use of org.sonar.server.security.SecurityStandards.CWES_BY_CWE_TOP_25 in project sonarqube by SonarSource.
the class IssueIndex method getCweTop25Reports.
public List<SecurityStandardCategoryStatistics> getCweTop25Reports(String projectUuid, boolean isViewOrApp) {
SearchSourceBuilder request = prepareNonClosedVulnerabilitiesAndHotspotSearch(projectUuid, isViewOrApp);
CWES_BY_CWE_TOP_25.keySet().forEach(cweYear -> request.aggregation(newSecurityReportSubAggregations(AggregationBuilders.filter(cweYear, boolQuery().filter(existsQuery(FIELD_ISSUE_CWE))), true, CWES_BY_CWE_TOP_25.get(cweYear))));
List<SecurityStandardCategoryStatistics> result = processSecurityReportSearchResults(request, true);
for (SecurityStandardCategoryStatistics cweReport : result) {
Set<String> foundRules = cweReport.getChildren().stream().map(SecurityStandardCategoryStatistics::getCategory).collect(Collectors.toSet());
CWES_BY_CWE_TOP_25.get(cweReport.getCategory()).stream().filter(rule -> !foundRules.contains(rule)).forEach(rule -> cweReport.getChildren().add(emptyCweStatistics(rule)));
}
return result;
}
Aggregations