codacy · heliocodacy · Aug 7, 2025 · Aug 7, 2025 · Aug 7, 2025
diff --git a/.codacy/codacy.yaml b/.codacy/codacy.yaml
@@ -8,9 +8,9 @@ tools:
     - codacy-enigma-cli@0.0.1-main.8.49310c3
     - dartanalyzer@3.7.2
     - eslint@8.57.0
-    - lizard@1.17.19
+    - lizard@1.17.31
     - pmd@6.55.0
     - pylint@3.3.6
     - revive@1.7.0
     - semgrep@1.78.0
-    - trivy@0.59.1
+    - trivy@0.65.0
diff --git a/cmd/analyze.go b/cmd/analyze.go
@@ -237,7 +237,7 @@ func init() {
 	rootCmd.AddCommand(analyzeCmd)
 }
 
-func loadsToolAndPatterns(toolName string) (domain.Tool, []domain.PatternConfiguration) {
+func loadsToolAndPatterns(toolName string, onlyEnabledPatterns bool) (domain.Tool, []domain.PatternConfiguration) {
 	var toolsResponse, err = codacyclient.GetToolsVersions()
 	if err != nil {
 		fmt.Println("Error:", err)
@@ -251,7 +251,7 @@ func loadsToolAndPatterns(toolName string) (domain.Tool, []domain.PatternConfigu
 		}
 	}
 	var patterns []domain.PatternConfiguration
-	patterns, err = codacyclient.GetDefaultToolPatternsConfig(domain.InitFlags{}, tool.Uuid)
+	patterns, err = codacyclient.GetDefaultToolPatternsConfig(domain.InitFlags{}, tool.Uuid, onlyEnabledPatterns)
 	if err != nil {
 		fmt.Println("Error:", err)
 		return domain.Tool{}, []domain.PatternConfiguration{}

diff --git a/cmd/configsetup/setup.go b/cmd/configsetup/setup.go
@@ -481,7 +481,7 @@ func CreateToolConfigurationFile(toolName string, flags domain.InitFlags) error
 		return fmt.Errorf("tool '%s' not found in supported tools", toolName)
 	}
 
-	patternsConfig, err := codacyclient.GetDefaultToolPatternsConfig(flags, toolUuid)
+	patternsConfig, err := codacyclient.GetDefaultToolPatternsConfig(flags, toolUuid, true)
 	if err != nil {
 		return fmt.Errorf("failed to get default patterns: %w", err)
 	}
@@ -734,7 +734,7 @@ func createDefaultConfigurationsForSpecificTools(discoveredToolNames map[string]
 // createToolConfigurationsForUUIDs creates tool configurations for specific UUIDs
 func createToolConfigurationsForUUIDs(uuids []string, toolsConfigDir string, initFlags domain.InitFlags) error {
 	for _, uuid := range uuids {
-		patternsConfig, err := codacyclient.GetDefaultToolPatternsConfig(initFlags, uuid)
+		patternsConfig, err := codacyclient.GetDefaultToolPatternsConfig(initFlags, uuid, true)
 		if err != nil {
 			logToolConfigWarning(uuid, "Failed to get default patterns", err)
 			continue

diff --git a/cmd/init_test.go b/cmd/init_test.go
@@ -25,7 +25,7 @@ func TestConfigFileTemplate(t *testing.T) {
 				"node@22.2.0",
 				"python@3.11.11",
 				"eslint@8.57.0",
-				"trivy@0.59.1",
+				"trivy@0.65.0",
 				"pylint@3.3.6",
 				"pmd@7.11.0",
 			},

diff --git a/cmd/upload.go b/cmd/upload.go
@@ -86,7 +86,8 @@ func processSarif(sarif Sarif) [][]map[string]interface{} {
 
 	for _, run := range sarif.Runs {
 		var toolName = getToolName(strings.ToLower(run.Tool.Driver.Name), run.Tool.Driver.Version)
-		tool, patterns := loadsToolAndPatterns(toolName)
+		tool, patterns := loadsToolAndPatterns(toolName, false)
+
 		for _, result := range run.Results {
 			modifiedType := tool.Prefix + strings.Replace(result.RuleID, "/", "_", -1)
 			pattern := getPatternByID(patterns, modifiedType)

diff --git a/codacy-client/client.go b/codacy-client/client.go
@@ -171,8 +171,11 @@ func parsePatternConfigurations(response []byte) ([]domain.PatternConfiguration,
 }
 
 // GetDefaultToolPatternsConfig fetches the default patterns for a tool
-func GetDefaultToolPatternsConfig(initFlags domain.InitFlags, toolUUID string) ([]domain.PatternConfiguration, error) {
-	baseURL := fmt.Sprintf("%s/api/v3/tools/%s/patterns?enabled=true", CodacyApiBase, toolUUID)
+func GetDefaultToolPatternsConfig(initFlags domain.InitFlags, toolUUID string, onlyEnabledPatterns bool) ([]domain.PatternConfiguration, error) {
+	baseURL := fmt.Sprintf("%s/api/v3/tools/%s/patterns", CodacyApiBase, toolUUID)
+	if onlyEnabledPatterns {
+		baseURL += "?enabled=true"
+	}
 
 	return getAllPages(baseURL, initFlags, parseDefaultPatternConfigurations)
 }

diff --git a/integration-tests/config-discover/expected/codacy.yaml b/integration-tests/config-discover/expected/codacy.yaml
@@ -6,8 +6,8 @@ runtimes:
 tools:
     - dartanalyzer@3.7.2
     - eslint@8.57.0
-    - lizard@1.17.19
+    - lizard@1.17.31
     - pmd@7.11.0
     - pylint@3.3.6
     - semgrep@1.78.0
-    - trivy@0.59.1
+    - trivy@0.65.0
diff --git a/integration-tests/init-with-token/expected/codacy.yaml b/integration-tests/init-with-token/expected/codacy.yaml
@@ -4,8 +4,8 @@ runtimes:
     - python@3.11.11
 tools:
     - eslint@8.57.0
-    - lizard@1.17.19
+    - lizard@1.17.31
     - pmd@6.55.0
     - pylint@3.3.7
     - semgrep@1.78.0
-    - trivy@0.59.1
+    - trivy@0.65.0
diff --git a/integration-tests/init-without-token/expected/codacy.yaml b/integration-tests/init-without-token/expected/codacy.yaml
@@ -7,9 +7,9 @@ runtimes:
 tools:
     - dartanalyzer@3.7.2
     - eslint@8.57.0
-    - lizard@1.17.19
+    - lizard@1.17.31
     - pmd@7.11.0
     - pylint@3.3.6
     - revive@1.7.0
     - semgrep@1.78.0
-    - trivy@0.59.1
+    - trivy@0.65.0
diff --git a/plugins/tools/lizard/plugin.yaml b/plugins/tools/lizard/plugin.yaml
@@ -1,6 +1,6 @@
 name: lizard
 description: Lizard is an extensible Cyclomatic Complexity Analyzer for many programming languages.
-default_version: 1.17.19
+default_version: 1.17.31
 runtime: python
 runtime_binaries:
   package_manager: python3

diff --git a/plugins/tools/lizard/test/src/.codacy/codacy.yaml b/plugins/tools/lizard/test/src/.codacy/codacy.yaml
@@ -1,4 +1,4 @@
 runtimes:
     - python@3.11.11
 tools:
-    - lizard@1.17.19
+    - lizard@1.17.31
diff --git a/plugins/tools/trivy/plugin.yaml b/plugins/tools/trivy/plugin.yaml
@@ -1,6 +1,6 @@
 name: trivy
 description: Trivy is a comprehensive security scanner for containers and other artifacts.
-default_version: 0.59.1
+default_version: 0.65.0
 download:
   url_template: "https://github.com/aquasecurity/trivy/releases/download/v{{.Version}}/trivy_{{.Version}}_{{.OS}}-{{.Arch}}.{{.Extension}}"
   file_name_template: "trivy_{{.Version}}_{{.OS}}_{{.Arch}}"

diff --git a/plugins/tools/trivy/test/expected.sarif b/plugins/tools/trivy/test/expected.sarif
@@ -178,7 +178,7 @@
           "informationUri": "https://github.com/aquasecurity/trivy",
           "name": "Trivy",
           "rules": null,
-          "version": "0.59.1"
+          "version": "0.65.0"
         }
       }
     }

diff --git a/plugins/tools/trivy/test/src/.codacy/codacy.yaml b/plugins/tools/trivy/test/src/.codacy/codacy.yaml
@@ -1,3 +1,3 @@
 runtimes:
 tools:
-    - trivy@0.59.1
+    - trivy@0.65.0
diff --git a/tools/lizard/test/lizardRunner_test.go b/tools/lizard/test/lizardRunner_test.go
@@ -25,7 +25,7 @@ func TestRunLizardWithSarifOutput(t *testing.T) {
 
 	// Construct the path to the Lizard binary
 	globalCache := filepath.Join(homeDirectory, ".cache", "codacy")
-	lizardBinary := filepath.Join(globalCache, "tools/lizard@1.17.19/venv/bin/python")
+	lizardBinary := filepath.Join(globalCache, "tools/lizard@1.17.31/venv/bin/python")
 
 	// Construct the path to the test file
 	complexPyPath := filepath.Join(currentDir, "complex.py")

diff --git a/tools/testdata/repositories/trivy/expected.sarif b/tools/testdata/repositories/trivy/expected.sarif
@@ -37,7 +37,7 @@
               }
             }
           ],
-          "version": "0.59.1"
+          "version": "0.65.0"
         }
       },
       "results": [
-Original file line number
+Diff line change
@@ Expand Up / @@ -37,7 +37,7 @@ @@
                   }
                 }
               ],
-              "version": "0.59.1"
+              "version": "0.65.0"
             }
           },
           "results": [
@@ Expand Down @@