-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1 from checkmarx-ltd/Integration_Branch
Integration branch
- Loading branch information
Showing
7 changed files
with
10,972 additions
and
110 deletions.
There are no files selected for viewing
10,720 changes: 10,720 additions & 0 deletions
10,720
Scripts/sys_remote_update_set_version_1.0.7.xml
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,5 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <unload unload_date="2023-06-02 11:04:54"> | ||
| <unload unload_date="2023-06-19 13:21:07"> | ||
| <sys_script_include action="INSERT_OR_UPDATE"> | ||
| <access>public</access> | ||
| <active>true</active> | ||
|
|
@@ -55,7 +55,7 @@ CheckmarxOneUtilBase.prototype = { | |
| var config = this._getConfig(configId); | ||
| var accesscontrolbaseUrl = config.checkmarxone_server_url; | ||
| var apibaseurl = config.checkmarxone_api_base_url; | ||
| var limit_val = config.limit; | ||
| var limit_val = config.limit; | ||
| var method = "post"; | ||
| var token = this.getAccessToken(accesscontrolbaseUrl, config, method, request); | ||
| var query = '/api/projects/?offset=' + offsetno + '&limit=' + limit_val; | ||
|
|
@@ -95,7 +95,7 @@ CheckmarxOneUtilBase.prototype = { | |
| var config = this._getConfig(configId); | ||
| var accesscontrolbaseUrl = config.checkmarxone_server_url; | ||
| var apibaseurl = config.checkmarxone_api_base_url; | ||
| var limit_val = config.limit; | ||
| var limit_val = config.limit; | ||
| var method = "post"; | ||
| var token = this.getAccessToken(accesscontrolbaseUrl, config, method, request); | ||
| var query = '/api/scans/?offset=0&limit=1&statuses=Completed&project-id=' + appId + '&from-date=' + last_run_date + '&sort=%2Bcreated_at&sort=%2Bstatus&field=scan-ids'; | ||
|
|
@@ -179,24 +179,24 @@ CheckmarxOneUtilBase.prototype = { | |
| //to get total vul item | ||
| getTotalVulcount: function(configId, scanId) { | ||
| try { | ||
| var request = new sn_ws.RESTMessageV2(); | ||
| var request = new sn_ws.RESTMessageV2(); | ||
| var config = this._getConfig(configId); | ||
| var accesscontrolbaseUrl = config.checkmarxone_server_url; | ||
| var apibaseurl = config.checkmarxone_api_base_url; | ||
| var method = "post"; | ||
| var token = this.getAccessToken(accesscontrolbaseUrl, config, method, request); | ||
| var count = 0; | ||
| var query = '/api/results/?scan-id=' + scanId + '&offset=0&limit=5000&sort=%2Btype'; | ||
| var responseLastScanReport = this._makeRestApiCall(apibaseurl, configId, token, query, "get"); | ||
| var jsonLastScanReportResp = JSON.parse(responseLastScanReport.getBody()); | ||
| for (var item in jsonLastScanReportResp.results) { | ||
| count += 1; | ||
| var query = '/api/scan-summary/?scan-ids=' + scanId + '&include-severity-status=true&include-status-counters=true&include-queries=true&include-files=true&apply-predicates=true'; | ||
| var resp = this._makeRestApiCall(apibaseurl, configId, token, query, "get"); | ||
| var body = resp.getBody(); | ||
| var ScanSummaryJson = JSON.parse(body); | ||
| for (var item in ScanSummaryJson.scansSummaries) { | ||
| var count = ScanSummaryJson.scansSummaries[item].scaCounters.totalCounter + ScanSummaryJson.scansSummaries[item].sastCounters.totalCounter; | ||
| } | ||
| } catch (err) { | ||
| gs.error(this.MSG + " getScanInfo: Error while getting the scan Ids."); | ||
| throw err; | ||
| gs.error(this.MSG + " getTotalVulcount: Error while getting the total vul count." + err + scanId); | ||
| return -1; | ||
| } | ||
| return count; | ||
|
|
@@ -209,24 +209,15 @@ CheckmarxOneUtilBase.prototype = { | |
| var config = this._getConfig(configId); | ||
| var includesca = this.importScaFlaw(configId); | ||
| var includesast = this.importSastFlaw(configId); | ||
| var query = ''; | ||
| var limit_val = config.limit; | ||
| //var query = '/api/results/?scan-id=' + scanId + '&offset=' + offsetId + '&limit=' + limit_val; | ||
| var query = '/api/results/?scan-id=' + scanId + '&offset=' + offsetId + '&limit=' + limit_val +'&sort=%2Bstatus&sort=%2Bseverity' ; | ||
| //var query = '/api/results/?scan-id=' + scanId + '&offset=' + offsetId + '&limit=20' +'&sort=%2Bstatus&sort=%2Bseverity' ; | ||
| var accesscontrolbaseUrl = config.checkmarxone_server_url; | ||
| var apibaseurl = config.checkmarxone_api_base_url; | ||
| var method = "post"; | ||
| var token = this.getAccessToken(accesscontrolbaseUrl, config, method, request); | ||
| if (includesca) { | ||
| if (includesast) { | ||
| query = '/api/results/?scan-id=' + scanId + '&offset=' + offsetId + '&limit=' + limit_val + '&sort=%2Btype'; | ||
| } else { | ||
| query = '/api/results/?scan-id=' + scanId + '&offset=' + offsetId + '&limit=' + limit_val + '&sort=%2Btype'; | ||
| } | ||
| } else { | ||
| if (includesast) { | ||
| query = '/api/results/?scan-id=' + scanId + '&offset=' + offsetId + '&limit=' + limit_val + '&sort=%-type'; | ||
| } | ||
| } | ||
| } catch (err) { | ||
| gs.error(this.MSG + " getVulInfo: Error while getting the vul Info." + err); | ||
| throw err; | ||
|
|
@@ -251,17 +242,15 @@ CheckmarxOneUtilBase.prototype = { | |
| var ScanSummaryJson = JSON.parse(body); | ||
| var flaws = 0; | ||
| for (var item in ScanSummaryJson.scansSummaries) { | ||
| for (var value in ScanSummaryJson.scansSummaries[item].scaCounters.severityCounters) { | ||
| var counts = ScanSummaryJson.scansSummaries[item].scaCounters.severityCounters[value].counter; | ||
| flaws += counts; | ||
| } | ||
| } | ||
| } catch (err) { | ||
| gs.error(this.MSG + " getScanSummaryInfo: Error while getting the scan summary Ids."); | ||
| throw err; | ||
| gs.error(this.MSG + " getScanSummaryInfo: Error while getting the scan summary Ids." + err + scanId); | ||
| return -1; | ||
| } | ||
| return flaws; | ||
|
|
@@ -282,21 +271,46 @@ CheckmarxOneUtilBase.prototype = { | |
| var ScanSummaryJson = JSON.parse(body); | ||
| var flaws = 0; | ||
| for (var item in ScanSummaryJson.scansSummaries) { | ||
| for (var value in ScanSummaryJson.scansSummaries[item].sastCounters.severityCounters) { | ||
| var counts = ScanSummaryJson.scansSummaries[item].sastCounters.severityCounters[value].counter; | ||
| flaws += counts; | ||
| } | ||
| } | ||
| } catch (err) { | ||
| gs.error(this.MSG + " getScanSummaryInfo: Error while getting the scan summary Ids."); | ||
| throw err; | ||
| gs.error(this.MSG + " getScanSummaryInfo: Error while getting the scan summary Ids." + err + scanId); | ||
| return -1; | ||
| } | ||
| return flaws; | ||
| }, | ||
| //To get remediation status for state mapping | ||
| getRemediationStatus: function(status, state) { | ||
| try { | ||
| if ((status != 'NEW' || status != 'RECURRENT') && (state == 'TO_VERIFY' || state == 'NOT_IGNORED')) { | ||
| var remediation_status = status; | ||
| } else { | ||
| remediation_status = state; | ||
| } | ||
| } catch (err) { | ||
| gs.error(this.MSG + " getRemediationStatus: Error while getting the status." + err); | ||
| } | ||
| return remediation_status; | ||
| }, | ||
| getFirstDetectionDate: function() { | ||
| try { | ||
| var configId = 'getconfig'; | ||
| var config = this._getConfig(configId); | ||
| var include_first_found = config.include_first_detection_date; | ||
| } catch (err) { | ||
| gs.error(this.MSG + " getFirstDetectionDate: Error while getting the status of getFirstDetectionDate." + err); | ||
| } | ||
| return include_first_found; | ||
| }, | ||
| _getConfig: function(configId) { | ||
| try { | ||
|
|
@@ -309,7 +323,8 @@ CheckmarxOneUtilBase.prototype = { | |
| "tenant": gr.getValue("tenant"), | ||
| "checkmarxone_api_base_url": gr.getValue("checkmarxone_api_base_url"), | ||
| "checkmarxone_server_url": gr.getValue("checkmarxone_server_url"), | ||
| "limit": gr.getValue("limit"), | ||
| "limit": gr.getValue("limit"), | ||
| "include_first_detection_date": gr.getValue("include_first_detection_date") === "1", | ||
| "import_sca": gr.getValue("import_sca") === "1", | ||
| "import_sast": gr.getValue("import_sast") === "1", | ||
| }; | ||
|
|
@@ -333,7 +348,7 @@ CheckmarxOneUtilBase.prototype = { | |
| request.setEndpoint(fullUrl); | ||
| request.setHttpMethod(method); | ||
| request.setLogLevel('all'); | ||
| request.setRequestBody(query); | ||
| request.setRequestBody(query); | ||
| request.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); | ||
| request.setRequestHeader("Accept", "application/json"); | ||
| //Convert the object to string and set it to Request Body- | ||
|
|
@@ -492,6 +507,7 @@ CheckmarxOneUtilBase.prototype = { | |
| "tenant": gr.getValue("tenant"), | ||
| "checkmarxone_api_base_url": gr.getValue("checkmarxone_api_base_url"), | ||
| "checkmarxone_server_url": gr.getValue("checkmarxone_server_url"), | ||
| "include_first_detection_date": gr.getValue("include_first_detection_date") === "1", | ||
| "import_sca": gr.getValue("import_dast") === "1", | ||
| "import_sast": gr.getValue("import_sast") === "1", | ||
| }; | ||
|
|
@@ -511,20 +527,20 @@ CheckmarxOneUtilBase.prototype = { | |
| return this._getConfig(configId).import_sast; | ||
| }, | ||
| type: 'CheckmarxOneUtilBase' | ||
| };]]></script> | ||
| <sys_class_name>sys_script_include</sys_class_name> | ||
| <sys_created_by>admin</sys_created_by> | ||
| <sys_created_on>2022-11-21 19:26:28</sys_created_on> | ||
| <sys_id>1980bcb147935110328ca368436d435a</sys_id> | ||
| <sys_mod_count>140</sys_mod_count> | ||
| <sys_mod_count>154</sys_mod_count> | ||
| <sys_name>CheckmarxOneUtilBase</sys_name> | ||
| <sys_package display_value="Checkmarx One Vulnerability Integration" source="x_chec3_chexone">3d20e92d47471110328ca368436d436a</sys_package> | ||
| <sys_policy/> | ||
| <sys_scope display_value="Checkmarx One Vulnerability Integration">3d20e92d47471110328ca368436d436a</sys_scope> | ||
| <sys_update_name>sys_script_include_1980bcb147935110328ca368436d435a</sys_update_name> | ||
| <sys_updated_by>[email protected]</sys_updated_by> | ||
| <sys_updated_on>2023-05-23 14:57:15</sys_updated_on> | ||
| <sys_updated_by>admin</sys_updated_by> | ||
| <sys_updated_on>2023-06-19 13:11:08</sys_updated_on> | ||
| </sys_script_include> | ||
| </unload> | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,5 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <unload unload_date="2023-06-02 11:12:49"> | ||
| <unload unload_date="2023-06-16 10:54:08"> | ||
| <sys_script_include action="INSERT_OR_UPDATE"> | ||
| <access>package_private</access> | ||
| <active>true</active> | ||
|
|
@@ -61,6 +61,7 @@ CheckmarxOneConfigUtilBase.prototype = { | |
| "tenant": gr.getValue("tenant"), | ||
| "checkmarxone_api_base_url": gr.getValue("checkmarxone_api_base_url"), | ||
| "checkmarxone_server_url": gr.getValue("checkmarxone_server_url"), | ||
| "include_first_detection_date": gr.getValue("include_first_detection_date") === "1", | ||
| "import_sca": gr.getValue("import_sca") === "1", | ||
| "import_sast": gr.getValue("import_sast") === "1", | ||
| "triaging_in_snow": gr.getValue("triaging_in_snow") === "1", | ||
|
|
@@ -79,13 +80,13 @@ CheckmarxOneConfigUtilBase.prototype = { | |
| <sys_created_by>admin</sys_created_by> | ||
| <sys_created_on>2022-11-17 05:45:19</sys_created_on> | ||
| <sys_id>508f0d54471f1110328ca368436d43f8</sys_id> | ||
| <sys_mod_count>32</sys_mod_count> | ||
| <sys_mod_count>33</sys_mod_count> | ||
| <sys_name>CheckmarxOneConfigUtilBase</sys_name> | ||
| <sys_package display_value="Checkmarx One Vulnerability Integration" source="x_chec3_chexone">3d20e92d47471110328ca368436d436a</sys_package> | ||
| <sys_policy/> | ||
| <sys_scope display_value="Checkmarx One Vulnerability Integration">3d20e92d47471110328ca368436d436a</sys_scope> | ||
| <sys_update_name>sys_script_include_508f0d54471f1110328ca368436d43f8</sys_update_name> | ||
| <sys_updated_by>[email protected]</sys_updated_by> | ||
| <sys_updated_on>2023-05-02 12:57:08</sys_updated_on> | ||
| <sys_updated_by>admin</sys_updated_by> | ||
| <sys_updated_on>2023-06-16 07:57:43</sys_updated_on> | ||
| </sys_script_include> | ||
| </unload> | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,5 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <unload unload_date="2023-06-02 11:11:51"> | ||
| <unload unload_date="2023-06-19 13:20:56"> | ||
| <sys_script_include action="INSERT_OR_UPDATE"> | ||
| <access>public</access> | ||
| <active>true</active> | ||
|
|
@@ -75,14 +75,11 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic | |
| var responseLastScanSummary = this.UTIL.getScanDetails(this.IMPLEMENTATION, scanId); | ||
| var jsonLastScanSummResp = JSON.parse(responseLastScanSummary.getBody()); | ||
| gs.debug(this.MSG + " getSummaryReport : parsed scanInfoResponse " + JSON.stringify(jsonLastScanSummResp)); | ||
| //to map value of last_scan_date, project name and project Id in XML | ||
| for (var value in jsonLastScanSummResp.scans) { | ||
| scanSummaryAll += '<scan id="' + jsonLastScanSummResp.scans[value].id + '" app_id="' + jsonLastScanSummResp.scans[value].projectId + | ||
| '" last_scan_date="' + this.UTIL.parseDate(jsonLastScanSummResp.scans[value].updatedAt) + | ||
| '" app_name="' + jsonLastScanSummResp.scans[value].projectName + '"/>'; | ||
| lastscandate += this.UTIL.parseDate(jsonLastScanSummResp.scans[value].updatedAt); | ||
| appname += jsonLastScanSummResp.scans[value].projectId; | ||
| appname += jsonLastScanSummResp.scans[value].projectName; | ||
| appId += jsonLastScanSummResp.scans[value].projectId; | ||
| } | ||
| var responseLastScanReport = this.UTIL.getVulInfo(this.IMPLEMENTATION, scanId, newoffset); | ||
| gs.debug(this.MSG + " getDetailedReport : scanInfoResponse " + responseLastScanReport); | ||
|
|
@@ -94,7 +91,7 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic | |
| var nodeId = 'nodeId:' + jsonLastScanReportResp.results[item].data.nodes[j].nodeID + ', path:' + jsonLastScanReportResp.results[item].data.nodes[j].fileName; | ||
| notes += nodeId + '. '; | ||
| } | ||
| SASTscanDetailedAll += '<result id="' + jsonLastScanReportResp.results[item].id + '" scan_type="' + scan_type + | ||
| SASTscanDetailedAll += '<result id="' + jsonLastScanReportResp.results[item].similarityId + '" scan_type="' + scan_type + | ||
| '" cweId="' + jsonLastScanReportResp.results[item].vulnerabilityDetails.cweId + | ||
| '" cweName="' + jsonLastScanReportResp.results[item].data.queryName + | ||
| '" category_name="' + jsonLastScanReportResp.results[item].data.group + | ||
|
|
@@ -128,8 +125,7 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic | |
| SCAscanDetailedAll += '<result id="' + jsonLastScanReportResp.results[item].id + '" scan_type="' + jsonLastScanReportResp.results[item].type + | ||
| '" cweId="' + jsonLastScanReportResp.results[item].vulnerabilityDetails.cweId + | ||
| '" cweName="' + jsonLastScanReportResp.results[item].vulnerabilityDetails.cveName + | ||
| '" cweName="' + jsonLastScanReportResp.results[item].vulnerabilityDetails.cveName + | ||
| '" cvssScore="' + jsonLastScanReportResp.results[item].vulnerabilityDetails.cvssScore + | ||
| '" cvssVector="' + jsonLastScanReportResp.results[item].vulnerabilityDetails.cvss.attackVector + | ||
| '" category_name="' + jsonLastScanReportResp.results[item].vulnerabilityDetails.cweId + | ||
|
|
@@ -190,8 +186,7 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic | |
| var apps = this.AVR_API.getAppReleases(); | ||
| var app = ''; | ||
| for (var i in apps) { | ||
| var appId = apps[i].source_app_id; | ||
| //var created = apps[i].sys_created_on; && created > GlideDateTime('2023-02-20T23:00:06.17544Z').getDate() | ||
| var appId = apps[i].source_app_id; | ||
| if (appId !== "undefined") { | ||
| var scans = this._getScans(appId); | ||
|
|
@@ -263,10 +258,8 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic | |
| _getoffsets: function(appId, scanId) { | ||
| var offsets = []; | ||
| var offset = 0; | ||
| var includesca = this.UTIL.importScaFlaw(this.IMPLEMENTATION); | ||
| var includesast = this.UTIL.importSastFlaw(this.IMPLEMENTATION); | ||
| var ReportLength = this.UTIL.getTotalVulcount(this.IMPLEMENTATION, scanId); | ||
| //gs.info("Report Length" + ReportLength); | ||
| var loopLength = ReportLength / 50; | ||
| //in result api offset value start from 0 and increment by 1, here it acts like page instead of number of item like other api | ||
| for (var i = 0; i <= parseInt(loopLength); i++) { | ||
|
|
@@ -330,13 +323,13 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic | |
| <sys_created_by>admin</sys_created_by> | ||
| <sys_created_on>2022-11-21 12:06:20</sys_created_on> | ||
| <sys_id>891d8fed471f1110328ca368436d4334</sys_id> | ||
| <sys_mod_count>151</sys_mod_count> | ||
| <sys_mod_count>164</sys_mod_count> | ||
| <sys_name>CheckmarxOneAppVulItemIntegration</sys_name> | ||
| <sys_package display_value="Checkmarx One Vulnerability Integration" source="x_chec3_chexone">3d20e92d47471110328ca368436d436a</sys_package> | ||
| <sys_policy/> | ||
| <sys_scope display_value="Checkmarx One Vulnerability Integration">3d20e92d47471110328ca368436d436a</sys_scope> | ||
| <sys_update_name>sys_script_include_891d8fed471f1110328ca368436d4334</sys_update_name> | ||
| <sys_updated_by>[email protected]</sys_updated_by> | ||
| <sys_updated_on>2023-05-23 14:51:50</sys_updated_on> | ||
| <sys_updated_by>admin</sys_updated_by> | ||
| <sys_updated_on>2023-06-19 13:12:23</sys_updated_on> | ||
| </sys_script_include> | ||
| </unload> | ||
Oops, something went wrong.