Skip to content

Commit

Permalink
Merge pull request #30 from checkmarx-ltd/Integration_Branch
Browse files Browse the repository at this point in the history 
CxOne 1.0.23 release items
  • Loading branch information
@nidhi0512
nidhi0512 authored Dec 20, 2024
2 parents 677ca58 + df3e92b commit 02ad271
Show file tree
Hide file tree
Showing 10 changed files with 13,041 additions and 12,120 deletions.
2 changes: 1 addition & 1 deletion ...ts/CheckmarxOneAppListIntegration_sys_script_include_f60f0ee047131110328ca368436d43ba.xml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<unload unload_date="2024-10-11 12:58:46">
<unload unload_date="2024-12-20 12:24:17">
<sys_script_include action="INSERT_OR_UPDATE">
<access>public</access>
<active>true</active>
Expand Down
6 changes: 3 additions & 3 deletions Scripts/CheckmarxOneAppListProcessor_sys_script_include_716c87ad471f1110328ca368436d438a.xml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<unload unload_date="2024-10-11 12:59:01">
<unload unload_date="2024-12-20 12:24:20">
<sys_script_include action="INSERT_OR_UPDATE">
<access>public</access>
<active>true</active>
Expand Down Expand Up @@ -110,13 +110,13 @@ CheckmarxOneAppListProcessor.prototype = Object.extendsObject(sn_vul.Application
<sys_created_by>admin</sys_created_by>
<sys_created_on>2022-11-21 12:03:00</sys_created_on>
<sys_id>716c87ad471f1110328ca368436d438a</sys_id>
<sys_mod_count>75</sys_mod_count>
<sys_mod_count>79</sys_mod_count>
<sys_name>CheckmarxOneAppListProcessor</sys_name>
<sys_package display_value="Checkmarx One Vulnerability Integration" source="x_chec3_chexone">3d20e92d47471110328ca368436d436a</sys_package>
<sys_policy/>
<sys_scope display_value="Checkmarx One Vulnerability Integration">3d20e92d47471110328ca368436d436a</sys_scope>
<sys_update_name>sys_script_include_716c87ad471f1110328ca368436d438a</sys_update_name>
<sys_updated_by>admin</sys_updated_by>
<sys_updated_on>2024-05-22 05:08:04</sys_updated_on>
<sys_updated_on>2024-12-02 17:29:36</sys_updated_on>
</sys_script_include>
</unload>
317 changes: 165 additions & 152 deletions ...CheckmarxOneAppVulItemIntegration_sys_script_include_891d8fed471f1110328ca368436d4334.xml
View file

Large diffs are not rendered by default.

168 changes: 138 additions & 30 deletions ...s/CheckmarxOneAppVulItemProcessor_sys_script_include_ba2b3da69769e510026f72021153af1b.xml
View file

Large diffs are not rendered by default.

9 changes: 6 additions & 3 deletions Scripts/CheckmarxOneConfigUtilBase_sys_script_include_508f0d54471f1110328ca368436d43f8.xml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<unload unload_date="2024-10-11 12:59:35">
<unload unload_date="2024-12-20 12:24:35">
<sys_script_include action="INSERT_OR_UPDATE">
<access>package_private</access>
<active>true</active>
Expand Down Expand Up @@ -69,15 +69,18 @@ CheckmarxOneConfigUtilBase.prototype = {
"import_sca": gr.getValue("import_sca") === "1",
"import_sast": gr.getValue("import_sast") === "1",
"import_kics": gr.getValue("import_kics") === "1",
"exclude_dev_and_test_dependencies": gr.getValue("exclude_dev_and_test_dependencies") === "1",
"triaging_in_snow": gr.getValue("triaging_in_snow") === "1",
"vulnerability_threshold_level": gr.getValue("vulnerability_threshold_level"),
"scan_synchronization": gr.getValue("scan_synchronization"),
"access_token": gr.access_token.getDecryptedValue(),
"sync_only_primary_branch": gr.getValue("sync_only_primary_branch") === "1",
"list_projects": gr.getValue("list_of_project_id_s"),
"result_states": gr.getValue("result_states"),
"link": gr.getValue("link"),
"project_filter_by_name": gr.getValue("project_filter_by_name"),
"filter_project": gr.getValue("filter_project"),
"severity": gr.getValue("severity"),
"scan_type" : gs.nil(gr.getValue("scan_type")) ? "" : gr.getValue("scan_type"),
};
Expand All @@ -93,13 +96,13 @@ CheckmarxOneConfigUtilBase.prototype = {
<sys_created_by>admin</sys_created_by>
<sys_created_on>2022-11-17 05:45:19</sys_created_on>
<sys_id>508f0d54471f1110328ca368436d43f8</sys_id>
<sys_mod_count>61</sys_mod_count>
<sys_mod_count>64</sys_mod_count>
<sys_name>CheckmarxOneConfigUtilBase</sys_name>
<sys_package display_value="Checkmarx One Vulnerability Integration" source="x_chec3_chexone">3d20e92d47471110328ca368436d436a</sys_package>
<sys_policy/>
<sys_scope display_value="Checkmarx One Vulnerability Integration">3d20e92d47471110328ca368436d436a</sys_scope>
<sys_update_name>sys_script_include_508f0d54471f1110328ca368436d43f8</sys_update_name>
<sys_updated_by>admin</sys_updated_by>
<sys_updated_on>2024-10-01 07:32:02</sys_updated_on>
<sys_updated_on>2024-11-05 10:44:52</sys_updated_on>
</sys_script_include>
</unload>
70 changes: 50 additions & 20 deletions ...heckmarxOneScanSummaryIntegration_sys_script_include_d7f2d2e447131110328ca368436d4321.xml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<unload unload_date="2024-10-11 13:00:13">
<unload unload_date="2024-12-20 12:24:40">
<sys_script_include action="INSERT_OR_UPDATE">
<access>public</access>
<active>true</active>
Expand Down Expand Up @@ -73,7 +73,9 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli
primaryBranch = this.UTIL.getProjectById(this.IMPLEMENTATION, appId).mainBranch.toString();
if (null != primaryBranch && '' != primaryBranch) {
responseLastScanSummary = this.UTIL.getScanListFilterByBranch(this.IMPLEMENTATION, appId, this._getCurrentDeltaStartTime(), primaryBranch);
}
branches = this.UTIL.getProjectBranchList(this.IMPLEMENTATION, appId);
} else
responseLastScanSummary = this.UTIL.getScanInfo(this.IMPLEMENTATION, appId, newoffset, this._getCurrentDeltaStartTime());
} else if (scan_synchronization == 'latest scan from each branch') {
branches = this.UTIL.getProjectBranchList(this.IMPLEMENTATION, appId);
if (null != branches && '' != branches) {
Expand All @@ -97,10 +99,14 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli
var lastSastDate;
var lastScaDate;
var lastKicsDate;
var prvBranch = '';
var prvSastScanBranch = '';
var prvScaScanBranch = '';
var prvKicsScanBranch = '';
while (scanSummary.hasNext()) {
scanSummary.next();
var prvBranch = '';
var isBranchMatched = 'false';
var tags = scanSummary.getValue('tags');
if (null != tags && '' != tags && 'undefined' != tags) {
Expand All @@ -111,51 +117,57 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli
prvBranch = record.substring(8);
}
}
if (null == scan_synchronization || '' == scan_synchronization || 'undefined' == scan_synchronization)
isBranchMatched = 'true';
else if (scan_synchronization == 'latest scan of primary branch' && null != primaryBranch && '' != primaryBranch && primaryBranch == prvBranch)
isBranchMatched = 'true';
else if (scan_synchronization == 'latest scan from each branch' && null != branches && '' != branches && '' != prvBranch && branches.indexOf(prvBranch) != -1)
else if ((scan_synchronization == 'latest scan of primary branch' || scan_synchronization == 'latest scan from each branch') &&
null != branches && '' != branches && '' != prvBranch && branches.indexOf(prvBranch) != -1)
isBranchMatched = 'true';
else if (scan_synchronization == 'latest scan across all branches')
isBranchMatched = 'true';
if (null != scanSummary && null != scanSummary.source_scan_id && '' != scanSummary.source_scan_id && scanSummary.source_scan_id != 'undefined') {
prvScanId = scanSummary.getValue('source_scan_id') + '';
var lastUpdatedDate = scanSummary.getValue('sys_updated_on');
if (prvScanId.indexOf('sast') != -1 && isBranchMatched == 'true') {
if ((null == lastSastDate || '' == lastSastDate || 'undefined' == lastSastDate) || (lastSastDate && lastSastDate < scanSummary.last_scan_date)) {
if ((null == lastSastDate || '' == lastSastDate || 'undefined' == lastSastDate) || (lastSastDate && lastUpdatedDate >= lastSastDate)) {
sastPrvScanId = prvScanId;
lastSastDate = scanSummary.last_scan_date;
prvSastScanBranch = prvBranch;
lastSastDate = lastUpdatedDate;
}
if (null != scan_synchronization && '' != scan_synchronization && 'undefined' != scan_synchronization && scan_synchronization == 'latest scan from each branch') {
if (prvSastScanIdBranch != '')
prvSastScanIdBranch += '|||';
prvSastScanIdBranch += prvBranch + ':::' + prvScanId + ':::' + scanSummary.last_scan_date;
prvSastScanIdBranch += prvBranch + ':::' + prvScanId + ':::' + lastUpdatedDate;
}
}
if (prvScanId.indexOf('sca') != -1 && isBranchMatched == 'true') {
if ((null == lastScaDate || '' == lastScaDate || 'undefined' == lastScaDate) || (lastScaDate && lastScaDate < scanSummary.last_scan_date)) {
if ((null == lastScaDate || '' == lastScaDate || 'undefined' == lastScaDate) || (lastScaDate && lastUpdatedDate >= lastScaDate)) {
scaPrvScanId = prvScanId;
lastScaDate = scanSummary.last_scan_date;
prvScaScanBranch = prvBranch;
lastScaDate = lastUpdatedDate;
}
if (null != scan_synchronization && '' != scan_synchronization && 'undefined' != scan_synchronization && scan_synchronization == 'latest scan from each branch') {
if (prvScaScanIdBranch != '')
prvScaScanIdBranch += '|||';
prvScaScanIdBranch += prvBranch + ':::' + prvScanId + ':::' + scanSummary.last_scan_date;
prvScaScanIdBranch += prvBranch + ':::' + prvScanId + ':::' + lastUpdatedDate;
}
}
if (prvScanId.indexOf('IaC') != -1 && isBranchMatched == 'true') {
if ((null == lastKicsDate || '' == lastKicsDate || 'undefined' == lastKicsDate) || (lastKicsDate && lastKicsDate < scanSummary.last_scan_date)) {
if ((null == lastKicsDate || '' == lastKicsDate || 'undefined' == lastKicsDate) || (lastKicsDate && lastUpdatedDate >= lastKicsDate)) {
kicsPrvScanId = prvScanId;
lastKicsDate = scanSummary.last_scan_date;
prvKicsScanBranch = prvBranch;
lastKicsDate = lastUpdatedDate;
}
if (null != scan_synchronization && '' != scan_synchronization && 'undefined' != scan_synchronization && scan_synchronization == 'latest scan from each branch') {
if (prvKicsScanIdBranch != '')
prvKicsScanIdBranch += '|||';
prvKicsScanIdBranch += prvBranch + ':::' + prvScanId + ':::' + scanSummary.last_scan_date;
prvKicsScanIdBranch += prvBranch + ':::' + prvScanId + ':::' + lastUpdatedDate;
}
}
}
}
var branch = [];
var configScanType = config.scan_type.toString();
for (var item in jsonLastScanSummResp.scans) {
Expand All @@ -164,8 +176,13 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli
var scaresponsevul = this.UTIL.getScanSummaryInfo(this.IMPLEMENTATION, jsonLastScanSummResp.scans[item].id);
var scaScanType = "Full Scan";
if (scaresponsevul != -1) {
if (null != scan_synchronization && '' != scan_synchronization && 'undefined' != scan_synchronization && scan_synchronization == 'latest scan from each branch')
if (null != scan_synchronization && '' != scan_synchronization && 'undefined' != scan_synchronization && scan_synchronization == 'latest scan from each branch') {
scaPrvScanId = this._getPrvScanIdForSpecificBranch(prvScaScanIdBranch, jsonLastScanSummResp.scans[item].branch);
if (scaPrvScanId == '')
prvScaScanBranch = '';
else
prvScaScanBranch = '' + jsonLastScanSummResp.scans[item].branch;
}
scaScanSummaryAll += '<scan id="' + 'sca' + jsonLastScanSummResp.scans[item].id + '" app_id="' + appId +
'" last_scan_date="' + this.UTIL.parseDate(jsonLastScanSummResp.scans[item].updatedAt) +
'" total_no_flaws="' + scaresponsevul +
Expand All @@ -174,6 +191,7 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli
'" scan_origin="' + jsonLastScanSummResp.scans[item].sourceOrigin +
'" scan_source="' + jsonLastScanSummResp.scans[item].sourceType +
'" scan_type="' + scaScanType +
'" prvBranch="' + prvScaScanBranch +
'" app_name="' + appId + '"/>';
}
}
Expand All @@ -193,8 +211,13 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli
}
var sastScanType = jsonLastScanSummResp.scans[item].metadata.configs[0].value.incremental == "false" ? "Full Scan" : "Incremental Scan";
if (sastresponsevul != -1 && ((null == configScanType || '' == configScanType) || (sastScanTypeToCheck != '' && configScanType.indexOf(sastScanTypeToCheck) != -1))) {
if (null != scan_synchronization && '' != scan_synchronization && 'undefined' != scan_synchronization && scan_synchronization == 'latest scan from each branch')
if (null != scan_synchronization && '' != scan_synchronization && 'undefined' != scan_synchronization && scan_synchronization == 'latest scan from each branch') {
sastPrvScanId = this._getPrvScanIdForSpecificBranch(prvSastScanIdBranch, jsonLastScanSummResp.scans[item].branch);
if (sastPrvScanId == '')
prvSastScanBranch = '';
else
prvSastScanBranch = '' + jsonLastScanSummResp.scans[item].branch;
}
var loc = this._getLOCforSAST(jsonLastScanSummResp.scans[item].statusDetails);
sastScanSummaryAll += '<scan id="' + 'sast' + jsonLastScanSummResp.scans[item].id + '" app_id="' + appId +
'" last_scan_date="' + this.UTIL.parseDate(jsonLastScanSummResp.scans[item].updatedAt) +
Expand All @@ -205,6 +228,7 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli
'" scan_origin="' + jsonLastScanSummResp.scans[item].sourceOrigin +
'" scan_source="' + jsonLastScanSummResp.scans[item].sourceType +
'" scan_type="' + sastScanType +
'" prvBranch="' + prvSastScanBranch +
'" app_name="' + appId + '"/>';
}
}
Expand All @@ -215,8 +239,13 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli
var scanType = "Full Scan";
if (kicsresponsevul != -1) {
if (null != scan_synchronization && '' != scan_synchronization && 'undefined' != scan_synchronization && scan_synchronization == 'latest scan from each branch')
if (null != scan_synchronization && '' != scan_synchronization && 'undefined' != scan_synchronization && scan_synchronization == 'latest scan from each branch') {
kicsPrvScanId = this._getPrvScanIdForSpecificBranch(prvKicsScanIdBranch, jsonLastScanSummResp.scans[item].branch);
if (kicsPrvScanId == '')
prvKicsScanBranch = '';
else
prvKicsScanBranch = '' + jsonLastScanSummResp.scans[item].branch;
}
kicsScanSummaryAll += '<scan id="' + 'IaC' + jsonLastScanSummResp.scans[item].id + '" app_id="' + appId +
'" last_scan_date="' + this.UTIL.parseDate(jsonLastScanSummResp.scans[item].updatedAt) +
'" total_no_flaws="' + kicsresponsevul +
Expand All @@ -225,6 +254,7 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli
'" scan_origin="' + jsonLastScanSummResp.scans[item].sourceOrigin +
'" scan_source="' + jsonLastScanSummResp.scans[item].sourceType +
'" scan_type="' + scanType +
'" prvBranch="' + prvKicsScanBranch +
'" app_name="' + appId + '"/>';
}
}
Expand Down Expand Up @@ -434,13 +464,13 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli
<sys_created_by>admin</sys_created_by>
<sys_created_on>2022-11-18 05:18:19</sys_created_on>
<sys_id>d7f2d2e447131110328ca368436d4321</sys_id>
<sys_mod_count>229</sys_mod_count>
<sys_mod_count>267</sys_mod_count>
<sys_name>CheckmarxOneScanSummaryIntegration</sys_name>
<sys_package display_value="Checkmarx One Vulnerability Integration" source="x_chec3_chexone">3d20e92d47471110328ca368436d436a</sys_package>
<sys_policy/>
<sys_scope display_value="Checkmarx One Vulnerability Integration">3d20e92d47471110328ca368436d436a</sys_scope>
<sys_update_name>sys_script_include_d7f2d2e447131110328ca368436d4321</sys_update_name>
<sys_updated_by>admin</sys_updated_by>
<sys_updated_on>2024-10-04 06:23:34</sys_updated_on>
<sys_updated_on>2024-12-11 16:31:25</sys_updated_on>
</sys_script_include>
</unload>
Loading

0 comments on commit 02ad271

Please sign in to comment.