Updates to fod issue update command to fix errors and improvements
#903
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…te and make it more robust (closes fortify#899,fortify#900,fortify#901)
There was a problem hiding this comment.
Pull request overview
This PR updates the fcli fod issue update command to fix errors and add enhancements. The changes address three issues: fixing a typo in "Not an Issue" status (#899), adding support for custom developer/auditor statuses as configurable attributes rather than hard-coded enums (#901), and adding attribute support for issue updates (#900). This is a breaking change as the --dev-status and --auditor-status options now accept string values instead of enum values.
Changes:
- Converted
--dev-statusand--auditor-statusfrom enum types to string types with runtime validation against FoD attribute picklists - Added attribute caching mechanism in
FoDIssueHelperto optimize bulk updates - Added validation to filter invalid vulnerability IDs before attempting updates
- Added support for
--attributesoption to update issue attributes - Fixed typo in
AuditorStatusTypeenum ("Not an Issues" → "Not an Issue") and added newIssueandScanattribute types toAttributeTypesenum
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 8 comments.
Show a summary per file
| File | Description |
|---|---|
| FoDMessages.properties | Removed trailing whitespace, updated output table headers to include totalCount/updateCount/skippedCount, updated command descriptions to clarify ID formats, added documentation for new --attributes option |
| FoDEnums.java | Fixed typo in AuditorStatusType ("Not an Issues" → "Not an Issue"), added Issue(5) and Scan(6) to AttributeTypes enum |
| FoDBulkIssueUpdateRequest.java | Added attributes field (JsonNode) to support issue attribute updates |
| FoDIssueHelper.java | Added attribute caching (loadAllAttributes, getAttributeDescriptorFromCache), validation methods (resolveStatusValue, filterRequestedVulnIds), and attribute building (buildIssueAttributesNode) |
| FoDIssueUpdateCommand.java | Changed status fields from enums to Strings, added attribute support via mixin, added filtering/validation of vuln IDs, updated action result reporting |
Comments suppressed due to low confidence (1)
fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/util/FoDEnums.java:506
- The fromInt method is missing cases for the new Issue (5) and Scan (6) attribute types. When values 5 or 6 are passed to this method, it will incorrectly return Release instead of the expected Issue or Scan types. Add case statements for these new enum values to ensure correct mapping.
public static AttributeTypes fromInt(int val) {
switch (val) {
case 0:
return All;
case 1:
return Application;
case 2:
return Vulnerability;
case 3:
return Microservice;
case 4:
default:
return Release;
}
}
fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/i18n/FoDMessages.properties
Outdated
Show resolved
Hide resolved
fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/i18n/FoDMessages.properties
Outdated
Show resolved
Hide resolved
fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/issue/cli/cmd/FoDIssueUpdateCommand.java
Show resolved
Hide resolved
fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/issue/cli/cmd/FoDIssueUpdateCommand.java
Show resolved
Hide resolved
fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/issue/helper/FoDIssueHelper.java
Outdated
Show resolved
Hide resolved
fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/issue/helper/FoDIssueHelper.java
Outdated
Show resolved
Hide resolved
fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/issue/helper/FoDIssueHelper.java
Show resolved
Hide resolved
fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/issue/cli/cmd/FoDIssueUpdateCommand.java
Outdated
Show resolved
Hide resolved
…previous enum values for backwards compatibility
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is change for the
fcli fod issue updatecommand that includes fixes and update to handle bulk updates of attributes.See Pull request overview below for more detailed description of changes.
Closes #899,#900,#901