feat(report): range notion calc by severity when no-cvss-score (#1145)

2021-01-25 13:22:55 +09:00
parent e4f1e03f62
commit 3c1489e588
9 changed files with 258 additions and 281 deletions
--- a/models/scanresults_test.go
+++ b/models/scanresults_test.go
@@ -18,6 +18,7 @@ func TestFilterByCvssOver(t *testing.T) {
 		in  in
 		out ScanResult
 	}{
+		//0
 		{
 			in: in{
 				over: 7.0,
@@ -98,7 +99,7 @@ func TestFilterByCvssOver(t *testing.T) {
 				},
 			},
 		},
-		// OVAL Severity
+		//1 OVAL Severity
 		{
 			in: in{
 				over: 7.0,
@@ -110,7 +111,7 @@ func TestFilterByCvssOver(t *testing.T) {
 								CveContent{
 									Type:          Ubuntu,
 									CveID:         "CVE-2017-0001",
-									Cvss2Severity: "HIGH",
+									Cvss3Severity: "HIGH",
 									LastModified:  time.Time{},
 								},
 							),
@@ -119,9 +120,9 @@ func TestFilterByCvssOver(t *testing.T) {
 							CveID: "CVE-2017-0002",
 							CveContents: NewCveContents(
 								CveContent{
-									Type:          RedHat,
+									Type:          Debian,
 									CveID:         "CVE-2017-0002",
-									Cvss2Severity: "CRITICAL",
+									Cvss3Severity: "CRITICAL",
 									LastModified:  time.Time{},
 								},
 							),
@@ -130,9 +131,9 @@ func TestFilterByCvssOver(t *testing.T) {
 							CveID: "CVE-2017-0003",
 							CveContents: NewCveContents(
 								CveContent{
-									Type:          Oracle,
+									Type:          GitHub,
 									CveID:         "CVE-2017-0003",
-									Cvss2Severity: "IMPORTANT",
+									Cvss3Severity: "IMPORTANT",
 									LastModified:  time.Time{},
 								},
 							),
@@ -148,7 +149,7 @@ func TestFilterByCvssOver(t *testing.T) {
 							CveContent{
 								Type:          Ubuntu,
 								CveID:         "CVE-2017-0001",
-								Cvss2Severity: "HIGH",
+								Cvss3Severity: "HIGH",
 								LastModified:  time.Time{},
 							},
 						),
@@ -157,9 +158,9 @@ func TestFilterByCvssOver(t *testing.T) {
 						CveID: "CVE-2017-0002",
 						CveContents: NewCveContents(
 							CveContent{
-								Type:          RedHat,
+								Type:          Debian,
 								CveID:         "CVE-2017-0002",
-								Cvss2Severity: "CRITICAL",
+								Cvss3Severity: "CRITICAL",
 								LastModified:  time.Time{},
 							},
 						),
@@ -168,9 +169,9 @@ func TestFilterByCvssOver(t *testing.T) {
 						CveID: "CVE-2017-0003",
 						CveContents: NewCveContents(
 							CveContent{
-								Type:          Oracle,
+								Type:          GitHub,
 								CveID:         "CVE-2017-0003",
-								Cvss2Severity: "IMPORTANT",
+								Cvss3Severity: "IMPORTANT",
 								LastModified:  time.Time{},
 							},
 						),
@@ -179,13 +180,14 @@ func TestFilterByCvssOver(t *testing.T) {
 			},
 		},
 	}
-	for _, tt := range tests {
+	pp.ColoringEnabled = false
+	for i, tt := range tests {
 		actual := tt.in.rs.FilterByCvssOver(tt.in.over)
 		for k := range tt.out.ScannedCves {
 			if !reflect.DeepEqual(tt.out.ScannedCves[k], actual.ScannedCves[k]) {
 				o := pp.Sprintf("%v", tt.out.ScannedCves[k])
 				a := pp.Sprintf("%v", actual.ScannedCves[k])
-				t.Errorf("[%s] expected: %v\n  actual: %v\n", k, o, a)
+				t.Errorf("[%d: %s] expected: %v\n  actual: %v\n", i, k, o, a)
 			}
 		}
 	}