Lower the severity of a "Unknown" vulnerability

This commit lower the actual severity of "Unknown" vulnerability to the same level of "None" Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2024-11-05 01:59:44 +01:00 · 2020-06-09 18:37:45 +08:00 · 2020-06-09 18:37:45 +08:00 · 091dbc3454
commit 091dbc3454
parent c993103e01
2 changed files with 13 additions and 2 deletions
--- a/src/pkg/scan/vuln/severity.go
+++ b/src/pkg/scan/vuln/severity.go
@ -49,7 +49,7 @@ type Severity string
 // Code returns the int code of the severity for comparing.
 func (s Severity) Code() int {
 	switch s {
-	case None:
+	case None, Unknown:
 		return 0
 	case Negligible:
 		return 1
@ -62,7 +62,7 @@ func (s Severity) Code() int {
 	case Critical:
 		return 5
 	default:
-		// Assign the highest code to the unknown severity to provide more secure protection.
+		// Assign the highest code to the unrecognized severity to provide more secure protection.
 		return 99
 	}
 }
--- a/src/pkg/scan/vuln/severity_test.go
+++ b/src/pkg/scan/vuln/severity_test.go
@ -16,6 +16,8 @@ package vuln

 import (
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )

 func TestParseSeverityVersion3(t *testing.T) {
@ -50,3 +52,12 @@ func TestParseSeverityVersion3(t *testing.T) {
 		})
 	}
 }
+
+func TestCode(t *testing.T) {
+	assert.True(t, Critical.Code() > High.Code())
+	assert.True(t, High.Code() > Medium.Code())
+	assert.True(t, Medium.Code() > Low.Code())
+	assert.True(t, Low.Code() > Negligible.Code())
+	assert.True(t, Negligible.Code() > Unknown.Code())
+	assert.True(t, Unknown.Code() == None.Code())
+}