Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: improve output of cve-scan github action for cve #2475

Merged
merged 3 commits into from
Jan 3, 2023
Merged

fix: improve output of cve-scan github action for cve #2475

merged 3 commits into from
Jan 3, 2023

Conversation

ayushthe1
Copy link
Contributor

Signed-off-by: ayush_gitk ayushsharmaa101@gmail.com

This pr fixes #2424 .

Current behaviour:
Current output of the CVE-scan github action tells us that we have a unexplored potential CVE in a component but it's not telling us what component it's in ,as described in the issue.

Desired behaviour:
We want the output to tell name of component having vulnerability. (in the assert message)

Steps i took to solve:

  • First i introduced a fake vulnerability kubernetes == 1.0.1 in requirements.txt file

  • Then i made the desired code changes in test_requirements.py ,present in this pr

  • This is the screenshot of the cve-scan github action i got which has the message "Component kubernetes has a unexplored CVE" corresponding to the fake vulnerability i injected.
    Screenshot from 2022-12-29 02-47-28

@ayushthe1
Copy link
Contributor Author

@terriko ,could you please review this pr and suggest some changes.

@codecov-commenter
Copy link

codecov-commenter commented Dec 28, 2022
edited
Loading

Codecov Report

Merging #2475 (85b43b3) into main (a93f003) will increase coverage by 2.54%.
The diff coverage is 0.00%.

@@            Coverage Diff             @@
##             main    #2475      +/-   ##
==========================================
+ Coverage   75.40%   77.94%   +2.54%     
==========================================
  Files         589      591       +2     
  Lines        9590     9729     +139     
  Branches     1120     1319     +199     
==========================================
+ Hits         7231     7583     +352     
+ Misses       2059     1844     -215     
- Partials      300      302       +2
Flag Coverage Δ
longtests 77.01% <0.00%> (?)
win-longtests 75.43% <0.00%> (+0.03%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
test/test_requirements.py 0.00% <0.00%> (ø)
cve_bin_tool/nvd_api.py 21.25% <0.00%> (ø)
cve_bin_tool/checkers/glibc.py 100.00% <0.00%> (ø)
cve_bin_tool/checkers/systemd.py 100.00% <0.00%> (ø)
cve_bin_tool/data_sources/nvd_source.py 22.82% <0.00%> (ø)
cve_bin_tool/util.py 78.94% <0.00%> (ø)
cve_bin_tool/file.py 95.45% <0.00%> (ø)
cve_bin_tool/async_utils.py 83.44% <0.00%> (+0.68%) ⬆️
cve_bin_tool/cli.py 66.23% <0.00%> (+1.28%) ⬆️
... and 11 more

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

BreadGenie
BreadGenie suggested changes Dec 29, 2022
View reviewed changes
@ayushthe1 ayushthe1 changed the title fix: improve output of cve-scan github action for unexplored cve fix: improve output of cve-scan github action for cve Dec 29, 2022
@ayushthe1
Copy link
Contributor Author

Thanks @BreadGenie ,fixed the suggestion.

terriko
terriko approved these changes Jan 3, 2023
View reviewed changes
Copy link
Contributor

@terriko terriko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks like it'll improve the output. thank you!

@terriko terriko merged commit 806ab67 into intel:main Jan 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BreadGenie BreadGenie BreadGenie requested changes

@terriko terriko terriko approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Improve CVE scan Github Actions job
4 participants
@ayushthe1 @codecov-commenter @terriko @BreadGenie