#68 - move sarif readers to separate package

OWASP-Benchmark · Apr 18, 2024 · 6cc7407 · 6cc7407
1 parent 5148873
commit 6cc7407
Show file tree

Hide file tree

Showing 17 changed files with 67 additions and 38 deletions.
diff --git a/plugin/src/main/java/org/owasp/benchmarkutils/score/parsers/Reader.java b/plugin/src/main/java/org/owasp/benchmarkutils/score/parsers/Reader.java
@@ -28,6 +28,12 @@
 import org.owasp.benchmarkutils.score.BenchmarkScore;
 import org.owasp.benchmarkutils.score.ResultFile;
 import org.owasp.benchmarkutils.score.TestSuiteResults;
+import org.owasp.benchmarkutils.score.parsers.sarif.CodeQLReader;
+import org.owasp.benchmarkutils.score.parsers.sarif.ContrastScanReader;
+import org.owasp.benchmarkutils.score.parsers.sarif.DatadogSastReader;
+import org.owasp.benchmarkutils.score.parsers.sarif.PrecautionReader;
+import org.owasp.benchmarkutils.score.parsers.sarif.SemgrepSarifReader;
+import org.owasp.benchmarkutils.score.parsers.sarif.SnykReader;
 import org.w3c.dom.NamedNodeMap;
 import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;

diff --git a/...markutils/score/parsers/CodeQLReader.java → ...ils/score/parsers/sarif/CodeQLReader.java b/...markutils/score/parsers/CodeQLReader.java → ...ils/score/parsers/sarif/CodeQLReader.java
@@ -17,7 +17,7 @@
  * @author Nicolas Couraud
  * @created 2021
  */
-package org.owasp.benchmarkutils.score.parsers;
+package org.owasp.benchmarkutils.score.parsers.sarif;
 
 import org.owasp.benchmarkutils.score.CweNumber;
 

diff --git a/...ils/score/parsers/ContrastScanReader.java → ...ore/parsers/sarif/ContrastScanReader.java b/...ils/score/parsers/ContrastScanReader.java → ...ore/parsers/sarif/ContrastScanReader.java
@@ -15,7 +15,7 @@
  * @author Sascha Knoop
  * @created 2022
  */
-package org.owasp.benchmarkutils.score.parsers;
+package org.owasp.benchmarkutils.score.parsers.sarif;
 
 import org.json.JSONObject;
 import org.owasp.benchmarkutils.score.CweNumber;

diff --git a/...tils/score/parsers/DatadogSastReader.java → ...core/parsers/sarif/DatadogSastReader.java b/...tils/score/parsers/DatadogSastReader.java → ...core/parsers/sarif/DatadogSastReader.java
@@ -15,7 +15,7 @@
  * @author Julien Delange
  * @created 2024
  */
-package org.owasp.benchmarkutils.score.parsers;
+package org.owasp.benchmarkutils.score.parsers.sarif;
 
 import org.owasp.benchmarkutils.score.ResultFile;
 

diff --git a/...utils/score/parsers/PrecautionReader.java → ...score/parsers/sarif/PrecautionReader.java b/...utils/score/parsers/PrecautionReader.java → ...score/parsers/sarif/PrecautionReader.java
@@ -15,7 +15,7 @@
  * @author Eric Brown
  * @created 2024
  */
-package org.owasp.benchmarkutils.score.parsers;
+package org.owasp.benchmarkutils.score.parsers.sarif;
 
 public class PrecautionReader extends SarifReader {
 

diff --git a/...hmarkutils/score/parsers/SarifReader.java → ...tils/score/parsers/sarif/SarifReader.java b/...hmarkutils/score/parsers/SarifReader.java → ...tils/score/parsers/sarif/SarifReader.java
@@ -15,7 +15,7 @@
  * @author Sascha Knoop
  * @created 2024
  */
-package org.owasp.benchmarkutils.score.parsers;
+package org.owasp.benchmarkutils.score.parsers.sarif;
 
 import static java.lang.Integer.parseInt;
 
@@ -34,6 +34,7 @@
 import org.owasp.benchmarkutils.score.ResultFile;
 import org.owasp.benchmarkutils.score.TestCaseResult;
 import org.owasp.benchmarkutils.score.TestSuiteResults;
+import org.owasp.benchmarkutils.score.parsers.Reader;
 
 public abstract class SarifReader extends Reader {
 

diff --git a/...ils/score/parsers/SemgrepSarifReader.java → ...ore/parsers/sarif/SemgrepSarifReader.java b/...ils/score/parsers/SemgrepSarifReader.java → ...ore/parsers/sarif/SemgrepSarifReader.java
@@ -15,7 +15,7 @@
  * @author Sascha Knoop
  * @created 2024
  */
-package org.owasp.benchmarkutils.score.parsers;
+package org.owasp.benchmarkutils.score.parsers.sarif;
 
 public class SemgrepSarifReader extends SarifReader {
 

diff --git a/...chmarkutils/score/parsers/SnykReader.java → ...utils/score/parsers/sarif/SnykReader.java b/...chmarkutils/score/parsers/SnykReader.java → ...utils/score/parsers/sarif/SnykReader.java
@@ -15,7 +15,7 @@
  * @author Raj Barath
  * @created 2023
  */
-package org.owasp.benchmarkutils.score.parsers;
+package org.owasp.benchmarkutils.score.parsers.sarif;
 
 public class SnykReader extends SarifReader {
 

diff --git a/plugin/src/test/java/org/owasp/benchmarkutils/score/parsers/ReaderTestBase.java b/plugin/src/test/java/org/owasp/benchmarkutils/score/parsers/ReaderTestBase.java
@@ -30,7 +30,7 @@ public void assertReaderIsInReaderAllReadersList() {
                 "Reader " + thisReaderName + " must be added to Reader.allReaders() list");
     }
 
-    void assertOnlyMatcherClassIs(ResultFile resultFile, Class<? extends Reader> c) {
+    protected void assertOnlyMatcherClassIs(ResultFile resultFile, Class<? extends Reader> c) {
         List<Class<?>> readers =
                 Reader.allReaders().stream()
                         .filter(r -> r.canRead(resultFile))

diff --git a/plugin/src/test/java/org/owasp/benchmarkutils/score/parsers/SarifReaderTest.java b/plugin/src/test/java/org/owasp/benchmarkutils/score/parsers/SarifReaderTest.java
diff --git a/...utils/score/parsers/CodeQLReaderTest.java → ...score/parsers/sarif/CodeQLReaderTest.java b/...utils/score/parsers/CodeQLReaderTest.java → ...score/parsers/sarif/CodeQLReaderTest.java
@@ -15,7 +15,7 @@
  * @author Nicolas Couraud
  * @created 2023
  */
-package org.owasp.benchmarkutils.score.parsers;
+package org.owasp.benchmarkutils.score.parsers.sarif;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 
@@ -26,9 +26,7 @@
 import org.owasp.benchmarkutils.score.ResultFile;
 import org.owasp.benchmarkutils.score.TestHelper;
 import org.owasp.benchmarkutils.score.TestSuiteResults;
-
-import java.io.File;
-import java.io.IOException;
+import org.owasp.benchmarkutils.score.parsers.ReaderTestBase;
 
 public class CodeQLReaderTest extends ReaderTestBase {
 

diff --git a/...score/parsers/ContrastScanReaderTest.java → ...parsers/sarif/ContrastScanReaderTest.java b/...score/parsers/ContrastScanReaderTest.java → ...parsers/sarif/ContrastScanReaderTest.java
@@ -15,7 +15,7 @@
  * @author Sascha Knoop
  * @created 2022
  */
-package org.owasp.benchmarkutils.score.parsers;
+package org.owasp.benchmarkutils.score.parsers.sarif;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertTrue;
@@ -27,6 +27,7 @@
 import org.owasp.benchmarkutils.score.ResultFile;
 import org.owasp.benchmarkutils.score.TestHelper;
 import org.owasp.benchmarkutils.score.TestSuiteResults;
+import org.owasp.benchmarkutils.score.parsers.ReaderTestBase;
 
 public class ContrastScanReaderTest extends ReaderTestBase {
 

diff --git a/.../score/parsers/DatadogSastReaderTest.java → .../parsers/sarif/DatadogSastReaderTest.java b/.../score/parsers/DatadogSastReaderTest.java → .../parsers/sarif/DatadogSastReaderTest.java
@@ -15,7 +15,7 @@
  * @author Julien Delange
  * @created 2024
  */
-package org.owasp.benchmarkutils.score.parsers;
+package org.owasp.benchmarkutils.score.parsers.sarif;
 
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@@ -24,6 +24,7 @@
 import org.owasp.benchmarkutils.score.ResultFile;
 import org.owasp.benchmarkutils.score.TestHelper;
 import org.owasp.benchmarkutils.score.TestSuiteResults;
+import org.owasp.benchmarkutils.score.parsers.ReaderTestBase;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertFalse;

diff --git a/...s/score/parsers/PrecautionReaderTest.java → ...e/parsers/sarif/PrecautionReaderTest.java b/...s/score/parsers/PrecautionReaderTest.java → ...e/parsers/sarif/PrecautionReaderTest.java
@@ -15,7 +15,7 @@
  * @author Eric Brown
  * @created 2024
  */
-package org.owasp.benchmarkutils.score.parsers;
+package org.owasp.benchmarkutils.score.parsers.sarif;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertFalse;
@@ -27,6 +27,8 @@
 import org.owasp.benchmarkutils.score.ResultFile;
 import org.owasp.benchmarkutils.score.TestHelper;
 import org.owasp.benchmarkutils.score.TestSuiteResults;
+import org.owasp.benchmarkutils.score.parsers.ReaderTestBase;
+import org.owasp.benchmarkutils.score.parsers.sarif.PrecautionReader;
 
 class PrecautionReaderTest extends ReaderTestBase {
 

diff --git a/plugin/src/test/java/org/owasp/benchmarkutils/score/parsers/sarif/SarifReaderTest.java b/plugin/src/test/java/org/owasp/benchmarkutils/score/parsers/sarif/SarifReaderTest.java
@@ -0,0 +1,39 @@
+/**
+ * OWASP Benchmark Project
+ *
+ * <p>This file is part of the Open Web Application Security Project (OWASP) Benchmark Project For
+ * details, please see <a
+ * href="https://owasp.org/www-project-benchmark/">https://owasp.org/www-project-benchmark/</a>.
+ *
+ * <p>The OWASP Benchmark is free software: you can redistribute it and/or modify it under the terms
+ * of the GNU General Public License as published by the Free Software Foundation, version 2.
+ *
+ * <p>The OWASP Benchmark is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+ * PURPOSE. See the GNU General Public License for more details.
+ *
+ * @author Sascha Knoop
+ * @created 2024
+ */
+package org.owasp.benchmarkutils.score.parsers.sarif;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.ValueSource;
+import org.owasp.benchmarkutils.score.parsers.sarif.SarifReader;
+
+public class SarifReaderTest {
+
+    @ParameterizedTest(name = "{index} - extracts cwe number from input {0}")
+    @ValueSource(
+            strings = {
+                "CWE-326",
+                "CWE-326: Inadequate Encryption Strength",
+                "external/cwe/cwe-326",
+                "CWE:326"
+            })
+    void extractsCweNumberFromInput(String input) {
+        assertEquals(326, SarifReader.extractCwe(input));
+    }
+}
diff --git a/...score/parsers/SemgrepSarifReaderTest.java → ...parsers/sarif/SemgrepSarifReaderTest.java b/...score/parsers/SemgrepSarifReaderTest.java → ...parsers/sarif/SemgrepSarifReaderTest.java
@@ -15,7 +15,7 @@
  * @author Sascha Knoop
  * @created 2024
  */
-package org.owasp.benchmarkutils.score.parsers;
+package org.owasp.benchmarkutils.score.parsers.sarif;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertFalse;
@@ -27,6 +27,7 @@
 import org.owasp.benchmarkutils.score.ResultFile;
 import org.owasp.benchmarkutils.score.TestHelper;
 import org.owasp.benchmarkutils.score.TestSuiteResults;
+import org.owasp.benchmarkutils.score.parsers.ReaderTestBase;
 
 class SemgrepSarifReaderTest extends ReaderTestBase {
 

diff --git a/...rkutils/score/parsers/SnykReaderTest.java → ...s/score/parsers/sarif/SnykReaderTest.java b/...rkutils/score/parsers/SnykReaderTest.java → ...s/score/parsers/sarif/SnykReaderTest.java
@@ -15,7 +15,7 @@
  * @author Raj Barath
  * @created 2023
  */
-package org.owasp.benchmarkutils.score.parsers;
+package org.owasp.benchmarkutils.score.parsers.sarif;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertTrue;
@@ -27,6 +27,7 @@
 import org.owasp.benchmarkutils.score.ResultFile;
 import org.owasp.benchmarkutils.score.TestHelper;
 import org.owasp.benchmarkutils.score.TestSuiteResults;
+import org.owasp.benchmarkutils.score.parsers.ReaderTestBase;
 
 class SnykReaderTest extends ReaderTestBase {