Skip to content

Commit

Permalink
yarn_audit: migrate from cve to unsaved_vulnerability_ids (DefectDojo…
Browse files Browse the repository at this point in the history 
…#9833)
  • Loading branch information
@manuel-sommer @hblankenship
manuel-sommer authored and hblankenship committed Apr 26, 2024
1 parent 8b10658 commit cc8917d
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 1 deletion.
5 changes: 4 additions & 1 deletion dojo/tools/yarn_audit/parser.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,6 @@ def get_items_auditci(self, tree, test): # https://github.com/DefectDojo/django
test=test,
severity=self.severitytranslator(severity=tree.get("advisories").get(element).get("severity")),
description=description,
cve=tree.get("advisories").get(element).get("cves")[0],
mitigation=tree.get("advisories").get(element).get("recommendation"),
references=url + "\n" + references,
component_name=tree.get("advisories").get(element).get("module_name"),
Expand All @@ -98,6 +97,10 @@ def get_items_auditci(self, tree, test): # https://github.com/DefectDojo/django
static_finding=True,
dynamic_finding=False,
)
if tree.get("advisories").get(element).get("cves") != []:
dojo_finding.unsaved_vulnerability_ids = list()
for cve in tree.get("advisories").get(element).get("cves"):
dojo_finding.unsaved_vulnerability_ids.append(cve)
if tree.get("advisories").get(element).get("cwe") != []:
dojo_finding.cwe = tree.get("advisories").get(element).get("cwe")[0].strip("CWE-")
items.append(dojo_finding)
Expand Down
4 changes: 4 additions & 0 deletions unittests/tools/test_yarn_audit_parser.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,8 @@ def test_yarn_audit_parser_with_multiple_cwes_per_finding_list(self):
self.assertEqual(2, len(findings))
self.assertEqual(findings[0].cwe, 918)
self.assertEqual(findings[1].cwe, 1035)
self.assertEqual(findings[1].cve, None)
self.assertEqual(findings[1].unsaved_vulnerability_ids[0], "CVE-2021-3807")

def test_yarn_audit_parser_empty_with_error(self):
with self.assertRaises(ValueError) as context:
Expand All @@ -76,3 +78,5 @@ def test_yarn_audit_parser_issue_6495(self):
findings = parser.get_findings(testfile, self.get_test())
self.assertEqual(3, len(findings))
self.assertEqual(findings[0].cwe, "1321")
self.assertEqual(findings[1].unsaved_vulnerability_ids[0], "CVE-2022-25851")
self.assertEqual(findings[1].cve, None)

0 comments on commit cc8917d

Please sign in to comment.