def test_parser(self): parser = SonarQubeApiImporter() findings = parser.get_findings(None, self.test) self.assertEqual(2, len(findings)) finding = findings[0] self.assertEqual('Remove this useless assignment to local variable "currentValue".', finding.title) self.assertEqual(None, finding.cwe) self.assertEqual('', finding.description) self.assertEqual('', finding.references) self.assertEqual('Medium', finding.severity) self.assertEqual(242, finding.line) self.assertEqual('internal.dummy.project:src/main/javascript/TranslateDirective.ts', finding.file_path)
def test_parser(self): parser = SonarQubeApiImporter() findings = parser.get_findings(None, self.test) self.assertEqual( findings[0].title, '"password" detected here, make sure this is not a hard-coded credential.' ) self.assertEqual(findings[0].cwe, 798) self.assertMultiLineEqual( '**Ask Yourself Whether**' '\n\n ' '* Credentials allows access to a sensitive component like a database, a file storage, an API or a service. ' '\n ' '* Credentials are used in production environments. ' '\n ' '* Application re-distribution is required before updating the credentials. ' '\n\n' 'There is a risk if you answered yes to any of those questions.' '\n\n', findings[0].description) self.assertEqual(str(findings[0].severity), 'Info') self.assertMultiLineEqual( '[CVE-2019-13466](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13466)' '\n' '[CVE-2018-15389](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15389)' '\n' '[OWASP Top 10 2017 Category A2](https://www.owasp.org/index.php/Top_10-2017_A2-Broken_Authentication)' '\n' '[MITRE, CWE-798](http://cwe.mitre.org/data/definitions/798)' '\n' '[MITRE, CWE-259](http://cwe.mitre.org/data/definitions/259)' '\n' '[CERT, MSC03-J.](https://wiki.sei.cmu.edu/confluence/x/OjdGBQ)' '\n' '[SANS Top 25](https://www.sans.org/top25-software-errors/#cat3)' '\n' '[Hard Coded Password](http://h3xstream.github.io/find-sec-bugs/bugs.htm#HARD_CODE_PASSWORD)' '\n', findings[0].references) self.assertEqual( str(findings[0].file_path), 'internal.dummy.project:spec/support/user_fixture.rb') self.assertEqual(findings[0].line, 9) self.assertEqual(findings[0].active, True) self.assertEqual(findings[0].verified, False) self.assertEqual(findings[0].false_p, False) self.assertEqual(findings[0].duplicate, False) self.assertEqual(findings[0].out_of_scope, False) self.assertEqual(findings[0].static_finding, True) self.assertEqual(findings[0].scanner_confidence, 1) self.assertEqual(str(findings[0].sonarqube_issue), 'AXgm6Z-ophPPY0C1qhRq')
def test_parse_file_with_one_cwe_and_one_no_cwe_vulns(self): parser = SonarQubeApiImporter() findings = parser.get_findings(None, self.test) self.assertEqual(2, len(findings))
def test_parser(self): parser = SonarQubeApiImporter() findings = parser.get_findings(None, self.test) self.assertEqual(2, len(findings))