Greenlight CI Tool Summary Output Examples

Veracode Greenlight

The following are examples of summary outputs.

Default Summary Output

The following example is of the summary output where no optional parameters are passed by the CI tool.
COMMIT-HASH: a11a20787e77beb305448387c6972e60a2c4fa07
====================
Analysis Successful!
====================
=======================
9 Best Practices found!
=======================
CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG): flawedpackage/Greenlights.java:9
CWE-331: Insufficient Entropy: flawedpackage/Greenlights.java:9
CWE-326: Inadequate Encryption Strength: flawedpackage/GreenLightKeySizeHMAC.java:17
CWE-326: Inadequate Encryption Strength: flawedpackage/GreenLightKeySizeHMAC.java:33
CWE-327: Use of a Broken or Risky Cryptographic Algorithm: flawedpackage/Flawed.java:62
CWE-327: Use of a Broken or Risky Cryptographic Algorithm: flawedpackage/Flawed.java:63
CWE-327: Use of a Broken or Risky Cryptographic Algorithm: flawedpackage/Flawed.java:64
CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG): flawedpackage/Flawed.java:73
CWE-331: Insufficient Entropy: flawedpackage/Flawed.java:73
======================
Found 11 total issues!
======================
----------------------------------------------
Found 2 issues of Severity 2. (Threshold is 1)
----------------------------------------------
CWE-597: Use of Wrong Operator in String Comparison: flawedpackage/OneFlaw.java:5
CWE-404: Improper Resource Shutdown or Release: flawedpackage/Flawed.java:37
----------------------------------------------
Found 7 issues of Severity 3. (Threshold is 1)
----------------------------------------------
CWE-326: Inadequate Encryption Strength: flawedpackage/GreenLightKeySizeHMAC.java:38
CWE-259: Use of Hard-coded Password: flawedpackage/Flawed.java:23
CWE-259: Use of Hard-coded Password: flawedpackage/Flawed.java:54
CWE-331: Insufficient Entropy: flawedpackage/Flawed.java:59
CWE-327: Use of a Broken or Risky Cryptographic Algorithm: flawedpackage/Flawed.java:60
CWE-327: Use of a Broken or Risky Cryptographic Algorithm: flawedpackage/Flawed.java:61
CWE-326: Inadequate Encryption Strength: flawedpackage/Flawed.java:68
----------------------------------------------
Found 1 issues of Severity 4. (Threshold is 1)
----------------------------------------------
CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'): flawedpackage/Flawed.java:43
----------------------------------------------
Found 1 issues of Severity 5. (Threshold is 1)
----------------------------------------------
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): flawedpackage/Flawed.java:50
============================================
FAILURE: Found 11 issues, hit the threshold!
============================================

Best Practices Output Example

The following is an example output when specifying that the best practices details are not needed (--best_practices false).
COMMIT-HASH: be902bee2d49026178fbf72aba50aa86077258eb
====================
Analysis Successful!
====================
=======================
2 Best Practices found!
=======================
=====================
Found 1 total issues!
=====================
----------------------------------------------
Found 1 issues of Severity 2. (Threshold is 1)
----------------------------------------------
CWE-597: Use of Wrong Operator in String Comparison: flawedpackage/OneFlaw.java:5
===========================================
FAILURE: Found 1 issues, hit the threshold!
===========================================

Finding Details Output Example

The following output is an example of when details of the findings are requested (id true).
COMMIT-HASH: be902bee2d49026178fbf72aba50aa86077258eb
====================
Analysis Successful!
====================
=======================
2 Best Practices found!
=======================
CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG): flawedpackage/Greenlights.java:9
Details: <span>This is an acceptably strong pseudorandom number generator (PRNG) for cryptographic usage.</span> <span>This is not a flaw. No fix required.</span> <span>References: <a href="http://cwe.mitre.org/data/definitions/338.html">CWE</a></span>
CWE-331: Insufficient Entropy: flawedpackage/Greenlights.java:9
Details: <span>This is an acceptably strong pseudorandom number generator (PRNG) for cryptographic usage.</span> <span>This is not a flaw. No fix required.</span> <span>References: <a href="http://cwe.mitre.org/data/definitions/331.html">CWE</a></span>
=====================
Found 1 total issues!
=====================
----------------------------------------------
Found 1 issues of Severity 2. (Threshold is 1)
----------------------------------------------
CWE-597: Use of Wrong Operator in String Comparison: flawedpackage/OneFlaw.java:5
Details: <span>Using '==' to compare two strings for equality actually compares the object references rather than their values.  It is unlikely that this reflects the intended application logic.</span> <span>Use the equals() method to compare strings, not the '==' operator.</span> <span>References: <a href="http://cwe.mitre.org/data/definitions/597.html">CWE</a></span>
===========================================
FAILURE: Found 1 issues, hit the threshold!
===========================================

Custom Threshold Setting Example

The following output is an example of providing a specific threshold for flaw details. This example uses --issue_counts 2:0,1:0,0:0.

COMMIT-HASH: be902bee2d49026178fbf72aba50aa86077258eb
====================
Analysis Successful!
====================
=======================
2 Best Practices found!
=======================
CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG): flawedpackage/Greenlights.java:9
CWE-331: Insufficient Entropy: flawedpackage/Greenlights.java:9
=====================
Found 1 total issues!
=====================
-------------------------------------------------
Skipping 1 issues of Severity 2. (Threshold is 0)
-------------------------------------------------
===========================================
SUCCESS: All issue counts under thresholds!
===========================================

Issue Details Expanded Example

This example uses --issue_details true.

COMMIT-HASH: be902bee2d49026178fbf72aba50aa86077258eb
        ====================
        Analysis Successful!
        ====================
        =======================
        2 Best Practices found!
        =======================
        CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG): flawedpackage/Greenlights.java:9
        Details: <span>This is an acceptably strong pseudorandom number generator (PRNG) for cryptographic usage.</span> <span>This is not a flaw. No fix required.</span> <span>References: <a href="http://cwe.mitre.org/data/definitions/338.html">CWE</a></span>
        CWE-331: Insufficient Entropy: flawedpackage/Greenlights.java:9
        Details: <span>This is an acceptably strong pseudorandom number generator (PRNG) for cryptographic usage.</span> <span>This is not a flaw. No fix required.</span> <span>References: <a href="http://cwe.mitre.org/data/definitions/331.html">CWE</a></span>
        =====================
        Found 1 total issues!
        =====================
        ----------------------------------------------
        Found 1 issues of Severity 2. (Threshold is 1)
        ----------------------------------------------
        CWE-597: Use of Wrong Operator in String Comparison: flawedpackage/OneFlaw.java:5
        Details: <span>Using '==' to compare two strings for equality actually compares the object references rather than their values.  It is unlikely that this reflects the intended application logic.</span> <span>Use the equals() method to compare strings, not the '==' operator.</span> <span>References: <a href="http://cwe.mitre.org/data/definitions/597.html">CWE</a></span>
        ===========================================
        FAILURE: Found 1 issues, hit the threshold!
        ===========================================