update

manuel-sommer · manuel-sommer · commit efe2b2c595e3 · 2026-04-15T09:04:50.000+02:00
diff --git a/dojo/tools/openreports/parser.py b/dojo/tools/openreports/parser.py
@@ -19,6 +19,7 @@
 
 DESCRIPTION_TEMPLATE = """{message}
 
+**Service:** {service}
 **Category:** {category}
 **Policy:** {policy}
 **Result:** {result}
@@ -218,6 +219,7 @@ def _create_finding_from_result(self, test, result, service_name, report_name, r
             # Create description
             description = DESCRIPTION_TEMPLATE.format(
                 message=message,
+                service=service_name,
                 category=category,
                 policy=policy,
                 result=result_status,
@@ -250,7 +252,6 @@ def _create_finding_from_result(self, test, result, service_name, report_name, r
                 mitigation=mitigation,
                 component_name=pkg_name,
                 component_version=installed_version,
-                service=service_name,
                 active=active,
                 verified=verified,
                 static_finding=True,
diff --git a/dojo/tools/orca_security/csv_parser.py b/dojo/tools/orca_security/csv_parser.py
@@ -84,7 +84,6 @@ def parse(self, content):
                 severity_justification=build_severity_justification(orca_score_raw),
                 static_finding=True,  # CSPM scan data is static analysis
                 dynamic_finding=False,
-                service=source or None,  # Source identifies the cloud resource/service
                 component_name=inventory_name or None,  # Inventory is the specific resource
                 date=parse_date(created_at),
             )
diff --git a/dojo/tools/orca_security/json_parser.py b/dojo/tools/orca_security/json_parser.py
@@ -89,7 +89,6 @@ def parse(self, content):
                 severity_justification=build_severity_justification(orca_score),
                 static_finding=True,  # CSPM scan data is static analysis
                 dynamic_finding=False,
-                service=source or None,  # Source identifies the cloud resource/service
                 component_name=inventory_name or None,  # Inventory is the specific resource
                 date=parse_date(created_at),
             )
diff --git a/unittests/tools/test_jfrog_xray_api_summary_artifact_parser.py b/unittests/tools/test_jfrog_xray_api_summary_artifact_parser.py
@@ -33,6 +33,7 @@ def test_parse_file_with_one_vuln(self):
         self.assertEqual(" code.", item.description[-6:])
         self.assertIsNone(item.mitigation)
         self.assertEqual("artifact1", item.component_name)
+        self.assertIsNone(item.service)
         self.assertIsNotNone(item.tags)
         self.assertEqual("1.0", item.component_version)
         self.assertEqual("artifact_path/artifact1/1.0/", item.file_path[:28])
diff --git a/unittests/tools/test_openreports_parser.py b/unittests/tools/test_openreports_parser.py
@@ -28,7 +28,8 @@ def test_single_report(self):
             self.assertEqual("3.5.2-r1", finding1.component_version)
             self.assertEqual("Upgrade to version: 3.5.4-r0", finding1.mitigation)
             self.assertEqual("https://avd.aquasec.com/nvd/cve-2025-9232", finding1.references)
-            self.assertEqual("test/Deployment/test-app", finding1.service)
+            self.assertIsNone(finding1.service)
+            self.assertIn("**Service:** test/Deployment/test-app", finding1.description)
             self.assertTrue(finding1.active)
             self.assertTrue(finding1.verified)
             self.assertTrue(finding1.fix_available)
@@ -47,7 +48,8 @@ def test_single_report(self):
             self.assertEqual("v1.24.4", finding2.component_version)
             self.assertEqual("Upgrade to version: 1.23.12, 1.24.6", finding2.mitigation)
             self.assertEqual("https://avd.aquasec.com/nvd/cve-2025-47907", finding2.references)
-            self.assertEqual("test/Deployment/test-app", finding2.service)
+            self.assertIsNone(finding2.service)
+            self.assertIn("**Service:** test/Deployment/test-app", finding2.description)
             self.assertTrue(finding2.active)
             self.assertTrue(finding2.verified)
             self.assertTrue(finding2.fix_available)
@@ -63,7 +65,8 @@ def test_single_report(self):
             self.assertEqual("N/A", finding3.component_version)
             self.assertEqual("Upgrade to version: Configure proper security headers", finding3.mitigation)
             self.assertEqual("https://www.cisecurity.org/benchmark/docker", finding3.references)
-            self.assertEqual("test/Deployment/test-app", finding3.service)
+            self.assertIsNone(finding3.service)
+            self.assertIn("**Service:** test/Deployment/test-app", finding3.description)
             self.assertTrue(finding3.active)
             self.assertTrue(finding3.verified)
             self.assertTrue(finding3.fix_available)
@@ -80,8 +83,11 @@ def test_list_format(self):
             findings = parser.get_findings(test_file, Test())
             self.assertEqual(len(findings), 3)
 
-            # Verify findings from different reports have different services
-            services = {finding.service for finding in findings}
+            # Verify findings from different reports have different service contexts in descriptions
+            services = {
+                finding.description.split("**Service:** ")[1].split("\n", 1)[0]
+                for finding in findings if "**Service:** " in finding.description
+            }
             self.assertEqual(len(services), 2)
             self.assertIn("test/Deployment/app1", services)
             self.assertIn("test/Deployment/app2", services)
diff --git a/unittests/tools/test_orca_security_parser.py b/unittests/tools/test_orca_security_parser.py
@@ -25,7 +25,7 @@ def test_parse_csv_one_finding(self):
             self.assertTrue(finding.static_finding)
             self.assertFalse(finding.dynamic_finding)
             self.assertEqual("TestRole_abc123", finding.component_name)
-            self.assertEqual("TestRole_abc123", finding.service)
+            self.assertIsNone(finding.service)
             self.assertEqual("OrcaScore: 5.1", finding.severity_justification)
             self.assertIn("IAM misconfigurations", finding.description)
             self.assertEqual(["CSPM", "source: Orca Scan"], finding.unsaved_tags)
@@ -69,7 +69,7 @@ def test_parse_json_one_finding(self):
             self.assertTrue(finding.static_finding)
             self.assertFalse(finding.dynamic_finding)
             self.assertEqual("TestRole_abc123", finding.component_name)
-            self.assertEqual("TestRole_abc123", finding.service)
+            self.assertIsNone(finding.service)
             self.assertEqual("OrcaScore: 5.1", finding.severity_justification)
             self.assertIn("IAM misconfigurations", finding.description)
             self.assertEqual(["CSPM", "source: Orca Scan"], finding.unsaved_tags)

Original file line number	Diff line number	Diff line change
`@@ -84,7 +84,6 @@ def parse(self, content):`
`84`	`84`	`severity_justification=build_severity_justification(orca_score_raw),`
`85`	`85`	`static_finding=True, # CSPM scan data is static analysis`
`86`	`86`	`dynamic_finding=False,`
`87`		`- service=source or None, # Source identifies the cloud resource/service`
`88`	`87`	`component_name=inventory_name or None, # Inventory is the specific resource`
`89`	`88`	`date=parse_date(created_at),`
`90`	`89`	`)`
Original file line number	Diff line number	Diff line change
`@@ -89,7 +89,6 @@ def parse(self, content):`
`89`	`89`	`severity_justification=build_severity_justification(orca_score),`
`90`	`90`	`static_finding=True, # CSPM scan data is static analysis`
`91`	`91`	`dynamic_finding=False,`
`92`		`- service=source or None, # Source identifies the cloud resource/service`
`93`	`92`	`component_name=inventory_name or None, # Inventory is the specific resource`
`94`	`93`	`date=parse_date(created_at),`
`95`	`94`	`)`