diff --git a/dojo/tools/mend/parser.py b/dojo/tools/mend/parser.py index c5cc48b456a..79af88ec64c 100644 --- a/dojo/tools/mend/parser.py +++ b/dojo/tools/mend/parser.py @@ -70,6 +70,7 @@ def _build_common_output(node, lib_name=None): component_path = node["component"].get("path", None) if component_path: locations.append(component_path) + steps_to_reproduce = locations if "topFix" in node: try: @@ -173,16 +174,12 @@ def _build_common_output(node, lib_name=None): logger.exception( "Error handling local paths for vulnerability.", ) - if locations: - if len(", ".join(locations)) > 3999: - locations = [loc[:3999] for loc in locations] - locations_str = ", ".join(locations)[:3999] - else: - locations_str = ", ".join(locations) - - steps_to_reproduce = "**Locations Found**: " + locations_str + if locations and len(", ".join(locations)) > 3999: + locations = [loc[:3999] for loc in locations] + locations = ", ".join(locations)[:3999] + steps_to_reproduce = "**Locations Found**: " + locations if locations is not None else None else: - steps_to_reproduce = None + steps_to_reproduce = ", ".join(locations) filepaths = filepaths @@ -201,7 +198,7 @@ def _build_common_output(node, lib_name=None): cvssv3=cvss3_vector, cvssv3_score=float(cvss3_score) if cvss3_score is not None else None, impact=impact, - steps_to_reproduce=steps_to_reproduce, + steps_to_reproduce=steps_to_reproduce if steps_to_reproduce is not None else None ) if cve: new_finding.unsaved_vulnerability_ids = [cve] @@ -266,4 +263,4 @@ def create_finding_key(f: Finding) -> str: if dupe_key not in dupes: dupes[dupe_key] = finding - return list(dupes.values()) + return list(dupes.values()) \ No newline at end of file