Fixed: severity filter uses vulnerability severity instead of finding…

… severity (#100) * Using finding (aka Result) severity for filtering - instead of findingGroup (aka Query) severity. * Updated the version.
checkmarx-ltd · Mar 3, 2021 · 4464a1d · 4464a1d
1 parent b54a1bf
commit 4464a1d
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 7 deletions.
diff --git a/pom.xml b/pom.xml
@@ -10,7 +10,7 @@
 	</parent>
 	<groupId>com.github.checkmarx-ltd</groupId>
 	<artifactId>cx-spring-boot-sdk</artifactId>
-  <version>0.4.91</version>
+  <version>0.4.92</version>
 	<name>cx-spring-boot-sdk</name>
 	<description>Checkmarx Java Spring Boot SDK</description>
 	<properties>
@@ -41,11 +41,6 @@
 			<artifactId>commons-compress</artifactId>
 			<version>1.20</version>
 		</dependency>
-		<dependency>
-			<groupId>org.apache.httpcomponents</groupId>
-			<artifactId>httpclient</artifactId>
-			<version>4.5.11</version>
-		</dependency>
 		<dependency>
 			<groupId>commons-io</groupId>
 			<artifactId>commons-io</artifactId>

diff --git a/src/main/java/com/checkmarx/sdk/service/FilterInputFactory.java b/src/main/java/com/checkmarx/sdk/service/FilterInputFactory.java
@@ -44,7 +44,7 @@ public FilterInput createFilterInputForCxSast(QueryType findingGroup, ResultType
                 .id(finding.getNodeId())
                 .category(findingGroup.getName().toUpperCase(Locale.ROOT))
                 .cwe(findingGroup.getCweId())
-                .severity(findingGroup.getSeverity().toUpperCase(Locale.ROOT))
+                .severity(finding.getSeverity().toUpperCase(Locale.ROOT))
                 .status(finding.getStatus().toUpperCase(Locale.ROOT))
                 .state(stateName)
                 .build();