Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

analysis:fix - Fix analysis not update otherss fields if alredy exists #525

Merged
merged 1 commit into from
Jan 13, 2022

Conversation

wiliansilvazup
Copy link
Contributor

When Horusec-API receive new analysis the fields column, confidence,
security_tool, language aren't updated if vulnerabilityID already
exists in database, then I updated the map of the entity for update
this fields too.

Signed-off-by: wilian wilian.silva@zup.com.br

@wiliansilvazup wiliansilvazup force-pushed the bugfix/vuln-not-updated branch from 84503fd to bd6aa1b Compare January 6, 2022 16:00
@wiliansilvazup wiliansilvazup changed the title chore:analysis - Fix analysis not update otherss fields if alredy exists fix:analysis - Fix analysis not update otherss fields if alredy exists Jan 6, 2022
@wiliansilvazup wiliansilvazup self-assigned this Jan 6, 2022
@wiliansilvazup wiliansilvazup force-pushed the bugfix/vuln-not-updated branch 2 times, most recently from 9cc8f22 to e84eecd Compare January 6, 2022 16:56
Copy link
Contributor

@matheusalcantarazup matheusalcantarazup left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGMT. Just one point, the commit message should be analysis:fix instead fix:analysis

@wiliansilvazup wiliansilvazup changed the title fix:analysis - Fix analysis not update otherss fields if alredy exists analysis:fix - Fix analysis not update otherss fields if alredy exists Jan 13, 2022
@gitguardian
Copy link

gitguardian bot commented Jan 13, 2022

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Details of the secret
Secret Commit Filename Detected At
Generic High Entropy Secret dd537c7 auth/internal/services/authentication/keycloak/client/keycloak_test.go 16:01 January 13th, 2022 View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secret safely. Learn here the best practices.
  3. Revoke and rotate this secret.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

GitGuardian is an automated secrets detection service.We help developers and security teams secure the modern software development process.

 

Our GitHub checks need improvements? Share your feedbacks

Unverified

This user has not yet uploaded their public signing key.
When Horusec-API receive new analysis the fields column, confidence,
security_tool, language aren't updated if vulnerabilityID already
exists in database, then I updated the map of the entity for update
this fields too.

Signed-off-by: wilian <wilian.silva@zup.com.br>
@wiliansilvazup wiliansilvazup force-pushed the bugfix/vuln-not-updated branch from dd537c7 to 0bef3f5 Compare January 13, 2022 16:03
@wiliansilvazup wiliansilvazup merged commit dd9e76e into main Jan 13, 2022
@wiliansilvazup wiliansilvazup deleted the bugfix/vuln-not-updated branch January 13, 2022 16:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Analyzes are not being updated if the hash already exists in the application
4 participants