The Safety package can output vulnerabilities in valid RFC 8259 JSON format however Cucumber throws an error indicating the file isn't valid:
❯ json_to_junit results.json DependencyScan.xml
Opening file results.json in read-only
Traceback (most recent call last):
File "/.../venv/bin/json_to_junit", line 8, in <module>
sys.exit(main())
File "/.../venv/lib/python3.8/site-packages/cucumber_json_to_junit_xml/cucumber_json_to_junit.py", line 35, in main
feature_name = sanitize(feature["name"])
TypeError: list indices must be integers or slices, not str
Given file:
[
[
"insecure-package",
"<0.2.0",
"0.1.0",
"This is an insecure package with lots of exploitable security vulnerabilities.",
"25853"
],
[
"django",
"<1.11.27",
"1.2.1",
"Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover...",
"37771"
]
]
Closing as unrelated to Cucumber.
At the time of creating the ticket I thought this was a general json to junit converter (one of the few results on google on this topic) but it works only for cucumber output
The Safety package can output vulnerabilities in valid RFC 8259 JSON format however Cucumber throws an error indicating the file isn't valid:
Given file:
Is it possible to fix that?