From 432ec620bc24c077352eb4eec078ff27a545253d Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Mon, 22 Mar 2021 15:40:10 -0400
Subject: [PATCH] Summarize it too

still pretty hard to consume
---
 .gitlab-ci.yml                 |  1 +
 ci-tools/count-vulnerabilities | 14 ++++++++++++++
 2 files changed, 15 insertions(+)
 create mode 100755 ci-tools/count-vulnerabilities

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index fda20828..8d2967bd 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -12,6 +12,7 @@ vulnerability-scan:
   stage: "test"
   script:
     - "ci-tools/vulnerability-scan security-report.json"
+    - "ci-tools/count-vulnerabilities <security-report.json"
   artifacts:
     paths:
       - "security-report.json"
diff --git a/ci-tools/count-vulnerabilities b/ci-tools/count-vulnerabilities
new file mode 100755
index 00000000..9db1c5e7
--- /dev/null
+++ b/ci-tools/count-vulnerabilities
@@ -0,0 +1,14 @@
+#!/usr/bin/env python3
+
+from sys import stdin
+from json import load
+
+def main():
+    vulnix_report = load(stdin)
+    print("Vulnerable packages: {}".format(len(vulnix_report)))
+    print("Vulnerability count: {}".format(
+        len(set(sum((deriv["affected_by"] for deriv in vulnix_report), []))),
+    ))
+
+if __name__ == '__main__':
+    main()
-- 
GitLab