Twistlock Parser add support for discoveredDate

Jino-T · Jino-T · commit d4b2a60b2136 · 2025-12-17T16:42:55.000-06:00
diff --git a/dojo/tools/twistlock/parser.py b/dojo/tools/twistlock/parser.py
@@ -6,6 +6,8 @@
 import textwrap
 from datetime import datetime
 
+import dateutil.parser
+
 from dojo.models import Finding
 
 logger = logging.getLogger(__name__)
@@ -235,6 +237,10 @@ def get_item(vulnerability, test, image_metadata=""):
     status = vulnerability.get("status", "There seems to be no fix yet. Please check description field.")
     cvssv3_score = vulnerability.get("cvss")
     riskFactors = vulnerability.get("riskFactors", "No risk factors.")
+    try:
+        date = str(dateutil.parser.parse(vulnerability.get("discoveredDate")).date())
+    except (ValueError, TypeError, dateutil.parser.ParserError):
+        date = datetime.now()
 
     # Build impact field combining severity and image metadata which can change between scans, so we add it to the impact field as the description field is sometimes used for hash code calculation
     impact_parts = [severity]
@@ -264,6 +270,7 @@ def get_item(vulnerability, test, image_metadata=""):
         cvssv3=cvssv3,
         cvssv3_score=cvssv3_score,
         impact=impact_text,
+        date=date,
     )
     finding.unsaved_vulnerability_ids = [vulnerability["id"]] if "id" in vulnerability else None
     finding.description = finding.description.strip()
diff --git a/unittests/tools/test_twistlock_parser.py b/unittests/tools/test_twistlock_parser.py
@@ -113,6 +113,7 @@ def test_parse_file_with_no_link_no_description(self):
                 self.assertIsNotNone(finding)
                 self.assertEqual(1, len(finding.unsaved_vulnerability_ids))
                 self.assertEqual("PRISMA-2021-0013", finding.unsaved_vulnerability_ids[0])
+                self.assertEqual("2022-11-16", finding.date)
                 break
 
     def test_parse_file_with_no_cvss(self):
@@ -141,6 +142,7 @@ def test_parse_file_with_no_cvss(self):
                 self.assertIn("Image ID:", finding.impact)
                 self.assertIn("Distribution:", finding.impact)
                 self.assertIn("Debian GNU/Linux 12", finding.impact)
+                self.assertEqual("2025-07-08", finding.date)
 
     def test_parse_file_with_many_vulns(self):
         testfile = (get_unit_tests_scans_path("twistlock") / "many_vulns.json").open(encoding="utf-8")
