From 96165719b984bc96f7c0e70b709e2456643930dd Mon Sep 17 00:00:00 2001
From: "qwexvf (Marcelo)" <qw3xvf@gmail.com>
Date: Thu, 8 Jul 2021 05:35:15 +0000
Subject: [PATCH 1/3] filter IgnoreCves and PkgsRegexps from result

---
 server/server.go | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/server/server.go b/server/server.go
index bf40861e48..8e98ab9e39 100644
--- a/server/server.go
+++ b/server/server.go
@@ -95,6 +95,24 @@ func (h VulsHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 
 	detector.FillCweDict(&r)
 
+	// IgnoreCves
+	ignoreCves := []string{}
+	if r.Container.Name == "" {
+		ignoreCves = config.Conf.Servers[r.ServerName].IgnoreCves
+	} else if con, ok := config.Conf.Servers[r.ServerName].Containers[r.Container.Name]; ok {
+		ignoreCves = con.IgnoreCves
+	}
+	r.ScannedCves = r.ScannedCves.FilterIgnoreCves(ignoreCves)
+
+	// ignorePkgs
+	ignorePkgsRegexps := []string{}
+	if r.Container.Name == "" {
+		ignorePkgsRegexps = config.Conf.Servers[r.ServerName].IgnorePkgsRegexp
+	} else if s, ok := config.Conf.Servers[r.ServerName].Containers[r.Container.Name]; ok {
+		ignorePkgsRegexps = s.IgnorePkgsRegexp
+	}
+	r.ScannedCves = r.ScannedCves.FilterIgnorePkgs(ignorePkgsRegexps)
+
 	// set ReportedAt to current time when it's set to the epoch, ensures that ReportedAt will be set
 	// properly for scans sent to vuls when running in server mode
 	if r.ReportedAt.IsZero() {
@@ -125,6 +143,7 @@ func (h VulsHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 		})
 	}
 
+
 	for _, w := range reports {
 		if err := w.Write(r); err != nil {
 			logging.Log.Errorf("Failed to report. err: %+v", err)

From 574906b8f13038bcee13e9b97f49d75fcb7bda62 Mon Sep 17 00:00:00 2001
From: "qwexvf (Marcelo)" <qw3xvf@gmail.com>
Date: Thu, 8 Jul 2021 05:37:47 +0000
Subject: [PATCH 2/3] remove empty line

---
 server/server.go | 1 -
 1 file changed, 1 deletion(-)

diff --git a/server/server.go b/server/server.go
index 8e98ab9e39..5779b2a447 100644
--- a/server/server.go
+++ b/server/server.go
@@ -143,7 +143,6 @@ func (h VulsHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 		})
 	}
 
-
 	for _, w := range reports {
 		if err := w.Write(r); err != nil {
 			logging.Log.Errorf("Failed to report. err: %+v", err)

From 93729c6e73fef787c2d349e1ee1a404a32824d6c Mon Sep 17 00:00:00 2001
From: "qwexvf (Marcelo)" <qw3xvf@gmail.com>
Date: Fri, 30 Jul 2021 05:19:33 +0000
Subject: [PATCH 3/3] implement missing features

---
 server/server.go  | 10 ++++++++++
 subcmds/server.go | 20 ++++++++++++--------
 2 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/server/server.go b/server/server.go
index 5779b2a447..ac918b5d71 100644
--- a/server/server.go
+++ b/server/server.go
@@ -23,6 +23,8 @@ import (
 // VulsHandler is used for vuls server mode
 type VulsHandler struct {
 	ToLocalFile bool
+	IgnoreUnfixed bool
+	IgnoreUnscoredCves bool
 }
 
 // ServeHTTP is http handler
@@ -113,6 +115,14 @@ func (h VulsHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 	}
 	r.ScannedCves = r.ScannedCves.FilterIgnorePkgs(ignorePkgsRegexps)
 
+	// IgnoreUnfixed
+	r.ScannedCves = r.ScannedCves.FilterUnfixed(h.IgnoreUnfixed)
+
+	// IgnoreUnscoredCves
+	if h.IgnoreUnscoredCves {
+		r.ScannedCves = r.ScannedCves.FindScoredVulns()
+	}
+
 	// set ReportedAt to current time when it's set to the epoch, ensures that ReportedAt will be set
 	// properly for scans sent to vuls when running in server mode
 	if r.ReportedAt.IsZero() {
diff --git a/subcmds/server.go b/subcmds/server.go
index 48664d3339..a04a138584 100644
--- a/subcmds/server.go
+++ b/subcmds/server.go
@@ -18,9 +18,11 @@ import (
 
 // ServerCmd is subcommand for server
 type ServerCmd struct {
-	configPath  string
-	listen      string
-	toLocalFile bool
+	configPath         string
+	listen             string
+	toLocalFile        bool
+	ignoreUnfixed      bool
+	ignoreUnscoredCves bool
 }
 
 // Name return subcommand name
@@ -70,12 +72,12 @@ func (p *ServerCmd) SetFlags(f *flag.FlagSet) {
 	f.Float64Var(&config.Conf.CvssScoreOver, "cvss-over", 0,
 		"-cvss-over=6.5 means Servering CVSS Score 6.5 and over (default: 0 (means Server all))")
 
-	f.BoolVar(&config.Conf.IgnoreUnscoredCves, "ignore-unscored-cves", false,
-		"Don't Server the unscored CVEs")
-
-	f.BoolVar(&config.Conf.IgnoreUnfixed, "ignore-unfixed", false,
+	f.BoolVar(&p.ignoreUnfixed, "ignore-unfixed", false,
 		"Don't show the unfixed CVEs")
 
+	f.BoolVar(&p.ignoreUnscoredCves, "ignore-unscored-cves", false,
+		"Don't show the unscored CVEs")
+
 	f.StringVar(&config.Conf.HTTPProxy, "http-proxy", "",
 		"http://proxy-url:port (default: empty)")
 
@@ -99,7 +101,9 @@ func (p *ServerCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
 	}
 
 	http.Handle("/vuls", server.VulsHandler{
-		ToLocalFile: p.toLocalFile,
+		ToLocalFile:        p.toLocalFile,
+		IgnoreUnfixed:      p.ignoreUnfixed,
+		IgnoreUnscoredCves: p.ignoreUnscoredCves,
 	})
 	http.HandleFunc("/health", func(w http.ResponseWriter, r *http.Request) {
 		fmt.Fprintf(w, "ok")