Commit 06b98532 authored by Tetiana Chupryna's avatar Tetiana Chupryna Committed by Bob Van Landuyt

Symbolize keys for vulnerability

Use only symbols everywhere to avoid confusion
parent b58b8099
......@@ -72,10 +72,8 @@ module Security
# will have highest severity
def sort_by_severity(collection)
collection.sort do |dep_i, dep_j|
vuln_i = dep_i[:vulnerabilities]
vuln_j = dep_j[:vulnerabilities]
level_i = vuln_i.any? ? vuln_i.first['severity'].downcase : :undefined
level_j = vuln_j.any? ? vuln_j.first['severity'].downcase : :undefined
level_i = dep_i.dig(:vulnerabilities, 0, :severity) || :undefined
level_j = dep_j.dig(:vulnerabilities, 0, :severity) || :undefined
::Vulnerabilities::Occurrence::SEVERITY_LEVELS[level_j] <=> ::Vulnerabilities::Occurrence::SEVERITY_LEVELS[level_i]
end
......
......@@ -37,7 +37,7 @@ module Gitlab
# https://gitlab.com/gitlab-org/security-products/analyzers/common/blob/a0a5074c49f34332aa3948cd9d6dc2c054cdf3a7/issue/issue.go#L169
def location(dependency, file_path)
{
"file" => file_path,
'file' => file_path,
'dependency' => {
'package' => {
'name' => dependency['package']['name']
......@@ -69,9 +69,16 @@ module Gitlab
def collect_vulnerabilities(vulnerabilities, dependency, file_path)
dependency_location = location(dependency, file_path)
vulnerabilities.select do |vulnerability|
vulnerability['location'] == dependency_location
end
vulnerabilities
.select { |vulnerability| vulnerability['location'] == dependency_location }
.map { |vulnerability| formatted_vulnerability(vulnerability) }
end
def formatted_vulnerability(vulnerability)
{
name: vulnerability['name'],
severity: vulnerability['severity'].downcase
}
end
end
end
......
......@@ -37,10 +37,10 @@ describe Gitlab::Ci::Parsers::Security::DependencyList do
vuln_async = report.dependencies[3][:vulnerabilities]
expect(vuln_nokogiri.size).to eq(4)
expect(vuln_nokogiri[0]['name']).to eq('Vulnerabilities in libxml2')
expect(vuln_nokogiri[0]['severity']).to eq('High')
expect(vuln_nokogiri[0][:name]).to eq('Vulnerabilities in libxml2')
expect(vuln_nokogiri[0][:severity]).to eq('high')
expect(vuln_debug.size).to eq(1)
expect(vuln_debug[0]['name']).to eq('Regular Expression Denial of Service')
expect(vuln_debug[0][:name]).to eq('Regular Expression Denial of Service')
expect(vuln_async.size).to eq(0)
end
end
......
......@@ -43,9 +43,9 @@ describe Gitlab::Ci::Parsers::Security::Formatters::DependencyList do
vulnerabilities = data[:vulnerabilities]
expect(vulnerabilities.size).to eq(4)
expect(vulnerabilities[0]['name']).to eq('Vulnerabilities in libxml2')
expect(vulnerabilities[3]['name']).to eq('Bypass of a protection mechanism in libxslt')
expect(vulnerabilities[0]['severity']).to eq('High')
expect(vulnerabilities[0][:name]).to eq('Vulnerabilities in libxml2')
expect(vulnerabilities[3][:name]).to eq('Bypass of a protection mechanism in libxslt')
expect(vulnerabilities[0][:severity]).to eq('high')
end
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment