2021-04-15 11:09:11 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
module VulnerabilityFindingHelpers
|
|
|
|
extend ActiveSupport::Concern
|
2021-09-30 11:12:24 -04:00
|
|
|
|
|
|
|
# Manually resolvable report types cannot be considered fixed once removed from the
|
|
|
|
# target branch due to requiring active triage, such as rotation of an exposed token.
|
|
|
|
REPORT_TYPES_REQUIRING_MANUAL_RESOLUTION = %w[secret_detection].freeze
|
|
|
|
|
|
|
|
def requires_manual_resolution?
|
|
|
|
REPORT_TYPES_REQUIRING_MANUAL_RESOLUTION.include?(report_type)
|
|
|
|
end
|
|
|
|
|
2021-08-02 11:08:56 -04:00
|
|
|
def matches_signatures(other_signatures, other_uuid)
|
|
|
|
other_signature_types = other_signatures.index_by(&:algorithm_type)
|
|
|
|
|
|
|
|
# highest first
|
|
|
|
match_result = nil
|
|
|
|
signatures.sort_by(&:priority).reverse_each do |signature|
|
|
|
|
matching_other_signature = other_signature_types[signature.algorithm_type]
|
|
|
|
next if matching_other_signature.nil?
|
|
|
|
|
|
|
|
match_result = matching_other_signature == signature
|
|
|
|
break
|
|
|
|
end
|
2021-04-15 11:09:11 -04:00
|
|
|
|
2021-08-02 11:08:56 -04:00
|
|
|
if match_result.nil?
|
|
|
|
[uuid, *signature_uuids].include?(other_uuid)
|
|
|
|
else
|
|
|
|
match_result
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def signature_uuids
|
|
|
|
signatures.map do |signature|
|
|
|
|
hex_sha = signature.signature_hex
|
|
|
|
::Security::VulnerabilityUUID.generate(
|
|
|
|
report_type: report_type,
|
|
|
|
location_fingerprint: hex_sha,
|
|
|
|
primary_identifier_fingerprint: primary_identifier&.fingerprint,
|
|
|
|
project_id: project_id
|
|
|
|
)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|