Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/amdei/prospector-html
HTML report generator from prospector static analyzer tool JSON output.
https://github.com/amdei/prospector-html
html prospector python report
Last synced: about 14 hours ago
JSON representation
HTML report generator from prospector static analyzer tool JSON output.
- Host: GitHub
- URL: https://github.com/amdei/prospector-html
- Owner: amdei
- License: mit
- Created: 2017-04-12T16:15:02.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2022-04-28T00:31:37.000Z (over 2 years ago)
- Last Synced: 2024-08-27T22:57:02.692Z (about 1 month ago)
- Topics: html, prospector, python, report
- Language: Python
- Size: 24.4 KB
- Stars: 3
- Watchers: 2
- Forks: 4
- Open Issues: 4
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# prospector-html
HTML and JSON report generator from [prospector](https://blog.landscape.io/prospector-python-static-analysis-for-humans.html) and [semgrep](https://semgrep.dev/docs/) static analyzer tools JSON output.
Handy when using with GitLab CI.# Synopsis
## prospector
pip3 install prospector
pip3 install prospector2html
cd
prospector --no-style-warnings --strictness medium --output-format json > prospector_report.json
prospector-html --input prospector_report.json
cat prospector-html-report.html## semgrep
pip3 install prospector2html
cd
docker run --rm -v "${PWD}:/src" returntocorp/semgrep:latest semgrep scan --json --output semgrep-native-report.json --config=auto
prospector-html --input semgrep-native-report --output filtered-report.html --filter semgrep
cat filtered-report.html## GitLab CI SAST
pip3 install prospector2html
cd
docker run --rm -v "${PWD}:/src" returntocorp/semgrep:latest semgrep ci --gitlab-sast --output gl-sast-report.json --config=auto
prospector-html --input gl-sast-report.json --output filtered-report.json --json --filter gitlab-sast
cat filtered-report.json## Message filtering
Sometimes it is necessary to filter analyzer results by content of the message,
rather than filter-out the whole error class by it's suppression.
For example prospector would always complains at usage of `_meta` member in Django projects.In this case one could fileter such messages by specifing it in prospector-html config file.
`.prospector-html.yaml` by default. See details in the source of sample config or use following example:# cat .prospector-html.yaml
filter:
message:
# Filter by exact match
- "Message to filter"
- Oter message to filter
message_re:
# Regexps to filter
- 'Exactly one space required after comma.*'
- 'Exactly one space required before assignment.*'## TODO
- ???.