Merge branch 'main' into CM-42771-support-ignore-files

cycodehq · Dec 13, 2024 · 5c819e3 · 5c819e3
2 parents 4fbf23b + 2f2759b
commit 5c819e3
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 11 deletions.
diff --git a/cycode/cli/commands/scan/code_scanner.py b/cycode/cli/commands/scan/code_scanner.py
@@ -627,7 +627,10 @@ def get_document_detections(
 
 
 def exclude_irrelevant_document_detections(
-    document_detections_list: List[DocumentDetections], scan_type: str, command_scan_type: str, severity_threshold: str
+    document_detections_list: List[DocumentDetections],
+    scan_type: str,
+    command_scan_type: str,
+    severity_threshold: str,
 ) -> List[DocumentDetections]:
     relevant_document_detections_list = []
     for document_detections in document_detections_list:
@@ -717,9 +720,6 @@ def exclude_irrelevant_detections(
 
 
 def _exclude_detections_by_severity(detections: List[Detection], severity_threshold: str) -> List[Detection]:
-    if severity_threshold is None:
-        return detections
-
     relevant_detections = []
     for detection in detections:
         severity = detection.detection_details.get('advisory_severity')

diff --git a/cycode/cli/commands/scan/scan_command.py b/cycode/cli/commands/scan/scan_command.py
@@ -65,7 +65,7 @@
 )
 @click.option(
     '--severity-threshold',
-    default=None,
+    default=Severity.INFO.name,
     help='Show violations only for the specified level or higher.',
     type=click.Choice([e.name for e in Severity]),
     required=False,

diff --git a/cycode/cli/models.py b/cycode/cli/models.py
@@ -33,6 +33,9 @@ def __repr__(self) -> str:
         return 'document:{0}, detections:{1}'.format(self.document, self.detections)
 
 
+SEVERITY_UNKNOWN_WEIGHT = -2
+
+
 class Severity(Enum):
     INFO = -1
     LOW = 0
@@ -42,18 +45,19 @@ class Severity(Enum):
     CRITICAL = 3
 
     @staticmethod
-    def try_get_value(name: str) -> any:
+    def try_get_value(name: str) -> Optional[int]:
         name = name.upper()
         if name not in Severity.__members__:
             return None
 
         return Severity[name].value
 
     @staticmethod
-    def get_member_weight(name: str) -> any:
+    def get_member_weight(name: str) -> int:
         weight = Severity.try_get_value(name)
-        if weight is None:  # if License Compliance
-            return -2
+        if weight is None:  # unknown severity
+            return SEVERITY_UNKNOWN_WEIGHT
+
         return weight
 
 

diff --git a/cycode/cli/printers/tables/sca_table_printer.py b/cycode/cli/printers/tables/sca_table_printer.py
@@ -4,7 +4,7 @@
 import click
 
 from cycode.cli.consts import LICENSE_COMPLIANCE_POLICY_ID, PACKAGE_VULNERABILITY_POLICY_ID
-from cycode.cli.models import Detection, Severity
+from cycode.cli.models import SEVERITY_UNKNOWN_WEIGHT, Detection, Severity
 from cycode.cli.printers.tables.table import Table
 from cycode.cli.printers.tables.table_models import ColumnInfoBuilder, ColumnWidths
 from cycode.cli.printers.tables.table_printer_base import TablePrinterBase
@@ -73,7 +73,10 @@ def __group_by(detections: List[Detection], details_field_name: str) -> Dict[str
     @staticmethod
     def __severity_sort_key(detection: Detection) -> int:
         severity = detection.detection_details.get('advisory_severity')
-        return Severity.get_member_weight(severity)
+        if severity:
+            return Severity.get_member_weight(severity)
+
+        return SEVERITY_UNKNOWN_WEIGHT
 
     def _sort_detections_by_severity(self, detections: List[Detection]) -> List[Detection]:
         return sorted(detections, key=self.__severity_sort_key, reverse=True)