use of com.mercedesbenz.sechub.sarif.model.ReportingDescriptorReference in project sechub by mercedes-benz.
the class SarifV1JSONImporter method resolveTargetInformation.
private void resolveTargetInformation(Rule rule, ResultData data, Run run) {
List<ReportingDescriptorRelationship> relationShips = rule.getRelationships();
for (ReportingDescriptorRelationship relationShip : relationShips) {
ReportingDescriptorReference target = relationShip.getTarget();
if (target == null) {
continue;
}
String id = target.getId();
if (id == null) {
continue;
}
ToolComponentReference toolComponent = target.getToolComponent();
if (toolComponent == null) {
continue;
}
String toolComponentName = toolComponent.getName();
if (toolComponentName == null) {
continue;
}
if (CWE.equalsIgnoreCase(toolComponentName)) {
/* CWE found, so lets look after the id */
data.cweId = id;
}
}
}
Aggregations