diff --git a/internal/commands/result.go b/internal/commands/result.go index 6140f3cb8..d2a27fcea 100644 --- a/internal/commands/result.go +++ b/internal/commands/result.go @@ -107,6 +107,8 @@ const ( redundantLabel = "redundant" delayValueForReport = 10 fixLinkPrefix = "https://devhub.checkmarx.com/cve-details/" + snoozeLabel = "Snooze" + muteLabel = "Muted" ) var summaryFormats = []string{ @@ -2332,12 +2334,16 @@ func buildScaType(typesByCVE map[string]wrappers.ScaTypeCollection, result *wrap func buildScaState(typesByCVE map[string]wrappers.ScaTypeCollection, result *wrappers.ScanResult) string { types, ok := typesByCVE[result.ID] - if ok && types.IsIgnored { + if ok && (types.IsIgnored || isSnoozeOrMutePackage(&types)) { return notExploitable } return result.State } +func isSnoozeOrMutePackage(result *wrappers.ScaTypeCollection) bool { + return strings.EqualFold(result.RiskState, snoozeLabel) || strings.EqualFold(result.RiskState, muteLabel) +} + func addPackageInformation( resultsModel *wrappers.ScanResultsCollection, scaPackageModel *[]wrappers.ScaPackageCollection, diff --git a/internal/wrappers/export.go b/internal/wrappers/export.go index 474ec7ebf..22e915efb 100644 --- a/internal/wrappers/export.go +++ b/internal/wrappers/export.go @@ -38,4 +38,5 @@ type ScaType struct { ID string `json:"Id,omitempty"` Type string `json:"Type,omitempty"` IsIgnored bool `json:"IsIgnored,omitempty"` + RiskState string `json:"RiskState,omitempty"` } diff --git a/internal/wrappers/results-sca-package.go b/internal/wrappers/results-sca-package.go index e7fb06643..0f977755e 100644 --- a/internal/wrappers/results-sca-package.go +++ b/internal/wrappers/results-sca-package.go @@ -26,4 +26,5 @@ type ScaTypeCollection struct { ID string `json:"id,omitempty"` Type string `json:"type,omitempty"` IsIgnored bool `json:"isIgnored,omitempty"` + RiskState string `json:"omitempty"` }