feat: show policy violation badges by state

.github/workflows/_meta-build.yaml

@@ -41,7 +41,7 @@ jobs:
         uses: actions/[email protected]
 
       - name: Set up NodeJs
-        uses: actions/[email protected].1
+        uses: actions/[email protected].2
         with:
           node-version: ${{ matrix.node-version }}
           cache: 'npm'

.github/workflows/ci-release.yaml

@@ -24,7 +24,7 @@ jobs:
         uses: actions/[email protected]
 
       - name: Set up NodeJs
-        uses: actions/[email protected].1
+        uses: actions/[email protected].2
         with:
           node-version: '18'
           cache: 'npm'

docker/Dockerfile.alpine

@@ -1,4 +1,4 @@
-FROM nginxinc/nginx-unprivileged:1.25.3-alpine@sha256:e0be80ac6ac40a050dd48c50499c957dc34aa05ea869122ae23390deb2762674
+FROM nginxinc/nginx-unprivileged:1.25.4-alpine@sha256:ac1db3b263ff319b6756ac552054cd0afe7a159a4687f160d6c573167372e769
 
 # Arguments that can be passed at build time
 ARG COMMIT_SHA=unknown

package.json

@@ -68,6 +68,7 @@
     "@vue/cli-plugin-babel": "5.0.8",
     "@vue/cli-plugin-eslint": "3.12.1",
     "@vue/cli-service": "3.12.1",
+    "@vue/runtime-dom": "^3.4.15",
     "copy-webpack-plugin": "5.1.2",
     "cross-env": "^7.0.3",
     "growl": "1.10.5",

src/assets/scss/_custom.scss

@@ -341,6 +341,21 @@ button:focus {
   margin-left: 0.6em !important;
   color: #21D983 !important;
 }
+.badge-tab-fail {
+  border: 1px solid #60768c !important;
+  background-color: $grey-900 !important;
+  color: $notification-fail !important;
+}
+.badge-tab-warn {
+  border: 1px solid #60768c !important;
+  background-color: $grey-900 !important;
+  color: $notification-warn !important;
+}
+.badge-tab-info {
+  border: 1px solid #60768c !important;
+  background-color: $grey-900 !important;
+  color: $notification-info !important;
+}
 .badge-tag {
   color: $primary;
   background-color: transparent;

src/i18n/locales/en.json

@@ -44,6 +44,8 @@
     "vulnerable_projects": "Vulnerable Projects",
     "findings": "Findings",
     "total_findings": "Total Findings",
+    "total_findings_including_aliases": "Total Findings (including aliases)",
+    "total_findings_excluding_aliases": "Total Findings (excluding aliases)",
     "findings_audited": "Findings Audited",
     "findings_unaudited": "Findings Unaudited",
     "auditing_progress": "Auditing Progress",
@@ -553,6 +555,7 @@
     "oss_index": "Sonatype OSS Index",
     "vulndb": "VulnDB",
     "snyk": "Snyk (Beta)",
+    "trivy": "Trivy",
     "vuln_sources": "Vulnerability Sources",
     "nvd": "NVD",
     "nvd_enable_mirroring_via_api": "Enable mirroring via API",
@@ -639,6 +642,8 @@
     "analyzer_snyk_how_to_api_version_help": "Where do I find available versions?",
     "analyzer_snyk_multiple_tokens_info": "Multiple tokens may be provided by separating them with semicolons, e.g. ",
     "analyzer_snyk_why_multiple_cvss": "Why are there multiple CVSS Scores for the same vulnerability?",
+    "analyzer_trivy_enable": "Enable Trivy analyzer",
+    "analyzer_trivy_ignore_unfixed": "Ignores vulnerabilities that were not fixed",
     "vulnsource_alias_sync_enable": "Enable vulnerability alias synchronization",
     "vulnsource_alias_sync_enable_tooltip": "Alias data can help in identifying identical vulnerabilities across multiple databases. If the source provides this data, synchronize it with Dependency-Track's database.",
     "vulnsource_nvd_enable": "Enable National Vulnerability Database mirroring",
@@ -854,6 +859,13 @@
     "cvss_severity": "CVSS Severity",
     "owasp_rr_severity": "OWASP Risk Rating Severity"
   },
+  "vulnerability": {
+    "critical": "Critical Severity Vulnerabilities",
+    "high": "High Severity Vulnerabilities",
+    "medium": "Medium Severity Vulnerabilities",
+    "low": "Low Severity Vulnerabilities",
+    "unassigned": "Unassigned Vulnerabilities"
+  },
   "validation": {
     "required": "{_field_} is required",
     "confirmed": "{_field_} doesn't match",