{ "info": { "author": "Gael Girodon", "author_email": "contact@gaelgirodon.fr", "bugtrack_url": null, "classifiers": [ "Development Status :: 3 - Alpha", "Intended Audience :: Developers", "License :: OSI Approved :: GNU General Public License v3 (GPLv3)", "Operating System :: OS Independent", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.7", "Topic :: Software Development :: Quality Assurance" ], "description": "# ReportMix\n\n[![PyPI](https://img.shields.io/pypi/v/reportmix?style=flat-square)](https://pypi.org/project/reportmix/)\n[![License](https://img.shields.io/github/license/GaelGirodon/reportmix?color=informational&style=flat-square)](https://github.com/GaelGirodon/reportmix/blob/master/LICENSE)\n[![Python version](https://img.shields.io/pypi/pyversions/reportmix?style=flat-square)](https://pypi.org/project/reportmix/)\n[![Build](https://img.shields.io/azure-devops/build/gaelgirodon/reportmix/10?style=flat-square)](https://dev.azure.com/gaelgirodon/reportmix)\n[![Tests](https://img.shields.io/azure-devops/tests/gaelgirodon/reportmix/10?style=flat-square)](https://dev.azure.com/gaelgirodon/reportmix)\n[![Pylint](https://img.shields.io/badge/pylint-9.35-success?style=flat-square)](tasks.yml#L28)\n\nMerge reports from [multiple tools](#supported-reports) into a single file.\n\n## Install\n\nInstall **ReportMix** from [PyPI](https://pypi.org/project/reportmix/):\n\n```shell\npip install reportmix\n```\n\n## Usage\n\nMerge reports using the command-line interface:\n\n```shell\nreportmix\n```\n\n### Arguments\n\n| Argument | Description |\n| --------------------------- | -------------------------------------------------------------- |\n| `-h`, `--help` | Show the help message and exit |\n| `-V`, `--version` | Show program's version number and exit |\n| `-v`, `--verbose` | Run verbosely (display `DEBUG` logging) |\n| `--output_dir OUTPUT_DIR` | The location to write the report |\n| `--config_file CONFIG_FILE` | The path to the configuration file |\n| `--formats FORMATS` | Report formats to be generated (`csv`, `json`, `html`) |\n| `--fields FIELDS` | Fields to include in the output report (CSV and HTML only) |\n| `--hash HASH` | Fields to use for hash generation |\n| `--title TITLE` | The HTML report title |\n| `--logo LOGO` | The URL to the organization logo to display on the HTML report |\n| `--meta.*` | User-defined metadata fields |\n\nRun `reportmix --help` to show the full help message.\n\nSome properties (`formats`, `fields`, `hash`, ...) support a single value\nor a comma-separated list of items (e.g. `--formats \"csv,html,json\"`).\n\nTool-specific configuration arguments are documented in the help message\nand [below](#supported-reports).\n\n## Configuration\n\nConfigure the merging process using **command-line arguments**\nor create a **configuration file** `.reportmix` in the working directory:\n\n```ini\n[global]\noutput_dir=target\nformats=html,csv,json\nfields=tool_name,tool_version,meta_organization,name,description,type,severity,subject_name\ntitle=Analysis report\nlogo=http://acme.com/img/logo.png\n\n[meta]\norganization=Acme Corporation\n\n[dependency_check]\nreport_file=target/dependency-check-report.csv\n\n[npm_audit]\nreport_file=web-app/npm-audit.json\n\n[sonarqube]\nhost_url=http://sonarqube.acme.corp\nproject_key=acme:myproject\n```\n\nThis configuration can also be passed as **command-line arguments**:\n\n```shell\nreportmix --output_dir target --formats \"html,csv,json\" \\\n --fields [...] --title \"Analysis report\" --logo \"http://acme.com/img/logo.png\" \\\n --meta.organization \"Acme Corporation\" \\\n --dependency_check.report_file \"target/dependency-check-report.csv\" \\\n --npm_audit.report_file \"web-app/npm-audit.json\" \\\n --sonarqube.host_url \"http://sonarqube.acme.corp\" --sonarqube.project_key \"acme:myproject\"\n```\n\n### Metadata fields\n\nMetadata fields allow to define some fields for each issue in the configuration:\n\n| Name | Description | Default value |\n| -------------- | --------------------- | ------------- |\n| `product` | The product name | |\n| `version` | The product version | |\n| `organization` | The organization name | |\n| `client` | The client name | |\n| `audit_date` | The audit date | _`now()`_ |\n\n### Hash\n\n`hash` is a special field. It is not extracted from the reports data but\ncomputed using some of the issue fields to create a stable unique identifier.\nIf multiple issues, in a single merged report or in different reports,\ngenerated at different times, have the same `hash` value, we can consider\nthey are the same, so solving one of them will solve the others. It can be\nespecially useful for computing a delta between multiple reports, tracking\nissues fixes, etc.\n\n## Supported reports\n\nReports produced by the following tools are currently supported:\n\n- [**Dependency-Check**](#dependency-check):\n load a vulnerability report generated by OWASP dependency check\n (CSV required, JSON optional), version 5.x is recommended\n- [**npm audit**](#npm-audit):\n load a security audit generated by npm-audit CLI command\n (JSON format only), npm@6 is required\n- [**SonarQube**](#sonarqube):\n load code quality analysis results from a SonarQube instance,\n version 7.x is required\n\n> Contributions to improve existing [report loaders](reportmix/loaders)\n> or add new ones are welcome!\n\n### Dependency-Check\n\n- **Run** a Dependency-Check scan (cf. [Maven plugin](https://jeremylong.github.io/DependencyCheck/dependency-check-maven/))\n - The `CSV` report is required, the `JSON` report is optional\n (cf. `format` property in the plugin configuration)\n- **Move** `dependency-check-report.*` files in the working directory\n or **configure** ReportMix (`dependency_check.report_file`) to look for the file somewhere else\n- :heavy_check_mark: **Run ReportMix**\n\n> \u2192 [Dependency-Check loader](reportmix/loaders/dependency_check.py)\n\n### npm audit\n\n- **Run** a security audit using the [npm-audit](https://docs.npmjs.com/cli/audit) CLI command\n - Get the detailed audit report in JSON format, e.g.: `npm audit --json > npm-audit.json`\n- **Move** the `npm-audit.json` file in the working directory\n or **configure** ReportMix (`npm_audit.report_file`) to look for the file somewhere else\n- :heavy_check_mark: **Run ReportMix**\n\n> \u2192 [npm audit loader](reportmix/loaders/npm_audit.py)\n\n### SonarQube\n\n- **Run** a SonarQube analysis (cf. [Analyzing Source Code](https://docs.sonarqube.org/latest/analysis/overview/))\n- **Configure** the instance URL (`sonarqube.host_url`), the project key (`sonarqube.project_key`),\n and [authentication](https://docs.sonarqube.org/latest/extend/web-api/) settings\n- :heavy_check_mark: **Run ReportMix**\n\n> \u2192 [SonarQube loader](reportmix/loaders/sonarqube.py)\n\n## License\n\n**ReportMix** is licensed under the GNU General Public License.\n\n\n", "description_content_type": "text/markdown", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/GaelGirodon/reportmix", "keywords": "report mix merge security dependency-check npm audit sonarqube owasp", "license": "", "maintainer": "", "maintainer_email": "", "name": "reportmix", "package_url": "https://pypi.org/project/reportmix/", "platform": "", "project_url": "https://pypi.org/project/reportmix/", "project_urls": { "Bug Reports": "https://github.com/GaelGirodon/reportmix/issues", "Homepage": "https://github.com/GaelGirodon/reportmix", "Source": "https://github.com/GaelGirodon/reportmix" }, "release_url": "https://pypi.org/project/reportmix/0.4.1/", "requires_dist": [ "requests (>=2.22.0)", "jinja2 (>=2.10.1)" ], "requires_python": ">=3.7", "summary": "Merge reports from multiple tools into a single file", "version": "0.4.1" }, "last_serial": 5914209, "releases": { "0.1.0": [ { "comment_text": "", "digests": { "md5": "8ae81844ad5d3f3c5ad7e36c498c7444", "sha256": "c57b5bc37759b27a136b6e1d87b86093cdda2b56e39017d42fc3f8b1e4010f2b" }, "downloads": -1, "filename": "reportmix-0.1.0-py3-none-any.whl", "has_sig": false, "md5_digest": "8ae81844ad5d3f3c5ad7e36c498c7444", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.5", "size": 33831, "upload_time": "2019-09-14T20:52:52", "url": "https://files.pythonhosted.org/packages/07/e6/0f23d0dc40ee0a1a9af09de7af636476cc5dc016bc971f60cbcbf2fefa63/reportmix-0.1.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "50a6df82a8c5a4d1b21de0f2b49be0d3", "sha256": "6c079ce504d8e4967c26d41f06a4b5ca1aca79a4e11f3f53e03f6bfe67bf8645" }, "downloads": -1, "filename": "reportmix-0.1.0.tar.gz", "has_sig": false, "md5_digest": "50a6df82a8c5a4d1b21de0f2b49be0d3", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5", "size": 29547, "upload_time": "2019-09-14T20:52:54", "url": "https://files.pythonhosted.org/packages/fd/f6/ab27d6f77b191121141ad53271f0cab553f08d60546854f1c5300bcf96c4/reportmix-0.1.0.tar.gz" } ], "0.1.1": [ { "comment_text": "", "digests": { "md5": "59308dc4cc7fd4d2b8f0d6cdd26cc8e3", "sha256": "8e9f56701490bd7b7c6ea9433093b02b72fb8573737a57fbcdbfedf64c9b13b8" }, "downloads": -1, "filename": "reportmix-0.1.1-py3-none-any.whl", "has_sig": false, "md5_digest": "59308dc4cc7fd4d2b8f0d6cdd26cc8e3", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.7", "size": 34278, "upload_time": "2019-09-15T16:27:50", "url": "https://files.pythonhosted.org/packages/d4/26/7dcc0bb1503ba25ee8cd539c99ceef1d1d99fcb2ad702d2e4225e7cff7f9/reportmix-0.1.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "d4a9b57b457a430e77b2cd9c22cd3c16", "sha256": "5ec687b22f915442fbfc377010328fcf020add5467587619954c2f2c1e728674" }, "downloads": -1, "filename": "reportmix-0.1.1.tar.gz", "has_sig": false, "md5_digest": "d4a9b57b457a430e77b2cd9c22cd3c16", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.7", "size": 29888, "upload_time": "2019-09-15T16:27:52", "url": "https://files.pythonhosted.org/packages/85/e3/8ba2f1da6cc128e5a379015f34732b334f74f6a5d3cf434e1ed77cb3ca38/reportmix-0.1.1.tar.gz" } ], "0.2.0": [ { "comment_text": "", "digests": { "md5": "6c7249a20cb917c970f7e9e7cacafbad", "sha256": "d151c26354a8c335f1408039ad78f42a709bf3085fbad3f2841d08e3c3ef6f85" }, "downloads": -1, "filename": "reportmix-0.2.0-py3-none-any.whl", "has_sig": false, "md5_digest": "6c7249a20cb917c970f7e9e7cacafbad", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.7", "size": 35664, "upload_time": "2019-09-21T09:42:35", "url": "https://files.pythonhosted.org/packages/65/16/3990facce92bf5f80e0ce8de0d5e915bc626af1a5a817f2e706de3293c0c/reportmix-0.2.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "4138f825d8dfaa2a49c81abd0cc957c0", "sha256": "b25a6ef8ae96660b287bc62a91f75434f3e3ad4a7d464a03f0c81d2de54308f5" }, "downloads": -1, "filename": "reportmix-0.2.0.tar.gz", "has_sig": false, "md5_digest": "4138f825d8dfaa2a49c81abd0cc957c0", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.7", "size": 30607, "upload_time": "2019-09-21T09:42:36", "url": "https://files.pythonhosted.org/packages/9d/ab/7e16b8604f7709ee7f84a0daa67cef9a4bd45edc09d85324a6f5d3eeadce/reportmix-0.2.0.tar.gz" } ], "0.3.0": [ { "comment_text": "", "digests": { "md5": "ab713887efde3f60435f13fc6839dccb", "sha256": "9fe79e2d6b892a92fb8d2eeb95c3b2ce1f0fd5b0afcd6c0b20d68cef396b728e" }, "downloads": -1, "filename": "reportmix-0.3.0-py3-none-any.whl", "has_sig": false, "md5_digest": "ab713887efde3f60435f13fc6839dccb", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.7", "size": 35822, "upload_time": "2019-09-21T15:08:00", "url": "https://files.pythonhosted.org/packages/de/56/19c5c17e116f1bbc021e8b64379a805494c45afeaec6612e0c0182e548be/reportmix-0.3.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "e7767949e946a1629a16fc6dbde21c0b", "sha256": "822d15fb4549a526d6a40f410a396720373ef44970e31f30bf55995ede87cf44" }, "downloads": -1, "filename": "reportmix-0.3.0.tar.gz", "has_sig": false, "md5_digest": "e7767949e946a1629a16fc6dbde21c0b", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.7", "size": 30788, "upload_time": "2019-09-21T15:08:02", "url": "https://files.pythonhosted.org/packages/b7/48/c64dd2364f9ab9c91171b0c269218c9ddf4d228a1018e107050654bca462/reportmix-0.3.0.tar.gz" } ], "0.3.1": [ { "comment_text": "", "digests": { "md5": "b21923043413b2b576ecf0924378671d", "sha256": "60a8086780ddfeca1e4904374be6129be531f4abb7f58ffe6ee4fcb54948ca30" }, "downloads": -1, "filename": "reportmix-0.3.1-py3-none-any.whl", "has_sig": false, "md5_digest": "b21923043413b2b576ecf0924378671d", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.7", "size": 35851, "upload_time": "2019-09-21T15:57:12", "url": "https://files.pythonhosted.org/packages/21/39/13cb8a00ed457ed09c1197f7ce0616ecfb6b275800aaf2a98b7d80e40576/reportmix-0.3.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "4a92d45795dc628e03c3428659c50f4b", "sha256": "956eaf02ec47bc7d45d04a2c5847688bae5fd9ced71ae3bf19cc14978a8a5f86" }, "downloads": -1, "filename": "reportmix-0.3.1.tar.gz", "has_sig": false, "md5_digest": "4a92d45795dc628e03c3428659c50f4b", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.7", "size": 30834, "upload_time": "2019-09-21T15:57:14", "url": "https://files.pythonhosted.org/packages/07/61/e3a75518cbfa14c62defea04d6e596f919965fd133a2366ca023744d9bd6/reportmix-0.3.1.tar.gz" } ], "0.4.0": [ { "comment_text": "", "digests": { "md5": "8f64a80d78a418af6e9abe285593a05d", "sha256": "0496268da62908bc0fce996ba9540e971cede4c296d669b81e4d6b0486a3d2fe" }, "downloads": -1, "filename": "reportmix-0.4.0-py3-none-any.whl", "has_sig": false, "md5_digest": "8f64a80d78a418af6e9abe285593a05d", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.7", "size": 37072, "upload_time": "2019-09-28T17:55:44", "url": "https://files.pythonhosted.org/packages/ed/bb/bd2b511546eea53f83f31a96538afe6eed00cbe580b5e151ba9ba52350dc/reportmix-0.4.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "4f97a220d01689b3cb27f031e499e49e", "sha256": "1217a0133b9de7ff811439c12f125709562a013a69dcb46a68841d40db13b2d4" }, "downloads": -1, "filename": "reportmix-0.4.0.tar.gz", "has_sig": false, "md5_digest": "4f97a220d01689b3cb27f031e499e49e", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.7", "size": 32297, "upload_time": "2019-09-28T17:55:47", "url": "https://files.pythonhosted.org/packages/32/5c/1286b4e1d2df994cddc8bf0ce73f275f85d32d1f75bc35db9d7eb661cd77/reportmix-0.4.0.tar.gz" } ], "0.4.1": [ { "comment_text": "", "digests": { "md5": "8324b4c28c81db487ab5d52f4e526a13", "sha256": "8b2a7c4a79664ae6f9277410ef2e64a3a8f1bf858268046e7ae5eccccb85e58d" }, "downloads": -1, "filename": "reportmix-0.4.1-py3-none-any.whl", "has_sig": false, "md5_digest": "8324b4c28c81db487ab5d52f4e526a13", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.7", "size": 37104, "upload_time": "2019-10-01T18:49:09", "url": "https://files.pythonhosted.org/packages/a6/07/33801a2aed4c5fa6556bfdc577416c9b8cc58649128f7adf9ef7e1d3fa65/reportmix-0.4.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "510fe8b70191598f0b7176ebf0d8f351", "sha256": "02e4150ac2a7829048842829d26eccd10cd7fd82a6d16fefd774e1964fb12180" }, "downloads": -1, "filename": "reportmix-0.4.1.tar.gz", "has_sig": false, "md5_digest": "510fe8b70191598f0b7176ebf0d8f351", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.7", "size": 32349, "upload_time": "2019-10-01T18:49:11", "url": "https://files.pythonhosted.org/packages/1d/fa/eb0ffd79e1739eb403066dabef1cf7f5f52ff827c01514ee3d809789dff3/reportmix-0.4.1.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "8324b4c28c81db487ab5d52f4e526a13", "sha256": "8b2a7c4a79664ae6f9277410ef2e64a3a8f1bf858268046e7ae5eccccb85e58d" }, "downloads": -1, "filename": "reportmix-0.4.1-py3-none-any.whl", "has_sig": false, "md5_digest": "8324b4c28c81db487ab5d52f4e526a13", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.7", "size": 37104, "upload_time": "2019-10-01T18:49:09", "url": "https://files.pythonhosted.org/packages/a6/07/33801a2aed4c5fa6556bfdc577416c9b8cc58649128f7adf9ef7e1d3fa65/reportmix-0.4.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "510fe8b70191598f0b7176ebf0d8f351", "sha256": "02e4150ac2a7829048842829d26eccd10cd7fd82a6d16fefd774e1964fb12180" }, "downloads": -1, "filename": "reportmix-0.4.1.tar.gz", "has_sig": false, "md5_digest": "510fe8b70191598f0b7176ebf0d8f351", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.7", "size": 32349, "upload_time": "2019-10-01T18:49:11", "url": "https://files.pythonhosted.org/packages/1d/fa/eb0ffd79e1739eb403066dabef1cf7f5f52ff827c01514ee3d809789dff3/reportmix-0.4.1.tar.gz" } ] }