diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/ort/OrtTask.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/ort/OrtTask.kt
index 23e23d7a62abebd738a81c71bcfdaf188b5f1e20..7e82e99caad33c82dcd7e5a8aece39d3cb6d4ed4 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/ort/OrtTask.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/ort/OrtTask.kt
@@ -7,6 +7,29 @@ import kotlinx.serialization.json.*
import java.io.IOException
import java.nio.file.Path
+class OrtTask {
+
+}
+
+fun getHighestScore(results: Array<AdvisorResult>): Double {
+ var highestScore = 0.0
+ results.forEach { res ->
+ res.vulnerabilities?.forEach { vul ->
+ vul.references?.forEach { ref ->
+ if (ref != null) {
+ if (ref.scoringSystem?.contains("cvss") == true) {
+ val score = ref.severity?.toDouble() ?: 0.0
+ if (highestScore < score) {
+ highestScore = score
+ }
+ }
+ }
+ }
+ }
+ }
+ return highestScore
+}
+
fun getOrtResultsFromFile(resultPath: Path): Array<AdvisorResult> {
val resFile = resultPath.toFile()
@@ -14,6 +37,7 @@ fun getOrtResultsFromFile(resultPath: Path): Array<AdvisorResult> {
val results = mutableListOf<AdvisorResult>()
val resString = resFile.readText()
val json = Json { ignoreUnknownKeys = true }
+
val rawJson = json.decodeFromString<Ort>(resString)
rawJson.advisor?.results?.advisorResults?.forEach { (key, value) ->
if (value is JsonArray) {
@@ -26,8 +50,8 @@ fun getOrtResultsFromFile(resultPath: Path): Array<AdvisorResult> {
}
put("identifier", key)
}
+
val advisorResult = json.decodeFromJsonElement<AdvisorResult>(flat)
- println(advisorResult)
results.add(advisorResult)
}
}
diff --git a/src/test/kotlin/de/fraunhofer/iem/dataprovider/ParseOrtAdvisorResult.kt b/src/test/kotlin/de/fraunhofer/iem/dataprovider/ParseOrtAdvisorResult.kt
index c0d1caebf7ab7cdcb5072883b184c72f3760a788..a651c786d1470e279d0928ac305d4cfcfe214989 100644
--- a/src/test/kotlin/de/fraunhofer/iem/dataprovider/ParseOrtAdvisorResult.kt
+++ b/src/test/kotlin/de/fraunhofer/iem/dataprovider/ParseOrtAdvisorResult.kt
@@ -1,5 +1,6 @@
package de.fraunhofer.iem.dataprovider
+import de.fraunhofer.iem.dataprovider.taskManager.tasks.ort.getHighestScore
import de.fraunhofer.iem.dataprovider.taskManager.tasks.ort.getOrtResultsFromFile
import org.junit.jupiter.api.Test
import java.nio.file.Paths
@@ -14,6 +15,8 @@ class ParseOrtAdvisorResult {
assert(res[0].identifier == "first" && res[1].identifier == "second")
assert(res[0].vulnerabilities?.get(0)?.id == "CVE-2021-45105")
assert(res[0].vulnerabilities?.get(0)?.references?.get(0)?.severity == "6.6")
+
+ assert(getHighestScore(res) == 8.6)
}
diff --git a/src/test/kotlin/de/fraunhofer/iem/dataprovider/ort-advisor-example-results.json b/src/test/kotlin/de/fraunhofer/iem/dataprovider/ort-advisor-example-results.json
index a33f4b334bc82efe1e11fa6351e065a3bb80ec63..2b1d087ea7fa57541f44c296db13cc5a8bc938e4 100644
--- a/src/test/kotlin/de/fraunhofer/iem/dataprovider/ort-advisor-example-results.json
+++ b/src/test/kotlin/de/fraunhofer/iem/dataprovider/ort-advisor-example-results.json
@@ -112,7 +112,7 @@
{
"url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44832.json",
"scoring_system": "cvssv3",
- "severity": "6.6"
+ "severity": "8.6"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf",