Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commit48c15c7

Browse files
fix: use discriminator to determine problem type (#480)
1 parentbc81011 commit48c15c7

File tree

2 files changed

+21
-21
lines changed

2 files changed

+21
-21
lines changed

‎pkg/apiclients/testapi/issues.go‎

Lines changed: 13 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -242,7 +242,12 @@ func (g *idBasedIssueGrouper) extractProblemID(finding *FindingData) string {
242242
}
243243

244244
// Check for Snyk ID pattern (case-insensitive, without allocations)
245-
ifisSnykID(id) {
245+
discriminator,err:=problem.Discriminator()
246+
iferr!=nil {
247+
continue
248+
}
249+
250+
ifstartsWithSnyk(discriminator) {
246251
returnid
247252
}
248253

@@ -255,17 +260,18 @@ func (g *idBasedIssueGrouper) extractProblemID(finding *FindingData) string {
255260
returnfallbackID
256261
}
257262

258-
//isSnykID checks if an ID starts with "snyk" (case-insensitive)
259-
funcisSnykID(idstring)bool {
260-
iflen(id)<4 {
263+
//startsWithSnyk checks if an ID starts with "snyk" (case-insensitive)
264+
funcstartsWithSnyk(idstring)bool {
265+
iflen(id)<5 {
261266
returnfalse
262267
}
263268

264269
// Manual case-insensitive check to avoid string allocation
265270
return (id[0]=='s'||id[0]=='S')&&
266271
(id[1]=='n'||id[1]=='N')&&
267272
(id[2]=='y'||id[2]=='Y')&&
268-
(id[3]=='k'||id[3]=='K')
273+
(id[3]=='k'||id[3]=='K')&&
274+
(id[4]=='_')
269275
}
270276

271277
func (g*idBasedIssueGrouper)getUniqueKey(finding*FindingData)string {
@@ -628,7 +634,7 @@ func (b *issueBuilder) processProblems(finding *FindingData) {
628634
}
629635

630636
// Fallback to first problem if no snyk_vuln or snyk_license found
631-
ifb.primaryProblem==nil&&discriminator!="cve"&&discriminator!="cwe" {
637+
ifb.primaryProblem==nil&&startsWithSnyk(discriminator) {
632638
b.primaryProblem=&problem
633639
}
634640
}
@@ -657,7 +663,7 @@ func (b *issueBuilder) processSnykVulnProblem(problem *Problem) {
657663
b.severity=string(vulnProblem.Severity)
658664
}
659665
ifb.cvssScore==0.0 {
660-
b.cvssScore=float32(vulnProblem.CvssBaseScore)
666+
b.cvssScore=vulnProblem.CvssBaseScore
661667
}
662668
if!b.isFixable {
663669
b.isFixable=vulnProblem.IsFixable

‎pkg/apiclients/testapi/issues_internal_test.go‎

Lines changed: 8 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -10,21 +10,15 @@ import (
1010
"github.com/stretchr/testify/require"
1111
)
1212

13-
funcTestIsSnykID(t*testing.T) {
13+
funcTestStartsWithSnyk(t*testing.T) {
1414
tests:= []struct {
1515
namestring
1616
idstring
1717
expectedbool
1818
}{
1919
// Valid Snyk IDs
20-
{"uppercase with hyphen","SNYK-JS-LODASH-590103",true},
21-
{"lowercase with hyphen","snyk-js-lodash-590103",true},
22-
{"mixed case with hyphen","Snyk-JS-LODASH-590103",true},
23-
{"uppercase with colon","SNYK:LIC:NPM:PACKAGE:MPL-2.0",true},
24-
{"lowercase with colon","snyk:lic:npm:shescape:MPL-2.0",true},
25-
{"mixed case with colon","Snyk:lic:npm:package:MIT",true},
26-
{"just snyk","snyk",true},
27-
{"snyk with no delimiter","snyktest",true},
20+
{"vuln","snyk_vuln",true},
21+
{"license","snyk_license",true},
2822

2923
// Invalid/non-Snyk IDs
3024
{"CVE","CVE-2021-1234",false},
@@ -38,16 +32,16 @@ func TestIsSnykID(t *testing.T) {
3832

3933
for_,tt:=rangetests {
4034
t.Run(tt.name,func(t*testing.T) {
41-
result:=isSnykID(tt.id)
42-
assert.Equal(t,tt.expected,result,"isSnykID(%q) = %v, want %v",tt.id,result,tt.expected)
35+
result:=startsWithSnyk(tt.id)
36+
assert.Equal(t,tt.expected,result,"startsWithSnyk(%q) = %v, want %v",tt.id,result,tt.expected)
4337
})
4438
}
4539
}
4640

4741
funcTestIdBasedIssueGrouper_ExtractProblemID(t*testing.T) {
4842
grouper:=&idBasedIssueGrouper{}
4943

50-
t.Run("prefersSNYK- ID over CVE",func(t*testing.T) {
44+
t.Run("prefersSNYK_ ID over CVE",func(t*testing.T) {
5145
finding:=&FindingData{
5246
Attributes:&FindingAttributes{
5347
FindingType:FindingTypeSca,
@@ -115,13 +109,13 @@ func TestIdBasedIssueGrouper_ExtractProblemID(t *testing.T) {
115109
FindingType:FindingTypeSca,
116110
Problems: []Problem{
117111
createProblem(t,"CVE-2021-1234","cve"),
118-
createProblem(t,"Snyk-JS-LODASH-590103","snyk_vuln"),
112+
createProblem(t,"SNYK-JS-LODASH-590103","snyk_vuln"),
119113
},
120114
},
121115
}
122116

123117
id:=grouper.extractProblemID(finding)
124-
assert.Equal(t,"Snyk-JS-LODASH-590103",id)
118+
assert.Equal(t,"SNYK-JS-LODASH-590103",id)
125119
})
126120

127121
t.Run("returns empty string when no problems",func(t*testing.T) {

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp