- Name: Harmandeep Singh
- Organisation: Python Software Foundation
- Sub-Organisation: CVE Binary Tool
- Project: Improving CVE Binary Tool Output: Adding HTML Reports
- Proposal: View / Download
Improving CVE Binary Tool Output and adding new output types which are given below:
- Improved Console Output
- CSV
- JSON
- HTML
-
Developed OutputEngine from scratch for managing different types of Output. Currently it is used to produce outputs like CSV, JSON, HTML Report and Console.
Related Links: PR:
- intel/cve-bin-tool#410 ( Created OutputEngine )
- intel/cve-bin-tool#448 ( Fix: JSON output type )
- intel/cve-bin-tool#530 ( Custom tabular console output )
- intel/cve-bin-tool#603 ( Improved coverage )
- intel/cve-bin-tool#604 ( Smaller banner size )
- intel/cve-bin-tool#790 ( Refactored OutputEngine into smaller maintainable files)
-
Unified output for the whole tool and updated CSV2CVE to generate output through OutputEngine. Earlier CSV2CVE was generating output on its own. This change helped in generation of other avialable output types from CSV2CVE. Earlier it was only capable of providing Console output.
Related Links PR: intel/cve-bin-tool#561 ( Unified Output System )
-
Added new output type
HTML Reportwhich provides great insights of the scan done by cve-bin-tool. The report provide details like:- Number of files scanned,
- Files that were vulnerable
- Number of files were no known vulnerabilty was found
- Paths to the files were a vulnerable product was found.
- Details of each product like the Vendor, Version and Number of CVE(s)
- Analysis of Product based on CVE
- Details of each CVE like short description, severity level and external links for more infromation
Realted Links PR:
- intel/cve-bin-tool#670 ( Demo for HTML report )
- intel/cve-bin-tool#704 ( Added output_html )
- intel/cve-bin-tool#705 ( Updated Database for HTML report )
- intel/cve-bin-tool#742 ( html as OutputType Added )
-
For users at Manager level that usually want to share the report with their teams in digital or printed form for further discussions, I have added a print mode which removes all the irrelevant details and components for a clean printable report. I have also added path details for vulnerable files which will be beneficial for the resolution of the issues. I have also made sure that the HTML report is shareable as a single file.
-
Added support for Coloured Console output with the help of
richpython library. The new coloured output helped users identify the CVE severity based on the colour. It also provided beautiful tabular console output. After the PR from the author of rich the Console Output is looking even more amazing.Related links PR: intel/cve-bin-tool#754
Details about other changes and discussions can be found in:
-
Weekly Blogs: https://blogs.python-gsoc.org/en/singhhrmns-blog/
-
All Commits: https://github.com/intel/cve-bin-tool/commits?author=SinghHrmn&before=a8e18665c88f8a1657b551390fb60c4443f34518+35
-
Important Discussions and Issues:
The project has improved a lot since I started to contribute in January 2020. Even during the GSoC period many good developers joined us which gave me a great statisfaction. I plan to keep working on the project and contribute as much as I can. Some of features I'd like to work in the future are:
- Adding Support to generate and add triage data from the HTML
- PDF as an output type
- Internationalization of the tool
- Adding accessibilty features for the HTML report
- A button to toggle between Dark Mode and Light Mode in HTML report. Dark Mode is really popular these days.
It was overall a wonderful experience and I learned a lot. It was the best summer experience apart from considering the pandemic outbreak. The experienced I gain from the GSoC was really helpful in Smart India Hackathon competition.
I would like to thank Google, Python Software Foundation and Intel for providing me the opportunity and my mentors Terri Oda and John Adersen who guided me, corrected me and motivated me to be a good programmer.