From b47a395da4d5fc19cf078b6b860177038aa199e3 Mon Sep 17 00:00:00 2001
From: Manuel Sommer <sommermanuel@gmx.de>
Date: Tue, 26 Aug 2025 08:41:55 +0200
Subject: [PATCH 1/4] :tada: Add fix_available to Harbor

---
 dojo/tools/harbor_vulnerability/parser.py           | 4 ++++
 unittests/tools/test_harbor_vulnerability_parser.py | 1 +
 2 files changed, 5 insertions(+)

diff --git a/dojo/tools/harbor_vulnerability/parser.py b/dojo/tools/harbor_vulnerability/parser.py
index d99fab69088..1abcf62fea9 100644
--- a/dojo/tools/harbor_vulnerability/parser.py
+++ b/dojo/tools/harbor_vulnerability/parser.py
@@ -47,6 +47,9 @@ def get_findings(self, filename, test):
             fix_version = item.get("fix_version")
             links = item.get("links")
             cwe_ids = item.get("cwe_ids")
+            fix_available = True
+            if item.get("fix_version") != "":
+                fix_available = False
 
             title = f"{item_id} - {package_name} ({package_version})"
             severity = transpose_severity(severity)
@@ -82,6 +85,7 @@ def get_findings(self, filename, test):
                     component_name=package_name,
                     component_version=package_version,
                     cwe=cwe,
+                    fix_available=fix_available,
                 )
                 if vulnerability_id:
                     find.unsaved_vulnerability_ids = [vulnerability_id]
diff --git a/unittests/tools/test_harbor_vulnerability_parser.py b/unittests/tools/test_harbor_vulnerability_parser.py
index c9dd8c43e50..c75b6255b2c 100644
--- a/unittests/tools/test_harbor_vulnerability_parser.py
+++ b/unittests/tools/test_harbor_vulnerability_parser.py
@@ -32,6 +32,7 @@ def test_parse_file_with_one_vuln_has_one_findings(self):
             self.assertEqual(finding.component_name, "package")
             self.assertEqual(finding.component_version, "exploitable-version")
             self.assertEqual(finding.references, "https://github.com/goharbor/harbor\n")
+            self.assertEqual(finding.fix_available, True)
 
     # Sample with Multiple Test
     def test_parse_file_with_multiple_vuln_has_multiple_findings(self):

From ad0a567562b5545918a311f14d55e0f79f8e1e5d Mon Sep 17 00:00:00 2001
From: Manuel Sommer <sommermanuel@gmx.de>
Date: Tue, 26 Aug 2025 08:43:46 +0200
Subject: [PATCH 2/4] :tada: Add fix_available to Harbor

---
 dojo/tools/harbor_vulnerability/parser.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dojo/tools/harbor_vulnerability/parser.py b/dojo/tools/harbor_vulnerability/parser.py
index 1abcf62fea9..4034eaaa982 100644
--- a/dojo/tools/harbor_vulnerability/parser.py
+++ b/dojo/tools/harbor_vulnerability/parser.py
@@ -48,7 +48,7 @@ def get_findings(self, filename, test):
             links = item.get("links")
             cwe_ids = item.get("cwe_ids")
             fix_available = True
-            if item.get("fix_version") != "":
+            if item.get("fix_version") == "":
                 fix_available = False
 
             title = f"{item_id} - {package_name} ({package_version})"

From ac2413bce8371d65dc7dd4364f804ebb0c229f89 Mon Sep 17 00:00:00 2001
From: Manuel Sommer <sommermanuel@gmx.de>
Date: Tue, 26 Aug 2025 09:04:38 +0200
Subject: [PATCH 3/4] remove mitigation deduplication

---
 dojo/settings/settings.dist.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py
index e8276c28c18..c140a4b652b 100644
--- a/dojo/settings/settings.dist.py
+++ b/dojo/settings/settings.dist.py
@@ -1301,7 +1301,7 @@ def saml2_attrib_map_format(din):
     "JFrog Xray Scan": ["title", "description", "component_name", "component_version"],
     "CycloneDX Scan": ["vuln_id_from_tool", "component_name", "component_version"],
     "SSLyze Scan (JSON)": ["title", "description"],
-    "Harbor Vulnerability Scan": ["title", "mitigation"],
+    "Harbor Vulnerability Scan": ["title"],
     "Rusty Hog Scan": ["file_path", "payload"],
     "StackHawk HawkScan": ["vuln_id_from_tool", "component_name", "component_version"],
     "Hydra Scan": ["title", "description"],

From 5116755234e77e7f44c0ae95149fdf071db6974a Mon Sep 17 00:00:00 2001
From: manuelsommer <47991713+manuel-sommer@users.noreply.github.com>
Date: Wed, 27 Aug 2025 00:28:58 +0200
Subject: [PATCH 4/4] Update settings.dist.py

---
 dojo/settings/settings.dist.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py
index c140a4b652b..e8276c28c18 100644
--- a/dojo/settings/settings.dist.py
+++ b/dojo/settings/settings.dist.py
@@ -1301,7 +1301,7 @@ def saml2_attrib_map_format(din):
     "JFrog Xray Scan": ["title", "description", "component_name", "component_version"],
     "CycloneDX Scan": ["vuln_id_from_tool", "component_name", "component_version"],
     "SSLyze Scan (JSON)": ["title", "description"],
-    "Harbor Vulnerability Scan": ["title"],
+    "Harbor Vulnerability Scan": ["title", "mitigation"],
     "Rusty Hog Scan": ["file_path", "payload"],
     "StackHawk HawkScan": ["vuln_id_from_tool", "component_name", "component_version"],
     "Hydra Scan": ["title", "description"],