added vulnerability info to the UI

src/main/java/nl/tudelft/cornul11/thesis/app/FatJarServer.java

@@ -1,16 +1,19 @@
 package nl.tudelft.cornul11.thesis.app;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
 import jakarta.servlet.MultipartConfigElement;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import jakarta.servlet.http.Part;
 import nl.tudelft.cornul11.thesis.corpus.database.DatabaseConfig;
 import nl.tudelft.cornul11.thesis.corpus.database.DatabaseManager;
+import nl.tudelft.cornul11.thesis.corpus.database.MongoDbClient;
 import nl.tudelft.cornul11.thesis.corpus.database.SignatureDAO;
 import nl.tudelft.cornul11.thesis.corpus.database.SignatureDAOImpl.LibraryCandidate;
 import nl.tudelft.cornul11.thesis.corpus.jarfile.JarSignatureMapper;
 import nl.tudelft.cornul11.thesis.corpus.util.ConfigurationLoader;
+import org.bson.Document;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.Request;
 import org.eclipse.jetty.server.Server;
@@ -27,6 +30,7 @@
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
+import java.util.ArrayList;
 import java.util.List;
 
 /**
@@ -45,6 +49,8 @@ public class FatJarServer extends AbstractHandler {
     SignatureDAO signatureDao = databaseManager.getSignatureDao(config.getDatabaseMode());
     JarSignatureMapper jarSignatureMapper = new JarSignatureMapper(signatureDao);
 
+    MongoDbClient mongoDbClient = new MongoDbClient(config);
+
     MultipartConfigElement multipartConfig = new MultipartConfigElement(location, maxFileSize, maxRequestSize, fileSizeThreshold);
 
     public FatJarServer() {
@@ -107,6 +113,7 @@ private void handleUpload(HttpServletRequest request, HttpServletResponse respon
 
     @Override
     public void handle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) {
+        System.out.println("Handling request for target: " + target);
         // get file upload from request
         if (target.equals("/upload")) {
             jettyRequest.setAttribute(Request.__MULTIPART_CONFIG_ELEMENT, multipartConfig);
@@ -115,11 +122,29 @@ public void handle(String target, Request jettyRequest, HttpServletRequest reque
             } catch (ServletException | IOException e) {
                 e.printStackTrace();
             }
+        } else if (target.equals("/vulnerabilities")) {
+            String library = request.getParameter("library");
+            String version = request.getParameter("version");
+            response.setCharacterEncoding("utf-8");
+            response.setContentType("application/json");
+            ObjectMapper mapper = new ObjectMapper();
+
+            try {
+                List<Document> vulnerabilities = mongoDbClient.getVulnerabilities(library, version);
+                String json = mapper.writeValueAsString(vulnerabilities);
+                response.getWriter().write(json);
+                response.setStatus(HttpServletResponse.SC_OK);
+                response.getWriter().flush();
+            } catch (Exception e) {
+                response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+                e.printStackTrace();
+            }
+
         }
     }
 
     public void run() throws Exception {
-        int port = System.getenv("PORT") != null ? Integer.parseInt(System.getenv("PORT")) : 8080;
+        int port = System.getenv("PORT") != null ? Integer.parseInt(System.getenv("PORT")) : 8081;
         // Create a Server instance.
         Server server = new Server(port);
         System.out.println("Server started on port " + port);

www/index.html

@@ -4,7 +4,7 @@
     <meta charset="UTF-8" />
     <script src="https://d3js.org/d3.v5.js"></script>
     <link rel="stylesheet" href="style/external/bootstrap.min.css" />
-    <title>JAR Rmbeded Jar Analyzer</title>
+    <title>JarSift</title>
     <script src="js/external/angular.min.js"></script>
     <script src="js/app.js"></script>
 
@@ -75,7 +75,7 @@
   <body class="ng-scope" ng-controller="mainController">
     <div class="container-fluid h-100">
       <div class="uploadForm" ng-show="!libraries.length && !isLoading">
-        <h1>Upload Uber-jar</h1>
+        <h1>Upload Uber-JAR</h1>
         <form>
           <div class="form-group">
             <label for="jarInput">JAR file</label>
@@ -119,11 +119,11 @@ <h1>
       <div class="results h-100" ng-show="libraries.length && !isLoading">
         <div class="container-fluid h-100 row align-items-stretch">
           <div class="col-6 scrollable">
-            <h1>{{libraries.length}} Libraries found for {{jarFile.name}}</h1>
+            <h1>{{libraries.length}} libraries found for {{jarFile.name}}</h1>
             <div class="d-flex mb-2">
               <form class="form-inline mb-2">
                 <div class="form-group mr-2">
-                  <label for="inputSearch" class="sr-only">Serach</label>
+                  <label for="inputSearch" class="sr-only">Search</label>
                   <input
                     type="text"
                     class="form-control"
@@ -178,7 +178,7 @@ <h2>Embeded Candidates</h2>
               <li
                 class="list-group-item text-left lib-item"
                 id="list_{{lib.id}}"
-                ng-class="{'self': lib.self, 'perfect': lib.perfect}"
+                ng-class="{'self': lib.self, 'perfect': lib.perfect, 'vulnerable': lib.isVulnerable}"
                 ng-repeat="lib in libraries | filter:search track by $index "
                 ng-click="collapse(lib.id)"
                 ng-mouseenter="hoverLib(lib)"
@@ -201,6 +201,10 @@ <h2>Embeded Candidates</h2>
                       >{{lib.count}}/{{lib.total}} ({{lib.ratio * 100 | number}}
                       %)</span
                     >
+                    <span
+                      ng-if="lib.isVulnerable" style="color: red;">
+                      ⚠️
+                    </span>
                   </div>
                 </div>
                 <div
@@ -213,8 +217,10 @@ <h2>Embeded Candidates</h2>
                     <li
                       class="list-group-item"
                       ng-repeat="alt in lib.alternatives track by $index"
+                      ng-class="{'vulnerable': alt.isVulnerable}"
                     >
-                      {{alt}}
+                      {{alt.id}}
+                      <span ng-if="alt.isVulnerable" class="badge badge-danger">Vulnerable</span>
                     </li>
                   </ul>
                   Includes

www/js/app.js

@@ -79,6 +79,15 @@ angular
         })
         .then(function (response) {
           $scope.libraries = response.data;
+          $scope.libraries.forEach(function(lib) {
+            $scope.fetchVulnerabilities(lib);
+            lib.alternatives = lib.alternatives.map(function(altGav) {
+              return { id: altGav, vulnerabilities: [], isVulnerable: false };
+            });
+            lib.alternatives.forEach(function(altLib) {
+              $scope.fetchVulnerabilities(altLib);
+            })
+          });
           setTimeout($scope.generateCluster, 100);
         })
         .finally(function () {
@@ -319,4 +328,22 @@ angular
         }, 1000);
       });
     };
+    $scope.fetchVulnerabilities = function (library) {
+      let gavString = typeof library === 'string' ? library : library.id;
+
+      const [groupId, artifactId, version] = gavString.split(':');
+      const url = `/api/vulnerabilities?library=${groupId}:${artifactId}&version=${version}`;
+
+      return $http.get(url).then(function(response) {
+        if (typeof library === 'string') {
+          console.log
+        }
+        library.vulnerabilities = response.data;
+        library.isVulnerable = response.data.length > 0;
+      }, function(error) {
+        console.error('Failed to fetch vulnerabilities for', gavString, error);
+        library.vulnerabilities = [];
+        library.isVulnerable = false;
+      });
+    };
   });