Skip to content

Commit c8fef41

Browse files
lme-ncadamiencarol
lme-nca
and
damiencarol
authored
Fix for empty alias (DefectDojo#7746)
* added case for when alias array is empty * Update dojo/tools/dependency_track/parser.py Co-authored-by: Damien Carol <[email protected]> * created specific test case for empty alias --------- Co-authored-by: Damien Carol <[email protected]>
1 parent 1781901 commit c8fef41

File tree

3 files changed

+627
-1
lines changed

3 files changed

+627
-1
lines changed

dojo/tools/dependency_track/parser.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -144,7 +144,7 @@ def _convert_dependency_track_finding_to_dojo_finding(self, dependency_track_fin
144144
# We should collect all the vulnerability ids, the FPF format can add additional IDs as aliases
145145
# we add these aliases in the vulnerability_id list making sure duplicate findings get correctly deduplicated
146146
# older version of Dependency-track might not include these field therefore lets check first
147-
if 'aliases' in dependency_track_finding['vulnerability']:
147+
if dependency_track_finding['vulnerability'].get('aliases'):
148148
# There can be multiple alias entries
149149
set_of_ids = set()
150150
set_of_sources = {'cveId', 'sonatypeId', 'ghsaId', 'osvId', 'snykId', 'gsdId', 'vulnDbId'}

0 commit comments

Comments
 (0)