Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pr bitbucket delete event support #932

Merged
merged 2 commits into from
Feb 16, 2022
Merged

Pr bitbucket delete event support #932

merged 2 commits into from
Feb 16, 2022

Conversation

HussainS12
Copy link
Contributor

By submitting a PR to this repository, you agree to the terms within the Checkmarx Code of Conduct. Please see the contributing guidelines for how to create and submit a high-quality PR for this repo.

Description

This PR adds feature to delete project in CxSAST when an unprotected branch is deleted in BitBucket server

Testing

Configured CxFlow with Bitbucket server(on-prem) and created a PR which created project with name JavaVulnerabilityLabE-branch-name.
In CxSAST the count of total used projects incremented by 1.
When branch was deleted from Bitbucket server PUSH event with type DELETE was fired and DELETE event was handled.
After processing the DELETE event project was deleted from CxSAST server and the total used projects count decremented by 1.

Checklist

  • I have added documentation for new/changed functionality in this PR (if applicable). If documentation is a Wiki Update, please indicate desired changes within PR MD Comment
  • All active GitHub checks for tests, formatting, and security are passing
  • The correct base branch is being used

@cxflowtestuser
Copy link
Collaborator

Scan submitted to Checkmarx

@cxflowtestuser
Copy link
Collaborator

Logo
Checkmarx SAST - Scan Summary & Details

Cx-SAST Summary

Total of 2519 vulnerabilities
High 0 High
Medium 0 Medium
Low 2373 Low
Info 146 Info

Violation Summary

No policy violation found

Cx-SAST Details

Lines Severity Category File Link

Logo
Checkmarx SCA - Scan Summary & Details

Cx-SCA Summary

Total Packages Identified: 271
Scan Risk Score: 9.80

High 4 High severity vulnerabilities
Medium 0 Medium severity vulnerabilities
Low 1 Low severity vulnerabilities
View more details on Checkmarx UI

Cx-SCA vulnerability result overview

Vulnerability ID Package Severity CVSS score Publish date Current version Recommended version Link in CxSCA Reference – NVD link
CVE-2016-1000031 commons-fileupload:commons-fileupload HIGH 9.8 2016-10-25T14:29:00 1.0 Vulnerability Link CVE-2016-1000031
CVE-2016-3092 commons-fileupload:commons-fileupload HIGH 7.5 2016-07-04T22:59:00 1.0 Vulnerability Link CVE-2016-3092
CVE-2014-0050 commons-fileupload:commons-fileupload HIGH 7.5 2014-04-01T06:27:00 1.0 Vulnerability Link CVE-2014-0050
CVE-2013-2186 commons-fileupload:commons-fileupload HIGH 7.5 2013-10-28T21:55:00 1.0 Vulnerability Link CVE-2013-2186
CVE-2013-0248 commons-fileupload:commons-fileupload LOW 3.3 2013-03-15T20:55:00 1.0 Vulnerability Link CVE-2013-0248

@HussainS12 HussainS12 merged commit fa02b88 into develop Feb 16, 2022
@HussainS12 HussainS12 mentioned this pull request Feb 17, 2022
Closed
@HussainS12 HussainS12 linked an issue Feb 17, 2022 that may be closed by this pull request
Branch deletion handling with Bitbucket Server #644
Closed
@HussainS12 HussainS12 mentioned this pull request Feb 17, 2022
Closed
@HussainS12 HussainS12 linked an issue Feb 17, 2022 that may be closed by this pull request
Bitbucket Server - Delete CxSAST project on DELETE event #645
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DhavalPatelPersistent DhavalPatelPersistent DhavalPatelPersistent approved these changes

Assignees
No one assigned
Labels
size/M
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Bitbucket Server - Delete CxSAST project on DELETE event Branch deletion handling with Bitbucket Server
3 participants
@HussainS12 @cxflowtestuser @DhavalPatelPersistent