Skip to content

Commit

Permalink
Veracode: Add additional severity mappings for other informational fi…
Browse files Browse the repository at this point in the history
…ndings (#8653)

* Add additional severity mappings for other informational findings

* Update unit tests
  • Loading branch information
Maffooch authored Sep 13, 2023
1 parent 16c4462 commit 59870cc
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
2 changes: 1 addition & 1 deletion Dockerfile.integration-tests-debian
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ RUN \
chrome_version=$(apt-cache show google-chrome-stable | grep Version | awk '{print $2}' | cut -d '-' -f 1) && \
chrome_version_blob=$(curl -k https://googlechromelabs.github.io/chrome-for-testing/known-good-versions-with-downloads.json | jq ".versions[] | select(.version==\"$chrome_version\")") && \
chromedriver_url=$(echo $chrome_version_blob | jq -r ".downloads.chromedriver[] | select(.platform==\"linux64\") | .url") && \
wget https://edgedl.me.gvt1.com/edgedl/chrome/chrome-for-testing/115.0.5790.98/linux64/chromedriver-linux64.zip && \
wget $chromedriver_url && \
unzip -j chromedriver-linux64.zip chromedriver-linux64/chromedriver && \
rm -rf chromedriver-linux64.zip && \
chmod -R 0755 .
Expand Down
3 changes: 2 additions & 1 deletion dojo/tools/veracode/json_parser.py
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ class VeracodeJSONParser(object):
"""

severity_mapping = {
0: "Info",
1: "Info",
2: "Low",
3: "Medium",
Expand Down Expand Up @@ -89,7 +90,7 @@ def get_items(self, tree, test):

def create_finding_from_details(self, finding_details, scan_type, policy_violated) -> Finding:
# Fetch the common attributes that should be in every scan type
severity = self.severity_mapping.get(finding_details.get("severity", 1))
severity = self.severity_mapping.get(finding_details.get("severity", 1), 1)
# Set up the finding with just severity for now
finding = Finding(
title=f"{scan_type} Finding",
Expand Down

3 comments on commit 59870cc

@alles-klar
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Maffooch This PR breaks non cache based docker builds because $chrome_version is 116.0.5845.187 but https://googlechromelabs.github.io/chrome-for-testing/known-good-versions-with-downloads.json does not contain this version. This results in an empty $chromedriver_url variable.

@kiblik
Copy link
Contributor

@kiblik kiblik commented on 59870cc Sep 28, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Maffooch
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh man it appeared to fix itself after the last time it broke. That would mean we have to pin to a version of chromedriver and chrome

Please sign in to comment.