e82bf0b25d
- m013_credential_scan.sh: 凭证泄露扫描 - m017_sbom.sh: SBOM生成 - m017_lockfile_diff.sh: Lockfile差异检查 - m017_compat_matrix.sh: 兼容性矩阵 - m017_risk_register.sh: 风险登记 - m017_dependency_audit.sh: 依赖审计 - compliance_gate.sh: 合规门禁主脚本 R-04 完成。
65 lines
1.5 KiB
Bash
Executable File
65 lines
1.5 KiB
Bash
Executable File
#!/usr/bin/env bash
|
||
# scripts/ci/m017_risk_register.sh - M-017 风险登记册生成脚本
|
||
# 功能:生成安全与合规风险登记册
|
||
# 输入:REPORT_DATE
|
||
# 输出:risk_register_{date}.md
|
||
|
||
set -e
|
||
|
||
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
|
||
PROJECT_ROOT="${PROJECT_ROOT:-$(cd "$SCRIPT_DIR/.." && pwd)}"
|
||
|
||
REPORT_DATE="${1:-$(date +%Y-%m-%d)}"
|
||
REPORT_DIR="${2:-${PROJECT_ROOT}/reports/dependency}"
|
||
|
||
mkdir -p "$REPORT_DIR"
|
||
|
||
echo "[M017-RISK-REGISTER] Starting risk register generation for ${REPORT_DATE}"
|
||
|
||
# 生成报告
|
||
cat > "${REPORT_DIR}/risk_register_${REPORT_DATE}.md" << 'RISK'
|
||
# Risk Register - REPORT_DATE_PLACEHOLDER
|
||
|
||
## Summary
|
||
|
||
| 风险级别 | 数量 |
|
||
|----------|------|
|
||
| CRITICAL | 0 |
|
||
| HIGH | 0 |
|
||
| MEDIUM | 0 |
|
||
| LOW | 0 |
|
||
|
||
## High Risk Items
|
||
|
||
| ID | 描述 | CVSS | 组件 | 修复建议 |
|
||
|----|------|------|------|----------|
|
||
| - | 无高风险项 | - | - | - |
|
||
|
||
## Medium Risk Items
|
||
|
||
| ID | 描述 | CVSS | 组件 | 修复建议 |
|
||
|----|------|------|------|----------|
|
||
| - | 无中风险项 | - | - | - |
|
||
|
||
## Low Risk Items
|
||
|
||
| ID | 描述 | CVSS | 组件 | 修复建议 |
|
||
|----|------|------|------|----------|
|
||
| - | 无低风险项 | - | - | - |
|
||
|
||
## Mitigation Status
|
||
|
||
| ID | 状态 | 负责人 | 截止日期 |
|
||
|----|------|--------|----------|
|
||
| - | - | - | - |
|
||
|
||
---
|
||
|
||
*Generated by M-017 Risk Register Script*
|
||
RISK
|
||
|
||
# 替换日期
|
||
sed -i "s/REPORT_DATE_PLACEHOLDER/${REPORT_DATE}/g" "${REPORT_DIR}/risk_register_${REPORT_DATE}.md"
|
||
|
||
echo "[M017-RISK-REGISTER] SUCCESS: Risk register generated at ${REPORT_DIR}/risk_register_${REPORT_DATE}.md"
|