Skip to content

Instantly share code, notes, and snippets.

@tdshipley

tdshipley/owasp_glue_dep_check_dynamic_task.sh

Created April 29, 2019 15:05
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save tdshipley/e7855c7517be9dba4e488bdf325660bd to your computer and use it in GitHub Desktop.
Save tdshipley/e7855c7517be9dba4e488bdf325660bd to your computer and use it in GitHub Desktop.
Download ZIP
OWASP Glue Change Dependency Checker JSON output To Dynamic Compatible Version
Raw
owasp_glue_dep_check_dynamic_task.sh
jq '{
alerts:
[ .dependencies |
map(select(.vulnerabilities != null)) |
.[] |
. as $raw |
$raw |
$raw.vulnerabilities |
. as $vuln |
{
description: "OWASP Dep. Check Vulnerable Dependency: \($raw.fileName)",
source:"\([$raw.projectReferences[]] | join(", "))",
detail: "Vulnerabilities Found: \n \(["\n\nVulnerability: \n " + $vuln[].name] | join(","))",
"severity": $vuln[0].severity,
"fingerprint": "\($raw.fileName)_\($raw.md5)"} ]
}' dependency-check-report.json > dependency-check-report-flat.json
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment