def test_parser(self):
parser = SonarQubeApiImporter()
findings = parser.get_findings(None, self.test)
self.assertEqual(2, len(findings))
finding = findings[0]
self.assertEqual('Remove this useless assignment to local variable "currentValue".', finding.title)
self.assertEqual(None, finding.cwe)
self.assertEqual('', finding.description)
self.assertEqual('', finding.references)
self.assertEqual('Medium', finding.severity)
self.assertEqual(242, finding.line)
self.assertEqual('internal.dummy.project:src/main/javascript/TranslateDirective.ts', finding.file_path)
def test_parser(self):
parser = SonarQubeApiImporter()
findings = parser.get_findings(None, self.test)
self.assertEqual(
findings[0].title,
'"password" detected here, make sure this is not a hard-coded credential.'
)
self.assertEqual(findings[0].cwe, 798)
self.assertMultiLineEqual(
'**Ask Yourself Whether**'
'\n\n '
'* Credentials allows access to a sensitive component like a database, a file storage, an API or a service. '
'\n '
'* Credentials are used in production environments. '
'\n '
'* Application re-distribution is required before updating the credentials. '
'\n\n'
'There is a risk if you answered yes to any of those questions.'
'\n\n', findings[0].description)
self.assertEqual(str(findings[0].severity), 'Info')
self.assertMultiLineEqual(
'[CVE-2019-13466](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13466)'
'\n'
'[CVE-2018-15389](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15389)'
'\n'
'[OWASP Top 10 2017 Category A2](https://www.owasp.org/index.php/Top_10-2017_A2-Broken_Authentication)'
'\n'
'[MITRE, CWE-798](http://cwe.mitre.org/data/definitions/798)'
'\n'
'[MITRE, CWE-259](http://cwe.mitre.org/data/definitions/259)'
'\n'
'[CERT, MSC03-J.](https://wiki.sei.cmu.edu/confluence/x/OjdGBQ)'
'\n'
'[SANS Top 25](https://www.sans.org/top25-software-errors/#cat3)'
'\n'
'[Hard Coded Password](http://h3xstream.github.io/find-sec-bugs/bugs.htm#HARD_CODE_PASSWORD)'
'\n', findings[0].references)
self.assertEqual(
str(findings[0].file_path),
'internal.dummy.project:spec/support/user_fixture.rb')
self.assertEqual(findings[0].line, 9)
self.assertEqual(findings[0].active, True)
self.assertEqual(findings[0].verified, False)
self.assertEqual(findings[0].false_p, False)
self.assertEqual(findings[0].duplicate, False)
self.assertEqual(findings[0].out_of_scope, False)
self.assertEqual(findings[0].static_finding, True)
self.assertEqual(findings[0].scanner_confidence, 1)
self.assertEqual(str(findings[0].sonarqube_issue),
'AXgm6Z-ophPPY0C1qhRq')
def test_parse_file_with_one_cwe_and_one_no_cwe_vulns(self):
parser = SonarQubeApiImporter()
findings = parser.get_findings(None, self.test)
self.assertEqual(2, len(findings))
def test_parser(self):
parser = SonarQubeApiImporter()
findings = parser.get_findings(None, self.test)
self.assertEqual(2, len(findings))