export function getSecurityHotspots(data: {
project: string;
- standard: 'owaspTop10' | 'sansTop25' | 'cwe';
+ standard: T.StandardType;
includeDistribution?: boolean;
branch?: string;
}): Promise<{ categories: T.SecurityHotspot[] }> {
uuid: string;
}
+ export type Standards = {
+ [key in StandardType]: T.Dict<{ title: string; description?: string }>
+ };
+
+ export type StandardType = 'owaspTop10' | 'sansTop25' | 'cwe' | 'sonarsourceSecurity';
+
export interface SubscriptionPlan {
maxNcloc: number;
price: number;
sansTop25={query.sansTop25}
sansTop25Open={!!openFacets.sansTop25}
sansTop25Stats={facets.sansTop25}
+ sonarsourceSecurity={
+ [
+ /* TODO */
+ ]
+ }
/>
<TagFacet
component={component}
import {
renderOwaspTop10Category,
renderSansTop25Category,
- renderCWECategory,
- Standards
+ renderCWECategory
} from '../../securityReports/utils';
import DeferredSpinner from '../../../components/common/DeferredSpinner';
import MultipleSelectionHint from '../../../components/facet/MultipleSelectionHint';
sansTop25: string[];
sansTop25Open: boolean;
sansTop25Stats: T.Dict<number> | undefined;
+ sonarsourceSecurity: string[];
}
interface State {
cweQuery: string;
- standards: Standards;
+ standards: T.Standards;
}
type StatsProp = 'owaspTop10Stats' | 'cweStats' | 'sansTop25Stats';
-type ValuesProp = 'owaspTop10' | 'sansTop25' | 'cwe';
+type ValuesProp = T.StandardType;
export default class StandardFacet extends React.PureComponent<Props, State> {
mounted = false;
property = STANDARDS;
state: State = {
cweQuery: '',
- standards: { owaspTop10: {}, sansTop25: {}, cwe: {} }
+ standards: { owaspTop10: {}, sansTop25: {}, cwe: {}, sonarsourceSecurity: {} }
};
componentDidMount() {
import('../../../helpers/standards.json')
.then(x => x.default)
.then(
- ({ owaspTop10, sansTop25, cwe }: Standards) => {
+ ({ owaspTop10, sansTop25, cwe, sonarsourceSecurity }: T.Standards) => {
if (this.mounted) {
- this.setState({ standards: { owaspTop10, sansTop25, cwe } });
+ this.setState({ standards: { owaspTop10, sansTop25, cwe, sonarsourceSecurity } });
}
},
() => {}
renderList = (
statsProp: StatsProp,
valuesProp: ValuesProp,
- renderName: (standards: Standards, category: string) => string,
+ renderName: (standards: T.Standards, category: string) => string,
onClick: (x: string, multiple?: boolean) => void
) => {
const stats = this.props[statsProp];
stats: any,
values: string[],
categories: string[],
- renderName: (standards: Standards, category: string) => React.ReactNode,
- renderTooltip: (standards: Standards, category: string) => string,
+ renderName: (standards: T.Standards, category: string) => React.ReactNode,
+ renderTooltip: (standards: T.Standards, category: string) => string,
onClick: (x: string, multiple?: boolean) => void
) => {
if (!categories.length) {
sansTop25={[]}
sansTop25Open={false}
sansTop25Stats={{}}
+ sonarsourceSecurity={[]}
{...props}
/>,
// disable loading of standards.json
import { getSecurityHotspots } from '../../../api/security-reports';
import { isLongLivingBranch } from '../../../helpers/branches';
import DocTooltip from '../../../components/docs/DocTooltip';
-import { StandardType } from '../utils';
import { Alert } from '../../../components/ui/Alert';
import { withRouter, Location, Router } from '../../../components/hoc/withRouter';
import '../style.css';
loading: boolean;
findings: T.SecurityHotspot[];
hasVulnerabilities: boolean;
- type: StandardType;
+ type: T.StandardType;
showCWE: boolean;
}
loading: false,
findings: [],
hasVulnerabilities: false,
- type: props.params.type === 'owasp_top_10' ? 'owaspTop10' : 'sansTop25',
+ type: this.getType(props.params.type),
showCWE: props.location.query.showCWE === 'true'
};
}
componentWillReceiveProps(newProps: Props) {
if (newProps.location.pathname !== this.props.location.pathname) {
const showCWE = newProps.location.query.showCWE === 'true';
- const type = newProps.params.type === 'owasp_top_10' ? 'owaspTop10' : 'sansTop25';
+ const type = this.getType(newProps.params.type);
this.setState({ type, showCWE }, this.fetchSecurityHotspots);
}
}
this.mounted = false;
}
+ getType = (type: string): T.StandardType => {
+ if (type === 'owasp_top_10') {
+ return 'owaspTop10';
+ } else if (type === 'sans_top_25') {
+ return 'sansTop25';
+ } else {
+ return 'sonarsource';
+ }
+ };
+
fetchSecurityHotspots = () => {
const { branchLike, component } = this.props;
this.setState({ loading: true });
import HelpTooltip from '../../../components/controls/HelpTooltip';
import VulnerabilityIcon from '../../../components/icons-components/VulnerabilityIcon';
import SecurityHotspotIcon from '../../../components/icons-components/SecurityHotspotIcon';
-import {
- renderOwaspTop10Category,
- renderSansTop25Category,
- renderCWECategory,
- Standards,
- StandardType
-} from '../utils';
+import { renderOwaspTop10Category, renderSansTop25Category, renderCWECategory } from '../utils';
import DetachIcon from '../../../components/icons-components/DetachIcon';
import Tooltip from '../../../components/controls/Tooltip';
import { getRatingTooltip } from '../../../helpers/measures';
component: T.Component;
findings: T.SecurityHotspot[];
showCWE: boolean;
- type: StandardType;
+ type: T.StandardType;
}
interface State {
- standards: Standards;
+ standards: T.Standards;
}
const STANDARDS_TAGS = {
owaspTop10: 'owasp',
sansTop25: 'sans-top25',
- cwe: 'cwe'
+ cwe: 'cwe',
+ sonarsourceSecurity: 'sonarsourceSecurity'
};
export default class VulnerabilityList extends React.PureComponent<Props, State> {
mounted = false;
- state: State = { standards: { owaspTop10: {}, sansTop25: {}, cwe: {} } };
+ state: State = { standards: { owaspTop10: {}, sansTop25: {}, cwe: {}, sonarsourceSecurity: {} } };
componentDidMount() {
this.mounted = true;
import('../../../helpers/standards.json')
.then(x => x.default)
.then(
- ({ owaspTop10, sansTop25, cwe }: Standards) => {
+ ({ owaspTop10, sansTop25, cwe, sonarsourceSecurity }: T.Standards) => {
if (this.mounted) {
- this.setState({ standards: { owaspTop10, sansTop25, cwe } });
+ this.setState({ standards: { owaspTop10, sansTop25, cwe, sonarsourceSecurity } });
}
},
() => {}
);
};
- getName(finding: T.SecurityHotspot, type: StandardType) {
+ getName(finding: T.SecurityHotspot, type: T.StandardType) {
const category = finding.category || finding.cwe || 'unknown';
const renderers = {
owaspTop10: renderOwaspTop10Category,
sansTop25: renderSansTop25Category,
- cwe: renderCWECategory
+ cwe: renderCWECategory,
+ sonarsourceSecurity: () => {
+ /* TODO */
+ }
};
return (
<>
// We redirect the user to the rules page, using languages, types, keywords and tags filters
// to display the correct list of rules
- renderMoreRulesOverlay = (type: StandardType, category: string) => {
+ renderMoreRulesOverlay = (type: T.StandardType, category: string) => {
const languages = this.props.component.qualityProfiles
? this.props.component.qualityProfiles.map(qp => qp.language).join(',')
: '';
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
-export type StandardType = 'owaspTop10' | 'sansTop25' | 'cwe';
-
-export interface Standards {
- owaspTop10: T.Dict<{ title: string; description?: string }>;
- sansTop25: T.Dict<{ title: string; description?: string }>;
- cwe: T.Dict<{ title: string; description?: string }>;
-}
-
export function renderOwaspTop10Category(
- standards: Standards,
+ standards: T.Standards,
category: string,
withPrefix = false
): string {
}
}
-export function renderCWECategory(standards: Standards, category: string): string {
+export function renderCWECategory(standards: T.Standards, category: string): string {
const record = standards.cwe[category];
if (!record) {
return `CWE-${category}`;
}
export function renderSansTop25Category(
- standards: Standards,
+ standards: T.Standards,
category: string,
withPrefix = false
): string {