Add parser for grype report

[dtbaum]

Testing done

Submitter checklist

Beta Give feedback

1. Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
2. Ensure that the pull request title represents the desired changelog entry
3. Please describe what you did
4. Link to relevant issues in GitHub or Jira
5. Link to relevant pull requests, esp. upstream and downstream changes
6. Ensure you have provided tests - that demonstrates feature works or fixes the issue

[dtbaum]

This parser parses a grype report, generated by my plugin https://plugins.jenkins.io/grypescanner/.

[uhafner]

Thanks for your pull request!

The code looks good, just some small ideas and questions.

[dtbaum]

@uhafner Is there an elegant way to customize the severity labels? It would be better to use Low, Medium, High, Critical for severity of vulnerabilites.

[codecov]

Codecov Report

Merging #935 (a61d5dd) into master (533ac7e) will increase coverage by 0.01%.
The diff coverage is 96.87%.

@@             Coverage Diff              @@
##             master     #935      +/-   ##
============================================
+ Coverage     92.89%   92.91%   +0.01%     
- Complexity     2323     2333      +10     
============================================
  Files           341      343       +2     
  Lines          6449     6479      +30     
  Branches        668      671       +3     
============================================
+ Hits           5991     6020      +29     
  Misses          262      262              
- Partials        196      197       +1     

Files Changed	Coverage Δ
...du/hm/hafner/analysis/registry/ParserRegistry.java	100.00% <ø> (ø)
...ava/edu/hm/hafner/analysis/parser/GrypeParser.java	95.45% <95.45%> (ø)
src/main/java/edu/hm/hafner/analysis/Severity.java	100.00% <100.00%> (ø)
...u/hm/hafner/analysis/registry/GrypeDescriptor.java	100.00% <100.00%> (ø)

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[uhafner]

Thanks!

[uhafner]

@uhafner Is there an elegant way to customize the severity labels? It would be better to use Low, Medium, High, Critical for severity of vulnerabilites.

Currently not. I wanted to make that in the beginning configurable (so the analysis-model has the possibility). But then I noticed in the UI that it will get to complex.