GoSec convert Command Update (#2702)

* GoSec convert command update Signed-off-by: Charles Hu <[email protected]> * Dependecy version fix Signed-off-by: Charles Hu <[email protected]> * Dependecy version fix Signed-off-by: Charles Hu <[email protected]> * gosec mapper update Signed-off-by: Charles Hu <[email protected]> * Sample change Signed-off-by: Charles Hu <[email protected]> * Sample file changes Signed-off-by: Charles Hu <[email protected]> * fixed tests to look for correct filenames Signed-off-by: Amndeep Singh Mann <[email protected]> * fixed tests to look for correct filenames Signed-off-by: Amndeep Singh Mann <[email protected]> --------- Signed-off-by: Charles Hu <[email protected]> Signed-off-by: Amndeep Singh Mann <[email protected]> Co-authored-by: Amndeep Singh Mann <[email protected]>
mitre · Jul 31, 2024 · e867fb1 · e867fb1
1 parent 9f2b9d0
commit e867fb1
Show file tree

Hide file tree

Showing 12 changed files with 16,462 additions and 159 deletions.
diff --git a/README.md b/README.md
@@ -48,7 +48,7 @@ The SAF CLI is the successor to [Heimdall Tools](https://github.com/mitre/heimda
       * [CKL to POA&amp;M](#ckl-to-poam)
       * [DBProtect to HDF](#dbprotect-to-hdf)
       * [Fortify to HDF](#fortify-to-hdf)
-      * [GoSec to HDF](#gosec-to-hdf)
+      * [gosec to HDF](#gosec-to-hdf)
       * [Ion Channel 2 HDF](#ion-channel-2-hdf)
       * [JFrog Xray to HDF](#jfrog-xray-to-hdf)
       * [Tenable Nessus to HDF](#tenable-nessus-to-hdf)
@@ -575,16 +575,16 @@ convert fortify2hdf           Translate a Fortify results FVDL file into a Heimd
 ```
 
 [top](#convert-other-formats-to-hdf)
-#### GoSec to HDF
+#### gosec to HDF
 ```
-convert gosec2hdf             Translate a GoSec (Golang Security Checker) results file
+convert gosec2hdf             Translate a gosec (Golang Security Checker) results file
                               into a Heimdall Data Format JSON file
   USAGE
     $ saf convert gosec2hdf -i <gosec-json> -o <hdf-scan-results-json> [-h]
 
   FLAGS
     -h, --help            Show CLI help.
-    -i, --input=<value>   (required) Input GoSec Results JSON File
+    -i, --input=<value>   (required) Input gosec Results JSON File
     -o, --output=<value>  (required) Output HDF JSON File
 
   EXAMPLES

diff --git a/src/commands/convert/gosec2hdf.ts b/src/commands/convert/gosec2hdf.ts
@@ -1,29 +1,30 @@
 import {Command, Flags} from '@oclif/core'
 import fs from 'fs'
-import {GoSecMapper as Mapper} from '@mitre/hdf-converters'
+import {GosecMapper as Mapper} from '@mitre/hdf-converters'
 import {checkInput, checkSuffix} from '../../utils/global'
 
-export default class GoSec2HDF extends Command {
-  static usage = 'convert gosec2hdf -i <gosec-json> -o <hdf-scan-results-json> [-h]'
+export default class Gosec2HDF extends Command {
+  static usage = 'convert gosec2hdf -i <gosec-json> -o <hdf-scan-results-json> [-h] [-w]'
 
-  static description = 'Translate a GoSec (Golang Security Checker) results JSON to a Heimdall Data Format JSON file'
+  static description = 'Translate a gosec (Golang Security Checker) results JSON to a Heimdall Data Format JSON file'
 
   static examples = ['saf convert gosec2hdf -i gosec_results.json -o output-hdf-name.json']
 
   static flags = {
     help: Flags.help({char: 'h'}),
-    input: Flags.string({char: 'i', required: true, description: 'Input GoSec Results JSON File'}),
+    input: Flags.string({char: 'i', required: true, description: 'Input gosec Results JSON File'}),
     output: Flags.string({char: 'o', required: true, description: 'Output HDF JSON File'}),
+    'with-raw': Flags.boolean({char: 'w', required: false, description: 'Include raw input file in HDF JSON file'}),
   }
 
   async run() {
-    const {flags} = await this.parse(GoSec2HDF)
+    const {flags} = await this.parse(Gosec2HDF)
 
     // Check for correct input type
     const data = fs.readFileSync(flags.input, 'utf8')
-    checkInput({data, filename: flags.input}, 'gosec', 'GoSec results JSON')
+    checkInput({data, filename: flags.input}, 'gosec', 'gosec results JSON')
 
-    const converter = new Mapper(fs.readFileSync(flags.input, 'utf8'), flags.name)
+    const converter = new Mapper(data, flags['with-raw'])
     fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
   }
 }
diff --git a/test/commands/convert/gosec2hdf.test.ts b/test/commands/convert/gosec2hdf.test.ts
@@ -10,9 +10,54 @@ describe('Test gosec', () => {
   test
     .stdout()
     .command(['convert gosec2hdf', '-i', path.resolve('./test/sample_data/gosec/sample_input_report/Grype_gosec_results.json'), '-o', `${tmpobj.name}/gosectest.json`])
-    .it('hdf-converter output test', () => {
+    .it('hdf-converter output test - grype', () => {
       const test = JSON.parse(fs.readFileSync(`${tmpobj.name}/gosectest.json`, 'utf8'))
-      const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/gosec/gosec-hdf.json'), 'utf8'))
+      const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/gosec/grype-gosec-hdf.json'), 'utf8'))
+      expect(omitHDFChangingFields(test)).to.eql(omitHDFChangingFields(sample))
+    })
+  test
+    .stdout()
+    .command(['convert gosec2hdf', '-i', path.resolve('./test/sample_data/gosec/sample_input_report/Go_Ethereum_gosec_results_external_suppressed.json'), '-o', `${tmpobj.name}/gosectest.json`])
+    .it('hdf-converter output test - unsuppressed go ethereum', () => {
+      const test = JSON.parse(fs.readFileSync(`${tmpobj.name}/gosectest.json`, 'utf8'))
+      const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/gosec/go-ethereum-external-unsuppressed-gosec-hdf.json'), 'utf8'))
+      expect(omitHDFChangingFields(test)).to.eql(omitHDFChangingFields(sample))
+    })
+  test
+    .stdout()
+    .command(['convert gosec2hdf', '-i', path.resolve('./test/sample_data/gosec/sample_input_report/Go_Ethereum_gosec_results_all_suppressed.json'), '-o', `${tmpobj.name}/gosectest.json`])
+    .it('hdf-converter output test - suppressed go ethereum', () => {
+      const test = JSON.parse(fs.readFileSync(`${tmpobj.name}/gosectest.json`, 'utf8'))
+      const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/gosec/go-ethereum-all-unsuppressed-gosec-hdf.json'), 'utf8'))
+      expect(omitHDFChangingFields(test)).to.eql(omitHDFChangingFields(sample))
+    })
+})
+
+describe('Test gosec using withraw flag', () => {
+  const tmpobj = tmp.dirSync({unsafeCleanup: true})
+
+  test
+    .stdout()
+    .command(['convert gosec2hdf', '-i', path.resolve('./test/sample_data/gosec/sample_input_report/Grype_gosec_results.json'), '-o', `${tmpobj.name}/gosectest.json`, '-w'])
+    .it('hdf-converter output test - grype', () => {
+      const test = JSON.parse(fs.readFileSync(`${tmpobj.name}/gosectest.json`, 'utf8'))
+      const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/gosec/grype-gosec-hdf-withraw.json'), 'utf8'))
+      expect(omitHDFChangingFields(test)).to.eql(omitHDFChangingFields(sample))
+    })
+  test
+    .stdout()
+    .command(['convert gosec2hdf', '-i', path.resolve('./test/sample_data/gosec/sample_input_report/Go_Ethereum_gosec_results_external_suppressed.json'), '-o', `${tmpobj.name}/gosectest.json`, '-w'])
+    .it('hdf-converter output test - unsuppressed go ethereum', () => {
+      const test = JSON.parse(fs.readFileSync(`${tmpobj.name}/gosectest.json`, 'utf8'))
+      const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/gosec/go-ethereum-external-unsuppressed-gosec-hdf-withraw.json'), 'utf8'))
+      expect(omitHDFChangingFields(test)).to.eql(omitHDFChangingFields(sample))
+    })
+  test
+    .stdout()
+    .command(['convert gosec2hdf', '-i', path.resolve('./test/sample_data/gosec/sample_input_report/Go_Ethereum_gosec_results_all_suppressed.json'), '-o', `${tmpobj.name}/gosectest.json`, '-w'])
+    .it('hdf-converter output test - suppressed go ethereum', () => {
+      const test = JSON.parse(fs.readFileSync(`${tmpobj.name}/gosectest.json`, 'utf8'))
+      const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/gosec/go-ethereum-all-unsuppressed-gosec-hdf-withraw.json'), 'utf8'))
       expect(omitHDFChangingFields(test)).to.eql(omitHDFChangingFields(sample))
     })
 })