Skip to content

Commit bccd932

Browse files
committed
Fix: Preserve scan status codes in merged results
When merging SCA and JAS diff results, the ResultsStatus field was not being copied, causing all status codes (SastStatusCode, IacStatusCode, etc.) to remain nil. This resulted in Frogbot displaying 'Not Scanned' for JAS scans even when they ran successfully but produced 0 new findings after diff. Now properly merging SCA status codes (including ContextualAnalysis) and JAS-only status codes (SAST, Secrets, IaC) into the unified results.
1 parent 0b35329 commit bccd932

2 files changed

Lines changed: 22 additions & 0 deletions

File tree

  • tests/testdata/projects/package-managers/go/curation-project
  • utils/results
Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
2+
rsc.io/quote v1.5.2/go.mod h1:LzX7hefJvL54yjefDEDHNONDjII0t9xZLPXsUe+TKr0=
3+
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=

utils/results/diff.go

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,25 @@ func MergeScaAndJasResults(scaResults, jasDiffResults *SecurityCommandResults) *
3232
AppsConfigModule: scaTarget.AppsConfigModule,
3333
ScaResults: scaTarget.ScaResults,
3434
JasResults: scaTarget.JasResults,
35+
ResultsStatus: scaTarget.ResultsStatus, // Preserve SCA scan status
36+
}
37+
38+
// Merge JAS status codes if JAS scans were performed
39+
// Note: ContextualAnalysis is part of SCA, not JAS, so we don't override it here
40+
if jasTarget != nil {
41+
// JAS status codes take precedence (they include the JAS scan results)
42+
if jasTarget.ResultsStatus.SastScanStatusCode != nil {
43+
unifiedTarget.ResultsStatus.SastScanStatusCode = jasTarget.ResultsStatus.SastScanStatusCode
44+
}
45+
if jasTarget.ResultsStatus.IacScanStatusCode != nil {
46+
unifiedTarget.ResultsStatus.IacScanStatusCode = jasTarget.ResultsStatus.IacScanStatusCode
47+
}
48+
if jasTarget.ResultsStatus.SecretsScanStatusCode != nil {
49+
unifiedTarget.ResultsStatus.SecretsScanStatusCode = jasTarget.ResultsStatus.SecretsScanStatusCode
50+
}
51+
if jasTarget.ResultsStatus.MaliciousScanStatusCode != nil {
52+
unifiedTarget.ResultsStatus.MaliciousScanStatusCode = jasTarget.ResultsStatus.MaliciousScanStatusCode
53+
}
3554
}
3655

3756
if jasTarget != nil && jasTarget.JasResults != nil {

0 commit comments

Comments
 (0)