use of com.checkmarx.flow.dto.iast.ql.utils.Severity in project cx-flow by checkmarx-ltd.
the class IastService method thresholdsSeverity.
/**
* create an exception if the severity thresholds are exceeded
*/
private void thresholdsSeverity(ScanVulnerabilities scanVulnerabilities) {
Map<Severity, AtomicInteger> thresholdsSeverity = new HashMap<>(7);
for (Severity severity : Severity.values()) {
thresholdsSeverity.put(severity, new AtomicInteger(0));
}
boolean throwThresholdsSeverity = false;
for (int i = 0; i < scanVulnerabilities.getVulnerabilities().size(); i++) {
VulnerabilityInfo vulnerabilityInfo = scanVulnerabilities.getVulnerabilities().get(i);
int countSeverityVulnerabilities = thresholdsSeverity.get(vulnerabilityInfo.getHighestSeverity()).incrementAndGet();
Integer countPossibleVulnerability = iastProperties.getThresholdsSeverity().get(vulnerabilityInfo.getHighestSeverity());
if (countPossibleVulnerability != -1 && countSeverityVulnerabilities >= countPossibleVulnerability) {
throwThresholdsSeverity = true;
}
}
if (throwThresholdsSeverity) {
log.warn("\nThresholds severity are exceeded. " + "\n High: " + thresholdsSeverity.get(Severity.HIGH).incrementAndGet() + " / " + iastProperties.getThresholdsSeverity().get(Severity.HIGH) + "\n Medium: " + thresholdsSeverity.get(Severity.MEDIUM).incrementAndGet() + " / " + iastProperties.getThresholdsSeverity().get(Severity.MEDIUM) + "\n Low: " + thresholdsSeverity.get(Severity.LOW).incrementAndGet() + " / " + iastProperties.getThresholdsSeverity().get(Severity.LOW) + "\n Info: " + thresholdsSeverity.get(Severity.INFO).incrementAndGet() + " / " + iastProperties.getThresholdsSeverity().get(Severity.INFO));
throw new IastThresholdsSeverityException();
}
}
Aggregations