Fix security notification perform condition
As defined in util/secscan/api.py, Critical < High < Medium < Low < Negligible < Unknown. We have to send the notification if the expected level is higher than the vulnerability level, not the opposite.
This commit is contained in:
Quentin Machu
Quentin Machu
parent
7339ac976e
commit
8a539c4bc1
1 changed files with 1 additions and 1 deletions
|
|
@ -125,7 +125,7 @@ class VulnerabilityFoundEvent(NotificationEvent):
|
|||
expected_level_index = event_config['level']
|
||||
priority = PRIORITY_LEVELS[event_data['vulnerability']['priority']]
|
||||
actual_level_index = priority['index']
|
||||
return expected_level_index <= actual_level_index
|
||||
return actual_level_index <= expected_level_index
|
||||
|
||||
def get_summary(self, event_data, notification_data):
|
||||
msg = '%s vulnerability detected in repository %s in tags %s'
|
||||
|
|
|
|||
Reference in a new issue