Add vulnerable warnings to Manage Packages page (#8436)

Show vulnerability alerts on manage packages page

Author: drewgillies

src/Bootstrap/dist/css/bootstrap-theme.css

@@ -60,6 +60,19 @@
 
   .inner-table {
     margin-bottom: 0px;
+
+    .package-icon-cell {
+      cursor: default;
+      padding-left: 0;
+      padding-right: 0;
+      text-align: right;
+
+      .package-icon {
+        padding-left: 6px;
+        padding-right: 6px;
+        padding-top: 6px;
+      }
+    }
   }
 
   .required-signer {

src/Bootstrap/less/theme/page-manage-packages.less

@@ -7,6 +7,7 @@
 using System.Net.Http;
 using System.Security.Principal;
 using System.Web;
+using Microsoft.Owin.Security.MicrosoftAccount;
 using Newtonsoft.Json;
 using NuGet.Services.Entities;
 using NuGet.Services.FeatureFlags;

src/NuGetGallery.Services/Telemetry/TelemetryService.cs

@@ -3,6 +3,7 @@
 
 using System;
 using System.Collections.Generic;
+using System.Diagnostics;
 using System.Globalization;
 using System.Linq;
 using System.Net;

src/NuGetGallery/Controllers/UsersController.cs

@@ -35,6 +35,7 @@
             this.ShowRequiredSigner = packageItem.ShowRequiredSigner;
             this.ShowTextBox = packageItem.ShowTextBox;
             this.CanEditRequiredSigner = packageItem.CanEditRequiredSigner;
+            this.IsVulnerable = packageItem.IsVulnerable;
             this.CanEdit = packageItem.CanEdit;
             this.CanManageOwners = packageItem.CanManageOwners;
             this.CanDelete = packageItem.CanDelete;

src/NuGetGallery/Scripts/gallery/page-manage-packages.js

@@ -116,10 +116,14 @@
                         <th class="sortable">Owners</th>
                     @if (Model.IsCertificatesUIEnabled)
                     {
-                        <th  class="sortable">Signing Owner</th>
+                        <th class="sortable">Signing Owner</th>
+                    }
+                        <th class="sortable">Downloads</th>
+                        <th class="sortable">Latest Version</th>
+                    @if (Model.IsPackageVulnerabilitiesEnabled)
+                    {
+                        <th><span class="hidden">Package warnings</span></th>
                     }
-                        <th  class="sortable">Downloads</th>
-                        <th  class="sortable">Latest Version</th>
                         <th><span class="hidden">Icon</span></th>
                     </tr>
                 </thead>
@@ -171,6 +175,12 @@
                         <td class="align-middle text-nowrap" data-bind="attr: { 'data-sortby': VersionSortOrder }">
                             <span data-bind="text: LatestVersion"></span>
                         </td>
+                    @if (Model.IsPackageVulnerabilitiesEnabled)
+                    {
+                        <td class="package-icon-cell">
+                            <i class="ms-Icon ms-Icon--Warning package-icon" data-bind="visible: IsVulnerable" title="This version has at least one known vulnerability. Click on the package name for details."></i>
+                        </td>
+                    }
                         <td class="text-right align-middle package-controls">
                             <span data-bind="visible: CanEdit || CanManageOwners || CanDelete">
                                 <a class="btn" title="Manage Package" data-bind="attr: { href: ManageUrl,
@@ -353,7 +363,8 @@
             p.CanEditRequiredSigner,
             p.ShowRequiredSigner,
             p.ShowTextBox,
-            p.VersionSortOrder
+            p.VersionSortOrder,
+            p.IsVulnerable
         };
     }