gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-22 07:10:41 -08:00
Code Issues Packages Projects Releases Wiki Activity

fix(vuln) unique vulnerabilities from different data sources (#984)

Browse Source 
* Fix duplicate Rule in sarif template

* Fix integration tests

* Fixed tests

* Update certs validity upto 2100

* Moved deduplication logic to Filter

* Fix linting issue

* Fix liniting issue

* fix: deduplicate vulnerabilities

* refactor

* fix: add installed versions to uniq keys

* Fix tests

* Fix Unit tests.

* Revert port change

Co-authored-by: knqyf263 <knqyf263@gmail.com>
This commit is contained in:
rahul2393
2021-05-12 15:40:05 +05:30
committed by GitHub
parent 04e7ccabea
commit e26e39a7f8
8 changed files with 247 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

128
pkg/vulnerability/vulnerability_test.go
View File

@@ -675,6 +675,134 @@ func TestClient_Filter(t *testing.T) {
},
},
},
{
name: "happy path with duplicates, one with empty fixed version",
args: args{
vulns: []types.DetectedVulnerability{
{
VulnerabilityID: "CVE-2019-0001",
PkgName: "foo",
InstalledVersion: "1.2.3",
FixedVersion: "",
Vulnerability: dbTypes.Vulnerability{
Severity: dbTypes.SeverityLow.String(),
},
},
{
VulnerabilityID: "CVE-2019-0001",
PkgName: "foo",
InstalledVersion: "1.2.3",
FixedVersion: "1.2.4",
Vulnerability: dbTypes.Vulnerability{
Severity: dbTypes.SeverityLow.String(),
},
},
{
VulnerabilityID: "CVE-2019-0002",
PkgName: "bar",
InstalledVersion: "1.2.3",
FixedVersion: "1.2.4",
Vulnerability: dbTypes.Vulnerability{
Severity: dbTypes.SeverityCritical.String(),
},
},
{
VulnerabilityID: "CVE-2019-0002",
PkgName: "bar",
InstalledVersion: "1.2.3",
FixedVersion: "1.2.5",
Vulnerability: dbTypes.Vulnerability{
Severity: dbTypes.SeverityCritical.String(),
},
},
{
VulnerabilityID: "CVE-2018-0001",
PkgName: "baz",
InstalledVersion: "1.2.3",
FixedVersion: "",
Vulnerability: dbTypes.Vulnerability{
Severity: dbTypes.SeverityHigh.String(),
},
},
{
VulnerabilityID: "CVE-2018-0001",
PkgName: "bar",
InstalledVersion: "1.2.3",
FixedVersion: "",
Vulnerability: dbTypes.Vulnerability{
Severity: dbTypes.SeverityCritical.String(),
},
},
{
VulnerabilityID: "CVE-2018-0002",
PkgName: "bar",
InstalledVersion: "1.2.3",
FixedVersion: "",
Vulnerability: dbTypes.Vulnerability{
Severity: "",
},
},
{
VulnerabilityID: "CVE-2018-0002",
PkgName: "bar",
InstalledVersion: "2.0.0",
FixedVersion: "",
Vulnerability: dbTypes.Vulnerability{
Severity: "",
},
},
},
severities: []dbTypes.Severity{dbTypes.SeverityCritical, dbTypes.SeverityHigh, dbTypes.SeverityUnknown},
ignoreUnfixed: false,
},
want: []types.DetectedVulnerability{
{
VulnerabilityID: "CVE-2018-0001",
PkgName: "bar",
InstalledVersion: "1.2.3",
FixedVersion: "",
Vulnerability: dbTypes.Vulnerability{
Severity: dbTypes.SeverityCritical.String(),
},
},
{
VulnerabilityID: "CVE-2019-0002",
PkgName: "bar",
InstalledVersion: "1.2.3",
FixedVersion: "1.2.5",
Vulnerability: dbTypes.Vulnerability{
Severity: dbTypes.SeverityCritical.String(),
},
},
{
VulnerabilityID: "CVE-2018-0002",
PkgName: "bar",
InstalledVersion: "1.2.3",
FixedVersion: "",
Vulnerability: dbTypes.Vulnerability{
Severity: dbTypes.SeverityUnknown.String(),
},
},
{
VulnerabilityID: "CVE-2018-0002",
PkgName: "bar",
InstalledVersion: "2.0.0",
FixedVersion: "",
Vulnerability: dbTypes.Vulnerability{
Severity: dbTypes.SeverityUnknown.String(),
},
},
{
VulnerabilityID: "CVE-2018-0001",
PkgName: "baz",
InstalledVersion: "1.2.3",
FixedVersion: "",
Vulnerability: dbTypes.Vulnerability{
Severity: dbTypes.SeverityHigh.String(),
},
},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {