Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(git-conf): Specifing ignoreGitHubDismissed per repository (#1224)

Browse Source 
* refactor(git-conf): Specifing ignoreGitHubDismissed per repository with config.toml

* refactor(git-conf): change json tag into camelCase

* refactor(git-conf): change first char of json tag into lowercase
This commit is contained in:
otuki
2021-04-28 13:41:38 +09:00
committed by GitHub
parent 17ae386d1e
commit dc9c0edece
3 changed files with 5 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
config/config.go
View File

@@ -79,9 +79,6 @@ type ReportOpts struct {
DiffMinus bool `json:"diffMinus,omitempty"`
Diff bool `json:"diff,omitempty"`
Lang string `json:"lang,omitempty"`
//TODO move to GitHubConf
IgnoreGitHubDismissed bool `json:"ignore_git_hub_dismissed,omitempty"`
}
// ValidateOnConfigtest validates
@@ -262,7 +259,8 @@ func (cnf WordPressConf) IsZero() bool {
// GitHubConf is used for GitHub Security Alerts
type GitHubConf struct {
Token string `json:"-"`
Token string `json:"-"`
IgnoreGitHubDismissed bool `json:"ignoreGitHubDismissed,omitempty"`
}
// GetServerName returns ServerName if this serverInfo is about host.

6
detector/detector.go
View File

@@ -70,7 +70,7 @@ func Detect(rs []models.ScanResult, dir string) ([]models.ScanResult, error) {
}
repos := config.Conf.Servers[r.ServerName].GitHubRepos
if err := DetectGitHubCves(&r, repos, config.Conf.IgnoreGitHubDismissed); err != nil {
if err := DetectGitHubCves(&r, repos); err != nil {
return nil, xerrors.Errorf("Failed to detect GitHub Cves: %w", err)
}
@@ -219,7 +219,7 @@ func DetectPkgCves(r *models.ScanResult, ovalCnf config.GovalDictConf, gostCnf c
}
// DetectGitHubCves fetches CVEs from GitHub Security Alerts
func DetectGitHubCves(r *models.ScanResult, githubConfs map[string]config.GitHubConf, ignoreDismissed bool) error {
func DetectGitHubCves(r *models.ScanResult, githubConfs map[string]config.GitHubConf) error {
if len(githubConfs) == 0 {
return nil
}
@@ -229,7 +229,7 @@ func DetectGitHubCves(r *models.ScanResult, githubConfs map[string]config.GitHub
return xerrors.Errorf("Failed to parse GitHub owner/repo: %s", ownerRepo)
}
owner, repo := ss[0], ss[1]
n, err := DetectGitHubSecurityAlerts(r, owner, repo, setting.Token, ignoreDismissed)
n, err := DetectGitHubSecurityAlerts(r, owner, repo, setting.Token, setting.IgnoreGitHubDismissed)
if err != nil {
return xerrors.Errorf("Failed to access GitHub Security Alerts: %w", err)
}

4
subcmds/report.go
View File

@@ -63,7 +63,6 @@ func (*ReportCmd) Usage() string {
[-diff-plus]
[-ignore-unscored-cves]
[-ignore-unfixed]
[-ignore-github-dismissed]
[-to-email]
[-to-http]
[-to-slack]
@@ -131,9 +130,6 @@ func (p *ReportCmd) SetFlags(f *flag.FlagSet) {
f.BoolVar(&config.Conf.IgnoreUnfixed, "ignore-unfixed", false,
"Don't report the unfixed CVEs")
f.BoolVar(&config.Conf.IgnoreGitHubDismissed, "ignore-github-dismissed", false,
"Don't report the dismissed CVEs on GitHub Security Alerts")
f.StringVar(
&config.Conf.HTTPProxy, "http-proxy", "",
"http://proxy-url:port (default: empty)")