diff --git a/git_test.go b/git_test.go index b8033ae47..1917935ec 100644 --- a/git_test.go +++ b/git_test.go @@ -290,8 +290,8 @@ func TestGitAuditJasSkipNotApplicableCvesViolations(t *testing.T) { xrayVersion, xscVersion, "", validations.ValidationParams{ Violations: &validations.ViolationCount{ - ValidateScan: &validations.ScanCount{Sca: 6, Sast: 2, Secrets: 2}, - ValidateApplicabilityStatus: &validations.ApplicabilityStatusCount{NotCovered: 6, Inactive: 2}, + ValidateScan: &validations.ScanCount{Sca: 5, Sast: 2, Secrets: 2}, + ValidateApplicabilityStatus: &validations.ApplicabilityStatusCount{NotCovered: 5, Inactive: 2}, }, ExactResultsMatch: true, }, diff --git a/jas/analyzermanager.go b/jas/analyzermanager.go index d93c5ec18..2d529bc20 100644 --- a/jas/analyzermanager.go +++ b/jas/analyzermanager.go @@ -23,7 +23,7 @@ import ( const ( ApplicabilityFeatureId = "contextual_analysis" AnalyzerManagerZipName = "analyzerManager.zip" - defaultAnalyzerManagerVersion = "1.27.0" + defaultAnalyzerManagerVersion = "1.29.0" analyzerManagerDownloadPath = "xsc-gen-exe-analyzer-manager-local/v1" analyzerManagerDirName = "analyzerManager" analyzerManagerExecutableName = "analyzerManager" diff --git a/utils/results/common.go b/utils/results/common.go index 5cd34e72d..8af0c8cd4 100644 --- a/utils/results/common.go +++ b/utils/results/common.go @@ -62,6 +62,11 @@ func ForEachJasIssue(runs []*sarif.Run, entitledForJas bool, handler ParseJasIss } for _, run := range runs { for _, result := range run.Results { + if result.Kind == "informational" { + // The specified rule was evaluated and produced a purely informational result that does not indicate the presence of a problem + log.Verbose(fmt.Sprintf("Skipping informational result with rule id: %s", sarifutils.GetResultRuleId(result))) + continue + } severity, err := severityutils.ParseSeverity(result.Level, true) if err != nil { return err