From 391c671c227675cfb6238d1fd5c6324c761b5a1a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Fabianski?= Date: Thu, 31 Oct 2024 11:45:40 +0100 Subject: [PATCH] add errors to jsonv2 security report --- .../TestReportFlagsShouldFail-format-jsonv2 | 2 +- .../TestExpectedRule-testdata-data-expected_rule | 2 +- pkg/report/output/security/formatter.go | 11 +++++++---- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/e2e/flags/.snapshots/TestReportFlagsShouldFail-format-jsonv2 b/e2e/flags/.snapshots/TestReportFlagsShouldFail-format-jsonv2 index 714bad4cb..3ea1fa3f0 100644 --- a/e2e/flags/.snapshots/TestReportFlagsShouldFail-format-jsonv2 +++ b/e2e/flags/.snapshots/TestReportFlagsShouldFail-format-jsonv2 @@ -1,4 +1,4 @@ -{"source":"Bearer","version":"dev","findings":[{"cwe_ids":["42"],"id":"test_ruby_logger","title":"Ruby logger","description":"Ruby logger","documentation_url":"","line_number":1,"full_filename":"e2e/flags/testdata/simple/main.rb","filename":"main.rb","data_type":{"category_uuid":"cef587dd-76db-430b-9e18-7b031e1a193b","name":"Email Address"},"category_groups":["PII","Personal Data"],"source":{"start":1,"end":1,"column":{"start":26,"end":36}},"sink":{"start":1,"end":1,"column":{"start":1,"end":37},"content":""},"parent_line_number":1,"fingerprint":"fa5e03644738e4c17cbbd04a580506b1_0","old_fingerprint":"8240e1537878783bac845d1163c80555_0","code_extract":"logger.info(\"user info\", user.email)","severity":"high"}]} +{"source":"Bearer","version":"dev","findings":[{"cwe_ids":["42"],"id":"test_ruby_logger","title":"Ruby logger","description":"Ruby logger","documentation_url":"","line_number":1,"full_filename":"e2e/flags/testdata/simple/main.rb","filename":"main.rb","data_type":{"category_uuid":"cef587dd-76db-430b-9e18-7b031e1a193b","name":"Email Address"},"category_groups":["PII","Personal Data"],"source":{"start":1,"end":1,"column":{"start":26,"end":36}},"sink":{"start":1,"end":1,"column":{"start":1,"end":37},"content":""},"parent_line_number":1,"fingerprint":"fa5e03644738e4c17cbbd04a580506b1_0","old_fingerprint":"8240e1537878783bac845d1163c80555_0","code_extract":"logger.info(\"user info\", user.email)","severity":"high"}],"errors":[]} -- Analyzing codebase diff --git a/e2e/rules/.snapshots/TestExpectedRule-testdata-data-expected_rule b/e2e/rules/.snapshots/TestExpectedRule-testdata-data-expected_rule index 837448851..f0ea78455 100644 --- a/e2e/rules/.snapshots/TestExpectedRule-testdata-data-expected_rule +++ b/e2e/rules/.snapshots/TestExpectedRule-testdata-data-expected_rule @@ -1,4 +1,4 @@ -{"source":"Bearer","version":"dev","findings":[{"cwe_ids":["319"],"id":"expected_rule","title":"","description":"","documentation_url":"","line_number":3,"full_filename":"e2e/rules/testdata/data/expected_rule/main.rb","filename":"main.rb","source":{"start":3,"end":3,"column":{"start":3,"end":7}},"sink":{"start":3,"end":3,"column":{"start":3,"end":7},"content":""},"parent_line_number":3,"fingerprint":"c50ecec7e1fcfba6cce5fcfab129556c_0","old_fingerprint":"6630ae26e5210b1e43bb4c02426e6be7_0","code_extract":" sink","severity":"low"},{"cwe_ids":["319"],"id":"expected_rule","title":"","description":"","documentation_url":"","line_number":8,"full_filename":"e2e/rules/testdata/data/expected_rule/main.rb","filename":"main.rb","source":{"start":8,"end":8,"column":{"start":3,"end":7}},"sink":{"start":8,"end":8,"column":{"start":3,"end":7},"content":""},"parent_line_number":8,"fingerprint":"c50ecec7e1fcfba6cce5fcfab129556c_1","old_fingerprint":"6630ae26e5210b1e43bb4c02426e6be7_1","code_extract":" sink","severity":"low"}],"expected_findings":[{"rule_id":"expected_rule","location":{"start":3,"end":3,"column":{"start":3,"end":7}}},{"rule_id":"expected_rule","location":{"start":8,"end":8,"column":{"start":3,"end":7}}}]} +{"source":"Bearer","version":"dev","findings":[{"cwe_ids":["319"],"id":"expected_rule","title":"","description":"","documentation_url":"","line_number":3,"full_filename":"e2e/rules/testdata/data/expected_rule/main.rb","filename":"main.rb","source":{"start":3,"end":3,"column":{"start":3,"end":7}},"sink":{"start":3,"end":3,"column":{"start":3,"end":7},"content":""},"parent_line_number":3,"fingerprint":"c50ecec7e1fcfba6cce5fcfab129556c_0","old_fingerprint":"6630ae26e5210b1e43bb4c02426e6be7_0","code_extract":" sink","severity":"low"},{"cwe_ids":["319"],"id":"expected_rule","title":"","description":"","documentation_url":"","line_number":8,"full_filename":"e2e/rules/testdata/data/expected_rule/main.rb","filename":"main.rb","source":{"start":8,"end":8,"column":{"start":3,"end":7}},"sink":{"start":8,"end":8,"column":{"start":3,"end":7},"content":""},"parent_line_number":8,"fingerprint":"c50ecec7e1fcfba6cce5fcfab129556c_1","old_fingerprint":"6630ae26e5210b1e43bb4c02426e6be7_1","code_extract":" sink","severity":"low"}],"expected_findings":[{"rule_id":"expected_rule","location":{"start":3,"end":3,"column":{"start":3,"end":7}}},{"rule_id":"expected_rule","location":{"start":8,"end":8,"column":{"start":3,"end":7}}}],"errors":[]} -- Analyzing codebase diff --git a/pkg/report/output/security/formatter.go b/pkg/report/output/security/formatter.go index 7d9e7afa4..fd6088cac 100644 --- a/pkg/report/output/security/formatter.go +++ b/pkg/report/output/security/formatter.go @@ -10,6 +10,7 @@ import ( "github.com/bearer/bearer/pkg/commands/process/settings" "github.com/bearer/bearer/pkg/engine" "github.com/bearer/bearer/pkg/flag" + dataflowtypes "github.com/bearer/bearer/pkg/report/output/dataflow/types" "github.com/bearer/bearer/pkg/report/output/gitlab" "github.com/bearer/bearer/pkg/report/output/html" "github.com/bearer/bearer/pkg/report/output/reviewdog" @@ -28,10 +29,11 @@ type Formatter struct { } type JsonV2Output struct { - Source string `json:"source" yaml:"source"` - Version string `json:"version" yaml:"version"` - Findings RawFindings `json:"findings" yaml:"findings"` - Expected ExpectedDetections `json:"expected_findings,omitempty" yaml:"expected_findings,omitempty"` + Source string `json:"source" yaml:"source"` + Version string `json:"version" yaml:"version"` + Findings RawFindings `json:"findings" yaml:"findings"` + Expected ExpectedDetections `json:"expected_findings,omitempty" yaml:"expected_findings,omitempty"` + Errors []dataflowtypes.Error `json:"errors" yaml:"errors"` } func NewFormatter( @@ -82,6 +84,7 @@ func (f Formatter) Format(format string) (output string, err error) { Version: build.Version, Findings: f.ReportData.RawFindings, Expected: f.ReportData.ExpectedDetections, + Errors: f.ReportData.Dataflow.Errors, }) case flag.FormatYAML: return outputhandler.ReportYAML(f.ReportData.FindingsBySeverity)