-
Notifications
You must be signed in to change notification settings - Fork 287
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #916 from yalechen-cyw/main
🎨 add tool json
- Loading branch information
Showing
2 changed files
with
234 additions
and
0 deletions.
There are no files selected for viewing
114 changes: 114 additions & 0 deletions
114
server/projects/main/apps/scan_conf/management/commands/open_source/dependency-check.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,114 @@ | ||
| [ | ||
| { | ||
| "name": "tca_plugin_dependency_check", | ||
| "display_name": "DependencyCheck", | ||
| "description": "OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.", | ||
| "license": "Apache2.0", | ||
| "image_url": null, | ||
| "task_processes": [ | ||
| "analyze", | ||
| "datahandle" | ||
| ], | ||
| "scan_app": "codelint", | ||
| "scm_url": "tca_plugin_dependency_check", | ||
| "run_cmd": "python src/main.py scan", | ||
| "envs": "python_version = 3", | ||
| "build_flag": false, | ||
| "checkrule_set": [ | ||
| { | ||
| "real_name": "VUL_ERROR", | ||
| "display_name": "高危漏洞", | ||
| "severity": "error", | ||
| "category": "security", | ||
| "rule_title": "依赖组件存在高危漏洞", | ||
| "rule_params": null, | ||
| "custom": false, | ||
| "languages": [ | ||
| "cpp", | ||
| "cs", | ||
| "Go", | ||
| "java", | ||
| "js", | ||
| "kotlin", | ||
| "oc", | ||
| "php", | ||
| "python", | ||
| "ruby", | ||
| "scala", | ||
| "swift", | ||
| "ts", | ||
| "dart" | ||
| ], | ||
| "solution": "依赖组件存在高危漏洞", | ||
| "owner": null, | ||
| "labels": [], | ||
| "description": "依赖组件存在高危漏洞", | ||
| "disable": false | ||
| }, | ||
| { | ||
| "real_name": "VUL_INFO", | ||
| "display_name": "低危漏洞", | ||
| "severity": "info", | ||
| "category": "security", | ||
| "rule_title": "依赖组件存在低危漏洞", | ||
| "rule_params": null, | ||
| "custom": false, | ||
| "languages": [ | ||
| "cpp", | ||
| "cs", | ||
| "Go", | ||
| "java", | ||
| "js", | ||
| "kotlin", | ||
| "oc", | ||
| "php", | ||
| "python", | ||
| "ruby", | ||
| "scala", | ||
| "swift", | ||
| "ts", | ||
| "dart" | ||
| ], | ||
| "solution": "依赖组件存在低危漏洞", | ||
| "owner": null, | ||
| "labels": [], | ||
| "description": "依赖组件存在低危漏洞", | ||
| "disable": false | ||
| }, | ||
| { | ||
| "real_name": "VUL_WARN", | ||
| "display_name": "中危漏洞", | ||
| "severity": "warning", | ||
| "category": "security", | ||
| "rule_title": "依赖组件存在中危漏洞", | ||
| "rule_params": null, | ||
| "custom": false, | ||
| "languages": [ | ||
| "cpp", | ||
| "cs", | ||
| "Go", | ||
| "java", | ||
| "js", | ||
| "kotlin", | ||
| "oc", | ||
| "php", | ||
| "python", | ||
| "ruby", | ||
| "scala", | ||
| "swift", | ||
| "ts", | ||
| "dart" | ||
| ], | ||
| "solution": "依赖组件存在中危漏洞", | ||
| "owner": null, | ||
| "labels": [], | ||
| "description": "依赖组件存在中危漏洞", | ||
| "disable": false | ||
| } | ||
| ], | ||
| "open_user": false, | ||
| "open_saas": false, | ||
| "virtual_name": "236", | ||
| "show_display_name": false | ||
| } | ||
| ] |
120 changes: 120 additions & 0 deletions
120
server/projects/main/apps/scan_conf/management/commands/open_source/dependency-track.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,120 @@ | ||
| [ | ||
| { | ||
| "name": "tca_plugin_dependency_track", | ||
| "display_name": "DependencyTrack", | ||
| "description": "About Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.", | ||
| "license": "Apache2.0", | ||
| "image_url": null, | ||
| "task_processes": [ | ||
| "analyze", | ||
| "datahandle" | ||
| ], | ||
| "scan_app": "codelint", | ||
| "scm_url": "tca_plugin_dependency_track", | ||
| "run_cmd": "python src/main.py scan", | ||
| "envs": "FILTER_TYPE=NO_FILTER\nIGNORE_TYPE=NO_ISSUE_IGNORE\nBLAME_TYPE=NO_BLAME", | ||
| "build_flag": false, | ||
| "checkrule_set": [ | ||
| { | ||
| "real_name": "VUL_ERROR", | ||
| "display_name": "高危漏洞", | ||
| "severity": "error", | ||
| "category": "security", | ||
| "rule_title": "依赖组件存在高危漏洞", | ||
| "rule_params": null, | ||
| "custom": false, | ||
| "languages": [ | ||
| "cpp", | ||
| "cs", | ||
| "Go", | ||
| "java", | ||
| "js", | ||
| "kotlin", | ||
| "Lua", | ||
| "oc", | ||
| "php", | ||
| "python", | ||
| "ruby", | ||
| "scala", | ||
| "swift", | ||
| "ts", | ||
| "dart", | ||
| "rust" | ||
| ], | ||
| "solution": "依赖组件存在高危漏洞", | ||
| "owner": null, | ||
| "labels": [], | ||
| "description": "依赖组件存在高危漏洞", | ||
| "disable": false | ||
| }, | ||
| { | ||
| "real_name": "VUL_INFO", | ||
| "display_name": "低危漏洞", | ||
| "severity": "info", | ||
| "category": "security", | ||
| "rule_title": "依赖组件存在低危漏洞", | ||
| "rule_params": null, | ||
| "custom": false, | ||
| "languages": [ | ||
| "cpp", | ||
| "cs", | ||
| "Go", | ||
| "java", | ||
| "js", | ||
| "kotlin", | ||
| "Lua", | ||
| "oc", | ||
| "php", | ||
| "python", | ||
| "ruby", | ||
| "scala", | ||
| "swift", | ||
| "ts", | ||
| "dart", | ||
| "rust" | ||
| ], | ||
| "solution": "依赖组件存在低危漏洞", | ||
| "owner": null, | ||
| "labels": [], | ||
| "description": "依赖组件存在低危漏洞", | ||
| "disable": false | ||
| }, | ||
| { | ||
| "real_name": "VUL_WARN", | ||
| "display_name": "中危漏洞", | ||
| "severity": "warning", | ||
| "category": "security", | ||
| "rule_title": "依赖组件存在中危漏洞", | ||
| "rule_params": null, | ||
| "custom": false, | ||
| "languages": [ | ||
| "cpp", | ||
| "cs", | ||
| "Go", | ||
| "java", | ||
| "js", | ||
| "kotlin", | ||
| "Lua", | ||
| "oc", | ||
| "php", | ||
| "python", | ||
| "ruby", | ||
| "scala", | ||
| "swift", | ||
| "ts", | ||
| "dart", | ||
| "rust" | ||
| ], | ||
| "solution": "依赖组件存在中危漏洞", | ||
| "owner": null, | ||
| "labels": [], | ||
| "description": "依赖组件存在中危漏洞", | ||
| "disable": false | ||
| } | ||
| ], | ||
| "open_user": false, | ||
| "open_saas": false, | ||
| "virtual_name": "236", | ||
| "show_display_name": false | ||
| } | ||
| ] |