🎉 Add fix_available information to jfrogondemand #12633 (#13124)

manuel-sommer · web-flow · commit f1562775f39f · 2025-09-12T18:05:50.000+02:00
diff --git a/dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py b/dojo/tools/jfrog_xray_on_demand_binary_scan/parser.py
@@ -102,10 +102,12 @@ def get_severity_justification(vulnerability):
 def process_component(component):
     mitigation = ""
     impact = "**Impact paths**\n\n- "
+    fix_available = False
     fixed_versions = component.get("fixed_versions")
     if fixed_versions:
         mitigation = "**Versions containing a fix:**\n\n- "
         mitigation += "\n- ".join(fixed_versions)
+        fix_available = True
     if "impact_paths" in component:
         refs = []
         impact_paths_l1 = component["impact_paths"]
@@ -117,7 +119,7 @@ def process_component(component):
                     refs.append(item["full_path"])
         if refs:
             impact += "\n- ".join(sorted(set(refs)))  # deduplication
-    return mitigation, impact
+    return mitigation, impact, fix_available
 
 
 def get_cve(vulnerability):
@@ -158,7 +160,7 @@ def get_item_set(vulnerability):
 
     for component_name_with_version, component in vulnerability.get("components", {}).items():
         component_name, component_version = get_component_name_version(component_name_with_version)
-        mitigation, impact = process_component(component)
+        mitigation, impact, fix_available = process_component(component)
 
         title = clean_title(vulnerability["summary"])
         # create the finding object
@@ -176,6 +178,7 @@ def get_item_set(vulnerability):
             dynamic_finding=False,
             cvssv3=cvssv3,
             vuln_id_from_tool=vuln_id_from_tool,
+            fix_available=fix_available,
         )
         if vulnerability_ids:
             finding.unsaved_vulnerability_ids = vulnerability_ids
diff --git a/unittests/tools/test_jfrog_xray_on_demand_binary_scan_parser.py b/unittests/tools/test_jfrog_xray_on_demand_binary_scan_parser.py
@@ -19,6 +19,7 @@ def test_parse_file_with_one_vuln(self):
         self.assertEqual("gav://test", item.component_name)
         self.assertEqual("CVE-2014-0114", item.unsaved_vulnerability_ids[0])
         self.assertEqual("High", item.severity)
+        self.assertEqual(True, item.fix_available)
 
     def test_parse_file_with_many_vulns(self):
         testfile = (get_unit_tests_scans_path("jfrog_xray_on_demand_binary_scan") / "many_vulns.json").open(encoding="utf-8")
