Merge pull request #6959 from Checkmarx/replace-new-severities-with-old

feat(kics): change all tests and appearances of new severity to old severity

.github/scripts/queries-validator/metadata-schema.json

@@ -42,6 +42,16 @@
                 "INFO"
             ]
         },
+        "oldSeverity": {
+            "type": "string",
+            "enum": [
+                "TRACE",
+                "HIGH",
+                "MEDIUM",
+                "LOW",
+                "INFO"
+            ]
+        },
         "category": {
             "type": "string",
             "enum": [

docs/commands.md

@@ -40,7 +40,7 @@ Use "kics [command] --help" for more information about a command.
 |-m, --bom                           |include bill of materials (BoM) in results output|
 |      --cloud-provider strings      |  list of cloud providers to scan (alicloud, aws, azure, gcp, nifcloud, tencentcloud)|
 |      --config string               |  path to configuration file|
-|      --new-severities              |  use new severities in query results |
+|      --old-severities              |  uses old severities in query results|
 |      --disable-full-descriptions   |  disable request for full descriptions and use default vulnerability descriptions|
 |      --disable-secrets             |  disable secrets scanning|
 |      --enable-openapi-refs         |  resolve the file reference, on OpenAPI files (default [false])|
@@ -62,7 +62,7 @@ Use "kics [command] --help" for more information about a command.
 |      --no-progress                 |  hides the progress bar|
 |      --output-name string          |  name used on report creations (default "results")|
 |  -o, --output-path string          |  directory path to store reports|
-|      --parallel                    |  number of workers per platform enabled for parallel scanning, set 0 to auto-detect parallelism (default 1)|
+|      --parallel                    |  number of workers per platform enabled for parallel scanning (default set to 0 to auto-detect optimal number of workers)|
 |  -p, --path strings                |  paths or directories to scan<br>example: "./somepath,somefile.txt"|
 |      --payload-lines               |  adds line information inside the payload when printing the payload file|
 |  -d, --payload-path string         |  path to store internal representation JSON file|

docs/dockerhub.md

@@ -84,7 +84,7 @@ Flags:
   -m, --bom                           include bill of materials (BoM) in results output
       --cloud-provider strings        list of cloud providers to scan (alicloud, aws, azure, gcp)
       --config string                 path to configuration file
-      --new-severities                use new severities in query results
+      --old-severities                use old severities in query results (excludes critical severity)
       --disable-full-descriptions     disable request for full descriptions and use default vulnerability descriptions
       --disable-secrets               disable secrets scanning
       --enable-openapi-refs           resolve the file reference, on OpenAPI files (default [false]) 

e2e/fixtures/E2E_CLI_093_RESULT.json

@@ -23,8 +23,8 @@
   "start": "2024-01-31T15:46:25.2714687Z",
   "end": "2024-01-31T15:46:25.5747871Z",
   "paths": [
-    "/path/test/fixtures/test_new_severity/test",
-    "/path/test/fixtures/test_new_severity/info"
+    "/path/test/fixtures/test_old_severity/test",
+    "/path/test/fixtures/test_old_severity/info"
   ],
   "queries": [
     {
@@ -39,7 +39,7 @@
       "description_id": "02044a75",
       "files": [
         {
-          "file_name": "path\\test\\fixtures\\test_new_severities\\test\\positive1.yaml",
+          "file_name": "path\\test\\fixtures\\test_old_severities\\test\\positive1.yaml",
           "similarity_id": "2197922dab336742ff58010e01218006c9b2c930a840018ef8b42fb1284f2a45",
           "line": 10,
           "issue_type": "IncorrectValue",
@@ -50,7 +50,7 @@
           "actual_value": "Run block contains dangerous input controlled by user."
         },
         {
-          "file_name": "path\\test\\fixtures\\test_new_severities\\test\\positive1.yaml",
+          "file_name": "path\\test\\fixtures\\test_old_severities\\test\\positive1.yaml",
           "similarity_id": "efac914cab5fb466570dd3a71ee3edd8197a15928c56c2aabff00f54d05c5e6d",
           "line": 10,
           "issue_type": "IncorrectValue",

e2e/fixtures/E2E_CLI_093_RESULT_2.json

@@ -23,8 +23,8 @@
 	"start": "2024-01-31T15:46:25.2714687Z",
 	"end": "2024-01-31T15:46:25.5747871Z",
 	"paths": [
-    "/path/test/fixtures/test_new_severity/test",
-    "/path/test/fixtures/test_new_severity/low"
+    "/path/test/fixtures/test_old_severity/test",
+    "/path/test/fixtures/test_old_severity/low"
 	],
 	"queries": [
 		{
@@ -39,7 +39,7 @@
 			"description_id": "02044a75",
 			"files": [
         {
-          "file_name": "path\\test\\fixtures\\test_new_severities\\test\\positive1.yaml",
+          "file_name": "path\\test\\fixtures\\test_old_severities\\test\\positive1.yaml",
           "similarity_id": "2197922dab336742ff58010e01218006c9b2c930a840018ef8b42fb1284f2a45",
           "line": 10,
           "issue_type": "IncorrectValue",
@@ -50,7 +50,7 @@
           "actual_value": "Run block contains dangerous input controlled by user."
         },
         {
-          "file_name": "path\\test\\fixtures\\test_new_severities\\test\\positive1.yaml",
+          "file_name": "path\\test\\fixtures\\test_old_severities\\test\\positive1.yaml",
           "similarity_id": "efac914cab5fb466570dd3a71ee3edd8197a15928c56c2aabff00f54d05c5e6d",
           "line": 10,
           "issue_type": "IncorrectValue",

e2e/fixtures/E2E_CLI_093_RESULT_3.json

@@ -23,8 +23,8 @@
 	"start": "2024-01-31T15:46:25.2714687Z",
 	"end": "2024-01-31T15:46:25.5747871Z",
 	"paths": [
-    "/path/test/fixtures/test_new_severity/test",
-    "/path/test/fixtures/test_new_severity/medium"
+    "/path/test/fixtures/test_old_severity/test",
+    "/path/test/fixtures/test_old_severity/medium"
 	],
 	"queries": [
 		{
@@ -39,7 +39,7 @@
 			"description_id": "02044a75",
 			"files": [
         {
-          "file_name": "path\\test\\fixtures\\test_new_severities\\test\\positive1.yaml",
+          "file_name": "path\\test\\fixtures\\test_old_severities\\test\\positive1.yaml",
           "similarity_id": "2197922dab336742ff58010e01218006c9b2c930a840018ef8b42fb1284f2a45",
           "line": 10,
           "issue_type": "IncorrectValue",
@@ -50,7 +50,7 @@
           "actual_value": "Run block contains dangerous input controlled by user."
         },
         {
-          "file_name": "path\\test\\fixtures\\test_new_severities\\test\\positive1.yaml",
+          "file_name": "path\\test\\fixtures\\test_old_severities\\test\\positive1.yaml",
           "similarity_id": "efac914cab5fb466570dd3a71ee3edd8197a15928c56c2aabff00f54d05c5e6d",
           "line": 10,
           "issue_type": "IncorrectValue",

e2e/fixtures/E2E_CLI_093_RESULT_4.json

@@ -23,8 +23,8 @@
 	"start": "2024-01-31T15:46:25.2714687Z",
 	"end": "2024-01-31T15:46:25.5747871Z",
 	"paths": [
-    "/path/test/fixtures/test_new_severity/test",
-    "/path/test/fixtures/test_new_severity/high"
+    "/path/test/fixtures/test_old_severity/test",
+    "/path/test/fixtures/test_old_severity/high"
 	],
 	"queries": [
 		{
@@ -39,7 +39,7 @@
 			"description_id": "02044a75",
 			"files": [
         {
-          "file_name": "path\\test\\fixtures\\test_new_severities\\test\\positive1.yaml",
+          "file_name": "path\\test\\fixtures\\test_old_severities\\test\\positive1.yaml",
           "similarity_id": "2197922dab336742ff58010e01218006c9b2c930a840018ef8b42fb1284f2a45",
           "line": 10,
           "issue_type": "IncorrectValue",
@@ -50,7 +50,7 @@
           "actual_value": "Run block contains dangerous input controlled by user."
         },
         {
-          "file_name": "path\\test\\fixtures\\test_new_severities\\test\\positive1.yaml",
+          "file_name": "path\\test\\fixtures\\test_old_severities\\test\\positive1.yaml",
           "similarity_id": "efac914cab5fb466570dd3a71ee3edd8197a15928c56c2aabff00f54d05c5e6d",
           "line": 10,
           "issue_type": "IncorrectValue",

e2e/fixtures/E2E_CLI_093_RESULT_5.json

@@ -23,8 +23,8 @@
 	"start": "2024-01-31T15:46:25.2714687Z",
 	"end": "2024-01-31T15:46:25.5747871Z",
 	"paths": [
-    "/path/test/fixtures/test_new_severity/test",
-    "/path/test/fixtures/test_new_severity/critical"
+    "/path/test/fixtures/test_old_severity/test",
+    "/path/test/fixtures/test_old_severity/critical"
 	],
 	"queries": [
 		{
@@ -39,7 +39,7 @@
 			"description_id": "02044a75",
 			"files": [
         {
-          "file_name": "path\\test\\fixtures\\test_new_severities\\test\\positive1.yaml",
+          "file_name": "path\\test\\fixtures\\test_old_severities\\test\\positive1.yaml",
           "similarity_id": "2197922dab336742ff58010e01218006c9b2c930a840018ef8b42fb1284f2a45",
           "line": 10,
           "issue_type": "IncorrectValue",
@@ -50,7 +50,7 @@
           "actual_value": "Run block contains dangerous input controlled by user."
         },
         {
-          "file_name": "path\\test\\fixtures\\test_new_severities\\test\\positive1.yaml",
+          "file_name": "path\\test\\fixtures\\test_old_severities\\test\\positive1.yaml",
           "similarity_id": "efac914cab5fb466570dd3a71ee3edd8197a15928c56c2aabff00f54d05c5e6d",
           "line": 10,
           "issue_type": "IncorrectValue",

e2e/fixtures/assets/scan_help

@@ -45,11 +45,11 @@ Flags:
   -b, --libraries-path string         path to directory with libraries (default "./assets/libraries")
       --max-file-size int             max file size permitted for scanning, in MB (default 5)
       --minimal-ui                    simplified version of CLI output
-      --new-severities                use new severities in query results
       --no-progress                   hides the progress bar
+      --old-severities                uses old severities in query results
       --output-name string            name used on report creations (default "results")
   -o, --output-path string            directory path to store reports
-      --parallel int                  number of workers per platform enabled for parallel scanning, set 0 to auto-detect parallelism (default 1)
+      --parallel int                  number of workers per platform enabled for parallel scanning (default set to 0 to auto-detect optimal number of workers)
   -p, --path strings                  paths or directories to scan
                                       example: "./somepath,somefile.txt"
       --payload-lines                 adds line information inside the payload when printing the payload file

e2e/testcases/e2e-cli-093_new_severity_metadata_field.go → e2e/testcases/e2e-cli-093_old_severity_metadata_field.go

@@ -1,20 +1,20 @@
 package testcases
 
-var stringToTest = "should perform a scans successfully giving results with new severity and return exit code "
+var stringToTest = "should perform a scans successfully giving results with old severity and return exit code "
 
-// E2E-CLI-093 - KICS scan with new severity metadata field
-// should perform a scan successfully giving results with new severity metadata field and return exit code according to the severity
+// E2E-CLI-093 - KICS scan with old severity metadata field
+// should perform a scan successfully giving results with old severity metadata field and return exit code according to the severity
 func init() { //nolint
 	testSample01 := TestCase{
 		Name: stringToTest +
-			"according to new severity [E2E-CLI-093_1]",
+			"according to old severity [E2E-CLI-093_1]",
 		Args: args{
 			Args: []cmdArgs{
 				[]string{"scan", "-o", "/path/e2e/output",
 					"--output-name", "E2E_CLI_093_RESULT",
-					"-p", "\"/path/test/fixtures/test_new_severity/test\"",
-					"-q", "\"/path/test/fixtures/test_new_severity/info\"",
-					"--new-severities",
+					"-p", "\"/path/test/fixtures/test_old_severity/test\"",
+					"-q", "\"/path/test/fixtures/test_old_severity/info\"",
+					"--old-severities",
 				},
 			},
 			ExpectedResult: []ResultsValidation{
@@ -27,14 +27,14 @@ func init() { //nolint
 	}
 	testSample02 := TestCase{
 		Name: stringToTest +
-			"according to new severity [E2E-CLI-093_2]",
+			"according to old severity [E2E-CLI-093_2]",
 		Args: args{
 			Args: []cmdArgs{
 				[]string{"scan", "-o", "/path/e2e/output",
 					"--output-name", "E2E_CLI_093_RESULT_2",
-					"-p", "\"/path/test/fixtures/test_new_severity/test\"",
-					"-q", "\"/path/test/fixtures/test_new_severity/low\"",
-					"--new-severities",
+					"-p", "\"/path/test/fixtures/test_old_severity/test\"",
+					"-q", "\"/path/test/fixtures/test_old_severity/low\"",
+					"--old-severities",
 				},
 			},
 			ExpectedResult: []ResultsValidation{
@@ -47,14 +47,14 @@ func init() { //nolint
 	}
 	testSample03 := TestCase{
 		Name: stringToTest +
-			"according to new severity [E2E-CLI-093_3]",
+			"according to old severity [E2E-CLI-093_3]",
 		Args: args{
 			Args: []cmdArgs{
 				[]string{"scan", "-o", "/path/e2e/output",
 					"--output-name", "E2E_CLI_093_RESULT_3",
-					"-p", "\"/path/test/fixtures/test_new_severity/test\"",
-					"-q", "\"/path/test/fixtures/test_new_severity/medium\"",
-					"--new-severities",
+					"-p", "\"/path/test/fixtures/test_old_severity/test\"",
+					"-q", "\"/path/test/fixtures/test_old_severity/medium\"",
+					"--old-severities",
 				},
 			},
 			ExpectedResult: []ResultsValidation{
@@ -67,14 +67,14 @@ func init() { //nolint
 	}
 	testSample04 := TestCase{
 		Name: stringToTest +
-			"according to new severity [E2E-CLI-093_4]",
+			"according to old severity [E2E-CLI-093_4]",
 		Args: args{
 			Args: []cmdArgs{
 				[]string{"scan", "-o", "/path/e2e/output",
 					"--output-name", "E2E_CLI_093_RESULT_4",
-					"-p", "\"/path/test/fixtures/test_new_severity/test\"",
-					"-q", "\"/path/test/fixtures/test_new_severity/high\"",
-					"--new-severities",
+					"-p", "\"/path/test/fixtures/test_old_severity/test\"",
+					"-q", "\"/path/test/fixtures/test_old_severity/high\"",
+					"--old-severities",
 				},
 			},
 			ExpectedResult: []ResultsValidation{
@@ -87,19 +87,18 @@ func init() { //nolint
 	}
 	testSample05 := TestCase{
 		Name: stringToTest +
-			"according to new severity [E2E-CLI-093_5]",
+			"according to old severity [E2E-CLI-093_5]",
 		Args: args{
 			Args: []cmdArgs{
 
 				[]string{"scan", "-o", "/path/e2e/output",
 					"--output-name", "E2E_CLI_093_RESULT_5",
-					"-p", "\"/path/test/fixtures/test_new_severity/test\"",
-					"-q", "\"/path/test/fixtures/test_new_severity/critical\"",
-					"--new-severities",
+					"-p", "\"/path/test/fixtures/test_old_severity/test\"",
+					"-q", "\"/path/test/fixtures/test_old_severity/critical\"",
+					"--old-severities",
 				},
 			},
 			ExpectedResult: []ResultsValidation{
-
 				{
 					ResultsFile: "E2E_CLI_093_RESULT_5",
 				},

internal/console/assets/kics-console

@@ -1,15 +1,19 @@
-                   .0MO.                                    
-                   OMMMx                                    
-                   ;NMX;                                    
-                    ...           ...              ....     
-WMMMd     cWMMM0.  KMMMO      ;xKWMMMMNOc.     ,xXMMMMMWXkc.
-WMMMd   .0MMMN:    KMMMO    :XMMMMMMMMMMMWl   xMMMMMWMMMMMMl
-WMMMd  lWMMMO.     KMMMO   xMMMMKc...'lXMk   ,MMMMx   .;dXx 
-WMMMd.0MMMX;       KMMMO  cMMMMd        '    'MMMMNl'       
-WMMMNWMMMMl        KMMMO  0MMMN               oMMMMMMMXkl.  
-WMMMMMMMMMMo       KMMMO  0MMMX                .ckKWMMMMMM0.
-WMMMMWokMMMMk      KMMMO  oMMMMc              .     .:OMMMM0
-WMMMK.  dMMMM0.    KMMMO   KMMMMx'    ,kNc   :WOc.    .NMMMX
-WMMMd    cWMMMX.   KMMMO    kMMMMMWXNMMMMMd .WMMMMWKO0NMMMMl
-WMMMd     ,NMMMN,  KMMMO     'xNMMMMMMMNx,   .l0WMMMMMMMWk, 
-xkkk:      ,kkkkx  okkkl        ;xKXKx;          ;dOKKkc    
+
+
+   MLLLLLM             MLLLLLLLLL   LLLLLLL             KLLLLLLLLLLLLLLLL       LLLLLLLLLLLLLLLLLLLLLLL 
+   MMMMMMM           MMMMMMMMMML    MMMMMMMK       LMMMMMMMMMMMMMMMMMMMML   KLMMMMMMMMMMMMMMMMMMMMMMMMM 
+   MMMMMMM         MMMMMMMMML       MMMMMMMK     LMMMMMMMMMMMMMMMMMMMMMML  LMMMMMMMMMMMMMMMMMMMMMMMMMMM 
+   MMMMMMM      MMMMMMMMMML         MMMMMMMK   LMMMMMMMMMMMMMMMMMMMMMMMML LMMMMMMMMMMMMMMMMMMMMMMMMMMMM 
+   MMMMMMM    LMMMMMMMMML           MMMMMMMK  LMMMMMMMMMLLMLLLLLLLLLLLLLL LMMMMMMMLLLLLLLLLLLLLLLLLLLLM 
+   MMMMMMM  MMMMMMMMMLM             MMMMMMMK LMMMMMMMM                    LMMMMMML                      
+   MMMMMMMLMMMMMMMML                MMMMMMMK MMMMMMML                     LMMMMMMMMLLLLLLLLLLLLLMLL     
+   MMMMMMMMMMMMMMMM                 MMMMMMMK MMMMMML                       LMMMMMMMMMMMMMMMMMMMMMMMMML  
+   MMMMMMMMMMMMMMMMMM               MMMMMMMK MMMMMMM                         LMMMMMMMMMMMMMMMMMMMMMMMML 
+   MMMMMMM KLMMMMMMMMML             MMMMMMMK LMMMMMMM                                          MMMMMMMML
+   MMMMMMM    LMMMMMMMMMM           MMMMMMMK LMMMMMMMMLL                                        MMMMMMML
+   MMMMMMM      LMMMMMMMMMLL        MMMMMMMK  LMMMMMMMMMMMMMMMMMMMMMMMMML LLLLLLLLLLLLLLLLLLLLMMMMMMMMMM
+   MMMMMMM        MMMMMMMMMMML      MMMMMMMK   MMMMMMMMMMMMMMMMMMMMMMMMML LMMMMMMMMMMMMMMMMMMMMMMMMMMMM 
+   MMMMMMM          LLMMMMMMMMML    MMMMMMMK     LLMMMMMMMMMMMMMMMMMMMMML LMMMMMMMMMMMMMMMMMMMMMMMMMML  
+   MMMMMMM             MMMMMMMMMML  MMMMMMMK         KLMMMMMMMMMMMMMMMMML LMMMMMMMMMMMMMMMMMMMMMMMLK    
+
+

internal/console/assets/scan-flags.json

@@ -212,8 +212,8 @@
   "parallel": {
     "flagType": "int",
     "shorthandFlag": "",
-    "defaultValue": "1",
-    "usage": "number of workers per platform enabled for parallel scanning, set 0 to auto-detect parallelism",
+    "defaultValue": "0",
+    "usage": "number of workers per platform enabled for parallel scanning (default set to 0 to auto-detect optimal number of workers)",
     "validation": "validateWorkersFlag"
   },
   "max-file-size": {
@@ -222,10 +222,10 @@
     "defaultValue": "5",
     "usage": "max file size permitted for scanning, in MB"
   },
-  "new-severities": {
+  "old-severities": {
   "flagType": "bool",
   "shorthandFlag": "",
   "defaultValue": "false",
-  "usage": "use new severities in query results"
+  "usage": "uses old severities in query results"
   }
 }

internal/console/flags/scan_flags.go

@@ -37,5 +37,5 @@ const (
 	OpenAPIReferencesFlag   = "enable-openapi-refs"
 	ParallelScanFile        = "parallel"
 	MaxFileSizeFlag         = "max-file-size"
-	UseNewSeveritiesFlag    = "new-severities"
+	UseOldSeveritiesFlag    = "old-severities"
 )

internal/console/scan.go

@@ -142,7 +142,7 @@ func getScanParameters(changedDefaultQueryPath, changedDefaultLibrariesPath bool
 		OpenAPIResolveReferences:    flags.GetBoolFlag(flags.OpenAPIReferencesFlag),
 		ParallelScanFlag:            flags.GetIntFlag(flags.ParallelScanFile),
 		MaxFileSizeFlag:             flags.GetIntFlag(flags.MaxFileSizeFlag),
-		UseNewSeverities:            flags.GetBoolFlag(flags.UseNewSeveritiesFlag),
+		UseOldSeverities:            flags.GetBoolFlag(flags.UseOldSeveritiesFlag),
 	}
 
 	return &scanParams