Details
-
Task
-
Resolution: Unresolved
-
Minor
-
None
-
None
-
None
-
True
-
-
False
Description
Currently the local-clair code which currently houses a rough version of an sqlite datastore implementation does not support enrichments, this means that when the CI code generates an vulnerability report it lacks any enrichment data.
Note: The enrichment data is already saved in the DB by the CVSS updater, this task is to implement the retrieval of the data and surfacing the data in the vulnerability report and subsequently the sarif report.
TODO:
- Implement GetEnrichments() for sqlite
- Perform a lookup of enrichment data in the sarif template to link the enrichment data to the vulnerability
Attachments
Issue Links
- is blocked by
-
CLAIRDEV-43 Saving References of Vulnerabilities
- To Do