Merge pull request #581 from fortify/develop

Prepare for next release
fortify · Aug 21, 2024 · 7a400f2 · 7a400f2
2 parents f44fe37 + 694e7ae
commit 7a400f2
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 36 deletions.
diff --git a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/github-pr-comment.yaml b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/github-pr-comment.yaml
@@ -91,9 +91,6 @@ steps:
             - if: ${(issue.status=='New' || issue.status=='Reopen')}
               name: newIssues
               valueTemplate: mdIssueListItem
-            - if: ${(issue.status=='New' || issue.status=='Reopen') && issue.engineType=='Static'}
-              name: jsonSourceCodeComments
-              valueTemplate: jsonSourceCodeComment
 
   - progress: Generating GitHub request
   - set:
@@ -125,7 +122,6 @@ valueTemplates:
       # For now, we don't include any source code comments, as this will cause
       # GitHub to return an error if the source file doesn't exist in the repo.
       comments: ${{}} 
-      # comments: ${jsonSourceCodeComments?:{}}
 
   - name: reviewBody
     contents: |
@@ -143,19 +139,8 @@ valueTemplates:
         ? "* No removed issues were detected" 
         : ("* "+#join('\n* ',removedIssues))}
         
-  - name: jsonSourceCodeComment
-    contents:
-      path: ${issue.primaryLocationFull}
-      line: ${issue.lineNumber==0?1:issue.lineNumber}
-      body: |
-        <p><b>Security Scanning</b> / Fortify SAST</p>
-        <h3>${issue.severityString} - ${issue.category} </h3>
-        <p>${#htmlToText(issue.details?.summary)}</p>
-        <br>
-        <p><a href=${#fod.issueBrowserUrl(issue)} target="_blank" rel="noopener noreferrer">More information</a></p>
   - name: mdIssueListItem
-    contents: >
-      ${issue.status} (${issue.scantype}): [${issue.primaryLocationFull}${issue.lineNumber==null?'':':'+issue.lineNumber} - ${issue.category}](${#fod.issueBrowserUrl(issue)})
+    contents: "${issue.status} (${issue.scantype}) - ${issue.category}:    \n[${issue.primaryLocationFull}${issue.lineNumber==null?'':':'+issue.lineNumber}](${#fod.issueBrowserUrl(issue)})"
 
 
 
diff --git a/fcli-core/fcli-ssc/src/main/java/com/fortify/cli/ssc/action/cli/cmd/SSCActionRunCommand.java b/fcli-core/fcli-ssc/src/main/java/com/fortify/cli/ssc/action/cli/cmd/SSCActionRunCommand.java
@@ -97,9 +97,12 @@ public String issueBrowserUrl(ObjectNode issue, ObjectNode filterset) {
             }
             return templateRunner.getSpelEvaluator().evaluate(SpelHelper.parseTemplateExpression(deepLinkExpression), issue, String.class);
         }
-        public String appversionBrowserUrl(ObjectNode appversion) {
+        public String appversionBrowserUrl(ObjectNode appversion, ObjectNode filterset) {
             var deepLinkExpression = baseUrl()
-                    +"/html/ssc/index.jsp#!/version/${id}/fix";
+                    +"/html/ssc/version/${id}/audit";
+            if ( filterset!=null ) { 
+                deepLinkExpression+="?filterSet="+filterset.get("guid").asText();
+            }
             return templateRunner.getSpelEvaluator().evaluate(SpelHelper.parseTemplateExpression(deepLinkExpression), appversion, String.class);
         }
         private String baseUrl() {

diff --git a/...-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/appversion-summary.yaml b/...-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/appversion-summary.yaml
@@ -234,7 +234,7 @@ valueTemplates:
     contents: |
       # SSC Application Version Summary
       
-      ## [${parameters.appversion.project.name} - ${parameters.appversion.name}](${#ssc.appversionBrowserUrl(parameters.appversion)})
+      ## [${parameters.appversion.project.name} - ${parameters.appversion.name}](${#ssc.appversionBrowserUrl(parameters.appversion,null)})
       
       Summary generated on: ${#formatDateTime(dateFmt)}
       

diff --git a/...re/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/bitbucket-sast-report.yaml b/...re/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/bitbucket-sast-report.yaml
@@ -102,7 +102,7 @@ valueTemplates:
       details: Fortify detected ${annotations?.size()?:0} static ${annotations?.size()==1 ? 'vulnerability':'vulnerabilities'}
       #external_id:
       reporter: Fortify Static Code Analyzer ${lastStaticScan?.engineVersion?:''}
-      link: ${#ssc.appversionBrowserUrl(parameters.appversion)}
+      link: ${#ssc.appversionBrowserUrl(parameters.appversion,parameters.filterset)}
       # remote_link_enabled:
       logo_url: https://bitbucket.org/workspaces/fortifysoftware/avatar
       report_type: SECURITY

diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-pr-comment.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-pr-comment.yaml
@@ -97,9 +97,6 @@ steps:
             - if: ${(issue.scanStatus=='NEW' || issue.scanStatus=='REINTRODUCED')}
               name: newIssues
               valueTemplate: mdIssueListItem
-            - if: ${(issue.scanStatus=='NEW' || issue.scanStatus=='REINTRODUCED') && issue.engineType=='SCA'}
-              name: jsonSourceCodeComments
-              valueTemplate: jsonSourceCodeComment
 
   - progress: Generating GitHub request
   - set:
@@ -131,7 +128,6 @@ valueTemplates:
       # For now, we don't include any source code comments, as this will cause
       # GitHub to return an error if the source file doesn't exist in the repo.
       comments: ${{}} 
-      # comments: ${jsonSourceCodeComments?:{}}
 
   - name: reviewBody
     contents: |
@@ -149,16 +145,6 @@ valueTemplates:
         ? "* No removed issues were detected" 
         : ("* "+#join('\n* ',removedIssues))}
         
-  - name: jsonSourceCodeComment
-    contents:
-      path: ${issue.fullFileName}
-      line: ${issue.lineNumber==0?1:issue.lineNumber}
-      body: |
-        <p><b>Security Scanning</b> / Fortify SAST</p>
-        <h3>${issue.details.friority} - ${issue.details.issueName} </h3>
-        <p>${issue.details.brief}</p>
-        <br>
-        <p><a href=${#ssc.issueBrowserUrl(issue,parameters.filterset)} target="_blank" rel="noopener noreferrer">More information</a></p>
   - name: mdIssueListItem
-    contents: >
-      ${issue.scanStatus} (${issue.engineCategory}): [${issue.fullFileName}${issue.lineNumber==null?'':':'+issue.lineNumber} - ${issue.issueName}](${#ssc.issueBrowserUrl(issue,parameters.filterset)})
+    contents: "${issue.scanStatus} (${issue.engineCategory}) - ${issue.issueName}:    \n[${issue.fullFileName}${issue.lineNumber==null?'':':'+issue.lineNumber}](${#ssc.issueBrowserUrl(issue,parameters.filterset)})"
+