-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update CheckMarx One parser for imports where description is None #11308
Conversation
DryRun Security SummaryThe provided code changes focus on improving the robustness and reliability of the Checkmarx One parser by addressing various security-related concerns, including adding a new test case to handle missing vulnerability descriptions, enhancing the handling of missing vulnerability descriptions in the parser, and improving the formatting of vulnerability category information in the parser output. Expand for full summarySummary: The provided code changes focus on improving the robustness and reliability of the Checkmarx One parser by addressing various security-related concerns. The changes include adding a new test case to handle missing vulnerability descriptions, enhancing the handling of missing vulnerability descriptions in the parser, and improving the formatting of vulnerability category information in the parser output. These changes are positive from an application security perspective, as they help to ensure that the parser can gracefully handle a variety of input formats and edge cases, improving the overall security and reliability of the application. By providing meaningful descriptions for findings even when the original description is missing and formatting the vulnerability category information in a more readable way, the parser can help the security team more effectively identify and address security issues in the codebase. Additionally, the code changes include the addition of a new unit test case, which increases the overall test coverage of the Checkmarx One parser. This is a good security practice, as it helps to ensure the reliability and maintainability of the application. Files Changed:
Code AnalysisWe ran Riskiness🟢 Risk threshold not exceeded. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved
Modified the parser to accept the case where results may have a missing description. The description and title is then taken from the severity + queryName
[sc-8947]