@@ -192,29 +192,51 @@ def report_sast_results(scanresult):
192192
193193 # Collect files that have SAST results
194194 files_with_findings = []
195- for file_id , file_info in file_security_info .items ():
196- if isinstance (file_info , dict ):
197- sast_result = file_info .get ("sast_result" )
198- if isinstance (sast_result , dict ) and len (sast_result ) > 0 :
199- files_with_findings .append (file_info )
195+ for file_info in file_security_info .values ():
196+ if not isinstance (file_info , dict ):
197+ continue
198+
199+ sast_result = file_info .get ("sast_result" )
200+ if isinstance (sast_result , dict ) and len (sast_result ) > 0 :
201+ files_with_findings .append (file_info )
200202
201203 if not files_with_findings :
202204 return '<br><h2">✅ No security weaknesses found</h2>'
203205
204- total_number_of_files = scanresult ["statistics_overview" ]["Number_Of_Files" ]
206+ # --- Safe statistics handling ---
207+ stats = scanresult .get ("statistics_overview" )
208+ if not isinstance (stats , dict ):
209+ stats = {}
210+ total_number_of_files = stats .get ("Number_Of_Files" , 1 )
211+
205212 # --- HTML REPORT ---
206- html = SAST_REPORT_CSS + f"""
213+ html = (
214+ SAST_REPORT_CSS
215+ + f"""
207216 <div class="sast-report">
208217 <h2>Detailed Code Security Report</h2>
209218 <p><strong>Package:</strong> { scanresult .get ("package_name" , "N/A" )}
210219 <p><strong>version:</strong> { scanresult .get ("package_release" , "N/A" )}
211220 <p><strong>Total files with findings:</strong> { len (files_with_findings )} { total_number_of_files }
212221 """
222+ )
213223
214224 for file_info in files_with_findings :
215225 filename = file_info .get ("FileName" , "Unknown File" )
216226 sast_result = file_info .get ("sast_result" , {})
217- num_issues = len (sast_result )
227+
228+ # --- Normalize findings (fix for list/dict inconsistency) ---
229+ all_findings = []
230+ for v in sast_result .values ():
231+ if isinstance (v , dict ):
232+ all_findings .append (v )
233+ elif isinstance (v , list ):
234+ all_findings .extend ([item for item in v if isinstance (item , dict )])
235+
236+ if not all_findings :
237+ continue
238+
239+ num_issues = len (all_findings )
218240
219241 html += f"""
220242 <p>⚠️ <b>{ num_issues } { "s" if num_issues > 1 else "" }
@@ -238,11 +260,19 @@ def report_sast_results(scanresult):
238260 <tbody>
239261 """
240262
241- sorted_findings = sorted (
242- sast_result .values (), key = lambda x : int (x .get ("line" , 0 ))
243- )
263+ # --- Safe sorting ---
264+ def safe_line (x ):
265+ try :
266+ return int (x .get ("line" , 0 ))
267+ except (TypeError , ValueError ):
268+ return 0
269+
270+ sorted_findings = sorted (all_findings , key = safe_line )
244271
245272 for finding in sorted_findings :
273+ if not isinstance (finding , dict ):
274+ continue
275+
246276 line = finding .get ("line" , "—" )
247277 validation = finding .get ("validation" , "—" )
248278 severity = finding .get ("severity" , "—" )
@@ -263,6 +293,7 @@ def report_sast_results(scanresult):
263293 html += "</details><br>"
264294
265295 html += "</div>"
296+
266297 RESULT_HTML_PANE = {
267298 "background" : "#FFFFE0" ,
268299 "padding" : "16px" ,
@@ -273,8 +304,8 @@ def report_sast_results(scanresult):
273304 "border-left" : "4px solid #E69F00" ,
274305 "border-radius" : "10px" ,
275306 }
276- sast_result = pn . pane . HTML ( html , styles = RESULT_HTML_PANE )
277- return sast_result
307+
308+ return pn . pane . HTML ( html , styles = RESULT_HTML_PANE )
278309
279310
280311def report_used_modules (scanresult ):
@@ -387,11 +418,13 @@ def get_info_text():
387418
388419 """ ,
389420 sizing_mode = "stretch_width" ,
390- stylesheets = ["""
421+ stylesheets = [
422+ """
391423 .bk-panel {
392424 background: transparent !important;
393425 }
394- """ ],
426+ """
427+ ],
395428 styles = custom_style ,
396429 )
397430 return infotext
0 commit comments