Structural Flaw Detection Patterns

Draft

Get the Structural Flaws code detection patterns summary of an application.
The service returns the code detection pattern description and the number of impacted objects.

URI

GET /rest/applications/{name}/insights/structural-flaws/detection-patterns

Path Parameters

name (string):

This parameter identifies the analyzed application.
The application name must be properly encoded if it is required. Character back-quote is not allowed.

Responses

application/json:

The response is the list of detection patterns.

Example:

[
    {
        "id": "7424",
        "name": "Avoid using SQL queries inside a loop",
        "description": "This metric retrieves all artifacts using at least one SQL query inside a loop statement.",
        "factors": [
            {
                "id": "AIP-STRUCTURAL-FLAW-EFFICIENCY",
                "name": "Efficiency"
            }
        ],
        "categories": [
            {
               "id": "AIP-CWE-1050",
               "name": "CWE-1050"
            }
        ],
        "rationale": "Having an SQL query inside a loop is usually the source...",
        "remediation": "The remediation is often to replace the iterative approach...",
        "remediationSample": "Oracle:\n update..."
        "nbObjects": 29,
    },
]

JSON Representation

Property Type Description

id string Code Detection Pattern reference ID.

name string Code Detection Pattern name.

description string Describe the purpose of the Code Detection Pattern and explain what it searches for.

factors array(string) Structural Flaw Factor: ‘Efficiency’, ‘Reliability’, ‘Security’. A single item should be set in the array.

factors[].id string Structural Flaw Factor ID.

factors[].name string Structural Flaw Factor display name.

categories array(string) Structural Flaw Categories: each category is a CWE reference (Common Weakness Enumeration).

categories[].id string Structural Flaw Category ID.

categories[].name string Structural Flaw Category name.

rationale string Description of the flaw and the consequences.

remediation string Recommendation action to remove the flaw.

remediationSample string Example of good practice to avoid the flaw.

nbObjects integer The number of impacted objects

Property	Type	Description
id	string	Code Detection Pattern reference ID.
name	string	Code Detection Pattern name.
description	string	Describe the purpose of the Code Detection Pattern and explain what it searches for.
factors	array(string)	Structural Flaw Factor: ‘Efficiency’, ‘Reliability’, ‘Security’. A single item should be set in the array.
factors[].id	string	Structural Flaw Factor ID.
factors[].name	string	Structural Flaw Factor display name.
categories	array(string)	Structural Flaw Categories: each category is a CWE reference (Common Weakness Enumeration).
categories[].id	string	Structural Flaw Category ID.
categories[].name	string	Structural Flaw Category name.
rationale	string	Description of the flaw and the consequences.
remediation	string	Recommendation action to remove the flaw.
remediationSample	string	Example of good practice to avoid the flaw.
nbObjects	integer	The number of impacted objects