Merge pull request #33 from Cargill/master

fix(xray summary): add additional fields

xray/fixtures/summary/summary.json

@@ -13,11 +13,16 @@
  "summary": "FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories",
  "description": "this is the description of the issue",
  "issue_type": "security",
- "severity": "Major",
+ "severity": "High",
  "provider": "JFrog",
  "cves": [
  {
- "cve": "CVE-2016-6251"
+ "cve": "CVE-2016-6251",
+ "cwe": [
+ "CWE-119"
+ ],
+ "cvss_v2": "7.5/CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3": "9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
  }
  ],
  "created": "2016-10-26T11:15:51.17Z",

xray/summary.go

@@ -47,7 +47,10 @@ type SummaryArtifact struct {
 
 // SummaryCve resprents the cves within the summary from Xray
 type SummaryCve struct {
- Cve *string `json:"cve,omitempty"`
+ Cve *string `json:"cve,omitempty"`
+ Cwe *[]string `json:"cwe,omitempty"`
+ Cvss2 *string `json:"cvss_v2,omitempty"`
+ Cvss3 *string `json:"cvss_v3,omitempty"`
 }
 
 // SummaryIssue represents a issue within the summary in Xray.

xray/summary_test.go

@@ -62,11 +62,14 @@ func Test_Summary(t *testing.T) {
  Summary: String("FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories"),
  Description: String("this is the description of the issue"),
  IssueType: String("security"),
- Severity: String("Major"),
+ Severity: String("High"),
  Provider: String("JFrog"),
  Cves: &[]SummaryCve{
  SummaryCve{
- Cve: String("CVE-2016-6251"),
+ Cve: String("CVE-2016-6251"),
+ Cwe: &[]string{"CWE-119"},
+ Cvss2: String("7.5/CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"),
+ Cvss3: String("9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"),
  },
  },
  Created: String("2016-10-26T11:15:51.17Z"),