diff --git a/README.md b/README.md index d86e366..e017c21 100644 --- a/README.md +++ b/README.md @@ -145,6 +145,7 @@ sast: value: "2555" - type: "find_sec_bugs_type" value: "SPRING_ENDPOINT" + - id: "db914ce5737b49650ae650fc3b0fe38a531eadd8ea780f48a013419c4adec7f0" ``` And now you can modify execution commands as follows: diff --git a/poetry.lock b/poetry.lock index c4b6a5a..39e8dac 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,22 +1,5 @@ # This file is automatically @generated by Poetry 1.8.3 and should not be changed by hand. -[[package]] -name = "attrs" -version = "22.1.0" -description = "Classes Without Boilerplate" -optional = false -python-versions = ">=3.5" -files = [ - {file = "attrs-22.1.0-py2.py3-none-any.whl", hash = "sha256:86efa402f67bf2df34f51a335487cf46b1ec130d02b8d39fd248abfd30da551c"}, - {file = "attrs-22.1.0.tar.gz", hash = "sha256:29adc2665447e5191d0e7c568fde78b21f9672d344281d0c6e1ab085429b22b6"}, -] - -[package.extras] -dev = ["cloudpickle", "coverage[toml] (>=5.0.2)", "furo", "hypothesis", "mypy (>=0.900,!=0.940)", "pre-commit", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins", "sphinx", "sphinx-notfound-page", "zope.interface"] -docs = ["furo", "sphinx", "sphinx-notfound-page", "zope.interface"] -tests = ["cloudpickle", "coverage[toml] (>=5.0.2)", "hypothesis", "mypy (>=0.900,!=0.940)", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins", "zope.interface"] -tests-no-zope = ["cloudpickle", "coverage[toml] (>=5.0.2)", "hypothesis", "mypy (>=0.900,!=0.940)", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins"] - [[package]] name = "colorama" version = "0.4.6" @@ -30,13 +13,13 @@ files = [ [[package]] name = "exceptiongroup" -version = "1.0.0" +version = "1.2.2" description = "Backport of PEP 654 (exception groups)" optional = false python-versions = ">=3.7" files = [ - {file = "exceptiongroup-1.0.0-py3-none-any.whl", hash = "sha256:2ac84b496be68464a2da60da518af3785fff8b7ec0d090a581604bc870bdee41"}, - {file = "exceptiongroup-1.0.0.tar.gz", hash = "sha256:affbabf13fb6e98988c38d9c5650e701569fe3c1de3233cfb61c5f33774690ad"}, + {file = "exceptiongroup-1.2.2-py3-none-any.whl", hash = "sha256:3111b9d131c238bec2f8f516e123e14ba243563fb135d3fe885990585aa7795b"}, + {file = "exceptiongroup-1.2.2.tar.gz", hash = "sha256:47c2edf7c6738fafb49fd34290706d1a1a2f4d1c6df275526b62cbb4aa5393cc"}, ] [package.extras] @@ -44,13 +27,13 @@ test = ["pytest (>=6)"] [[package]] name = "iniconfig" -version = "1.1.1" -description = "iniconfig: brain-dead simple config-ini parsing" +version = "2.0.0" +description = "brain-dead simple config-ini parsing" optional = false -python-versions = "*" +python-versions = ">=3.7" files = [ - {file = "iniconfig-1.1.1-py2.py3-none-any.whl", hash = "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3"}, - {file = "iniconfig-1.1.1.tar.gz", hash = "sha256:bc3af051d7d14b2ee5ef9969666def0cd1a000e121eaea580d4a313df4b37f32"}, + {file = "iniconfig-2.0.0-py3-none-any.whl", hash = "sha256:b6a85871a79d2e3b22d2d1b94ac2824226a63c6b741c88f7ae975f18b6778374"}, + {file = "iniconfig-2.0.0.tar.gz", hash = "sha256:2d91e135bf72d31a410b17c16da610a82cb55f6b0477d1a902134b24a455b8b3"}, ] [[package]] @@ -69,60 +52,42 @@ six = "*" [[package]] name = "packaging" -version = "21.3" +version = "24.2" description = "Core utilities for Python packages" optional = false -python-versions = ">=3.6" +python-versions = ">=3.8" files = [ - {file = "packaging-21.3-py3-none-any.whl", hash = "sha256:ef103e05f519cdc783ae24ea4e2e0f508a9c99b2d4969652eed6a2e1ea5bd522"}, - {file = "packaging-21.3.tar.gz", hash = "sha256:dd47c42927d89ab911e606518907cc2d3a1f38bbd026385970643f9c5b8ecfeb"}, + {file = "packaging-24.2-py3-none-any.whl", hash = "sha256:09abb1bccd265c01f4a3aa3f7a7db064b36514d2cba19a2f694fe6150451a759"}, + {file = "packaging-24.2.tar.gz", hash = "sha256:c228a6dc5e932d346bc5739379109d49e8853dd8223571c7c5b55260edc0b97f"}, ] -[package.dependencies] -pyparsing = ">=2.0.2,<3.0.5 || >3.0.5" - [[package]] name = "pluggy" -version = "1.0.0" +version = "1.5.0" description = "plugin and hook calling mechanisms for python" optional = false -python-versions = ">=3.6" +python-versions = ">=3.8" files = [ - {file = "pluggy-1.0.0-py2.py3-none-any.whl", hash = "sha256:74134bbf457f031a36d68416e1509f34bd5ccc019f0bcc952c7b909d06b37bd3"}, - {file = "pluggy-1.0.0.tar.gz", hash = "sha256:4224373bacce55f955a878bf9cfa763c1e360858e330072059e10bad68531159"}, + {file = "pluggy-1.5.0-py3-none-any.whl", hash = "sha256:44e1ad92c8ca002de6377e165f3e0f1be63266ab4d554740532335b9d75ea669"}, + {file = "pluggy-1.5.0.tar.gz", hash = "sha256:2cffa88e94fdc978c4c574f15f9e59b7f4201d439195c3715ca9e2486f1d0cf1"}, ] [package.extras] dev = ["pre-commit", "tox"] testing = ["pytest", "pytest-benchmark"] -[[package]] -name = "pyparsing" -version = "3.0.9" -description = "pyparsing module - Classes and methods to define and execute parsing grammars" -optional = false -python-versions = ">=3.6.8" -files = [ - {file = "pyparsing-3.0.9-py3-none-any.whl", hash = "sha256:5026bae9a10eeaefb61dab2f09052b9f4307d44aee4eda64b309723d8d206bbc"}, - {file = "pyparsing-3.0.9.tar.gz", hash = "sha256:2b020ecf7d21b687f219b71ecad3631f644a47f01403fa1d1036b0c6416d70fb"}, -] - -[package.extras] -diagrams = ["jinja2", "railroad-diagrams"] - [[package]] name = "pytest" -version = "7.2.0" +version = "7.4.4" description = "pytest: simple powerful testing with Python" optional = false python-versions = ">=3.7" files = [ - {file = "pytest-7.2.0-py3-none-any.whl", hash = "sha256:892f933d339f068883b6fd5a459f03d85bfcb355e4981e146d2c7616c21fef71"}, - {file = "pytest-7.2.0.tar.gz", hash = "sha256:c4014eb40e10f11f355ad4e3c2fb2c6c6d1919c73f3b5a433de4708202cade59"}, + {file = "pytest-7.4.4-py3-none-any.whl", hash = "sha256:b090cdf5ed60bf4c45261be03239c2c1c22df034fbffe691abe93cd80cea01d8"}, + {file = "pytest-7.4.4.tar.gz", hash = "sha256:2cf0005922c6ace4a3e2ec8b4080eb0d9753fdc93107415332f50ce9e7994280"}, ] [package.dependencies] -attrs = ">=19.2.0" colorama = {version = "*", markers = "sys_platform == \"win32\""} exceptiongroup = {version = ">=1.0.0rc8", markers = "python_version < \"3.11\""} iniconfig = "*" @@ -131,57 +96,90 @@ pluggy = ">=0.12,<2.0" tomli = {version = ">=1.0.0", markers = "python_version < \"3.11\""} [package.extras] -testing = ["argcomplete", "hypothesis (>=3.56)", "mock", "nose", "pygments (>=2.7.2)", "requests", "xmlschema"] +testing = ["argcomplete", "attrs (>=19.2.0)", "hypothesis (>=3.56)", "mock", "nose", "pygments (>=2.7.2)", "requests", "setuptools", "xmlschema"] [[package]] name = "pyyaml" -version = "6.0" +version = "6.0.2" description = "YAML parser and emitter for Python" optional = false -python-versions = ">=3.6" +python-versions = ">=3.8" files = [ - {file = "PyYAML-6.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:d4db7c7aef085872ef65a8fd7d6d09a14ae91f691dec3e87ee5ee0539d516f53"}, - {file = "PyYAML-6.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:9df7ed3b3d2e0ecfe09e14741b857df43adb5a3ddadc919a2d94fbdf78fea53c"}, - {file = "PyYAML-6.0-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:77f396e6ef4c73fdc33a9157446466f1cff553d979bd00ecb64385760c6babdc"}, - {file = "PyYAML-6.0-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a80a78046a72361de73f8f395f1f1e49f956c6be882eed58505a15f3e430962b"}, - {file = "PyYAML-6.0-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:f84fbc98b019fef2ee9a1cb3ce93e3187a6df0b2538a651bfb890254ba9f90b5"}, - {file = "PyYAML-6.0-cp310-cp310-win32.whl", hash = "sha256:2cd5df3de48857ed0544b34e2d40e9fac445930039f3cfe4bcc592a1f836d513"}, - {file = "PyYAML-6.0-cp310-cp310-win_amd64.whl", hash = "sha256:daf496c58a8c52083df09b80c860005194014c3698698d1a57cbcfa182142a3a"}, - {file = "PyYAML-6.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:d4b0ba9512519522b118090257be113b9468d804b19d63c71dbcf4a48fa32358"}, - {file = "PyYAML-6.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:81957921f441d50af23654aa6c5e5eaf9b06aba7f0a19c18a538dc7ef291c5a1"}, - {file = "PyYAML-6.0-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:afa17f5bc4d1b10afd4466fd3a44dc0e245382deca5b3c353d8b757f9e3ecb8d"}, - {file = "PyYAML-6.0-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:dbad0e9d368bb989f4515da330b88a057617d16b6a8245084f1b05400f24609f"}, - {file = "PyYAML-6.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:432557aa2c09802be39460360ddffd48156e30721f5e8d917f01d31694216782"}, - {file = "PyYAML-6.0-cp311-cp311-win32.whl", hash = "sha256:bfaef573a63ba8923503d27530362590ff4f576c626d86a9fed95822a8255fd7"}, - {file = "PyYAML-6.0-cp311-cp311-win_amd64.whl", hash = "sha256:01b45c0191e6d66c470b6cf1b9531a771a83c1c4208272ead47a3ae4f2f603bf"}, - {file = "PyYAML-6.0-cp36-cp36m-macosx_10_9_x86_64.whl", hash = "sha256:897b80890765f037df3403d22bab41627ca8811ae55e9a722fd0392850ec4d86"}, - {file = "PyYAML-6.0-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:50602afada6d6cbfad699b0c7bb50d5ccffa7e46a3d738092afddc1f9758427f"}, - {file = "PyYAML-6.0-cp36-cp36m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:48c346915c114f5fdb3ead70312bd042a953a8ce5c7106d5bfb1a5254e47da92"}, - {file = "PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:98c4d36e99714e55cfbaaee6dd5badbc9a1ec339ebfc3b1f52e293aee6bb71a4"}, - {file = "PyYAML-6.0-cp36-cp36m-win32.whl", hash = "sha256:0283c35a6a9fbf047493e3a0ce8d79ef5030852c51e9d911a27badfde0605293"}, - {file = "PyYAML-6.0-cp36-cp36m-win_amd64.whl", hash = "sha256:07751360502caac1c067a8132d150cf3d61339af5691fe9e87803040dbc5db57"}, - {file = "PyYAML-6.0-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:819b3830a1543db06c4d4b865e70ded25be52a2e0631ccd2f6a47a2822f2fd7c"}, - {file = "PyYAML-6.0-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:473f9edb243cb1935ab5a084eb238d842fb8f404ed2193a915d1784b5a6b5fc0"}, - {file = "PyYAML-6.0-cp37-cp37m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:0ce82d761c532fe4ec3f87fc45688bdd3a4c1dc5e0b4a19814b9009a29baefd4"}, - {file = "PyYAML-6.0-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:231710d57adfd809ef5d34183b8ed1eeae3f76459c18fb4a0b373ad56bedcdd9"}, - {file = "PyYAML-6.0-cp37-cp37m-win32.whl", hash = "sha256:c5687b8d43cf58545ade1fe3e055f70eac7a5a1a0bf42824308d868289a95737"}, - {file = "PyYAML-6.0-cp37-cp37m-win_amd64.whl", hash = "sha256:d15a181d1ecd0d4270dc32edb46f7cb7733c7c508857278d3d378d14d606db2d"}, - {file = "PyYAML-6.0-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:0b4624f379dab24d3725ffde76559cff63d9ec94e1736b556dacdfebe5ab6d4b"}, - {file = "PyYAML-6.0-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:213c60cd50106436cc818accf5baa1aba61c0189ff610f64f4a3e8c6726218ba"}, - {file = "PyYAML-6.0-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:9fa600030013c4de8165339db93d182b9431076eb98eb40ee068700c9c813e34"}, - {file = "PyYAML-6.0-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:277a0ef2981ca40581a47093e9e2d13b3f1fbbeffae064c1d21bfceba2030287"}, - {file = "PyYAML-6.0-cp38-cp38-win32.whl", hash = "sha256:d4eccecf9adf6fbcc6861a38015c2a64f38b9d94838ac1810a9023a0609e1b78"}, - {file = "PyYAML-6.0-cp38-cp38-win_amd64.whl", hash = "sha256:1e4747bc279b4f613a09eb64bba2ba602d8a6664c6ce6396a4d0cd413a50ce07"}, - {file = "PyYAML-6.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:055d937d65826939cb044fc8c9b08889e8c743fdc6a32b33e2390f66013e449b"}, - {file = "PyYAML-6.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:e61ceaab6f49fb8bdfaa0f92c4b57bcfbea54c09277b1b4f7ac376bfb7a7c174"}, - {file = "PyYAML-6.0-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d67d839ede4ed1b28a4e8909735fc992a923cdb84e618544973d7dfc71540803"}, - {file = "PyYAML-6.0-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:cba8c411ef271aa037d7357a2bc8f9ee8b58b9965831d9e51baf703280dc73d3"}, - {file = "PyYAML-6.0-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:40527857252b61eacd1d9af500c3337ba8deb8fc298940291486c465c8b46ec0"}, - {file = "PyYAML-6.0-cp39-cp39-win32.whl", hash = "sha256:b5b9eccad747aabaaffbc6064800670f0c297e52c12754eb1d976c57e4f74dcb"}, - {file = "PyYAML-6.0-cp39-cp39-win_amd64.whl", hash = "sha256:b3d267842bf12586ba6c734f89d1f5b871df0273157918b0ccefa29deb05c21c"}, - {file = "PyYAML-6.0.tar.gz", hash = "sha256:68fb519c14306fec9720a2a5b45bc9f0c8d1b9c72adf45c37baedfcd949c35a2"}, + {file = "PyYAML-6.0.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086"}, + {file = "PyYAML-6.0.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf"}, + {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237"}, + {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b"}, + {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed"}, + {file = "PyYAML-6.0.2-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180"}, + {file = "PyYAML-6.0.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68"}, + {file = "PyYAML-6.0.2-cp310-cp310-win32.whl", hash = "sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99"}, + {file = "PyYAML-6.0.2-cp310-cp310-win_amd64.whl", hash = "sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e"}, + {file = "PyYAML-6.0.2-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774"}, + {file = "PyYAML-6.0.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee"}, + {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c"}, + {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317"}, + {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85"}, + {file = "PyYAML-6.0.2-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4"}, + {file = "PyYAML-6.0.2-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e"}, + {file = "PyYAML-6.0.2-cp311-cp311-win32.whl", hash = "sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5"}, + {file = "PyYAML-6.0.2-cp311-cp311-win_amd64.whl", hash = "sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44"}, + {file = "PyYAML-6.0.2-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab"}, + {file = "PyYAML-6.0.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725"}, + {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5"}, + {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425"}, + {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476"}, + {file = "PyYAML-6.0.2-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48"}, + {file = "PyYAML-6.0.2-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b"}, + {file = "PyYAML-6.0.2-cp312-cp312-win32.whl", hash = "sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4"}, + {file = "PyYAML-6.0.2-cp312-cp312-win_amd64.whl", hash = "sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8"}, + {file = "PyYAML-6.0.2-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba"}, + {file = "PyYAML-6.0.2-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1"}, + {file = "PyYAML-6.0.2-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0ffe8360bab4910ef1b9e87fb812d8bc0a308b0d0eef8c8f44e0254ab3b07133"}, + {file = "PyYAML-6.0.2-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:17e311b6c678207928d649faa7cb0d7b4c26a0ba73d41e99c4fff6b6c3276484"}, + {file = "PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:70b189594dbe54f75ab3a1acec5f1e3faa7e8cf2f1e08d9b561cb41b845f69d5"}, + {file = "PyYAML-6.0.2-cp313-cp313-musllinux_1_1_aarch64.whl", hash = "sha256:41e4e3953a79407c794916fa277a82531dd93aad34e29c2a514c2c0c5fe971cc"}, + {file = "PyYAML-6.0.2-cp313-cp313-musllinux_1_1_x86_64.whl", hash = "sha256:68ccc6023a3400877818152ad9a1033e3db8625d899c72eacb5a668902e4d652"}, + {file = "PyYAML-6.0.2-cp313-cp313-win32.whl", hash = "sha256:bc2fa7c6b47d6bc618dd7fb02ef6fdedb1090ec036abab80d4681424b84c1183"}, + {file = "PyYAML-6.0.2-cp313-cp313-win_amd64.whl", hash = "sha256:8388ee1976c416731879ac16da0aff3f63b286ffdd57cdeb95f3f2e085687563"}, + {file = "PyYAML-6.0.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:24471b829b3bf607e04e88d79542a9d48bb037c2267d7927a874e6c205ca7e9a"}, + {file = "PyYAML-6.0.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d7fded462629cfa4b685c5416b949ebad6cec74af5e2d42905d41e257e0869f5"}, + {file = "PyYAML-6.0.2-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:d84a1718ee396f54f3a086ea0a66d8e552b2ab2017ef8b420e92edbc841c352d"}, + {file = "PyYAML-6.0.2-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9056c1ecd25795207ad294bcf39f2db3d845767be0ea6e6a34d856f006006083"}, + {file = "PyYAML-6.0.2-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:82d09873e40955485746739bcb8b4586983670466c23382c19cffecbf1fd8706"}, + {file = "PyYAML-6.0.2-cp38-cp38-win32.whl", hash = "sha256:43fa96a3ca0d6b1812e01ced1044a003533c47f6ee8aca31724f78e93ccc089a"}, + {file = "PyYAML-6.0.2-cp38-cp38-win_amd64.whl", hash = "sha256:01179a4a8559ab5de078078f37e5c1a30d76bb88519906844fd7bdea1b7729ff"}, + {file = "PyYAML-6.0.2-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:688ba32a1cffef67fd2e9398a2efebaea461578b0923624778664cc1c914db5d"}, + {file = "PyYAML-6.0.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:a8786accb172bd8afb8be14490a16625cbc387036876ab6ba70912730faf8e1f"}, + {file = "PyYAML-6.0.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d8e03406cac8513435335dbab54c0d385e4a49e4945d2909a581c83647ca0290"}, + {file = "PyYAML-6.0.2-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:f753120cb8181e736c57ef7636e83f31b9c0d1722c516f7e86cf15b7aa57ff12"}, + {file = "PyYAML-6.0.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3b1fdb9dc17f5a7677423d508ab4f243a726dea51fa5e70992e59a7411c89d19"}, + {file = "PyYAML-6.0.2-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:0b69e4ce7a131fe56b7e4d770c67429700908fc0752af059838b1cfb41960e4e"}, + {file = "PyYAML-6.0.2-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:a9f8c2e67970f13b16084e04f134610fd1d374bf477b17ec1599185cf611d725"}, + {file = "PyYAML-6.0.2-cp39-cp39-win32.whl", hash = "sha256:6395c297d42274772abc367baaa79683958044e5d3835486c16da75d2a694631"}, + {file = "PyYAML-6.0.2-cp39-cp39-win_amd64.whl", hash = "sha256:39693e1f8320ae4f43943590b49779ffb98acb81f788220ea932a6b6c51004d8"}, + {file = "pyyaml-6.0.2.tar.gz", hash = "sha256:d584d9ec91ad65861cc08d42e834324ef890a082e591037abe114850ff7bbc3e"}, ] +[[package]] +name = "setuptools" +version = "75.5.0" +description = "Easily download, build, install, upgrade, and uninstall Python packages" +optional = false +python-versions = ">=3.9" +files = [ + {file = "setuptools-75.5.0-py3-none-any.whl", hash = "sha256:87cb777c3b96d638ca02031192d40390e0ad97737e27b6b4fa831bea86f2f829"}, + {file = "setuptools-75.5.0.tar.gz", hash = "sha256:5c4ccb41111392671f02bb5f8436dfc5a9a7185e80500531b133f5775c4163ef"}, +] + +[package.extras] +check = ["pytest-checkdocs (>=2.4)", "pytest-ruff (>=0.2.1)", "ruff (>=0.7.0)"] +core = ["importlib-metadata (>=6)", "jaraco.collections", "jaraco.functools (>=4)", "jaraco.text (>=3.7)", "more-itertools", "more-itertools (>=8.8)", "packaging", "packaging (>=24.2)", "platformdirs (>=4.2.2)", "tomli (>=2.0.1)", "wheel (>=0.43.0)"] +cover = ["pytest-cov"] +doc = ["furo", "jaraco.packaging (>=9.3)", "jaraco.tidelift (>=1.4)", "pygments-github-lexers (==0.0.5)", "pyproject-hooks (!=1.1)", "rst.linker (>=1.9)", "sphinx (>=3.5)", "sphinx-favicon", "sphinx-inline-tabs", "sphinx-lint", "sphinx-notfound-page (>=1,<2)", "sphinx-reredirects", "sphinxcontrib-towncrier", "towncrier (<24.7)"] +enabler = ["pytest-enabler (>=2.2)"] +test = ["build[virtualenv] (>=1.0.3)", "filelock (>=3.4.0)", "ini2toml[lite] (>=0.14)", "jaraco.develop (>=7.21)", "jaraco.envs (>=2.2)", "jaraco.path (>=3.2.0)", "jaraco.test (>=5.5)", "packaging (>=24.2)", "pip (>=19.1)", "pyproject-hooks (!=1.1)", "pytest (>=6,!=8.1.*)", "pytest-home (>=0.5)", "pytest-perf", "pytest-subprocess", "pytest-timeout", "pytest-xdist (>=3)", "tomli-w (>=1.0.0)", "virtualenv (>=13.0.0)", "wheel (>=0.44.0)"] +type = ["importlib-metadata (>=7.0.2)", "jaraco.develop (>=7.21)", "mypy (>=1.12,<1.14)", "pytest-mypy"] + [[package]] name = "six" version = "1.16.0" @@ -195,31 +193,16 @@ files = [ [[package]] name = "tomli" -version = "2.0.1" +version = "2.1.0" description = "A lil' TOML parser" optional = false -python-versions = ">=3.7" -files = [ - {file = "tomli-2.0.1-py3-none-any.whl", hash = "sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc"}, - {file = "tomli-2.0.1.tar.gz", hash = "sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f"}, -] - -[[package]] -name = "zipp" -version = "3.19.1" -description = "Backport of pathlib-compatible object wrapper for zip files" -optional = false python-versions = ">=3.8" files = [ - {file = "zipp-3.19.1-py3-none-any.whl", hash = "sha256:2828e64edb5386ea6a52e7ba7cdb17bb30a73a858f5eb6eb93d8d36f5ea26091"}, - {file = "zipp-3.19.1.tar.gz", hash = "sha256:35427f6d5594f4acf82d25541438348c26736fa9b3afa2754bcd63cdb99d8e8f"}, + {file = "tomli-2.1.0-py3-none-any.whl", hash = "sha256:a5c57c3d1c56f5ccdf89f6523458f60ef716e210fc47c4cfb188c5ba473e0391"}, + {file = "tomli-2.1.0.tar.gz", hash = "sha256:3f646cae2aec94e17d04973e4249548320197cfabdf130015d023de4b74d8ab8"}, ] -[package.extras] -doc = ["furo", "jaraco.packaging (>=9.3)", "jaraco.tidelift (>=1.4)", "rst.linker (>=1.9)", "sphinx (>=3.5)", "sphinx-lint"] -test = ["big-O", "jaraco.functools", "jaraco.itertools", "jaraco.test", "more-itertools", "pytest (>=6,!=8.1.*)", "pytest-checkdocs (>=2.4)", "pytest-cov", "pytest-enabler (>=2.2)", "pytest-ignore-flaky", "pytest-mypy", "pytest-ruff (>=0.2.1)"] - [metadata] lock-version = "2.0" -python-versions = "^3.7" -content-hash = "62a183b03eceddb6cdd6b35148e0fc1895745553da3cb793ea0a1c42b2cd8683" +python-versions = "^3.10" +content-hash = "fdfb9993210fef4942c9ecb54d04f21b08e93af59b9626ede7945deda5a434a2" diff --git a/pyproject.toml b/pyproject.toml index beb3136..6771f4e 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,6 +16,7 @@ python = "^3.10" junit-xml = "^1.9" PyYAML = "^6.0" pytest = "^7.2.0" +setuptools = "^75.5.0" [tool.poetry.dev-dependencies] diff --git a/secscanner2junit/config.py b/secscanner2junit/config.py index afda340..a9fead2 100644 --- a/secscanner2junit/config.py +++ b/secscanner2junit/config.py @@ -2,15 +2,22 @@ class Suppression: - def __init__(self, type, value): + + def __init__(self, + id: str | None = None, + type: str | None = None, + value: str | None = None): + self.id = id self.type = type self.value = value def __repr__(self): - return f"Suppression(type={self.type}, value={self.value})" + return f"Suppression(id={self.id}, type={self.type}, value={self.value})" def __eq__(self, other): if isinstance(other, Suppression): + if self.id is not None: + return self.id == other.id return self.type == other.type and self.value == other.value return False @@ -36,9 +43,17 @@ def __is_identifier_suppressed(self, identifier): return False def __is_vulnerability_suppressed(self, vulnerability): - for identifier in vulnerability['identifiers']: - if self.__is_identifier_suppressed(identifier): - return True + for suppression in self.suppressions: + if suppression is None: + return False + + if suppression.id is not None: + return suppression.id == vulnerability['id'] + + for identifier in vulnerability['identifiers']: + if suppression.type == identifier['type'] and suppression.value == identifier['value']: + return True + return False def suppress(self, vulnerabilities): @@ -91,6 +106,15 @@ def __get_suppressions(sast_yml_dict): def __get_suppression(suppression_yml_dict): try: - return Suppression(suppression_yml_dict['type'], suppression_yml_dict['value']) + return Suppression(__get_suppression_field(suppression_yml_dict, 'id'), + __get_suppression_field(suppression_yml_dict, 'type'), + __get_suppression_field(suppression_yml_dict, 'value')) + except KeyError: + return None + + +def __get_suppression_field(suppression_yml_dict, key): + try: + return suppression_yml_dict[key] except KeyError: return None diff --git a/tests/resources/test_sast/test_basic/gl-sast-report.json b/tests/resources/test_sast/test_basic/gl-sast-report.json index 4045457..ee31b15 100644 --- a/tests/resources/test_sast/test_basic/gl-sast-report.json +++ b/tests/resources/test_sast/test_basic/gl-sast-report.json @@ -7,7 +7,7 @@ "name": "Spring CSRF unrestricted RequestMapping", "message": "Spring CSRF unrestricted RequestMapping", "description": "Unrestricted Spring's RequestMapping makes the method vulnerable to CSRF attacks", - "cve": "86d80cd1d198812fc1ba6860a9e965e1:SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING:src/main/java/pl/com/softnet/example/springbootsoftnetexample/PingController.java:23", + "cve": "86d80cd1d198812fc1ba6860a9e965e1:SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING:src/main/java/pl/com/abc/example/springbootabcexample/PingController.java:23", "severity": "Medium", "confidence": "High", "scanner": { @@ -15,9 +15,9 @@ "name": "Find Security Bugs" }, "location": { - "file": "src/main/java/pl/com/softnet/example/springbootsoftnetexample/PingController.java", + "file": "src/main/java/pl/com/abc/example/springbootabcexample/PingController.java", "start_line": 23, - "class": "pl.com.softnet.example.springbootsoftnetexample.PingController", + "class": "pl.com.abc.example.springbootabcexample.PingController", "method": "ping" }, "identifiers": [ @@ -40,8 +40,8 @@ "category": "sast", "name": "Found Spring endpoint", "message": "Found Spring endpoint", - "description": "pl.com.softnet.example.springbootsoftnetexample.PingController is a Spring endpoint (Controller)", - "cve": "21254b1dfdebd6b8bbd05e4ed8a960c3:SPRING_ENDPOINT:src/main/java/pl/com/softnet/example/springbootsoftnetexample/PingController.java:23", + "description": "pl.com.abc.example.springbootabcexample.PingController is a Spring endpoint (Controller)", + "cve": "21254b1dfdebd6b8bbd05e4ed8a960c3:SPRING_ENDPOINT:src/main/java/pl/com/abc/example/springbootabcexample/PingController.java:23", "severity": "Low", "confidence": "Low", "scanner": { @@ -49,9 +49,9 @@ "name": "Find Security Bugs" }, "location": { - "file": "src/main/java/pl/com/softnet/example/springbootsoftnetexample/PingController.java", + "file": "src/main/java/pl/com/abc/example/springbootabcexample/PingController.java", "start_line": 23, - "class": "pl.com.softnet.example.springbootsoftnetexample.PingController", + "class": "pl.com.abc.example.springbootabcexample.PingController", "method": "ping" }, "identifiers": [ @@ -68,8 +68,8 @@ "category": "sast", "name": "Found Spring endpoint", "message": "Found Spring endpoint", - "description": "pl.com.softnet.example.springbootsoftnetexample.FakeErrorController is a Spring endpoint (Controller)", - "cve": "62a35767e47f86da1958c888ab0ddb98:SPRING_ENDPOINT:src/main/java/pl/com/softnet/example/springbootsoftnetexample/FakeErrorController.java:16", + "description": "pl.com.abc.example.springbootabcexample.FakeErrorController is a Spring endpoint (Controller)", + "cve": "62a35767e47f86da1958c888ab0ddb98:SPRING_ENDPOINT:src/main/java/pl/com/abc/example/springbootabcexample/FakeErrorController.java:16", "severity": "Low", "confidence": "Low", "scanner": { @@ -77,9 +77,9 @@ "name": "Find Security Bugs" }, "location": { - "file": "src/main/java/pl/com/softnet/example/springbootsoftnetexample/FakeErrorController.java", + "file": "src/main/java/pl/com/abc/example/springbootabcexample/FakeErrorController.java", "start_line": 16, - "class": "pl.com.softnet.example.springbootsoftnetexample.FakeErrorController", + "class": "pl.com.abc.example.springbootabcexample.FakeErrorController", "method": "getDomainError" }, "identifiers": [ @@ -97,7 +97,7 @@ "name": "HTTP headers untrusted", "message": "HTTP headers untrusted", "description": "Request header can easily be altered by the client", - "cve": "6b0c63f9593aecd2ad80afdc4a85656d:SERVLET_HEADER:src/main/java/pl/com/softnet/example/springbootsoftnetexample/PingController.java:50", + "cve": "6b0c63f9593aecd2ad80afdc4a85656d:SERVLET_HEADER:src/main/java/pl/com/abc/example/springbootabcexample/PingController.java:50", "severity": "Low", "confidence": "Low", "scanner": { @@ -105,9 +105,9 @@ "name": "Find Security Bugs" }, "location": { - "file": "src/main/java/pl/com/softnet/example/springbootsoftnetexample/PingController.java", + "file": "src/main/java/pl/com/abc/example/springbootabcexample/PingController.java", "start_line": 50, - "class": "pl.com.softnet.example.springbootsoftnetexample.PingController$IpAddressUtils", + "class": "pl.com.abc.example.springbootabcexample.PingController$IpAddressUtils", "method": "getIpAddressFromRequest" }, "identifiers": [ @@ -124,8 +124,8 @@ "category": "sast", "name": "Found Spring endpoint", "message": "Found Spring endpoint", - "description": "pl.com.softnet.example.springbootsoftnetexample.FakeErrorController is a Spring endpoint (Controller)", - "cve": "8e968b3dea7c8b68b43c07ab9b37c120:SPRING_ENDPOINT:src/main/java/pl/com/softnet/example/springbootsoftnetexample/FakeErrorController.java:11", + "description": "pl.com.abc.example.springbootabcexample.FakeErrorController is a Spring endpoint (Controller)", + "cve": "8e968b3dea7c8b68b43c07ab9b37c120:SPRING_ENDPOINT:src/main/java/pl/com/abc/example/springbootabcexample/FakeErrorController.java:11", "severity": "Low", "confidence": "Low", "scanner": { @@ -133,9 +133,9 @@ "name": "Find Security Bugs" }, "location": { - "file": "src/main/java/pl/com/softnet/example/springbootsoftnetexample/FakeErrorController.java", + "file": "src/main/java/pl/com/abc/example/springbootabcexample/FakeErrorController.java", "start_line": 11, - "class": "pl.com.softnet.example.springbootsoftnetexample.FakeErrorController", + "class": "pl.com.abc.example.springbootabcexample.FakeErrorController", "method": "getSomeFakeError" }, "identifiers": [ diff --git a/tests/resources/test_sast/test_sast_suppression/gl-sast-report-many-with-same-name.json b/tests/resources/test_sast/test_sast_suppression/gl-sast-report-many-with-same-name.json index 4045457..f14d461 100644 --- a/tests/resources/test_sast/test_sast_suppression/gl-sast-report-many-with-same-name.json +++ b/tests/resources/test_sast/test_sast_suppression/gl-sast-report-many-with-same-name.json @@ -7,7 +7,7 @@ "name": "Spring CSRF unrestricted RequestMapping", "message": "Spring CSRF unrestricted RequestMapping", "description": "Unrestricted Spring's RequestMapping makes the method vulnerable to CSRF attacks", - "cve": "86d80cd1d198812fc1ba6860a9e965e1:SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING:src/main/java/pl/com/softnet/example/springbootsoftnetexample/PingController.java:23", + "cve": "86d80cd1d198812fc1ba6860a9e965e1:SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING:src/main/java/pl/com/abc/example/springbootabcexample/PingController.java:23", "severity": "Medium", "confidence": "High", "scanner": { @@ -15,9 +15,9 @@ "name": "Find Security Bugs" }, "location": { - "file": "src/main/java/pl/com/softnet/example/springbootsoftnetexample/PingController.java", + "file": "src/main/java/pl/com/abc/example/springbootabcexample/PingController.java", "start_line": 23, - "class": "pl.com.softnet.example.springbootsoftnetexample.PingController", + "class": "pl.com.abc.example.springbootabcexample.PingController", "method": "ping" }, "identifiers": [ @@ -40,8 +40,8 @@ "category": "sast", "name": "Found Spring endpoint", "message": "Found Spring endpoint", - "description": "pl.com.softnet.example.springbootsoftnetexample.PingController is a Spring endpoint (Controller)", - "cve": "21254b1dfdebd6b8bbd05e4ed8a960c3:SPRING_ENDPOINT:src/main/java/pl/com/softnet/example/springbootsoftnetexample/PingController.java:23", + "description": "pl.com.abc.example.springbootabcexample.PingController is a Spring endpoint (Controller)", + "cve": "21254b1dfdebd6b8bbd05e4ed8a960c3:SPRING_ENDPOINT:src/main/java/pl/com/abc/example/springbootabcexample/PingController.java:23", "severity": "Low", "confidence": "Low", "scanner": { @@ -49,9 +49,9 @@ "name": "Find Security Bugs" }, "location": { - "file": "src/main/java/pl/com/softnet/example/springbootsoftnetexample/PingController.java", + "file": "src/main/java/pl/com/abc/example/springbootabcexample/PingController.java", "start_line": 23, - "class": "pl.com.softnet.example.springbootsoftnetexample.PingController", + "class": "pl.com.abc.example.springbootabcexample.PingController", "method": "ping" }, "identifiers": [ @@ -68,8 +68,8 @@ "category": "sast", "name": "Found Spring endpoint", "message": "Found Spring endpoint", - "description": "pl.com.softnet.example.springbootsoftnetexample.FakeErrorController is a Spring endpoint (Controller)", - "cve": "62a35767e47f86da1958c888ab0ddb98:SPRING_ENDPOINT:src/main/java/pl/com/softnet/example/springbootsoftnetexample/FakeErrorController.java:16", + "description": "pl.com.abc.example.springbootabcexample.FakeErrorController is a Spring endpoint (Controller)", + "cve": "62a35767e47f86da1958c888ab0ddb98:SPRING_ENDPOINT:src/main/java/pl/com/abc/example/springbootabcexample/FakeErrorController.java:16", "severity": "Low", "confidence": "Low", "scanner": { @@ -77,9 +77,9 @@ "name": "Find Security Bugs" }, "location": { - "file": "src/main/java/pl/com/softnet/example/springbootsoftnetexample/FakeErrorController.java", + "file": "src/main/java/pl/com/abc/example/springbootabcexample/FakeErrorController.java", "start_line": 16, - "class": "pl.com.softnet.example.springbootsoftnetexample.FakeErrorController", + "class": "pl.com.abc.example.springbootabcexample.FakeErrorController", "method": "getDomainError" }, "identifiers": [ @@ -97,7 +97,7 @@ "name": "HTTP headers untrusted", "message": "HTTP headers untrusted", "description": "Request header can easily be altered by the client", - "cve": "6b0c63f9593aecd2ad80afdc4a85656d:SERVLET_HEADER:src/main/java/pl/com/softnet/example/springbootsoftnetexample/PingController.java:50", + "cve": "6b0c63f9593aecd2ad80afdc4a85656d:SERVLET_HEADER:src/main/java/pl/com/abc/example/springbootabcexample/PingController.java:50", "severity": "Low", "confidence": "Low", "scanner": { @@ -105,9 +105,9 @@ "name": "Find Security Bugs" }, "location": { - "file": "src/main/java/pl/com/softnet/example/springbootsoftnetexample/PingController.java", + "file": "src/main/java/pl/com/abc/example/springbootabcexample/PingController.java", "start_line": 50, - "class": "pl.com.softnet.example.springbootsoftnetexample.PingController$IpAddressUtils", + "class": "pl.com.abc.example.springbootabcexample.PingController$IpAddressUtils", "method": "getIpAddressFromRequest" }, "identifiers": [ diff --git a/tests/resources/test_sast/test_sast_suppression_by_id/gl-sast-report-many-with-same-name.json b/tests/resources/test_sast/test_sast_suppression_by_id/gl-sast-report-many-with-same-name.json new file mode 100644 index 0000000..ee31b15 --- /dev/null +++ b/tests/resources/test_sast/test_sast_suppression_by_id/gl-sast-report-many-with-same-name.json @@ -0,0 +1,174 @@ +{ + "version": "14.0.4", + "vulnerabilities": [ + { + "id": "cccabffcfcf176e47f9138d7fbd763a83b310b071529b687cde3537a935cf251", + "category": "sast", + "name": "Spring CSRF unrestricted RequestMapping", + "message": "Spring CSRF unrestricted RequestMapping", + "description": "Unrestricted Spring's RequestMapping makes the method vulnerable to CSRF attacks", + "cve": "86d80cd1d198812fc1ba6860a9e965e1:SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING:src/main/java/pl/com/abc/example/springbootabcexample/PingController.java:23", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "src/main/java/pl/com/abc/example/springbootabcexample/PingController.java", + "start_line": 23, + "class": "pl.com.abc.example.springbootabcexample.PingController", + "method": "ping" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING", + "value": "SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING", + "url": "https://find-sec-bugs.github.io/bugs.htm#SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" + }, + { + "type": "cwe", + "name": "CWE-352", + "value": "352", + "url": "https://cwe.mitre.org/data/definitions/352.html" + } + ] + }, + { + "id": "db914ce5737b49650ae650fc3b0fe38a531eadd8ea780f48a013419c4adec7f0", + "category": "sast", + "name": "Found Spring endpoint", + "message": "Found Spring endpoint", + "description": "pl.com.abc.example.springbootabcexample.PingController is a Spring endpoint (Controller)", + "cve": "21254b1dfdebd6b8bbd05e4ed8a960c3:SPRING_ENDPOINT:src/main/java/pl/com/abc/example/springbootabcexample/PingController.java:23", + "severity": "Low", + "confidence": "Low", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "src/main/java/pl/com/abc/example/springbootabcexample/PingController.java", + "start_line": 23, + "class": "pl.com.abc.example.springbootabcexample.PingController", + "method": "ping" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-SPRING_ENDPOINT", + "value": "SPRING_ENDPOINT", + "url": "https://find-sec-bugs.github.io/bugs.htm#SPRING_ENDPOINT" + } + ] + }, + { + "id": "f4e1ee2a65c5d8837cfe6e3b16fc368f23462596f41ca15b182625a259a58baf", + "category": "sast", + "name": "Found Spring endpoint", + "message": "Found Spring endpoint", + "description": "pl.com.abc.example.springbootabcexample.FakeErrorController is a Spring endpoint (Controller)", + "cve": "62a35767e47f86da1958c888ab0ddb98:SPRING_ENDPOINT:src/main/java/pl/com/abc/example/springbootabcexample/FakeErrorController.java:16", + "severity": "Low", + "confidence": "Low", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "src/main/java/pl/com/abc/example/springbootabcexample/FakeErrorController.java", + "start_line": 16, + "class": "pl.com.abc.example.springbootabcexample.FakeErrorController", + "method": "getDomainError" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-SPRING_ENDPOINT", + "value": "SPRING_ENDPOINT", + "url": "https://find-sec-bugs.github.io/bugs.htm#SPRING_ENDPOINT" + } + ] + }, + { + "id": "e5104af1e9b781ffa19a0f9299e9c44bb62b3dd62c4483e9f2e087dc03e8cd95", + "category": "sast", + "name": "HTTP headers untrusted", + "message": "HTTP headers untrusted", + "description": "Request header can easily be altered by the client", + "cve": "6b0c63f9593aecd2ad80afdc4a85656d:SERVLET_HEADER:src/main/java/pl/com/abc/example/springbootabcexample/PingController.java:50", + "severity": "Low", + "confidence": "Low", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "src/main/java/pl/com/abc/example/springbootabcexample/PingController.java", + "start_line": 50, + "class": "pl.com.abc.example.springbootabcexample.PingController$IpAddressUtils", + "method": "getIpAddressFromRequest" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-SERVLET_HEADER", + "value": "SERVLET_HEADER", + "url": "https://find-sec-bugs.github.io/bugs.htm#SERVLET_HEADER" + } + ] + }, + { + "id": "dd623e3dafc27991b80b00c2b38b8ec69ef4b2635a5838622b3efb921e2cbfac", + "category": "sast", + "name": "Found Spring endpoint", + "message": "Found Spring endpoint", + "description": "pl.com.abc.example.springbootabcexample.FakeErrorController is a Spring endpoint (Controller)", + "cve": "8e968b3dea7c8b68b43c07ab9b37c120:SPRING_ENDPOINT:src/main/java/pl/com/abc/example/springbootabcexample/FakeErrorController.java:11", + "severity": "Low", + "confidence": "Low", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "src/main/java/pl/com/abc/example/springbootabcexample/FakeErrorController.java", + "start_line": 11, + "class": "pl.com.abc.example.springbootabcexample.FakeErrorController", + "method": "getSomeFakeError" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-SPRING_ENDPOINT", + "value": "SPRING_ENDPOINT", + "url": "https://find-sec-bugs.github.io/bugs.htm#SPRING_ENDPOINT" + } + ] + } + ], + "scan": { + "analyzer": { + "id": "spotbugs", + "name": "Spotbugs", + "vendor": { + "name": "GitLab" + }, + "version": "3.2.1" + }, + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs", + "url": "https://spotbugs.github.io", + "vendor": { + "name": "GitLab" + }, + "version": "4.7.0" + }, + "type": "sast", + "start_time": "2022-08-04T05:31:38", + "end_time": "2022-08-04T05:32:16", + "status": "success" + } +} diff --git a/tests/resources/test_sast/test_sast_suppression_by_id/ss2ju-config.yml b/tests/resources/test_sast/test_sast_suppression_by_id/ss2ju-config.yml new file mode 100644 index 0000000..e8aa04d --- /dev/null +++ b/tests/resources/test_sast/test_sast_suppression_by_id/ss2ju-config.yml @@ -0,0 +1,3 @@ +sast: + suppressions: + - id: "db914ce5737b49650ae650fc3b0fe38a531eadd8ea780f48a013419c4adec7f0" \ No newline at end of file diff --git a/tests/test_config.py b/tests/test_config.py index b01dcd6..cde7862 100644 --- a/tests/test_config.py +++ b/tests/test_config.py @@ -35,5 +35,6 @@ def test_get_config(self): config = get_config(input_config_path) # then: - expected = Config([Suppression('cwe', '2555'), Suppression('find_sec_bugs_type', 'SPRING_ENDPOINT')]) + expected = Config( + [Suppression(type='cwe', value='2555'), Suppression(type='find_sec_bugs_type', value='SPRING_ENDPOINT')]) self.assertEqual(expected, config) diff --git a/tests/test_sast.py b/tests/test_sast.py index 479fe71..e9780fd 100644 --- a/tests/test_sast.py +++ b/tests/test_sast.py @@ -50,6 +50,21 @@ def test_sast_suppression(self): # then: self.assertEqual(len(testsuite.pop().test_cases), 2) + def test_sast_suppression_by_id(self): + # given: + input_report_path = "resources/test_sast/test_sast_suppression_by_id/gl-sast-report-many-with-same-name.json" + input_config_path = "resources/test_sast/test_sast_suppression_by_id/ss2ju-config.yml" + + report = get_report(input_report_path) + config = get_config(input_config_path) + parser = SastParser(report, input_report_path, config) + + # when: + testsuite = parser.parse() + + # then: + self.assertEqual(len(testsuite.pop().test_cases), 4) + def get_report(path): with open(path) as input_file: