From b2306798ac0265cc3d8958238e8ecb8c38d18b23 Mon Sep 17 00:00:00 2001
From: Sudo-Ivan <ivan@quad4.io>
Date: Sat, 27 Dec 2025 12:35:57 -0600
Subject: [PATCH] Refactor OSV scan script to simplify vulnerability reporting

---
 scripts/osv_scan.sh | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/scripts/osv_scan.sh b/scripts/osv_scan.sh
index 9d31583..d62e1f0 100644
--- a/scripts/osv_scan.sh
+++ b/scripts/osv_scan.sh
@@ -23,20 +23,16 @@ VULNS=$(jq -r '
   .results[]? |
   .source as $src |
   .vulns[]? |
-  select(
-    (.database_specific.severity // "" | ascii_upcase | test("HIGH|CRITICAL")) or
-    (.severity[]?.score // "" | tostring | split("/")[0] | tonumber? // 0 | . >= 7.0)
-  ) |
   "\(.id) (source: \($src))"
 ' "$OSV_JSON")
 
 if [ -n "$VULNS" ]; then
-    echo "OSV scan found HIGH/CRITICAL vulnerabilities:"
+    echo "OSV scan found vulnerabilities:"
     echo "$VULNS" | while IFS= read -r line; do
         echo " - $line"
     done
     exit 1
 else
-    echo "OSV scan: no HIGH/CRITICAL vulnerabilities found."
+    echo "OSV scan: no vulnerabilities found."
 fi