lukaszraczylo/gohoarder
1
0
Fork 0
mirror of https://github.com/lukaszraczylo/gohoarder.git synced 2026-06-25 02:23:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixes

Browse Source
This commit is contained in:
Lukasz Raczylo
2026-01-02 11:49:08 +00:00
parent 3b8e171fdb
commit 1cbf6c5d9e
27 changed files with 779 additions and 384 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/metadata/interface.go
+21 -1
View File
@@ -2,6 +2,7 @@ package metadata
import (
"context"
"strings"
"time"
)
@@ -95,7 +96,7 @@ type ScanResult struct {
// Vulnerability represents a security vulnerability
type Vulnerability struct {
ID string `json:"id"` // CVE-xxx, GHSA-xxx, etc.
Severity string `json:"severity"` // critical, high, medium, low
Severity string `json:"severity"` // critical, high, moderate, low
Title string `json:"title"`
Description string `json:"description"`
References []string `json:"references"`
@@ -103,6 +104,25 @@ type Vulnerability struct {
DetectedBy []string `json:"detected_by,omitempty"` // List of scanners that detected this vulnerability
}
// NormalizeSeverity normalizes severity names to standard values
// Ensures consistent naming: CRITICAL, HIGH, MODERATE, LOW
func NormalizeSeverity(severity string) string {
normalized := strings.ToUpper(strings.TrimSpace(severity))
// Map MEDIUM to MODERATE for consistency
if normalized == "MEDIUM" {
return "MODERATE"
}
// Ensure we only return valid severity levels
switch normalized {
case "CRITICAL", "HIGH", "MODERATE", "LOW":
return normalized
default:
return "LOW" // Default unknown severities to LOW
}
}
// ScanStatus represents scan result status
type ScanStatus string
pkg/metadata/sqlite/sqlite.go
+19 -1
View File
@@ -449,7 +449,25 @@ func (s *SQLiteStore) SaveScanResult(ctx context.Context, result *metadata.ScanR
// Update package security_scanned flag
updateQuery := `UPDATE packages SET security_scanned = 1 WHERE registry = ? AND name = ? AND version = ?`
s.db.ExecContext(ctx, updateQuery, result.Registry, result.PackageName, result.PackageVersion)
updateResult, err := s.db.ExecContext(ctx, updateQuery, result.Registry, result.PackageName, result.PackageVersion)
if err != nil {
log.Warn().
Err(err).
Str("registry", result.Registry).
Str("package", result.PackageName).
Str("version", result.PackageVersion).
Msg("Failed to update security_scanned flag")
// Don't return error - scan result is already saved
} else {
rowsAffected, _ := updateResult.RowsAffected()
if rowsAffected == 0 {
log.Warn().
Str("registry", result.Registry).
Str("package", result.PackageName).
Str("version", result.PackageVersion).
Msg("Package not found when updating security_scanned flag - possibly name mismatch")
}
}
return nil
}