[Bug] Current Findings broken on v1.3.2-pre

[artis3n]

Bug

Can't show the original report, however on an existing report with 8 findings, after merging in the code from master, the Current Findings page now displays no chart and 0 findings aggregated. The individual findings do appear below in the list. They do correctly generate in the report. It looks like it's just the view on Current Findings.

Didn't dig into it that deeply, but this should help point to the bug location:

[BuffaloWill]

The Docker dev build for v1.3.2-pre just finished, I will dig into this now.

[BuffaloWill]

@artis3n could you verify that the scoring algorithm for your report matches the one you imported? I believe this should fix the findings not being listed. If not, what is the scoring you have set for your report?

The chart not appearing looks to be a different issue, looking at that now.

[arisada]

@arisada could you verify that the scoring algorithm for your report matches the one you imported? I believe this should fix the findings not being listed. If not, what is the scoring you have set for your report?

Hi, I think you mentioned me instead of @artis3n by mistake.

[BuffaloWill]

@arisada - You are correct, sir. Fixed. Sorry!

[artis3n]

No problem -

Under administrative config, the Risk Scoring Algorithm is CVSSv3

The report's Scoring Type is CVSSv3

I made this example out of arbitrary finding templates (the CVSS scores are random for this example, don't judge) -

[artis3n]

this should fix the findings not being listed

I think I wasn't clear in my issue description. The findings do appear, as in the screenshot in my last comment - it is only the chart and the severity categories numbers next to the chart (including the informational category name) that are missing.

[artis3n]

I will say I like the UI updates overall :)

[BuffaloWill]

The findings do appear, as in the screenshot in my last comment Ok, excellent.

I just pushed a fix to hopefully fix the graph issue

[artis3n]

That did fix the graph, although I asked a question on the commit regarding informational / very low no longer being a thing.

[BuffaloWill]

Yes that was intentional for now. I will create an issue to track that. I didn't like the inconsistent behavior between different scoring algorithms so I went with the immediate fix until we can get it more consistent.