-
Notifications
You must be signed in to change notification settings - Fork 202
SARIF outputs issues on disabled detectors #1122
Open
Description
Environment
- ggshield version: 1.41
- Operating system (Linux, macOS, Windows): linux
- Operating system version:
- Python version:
Describe the bug
ggshield reports issues on disabled detectors in sarif format
Steps to reproduce:
- Disable generic password detector in the platform
- run ggshield scan on current directory that includes file with generic password
- see sarif output - note that there is less output than with enabled detector, but issue is still raised at "error" level in sarif
Actual result:
{
"ruleId": "Generic Password",
"level": "error",
"message": {
"text": "Secret detected: Generic Password.\nMatches: [password](0)",
"markdown": "Secret detected: [Generic Password](https://docs.gitguardian.com/secrets-detection/secrets-detection-engine/detectors/generics/generic_password)\nSecret in Secrets Manager: NO\nMatches:\n- [password](0)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "ApplicationCode/Java/sensitive%20data%20exposure/src/main/resources/application.properties"
},
"region": {
"startLine": 3,
"startColumn": 31,
"endLine": 3,
"endColumn": 35
}
}
}
],
"relatedLocations": [
{
"id": 0,
"physicalLocation": {
"artifactLocation": {
"uri": "ApplicationCode/Java/sensitive%20data%20exposure/src/main/resources/application.properties"
},
"region": {
"startLine": 3,
"startColumn": 31,
"endLine": 3,
"endColumn": 35
}
},
"message": {
"text": "password"
}
}
],
"partialFingerprints": {
"secret/v1": "8b5812a954a0a279d7f2487529c2c028eaa1763bc7fdab8756eac04aed07bd78"
}
},
Expected result:
Issues on disabled detectors should not be reported. If not possible , decrease the issue level from "error" to "note"
Metadata
Metadata
Assignees
Type
Fields
Give feedbackNo fields configured for issues without a type.