From 152e25b3191cde40de11b205a5fcdca97c483c52 Mon Sep 17 00:00:00 2001
From: Teodora Sandu <teodora.sandu@snyk.io>
Date: Wed, 26 Jun 2024 14:23:49 +0100
Subject: [PATCH 1/4] feat: add ability to inject style directly

---
 infrastructure/oss/issue_html_test.go    | 2 +-
 infrastructure/oss/template/details.html | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/infrastructure/oss/issue_html_test.go b/infrastructure/oss/issue_html_test.go
index ed7571e79..2c6260dc4 100644
--- a/infrastructure/oss/issue_html_test.go
+++ b/infrastructure/oss/issue_html_test.go
@@ -31,7 +31,7 @@ import (
 
 func Test_OssDetailsPanel_html_noLearn(t *testing.T) {
 	_ = testutil.UnitTest(t)
-	expectedVariables := []string{"${headerEnd}", "${cspSource}", "${nonce}", "${severityIcon}", "${learnIcon}"}
+	expectedVariables := []string{"${ideStyle}", "${cspSource}", "${nonce}", "${severityIcon}", "${learnIcon}"}
 	slices.Sort(expectedVariables)
 
 	issueAdditionalData := snyk.OssIssueData{
diff --git a/infrastructure/oss/template/details.html b/infrastructure/oss/template/details.html
index cda3bbbef..5c10a35b8 100644
--- a/infrastructure/oss/template/details.html
+++ b/infrastructure/oss/template/details.html
@@ -93,7 +93,7 @@
     }
 
   </style>
-  ${headerEnd}
+  ${ideStyle}
 </head>
 <body>
 <div class="suggestion">

From de69c2d0ab4251cd97b3afe1866368d6f0d605e5 Mon Sep 17 00:00:00 2001
From: Teodora Sandu <teodora.sandu@snyk.io>
Date: Wed, 26 Jun 2024 16:16:59 +0100
Subject: [PATCH 2/4] refactor: use html/template

---
 infrastructure/code/code_html.go         |  24 +--
 infrastructure/oss/issue_html.go         | 212 +++++++++++++----------
 infrastructure/oss/issue_html_test.go    |   8 +-
 infrastructure/oss/template/details.html |  92 ++++++++--
 4 files changed, 216 insertions(+), 120 deletions(-)

diff --git a/infrastructure/code/code_html.go b/infrastructure/code/code_html.go
index 8aad75650..a306ac721 100644
--- a/infrastructure/code/code_html.go
+++ b/infrastructure/code/code_html.go
@@ -66,8 +66,8 @@ var globalTemplate *template.Template
 func init() {
 	funcMap := template.FuncMap{
 		"repoName":      getRepoName,
-		"trimCWEPrefix": trimCWEPrefix,
-		"idxMinusOne":   idxMinusOne,
+		"trimCWEPrefix": TrimCWEPrefix,
+		"idxMinusOne":   IdxMinusOne,
 	}
 
 	var err error
@@ -92,7 +92,7 @@ func getCodeDetailsHtml(issue snyk.Issue) string {
 		"IssueTitle":         additionalData.Title,
 		"IssueMessage":       additionalData.Message,
 		"IssueType":          getIssueType(additionalData),
-		"SeverityIcon":       getSeverityIconSvg(issue),
+		"SeverityIcon":       GetSeverityIconSvg(issue),
 		"CWEs":               issue.CWEs,
 		"IssueOverview":      markdownToHTML(additionalData.Text),
 		"IsIgnored":          issue.IsIgnored,
@@ -105,7 +105,7 @@ func getCodeDetailsHtml(issue snyk.Issue) string {
 		"PriorityScore":      additionalData.PriorityScore,
 		"SnykWebUrl":         config.CurrentConfig().SnykUi(),
 		"LessonUrl":          issue.LessonUrl,
-		"LessonIcon":         getLessonIconSvg(),
+		"LessonIcon":         GetLessonIconSvg(),
 		"IgnoreLineAction":   getLineToIgnoreAction(issue),
 		"HasAIFix":           additionalData.HasAIFix,
 		"ExternalIcon":       getExternalIconSvg(),
@@ -141,11 +141,11 @@ func getLineToIgnoreAction(issue snyk.Issue) int {
 	return issue.Range.Start.Line + 1
 }
 
-func idxMinusOne(n int) int {
+func IdxMinusOne(n int) int {
 	return n - 1
 }
 
-func trimCWEPrefix(cwe string) string {
+func TrimCWEPrefix(cwe string) string {
 	return strings.TrimPrefix(cwe, "CWE-")
 }
 
@@ -279,25 +279,25 @@ func getExternalIconSvg() template.HTML {
 	</svg>`)
 }
 
-func getSeverityIconSvg(issue snyk.Issue) template.HTML {
+func GetSeverityIconSvg(issue snyk.Issue) template.HTML {
 	switch issue.Severity {
 	case snyk.Critical:
-		return template.HTML(`<svg fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
+		return template.HTML(`<svg id="critical" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
 			 <rect width="16" height="16" rx="2" fill="#AB1A1A"/>
 			 <path d="M9.975 9.64h2.011a3.603 3.603 0 0 1-.545 1.743 3.24 3.24 0 0 1-1.338 1.19c-.57.284-1.256.427-2.06.427-.627 0-1.19-.107-1.688-.32a3.594 3.594 0 0 1-1.278-.936 4.158 4.158 0 0 1-.801-1.47C4.092 9.7 4 9.057 4 8.345v-.675c0-.712.094-1.356.283-1.93a4.255 4.255 0 0 1 .82-1.476 3.657 3.657 0 0 1 1.286-.936A4.114 4.114 0 0 1 8.057 3c.817 0 1.505.147 2.066.44.565.295 1.002.7 1.312 1.217.314.516.502 1.104.565 1.763H9.982c-.023-.392-.101-.723-.236-.995a1.331 1.331 0 0 0-.612-.621c-.27-.143-.628-.214-1.077-.214-.336 0-.63.062-.881.187a1.632 1.632 0 0 0-.633.568c-.17.254-.298.574-.383.962a6.61 6.61 0 0 0-.121 1.349v.688c0 .503.038.946.114 1.33.076.378.193.699.35.961.161.259.368.454.619.588.256.13.563.194.922.194.421 0 .769-.067 1.043-.2a1.39 1.39 0 0 0 .625-.595c.148-.263.236-.59.263-.982Z" fill="#fff"/>
 		 </svg>`)
 	case snyk.High:
-		return template.HTML(`<svg fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
+		return template.HTML(`<svg id="high" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
 			 <rect width="16" height="16" rx="2" fill="#CE5019"/>
 			 <path d="M10.5 7v2h-5V7h5ZM6 3v10H4V3h2Zm6 0v10h-2V3h2Z" fill="#fff"/>
 		 </svg>`)
 	case snyk.Medium:
-		return template.HTML(`<svg fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
+		return template.HTML(`<svg id="medium" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
 			 <rect width="16" height="16" rx="2" fill="#D68000"/>
 			 <path d="M3 3h2l2.997 7.607L11 3h2L9 13H7L3 3Zm0 0h2v10l-2-.001V3.001Zm8 0h2V13h-2V3Z" fill="#fff"/>
 		 </svg>`)
 	case snyk.Low:
-		return template.HTML(`<svg fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
+		return template.HTML(`<svg id="low" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
 			 <rect width="16" height="16" rx="2" fill="#88879E"/>
 			 <path d="M11 11v2H6.705v-2H11ZM7 3v10H5V3h2Z" fill="#fff"/>
 		 </svg>`)
@@ -316,7 +316,7 @@ func getGitHubIconSvg() template.HTML {
 	</svg>`)
 }
 
-func getLessonIconSvg() template.HTML {
+func GetLessonIconSvg() template.HTML {
 	return template.HTML(`<svg width="17" height="14" viewBox="0 0 17 14" fill="none" xmlns="http://www.w3.org/2000/svg">
 	<path d="M8.25 0L0 4.5L3 6.135V10.635L8.25 13.5L13.5 10.635V6.135L15 5.3175V10.5H16.5V4.5L8.25 0ZM13.365 4.5L8.25 7.29L3.135 4.5L8.25 1.71L13.365 4.5ZM12 9.75L8.25 11.79L4.5 9.75V6.9525L8.25 9L12 6.9525V9.75Z" fill="#888"/>
 	</svg>
diff --git a/infrastructure/oss/issue_html.go b/infrastructure/oss/issue_html.go
index 198741cdf..cb6000c18 100644
--- a/infrastructure/oss/issue_html.go
+++ b/infrastructure/oss/issue_html.go
@@ -17,145 +17,175 @@
 package oss
 
 import (
+	"bytes"
 	_ "embed"
 	"fmt"
-	"strings"
-
 	"github.com/gomarkdown/markdown"
-	"golang.org/x/exp/maps"
-
 	"github.com/snyk/snyk-ls/application/config"
 	"github.com/snyk/snyk-ls/domain/snyk"
+	"github.com/snyk/snyk-ls/infrastructure/code"
+	"github.com/snyk/snyk-ls/internal/product"
+	"html/template"
+	"strings"
 )
 
 //go:embed template/details.html
 var detailsHtmlTemplate string
 
-func replaceVariableInHtml(html string, variableName string, variableValue string) string {
-	return strings.ReplaceAll(html, fmt.Sprintf("${%s}", variableName), variableValue)
-}
+var globalTemplate *template.Template
 
-func getIdentifiers(id string, issue snyk.OssIssueData) string {
-	identifierList := []string{""}
+func init() {
+	funcMap := template.FuncMap{
+		"trimCWEPrefix": code.TrimCWEPrefix,
+		"idxMinusOne":   code.IdxMinusOne,
+		"join":          join,
+	}
 
-	issueTypeString := "Vulnerability"
-	if len(issue.License) > 0 {
-		issueTypeString = "License"
+	var err error
+	globalTemplate, err = template.New(string(product.ProductOpenSource)).Funcs(funcMap).Parse(detailsHtmlTemplate)
+	if err != nil {
+		config.CurrentConfig().Logger().Error().Msgf("Failed to parse details template: %s", err)
 	}
+}
+
+func join(sep string, s []string) string {
+	return strings.Join(s, sep)
+}
 
-	for _, id := range issue.Identifiers.CVE {
-		url := "https://cve.mitre.org/cgi-bin/cvename.cgi?name=" + id
-		htmlAnchor := fmt.Sprintf("<a href='%s'>%s</a>", url, id)
-		identifierList = append(identifierList, htmlAnchor)
+func getDetailsHtml(issue snyk.Issue) string {
+	additionalData, ok := issue.AdditionalData.(snyk.OssIssueData)
+	if !ok {
+		config.CurrentConfig().Logger().Error().Msg("Failed to cast additional data to OssIssueData")
+		return ""
 	}
+	overview := markdown.ToHTML([]byte(additionalData.Description), nil, nil)
 
-	for _, id := range issue.Identifiers.CWE {
-		linkId := strings.ReplaceAll(strings.ToUpper(id), "CWE-", "")
-		htmlAnchor := fmt.Sprintf("<a href='https://cwe.mitre.org/data/definitions/%s.html'>%s</a>", linkId, id)
-		identifierList = append(identifierList, htmlAnchor)
+	data := map[string]interface{}{
+		"IssueId":            issue.ID,
+		"IssueName":          additionalData.Name,
+		"IssueTitle":         additionalData.Title,
+		"IssueType":          getIssueType(additionalData),
+		"SeverityText":       issue.Severity.String(),
+		"SeverityIcon":       code.GetSeverityIconSvg(issue),
+		"VulnerableModule":   additionalData.Name,
+		"IssueOverview":      markdwonToHTML(string(overview)),
+		"CVEs":               additionalData.Identifiers.CVE,
+		"CWEs":               additionalData.Identifiers.CWE,
+		"CvssScore":          fmt.Sprintf("%.1f", additionalData.CvssScore),
+		"ExploitMaturity":    getExploitMaturity(additionalData),
+		"IntroducedThroughs": getIntroducedThroughs(additionalData),
+		"LessonUrl":          additionalData.Lesson,
+		"LessonIcon":         code.GetLessonIconSvg(),
+		"FixedIn":            additionalData.FixedIn,
+		"DetailedPaths":      getDetailedPaths(additionalData),
 	}
 
-	if issue.CvssScore > 0 {
-		htmlAnchor := fmt.Sprintf("<span>CVSS %.1f</span>", issue.CvssScore)
-		identifierList = append(identifierList, htmlAnchor)
+	var html bytes.Buffer
+	if err := globalTemplate.Execute(&html, data); err != nil {
+		config.CurrentConfig().Logger().Error().Msgf("Failed to execute main details template: %v", err)
+		return ""
 	}
 
-	htmlAnchor := fmt.Sprintf("<a href='https://snyk.io/vuln/%s'>%s</a>", id, strings.ToUpper(id))
-	identifierList = append(identifierList, htmlAnchor)
+	return html.String()
+}
+
+func getIssueType(issue snyk.OssIssueData) string {
+	if len(issue.License) > 0 {
+		return "License"
+	}
 
-	return fmt.Sprintf("%s %s", issueTypeString, strings.Join(identifierList, "<span class='delimiter'> </span> "))
+	return "Vulnerability"
 }
 
 func getExploitMaturity(issue snyk.OssIssueData) string {
 	if len(issue.Exploit) > 0 {
-		return fmt.Sprintf("<div class='summary-item maturity'><div class='label font-light'>Exploit maturity</div>"+
-			"<div class='content'>%s</div></div>", issue.Exploit)
+		return issue.Exploit
 	} else {
 		return ""
 	}
 }
 
-func getIntroducedBy(issue snyk.OssIssueData) string {
-	m := make(map[string]string)
+// TODO: common
+func markdwonToHTML(md string) template.HTML {
+	html := markdown.ToHTML([]byte(md), nil, nil)
+	return template.HTML(html)
+}
+
+type IntroducedThrough struct {
+	SnykUI         string
+	PackageManager string
+	Module         string
+}
+
+func getIntroducedThroughs(issue snyk.OssIssueData) []IntroducedThrough {
+	introducedThroughs := []IntroducedThrough{}
 
+	snykUi := config.CurrentConfig().SnykUi()
 	if len(issue.From) > 0 {
 		for _, v := range issue.MatchingIssues {
 			if len(v.From) > 1 {
-				module := v.From[1]
-				htmlAnchor := getVulnHtmlAnchor(issue.PackageManager, module)
-				m[module] = htmlAnchor
+				introducedThroughs = append(introducedThroughs, IntroducedThrough{
+					SnykUI:         snykUi,
+					PackageManager: issue.PackageManager,
+					Module:         v.From[1],
+				})
 			}
 		}
-
-		return fmt.Sprintf("<div class='summary-item introduced-through'><div class='label font-light'>Introduced through</div>"+
-			"<div class='content'>%s</div></div>", strings.Join(maps.Values(m), ", "))
-	} else {
-		return ""
 	}
+	return introducedThroughs
 }
 
-func getVulnHtmlAnchor(packageManager string, module string) string {
-	snykUi := config.CurrentConfig().SnykUi()
-	return fmt.Sprintf("<a href='%s/test/%s'>%s</a>", snykUi, packageManager, module)
+type DetailedPath struct {
+	From        []string
+	Remediation string
 }
 
-func getLearnLink(issue snyk.OssIssueData) string {
-	if issue.Lesson == "" {
-		return ""
-	}
+func getDetailedPaths(issue snyk.OssIssueData) []DetailedPath {
+	var detailedPaths = make([]DetailedPath, len(issue.MatchingIssues))
 
-	return fmt.Sprintf("<a class='learn--link' id='learn--link' href='%s'>Learn about this vulnerability</a>",
-		issue.Lesson)
-}
+	for i, matchingIssue := range issue.MatchingIssues {
+		remediationAdvice := getRemediationAdvice(matchingIssue)
 
-func getFixedIn(issue snyk.OssIssueData) string {
-	if len(issue.FixedIn) == 0 {
-		return "Not fixed"
+		detailedPaths[i] = DetailedPath{
+			From:        matchingIssue.From,
+			Remediation: remediationAdvice,
+		}
 	}
-
-	result := "%s@%v"
-	return fmt.Sprintf(result, issue.Name, strings.Join(issue.FixedIn, ", "))
+	return detailedPaths
 }
 
-func getDetailedPaths(issue snyk.OssIssueData) string {
-	detailedPathHtml := ""
-
-	for _, matchingIssue := range issue.MatchingIssues {
-		remediationAdvice := matchingIssue.Remediation
-		introducedThrough := strings.Join(matchingIssue.From, " > ")
-
-		detailedPathHtml += fmt.Sprintf(`<div class="summary-item path">
-						<div class="label font-light">Introduced through</div>
-						<div class="content">%s</div>
-					</div>
-					<div class="summary-item remediation">
-						<div class="label font-light">Remediation</div>
-						<div class="content">%s</div>
-					</div>`, introducedThrough, remediationAdvice)
-	}
+func getRemediationAdvice(issue snyk.OssIssueData) string {
+	hasUpgradePath := len(issue.UpgradePath) > 1
+	isOutdated := hasUpgradePath && issue.UpgradePath[1] == issue.From[1]
+	remediationAdvice := "No remediation advice available"
+	upgradeMessage := ""
+	if issue.IsUpgradable || issue.IsPatchable {
+		if hasUpgradePath {
+			upgradeMessage = "Upgrade to " + issue.UpgradePath[1].(string)
+		}
 
-	return detailedPathHtml
+		if isOutdated {
+			if issue.IsPatchable {
+				remediationAdvice = upgradeMessage
+			} else {
+				remediationAdvice = getOutdatedDependencyMessage(issue)
+			}
+		} else {
+			remediationAdvice = upgradeMessage
+		}
+	}
+	return remediationAdvice
 }
 
-func getDetailsHtml(issue snyk.Issue) string {
-	additionalData, ok := issue.AdditionalData.(snyk.OssIssueData)
-	if !ok {
-		config.CurrentConfig().Logger().Error().Msg("Failed to cast additional data to OssIssueData")
-		return ""
-	}
-	overview := markdown.ToHTML([]byte(additionalData.Description), nil, nil)
+func getOutdatedDependencyMessage(issue snyk.OssIssueData) string {
+	remediationAdvice := fmt.Sprintf("Your dependencies are out of date, "+
+		"otherwise you would be using a newer %s than %s@%s. ", issue.Name, issue.Name, issue.Version)
 
-	html := replaceVariableInHtml(detailsHtmlTemplate, "issueId", issue.ID)
-	html = replaceVariableInHtml(html, "issueTitle", additionalData.Title)
-	html = replaceVariableInHtml(html, "severityText", issue.Severity.String())
-	html = replaceVariableInHtml(html, "vulnerableModule", additionalData.Name)
-	html = replaceVariableInHtml(html, "overview", string(overview))
-	html = replaceVariableInHtml(html, "identifiers", getIdentifiers(issue.ID, additionalData))
-	html = replaceVariableInHtml(html, "exploitMaturity", getExploitMaturity(additionalData))
-	html = replaceVariableInHtml(html, "introducedThrough", getIntroducedBy(additionalData))
-	html = replaceVariableInHtml(html, "learnLink", getLearnLink(additionalData))
-	html = replaceVariableInHtml(html, "fixedIn", getFixedIn(additionalData))
-	html = replaceVariableInHtml(html, "detailedPaths", getDetailedPaths(additionalData))
-
-	return html
+	if issue.PackageManager == "npm" || issue.PackageManager == "yarn" || issue.PackageManager == "yarn-workspace" {
+		remediationAdvice += "Try relocking your lockfile or deleting node_modules and reinstalling" +
+			" your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules."
+	} else {
+		remediationAdvice += "Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules."
+	}
+	return remediationAdvice
 }
diff --git a/infrastructure/oss/issue_html_test.go b/infrastructure/oss/issue_html_test.go
index 2c6260dc4..ccfda413a 100644
--- a/infrastructure/oss/issue_html_test.go
+++ b/infrastructure/oss/issue_html_test.go
@@ -31,7 +31,7 @@ import (
 
 func Test_OssDetailsPanel_html_noLearn(t *testing.T) {
 	_ = testutil.UnitTest(t)
-	expectedVariables := []string{"${ideStyle}", "${cspSource}", "${nonce}", "${severityIcon}", "${learnIcon}"}
+	expectedVariables := []string{"${ideStyle}", "${nonce}"}
 	slices.Sort(expectedVariables)
 
 	issueAdditionalData := snyk.OssIssueData{
@@ -72,8 +72,8 @@ func Test_OssDetailsPanel_html_noLearn(t *testing.T) {
 	assert.True(t, strings.Contains(issueDetailsPanelHtml, issue.ID))
 	assert.True(t, strings.Contains(issueDetailsPanelHtml, issueAdditionalData.Title))
 	assert.True(t, strings.Contains(issueDetailsPanelHtml, issue.Severity.String()))
-	assert.True(t, strings.Contains(issueDetailsPanelHtml, strings.Join(issueAdditionalData.From, " > ")))
-	assert.True(t, strings.Contains(issueDetailsPanelHtml, strings.Join(issue2.From, " > ")))
+	assert.True(t, strings.Contains(issueDetailsPanelHtml, strings.Join(issueAdditionalData.From, " &gt; ")))
+	assert.True(t, strings.Contains(issueDetailsPanelHtml, strings.Join(issue2.From, " &gt; ")))
 	assert.True(t, strings.Contains(issueDetailsPanelHtml, "<li>list</li>"))
 	assert.False(t, strings.Contains(issueDetailsPanelHtml, "Learn about this vulnerability"))
 }
@@ -131,6 +131,6 @@ func Test_OssDetailsPanel_html_withLearn_withCustomEndpoint(t *testing.T) {
 	issueAdditionalData.MatchingIssues = append(issueAdditionalData.MatchingIssues, issueAdditionalData)
 
 	issueDetailsPanelHtml := getDetailsHtml(issue)
-
+	
 	assert.True(t, strings.Contains(issueDetailsPanelHtml, customEndpoint))
 }
diff --git a/infrastructure/oss/template/details.html b/infrastructure/oss/template/details.html
index 5c10a35b8..39d22666a 100644
--- a/infrastructure/oss/template/details.html
+++ b/infrastructure/oss/template/details.html
@@ -19,7 +19,9 @@
 <head>
   <meta charset="UTF-8">
   <meta name="viewport" content="width=device-width, initial-scale=1.0">
-  <meta http-equiv="Content-Security-Policy" content="default-src 'self' ${cspSource}; style-src 'nonce-${nonce}' ${cspSource}; script-src 'nonce-${nonce}';">
+  <meta http-equiv="Content-Security-Policy"
+        content="default-src 'self' 'none'; style-src 'self' 'nonce-${nonce}'; script-src 'nonce-${nonce}';">
+
   <style nonce="${nonce}">
     .suggestion {
       position: relative;
@@ -62,6 +64,7 @@
       line-height: 2rem;
     }
 
+    /*TODO: move to vscode*/
     .vscode-dark .light-only {
       display: none;
     }
@@ -93,39 +96,102 @@
     }
 
   </style>
+
   ${ideStyle}
 </head>
+
 <body>
 <div class="suggestion">
   <section class="suggestion--header">
     <div class="severity">
-      <img id="severity-icon" src="${severityIcon}" alt="${severityText}" class="icon"/>
+      {{.SeverityIcon}}
     </div>
-    <div class="suggestion-text">${issueTitle}</div>
-    <div class="identifiers">${identifiers}</div>
-    <div class="learn" id="learn">
-      <img class="icon" src="${learnIcon}" alt="learnIcon" />
-      ${learnLink}
+    <div class="suggestion-text">{{.IssueTitle}}</div>
+    <div class="identifiers">
+      {{.IssueType}}
+      {{if gt (len .CVEs) 0}}
+      <span class="delimiter">|</span>
+      {{range $index, $cve := .CVEs}}
+      <a class="cve styled-link" target="_blank" rel="noopener noreferrer"
+         href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=$cve">{{$cve}}</a>
+      {{if ne $index (idxMinusOne (len $.CVEs))}}<span class="delimiter"></span>{{end}}
+      {{end}}
+      {{end}}
+
+      {{if gt (len .CWEs) 0}}
+      <span class="delimiter">|</span>
+      {{range $index, $cwe := .CWEs}}
+      <a class="cwe styled-link" target="_blank" rel="noopener noreferrer"
+         href="https://cwe.mitre.org/data/definitions/{{trimCWEPrefix $cwe}}.html">{{$cwe}}</a>
+      {{if ne $index (idxMinusOne (len $.CWEs))}}<span class="delimiter"></span>{{end}}
+      {{end}}
+      {{end}}
+
+      {{if gt (len .CvssScore) 0}}
+      <span class="delimiter">|</span>
+      <span>{{.CvssScore}}</span>
+      {{end}}
+
+      <span class="delimiter">|</span>
+      <a class="styled-link" target="_blank" rel="noopener noreferrer"
+         href="https://snyk.io/vuln/{{.IssueId}}">{{.IssueId}}</a>
     </div>
+    {{ if .LessonUrl }}
+      <div class="learn" id="learn">
+        {{.LessonIcon}}
+        <a class="learn--link" id="learn--link" href="{{.LessonUrl}}">Learn about this vulnerability</a>
+      </div>
+    {{end}}
   </section>
   <section class="delimiter-top summary">
     <div class="summary-item module">
       <div class="label font-light">Vulnerable module</div>
-      <div class="content">${vulnerableModule}</div>
+      <div class="content">{{.VulnerableModule}}</div>
+    </div>
+    {{range .IntroducedThroughs}}
+    <div class="summary-item introduced-through">
+      <div class="label font-light">Introduced through</div>
+      <div class="content">
+        <a href="{{.SnykUI}}/test/{{.PackageManager}}">{{.Module}}</a>
+      </div>
     </div>
-    ${introducedThrough}
+    {{end}}
     <div class="summary-item fixed-in">
       <div class="label font-light">Fixed in</div>
-      <div class="content">${fixedIn}</div>
+      <div class="content">
+        {{ if eq (len .FixedIn) 0 }}
+        Not fixed
+        {{else}}
+        {{.IssueName}}@{{ join ", " .FixedIn }}
+        {{end}}
+      </div>
+    </div>
+    {{ if .ExploitMaturity }}
+    <div class="summary-item maturity">
+      <div class="label font-light">Exploit maturity</div>
+      <div class="content">{{.ExploitMaturity}}</div>
     </div>
-    ${exploitMaturity}
+    {{end}}
   </section>
   <section class="delimiter-top summary">
     <h2>Detailed paths</h2>
-    <div class="detailed-paths">${detailedPaths}</div>
+    <div class="detailed-paths">
+      {{range .DetailedPaths}}
+        <div class="summary-item path">
+          <div class="label font-light">Introduced through</div>
+          <div class="content">{{join " > " .From}}</div>
+        </div>
+        <div class="summary-item remediation">
+          <div class="label font-light">Remediation</div>
+          <div class="content">{{.Remediation}}</div>
+        </div>
+      {{end}}
+    </div>
   </section>
   <section class="delimiter-top">
-    <div id="overview" class="vulnerability-overview">${overview}</div>
+    <div id="overview" class="vulnerability-overview">
+      {{.IssueOverview}}
+    </div>
   </section>
 </div>
 <script nonce="${nonce}">

From c5d5f4d85429bd839ad3e017a5c45e2e606635b5 Mon Sep 17 00:00:00 2001
From: Teodora Sandu <teodora.sandu@snyk.io>
Date: Wed, 26 Jun 2024 17:06:51 +0100
Subject: [PATCH 3/4] refactor: move common functions

---
 infrastructure/code/code_html.go | 60 +++------------------------
 infrastructure/oss/issue_html.go | 24 +++++------
 internal/html/html.go            | 71 ++++++++++++++++++++++++++++++++
 3 files changed, 87 insertions(+), 68 deletions(-)
 create mode 100644 internal/html/html.go

diff --git a/infrastructure/code/code_html.go b/infrastructure/code/code_html.go
index a306ac721..ec5b29a66 100644
--- a/infrastructure/code/code_html.go
+++ b/infrastructure/code/code_html.go
@@ -27,10 +27,9 @@ import (
 	"strings"
 	"time"
 
-	"github.com/gomarkdown/markdown"
-
 	"github.com/snyk/snyk-ls/application/config"
 	"github.com/snyk/snyk-ls/domain/snyk"
+	"github.com/snyk/snyk-ls/internal/html"
 	"github.com/snyk/snyk-ls/internal/product"
 )
 
@@ -66,8 +65,8 @@ var globalTemplate *template.Template
 func init() {
 	funcMap := template.FuncMap{
 		"repoName":      getRepoName,
-		"trimCWEPrefix": TrimCWEPrefix,
-		"idxMinusOne":   IdxMinusOne,
+		"trimCWEPrefix": html.TrimCWEPrefix,
+		"idxMinusOne":   html.IdxMinusOne,
 	}
 
 	var err error
@@ -92,9 +91,9 @@ func getCodeDetailsHtml(issue snyk.Issue) string {
 		"IssueTitle":         additionalData.Title,
 		"IssueMessage":       additionalData.Message,
 		"IssueType":          getIssueType(additionalData),
-		"SeverityIcon":       GetSeverityIconSvg(issue),
+		"SeverityIcon":       html.GetSeverityIconSvg(issue),
 		"CWEs":               issue.CWEs,
-		"IssueOverview":      markdownToHTML(additionalData.Text),
+		"IssueOverview":      html.MarkdownToHTML(additionalData.Text),
 		"IsIgnored":          issue.IsIgnored,
 		"DataFlow":           additionalData.DataFlow,
 		"DataFlowTable":      prepareDataFlowTable(additionalData),
@@ -105,7 +104,7 @@ func getCodeDetailsHtml(issue snyk.Issue) string {
 		"PriorityScore":      additionalData.PriorityScore,
 		"SnykWebUrl":         config.CurrentConfig().SnykUi(),
 		"LessonUrl":          issue.LessonUrl,
-		"LessonIcon":         GetLessonIconSvg(),
+		"LessonIcon":         html.GetLessonIconSvg(),
 		"IgnoreLineAction":   getLineToIgnoreAction(issue),
 		"HasAIFix":           additionalData.HasAIFix,
 		"ExternalIcon":       getExternalIconSvg(),
@@ -132,23 +131,10 @@ func getCodeDetailsHtml(issue snyk.Issue) string {
 	return html.String()
 }
 
-func markdownToHTML(md string) template.HTML {
-	html := markdown.ToHTML([]byte(md), nil, nil)
-	return template.HTML(html)
-}
-
 func getLineToIgnoreAction(issue snyk.Issue) int {
 	return issue.Range.Start.Line + 1
 }
 
-func IdxMinusOne(n int) int {
-	return n - 1
-}
-
-func TrimCWEPrefix(cwe string) string {
-	return strings.TrimPrefix(cwe, "CWE-")
-}
-
 func prepareIgnoreDetailsRow(ignoreDetails *snyk.IgnoreDetails) []IgnoreDetail {
 	return []IgnoreDetail{
 		{"Category", parseCategory(ignoreDetails.Category)},
@@ -279,33 +265,6 @@ func getExternalIconSvg() template.HTML {
 	</svg>`)
 }
 
-func GetSeverityIconSvg(issue snyk.Issue) template.HTML {
-	switch issue.Severity {
-	case snyk.Critical:
-		return template.HTML(`<svg id="critical" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
-			 <rect width="16" height="16" rx="2" fill="#AB1A1A"/>
-			 <path d="M9.975 9.64h2.011a3.603 3.603 0 0 1-.545 1.743 3.24 3.24 0 0 1-1.338 1.19c-.57.284-1.256.427-2.06.427-.627 0-1.19-.107-1.688-.32a3.594 3.594 0 0 1-1.278-.936 4.158 4.158 0 0 1-.801-1.47C4.092 9.7 4 9.057 4 8.345v-.675c0-.712.094-1.356.283-1.93a4.255 4.255 0 0 1 .82-1.476 3.657 3.657 0 0 1 1.286-.936A4.114 4.114 0 0 1 8.057 3c.817 0 1.505.147 2.066.44.565.295 1.002.7 1.312 1.217.314.516.502 1.104.565 1.763H9.982c-.023-.392-.101-.723-.236-.995a1.331 1.331 0 0 0-.612-.621c-.27-.143-.628-.214-1.077-.214-.336 0-.63.062-.881.187a1.632 1.632 0 0 0-.633.568c-.17.254-.298.574-.383.962a6.61 6.61 0 0 0-.121 1.349v.688c0 .503.038.946.114 1.33.076.378.193.699.35.961.161.259.368.454.619.588.256.13.563.194.922.194.421 0 .769-.067 1.043-.2a1.39 1.39 0 0 0 .625-.595c.148-.263.236-.59.263-.982Z" fill="#fff"/>
-		 </svg>`)
-	case snyk.High:
-		return template.HTML(`<svg id="high" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
-			 <rect width="16" height="16" rx="2" fill="#CE5019"/>
-			 <path d="M10.5 7v2h-5V7h5ZM6 3v10H4V3h2Zm6 0v10h-2V3h2Z" fill="#fff"/>
-		 </svg>`)
-	case snyk.Medium:
-		return template.HTML(`<svg id="medium" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
-			 <rect width="16" height="16" rx="2" fill="#D68000"/>
-			 <path d="M3 3h2l2.997 7.607L11 3h2L9 13H7L3 3Zm0 0h2v10l-2-.001V3.001Zm8 0h2V13h-2V3Z" fill="#fff"/>
-		 </svg>`)
-	case snyk.Low:
-		return template.HTML(`<svg id="low" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
-			 <rect width="16" height="16" rx="2" fill="#88879E"/>
-			 <path d="M11 11v2H6.705v-2H11ZM7 3v10H5V3h2Z" fill="#fff"/>
-		 </svg>`)
-	default:
-		return ``
-	}
-}
-
 func getGitHubIconSvg() template.HTML {
 	return template.HTML(`<svg class="tab-item-icon" width="18" height="16" viewBox="0 0 98 96" xmlns="http://www.w3.org/2000/svg">
 		<path
@@ -316,13 +275,6 @@ func getGitHubIconSvg() template.HTML {
 	</svg>`)
 }
 
-func GetLessonIconSvg() template.HTML {
-	return template.HTML(`<svg width="17" height="14" viewBox="0 0 17 14" fill="none" xmlns="http://www.w3.org/2000/svg">
-	<path d="M8.25 0L0 4.5L3 6.135V10.635L8.25 13.5L13.5 10.635V6.135L15 5.3175V10.5H16.5V4.5L8.25 0ZM13.365 4.5L8.25 7.29L3.135 4.5L8.25 1.71L13.365 4.5ZM12 9.75L8.25 11.79L4.5 9.75V6.9525L8.25 9L12 6.9525V9.75Z" fill="#888"/>
-	</svg>
-	`)
-}
-
 func getScanAnimationSvg() template.HTML {
 	return template.HTML(`<svg id="scan-animation" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 248 204" shape-rendering="geometricPrecision">
 	<defs>
diff --git a/infrastructure/oss/issue_html.go b/infrastructure/oss/issue_html.go
index cb6000c18..67f839266 100644
--- a/infrastructure/oss/issue_html.go
+++ b/infrastructure/oss/issue_html.go
@@ -20,13 +20,15 @@ import (
 	"bytes"
 	_ "embed"
 	"fmt"
+	"html/template"
+	"strings"
+
 	"github.com/gomarkdown/markdown"
+
 	"github.com/snyk/snyk-ls/application/config"
 	"github.com/snyk/snyk-ls/domain/snyk"
-	"github.com/snyk/snyk-ls/infrastructure/code"
+	"github.com/snyk/snyk-ls/internal/html"
 	"github.com/snyk/snyk-ls/internal/product"
-	"html/template"
-	"strings"
 )
 
 //go:embed template/details.html
@@ -36,8 +38,8 @@ var globalTemplate *template.Template
 
 func init() {
 	funcMap := template.FuncMap{
-		"trimCWEPrefix": code.TrimCWEPrefix,
-		"idxMinusOne":   code.IdxMinusOne,
+		"trimCWEPrefix": html.TrimCWEPrefix,
+		"idxMinusOne":   html.IdxMinusOne,
 		"join":          join,
 	}
 
@@ -66,16 +68,16 @@ func getDetailsHtml(issue snyk.Issue) string {
 		"IssueTitle":         additionalData.Title,
 		"IssueType":          getIssueType(additionalData),
 		"SeverityText":       issue.Severity.String(),
-		"SeverityIcon":       code.GetSeverityIconSvg(issue),
+		"SeverityIcon":       html.GetSeverityIconSvg(issue),
 		"VulnerableModule":   additionalData.Name,
-		"IssueOverview":      markdwonToHTML(string(overview)),
+		"IssueOverview":      html.MarkdownToHTML(string(overview)),
 		"CVEs":               additionalData.Identifiers.CVE,
 		"CWEs":               additionalData.Identifiers.CWE,
 		"CvssScore":          fmt.Sprintf("%.1f", additionalData.CvssScore),
 		"ExploitMaturity":    getExploitMaturity(additionalData),
 		"IntroducedThroughs": getIntroducedThroughs(additionalData),
 		"LessonUrl":          additionalData.Lesson,
-		"LessonIcon":         code.GetLessonIconSvg(),
+		"LessonIcon":         html.GetLessonIconSvg(),
 		"FixedIn":            additionalData.FixedIn,
 		"DetailedPaths":      getDetailedPaths(additionalData),
 	}
@@ -105,12 +107,6 @@ func getExploitMaturity(issue snyk.OssIssueData) string {
 	}
 }
 
-// TODO: common
-func markdwonToHTML(md string) template.HTML {
-	html := markdown.ToHTML([]byte(md), nil, nil)
-	return template.HTML(html)
-}
-
 type IntroducedThrough struct {
 	SnykUI         string
 	PackageManager string
diff --git a/internal/html/html.go b/internal/html/html.go
new file mode 100644
index 000000000..b5f7b1c1d
--- /dev/null
+++ b/internal/html/html.go
@@ -0,0 +1,71 @@
+/*
+ * © 2024 Snyk Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package html
+
+import (
+	"github.com/gomarkdown/markdown"
+	"github.com/snyk/snyk-ls/domain/snyk"
+	"html/template"
+	"strings"
+)
+
+func MarkdownToHTML(md string) template.HTML {
+	html := markdown.ToHTML([]byte(md), nil, nil)
+	return template.HTML(html)
+}
+
+func IdxMinusOne(n int) int {
+	return n - 1
+}
+
+func TrimCWEPrefix(cwe string) string {
+	return strings.TrimPrefix(cwe, "CWE-")
+}
+
+func GetLessonIconSvg() template.HTML {
+	return template.HTML(`<svg width="17" height="14" viewBox="0 0 17 14" fill="none" xmlns="http://www.w3.org/2000/svg">
+	<path d="M8.25 0L0 4.5L3 6.135V10.635L8.25 13.5L13.5 10.635V6.135L15 5.3175V10.5H16.5V4.5L8.25 0ZM13.365 4.5L8.25 7.29L3.135 4.5L8.25 1.71L13.365 4.5ZM12 9.75L8.25 11.79L4.5 9.75V6.9525L8.25 9L12 6.9525V9.75Z" fill="#888"/>
+	</svg>
+	`)
+}
+
+func GetSeverityIconSvg(issue snyk.Issue) template.HTML {
+	switch issue.Severity {
+	case snyk.Critical:
+		return template.HTML(`<svg id="critical" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
+			 <rect width="16" height="16" rx="2" fill="#AB1A1A"/>
+			 <path d="M9.975 9.64h2.011a3.603 3.603 0 0 1-.545 1.743 3.24 3.24 0 0 1-1.338 1.19c-.57.284-1.256.427-2.06.427-.627 0-1.19-.107-1.688-.32a3.594 3.594 0 0 1-1.278-.936 4.158 4.158 0 0 1-.801-1.47C4.092 9.7 4 9.057 4 8.345v-.675c0-.712.094-1.356.283-1.93a4.255 4.255 0 0 1 .82-1.476 3.657 3.657 0 0 1 1.286-.936A4.114 4.114 0 0 1 8.057 3c.817 0 1.505.147 2.066.44.565.295 1.002.7 1.312 1.217.314.516.502 1.104.565 1.763H9.982c-.023-.392-.101-.723-.236-.995a1.331 1.331 0 0 0-.612-.621c-.27-.143-.628-.214-1.077-.214-.336 0-.63.062-.881.187a1.632 1.632 0 0 0-.633.568c-.17.254-.298.574-.383.962a6.61 6.61 0 0 0-.121 1.349v.688c0 .503.038.946.114 1.33.076.378.193.699.35.961.161.259.368.454.619.588.256.13.563.194.922.194.421 0 .769-.067 1.043-.2a1.39 1.39 0 0 0 .625-.595c.148-.263.236-.59.263-.982Z" fill="#fff"/>
+		 </svg>`)
+	case snyk.High:
+		return template.HTML(`<svg id="high" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
+			 <rect width="16" height="16" rx="2" fill="#CE5019"/>
+			 <path d="M10.5 7v2h-5V7h5ZM6 3v10H4V3h2Zm6 0v10h-2V3h2Z" fill="#fff"/>
+		 </svg>`)
+	case snyk.Medium:
+		return template.HTML(`<svg id="medium" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
+			 <rect width="16" height="16" rx="2" fill="#D68000"/>
+			 <path d="M3 3h2l2.997 7.607L11 3h2L9 13H7L3 3Zm0 0h2v10l-2-.001V3.001Zm8 0h2V13h-2V3Z" fill="#fff"/>
+		 </svg>`)
+	case snyk.Low:
+		return template.HTML(`<svg id="low" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
+			 <rect width="16" height="16" rx="2" fill="#88879E"/>
+			 <path d="M11 11v2H6.705v-2H11ZM7 3v10H5V3h2Z" fill="#fff"/>
+		 </svg>`)
+	default:
+		return ``
+	}
+}

From 69bbd23077f01ed218453c22fabbc050e4f11be3 Mon Sep 17 00:00:00 2001
From: Teodora Sandu <teodora.sandu@snyk.io>
Date: Thu, 27 Jun 2024 14:54:40 +0100
Subject: [PATCH 4/4] fix: still support old vscode webview

---
 infrastructure/oss/issue_html_test.go    |  4 ++--
 infrastructure/oss/template/details.html | 14 ++++++++------
 internal/html/html.go                    | 10 +++++-----
 3 files changed, 15 insertions(+), 13 deletions(-)

diff --git a/infrastructure/oss/issue_html_test.go b/infrastructure/oss/issue_html_test.go
index ccfda413a..db710ee0e 100644
--- a/infrastructure/oss/issue_html_test.go
+++ b/infrastructure/oss/issue_html_test.go
@@ -31,7 +31,7 @@ import (
 
 func Test_OssDetailsPanel_html_noLearn(t *testing.T) {
 	_ = testutil.UnitTest(t)
-	expectedVariables := []string{"${ideStyle}", "${nonce}"}
+	expectedVariables := []string{"${headerEnd}", "${cspSource}", "${ideStyle}", "${nonce}"}
 	slices.Sort(expectedVariables)
 
 	issueAdditionalData := snyk.OssIssueData{
@@ -131,6 +131,6 @@ func Test_OssDetailsPanel_html_withLearn_withCustomEndpoint(t *testing.T) {
 	issueAdditionalData.MatchingIssues = append(issueAdditionalData.MatchingIssues, issueAdditionalData)
 
 	issueDetailsPanelHtml := getDetailsHtml(issue)
-	
+
 	assert.True(t, strings.Contains(issueDetailsPanelHtml, customEndpoint))
 }
diff --git a/infrastructure/oss/template/details.html b/infrastructure/oss/template/details.html
index 39d22666a..c04a833dc 100644
--- a/infrastructure/oss/template/details.html
+++ b/infrastructure/oss/template/details.html
@@ -20,7 +20,7 @@
   <meta charset="UTF-8">
   <meta name="viewport" content="width=device-width, initial-scale=1.0">
   <meta http-equiv="Content-Security-Policy"
-        content="default-src 'self' 'none'; style-src 'self' 'nonce-${nonce}'; script-src 'nonce-${nonce}';">
+        content="default-src 'self' ${cspSource}; style-src 'self' 'nonce-${nonce}' ${cspSource}; script-src 'nonce-${nonce}' ${cspSource};">
 
   <style nonce="${nonce}">
     .suggestion {
@@ -97,6 +97,8 @@
 
   </style>
 
+  ${headerEnd}
+
   ${ideStyle}
 </head>
 
@@ -110,7 +112,7 @@
     <div class="identifiers">
       {{.IssueType}}
       {{if gt (len .CVEs) 0}}
-      <span class="delimiter">|</span>
+      <span class="delimiter"> </span>
       {{range $index, $cve := .CVEs}}
       <a class="cve styled-link" target="_blank" rel="noopener noreferrer"
          href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=$cve">{{$cve}}</a>
@@ -119,7 +121,7 @@
       {{end}}
 
       {{if gt (len .CWEs) 0}}
-      <span class="delimiter">|</span>
+      <span class="delimiter"> </span>
       {{range $index, $cwe := .CWEs}}
       <a class="cwe styled-link" target="_blank" rel="noopener noreferrer"
          href="https://cwe.mitre.org/data/definitions/{{trimCWEPrefix $cwe}}.html">{{$cwe}}</a>
@@ -128,11 +130,11 @@
       {{end}}
 
       {{if gt (len .CvssScore) 0}}
-      <span class="delimiter">|</span>
-      <span>{{.CvssScore}}</span>
+      <span class="delimiter"> </span>
+      <span>CVSS {{.CvssScore}}</span>
       {{end}}
 
-      <span class="delimiter">|</span>
+      <span class="delimiter"> </span>
       <a class="styled-link" target="_blank" rel="noopener noreferrer"
          href="https://snyk.io/vuln/{{.IssueId}}">{{.IssueId}}</a>
     </div>
diff --git a/internal/html/html.go b/internal/html/html.go
index b5f7b1c1d..082330f24 100644
--- a/internal/html/html.go
+++ b/internal/html/html.go
@@ -37,7 +37,7 @@ func TrimCWEPrefix(cwe string) string {
 }
 
 func GetLessonIconSvg() template.HTML {
-	return template.HTML(`<svg width="17" height="14" viewBox="0 0 17 14" fill="none" xmlns="http://www.w3.org/2000/svg">
+	return template.HTML(`<svg class="icon" width="17" height="14" viewBox="0 0 17 14" fill="none" xmlns="http://www.w3.org/2000/svg">
 	<path d="M8.25 0L0 4.5L3 6.135V10.635L8.25 13.5L13.5 10.635V6.135L15 5.3175V10.5H16.5V4.5L8.25 0ZM13.365 4.5L8.25 7.29L3.135 4.5L8.25 1.71L13.365 4.5ZM12 9.75L8.25 11.79L4.5 9.75V6.9525L8.25 9L12 6.9525V9.75Z" fill="#888"/>
 	</svg>
 	`)
@@ -46,22 +46,22 @@ func GetLessonIconSvg() template.HTML {
 func GetSeverityIconSvg(issue snyk.Issue) template.HTML {
 	switch issue.Severity {
 	case snyk.Critical:
-		return template.HTML(`<svg id="critical" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
+		return template.HTML(`<svg id="severity-icon" class="icon critical" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
 			 <rect width="16" height="16" rx="2" fill="#AB1A1A"/>
 			 <path d="M9.975 9.64h2.011a3.603 3.603 0 0 1-.545 1.743 3.24 3.24 0 0 1-1.338 1.19c-.57.284-1.256.427-2.06.427-.627 0-1.19-.107-1.688-.32a3.594 3.594 0 0 1-1.278-.936 4.158 4.158 0 0 1-.801-1.47C4.092 9.7 4 9.057 4 8.345v-.675c0-.712.094-1.356.283-1.93a4.255 4.255 0 0 1 .82-1.476 3.657 3.657 0 0 1 1.286-.936A4.114 4.114 0 0 1 8.057 3c.817 0 1.505.147 2.066.44.565.295 1.002.7 1.312 1.217.314.516.502 1.104.565 1.763H9.982c-.023-.392-.101-.723-.236-.995a1.331 1.331 0 0 0-.612-.621c-.27-.143-.628-.214-1.077-.214-.336 0-.63.062-.881.187a1.632 1.632 0 0 0-.633.568c-.17.254-.298.574-.383.962a6.61 6.61 0 0 0-.121 1.349v.688c0 .503.038.946.114 1.33.076.378.193.699.35.961.161.259.368.454.619.588.256.13.563.194.922.194.421 0 .769-.067 1.043-.2a1.39 1.39 0 0 0 .625-.595c.148-.263.236-.59.263-.982Z" fill="#fff"/>
 		 </svg>`)
 	case snyk.High:
-		return template.HTML(`<svg id="high" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
+		return template.HTML(`<svg id="severity-icon" class="icon high" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
 			 <rect width="16" height="16" rx="2" fill="#CE5019"/>
 			 <path d="M10.5 7v2h-5V7h5ZM6 3v10H4V3h2Zm6 0v10h-2V3h2Z" fill="#fff"/>
 		 </svg>`)
 	case snyk.Medium:
-		return template.HTML(`<svg id="medium" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
+		return template.HTML(`<svg id="severity-icon" class="icon medium" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
 			 <rect width="16" height="16" rx="2" fill="#D68000"/>
 			 <path d="M3 3h2l2.997 7.607L11 3h2L9 13H7L3 3Zm0 0h2v10l-2-.001V3.001Zm8 0h2V13h-2V3Z" fill="#fff"/>
 		 </svg>`)
 	case snyk.Low:
-		return template.HTML(`<svg id="low" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
+		return template.HTML(`<svg id="severity-icon" class="icon low" fill="none" xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 16 16">
 			 <rect width="16" height="16" rx="2" fill="#88879E"/>
 			 <path d="M11 11v2H6.705v-2H11ZM7 3v10H5V3h2Z" fill="#fff"/>
 		 </svg>`)