mirror of
https://github.com/fleetdm/fleet
synced 2026-05-04 13:59:01 +00:00
b1945b2128
Closes: https://github.com/fleetdm/confidential/issues/4057 Changes: - Added the contents of the fleet-vulnerability-dashboard repo to ee/vulnerability-dashboard - Added a github workflow to deploy the vulnerability dashboard on Heroku - Added a github workflow to test changes to the vulnerability-dashboard - Updated the website's custom configuration to enable auto-approvals/review requests to files in the ee/vulnerability-dashboard folder
91 lines
2 KiB
JavaScript
91 lines
2 KiB
JavaScript
module.exports = {
|
|
|
|
|
|
friendlyName: 'Get vulnerabilities',
|
|
|
|
|
|
description: 'Get sorted & paginated vulnerabilities that match the provided filters.',
|
|
|
|
|
|
inputs: {
|
|
|
|
minSeverity: {
|
|
description: 'Optional filter to only get vulnerabilities whose `severity` is >= the specified value.',
|
|
type: 'number',
|
|
defaultsTo: 0,
|
|
},
|
|
|
|
maxSeverity: {
|
|
description: 'Optional filter to only get vulnerabilities whose `severity` is <= the specified value.',
|
|
type: 'number',
|
|
defaultsTo: 10,
|
|
},
|
|
|
|
sortBy: {
|
|
description: 'An optional facet to sort vulnerabilities by.',
|
|
type: 'string',
|
|
isIn: [
|
|
'cveId',
|
|
'severity',
|
|
'hasKnownExploit',
|
|
'publishedAt',
|
|
'resolvedAt',
|
|
'createdAt',
|
|
],
|
|
defaultsTo: 'publishedAt'
|
|
},
|
|
|
|
sortDirection: {
|
|
type: 'string',
|
|
isIn: [
|
|
'ASC',
|
|
'DESC',
|
|
],
|
|
defaultsTo: 'DESC'
|
|
},
|
|
|
|
page: {
|
|
description: 'The zero-indexed page number.',
|
|
type: 'number',
|
|
defaultsTo: 0
|
|
},
|
|
|
|
teamApid: {
|
|
description: 'The ID of the Team to filter by, or 0 to only include hosts with no team, or undefined to not filter by any team.',
|
|
type: 'number',
|
|
},
|
|
|
|
},
|
|
|
|
|
|
exits: {
|
|
|
|
success: {
|
|
outputFriendlyName: 'Report',
|
|
outputDescription: 'A dictionary with a `total` and `entries` (a list of vulnerabilities).',
|
|
outputType: {},
|
|
outputExample: {
|
|
total: 1,
|
|
entries: [
|
|
{ id: 99, /*…*/ }
|
|
]
|
|
}
|
|
},
|
|
},
|
|
|
|
|
|
fn: async function ({minSeverity, maxSeverity, sortBy, sortDirection, page, teamApid}) {
|
|
|
|
return await sails.helpers.getVulnerabilities.with({ minSeverity, maxSeverity, sortBy, sortDirection, page, teamApid})
|
|
.tolerate('noMatchingVulnerabilities', ()=>{
|
|
// If the get vulnerabilities helper returned a noMatchingVulnerabilities response, we'll return an empty array of results
|
|
return {
|
|
total: 0,
|
|
entries: [],
|
|
};
|
|
});
|
|
|
|
}
|
|
|
|
|
|
};
|