Merge pull request #710 from DependencyTrack/quick-fix-publisher-temp…

…lates-for-new-vuln-dependency Port: Fix subject mappings for project in `NewVulnerableDependencySubject`
DependencyTrack · Jun 12, 2024 · 98e717d · 98e717d
2 parents f257401 + 0725736
commit 98e717d
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 7 deletions.
diff --git a/src/main/resources/templates/notification/publisher/email.peb b/src/main/resources/templates/notification/publisher/email.peb
@@ -17,12 +17,12 @@ Project URL:       {{ baseUrl }}/projects/{{ subject.project.uuid }}
 Other affected projects: {{ baseUrl }}{{ subject.affectedProjectsReference.frontendUri }}
 {% elseif notification.group == "GROUP_NEW_VULNERABLE_DEPENDENCY" %}
 Project:           {{ subject.project | summarize }}
-Project URL:       {{ baseUrl }}/projects/?uuid={{ subject.component.project.uuid }}
+Project URL:       {{ baseUrl }}/projects/?uuid={{ subject.project.uuid }}
 Component:         {{ subject.component | summarize }}
 Component URL:     {{ baseUrl }}/component/?uuid={{ subject.component.uuid }}
 
 Vulnerabilities
-{% for vulnerability in subject.vulnerabilities %}
+{% for vulnerability in subject.vulnerabilitiesList %}
 Vulnerability ID:  {{ vulnerability.vulnId }}
 Vulnerability URL: {{ baseUrl }}/vulnerability/?source={{ vulnerability.source }}&vulnId={{ vulnerability.vulnId }}
 Severity:          {{ vulnerability.severity }}

diff --git a/src/main/resources/templates/notification/publisher/jira.peb b/src/main/resources/templates/notification/publisher/jira.peb
@@ -6,11 +6,11 @@
        "issuetype": {
           "name": "{{ jiraTicketType }}"
        },
-       "summary": "[Dependency-Track] [{{ notification.group | escape(strategy="json") }}] {% if notification.group == "GROUP_NEW_VULNERABILITY" %}[{{ subject.vulnerability.severity }}] New {{ subject.vulnerability.severity | lower }} vulnerability identified: {{ subject.vulnerability.vulnId }}{% elseif notification.group == "GROUP_NEW_VULNERABLE_DEPENDENCY" %}Vulnerable dependency introduced on project {{ subject.component.project.name | escape(strategy="json") }}{% else %}{{ notification.title | escape(strategy="json") }}{% endif %}",
+       "summary": "[Dependency-Track] [{{ notification.group | escape(strategy="json") }}] {% if notification.group == "GROUP_NEW_VULNERABILITY" %}[{{ subject.vulnerability.severity }}] New {{ subject.vulnerability.severity | lower }} vulnerability identified: {{ subject.vulnerability.vulnId }}{% elseif notification.group == "GROUP_NEW_VULNERABLE_DEPENDENCY" %}Vulnerable dependency introduced on project {{ subject.project.name | escape(strategy="json") }}{% else %}{{ notification.title | escape(strategy="json") }}{% endif %}",
        {% if notification.group == "GROUP_NEW_VULNERABILITY" %}
        "description": "A new vulnerability has been identified on your project(s).\n\\\\\n\\\\\n*Vulnerability description*\n{code:none|bgColor=white|borderStyle=none}{{ subject.vulnerability.description | escape(strategy="json") }}{code}\n\n*VulnID*\n{{ subject.vulnerability.vulnId }}\n\n*Severity*\n{{ subject.vulnerability.severity | lower | capitalize }}\n\n*Component*\n[{{ subject.component | summarize | escape(strategy="json") }}|{{ baseUrl }}/components/{{ subject.component.uuid }}]\n\n*Affected project(s)*\n{% for project in subject.affectedProjectsList %}- [{{ project.name | escape(strategy="json") }} ({{ project.version | escape(strategy="json") }})|{{ baseUrl }}/projects/{{ project.uuid }}]\n{% endfor %}"
        {% elseif notification.group == "GROUP_NEW_VULNERABLE_DEPENDENCY" %}
-       "description": "A component which contains one or more vulnerabilities has been added to your project.\n\\\\\n\\\\\n*Project*\n[{{ subject.component.project | summarize | escape(strategy="json") }}|{{ baseUrl }}/projects/{{ subject.component.project.uuid }}]\n\n*Component*\n[{{ subject.component | summarize | escape(strategy="json") }}|{{ baseUrl }}/components/{{ subject.component.uuid }}]\n\n*Vulnerabilities*\n{% for vulnerability in subject.vulnerabilities %}- {{ vulnerability.vulnId }} ({{ vulnerability.severity | lower | capitalize }})\n{% endfor %}"
+       "description": "A component which contains one or more vulnerabilities has been added to your project.\n\\\\\n\\\\\n*Project*\n[{{ subject.project | summarize | escape(strategy="json") }}|{{ baseUrl }}/projects/{{ subject.project.uuid }}]\n\n*Component*\n[{{ subject.component | summarize | escape(strategy="json") }}|{{ baseUrl }}/components/{{ subject.component.uuid }}]\n\n*Vulnerabilities*\n{% for vulnerability in subject.vulnerabilitiesList %}- {{ vulnerability.vulnId }} ({{ vulnerability.severity | lower | capitalize }})\n{% endfor %}"
        {% else %}
        "description": "{{ notification.content | escape(strategy="json") }}\n\\\\\n\\\\\n*Level*\n{{ notification.level }}\n\n"
        {% endif %}

diff --git a/src/main/resources/templates/notification/publisher/msteams.peb b/src/main/resources/templates/notification/publisher/msteams.peb
@@ -31,11 +31,11 @@
       "facts": [
         {
           "name": "Project",
-          "value": "{{ subject.dependency.project | summarize | escape(strategy="json") }}"
+          "value": "{{ subject.project | summarize | escape(strategy="json") }}"
         },
         {
           "name": "Component",
-          "value": "{{ subject.dependency.component | summarize | escape(strategy="json") }}"
+          "value": "{{ subject.component | summarize | escape(strategy="json") }}"
         }
       ],
       {% elseif notification.group == "GROUP_PROJECT_AUDIT_CHANGE" %}

diff --git a/src/main/resources/templates/notification/publisher/slack.peb b/src/main/resources/templates/notification/publisher/slack.peb
@@ -130,7 +130,7 @@
 		},
 		{
 		  "type": "plain_text",
-		  "text": "{{ subject.component.project | summarize | escape(strategy="json") }}"
+		  "text": "{{ subject.project | summarize | escape(strategy="json") }}"
 		}
 	  ]
 	}{% if baseUrl is not empty %},