diff --git a/cwe/data.go b/cwe/data.go index 80bd702..8789ddd 100644 --- a/cwe/data.go +++ b/cwe/data.go @@ -1,5 +1,7 @@ package cwe +import "fmt" + const ( // Acronym is the acronym of CWE Acronym = "CWE" @@ -14,6 +16,11 @@ const ( ) var ( + // InformationURI link to the published CWE PDF + InformationURI = fmt.Sprintf("https://cwe.mitre.org/data/published/cwe_v%s.pdf/", Version) + // DownloadURI link to the zipped XML of the CWE list + DownloadURI = fmt.Sprintf("https://cwe.mitre.org/data/xml/cwec_v%s.xml.zip", Version) + data = map[string]*Weakness{} weaknesses = []*Weakness{ diff --git a/cwe/types.go b/cwe/types.go index 908e191..a14ccb5 100644 --- a/cwe/types.go +++ b/cwe/types.go @@ -32,13 +32,3 @@ func (w *Weakness) MarshalJSON() ([]byte, error) { URL: w.SprintURL(), }) } - -// InformationURI link to the published CWE PDF -func InformationURI() string { - return fmt.Sprintf("https://cwe.mitre.org/data/published/cwe_v%s.pdf/", Version) -} - -// DownloadURI link to the zipped XML of the CWE list -func DownloadURI() string { - return fmt.Sprintf("https://cwe.mitre.org/data/xml/cwec_v%s.xml.zip", Version) -} diff --git a/cwe/types_test.go b/cwe/types_test.go index 56c37ab..d16993a 100644 --- a/cwe/types_test.go +++ b/cwe/types_test.go @@ -11,8 +11,8 @@ var _ = Describe("CWE Types", func() { }) Context("when consulting cwe types", func() { It("it should retrieves the information and download URIs", func() { - Expect(cwe.InformationURI()).To(Equal("https://cwe.mitre.org/data/published/cwe_v4.4.pdf/")) - Expect(cwe.DownloadURI()).To(Equal("https://cwe.mitre.org/data/xml/cwec_v4.4.xml.zip")) + Expect(cwe.InformationURI).To(Equal("https://cwe.mitre.org/data/published/cwe_v4.4.pdf/")) + Expect(cwe.DownloadURI).To(Equal("https://cwe.mitre.org/data/xml/cwec_v4.4.xml.zip")) }) It("it should retrieves the weakness ID and URL", func() { diff --git a/report/sarif/formatter.go b/report/sarif/formatter.go index b9bcd7c..c0ed4a5 100644 --- a/report/sarif/formatter.go +++ b/report/sarif/formatter.go @@ -104,9 +104,9 @@ func buildSarifReportingDescriptorRelationship(weakness *cwe.Weakness) *Reportin } func buildCWETaxonomy(taxa []*ReportingDescriptor) *ToolComponent { - return NewToolComponent(cwe.Acronym, cwe.Version, cwe.InformationURI()). + return NewToolComponent(cwe.Acronym, cwe.Version, cwe.InformationURI). WithReleaseDateUtc(cwe.ReleaseDateUtc). - WithDownloadURI(cwe.DownloadURI()). + WithDownloadURI(cwe.DownloadURI). WithOrganization(cwe.Organization). WithShortDescription(NewMultiformatMessageString(cwe.Description)). WithIsComprehensive(true).