• Home
• com.fortify.plugin
• plugin-api
• 1.0.1.1
• source code
• VulnerabilityHandler.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.fortify.plugin.api.VulnerabilityHandler Maven / Gradle / Ivy

/*
 * (c) Copyright 2017 Micro Focus or one of its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * http://www.apache.org/licenses/LICENSE-2.0
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
*/
package com.fortify.plugin.api;

/**
 * Interface that allows parser to build vulnerability instances and signal when parsing is finished
 */
public interface VulnerabilityHandler {

    /**
     * Method must ne called by the parser before building every new static vulnerability.
     * @param instanceId native vulnerability instance ID that is going to be built. Parser must be responsible for
     *                   building correct instanceId value. There are 2 main requirements to instanceId:
     *                   

     *                   
It must be unique for every single vulnerability in the current scan.
     *                   
It must be the same for the same vulnerability if it is found by different scans.
     *                   
     * @return StaticVulnerabilityBuilder instance that must be used for building vulnerabilities - setting up
     * vulnerability attributes.
     */
    StaticVulnerabilityBuilder startStaticVulnerability(String instanceId);
}