2021-05-06 08:31:51 +01:00
|
|
|
package junit
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"html"
|
|
|
|
|
"strconv"
|
|
|
|
|
|
|
|
|
|
"github.com/securego/gosec/v2"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func generatePlaintext(issue *gosec.Issue) string {
|
2022-08-20 12:20:36 +01:00
|
|
|
cweID := "CWE"
|
|
|
|
|
if issue.Cwe != nil {
|
|
|
|
|
cweID = issue.Cwe.ID
|
|
|
|
|
}
|
2021-05-06 08:31:51 +01:00
|
|
|
return "Results:\n" +
|
|
|
|
|
"[" + issue.File + ":" + issue.Line + "] - " +
|
|
|
|
|
issue.What + " (Confidence: " + strconv.Itoa(int(issue.Confidence)) +
|
|
|
|
|
", Severity: " + strconv.Itoa(int(issue.Severity)) +
|
2022-08-20 12:20:36 +01:00
|
|
|
", CWE: " + cweID + ")\n" + "> " + html.EscapeString(issue.Code)
|
2021-05-06 08:31:51 +01:00
|
|
|
}
|
|
|
|
|
|
2021-05-31 09:44:12 +01:00
|
|
|
// GenerateReport Convert a gosec report to a JUnit Report
|
2021-05-20 09:16:42 +01:00
|
|
|
func GenerateReport(data *gosec.ReportInfo) Report {
|
2021-05-06 08:31:51 +01:00
|
|
|
var xmlReport Report
|
|
|
|
|
testsuites := map[string]int{}
|
|
|
|
|
|
|
|
|
|
for _, issue := range data.Issues {
|
|
|
|
|
index, ok := testsuites[issue.What]
|
|
|
|
|
if !ok {
|
2021-05-10 09:08:04 +01:00
|
|
|
xmlReport.Testsuites = append(xmlReport.Testsuites, NewTestsuite(issue.What))
|
2021-05-06 08:31:51 +01:00
|
|
|
index = len(xmlReport.Testsuites) - 1
|
|
|
|
|
testsuites[issue.What] = index
|
|
|
|
|
}
|
2021-05-10 09:08:04 +01:00
|
|
|
failure := NewFailure("Found 1 vulnerability. See stacktrace for details.", generatePlaintext(issue))
|
|
|
|
|
testcase := NewTestcase(issue.File, failure)
|
2021-05-06 08:31:51 +01:00
|
|
|
|
|
|
|
|
xmlReport.Testsuites[index].Testcases = append(xmlReport.Testsuites[index].Testcases, testcase)
|
|
|
|
|
xmlReport.Testsuites[index].Tests++
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return xmlReport
|
|
|
|
|
}
|
