fix build script

Signed-off-by: Michael Sverdlov <[email protected]>
jfrog · Sep 11, 2023 · b3a0328 · b3a0328
1 parent 71543d8
commit b3a0328
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 26 deletions.
diff --git a/xray/formats/simplejsonapi.go b/xray/formats/simplejsonapi.go
@@ -101,7 +101,7 @@ type CveRow struct {
 }
 
 type Applicability struct {
-	Status             bool       `json:"status"`
+	Status             string     `json:"status"`
 	ScannerDescription string     `json:"scannerDescription,omitempty"`
 	Evidence           []Evidence `json:"evidence,omitempty"`
 }

diff --git a/xray/utils/resultstable.go b/xray/utils/resultstable.go
@@ -89,8 +89,10 @@ func prepareViolations(violations []services.Violation, extendedResults *Extende
 		case "security":
 			cves := convertCves(violation.Cves)
 			applicableValue := getApplicableCveValue(extendedResults, cves)
-			for _, cve := range cves {
-				cve.Applicability = getCveApplicability(cve, extendedResults.ApplicabilityScanResults)
+			if extendedResults.EntitledForJas {
+				for i := range cves {
+					cves[i].Applicability = getCveApplicability(cves[i], extendedResults.ApplicabilityScanResults)
+				}
 			}
 			currSeverity := GetSeverity(violation.Severity, applicableValue)
 			jfrogResearchInfo := convertJfrogResearchInformation(violation.ExtendedInformation)
@@ -209,8 +211,10 @@ func prepareVulnerabilities(vulnerabilities []services.Vulnerability, extendedRe
 		}
 		cves := convertCves(vulnerability.Cves)
 		applicableValue := getApplicableCveValue(extendedResults, cves)
-		for _, cve := range cves {
-			cve.Applicability = getCveApplicability(cve, extendedResults.ApplicabilityScanResults)
+		if extendedResults.EntitledForJas {
+			for i := range cves {
+				cves[i].Applicability = getCveApplicability(cves[i], extendedResults.ApplicabilityScanResults)
+			}
 		}
 		currSeverity := GetSeverity(vulnerability.Severity, applicableValue)
 		jfrogResearchInfo := convertJfrogResearchInformation(vulnerability.ExtendedInformation)
@@ -928,37 +932,39 @@ func getApplicableCveValue(extendedResults *ExtendedScanResults, xrayCves []form
 	return ApplicabilityUndetermined
 }
 
-func getCveApplicability(cve formats.CveRow, applicabilityScanResults []*sarif.Run) (applicability *formats.Applicability) {
-	if len(applicabilityScanResults) == 0 {
-		return nil
-	}
+func getCveApplicability(cve formats.CveRow, applicabilityScanResults []*sarif.Run) *formats.Applicability {
+	applicability := &formats.Applicability{Status: string(ApplicabilityUndetermined)}
 	for _, applicabilityRun := range applicabilityScanResults {
-		description := ""
-		if relatedRule, _ := applicabilityRun.GetRuleById(CveToApplicabilityRuleId(cve.Id)); relatedRule != nil {
-			description = GetRuleFullDescription(relatedRule)
-		}
-		relatedResult, _ := applicabilityRun.GetResultByRuleId(CveToApplicabilityRuleId(cve.Id))
-		if relatedResult == nil {
+		foundResult, _ := applicabilityRun.GetResultByRuleId(CveToApplicabilityRuleId(cve.Id))
+		if foundResult == nil {
 			continue
 		}
-		// Set applicable details
-		applicability = &formats.Applicability{
-			Status:             isApplicableResult(relatedResult),
-			ScannerDescription: description,
+		applicability = &formats.Applicability{}
+		if isApplicableResult(foundResult) {
+			applicability.Status = string(Applicable)
+		} else {
+			applicability.Status = string(NotApplicable)
 		}
+
+		foundRule, _ := applicabilityRun.GetRuleById(CveToApplicabilityRuleId(cve.Id))
+		if foundRule != nil {
+			applicability.ScannerDescription = GetRuleFullDescription(foundRule)
+		}
+
 		// Add new evidences from locations
-		for _, location := range relatedResult.Locations {
+		for _, location := range foundResult.Locations {
 			applicability.Evidence = append(applicability.Evidence, formats.Evidence{
 				SourceCodeLocationRow: formats.SourceCodeLocationRow{
 					File:       GetLocationFileName(location),
 					LineColumn: GetStartLocationInFile(location),
 					Snippet:    GetLocationSnippet(location),
 				},
-				Reason: GetResultMsgText(relatedResult),
+				Reason: GetResultMsgText(foundResult),
 			})
 		}
+		break
 	}
-	return
+	return applicability
 }
 
 func printApplicableCveValue(applicableValue ApplicabilityStatus, isTable bool) string {

diff --git a/xray/utils/resultstable_test.go b/xray/utils/resultstable_test.go
@@ -462,7 +462,7 @@ func TestGetApplicableCveValue(t *testing.T) {
 			},
 			cves:           []services.Cve{{Id: "testCve2"}},
 			expectedResult: Applicable,
-			expectedCves:   []formats.CveRow{{Id: "testCve2", Applicability: &formats.Applicability{Status: true}}},
+			expectedCves:   []formats.CveRow{{Id: "testCve2", Applicability: &formats.Applicability{Status: string(Applicable)}}},
 		},
 		{
 			scanResults: &ExtendedScanResults{
@@ -490,7 +490,7 @@ func TestGetApplicableCveValue(t *testing.T) {
 			},
 			cves:           []services.Cve{{Id: "testCve1"}, {Id: "testCve2"}},
 			expectedResult: NotApplicable,
-			expectedCves:   []formats.CveRow{{Id: "testCve1", Applicability: &formats.Applicability{Status: false}}, {Id: "testCve2", Applicability: &formats.Applicability{Status: false}}},
+			expectedCves:   []formats.CveRow{{Id: "testCve1", Applicability: &formats.Applicability{Status: string(NotApplicable)}}, {Id: "testCve2", Applicability: &formats.Applicability{Status: string(NotApplicable)}}},
 		},
 		{
 			scanResults: &ExtendedScanResults{
@@ -504,7 +504,7 @@ func TestGetApplicableCveValue(t *testing.T) {
 			},
 			cves:           []services.Cve{{Id: "testCve1"}, {Id: "testCve2"}},
 			expectedResult: Applicable,
-			expectedCves:   []formats.CveRow{{Id: "testCve1", Applicability: &formats.Applicability{Status: false}}, {Id: "testCve2", Applicability: &formats.Applicability{Status: true}}},
+			expectedCves:   []formats.CveRow{{Id: "testCve1", Applicability: &formats.Applicability{Status: string(NotApplicable)}}, {Id: "testCve2", Applicability: &formats.Applicability{Status: string(Applicable)}}},
 		},
 		{
 			scanResults: &ExtendedScanResults{
@@ -514,7 +514,7 @@ func TestGetApplicableCveValue(t *testing.T) {
 				EntitledForJas: true},
 			cves:           []services.Cve{{Id: "testCve1"}, {Id: "testCve2"}},
 			expectedResult: ApplicabilityUndetermined,
-			expectedCves:   []formats.CveRow{{Id: "testCve1", Applicability: &formats.Applicability{Status: false}}, {Id: "testCve2"}},
+			expectedCves:   []formats.CveRow{{Id: "testCve1", Applicability: &formats.Applicability{Status: string(NotApplicable)}}, {Id: "testCve2"}},
 		},
 	}