public void routeVulnCsvData()

in src/main/java/com/amazon/inspector/jenkins/amazoninspectorbuildstep/csvconversion/CsvConverter.java [214:244]

• 28 lines of code
• 2 McCabe index (conditional complexity)

    public void routeVulnCsvData(Vulnerability vulnerability, Component component) {
        String installedVersion = component.getPurl();
        String fixedVersion = getPropertyValueFromKey(vulnerability,
                String.format("amazon:inspector:sbom_scanner:fixed_version:%s",  component.getBomRef()));

        String exploitAvailable = getPropertyValueFromKey(vulnerability,
                "amazon:inspector:sbom_scanner:exploit_available");
        String exploitLastSeen = getPropertyValueFromKey(vulnerability,
                "amazon:inspector:sbom_scanner:exploit_last_seen_in_public");
        String path = getPropertyValueFromKey(component,
                "amazon:inspector:sbom_scanner:path");

        CsvData csvData = CsvData.builder()
                .vulnerabilityId(vulnerability.getId())
                .severity(getSeverity(vulnerability))
                .published(vulnerability.getCreated())
                .modified(getUpdated(vulnerability))
                .epssScore(getEpssScore(vulnerability))
                .description(vulnerability.getDescription())
                .packageInstalledVersion(installedVersion)
                .packageFixedVersion(fixedVersion)
                .packagePath(path)
                .cwes(getCwesAsString(vulnerability))
                .exploitAvailable(exploitAvailable)
                .exploitLastSeen(exploitLastSeen)
                .build();

        if (!vulnerability.getId().startsWith("IN-DOCKER")) {
            vulnData.add(csvData);
        }
    }