Skip to content

Commit

Permalink
Sonarqube flow field contains dict (#10290)
Browse files Browse the repository at this point in the history 
* Sonarqube flow field contains dict

* fix bugs
  • Loading branch information
@manuel-sommer
manuel-sommer authored Jun 3, 2024
1 parent 73a5a41 commit 409caf1
Show file tree
Hide file tree
Showing 2 changed files with 54 additions and 23 deletions.
44 changes: 22 additions & 22 deletions dojo/tools/sonarqube/sonarqube_restapi_json.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,12 @@ def get_json_items(self, json_content, test, mode):
component = issue.get("component")
project = issue.get("project")
line = str(issue.get("line"))
textRange = issue.get("textRange")
flows = issue.get("flows")
textRange = issue.get("textRange", {})
flows = issue.get("flows", [])
status = issue.get("status")
message = issue.get("message")
tags = issue.get("tags")
type = issue.get("type")
tags = issue.get("tags", [])
bugtype = issue.get("type")
scope = issue.get("scope")
quickFixAvailable = str(issue.get("quickFixAvailable"))
codeVariants = str(issue.get("codeVariants"))
Expand All @@ -29,18 +29,18 @@ def get_json_items(self, json_content, test, mode):
description += "**component:** " + component + "\n"
description += "**project:** " + project + "\n"
description += "**line:** " + line + "\n"
if textRange != {}:
if bool(textRange):
res = []
for item in textRange:
res.append(item + ": " + str(textRange[item]))
description += "**textRange:** " + ", ".join(res) + "\n"
if flows != []:
description += "**flows:** " + ", ".join(flows) + "\n"
description += "**flows:** " + str(flows) + "\n"
description += "**status:** " + status + "\n"
description += "**message:** " + message + "\n"
if tags != []:
description += "**tags:** " + ", ".join(tags) + "\n"
description += "**type:** " + type + "\n"
description += "**type:** " + bugtype + "\n"
description += "**scope:** " + scope + "\n"
description += self.returncomponent(json_content, component)
item = Finding(
Expand All @@ -57,7 +57,7 @@ def get_json_items(self, json_content, test, mode):
rule = issue.get("rule")
component = issue.get("component")
project = issue.get("project")
flows = issue.get("flows")
flows = issue.get("flows", [])
status = issue.get("status")
message = issue.get("message")
cwe = None
Expand Down Expand Up @@ -86,15 +86,15 @@ def get_json_items(self, json_content, test, mode):
component_version = None
scope = issue.get("scope")
quickFixAvailable = str(issue.get("quickFixAvailable"))
codeVariants = issue.get("codeVariants")
tags = issue.get("tags")
codeVariants = issue.get("codeVariants", [])
tags = issue.get("tags", [])
description = ""
description += "**key:** " + key + "\n"
description += "**rule:** " + rule + "\n"
description += "**component:** " + component + "\n"
description += "**project:** " + project + "\n"
if flows != []:
description += "**flows:** " + ", ".join(flows) + "\n"
description += "**flows:** " + str(flows) + "\n"
description += "**status:** " + status + "\n"
description += "**message:** " + message + "\n"
description += "**scope:** " + scope + "\n"
Expand Down Expand Up @@ -147,26 +147,26 @@ def get_json_items(self, json_content, test, mode):
component = issue.get("component")
project = issue.get("project")
line = str(issue.get("line"))
textRange = issue.get("textRange")
flows = issue.get("flows")
textRange = issue.get("textRange", {})
flows = issue.get("flows", [])
status = issue.get("status")
message = issue.get("message")
tags = issue.get("tags")
tags = issue.get("tags", [])
scope = issue.get("scope")
quickFixAvailable = str(issue.get("quickFixAvailable"))
codeVariants = issue.get("codeVariants")
codeVariants = issue.get("codeVariants", [])
description = ""
description += "**rule:** " + rule + "\n"
description += "**component:** " + component + "\n"
description += "**project:** " + project + "\n"
description += "**line:** " + line + "\n"
if textRange != {}:
if bool(textRange):
res = []
for item in textRange:
res.append(item + ": " + str(textRange[item]))
description += "**textRange:** " + ", ".join(res) + "\n"
if flows != []:
description += "**flows:** " + ", ".join(flows) + "\n"
description += "**flows:** " + str(flows) + "\n"
description += "**status:** " + status + "\n"
description += "**message:** " + message + "\n"
if tags != []:
Expand Down Expand Up @@ -195,10 +195,10 @@ def get_json_items(self, json_content, test, mode):
status = hotspot.get("status")
line = str(hotspot.get("line"))
message = hotspot.get("message")
textRange = hotspot.get("textRange")
flows = hotspot.get("flows")
textRange = hotspot.get("textRange", {})
flows = hotspot.get("flows", [])
ruleKey = hotspot.get("ruleKey")
messageFormattings = hotspot.get("messageFormattings")
messageFormattings = hotspot.get("messageFormattings", [])
description = ""
description += "**key:** " + key + "\n"
description += "**component:** " + component + "\n"
Expand All @@ -207,13 +207,13 @@ def get_json_items(self, json_content, test, mode):
description += "**status:** " + status + "\n"
description += "**line:** " + line + "\n"
description += "**message:** " + message + "\n"
if textRange != {}:
if bool(textRange):
res = []
for item in textRange:
res.append(item + ": " + str(textRange[item]))
description += "**textRange:** " + ", ".join(res) + "\n"
if flows != []:
description += "**flows:** " + ", ".join(flows) + "\n"
description += "**flows:** " + str(flows) + "\n"
description += "**ruleKey:** " + ruleKey + "\n"
if messageFormattings != []:
description += "**messageFormattings:** " + ", ".join(messageFormattings) + "\n"
Expand Down
33 changes: 32 additions & 1 deletion unittests/scans/sonarqube/findings_over_api.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,38 @@
"severity": "MAJOR",
"component": "testapplication",
"project": "testapplication",
"flows": [],
"flows": [
{
"locations": [
{
"component": "asdfsdf",
"textRange": {
"startLine": 1,
"endLine": 2,
"startOffset": 3,
"endOffset": 4
},
"msg": "sdfasfdasfd",
"msgFormattings": []
}
]
},
{
"locations": [
{
"component": "nonono",
"textRange": {
"startLine": 2,
"endLine": 4,
"startOffset": 7,
"endOffset": 9
},
"msg": "fghjfghjgfj",
"msgFormattings": []
}
]
}
],
"status": "OPEN",
"message": "Filename: package:1.1.2 | Reference: CVE-2024-2529 | CVSS Score: 6.4 | Category: CWE-120 | Versions of the package vulndescription .",
"author": "",
Expand Down

0 comments on commit 409caf1

Please sign in to comment.