🎉 Add fix_available to AnchoreCTL (#13062)

manuel-sommer · web-flow · commit 90efc0f96a14 · 2025-08-29T14:46:55.000-06:00
diff --git a/dojo/tools/anchorectl_vulns/parser.py b/dojo/tools/anchorectl_vulns/parser.py
@@ -58,10 +58,12 @@ def get_findings(self, filename, test):
                 mitigation = (
                     "Upgrade to " + item["packageName"] + " " + item["fix"] + "\n"
                 )
+                fix_available = True
             else:
                 mitigation = (
                     "No fix available" + "\n"
                 )
+                fix_available = False
 
             cvssv3_base_score = None
             if item["feed"] == "nvdv2" or item["feed"] == "vulnerabilities":
@@ -124,6 +126,7 @@ def get_findings(self, filename, test):
                     component_version=item["packageVersion"],
                     url=item.get("url"),
                     static_finding=True,
+                    fix_available=fix_available,
                     dynamic_finding=False,
                     vuln_id_from_tool=item.get("vuln"),
                 )
diff --git a/unittests/tools/test_anchorectl_vulns_parser.py b/unittests/tools/test_anchorectl_vulns_parser.py
@@ -25,3 +25,7 @@ def test_anchore_engine_parser_has_many_findings(self):
             parser = AnchoreCTLVulnsParser()
             findings = parser.get_findings(testfile, Test())
             self.assertEqual(23, len(findings))
+            singleFinding = findings[0]
+            self.assertEqual(singleFinding.fix_available, False)
+            singleFinding = findings[3]
+            self.assertEqual(singleFinding.fix_available, True)

Original file line number	Diff line number	Diff line change
`@@ -58,10 +58,12 @@ def get_findings(self, filename, test):`
`58`	`58`	`mitigation = (`
`59`	`59`	`"Upgrade to " + item["packageName"] + " " + item["fix"] + "\n"`
`60`	`60`	`)`
	`61`	`+ fix_available = True`
`61`	`62`	`else:`
`62`	`63`	`mitigation = (`
`63`	`64`	`"No fix available" + "\n"`
`64`	`65`	`)`
	`66`	`+ fix_available = False`
`65`	`67`
`66`	`68`	`cvssv3_base_score = None`
`67`	`69`	`if item["feed"] == "nvdv2" or item["feed"] == "vulnerabilities":`
`@@ -124,6 +126,7 @@ def get_findings(self, filename, test):`
`124`	`126`	`component_version=item["packageVersion"],`
`125`	`127`	`url=item.get("url"),`
`126`	`128`	`static_finding=True,`
	`129`	`+ fix_available=fix_available,`
`127`	`130`	`dynamic_finding=False,`
`128`	`131`	`vuln_id_from_tool=item.get("vuln"),`
`129`	`132`	`)`