diff --git a/src/main/java/com/checkmarx/ast/results/result/Data.java b/src/main/java/com/checkmarx/ast/results/result/Data.java index 3641825d..e9427663 100644 --- a/src/main/java/com/checkmarx/ast/results/result/Data.java +++ b/src/main/java/com/checkmarx/ast/results/result/Data.java @@ -25,9 +25,12 @@ public class Data { String expectedValue; String value; String fileName; + String packageIdentifier; + String recommendedVersion; int line; List nodes; List packageData; + ScaPackageData scaPackageData; public Data(@JsonProperty("queryId") String queryId, @JsonProperty("queryName") String queryName, @@ -39,9 +42,12 @@ public Data(@JsonProperty("queryId") String queryId, @JsonProperty("expectedValue") String expectedValue, @JsonProperty("value") String value, @JsonProperty("filename") String fileName, + @JsonProperty("packageIdentifier") String packageIdentifier, + @JsonProperty("recommendedVersion") String recommendedVersion, @JsonProperty("line") int line, @JsonProperty("nodes") List nodes, - @JsonProperty("packageData") List packageData) { + @JsonProperty("packageData") List packageData, + @JsonProperty("scaPackageData") ScaPackageData scaPackageData) { this.queryId = queryId; this.queryName = queryName; this.group = group; @@ -52,8 +58,11 @@ public Data(@JsonProperty("queryId") String queryId, this.expectedValue = expectedValue; this.value = value; this.fileName = fileName; + this.packageIdentifier = packageIdentifier; + this.recommendedVersion = recommendedVersion; this.line = line; this.nodes = nodes; this.packageData = packageData; + this.scaPackageData = scaPackageData; } } diff --git a/src/main/java/com/checkmarx/ast/results/result/DependencyPath.java b/src/main/java/com/checkmarx/ast/results/result/DependencyPath.java new file mode 100644 index 00000000..61516ba6 --- /dev/null +++ b/src/main/java/com/checkmarx/ast/results/result/DependencyPath.java @@ -0,0 +1,42 @@ +package com.checkmarx.ast.results.result; + +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.databind.annotation.JsonDeserialize; +import lombok.Value; + +import java.util.List; + +@Value +@JsonDeserialize() +@JsonInclude(JsonInclude.Include.NON_NULL) +@JsonIgnoreProperties(ignoreUnknown = true) +public class DependencyPath { + + String Id; + String name; + String version; + List locations; + boolean isResolved; + boolean isDevelopment; + boolean supportsQuickFix; + + + public DependencyPath(@JsonProperty("Id") String id, + @JsonProperty("name") String name, + @JsonProperty("version") String version, + @JsonProperty("locations") List locations, + @JsonProperty("isResolved") boolean isResolved, + @JsonProperty("isDevelopment") boolean isDevelopment, + @JsonProperty("supportsQuickFix") boolean supportsQuickFix) { + + Id = id; + this.name = name; + this.version = version; + this.locations = locations; + this.isResolved = isResolved; + this.isDevelopment = isDevelopment; + this.supportsQuickFix = supportsQuickFix; + } +} diff --git a/src/main/java/com/checkmarx/ast/results/result/ScaPackageData.java b/src/main/java/com/checkmarx/ast/results/result/ScaPackageData.java new file mode 100644 index 00000000..8542ae02 --- /dev/null +++ b/src/main/java/com/checkmarx/ast/results/result/ScaPackageData.java @@ -0,0 +1,36 @@ +package com.checkmarx.ast.results.result; + +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.databind.annotation.JsonDeserialize; +import lombok.Value; + +import java.util.List; + +@Value +@JsonDeserialize() +@JsonInclude(JsonInclude.Include.NON_NULL) +@JsonIgnoreProperties(ignoreUnknown = true) +public class ScaPackageData { + + String Id; + String fixLink; + List> dependencyPaths; + boolean outdated; + boolean supportsQuickFix; + + + public ScaPackageData(@JsonProperty("Id") String id, + @JsonProperty("fixLink") String fixLink, + @JsonProperty("dependencyPaths") List> dependencyPaths, + @JsonProperty("outdated") boolean outdated, + @JsonProperty("supportsQuickFix") boolean supportsQuickFix) { + + Id = id; + this.fixLink = fixLink; + this.dependencyPaths = dependencyPaths; + this.outdated = outdated; + this.supportsQuickFix = supportsQuickFix; + } +} diff --git a/src/main/java/com/checkmarx/ast/results/result/VulnerabilityCVSS.java b/src/main/java/com/checkmarx/ast/results/result/VulnerabilityCVSS.java index 40c8c2d0..2dba6a00 100644 --- a/src/main/java/com/checkmarx/ast/results/result/VulnerabilityCVSS.java +++ b/src/main/java/com/checkmarx/ast/results/result/VulnerabilityCVSS.java @@ -17,16 +17,29 @@ public class VulnerabilityCVSS { String availability; String confidentiality; String attackComplexity; + String integrityImpact; + String scope; + String privilegesRequired; + String userInteraction; + public VulnerabilityCVSS(@JsonProperty("version") int version, @JsonProperty("attackVector") String attackVector, @JsonProperty("availability") String availability, @JsonProperty("confidentiality") String confidentiality, - @JsonProperty("attackComplexity") String attackComplexity) { + @JsonProperty("attackComplexity") String attackComplexity, + @JsonProperty("integrityImpact") String integrityImpact, + @JsonProperty("scope") String scope, + @JsonProperty("privilegesRequired") String privilegesRequired, + @JsonProperty("userInteraction") String userInteraction) { this.version = version; this.attackVector = attackVector; this.availability = availability; this.confidentiality = confidentiality; this.attackComplexity = attackComplexity; + this.integrityImpact = integrityImpact; + this.scope = scope; + this.privilegesRequired = privilegesRequired; + this.userInteraction = userInteraction; } } diff --git a/src/main/java/com/checkmarx/ast/wrapper/CxConstants.java b/src/main/java/com/checkmarx/ast/wrapper/CxConstants.java index b5e761a1..98ea6579 100644 --- a/src/main/java/com/checkmarx/ast/wrapper/CxConstants.java +++ b/src/main/java/com/checkmarx/ast/wrapper/CxConstants.java @@ -53,4 +53,10 @@ public final class CxConstants { static final String ADDITONAL_PARAMS = "--additional-params"; static final String ENGINE = "--engine"; static final String SUB_CMD_KICS_REALTIME = "kics-realtime"; + static final String SCA_REMEDIATION_PACKAGE_FILES = "--package-files"; + static final String SCA_REMEDIATION_PACKAGE = "--package"; + static final String SCA_REMEDIATION_PACKAGE_VERSION = "--package-version"; + static final String CMD_UTILS = "utils"; + static final String CMD_REMEDIATION = "remediation"; + static final String SUB_CMD_REMEDIATION_SCA = "sca"; } diff --git a/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java b/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java index 7d118a58..dbd69780 100644 --- a/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java +++ b/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java @@ -17,6 +17,7 @@ import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; + import java.io.IOException; import java.nio.file.Files; import java.util.ArrayList; @@ -286,6 +287,21 @@ private List buildResultsArgumentsArray(UUID scanId, ReportFormat report return arguments; } + public String scaRemediation(String packageFiles, String packages, String packageVersion) throws CxException, IOException, InterruptedException { + List arguments = new ArrayList<>(); + arguments.add(CxConstants.CMD_UTILS); + arguments.add(CxConstants.CMD_REMEDIATION); + arguments.add(CxConstants.SUB_CMD_REMEDIATION_SCA); + arguments.add(CxConstants.SCA_REMEDIATION_PACKAGE_FILES); + arguments.add(packageFiles); + arguments.add(CxConstants.SCA_REMEDIATION_PACKAGE); + arguments.add(packages); + arguments.add(CxConstants.SCA_REMEDIATION_PACKAGE_VERSION); + arguments.add(packageVersion); + + return Execution.executeCommand(withConfigArguments(arguments), logger, line -> null); + } + public int getResultsBfl(@NonNull UUID scanId, @NonNull String queryId, List resultNodes) throws IOException, InterruptedException, CxException { this.logger.info("Executing 'results bfl' command using the CLI.");