Skip to content

Commit

Permalink
fix duplicate conditional - add into tree_node logic
Browse files Browse the repository at this point in the history
  • Loading branch information
@testaccount90009
testaccount90009 committed Dec 21, 2024
1 parent 0670477 commit b7adf09
Showing 1 changed file with 47 additions and 47 deletions.
94 changes: 47 additions & 47 deletions dojo/tools/mend/parser.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,52 +41,51 @@ def _build_common_output(node, lib_name=None):
mitigation = "N/A"
locations = []
if "component" in node:
if node.get("findingInfo", {}).get("status") == "ACTIVE":
description = (
"**Vulnerability Description**: "
+ node["vulnerability"].get("description", "No Description Available")
+ "\n\n"
+ "**Component Name**: "
+ node["component"].get("name", "")
+ "\n"
+ "**Component Type**: "
+ node["component"].get("componentType", "")
+ "\n"
+ "**Root Library**: "
+ str(node["component"].get("rootLibrary", ""))
+ "\n"
+ "**Library Type**: "
+ node["component"].get("libraryType", "")
+ "\n"
)
lib_name = node["component"].get("name")
component_name = node["component"].get("artifactId")
component_version = node["component"].get("version")
impact = (
"**Direct or Transitive Vulnerability**: "
+ node["component"].get("dependencyType", "")
+ "\n"
)
cvss3_score = node["vulnerability"].get("score", None)
component_path = node["component"].get("path", None)
cve = node["vulnerability"].get("name")
title = "CVE-None | " + lib_name if cve is None else cve + " | " + lib_name
if component_path:
locations.append(component_path)
if "topFix" in node:
try:
topfix_node = node.get("topFix")
mitigation = (
"**Resolution**: "
+ topfix_node.get("date", "")
+ "\n"
+ topfix_node.get("message", "")
+ "\n"
+ topfix_node.get("fixResolution", "")
+ "\n"
)
except Exception:
logger.exception("Error handling topFix node.")
description = (
"**Vulnerability Description**: "
+ node["vulnerability"].get("description", "No Description Available")
+ "\n\n"
+ "**Component Name**: "
+ node["component"].get("name", "")
+ "\n"
+ "**Component Type**: "
+ node["component"].get("componentType", "")
+ "\n"
+ "**Root Library**: "
+ str(node["component"].get("rootLibrary", ""))
+ "\n"
+ "**Library Type**: "
+ node["component"].get("libraryType", "")
+ "\n"
)
lib_name = node["component"].get("name")
component_name = node["component"].get("artifactId")
component_version = node["component"].get("version")
impact = (
"**Direct or Transitive Vulnerability**: "
+ node["component"].get("dependencyType", "")
+ "\n"
)
cvss3_score = node["vulnerability"].get("score", None)
component_path = node["component"].get("path", None)
cve = node["vulnerability"].get("name")
title = "CVE-None | " + lib_name if cve is None else cve + " | " + lib_name
if component_path:
locations.append(component_path)
if "topFix" in node:
try:
topfix_node = node.get("topFix")
mitigation = (
"**Resolution**: "
+ topfix_node.get("date", "")
+ "\n"
+ topfix_node.get("message", "")
+ "\n"
+ topfix_node.get("fixResolution", "")
+ "\n"
)
except Exception:
logger.exception("Error handling topFix node.")
elif "library" in node:
node.get("project")
description = (
Expand Down Expand Up @@ -255,7 +254,8 @@ def _build_common_output(node, lib_name=None):
tree_node = content["response"]
if tree_node:
for node in tree_node:
findings.append(_build_common_output(node))
if node.get("findingInfo", {}).get("status") == "ACTIVE":
findings.append(_build_common_output(node))

def create_finding_key(f: Finding) -> str:
# """Hashes the finding's description and title to retrieve a key for deduplication."""
Expand Down

0 comments on commit b7adf09

Please sign in to comment.