Add elif for "component" in content for list of Findings

"vulnerabilities" is replaced with "response" since it is an API 3.0 Platform call to retrieve a project SCA dependency vulns. Furthermore, "libraries" is replaced with "component" in the updated 3.0 Platform output
DefectDojo · Nov 14, 2024 · 52776b1 · 52776b1
1 parent 5a9f279
commit 52776b1
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/dojo/tools/mend/parser.py b/dojo/tools/mend/parser.py
@@ -196,6 +196,12 @@ def _build_common_output(node, lib_name=None):
             tree_node = content["vulnerabilities"]
             for node in tree_node:
                 findings.append(_build_common_output(node))
+
+        elif "component" in content:
+            # likely a Mend Platform or 3.0 API SCA output - "library" is replaced as "component"
+            tree_node = content["response"]
+            for node in tree_node:
+                findings.append(_build_common_output(node))
 
         def create_finding_key(f: Finding) -> str:
             """Hashes the finding's description and title to retrieve a key for deduplication."""