From 5b1f4df7a4bfe49cb1dbe34c9e199af61c4bf03a Mon Sep 17 00:00:00 2001
From: Janik Besendorf <janik@besendorf.org>
Date: Fri, 7 Nov 2025 16:49:05 +0100
Subject: [PATCH] Fix alertstore method calls - use high() instead of warning()

---
 src/mvt/android/artifacts/mounts.py                | 6 +++---
 src/mvt/android/modules/androidqf/root_binaries.py | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/mvt/android/artifacts/mounts.py b/src/mvt/android/artifacts/mounts.py
index 7483cf5..2e1685d 100644
--- a/src/mvt/android/artifacts/mounts.py
+++ b/src/mvt/android/artifacts/mounts.py
@@ -133,14 +133,14 @@ class Mounts(AndroidArtifact):
             if mount["is_system_partition"] and mount["is_read_write"]:
                 system_rw_mounts.append(mount)
                 if mount_point == "/system":
-                    self.alertstore.warning(
+                    self.alertstore.high(
                         self.get_slug(),
                         "Root detected /system partition is mounted as read-write (rw)",
                         "",
                         mount,
                     )
                 else:
-                    self.alertstore.warning(
+                    self.alertstore.high(
                         self.get_slug(),
                         f"System partition {mount_point} is mounted as read-write (rw). This may indicate system modifications.",
                         "",
@@ -156,7 +156,7 @@ class Mounts(AndroidArtifact):
                 ):
                     continue
                 suspicious_mounts.append(mount)
-                self.alertstore.warning(
+                self.alertstore.high(
                     self.get_slug(),
                     f"Suspicious mount options found for {mount_point}: {', '.join(suspicious_opts)}",
                     "",
diff --git a/src/mvt/android/modules/androidqf/root_binaries.py b/src/mvt/android/modules/androidqf/root_binaries.py
index 762f4cb..c3c7029 100644
--- a/src/mvt/android/modules/androidqf/root_binaries.py
+++ b/src/mvt/android/modules/androidqf/root_binaries.py
@@ -46,7 +46,7 @@ class RootBinaries(AndroidQFModule):
 
         # All found root binaries are considered indicators of rooting
         for result in self.results:
-            self.alertstore.warning(
+            self.alertstore.high(
                 self.get_slug(),
                 f'Found root binary "{result["binary_name"]}" at path "{result["path"]}"',
                 "",