From e13edc74645928f1ae3511698902292e9cc11255 Mon Sep 17 00:00:00 2001 From: Bidaya0 Date: Wed, 19 Jan 2022 14:56:34 +0800 Subject: [PATCH] Bug/package sha1 and vul level bug (#128) * Update entrypoint.sh * merge main * fix: python package sha1 and vul_level bug * fix: python package sha1 and vul_level bug --- core/tasks.py | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/core/tasks.py b/core/tasks.py index ea6e033..38599e9 100644 --- a/core/tasks.py +++ b/core/tasks.py @@ -39,6 +39,7 @@ from core.plugins.export_report import ExportPort from dongtai.models.project_report import ProjectReport import requests +from hashlib import sha1 LANGUAGE_MAP = { "JAVA": 1, @@ -399,7 +400,7 @@ def sca_scan_asset(asset): if len(levels) > 0: - if 'high' in levels: + if 'critical' in levels: level = 'high' elif 'high' in levels: level = 'high' @@ -409,7 +410,8 @@ def sca_scan_asset(asset): level = 'low' else: level = 'info' - + else: + level = 'info' new_level = IastVulLevel.objects.get(name=level) if asset.level != new_level: asset.level = IastVulLevel.objects.get(name=level) @@ -450,6 +452,7 @@ def update_one_sca(agent_id, package_path, package_signature, package_name, pack asset_count = Asset.objects.values("id").filter(signature_value=package_signature, agent__in=current_version_agents).count() else: + package_signature = sha_1('-'.join([package_name, version])) asset_count = Asset.objects.values("id").filter(package_name=package_name, version=version, agent__in=current_version_agents).count() @@ -499,6 +502,10 @@ def update_all_sca(): except Exception as e: logger.error(f'SCA离线检测出错,错误原因:{e}') +def sha_1(raw): + h = sha1() + h.update(raw.encode('utf-8')) + return h.hexdigest() def is_alive(agent_id, timestamp): """