diff --git a/app/helpers.py b/app/helpers.py index 51b241f..0b765ed 100644 --- a/app/helpers.py +++ b/app/helpers.py @@ -99,12 +99,17 @@ class RouteHelpers: dynamic_results=data['dynamic_results'], ) else: + # Note: EDR results are intentionally NOT folded in here. The + # file_info / results page has tabs only for Static and Dynamic; + # EDR is its own analysis type at /analyze/edr// + # with its own page, alerts, and Detection-Score contribution. + # Keeping the file's score scoped to static+dynamic+PE keeps + # the abstraction clean. risk_score, risk_factors = risk_analyzer.calculate_risk( analysis_type='file', file_info=data['file_info'], static_results=data['static_results'], dynamic_results=data['dynamic_results'], - edr_results=data.get('edr_results'), ) risk_level = risk_analyzer.get_risk_level(risk_score) diff --git a/app/services/summary.py b/app/services/summary.py index 13dfd9d..974a9af 100644 --- a/app/services/summary.py +++ b/app/services/summary.py @@ -116,9 +116,11 @@ def process_file_summary(item, item_path, file_based_summary, logger): dynamic_results = json_helpers.load_json_file(dynamic_path) logger.debug(f"Loaded dynamic analysis results for item: {item}") - # Discover every EDR profile run for this sample. Stored as - # `edr__results.json`. The calculate_risk helper - # accepts a {profile_name: findings} mapping. + # Discover every EDR profile run for this sample for the + # Status-cell sub-badges. Stored as `edr__results.json`. + # NOTE: EDR results are NOT folded into the file's risk score. + # EDR is its own analysis type with its own page; the file's + # score stays scoped to static+dynamic+PE info. edr_results = {} edr_prefix, edr_suffix = 'edr_', '_results.json' for entry in os.listdir(item_path): @@ -137,7 +139,6 @@ def process_file_summary(item, item_path, file_based_summary, logger): file_info=file_info, static_results=static_results, dynamic_results=dynamic_results, - edr_results=edr_results or None, ) risk_level = risk_analyzer.get_risk_level(risk_score) diff --git a/app/static/js/summary.js b/app/static/js/summary.js index 9344ada..acbe8e7 100644 --- a/app/static/js/summary.js +++ b/app/static/js/summary.js @@ -134,24 +134,20 @@ function renderFiles() { if (file.risk_assessment) { const { level, score, factors } = file.risk_assessment; riskEl.textContent = `${level} (${score}%)`; - riskEl.className = 'px-3 py-1 text-xs rounded-lg inline-flex items-center justify-center font-medium'; - - if (score >= 75) { - riskEl.className += ' bg-red-500/15 text-red-300 border border-red-500/30'; - } else if (score >= 50) { - riskEl.className += ' bg-orange-500/15 text-orange-300 border border-orange-500/30'; - } else if (score >= 25) { - riskEl.className += ' bg-yellow-500/15 text-yellow-300 border border-yellow-500/30'; - } else { - riskEl.className += ' bg-green-500/15 text-green-300 border border-green-500/30'; - } + // Use the design-system severity tag — the dynamic Tailwind + // classes weren't getting picked up by the JIT scanner (only + // template files are scanned, not JS) so `text-orange-300` + // etc. were missing from the compiled CSS, leaving the badge + // unstyled white. .lb-tag. is defined globally with + // the right severity colors from --lb-sev-*. + riskEl.className = `lb-tag ${(level || 'muted').toLowerCase()}`; if (factors && factors.length > 0) { entropyEl.textContent = factors[0]; } } else { riskEl.textContent = 'Unknown'; - riskEl.className += ' bg-gray-500/15 text-gray-400 border border-gray-500/30 px-3 py-1 text-xs rounded-lg inline-flex items-center justify-center font-medium'; + riskEl.className = 'lb-tag muted'; entropyEl.textContent = ''; }