Trufflehog severity hardcoded to 4

OWASP / glue

Application Security Automation

Other

522 stars 112 forks source link

Trufflehog severity hardcoded to 4 #151

Open jaguasch opened 5 years ago

jaguasch commented 5 years ago

After running trufflehog task, it was skipped because severity of findings are hardcoded to 4 with ISSUE_SEVERITY at https://github.com/OWASP/glue/blob/master/lib/glue/tasks/trufflehog.rb#L10

code - Trufflehog - #<Set:0x00000001b857a8>
Trufflehog
Problem running Trufflehog ... skipped.
Severity should be between 1 to 3, not 4
Severity should be between 1 to 3, not 4

omerlh commented 5 years ago

Oh snap. I see it support JSON output - we can make it work better via the dynamic task. If that of interest to you, take a look at the docs, and feel free to ping me on OWASP slack for help :) Moving the dynamic will make customization faster and easier... Otherwise, feel free to open a PR for fixing it.

stale[bot] commented 5 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.