From 3d3f0bea0bf85d0f8bebadaa39b13d30e2f83b6b Mon Sep 17 00:00:00 2001 From: foobar Date: Sat, 3 Feb 2024 14:12:57 +0000 Subject: [PATCH] lint and cleanup --- components/producers/checkmarx/main.go | 9 ++++++--- components/producers/producer.go | 5 +---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/components/producers/checkmarx/main.go b/components/producers/checkmarx/main.go index 652d8c705..7f71a5c96 100644 --- a/components/producers/checkmarx/main.go +++ b/components/producers/checkmarx/main.go @@ -1,3 +1,5 @@ +// Package main of the checkmarx producer parses the XML Output of a Checkmarx scan +// creates a Dracon scan from it package main import ( @@ -80,8 +82,6 @@ func parseIssues(out *Flaws) ([]*v1.Issue, error) { log.Println("Could not populate Dracon Description from Checkmarx fields, err", err) } target := fmt.Sprintf("%s:%s", r.FileName, r.LineNumber) - fmt.Println(target) - fmt.Scanf("%s") iss := &v1.Issue{ Source: source, Target: target, @@ -102,6 +102,7 @@ func parseIssues(out *Flaws) ([]*v1.Issue, error) { return issues, nil } +// DraconDescription allows the user to map Checkmarx optional fields to the Dracon "description" field type DraconDescription struct { OriginalIssueDescription string `json:"issue description,omitempty"` OriginalRemediationAdvice string `json:"remediation advice,omitempty"` @@ -125,6 +126,8 @@ type DraconDescription struct { OriginalTypeofFixAvailable string `json:"type of fix available,omitempty"` OriginalLevelofVerificationthatVulnerabilityExist string `json:"level of verification that vulnerability exists,omitempty"` } + +// Flaws is the checkmarx output xml type Flaws struct { MetaData struct { AppID string `xml:"appID,attr" json:"appid,omitempty"` @@ -145,7 +148,7 @@ type Flaws struct { IssueRecommendation string `xml:"issueRecommendation"` ComponentName string `xml:"componentName"` Module string `xml:"module"` - ApiName string `xml:"apiName"` + APIName string `xml:"apiName"` VulnerabilityType string `xml:"vulnerabilityType"` // Basically CWE Classification string `xml:"classification"` Severity string `xml:"severity"` diff --git a/components/producers/producer.go b/components/producers/producer.go index 42e272211..78dc5293a 100644 --- a/components/producers/producer.go +++ b/components/producers/producer.go @@ -103,10 +103,7 @@ func ParseJSON(in []byte, structure interface{}) error { // ParseXML provides a generic method to parse XML input (e.g. the results // provided by a tool) into a given struct. func ParseXML(in []byte, structure interface{}) error { - if err := xml.Unmarshal(in, &structure); err != nil { - return err - } - return nil + return xml.Unmarshal(in, &structure) } // ParseMultiJSONMessages provides method to parse tool results in JSON format.