forked from snyk-labs/nodejs-goof
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSnyk_GH_Issues.py
132 lines (116 loc) · 4.74 KB
/
Snyk_GH_Issues.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
import datetime
from github import Github
import json
from json2html import *
import requests
gh = Github("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")
repo = gh.get_repo("https://github.com/TSRobworld/goof")
total_snyk_issues = 0
current_gh_issues = []
split_current_issues = []
current_snyk_issues = []
open_gh_issues = []
new_issues = 0
today = datetime.date.today()
yesterday_date = today - datetime.timedelta(days=1)
# "orgs" is the Snyk orgId, and has to be a string
values = """
{
"filters": {
"orgs": ["fdf3b63a-9a4e-43d8-bae3-85212f002bea"],
"severity": [
"high",
"medium",
"low"
],
"exploitMaturity": [
"mature",
"proof-of-concept",
"no-known-exploit",
"no-data"
],
"types": [
"vuln",
"license"
],
"languages": [
"javascript"
],
"projects": [],
"issues": [],
"identifier": "",
"fixable": false,
"isFixed": false
}
}
"""
headers = {
'Content-Type': 'application/json; charset=utf-8',
'Authorization': 'da12766a-46b6-4186-8ba1-83eb1aae653c'
}
new_issues_url = 'https://snyk.io/api/v1/reporting/issues/?from=' + str(yesterday_date) + '&to=' + str(today)
results = requests.post(new_issues_url, data=values, headers=headers)
results_output = results.json()
# getting the issues from github
# taking the issues object, turning it into a string
# splitting the string to format properly
# taking that info, putting it into a list to compare the list of issues from snyk
# need to do this (for now) in order to grab the unique Snyk issue ID
open_issues = repo.get_issues(state='open')
for issue in open_issues:
issue_object_to_string = str(issue)
issue_split = issue_object_to_string[13:]
issue_list = issue_split.split('"')[0]
current_gh_issues.append(issue_list)
split_current_issues = [i.split('- ')[1] for i in current_gh_issues]
for issue in results_output['results']:
total_snyk_issues = total_snyk_issues + 1
if total_snyk_issues > 0:
print(f"Total Snyk issues found: {total_snyk_issues}")
for issue in results_output['results']:
issue_title = issue['issue']['title']
issue_type = issue['issue']['type']
issue_id = issue['issue']['id']
issue_url = issue['issue']['url']
issue_severity = issue['issue']['severity']
issue_version = issue['issue']['version']
issue_introducedDate = issue['introducedDate']
# if the issue id from the snyk API is not in the list of issues we pulled from GH
# add additional meta data to the issue, then create the issue
# using Snyk's issue ID as it's a unique identifier
# using Snyk's issue ID will prevent duplicated from being entered
if issue_id not in split_current_issues:
project_name = issue['project']['name']
project_url = issue['project']['url']
project_targetFile = issue['project']['targetFile']
new_issues = new_issues + 1
repo.create_issue(title=issue_title + " | Snyk ID - " + issue_id, body=("Title: " + issue_title) + "\n"
+ (" Snyk ID: " + issue_id) + "\n"
+ (" URL: " + issue_url) + "\n"
+ (" Severity: " + issue_severity) + "\n"
+ (" Version: " + issue_version) + "\n"
+ (" Introduced Date: " + issue_introducedDate) + "\n"
+ (" Projects with Vulnerability: " + project_name) + "\n"
+ (" Project URL: " + project_url) + "\n"
+ (" Target File: " + project_targetFile)
)
#this section closes github issues once the vulns have been fixed in Snyk:
for issue_from_snyk in results_output['results']:
snyk_issue_title = issue_from_snyk['issue']['title']
snyk_issue_type = issue_from_snyk['issue']['type']
snyk_issue_id = issue_from_snyk['issue']['id']
current_snyk_issues.append(snyk_issue_title + " | Snyk ID - " + snyk_issue_id)
for gh_open_issue in open_issues:
open_gh_issues.append(gh_open_issue.title)
if gh_open_issue.title not in current_snyk_issues:
print(gh_open_issue.title + " has been fixed in Snyk. The GitHub issue will be closed...")
gh_open_issue.edit(state='closed')
if new_issues != 0:
if new_issues > 1:
print(f"{new_issues} new issues found!")
print(f"Added {new_issues} issues to GitHub Issues")
else:
print(f"{new_issues} new issue found!")
print(f"Added {new_issues} issue to GitHub Issues")
else:
print("No new issues found since last scan.")