Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Minor improvements to SpotBugs and Dependency Check parsers #4249

Merged
merged 13 commits into from
Jun 16, 2021
Merged

Minor improvements to SpotBugs and Dependency Check parsers #4249

merged 13 commits into from
Jun 16, 2021

Conversation

adiffpirate
Copy link
Contributor

@adiffpirate adiffpirate commented Apr 10, 2021
edited
Loading

SpotBugs

The report contains some HTML code that was not being properly parsed.
Now, using BeautifulSoup, we can work with tags and deliver a more precise report.
Enhancements:

  • A more clear mitigation.
  • References moved to where they belong with links that work.

dd_spotbugs_compare

Dependency Check

  • Added mitigation

@adiffpirate
Improved SpotBugs parser
06b1cce 
The report contains some HTML code into it that was not being proper parsed.
Now, using BeautifulSoup, we can work with tags and deliver a more precise report.
Enhancements:
  - Handles leading blankspaces, multiple breaklines, bold text and inline/multiline code.
  - A more clear description.
  - References moved to where they belong with links that work.
@adiffpirate
Added mitigation to Dependency Check parser
644b145
@adiffpirate
flake8
3424f1e
@valentijnscholten
Copy link
Member

Thanks. Are there any unit tests / samples you could add that "prove" the new html parsing part is working correctly?

damiencarol
damiencarol suggested changes Apr 10, 2021
View reviewed changes
Copy link
Contributor

@damiencarol damiencarol left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't introduce BS instead of html2text that we use in a lot of parsers

dojo/tools/spotbugs/parser.py Outdated Show resolved Hide resolved
@github-actions
Copy link
Contributor

This pull request has conflicts, please resolve those before we can evaluate the pull request.

@adiffpirate adiffpirate marked this pull request as draft May 15, 2021 02:19
@github-actions
Copy link
Contributor

Conflicts have been resolved. A maintainer will review the pull request shortly.

@adiffpirate
Copy link
Contributor Author

I'm not sure if these unittests for the HTML parsing are good enough. Let me know what you guys think ;)
(Also I'm sorry for taking so long to update this PR, it's been a crazy couple of months)

valentijnscholten
valentijnscholten suggested changes May 15, 2021
View reviewed changes
setup.py Outdated Show resolved Hide resolved
dojo/tools/dependency_check/parser.py Outdated Show resolved Hide resolved
@adiffpirate adiffpirate marked this pull request as ready for review May 15, 2021 20:21
@damiencarol damiencarol merged commit 2cd0de4 into DefectDojo:dev Jun 16, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@damiencarol damiencarol damiencarol approved these changes

@valentijnscholten valentijnscholten valentijnscholten approved these changes

Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@adiffpirate @valentijnscholten @damiencarol