@greenarmor/ges-report-generator 0.5.0 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +66 -0
- package/package.json +6 -6
package/dist/index.js
CHANGED
|
@@ -17,6 +17,7 @@ export function generateMarkdownReport(options, score, controls, findings) {
|
|
|
17
17
|
if (options.include_security) {
|
|
18
18
|
sections.push(generateSecuritySection(controls, findings));
|
|
19
19
|
}
|
|
20
|
+
sections.push(generateRecommendationsSection(score, controls, findings));
|
|
20
21
|
return sections.join("\n\n");
|
|
21
22
|
}
|
|
22
23
|
function generateExecutiveSummary(score, findings) {
|
|
@@ -137,6 +138,71 @@ function generateSecuritySection(controls, findings) {
|
|
|
137
138
|
}
|
|
138
139
|
return lines.join("\n");
|
|
139
140
|
}
|
|
141
|
+
function generateRecommendationsSection(score, controls, findings) {
|
|
142
|
+
const lines = ["## Compliance Recommendations\n"];
|
|
143
|
+
const failedControls = controls.filter(c => c.status === "fail");
|
|
144
|
+
const criticalFails = failedControls.filter(c => c.severity === "critical");
|
|
145
|
+
const highFails = failedControls.filter(c => c.severity === "high");
|
|
146
|
+
const notImplemented = controls.filter(c => c.status === "not-implemented");
|
|
147
|
+
if (criticalFails.length > 0) {
|
|
148
|
+
lines.push("### Critical Actions Required\n");
|
|
149
|
+
for (const c of criticalFails.slice(0, 10)) {
|
|
150
|
+
lines.push(`- **${c.id}**: ${c.name} — ${c.implementation_guidance.split(".")[0]}`);
|
|
151
|
+
}
|
|
152
|
+
lines.push("");
|
|
153
|
+
}
|
|
154
|
+
if (highFails.length > 0) {
|
|
155
|
+
lines.push("### High Priority Actions\n");
|
|
156
|
+
for (const c of highFails.slice(0, 10)) {
|
|
157
|
+
lines.push(`- **${c.id}**: ${c.name} — ${c.implementation_guidance.split(".")[0]}`);
|
|
158
|
+
}
|
|
159
|
+
lines.push("");
|
|
160
|
+
}
|
|
161
|
+
if (findings && findings.length > 0) {
|
|
162
|
+
const critFindings = findings.filter(f => f.severity === "critical");
|
|
163
|
+
const highFindings = findings.filter(f => f.severity === "high");
|
|
164
|
+
if (critFindings.length > 0) {
|
|
165
|
+
lines.push("### Immediate Security Fixes\n");
|
|
166
|
+
for (const f of critFindings) {
|
|
167
|
+
lines.push(`- **[${f.severity.toUpperCase()}] ${f.title}** (${f.file}): ${f.fix}`);
|
|
168
|
+
}
|
|
169
|
+
lines.push("");
|
|
170
|
+
}
|
|
171
|
+
if (highFindings.length > 0 && critFindings.length === 0) {
|
|
172
|
+
lines.push("### Security Fixes Needed\n");
|
|
173
|
+
for (const f of highFindings) {
|
|
174
|
+
lines.push(`- **[${f.severity.toUpperCase()}] ${f.title}** (${f.file}): ${f.fix}`);
|
|
175
|
+
}
|
|
176
|
+
lines.push("");
|
|
177
|
+
}
|
|
178
|
+
}
|
|
179
|
+
if (notImplemented.length > 0) {
|
|
180
|
+
const sample = notImplemented.slice(0, 5);
|
|
181
|
+
lines.push("### Not Yet Implemented\n");
|
|
182
|
+
lines.push(`${notImplemented.length} controls have not been implemented yet. Start with:`);
|
|
183
|
+
lines.push("");
|
|
184
|
+
for (const c of sample) {
|
|
185
|
+
lines.push(`- **${c.id}** (${c.severity}): ${c.name}`);
|
|
186
|
+
}
|
|
187
|
+
if (notImplemented.length > 5) {
|
|
188
|
+
lines.push(`- ... and ${notImplemented.length - 5} more`);
|
|
189
|
+
}
|
|
190
|
+
lines.push("");
|
|
191
|
+
}
|
|
192
|
+
if (score.overall >= 90) {
|
|
193
|
+
lines.push("Overall compliance posture is strong. Focus on maintaining controls and addressing remaining findings.");
|
|
194
|
+
}
|
|
195
|
+
else if (score.overall >= 65) {
|
|
196
|
+
lines.push("Compliance posture needs improvement. Prioritize critical and high severity controls above all else.");
|
|
197
|
+
}
|
|
198
|
+
else if (score.overall >= 50) {
|
|
199
|
+
lines.push("Compliance posture is below acceptable threshold. Immediate action required on critical controls.");
|
|
200
|
+
}
|
|
201
|
+
else {
|
|
202
|
+
lines.push("**Compliance posture is critically low.** Resolve all critical findings before any deployment.");
|
|
203
|
+
}
|
|
204
|
+
return lines.join("\n");
|
|
205
|
+
}
|
|
140
206
|
export function generateHtmlReport(options, score, controls, findings) {
|
|
141
207
|
const md = generateMarkdownReport(options, score, controls, findings);
|
|
142
208
|
return `<!DOCTYPE html>
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@greenarmor/ges-report-generator",
|
|
3
|
-
"version": "0.5.
|
|
3
|
+
"version": "0.5.1",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "GESF Report Generator - Markdown/HTML/PDF compliance reports",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -12,11 +12,11 @@
|
|
|
12
12
|
}
|
|
13
13
|
},
|
|
14
14
|
"dependencies": {
|
|
15
|
-
"@greenarmor/ges-core": "0.5.
|
|
16
|
-
"@greenarmor/ges-audit-engine": "0.5.
|
|
17
|
-
"@greenarmor/ges-compliance-engine": "0.5.
|
|
18
|
-
"@greenarmor/ges-policy-engine": "0.5.
|
|
19
|
-
"@greenarmor/ges-scoring-engine": "0.5.
|
|
15
|
+
"@greenarmor/ges-core": "0.5.1",
|
|
16
|
+
"@greenarmor/ges-audit-engine": "0.5.1",
|
|
17
|
+
"@greenarmor/ges-compliance-engine": "0.5.1",
|
|
18
|
+
"@greenarmor/ges-policy-engine": "0.5.1",
|
|
19
|
+
"@greenarmor/ges-scoring-engine": "0.5.1"
|
|
20
20
|
},
|
|
21
21
|
"devDependencies": {
|
|
22
22
|
"typescript": "^6.0.0",
|