
+
     get paths() {
         return this.#paths;
     }
diff --git a/plugins/reporters/web-app-template/src/models/WebAppPackage.js b/plugins/reporters/web-app-template/src/models/WebAppPackage.js
@@ -411,6 +411,10 @@ class WebAppPackage {
         return new Set([...pathExcludeReasons, ...scopeExcludeReasons]);
     }
 
+    get pathIncludeReasons() {
+        return this.#webAppOrtResult.pathIncludeReasons
+    }
+
     get excludedFindings() {
         if (!this.#excludedFindings) {
             this.#excludedFindings = [];
@@ -477,6 +481,10 @@ class WebAppPackage {
         return this.#pathExcludes;
     }
 
+    get pathIncludes() {
+        return this.#webAppOrtResult.pathIncludes;
+    }
+
     get pathExcludeIndexes() {
         return this.#pathExcludeIndexes;
     }

Original file line number	Diff line number	Diff line change
`@@ -411,6 +411,10 @@ class WebAppPackage {`
`411`	`411`	`return new Set([...pathExcludeReasons, ...scopeExcludeReasons]);`
`412`	`412`	`}`
`413`	`413`
	`414`	`+ get pathIncludeReasons() {`
	`415`	`+ return this.#webAppOrtResult.pathIncludeReasons`
	`416`	`+ }`
	`417`	`+`
`414`	`418`	`get excludedFindings() {`
`415`	`419`	`if (!this.#excludedFindings) {`
`416`	`420`	`this.#excludedFindings = [];`
`@@ -477,6 +481,10 @@ class WebAppPackage {`
`477`	`481`	`return this.#pathExcludes;`
`478`	`482`	`}`
`479`	`483`
	`484`	`+ get pathIncludes() {`
	`485`	`+ return this.#webAppOrtResult.pathIncludes;`
	`486`	`+ }`
	`487`	`+`
`480`	`488`	`get pathExcludeIndexes() {`
`481`	`489`	`return this.#pathExcludeIndexes;`
`482`	`490`	`}`