ISO-5055 Detection Patterns

Draft

Get the ISO-5055 code detection patterns summary of an application.
The service returns the code detection pattern description and the number of impacted objects.

URI

GET /rest/applications/{name}/insights/iso-5055/detection-patterns

Path Parameters

name (string):

This parameter identifies the analyzed application.
The application name must be properly encoded if it is required. Character back-quote is not allowed.

Responses

application/json:

The response is the list of detection patterns.

Example:

[
    {
        "id": "7424",
        "name": "Avoid using SQL queries inside a loop",
        "description": "This metric retrieves all artifacts using at least one SQL query inside a loop statement.",
        "characteristics": [
            {
                "id": "ISO-5055-Performance-Efficiency",
                "name": "Efficiency"
            }
        ],
        "weaknesses": [
            {
               "id": "CWE-1050",
               "name": "CWE-1050"
            }
        ],
        "rationale": "Having an SQL query inside a loop is usually the source...",
        "remediation": "The remediation is often to replace the iterative approach...",
        "remediationSample": "Oracle:\n update..."
        "nbObjects": 29,
    },
]

JSON Representation

Property Type Description

id string Code Detection Pattern reference ID.

name string Code Detection Pattern name.

description string Describe the purpose of the Code Detection Pattern and explain what it searches for.

characteristics array(string) ISO-5055 Characteristics.

characteristics[].id string ISO-5055 Characteristic ID.

characteristics[].name string ISO-5055 Characteristic display name.

weaknesses array(string) ISO-5055 Weaknesses: each weakness is a CWE reference (Common Weakness Enumeration).

weaknesses[].id string ISO-5055 Weakness ID.

weaknesses[].name string ISO-5055 Weakness name.

rationale string Description of the flaw and the consequences.

remediation string Recommendation action to remove the flaw.

remediationSample string Example of good practice to avoid the flaw.

nbObjects integer The number of impacted objects

Property	Type	Description
id	string	Code Detection Pattern reference ID.
name	string	Code Detection Pattern name.
description	string	Describe the purpose of the Code Detection Pattern and explain what it searches for.
characteristics	array(string)	ISO-5055 Characteristics.
characteristics[].id	string	ISO-5055 Characteristic ID.
characteristics[].name	string	ISO-5055 Characteristic display name.
weaknesses	array(string)	ISO-5055 Weaknesses: each weakness is a CWE reference (Common Weakness Enumeration).
weaknesses[].id	string	ISO-5055 Weakness ID.
weaknesses[].name	string	ISO-5055 Weakness name.
rationale	string	Description of the flaw and the consequences.
remediation	string	Recommendation action to remove the flaw.
remediationSample	string	Example of good practice to avoid the flaw.
nbObjects	integer	The number of impacted objects