Print issue number?

[dlionis]

Is your feature request related to a problem? Please describe.
I am trying to find a way to print issue #1, issue #2 etc ... based on the findings. I am aware of {findings | length} however is there any way to loop through them?

Describe the solution you'd like
Something like {index} which would allow me to dynamically print vulnerabilites numbers in the table of results.

Describe alternatives you've considered
N/A

Additional context
N/A

Thank you.

[yeln4ts]

There is the findings[i].identifier index which is an ID incremented when adding findings.
https://pwndoc.github.io/pwndoc/#/docxtemplate?id=findings

[CarlesLlobet]

Hi @yeln4ts,

Indeed, that is an option. However you can't modify this identifier, so it entails several issues:

• If you remove a vulnerability, the identifier is still jumped (e.g: Create vulnerability, delete it, and then add a new one. The new one will have identifier 002).
• It is ordered by addition, so if then you reorder your vulnerabilities from High -> Low, your IDs will look like PEN-006,PEN-001, PEN-003, etc, which looks odd. And obviously, you'll never find vulnerabilities in a pentest perfectly ordered from High to Low. Therefore, it forces you to finish your pentest without creating any finding (taking notes elsewhere), and then introduce them in the order you'd like in the pentest.
• Moreover, if you decide to then change that order, you'd need to create a new assessment and input them all again in the new order.

Because of the above, and some more minor things, the identifier tag is not really usable for Vuln IDs (unless you implement a way of editing it from the UI).

It'd be lovely to have a feature that lets you re-order the vulnerabilities once added (UI Drag&Drop), and re-generates their identifier based on the order of the list.
However I understand that's a complex feature, so it'd be nice to at least be able to access Docxtemplater "$index", so that if you reorder vulnerabilities as you like, you can name them appropriately from VULN-001 -> VULN-XXX.

[yeln4ts]

It seems the index is included in default docxtemplater expressions which was added in the latest versions. This should work when updating docxtemplater module

[CarlesLlobet]

Nice! Thanks for your prompt response

Thrilled to see the update of docxtemplater coming soon and be able to use $index 💪

[CarlesLlobet]

Couldn't wait and tested to update docxtemplater to 3.37.12.
Still no luck, using $index gets me an 'undefined'.

Specifically, I'm testing with this template:
{#findings | where: '(cvss.baseSeverity != "")' | sortArrayByField: 'cvss.baseMetricScore':-1 } {@’VULN-‘+($index+1) | bookmarkRef | p} {/}

And I get VULN-1 into all of them (since I add 1 to avoid #0)

Its weird cause we do define it within the parser

EDIT

Just saw this Issue comment, maybe not only we have to update but also use expressionsParser