From df04f24ad5073eac75906ace10b790ecd5671144 Mon Sep 17 00:00:00 2001
From: manuelsommer <47991713+manuel-sommer@users.noreply.github.com>
Date: Fri, 22 Dec 2023 18:09:02 +0100
Subject: [PATCH] add component to blackduckimporter #9145 (#9148)

* add component to blackduckimporter #9145

* added unittests

* :bug: fix unittest
---
 dojo/tools/blackduck/importer.py         | 4 ++--
 unittests/tools/test_blackduck_parser.py | 9 +++++++++
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/dojo/tools/blackduck/importer.py b/dojo/tools/blackduck/importer.py
index 2a2048b2dc0..6cf5eb95d94 100644
--- a/dojo/tools/blackduck/importer.py
+++ b/dojo/tools/blackduck/importer.py
@@ -106,8 +106,8 @@ def _process_project_findings(
                     security_issue_dict.get("Description"),
                     security_issue_dict.get("Security Risk"),
                     security_issue_dict.get("Impact"),
-                    security_issue_dict.get("Project name"),
-                    security_issue_dict.get("Version"),
+                    security_issue_dict.get("Component name") or security_issue_dict.get("Project name"),
+                    security_issue_dict.get("Component version name") or security_issue_dict.get("Version"),
                     security_issue_dict.get("Vulnerability source"),
                     security_issue_dict.get("URL"),
                     security_issue_dict.get("Channel version origin id"),
diff --git a/unittests/tools/test_blackduck_parser.py b/unittests/tools/test_blackduck_parser.py
index f6729030094..522b6f0bfd1 100644
--- a/unittests/tools/test_blackduck_parser.py
+++ b/unittests/tools/test_blackduck_parser.py
@@ -25,12 +25,21 @@ def test_blackduck_csv_parser_has_many_findings(self):
         findings = list(findings)
         self.assertEqual(1, len(findings[10].unsaved_vulnerability_ids))
         self.assertEqual("CVE-2007-3386", findings[10].unsaved_vulnerability_ids[0])
+        self.assertEqual(findings[4].component_name, "Apache Tomcat")
+        self.assertEqual(findings[2].component_name, "Apache HttpComponents Client")
+        self.assertEqual(findings[4].component_version, "5.5.23")
+        self.assertEqual(findings[2].component_version, "4.5.2")
 
     def test_blackduck_csv_parser_new_format_has_many_findings(self):
         testfile = Path(get_unit_tests_path() + "/scans/blackduck/many_vulns_new_format.csv")
         parser = BlackduckParser()
         findings = parser.get_findings(testfile, Test())
+        findings = list(findings)
         self.assertEqual(9, len(findings))
+        self.assertEqual(findings[0].component_name, "kryo")
+        self.assertEqual(findings[2].component_name, "jackson-databind")
+        self.assertEqual(findings[0].component_version, "3.0.3")
+        self.assertEqual(findings[2].component_version, "2.9.9.3")
 
     def test_blackduck_enhanced_has_many_findings(self):
         testfile = Path(