class HackerOne::Client::Weakness

Constants

CLASSIFICATION_MAPPING
OWASP_DEFAULT
OWASP_TOP_10_2013_TO_CWE

Public Class Methods

extract_cwe_number(cwe) click to toggle source
# File lib/hackerone/client/weakness.rb, line 12
def extract_cwe_number(cwe)
  return if cwe.nil?
  validate_cwe!(cwe)

  cwe.split("CWE-").last.to_i
end
new(weakness) click to toggle source
# File lib/hackerone/client/weakness.rb, line 59
def initialize(weakness)
  @attributes = weakness
end
validate_cwe!(cwe) click to toggle source
# File lib/hackerone/client/weakness.rb, line 7
def validate_cwe!(cwe)
  fail NotAnOwaspWeaknessError if cwe.upcase.start_with?("CAPEC-")
  fail StandardError::ArgumentError unless cwe.upcase.start_with?("CWE-")
end

Public Instance Methods

to_cwe() click to toggle source
# File lib/hackerone/client/weakness.rb, line 71
def to_cwe
  @attributes[:external_id]
end
to_owasp() click to toggle source
# File lib/hackerone/client/weakness.rb, line 63
def to_owasp
  from_cwe = OWASP_TOP_10_2013_TO_CWE.map do |owasp, cwes|
    owasp if cwes.include?(self.class.extract_cwe_number(to_cwe))
  end.compact.first

  from_cwe || CLASSIFICATION_MAPPING[@attributes[:name]] || OWASP_DEFAULT
end