From 56fdc73cb80c7de1aa504699ea0ead1e10145451 Mon Sep 17 00:00:00 2001 From: Mark Chmarny Date: Mon, 3 Apr 2023 06:59:30 -0700 Subject: [PATCH] fix snyk score --- .version | 2 +- internal/converter/snyk/snyk.go | 6 +++++- internal/converter/snyk/snyk_test.go | 5 +++++ 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/.version b/.version index f969a39a..08c626c0 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -v0.3.7 \ No newline at end of file +v0.3.8 \ No newline at end of file diff --git a/internal/converter/snyk/snyk.go b/internal/converter/snyk/snyk.go index 166ed9b9..4fb58967 100644 --- a/internal/converter/snyk/snyk.go +++ b/internal/converter/snyk/snyk.go @@ -45,9 +45,13 @@ func mapVulnerability(v *gabs.Container) *data.Vulnerability { Package: parser.ToString(v.Search("name").Data()), Version: parser.ToString(v.Search("version").Data()), Severity: strings.ToLower(parser.ToString(v.Search("severity").Data())), - Score: parser.ToFloat32(c.Search("cvssScore").Data()), + Score: parser.ToFloat32(v.Search("cvssScore").Data()), IsFixed: parser.ToBool(v.Search("isUpgradable").Data()), } + if item.Score == 0 { + item.Score = parser.ToFloat32(c.Search("baseScore").Data()) + } + return item } diff --git a/internal/converter/snyk/snyk_test.go b/internal/converter/snyk/snyk_test.go index 672fe2af..b03a31ad 100644 --- a/internal/converter/snyk/snyk_test.go +++ b/internal/converter/snyk/snyk_test.go @@ -15,11 +15,16 @@ func TestSnykConverter(t *testing.T) { assert.NotNil(t, list) assert.Greater(t, len(list), 0) + noScoreCounter := 0 for _, v := range list { assert.NotEmpty(t, v.ID) assert.NotEmpty(t, v.Package, v.ID) assert.NotEmpty(t, v.Severity, v.ID) assert.NotEmpty(t, v.Version, v.ID) assert.GreaterOrEqual(t, v.Score, float32(0), v.ID) // some matches won't have score + if v.Score == 0 { + noScoreCounter++ + } } + assert.NotEqual(t, noScoreCounter, len(list)) }