Skip to content

Make sure ALL tool results parsers have default CWE conversion block #7

Open
#290
Open
Make sure ALL tool results parsers have default CWE conversion block#7
#290
@davewichers

Description

@davewichers
davewichers
opened on Aug 13, 2021

To make sure we have proper mappings of tool results to the CWEs we expect during scoring, we have a CWE mapping method in very parser. Some of these have fixed lists, and a don't care block that silent EATS results that don't map to anything currently. ALL tools need to instead spit out a message to the console that says effectively: "Here is a NEW CWE/Mapping value THEVALUE that we haven't seen before. Please map this to the proper CWE".

Here is the list of tools that need to be worked on:

  • AcunetixReader.java
  • AppScanDynamicReader.java
  • AppScanSourceReader.java
  • ArachniReader.java
  • BurpJsonReader.java
  • BurpReader.java
  • CheckmarxESReader.java
  • CheckmarxIASTReader.java
  • CheckmarxReader.java
  • CodeQLReader.java
  • CoverityReader.java
  • CrashtestReader.java
  • FaastReader.java
  • FortifyReader.java
  • FusionLiteInsightReader.java
  • HCLAppScanIASTReader.java
  • HdivReader.java
  • JuliaReader.java
  • KiuwanReader.java
  • LGTMReader.java
  • NetsparkerReader.java
  • NoisyCricketReader.java
  • ParasoftReader.java
  • QualysWASReader.java
  • SeekerReader.java
  • SemgrepReader.java
  • ShiftLeftNGSASTReader.java
  • ShiftLeftNGSASTReaderJSON.java
  • SonarQubeReader.java
  • SourceMeterReader.java
  • ThunderScanReader.java
  • VeracodeReader.java
  • W3AFReader.java
  • WapitiReader.java
  • WebInspectReader.java
  • XanitizerReader.java
  • ZapReader.java

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions