Search in sources :

Example 6 with Vulnerability

use of com.blackducksoftware.integration.fortify.batch.model.Vulnerability in project hub-fortify-ssc-integration-service by blackducksoftware.

the class VulnerabilityUtil method removeDuplicates.

/**
 * It will be used to remove the duplicate vulnerabilities in the list
 *
 * @param vulnerabilities
 * @return
 */
public static List<Vulnerability> removeDuplicates(List<Vulnerability> vulnerabilities) {
    Map<String, Vulnerability> uniqueKeys = new HashMap<>();
    // Iterate the vulnerabilities to remove the duplicates
    vulnerabilities.forEach(vulnerability -> {
        // The unique vulnerability will be the combination of Component name and version, Channel version and
        // Vulnerability Id
        String uniqueKey = vulnerability.getComponentName() + "~" + vulnerability.getVersion() + "~" + vulnerability.getChannelVersionOriginId() + "~" + vulnerability.getVulnerabilityId();
        // Multiple projects and Multiple versions respectively
        if (uniqueKeys.containsKey(uniqueKey)) {
            vulnerability = new Vulnerability("Multiple projects", "Multiple versions", vulnerability.getProjectId(), vulnerability.getVersionId(), vulnerability.getChannelVersionId(), vulnerability.getComponentName(), vulnerability.getVersion(), vulnerability.getChannelVersionOrigin(), vulnerability.getChannelVersionOriginId(), vulnerability.getChannelVersionOriginName(), vulnerability.getVulnerabilityId(), vulnerability.getDescription(), vulnerability.getPublishedOn(), vulnerability.getUpdatedOn(), vulnerability.getBaseScore(), vulnerability.getExploitability(), vulnerability.getImpact(), vulnerability.getVulnerabilitySource(), vulnerability.getHubVulnerabilityUrl(), vulnerability.getRemediationStatus(), vulnerability.getRemediationTargetDate(), vulnerability.getRemediationActualDate(), vulnerability.getRemediationComment(), vulnerability.getUrl(), vulnerability.getSeverity(), vulnerability.getScanDate());
        }
        uniqueKeys.put(uniqueKey, vulnerability);
    });
    return new ArrayList<>(uniqueKeys.values());
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) Vulnerability(com.blackducksoftware.integration.fortify.batch.model.Vulnerability)

Example 7 with Vulnerability

use of com.blackducksoftware.integration.fortify.batch.model.Vulnerability in project hub-fortify-ssc-integration-service by blackducksoftware.

the class VulnerabilityUtilTest method testRemoveDuplicates.

@Test
public void testRemoveDuplicates() {
    System.out.println("Executing testRemoveDuplicates");
    List<Vulnerability> vulnerabilities = new ArrayList<>();
    try {
        try (Writer writer = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(propertyConstants.getBatchJobStatusFilePath()), "utf-8"))) {
            writer.write("");
        } catch (UnsupportedEncodingException e) {
        // do nothing
        } catch (FileNotFoundException e) {
        // do nothing
        } catch (IOException e) {
        // do nothing
        }
        ProjectVersionView projectVersionItem1 = hubServices.getProjectVersion(HUB_PROJECT_NAME_1, HUB_PROJECT_VERSION_NAME_1);
        ProjectVersionView projectVersionItem2 = hubServices.getProjectVersion(HUB_PROJECT_NAME_2, HUB_PROJECT_VERSION_NAME_2);
        vulnerabilities.addAll(VulnerabilityUtil.transformMapping(hubServices.getVulnerabilityComponentViews(projectVersionItem1), HUB_PROJECT_NAME_1, HUB_PROJECT_VERSION_NAME_1, new Date(), propertyConstants));
        vulnerabilities.addAll(VulnerabilityUtil.transformMapping(hubServices.getVulnerabilityComponentViews(projectVersionItem2), HUB_PROJECT_NAME_2, HUB_PROJECT_VERSION_NAME_2, new Date(), propertyConstants));
        vulnerabilities = VulnerabilityUtil.removeDuplicates(vulnerabilities);
        assertNotNull(vulnerabilities);
        System.out.println("vulnerabilities count::" + vulnerabilities.size() + ", vulnerabilities::" + vulnerabilities);
    } catch (IllegalArgumentException e) {
        e.printStackTrace();
    } catch (IntegrationException e) {
        e.printStackTrace();
    }
}
Also used : IntegrationException(com.blackducksoftware.integration.exception.IntegrationException) ArrayList(java.util.ArrayList) FileNotFoundException(java.io.FileNotFoundException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) Vulnerability(com.blackducksoftware.integration.fortify.batch.model.Vulnerability) IOException(java.io.IOException) JsonIOException(com.google.gson.JsonIOException) Date(java.util.Date) BufferedWriter(java.io.BufferedWriter) FileOutputStream(java.io.FileOutputStream) ProjectVersionView(com.blackducksoftware.integration.hub.api.generated.view.ProjectVersionView) OutputStreamWriter(java.io.OutputStreamWriter) OutputStreamWriter(java.io.OutputStreamWriter) BufferedWriter(java.io.BufferedWriter) Writer(java.io.Writer) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

Vulnerability (com.blackducksoftware.integration.fortify.batch.model.Vulnerability)7 ArrayList (java.util.ArrayList)4 ProjectVersionView (com.blackducksoftware.integration.hub.api.generated.view.ProjectVersionView)3 IOException (java.io.IOException)3 IntegrationException (com.blackducksoftware.integration.exception.IntegrationException)2 HubProjectVersion (com.blackducksoftware.integration.fortify.batch.model.HubProjectVersion)2 VulnerableComponentView (com.blackducksoftware.integration.hub.api.generated.view.VulnerableComponentView)2 JsonIOException (com.google.gson.JsonIOException)2 FileNotFoundException (java.io.FileNotFoundException)2 FileOutputStream (java.io.FileOutputStream)2 OutputStreamWriter (java.io.OutputStreamWriter)2 UnsupportedEncodingException (java.io.UnsupportedEncodingException)2 Date (java.util.Date)2 Test (org.junit.Test)2 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2 ObjectWriter (com.fasterxml.jackson.databind.ObjectWriter)1 CsvMapper (com.fasterxml.jackson.dataformat.csv.CsvMapper)1 CsvSchema (com.fasterxml.jackson.dataformat.csv.CsvSchema)1 BufferedOutputStream (java.io.BufferedOutputStream)1 BufferedWriter (java.io.BufferedWriter)1