Merge branch 'sbomMapper' into sbom-view

mitre · Aug 8, 2024 · 3c2517b · 3c2517b
2 parents 55eac14 + 516ef25
commit 3c2517b
Show file tree

Hide file tree

Showing 25 changed files with 43,270 additions and 44,842 deletions.
diff --git a/apps/frontend/src/store/report_intake.ts b/apps/frontend/src/store/report_intake.ts
@@ -11,6 +11,7 @@ import {
   BurpSuiteMapper,
   ChecklistResults,
   ConveyorResults as ConveyorResultsMapper,
+  CycloneDXSBOMResults,
   DBProtectMapper,
   fingerprint,
   FortifyMapper,
@@ -24,7 +25,6 @@ import {
   NiktoMapper,
   PrismaMapper,
   SarifMapper,
-  SBOMResults,
   ScoutsuiteMapper,
   SnykResults,
   TrufflehogResults,
@@ -277,8 +277,8 @@ export class InspecIntake extends VuexModule {
         return new ChecklistResults(convertOptions.data).toHdf();
       case INPUT_TYPES.GOSEC:
         return new GosecMapper(convertOptions.data).toHdf();
-      case INPUT_TYPES.SBOM:
-        return new SBOMResults(convertOptions.data).toHdf();
+      case INPUT_TYPES.CYCLONEDX_SBOM:
+        return new CycloneDXSBOMResults(convertOptions.data).toHdf();
       case INPUT_TYPES.TRUFFLEHOG:
         return new TrufflehogResults(convertOptions.data).toHdf();
       default:

diff --git a/libs/hdf-converters/README.md b/libs/hdf-converters/README.md
@@ -5,6 +5,7 @@
 OHDF Converters supplies several methods to convert various types of security tool data to and from the OHDF standard. OHDF Converters can be used in a variety of tools, and is currently well integrated with Heimdall itself, and the [SAF CLI](https://github.com/mitre/saf).
 
 ## Supported Formats
+
 1.  [**asff-mapper**] - AWS Security Finding Format JSON file, Prowler-derived AWS Security Finding Format results from concatenated JSON blobs, and Trivy-derived AWS Security Finding Format results from concatenated JSON blobs
 2.  [**aws-config-mapper**] - AWS Config
 3.  [**burpsuite-mapper**] - BurpSuite Pro XML file
@@ -63,4 +64,4 @@ This software was produced for the U. S. Government under Contract Number HHSM-5
 
 No other use other than that granted to the U. S. Government, or to those acting on behalf of the U. S. Government under that Clause is authorized without the express written permission of The MITRE Corporation.
 
-For further information, please contact The MITRE Corporation, Contracts Management Office, 7515 Colshire Drive, McLean, VA  22102-7539, (703) 983-6000.
+For further information, please contact The MITRE Corporation, Contracts Management Office, 7515 Colshire Drive, McLean, VA 22102-7539, (703) 983-6000.
diff --git a/libs/hdf-converters/index.ts b/libs/hdf-converters/index.ts
@@ -30,7 +30,7 @@ export * from './src/netsparker-mapper';
 export * from './src/nikto-mapper';
 export * from './src/prisma-mapper';
 export * from './src/sarif-mapper';
-export * from './src/sbom-mapper';
+export * from './src/cyclonedx-sbom-mapper';
 export * from './src/scoutsuite-mapper';
 export * from './src/snyk-mapper';
 export * from './src/sonarqube-mapper';

diff --git a/libs/hdf-converters/package.json b/libs/hdf-converters/package.json
@@ -26,6 +26,7 @@
   },
   "dependencies": {
     "@aws-sdk/client-config-service": "^3.95.0",
+    "@cyclonedx/cyclonedx-library": "^6.11.0",
     "@e965/xlsx": "^0.20.0",
     "@mdi/js": "^7.0.96",
     "@microsoft/microsoft-graph-types": "^2.40.0",

diff --git a/...ple_input_report/dropwizard-no-vulns.json → ...ple_input_report/dropwizard-no-vulns.json b/...ple_input_report/dropwizard-no-vulns.json → ...ple_input_report/dropwizard-no-vulns.json