Turn gitleaks timeout error into a low vuln (#454)

globocom · Jan 6, 2020 · e0bf1c4 · e0bf1c4
1 parent 37a07a3
commit e0bf1c4
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/api/securitytest/gitleaks.go b/api/securitytest/gitleaks.go
@@ -42,7 +42,7 @@ func analyseGitleaks(gitleaksScan *SecTestScanInfo) error {
 		return nil
 	}
 
-	// if gitleaks timeout, a warning will be generated as a nosec vuln
+	// if gitleaks timeout, a warning will be generated as a low vuln
 	gitleaksTimeout := strings.Contains(gitleaksScan.Container.COutput, "ERROR_TIMEOUT_GITLEAKS")
 	if gitleaksTimeout {
 		gitleaksScan.GitleaksTimeout = true
@@ -83,21 +83,21 @@ func (gitleaksScan *SecTestScanInfo) prepareGitleaksVulns() {
 		gitleaksVuln := types.HuskyCIVulnerability{}
 		gitleaksVuln.Language = "Generic"
 		gitleaksVuln.SecurityTool = "Gitleaks"
-		gitleaksVuln.Severity = "nosec"
+		gitleaksVuln.Severity = "low"
 		gitleaksVuln.Details = "It looks like your project is too big and huskyCI was not able to run Gitleaks."
 
-		gitleaksScan.Vulnerabilities.NoSecVulns = append(gitleaksScan.Vulnerabilities.NoSecVulns, gitleaksVuln)
+		gitleaksScan.Vulnerabilities.LowVulns = append(gitleaksScan.Vulnerabilities.LowVulns, gitleaksVuln)
 		return
 	}
 
 	if gitleaksScan.GitleaksErrorRunning {
 		gitleaksVuln := types.HuskyCIVulnerability{}
 		gitleaksVuln.Language = "Generic"
 		gitleaksVuln.SecurityTool = "Gitleaks"
-		gitleaksVuln.Severity = "nosec"
+		gitleaksVuln.Severity = "low"
 		gitleaksVuln.Details = "Internal error running Gitleaks."
 
-		gitleaksScan.Vulnerabilities.NoSecVulns = append(gitleaksScan.Vulnerabilities.NoSecVulns, gitleaksVuln)
+		gitleaksScan.Vulnerabilities.LowVulns = append(gitleaksScan.Vulnerabilities.LowVulns, gitleaksVuln)
 		return
 	}