npm - @sanity-labs/backstage-plugin-trivy - Versions diffs - 0.0.1 - Mend

@sanity-labs/backstage-plugin-trivy 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md +230 -0
package/dist/esm/index-e137a1bb.esm.js +104 -0
package/dist/esm/index-e137a1bb.esm.js.map +1 -0
package/dist/index.d.ts +78 -0
package/dist/index.esm.js +269 -0
package/dist/index.esm.js.map +1 -0
package/package.json +55 -0

package/README.md ADDED Viewed

@@ -0,0 +1,230 @@
+# Trivy Frontend Plugin
+This frontend plugin displays Trivy security scan results in Backstage.
+## Features
+- **Security Scans Page**: View all security scans across repositories
+- **Entity Card**: Display latest scan results on catalog entity pages
+- **Severity-based filtering**: See critical, high, medium, and low severity findings
+- **Links to GitHub PRs and CircleCI builds**
+- **Expandable finding details** with remediation guidance
+## Installation
+### 1. Add to your Backstage app dependencies
+Add to `packages/app/package.json`:
+```json
+{
+  "dependencies": {
+    "@internal/backstage-plugin-trivy": "^0.1.0"
+  }
+}
+```
+### 2. Configure the plugin (optional)
+Add to your `app-config.yaml`:
+```yaml
+trivy:
+  # GCS bucket name (default: sanity-trivy-logs)
+  bucketName: sanity-trivy-logs
+  # Cache times in minutes
+  cacheTime: 30  # Frontend cache duration
+  staleTime: 5   # When to refetch in background
+  # Severity filter (default: CRITICAL, HIGH, MEDIUM)
+  severityFilter:
+    - CRITICAL
+    - HIGH
+    - MEDIUM
+    # - LOW  # Uncomment to include low severity
+```
+### 3. Add the route to your app
+In `packages/app/src/App.tsx`:
+```tsx
+import { TrivyPage } from '@internal/backstage-plugin-trivy';
+// ... inside <FlatRoutes>
+<Route path="/trivy" element={<TrivyPage />} />
+```
+### 4. Add to navigation (optional)
+In `packages/app/src/components/Root/Root.tsx`:
+```tsx
+import SecurityIcon from '@material-ui/icons/Security';
+// ... inside <SidebarGroup>
+<SidebarItem icon={SecurityIcon} to="trivy" text="Security" />
+```
+### 5. Add Entity Card (optional)
+To show scan results on entity pages, add to your entity page layout in `packages/app/src/components/catalog/EntityPage.tsx`:
+```tsx
+import { EntityTrivyCard } from '@internal/backstage-plugin-trivy';
+// For service entities
+const serviceEntityPage = (
+  <EntityLayout>
+    <EntityLayout.Route path="/" title="Overview">
+      <Grid container spacing={3}>
+        {/* ... other cards ... */}
+        <Grid item md={6}>
+          <EntityTrivyCard />
+        </Grid>
+      </Grid>
+    </EntityLayout.Route>
+  </EntityLayout>
+);
+```
+### 6. Use Standalone Card (optional)
+For custom pages without entity context:
+```tsx
+import { StandaloneTrivyCard } from '@internal/backstage-plugin-trivy';
+// Use anywhere with explicit repository
+<StandaloneTrivyCard repository="alert-relay" />
+// or
+<StandaloneTrivyCard repository="sanity-io/alert-relay" title="Custom Title" />
+```
+## Usage
+### Viewing All Scans
+Navigate to `/trivy` to see a table of all security scans across your repositories. The table shows:
+- Repository name and branch
+- Finding counts by severity
+- Git commit hash
+- Links to GitHub PRs and CircleCI builds
+- Scan timestamp
+### Entity Card
+The `EntityTrivyCard` automatically displays the latest scan for the entity's repository. It reads the repository name from:
+- `github.com/project-slug` annotation, or
+- `backstage.io/source-location` annotation
+Example entity:
+```yaml
+apiVersion: backstage.io/v1alpha1
+kind: Component
+metadata:
+  name: my-service
+  annotations:
+    github.com/project-slug: sanity-io/alert-relay
+```
+### Interpreting Results
+Findings are color-coded by severity:
+- 🔴 **CRITICAL**: Red - Requires immediate attention
+- 🟠 **HIGH**: Orange - Should be fixed soon
+- 🟡 **MEDIUM**: Yellow - Should be addressed
+- 🔵 **LOW**: Blue - Consider fixing
+- ⚪ **UNKNOWN**: Gray - Needs review
+Each finding includes:
+- Affected file and line numbers
+- Description of the issue
+- Link to detailed remediation guidance
+## API & Hooks
+### React Query Hooks (Recommended)
+The plugin provides React Query hooks with built-in caching:
+```tsx
+import { useTrivyScans, useTrivyLatestScan, useTrivyScan } from '@internal/backstage-plugin-trivy';
+const MyComponent = () => {
+  // Get all scans with caching
+  const { data, isLoading, error } = useTrivyScans();
+  // Get latest scan for a repo
+  const { data: latest } = useTrivyLatestScan('alert-relay');
+  // Get specific scan
+  const { data: scan } = useTrivyScan('repo', 'branch', 'scanId');
+};
+```
+### Direct API (Low-level)
+For custom implementations without React Query:
+```tsx
+import { useApi } from '@backstage/core-plugin-api';
+import { trivyApiRef } from '@internal/backstage-plugin-trivy';
+const MyComponent = () => {
+  const trivyApi = useApi(trivyApiRef);
+  // Get all scans
+  const scans = await trivyApi.getScans();
+  // Get specific scan
+  const scan = await trivyApi.getScan('repo', 'branch', 'scanId');
+  // Get latest scan for a repo
+  const latest = await trivyApi.getLatestScan('repo');
+};
+```
+## Configuration
+### Severity Filtering
+Control which severity levels are displayed:
+```yaml
+trivy:
+  severityFilter:
+    - CRITICAL  # Always recommended
+    - HIGH      # Always recommended
+    - MEDIUM    # Recommended for most teams
+    # - LOW     # Uncomment for comprehensive view
+```
+### Caching
+The plugin uses two-level caching:
+1. **Frontend Cache** (React Query):
+   - `cacheTime`: How long data stays in memory (default: 30 min)
+   - `staleTime`: When to refetch in background (default: 5 min)
+2. **Backend Cache** (In-memory):
+   - Caches GCS responses to reduce API calls
+   - Configurable via `trivy.cacheTime` (default: 5 min)
+```yaml
+trivy:
+  cacheTime: 30   # Frontend: keep in cache for 30 minutes
+  staleTime: 5    # Frontend: consider stale after 5 minutes
+  # Backend cache uses the same cacheTime value
+```
+### Custom Bucket
+If using a different GCS bucket:
+```yaml
+trivy:
+  bucketName: my-custom-bucket
+```

package/dist/esm/index-e137a1bb.esm.js ADDED Viewed

@@ -0,0 +1,104 @@
+import React from 'react';
+import { Progress, Table, Link, Page, Header, Content } from '@backstage/core-components';
+import { useApi, configApiRef } from '@backstage/core-plugin-api';
+import { getTrivyConfig, useTrivyScans, TrivyQueryProvider } from '../index.esm.js';
+import { Chip, Box, Typography } from '@material-ui/core';
+import Alert from '@material-ui/lab/Alert';
+import '@material-ui/icons/ExpandMore';
+import '@material-ui/icons/Warning';
+import '@material-ui/icons/Error';
+import '@material-ui/icons/Info';
+import '@backstage/plugin-catalog-react';
+import '@tanstack/react-query';
+import '@tanstack/query-sync-storage-persister';
+import '@tanstack/react-query-persist-client';
+const getSeverityCounts = (scan) => {
+  const counts = {
+    CRITICAL: 0,
+    HIGH: 0,
+    MEDIUM: 0,
+    LOW: 0,
+    UNKNOWN: 0
+  };
+  scan.findings.forEach((finding) => {
+    counts[finding.severity] = (counts[finding.severity] || 0) + 1;
+  });
+  return counts;
+};
+const TrivyScansTable = () => {
+  const configApi = useApi(configApiRef);
+  const config = getTrivyConfig(configApi);
+  const { data, isLoading, error } = useTrivyScans();
+  if (isLoading) {
+    return /* @__PURE__ */ React.createElement(Progress, null);
+  }
+  if (error) {
+    return /* @__PURE__ */ React.createElement(Alert, { severity: "error" }, "Failed to load scans: ", error instanceof Error ? error.message : "Unknown error");
+  }
+  const filteredScans = (data || []).map((scan) => ({
+    ...scan,
+    findings: scan.findings.filter(
+      (finding) => config.severityFilter.includes(finding.severity)
+    )
+  }));
+  const columns = [
+    {
+      title: "Repository",
+      field: "repo",
+      highlight: true
+    },
+    {
+      title: "Branch",
+      field: "branch"
+    },
+    {
+      title: "Findings",
+      render: (row) => {
+        const counts = getSeverityCounts(row);
+        const total = row.findings.length;
+        if (total === 0) {
+          return /* @__PURE__ */ React.createElement(Chip, { label: "\u2713 No issues", size: "small", style: { backgroundColor: "#4caf50", color: "white" } });
+        }
+        return /* @__PURE__ */ React.createElement(Box, { display: "flex", style: { gap: 4 } }, counts.CRITICAL > 0 && /* @__PURE__ */ React.createElement(Chip, { label: `${counts.CRITICAL} Critical`, size: "small", color: "secondary" }), counts.HIGH > 0 && /* @__PURE__ */ React.createElement(Chip, { label: `${counts.HIGH} High`, size: "small", color: "secondary" }), counts.MEDIUM > 0 && /* @__PURE__ */ React.createElement(Chip, { label: `${counts.MEDIUM} Medium`, size: "small", color: "primary" }), counts.LOW > 0 && /* @__PURE__ */ React.createElement(Chip, { label: `${counts.LOW} Low`, size: "small", color: "default" }));
+      }
+    },
+    {
+      title: "Commit",
+      render: (row) => {
+        if (row.metadata.gitCommit) {
+          return /* @__PURE__ */ React.createElement(Typography, { variant: "body2", style: { fontFamily: "monospace" } }, row.metadata.gitCommit.substring(0, 7));
+        }
+        return "-";
+      }
+    },
+    {
+      title: "Links",
+      render: (row) => {
+        return /* @__PURE__ */ React.createElement(Box, { display: "flex", style: { gap: 8 } }, row.metadata.githubPr && /* @__PURE__ */ React.createElement(Link, { to: row.metadata.githubPr, target: "_blank" }, "PR"), row.metadata.circleciUrl && /* @__PURE__ */ React.createElement(Link, { to: row.metadata.circleciUrl, target: "_blank" }, "Build"));
+      }
+    },
+    {
+      title: "Timestamp",
+      field: "timestamp",
+      type: "datetime"
+    }
+  ];
+  return /* @__PURE__ */ React.createElement(
+    Table,
+    {
+      title: "Trivy Security Scans",
+      subtitle: `Showing findings: ${config.severityFilter.join(", ")}`,
+      options: { search: true, paging: true, pageSize: 20 },
+      columns,
+      data: filteredScans
+    }
+  );
+};
+const TrivyPage = () => {
+  return /* @__PURE__ */ React.createElement(TrivyQueryProvider, null, /* @__PURE__ */ React.createElement(Page, { themeId: "tool" }, /* @__PURE__ */ React.createElement(Header, { title: "Security Scans", subtitle: "Trivy vulnerability and misconfiguration findings" }), /* @__PURE__ */ React.createElement(Content, null, /* @__PURE__ */ React.createElement(TrivyScansTable, null))));
+};
+export { TrivyPage };
+//# sourceMappingURL=index-e137a1bb.esm.js.map

package/dist/esm/index-e137a1bb.esm.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index-e137a1bb.esm.js","sources":["../../src/components/TrivyScansTable/TrivyScansTable.tsx","../../src/components/TrivyPage/TrivyPage.tsx"],"sourcesContent":["import React from 'react';\nimport { Table, TableColumn, Progress, Link } from '@backstage/core-components';\nimport { useApi, configApiRef } from '@backstage/core-plugin-api';\nimport { TrivyScanResult } from '../../api/TrivyApi';\nimport { useTrivyScans } from '../../api/hooks';\nimport { getTrivyConfig } from '../../api/config';\nimport {\n Box,\n Chip,\n Typography,\n} from '@material-ui/core';\nimport Alert from '@material-ui/lab/Alert';\n\nconst getSeverityCounts = (scan: TrivyScanResult) => {\n const counts = {\n CRITICAL: 0,\n HIGH: 0,\n MEDIUM: 0,\n LOW: 0,\n UNKNOWN: 0,\n };\n\n scan.findings.forEach(finding => {\n counts[finding.severity] = (counts[finding.severity] || 0) + 1;\n });\n\n return counts;\n};\n\nexport const TrivyScansTable = () => {\n const configApi = useApi(configApiRef);\n const config = getTrivyConfig(configApi);\n const { data, isLoading, error } = useTrivyScans();\n\n if (isLoading) {\n return <Progress />;\n }\n\n if (error) {\n return <Alert severity=\"error\">Failed to load scans: {error instanceof Error ? error.message : 'Unknown error'}</Alert>;\n }\n\n // Filter scans by configured severity levels\n const filteredScans = (data || []).map(scan => ({\n ...scan,\n findings: scan.findings.filter(finding =>\n config.severityFilter.includes(finding.severity),\n ),\n }));\n\n const columns: TableColumn<TrivyScanResult>[] = [\n {\n title: 'Repository',\n field: 'repo',\n highlight: true,\n },\n {\n title: 'Branch',\n field: 'branch',\n },\n {\n title: 'Findings',\n render: (row: TrivyScanResult) => {\n const counts = getSeverityCounts(row);\n const total = row.findings.length;\n\n if (total === 0) {\n return <Chip label=\"✓ No issues\" size=\"small\" style={{ backgroundColor: '#4caf50', color: 'white' }} />;\n }\n\n return (\n <Box display=\"flex\" style={{ gap: 4 }}>\n {counts.CRITICAL > 0 && (\n <Chip label={`${counts.CRITICAL} Critical`} size=\"small\" color=\"secondary\" />\n )}\n {counts.HIGH > 0 && (\n <Chip label={`${counts.HIGH} High`} size=\"small\" color=\"secondary\" />\n )}\n {counts.MEDIUM > 0 && (\n <Chip label={`${counts.MEDIUM} Medium`} size=\"small\" color=\"primary\" />\n )}\n {counts.LOW > 0 && (\n <Chip label={`${counts.LOW} Low`} size=\"small\" color=\"default\" />\n )}\n </Box>\n );\n },\n },\n {\n title: 'Commit',\n render: (row: TrivyScanResult) => {\n if (row.metadata.gitCommit) {\n return (\n <Typography variant=\"body2\" style={{ fontFamily: 'monospace' }}>\n {row.metadata.gitCommit.substring(0, 7)}\n </Typography>\n );\n }\n return '-';\n },\n },\n {\n title: 'Links',\n render: (row: TrivyScanResult) => {\n return (\n <Box display=\"flex\" style={{ gap: 8 }}>\n {row.metadata.githubPr && (\n <Link to={row.metadata.githubPr} target=\"_blank\">\n PR\n </Link>\n )}\n {row.metadata.circleciUrl && (\n <Link to={row.metadata.circleciUrl} target=\"_blank\">\n Build\n </Link>\n )}\n </Box>\n );\n },\n },\n {\n title: 'Timestamp',\n field: 'timestamp',\n type: 'datetime',\n },\n ];\n\n return (\n <Table\n title=\"Trivy Security Scans\"\n subtitle={`Showing findings: ${config.severityFilter.join(', ')}`}\n options={{ search: true, paging: true, pageSize: 20 }}\n columns={columns}\n data={filteredScans}\n />\n );\n};\n","import React from 'react';\nimport { Page, Header, Content } from '@backstage/core-components';\nimport { TrivyScansTable } from '../TrivyScansTable';\nimport { TrivyQueryProvider } from '../../api/QueryProvider';\n\nexport const TrivyPage = () => {\n return (\n <TrivyQueryProvider>\n <Page themeId=\"tool\">\n <Header title=\"Security Scans\" subtitle=\"Trivy vulnerability and misconfiguration findings\" />\n <Content>\n <TrivyScansTable />\n </Content>\n </Page>\n </TrivyQueryProvider>\n );\n};\n"],"names":[],"mappings":";;;;;;;;;;;;;;;AAaA,MAAM,iBAAA,GAAoB,CAAC,IAA0B,KAAA;AACnD,EAAA,MAAM,MAAS,GAAA;AAAA,IACb,QAAU,EAAA,CAAA;AAAA,IACV,IAAM,EAAA,CAAA;AAAA,IACN,MAAQ,EAAA,CAAA;AAAA,IACR,GAAK,EAAA,CAAA;AAAA,IACL,OAAS,EAAA,CAAA;AAAA,GACX,CAAA;AAEA,EAAK,IAAA,CAAA,QAAA,CAAS,QAAQ,CAAW,OAAA,KAAA;AAC/B,IAAA,MAAA,CAAO,QAAQ,QAAQ,CAAA,GAAA,CAAK,OAAO,OAAQ,CAAA,QAAQ,KAAK,CAAK,IAAA,CAAA,CAAA;AAAA,GAC9D,CAAA,CAAA;AAED,EAAO,OAAA,MAAA,CAAA;AACT,CAAA,CAAA;AAEO,MAAM,kBAAkB,MAAM;AACnC,EAAM,MAAA,SAAA,GAAY,OAAO,YAAY,CAAA,CAAA;AACrC,EAAM,MAAA,MAAA,GAAS,eAAe,SAAS,CAAA,CAAA;AACvC,EAAA,MAAM,EAAE,IAAA,EAAM,SAAW,EAAA,KAAA,KAAU,aAAc,EAAA,CAAA;AAEjD,EAAA,IAAI,SAAW,EAAA;AACb,IAAA,2CAAQ,QAAS,EAAA,IAAA,CAAA,CAAA;AAAA,GACnB;AAEA,EAAA,IAAI,KAAO,EAAA;AACT,IAAO,uBAAA,KAAA,CAAA,aAAA,CAAC,SAAM,QAAS,EAAA,OAAA,EAAA,EAAQ,0BAAuB,KAAiB,YAAA,KAAA,GAAQ,KAAM,CAAA,OAAA,GAAU,eAAgB,CAAA,CAAA;AAAA,GACjH;AAGA,EAAA,MAAM,aAAiB,GAAA,CAAA,IAAA,IAAQ,EAAC,EAAG,IAAI,CAAS,IAAA,MAAA;AAAA,IAC9C,GAAG,IAAA;AAAA,IACH,QAAA,EAAU,KAAK,QAAS,CAAA,MAAA;AAAA,MAAO,CAC7B,OAAA,KAAA,MAAA,CAAO,cAAe,CAAA,QAAA,CAAS,QAAQ,QAAQ,CAAA;AAAA,KACjD;AAAA,GACA,CAAA,CAAA,CAAA;AAEF,EAAA,MAAM,OAA0C,GAAA;AAAA,IAC9C;AAAA,MACE,KAAO,EAAA,YAAA;AAAA,MACP,KAAO,EAAA,MAAA;AAAA,MACP,SAAW,EAAA,IAAA;AAAA,KACb;AAAA,IACA;AAAA,MACE,KAAO,EAAA,QAAA;AAAA,MACP,KAAO,EAAA,QAAA;AAAA,KACT;AAAA,IACA;AAAA,MACE,KAAO,EAAA,UAAA;AAAA,MACP,MAAA,EAAQ,CAAC,GAAyB,KAAA;AAChC,QAAM,MAAA,MAAA,GAAS,kBAAkB,GAAG,CAAA,CAAA;AACpC,QAAM,MAAA,KAAA,GAAQ,IAAI,QAAS,CAAA,MAAA,CAAA;AAE3B,QAAA,IAAI,UAAU,CAAG,EAAA;AACf,UAAA,uBAAQ,KAAA,CAAA,aAAA,CAAA,IAAA,EAAA,EAAK,KAAM,EAAA,kBAAA,EAAc,IAAK,EAAA,OAAA,EAAQ,KAAO,EAAA,EAAE,eAAiB,EAAA,SAAA,EAAW,KAAO,EAAA,OAAA,EAAW,EAAA,CAAA,CAAA;AAAA,SACvG;AAEA,QAAA,uBACG,KAAA,CAAA,aAAA,CAAA,GAAA,EAAA,EAAI,OAAQ,EAAA,MAAA,EAAO,OAAO,EAAE,GAAA,EAAK,CAAE,EAAA,EAAA,EACjC,MAAO,CAAA,QAAA,GAAW,CACjB,oBAAA,KAAA,CAAA,aAAA,CAAC,QAAK,KAAO,EAAA,CAAA,EAAG,MAAO,CAAA,QAAQ,CAAa,SAAA,CAAA,EAAA,IAAA,EAAK,OAAQ,EAAA,KAAA,EAAM,aAAY,CAE5E,EAAA,MAAA,CAAO,IAAO,GAAA,CAAA,oBACZ,KAAA,CAAA,aAAA,CAAA,IAAA,EAAA,EAAK,KAAO,EAAA,CAAA,EAAG,OAAO,IAAI,CAAA,KAAA,CAAA,EAAS,IAAK,EAAA,OAAA,EAAQ,KAAM,EAAA,WAAA,EAAY,CAEpE,EAAA,MAAA,CAAO,SAAS,CACf,oBAAA,KAAA,CAAA,aAAA,CAAC,IAAK,EAAA,EAAA,KAAA,EAAO,CAAG,EAAA,MAAA,CAAO,MAAM,CAAA,OAAA,CAAA,EAAW,MAAK,OAAQ,EAAA,KAAA,EAAM,SAAU,EAAA,CAAA,EAEtE,MAAO,CAAA,GAAA,GAAM,CACZ,oBAAA,KAAA,CAAA,aAAA,CAAC,QAAK,KAAO,EAAA,CAAA,EAAG,MAAO,CAAA,GAAG,CAAQ,IAAA,CAAA,EAAA,IAAA,EAAK,OAAQ,EAAA,KAAA,EAAM,WAAU,CAEnE,CAAA,CAAA;AAAA,OAEJ;AAAA,KACF;AAAA,IACA;AAAA,MACE,KAAO,EAAA,QAAA;AAAA,MACP,MAAA,EAAQ,CAAC,GAAyB,KAAA;AAChC,QAAI,IAAA,GAAA,CAAI,SAAS,SAAW,EAAA;AAC1B,UAAA,uBACG,KAAA,CAAA,aAAA,CAAA,UAAA,EAAA,EAAW,OAAQ,EAAA,OAAA,EAAQ,OAAO,EAAE,UAAA,EAAY,WAAY,EAAA,EAAA,EAC1D,IAAI,QAAS,CAAA,SAAA,CAAU,SAAU,CAAA,CAAA,EAAG,CAAC,CACxC,CAAA,CAAA;AAAA,SAEJ;AACA,QAAO,OAAA,GAAA,CAAA;AAAA,OACT;AAAA,KACF;AAAA,IACA;AAAA,MACE,KAAO,EAAA,OAAA;AAAA,MACP,MAAA,EAAQ,CAAC,GAAyB,KAAA;AAChC,QAAA,uBACG,KAAA,CAAA,aAAA,CAAA,GAAA,EAAA,EAAI,OAAQ,EAAA,MAAA,EAAO,OAAO,EAAE,GAAA,EAAK,CAAE,EAAA,EAAA,EACjC,IAAI,QAAS,CAAA,QAAA,oBACX,KAAA,CAAA,aAAA,CAAA,IAAA,EAAA,EAAK,IAAI,GAAI,CAAA,QAAA,CAAS,QAAU,EAAA,MAAA,EAAO,QAAS,EAAA,EAAA,IAEjD,CAED,EAAA,GAAA,CAAI,SAAS,WACZ,oBAAA,KAAA,CAAA,aAAA,CAAC,IAAK,EAAA,EAAA,EAAA,EAAI,IAAI,QAAS,CAAA,WAAA,EAAa,MAAO,EAAA,QAAA,EAAA,EAAS,OAEpD,CAEJ,CAAA,CAAA;AAAA,OAEJ;AAAA,KACF;AAAA,IACA;AAAA,MACE,KAAO,EAAA,WAAA;AAAA,MACP,KAAO,EAAA,WAAA;AAAA,MACP,IAAM,EAAA,UAAA;AAAA,KACR;AAAA,GACF,CAAA;AAEA,EACE,uBAAA,KAAA,CAAA,aAAA;AAAA,IAAC,KAAA;AAAA,IAAA;AAAA,MACC,KAAM,EAAA,sBAAA;AAAA,MACN,UAAU,CAAqB,kBAAA,EAAA,MAAA,CAAO,cAAe,CAAA,IAAA,CAAK,IAAI,CAAC,CAAA,CAAA;AAAA,MAC/D,SAAS,EAAE,MAAA,EAAQ,MAAM,MAAQ,EAAA,IAAA,EAAM,UAAU,EAAG,EAAA;AAAA,MACpD,OAAA;AAAA,MACA,IAAM,EAAA,aAAA;AAAA,KAAA;AAAA,GACR,CAAA;AAEJ,CAAA;;ACnIO,MAAM,YAAY,MAAM;AAC7B,EAAA,2CACG,kBACC,EAAA,IAAA,kBAAA,KAAA,CAAA,aAAA,CAAC,QAAK,OAAQ,EAAA,MAAA,EAAA,sCACX,MAAO,EAAA,EAAA,KAAA,EAAM,kBAAiB,QAAS,EAAA,mDAAA,EAAoD,mBAC3F,KAAA,CAAA,aAAA,CAAA,OAAA,EAAA,IAAA,sCACE,eAAgB,EAAA,IAAA,CACnB,CACF,CACF,CAAA,CAAA;AAEJ;;;;"}

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,78 @@
+import * as React from 'react';
+import React__default from 'react';
+import * as _backstage_core_plugin_api from '@backstage/core-plugin-api';
+import * as _tanstack_react_query from '@tanstack/react-query';
+import { UseQueryOptions } from '@tanstack/react-query';
+import { Config } from '@backstage/config';
+declare const trivyPlugin: _backstage_core_plugin_api.BackstagePlugin<{
+    root: _backstage_core_plugin_api.RouteRef<undefined>;
+}, {}, {}>;
+declare const TrivyPage: () => React.JSX.Element;
+interface TrivyMetadata {
+    circleciUrl?: string;
+    githubPr?: string;
+    gitCommit?: string;
+    committer?: string;
+}
+interface TrivyFinding {
+    file: string;
+    severity: 'CRITICAL' | 'HIGH' | 'MEDIUM' | 'LOW' | 'UNKNOWN';
+    title: string;
+    description: string;
+    lines: string;
+    avdId?: string;
+}
+interface TrivyScanResult {
+    repo: string;
+    branch: string;
+    scanId: string;
+    metadata: TrivyMetadata;
+    findings: TrivyFinding[];
+    timestamp: string;
+}
+interface TrivyApi {
+    getScans(): Promise<TrivyScanResult[]>;
+    getScan(repo: string, branch: string, scanId: string): Promise<TrivyScanResult>;
+    getLatestScan(repo: string): Promise<TrivyScanResult>;
+}
+declare const trivyApiRef: _backstage_core_plugin_api.ApiRef<TrivyApi>;
+interface TrivyFindingsCardProps {
+    findings: TrivyFinding[];
+    title?: string;
+}
+declare const TrivyFindingsCard: ({ findings, title }: TrivyFindingsCardProps) => React__default.JSX.Element;
+declare const EntityTrivyCard: () => React__default.JSX.Element;
+interface StandaloneTrivyCardProps {
+    /** Repository identifier (e.g., "alert-relay" or "sanity-io/alert-relay") */
+    repository: string;
+    /** Optional title override */
+    title?: string;
+}
+declare const StandaloneTrivyCard: ({ repository, title }: StandaloneTrivyCardProps) => React__default.JSX.Element;
+declare const TrivyQueryProvider: ({ children }: {
+    children: React__default.ReactNode;
+}) => React__default.JSX.Element;
+declare const SimpleTrivyQueryProvider: ({ children }: {
+    children: React__default.ReactNode;
+}) => React__default.JSX.Element;
+declare const useTrivyScans: (options?: Omit<UseQueryOptions<TrivyScanResult[]>, "queryKey" | "queryFn">) => _tanstack_react_query.UseQueryResult<TrivyScanResult[], Error>;
+declare const useTrivyScan: (repo: string, branch: string, scanId: string, options?: Omit<UseQueryOptions<TrivyScanResult>, "queryKey" | "queryFn">) => _tanstack_react_query.UseQueryResult<TrivyScanResult, Error>;
+declare const useTrivyLatestScan: (repo: string | undefined, options?: Omit<UseQueryOptions<TrivyScanResult>, "queryKey" | "queryFn">) => _tanstack_react_query.UseQueryResult<TrivyScanResult, Error>;
+interface TrivyConfig {
+    bucketName: string;
+    severityFilter: string[];
+    cacheTime: number;
+    staleTime: number;
+}
+declare const DEFAULT_TRIVY_CONFIG: TrivyConfig;
+declare function getTrivyConfig(config: Config): TrivyConfig;
+export { DEFAULT_TRIVY_CONFIG, EntityTrivyCard, SimpleTrivyQueryProvider, StandaloneTrivyCard, TrivyApi, TrivyConfig, TrivyFinding, TrivyFindingsCard, TrivyMetadata, TrivyPage, TrivyQueryProvider, TrivyScanResult, getTrivyConfig, trivyApiRef, trivyPlugin, useTrivyLatestScan, useTrivyScan, useTrivyScans };

package/dist/index.esm.js ADDED Viewed

@@ -0,0 +1,269 @@
+import { createRouteRef, createApiRef, createPlugin, createApiFactory, discoveryApiRef, fetchApiRef, createRoutableExtension, useApi, configApiRef } from '@backstage/core-plugin-api';
+import React from 'react';
+import { InfoCard, Link, Progress } from '@backstage/core-components';
+import { makeStyles, Box, Chip, Accordion, AccordionSummary, Typography, AccordionDetails } from '@material-ui/core';
+import ExpandMoreIcon from '@material-ui/icons/ExpandMore';
+import WarningIcon from '@material-ui/icons/Warning';
+import ErrorIcon from '@material-ui/icons/Error';
+import InfoIcon from '@material-ui/icons/Info';
+import { useEntity } from '@backstage/plugin-catalog-react';
+import { useQuery, QueryClient, QueryClientProvider } from '@tanstack/react-query';
+import Alert from '@material-ui/lab/Alert';
+import { createSyncStoragePersister } from '@tanstack/query-sync-storage-persister';
+import { PersistQueryClientProvider } from '@tanstack/react-query-persist-client';
+const rootRouteRef = createRouteRef({
+  id: "trivy"
+});
+var __defProp = Object.defineProperty;
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __publicField = (obj, key, value) => {
+  __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value);
+  return value;
+};
+const trivyApiRef = createApiRef({
+  id: "plugin.trivy.service"
+});
+class TrivyClient {
+  constructor(options) {
+    __publicField(this, "discoveryApi");
+    __publicField(this, "fetchApi");
+    this.discoveryApi = options.discoveryApi;
+    this.fetchApi = options.fetchApi;
+  }
+  async fetch(path) {
+    const baseUrl = await this.discoveryApi.getBaseUrl("trivy");
+    const response = await this.fetchApi.fetch(`${baseUrl}${path}`);
+    if (!response.ok) {
+      throw new Error(`Failed to fetch ${path}: ${response.statusText}`);
+    }
+    return response.json();
+  }
+  async getScans() {
+    return this.fetch("/scans");
+  }
+  async getScan(repo, branch, scanId) {
+    return this.fetch(`/scans/${repo}/${branch}/${scanId}`);
+  }
+  async getLatestScan(repo) {
+    return this.fetch(`/scans/${repo}/latest`);
+  }
+}
+const trivyPlugin = createPlugin({
+  id: "trivy",
+  routes: {
+    root: rootRouteRef
+  },
+  apis: [
+    createApiFactory({
+      api: trivyApiRef,
+      deps: {
+        discoveryApi: discoveryApiRef,
+        fetchApi: fetchApiRef
+      },
+      factory: ({ discoveryApi, fetchApi }) => new TrivyClient({ discoveryApi, fetchApi })
+    })
+  ]
+});
+const TrivyPage = trivyPlugin.provide(
+  createRoutableExtension({
+    name: "TrivyPage",
+    component: () => import('./esm/index-e137a1bb.esm.js').then((m) => m.TrivyPage),
+    mountPoint: rootRouteRef
+  })
+);
+const useStyles = makeStyles((theme) => ({
+  finding: {
+    marginBottom: theme.spacing(1)
+  },
+  critical: {
+    borderLeft: `4px solid ${theme.palette.error.main}`
+  },
+  high: {
+    borderLeft: `4px solid ${theme.palette.error.light}`
+  },
+  medium: {
+    borderLeft: `4px solid ${theme.palette.warning.main}`
+  },
+  low: {
+    borderLeft: `4px solid ${theme.palette.info.main}`
+  },
+  unknown: {
+    borderLeft: `4px solid ${theme.palette.grey[400]}`
+  }
+}));
+const SeverityIcon = ({ severity }) => {
+  switch (severity) {
+    case "CRITICAL":
+      return /* @__PURE__ */ React.createElement(ErrorIcon, { style: { color: "#d32f2f" } });
+    case "HIGH":
+      return /* @__PURE__ */ React.createElement(ErrorIcon, { style: { color: "#f44336" } });
+    case "MEDIUM":
+      return /* @__PURE__ */ React.createElement(WarningIcon, { style: { color: "#ff9800" } });
+    case "LOW":
+      return /* @__PURE__ */ React.createElement(InfoIcon, { style: { color: "#2196f3" } });
+    default:
+      return /* @__PURE__ */ React.createElement(InfoIcon, { style: { color: "#9e9e9e" } });
+  }
+};
+const TrivyFindingsCard = ({ findings, title = "Security Findings" }) => {
+  const classes = useStyles();
+  const sortedFindings = [...findings].sort((a, b) => {
+    const severityOrder = { CRITICAL: 0, HIGH: 1, MEDIUM: 2, LOW: 3, UNKNOWN: 4 };
+    return severityOrder[a.severity] - severityOrder[b.severity];
+  });
+  const getSeverityClass = (severity) => {
+    switch (severity) {
+      case "CRITICAL":
+        return classes.critical;
+      case "HIGH":
+        return classes.high;
+      case "MEDIUM":
+        return classes.medium;
+      case "LOW":
+        return classes.low;
+      default:
+        return classes.unknown;
+    }
+  };
+  if (findings.length === 0) {
+    return /* @__PURE__ */ React.createElement(InfoCard, { title }, /* @__PURE__ */ React.createElement(Box, { display: "flex", alignItems: "center", style: { gap: 8 } }, /* @__PURE__ */ React.createElement(Chip, { label: "\u2713 No security issues found", style: { backgroundColor: "#4caf50", color: "white" } })));
+  }
+  return /* @__PURE__ */ React.createElement(InfoCard, { title }, /* @__PURE__ */ React.createElement(Box, null, sortedFindings.map((finding, index) => /* @__PURE__ */ React.createElement(Accordion, { key: index, className: `${classes.finding} ${getSeverityClass(finding.severity)}` }, /* @__PURE__ */ React.createElement(AccordionSummary, { expandIcon: /* @__PURE__ */ React.createElement(ExpandMoreIcon, null) }, /* @__PURE__ */ React.createElement(Box, { display: "flex", alignItems: "center", style: { gap: 8 }, width: "100%" }, /* @__PURE__ */ React.createElement(SeverityIcon, { severity: finding.severity }), /* @__PURE__ */ React.createElement(Chip, { label: finding.severity, size: "small" }), /* @__PURE__ */ React.createElement(Typography, { variant: "subtitle2", style: { flex: 1 } }, finding.title), /* @__PURE__ */ React.createElement(Typography, { variant: "caption", color: "textSecondary" }, finding.file, finding.lines && `:${finding.lines}`))), /* @__PURE__ */ React.createElement(AccordionDetails, null, /* @__PURE__ */ React.createElement(Box, null, /* @__PURE__ */ React.createElement(Typography, { variant: "body2", paragraph: true }, finding.description), finding.avdId && /* @__PURE__ */ React.createElement(Box, { mt: 1 }, /* @__PURE__ */ React.createElement(Link, { to: finding.avdId, target: "_blank" }, "View documentation \u2192"))))))));
+};
+const DEFAULT_TRIVY_CONFIG = {
+  bucketName: "sanity-trivy-logs",
+  severityFilter: ["CRITICAL", "HIGH", "MEDIUM"],
+  cacheTime: 30,
+  staleTime: 5
+};
+function getTrivyConfig(config) {
+  const trivyConfig = config.getOptionalConfig("trivy");
+  return {
+    bucketName: (trivyConfig == null ? void 0 : trivyConfig.getOptionalString("bucketName")) || DEFAULT_TRIVY_CONFIG.bucketName,
+    severityFilter: (trivyConfig == null ? void 0 : trivyConfig.getOptionalStringArray("severityFilter")) || DEFAULT_TRIVY_CONFIG.severityFilter,
+    cacheTime: (trivyConfig == null ? void 0 : trivyConfig.getOptionalNumber("cacheTime")) || DEFAULT_TRIVY_CONFIG.cacheTime,
+    staleTime: (trivyConfig == null ? void 0 : trivyConfig.getOptionalNumber("staleTime")) || DEFAULT_TRIVY_CONFIG.staleTime
+  };
+}
+const useTrivyScans = (options) => {
+  const trivyApi = useApi(trivyApiRef);
+  const configApi = useApi(configApiRef);
+  const config = getTrivyConfig(configApi);
+  return useQuery({
+    queryKey: ["trivy", "scans"],
+    queryFn: () => trivyApi.getScans(),
+    staleTime: config.staleTime * 60 * 1e3,
+    gcTime: config.cacheTime * 60 * 1e3,
+    ...options
+  });
+};
+const useTrivyScan = (repo, branch, scanId, options) => {
+  const trivyApi = useApi(trivyApiRef);
+  const configApi = useApi(configApiRef);
+  const config = getTrivyConfig(configApi);
+  return useQuery({
+    queryKey: ["trivy", "scan", repo, branch, scanId],
+    queryFn: () => trivyApi.getScan(repo, branch, scanId),
+    staleTime: config.staleTime * 60 * 1e3,
+    gcTime: config.cacheTime * 60 * 1e3,
+    enabled: !!(repo && branch && scanId),
+    ...options
+  });
+};
+const useTrivyLatestScan = (repo, options) => {
+  const trivyApi = useApi(trivyApiRef);
+  const configApi = useApi(configApiRef);
+  const config = getTrivyConfig(configApi);
+  return useQuery({
+    queryKey: ["trivy", "latest", repo],
+    queryFn: () => trivyApi.getLatestScan(repo),
+    staleTime: config.staleTime * 60 * 1e3,
+    gcTime: config.cacheTime * 60 * 1e3,
+    enabled: !!repo,
+    ...options
+  });
+};
+const EntityTrivyCard = () => {
+  var _a, _b, _c;
+  const { entity } = useEntity();
+  const configApi = useApi(configApiRef);
+  const config = getTrivyConfig(configApi);
+  const repoAnnotation = ((_a = entity.metadata.annotations) == null ? void 0 : _a["github.com/project-slug"]) || ((_b = entity.metadata.annotations) == null ? void 0 : _b["backstage.io/source-location"]);
+  const repoName = (_c = repoAnnotation == null ? void 0 : repoAnnotation.split("/").pop()) == null ? void 0 : _c.replace(/^url:.*\//, "");
+  const { data, isLoading, error } = useTrivyLatestScan(repoName);
+  if (!repoName) {
+    return /* @__PURE__ */ React.createElement(Alert, { severity: "info" }, "No repository configured for this entity. Add a", " ", /* @__PURE__ */ React.createElement("code", null, "github.com/project-slug"), " annotation to enable security scanning.");
+  }
+  if (isLoading) {
+    return /* @__PURE__ */ React.createElement(Progress, null);
+  }
+  if (error) {
+    return /* @__PURE__ */ React.createElement(Alert, { severity: "warning" }, "No security scans found for repository: ", repoName);
+  }
+  if (!data) {
+    return /* @__PURE__ */ React.createElement(Alert, { severity: "info" }, "No security scans available for ", repoName);
+  }
+  const filteredFindings = data.findings.filter(
+    (finding) => config.severityFilter.includes(finding.severity)
+  );
+  return /* @__PURE__ */ React.createElement(Box, null, /* @__PURE__ */ React.createElement(TrivyFindingsCard, { findings: filteredFindings, title: "Latest Security Scan" }), /* @__PURE__ */ React.createElement(Box, { mt: 2, display: "flex", justifyContent: "space-between", alignItems: "center" }, /* @__PURE__ */ React.createElement(Typography, { variant: "caption", color: "textSecondary" }, "Scanned: ", new Date(data.timestamp).toLocaleString(), " | Showing: ", config.severityFilter.join(", ")), /* @__PURE__ */ React.createElement(Box, { display: "flex", style: { gap: 8 } }, data.metadata.githubPr && /* @__PURE__ */ React.createElement(Link, { to: data.metadata.githubPr, target: "_blank" }, "View PR"), data.metadata.circleciUrl && /* @__PURE__ */ React.createElement(Link, { to: data.metadata.circleciUrl, target: "_blank" }, "View Build"))));
+};
+const StandaloneTrivyCard = ({ repository, title }) => {
+  const configApi = useApi(configApiRef);
+  const config = getTrivyConfig(configApi);
+  const repoName = repository.split("/").pop() || repository;
+  const { data, isLoading, error } = useTrivyLatestScan(repoName);
+  if (isLoading) {
+    return /* @__PURE__ */ React.createElement(Progress, null);
+  }
+  if (error) {
+    return /* @__PURE__ */ React.createElement(Alert, { severity: "warning" }, "No security scans found for repository: ", repoName);
+  }
+  if (!data) {
+    return /* @__PURE__ */ React.createElement(Alert, { severity: "info" }, "No security scans available for ", repoName);
+  }
+  const filteredFindings = data.findings.filter(
+    (finding) => config.severityFilter.includes(finding.severity)
+  );
+  return /* @__PURE__ */ React.createElement(Box, null, /* @__PURE__ */ React.createElement(
+    TrivyFindingsCard,
+    {
+      findings: filteredFindings,
+      title: title || `Security Scan - ${repoName}`
+    }
+  ), /* @__PURE__ */ React.createElement(Box, { mt: 2, display: "flex", justifyContent: "space-between", alignItems: "center" }, /* @__PURE__ */ React.createElement(Typography, { variant: "caption", color: "textSecondary" }, "Scanned: ", new Date(data.timestamp).toLocaleString()), /* @__PURE__ */ React.createElement(Box, { display: "flex", style: { gap: 8 } }, data.metadata.githubPr && /* @__PURE__ */ React.createElement(Link, { to: data.metadata.githubPr, target: "_blank" }, "View PR"), data.metadata.circleciUrl && /* @__PURE__ */ React.createElement(Link, { to: data.metadata.circleciUrl, target: "_blank" }, "View Build"))));
+};
+const queryClient = new QueryClient({
+  defaultOptions: {
+    queries: {
+      gcTime: 1e3 * 60 * 30,
+      // 30 minutes
+      staleTime: 1e3 * 60 * 5,
+      // 5 minutes
+      retry: 1,
+      refetchOnWindowFocus: false
+    }
+  }
+});
+const persister = createSyncStoragePersister({
+  storage: window.localStorage,
+  key: "trivy-query-cache"
+});
+const TrivyQueryProvider = ({ children }) => {
+  return /* @__PURE__ */ React.createElement(PersistQueryClientProvider, { client: queryClient, persistOptions: { persister } }, children);
+};
+const SimpleTrivyQueryProvider = ({ children }) => {
+  return /* @__PURE__ */ React.createElement(QueryClientProvider, { client: queryClient }, children);
+};
+export { DEFAULT_TRIVY_CONFIG, EntityTrivyCard, SimpleTrivyQueryProvider, StandaloneTrivyCard, TrivyFindingsCard, TrivyPage, TrivyQueryProvider, getTrivyConfig, trivyApiRef, trivyPlugin, useTrivyLatestScan, useTrivyScan, useTrivyScans };
+//# sourceMappingURL=index.esm.js.map

package/dist/index.esm.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.esm.js","sources":["../src/routes.ts","../src/api/TrivyApi.ts","../src/plugin.ts","../src/components/TrivyFindingsCard/TrivyFindingsCard.tsx","../src/api/config.ts","../src/api/hooks.ts","../src/components/EntityTrivyCard/EntityTrivyCard.tsx","../src/components/StandaloneTrivyCard/StandaloneTrivyCard.tsx","../src/api/QueryProvider.tsx"],"sourcesContent":["import { createRouteRef } from '@backstage/core-plugin-api';\n\nexport const rootRouteRef = createRouteRef({\n id: 'trivy',\n});\n","import { createApiRef, DiscoveryApi, FetchApi } from '@backstage/core-plugin-api';\n\nexport interface TrivyMetadata {\n circleciUrl?: string;\n githubPr?: string;\n gitCommit?: string;\n committer?: string;\n}\n\nexport interface TrivyFinding {\n file: string;\n severity: 'CRITICAL' | 'HIGH' | 'MEDIUM' | 'LOW' | 'UNKNOWN';\n title: string;\n description: string;\n lines: string;\n avdId?: string;\n}\n\nexport interface TrivyScanResult {\n repo: string;\n branch: string;\n scanId: string;\n metadata: TrivyMetadata;\n findings: TrivyFinding[];\n timestamp: string;\n}\n\nexport interface TrivyApi {\n getScans(): Promise<TrivyScanResult[]>;\n getScan(repo: string, branch: string, scanId: string): Promise<TrivyScanResult>;\n getLatestScan(repo: string): Promise<TrivyScanResult>;\n}\n\nexport const trivyApiRef = createApiRef<TrivyApi>({\n id: 'plugin.trivy.service',\n});\n\nexport class TrivyClient implements TrivyApi {\n private readonly discoveryApi: DiscoveryApi;\n private readonly fetchApi: FetchApi;\n\n constructor(options: { discoveryApi: DiscoveryApi; fetchApi: FetchApi }) {\n this.discoveryApi = options.discoveryApi;\n this.fetchApi = options.fetchApi;\n }\n\n private async fetch<T>(path: string): Promise<T> {\n const baseUrl = await this.discoveryApi.getBaseUrl('trivy');\n const response = await this.fetchApi.fetch(`${baseUrl}${path}`);\n\n if (!response.ok) {\n throw new Error(`Failed to fetch ${path}: ${response.statusText}`);\n }\n\n return response.json();\n }\n\n async getScans(): Promise<TrivyScanResult[]> {\n return this.fetch<TrivyScanResult[]>('/scans');\n }\n\n async getScan(repo: string, branch: string, scanId: string): Promise<TrivyScanResult> {\n return this.fetch<TrivyScanResult>(`/scans/${repo}/${branch}/${scanId}`);\n }\n\n async getLatestScan(repo: string): Promise<TrivyScanResult> {\n return this.fetch<TrivyScanResult>(`/scans/${repo}/latest`);\n }\n}\n","import {\n createPlugin,\n createRoutableExtension,\n createApiFactory,\n discoveryApiRef,\n fetchApiRef,\n} from '@backstage/core-plugin-api';\nimport { rootRouteRef } from './routes';\nimport { trivyApiRef, TrivyClient } from './api/TrivyApi';\n\nexport const trivyPlugin = createPlugin({\n id: 'trivy',\n routes: {\n root: rootRouteRef,\n },\n apis: [\n createApiFactory({\n api: trivyApiRef,\n deps: {\n discoveryApi: discoveryApiRef,\n fetchApi: fetchApiRef,\n },\n factory: ({ discoveryApi, fetchApi }) =>\n new TrivyClient({ discoveryApi, fetchApi }),\n }),\n ],\n});\n\nexport const TrivyPage = trivyPlugin.provide(\n createRoutableExtension({\n name: 'TrivyPage',\n component: () =>\n import('./components/TrivyPage').then(m => m.TrivyPage),\n mountPoint: rootRouteRef,\n }),\n);\n","import React from 'react';\nimport { InfoCard, Link } from '@backstage/core-components';\nimport { TrivyFinding } from '../../api/TrivyApi';\nimport {\n Box,\n Chip,\n Typography,\n Accordion,\n AccordionSummary,\n AccordionDetails,\n makeStyles,\n} from '@material-ui/core';\nimport ExpandMoreIcon from '@material-ui/icons/ExpandMore';\nimport WarningIcon from '@material-ui/icons/Warning';\nimport ErrorIcon from '@material-ui/icons/Error';\nimport InfoIcon from '@material-ui/icons/Info';\n\nconst useStyles = makeStyles(theme => ({\n finding: {\n marginBottom: theme.spacing(1),\n },\n critical: {\n borderLeft: `4px solid ${theme.palette.error.main}`,\n },\n high: {\n borderLeft: `4px solid ${theme.palette.error.light}`,\n },\n medium: {\n borderLeft: `4px solid ${theme.palette.warning.main}`,\n },\n low: {\n borderLeft: `4px solid ${theme.palette.info.main}`,\n },\n unknown: {\n borderLeft: `4px solid ${theme.palette.grey[400]}`,\n },\n}));\n\nconst SeverityIcon = ({ severity }: { severity: string }) => {\n switch (severity) {\n case 'CRITICAL':\n return <ErrorIcon style={{ color: '#d32f2f' }} />;\n case 'HIGH':\n return <ErrorIcon style={{ color: '#f44336' }} />;\n case 'MEDIUM':\n return <WarningIcon style={{ color: '#ff9800' }} />;\n case 'LOW':\n return <InfoIcon style={{ color: '#2196f3' }} />;\n default:\n return <InfoIcon style={{ color: '#9e9e9e' }} />;\n }\n};\n\ninterface TrivyFindingsCardProps {\n findings: TrivyFinding[];\n title?: string;\n}\n\nexport const TrivyFindingsCard = ({ findings, title = 'Security Findings' }: TrivyFindingsCardProps) => {\n const classes = useStyles();\n\n const sortedFindings = [...findings].sort((a, b) => {\n const severityOrder = { CRITICAL: 0, HIGH: 1, MEDIUM: 2, LOW: 3, UNKNOWN: 4 };\n return severityOrder[a.severity] - severityOrder[b.severity];\n });\n\n const getSeverityClass = (severity: string) => {\n switch (severity) {\n case 'CRITICAL':\n return classes.critical;\n case 'HIGH':\n return classes.high;\n case 'MEDIUM':\n return classes.medium;\n case 'LOW':\n return classes.low;\n default:\n return classes.unknown;\n }\n };\n\n if (findings.length === 0) {\n return (\n <InfoCard title={title}>\n <Box display=\"flex\" alignItems=\"center\" style={{ gap: 8 }}>\n <Chip label=\"✓ No security issues found\" style={{ backgroundColor: '#4caf50', color: 'white' }} />\n </Box>\n </InfoCard>\n );\n }\n\n return (\n <InfoCard title={title}>\n <Box>\n {sortedFindings.map((finding, index) => (\n <Accordion key={index} className={`${classes.finding} ${getSeverityClass(finding.severity)}`}>\n <AccordionSummary expandIcon={<ExpandMoreIcon />}>\n <Box display=\"flex\" alignItems=\"center\" style={{ gap: 8 }} width=\"100%\">\n <SeverityIcon severity={finding.severity} />\n <Chip label={finding.severity} size=\"small\" />\n <Typography variant=\"subtitle2\" style={{ flex: 1 }}>\n {finding.title}\n </Typography>\n <Typography variant=\"caption\" color=\"textSecondary\">\n {finding.file}\n {finding.lines && `:${finding.lines}`}\n </Typography>\n </Box>\n </AccordionSummary>\n <AccordionDetails>\n <Box>\n <Typography variant=\"body2\" paragraph>\n {finding.description}\n </Typography>\n {finding.avdId && (\n <Box mt={1}>\n <Link to={finding.avdId} target=\"_blank\">\n View documentation →\n </Link>\n </Box>\n )}\n </Box>\n </AccordionDetails>\n </Accordion>\n ))}\n </Box>\n </InfoCard>\n );\n};\n","import { Config } from '@backstage/config';\n\nexport interface TrivyConfig {\n bucketName: string;\n severityFilter: string[];\n cacheTime: number;\n staleTime: number;\n}\n\nexport const DEFAULT_TRIVY_CONFIG: TrivyConfig = {\n bucketName: 'sanity-trivy-logs',\n severityFilter: ['CRITICAL', 'HIGH', 'MEDIUM'],\n cacheTime: 30,\n staleTime: 5,\n};\n\nexport function getTrivyConfig(config: Config): TrivyConfig {\n const trivyConfig = config.getOptionalConfig('trivy');\n\n return {\n bucketName: trivyConfig?.getOptionalString('bucketName') || DEFAULT_TRIVY_CONFIG.bucketName,\n severityFilter: trivyConfig?.getOptionalStringArray('severityFilter') || DEFAULT_TRIVY_CONFIG.severityFilter,\n cacheTime: trivyConfig?.getOptionalNumber('cacheTime') || DEFAULT_TRIVY_CONFIG.cacheTime,\n staleTime: trivyConfig?.getOptionalNumber('staleTime') || DEFAULT_TRIVY_CONFIG.staleTime,\n };\n}\n","import { useApi, configApiRef } from '@backstage/core-plugin-api';\nimport { useQuery, UseQueryOptions } from '@tanstack/react-query';\nimport { trivyApiRef, TrivyScanResult } from './TrivyApi';\nimport { getTrivyConfig } from './config';\n\nexport const useTrivyScans = (options?: Omit<UseQueryOptions<TrivyScanResult[]>, 'queryKey' | 'queryFn'>) => {\n const trivyApi = useApi(trivyApiRef);\n const configApi = useApi(configApiRef);\n const config = getTrivyConfig(configApi);\n\n return useQuery({\n queryKey: ['trivy', 'scans'],\n queryFn: () => trivyApi.getScans(),\n staleTime: config.staleTime * 60 * 1000,\n gcTime: config.cacheTime * 60 * 1000,\n ...options,\n });\n};\n\nexport const useTrivyScan = (\n repo: string,\n branch: string,\n scanId: string,\n options?: Omit<UseQueryOptions<TrivyScanResult>, 'queryKey' | 'queryFn'>,\n) => {\n const trivyApi = useApi(trivyApiRef);\n const configApi = useApi(configApiRef);\n const config = getTrivyConfig(configApi);\n\n return useQuery({\n queryKey: ['trivy', 'scan', repo, branch, scanId],\n queryFn: () => trivyApi.getScan(repo, branch, scanId),\n staleTime: config.staleTime * 60 * 1000,\n gcTime: config.cacheTime * 60 * 1000,\n enabled: !!(repo && branch && scanId),\n ...options,\n });\n};\n\nexport const useTrivyLatestScan = (\n repo: string | undefined,\n options?: Omit<UseQueryOptions<TrivyScanResult>, 'queryKey' | 'queryFn'>,\n) => {\n const trivyApi = useApi(trivyApiRef);\n const configApi = useApi(configApiRef);\n const config = getTrivyConfig(configApi);\n\n return useQuery({\n queryKey: ['trivy', 'latest', repo],\n queryFn: () => trivyApi.getLatestScan(repo!),\n staleTime: config.staleTime * 60 * 1000,\n gcTime: config.cacheTime * 60 * 1000,\n enabled: !!repo,\n ...options,\n });\n};\n","import React from 'react';\nimport { Progress, Link } from '@backstage/core-components';\nimport { useApi, configApiRef } from '@backstage/core-plugin-api';\nimport { useEntity } from '@backstage/plugin-catalog-react';\nimport { useTrivyLatestScan } from '../../api/hooks';\nimport { getTrivyConfig } from '../../api/config';\nimport Alert from '@material-ui/lab/Alert';\nimport { TrivyFindingsCard } from '../TrivyFindingsCard';\nimport { Box, Typography } from '@material-ui/core';\n\nexport const EntityTrivyCard = () => {\n const { entity } = useEntity();\n const configApi = useApi(configApiRef);\n const config = getTrivyConfig(configApi);\n\n // Extract repo name from entity annotations\n const repoAnnotation =\n entity.metadata.annotations?.['github.com/project-slug'] ||\n entity.metadata.annotations?.['backstage.io/source-location'];\n\n const repoName = repoAnnotation?.split('/').pop()?.replace(/^url:.*\\//, '');\n\n const { data, isLoading, error } = useTrivyLatestScan(repoName);\n\n if (!repoName) {\n return (\n <Alert severity=\"info\">\n No repository configured for this entity. Add a{' '}\n <code>github.com/project-slug</code> annotation to enable security scanning.\n </Alert>\n );\n }\n\n if (isLoading) {\n return <Progress />;\n }\n\n if (error) {\n return (\n <Alert severity=\"warning\">\n No security scans found for repository: {repoName}\n </Alert>\n );\n }\n\n if (!data) {\n return (\n <Alert severity=\"info\">\n No security scans available for {repoName}\n </Alert>\n );\n }\n\n // Filter findings by configured severity levels\n const filteredFindings = data.findings.filter(finding =>\n config.severityFilter.includes(finding.severity),\n );\n\n return (\n <Box>\n <TrivyFindingsCard findings={filteredFindings} title=\"Latest Security Scan\" />\n <Box mt={2} display=\"flex\" justifyContent=\"space-between\" alignItems=\"center\">\n <Typography variant=\"caption\" color=\"textSecondary\">\n Scanned: {new Date(data.timestamp).toLocaleString()} | Showing: {config.severityFilter.join(', ')}\n </Typography>\n <Box display=\"flex\" style={{ gap: 8 }}>\n {data.metadata.githubPr && (\n <Link to={data.metadata.githubPr} target=\"_blank\">\n View PR\n </Link>\n )}\n {data.metadata.circleciUrl && (\n <Link to={data.metadata.circleciUrl} target=\"_blank\">\n View Build\n </Link>\n )}\n </Box>\n </Box>\n </Box>\n );\n};\n","import React from 'react';\nimport { Progress, Link } from '@backstage/core-components';\nimport { useApi, configApiRef } from '@backstage/core-plugin-api';\nimport { TrivyFindingsCard } from '../TrivyFindingsCard';\nimport { useTrivyLatestScan } from '../../api/hooks';\nimport { getTrivyConfig } from '../../api/config';\nimport { Box, Typography } from '@material-ui/core';\nimport Alert from '@material-ui/lab/Alert';\n\ninterface StandaloneTrivyCardProps {\n /** Repository identifier (e.g., \"alert-relay\" or \"sanity-io/alert-relay\") */\n repository: string;\n /** Optional title override */\n title?: string;\n}\n\nexport const StandaloneTrivyCard = ({ repository, title }: StandaloneTrivyCardProps) => {\n const configApi = useApi(configApiRef);\n const config = getTrivyConfig(configApi);\n\n // Extract just the repo name if full slug provided\n const repoName = repository.split('/').pop() || repository;\n\n const { data, isLoading, error } = useTrivyLatestScan(repoName);\n\n if (isLoading) {\n return <Progress />;\n }\n\n if (error) {\n return (\n <Alert severity=\"warning\">\n No security scans found for repository: {repoName}\n </Alert>\n );\n }\n\n if (!data) {\n return (\n <Alert severity=\"info\">\n No security scans available for {repoName}\n </Alert>\n );\n }\n\n // Filter findings by configured severity levels\n const filteredFindings = data.findings.filter(finding =>\n config.severityFilter.includes(finding.severity),\n );\n\n return (\n <Box>\n <TrivyFindingsCard\n findings={filteredFindings}\n title={title || `Security Scan - ${repoName}`}\n />\n <Box mt={2} display=\"flex\" justifyContent=\"space-between\" alignItems=\"center\">\n <Typography variant=\"caption\" color=\"textSecondary\">\n Scanned: {new Date(data.timestamp).toLocaleString()}\n </Typography>\n <Box display=\"flex\" style={{ gap: 8 }}>\n {data.metadata.githubPr && (\n <Link to={data.metadata.githubPr} target=\"_blank\">\n View PR\n </Link>\n )}\n {data.metadata.circleciUrl && (\n <Link to={data.metadata.circleciUrl} target=\"_blank\">\n View Build\n </Link>\n )}\n </Box>\n </Box>\n </Box>\n );\n};\n","import React from 'react';\nimport { QueryClient, QueryClientProvider } from '@tanstack/react-query';\nimport { createSyncStoragePersister } from '@tanstack/query-sync-storage-persister';\nimport { PersistQueryClientProvider } from '@tanstack/react-query-persist-client';\n\nconst queryClient = new QueryClient({\n defaultOptions: {\n queries: {\n gcTime: 1000 * 60 * 30, // 30 minutes\n staleTime: 1000 * 60 * 5, // 5 minutes\n retry: 1,\n refetchOnWindowFocus: false,\n },\n },\n});\n\nconst persister = createSyncStoragePersister({\n storage: window.localStorage,\n key: 'trivy-query-cache',\n});\n\nexport const TrivyQueryProvider = ({ children }: { children: React.ReactNode }) => {\n return (\n <PersistQueryClientProvider client={queryClient} persistOptions={{ persister }}>\n {children}\n </PersistQueryClientProvider>\n );\n};\n\n// For simpler usage without persistence\nexport const SimpleTrivyQueryProvider = ({ children }: { children: React.ReactNode }) => {\n return <QueryClientProvider client={queryClient}>{children}</QueryClientProvider>;\n};\n"],"names":[],"mappings":";;;;;;;;;;;;;;AAEO,MAAM,eAAe,cAAe,CAAA;AAAA,EACzC,EAAI,EAAA,OAAA;AACN,CAAC,CAAA;;;;;;;;AC6BM,MAAM,cAAc,YAAuB,CAAA;AAAA,EAChD,EAAI,EAAA,sBAAA;AACN,CAAC,EAAA;AAEM,MAAM,WAAgC,CAAA;AAAA,EAI3C,YAAY,OAA6D,EAAA;AAHzE,IAAiB,aAAA,CAAA,IAAA,EAAA,cAAA,CAAA,CAAA;AACjB,IAAiB,aAAA,CAAA,IAAA,EAAA,UAAA,CAAA,CAAA;AAGf,IAAA,IAAA,CAAK,eAAe,OAAQ,CAAA,YAAA,CAAA;AAC5B,IAAA,IAAA,CAAK,WAAW,OAAQ,CAAA,QAAA,CAAA;AAAA,GAC1B;AAAA,EAEA,MAAc,MAAS,IAA0B,EAAA;AAC/C,IAAA,MAAM,OAAU,GAAA,MAAM,IAAK,CAAA,YAAA,CAAa,WAAW,OAAO,CAAA,CAAA;AAC1D,IAAM,MAAA,QAAA,GAAW,MAAM,IAAK,CAAA,QAAA,CAAS,MAAM,CAAG,EAAA,OAAO,CAAG,EAAA,IAAI,CAAE,CAAA,CAAA,CAAA;AAE9D,IAAI,IAAA,CAAC,SAAS,EAAI,EAAA;AAChB,MAAA,MAAM,IAAI,KAAM,CAAA,CAAA,gBAAA,EAAmB,IAAI,CAAK,EAAA,EAAA,QAAA,CAAS,UAAU,CAAE,CAAA,CAAA,CAAA;AAAA,KACnE;AAEA,IAAA,OAAO,SAAS,IAAK,EAAA,CAAA;AAAA,GACvB;AAAA,EAEA,MAAM,QAAuC,GAAA;AAC3C,IAAO,OAAA,IAAA,CAAK,MAAyB,QAAQ,CAAA,CAAA;AAAA,GAC/C;AAAA,EAEA,MAAM,OAAA,CAAQ,IAAc,EAAA,MAAA,EAAgB,MAA0C,EAAA;AACpF,IAAO,OAAA,IAAA,CAAK,MAAuB,CAAU,OAAA,EAAA,IAAI,IAAI,MAAM,CAAA,CAAA,EAAI,MAAM,CAAE,CAAA,CAAA,CAAA;AAAA,GACzE;AAAA,EAEA,MAAM,cAAc,IAAwC,EAAA;AAC1D,IAAA,OAAO,IAAK,CAAA,KAAA,CAAuB,CAAU,OAAA,EAAA,IAAI,CAAS,OAAA,CAAA,CAAA,CAAA;AAAA,GAC5D;AACF;;AC1DO,MAAM,cAAc,YAAa,CAAA;AAAA,EACtC,EAAI,EAAA,OAAA;AAAA,EACJ,MAAQ,EAAA;AAAA,IACN,IAAM,EAAA,YAAA;AAAA,GACR;AAAA,EACA,IAAM,EAAA;AAAA,IACJ,gBAAiB,CAAA;AAAA,MACf,GAAK,EAAA,WAAA;AAAA,MACL,IAAM,EAAA;AAAA,QACJ,YAAc,EAAA,eAAA;AAAA,QACd,QAAU,EAAA,WAAA;AAAA,OACZ;AAAA,MACA,OAAA,EAAS,CAAC,EAAE,YAAc,EAAA,QAAA,EACxB,KAAA,IAAI,WAAY,CAAA,EAAE,YAAc,EAAA,QAAA,EAAU,CAAA;AAAA,KAC7C,CAAA;AAAA,GACH;AACF,CAAC,EAAA;AAEM,MAAM,YAAY,WAAY,CAAA,OAAA;AAAA,EACnC,uBAAwB,CAAA;AAAA,IACtB,IAAM,EAAA,WAAA;AAAA,IACN,SAAA,EAAW,MACT,OAAO,6BAAwB,EAAE,IAAK,CAAA,CAAA,CAAA,KAAK,EAAE,SAAS,CAAA;AAAA,IACxD,UAAY,EAAA,YAAA;AAAA,GACb,CAAA;AACH;;AClBA,MAAM,SAAA,GAAY,WAAW,CAAU,KAAA,MAAA;AAAA,EACrC,OAAS,EAAA;AAAA,IACP,YAAA,EAAc,KAAM,CAAA,OAAA,CAAQ,CAAC,CAAA;AAAA,GAC/B;AAAA,EACA,QAAU,EAAA;AAAA,IACR,UAAY,EAAA,CAAA,UAAA,EAAa,KAAM,CAAA,OAAA,CAAQ,MAAM,IAAI,CAAA,CAAA;AAAA,GACnD;AAAA,EACA,IAAM,EAAA;AAAA,IACJ,UAAY,EAAA,CAAA,UAAA,EAAa,KAAM,CAAA,OAAA,CAAQ,MAAM,KAAK,CAAA,CAAA;AAAA,GACpD;AAAA,EACA,MAAQ,EAAA;AAAA,IACN,UAAY,EAAA,CAAA,UAAA,EAAa,KAAM,CAAA,OAAA,CAAQ,QAAQ,IAAI,CAAA,CAAA;AAAA,GACrD;AAAA,EACA,GAAK,EAAA;AAAA,IACH,UAAY,EAAA,CAAA,UAAA,EAAa,KAAM,CAAA,OAAA,CAAQ,KAAK,IAAI,CAAA,CAAA;AAAA,GAClD;AAAA,EACA,OAAS,EAAA;AAAA,IACP,YAAY,CAAa,UAAA,EAAA,KAAA,CAAM,OAAQ,CAAA,IAAA,CAAK,GAAG,CAAC,CAAA,CAAA;AAAA,GAClD;AACF,CAAE,CAAA,CAAA,CAAA;AAEF,MAAM,YAAe,GAAA,CAAC,EAAE,QAAA,EAAqC,KAAA;AAC3D,EAAA,QAAQ,QAAU;AAAA,IAChB,KAAK,UAAA;AACH,MAAA,2CAAQ,SAAU,EAAA,EAAA,KAAA,EAAO,EAAE,KAAA,EAAO,WAAa,EAAA,CAAA,CAAA;AAAA,IACjD,KAAK,MAAA;AACH,MAAA,2CAAQ,SAAU,EAAA,EAAA,KAAA,EAAO,EAAE,KAAA,EAAO,WAAa,EAAA,CAAA,CAAA;AAAA,IACjD,KAAK,QAAA;AACH,MAAA,2CAAQ,WAAY,EAAA,EAAA,KAAA,EAAO,EAAE,KAAA,EAAO,WAAa,EAAA,CAAA,CAAA;AAAA,IACnD,KAAK,KAAA;AACH,MAAA,2CAAQ,QAAS,EAAA,EAAA,KAAA,EAAO,EAAE,KAAA,EAAO,WAAa,EAAA,CAAA,CAAA;AAAA,IAChD;AACE,MAAA,2CAAQ,QAAS,EAAA,EAAA,KAAA,EAAO,EAAE,KAAA,EAAO,WAAa,EAAA,CAAA,CAAA;AAAA,GAClD;AACF,CAAA,CAAA;AAOO,MAAM,oBAAoB,CAAC,EAAE,QAAU,EAAA,KAAA,GAAQ,qBAAkD,KAAA;AACtG,EAAA,MAAM,UAAU,SAAU,EAAA,CAAA;AAE1B,EAAM,MAAA,cAAA,GAAiB,CAAC,GAAG,QAAQ,EAAE,IAAK,CAAA,CAAC,GAAG,CAAM,KAAA;AAClD,IAAM,MAAA,aAAA,GAAgB,EAAE,QAAA,EAAU,CAAG,EAAA,IAAA,EAAM,CAAG,EAAA,MAAA,EAAQ,CAAG,EAAA,GAAA,EAAK,CAAG,EAAA,OAAA,EAAS,CAAE,EAAA,CAAA;AAC5E,IAAA,OAAO,cAAc,CAAE,CAAA,QAAQ,CAAI,GAAA,aAAA,CAAc,EAAE,QAAQ,CAAA,CAAA;AAAA,GAC5D,CAAA,CAAA;AAED,EAAM,MAAA,gBAAA,GAAmB,CAAC,QAAqB,KAAA;AAC7C,IAAA,QAAQ,QAAU;AAAA,MAChB,KAAK,UAAA;AACH,QAAA,OAAO,OAAQ,CAAA,QAAA,CAAA;AAAA,MACjB,KAAK,MAAA;AACH,QAAA,OAAO,OAAQ,CAAA,IAAA,CAAA;AAAA,MACjB,KAAK,QAAA;AACH,QAAA,OAAO,OAAQ,CAAA,MAAA,CAAA;AAAA,MACjB,KAAK,KAAA;AACH,QAAA,OAAO,OAAQ,CAAA,GAAA,CAAA;AAAA,MACjB;AACE,QAAA,OAAO,OAAQ,CAAA,OAAA,CAAA;AAAA,KACnB;AAAA,GACF,CAAA;AAEA,EAAI,IAAA,QAAA,CAAS,WAAW,CAAG,EAAA;AACzB,IACE,uBAAA,KAAA,CAAA,aAAA,CAAC,QAAS,EAAA,EAAA,KAAA,EAAA,kBACP,KAAA,CAAA,aAAA,CAAA,GAAA,EAAA,EAAI,OAAQ,EAAA,MAAA,EAAO,UAAW,EAAA,QAAA,EAAS,KAAO,EAAA,EAAE,GAAK,EAAA,CAAA,sBACnD,KAAA,CAAA,aAAA,CAAA,IAAA,EAAA,EAAK,KAAM,EAAA,iCAAA,EAA6B,KAAO,EAAA,EAAE,eAAiB,EAAA,SAAA,EAAW,KAAO,EAAA,OAAA,EAAW,EAAA,CAClG,CACF,CAAA,CAAA;AAAA,GAEJ;AAEA,EACE,uBAAA,KAAA,CAAA,aAAA,CAAC,QAAS,EAAA,EAAA,KAAA,EAAA,kBACP,KAAA,CAAA,aAAA,CAAA,GAAA,EAAA,IAAA,EACE,cAAe,CAAA,GAAA,CAAI,CAAC,OAAA,EAAS,KAC5B,qBAAA,KAAA,CAAA,aAAA,CAAC,SAAU,EAAA,EAAA,GAAA,EAAK,OAAO,SAAW,EAAA,CAAA,EAAG,OAAQ,CAAA,OAAO,CAAI,CAAA,EAAA,gBAAA,CAAiB,OAAQ,CAAA,QAAQ,CAAC,CAAA,CAAA,EAAA,kBACvF,KAAA,CAAA,aAAA,CAAA,gBAAA,EAAA,EAAiB,UAAY,kBAAA,KAAA,CAAA,aAAA,CAAC,oBAAe,CAC5C,EAAA,kBAAA,KAAA,CAAA,aAAA,CAAC,GAAI,EAAA,EAAA,OAAA,EAAQ,MAAO,EAAA,UAAA,EAAW,QAAS,EAAA,KAAA,EAAO,EAAE,GAAA,EAAK,CAAE,EAAA,EAAG,KAAM,EAAA,MAAA,EAAA,kBAC9D,KAAA,CAAA,aAAA,CAAA,YAAA,EAAA,EAAa,QAAU,EAAA,OAAA,CAAQ,QAAU,EAAA,CAAA,kBACzC,KAAA,CAAA,aAAA,CAAA,IAAA,EAAA,EAAK,KAAO,EAAA,OAAA,CAAQ,QAAU,EAAA,IAAA,EAAK,OAAQ,EAAA,CAAA,kBAC3C,KAAA,CAAA,aAAA,CAAA,UAAA,EAAA,EAAW,SAAQ,WAAY,EAAA,KAAA,EAAO,EAAE,IAAA,EAAM,CAAE,EAAA,EAAA,EAC9C,OAAQ,CAAA,KACX,CACA,kBAAA,KAAA,CAAA,aAAA,CAAC,UAAW,EAAA,EAAA,OAAA,EAAQ,SAAU,EAAA,KAAA,EAAM,eACjC,EAAA,EAAA,OAAA,CAAQ,IACR,EAAA,OAAA,CAAQ,KAAS,IAAA,CAAA,CAAA,EAAI,OAAQ,CAAA,KAAK,CACrC,CAAA,CACF,CACF,CAAA,kBACC,KAAA,CAAA,aAAA,CAAA,gBAAA,EAAA,IAAA,kBACE,KAAA,CAAA,aAAA,CAAA,GAAA,EAAA,IAAA,sCACE,UAAW,EAAA,EAAA,OAAA,EAAQ,OAAQ,EAAA,SAAA,EAAS,IAClC,EAAA,EAAA,OAAA,CAAQ,WACX,CAAA,EACC,OAAQ,CAAA,KAAA,oBACN,KAAA,CAAA,aAAA,CAAA,GAAA,EAAA,EAAI,EAAI,EAAA,CAAA,EAAA,kBACN,KAAA,CAAA,aAAA,CAAA,IAAA,EAAA,EAAK,EAAI,EAAA,OAAA,CAAQ,KAAO,EAAA,MAAA,EAAO,QAAS,EAAA,EAAA,2BAEzC,CACF,CAEJ,CACF,CACF,CACD,CACH,CACF,CAAA,CAAA;AAEJ;;ACvHO,MAAM,oBAAoC,GAAA;AAAA,EAC/C,UAAY,EAAA,mBAAA;AAAA,EACZ,cAAgB,EAAA,CAAC,UAAY,EAAA,MAAA,EAAQ,QAAQ,CAAA;AAAA,EAC7C,SAAW,EAAA,EAAA;AAAA,EACX,SAAW,EAAA,CAAA;AACb,EAAA;AAEO,SAAS,eAAe,MAA6B,EAAA;AAC1D,EAAM,MAAA,WAAA,GAAc,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAAA,CAAA;AAEpD,EAAO,OAAA;AAAA,IACL,UAAY,EAAA,CAAA,WAAA,IAAA,IAAA,GAAA,KAAA,CAAA,GAAA,WAAA,CAAa,iBAAkB,CAAA,YAAA,CAAA,KAAiB,oBAAqB,CAAA,UAAA;AAAA,IACjF,cAAgB,EAAA,CAAA,WAAA,IAAA,IAAA,GAAA,KAAA,CAAA,GAAA,WAAA,CAAa,sBAAuB,CAAA,gBAAA,CAAA,KAAqB,oBAAqB,CAAA,cAAA;AAAA,IAC9F,SAAW,EAAA,CAAA,WAAA,IAAA,IAAA,GAAA,KAAA,CAAA,GAAA,WAAA,CAAa,iBAAkB,CAAA,WAAA,CAAA,KAAgB,oBAAqB,CAAA,SAAA;AAAA,IAC/E,SAAW,EAAA,CAAA,WAAA,IAAA,IAAA,GAAA,KAAA,CAAA,GAAA,WAAA,CAAa,iBAAkB,CAAA,WAAA,CAAA,KAAgB,oBAAqB,CAAA,SAAA;AAAA,GACjF,CAAA;AACF;;ACpBa,MAAA,aAAA,GAAgB,CAAC,OAA+E,KAAA;AAC3G,EAAM,MAAA,QAAA,GAAW,OAAO,WAAW,CAAA,CAAA;AACnC,EAAM,MAAA,SAAA,GAAY,OAAO,YAAY,CAAA,CAAA;AACrC,EAAM,MAAA,MAAA,GAAS,eAAe,SAAS,CAAA,CAAA;AAEvC,EAAA,OAAO,QAAS,CAAA;AAAA,IACd,QAAA,EAAU,CAAC,OAAA,EAAS,OAAO,CAAA;AAAA,IAC3B,OAAA,EAAS,MAAM,QAAA,CAAS,QAAS,EAAA;AAAA,IACjC,SAAA,EAAW,MAAO,CAAA,SAAA,GAAY,EAAK,GAAA,GAAA;AAAA,IACnC,MAAA,EAAQ,MAAO,CAAA,SAAA,GAAY,EAAK,GAAA,GAAA;AAAA,IAChC,GAAG,OAAA;AAAA,GACJ,CAAA,CAAA;AACH,EAAA;AAEO,MAAM,YAAe,GAAA,CAC1B,IACA,EAAA,MAAA,EACA,QACA,OACG,KAAA;AACH,EAAM,MAAA,QAAA,GAAW,OAAO,WAAW,CAAA,CAAA;AACnC,EAAM,MAAA,SAAA,GAAY,OAAO,YAAY,CAAA,CAAA;AACrC,EAAM,MAAA,MAAA,GAAS,eAAe,SAAS,CAAA,CAAA;AAEvC,EAAA,OAAO,QAAS,CAAA;AAAA,IACd,UAAU,CAAC,OAAA,EAAS,MAAQ,EAAA,IAAA,EAAM,QAAQ,MAAM,CAAA;AAAA,IAChD,SAAS,MAAM,QAAA,CAAS,OAAQ,CAAA,IAAA,EAAM,QAAQ,MAAM,CAAA;AAAA,IACpD,SAAA,EAAW,MAAO,CAAA,SAAA,GAAY,EAAK,GAAA,GAAA;AAAA,IACnC,MAAA,EAAQ,MAAO,CAAA,SAAA,GAAY,EAAK,GAAA,GAAA;AAAA,IAChC,OAAS,EAAA,CAAC,EAAE,IAAA,IAAQ,MAAU,IAAA,MAAA,CAAA;AAAA,IAC9B,GAAG,OAAA;AAAA,GACJ,CAAA,CAAA;AACH,EAAA;AAEa,MAAA,kBAAA,GAAqB,CAChC,IAAA,EACA,OACG,KAAA;AACH,EAAM,MAAA,QAAA,GAAW,OAAO,WAAW,CAAA,CAAA;AACnC,EAAM,MAAA,SAAA,GAAY,OAAO,YAAY,CAAA,CAAA;AACrC,EAAM,MAAA,MAAA,GAAS,eAAe,SAAS,CAAA,CAAA;AAEvC,EAAA,OAAO,QAAS,CAAA;AAAA,IACd,QAAU,EAAA,CAAC,OAAS,EAAA,QAAA,EAAU,IAAI,CAAA;AAAA,IAClC,OAAS,EAAA,MAAM,QAAS,CAAA,aAAA,CAAc,IAAK,CAAA;AAAA,IAC3C,SAAA,EAAW,MAAO,CAAA,SAAA,GAAY,EAAK,GAAA,GAAA;AAAA,IACnC,MAAA,EAAQ,MAAO,CAAA,SAAA,GAAY,EAAK,GAAA,GAAA;AAAA,IAChC,OAAA,EAAS,CAAC,CAAC,IAAA;AAAA,IACX,GAAG,OAAA;AAAA,GACJ,CAAA,CAAA;AACH;;AC7CO,MAAM,kBAAkB,MAAM;AAVrC,EAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA,CAAA;AAWE,EAAM,MAAA,EAAE,MAAO,EAAA,GAAI,SAAU,EAAA,CAAA;AAC7B,EAAM,MAAA,SAAA,GAAY,OAAO,YAAY,CAAA,CAAA;AACrC,EAAM,MAAA,MAAA,GAAS,eAAe,SAAS,CAAA,CAAA;AAGvC,EAAM,MAAA,cAAA,GAAA,CAAA,CACJ,YAAO,QAAS,CAAA,WAAA,KAAhB,mBAA8B,yBAC9B,CAAA,MAAA,CAAA,EAAA,GAAA,MAAA,CAAO,QAAS,CAAA,WAAA,KAAhB,IAA8B,GAAA,KAAA,CAAA,GAAA,EAAA,CAAA,8BAAA,CAAA,CAAA,CAAA;AAEhC,EAAA,MAAM,YAAW,EAAgB,GAAA,cAAA,IAAA,IAAA,GAAA,KAAA,CAAA,GAAA,cAAA,CAAA,KAAA,CAAM,KAAK,GAA3B,EAAA,KAAA,IAAA,GAAA,KAAA,CAAA,GAAA,EAAA,CAAkC,QAAQ,WAAa,EAAA,EAAA,CAAA,CAAA;AAExE,EAAA,MAAM,EAAE,IAAM,EAAA,SAAA,EAAW,KAAM,EAAA,GAAI,mBAAmB,QAAQ,CAAA,CAAA;AAE9D,EAAA,IAAI,CAAC,QAAU,EAAA;AACb,IACE,uBAAA,KAAA,CAAA,aAAA,CAAC,KAAM,EAAA,EAAA,QAAA,EAAS,MAAO,EAAA,EAAA,iDAAA,EAC2B,qBAC/C,KAAA,CAAA,aAAA,CAAA,MAAA,EAAA,IAAA,EAAK,yBAAuB,CAAA,EAAO,0CACtC,CAAA,CAAA;AAAA,GAEJ;AAEA,EAAA,IAAI,SAAW,EAAA;AACb,IAAA,2CAAQ,QAAS,EAAA,IAAA,CAAA,CAAA;AAAA,GACnB;AAEA,EAAA,IAAI,KAAO,EAAA;AACT,IAAA,uBACG,KAAA,CAAA,aAAA,CAAA,KAAA,EAAA,EAAM,QAAS,EAAA,SAAA,EAAA,EAAU,4CACiB,QAC3C,CAAA,CAAA;AAAA,GAEJ;AAEA,EAAA,IAAI,CAAC,IAAM,EAAA;AACT,IAAA,uBACG,KAAA,CAAA,aAAA,CAAA,KAAA,EAAA,EAAM,QAAS,EAAA,MAAA,EAAA,EAAO,oCACY,QACnC,CAAA,CAAA;AAAA,GAEJ;AAGA,EAAM,MAAA,gBAAA,GAAmB,KAAK,QAAS,CAAA,MAAA;AAAA,IAAO,CAC5C,OAAA,KAAA,MAAA,CAAO,cAAe,CAAA,QAAA,CAAS,QAAQ,QAAQ,CAAA;AAAA,GACjD,CAAA;AAEA,EAAA,2CACG,GACC,EAAA,IAAA,kBAAA,KAAA,CAAA,aAAA,CAAC,iBAAkB,EAAA,EAAA,QAAA,EAAU,kBAAkB,KAAM,EAAA,sBAAA,EAAuB,CAC5E,kBAAA,KAAA,CAAA,aAAA,CAAC,OAAI,EAAI,EAAA,CAAA,EAAG,OAAQ,EAAA,MAAA,EAAO,gBAAe,eAAgB,EAAA,UAAA,EAAW,QACnE,EAAA,kBAAA,KAAA,CAAA,aAAA,CAAC,cAAW,OAAQ,EAAA,SAAA,EAAU,KAAM,EAAA,eAAA,EAAA,EAAgB,aACxC,IAAI,IAAA,CAAK,IAAK,CAAA,SAAS,EAAE,cAAe,EAAA,EAAE,cAAa,EAAA,MAAA,CAAO,eAAe,IAAK,CAAA,IAAI,CAClG,CAAA,sCACC,GAAI,EAAA,EAAA,OAAA,EAAQ,MAAO,EAAA,KAAA,EAAO,EAAE,GAAK,EAAA,CAAA,EAC/B,EAAA,EAAA,IAAA,CAAK,SAAS,QACb,oBAAA,KAAA,CAAA,aAAA,CAAC,IAAK,EAAA,EAAA,EAAA,EAAI,KAAK,QAAS,CAAA,QAAA,EAAU,MAAO,EAAA,QAAA,EAAA,EAAS,SAElD,CAED,EAAA,IAAA,CAAK,QAAS,CAAA,WAAA,wCACZ,IAAK,EAAA,EAAA,EAAA,EAAI,IAAK,CAAA,QAAA,CAAS,aAAa,MAAO,EAAA,QAAA,EAAA,EAAS,YAErD,CAEJ,CACF,CACF,CAAA,CAAA;AAEJ;;AChEO,MAAM,mBAAsB,GAAA,CAAC,EAAE,UAAA,EAAY,OAAsC,KAAA;AACtF,EAAM,MAAA,SAAA,GAAY,OAAO,YAAY,CAAA,CAAA;AACrC,EAAM,MAAA,MAAA,GAAS,eAAe,SAAS,CAAA,CAAA;AAGvC,EAAA,MAAM,WAAW,UAAW,CAAA,KAAA,CAAM,GAAG,CAAA,CAAE,KAAS,IAAA,UAAA,CAAA;AAEhD,EAAA,MAAM,EAAE,IAAM,EAAA,SAAA,EAAW,KAAM,EAAA,GAAI,mBAAmB,QAAQ,CAAA,CAAA;AAE9D,EAAA,IAAI,SAAW,EAAA;AACb,IAAA,2CAAQ,QAAS,EAAA,IAAA,CAAA,CAAA;AAAA,GACnB;AAEA,EAAA,IAAI,KAAO,EAAA;AACT,IAAA,uBACG,KAAA,CAAA,aAAA,CAAA,KAAA,EAAA,EAAM,QAAS,EAAA,SAAA,EAAA,EAAU,4CACiB,QAC3C,CAAA,CAAA;AAAA,GAEJ;AAEA,EAAA,IAAI,CAAC,IAAM,EAAA;AACT,IAAA,uBACG,KAAA,CAAA,aAAA,CAAA,KAAA,EAAA,EAAM,QAAS,EAAA,MAAA,EAAA,EAAO,oCACY,QACnC,CAAA,CAAA;AAAA,GAEJ;AAGA,EAAM,MAAA,gBAAA,GAAmB,KAAK,QAAS,CAAA,MAAA;AAAA,IAAO,CAC5C,OAAA,KAAA,MAAA,CAAO,cAAe,CAAA,QAAA,CAAS,QAAQ,QAAQ,CAAA;AAAA,GACjD,CAAA;AAEA,EAAA,2CACG,GACC,EAAA,IAAA,kBAAA,KAAA,CAAA,aAAA;AAAA,IAAC,iBAAA;AAAA,IAAA;AAAA,MACC,QAAU,EAAA,gBAAA;AAAA,MACV,KAAA,EAAO,KAAS,IAAA,CAAA,gBAAA,EAAmB,QAAQ,CAAA,CAAA;AAAA,KAAA;AAAA,GAE7C,kBAAA,KAAA,CAAA,aAAA,CAAC,GAAI,EAAA,EAAA,EAAA,EAAI,CAAG,EAAA,OAAA,EAAQ,MAAO,EAAA,cAAA,EAAe,eAAgB,EAAA,UAAA,EAAW,QACnE,EAAA,kBAAA,KAAA,CAAA,aAAA,CAAC,UAAW,EAAA,EAAA,OAAA,EAAQ,SAAU,EAAA,KAAA,EAAM,eAAgB,EAAA,EAAA,WAAA,EACxC,IAAI,IAAA,CAAK,IAAK,CAAA,SAAS,CAAE,CAAA,cAAA,EACrC,CAAA,kBACC,KAAA,CAAA,aAAA,CAAA,GAAA,EAAA,EAAI,SAAQ,MAAO,EAAA,KAAA,EAAO,EAAE,GAAA,EAAK,CAAE,EAAA,EAAA,EACjC,IAAK,CAAA,QAAA,CAAS,QACb,oBAAA,KAAA,CAAA,aAAA,CAAC,IAAK,EAAA,EAAA,EAAA,EAAI,IAAK,CAAA,QAAA,CAAS,QAAU,EAAA,MAAA,EAAO,QAAS,EAAA,EAAA,SAElD,CAED,EAAA,IAAA,CAAK,QAAS,CAAA,WAAA,oBACZ,KAAA,CAAA,aAAA,CAAA,IAAA,EAAA,EAAK,EAAI,EAAA,IAAA,CAAK,QAAS,CAAA,WAAA,EAAa,MAAO,EAAA,QAAA,EAAA,EAAS,YAErD,CAEJ,CACF,CACF,CAAA,CAAA;AAEJ;;ACtEA,MAAM,WAAA,GAAc,IAAI,WAAY,CAAA;AAAA,EAClC,cAAgB,EAAA;AAAA,IACd,OAAS,EAAA;AAAA,MACP,MAAA,EAAQ,MAAO,EAAK,GAAA,EAAA;AAAA;AAAA,MACpB,SAAA,EAAW,MAAO,EAAK,GAAA,CAAA;AAAA;AAAA,MACvB,KAAO,EAAA,CAAA;AAAA,MACP,oBAAsB,EAAA,KAAA;AAAA,KACxB;AAAA,GACF;AACF,CAAC,CAAA,CAAA;AAED,MAAM,YAAY,0BAA2B,CAAA;AAAA,EAC3C,SAAS,MAAO,CAAA,YAAA;AAAA,EAChB,GAAK,EAAA,mBAAA;AACP,CAAC,CAAA,CAAA;AAEM,MAAM,kBAAqB,GAAA,CAAC,EAAE,QAAA,EAA8C,KAAA;AACjF,EACE,uBAAA,KAAA,CAAA,aAAA,CAAC,8BAA2B,MAAQ,EAAA,WAAA,EAAa,gBAAgB,EAAE,SAAA,MAChE,QACH,CAAA,CAAA;AAEJ,EAAA;AAGO,MAAM,wBAA2B,GAAA,CAAC,EAAE,QAAA,EAA8C,KAAA;AACvF,EAAA,uBAAQ,KAAA,CAAA,aAAA,CAAA,mBAAA,EAAA,EAAoB,MAAQ,EAAA,WAAA,EAAA,EAAc,QAAS,CAAA,CAAA;AAC7D;;;;"}

package/package.json ADDED Viewed

@@ -0,0 +1,55 @@
+{
+  "name": "@sanity-labs/backstage-plugin-trivy",
+  "version": "0.0.1",
+  "main": "dist/index.esm.js",
+  "types": "dist/index.d.ts",
+  "license": "Apache-2.0",
+  "publishConfig": {
+    "access": "public"
+  },
+  "backstage": {
+    "role": "frontend-plugin"
+  },
+  "dependencies": {
+    "@backstage/config": "^1.1.1",
+    "@backstage/core-components": "^0.13.10",
+    "@backstage/core-plugin-api": "^1.8.2",
+    "@backstage/plugin-catalog-react": "^1.9.3",
+    "@backstage/theme": "^0.5.0",
+    "@material-ui/core": "^4.12.4",
+    "@material-ui/icons": "^4.11.3",
+    "@material-ui/lab": "^4.0.0-alpha.61",
+    "@tanstack/query-sync-storage-persister": "^5.85.5",
+    "@tanstack/react-query": "^5.85.5",
+    "@tanstack/react-query-persist-client": "^5.85.5",
+    "react": "^18.0.2",
+    "react-dom": "^18.0.2",
+    "react-router-dom": "^6.3.0",
+    "react-use": "^17.2.4"
+  },
+  "devDependencies": {
+    "@backstage/cli": "^0.25.0",
+    "@backstage/core-app-api": "^1.11.3",
+    "@backstage/dev-utils": "^1.0.28",
+    "@backstage/test-utils": "^1.4.7",
+    "@testing-library/jest-dom": "^6.0.0",
+    "@testing-library/react": "^14.0.0",
+    "@testing-library/user-event": "^14.0.0",
+    "@types/jest": "^30.0.0",
+    "@types/node": "*",
+    "@types/react": "^18",
+    "@types/react-dom": "^18",
+    "@types/webpack-env": "^1.18.8"
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "start": "backstage-cli package start",
+    "build": "backstage-cli package build",
+    "lint": "backstage-cli package lint",
+    "test": "backstage-cli package test",
+    "clean": "backstage-cli package clean",
+    "tsc": "tsc --project tsconfig.json --declaration --emitDeclarationOnly --outDir dist-types/src"
+  }
+}