trivy:bugfix - adding func to avoid hash changes in trivy formatter

Since the pull request #882 some changes were made in the line and code of the trivy formatter, and this data influences directly the hash generation. This pr will avoid this hash change by using the same data as before, but for the users the data will be showed with the fixes made in the pull request 882, leading to no braking changes and keeping the fixes. Signed-off-by: Nathan Martins <nathan.martins@zup.com.br>
ZupIT · Jan 18, 2022 · 25d831b · 25d831b
1 parent bfb07e6
commit 25d831b
Showing 1 changed file with 13 additions and 1 deletion.
diff --git a/internal/services/formatters/generic/trivy/formatter.go b/internal/services/formatters/generic/trivy/formatter.go
@@ -169,11 +169,23 @@ func (f *Formatter) addVulnerabilitiesOutput(vulnerabilities []*trivyVulnerabili
 		addVuln.File = target
 		addVuln.Details = vuln.getDetails()
 		addVuln.Severity = severities.GetSeverityByString(vuln.Severity)
-		addVuln = vulnhash.Bind(addVuln)
+		addVuln.VulnHash = f.getOldHash(vuln.PkgName, *addVuln)
 		f.AddNewVulnerabilityIntoAnalysis(addVuln)
 	}
 }
 
+// getOldHash func necessary to avoid a breaking change in the trivy hash generation. Since the pull request
+// https://github.com/ZupIT/horusec/pull/882 some changes were made in the line and code, and this data influences
+// directly the hash generation. This func will avoid this hash change by using the same data as before, but for the
+// users the data will be showed with the fixes made in the pull request 882, leading to no braking changes and keeping
+// the fixes.
+func (f *Formatter) getOldHash(pkgName string, vuln vulnerability.Vulnerability) string {
+	vuln.Line = "0"
+	vuln.Code = pkgName
+
+	return vulnhash.Bind(&vuln).VulnHash
+}
+
 func (f *Formatter) addMisconfigurationOutput(result []*trivyMisconfiguration, target string) {
 	for _, vuln := range result {
 		addVuln := f.getVulnBase()