fcli icon indicating copy to clipboard operation
fcli copied to clipboard
verified publisher icon fortify

FoD: Implement 'fod vulnerability export' command

Open rsenden opened this issue 3 years ago • 1 comments

This should replicate the functionality of FortifyVulnerabilityExporter. Initially, this could just wrap a call to the existing FortifyVulnerabilityExporter command, but eventually this functionality should be natively integrated into fcli.

FortifyVulnerabilityExporter is mostly just a JSON transformation utility, transforming Fortify vulnerability data into various other formats based on a configuration file. Currently it is heavily based on Spring Expression Language and just a couple of custom transformation classes. We should investigate the possibility to integrate Spring Expression Language into fcli (which may be difficult due to potentially lacking support for native images), or use a different expression language/JSON transformation library.

rsenden avatar Sep 14 '22 23:09 rsenden

See #84 for some ideas

rsenden avatar Jul 12 '23 08:07 rsenden

This has been implemented with the new fcli fod action run *-report commands.

rsenden avatar May 30 '24 08:05 rsenden