diff --git a/pkg/report/table/vulnerability.go b/pkg/report/table/vulnerability.go index a54809bc80da..6284993be5af 100644 --- a/pkg/report/table/vulnerability.go +++ b/pkg/report/table/vulnerability.go @@ -52,10 +52,16 @@ func NewVulnerabilityRenderer(result types.Result, isTerminal, tree, suppressed } func (r *vulnerabilityRenderer) Render() string { - r.renderDetectedVulnerabilities() - - if r.tree { - r.renderDependencyTree() + // There are 3 cases when we show the vulnerability table (or only target and `Total: 0...`): + // When Result contains vulnerabilities; + // When Result target is OS packages even if no vulnerabilities are found; + // When we show non-empty `Suppressed Vulnerabilities` table. + if len(r.result.Vulnerabilities) > 0 || r.result.Class == types.ClassOSPkg || (r.showSuppressed && len(r.result.ModifiedFindings) > 0) { + r.renderDetectedVulnerabilities() + + if r.tree { + r.renderDependencyTree() + } } if r.showSuppressed { diff --git a/pkg/report/table/vulnerability_test.go b/pkg/report/table/vulnerability_test.go index b7fbc5bce1a5..9a773c90eafe 100644 --- a/pkg/report/table/vulnerability_test.go +++ b/pkg/report/table/vulnerability_test.go @@ -396,6 +396,111 @@ Suppressed Vulnerabilities (Total: 1) ├─────────┼───────────────┼──────────┼─────────┼─────────────────┼───────────────────┤ │ bar │ CVE-2020-0002 │ MEDIUM │ ignored │ Not exploitable │ .trivyignore.yaml │ └─────────┴───────────────┴──────────┴─────────┴─────────────────┴───────────────────┘ +`, + }, + { + name: "suppressed all OS package vulnerabilities without `showSuppressed` flag", + result: types.Result{ + Target: "test", + Class: types.ClassOSPkg, + Type: ftypes.Alpine, + ModifiedFindings: []types.ModifiedFinding{ + { + Type: types.FindingTypeVulnerability, + Status: types.FindingStatusIgnored, + Statement: "Not exploitable", + Source: ".trivyignore.yaml", + Finding: types.DetectedVulnerability{ + VulnerabilityID: "CVE-2020-0001", + PkgName: "foo", + InstalledVersion: "1.2.3", + Status: dbTypes.StatusWillNotFix, + Vulnerability: dbTypes.Vulnerability{ + Title: "title1", + Description: "desc1", + Severity: "MEDIUM", + }, + }, + }, + }, + }, + showSuppressed: false, + want: ` +test +==== +Total: 0 (MEDIUM: 0, HIGH: 0) + +`, + }, + { + name: "suppressed all language package vulnerabilities without `showSuppressed` flag", + result: types.Result{ + Target: "test", + Class: types.ClassLangPkg, + Type: ftypes.Jar, + ModifiedFindings: []types.ModifiedFinding{ + { + Type: types.FindingTypeVulnerability, + Status: types.FindingStatusIgnored, + Statement: "Not exploitable", + Source: ".trivyignore.yaml", + Finding: types.DetectedVulnerability{ + VulnerabilityID: "CVE-2020-0001", + PkgName: "foo", + InstalledVersion: "1.2.3", + Status: dbTypes.StatusWillNotFix, + Vulnerability: dbTypes.Vulnerability{ + Title: "title1", + Description: "desc1", + Severity: "MEDIUM", + }, + }, + }, + }, + }, + showSuppressed: false, + want: ``, + }, + { + name: "suppressed all language package vulnerabilities with `showSuppressed` flag", + result: types.Result{ + Target: "test", + Class: types.ClassLangPkg, + Type: ftypes.Jar, + ModifiedFindings: []types.ModifiedFinding{ + { + Type: types.FindingTypeVulnerability, + Status: types.FindingStatusIgnored, + Statement: "Not exploitable", + Source: ".trivyignore.yaml", + Finding: types.DetectedVulnerability{ + VulnerabilityID: "CVE-2020-0001", + PkgName: "foo", + InstalledVersion: "1.2.3", + Status: dbTypes.StatusWillNotFix, + Vulnerability: dbTypes.Vulnerability{ + Title: "title1", + Description: "desc1", + Severity: "MEDIUM", + }, + }, + }, + }, + }, + showSuppressed: true, + want: ` +test (jar) +========== +Total: 0 (MEDIUM: 0, HIGH: 0) + + +Suppressed Vulnerabilities (Total: 1) +===================================== +┌─────────┬───────────────┬──────────┬─────────┬─────────────────┬───────────────────┐ +│ Library │ Vulnerability │ Severity │ Status │ Statement │ Source │ +├─────────┼───────────────┼──────────┼─────────┼─────────────────┼───────────────────┤ +│ foo │ CVE-2020-0001 │ MEDIUM │ ignored │ Not exploitable │ .trivyignore.yaml │ +└─────────┴───────────────┴──────────┴─────────┴─────────────────┴───────────────────┘ `, }, }