Change CSV delimiter from semicolon to comma in scan report files

luarredo · luarredo · commit 786e0370ea55 · 2025-02-06T15:46:33.000-05:00
diff --git a/unittests/scans/twistlock/scan_report_many_vuln.csv b/unittests/scans/twistlock/scan_report_many_vuln.csv
@@ -1,5 +1,5 @@
-Registry;Repository;Tag;Id;Scan Time;Pass;Type;Distro;Hostname;Layer;CVE ID;Compliance ID;Type;Severity;Packages;Source Package;Package Version;Package License;CVSS;Fix Status;Description;Cause;Published;Custom Labels
-provisioner-docker.cloud.thdm.local;acme/acme-image-root;1.1.2;sha256:09951c12314543758569898475787989070600790978987567dcd68248372aac;14:24.3;TRUE;cli;FancyOS;docker-dev-1234567a-1234-1234-abcd-12345567890a;;CVE-2023-12334;98;java;critical;io.class_class;;1.1.1.Release;;1.2;fixed in 1.2.11;"HttpObjectDecoder.java in a complex class before 1.2.11  allows an intruder to do horrible things that will end in  \""Bad thing.\""";;12:00.0;
-provisioner-docker.cloud.thdm.local;acme/acme-image-ultimate;1.1.2;sha256:09951r3412f122121dcbº341212341bc111231233123121231dcd68248372aac;10:11.2;TRUE;somecli;GoodOS;docker-image-som-987777b-4312-12ty-2133-42343423542f;;CVE-2035-1000;0º;langua;high;cool framework_cool-core;;1.1.1;;1.1;"fixed in the future 1.0.; 2.3.45";"Cool Framework; versions 0.5.0 prior to 0.1.0.  and older unsupported versions; provide client-side support for multi requests. When  fractals are represented; the hyper speed fails";;29:00.0;
-provisioner-docker.;acme/acme-image-beta;1.1.2;sha256:c7012312354352356542634455425435524523452352345345555520a899c91e;98:76.5;TRUE;cli;SantaCruzOS;build-123-123-123;;CVE-2030-12345;21;old-language;high;load;;1.13.4;;5.6;fixed in >=0.0.1;"A prototype tjat will expose a black hole was found ";;49:00.0;
+Registry,Repository,Tag,Id,Scan Time,Pass,Type,Distro,Hostname,Layer,CVE ID,Compliance ID,Type,Severity,Packages,Source Package,Package Version,Package License,CVSS,Fix Status,Description,Cause,Published,Custom Labels
+provisioner-docker.cloud.thdm.local,acme/acme-image-root,1.1.2,sha256:09951c12314543758569898475787989070600790978987567dcd68248372aac,14:24.3,TRUE,cli,FancyOS,docker-dev-1234567a-1234-1234-abcd-12345567890a,,CVE-2023-12334,98,java,critical,io.class_class,,1.1.1.Release,,1.2,fixed in 1.2.11,"HttpObjectDecoder.java in a complex class before 1.2.11  allows an intruder to do horrible things that will end in  \""Bad thing.\""",,12:00.0,
+provisioner-docker.cloud.thdm.local,acme/acme-image-ultimate,1.1.2,sha256:09951r3412f122121dcbº341212341bc111231233123121231dcd68248372aac,10:11.2,TRUE,somecli,GoodOS,docker-image-som-987777b-4312-12ty-2133-42343423542f,,CVE-2035-1000,0º,langua,high,cool framework_cool-core,,1.1.1,,1.1,"fixed in the future 1.0., 2.3.45","Cool Framework, versions 0.5.0 prior to 0.1.0.  and older unsupported versions, provide client-side support for multi requests. When  fractals are represented, the hyper speed fails",,29:00.0,
+provisioner-docker.,acme/acme-image-beta,1.1.2,sha256:c7012312354352356542634455425435524523452352345345555520a899c91e,98:76.5,TRUE,cli,SantaCruzOS,build-123-123-123,,CVE-2030-12345,21,old-language,high,load,,1.13.4,,5.6,fixed in >=0.0.1,"A prototype tjat will expose a black hole was found ",,49:00.0,
 
diff --git a/unittests/scans/twistlock/scan_report_no_vuln.csv b/unittests/scans/twistlock/scan_report_no_vuln.csv
@@ -1 +1 @@
-Registry;Repository;Tag;Id;Scan Time;Pass;Type;Distro;Hostname;Layer;CVE ID;Compliance ID;Type;Severity;Packages;Source Package;Package Version;Package License;CVSS;Fix Status;Description;Cause;Published;Custom Labels
+Registry,Repository,Tag,Id,Scan Time,Pass,Type,Distro,Hostname,Layer,CVE ID,Compliance ID,Type,Severity,Packages,Source Package,Package Version,Package License,CVSS,Fix Status,Description,Cause,Published,Custom Labels
diff --git a/unittests/scans/twistlock/scan_report_one_vuln.csv b/unittests/scans/twistlock/scan_report_one_vuln.csv
@@ -1,2 +1,2 @@
-Registry;Repository;Tag;Id;Scan Time;Pass;Type;Distro;Hostname;Layer;CVE ID;Compliance ID;Type;Severity;Packages;Source Package;Package Version;Package License;CVSS;Fix Status;Description;Cause;Published;Custom Labels
-provisioner-docker.cloud.thdm.local;acme/acme-image-root;1.1.2;sha256:09951c12314543758569898475787989070600790978987567dcd68248372aac;14:24.3;TRUE;cli;FancyOS;docker-dev-1234567a-1234-1234-abcd-12345567890a;;CVE-2023-12334;98;java;critical;io.class_class;;1.1.1.Release;;1.2;fixed in 1.2.11;"HttpObjectDecoder.java in a complex class before 1.2.11  allows an intruder to do horrible things that will end in  \""Bad thing.\""";;12:00.0;
+Registry,Repository,Tag,Id,Scan Time,Pass,Type,Distro,Hostname,Layer,CVE ID,Compliance ID,Type,Severity,Packages,Source Package,Package Version,Package License,CVSS,Fix Status,Description,Cause,Published,Custom Labels
+provisioner-docker.cloud.thdm.local,acme/acme-image-root,1.1.2,sha256:09951c12314543758569898475787989070600790978987567dcd68248372aac,14:24.3,TRUE,cli,FancyOS,docker-dev-1234567a-1234-1234-abcd-12345567890a,,CVE-2023-12334,98,java,critical,io.class_class,,1.1.1.Release,,1.2,fixed in 1.2.11,"HttpObjectDecoder.java in a complex class before 1.2.11  allows an intruder to do horrible things that will end in  \""Bad thing.\""",,12:00.0,
diff --git a/unittests/scans/twistlock/scan_report_prisma_twistlock_images_four_vulns.csv b/unittests/scans/twistlock/scan_report_prisma_twistlock_images_four_vulns.csv
@@ -1,5 +1,5 @@
-Registry;Repository;Tag;Id;Distro;Hosts;Layer;CVE ID;Compliance ID;Type;Severity;Packages;Source Package;Package Version;Package License;CVSS;Fix Status;Risk Factors;Vulnerability Tags;Description;Cause;Containers;Custom Labels;Published;Discovered;Binaries;Clusters
-111111111111.dkr.ecr.eu-central-1.amazonaws.com;mirror/quay.io/kubernetes-ingress-controller/nginx-ingress-controller;0.32.0;sha256:70144d369cb283ebd5e6c7236c730994e27f5362ad3f01e42542cd6fa1a99d6b;alpine-3.11.5;76;;CVE-2020-24977;46;OS;medium;libxml2;;2.9.10-r2;MIT;6.50;fixed in 2.9.10-r4;"Attack complexity: low; Attack vector: network; Has fix; Medium severity; Recent vulnerability";;GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.;;46;;2020-09-04 00:15:00.000;2020-09-29 07:55:04.733;;alpha
-111111111111.dkr.ecr.eu-central-1.amazonaws.com;mirror/quay.io/kubernetes-ingress-controller/nginx-ingress-controller;0.32.0;sha256:70144d369cb283ebd5e6c7236c730994e27f5362ad3f01e42542cd6fa1a99d6b;alpine-3.11.5;76;;CVE-2019-20388;46;OS;high;libxml2;;2.9.10-r2;MIT;7.50;fixed in 2.9.10-r3;"Attack complexity: low; Attack vector: network; Has fix; High severity; Recent vulnerability";;xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.;;46;;2020-01-21 23:15:00.000;2020-09-29 07:55:04.733;;alpha
-111111111111.dkr.ecr.eu-central-1.amazonaws.com;mirror/quay.io/kubernetes-ingress-controller/nginx-ingress-controller;0.32.0;sha256:70144d369cb283ebd5e6c7236c730994e27f5362ad3f01e42542cd6fa1a99d6b;alpine-3.11.5;76;;CVE-2020-28241;46;OS;medium;libmaxminddb;;1.4.2-r0;Apache-2.0;6.50;;"Attack complexity: low; Attack vector: network; Medium severity; Recent vulnerability";;libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list in maxminddb.c.;;46;;2020-11-06 05:15:00.000;2020-11-06 05:15:00.000;;alpha
-111111111111.dkr.ecr.eu-central-1.amazonaws.com;mirror/quay.io/kubernetes-ingress-controller/nginx-ingress-controller;0.32.0;sha256:70144d369cb283ebd5e6c7236c730994e27f5362ad3f01e42542cd6fa1a99d6b;alpine-3.11.5;76;;CVE-2020-1971;46;OS;medium;"libssl1.1;libcrypto1.1;openssl";openssl;1.1.1g-r0;OpenSSL;5.90;fixed in 1.1.1i-r0;"Attack vector: network; DoS; Has fix; Medium severity; Package in use; Recent vulnerability";;The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1;;46;;2020-12-08 16:15:00.000;2020-12-08 16:15:00.000;/usr/local/nginx/sbin/nginx;alpha
+Registry,Repository,Tag,Id,Distro,Hosts,Layer,CVE ID,Compliance ID,Type,Severity,Packages,Source Package,Package Version,Package License,CVSS,Fix Status,Risk Factors,Vulnerability Tags,Description,Cause,Containers,Custom Labels,Published,Discovered,Binaries,Clusters
+111111111111.dkr.ecr.eu-central-1.amazonaws.com,mirror/quay.io/kubernetes-ingress-controller/nginx-ingress-controller,0.32.0,sha256:70144d369cb283ebd5e6c7236c730994e27f5362ad3f01e42542cd6fa1a99d6b,alpine-3.11.5,76,,CVE-2020-24977,46,OS,medium,libxml2,,2.9.10-r2,MIT,6.50,fixed in 2.9.10-r4,"Attack complexity: low, Attack vector: network, Has fix, Medium severity, Recent vulnerability",,GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.,,46,,2020-09-04 00:15:00.000,2020-09-29 07:55:04.733,,alpha
+111111111111.dkr.ecr.eu-central-1.amazonaws.com,mirror/quay.io/kubernetes-ingress-controller/nginx-ingress-controller,0.32.0,sha256:70144d369cb283ebd5e6c7236c730994e27f5362ad3f01e42542cd6fa1a99d6b,alpine-3.11.5,76,,CVE-2019-20388,46,OS,high,libxml2,,2.9.10-r2,MIT,7.50,fixed in 2.9.10-r3,"Attack complexity: low, Attack vector: network, Has fix, High severity, Recent vulnerability",,xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.,,46,,2020-01-21 23:15:00.000,2020-09-29 07:55:04.733,,alpha
+111111111111.dkr.ecr.eu-central-1.amazonaws.com,mirror/quay.io/kubernetes-ingress-controller/nginx-ingress-controller,0.32.0,sha256:70144d369cb283ebd5e6c7236c730994e27f5362ad3f01e42542cd6fa1a99d6b,alpine-3.11.5,76,,CVE-2020-28241,46,OS,medium,libmaxminddb,,1.4.2-r0,Apache-2.0,6.50,,"Attack complexity: low, Attack vector: network, Medium severity, Recent vulnerability",,libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list in maxminddb.c.,,46,,2020-11-06 05:15:00.000,2020-11-06 05:15:00.000,,alpha
+111111111111.dkr.ecr.eu-central-1.amazonaws.com,mirror/quay.io/kubernetes-ingress-controller/nginx-ingress-controller,0.32.0,sha256:70144d369cb283ebd5e6c7236c730994e27f5362ad3f01e42542cd6fa1a99d6b,alpine-3.11.5,76,,CVE-2020-1971,46,OS,medium,"libssl1.1,libcrypto1.1,openssl",openssl,1.1.1g-r0,OpenSSL,5.90,fixed in 1.1.1i-r0,"Attack vector: network, DoS, Has fix, Medium severity, Package in use, Recent vulnerability",,The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1,,46,,2020-12-08 16:15:00.000,2020-12-08 16:15:00.000,/usr/local/nginx/sbin/nginx,alpha
diff --git a/unittests/scans/twistlock/scan_report_prisma_twistlock_images_long_package_name.csv b/unittests/scans/twistlock/scan_report_prisma_twistlock_images_long_package_name.csv
@@ -1,2 +1,2 @@
-Registry;Repository;Tag;Id;Distro;Hosts;Layer;CVE ID;Compliance ID;Type;Severity;Packages;Source Package;Package Version;Package License;CVSS;Fix Status;Risk Factors;Vulnerability Tags;Description;Cause;Containers;Custom Labels;Published;Discovered;Binaries;Clusters
-111111111111.dkr.ecr.eu-central-1.amazonaws.com;mirror/quay.io/kubernetes-ingress-controller/nginx-ingress-controller;0.32.0;sha256:70144d369cb283ebd5e6c7236c730994e27f5362ad3f01e42542cd6fa1a99d6b;alpine-3.11.5;76;;CVE-2020-24977;46;OS;medium;libxml2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa;;2.9.10-r2;MIT;6.50;fixed in 2.9.10-r4;"Attack complexity: low; Attack vector: network; Has fix; Medium severity; Recent vulnerability";;GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.;;46;;2020-09-04 00:15:00.000;2020-09-29 07:55:04.733;;alpha
+Registry,Repository,Tag,Id,Distro,Hosts,Layer,CVE ID,Compliance ID,Type,Severity,Packages,Source Package,Package Version,Package License,CVSS,Fix Status,Risk Factors,Vulnerability Tags,Description,Cause,Containers,Custom Labels,Published,Discovered,Binaries,Clusters
+111111111111.dkr.ecr.eu-central-1.amazonaws.com,mirror/quay.io/kubernetes-ingress-controller/nginx-ingress-controller,0.32.0,sha256:70144d369cb283ebd5e6c7236c730994e27f5362ad3f01e42542cd6fa1a99d6b,alpine-3.11.5,76,,CVE-2020-24977,46,OS,medium,libxml2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa,,2.9.10-r2,MIT,6.50,fixed in 2.9.10-r4,"Attack complexity: low, Attack vector: network, Has fix, Medium severity, Recent vulnerability",,GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.,,46,,2020-09-04 00:15:00.000,2020-09-29 07:55:04.733,,alpha
diff --git a/unittests/scans/twistlock/scan_report_prisma_twistlock_images_no_vuln.csv b/unittests/scans/twistlock/scan_report_prisma_twistlock_images_no_vuln.csv
@@ -1 +1 @@
-Registry;Repository;Tag;Id;Distro;Hosts;Layer;CVE ID;Compliance ID;Type;Severity;Packages;Source Package;Package Version;Package License;CVSS;Fix Status;Risk Factors;Vulnerability Tags;Description;Cause;Containers;Custom Labels;Published;Discovered;Binaries;Clusters
+Registry,Repository,Tag,Id,Distro,Hosts,Layer,CVE ID,Compliance ID,Type,Severity,Packages,Source Package,Package Version,Package License,CVSS,Fix Status,Risk Factors,Vulnerability Tags,Description,Cause,Containers,Custom Labels,Published,Discovered,Binaries,Clusters

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-Registry;Repository;Tag;Id;Scan Time;Pass;Type;Distro;Hostname;Layer;CVE ID;Compliance ID;Type;Severity;Packages;Source Package;Package Version;Package License;CVSS;Fix Status;Description;Cause;Published;Custom Labels`
	`1`	`+Registry,Repository,Tag,Id,Scan Time,Pass,Type,Distro,Hostname,Layer,CVE ID,Compliance ID,Type,Severity,Packages,Source Package,Package Version,Package License,CVSS,Fix Status,Description,Cause,Published,Custom Labels`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-Registry;Repository;Tag;Id;Distro;Hosts;Layer;CVE ID;Compliance ID;Type;Severity;Packages;Source Package;Package Version;Package License;CVSS;Fix Status;Risk Factors;Vulnerability Tags;Description;Cause;Containers;Custom Labels;Published;Discovered;Binaries;Clusters`
	`1`	`+Registry,Repository,Tag,Id,Distro,Hosts,Layer,CVE ID,Compliance ID,Type,Severity,Packages,Source Package,Package Version,Package License,CVSS,Fix Status,Risk Factors,Vulnerability Tags,Description,Cause,Containers,Custom Labels,Published,Discovered,Binaries,Clusters`