We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Describe the bug Inccorect handling of sonarqube issues such as kubernetes one in sonarqube-mapper.ts that do not have summary or CVE
TypeError: Cannot read properties of undefined (reading 'match')
To Reproduce Steps to reproduce the behavior:
mitre/saf:1.4.8 convert sonarqube2hdf -n *** -u *** --auth *** -o ./hdf/sonarqube_scan.json
use example sonar issue
{ "key": "57b3733b-d416-4b4e-87da-b77d4edde2ab", "rule": "kubernetes:S6870", "severity": "MAJOR", "component": "myproject:helm/mlr/templates/jupyter/deployment.yaml", "project": "myproject", "line": 34, "hash": "723c0daa435bdafaa7aa13d3ae06ca5e", "textRange": { "startLine": 34, "endLine": 34, "startOffset": 19, "endOffset": 30 }, "flows": [], "status": "OPEN", "message": "Specify a storage limit for this container.", "effort": "5min", "debt": "5min", "author": "", "tags": [], "creationDate": "2025-01-23T14:01:27+0000", "updateDate": "2025-01-23T14:01:27+0000", "type": "VULNERABILITY", "branch": "Jiri-Stary-patch", "scope": "MAIN", "quickFixAvailable": false, "messageFormattings": [], "codeVariants": [], "cleanCodeAttribute": "COMPLETE", "cleanCodeAttributeCategory": "INTENTIONAL", "impacts": [ { "softwareQuality": "MAINTAINABILITY", "severity": "MEDIUM" }, { "softwareQuality": "SECURITY", "severity": "MEDIUM" } ], "issueStatus": "OPEN", "prioritizedRule": false },
Expected behavior not crash
function parseNistTags(issue: Issue): string[] { const tags: string[] = []; issue.sysTags?.forEach((sysTag) => { if (sysTag.toLowerCase().startsWith('owasp-')) { const identifier = [ sysTag.toLowerCase().replace('owasp-', '').toUpperCase() ]; tags.push(...OWASP_NIST_MAPPING.nistFilterNoDefault(identifier)); } }); // CWE IDs are embedded inside of the HTML summary issue.summary.match(/CWE-\d\d\d?\d?\d?\d?\d/gi)?.forEach((match) => { tags.push(...CWE_NIST_MAPPING.nistFilter(match.split('-')[1])); }); return tags; }
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Describe the bug
Inccorect handling of sonarqube issues such as kubernetes one in sonarqube-mapper.ts that do not have summary or CVE
TypeError: Cannot read properties of undefined (reading 'match')
To Reproduce
Steps to reproduce the behavior:
mitre/saf:1.4.8 convert sonarqube2hdf -n *** -u *** --auth *** -o ./hdf/sonarqube_scan.json
use example sonar issue
{
"key": "57b3733b-d416-4b4e-87da-b77d4edde2ab",
"rule": "kubernetes:S6870",
"severity": "MAJOR",
"component": "myproject:helm/mlr/templates/jupyter/deployment.yaml",
"project": "myproject",
"line": 34,
"hash": "723c0daa435bdafaa7aa13d3ae06ca5e",
"textRange": {
"startLine": 34,
"endLine": 34,
"startOffset": 19,
"endOffset": 30
},
"flows": [],
"status": "OPEN",
"message": "Specify a storage limit for this container.",
"effort": "5min",
"debt": "5min",
"author": "",
"tags": [],
"creationDate": "2025-01-23T14:01:27+0000",
"updateDate": "2025-01-23T14:01:27+0000",
"type": "VULNERABILITY",
"branch": "Jiri-Stary-patch",
"scope": "MAIN",
"quickFixAvailable": false,
"messageFormattings": [],
"codeVariants": [],
"cleanCodeAttribute": "COMPLETE",
"cleanCodeAttributeCategory": "INTENTIONAL",
"impacts": [
{
"softwareQuality": "MAINTAINABILITY",
"severity": "MEDIUM"
},
{
"softwareQuality": "SECURITY",
"severity": "MEDIUM"
}
],
"issueStatus": "OPEN",
"prioritizedRule": false
},
Expected behavior
not crash
issue?.summary instead of issue.summary should be enough
The text was updated successfully, but these errors were encountered: