async def _parse_source_responses(self, responses: SourceResponses) -> SourceMeasurement:
"""Override to parse the issues."""
value = 0
entities = Entities()
for response in responses:
json = await response.json()
value += int(json.get("total", 0))
entities.extend([await self._entity(issue) for issue in json.get("issues", [])])
return SourceMeasurement(value=str(value), entities=entities)
async def _parse_entities(self, responses: SourceResponses) -> Entities:
"""Override to parse the dependencies from the XML."""
landing_url = await self._landing_url(responses)
entities = Entities()
for response in responses:
tree, namespaces = await parse_source_response_xml_with_namespace(
response, self.allowed_root_tags)
entities.extend([
self._parse_entity(dependency, index, namespaces, landing_url)
for (index, dependency
) in enumerate(self._dependencies(tree, namespaces))
])
return entities
async def _parse_entities(self, responses: SourceResponses) -> Entities:
"""Override to parse the security warnings from the JSON."""
entities = Entities()
for response in responses:
entities.extend([
Entity(
key=warning[self.KEY],
package=warning[self.PACKAGE],
installed=warning[self.INSTALLED],
affected=warning[self.AFFECTED],
vulnerability=warning[self.VULNERABILITY],
) for warning in await response.json(content_type=None)
])
return entities
async def _parse_entities(self, responses: SourceResponses) -> Entities:
"""Override to parse the Anchore security warnings."""
severities = self._parameter("severities")
entities = Entities()
for response in responses:
json = await response.json(content_type=None)
vulnerabilities = json.get("vulnerabilities", []) if isinstance(json, dict) else []
entities.extend(
[
self._create_entity(vulnerability, response.filename)
for vulnerability in vulnerabilities
if vulnerability["severity"] in severities
]
)
return entities
async def _parse_source_responses(
self, responses: SourceResponses) -> SourceMeasurement:
"""Override to parse the violations from the OJAudit XML."""
severities = cast(list[str], self._parameter("severities"))
count = 0
entities = Entities()
for response in responses:
tree, namespaces = await parse_source_response_xml_with_namespace(
response)
entities.extend(self.__violations(tree, namespaces, severities))
for severity in severities:
count += int(
tree.findtext(f"./ns:{severity}-count",
default="0",
namespaces=namespaces))
return SourceMeasurement(value=str(count), entities=entities)
async def _parse_entities(self, responses: SourceResponses) -> Entities:
"""Override to parse the security warnings from the OpenVAS XML."""
entities = Entities()
severities = cast(list[str], self._parameter("severities"))
for response in responses:
tree = await parse_source_response_xml(response)
entities.extend([
Entity(
key=result.attrib["id"],
name=result.findtext("name", default=""),
description=result.findtext("description", default=""),
host=result.findtext("host", default=""),
port=result.findtext("port", default=""),
severity=result.findtext("threat", default=""),
) for result in self.__results(tree, severities)
])
return entities
async def _parse_entities(self, responses: SourceResponses) -> Entities:
"""Override to parse the security warnings."""
severities = self._parameter("severities")
confidence_levels = self._parameter("confidence_levels")
entities = Entities()
for response in responses:
entities.extend([
Entity(
key=
f'{warning["test_id"]}:{warning["filename"]}:{warning["line_number"]}',
location=f'{warning["filename"]}:{warning["line_number"]}',
issue_text=warning["issue_text"],
issue_severity=warning["issue_severity"].capitalize(),
issue_confidence=warning["issue_confidence"].capitalize(),
more_info=warning["more_info"],
) for warning in (await response.json(
content_type=None)).get("results", [])
if warning["issue_severity"].lower() in severities
and warning["issue_confidence"].lower() in confidence_levels
])
return entities