From f15bfffac0e84817ac9b4b612ff0a8006da64c47 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Thu, 9 Nov 2023 15:06:01 +0100
Subject: [PATCH] results: reset imp flag in the list of important findings
 only

Tagging important findings does not make sense in the list of important
findings only.

Resolves: https://issues.redhat.com/browse/OSH-343
Closes: https://github.com/csutils/csmock/pull/138
---
 make-srpm.sh         | 2 +-
 py/common/results.py | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/make-srpm.sh b/make-srpm.sh
index fe8ffb1..e129ace 100755
--- a/make-srpm.sh
+++ b/make-srpm.sh
@@ -124,7 +124,7 @@ Tool for plugging static analyzers into the build process, free of mock.
 
 %package -n csmock-common
 Summary: Core of csmock (a mock wrapper for Static Analysis tools)
-Requires: csdiff > 3.0.4
+Requires: csdiff > 3.1.0
 Requires: csgcca
 Requires: cswrap
 Requires: mock
diff --git a/py/common/results.py b/py/common/results.py
index e157321..7f29932 100644
--- a/py/common/results.py
+++ b/py/common/results.py
@@ -313,7 +313,8 @@ def finalize_results(js_file, results, props):
                     % (js_file, chk_re, csgrep_args)
 
         # finally take all defects that were tagged important by the scanner already
-        cmd += f" | csgrep --mode=json <(csgrep --mode=json --imp-level=1 '{js_file}') -"
+        cmd += " | csgrep --mode=json --set-imp-level=0"
+        cmd += f" <(csgrep --mode=json --imp-level=1 '{js_file}') -"
 
         # write the result into *-imp.js
         imp_js_file = re.sub("\\.js", "-imp.js", js_file)