Cadet 3rd Class
Cadet 3rd Class
562 views

How to extract Build Label from FPR file using FPRUtility Tool

Jump to solution

Does anyone know the command to extract the Build Label from FPR file using the FPRUtility tool?

I tried the below command but does not give the Build Label.

sca18.20/bin/FPRUtility -information -search -project prevresults.fpr -query "[Build Label]" -f output.txt

Attached snapshot from SSC which shows the field [Build Label] in which I am interested to extract using FPRUtility. This is required for one automation task.

Please note: I am using Fortify 18.20.

0 Likes
1 Solution

Accepted Solutions
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor

There is not a way to extract the Build Label for the FPR file using  the FPRUtility.  The -search  parameter Searches the fpr for issues based on the query parameter. So basically your command is looking of issues that are related to "[Build Label]" .  You would have to extract the audit.fvdl file manully for the FPR and pares the file to get the label.   You could get this info using the SSC API but you will have to know the artifact ID.  How are you passing the -build-label switch in SCA?  

View solution in original post

2 Replies
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor

There is not a way to extract the Build Label for the FPR file using  the FPRUtility.  The -search  parameter Searches the fpr for issues based on the query parameter. So basically your command is looking of issues that are related to "[Build Label]" .  You would have to extract the audit.fvdl file manully for the FPR and pares the file to get the label.   You could get this info using the SSC API but you will have to know the artifact ID.  How are you passing the -build-label switch in SCA?  

View solution in original post

Cadet 3rd Class
Cadet 3rd Class

Thanks for your suggestion. I did extract the audit.fvdl from FPR and got the Build Label. Before posting the query in this forum, we had tried the SSC Api route but that was tedious and over complicated for a simple automation task as it involved multiple steps and also required us to create a new read only user to access the SSC API:

  1. Get the application version using fortifyclient utility
  2. Get the artifacts using SSC Api
  3. Extract the href from first node of JSON returned in step 2
  4. Travel to the href url extracted in step 3
  5. Extract one more href from the JSON returned in step 4
  6. Travel to the href url extracted in step 5
  7. Finally you get the buildLabel in JSON returned in step 6

We are passing the build label via sourceanalyzer command during translation step. Again, many thanks for your suggestion.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.