You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
fix#2246
This PR Enrich ASVS Mapping with Description and Level
Description
This PR updates the convert_capec_map_to_asvs_map.py script to read the ASVS 5.0 JSON source file and enrich the generated webapp-asvs-3.0.yaml mapping file with description and level fields for each ASVS requirement.
Changes
Modified scripts/convert_capec_map_to_asvs_map.py :
1. Added load_json_file utility function.
2. Added extract_asvs_details function to parse ASVS JSON.
3. Updated main to load ASVS JSON and pass details for enrichment.
4. Updated convert_to_output_format to include description and level in the output YAML.
Updated source/webapp-asvs-3.0.yaml:
1. Regenerated file now includes description and level fields for all mapped requirements.
Modified tests/scripts/convert_capec_map_to_asvs_map_utest.py :
1. Updated TestMainFunction to mock the new --asvs-json argument.
2. Added tests for parsing the new argument.
Verification
Ran the conversion script: python scripts/convert_capec_map_to_asvs_map.py -v 3.0 -e webapp
Verified that source/webapp-asvs-3.0.yaml was generated without errors.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
InFiNiTy0639
requested review from
cw-owasp,
rewtd and
sydseter
as code owners
fix #2246
This PR Enrich ASVS Mapping with Description and Level
Description
This PR updates the
convert_capec_map_to_asvs_map.pyscript to read theASVS 5.0 JSONsource file and enrich the generatedwebapp-asvs-3.0.yamlmapping file withdescriptionandlevelfields for each ASVS requirement.Changes
Modified
scripts/convert_capec_map_to_asvs_map.py:1. Added
load_json_fileutility function.2. Added
extract_asvs_detailsfunction to parse ASVS JSON.3. Updated
mainto load ASVS JSON and pass details for enrichment.4. Updated
convert_to_output_formatto includedescriptionandlevelin the output YAML.Updated
source/webapp-asvs-3.0.yaml:1. Regenerated file now includes
descriptionandlevelfields for all mapped requirements.Modified
tests/scripts/convert_capec_map_to_asvs_map_utest.py:1. Updated
TestMainFunctionto mock the new--asvs-jsonargument.2. Added tests for parsing the new argument.
Verification
python scripts/convert_capec_map_to_asvs_map.py -v 3.0 -e webappsource/webapp-asvs-3.0.yamlwas generated without errors.