🎉 Add fix_available information to jfrog xray unified parser #12633 (#13105)

Author: manuel-sommer

dojo/tools/jfrog_xray_unified/parser.py

@@ -80,12 +80,14 @@ def get_item(vulnerability, test):
         if "cvss_v2_vector" in worstCve:
             cvss_v2 = worstCve["cvss_v2_vector"]
 
+    fix_available = False
     if (
         "fixed_versions" in vulnerability
         and len(vulnerability["fixed_versions"]) > 0
     ):
         mitigation = "Versions containing a fix:\n"
         mitigation += "\n".join(vulnerability["fixed_versions"])
+        fix_available = True
 
     if (
         "external_advisory_source" in vulnerability
@@ -138,6 +140,7 @@ def get_item(vulnerability, test):
         date=scan_time,
         unique_id_from_tool=vulnerability["issue_id"],
         tags=tags,
+        fix_available=fix_available,
     )
 
     cvss_data = parse_cvss_data(cvssv3)

unittests/tools/test_jfrog_xray_unified_parser.py

@@ -27,6 +27,7 @@ def test_parse_file_with_one_vuln(self):
         self.assertEqual(1, len(item.unsaved_vulnerability_ids))
         self.assertEqual("CVE-2020-28493", item.unsaved_vulnerability_ids[0])
         self.assertEqual("Medium", item.severity)
+        self.assertEqual(True, item.fix_available)
         self.assertEqual("This affects the package", item.description[:24])
         self.assertEqual(" memory.", item.description[-8:])
         self.assertIsNotNone(item.mitigation)