Examples with ComponentVulnerabilities com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities used on opensource projects

Search in sources :

Example 6 with ComponentVulnerabilities

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities in project hub-alert by blackducksoftware.

the class BlackDuckMessageBomComponentDetailsCreator method createBomComponentDetails.

public BomComponentDetails createBomComponentDetails(ProjectVersionComponentVersionView bomComponent, List<ComponentConcern> componentConcerns, ComponentUpgradeGuidance componentUpgradeGuidance, List<LinkableItem> additionalAttributes) throws IntegrationException {
    LinkableItem component;
    LinkableItem componentVersion = null;
    // FIXME using this query link only in a successful result and not in an unsuccessful result leads to inconsistent values in our custom fields which leads to inconsistent search results (bug).
    String componentQueryLink = BlackDuckMessageLinkUtils.createComponentQueryLink(bomComponent);
    String componentVersionUrl = bomComponent.getComponentVersion();
    if (StringUtils.isNotBlank(componentVersionUrl)) {
        component = new LinkableItem(BlackDuckMessageLabels.LABEL_COMPONENT, bomComponent.getComponentName());
        componentVersion = new LinkableItem(BlackDuckMessageLabels.LABEL_COMPONENT_VERSION, bomComponent.getComponentVersionName(), componentQueryLink);
    } else {
        component = new LinkableItem(BlackDuckMessageLabels.LABEL_COMPONENT, bomComponent.getComponentName(), componentQueryLink);
    }
    ComponentVulnerabilities componentVulnerabilities = retrieveComponentVulnerabilities(bomComponent);
    List<ComponentPolicy> componentPolicies = retrieveComponentPolicies(bomComponent, componentConcerns);
    LinkableItem licenseInfo = BlackDuckMessageAttributesUtils.extractLicense(bomComponent);
    String usageInfo = BlackDuckMessageAttributesUtils.extractUsage(bomComponent);
    String issuesUrl = BlackDuckMessageAttributesUtils.extractIssuesUrl(bomComponent).orElse(null);
    return new BomComponentDetails(component, componentVersion, componentVulnerabilities, componentPolicies, componentConcerns, licenseInfo, usageInfo, componentUpgradeGuidance, additionalAttributes, issuesUrl);
}
Also used : LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy) ComponentVulnerabilities(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)

Example 7 with ComponentVulnerabilities

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities in project hub-alert by blackducksoftware.

the class BlackDuckComponentVulnerabilityDetailsCreator method toComponentVulnerabilities.

public ComponentVulnerabilities toComponentVulnerabilities(List<BlackDuckProjectVersionComponentVulnerabilitiesView> vulnerabilities) {
    List<LinkableItem> criticalVulns = new LinkedList<>();
    List<LinkableItem> highVulns = new LinkedList<>();
    List<LinkableItem> mediumVulns = new LinkedList<>();
    List<LinkableItem> lowVulns = new LinkedList<>();
    for (BlackDuckProjectVersionComponentVulnerabilitiesView vulnerability : vulnerabilities) {
        if (requiresRemediation(vulnerability)) {
            AlertVulnerability alertVulnerability = toAlertVulnerabilityView(vulnerability);
            VulnerabilitySeverityType severity = alertVulnerability.severity;
            LinkableItem vulnerabilityInfo = alertVulnerability.vulnerabilityInfo;
            if (VulnerabilitySeverityType.CRITICAL.equals(severity)) {
                criticalVulns.add(vulnerabilityInfo);
            } else if (VulnerabilitySeverityType.HIGH.equals(severity)) {
                highVulns.add(vulnerabilityInfo);
            } else if (VulnerabilitySeverityType.MEDIUM.equals(severity)) {
                mediumVulns.add(vulnerabilityInfo);
            } else if (VulnerabilitySeverityType.LOW.equals(severity)) {
                lowVulns.add(vulnerabilityInfo);
            }
        }
    }
    return new ComponentVulnerabilities(criticalVulns, highVulns, mediumVulns, lowVulns);
}
Also used : LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) VulnerabilitySeverityType(com.synopsys.integration.blackduck.api.generated.enumeration.VulnerabilitySeverityType) LinkedList(java.util.LinkedList) ComponentVulnerabilities(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities)

Example 8 with ComponentVulnerabilities

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities in project hub-alert by blackducksoftware.

the class ProjectIssueModelConverter method createVulnerabilitySeverityStatusSectionPieces.

private List<String> createVulnerabilitySeverityStatusSectionPieces(ProjectIssueModel projectIssueModel) {
    List<String> severityStatusSectionPieces = new LinkedList<>();
    String encodedSeverityStatus = formatter.encode(LABEL_SEVERITY_STATUS);
    IssueBomComponentDetails bomComponentDetails = projectIssueModel.getBomComponentDetails();
    Optional<IssueVulnerabilityDetails> vulnerabilityDetails = projectIssueModel.getVulnerabilityDetails();
    if (vulnerabilityDetails.isPresent()) {
        ComponentVulnerabilities componentVulnerabilities = bomComponentDetails.getComponentVulnerabilities();
        componentVulnerabilities.computeHighestSeverity().map(ComponentConcernSeverity::getVulnerabilityLabel).map(formatter::encode).map(severity -> encodedSeverityStatus + severity).ifPresentOrElse(severityStatusSectionPieces::add, () -> severityStatusSectionPieces.add(encodedSeverityStatus + "None"));
        severityStatusSectionPieces.add(formatter.getLineSeparator());
        severityStatusSectionPieces.add(formatter.getSectionSeparator());
        severityStatusSectionPieces.add(formatter.getLineSeparator());
    }
    return severityStatusSectionPieces;
}
Also used : ComponentConcernType(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernType) ComponentConcernSeverity(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity) ExistingIssueDetails(com.synopsys.integration.alert.api.channel.issue.search.ExistingIssueDetails) ComponentVulnerabilities(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities) StringUtils(org.apache.commons.lang3.StringUtils) IssueComponentUnknownVersionDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueComponentUnknownVersionDetails) IssueTransitionModel(com.synopsys.integration.alert.api.channel.issue.model.IssueTransitionModel) ChunkedStringBuilderRechunker(com.synopsys.integration.alert.common.channel.message.ChunkedStringBuilderRechunker) IssuePolicyDetails(com.synopsys.integration.alert.api.channel.issue.model.IssuePolicyDetails) BomComponentDetailConverter(com.synopsys.integration.alert.api.channel.convert.BomComponentDetailConverter) IssueVulnerabilityDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails) RechunkedModel(com.synopsys.integration.alert.common.channel.message.RechunkedModel) ItemOperation(com.synopsys.integration.alert.common.enumeration.ItemOperation) LinkedList(java.util.LinkedList) IssueCommentModel(com.synopsys.integration.alert.api.channel.issue.model.IssueCommentModel) LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) IssueOperation(com.synopsys.integration.alert.common.channel.issuetracker.enumeration.IssueOperation) IssueCreationModel(com.synopsys.integration.alert.api.channel.issue.model.IssueCreationModel) Collectors(java.util.stream.Collectors) Serializable(java.io.Serializable) List(java.util.List) ChunkedStringBuilder(com.synopsys.integration.alert.common.channel.message.ChunkedStringBuilder) Optional(java.util.Optional) LinkableItemConverter(com.synopsys.integration.alert.api.channel.convert.LinkableItemConverter) ProjectIssueModel(com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel) IssueBomComponentDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails) IssueBomComponentDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails) IssueVulnerabilityDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails) LinkedList(java.util.LinkedList) ComponentVulnerabilities(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities)

Example 9 with ComponentVulnerabilities

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities in project hub-alert by blackducksoftware.

the class BomComponentDetailConverterTest method createComponentVulnerabilities.

private static ComponentVulnerabilities createComponentVulnerabilities() {
    LinkableItem vulnerability1 = creatVulnerabilityLinkableItem("CVE-001");
    LinkableItem vulnerability2 = creatVulnerabilityLinkableItem("CVE-002");
    LinkableItem vulnerability3 = creatVulnerabilityLinkableItem("CVE-003");
    LinkableItem vulnerability4 = creatVulnerabilityLinkableItem("CVE-004");
    LinkableItem vulnerability5 = creatVulnerabilityLinkableItem("CVE-005");
    LinkableItem vulnerability6 = creatVulnerabilityLinkableItem("CVE-006");
    return new ComponentVulnerabilities(List.of(), List.of(vulnerability1), List.of(vulnerability2, vulnerability3), List.of(vulnerability4, vulnerability5, vulnerability6));
}
Also used : LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) ComponentVulnerabilities(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities)

Example 10 with ComponentVulnerabilities

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities in project hub-alert by blackducksoftware.

the class ProjectMessageConverterTest method createComponentVulnerabilities.

private static ComponentVulnerabilities createComponentVulnerabilities() {
    LinkableItem vuln1 = createComponentVulnerability("CVE-123");
    LinkableItem vuln2 = createComponentVulnerability("CVE-135");
    LinkableItem vuln3 = createComponentVulnerability("CVE-007");
    LinkableItem vuln4 = createComponentVulnerability("CVE-099");
    LinkableItem vuln5 = createComponentVulnerability("CVE-230");
    return new ComponentVulnerabilities(List.of(vuln1), List.of(vuln3, vuln4), List.of(), List.of(vuln2, vuln5));
}
Also used : LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) ComponentVulnerabilities(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities)

Aggregations

ComponentVulnerabilities (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities)12 LinkableItem (com.synopsys.integration.alert.common.message.model.LinkableItem)8 IssueVulnerabilityDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails)5 Test (org.junit.jupiter.api.Test)5 IssueBomComponentDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails)4 IssueVulnerabilityModel (com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel)4 ProjectIssueModel (com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel)4 MockIssueTrackerMessageFormatter (com.synopsys.integration.alert.api.channel.issue.convert.mock.MockIssueTrackerMessageFormatter)3 AbstractBomComponentDetails (com.synopsys.integration.alert.processor.api.extract.model.project.AbstractBomComponentDetails)3 LinkedList (java.util.LinkedList)3 IssueCreationModel (com.synopsys.integration.alert.api.channel.issue.model.IssueCreationModel)2 ItemOperation (com.synopsys.integration.alert.common.enumeration.ItemOperation)2 BomComponentDetails (com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)2 ComponentPolicy (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy)2 BomComponentDetailConverter (com.synopsys.integration.alert.api.channel.convert.BomComponentDetailConverter)1 LinkableItemConverter (com.synopsys.integration.alert.api.channel.convert.LinkableItemConverter)1 IssueCommentModel (com.synopsys.integration.alert.api.channel.issue.model.IssueCommentModel)1 IssueComponentUnknownVersionDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueComponentUnknownVersionDetails)1 IssuePolicyDetails (com.synopsys.integration.alert.api.channel.issue.model.IssuePolicyDetails)1 IssueTransitionModel (com.synopsys.integration.alert.api.channel.issue.model.IssueTransitionModel)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial