Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scanning the root directory is allowed #37

Closed
luhring opened this issue Oct 5, 2020 · 0 comments · Fixed by #40
Closed

Scanning the root directory is allowed #37

luhring opened this issue Oct 5, 2020 · 0 comments · Fixed by #40
Assignees
@luhring
Labels
bug Something isn't working

Comments

@luhring
Copy link
Contributor

luhring commented Oct 5, 2020

The extension asks grype to scan the directory specified byvscode.workspace.rootPath.

It appears that certain circumstances (such as opening a live share link) result in this value being /, which leads grype to scan the entire filesystem.

Scanning / takes a long time, and doing so can result in an orphaned grype process if VS Code exits before the grype child process has completed its execution.

At a minimum, two actions should be taken:

  1. vscode.workspace.rootPath is deprecated and should be replaced by a recommended method of accessing the workspace directory.
  2. A guard should be included to prevent against grype being told to scan /.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@luhring luhring

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Protect against scanning unintended directories anchore/grype-vscode
1 participant
@luhring