Skip to content

Commit

Permalink
🎉 add file_path to SonarQube findings
Browse files Browse the repository at this point in the history
  • Loading branch information
@manuel-sommer
manuel-sommer committed Oct 16, 2024
1 parent 6b79840 commit 9417f1c
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 0 deletions.
3 changes: 3 additions & 0 deletions dojo/tools/sonarqube/sonarqube_restapi_json.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,7 @@ def get_json_items(self, json_content, test, mode):
component_version=component_version,
cwe=cwe,
cvssv3_score=cvss,
file_path=component,
tags=["vulnerability"],
)
vulnids = []
Expand Down Expand Up @@ -183,6 +184,7 @@ def get_json_items(self, json_content, test, mode):
severity=self.severitytranslator(issue.get("severity")),
static_finding=True,
dynamic_finding=False,
file_path=component,
tags=["code_smell"],
)
items.append(item)
Expand Down Expand Up @@ -225,6 +227,7 @@ def get_json_items(self, json_content, test, mode):
severity=self.severitytranslator(hotspot.get("vulnerabilityProbability")),
static_finding=True,
dynamic_finding=False,
file_path=component,
tags=["hotspot"],
)
items.append(item)
Expand Down
1 change: 1 addition & 0 deletions unittests/tools/test_sonarqube_parser.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -642,6 +642,7 @@ def test_parse_json_file_from_api_with_multiple_findings_zip(self):
item = findings[0]
self.assertEqual(str, type(item.description))
self.assertEqual("OWASP:UsingComponentWithKnownVulnerability_fjioefjwoefijo", item.title)
self.assertEqual("Wtest", item.file_path)
self.assertEqual("Medium", item.severity)
item = findings[3]
self.assertEqual("OWASP:UsingComponentWithKnownVulnerability_fjioefjwo1123efijo", item.title)
Expand Down

0 comments on commit 9417f1c

Please sign in to comment.