/** * @fileoverview CVE Report Generator * @module @nahisaho/musubix-security/cve/report-generator * @description Generates vulnerability reports in Markdown, JSON, and SARIF formats * @requirements REQ-SEC-CVE-003 - CVE report generation with multiple formats * @design DES-SEC-CVE-003 - Report generator with SARIF 2.1.0 support * @task TSK-CVE-008 - レポート生成 */ import type { ScanResult } from './vulnerability-scanner.js'; /** * Report output format */ export type ReportFormat = 'markdown' | 'json' | 'sarif'; /** * Report generator options */ export interface ReportOptions { /** Report title */ title?: string; /** Include detailed vulnerability information */ includeDetails?: boolean; /** Include remediation suggestions */ includeRemediation?: boolean; /** Minimum severity to include */ minSeverity?: 'CRITICAL' | 'HIGH' | 'MEDIUM' | 'LOW' | 'NONE'; /** Group vulnerabilities by severity */ groupBySeverity?: boolean; /** Include scan metadata */ includeMetadata?: boolean; /** Project URL for SARIF */ projectUrl?: string; } /** * SARIF 2.1.0 compatible report structure */ export interface SARIFReport { $schema: string; version: string; runs: SARIFRun[]; } interface SARIFRun { tool: { driver: { name: string; version: string; informationUri: string; rules: SARIFRule[]; }; }; results: SARIFResult[]; invocations: Array<{ executionSuccessful: boolean; endTimeUtc: string; }>; } interface SARIFRule { id: string; name: string; shortDescription: { text: string; }; fullDescription: { text: string; }; helpUri?: string; defaultConfiguration: { level: 'error' | 'warning' | 'note' | 'none'; }; properties: { precision: string; 'security-severity': string; tags: string[]; }; } interface SARIFResult { ruleId: string; level: 'error' | 'warning' | 'note' | 'none'; message: { text: string; }; locations: Array<{ physicalLocation: { artifactLocation: { uri: string; uriBaseId: string; }; }; }>; properties: { packageName: string; packageVersion: string; fixedVersion?: string; cvssScore?: number; cwes?: string[]; }; } /** * CVE Report Generator */ export declare class ReportGenerator { private readonly options; constructor(options?: ReportOptions); /** * Generate report in specified format */ generate(result: ScanResult, format: ReportFormat): string; /** * Filter vulnerabilities by minimum severity */ private filterBySeverity; /** * Generate Markdown report */ private generateMarkdown; /** * Format a single vulnerability as Markdown */ private formatVulnerabilityMarkdown; /** * Group vulnerabilities by severity */ private groupBySeverity; /** * Generate JSON report */ private generateJSON; /** * Generate SARIF 2.1.0 report */ private generateSARIF; } /** * Quick report generation function */ export declare function generateReport(result: ScanResult, format: ReportFormat, options?: ReportOptions): string; /** * Generate and save report to file */ export declare function generateReportToFile(result: ScanResult, filePath: string, format: ReportFormat, options?: ReportOptions): Promise; /** * Determine format from file extension */ export declare function getFormatFromExtension(filePath: string): ReportFormat; export {}; //# sourceMappingURL=report-generator.d.ts.map