jramos/cve-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Workflow column: FP# only, urgency-based colors

Browse Source 
- Backend: only extract FP# workflows; SYS# auto-generated tickets
  are no longer stored or shown (not actionable for triage purposes).
  Findings with no FP# ticket show blank in the workflow column.
- Frontend: recolor workflow badges by action urgency —
  Expired/Rejected = red (act now), Reworked/Actionable = amber
  (resubmit), Requested = blue (waiting on approval).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
jramos
2026-03-11 15:36:02 -06:00
parent 2d1acca990
commit bc9e223ab7
2 changed files with 25 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
backend/routes/ivantiFindings.js
View File

@@ -130,33 +130,31 @@ function extractFinding(f) {
// CVE list: vulnerabilities.vulnInfoList[].cve // CVE list: vulnerabilities.vulnInfoList[].cve
const cves = (f.vulnerabilities?.vulnInfoList || []).map(v => v.cve).filter(Boolean); const cves = (f.vulnerabilities?.vulnInfoList || []).map(v => v.cve).filter(Boolean);
// Workflow: flatten all distribution buckets, prioritise FP# over SYS# // Workflow: only capture FP# (False Positive) tickets — SYS# are auto-generated
// system workflows and not actionable for our purposes.
const wfDist = f.workflowDistribution || {}; const wfDist = f.workflowDistribution || {};
const allWfEntries = [ const fpBuckets = [
...(wfDist.actionableWorkflows || []), ...(wfDist.actionableWorkflows || []),
...(wfDist.requestedWorkflows || []), ...(wfDist.requestedWorkflows || []),
...(wfDist.approvedWorkflows || []), ...(wfDist.reworkedWorkflows || []),
...(wfDist.reworkedWorkflows || []), ...(wfDist.rejectedWorkflows || []),
...(wfDist.rejectedWorkflows || []), ...(wfDist.expiredWorkflows || []),
...(wfDist.expiredWorkflows || []), ...(wfDist.approvedWorkflows || []),
...(wfDist.latestSystemWorkflows || []), ].filter(w => (w.generatedId || '').startsWith('FP#'));
];
// FP# (False Positive tickets) take priority over SYS# (system workflows)
const fpEntry = allWfEntries.find(w => (w.generatedId || '').startsWith('FP#'));
const sysEntry = allWfEntries.find(w => (w.generatedId || '').startsWith('SYS#'));
const wfEntry = fpEntry || sysEntry || allWfEntries[0] || null;
// If the distribution didn't surface an FP#, also check workflowGeneratedNames directly. // Priority: actionable > requested > reworked > rejected > expired > approved
// (Some FP# tickets only appear in the names list without full state info.) const fpEntry = fpBuckets[0] || null;
// Fallback: if no FP# in distribution, check workflowGeneratedNames directly
const generatedNames = f.workflowGeneratedNames || []; const generatedNames = f.workflowGeneratedNames || [];
const fpFromNames = !fpEntry const fpFromNames = !fpEntry
? generatedNames.find(n => n.startsWith('FP#')) || null ? generatedNames.find(n => n.startsWith('FP#')) || null
: null; : null;
const workflow = wfEntry ? { const workflow = fpEntry ? {
id: wfEntry.generatedId || '', id: fpEntry.generatedId || '',
state: wfEntry.state || '', state: fpEntry.state || '',
type: wfEntry.type || wfEntry.acronym || '', type: 'FP',
} : fpFromNames ? { } : fpFromNames ? {
id: fpFromNames, id: fpFromNames,
state: '', state: '',

14
frontend/src/components/pages/ReportingPage.js
View File

@@ -126,14 +126,14 @@ function dueDateColor(dueDate) {
} }
function workflowStyle(state) { function workflowStyle(state) {
// Colors reflect action urgency — all findings here are Open, so Approved won't appear.
switch ((state || '').toLowerCase()) { switch ((state || '').toLowerCase()) {
case 'approved': return { bg: 'rgba(16,185,129,0.12)', border: 'rgba(16,185,129,0.35)', text: '#10B981' }; case 'expired': return { bg: 'rgba(239,68,68,0.12)', border: 'rgba(239,68,68,0.4)', text: '#EF4444' }; // overdue — renew FP
case 'requested': return { bg: 'rgba(14,165,233,0.12)', border: 'rgba(14,165,233,0.35)', text: '#0EA5E9' }; case 'rejected': return { bg: 'rgba(239,68,68,0.12)', border: 'rgba(239,68,68,0.4)', text: '#EF4444' }; // denied — must remediate
case 'actionable': return { bg: 'rgba(245,158,11,0.12)', border: 'rgba(245,158,11,0.35)', text: '#F59E0B' }; case 'reworked': return { bg: 'rgba(245,158,11,0.12)', border: 'rgba(245,158,11,0.4)', text: '#F59E0B' }; // challenged — resubmit FP
case 'reworked': return { bg: 'rgba(245,158,11,0.12)', border: 'rgba(245,158,11,0.35)', text: '#F59E0B' }; case 'actionable': return { bg: 'rgba(245,158,11,0.12)', border: 'rgba(245,158,11,0.4)', text: '#F59E0B' }; // needs action
case 'rejected': return { bg: 'rgba(239,68,68,0.12)', border: 'rgba(239,68,68,0.35)', text: '#EF4444' }; case 'requested': return { bg: 'rgba(14,165,233,0.12)', border: 'rgba(14,165,233,0.35)', text: '#0EA5E9' }; // in flight — awaiting approval
case 'expired': return { bg: 'rgba(100,116,139,0.12)', border: 'rgba(100,116,139,0.3)', text: '#64748B' }; default: return { bg: 'rgba(100,116,139,0.08)', border: 'rgba(100,116,139,0.2)', text: '#64748B' }; // unknown state
default: return { bg: 'rgba(100,116,139,0.08)', border: 'rgba(100,116,139,0.2)', text: '#64748B' };
} }
} }