24.2.18 AI support, improved performance, eval_results_eval_id_idx (#49)

* improve performance of homepage view for large data sets

* AI related updated for AI exception scoring

* add flag to reset script to preserve workspace
documentation updates, add admin doc

---------

Co-authored-by: Michael Potter <[email protected]>

Author: miloszzimon

development/scripts/reset.sql

@@ -1,6 +1,14 @@
 set serveroutput on
+set define ^
+set serveroutput on size unlimited
+set sqlformat    default
+set termout      on
+set timing       off
+set verify       off
 
 declare
+  l_drop_ws   varchar2(128) := '^1';
+
   procedure drop_user(p_user in varchar2)
   as
     e_user_not_found exception;
@@ -46,16 +54,22 @@ declare
     -- apex_extension.remove_menu_entry(p_label => 'APEX SERT', p_workspace => 'SERT');
   exception when e_workspace_not_found then null;
   end remove_apex_workspace;
+  -- variable
+
 begin
 
   dbms_output.put_line('Clear changelog tables');
   clear_lb_table(p_table => 'SERT_DATABASECHANGELOG');
   clear_lb_table(p_table => 'SERT_DATABASECHANGELOG_ACTIONS');
   clear_lb_table(p_table => 'SERT_DATABASECHANGELOGLOCK');
 
-  dbms_output.put_line('Drop APEX workspace');
-  remove_apex_workspace('SERT');
-  -- commit;
+  if ( lower(l_drop_ws) = 'y' ) then
+    dbms_output.put_line('Drop APEX-SERT workspace');
+    remove_apex_workspace('SERT');
+    commit;
+  else
+    dbms_output.put_line('preserve APEX-SERT workspace');
+  end if;
   dbms_output.put_line('Drop sert schemas');
   drop_user('sert_core');
   drop_user('sert_pub');

doc/adminguide.md

@@ -1,5 +1,11 @@
 # Release Notes
 
+## 24.2.18
+
+* [GAT-469] - Implement AI support for scoring exception justifications
+* [GAT-476] - performance: sert_core.evals_pub_v is very poor when eval_results is large (100K+) #48
+* [GAT-475] - fix schema for eval_results_eval_id_idx
+
 ## 24.2.17
 
 * [GAT-466] - Rule "List Entry Does Not Contain &ITEM. Syntax" - wrong component_id #42

doc/images/sert-admin-homepage.png

@@ -4,7 +4,7 @@
 
 APEX-SERT is an APEX application that evaluates a selected APEX application for security vulnerabilities. The selected application will be evaluated on many topics including: Authentication, Authorization, SQL Injection, Cross Site Scripting (XSS), URL Tampering and many more. After an evaluation is complete, the user will receive a score for their application and a dashboard to review and modify any security vulnerabilities (issues). Each point of risk is described and a suggested action available to make correcting any security risks quick and easy. APEX-SERT also allows a user to provide exceptions to any issues that may not necessarily be vulnerabilities. A user with the Approver role can then approve or reject the exception based on the provided input and the score can then be reevaluated.
 
-The APEX-SERT User Guide is provided as a reference for using APEX-SERT v21.2. It is intended for any APEX application developer, development manager and those with similar roles. This User Guide defines the different security terminology, attributes and attribute sets and categories used for the evaluation scores, and the different exceptions statuses used throughout APEX-SERT.
+The APEX-SERT User Guide is provided as a reference for using APEX-SERT. It is intended for any APEX application developer, development manager and those with similar roles. This User Guide defines the different security terminology, attributes and attribute sets and categories used for the evaluation scores, and the different exceptions statuses used throughout APEX-SERT.
 
 This User Guide also covers the following processes that a user can do within APEX-SERT:
 

doc/release_notes.md

@@ -1,4 +1,4 @@
--- file_checksum: 20703B57525A63047957AFCA5FD72D98EB9AEFFDB3519CC9BBCE690142C699E2
+-- file_checksum: 9C235BECA1D9A38116D00418236FA4CC1E12D9C68E2259BF3F8369D071E012BA
 prompt --application/create_application
 begin
 --   Manifest
@@ -55,7 +55,7 @@ wwv_imp_workspace.create_flow(
 ,p_substitution_value_01=>'APEX-SERT'
 ,p_file_prefix => nvl(wwv_flow_application_install.get_static_app_file_prefix,'')
 ,p_files_version=>204
-,p_version_scn=>45029884746733
+,p_version_scn=>45179260795369
 ,p_print_server_type=>'INSTANCE'
 ,p_file_storage=>'DB'
 ,p_is_pwa=>'Y'

doc/userguide.md

@@ -1,4 +1,4 @@
--- file_checksum: A05DD2174E686B708C71E1C68D0ED4AC66653AEB93CDA62D8583ECF7E1DB37E0
+-- file_checksum: 9073EAD09B23E35B44AAA89CD92E4DBF9992CB8D250E2EB22EC018775F48D16C
 -------------------------------------------------------------------------------
 -- Copyright (c) 2024,2025 Oracle and/or its affiliates.
 -- Licensed under the Universal Permissive License v 1.0 as shown
@@ -85,7 +85,7 @@ wwv_flow_imp_page.create_page_plug(
 ,p_region_template_options=>'#DEFAULT#'
 ,p_component_template_options=>'#DEFAULT#'
 ,p_plug_template=>wwv_flow_imp.id(511921980148949486)
-,p_plug_display_sequence=>50
+,p_plug_display_sequence=>2
 ,p_location=>null
 ,p_list_id=>wwv_flow_imp.id(136314465783723109)
 ,p_plug_source_type=>'NATIVE_LIST'
@@ -97,7 +97,7 @@ wwv_flow_imp_page.create_page_plug(
 ,p_plug_name=>'Stale Exception'
 ,p_region_template_options=>'#DEFAULT#:t-Alert--horizontal:t-Alert--defaultIcons:t-Alert--danger'
 ,p_plug_template=>wwv_flow_imp.id(511915446136949475)
-,p_plug_display_sequence=>20
+,p_plug_display_sequence=>1
 ,p_location=>null
 ,p_plug_source=>'The value of this component has changed since an exception was added or approved.'
 ,p_plug_display_condition_type=>'EXISTS'
@@ -112,7 +112,7 @@ wwv_flow_imp_page.create_page_plug(
 ,p_region_template_options=>'#DEFAULT#:t-BreadcrumbRegion--useBreadcrumbTitle'
 ,p_component_template_options=>'#DEFAULT#'
 ,p_plug_template=>wwv_flow_imp.id(511999637997949547)
-,p_plug_display_sequence=>10
+,p_plug_display_sequence=>0
 ,p_plug_display_point=>'REGION_POSITION_01'
 ,p_location=>null
 ,p_menu_id=>wwv_flow_imp.id(511883866849949405)

product/.DS_Store

@@ -1,4 +1,4 @@
--- file_checksum: 8C8F583842FBCDCBC5C5904ABB86EC7FC0FC54DEDAE1E6EB1C9B4515F77F1643
+-- file_checksum: 5EC7AF7CB8716D55F4F6A879898E16AFCB83FFE7B360C1377744DA23CC92F246
 -------------------------------------------------------------------------------
 -- Copyright (c) 2024,2025 Oracle and/or its affiliates.
 -- Licensed under the Universal Permissive License v 1.0 as shown
@@ -132,21 +132,14 @@ wwv_flow_imp_page.create_page_plug(
 '  ,null as actions',
 '  ,job_status',
 '  ,job_status_css ',
-'  ,case ',
-'    when app_icon is not null then ',
-'        ''r/'' || workspace || ''/'' || application_id || ''/files/static/v6/'' ||app_icon',
-'    else null',
-'   end as app_image2',
 '  ,app_image',
+'  ,app_image2',
 '  ,approved_score as score',
 '  ,score_css',
 '  ,exception_cnt',
 '  ,apex_version ',
 '  ,eval_on',
 '  ,rule_set_active_yn',
-'  ,case when rule_Set_active_yn = ''N'' then ''<span class="t-Badge t-Badge--warning t-Badge--sm" role="status" aria-label="INACTIVE rule-set" title="INACTIVE rule-set"> <span class="t-Badge-value">INACTIVE</span></span>'' ',
-'     else '''' ',
-'   end as rule_set_state',
 'from   ',
 '  evals_pub_v ep',
 ''))
@@ -179,7 +172,13 @@ wwv_flow_imp_page.create_page_plug(
     '<span class="t-Badge t-Badge--&JOB_STATUS_CSS. u-pullRight">',
     '     <span class="t-Badge-value">&JOB_STATUS.</span>',
     '</span>')),
-  'OVERLINE', '&RULE_SET. (&APEX_VERSION.) &RULE_SET_STATE!RAW.',
+  'OVERLINE', wwv_flow_string.join(wwv_flow_t_varchar2(
+    '&RULE_SET. (&APEX_VERSION.)',
+    '',
+    '{case RULE_SET_ACTIVE_YN/}',
+    '  {when N/}',
+    '  <span class="fa fa-warning u-danger-text"></span> Inactive',
+    '{endcase/}')),
   'REMOVE_PADDING', 'N',
   'TITLE', '&TITLE.')).to_clob
 );
@@ -207,18 +206,6 @@ wwv_flow_imp_page.create_region_column(
 ,p_use_as_row_header=>false
 ,p_is_primary_key=>false
 );
-wwv_flow_imp_page.create_region_column(
- p_id=>wwv_flow_imp.id(94244343987095665)
-,p_name=>'RULE_SET_STATE'
-,p_source_type=>'DB_COLUMN'
-,p_source_expression=>'RULE_SET_STATE'
-,p_data_type=>'VARCHAR2'
-,p_session_state_data_type=>'VARCHAR2'
-,p_display_sequence=>250
-,p_is_group=>false
-,p_use_as_row_header=>false
-,p_is_primary_key=>false
-);
 wwv_flow_imp_page.create_region_column(
  p_id=>wwv_flow_imp.id(106334192143065064)
 ,p_name=>'APP_IMAGE2'
@@ -984,7 +971,7 @@ wwv_flow_imp_page.create_component_action(
 ,p_link_target=>'#'
 ,p_link_attributes=>'id="&EVAL_ID."'
 ,p_button_display_type=>'ICON'
-,p_icon_css_classes=>'fa-clock-o'
+,p_icon_css_classes=>'fa-database-play'
 ,p_action_css_classes=>'reEvaluationInBackground'
 ,p_is_hot=>false
 ,p_show_as_disabled=>false

product/sert/apex/application/f2100/application/create_application.sql

@@ -1,4 +1,4 @@
--- file_checksum: 45581C4998938B3C94A8768DF789ADA0F87286E8D6DDFD593189DC1B92B47C63
+-- file_checksum: DDAA1EBDFBAE0353CBEB4736E6D9E467535D1FA419524860C8092EC274791102
 prompt --application/pages/page_00005
 begin
 --   Manifest
@@ -46,6 +46,7 @@ wwv_flow_imp_page.create_page_button(
 ,p_button_template_options=>'#DEFAULT#'
 ,p_button_template_id=>wwv_flow_imp.id(512260372386949620)
 ,p_button_image_alt=>'Close'
+,p_button_position=>'CLOSE'
 ,p_warn_on_unsaved_changes=>null
 );
 wwv_flow_imp_page.create_page_item(