Skip to content

Commit

Permalink
Merge branch 'dev' of https://github.com/jfrog/jfrog-cli-security int…
Browse files Browse the repository at this point in the history
…o skip-scan-if-auto-install-skipped-in-uninstalled-project
  • Loading branch information
eranturgeman committed Sep 30, 2024
2 parents c815236 + 9a79fb6 commit 6caa0bf
Show file tree
Hide file tree
Showing 19 changed files with 93 additions and 29 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/cla.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
- name: "CLA Assistant"
if: ${{ steps.sign-or-recheck.outputs.match != '' || github.event_name == 'pull_request_target' }}
# Alpha Release
uses: cla-assistant/github-action@v2.3.0
uses: cla-assistant/github-action@v2.6.0
env:
# Generated and maintained by GitHub
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Expand Down
30 changes: 30 additions & 0 deletions audit_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,36 @@ func testAuditNpm(t *testing.T, format string, withVuln bool) string {
return securityTests.PlatformCli.RunCliCmdWithOutput(t, args...)
}

func TestXrayAuditConanJson(t *testing.T) {
output := testAuditConan(t, string(format.Json), true)
securityTestUtils.VerifyJsonScanResults(t, output, 0, 8, 2)
}

func TestXrayAuditConanSimpleJson(t *testing.T) {
output := testAuditConan(t, string(format.SimpleJson), true)
securityTestUtils.VerifySimpleJsonScanResults(t, output, 0, 8, 2)
}

func testAuditConan(t *testing.T, format string, withVuln bool) string {
securityTestUtils.InitSecurityTest(t, scangraph.GraphScanMinXrayVersion)
tempDirPath, createTempDirCallback := coreTests.CreateTempDirWithCallbackAndAssert(t)
defer createTempDirCallback()
conanProjectPath := filepath.Join(filepath.FromSlash(securityTestUtils.GetTestResourcesPath()), "projects", "package-managers", "conan")
// Copy the conan project from the testdata to a temp dir
assert.NoError(t, biutils.CopyDir(conanProjectPath, tempDirPath, true, nil))
prevWd := securityTestUtils.ChangeWD(t, tempDirPath)
defer clientTests.ChangeDirAndAssert(t, prevWd)
// Run conan install before executing jfrog audit
assert.NoError(t, exec.Command("conan").Run())
watchName, deleteWatch := securityTestUtils.CreateTestWatch(t, "audit-policy", "audit-watch", xrayUtils.High)
defer deleteWatch()
args := []string{"audit", "--licenses", "--format=" + format, "--watches=" + watchName, "--fail=false"}
if withVuln {
args = append(args, "--vuln")
}
return securityTests.PlatformCli.RunCliCmdWithOutput(t, args...)
}

func TestXrayAuditPnpmJson(t *testing.T) {
output := testXrayAuditPnpm(t, string(format.Json))
securityTestUtils.VerifyJsonScanResults(t, output, 0, 1, 1)
Expand Down
2 changes: 1 addition & 1 deletion commands/audit/audit.go
Original file line number Diff line number Diff line change
Expand Up @@ -248,7 +248,7 @@ func RunJasScans(auditParallelRunner *utils.SecurityParallelRunner, auditParams
err = fmt.Errorf("failed to get server details: %s", err.Error())
return
}
jasScanner, err = jas.CreateJasScanner(jfrogAppsConfig, serverDetails, jas.GetAnalyzerManagerXscEnvVars(auditParams.commonGraphScanParams.MultiScanId, results.ExtendedScanResults.SecretValidation, results.GetScaScannedTechnologies()...), auditParams.Exclusions()...)
jasScanner, err = jas.CreateJasScanner(jfrogAppsConfig, serverDetails, auditParams.minSeverityFilter, jas.GetAnalyzerManagerXscEnvVars(auditParams.commonGraphScanParams.MultiScanId, results.ExtendedScanResults.SecretValidation, results.GetScaScannedTechnologies()...), auditParams.Exclusions()...)
if err != nil {
err = fmt.Errorf("failed to create jas scanner: %s", err.Error())
return
Expand Down
3 changes: 3 additions & 0 deletions commands/audit/scarunner.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (
"fmt"
biutils "github.com/jfrog/build-info-go/utils"
"github.com/jfrog/build-info-go/utils/pythonutils"
"github.com/jfrog/jfrog-cli-security/commands/audit/sca/conan"
"github.com/jfrog/jfrog-client-go/utils/io/fileutils"
"golang.org/x/exp/slices"

Expand Down Expand Up @@ -253,6 +254,8 @@ func GetTechDependencyTree(params xrayutils.AuditParams, artifactoryServerDetail
depTreeResult.FullDepTrees, uniqueDeps, err = npm.BuildDependencyTree(params)
case techutils.Pnpm:
depTreeResult.FullDepTrees, uniqueDeps, err = pnpm.BuildDependencyTree(params)
case techutils.Conan:
depTreeResult.FullDepTrees, uniqueDeps, err = conan.BuildDependencyTree(params)
case techutils.Yarn:
depTreeResult.FullDepTrees, uniqueDeps, err = yarn.BuildDependencyTree(params)
case techutils.Go:
Expand Down
2 changes: 1 addition & 1 deletion commands/scan/scan.go
Original file line number Diff line number Diff line change
Expand Up @@ -451,7 +451,7 @@ func (scanCmd *ScanCommand) createIndexerHandlerFunc(file *spec.File, entitledFo
log.Error(fmt.Sprintf("failed to create JFrogAppsConfig: %s", err.Error()))
indexedFileErrors[threadId] = append(indexedFileErrors[threadId], formats.SimpleJsonError{FilePath: filePath, ErrorMessage: err.Error()})
}
scanner, err := jas.CreateJasScanner(jfrogAppsConfig, scanCmd.serverDetails, jas.GetAnalyzerManagerXscEnvVars(scanResults.MultiScanId, validateSecrets, techutils.Technology(graphScanResults.ScannedPackageType)))
scanner, err := jas.CreateJasScanner(jfrogAppsConfig, scanCmd.serverDetails, scanCmd.minSeverityFilter, jas.GetAnalyzerManagerXscEnvVars(scanResults.MultiScanId, validateSecrets, techutils.Technology(graphScanResults.ScannedPackageType)))
if err != nil {
log.Error(fmt.Sprintf("failed to create jas scanner: %s", err.Error()))
indexedFileErrors[threadId] = append(indexedFileErrors[threadId], formats.SimpleJsonError{FilePath: filePath, ErrorMessage: err.Error()})
Expand Down
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@ require (
github.com/jfrog/froggit-go v1.16.1
github.com/jfrog/gofrog v1.7.6
github.com/jfrog/jfrog-apps-config v1.0.1
github.com/jfrog/jfrog-cli-core/v2 v2.56.1
github.com/jfrog/jfrog-client-go v1.47.1
github.com/jfrog/jfrog-cli-core/v2 v2.56.0
github.com/jfrog/jfrog-client-go v1.47.0
github.com/magiconair/properties v1.8.7
github.com/owenrumney/go-sarif/v2 v2.3.0
github.com/stretchr/testify v1.9.0
Expand Down
8 changes: 4 additions & 4 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -898,10 +898,10 @@ github.com/jfrog/gofrog v1.7.6 h1:QmfAiRzVyaI7JYGsB7cxfAJePAZTzFz0gRWZSE27c6s=
github.com/jfrog/gofrog v1.7.6/go.mod h1:ntr1txqNOZtHplmaNd7rS4f8jpA5Apx8em70oYEe7+4=
github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY=
github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w=
github.com/jfrog/jfrog-cli-core/v2 v2.56.1 h1:+Me+RQx8BYKib+RZLFtGWFftLjEd3NrjVVxJbSYElKU=
github.com/jfrog/jfrog-cli-core/v2 v2.56.1/go.mod h1:+a9VRDizwc+SK2Io6e4Yp8j7hkTeQstQTmNVwrxdh6Q=
github.com/jfrog/jfrog-client-go v1.47.1 h1:VT2v28/usTSP56+i3MC3fgRvZoh6vjRgQgs8xTk+sYU=
github.com/jfrog/jfrog-client-go v1.47.1/go.mod h1:7M/vgei7VGcLjUxwQ/3r9pH3lvDHlt6Q+Gw+YMis/mc=
github.com/jfrog/jfrog-cli-core/v2 v2.56.0 h1:rCNKhfESgsq0o6//gU1mNCvuCboE5BMfycj/RM/gq8k=
github.com/jfrog/jfrog-cli-core/v2 v2.56.0/go.mod h1:D8m0L8GCZiYCY9MjhnWY4egCqyVlU2iZsVA0yysBsVw=
github.com/jfrog/jfrog-client-go v1.47.0 h1:OBMB6TxqziBByjuk6hm0BM30pQwOb3XzjZKf/cmwCeM=
github.com/jfrog/jfrog-client-go v1.47.0/go.mod h1:UxzL9Q4pDoM+HQjSuQiGNakyoJNuxqPSs35/amBJvdY=
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
Expand Down
2 changes: 1 addition & 1 deletion jas/analyzermanager.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ import (
const (
ApplicabilityFeatureId = "contextual_analysis"
AnalyzerManagerZipName = "analyzerManager.zip"
defaultAnalyzerManagerVersion = "1.9.1"
defaultAnalyzerManagerVersion = "1.9.3"
analyzerManagerDownloadPath = "xsc-gen-exe-analyzer-manager-local/v1"
analyzerManagerDirName = "analyzerManager"
analyzerManagerExecutableName = "analyzerManager"
Expand Down
2 changes: 1 addition & 1 deletion jas/applicability/applicabilitymanager.go
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,7 @@ func (asm *ApplicabilityScanManager) Run(module jfrogappsconfig.Module) (err err
if err = asm.runAnalyzerManager(); err != nil {
return
}
workingDirResults, err := jas.ReadJasScanRunsFromFile(asm.resultsFileName, module.SourceRoot, applicabilityDocsUrlSuffix)
workingDirResults, err := jas.ReadJasScanRunsFromFile(asm.resultsFileName, module.SourceRoot, applicabilityDocsUrlSuffix, asm.scanner.MinSeverity)
if err != nil {
return
}
Expand Down
2 changes: 1 addition & 1 deletion jas/applicability/applicabilitymanager_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -310,7 +310,7 @@ func TestParseResults_NewApplicabilityStatuses(t *testing.T) {
t.Run(tc.name, func(t *testing.T) {
applicabilityManager.resultsFileName = filepath.Join(jas.GetTestDataPath(), "applicability-scan", tc.fileName)
var err error
applicabilityManager.applicabilityScanResults, err = jas.ReadJasScanRunsFromFile(applicabilityManager.resultsFileName, scanner.JFrogAppsConfig.Modules[0].SourceRoot, applicabilityDocsUrlSuffix)
applicabilityManager.applicabilityScanResults, err = jas.ReadJasScanRunsFromFile(applicabilityManager.resultsFileName, scanner.JFrogAppsConfig.Modules[0].SourceRoot, applicabilityDocsUrlSuffix, scanner.MinSeverity)
if assert.NoError(t, err) && assert.NotNil(t, applicabilityManager.applicabilityScanResults) {
assert.Len(t, applicabilityManager.applicabilityScanResults, 1)
assert.Len(t, applicabilityManager.applicabilityScanResults[0].Results, tc.expectedResults)
Expand Down
37 changes: 33 additions & 4 deletions jas/common.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ import (

const (
NoServerUrlError = "To incorporate the ‘Advanced Security’ scans into the audit output make sure platform url is provided and valid (run 'jf c add' prior to 'jf audit' via CLI, or provide JF_URL via Frogbot)"
NoServerDetailsError = "Jfrog Server details are missing"
NoServerDetailsError = "jfrog Server details are missing"
)

type JasScanner struct {
Expand All @@ -44,14 +44,21 @@ type JasScanner struct {
ScannerDirCleanupFunc func() error
EnvVars map[string]string
Exclusions []string
MinSeverity severityutils.Severity
}

func CreateJasScanner(jfrogAppsConfig *jfrogappsconfig.JFrogAppsConfig, serverDetails *config.ServerDetails, envVars map[string]string, exclusions ...string) (scanner *JasScanner, err error) {
func CreateJasScanner(jfrogAppsConfig *jfrogappsconfig.JFrogAppsConfig, serverDetails *config.ServerDetails, minSeverity severityutils.Severity, envVars map[string]string, exclusions ...string) (scanner *JasScanner, err error) {
if serverDetails == nil {
err = errors.New(NoServerDetailsError)
return
}
if len(serverDetails.Url) == 0 {
if len(serverDetails.XrayUrl) != 0 {
log.Debug("Xray URL provided without platform URL")
}
if len(serverDetails.ArtifactoryUrl) != 0 {
log.Debug("Artifactory URL provided without platform URL")
}
log.Warn(NoServerUrlError)
return
}
Expand All @@ -70,6 +77,7 @@ func CreateJasScanner(jfrogAppsConfig *jfrogappsconfig.JFrogAppsConfig, serverDe
scanner.ServerDetails = serverDetails
scanner.JFrogAppsConfig = jfrogAppsConfig
scanner.Exclusions = exclusions
scanner.MinSeverity = minSeverity
return
}

Expand Down Expand Up @@ -121,7 +129,7 @@ func (a *JasScanner) Run(scannerCmd ScannerCmd, module jfrogappsconfig.Module) (
return
}

func ReadJasScanRunsFromFile(fileName, wd, informationUrlSuffix string) (sarifRuns []*sarif.Run, err error) {
func ReadJasScanRunsFromFile(fileName, wd, informationUrlSuffix string, minSeverity severityutils.Severity) (sarifRuns []*sarif.Run, err error) {
if sarifRuns, err = sarifutils.ReadScanRunsFromFile(fileName); err != nil {
return
}
Expand All @@ -136,6 +144,7 @@ func ReadJasScanRunsFromFile(fileName, wd, informationUrlSuffix string) (sarifRu
// Process runs values
fillMissingRequiredDriverInformation(utils.BaseDocumentationURL+informationUrlSuffix, GetAnalyzerManagerVersion(), sarifRun)
sarifRun.Results = excludeSuppressResults(sarifRun.Results)
sarifRun.Results = excludeMinSeverityResults(sarifRun.Results, minSeverity)
addScoreToRunRules(sarifRun)
}
return
Expand Down Expand Up @@ -171,6 +180,26 @@ func excludeSuppressResults(sarifResults []*sarif.Result) []*sarif.Result {
return results
}

func excludeMinSeverityResults(sarifResults []*sarif.Result, minSeverity severityutils.Severity) []*sarif.Result {
if minSeverity == "" {
// No minimum severity to exclude
return sarifResults
}
results := []*sarif.Result{}
for _, sarifResult := range sarifResults {
resultSeverity, err := severityutils.ParseSeverity(sarifutils.GetResultLevel(sarifResult), true)
if err != nil {
log.Warn(fmt.Sprintf("Failed to parse Sarif level %s: %s", sarifutils.GetResultLevel(sarifResult), err.Error()))
resultSeverity = severityutils.Unknown
}
// Exclude results with severity lower than the minimum severity
if severityutils.GetSeverityPriority(resultSeverity, jasutils.ApplicabilityUndetermined) >= severityutils.GetSeverityPriority(minSeverity, jasutils.ApplicabilityUndetermined) {
results = append(results, sarifResult)
}
}
return results
}

func addScoreToRunRules(sarifRun *sarif.Run) {
for _, sarifResult := range sarifRun.Results {
if rule, err := sarifRun.GetRuleById(*sarifResult.RuleID); err == nil {
Expand Down Expand Up @@ -225,7 +254,7 @@ func InitJasTest(t *testing.T, workingDirs ...string) (*JasScanner, func()) {
assert.NoError(t, DownloadAnalyzerManagerIfNeeded(0))
jfrogAppsConfigForTest, err := CreateJFrogAppsConfig(workingDirs)
assert.NoError(t, err)
scanner, err := CreateJasScanner(jfrogAppsConfigForTest, &FakeServerDetails, GetAnalyzerManagerXscEnvVars("", false))
scanner, err := CreateJasScanner(jfrogAppsConfigForTest, &FakeServerDetails, "", GetAnalyzerManagerXscEnvVars("", false))
assert.NoError(t, err)
return scanner, func() {
assert.NoError(t, scanner.ScannerDirCleanupFunc())
Expand Down
2 changes: 1 addition & 1 deletion jas/iac/iacscanner.go
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ func (iac *IacScanManager) Run(module jfrogappsconfig.Module) (err error) {
if err = iac.runAnalyzerManager(); err != nil {
return
}
workingDirResults, err := jas.ReadJasScanRunsFromFile(iac.resultsFileName, module.SourceRoot, iacDocsUrlSuffix)
workingDirResults, err := jas.ReadJasScanRunsFromFile(iac.resultsFileName, module.SourceRoot, iacDocsUrlSuffix, iac.scanner.MinSeverity)
if err != nil {
return
}
Expand Down
4 changes: 2 additions & 2 deletions jas/iac/iacscanner_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ func TestIacParseResults_EmptyResults(t *testing.T) {

// Act
var err error
iacScanManager.iacScannerResults, err = jas.ReadJasScanRunsFromFile(iacScanManager.resultsFileName, scanner.JFrogAppsConfig.Modules[0].SourceRoot, iacDocsUrlSuffix)
iacScanManager.iacScannerResults, err = jas.ReadJasScanRunsFromFile(iacScanManager.resultsFileName, scanner.JFrogAppsConfig.Modules[0].SourceRoot, iacDocsUrlSuffix, scanner.MinSeverity)
if assert.NoError(t, err) && assert.NotNil(t, iacScanManager.iacScannerResults) {
assert.Len(t, iacScanManager.iacScannerResults, 1)
assert.Empty(t, iacScanManager.iacScannerResults[0].Results)
Expand All @@ -81,7 +81,7 @@ func TestIacParseResults_ResultsContainIacViolations(t *testing.T) {

// Act
var err error
iacScanManager.iacScannerResults, err = jas.ReadJasScanRunsFromFile(iacScanManager.resultsFileName, scanner.JFrogAppsConfig.Modules[0].SourceRoot, iacDocsUrlSuffix)
iacScanManager.iacScannerResults, err = jas.ReadJasScanRunsFromFile(iacScanManager.resultsFileName, scanner.JFrogAppsConfig.Modules[0].SourceRoot, iacDocsUrlSuffix, scanner.MinSeverity)
if assert.NoError(t, err) && assert.NotNil(t, iacScanManager.iacScannerResults) {
assert.Len(t, iacScanManager.iacScannerResults, 1)
assert.Len(t, iacScanManager.iacScannerResults[0].Results, 4)
Expand Down
6 changes: 3 additions & 3 deletions jas/runner/jasrunner_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ func TestJasRunner_AnalyzerManagerNotExist(t *testing.T) {
defer func() {
assert.NoError(t, os.Unsetenv(coreutils.HomeDir))
}()
scanner, err := jas.CreateJasScanner(nil, &jas.FakeServerDetails, jas.GetAnalyzerManagerXscEnvVars("", false))
scanner, err := jas.CreateJasScanner(nil, &jas.FakeServerDetails, "", jas.GetAnalyzerManagerXscEnvVars("", false))
assert.NoError(t, err)
if scanner.AnalyzerManager.AnalyzerManagerFullPath, err = jas.GetAnalyzerManagerExecutable(); err != nil {
return
Expand All @@ -42,7 +42,7 @@ func TestJasRunner(t *testing.T) {

jfrogAppsConfigForTest, err := jas.CreateJFrogAppsConfig(nil)
assert.NoError(t, err)
jasScanner, err := jas.CreateJasScanner(jfrogAppsConfigForTest, &jas.FakeServerDetails, jas.GetAnalyzerManagerXscEnvVars("", false, scanResults.GetScaScannedTechnologies()...))
jasScanner, err := jas.CreateJasScanner(jfrogAppsConfigForTest, &jas.FakeServerDetails, "", jas.GetAnalyzerManagerXscEnvVars("", false, scanResults.GetScaScannedTechnologies()...))
assert.NoError(t, err)
err = AddJasScannersTasks(securityParallelRunnerForTest, scanResults, &[]string{"issueId_1_direct_dependency", "issueId_2_direct_dependency"}, false, jasScanner, applicability.ApplicabilityScannerType, secrets.SecretsScannerType, securityParallelRunnerForTest.AddErrorToChan, utils.GetAllSupportedScans(), nil, "")
assert.NoError(t, err)
Expand All @@ -52,7 +52,7 @@ func TestJasRunner_AnalyzerManagerReturnsError(t *testing.T) {
assert.NoError(t, jas.DownloadAnalyzerManagerIfNeeded(0))

jfrogAppsConfigForTest, _ := jas.CreateJFrogAppsConfig(nil)
scanner, _ := jas.CreateJasScanner(nil, &jas.FakeServerDetails, jas.GetAnalyzerManagerXscEnvVars("", false))
scanner, _ := jas.CreateJasScanner(nil, &jas.FakeServerDetails, "", jas.GetAnalyzerManagerXscEnvVars("", false))
_, err := applicability.RunApplicabilityScan(jas.FakeBasicXrayResults, []string{"issueId_2_direct_dependency", "issueId_1_direct_dependency"},
scanner, false, applicability.ApplicabilityScannerType, jfrogAppsConfigForTest.Modules[0], 0)
// Expect error:
Expand Down
2 changes: 1 addition & 1 deletion jas/sast/sastscanner.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ func (ssm *SastScanManager) Run(module jfrogappsconfig.Module) (err error) {
if err = ssm.runAnalyzerManager(filepath.Dir(ssm.scanner.AnalyzerManager.AnalyzerManagerFullPath)); err != nil {
return
}
workingDirRuns, err := jas.ReadJasScanRunsFromFile(ssm.resultsFileName, module.SourceRoot, sastDocsUrlSuffix)
workingDirRuns, err := jas.ReadJasScanRunsFromFile(ssm.resultsFileName, module.SourceRoot, sastDocsUrlSuffix, ssm.scanner.MinSeverity)
if err != nil {
return
}
Expand Down
4 changes: 2 additions & 2 deletions jas/sast/sastscanner_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ func TestSastParseResults_EmptyResults(t *testing.T) {

// Act
var err error
sastScanManager.sastScannerResults, err = jas.ReadJasScanRunsFromFile(sastScanManager.resultsFileName, scanner.JFrogAppsConfig.Modules[0].SourceRoot, sastDocsUrlSuffix)
sastScanManager.sastScannerResults, err = jas.ReadJasScanRunsFromFile(sastScanManager.resultsFileName, scanner.JFrogAppsConfig.Modules[0].SourceRoot, sastDocsUrlSuffix, scanner.MinSeverity)

// Assert
if assert.NoError(t, err) && assert.NotNil(t, sastScanManager.sastScannerResults) {
Expand All @@ -57,7 +57,7 @@ func TestSastParseResults_ResultsContainIacViolations(t *testing.T) {

// Act
var err error
sastScanManager.sastScannerResults, err = jas.ReadJasScanRunsFromFile(sastScanManager.resultsFileName, scanner.JFrogAppsConfig.Modules[0].SourceRoot, sastDocsUrlSuffix)
sastScanManager.sastScannerResults, err = jas.ReadJasScanRunsFromFile(sastScanManager.resultsFileName, scanner.JFrogAppsConfig.Modules[0].SourceRoot, sastDocsUrlSuffix, scanner.MinSeverity)

// Assert
if assert.NoError(t, err) && assert.NotNil(t, sastScanManager.sastScannerResults) {
Expand Down
2 changes: 1 addition & 1 deletion jas/secrets/secretsscanner.go
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ func (ssm *SecretScanManager) Run(module jfrogappsconfig.Module) (err error) {
if err = ssm.runAnalyzerManager(); err != nil {
return
}
workingDirRuns, err := jas.ReadJasScanRunsFromFile(ssm.resultsFileName, module.SourceRoot, secretsDocsUrlSuffix)
workingDirRuns, err := jas.ReadJasScanRunsFromFile(ssm.resultsFileName, module.SourceRoot, secretsDocsUrlSuffix, ssm.scanner.MinSeverity)
if err != nil {
return
}
Expand Down
Loading

0 comments on commit 6caa0bf

Please sign in to comment.