Issue Copying specific finding

[douglasjdraper]

The use case to copy all mitigations worked right away, but I did run into issues with the use case to only copy across a specific finding (i.e. using the id_list parameter). In researching the root cause…I was able to get the code to work by making a couple of changes.

Would it be possible to have someone on your team take a look and confirm if my findings are correct? Or be able to straighten me out if it’s user error on my part  Here is an overview of the changes I mentioned.

1.  The flaw id parameter retrieved from the command line is defaulting to strings, and therefore will not match the numeric flaw ids retrieved from the findings API
   

I modified Line 238 to have the id_list parameters read as integers. I verified that error message is presented if non-numeric is entered

Original parser.add_argument('-i','--id_list',nargs='*', help='Only copy mitigations for the flaws in the id_list')

parser.add_argument('-i','--id_list',nargs='*', help='Only copy mitigations for the flaws in the id_list',type=int)

2.  When comparing for matches, the complete list of findings (findings_from) is used instead of using the filtered list that was just built a few lines above
   

I modified line 201 to pass in the filtered list (findings_from_approved) that was just created. I did verify that if the id_list parameter is not used, that all findings are copied across as would be expected.

Original match = Findings().match(this_to_finding,findings_from,approved_matches_only=True,allow_fuzzy_match=fuzzy_match)

match = Findings().match(this_to_finding,findings_from_approved,approved_matches_only=True,allow_fuzzy_match=fuzzy_match)

[aloussayef]

+1 i wasn't able to bypass a specific Flaw ID while using the --id_list argument.
Applying @douglasjdraper changes made that work for me.
Logging should be improved there was no mention that the id_list argument wasn't parsed properly