Merge pull request #9 from atanev/main

Update severity mapping between trivy and SonarQube
umax · Jan 22, 2025 · 0907fc6 · 0907fc6
2 parents 375a3d6 + e28b1d7
commit 0907fc6
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 6 deletions.
diff --git a/sonarqube.py b/sonarqube.py
@@ -6,11 +6,11 @@
 
 LOG_PREFIX = "[trivy][plugins][sonarqube]"
 TRIVY_SONARQUBE_SEVERITY = {
-    "UNKNOWN": "LOW",
+    "UNKNOWN": "INFO",
     "LOW": "LOW",
-    "MEDIUM": "LOW",
-    "HIGH": "MEDIUM",
-    "CRITICAL": "HIGH",
+    "MEDIUM": "MEDIUM",
+    "HIGH": "HIGH",
+    "CRITICAL": "BLOCKER",
 }
 
 

diff --git a/tests.py b/tests.py
@@ -116,7 +116,7 @@ def test_file_path_override(self):
                     'cleanCodeAttribute': 'LOGICAL',
                     'impacts': [{
                          'softwareQuality': 'SECURITY',
-                         'severity': 'HIGH'
+                         'severity': 'BLOCKER'
                     }]
                 }
             ],
@@ -176,7 +176,7 @@ def test_no_file_path_override(self):
                     'cleanCodeAttribute': 'LOGICAL',
                     'impacts': [{
                          'softwareQuality': 'SECURITY',
-                         'severity': 'HIGH'
+                         'severity': 'BLOCKER'
                     }]
                 }
             ],