Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 15 additions & 1 deletion __tests__/CweManager.test.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
const { CweManager } = require('../index')

describe('Cwe Manager', () => {
describe('Cwe Manager supports instnatiation with custom data', () => {
describe('Cwe Manager supports instantiation with custom data', () => {
test('Cwe Manager instnatiated with custom hierarchy', () => {
const cweManager = new CweManager({
cweHierarchy: [{ weaknessId: '31337', parentId: '31338' }]
Expand Down Expand Up @@ -50,4 +50,18 @@ describe('Cwe Manager', () => {
'A set of CWE IDs that are childs of another CWE ID should return true (one parent for all)'
)
})

describe('Cwe Manager Memberships', () => {
test('A CWE ID that has no memberships should return null', () => {
const cweManager = new CweManager()
const result = cweManager.getMemberships({ weaknessId: 'notfoundid' })
expect(result).toBe(null)
})

test('A CWE ID with memberships should return an array of ids', () => {
const cweManager = new CweManager()
const result = cweManager.getMemberships({ weaknessId: '778' })
expect(result).toStrictEqual(['1009', '1036', '1210', '1308'])
})
})
})
10 changes: 9 additions & 1 deletion build/build.js
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ const RAW_INPUT_XML_FILENAME = 'cwe-archive.xml'
const RAW_OUTPUT_JSON_FILENAME = 'cwe-archive.json'
const OUTPUT_JSON_DICT_FILENAME = 'cwe-dictionary.json'
const OUTPUT_JSON_HIERARCHY_FILENAME = 'cwe-hierarchy.json'
const OUTPUT_JSON_MEMBERSHIPS_FILENAME = 'cwe-memberships.json'
const ARCHIVE_DOWNLOAD_OPTIONS = {
hostname: 'cwe.mitre.org',
port: 443,
Expand All @@ -36,7 +37,9 @@ updateArchive()
jsonData: rawJsonCweArchive
})

const { cweDictionary, cweHierarchy } = createCweDictionary({ cweArchive: rawJsonCweArchive })
const { cweDictionary, cweHierarchy, cweMemberships } = createCweDictionary({
cweArchive: rawJsonCweArchive
})

writeJsonToFile({
jsonFilepath: path.join(__dirname, '..', 'raw', OUTPUT_JSON_DICT_FILENAME),
Expand All @@ -48,6 +51,11 @@ updateArchive()
jsonData: cweHierarchy
})

writeJsonToFile({
jsonFilepath: path.join(__dirname, '..', 'raw', OUTPUT_JSON_MEMBERSHIPS_FILENAME),
jsonData: cweMemberships
})

debug('finished')
})
.catch(console.error)
Expand Down
26 changes: 25 additions & 1 deletion build/xmlParser.js
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,23 @@ const debug = require('debug')('cwe-sdk:build')

function createCweDictionary({ cweArchive }) {
const allWeaknesses = cweArchive.Weakness_Catalog.Weaknesses.Weakness
const allCategories = cweArchive.Weakness_Catalog.Categories.Category
const membershipMap = new Map()
allCategories
.filter(category => category.Relationships)
.forEach(category => {
const memberIds = Array.from(category.Relationships.Has_Member).map(
member => member.attr['@_CWE_ID']
)
memberIds.forEach(memberId => {
const current = membershipMap.get(memberId) || []
current.push(category.attr['@_ID'])
membershipMap.set(memberId, current)
})
})
const cweDictionary = {}
const cweHierarchy = []
const cweMemberships = []

allWeaknesses.forEach(function(weakness) {
const weaknessId = weakness['attr']['@_ID']
Expand Down Expand Up @@ -37,12 +52,21 @@ function createCweDictionary({ cweArchive }) {
})
}
}

const weaknessMembership = membershipMap.get(weaknessId)
if (weaknessMembership) {
cweMemberships.push({
weaknessId,
memberships: weaknessMembership
})
}
}
})

return {
cweDictionary,
cweHierarchy
cweHierarchy,
cweMemberships
}
}

Expand Down
1 change: 1 addition & 0 deletions raw/cwe-memberships.json

Large diffs are not rendered by default.

18 changes: 17 additions & 1 deletion src/CweManager.js
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,11 @@

const CWE_HIERARCHY = require('../raw/cwe-hierarchy.json')
const CWE_DICTIONARY = require('../raw/cwe-dictionary.json')
const CWE_MEMBERSHIPS = require('../raw/cwe-memberships.json')
const debug = require('debug')('cwe-sdk:manager')

module.exports = class CweManager {
constructor({ cweHierarchy = null, cweDictionary = null } = {}) {
constructor({ cweHierarchy = null, cweDictionary = null, cweMemberships = null } = {}) {
if (cweHierarchy) {
debug('manager received cweHierarchy to be used')
this.cweHierarchy = cweHierarchy
Expand All @@ -19,6 +20,21 @@ module.exports = class CweManager {
} else {
this.cweDictionary = CWE_DICTIONARY
}

if (cweMemberships) {
debug('manager received cweMemberships to be used')
this.cweMemberships = cweMemberships
} else {
this.cweMemberships = CWE_MEMBERSHIPS
}
}

getMemberships({ weaknessId }) {
const weakness = this.cweMemberships.find(weakness => weakness.weaknessId === weaknessId)
if (!weakness) {
return null
}
return weakness.memberships
}

isChildOf({ indirect = false, weaknessId, parentId }) {
Expand Down