feat: Improve report generation and statistics by normalizing severity comparisons and leveraging backend-calculated task metrics.
This commit is contained in:
lintsinghua
parent
d449e2ba78
commit
2a332d6eda
|
|
@ -185,7 +185,8 @@ class AgentFindingResponse(BaseModel):
|
|||
code_snippet: Optional[str]
|
||||
|
||||
is_verified: bool
|
||||
confidence: float
|
||||
# 🔥 FIX: Map from ai_confidence in ORM, make Optional with default
|
||||
confidence: Optional[float] = Field(default=0.5, validation_alias="ai_confidence")
|
||||
status: str
|
||||
|
||||
suggestion: Optional[str] = None
|
||||
|
|
@ -193,8 +194,10 @@ class AgentFindingResponse(BaseModel):
|
|||
|
||||
created_at: datetime
|
||||
|
||||
class Config:
|
||||
from_attributes = True
|
||||
model_config = {
|
||||
"from_attributes": True,
|
||||
"populate_by_name": True, # Allow both 'confidence' and 'ai_confidence'
|
||||
}
|
||||
|
||||
|
||||
class TaskSummaryResponse(BaseModel):
|
||||
|
|
@ -2201,6 +2204,16 @@ async def generate_audit_report(
|
|||
)
|
||||
findings = findings.scalars().all()
|
||||
|
||||
# 🔥 Helper function to normalize severity for comparison (case-insensitive)
|
||||
def normalize_severity(sev: str) -> str:
|
||||
return str(sev).lower().strip() if sev else ""
|
||||
|
||||
# Log findings for debugging
|
||||
logger.info(f"[Report] Task {task_id}: Found {len(findings)} findings from database")
|
||||
if findings:
|
||||
for i, f in enumerate(findings[:3]): # Log first 3
|
||||
logger.debug(f"[Report] Finding {i+1}: severity='{f.severity}', title='{f.title[:50] if f.title else 'N/A'}'")
|
||||
|
||||
if format == "json":
|
||||
# Enhanced JSON report with full metadata
|
||||
return {
|
||||
|
|
@ -2218,10 +2231,10 @@ async def generate_audit_report(
|
|||
"total_findings": len(findings),
|
||||
"verified_findings": sum(1 for f in findings if f.is_verified),
|
||||
"severity_distribution": {
|
||||
"critical": sum(1 for f in findings if f.severity == 'critical'),
|
||||
"high": sum(1 for f in findings if f.severity == 'high'),
|
||||
"medium": sum(1 for f in findings if f.severity == 'medium'),
|
||||
"low": sum(1 for f in findings if f.severity == 'low'),
|
||||
"critical": sum(1 for f in findings if normalize_severity(f.severity) == 'critical'),
|
||||
"high": sum(1 for f in findings if normalize_severity(f.severity) == 'high'),
|
||||
"medium": sum(1 for f in findings if normalize_severity(f.severity) == 'medium'),
|
||||
"low": sum(1 for f in findings if normalize_severity(f.severity) == 'low'),
|
||||
},
|
||||
"agent_metrics": {
|
||||
"total_iterations": task.total_iterations,
|
||||
|
|
@ -2258,10 +2271,10 @@ async def generate_audit_report(
|
|||
|
||||
# Calculate statistics
|
||||
total = len(findings)
|
||||
critical = sum(1 for f in findings if f.severity == 'critical')
|
||||
high = sum(1 for f in findings if f.severity == 'high')
|
||||
medium = sum(1 for f in findings if f.severity == 'medium')
|
||||
low = sum(1 for f in findings if f.severity == 'low')
|
||||
critical = sum(1 for f in findings if normalize_severity(f.severity) == 'critical')
|
||||
high = sum(1 for f in findings if normalize_severity(f.severity) == 'high')
|
||||
medium = sum(1 for f in findings if normalize_severity(f.severity) == 'medium')
|
||||
low = sum(1 for f in findings if normalize_severity(f.severity) == 'low')
|
||||
verified = sum(1 for f in findings if f.is_verified)
|
||||
with_poc = sum(1 for f in findings if f.has_poc)
|
||||
|
||||
|
|
@ -2323,13 +2336,13 @@ async def generate_audit_report(
|
|||
md_lines.append(f"| Severity | Count | Verified |")
|
||||
md_lines.append(f"|----------|-------|----------|")
|
||||
if critical > 0:
|
||||
md_lines.append(f"| **CRITICAL** | {critical} | {sum(1 for f in findings if f.severity == 'critical' and f.is_verified)} |")
|
||||
md_lines.append(f"| **CRITICAL** | {critical} | {sum(1 for f in findings if normalize_severity(f.severity) == 'critical' and f.is_verified)} |")
|
||||
if high > 0:
|
||||
md_lines.append(f"| **HIGH** | {high} | {sum(1 for f in findings if f.severity == 'high' and f.is_verified)} |")
|
||||
md_lines.append(f"| **HIGH** | {high} | {sum(1 for f in findings if normalize_severity(f.severity) == 'high' and f.is_verified)} |")
|
||||
if medium > 0:
|
||||
md_lines.append(f"| **MEDIUM** | {medium} | {sum(1 for f in findings if f.severity == 'medium' and f.is_verified)} |")
|
||||
md_lines.append(f"| **MEDIUM** | {medium} | {sum(1 for f in findings if normalize_severity(f.severity) == 'medium' and f.is_verified)} |")
|
||||
if low > 0:
|
||||
md_lines.append(f"| **LOW** | {low} | {sum(1 for f in findings if f.severity == 'low' and f.is_verified)} |")
|
||||
md_lines.append(f"| **LOW** | {low} | {sum(1 for f in findings if normalize_severity(f.severity) == 'low' and f.is_verified)} |")
|
||||
md_lines.append(f"| **Total** | {total} | {verified} |")
|
||||
md_lines.append("")
|
||||
|
||||
|
|
@ -2353,7 +2366,7 @@ async def generate_audit_report(
|
|||
else:
|
||||
# Group findings by severity
|
||||
for severity_level, severity_name in [('critical', 'Critical'), ('high', 'High'), ('medium', 'Medium'), ('low', 'Low')]:
|
||||
severity_findings = [f for f in findings if f.severity == severity_level]
|
||||
severity_findings = [f for f in findings if normalize_severity(f.severity) == severity_level]
|
||||
if not severity_findings:
|
||||
continue
|
||||
|
||||
|
|
|
|||
|
|
@ -104,20 +104,18 @@ function formatBytes(bytes: number): string {
|
|||
|
||||
// ============ Sub Components ============
|
||||
|
||||
// Report stats summary
|
||||
// Report stats summary - uses task statistics for reliability
|
||||
const ReportStats = memo(function ReportStats({
|
||||
task,
|
||||
findings,
|
||||
}: {
|
||||
task: AgentTask;
|
||||
findings: AgentFinding[];
|
||||
findings: AgentFinding[]; // Keep for API compatibility, but use task stats
|
||||
}) {
|
||||
const severityCounts = {
|
||||
critical: findings.filter(f => f.severity.toLowerCase() === "critical").length,
|
||||
high: findings.filter(f => f.severity.toLowerCase() === "high").length,
|
||||
medium: findings.filter(f => f.severity.toLowerCase() === "medium").length,
|
||||
low: findings.filter(f => f.severity.toLowerCase() === "low").length,
|
||||
};
|
||||
// Use task's reliable statistics instead of computing from findings array
|
||||
// This ensures consistency even when findings array is empty or not loaded
|
||||
const totalFindings = task.findings_count || 0;
|
||||
const criticalAndHigh = (task.critical_count || 0) + (task.high_count || 0);
|
||||
const verified = task.verified_count || 0;
|
||||
|
||||
return (
|
||||
<div className="grid grid-cols-4 gap-2 mb-4">
|
||||
|
|
@ -137,7 +135,7 @@ const ReportStats = memo(function ReportStats({
|
|||
<span className="text-[9px] text-slate-500 uppercase tracking-wider">Findings</span>
|
||||
</div>
|
||||
<div className="text-lg font-bold font-mono text-white">
|
||||
{findings.length}
|
||||
{totalFindings}
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
@ -147,7 +145,7 @@ const ReportStats = memo(function ReportStats({
|
|||
<span className="text-[9px] text-slate-500 uppercase tracking-wider">Critical</span>
|
||||
</div>
|
||||
<div className="text-lg font-bold font-mono text-rose-400">
|
||||
{severityCounts.critical + severityCounts.high}
|
||||
{criticalAndHigh}
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
@ -157,7 +155,7 @@ const ReportStats = memo(function ReportStats({
|
|||
<span className="text-[9px] text-slate-500 uppercase tracking-wider">Verified</span>
|
||||
</div>
|
||||
<div className="text-lg font-bold font-mono text-teal-400">
|
||||
{findings.filter(f => f.is_verified).length}
|
||||
{verified}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -351,49 +349,15 @@ export const ReportExportDialog = memo(function ReportExportDialog({
|
|||
setPreview(prev => ({ ...prev, loading: true, error: null }));
|
||||
|
||||
try {
|
||||
// For JSON, we can generate it client-side
|
||||
// For JSON, fetch from backend API to ensure data consistency
|
||||
// The backend properly queries findings from the database
|
||||
if (format === "json") {
|
||||
const reportData = {
|
||||
report_metadata: {
|
||||
task_id: task.id,
|
||||
project_id: task.project_id,
|
||||
generated_at: new Date().toISOString(),
|
||||
task_status: task.status,
|
||||
duration_seconds: task.completed_at && task.started_at
|
||||
? Math.round((new Date(task.completed_at).getTime() - new Date(task.started_at).getTime()) / 1000)
|
||||
: null,
|
||||
},
|
||||
summary: {
|
||||
security_score: task.security_score,
|
||||
total_files_analyzed: task.analyzed_files,
|
||||
total_findings: findings.length,
|
||||
verified_findings: findings.filter(f => f.is_verified).length,
|
||||
severity_distribution: {
|
||||
critical: task.critical_count,
|
||||
high: task.high_count,
|
||||
medium: task.medium_count,
|
||||
low: task.low_count,
|
||||
},
|
||||
},
|
||||
findings: findings.map(f => ({
|
||||
id: f.id,
|
||||
vulnerability_type: f.vulnerability_type,
|
||||
severity: f.severity,
|
||||
title: f.title,
|
||||
description: f.description,
|
||||
file_path: f.file_path,
|
||||
line_start: f.line_start,
|
||||
line_end: f.line_end,
|
||||
code_snippet: f.code_snippet,
|
||||
is_verified: f.is_verified,
|
||||
has_poc: f.has_poc,
|
||||
suggestion: f.suggestion,
|
||||
ai_confidence: f.ai_confidence,
|
||||
})),
|
||||
};
|
||||
const response = await apiClient.get(`/agent-tasks/${task.id}/report`, {
|
||||
params: { format: "json" },
|
||||
});
|
||||
|
||||
setPreview({
|
||||
content: JSON.stringify(reportData, null, 2),
|
||||
content: JSON.stringify(response.data, null, 2),
|
||||
format: "json",
|
||||
loading: false,
|
||||
error: null,
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@
|
|||
import { memo } from "react";
|
||||
import { Activity, FileCode, Repeat, Zap, Bug, Shield, AlertTriangle } from "lucide-react";
|
||||
import { Badge } from "@/components/ui/badge";
|
||||
import { calculateSeverityCounts } from "../utils";
|
||||
import type { StatsPanelProps } from "../types";
|
||||
|
||||
// Circular progress component
|
||||
|
|
@ -86,8 +85,15 @@ function MetricCard({ icon, label, value, suffix = "", colorClass = "text-slate-
|
|||
export const StatsPanel = memo(function StatsPanel({ task, findings }: StatsPanelProps) {
|
||||
if (!task) return null;
|
||||
|
||||
const severityCounts = calculateSeverityCounts(findings);
|
||||
const totalFindings = Object.values(severityCounts).reduce((a, b) => a + b, 0);
|
||||
// 🔥 Use task's reliable statistics instead of computing from findings array
|
||||
// This ensures consistency even when findings array is empty or not loaded
|
||||
const severityCounts = {
|
||||
critical: task.critical_count || 0,
|
||||
high: task.high_count || 0,
|
||||
medium: task.medium_count || 0,
|
||||
low: task.low_count || 0,
|
||||
};
|
||||
const totalFindings = task.findings_count || 0;
|
||||
const progressPercent = task.progress_percentage || 0;
|
||||
|
||||
// Determine score color
|
||||
|
|
@ -212,8 +218,7 @@ export const StatsPanel = memo(function StatsPanel({ task, findings }: StatsPane
|
|||
color={getScoreColor(task.security_score)}
|
||||
/>
|
||||
<div className="absolute inset-0 flex items-center justify-center">
|
||||
<span className={`text-sm font-bold font-mono ${
|
||||
task.security_score >= 80 ? 'text-emerald-400' :
|
||||
<span className={`text-sm font-bold font-mono ${task.security_score >= 80 ? 'text-emerald-400' :
|
||||
task.security_score >= 60 ? 'text-amber-400' :
|
||||
'text-rose-400'
|
||||
}`}>
|
||||
|
|
|
|||
Loading…
Reference in New Issue