use of com.checkmarx.sdk.dto.ast.report.AstSummaryResults in project cx-flow by checkmarx-ltd.
the class GitHubCommentsASTSteps method createFakeASTScanResults.
private ScanResults createFakeASTScanResults(int highCount, int mediumCount, int lowCount) {
ScanResults result = new ScanResults();
ASTResults astResults = new ASTResults();
List<Finding> findings = new LinkedList<>();
astResults.setScanId("" + SCAN_ID);
boolean addNodes = false;
if (highCount + mediumCount + lowCount > 0) {
addNodes = true;
}
List<StatusCounter> findingCounts = new LinkedList<>();
addFinding(highCount, findingCounts, findings, Severity.HIGH.name(), addNodes, "SQL_INJECTION");
addFinding(mediumCount, findingCounts, findings, Severity.MEDIUM.name(), addNodes, "Hardcoded_password_in_Connection_String");
addFinding(lowCount, findingCounts, findings, Severity.LOW.name(), addNodes, "Open_Redirect");
astResults.setFindings(findings);
result.setAstResults(astResults);
AstSummaryResults summary = new AstSummaryResults();
summary.setStatusCounters(findingCounts);
summary.setHighVulnerabilityCount(highCount);
summary.setMediumVulnerabilityCount(mediumCount);
summary.setLowVulnerabilityCount(lowCount);
astResults.setWebReportLink(AST_WEB_REPORT_LINK);
astResults.setSummary(summary);
Map<String, Object> details = new HashMap<>();
details.put(Constants.SUMMARY_KEY, new HashMap<>());
result.setAdditionalDetails(details);
return result;
}
use of com.checkmarx.sdk.dto.ast.report.AstSummaryResults in project cx-flow by checkmarx-ltd.
the class Github2AdoSteps method createAstFindings.
private void createAstFindings(ScanResults result) {
result.setAstResults(new ASTResults());
result.getAstResults().setScanId("111");
result.getAstResults().setWebReportLink(WEB_REPORT_LINK);
LinkedList<Finding> findings = new LinkedList();
findings.add(createAstFinding(1));
findings.add(createAstFinding(2));
result.getAstResults().setFindings(findings);
result.setScanSummary(new CxScanSummary());
result.getAstResults().setSummary(new AstSummaryResults());
}
use of com.checkmarx.sdk.dto.ast.report.AstSummaryResults in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class AstTest method validateSummary.
private void validateSummary(ASTResults ASTResults) {
AstSummaryResults summary = ASTResults.getSummary();
Assert.assertNotNull("Summary is null.", summary);
Assert.assertTrue("No medium-severity vulnerabilities.", summary.getMediumVulnerabilityCount() > 0);
Assert.assertNotNull("Status counter list is null.", summary.getStatusCounters());
Assert.assertFalse("No status counters.", summary.getStatusCounters().isEmpty());
Assert.assertTrue("Expected total counter to be a positive value.", summary.getTotalCounter() > 0);
int actualFindingCount = ASTResults.getFindings().size();
Assert.assertEquals("Total finding count from summary doesn't correspond to the actual count.", actualFindingCount, summary.getTotalCounter());
long actualFindingCountExceptInfo = ASTResults.getFindings().stream().filter(finding -> !StringUtils.equalsIgnoreCase(finding.getSeverity(), "info")).count();
int countFromSummaryExceptInfo = summary.getHighVulnerabilityCount() + summary.getMediumVulnerabilityCount() + summary.getLowVulnerabilityCount();
Assert.assertEquals("Finding count from summary (excluding 'info') doesn't correspond to the actual count.", actualFindingCountExceptInfo, countFromSummaryExceptInfo);
}
Aggregations