Merge pull request #106 from bridgecrewio/BCE-27972-fix-owasp

[BCE-27972] fix owasp
bridgecrewio · Feb 14, 2024 · 0459507 · 0459507
2 parents b5db145 + 186bc1c
commit 0459507
Show file tree

Hide file tree

Showing 8 changed files with 14 additions and 10 deletions.
diff --git a/build.gradle.kts b/build.gradle.kts
@@ -11,7 +11,7 @@ plugins {
     // Kotlin support
     id("org.jetbrains.kotlin.jvm") version "1.8.0"
     // gradle-intellij-plugin - read more: https://github.com/JetBrains/gradle-intellij-plugin
-    id("org.jetbrains.intellij") version "1.3.0"
+    id("org.jetbrains.intellij") version "1.10.1"
     // gradle-changelog-plugin - read more: https://github.com/JetBrains/gradle-changelog-plugin
     id("org.jetbrains.changelog") version "1.3.1"
     // Gradle Qodana Plugin
@@ -140,4 +140,8 @@ tasks {
             events(TestLogEvent.PASSED, TestLogEvent.SKIPPED, TestLogEvent.FAILED)
         }
     }
+
+    runPluginVerifier {
+        ideVersions.set(listOf("IC-2020.3.4", "IC-2021.1.3", "IC-2021.2.4"))
+    }
 }
diff --git a/gradle.properties b/gradle.properties
@@ -3,14 +3,14 @@
 
 pluginGroup = com.github.bridgecrewio.prismajetbrainsidea
 pluginName = prismacloud-jetbrains-idea
-pluginVersion = 1.0.13
+pluginVersion = 1.0.14
 pluginSinceBuild = 203
 # Plugin Verifier integration -> https://github.com/JetBrains/gradle-intellij-plugin#plugin-verifier-dsl
 # See https://jb.gg/intellij-platform-builds-list for available build versions
-pluginVerifierIdeVersions = 2020.3.4, 2021.1.3, 2021.2.1, 2021.2.2, 2020.1.2
+pluginVerifierIdeVersions = 2020.3.4, 2021.1.3, 2021.2.4
 
 platformType = IC
-platformVersion = 2021.2.2
+platformVersion = 2021.2.4
 platformDownloadSources = true
 # Plugin Dependencies -> https://plugins.jetbrains.com/docs/intellij/plugin-dependencies.html
 # Example: platformPlugins = com.intellij.java, com.jetbrains.php:203.4449.22

diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.0-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-7.1-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
diff --git a/src/main/kotlin/com/bridgecrew/CheckovResult.kt b/src/main/kotlin/com/bridgecrew/CheckovResult.kt
@@ -46,7 +46,7 @@ data class CheckovResult(
         var check_type: String,
         val fixed_definition: String = "",
         val cwe: ArrayList<String> = ArrayList(),
-        val owasp: String = "",
+        val owasp: List<String> = ArrayList(),
         val metadata: Metadata? = null
 )
 

diff --git a/src/main/kotlin/com/bridgecrew/initialization/InitializationService.kt b/src/main/kotlin/com/bridgecrew/initialization/InitializationService.kt
@@ -25,7 +25,7 @@ private val LOG = logger<InitializationService>()
 class InitializationService(private val project: Project) {
 
     private var isCheckovInstalledGlobally: Boolean = false
-    private var checkovVersion: String = "2.3.329"
+    private var checkovVersion: String = "3.2.20"
 
     fun initializeProject() {
         initializeCheckovScanService()

diff --git a/src/main/kotlin/com/bridgecrew/results/WeaknessCheckovResult.kt b/src/main/kotlin/com/bridgecrew/results/WeaknessCheckovResult.kt
@@ -17,7 +17,7 @@ class WeaknessCheckovResult(
         codeBlock: List<List<Any>>,
         val checkName: String,
         val cwe: List<String>,
-        val owasp: String,
+        val owasp: List<String>,
         val metadata: Metadata?) :
         BaseCheckovResult(
                 category = Category.WEAKNESSES,

diff --git a/src/main/kotlin/com/bridgecrew/ui/rightPanel/dictionaryDetails/WeaknessDictionaryPanel.kt b/src/main/kotlin/com/bridgecrew/ui/rightPanel/dictionaryDetails/WeaknessDictionaryPanel.kt
@@ -32,7 +32,7 @@ class WeaknessDictionaryPanel(private val result: WeaknessCheckovResult, private
             "Description" to result.description,
             "Code" to extractCode(result),
             "CWE(s)" to result.cwe.joinToString(", "),
-            "OWASP Top 10" to result.owasp,
+            "OWASP Top 10" to result.owasp.joinToString(", "),
             "Data flow" to extractDataFlow(result)
     )
 

diff --git a/src/test/kotlin/com/bridgecrew/fixtures/WeaknessCheckovResultFixture.kt b/src/test/kotlin/com/bridgecrew/fixtures/WeaknessCheckovResultFixture.kt
@@ -77,7 +77,7 @@ fun createWeaknessCheckovResult(metadata: String): WeaknessCheckovResult {
          {
          	"checkName": "Unsafe custom MessageDigest is implemented",
          	"cwe": ["CWE-327: Use of a Broken or Risky Cryptographic Algorithm"],
-         	"owasp": "TBD",
+         	"owasp": ["TBD"],
          	$metadata
          	"category": "WEAKNESSES",
          	"checkType": "SAST",