From 6cff8c8b91f258c29a9c28c87f381cde997e82e0 Mon Sep 17 00:00:00 2001
From: Ruud Senden <8635138+rsenden@users.noreply.github.com>
Date: Tue, 10 Oct 2023 12:05:21 +0200
Subject: [PATCH] fix: Add support for Java 8 date/time types

---
 FortifyVulnerabilityExporter-plugin-to-json/build.gradle | 3 +++
 .../vulnexport/to/json/vuln/formatter/JsonFormatter.java | 9 ++++++++-
 build.gradle                                             | 3 +++
 3 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/FortifyVulnerabilityExporter-plugin-to-json/build.gradle b/FortifyVulnerabilityExporter-plugin-to-json/build.gradle
index 025cfe6..5de5f5d 100644
--- a/FortifyVulnerabilityExporter-plugin-to-json/build.gradle
+++ b/FortifyVulnerabilityExporter-plugin-to-json/build.gradle
@@ -14,4 +14,7 @@ dependencies {
 	compileOnly 'com.fasterxml.jackson.core:jackson-core'
 	compileOnly 'com.fasterxml.jackson.core:jackson-databind'
 	compileOnly 'commons-collections:commons-collections'
+    // Required for Java 8 date/time handling
+    compileOnly 'com.fasterxml.jackson.datatype:jackson-datatype-jdk8'
+    compileOnly 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310'
 }
diff --git a/FortifyVulnerabilityExporter-plugin-to-json/src/main/java/com/fortify/vulnexport/to/json/vuln/formatter/JsonFormatter.java b/FortifyVulnerabilityExporter-plugin-to-json/src/main/java/com/fortify/vulnexport/to/json/vuln/formatter/JsonFormatter.java
index 214387c..20e553f 100644
--- a/FortifyVulnerabilityExporter-plugin-to-json/src/main/java/com/fortify/vulnexport/to/json/vuln/formatter/JsonFormatter.java
+++ b/FortifyVulnerabilityExporter-plugin-to-json/src/main/java/com/fortify/vulnexport/to/json/vuln/formatter/JsonFormatter.java
@@ -34,6 +34,7 @@
 
 import com.fasterxml.jackson.core.JsonGenerator;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import com.fortify.util.rest.json.JSONMap;
 import com.fortify.util.spring.expression.ExpressionMapToJSONMapEvaluator;
 import com.fortify.util.spring.expression.TemplateExpressionMap;
@@ -49,7 +50,7 @@
  *
  */
 public class JsonFormatter implements Consumer<IVulnerabilityAccessor> {
-	private static final ObjectMapper MAPPER = new ObjectMapper();
+	private static final ObjectMapper MAPPER = createObjectMapper();
 	private final JsonFormatterConfig formatterConfig;
 	private final Map<String, VulnerabilityMapper> vulnerabilityMappers;
 	private final Map<String, JSONMap> contextObjects;
@@ -154,6 +155,12 @@ private Map<String, Object> createEvaluationInput() {
 		return result;
 	}
 	
+	private static final ObjectMapper createObjectMapper() {
+	    ObjectMapper objectMapper = new ObjectMapper();
+	    objectMapper.registerModule(new JavaTimeModule());
+	    return objectMapper;
+	}
+	
 	private static final int size(Map<?, ?> map) {
 		return map==null ? 0 : map.size();
 	}
diff --git a/build.gradle b/build.gradle
index 959f5c2..d2e8d2c 100644
--- a/build.gradle
+++ b/build.gradle
@@ -87,6 +87,9 @@ allprojects {
 			// Spring Boot version is compatible with snakeyaml 2.0, which doesn't have 
 			// any known vulnerabilities, so we override the version here.
 			implementation 'org.yaml:snakeyaml:2.0'
+            // Required for Java 8 date/time handling
+            implementation 'com.fasterxml.jackson.datatype:jackson-datatype-jdk8'
+            implementation 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310'
 		}
 	}
 }