Merge pull request #29 from checkmarx-ltd/Integration_Branch

Integration branch
checkmarx-ltd · Oct 11, 2024 · 677ca58 · 677ca58
2 parents 90e6cf7 + 197fd92
commit 677ca58
Show file tree

Hide file tree

Showing 12 changed files with 10,510 additions and 8,995 deletions.
diff --git a/...ts/CheckmarxOneAppListIntegration_sys_script_include_f60f0ee047131110328ca368436d43ba.xml b/...ts/CheckmarxOneAppListIntegration_sys_script_include_f60f0ee047131110328ca368436d43ba.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<unload unload_date="2024-06-12 10:11:49">
+<unload unload_date="2024-10-11 12:58:46">
 <sys_script_include action="INSERT_OR_UPDATE">
 <access>public</access>
 <active>true</active>

diff --git a/Scripts/CheckmarxOneAppListProcessor_sys_script_include_716c87ad471f1110328ca368436d438a.xml b/Scripts/CheckmarxOneAppListProcessor_sys_script_include_716c87ad471f1110328ca368436d438a.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<unload unload_date="2024-06-12 10:11:43">
+<unload unload_date="2024-10-11 12:59:01">
 <sys_script_include action="INSERT_OR_UPDATE">
 <access>public</access>
 <active>true</active>

diff --git a/...CheckmarxOneAppVulItemIntegration_sys_script_include_891d8fed471f1110328ca368436d4334.xml b/...CheckmarxOneAppVulItemIntegration_sys_script_include_891d8fed471f1110328ca368436d4334.xml
diff --git a/...s/CheckmarxOneAppVulItemProcessor_sys_script_include_ba2b3da69769e510026f72021153af1b.xml b/...s/CheckmarxOneAppVulItemProcessor_sys_script_include_ba2b3da69769e510026f72021153af1b.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<unload unload_date="2024-06-12 10:11:31">
+<unload unload_date="2024-10-11 12:59:25">
 <sys_script_include action="INSERT_OR_UPDATE">
 <access>public</access>
 <active>true</active>
@@ -28,8 +28,11 @@ CheckmarxOneAppVulItemProcessor.prototype = Object.extendsObject(sn_vul.Applicat
                 if (result_node.toString().includes("Results")) {
                     var listNode = doc.getNode('/scanResults/Results');
                 }
+                if (result_node.toString().includes("fixedSASTData")) {
+                    var fixedSASTNode = doc.getNode('/scanResults/fixedSASTData');
+                }
                 if (result_node.toString().includes("fixedSCAData")) {
-                    var fixedNode = doc.getNode('/scanResults/fixedSCAData');
+                    var fixedSCANode = doc.getNode('/scanResults/fixedSCAData');
                 }
 
             } catch (ex) {
@@ -136,6 +139,7 @@ CheckmarxOneAppVulItemProcessor.prototype = Object.extendsObject(sn_vul.Applicat
                             queryData['source_entry_id'] = 'Checkmarx One' + "-" + node.getAttribute('id');
                             resultObj['source_avit_id'] = node.getAttribute('id') + node.getAttribute('package_unique_id');
                             resultObj['source_references'] = node.getFirstChild().getTextContent().toString();
+							resultObj['source_notes'] = node.getAttribute('exploitable_method').toString();
 
                         }
                         if (scan_type == 'kics') {
@@ -197,9 +201,9 @@ CheckmarxOneAppVulItemProcessor.prototype = Object.extendsObject(sn_vul.Applicat
 
                 }
             }
-            if (fixedNode) {
+            if (fixedSCANode) {
                 var fixedData = {};
-                var sca_iter = fixedNode.getChildNodeIterator();
+                var sca_iter = fixedSCANode.getChildNodeIterator();
                 while (sca_iter.hasNext()) {
                     try {
                         var sca_node = sca_iter.next();
@@ -220,11 +224,53 @@ CheckmarxOneAppVulItemProcessor.prototype = Object.extendsObject(sn_vul.Applicat
                         fixedData['source_severity'] = severity;
                         fixedData['scan_summary_name'] = reportData.scan_summary_name;
                         fixedData['source_sdlc_status'] = 'Not Applicable';
-                        fixedData['package_unique_id'] = scaattributes.id;
+                        fixedData['package_unique_id'] = 'scaattributes.id';
                         this._upsertAVIT(fixedData);
 
                     } catch (ex) {
-                        errorMessage = gs.getMessage("Error in retriving data for app vulnerability item integration!");
+                        errorMessage = gs.getMessage("Error in processing SCA Fixed Vulnerability!");
+                        gs.error(this.MSG + " " + errorMessage + " " + ex.message);
+                        errorProcess += " | " + ex.message;
+
+                    }
+                }
+            }
+
+            if (fixedSASTNode) {
+                var fixedSASTData = {};
+                var sast_iter = fixedSASTNode.getChildNodeIterator();
+                while (sast_iter.hasNext()) {
+                    try {
+                        var sast_node = sast_iter.next();
+                        var sastattributes = sast_node.getAttributes();
+
+                        var fixedResultHash = '';
+                        var fixedChildIter = sast_node.getChildNodeIterator();
+                        while (fixedChildIter.hasNext) {
+                            var fixedChildNode = fixedChildIter.next();
+                            if (fixedChildNode.getNodeName() == "resultHash") {
+                                fixedResultHash = fixedChildNode.getTextContent();
+                                break;
+                            }                    
+                        }
+                        var fixedSimilarityId = sastattributes.id;
+                        var fixedSimilarityIdHash = fixedSimilarityId + '_' + fixedResultHash;
+
+                        var last_scan_date = new GlideDateTime(sastattributes.last_scan_date); 
+                        fixedSASTData['source_app_id'] = sastattributes.app_id;
+                        fixedSASTData['source_scan_id'] = sastattributes.scan_id;
+                        fixedSASTData['scan_type'] = 'static';
+                        fixedSASTData['source_avit_id'] = fixedSimilarityIdHash;
+                        fixedSASTData['source_entry_id'] ='Checkmarx One' + " CWE-" + sastattributes.cweId;
+                        fixedSASTData['source_remediation_status'] = 'FIXED';
+                        fixedSASTData['source_severity'] =  sastattributes.source_severity;
+                        fixedSASTData['scan_summary_name'] = fixedSASTData.source_scan_id + ' ' + last_scan_date;
+                        fixedSASTData['source_sdlc_status'] = 'Not Applicable';
+                        fixedSASTData['package_unique_id'] = sastattributes.package_unique_id;
+                        this._upsertAVIT(fixedSASTData);
+
+                    } catch (ex) {
+                        errorMessage = gs.getMessage("Error in processing SAST Fixed Vulnerability!");
                         gs.error(this.MSG + " " + errorMessage + " " + ex.message);
                         errorProcess += " | " + ex.message;
 
@@ -337,13 +383,13 @@ CheckmarxOneAppVulItemProcessor.prototype = Object.extendsObject(sn_vul.Applicat
 <sys_created_by>[email protected]</sys_created_by>
 <sys_created_on>2023-03-16 05:04:10</sys_created_on>
 <sys_id>ba2b3da69769e510026f72021153af1b</sys_id>
-<sys_mod_count>61</sys_mod_count>
+<sys_mod_count>66</sys_mod_count>
 <sys_name>CheckmarxOneAppVulItemProcessor</sys_name>
 <sys_package display_value="Checkmarx One Vulnerability Integration" source="x_chec3_chexone">3d20e92d47471110328ca368436d436a</sys_package>
 <sys_policy/>
 <sys_scope display_value="Checkmarx One Vulnerability Integration">3d20e92d47471110328ca368436d436a</sys_scope>
 <sys_update_name>sys_script_include_ba2b3da69769e510026f72021153af1b</sys_update_name>
 <sys_updated_by>admin</sys_updated_by>
-<sys_updated_on>2024-05-22 13:26:13</sys_updated_on>
+<sys_updated_on>2024-09-18 10:33:40</sys_updated_on>
 </sys_script_include>
 </unload>
diff --git a/Scripts/CheckmarxOneConfigUtilBase_sys_script_include_508f0d54471f1110328ca368436d43f8.xml b/Scripts/CheckmarxOneConfigUtilBase_sys_script_include_508f0d54471f1110328ca368436d43f8.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<unload unload_date="2024-06-12 10:11:26">
+<unload unload_date="2024-10-11 12:59:35">
 <sys_script_include action="INSERT_OR_UPDATE">
 <access>package_private</access>
 <active>true</active>
@@ -26,7 +26,10 @@ CheckmarxOneConfigUtilBase.prototype = {
             var implConfig = new GlideRecord("sn_sec_int_impl_config");
         } catch (ex) {
             result = false;
-            errorMessage = gs.getMessage("Credential validation failed!");
+            if (null != ex.message && 'undefined' != ex.message && ex.message.indexOf('Credential validation failed due to missing Permissions') != -1)
+                errorMessage = ex.message;
+            else
+                errorMessage = gs.getMessage("Credential validation failed!");
             gs.warn("Failed to validate Checkmarx credentials!  Reason: {0}", ex);
         } finally {
             resultObj = {
@@ -68,11 +71,14 @@ CheckmarxOneConfigUtilBase.prototype = {
                 "import_kics": gr.getValue("import_kics") === "1",
                 "triaging_in_snow": gr.getValue("triaging_in_snow") === "1",
                 "vulnerability_threshold_level": gr.getValue("vulnerability_threshold_level"),
+                "scan_synchronization": gr.getValue("scan_synchronization"),
                 "access_token": gr.access_token.getDecryptedValue(),
                 "sync_only_primary_branch": gr.getValue("sync_only_primary_branch") === "1",
                 "list_projects": gr.getValue("list_of_project_id_s"),
+				"result_states": gr.getValue("result_states"),
                 "project_filter_by_name": gr.getValue("project_filter_by_name"),
                 "filter_project": gr.getValue("filter_project"),
+				"scan_type" : gs.nil(gr.getValue("scan_type")) ? "" : gr.getValue("scan_type"),
             };
 
             new sn_sec_int.Implementation().setConfiguration(instance, newconfig);
@@ -87,13 +93,13 @@ CheckmarxOneConfigUtilBase.prototype = {
 <sys_created_by>admin</sys_created_by>
 <sys_created_on>2022-11-17 05:45:19</sys_created_on>
 <sys_id>508f0d54471f1110328ca368436d43f8</sys_id>
-<sys_mod_count>58</sys_mod_count>
+<sys_mod_count>61</sys_mod_count>
 <sys_name>CheckmarxOneConfigUtilBase</sys_name>
 <sys_package display_value="Checkmarx One Vulnerability Integration" source="x_chec3_chexone">3d20e92d47471110328ca368436d436a</sys_package>
 <sys_policy/>
 <sys_scope display_value="Checkmarx One Vulnerability Integration">3d20e92d47471110328ca368436d436a</sys_scope>
 <sys_update_name>sys_script_include_508f0d54471f1110328ca368436d43f8</sys_update_name>
 <sys_updated_by>admin</sys_updated_by>
-<sys_updated_on>2024-05-22 12:54:21</sys_updated_on>
+<sys_updated_on>2024-10-01 07:32:02</sys_updated_on>
 </sys_script_include>
 </unload>
diff --git a/...pts/CheckmarxOneDevOpsIntegration_sys_script_include_f171708947e431108a980178c26d434f.xml b/...pts/CheckmarxOneDevOpsIntegration_sys_script_include_f171708947e431108a980178c26d434f.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<unload unload_date="2024-06-12 10:11:20">
+<unload unload_date="2024-10-11 12:59:51">
 <sys_script_include action="INSERT_OR_UPDATE">
 <access>package_private</access>
 <active>true</active>

diff --git a/...neScanSummaryDetailsJSONProcessor_sys_script_include_b8934b914768b1108a980178c26d4313.xml b/...neScanSummaryDetailsJSONProcessor_sys_script_include_b8934b914768b1108a980178c26d4313.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<unload unload_date="2024-06-12 10:11:16">
+<unload unload_date="2024-10-11 13:00:02">
 <sys_script_include action="INSERT_OR_UPDATE">
 <access>package_private</access>
 <active>true</active>