Skip to content

Commit

Permalink
Merge pull request #4246 from nscuro/fix-redundant-query-trivy
Browse files Browse the repository at this point in the history
  • Loading branch information
@nscuro
nscuro authored Oct 11, 2024
2 parents c31be30 + 8df9bc0 commit 5235dd8
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion src/main/java/org/dependencytrack/tasks/scanners/TrivyAnalysisTask.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,7 @@ public class TrivyAnalysisTask extends BaseComponentAnalyzerTask implements Cach

private String apiBaseUrl;
private String apiToken;
private boolean shouldIgnoreUnfixed;
private VulnerabilityAnalysisLevel vulnerabilityAnalysisLevel;

@Override
Expand Down Expand Up @@ -151,6 +152,8 @@ public void inform(final Event e) {
LOGGER.error("An error occurred decrypting the Trivy API token; Skipping", ex);
return;
}

shouldIgnoreUnfixed = qm.isEnabled(ConfigPropertyConstants.SCANNER_TRIVY_IGNORE_UNFIXED);
}

vulnerabilityAnalysisLevel = event.getVulnerabilityAnalysisLevel();
Expand Down Expand Up @@ -344,7 +347,7 @@ private void handleResults(final Map<String, Component> componentByPurl, final A
var vulnerability = result.getVulnerabilities(idx);
var key = vulnerability.getPkgIdentifier().getPurl();
LOGGER.debug("Searching key %s in map".formatted(key));
if (!super.isEnabled(ConfigPropertyConstants.SCANNER_TRIVY_IGNORE_UNFIXED) || vulnerability.getStatus() == 3) {
if (!shouldIgnoreUnfixed || vulnerability.getStatus() == 3) {
handle(componentByPurl.get(key), vulnerability);
}
}
Expand Down

0 comments on commit 5235dd8

Please sign in to comment.