From 0ba1a40df57bde50f052c20c8d40e8ae0eac3ec5 Mon Sep 17 00:00:00 2001 From: nscuro Date: Fri, 11 Oct 2024 20:21:53 +0200 Subject: [PATCH] Fix redundant query for "ignore unfixed" config during Trivy analysis Signed-off-by: nscuro # Conflicts: # src/main/java/org/dependencytrack/tasks/scanners/TrivyAnalysisTask.java --- .../dependencytrack/tasks/scanners/TrivyAnalysisTask.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/dependencytrack/tasks/scanners/TrivyAnalysisTask.java b/src/main/java/org/dependencytrack/tasks/scanners/TrivyAnalysisTask.java index bf7d7ea7b..51f7587c9 100644 --- a/src/main/java/org/dependencytrack/tasks/scanners/TrivyAnalysisTask.java +++ b/src/main/java/org/dependencytrack/tasks/scanners/TrivyAnalysisTask.java @@ -120,6 +120,7 @@ public class TrivyAnalysisTask extends BaseComponentAnalyzerTask implements Cach private String apiBaseUrl; private String apiToken; + private boolean shouldIgnoreUnfixed; private VulnerabilityAnalysisLevel vulnerabilityAnalysisLevel; @Override @@ -151,6 +152,8 @@ public void inform(final Event e) { LOGGER.error("An error occurred decrypting the Trivy API token; Skipping", ex); return; } + + shouldIgnoreUnfixed = qm.isEnabled(ConfigPropertyConstants.SCANNER_TRIVY_IGNORE_UNFIXED); } vulnerabilityAnalysisLevel = event.getVulnerabilityAnalysisLevel(); @@ -344,7 +347,7 @@ private void handleResults(final Map componentByPurl, final A var vulnerability = result.getVulnerabilities(idx); var key = vulnerability.getPkgIdentifier().getPurl(); LOGGER.debug("Searching key %s in map".formatted(key)); - if (!super.isEnabled(ConfigPropertyConstants.SCANNER_TRIVY_IGNORE_UNFIXED) || vulnerability.getStatus() == 3) { + if (!shouldIgnoreUnfixed || vulnerability.getStatus() == 3) { handle(componentByPurl.get(key), vulnerability); } }