Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(cwe): add cwe into sarif report and KICS CLI results #6845

Merged
merged 58 commits into from
Feb 6, 2024
Merged

feat(cwe): add cwe into sarif report and KICS CLI results #6845

Show file tree
Hide file tree
Changes from 19 commits
Commits
Show all changes
58 commits
Select commit Hold shift + click to select a range
4eaedbe
feat(cwe): add cwe into sarif report and KICS CLI results
ArturRibeiro-CX Jan 4, 2024
4cf3afd
feat(cwe): add cwe into sarif report and KICS CLI results
ArturRibeiro-CX Jan 4, 2024
90bb750
feat(cwe): add cwe into sarif report and KICS CLI results
ArturRibeiro-CX Jan 4, 2024
df81fab
feat(cwe): add cwe into sarif report and KICS CLI results
ArturRibeiro-CX Jan 5, 2024
9636be8
feat(cwe): add cwe into sarif report and KICS CLI results
ArturRibeiro-CX Jan 5, 2024
1722b58
Merge branch 'master' into cwe
gabriel-cx Jan 5, 2024
20cd3c4
added e2e test for cwe field in sarif report format
ArturRibeiro-CX Jan 5, 2024
060b459
Merge branch 'master' of https://github.com/Checkmarx/kics into cwe
ArturRibeiro-CX Jan 5, 2024
4fb60c3
Merge branch 'cwe' of https://github.com/Checkmarx/kics into cwe
ArturRibeiro-CX Jan 5, 2024
33a15ed
added e2e test for cwe field in sarif report format
ArturRibeiro-CX Jan 5, 2024
18f9dc9
fix cyclonedx commit on wrong branch
ArturRibeiro-CX Jan 8, 2024
4698101
fix cyclonedx commit on wrong branch
ArturRibeiro-CX Jan 8, 2024
aeec710
fix cyclonedx commit on wrong branch and remove comments
ArturRibeiro-CX Jan 8, 2024
4a6ffda
Merge branch 'master' into cwe
gabriel-cx Jan 9, 2024
ca788e3
remove cwe from sarifMessage
ArturRibeiro-CX Jan 9, 2024
b15da83
changes to addition of cwe into sarif report and KICS CLI results
ArturRibeiro-CX Jan 19, 2024
cfa3df8
fixing potential file inclusion via variable error by cleaning paths
ArturRibeiro-CX Jan 19, 2024
6aad350
linting issues fixed
ArturRibeiro-CX Jan 19, 2024
5d26283
fixing linting issues
ArturRibeiro-CX Jan 19, 2024
1fd0d35
Merge branch 'master' of https://github.com/Checkmarx/kics into cwe
ArturRibeiro-CX Jan 19, 2024
3ebc66c
fix linting e2e and naming
ArturRibeiro-CX Jan 19, 2024
842f2e4
fix linting problems
ArturRibeiro-CX Jan 19, 2024
a516a11
fixing linting
ArturRibeiro-CX Jan 19, 2024
b548e42
fixing linting problem sarif.go
ArturRibeiro-CX Jan 19, 2024
8cd6e4b
change to result-sarif.json to accept the new sarif format
ArturRibeiro-CX Jan 19, 2024
30c5e55
changes to result-sarif-required.json to accept new sarif format
ArturRibeiro-CX Jan 19, 2024
e797987
e2e for sarif report format
ArturRibeiro-CX Jan 19, 2024
30ae8bf
change bool to boolean type in result-sarif.json
ArturRibeiro-CX Jan 19, 2024
f4c5c04
addition of fullDescription text field as empty string to fix e2e error
ArturRibeiro-CX Jan 19, 2024
c854f72
fixing fullDescription text required issue on e2e
ArturRibeiro-CX Jan 19, 2024
9a827a1
Merge branch 'master' of https://github.com/Checkmarx/kics into cwe
ArturRibeiro-CX Jan 19, 2024
cfa1383
fullDescription equal to shortDescription in taxonomies when empty an…
ArturRibeiro-CX Jan 19, 2024
f23a0f9
last fix e2e result sarif files
ArturRibeiro-CX Jan 19, 2024
dfe8739
add path to uri locations in E2E_CLI_080 and E2E_CLI_070
ArturRibeiro-CX Jan 22, 2024
a256ac0
fix paths E2E_CLI 069 and 070
ArturRibeiro-CX Jan 22, 2024
cedc806
add new files to Dockerfile and error verification to sarif.go
ArturRibeiro-CX Jan 22, 2024
49af1ae
fix addition of new files to Dockerfile
ArturRibeiro-CX Jan 22, 2024
8770998
relationship target changed from array to object
ArturRibeiro-CX Jan 23, 2024
7786f26
fix to index being required in relationships as CWE does not require …
ArturRibeiro-CX Jan 23, 2024
1cd8a84
fix to name and guid not being required and lenght of this parameters
ArturRibeiro-CX Jan 23, 2024
ffebe5b
fix id lenght when parameters are empty in relationships
ArturRibeiro-CX Jan 23, 2024
8ba89af
changes to sarif report cwe field empty or not and according files
ArturRibeiro-CX Jan 24, 2024
655febf
change to name being required on toolComponent and not target in rela…
ArturRibeiro-CX Jan 24, 2024
9c48780
add test to printer with CWE field
ArturRibeiro-CX Jan 24, 2024
0e4a197
Merge branch 'master' into cwe
ArturRibeiro-CX Jan 24, 2024
9da0e25
add test case for vulnerability builder test with CWE field
ArturRibeiro-CX Jan 24, 2024
6138693
add test to summary_test
ArturRibeiro-CX Jan 25, 2024
86ef7e0
changes to summary_test to have CWE complete
ArturRibeiro-CX Jan 25, 2024
f5ca9b6
add tests for taxonomies and taxa fields in sarif report
ArturRibeiro-CX Jan 25, 2024
8f40e37
add one more test to taxonomies definition with no CWE field
ArturRibeiro-CX Jan 25, 2024
5634af0
added test for reading the csv file with CWE info correctly
ArturRibeiro-CX Jan 25, 2024
85b338f
add new cwe_csv to all dockerfiles in docker directory
ArturRibeiro-CX Jan 26, 2024
646f5a5
test Dockerfile change by coppying all directory
ArturRibeiro-CX Jan 29, 2024
82c3962
changes to all dockerfile necessary to copy cwe_csv directory without…
ArturRibeiro-CX Jan 29, 2024
8670aaa
fix typo replacing Run with RUN on Dockerfile in kics root
ArturRibeiro-CX Jan 29, 2024
30846f7
remove '/' from COPY statement in Dockerfiles to maintain the same logic
ArturRibeiro-CX Jan 29, 2024
6c4c407
Merge branch 'master' into cwe
asofsilva Feb 5, 2024
1fafda4
Merge branch 'master' into cwe
gabriel-cx Feb 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
400 changes: 400 additions & 0 deletions assets/cwe_csv/Software-Development-CWE.csv
View file
Open in desktop

Large diffs are not rendered by default.

18 changes: 18 additions & 0 deletions assets/cwe_csv/cwe_taxonomies_latest.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
{
"taxonomies":
{
"downloadUri": "https://cwe.mitre.org/data/xml/cwec_v4.13.xml.zip",
"guid": "1489b0c4-d7ce-4d31-af66-6382a01202e3",
"informationUri": "https://cwe.mitre.org/data/published/cwe_v4.13.pdf",
"isComprehensive": true,
"language": "en",
"minimumRequiredLocalizedDataSemanticVersion": "4.13",
"name": "CWE",
"organization": "MITRE",
"releaseDateUtc": "2023-10-26",
"shortDescription": {
"text": "The MITRE Common Weakness Enumeration"
},
"taxa": []
}
}
Loading
Loading