Fix redundant query for "ignore unfixed" config during Trivy analysis

Signed-off-by: nscuro <nscuro@protonmail.com>
DependencyTrack · Oct 11, 2024 · d4ae187 · d4ae187
1 parent 55d5d2f
commit d4ae187
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/src/main/java/org/dependencytrack/tasks/scanners/TrivyAnalysisTask.java b/src/main/java/org/dependencytrack/tasks/scanners/TrivyAnalysisTask.java
@@ -119,6 +119,7 @@ public class TrivyAnalysisTask extends BaseComponentAnalyzerTask implements Cach
 
     private String apiBaseUrl;
     private String apiToken;
+    private boolean shouldIgnoreUnfixed;
     private VulnerabilityAnalysisLevel vulnerabilityAnalysisLevel;
 
     @Override
@@ -150,6 +151,8 @@ public void inform(final Event e) {
                 LOGGER.error("An error occurred decrypting the Trivy API token; Skipping", ex);
                 return;
             }
+
+            shouldIgnoreUnfixed = qm.isEnabled(ConfigPropertyConstants.SCANNER_TRIVY_IGNORE_UNFIXED);
         }
 
         vulnerabilityAnalysisLevel = event.getVulnerabilityAnalysisLevel();
@@ -340,7 +343,7 @@ private void handleResults(final Map<String, Component> components, final ArrayL
                 var vulnerability = result.getVulnerabilities(idx);
                 var key = vulnerability.getPkgName() + ":" + vulnerability.getInstalledVersion();
                 LOGGER.debug("Searching key %s in map".formatted(key));
-                if (!super.isEnabled(ConfigPropertyConstants.SCANNER_TRIVY_IGNORE_UNFIXED) || vulnerability.getStatus() == 3) {
+                if (!shouldIgnoreUnfixed || vulnerability.getStatus() == 3) {
                     handle(components.get(key), vulnerability);
                 }
             }