feat(report): export modified findings in JSON (#7383)

Signed-off-by: knqyf263 <knqyf263@gmail.com>
2025-12-12 15:50:15 -08:00 · 2024-08-29 14:35:04 +04:00
parent 4c6e8ca9cc
commit 7aea79dd93
4 changed files with 15 additions and 7 deletions
--- a/docs/docs/configuration/filtering.md
+++ b/docs/docs/configuration/filtering.md
@@ -238,7 +238,7 @@ You can filter the results by
 To show the suppressed results, use the `--show-suppressed` flag.

 !!! note
-    This flag is currently available only in the table format.
+    It's exported as `ExperimentalModifiedFindings` in the JSON output.

 ```bash
 $ trivy image --vex debian11.csaf.vex --ignorefile .trivyignore.yaml --show-suppressed debian:11
--- a/pkg/report/json.go
+++ b/pkg/report/json.go
@@ -14,8 +14,9 @@ import (

 // JSONWriter implements result Writer
 type JSONWriter struct {
-	Output      io.Writer
-	ListAllPkgs bool
+	Output         io.Writer
+	ListAllPkgs    bool
+	ShowSuppressed bool
 }

 // Write writes the results in JSON format
@@ -26,6 +27,12 @@ func (jw JSONWriter) Write(_ context.Context, report types.Report) error {
 			report.Results[i].Packages = nil
 		}
 	}
+	if !jw.ShowSuppressed {
+		// Delete suppressed findings
+		for i := range report.Results {
+			report.Results[i].ModifiedFindings = nil
+		}
+	}
 	report.Results = lo.Filter(report.Results, func(r types.Result, _ int) bool {
 		return r.Target != "" || !r.IsEmpty()
 	})
--- a/pkg/report/writer.go
+++ b/pkg/report/writer.go
@@ -56,8 +56,9 @@ func Write(ctx context.Context, report types.Report, option flag.Options) (err e
 		}
 	case types.FormatJSON:
 		writer = &JSONWriter{
-			Output:      output,
-			ListAllPkgs: option.ListAllPkgs,
+			Output:         output,
+			ListAllPkgs:    option.ListAllPkgs,
+			ShowSuppressed: option.ShowSuppressed,
 		}
 	case types.FormatGitHub:
 		writer = &github.Writer{
--- a/pkg/types/report.go
+++ b/pkg/types/report.go
@@ -120,8 +120,8 @@ type Result struct {

 	// ModifiedFindings holds a list of findings that have been modified from their original state.
 	// This can include vulnerabilities that have been marked as ignored, not affected, or have had
-	// their severity adjusted. It is currently available only in the table format.
-	ModifiedFindings []ModifiedFinding `json:"-"`
+	// their severity adjusted. It's still in an experimental stage and may change in the future.
+	ModifiedFindings []ModifiedFinding `json:"ExperimentalModifiedFindings,omitempty"`
 }

 func (r *Result) IsEmpty() bool {