From de4f4bcf043b4385a010b7218e80410933b16765 Mon Sep 17 00:00:00 2001
From: Rachael Carder <rachael.korinek@gmail.com>
Date: Fri, 3 May 2024 16:11:29 -0500
Subject: [PATCH 1/2] Add cwe_entries as available Issue field

---
 CHANGELOG.md                             | 5 ++++-
 lib/dradis/plugins/nessus/gem_version.rb | 2 +-
 lib/dradis/plugins/nessus/mapping.rb     | 1 +
 lib/nessus/report_item.rb                | 3 ++-
 templates/report_item.sample             | 1 +
 5 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 00aa408..438cbe0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,4 +1,7 @@
-v4.12.0 (Mmmm 2024)
+v4.13.0 (Mmmm 2024)
+ - Add `cwe_entries` as an available Issue field
+
+v4.12.0 (May 2024)
  - Migrate integration to use Mappings Manager
  - Update Dradis links in README
 
diff --git a/lib/dradis/plugins/nessus/gem_version.rb b/lib/dradis/plugins/nessus/gem_version.rb
index cb54a5f..f46fdbc 100644
--- a/lib/dradis/plugins/nessus/gem_version.rb
+++ b/lib/dradis/plugins/nessus/gem_version.rb
@@ -9,7 +9,7 @@ def self.gem_version
       module VERSION
         MAJOR = 4
         MINOR = 12
-        TINY = 0
+        TINY = 1
         PRE = nil
 
         STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
diff --git a/lib/dradis/plugins/nessus/mapping.rb b/lib/dradis/plugins/nessus/mapping.rb
index 61ad54e..85f57df 100644
--- a/lib/dradis/plugins/nessus/mapping.rb
+++ b/lib/dradis/plugins/nessus/mapping.rb
@@ -55,6 +55,7 @@ module Mapping
         'report_item.age_of_vuln',
         'report_item.bid_entries',
         'report_item.cve_entries',
+        'report_item.cwe_entries',
         'report_item.cvss3_base_score',
         'report_item.cvss3_impact_score',
         'report_item.cvss3_temporal_score',
diff --git a/lib/nessus/report_item.rb b/lib/nessus/report_item.rb
index 60c5db5..d28b259 100644
--- a/lib/nessus/report_item.rb
+++ b/lib/nessus/report_item.rb
@@ -31,7 +31,7 @@ def supported_tags
         :risk_factor, :solution, :synopsis, :threat_intensity_last_28, :threat_recency, 
         :threat_sources_last_28, :vpr_score, :vuln_publication_date,
         # multiple tags
-        :bid_entries, :cve_entries, :see_also_entries, :xref_entries,
+        :bid_entries, :cve_entries, :cwe_entries, :see_also_entries, :xref_entries,
         # compliance tags
         :cm_actual_value, :cm_audit_file, :cm_check_id, :cm_check_name, :cm_info,
         :cm_output, :cm_policy_value, :cm_reference, :cm_result, :cm_see_also,
@@ -107,6 +107,7 @@ def method_missing(method, *args)
       translations_table = {
         :bid_entries => 'bid',
         :cve_entries => 'cve',
+        :cwe_entries => 'cwe',
         :see_also_entries => 'see_also',
         :xref_entries  => 'xref'
       }
diff --git a/templates/report_item.sample b/templates/report_item.sample
index b714ef3..2b8e27f 100644
--- a/templates/report_item.sample
+++ b/templates/report_item.sample
@@ -46,6 +46,7 @@ If safe checks are enabled, this may be a false positive since it is based on th
   <product_coverage>Low</product_coverage>
   <canvas_package>CANVAS</canvas_package>
   <cve>CVE-2002-0392</cve>
+  <cwe>123</cwe>
   <bid>5033</bid>
   <xref>IAVA:2002-a-0003</xref>
   <xref>OSVDB:838</xref>

From 2a0ac076cd2abffc89c79817ce32af29dffc95da Mon Sep 17 00:00:00 2001
From: Aaron Manaloto <mail@aapomm.io>
Date: Tue, 9 Jul 2024 15:39:47 +0800
Subject: [PATCH 2/2] Bump version to 4.13 and update spec

---
 lib/dradis/plugins/nessus/gem_version.rb    | 4 ++--
 spec/dradis/plugins/nessus/importer_spec.rb | 9 +++------
 2 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/lib/dradis/plugins/nessus/gem_version.rb b/lib/dradis/plugins/nessus/gem_version.rb
index f46fdbc..a16b947 100644
--- a/lib/dradis/plugins/nessus/gem_version.rb
+++ b/lib/dradis/plugins/nessus/gem_version.rb
@@ -8,8 +8,8 @@ def self.gem_version
 
       module VERSION
         MAJOR = 4
-        MINOR = 12
-        TINY = 1
+        MINOR = 13
+        TINY = 0
         PRE = nil
 
         STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
diff --git a/spec/dradis/plugins/nessus/importer_spec.rb b/spec/dradis/plugins/nessus/importer_spec.rb
index ecfffd7..0a20271 100644
--- a/spec/dradis/plugins/nessus/importer_spec.rb
+++ b/spec/dradis/plugins/nessus/importer_spec.rb
@@ -2,13 +2,10 @@
 require 'ostruct'
 
 describe Dradis::Plugins::Nessus::Importer do
-
   before(:each) do
-    # Stub template service
-    templates_dir = File.expand_path('../../../../../templates', __FILE__)
-    expect_any_instance_of(Dradis::Plugins::TemplateService)
-    .to receive(:default_templates_dir).and_return(templates_dir)
-
+    mapping_service = double('Dradis::Plugins::MappingService')
+    allow(mapping_service).to receive(:apply_mapping).and_return('')
+    allow(Dradis::Plugins::MappingService).to receive(:new).and_return(mapping_service)
 
     # Init services
     plugin = Dradis::Plugins::Nessus