fix(parsers): use unsaved_tags instead of tags= in Finding constructor

dojo/tools/anchore_grype/parser.py

@@ -66,7 +66,8 @@ def get_findings(self, file, test):
                 rel_epss = related_vulnerability.get("epss")
                 rel_vuln_id = related_vulnerability.get("id")
             vulnerability_ids = self.get_vulnerability_ids(
-                vuln_id, related_vulnerabilities,
+                vuln_id,
+                related_vulnerabilities,
             )
 
             matches = item["matchDetails"]
@@ -77,37 +78,25 @@ def get_findings(self, file, test):
             artifact_purl = artifact.get("purl")
             artifact_location = artifact.get("locations")
             file_path = None
-            if (
-                artifact_location
-                and len(artifact_location) > 0
-                and artifact_location[0].get("path")
-            ):
+            if artifact_location and len(artifact_location) > 0 and artifact_location[0].get("path"):
                 file_path = artifact_location[0].get("path")
 
             finding_title = f"{vuln_id} in {artifact_name}:{artifact_version}"
 
             finding_tags = None
             finding_description = ""
             if vuln_namespace:
-                finding_description += (
-                    f"**Vulnerability Namespace:** {vuln_namespace}"
-                )
+                finding_description += f"**Vulnerability Namespace:** {vuln_namespace}"
             if vuln_description:
-                finding_description += (
-                    f"\n**Vulnerability Description:** {vuln_description}"
-                )
+                finding_description += f"\n**Vulnerability Description:** {vuln_description}"
             if rel_description and rel_description != vuln_description:
                 finding_description += f"\n**Related Vulnerability Description:** {rel_description}"
             if matches:
                 if isinstance(item["matchDetails"], dict):
-                    finding_description += (
-                        f"\n**Matcher:** {matches['matcher']}"
-                    )
+                    finding_description += f"\n**Matcher:** {matches['matcher']}"
                     finding_tags = [matches["matcher"].replace("-matcher", "")]
                 elif len(matches) == 1:
-                    finding_description += (
-                        f"\n**Matcher:** {matches[0]['matcher']}"
-                    )
+                    finding_description += f"\n**Matcher:** {matches[0]['matcher']}"
                     finding_tags = [
                         matches[0]["matcher"].replace("-matcher", ""),
                     ]
@@ -138,30 +127,22 @@ def get_findings(self, file, test):
 
             finding_references = ""
             if vuln_datasource:
-                finding_references += (
-                    f"**Vulnerability Datasource:** {vuln_datasource}\n"
-                )
+                finding_references += f"**Vulnerability Datasource:** {vuln_datasource}\n"
             if vuln_urls:
                 if len(vuln_urls) == 1:
                     if vuln_urls[0] != vuln_datasource:
-                        finding_references += (
-                            f"**Vulnerability URL:** {vuln_urls[0]}\n"
-                        )
+                        finding_references += f"**Vulnerability URL:** {vuln_urls[0]}\n"
                 else:
                     finding_references += "**Vulnerability URLs:**\n"
                     for url in vuln_urls:
                         if url != vuln_datasource:
                             finding_references += f"- {url}\n"
             if rel_datasource:
-                finding_references += (
-                    f"**Related Vulnerability Datasource:** {rel_datasource}\n"
-                )
+                finding_references += f"**Related Vulnerability Datasource:** {rel_datasource}\n"
             if rel_urls:
                 if len(rel_urls) == 1:
                     if rel_urls[0] != vuln_datasource:
-                        finding_references += (
-                            f"**Related Vulnerability URL:** {rel_urls[0]}\n"
-                        )
+                        finding_references += f"**Related Vulnerability URL:** {rel_urls[0]}\n"
                 else:
                     finding_references += "**Related Vulnerability URLs:**\n"
                     for url in rel_urls:
@@ -202,14 +183,14 @@ def get_findings(self, file, test):
                     component_name=artifact_name,
                     component_version=artifact_version.replace("\x00", ""),
                     vuln_id_from_tool=vuln_id,
-                    tags=finding_tags,
                     static_finding=True,
                     dynamic_finding=False,
                     nb_occurences=1,
                     file_path=file_path,
                     fix_available=fix_available,
                     fix_version=fix_version,
                 )
+                dupes[dupe_key].unsaved_tags = finding_tags
                 dupes[dupe_key].unsaved_vulnerability_ids = vulnerability_ids
                 if settings.V3_FEATURE_LOCATIONS and artifact_purl:
                     dupes[dupe_key].unsaved_locations.append(
@@ -229,7 +210,8 @@ def get_cvss(self, cvss):
                 vector = cvss_item["vector"]
                 cvss_objects = cvss_parser.parse_cvss_from_text(vector)
                 if len(cvss_objects) > 0 and isinstance(
-                    cvss_objects[0], CVSS3,
+                    cvss_objects[0],
+                    CVSS3,
                 ):
                     return vector
         return None
@@ -259,8 +241,11 @@ def get_vulnerability_ids(self, vuln_id, related_vulnerabilities):
         if vuln_id:
             vulnerability_ids.append(vuln_id)
         if related_vulnerabilities:
-            vulnerability_ids.extend(related_vulnerability_id for related_vulnerability in related_vulnerabilities
-                if (related_vulnerability_id := related_vulnerability.get("id")))
+            vulnerability_ids.extend(
+                related_vulnerability_id
+                for related_vulnerability in related_vulnerabilities
+                if (related_vulnerability_id := related_vulnerability.get("id"))
+            )
         if vulnerability_ids:
             return vulnerability_ids
         return None

dojo/tools/cargo_audit/parser.py

@@ -80,24 +80,13 @@ def get_findings(self, filename, test):
                 vuln_id = advisory.get("id")
                 vulnerability_ids = [advisory.get("id")]
                 categories = f"**Categories:** {', '.join(advisory['categories'])}" if "categories" in advisory else ""
-                description = (
-                    categories
-                    + f"\n**Description:** `{advisory.get('description')}`"
-                )
+                description = categories + f"\n**Description:** `{advisory.get('description')}`"
 
-                if (
-                    item["affected"] is not None
-                    and "functions" in item["affected"]
-                ):
+                if item["affected"] is not None and "functions" in item["affected"]:
                     affected_func = [
-                        f'{func}: {", ".join(versions)}'
-                        for func, versions in item["affected"][
-                            "functions"
-                        ].items()
+                        f"{func}: {', '.join(versions)}" for func, versions in item["affected"]["functions"].items()
                     ]
-                    description += (
-                        f"\n**Affected functions**: {', '.join(affected_func)}"
-                    )
+                    description += f"\n**Affected functions**: {', '.join(affected_func)}"
 
                 references = f"{advisory.get('url')}\n" + "\n".join(
                     advisory["references"],
@@ -130,7 +119,6 @@ def get_findings(self, filename, test):
                         title=title,
                         test=test,
                         severity=severity,
-                        tags=tags,
                         description=description,
                         component_name=package_name,
                         component_version=package_version,
@@ -140,6 +128,7 @@ def get_findings(self, filename, test):
                         references=references,
                         mitigation=mitigation,
                     )
+                    finding.unsaved_tags = tags
                     finding.unsaved_vulnerability_ids = vulnerability_ids
                     if settings.V3_FEATURE_LOCATIONS and package_name:
                         finding.unsaved_locations.append(