Skip to content

Commit 9203746

Browse files
pedrobpereirapedrobpereira
committed
fix: not recommended patterns are now included in semgrep config CF-1809
1 parent ee1b0e6 commit 9203746

File tree

2 files changed

+32
-5
lines changed

2 files changed

+32
-5
lines changed

plugins/tools/trivy/test/expected.sarif

Lines changed: 31 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@
3434
"text": "Package: brace-expansion\nInstalled Version: 1.1.11\nVulnerability CVE-2025-5889\nSeverity: LOW\nFixed Version: 2.0.2, 1.1.12, 3.0.1, 4.0.1\nLink: [CVE-2025-5889](https://avd.aquasec.com/nvd/cve-2025-5889)"
3535
},
3636
"ruleId": "CVE-2025-5889",
37-
"ruleIndex": 0
37+
"ruleIndex": 4
3838
},
3939
{
4040
"level": "error",
@@ -115,7 +115,7 @@
115115
"text": "Package: django\nInstalled Version: 1.11.29\nVulnerability CVE-2021-33203\nSeverity: MEDIUM\nFixed Version: 2.2.24, 3.1.12, 3.2.4\nLink: [CVE-2021-33203](https://avd.aquasec.com/nvd/cve-2021-33203)"
116116
},
117117
"ruleId": "CVE-2021-33203",
118-
"ruleIndex": 3
118+
"ruleIndex": 5
119119
},
120120
{
121121
"level": "warning",
@@ -142,7 +142,34 @@
142142
"text": "Package: django\nInstalled Version: 1.11.29\nVulnerability CVE-2024-45231\nSeverity: MEDIUM\nFixed Version: 5.1.1, 5.0.9, 4.2.16\nLink: [CVE-2024-45231](https://avd.aquasec.com/nvd/cve-2024-45231)"
143143
},
144144
"ruleId": "CVE-2024-45231",
145-
"ruleIndex": 4
145+
"ruleIndex": 6
146+
},
147+
{
148+
"level": "error",
149+
"locations": [
150+
{
151+
"message": {
152+
"text": "requirements.txt: [email protected]"
153+
},
154+
"physicalLocation": {
155+
"artifactLocation": {
156+
"uri": "requirements.txt",
157+
"uriBaseId": "ROOTPATH"
158+
},
159+
"region": {
160+
"endColumn": 1,
161+
"endLine": 1,
162+
"startColumn": 1,
163+
"startLine": 1
164+
}
165+
}
166+
}
167+
],
168+
"message": {
169+
"text": "Package: django\nInstalled Version: 1.11.29\nVulnerability CVE-2025-57833\nSeverity: HIGH\nFixed Version: 4.2.24, 5.1.12, 5.2.6\nLink: [CVE-2025-57833](https://avd.aquasec.com/nvd/cve-2025-57833)"
170+
},
171+
"ruleId": "CVE-2025-57833",
172+
"ruleIndex": 3
146173
},
147174
{
148175
"level": "warning",
@@ -184,4 +211,4 @@
184211
}
185212
],
186213
"version": "2.1.0"
187-
}
214+
}

tools/semgrepConfigCreator.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ func FilterRulesFromFile(rulesData []byte, config []domain.PatternConfiguration)
3535
// Create a map of enabled pattern IDs for faster lookup
3636
enabledPatterns := make(map[string]bool)
3737
for _, pattern := range config {
38-
if pattern.Enabled && pattern.PatternDefinition.Enabled {
38+
if pattern.Enabled {
3939
// Extract rule ID from pattern ID
4040
parts := strings.SplitN(pattern.PatternDefinition.Id, "_", 2)
4141
if len(parts) == 2 {

0 commit comments

Comments
 (0)