@Override protected void processFile(InputFile inputFile, SensorContext context, RuleKey ruleKey, String languageKey) { NewIssue newIssue = context.newIssue() .overrideSeverity(Severity.BLOCKER) .forRule(ruleKey); newIssue.at(newIssue.newLocation() .on(inputFile) .message("This issue is generated on each file. Severity is blocker, whatever quality profile")) .save(); } }
private void createIssues(InputFile file, SensorContext context, String repo) { RuleKey ruleKey = RuleKey.of(repo, RULE_KEY); String severity = context.settings().getString(FORCE_SEVERITY_PROPERTY); for (int line = 1; line <= file.lines(); line++) { NewIssue newIssue = context.newIssue(); newIssue .forRule(ruleKey) .at(newIssue.newLocation() .on(file) .at(file.selectLine(line)) .message("This issue is generated on each line")) .overrideSeverity(severity != null ? Severity.valueOf(severity) : null); if (context.getSonarQubeVersion().isGreaterThanOrEqual(Version.create(5, 5))) { newIssue.gap(context.settings().getDouble(EFFORT_TO_FIX_PROPERTY)); } else { newIssue.gap(context.settings().getDouble(EFFORT_TO_FIX_PROPERTY)); } newIssue.save(); } }
@Override protected void processFile(InputFile inputFile, SensorContext context, RuleKey ruleKey, String languageKey) { NewIssue newIssue = context.newIssue() .overrideSeverity(Severity.BLOCKER) .forRule(ruleKey); newIssue.at(newIssue.newLocation() .on(inputFile) .message("This issue is generated on each file. Severity is blocker, whatever quality profile")) .save(); } }
private void addIssue(SensorContext context, Dependency dependency, Vulnerability vulnerability) { Float severityBlocker = context.config().getFloat(DependencyCheckConstants.SEVERITY_BLOCKER).orElse(DependencyCheckConstants.SEVERITY_BLOCKER_DEFAULT); Float severityCritical = context.config().getFloat(DependencyCheckConstants.SEVERITY_CRITICAL).orElse(DependencyCheckConstants.SEVERITY_CRITICAL_DEFAULT); Float severityMajor = context.config().getFloat(DependencyCheckConstants.SEVERITY_MAJOR).orElse(DependencyCheckConstants.SEVERITY_MAJOR_DEFAULT); Float severityMinor = context.config().getFloat(DependencyCheckConstants.SEVERITY_MINOR).orElse(DependencyCheckConstants.SEVERITY_MINOR_DEFAULT); Severity severity = DependencyCheckUtils.cvssToSonarQubeSeverity(vulnerability.getCvssScore(), severityBlocker ,severityCritical, severityMajor, severityMinor); context.newIssue() .forRule(RuleKey.of(DependencyCheckPlugin.REPOSITORY_KEY, DependencyCheckPlugin.RULE_KEY)) .at(new DefaultIssueLocation() .on(context.module()) .message(formatDescription(dependency, vulnerability)) ) .overrideSeverity(severity) .save(); incrementCount(severity); }
private void addIssue(SensorContext context, Dependency dependency) { dependency.sortVulnerabilityBycvssScore(); List<Vulnerability> vulnerabilities = dependency.getVulnerabilities(); Float severityBlocker = context.config().getFloat(DependencyCheckConstants.SEVERITY_BLOCKER).orElse(DependencyCheckConstants.SEVERITY_BLOCKER_DEFAULT); Float severityCritical = context.config().getFloat(DependencyCheckConstants.SEVERITY_CRITICAL).orElse(DependencyCheckConstants.SEVERITY_CRITICAL_DEFAULT); Float severityMajor = context.config().getFloat(DependencyCheckConstants.SEVERITY_MAJOR).orElse(DependencyCheckConstants.SEVERITY_MAJOR_DEFAULT); Float severityMinor = context.config().getFloat(DependencyCheckConstants.SEVERITY_MINOR).orElse(DependencyCheckConstants.SEVERITY_MINOR_DEFAULT); Vulnerability highestVulnerability = vulnerabilities.get(0); Severity severity = DependencyCheckUtils.cvssToSonarQubeSeverity(highestVulnerability.getCvssScore(), severityBlocker ,severityCritical, severityMajor, severityMinor); context.newIssue() .forRule(RuleKey.of(DependencyCheckPlugin.REPOSITORY_KEY, DependencyCheckPlugin.RULE_KEY)) .at(new DefaultIssueLocation() .on(context.module()) .message(formatDescription(dependency, vulnerabilities, highestVulnerability))) .overrideSeverity(severity) .save(); incrementCount(severity); }
private void addIssue(org.sonar.api.batch.sensor.SensorContext context, AlertItem alert) { Severity severity = ZapUtils.riskCodeToSonarQubeSeverity(alert.getRiskcode()); context.newIssue() .forRule(RuleKey.of(ZapPlugin.REPOSITORY_KEY, String.valueOf(alert.getPluginid()))) .at(new DefaultIssueLocation().on(context.module()).message(formatDescription(alert))) .overrideSeverity(severity) .save(); incrementCount(severity); }
private void createIssues(InputFile file, SensorContext context) { RuleKey ruleKey = RuleKey.of(XooRulesDefinition.XOO_REPOSITORY, RULE_KEY); String severity = context.settings().getString(FORCE_SEVERITY_PROPERTY); for (int line = 1; line <= file.lines(); line++) { context.newIssue() .forRule(ruleKey) .onFile(file) .atLine(line) .effortToFix(context.settings().getDouble(EFFORT_TO_FIX_PROPERTY)) .overrideSeverity(severity != null ? Severity.valueOf(severity) : null) .message("This issue is generated on each line") .save(); } } }
private void createIssues(InputFile file, SensorContext context, String repo) { RuleKey ruleKey = RuleKey.of(repo, RULE_KEY); String severity = context.settings().getString(FORCE_SEVERITY_PROPERTY); for (int line = 1; line <= file.lines(); line++) { NewIssue newIssue = context.newIssue(); newIssue .forRule(ruleKey) .at(newIssue.newLocation() .on(file) .at(file.selectLine(line)) .message("This issue is generated on each line")) .overrideSeverity(severity != null ? Severity.valueOf(severity) : null); if (context.getSonarQubeVersion().isGreaterThanOrEqual(Version.create(5, 5))) { newIssue.gap(context.settings().getDouble(EFFORT_TO_FIX_PROPERTY)); } else { newIssue.gap(context.settings().getDouble(EFFORT_TO_FIX_PROPERTY)); } newIssue.save(); } }