From 8f0e182a36e00e88c03bfeebe3d3de12383b5b2d Mon Sep 17 00:00:00 2001 From: Weston Steimel Date: Mon, 18 May 2026 11:08:41 +0100 Subject: [PATCH] feat: render default values in published vuln spec records Signed-off-by: Weston Steimel --- src/anchore_security_cli/vuln_index/spec/sqlite.py | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/anchore_security_cli/vuln_index/spec/sqlite.py b/src/anchore_security_cli/vuln_index/spec/sqlite.py index 3e0d872..d0a7501 100644 --- a/src/anchore_security_cli/vuln_index/spec/sqlite.py +++ b/src/anchore_security_cli/vuln_index/spec/sqlite.py @@ -89,6 +89,17 @@ def _toml_to_json(self, toml_data: dict) -> dict: # noqa: C901, PLR0912 for _, provider_records in record["vuln"]["providers"].items(): for provider_record in provider_records: + # Render all of the default values in published json output to avoid having to make assumptions + # regarding defaults in all consumers + if "enrichment" in provider_record and "enabled" not in provider_record["enrichment"]: + provider_record["enrichment"]["enabled"] = True + + if "disputed" in provider_record and "override" not in provider_record["disputed"]: + provider_record["disputed"]["override"] = True + + if "suppression" in provider_record and "override" not in provider_record["suppression"]: + provider_record["suppression"]["override"] = True + if "products" not in provider_record: continue