From 17cd8b2c4681b8523038d84683eb3e2010081867 Mon Sep 17 00:00:00 2001
From: Maitray Shah <maitray.shah@coinbase.com>
Date: Sat, 12 Nov 2022 22:04:15 -0800
Subject: [PATCH] Fix Enforced Scanner Bug

---
 salus-default.yaml                                   | 11 +----------
 .../processor/local_uri/expected_report.json         | 12 +-----------
 .../processor/remote_uri/expected_report.json        | 12 +-----------
 spec/lib/salus/config_spec.rb                        |  2 +-
 spec/lib/salus/processor_spec.rb                     | 10 +++++-----
 5 files changed, 9 insertions(+), 38 deletions(-)

diff --git a/salus-default.yaml b/salus-default.yaml
index 1ddf9290..1ddc68b5 100644
--- a/salus-default.yaml
+++ b/salus-default.yaml
@@ -19,13 +19,4 @@ active_scanners: all
 # was necessary to ensure that certain scanners pass.
 # Other scanners may need to graduate from the testing phase or
 # should only be enforced explicitly by custom configuration.
-enforced_scanners:
-  - RepoNotEmpty
-  - Brakeman
-  - BundleAudit
-  - Gosec
-  - NPMAudit
-  - YarnAudit
-  - PatternSearch
-  - Semgrep
-  - CargoAudit
+enforced_scanners: []
diff --git a/spec/fixtures/processor/local_uri/expected_report.json b/spec/fixtures/processor/local_uri/expected_report.json
index f4a7d178..96d58e56 100644
--- a/spec/fixtures/processor/local_uri/expected_report.json
+++ b/spec/fixtures/processor/local_uri/expected_report.json
@@ -34,17 +34,7 @@
       "service_name": "buildkite",
       "url": "http://example.com/builds/123"
     },
-    "enforced_scanners": [
-      "Brakeman",
-      "BundleAudit",
-      "CargoAudit",
-      "Gosec",
-      "NPMAudit",
-      "PatternSearch",
-      "RepoNotEmpty",
-      "Semgrep",
-      "YarnAudit"
-    ],
+    "enforced_scanners": [],
     "report_uris": [
       {
         "format": "json",
diff --git a/spec/fixtures/processor/remote_uri/expected_report.json b/spec/fixtures/processor/remote_uri/expected_report.json
index 774d68d9..4215307c 100644
--- a/spec/fixtures/processor/remote_uri/expected_report.json
+++ b/spec/fixtures/processor/remote_uri/expected_report.json
@@ -34,17 +34,7 @@
       "service_name": "buildkite",
       "url": "http://example.com/builds/123"
     },
-    "enforced_scanners": [
-      "Brakeman",
-      "BundleAudit",
-      "CargoAudit",
-      "Gosec",
-      "NPMAudit",
-      "PatternSearch",
-      "RepoNotEmpty",
-      "Semgrep",
-      "YarnAudit"
-    ],
+    "enforced_scanners": [],
     "report_uris": [
       {
         "format": "json",
diff --git a/spec/lib/salus/config_spec.rb b/spec/lib/salus/config_spec.rb
index 2790f227..897aff8b 100644
--- a/spec/lib/salus/config_spec.rb
+++ b/spec/lib/salus/config_spec.rb
@@ -28,7 +28,7 @@
         expect(config.project_name).to be_nil
         expect(config.custom_info).to be_nil
         expect(config.active_scanners).to eq(Set.new(Salus::Config::SCANNERS.keys))
-        expect(config.enforced_scanners).not_to be_empty
+        expect(config.enforced_scanners).to be_empty
         expect(config.scanner_configs['BundleAudit']).to include('pass_on_raise' => false)
       end
     end
diff --git a/spec/lib/salus/processor_spec.rb b/spec/lib/salus/processor_spec.rb
index f7cbe5d5..b3b88db5 100644
--- a/spec/lib/salus/processor_spec.rb
+++ b/spec/lib/salus/processor_spec.rb
@@ -112,7 +112,7 @@ def remove_key(json_string, encoded = false)
             'ReportNodeModules',
             'ReportRubyGems'
           )
-          expect(reported_config[:enforced_scanners]).not_to be_empty
+          expect(reported_config[:enforced_scanners]).to be_empty
         end
       end
     end
@@ -143,14 +143,14 @@ def remove_key(json_string, encoded = false)
     it 'should scan the project given by a particular path' do
       processor = Salus::Processor.new(repo_path: 'spec/fixtures/processor/explicit_path')
       processor.scan_project
-      expect(processor.passed?).to eq(false)
+      expect(processor.passed?).to eq(true)
 
       report_hsh = processor.report.to_h
 
       expect(report_hsh[:project_name]).to eq('EVA-01')
       expect(report_hsh[:custom_info]).to eq('Purple unit')
       expect(report_hsh[:version]).to eq(Salus::VERSION)
-      expect(report_hsh[:passed]).to eq(false)
+      expect(report_hsh[:passed]).to eq(true)
       expect(report_hsh[:errors]).to eq([])
 
       expect(report_hsh[:scans]['BundleAudit'][:passed]).to eq(false)
@@ -178,7 +178,7 @@ def remove_key(json_string, encoded = false)
         cli_scanners_to_run: %w[Brakeman NPMAudit])
       processor.scan_project
 
-      expect(processor.passed?).to eq(false)
+      expect(processor.passed?).to eq(true)
 
       report_hsh = processor.report.to_h
 
@@ -189,7 +189,7 @@ def remove_key(json_string, encoded = false)
       expect(report_hsh[:project_name]).to eq('EVA-01')
       expect(report_hsh[:custom_info]).to eq('Purple unit')
       expect(report_hsh[:version]).to eq(Salus::VERSION)
-      expect(report_hsh[:passed]).to eq(false)
+      expect(report_hsh[:passed]).to eq(true)
       expect(report_hsh[:errors]).to eq([])
 
       expect(report_hsh[:scans]['Brakeman'][:passed]).to eq(false)