Skip to content

Commit

Permalink
fix(report): don't include empty strings in `.vulnerabilities[].ident…
Browse files Browse the repository at this point in the history
…ifiers[].url` when `gitlab.tpl` is used (#6348)
  • Loading branch information
DmitriyLewen authored Mar 24, 2024
1 parent 6c81e55 commit 1870f28
Showing 1 changed file with 9 additions and 2 deletions.
11 changes: 9 additions & 2 deletions contrib/gitlab.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -73,8 +73,11 @@
{{- /* TODO: Type not extractable - https://github.com/aquasecurity/trivy-db/pull/24 */}}
"type": "cve",
"name": "{{ .VulnerabilityID }}",
"value": "{{ .VulnerabilityID }}",
"value": "{{ .VulnerabilityID }}"
{{- /* cf. https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/e3d280d7f0862ca66a1555ea8b24016a004bb914/dist/container-scanning-report-format.json#L157-179 */}}
{{- if .PrimaryURL | regexMatch "^(https?|ftp)://.+" -}},
"url": "{{ .PrimaryURL }}"
{{- end }}
}
],
"links": [
Expand All @@ -85,9 +88,13 @@
{{- else -}}
,
{{- end -}}
{{- if . | regexMatch "^(https?|ftp)://.+" -}}
{
"url": "{{ regexFind "[^ ]+" . }}"
"url": "{{ . }}"
}
{{- else -}}
{{- $l_first = true }}
{{- end -}}
{{- end }}
]
}
Expand Down

0 comments on commit 1870f28

Please sign in to comment.