Google Git
Sign in
go / vulndb / 20d13ad98acfbbd422fc92df533c1539c3246393^! / .
commit20d13ad98acfbbd422fc92df533c1539c3246393[log] [tgz]
authorTatiana Bradley <tatianabradley@google.com>Tue Oct 15 14:55:56 2024 -0400
committerGopher Robot <gobot@golang.org>Wed Oct 16 15:23:33 2024 +0000
tree985b86d786abd99fb7e2be0cb63a0e261082425d
parentebbdcbcbe8fb217dfb269bddab22d5d3496ce2ec [diff]
internal/report: add single-report priority override

Change-Id: Icc3df6dc395a05e834c342f2ca7f848299e23f81
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/620356
Reviewed-by: Maceo Thompson <maceothompson@google.com>
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

diff --git a/all_test.go b/all_test.go
index 83fa59a..83c6142 100644
--- a/all_test.go
+++ b/all_test.go

@@ -140,7 +140,7 @@
 			// This can happen because the initial quick triage algorithm
 			// doesn't know about all affected modules - just the one
 			// listed in the Github issue.
-			if r.IsUnreviewed() {
+			if r.IsUnreviewed() && !r.UnreviewedOK {
 				pr, _ := priority.AnalyzeReport(r, rc, modulesToImports)
 				if pr.Priority == priority.High {
 					t.Errorf("UNREVIEWED report %s is high priority (should be REVIEWED) - reason: %s", filename, pr.Reason)

diff --git a/data/reports/GO-2024-3171.yaml b/data/reports/GO-2024-3171.yaml
index d26185d..edbbef7 100644
--- a/data/reports/GO-2024-3171.yaml
+++ b/data/reports/GO-2024-3171.yaml

@@ -21,3 +21,4 @@
     id: GHSA-mc76-5925-c5p6
     created: 2024-10-11T13:24:14.982923-04:00
 review_status: UNREVIEWED
+unreviewed_ok: true

diff --git a/internal/report/report.go b/internal/report/report.go
index 65d1c47..d3ac7c3 100644
--- a/internal/report/report.go
+++ b/internal/report/report.go

@@ -372,6 +372,9 @@
 	SourceMeta *SourceMeta `yaml:"source,omitempty"`
 
 	ReviewStatus ReviewStatus `yaml:"review_status,omitempty"`
+	// Allow this report to be UNREVIEWED regardless of it's modules'
+	// priorities.
+	UnreviewedOK bool `yaml:"unreviewed_ok,omitempty"`
 
 	// (For unexcluded reports) The reason this report was previously
 	// excluded. Not published to OSV.

diff --git a/internal/triage/priority/priority.go b/internal/triage/priority/priority.go
index 5b535a9..f800cc8 100644
--- a/internal/triage/priority/priority.go
+++ b/internal/triage/priority/priority.go

@@ -95,8 +95,6 @@
 	// information without intervention.
 	"github.com/argoproj/argo-cd":    Low,
 	"github.com/argoproj/argo-cd/v2": Low,
-	// For #3171
-	"github.com/containers/common": Low,
 }
 
 func priority(mp string, importers int, sc map[reportState]int) *Result {