Remove thirdPartyApplicabilityScan and multiScanId as requested by st…

…atic analysis #1035
jfrog · Dec 10, 2023 · d54ffd4 · d54ffd4
1 parent 2694347
commit d54ffd4
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 9 deletions.
diff --git a/xray/commands/audit/jas/applicability/applicabilitymanager.go b/xray/commands/audit/jas/applicability/applicabilitymanager.go
@@ -67,8 +67,8 @@ func RunApplicabilityScan(xrayResults []services.ScanResponse, directDependencie
 // bool: true if the user is entitled to the applicability scan, false otherwise.
 // error: An error object (if any).
 func RunApplicabilityWithScanCves(xrayResults []services.ScanResponse, cveList []string,
-	scannedTechnologies []coreutils.Technology, scanner *jas.JasScanner, thirdPartyContextualAnalysis bool) (results []*sarif.Run, err error) {
-	applicabilityScanManager := newApplicabilityScanManagerCves(xrayResults, cveList, scanner, thirdPartyContextualAnalysis)
+	scannedTechnologies []coreutils.Technology, scanner *jas.JasScanner) (results []*sarif.Run, err error) {
+	applicabilityScanManager := newApplicabilityScanManagerCves(xrayResults, cveList, scanner)
 	if err = applicabilityScanManager.scanner.Run(applicabilityScanManager); err != nil {
 		err = utils.ParseAnalyzerManagerError(utils.Applicability, err)
 		return
@@ -83,7 +83,7 @@ func newApplicabilityScanManagerCves(xrayScanResults []services.ScanResponse, cv
 		directDependenciesCves:   cveList,
 		xrayResults:              xrayScanResults,
 		scanner:                  scanner,
-		thirdPartyScan:           thirdPartyScan,
+		thirdPartyScan:           false,
 		commandType:              applicabilityDockerScanScanType,
 	}
 }

diff --git a/xray/commands/scan/jasrunner_cves.go b/xray/commands/scan/jasrunner_cves.go
@@ -14,13 +14,13 @@ import (
 )
 
 func runJasScannersAndSetResults(scanResults *utils.Results, cveList []string,
-	serverDetails *config.ServerDetails, workingDirs []string, multiScanId string, thirdPartyApplicabilityScan bool) (err error) {
+	serverDetails *config.ServerDetails, workingDirs []string) (err error) {
 
 	if serverDetails == nil || len(serverDetails.Url) == 0 {
 		log.Warn("To include 'Advanced Security' scan as part of the audit output, please run the 'jf c add' command before running this command.")
 		return
 	}
-
+	multiScanId := "" // Also empty for audit
 	scanner, err := jas.NewJasScanner(workingDirs, serverDetails, multiScanId)
 	if err != nil {
 		return
@@ -31,7 +31,7 @@ func runJasScannersAndSetResults(scanResults *utils.Results, cveList []string,
 		err = errors.Join(err, cleanup())
 	}()
 
-	scanResults.ExtendedScanResults.ApplicabilityScanResults, err = applicability.RunApplicabilityWithScanCves(scanResults.GetScaScansXrayResults(), cveList, scanResults.GetScaScannedTechnologies(), scanner, thirdPartyApplicabilityScan)
+	scanResults.ExtendedScanResults.ApplicabilityScanResults, err = applicability.RunApplicabilityWithScanCves(scanResults.GetScaScansXrayResults(), cveList, scanResults.GetScaScannedTechnologies(), scanner)
 	if err != nil {
 		fmt.Println("there was an error:", err)
 		return

diff --git a/xray/commands/scan/scan.go b/xray/commands/scan/scan.go
@@ -264,10 +264,8 @@ func (scanCmd *ScanCommand) Run() (err error) {
 
 	if scanResults.ExtendedScanResults.EntitledForJas {
 		cveList := cveListFromVulnerabilities(flatResults)
-		multiScanId := "" // Also empty for audit
-		thirdPartyApplicabilityScan := false
 		workingDirs := []string{scanCmd.spec.Files[0].Pattern}
-		scanResults.JasError = runJasScannersAndSetResults(scanResults, cveList, scanCmd.serverDetails, workingDirs, multiScanId, thirdPartyApplicabilityScan)
+		scanResults.JasError = runJasScannersAndSetResults(scanResults, cveList, scanCmd.serverDetails, workingDirs)
 	}
 
 	if err = xrutils.NewResultsWriter(scanResults).