Skip to content

merge #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jie-lin merged 26 commits into from
Feb 28, 2020
Merged

merge #1

Changes from 1 commit
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
ec77791
Merge pull request #83 from jie-lin/master
davewichers Sep 19, 2019
7920417
Add scorecard generation support for LGTM SAST.
davewichers Sep 22, 2019
be03bd1
Merge branch 'master' of https://github.com/OWASP/benchmark
davewichers Sep 22, 2019
2b6d779
Minor tweak to README
davewichers Oct 12, 2019
07ba24b
Add KiuwanReader.java and integrate with BenchmarkScore.java
davewichers Nov 2, 2019
0f9ffeb
fix kiuwan reader
mcprol Nov 10, 2019
36f6646
Enhance buildDockerImage script so it pulls ubuntu:latest every time …
davewichers Nov 11, 2019
1d47fd1
Enable the last 2 lines of the script, which I commented out for
davewichers Nov 11, 2019
34bddfd
Update HCLReader.java
Nov 13, 2019
ef29183
Added Checkmrax JSON parser
pnpo Nov 17, 2019
f4c7303
read analysis metadata from threadfix report
mcprol Nov 18, 2019
dc264e7
Merge pull request #85 from mcprol/master
davewichers Nov 18, 2019
5d073fb
Merge pull request #84 from Guluis/master
davewichers Nov 18, 2019
8bfc658
Completed processing of Checkmarx JSON files
pnpo Nov 23, 2019
4957c63
Merge pull request #86 from pnpo/master
davewichers Nov 23, 2019
d2a3ae1
Use CWE in findings list report instead of problem type mapping
jankuehl Dec 3, 2019
dd34136
Use problem type <-> CWE number mapping for older reports
jankuehl Dec 3, 2019
a53ec0a
Merge pull request #87 from RIGS-IT/xanitizer
davewichers Dec 3, 2019
453bc2e
Minor formatting improvements to BenchmarkScore.java
davewichers Dec 6, 2019
330794d
Update VeracodeReader.java
tjarrettveracode Dec 18, 2019
cfa5472
Update VeracodeReader.java
davewichers Dec 26, 2019
fd0a7ee
Merge pull request #89 from tjarrettveracode/master
davewichers Dec 26, 2019
c5cc852
Slight tweak to Dockerfile
davewichers Dec 27, 2019
8c33bae
Merge branch 'master' of https://github.com/OWASP/benchmark
davewichers Dec 27, 2019
f1f0256
Corrected issue with CWE parsing
cx-nuno-oliveira Jan 7, 2020
4d7c7ba
Merge pull request #91 from pnpo/master
davewichers Jan 10, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Update HCLReader.java 
Update to parse new reporting mechanism in HCL IAST
  • Loading branch information
gal.benyair committed Nov 13, 2019
commit 34bddfd6046191b9ed5911cf7327b03e1b85c06a
8 changes: 4 additions & 4 deletions src/main/java/org/owasp/benchmark/score/parsers/HCLReader.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,15 +72,15 @@ private void parseFindings(TestResults tr, String json) throws Exception {
TestCaseResult tcr = new TestCaseResult();

try {
String splitJson = json.split("writeVulnerabilityToFile - ")[1];
String splitJson = json.substring(json.indexOf("{"));
JSONObject obj = new JSONObject(splitJson);
JSONObject result = obj.getJSONObject("result");
JSONObject result = obj.getJSONArray("issue-group").getJSONObject(0);

String ruleId = result.getString( "ruleId" );
String ruleId = result.getJSONObject("issue-type").getString( "ref" );
tcr.setCWE(cweLookup(ruleId));
tcr.setCategory(ruleId);

JSONObject request = result.getJSONObject("request");
JSONObject request = result.getJSONArray("variant-group").getJSONObject(0).getJSONObject("request");
String uri = request.getString("uri" );

if ( uri.contains( "BenchmarkTest" ) ) {
Expand Down