Examples with VulnerabilityNotificationContent com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent used on opensource projects

Example 6 with VulnerabilityNotificationContent

use of com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent in project hub-alert by blackducksoftware.

the class ProcessingJobAccessorTestIT method createVulnerabilityUniqueProjectNotificationContent.

private VulnerabilityUniqueProjectNotificationContent createVulnerabilityUniqueProjectNotificationContent(String projectName) {
    AffectedProjectVersion affectedProjectVersion = new AffectedProjectVersion();
    affectedProjectVersion.setProjectName(projectName);
    return new VulnerabilityUniqueProjectNotificationContent(new VulnerabilityNotificationContent(), affectedProjectVersion);
}

Example 7 with VulnerabilityNotificationContent

use of com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent in project hub-alert by blackducksoftware.

the class VulnerabilityNotificationMessageExtractorTest method createVulnerabilityUniqueProjectNotificationContent.

private VulnerabilityUniqueProjectNotificationContent createVulnerabilityUniqueProjectNotificationContent() {
    AffectedProjectVersion affectedProjectVersion = new AffectedProjectVersion();
    affectedProjectVersion.setProjectName(PROJECT);
    affectedProjectVersion.setProjectVersionName(PROJECT_VERSION);
    affectedProjectVersion.setProjectVersion(PROJECT_VERSION_URL);
    affectedProjectVersion.setComponentIssueUrl(COMPONENT_URL);
    affectedProjectVersion.setBomComponent(COMPONENT_URL);
    VulnerabilitySourceQualifiedId vulnerabilityNew = new VulnerabilitySourceQualifiedId();
    vulnerabilityNew.setSeverity(VulnerabilitySeverityType.CRITICAL.name());
    vulnerabilityNew.setVulnerability(VULNERABILITY_URL);
    VulnerabilitySourceQualifiedId vulnerabilityUpdated = new VulnerabilitySourceQualifiedId();
    vulnerabilityUpdated.setVulnerability(VULNERABILITY_URL);
    VulnerabilitySourceQualifiedId vulnerabilityDeleted = new VulnerabilitySourceQualifiedId();
    vulnerabilityDeleted.setSeverity(VulnerabilitySeverityType.LOW.name());
    vulnerabilityDeleted.setVulnerability(VULNERABILITY_URL);
    VulnerabilityNotificationContent vulnerabilityNotificationContent = new VulnerabilityNotificationContent();
    vulnerabilityNotificationContent.setAffectedProjectVersions(List.of(affectedProjectVersion));
    vulnerabilityNotificationContent.setComponentName(COMPONENT.getValue());
    vulnerabilityNotificationContent.setVersionName(COMPONENT_VERSION.getValue());
    vulnerabilityNotificationContent.setNewVulnerabilityCount(1);
    vulnerabilityNotificationContent.setNewVulnerabilityIds(List.of(vulnerabilityNew));
    vulnerabilityNotificationContent.setUpdatedVulnerabilityCount(1);
    vulnerabilityNotificationContent.setUpdatedVulnerabilityIds(List.of(vulnerabilityUpdated));
    vulnerabilityNotificationContent.setDeletedVulnerabilityCount(1);
    vulnerabilityNotificationContent.setDeletedVulnerabilityIds(List.of(vulnerabilityDeleted));
    VulnerabilityUniqueProjectNotificationContent notificationContent = new VulnerabilityUniqueProjectNotificationContent(vulnerabilityNotificationContent, affectedProjectVersion);
    notificationContent.setComponentVersion(COMPONENT_VERSION_URL);
    return notificationContent;
}

Example 8 with VulnerabilityNotificationContent

use of com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent in project hub-alert by blackducksoftware.

the class VulnerabilityNotificationDetailExtractorTest method ensureLibraryModelMapsToVulnerabilityUniqueProjectNotificationContent.

@Test
public void ensureLibraryModelMapsToVulnerabilityUniqueProjectNotificationContent() throws IOException {
    VulnerabilityNotificationView vulnerabilityNotificationView = getVulnerabilityNotificationView(VULNERABILITY_SIMPLE_JSON_PATH);
    VulnerabilityNotificationContent content = vulnerabilityNotificationView.getContent();
    AffectedProjectVersion affectedProjectVersion = content.getAffectedProjectVersions().get(0);
    VulnerabilityUniqueProjectNotificationContent vulnerabilityUniqueProjectNotificationContent = new VulnerabilityUniqueProjectNotificationContent(content, affectedProjectVersion);
    assertEquals("alert-test-project", vulnerabilityUniqueProjectNotificationContent.getAffectedProjectVersion().getProjectName());
    assertEquals("Custom Component", vulnerabilityUniqueProjectNotificationContent.getComponentName());
    assertEquals("1.0.0", vulnerabilityUniqueProjectNotificationContent.getVersionName());
    assertEquals("https://a-hub-server.blackduck.com/api/components/7792be90-bfd2-42d7-ae19-66e051978675/versions/5a01d0b3-a6c4-469a-b9c8-c5769cffae78", vulnerabilityUniqueProjectNotificationContent.getComponentVersion());
    VulnerabilitySourceQualifiedId newVuln = vulnerabilityUniqueProjectNotificationContent.getNewVulnerabilityIds().get(0);
    VulnerabilitySourceQualifiedId updatedVuln = vulnerabilityUniqueProjectNotificationContent.getUpdatedVulnerabilityIds().get(0);
    VulnerabilitySourceQualifiedId deletedVuln = vulnerabilityUniqueProjectNotificationContent.getDeletedVulnerabilityIds().get(0);
    assertEquals(VulnerabilitySeverityType.LOW.name(), newVuln.getSeverity());
    assertEquals("CVE-2018-0001", newVuln.getVulnerabilityId());
    assertEquals(VulnerabilitySeverityType.HIGH.name(), updatedVuln.getSeverity());
    assertEquals("CVE-2018-0002", updatedVuln.getVulnerabilityId());
    assertEquals(VulnerabilitySeverityType.MEDIUM.name(), deletedVuln.getSeverity());
    assertEquals("CVE-2018-0003", deletedVuln.getVulnerabilityId());
}

Example 9 with VulnerabilityNotificationContent

use of com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent in project hub-alert by blackducksoftware.

the class DetailedNotificationContentTest method vulnerabilityTest.

@Test
public void vulnerabilityTest() {
    String projectName = "vuln project";
    String projectVersionName = "version";
    List<String> severities = List.of("S1", "S2");
    VulnerabilityNotificationContent vulnerabilityNotificationContent = new VulnerabilityNotificationContent();
    DetailedNotificationContent detailedContent = DetailedNotificationContent.vulnerability(ALERT_NOTIFICATION_MODEL, vulnerabilityNotificationContent, projectName, projectVersionName, severities);
    assertContent(detailedContent, ALERT_NOTIFICATION_MODEL.getProviderConfigId(), vulnerabilityNotificationContent.getClass(), severities);
    assertEquals(projectName, detailedContent.getProjectName().orElse(null));
    assertTrue(detailedContent.getPolicyName().isEmpty(), EXPECTED_NO_POLICY);
}

Example 10 with VulnerabilityNotificationContent

use of com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent in project hub-alert by blackducksoftware.

the class JobNotificationMapperTestIT method createVulnerabilityUniqueProjectNotificationContent.

private VulnerabilityUniqueProjectNotificationContent createVulnerabilityUniqueProjectNotificationContent(String projectName) {
    AffectedProjectVersion affectedProjectVersion = new AffectedProjectVersion();
    affectedProjectVersion.setProjectName(projectName);
    return new VulnerabilityUniqueProjectNotificationContent(new VulnerabilityNotificationContent(), affectedProjectVersion);
}