remove the permissionLocation finding value

Signed-off-by: Adam Korczynski <[email protected]>
ossf · Mar 11, 2024 · d90bf93 · d90bf93
1 parent 70e6661
commit d90bf93
Show file tree

Hide file tree

Showing 4 changed files with 2 additions and 8 deletions.
diff --git a/checks/evaluation/permissions.go b/checks/evaluation/permissions.go
@@ -240,7 +240,7 @@ func updateScoreAndMapFromUndeclared(undeclaredPermissions map[string]map[string
 	score float32, dl checker.DetailLogger,
 ) float32 {
 	fPath := f.Location.Path
-	if f.Values["permissionLocation"] == string(checker.PermissionLocationJob) {
+	if f.Probe == jobLevelPermissions.Probe {
 		dl.Debug(&checker.LogMessage{
 			Finding: f,
 		})
@@ -249,7 +249,7 @@ func updateScoreAndMapFromUndeclared(undeclaredPermissions map[string]map[string
 			hasWritePermissions,
 			fPath,
 			score)
-	} else if f.Values["permissionLocation"] == string(checker.PermissionLocationTop) {
+	} else if f.Probe == topLevelPermissions.Probe {
 		dl.Warn(&checker.LogMessage{
 			Finding: f,
 		})

diff --git a/probes/internal/utils/permissions/permissions.go b/probes/internal/utils/permissions/permissions.go
@@ -76,9 +76,6 @@ func CreateNegativeFinding(r checker.TokenPermission,
 			"workflow": strings.TrimPrefix(f.Location.Path, ".github/workflows/"),
 		})
 	}
-	if r.LocationType != nil {
-		f = f.WithValue("permissionLocation", string(*r.LocationType))
-	}
 	if r.Name != nil {
 		f = f.WithValue("tokenName", *r.Name)
 	}
@@ -143,7 +140,6 @@ func CreateUndeclaredFinding(probe string, fs embed.FS, r checker.TokenPermissio
 		if err != nil {
 			return nil, fmt.Errorf("create finding: %w", err)
 		}
-		f = f.WithValue("permissionLocation", string(*r.LocationType))
 	default:
 		f, err = finding.NewWith(fs, probe,
 			"could not determine the location type",

diff --git a/probes/jobLevelPermissions/impl.go b/probes/jobLevelPermissions/impl.go
@@ -91,7 +91,6 @@ func Run(raw *checker.RawResults) ([]finding.Finding, string, error) {
 		if err != nil {
 			return nil, Probe, fmt.Errorf("create finding: %w", err)
 		}
-		f = f.WithValue("permissionLocation", string(checker.PermissionLocationJob))
 		f = f.WithValue("permissionLevel", string(r.Type))
 		f = f.WithValue("tokenName", *r.Name)
 		findings = append(findings, *f)

diff --git a/probes/topLevelPermissions/impl.go b/probes/topLevelPermissions/impl.go
@@ -100,7 +100,6 @@ func Run(raw *checker.RawResults) ([]finding.Finding, string, error) {
 		if err != nil {
 			return nil, Probe, fmt.Errorf("create finding: %w", err)
 		}
-		f = f.WithValue("permissionLocation", string(checker.PermissionLocationTop))
 		f = f.WithValue("permissionLevel", string(r.Type))
 		f = f.WithValue("tokenName", tokenName)
 		findings = append(findings, *f)