Skip to content

Commit

Permalink
fix: wrong vuln rating source (#81)
Browse files Browse the repository at this point in the history
  • Loading branch information
@paulrosca-snyk
paulrosca-snyk authored Dec 17, 2024
1 parent 2f3d685 commit 9cc9d47
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 3 deletions.
17 changes: 14 additions & 3 deletions lib/snyk/enrich_cyclonedx.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -204,10 +204,21 @@ func enrichCycloneDX(cfg *Config, bom *cdx.BOM, logger *zerolog.Logger) *cdx.BOM

if issue.Attributes.Severities != nil {
for _, sev := range *issue.Attributes.Severities {
source := cdx.Source{
Name: "Snyk",
URL: snykVulnerabilityDBWebURL,
var source cdx.Source
if sev.Source != nil {
source = cdx.Source{
Name: *sev.Source,
}
} else {
source = cdx.Source{
Name: "Snyk",
}
}

if source.Name == "Snyk" {
source.URL = snykVulnerabilityDBWebURL
}

if sev.Score != nil {
score := float64(*sev.Score)
rating := cdx.VulnerabilityRating{
Expand Down
5 changes: 5 additions & 0 deletions lib/snyk/enrich_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,11 @@ func TestEnrichSBOM_CycloneDXWithVulnerabilities(t *testing.T) {
vuln := (*bom.Vulnerabilities)[0]
assert.Equal(t, "pkg:pypi/[email protected]", vuln.BOMRef)
assert.Equal(t, "SNYK-PYTHON-NUMPY-73513", vuln.ID)

assert.NotNil(t, vuln.Ratings)
assert.Len(t, *vuln.Ratings, 4)
assert.Equal(t, (*vuln.Ratings)[0].Source, &cdx.Source{Name: "Snyk", URL: "https://security.snyk.io"})
assert.Equal(t, (*vuln.Ratings)[1].Source, &cdx.Source{Name: "NVD"})
}

func TestEnrichSBOM_CycloneDXExternalRefs(t *testing.T) {
Expand Down

0 comments on commit 9cc9d47

Please sign in to comment.