fix(threatscore): exclude muted findings from aggregated statistics in threatscore utils (#9296)

2025-12-19 05:17:47 +00:00 · 2025-11-24 13:25:20 +01:00
parent 2f184a493b
commit 75abd8f54d
3 changed files with 10 additions and 4 deletions
--- a/api/CHANGELOG.md
+++ b/api/CHANGELOG.md
@@ -31,6 +31,7 @@ All notable changes to the **Prowler API** are documented in this file.
 - Scans no longer fail when findings have UIDs exceeding 300 characters; such findings are now skipped with detailed logging [(#9246)](https://github.com/prowler-cloud/prowler/pull/9246)
 - Refresh output report timestamps for each scan [(#9272)](https://github.com/prowler-cloud/prowler/pull/9272)
 - Severity overview endpoint now ignores muted findings as expected [(#9283)](https://github.com/prowler-cloud/prowler/pull/9283)
+- Fixed discrepancy between ThreatScore PDF report values and database calculations [(#9296)](https://github.com/prowler-cloud/prowler/pull/9296)

 ### Security
 - Django updated to the latest 5.1 security release, 5.1.14, due to problems with potential [SQL injection](https://github.com/prowler-cloud/prowler/security/dependabot/113) and [denial-of-service vulnerability](https://github.com/prowler-cloud/prowler/security/dependabot/114) [(#9176)](https://github.com/prowler-cloud/prowler/pull/9176)
--- a/api/src/backend/tasks/jobs/threatscore_utils.py
+++ b/api/src/backend/tasks/jobs/threatscore_utils.py
@@ -41,10 +41,15 @@ def _aggregate_requirement_statistics_from_database(

    with rls_transaction(tenant_id, using=READ_REPLICA_ALIAS):
        aggregated_statistics_queryset = (
-            Finding.all_objects.filter(tenant_id=tenant_id, scan_id=scan_id)
+            Finding.all_objects.filter(
+                tenant_id=tenant_id, scan_id=scan_id, muted=False
+            )
            .values("check_id")
            .annotate(
-                total_findings=Count("id"),
+                total_findings=Count(
+                    "id",
+                    filter=Q(status__in=[StatusChoices.PASS, StatusChoices.FAIL]),
+                ),
                passed_findings=Count("id", filter=Q(status=StatusChoices.PASS)),
            )
        )
--- a/api/src/backend/tasks/tests/test_report.py
+++ b/api/src/backend/tasks/tests/test_report.py
@@ -238,8 +238,8 @@ class TestAggregateRequirementStatistics:
            str(tenant.id), str(scan.id)
        )

-        # Only PASS status is counted as passed
-        assert result == {"check_mixed": {"passed": 1, "total": 3}}
+        # Only PASS status is counted as passed, MANUAL findings are excluded from total
+        assert result == {"check_mixed": {"passed": 1, "total": 2}}


@pytest.mark.django_db