Dsomm (#452)

* decrease slug size

* start importing dsomm

* start importing dsomm

* lint

* finish dsomm iso mappings importer

* add ability to also use SAMM as a glue

* lint

* add makefile target

* final touches

* lint

---------

Signed-off-by: Spyros <[email protected]>

Makefile

@@ -96,7 +96,7 @@ import-all:
 	make migrate-upgrade && export FLASK_APP=$(CURDIR)/cre.py &&\
 	python cre.py --add --from_spreadsheet https://docs.google.com/spreadsheets/d/1eZOEYgts7d_-Dr-1oAbogPfzBLh6511b58pX3b59kvg &&\
 	python cre.py --generate_embeddings && \
-	python cre.py --zap_in --cheatsheets_in --github_tools_in  --capec_in --owasp_secure_headers_in --pci_dss_4_in --juiceshop_in --dsomm_in --cloud_native_security_controls_in &&\
+	python cre.py --zap_in --cheatsheets_in --github_tools_in  --capec_in --owasp_secure_headers_in --pci_dss_4_in --juiceshop_in --dsomm_in --dsomm_in --cloud_native_security_controls_in &&\
 	python cre.py --generate_embeddings
 
 import-neo4j:

application/utils/external_project_parsers/dsomm.py

@@ -36,6 +36,10 @@
     "vcs usage is not explicitly covered by ISO 27001 - too specific",
     "System hardening, virtual environments are not explicitly covered by ISO 27001 - too specific",
 ]
+manual_mappings = {
+    "Usage of feature toggles": "344-611",
+    "Usage of edge encryption at transit": "435-702",
+}
 
 
 def parse(
@@ -91,6 +95,14 @@ def parse(
                         )
 
                 dbstandard = cache.add_node(standard)
+                if manual_mappings.get(aname):
+                    cs = cache.get_CREs(manual_mappings.get(aname))
+                    for c in cs:
+                        cache.add_link(
+                            cre=db.dbCREfromCRE(c),
+                            node=dbstandard,
+                            type=defs.LinkTypes.LinkedTo,
+                        )
                 # use SAMM as Glue
                 if activity.get("references").get("samm2"):
                     for sectionID in activity.get("references").get("samm2"):