Adding MASVS v2 compliance

appknox · Apr 3, 2024 · b732707 · b732707
1 parent c413a37
commit b732707
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 3 deletions.
diff --git a/appknox/analyses.go b/appknox/analyses.go
@@ -103,7 +103,8 @@ type Analysis struct {
 	Cwe             []string                `json:"cwe,omitempty"`
 	Gdpr            []string                `json:"gdpr,omitempty"`
 	Mstg            []string                `json:"mstg,omitempty"`
-	Owaspapi2023	[]string				`json:"owaspapi2023,omitempty"`
+	Owaspapi2023    []string                `json:"owaspapi2023,omitempty"`
+	Masvs           []string                `json:"masvs,omitempty"`
 	UpdatedOn       *time.Time              `json:"updated_on,omitempty"`
 	VulnerabilityID int                     `json:"vulnerability,omitempty"`
 }
@@ -118,6 +119,9 @@ type AnalysisListOptions struct {
 func (s *AnalysesService) ListByFile(ctx context.Context, fileID int, opt *AnalysisListOptions) ([]*Analysis, *AnalysisResponse, error) {
 	u := fmt.Sprintf("api/v2/files/%v/analyses", fileID)
 	URL, err := addOptions(u, opt)
+	if err != nil {
+		return nil, nil, err
+	}
 	req, err := s.client.NewRequest("GET", URL, nil)
 	if err != nil {
 		return nil, nil, err

diff --git a/appknox/analyses_test.go b/appknox/analyses_test.go
@@ -45,7 +45,8 @@ func TestAnalysesCompliance_marshall(t *testing.T) {
 		Cwe:             []string{"C_1"},
 		Gdpr:            []string{"G_1", "G_2"},
 		Mstg:            []string{"M_1"},
-		Owaspapi2023:	 []string{"API_2023_8"},
+		Owaspapi2023:    []string{"API_2023_8"},
+		Masvs:           []string{"MASVS_6_3"},
 		VulnerabilityID: 1,
 	}
 	want := `{
@@ -58,6 +59,7 @@ func TestAnalysesCompliance_marshall(t *testing.T) {
 		"gdpr": ["G_1", "G_2"],
 		"mstg": ["M_1"],
 		"owaspapi2023": ["API_2023_8"],
+		"masvs": ["MASVS_6_3"],
 		"vulnerability": 1
 	}`
 	testJSONMarshal(t, u, want)

diff --git a/helper/analyses.go b/helper/analyses.go
@@ -36,7 +36,7 @@ func ProcessAnalyses(fileID int) {
 	// header is an interface because t.AddHeader only supports
 	// interface elements
 	header := []interface{}{"ID", "RISK", "STATUS", "CVSS-VECTOR", "CVSS-BASE", "CVSS-VERSION", "OWASP", "ASVS", "CWE",
-		"MSTG", "OWASP API 2023"}
+		"MSTG", "OWASP API 2023", "OWASP MASVS (v2)"}
 	if profileReportPref.ShowPcidss.Value {
 		header = append(header, "PCI-DSS")
 	}
@@ -63,6 +63,7 @@ func ProcessAnalyses(fileID int) {
 			finalAnalyses[i].Cwe,
 			finalAnalyses[i].Mstg,
 			finalAnalyses[i].Owaspapi2023,
+			finalAnalyses[i].Masvs,
 		}
 		if profileReportPref.ShowPcidss.Value {
 			row = append(row, finalAnalyses[i].Pcidss)