Examples with BomComponentDetails com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails used on opensource projects

Example 21 with BomComponentDetails

use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.

the class ProjectMessageConverterTest method createProjectMessageForComponent.

private static ProjectMessage createProjectMessageForComponent() {
    BomComponentDetails bomComponent = createBomComponentDetails();
    LinkableItem projectVersion = new LinkableItem("Project Version", "The project version", "https://a-url");
    return ProjectMessage.componentConcern(PROVIDER_DETAILS, PROJECT_ITEM, projectVersion, List.of(bomComponent));
}

Example 22 with BomComponentDetails

use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.

the class ProjectMessageConverterTest method createBomComponentDetails.

private static BomComponentDetails createBomComponentDetails() {
    ComponentPolicy componentPolicy1 = new ComponentPolicy("A component policy", ComponentConcernSeverity.UNSPECIFIED_UNKNOWN, true, false, null, "Uncategorized");
    ComponentPolicy componentPolicy2 = new ComponentPolicy("A different policy", ComponentConcernSeverity.MAJOR_HIGH, false, true, null, "Uncategorized");
    ComponentConcern policyConcern1 = ComponentConcern.policy(ItemOperation.DELETE, "A non-severe policy", "https://policy");
    ComponentConcern policyConcern2 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.TRIVIAL_LOW, "https://severe-policy");
    ComponentConcern vulnerabilityConcern1 = createVulnerabilityConcern(ItemOperation.ADD, "CVE-123", ComponentConcernSeverity.CRITICAL);
    ComponentConcern vulnerabilityConcern2 = createVulnerabilityConcern(ItemOperation.UPDATE, "CVE-135", ComponentConcernSeverity.TRIVIAL_LOW);
    ComponentConcern vulnerabilityConcern3 = createVulnerabilityConcern(ItemOperation.DELETE, "CVE-246", ComponentConcernSeverity.MINOR_MEDIUM);
    LinkableItem shortTermUpgradeGuidance = new LinkableItem("Upgrade Guidance - Short Term", "1.0");
    LinkableItem longTermUpgradeGuidance = new LinkableItem("Upgrade Guidance - Long Term", "2.0");
    ComponentUpgradeGuidance componentUpgradeGuidance = new ComponentUpgradeGuidance(shortTermUpgradeGuidance, longTermUpgradeGuidance);
    ComponentConcern unknownVersionConcern1 = ComponentConcern.unknownComponentVersion(ItemOperation.ADD, "Component-Unknown-Version-01", ComponentConcernSeverity.CRITICAL, 0, "https://synopsys.com");
    ComponentConcern unknownVersionConcern2 = ComponentConcern.unknownComponentVersion(ItemOperation.ADD, "Component-Unknown-Version-01", ComponentConcernSeverity.MAJOR_HIGH, 1, "https://synopsys.com");
    ComponentConcern unknownVersionConcern3 = ComponentConcern.unknownComponentVersion(ItemOperation.ADD, "Component-Unknown-Version-01", ComponentConcernSeverity.MINOR_MEDIUM, 2, "https://synopsys.com");
    ComponentConcern unknownVersionConcern4 = ComponentConcern.unknownComponentVersion(ItemOperation.ADD, "Component-Unknown-Version-01", ComponentConcernSeverity.TRIVIAL_LOW, 3, "https://synopsys.com");
    LinkableItem attribute1 = new LinkableItem("Attribute", "The first attribute");
    LinkableItem attribute2 = new LinkableItem("Attribute Prime", "The second attribute");
    return new BomComponentDetails(new LinkableItem("Component", "The component"), new LinkableItem("Component Version", "The component version"), createComponentVulnerabilities(), List.of(componentPolicy1, componentPolicy2), List.of(policyConcern1, policyConcern2, vulnerabilityConcern1, vulnerabilityConcern2, vulnerabilityConcern3, unknownVersionConcern1, unknownVersionConcern2, unknownVersionConcern3, unknownVersionConcern4), new LinkableItem("License", "The software license name", "https://license-url"), "The usage of the component", componentUpgradeGuidance, List.of(attribute1, attribute2), "https://blackduck-issues-url");
}

Example 23 with BomComponentDetails

use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.

the class ProjectMessageToIssueModelTransformer method convertToIssueModels.

public List<ProjectIssueModel> convertToIssueModels(ProjectMessage projectMessage) {
    List<ProjectIssueModel> projectIssueModels = new LinkedList<>();
    for (BomComponentDetails bomComponent : projectMessage.getBomComponents()) {
        IssueBomComponentDetails issueBomComponent = IssueBomComponentDetails.fromBomComponentDetails(bomComponent);
        List<ProjectIssueModel> projectIssueModelsForConcerns = convertToIssueModels(projectMessage, issueBomComponent, bomComponent.getComponentConcerns());
        projectIssueModels.addAll(projectIssueModelsForConcerns);
    }
    return projectIssueModels;
}

Example 24 with BomComponentDetails

use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.

the class IssueTrackerSearcher method findIssuesByAllComponents.

private List<ActionableIssueSearchResult<T>> findIssuesByAllComponents(ProviderDetails providerDetails, LinkableItem project, LinkableItem projectVersion, List<BomComponentDetails> bomComponents) throws AlertException {
    List<ProjectIssueSearchResult<T>> componentIssues = new LinkedList<>();
    for (BomComponentDetails bomComponent : bomComponents) {
        List<ProjectIssueSearchResult<T>> issuesByComponent = projectVersionComponentIssueFinder.findIssuesByComponent(providerDetails, project, projectVersion, bomComponent);
        componentIssues.addAll(issuesByComponent);
    }
    return componentIssues.stream().map(this::convertToUpdateResult).collect(Collectors.toList());
}

Example 25 with BomComponentDetails

use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.

the class ComponentUnknownVersionExtractor method createBomComponentDetails.

@Override
protected List<BomComponentDetails> createBomComponentDetails(ComponentUnknownVersionWithStatusNotificationContent notificationContent, BlackDuckServicesFactory blackDuckServicesFactory) throws IntegrationException {
    BlackDuckApiClient blackDuckApiClient = blackDuckServicesFactory.getBlackDuckApiClient();
    BlackDuckMessageBomComponentDetailsCreator bomComponentDetailsCreator = detailsCreatorFactory.createBomComponentDetailsCreator(blackDuckServicesFactory);
    List<ComponentConcern> componentConcerns = createComponentConcerns(notificationContent);
    BomComponentDetails bomComponentDetails;
    try {
        ProjectVersionComponentVersionView bomComponent = blackDuckApiClient.getResponse(new HttpUrl(notificationContent.getBomComponent()), ProjectVersionComponentVersionView.class);
        bomComponentDetails = bomComponentDetailsCreator.createBomComponentUnknownVersionDetails(bomComponent, componentConcerns, ComponentUpgradeGuidance.none(), List.of());
    } catch (IntegrationRestException e) {
        bomComponent404Handler.logIf404OrThrow(e, notificationContent.getComponentName(), null);
        bomComponentDetails = bomComponentDetailsCreator.createMissingBomComponentDetailsForUnknownVersion(notificationContent.getComponentName(), notificationContent.getBomComponent(), BlackDuckMessageBomComponentDetailsCreator.COMPONENT_VERSION_UNKNOWN, componentConcerns, ComponentUpgradeGuidance.none(), List.of());
    }
    return List.of(bomComponentDetails);
}