in src/safety_report_generator.py [0:0]
def process_report(self):
"""
Once all the packages (safe and unsafe both) have been inserted in the vulnerability_dict, this method is called.
On being called, it processes each package within the vulnerability_dict and appends it to the vulnerability_list.
Before appending it checks if the scan_status is "TBD". If yes, it assigns the correct scan_status to the package.
"""
for package, package_scan_results in self.vulnerability_dict.items():
if package_scan_results["scan_status"] == "TBD":
if (
len(package_scan_results["vulnerabilities"])
== self.ignored_vulnerability_count[package]
):
package_scan_results["scan_status"] = "IGNORED"
else:
## If autopatch, confirm if the package is not deactivated. If it is, add it to vulnerabilities_to_be_added_to_ignore_list and call it IGNORED
## else call the package as failed itself
package_scan_results["scan_status"] = "FAILED"
if is_autopatch_build_enabled(buildspec_path=self.image_info["buildspec_path"]):
ignored_package_dict = self.get_autopatched_dumped_ignore_dict_of_packages()
if package in ignored_package_dict:
ignore_message = f"""[Package: {package}] Conflicts for: {",".join(ignored_package_dict.get(package).keys())}"""
package_scan_results["scan_status"] = "IGNORED"
print(f"Failed Package: {package} is being ALLOWLISTED")
for vulnerability in package_scan_results["vulnerabilities"]:
if vulnerability["reason_to_ignore"] == "N/A":
vulnerability["reason_to_ignore"] = ignore_message
vulnerability["ignored"] = True
self.vulnerabilities_to_be_added_to_ignore_list[
vulnerability["vulnerability_id"]
] = ignore_message
self.vulnerability_list.append(package_scan_results)